Social bookmarking
Conservar e compartilhar o endereço de PC Seguro em seu site de social bookmarking
Conservar e compartilhar o endereço de Fórum PC Brasil em seu site de social bookmarking
Estatísticas
Temos 14810 usuários registradosO último membro registrado é Josevinil
Os nossos membros postaram um total de 36047 mensagens em 3685 assuntos
Quem está conectado?
Há 20 usuários online :: 0 registrados, 0 invisíveis e 20 visitantes Nenhum
O recorde de usuários online foi de 301 em Ter 26 Out 2021, 15:28
Procurar
Top dos mais postadores
Power Max | ||||
joram | ||||
Wings [In Memoriam] | ||||
caedurodrigues | ||||
Amigo Brasileiro | ||||
luizvilarinho | ||||
Danii | ||||
Admin | ||||
Danilo Marsaro | ||||
Andreata |
(RESOLVIDO) Navegadores lentos
2 participantes
Página 1 de 1
(RESOLVIDO) Navegadores lentos
Boa tarde!
Meu navegadores estão lentíssimos, todo ficam carregando, carregando e nunca param de carregar a página, a vezes com um F5, atualiza e me mostra o conteúdo, não sei se é meu computador ou a conexão, alguém sabe o que pode ser?
Rodovalho.
Meu navegadores estão lentíssimos, todo ficam carregando, carregando e nunca param de carregar a página, a vezes com um F5, atualiza e me mostra o conteúdo, não sei se é meu computador ou a conexão, alguém sabe o que pode ser?
Rodovalho.
Rodovalho- Iniciante
- Mensagens : 7
Reputação : 0
Data de inscrição : 31/12/2013
Idade : 55
Re: (RESOLVIDO) Navegadores lentos
Olá Rodovalho.
|- Baixe: < [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] > < [Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]> ( ... de Nicolas Coolman )
|- Desabilite temporariamente seu antivírus para evitar conflitos e execute "ZHPDiag2.exe", para instalar a ferramenta.
|- Execute o ícone do pergaminho. ( ZHPDiag )
[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
|- Clique "SEARCH" ou "PESQUISAR" e aguarde a conclusão!
[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
|- Clique OK e, ao concluir, poste o relatório ZHPDiag.txt
[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
|- Baixe: < [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] > < [Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]> ( ... de Nicolas Coolman )
|- Desabilite temporariamente seu antivírus para evitar conflitos e execute "ZHPDiag2.exe", para instalar a ferramenta.
|- Execute o ícone do pergaminho. ( ZHPDiag )
[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
|- Clique "SEARCH" ou "PESQUISAR" e aguarde a conclusão!
[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
|- Clique OK e, ao concluir, poste o relatório ZHPDiag.txt
[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
Power Max- Colaborador
- Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009
(RESOLVIDO) Navegadores lentos
Olá Power Max, muito obrigado por sua atenção, segue o relatório do programa indicado:
~ Relatório do ZHPDiag v2014.1.25.26 - Nicolas Coolman (25.1.2014)
~ Iniciado por Weliton (6.2.2014 18:18:58)
~ Endereço do Website : http://nicolascoolman.webs.com
~ Fóruns de suporte gratuito para desinfecção : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
~ Tradução pelo utilizador
~ Estatuto da versão :
~ Lista Branca : Ativado pelo programa
~ Elevação dos Privilégios : OK
~ Controle de Conta de Utilizador : Deactivate by user
---\\ Navegadores Internet
MSIE: Internet Explorer v11.0.9600.16476
MFIE: Mozilla Firefox 26.0
GCIE: Google Chrome v32.0.1700.76 (Defaut)
---\\ Informações sobre os produtos Windows
~ Langage: Portugais
Windows 7 Ultimate, 32-bit Service Pack 1 (Build 7601)
Windows Server License Manager Script : OK
System - Enable Open file C:\Users\Weliton\AppData\Roaming\ZHP\Licence.txt =>.Nicolas Coolman
---\\ Softwares de proteçao do sistema
avast! Free Antivirus v9.0.2011
Windows Defender W7
---\\ Softwares d'optimização do sistema
CCleaner v4.09 =>Piriform Ltd
---\\ Softwares de partilha do PeerToPeer (P2P)
---\\ Monitoramento dos softwares
Adobe Flash Player 11 Plugin
Java 7 Update 51
---\\ Informações sobre o sistema
~ Processor: x86 Family 6 Model 37 Stepping 5, GenuineIntel
~ Operating System: 32 Bits
Boot mode: Normal (Normal boot)
Total RAM: 2997 MB (63% free)
System Restore: Activé (Enable)
System drive C: has 419 GB (90%) free of 466 GB
---\\ Modo de conexão ao sistema
~ Computer Name: ITAUTEC
~ User Name: Weliton
~ All Users Names: Weliton, Keyla, HomeGroupUser$, Ester, Davi, Convidado, Administrador,
~ Unselected Option: 045,061,O62,065,066,080,O82,089
Logged in as Administrator
---\\ As variáveis de ambiente
~ System Unit : C:\
~ %AppZHP% : C:\Users\Weliton\AppData\Roaming\ZHP\
~ %AppData% : C:\Users\Weliton\AppData\Roaming\
~ %Desktop% : C:\Users\Weliton\Desktop\
~ %Favorites% : C:\Users\Weliton\Favorites\
~ %LocalAppData% : C:\Users\Weliton\AppData\Local\
~ %StartMenu% : C:\Users\Weliton\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\
---\\ Enumeração das unidades dos discos
C: Hard drive, Flash drive, Thumb drive (Free 419 Go of 466 Go)
D: CD-ROM drive (Not Inserted)
---\\ Estado do Centro de Segurança do Windows
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: Modified
~ Security Center: 46 Legitimates Filtered in 00mn 00s
---\\ Pesquisa particular de ficheiros genéricos
[MD5.8B88EBBB05A0E56B7DCC708498C02B3E] - (.Microsoft Corporation - Windows Explorer.) (.25.2.2011 - 02:30:54.) -- C:\Windows\Explorer.exe [2616320]
[MD5.B5C5DCAD3899512020D135600129D665] - (.Microsoft Corporation - Aplicativo de Inicialização do Windows.) (.13.7.2009 - 22:14:45.) -- C:\Windows\System32\Wininit.exe [96256]
[MD5.927FA6456AD6D7630F6854828D2FD16B] - (.Microsoft Corporation - Internet Extensions para Win32.) (.26.11.2013 - 03:33:33.) -- C:\Windows\System32\wininet.dll [1820160]
[MD5.6D13E1406F50C66E2A95D97F22C47560] - (.Microsoft Corporation - Aplicativo de Logon do Windows.) (.20.11.2010 - 09:17:54.) -- C:\Windows\System32\Winlogon.exe [286720]
[MD5.E3AE23569749DE12D45BA3B489A036AE] - (.Microsoft Corporation - Biblioteca de Licenciamento de Software.) (.20.11.2010 - 09:21:24.) -- C:\Windows\System32\sppcomapi.dll [193536]
[MD5.F81BB7E487EDCEAB630A7EE66CF23913] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.13.9.2013 - 21:48:58.) -- C:\Windows\system32\Drivers\AFD.sys [338944]
[MD5.338C86357871C167A96AB976519BF59E] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.13.7.2009 - 22:26:15.) -- C:\Windows\system32\Drivers\atapi.sys [21584]
[MD5.77EA11B065E0A8AB902D78145CA51E10] - (.Microsoft Corporation - CD-ROM File System Driver.) (.13.7.2009 - 20:11:15.) -- C:\Windows\system32\Drivers\Cdfs.sys [70656]
[MD5.BE167ED0FDB9C1FA1133953C18D5A6C9] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.20.11.2010 - 05:38:10.) -- C:\Windows\system32\Drivers\Cdrom.sys [108544]
[MD5.F024449C97EC1E464AAFFDA18593DB88] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.20.11.2010 - 05:42:32.) -- C:\Windows\system32\Drivers\DfsC.sys [78336]
[MD5.9036377B8A6C15DC2EEC53E489D159B5] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.20.11.2010 - 06:59:29.) -- C:\Windows\system32\Drivers\HDAudBus.sys [108544]
[MD5.F151F0BDC47F4A28B1B20A0818EA36D6] - (.Microsoft Corporation - Driver de porta i8042.) (.13.7.2009 - 20:11:24.) -- C:\Windows\system32\Drivers\i8042prt.sys [80896]
[MD5.A5FA468D67ABCDAA36264E463A7BB0CD] - (.Microsoft Corporation - IP Network Address Translator.) (.13.7.2009 - 20:54:29.) -- C:\Windows\system32\Drivers\IpNat.sys [101888]
[MD5.5D16C921E3671636C0EBA3BBAAC5FD25] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.26.4.2011 - 23:17:22.) -- C:\Windows\system32\Drivers\MRxSmb.sys [123904]
[MD5.280122DDCF04B378EDD1AD54D71C1E54] - (.Microsoft Corporation - MBT Transport driver.) (.20.11.2010 - 05:39:44.) -- C:\Windows\system32\Drivers\netBT.sys [187904]
[MD5.5E43D2B0EE64123D4880DFA6626DEFDE] - (.Microsoft Corporation - Driver do Sistema de Arquivos NT.) (.12.4.2013 - 10:45:29.) -- C:\Windows\system32\Drivers\ntfs.sys [1211752]
[MD5.2EA877ED5DD9713C5AC74E8EA7348D14] - (.Microsoft Corporation - Driver de porta paralela.) (.13.7.2009 - 20:45:35.) -- C:\Windows\system32\Drivers\Parport.sys [79360]
[MD5.D9F91EAFEC2815365CBE6D167E4E332A] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.13.7.2009 - 20:54:34.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [78848]
[MD5.B973FCFC50DC1434E1970A146F7E3885] - (.Microsoft Corporation - Microsoft RDP Device redirector.) (.20.11.2010 - 07:24:46.) -- C:\Windows\system32\Drivers\rdpdr.sys [133632]
[MD5.3E21C083B8A01CB70BA1F09303010FCE] - (.Microsoft Corporation - SMB Transport driver.) (.13.7.2009 - 20:53:41.) -- C:\Windows\system32\Drivers\smb.sys [71168]
[MD5.B459575348C20E8121D6039DA063C704] - (.Microsoft Corporation - TDI Translation Driver.) (.20.11.2010 - 05:39:17.) -- C:\Windows\system32\Drivers\tdx.sys [74752]
[MD5.F497F67932C6FA693D7DE2780631CFE7] - (.Microsoft Corporation - Driver de cópia de sombra de volume.) (.20.11.2010 - 09:30:16.) -- C:\Windows\system32\Drivers\volsnap.sys [245632]
~ Generic Processes: Scanned in 00mn 00s
---\\ Estatuto dos ficheiros ocultos (Oculto/Total)
~ Mes images (My Pictures) : 2/23
~ Mes musiques (My Musics) : 1/2
~ Mes Videos (My Videos) : 2/74
~ Mes Favoris (My Favorites) : 1/21
~ Mes Documents (My Documents) : 7/110
~ Mon Bureau (My Desktop) : 1/10
~ Menu demarrer (Programs) : 1/28
~ Hidden Files: Scanned in 00mn 00s
---\\ Processos lançados
[MD5.EC5C7B254E974170B949DCB1EC08CF98] - (.Dritek System Inc. - On Screen Display for Notebook Function Key.) -- C:\Program Files\Hotkey OSD Driver\HotKeyOSD.exe [232528] [PID.2968]
[MD5.0E34B7BB1FCF22BCC1E394D16F9E992B] - (.Microsoft Corporation - GrooveMonitor Utility.) -- C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [30040] [PID.2976]
[MD5.160E8A6C3FF72C76E7E4218CBF6824E7] - (.Nuance Communications, Inc. - PaperPort Print to Desktop for NT.) -- C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe [29984] [PID.3108]
[MD5.5B6E8E09BE6401A7E022F52FDFCB2FF8] - (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336] [PID.3164]
[MD5.AFEBF9E0B223FF04709F747C172D3540] - (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe [3764024] [PID.3176]
[MD5.7904F8A82DCC8C20545BD3B81B1623F3] - (.Qustodio - Qustodio Tray Icon.) -- C:\Program Files\Qustodio\qapp\QAppTray.exe [3855672] [PID.3224]
[MD5.A2E9FE64D1EC22F2B0BF6DB122739802] - (.BlueStack Systems, Inc. - BlueStacks Agent.) -- C:\Program Files\BlueStacks\HD-Agent.exe [807696] [PID.3248]
[MD5.7B2DC4B1DF3672BFD13247C7649214BC] - (.Intel Corporation - igfxTray Module.) -- C:\Windows\System32\igfxtray.exe [143856] [PID.3308]
[MD5.CCFA6A74908B913DBFEC1FEB31C723DC] - (.Intel Corporation - hkcmd Module.) -- C:\Windows\System32\hkcmd.exe [178672] [PID.3444]
[MD5.B8FECD7B8D2AE449F5D75F08AED70BE7] - (.Intel Corporation - persistence Module.) -- C:\Windows\System32\igfxpers.exe [179184] [PID.3504]
[MD5.51138BEEA3E2C21EC44D0932C71762A8] - (...) -- ystem32\rundll32.exe [0] [PID.3540]
[MD5.C1DB9BDF885C2F1ADC15264FBEA2788F] - (.No owner - HOSTS Anti-PUPs/Adwares.) -- C:\Program Files\Hosts_Anti_Adwares_PUPs\HOSTS_Anti-Adware_main.exe [302961] [PID.6044]
[MD5.3B0BA44D5691E00088B956394FDE64B6] - (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe [866584] [PID.4820]
[MD5.22A524EB3D7DAC385F5F036EEF589881] - (.Qustodio - Qustodio App.) -- C:\Program Files\Qustodio\qapp\QReport.exe [598840] [PID.6304]
[MD5.CA25CAEEBDBE25D85565877219F684F8] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [8339968] [PID.7372]
[MD5.A3A35EE79C64A640152B3113E6E254E2] - (.Microsoft Corporation - Microsoft ® Console Based Script Host.) -- C:\Windows\system32\cscript.exe [126976] [PID.6720]
~ Processes Running: Scanned in 00mn 00s
---\\ Google Chrome, Arranque,Pesquisa,Extensões (G0,G1,G2)
C:\Users\Weliton\AppData\Local\Google\Chrome\User Data\Default\Preferences
G1 - GCS: Preference [User Data\Default] [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
G2 - GCE: Preference [User Data\Default] [ahfgeienlihckogmohjhadlkjgocpleb] Loja v.0.2 (Activé)
G2 - GCE: Preference [User Data\Default] [aikjpcffhgkefggfobgcdobpnofgfhia] Doolphy v.2.1.3 (Activé)
G2 - GCE: Preference [User Data\Default] [bkgoccjhfjgjedhkiefaclppgbmoobnk] Audiotool v.1.1 (Activé)
G2 - GCE: Preference [User Data\Default] [cecjchnhpbngjggfolkpjggdpbnmnahm] Afinador v.1.0 (Activé)
G2 - GCE: Preference [User Data\Default] [cgjnhhjpfcdhbhlcmmjppicjmgfkppok] Download FB Album mod v.0.14.2.1 (Désactivé)
G2 - GCE: Preference [User Data\Default] [dbkchnicaiglcjpgbmpfmoafckkomdcm] Ajudante de Download de v\u00EDdeo v.1.1.5.3, (Activé)
G2 - GCE: Preference [User Data\Default] [eemaaomlfllldamnpoajaedaemnblgal] Dolar Hoje v.0.36 (Désactivé)
G2 - GCE: Preference [User Data\Default] [ejnkaeblpdcamcioiiabclakabcbjmbl] Box - 10GB of FREE storage v.1.1.7 (Activé)
G2 - GCE: Preference [User Data\Default] [epbmllnadbdnppblcebkkmapkinkdchd] Skype Links v.0.3 (Désactivé)
G2 - GCE: Preference [User Data\Default] [faijocccbppcdmakdenmbbiflcagbapp] Android Freeware v.1.0 (Activé)
G2 - GCE: Preference [User Data\Default] [figjjaggcjcojopflaabmebmocabdglm] Creately - Online Diagramming v.1.1 (Activé)
G2 - GCE: Preference [User Data\Default] [gchlfahfcdodhnempckahoanmmaflhkl] Sr. Dinheiro v.5 (Activé)
G2 - GCE: Preference [User Data\Default] [gddpjhpnedgjejmooocheicegbpfmhne] HelpDesk v.0.0.0.1 (Activé)
G2 - GCE: Preference [User Data\Default] [hihakjfhbmlmjdnnhegiciffjplmdhin] Rapportive v.1.4.1 (Activé)
G2 - GCE: Preference [User Data\Default] [imcbnnnoghiihopefblgehihofbfbmei] Desprotetor de Links v.2.0.0.13, (Désactivé)
G2 - GCE: Preference [User Data\Default] [imokeandodnlammaoenbgcnbhigjbpjh] iPiccy Photo Editor v.1.1 (Activé)
G2 - GCE: Preference [User Data\Default] [jfnniehafojoidolddmhfnpnbiolbppi] Roomstyler 3D planner v.3.0 (Activé)
G2 - GCE: Preference [User Data\Default] [jhegddohmncgelkehhnigphmloinkinj] Zoho Sheet v.1.2 (Activé)
G2 - GCE: Preference [User Data\Default] [jpnjjlbngpejmmhgcaagljaomgnginml] Endereç o IP v.7.1, (Activé)
G2 - GCE: Preference [User Data\Default] [kfoaifmljjopjdffohdndabjeejbnipm] Emqualcinema v.1.0.2 (Activé)
G2 - GCE: Preference [User Data\Default] [kneloppijbcidgidihgdjnooihjcdbij] HootSuite v.5.244 (Activé)
G2 - GCE: Preference [User Data\Default] [lelffnbhjliaaecgedgbolamdmhbbgpc] Imoveis no mapa v.1.2 (Activé)
G2 - GCE: Preference [User Data\Default] [lljagjbdinjommccodelnfmkepbdoafl] PadMapper v.1 (Activé)
G2 - GCE: Preference [User Data\Default] [mcafejemebbngbglfoinpoaannbihjna] Planeador de ambientes v.1.2.0.4 (Activé)
G2 - GCE: Preference [User Data\Default] [mdddabjhelpilpnpgondfmehhcplpiin] Envie Capturas de Tela com Coment\u00E1rios v.6.8.3, (Activé)
G2 - GCE: Preference [User Data\Default] [midfegdkjdhphhbffnfeaknedfjiepne] Island Road 1440x900 v.1 (Désactivé)
G2 - GCE: Preference [User Data\Default] [mihcahmgecmbnbcchbopgniflfhgnkff] Verificador de mensagens do Google v.4.4.0 (Désactivé)
G2 - GCE: Preference [User Data\Default] [mojgmjbdekkokcnihmbifiknnpboifkc] Conversion Support Live Chat For Websites v.0.1.1208.27 (Activé)
G2 - GCE: Preference [User Data\Default] [nkeimhogjdpnpccoofpliimaahmaaome] Hangout Services v.1.0 (Activé)
G2 - GCE: Preference [User Data\Default] [oglhhmnmdocfhmhlekfdecokagmbchnf] Do Share v.6.0.13, (Désactivé)
G2 - GCE: Preference [User Data\Default] [pbldopcdkcepddcophogapjebhfjbpfp] Tarifa de T\u00E1xi v.1.0.1.2 (Activé)
G2 - GCE: Preference [User Data\Default] [pflphaooapbgpeakohlggbpidpppgdff] MySearchDial Nova Guia v.9.4.4 (Désactivé) =>Adware.MyWebSearch
G2 - GCE: Preference [User Data\Default] [pmkffmgahaepmhkhkblhopnpleeikokc] Connected Mind v.1.2 (Activé)
~ Google Browser: 57 Legitimates Filtered in 04mn 40s
---\\ Mozilla Firefox, Plugins,Arranque,Pesquisa,Extensões (P2,M0,M1,M2,M3)
C:\Users\Weliton\AppData\Roaming\Mozilla\Firefox\Profiles\lk4ip86g.default\prefs.js
P2 - FPN: [HKLM] [Web Components] - (...) -- C:\Program Files\Web Components\npWebVideoPlugin.dll (.not file.)
~ Firefox Browser: 9 Legitimates Filtered in 00mn 00s
---\\ Internet Explorer, Arranque, Pesquisa, URLSearchHook( gancho de URL), Phishing (R0,R1,R3,R4)
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
~ IE Browser: 12 Legitimates Filtered in 00mn 00s
---\\ Internet Explorer, Gestão do Proxy (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s
---\\ Análise das linhas F0, F1, F2, F3 - Ficheiros ini, Carregamento Automático de programas
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys: Scanned in 00mn 00s
---\\ Redireção do ficheiro Hosts (01)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File: Scanned in 00mn 00s
~ Nombre de lignes (Lines number): 693
---\\ Browser Helper Objects do navegador (02)
O2 - BHO: CompSegIB - {2E3C3651-B19C-4DD9-A979-901EC3E930AF} . (.Banco Bradesco S.A. - scpsssh2 Module.) -- C:\Program Files\Scpad\scpsssh2.dll
~ BHO: 12 Legitimates Filtered in 00mn 00s
---\\ Barras do Internet Explorer (03))
O3 - Toolbar: avast! Online Security - [HKLM]{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} . (.AVAST Software - IE Webrep plugin.) -- C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
~ Toolbar: Scanned in 00mn 00s
---\\ Outras conexões do utilizador (04)
O4 - GS\Desktop [Public]: Doméstico.lnk . (.Ivan Mecenas Informática - Domestic.) -- C:\Program Files\MCsoft\Domestic\Domestic.exe
O4 - GS\Desktop [Public]: Inkscape.lnk . (.inkscape.org - Inkscape.) -- C:\Program Files\Inkscape\inkscape.exe
O4 - GS\Program [Public]: Inkscape.lnk . (.inkscape.org - Inkscape.) -- C:\Program Files\Inkscape\inkscape.exe
O4 - GS\Program [Public]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe
O4 - GS\QuickLaunch [Weliton]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
O4 - GS\QuickLaunch [Weliton]: Inkscape.lnk . (.inkscape.org - Inkscape.) -- C:\Program Files\Inkscape\inkscape.exe
O4 - GS\QuickLaunch [Weliton]: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\TaskBar [Weliton]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
O4 - GS\TaskBar [Weliton]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\TaskBar [Weliton]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe
O4 - GS\TaskBar [Weliton]: SMPlayer.lnk . (.Ricardo Villalba - SMPlayer.) -- C:\Program Files\SMPlayer\smplayer.exe
O4 - GS\Program [Weliton]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\SystemTools [Weliton]: Internet Explorer (No Add-ons).lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\SendTo [Weliton]: Transferência de Arquivo Bluetooth.LNK . (.Microsoft Corporation - No Comment.) -- C:\Windows\System32\fsquirt.exe
O4 - GS\QuickLaunch [Keyla]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
O4 - GS\QuickLaunch [Keyla]: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\TaskBar [Keyla]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
O4 - GS\TaskBar [Keyla]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\Program [Keyla]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\SystemTools [Keyla]: Internet Explorer (No Add-ons).lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\SendTo [Keyla]: Transferência de Arquivo Bluetooth.LNK . (.Microsoft Corporation - No Comment.) -- C:\Windows\System32\fsquirt.exe
O4 - GS\Desktop [Keyla]: Google Chromejogosdaba.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
O4 - GS\Desktop [Keyla]: Lugueres.lnk . (...) -- C:\Sulsoftware\WinCTI\WinCTI.exe
O4 - GS\Desktop [Keyla]: Start BlueStacks.lnk . (.BlueStack Systems, Inc. - BlueStacks StartLauncher.) -- C:\Program Files\BlueStacks\HD-StartLauncher.exe
O4 - GS\QuickLaunch [Ester]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
O4 - GS\QuickLaunch [Ester]: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\TaskBar [Ester]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
O4 - GS\TaskBar [Ester]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\Program [Ester]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\SystemTools [Ester]: Internet Explorer (No Add-ons).lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\SendTo [Ester]: Transferência de Arquivo Bluetooth.LNK . (.Microsoft Corporation - No Comment.) -- C:\Windows\System32\fsquirt.exe
O4 - GS\Desktop [Ester]: Continue VuuPC Installation.lnk . (...) -- C:\Users\Weliton\AppData\Local\Temp\ICReinstall_Setup.exe (.not file.) =>PUP.VuuPC
O4 - GS\Desktop [Ester]: Free Screen Video Capture by Topviewsoft.lnk . (.Topviewsoft.com - Free Screen Video Capture by Topviewsoft.) -- C:\Program Files\Free Screen Video Capture by Topviewsoft\videocapture.exe
O4 - GS\Desktop [Ester]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
O4 - GS\QuickLaunch [Convidado]: Club Cooee.lnk . (...) -- C:\Users\Weliton\AppData\Local\ClubCooee\Program\cooee.exe (.not file.)
O4 - GS\QuickLaunch [Convidado]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
O4 - GS\QuickLaunch [Convidado]: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\TaskBar [Convidado]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
O4 - GS\TaskBar [Convidado]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\Program [Convidado]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\SystemTools [Convidado]: Internet Explorer (No Add-ons).lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\SendTo [Convidado]: Transferência de Arquivo Bluetooth.LNK . (.Microsoft Corporation - No Comment.) -- C:\Windows\System32\fsquirt.exe
O4 - GS\Desktop [Convidado]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
~ Global Startup: 113 Legitimates Filtered in 00mn 03s
---\\ Aplicações iniciadas por registo & pastas (04)
O4 - GS\Startup [Weliton]: AndroidPCRemote.lnk . (...) -- C:\Users\Weliton\Desktop\AndroidPCServer.exe (.not file.)
O4 - HKLM\..\Run: [HotKeyOSD] . (.Dritek System Inc. - On Screen Display for Notebook Function Key.) -- C:\Program Files\Hotkey OSD Driver\HotKeyOSD.exe
O4 - HKLM\..\Run: [GrooveMonitor] . (.Microsoft Corporation - GrooveMonitor Utility.) -- C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
O4 - HKLM\..\Run: [SSBkgdUpdate] . (.Nuance Communications, Inc. - SSBkgdUpdate.) -- C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe
O4 - HKLM\..\Run: [PaperPort PTD] . (.Nuance Communications, Inc. - PaperPort Print to Desktop for NT.) -- C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
O4 - HKLM\..\Run: [IndexSearch] . (.Nuance Communications, Inc. - PaperPort IndexSearch.) -- C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe
O4 - HKLM\..\Run: [PPort11reminder] . (.Nuance Communications, Inc. - Ereg.) -- C:\Program Files\ScanSoft\PaperPort\Ereg\Ereg.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] . (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe =>.Oracle Corporation
O4 - HKLM\..\Run: [AvastUI.exe] . (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
O4 - HKLM\..\Run: [QAppTray] . (.Qustodio - Qustodio Tray Icon.) -- C:\Program Files\Qustodio\qapp\QAppTray.exe
O4 - HKLM\..\Run: [BlueStacks Agent] . (.BlueStack Systems, Inc. - BlueStacks Agent.) -- C:\Program Files\BlueStacks\HD-Agent.exe
O4 - HKLM\..\Run: [IgfxTray] . (.Intel Corporation - igfxTray Module.) -- C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] . (.Intel Corporation - hkcmd Module.) -- C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] . (.Intel Corporation - persistence Module.) -- C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [mobilegeni daemon] C:\Program Files\Mobogenie\DaemonProcess.exe (.not file.) =>PUP.Mobogenie
O4 - HKLM\..\Run: [HOSTS Anti-Adware_PUPs] . (.No owner - HOSTS Anti-PUPs/Adwares.) -- C:\Program Files\Hosts_Anti_Adwares_PUPs\HOSTS_Anti-Adware_main.exe
O4 - HKCU\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets da Área de Trabalho do Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe
O4 - HKCU\..\Run: [NextLive] . (.NewNextDotMe - NewNext Helper Engine.) -- C:\Users\Weliton\AppData\Roaming\newnext.me\nengine.dll =>PUP.NextLive
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets da Área de Trabalho do Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets da Área de Trabalho do Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe
O4 - HKUS\.DEFAULT\..\RunOnce: [SPReview] . (.Microsoft Corporation - SP Reviewer.) -- C:\Windows\System32\SPReview\SPReview.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-18\..\RunOnce: [SPReview] . (.Microsoft Corporation - SP Reviewer.) -- C:\Windows\System32\SPReview\SPReview.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-21-438549365-1466117216-4133764897-1000\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets da Área de Trabalho do Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe
O4 - HKUS\S-1-5-21-438549365-1466117216-4133764897-1000\..\Run: [NextLive] . (.NewNextDotMe - NewNext Helper Engine.) -- C:\Users\Weliton\AppData\Roaming\newnext.me\nengine.dll =>PUP.NextLive
~ Application: Scanned in 00mn 00s
---\\ Boutões da barra de ferramentas principal do Internet Explorer (09)
O9 - Extra button: &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} . (.Microsoft Corporation - Microsoft Office OneNote Internet Explorer Add-in.) -- C:\Program Files\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} . (...) -- C:\Program Files\Microsoft Office\Office12\REFBARH.ICO
~ IE Extra Buttons: Scanned in 00mn 00s
---\\ Alteração Dominio/Clientes DNS (017)
O17 - HKLM\System\CCS\Services\Tcpip\..\{0B7E44F8-59E6-4BBB-BDE6-050578BC8EAE}: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{0B7E44F8-59E6-4BBB-BDE6-050578BC8EAE}: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{0B7E44F8-59E6-4BBB-BDE6-050578BC8EAE}: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 192.168.1.1
~ Domain: Scanned in 00mn 00s
---\\ Protocolo adicional (018)
O18 - Handler: vbscript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visualizador de HTML da Microsoft (R).) -- C:\Windows\System32\mshtml.dll
O18 - Filter: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.dll =>.Microsoft Corporation
~ Protocole Additionnel: Scanned in 00mn 00s
---\\ Valor do Registo AppInit_DLLs e sub-chaves Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: igfxcui . (.Intel Corporation - igfxdev Module.) -- C:\Windows\System32\igfxdev.dll
~ Winlogon: Scanned in 00mn 00s
---\\ Chave do Registo autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21)
O21 - SSODL: CompIBBrd - {A3717295-941D-416F-9384-ED1736729F1C} . (.Banco Bradesco S.A. - scpIBLoad Module.) -- C:\Program Files\Scpad\scpLIB.dll
~ SSODL: 2 Legitimates Filtered in 00mn 00s
---\\ Lista dos serviços NT não Microsoft e não desativados (023)
O23 - Service: qengine (qengine) . (.Qustodio - No Comment.) - C:\Program Files\Qustodio\qproxy\qengine.exe
O23 - Service: qupdate (qupdate) . (.Qustodio - Qustodio App.) - C:\Program Files\Qustodio\qapp\QUpdateService.exe
O23 - Service: scpVista (scpVista) . (.Banco Bradesco S.A. - scpVista.) - C:\Program Files\Scpad\scpVista.exe
O23 - Service: Update Bizzybolt (Update Bizzybolt) . (...) - C:\Program Files\Bizzybolt\updateBizzybolt.exe (.not file.) =>PUP.Bizzybolt
~ Services: 9 Legitimates Filtered in 00mn 07s
---\\ Tarefas planificadas automaticamente (039)
[MD5.00000000000000000000000000000000] [APT] [SomotoUpdateCheckerAutoStart] (...) -- C:\Users\Weliton\AppData\Local\FilesFrog Update Checker\update_checker.exe (.not file.) [0] =>Adware.MegaSearch
[MD5.00000000000000000000000000000000] [APT] [{389A7561-097D-42D4-870C-5081EDDF0A6E}] (...) -- C:\Program Files\Remote PC Server 1.0.4\Remote PC Server.exe (.not file.) [0]
~ Scheduled Task: 29 Legitimates Filtered in 00mn 06s
---\\ Drivers lançados ao arranque do sistema (041)
O41 - Driver: (Bfilter) . (. - .) - C:\Windows\system32\drivers\Bfilter.sys (.not file.)
O41 - Driver: (Bfmon) . (. - .) - C:\Windows\system32\drivers\Bfmon.sys (.not file.)
O41 - Driver: (Bprotect) . (. - .) - C:\Windows\system32\drivers\Bprotect.sys (.not file.)
O41 - Driver: (qwd) . (.Qustodio - Watchdog Driver NF.) - C:\Windows\system32\Drivers\qwd.sys
~ Drivers: 87 Legitimates Filtered in 00mn 00s
---\\ Software instalados (042)
O42 - Logiciel: Free Screen Video Capture by Topviewsoft 4.1.7 - (.Topviewsoft, Inc..) [HKLM] -- {180CAD6C-B0ED-42A9-8C4A-CF49C6682A06}_is1
O42 - Logiciel: Ivan Mecenas Domestic 6.6.7.1 - (.Ivan Mecenas.) [HKLM] -- Domestic
O42 - Logiciel: Qustodio - (.Qustodio.) [HKLM] -- Qustodio
~ Logic: 17 Legitimates Filtered in 00mn 00s
---\\ HKCU & HKLM Software Keys
[HKCU\Software\Baidu Security] =>Adware.BDSearch
[HKCU\Software\Baidu] =>Adware.BDSearch
[HKCU\Software\BonanzaDeals] =>Adware.BonanzaDeals
[HKCU\Software\Data Cempro]
[HKCU\Software\Iminent Browser] =>Adware.IMBooster
[HKCU\Software\MCsoft]
[HKLM\Software\Baidu Security] =>Adware.BDSearch
[HKLM\Software\Baidu_Drp_pos] =>Adware.BDSearch
[HKLM\Software\BonanzaDeals] =>Adware.BonanzaDeals
[HKLM\Software\MCsoft]
[HKLM\Software\QustodioInstaller]
[HKLM\Software\baidu] =>Adware.BDSearch
~ Key Software: 162 Legitimates Filtered in 00mn 00s
---\\ Conteúdo das pastas Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 25.12.2013 - 22:16:29 - [0] ----D C:\Program Files\Baidu Security =>Adware.BDSearch
O43 - CFD: 25.12.2013 - 22:28:05 - [1,718] ----D C:\Program Files\Free Screen Video Capture by Topviewsoft
O43 - CFD: 4.11.2013 - 22:18:46 - [2,571] ----D C:\Program Files\Hotkey OSD Driver
O43 - CFD: 22.1.2014 - 20:46:28 - [38,578] ----D C:\Program Files\MCsoft
O43 - CFD: 30.12.2013 - 18:57:22 - [51,439] ----D C:\Program Files\Qustodio
O43 - CFD: 31.12.2013 - 11:37:16 - [1,511] ----D C:\Program Files\Scpad
O43 - CFD: 25.12.2013 - 22:17:28 - [29,192] ----D C:\ProgramData\Baidu Security =>Adware.BDSearch
O43 - CFD: 16.12.2013 - 23:12:37 - [0,113] ----D C:\ProgramData\InstallMate =>PUP.Tarma
O43 - CFD: 8.1.2014 - 21:42:02 - [105,850] ----D C:\ProgramData\qustodio
O43 - CFD: 25.12.2013 - 22:17:45 - [2,876] ----D C:\Users\Weliton\AppData\Roaming\Baidu Security =>Adware.BDSearch
O43 - CFD: 6.2.2014 - 14:27:08 - [1,228] ----D C:\Users\Weliton\AppData\Roaming\newnext.me =>PUP.NextLive
O43 - CFD: 10.1.2014 - 23:41:31 - [1,224] ----D C:\Users\Weliton\AppData\Local\genienext
~ Program Folder: 138 Legitimates Filtered in 00mn 26s
---\\ Últimos ficheiros alterados ou criados no Windows e Sistema32 (044)
O44 - LFC:[MD5.8AB58E4CB9545978A03313113E5CE114] - 28.1.2014 - 22:41:51 ---A- . (...) -- C:\Windows\System32\qengine.ini [19160]
O44 - LFC:[MD5.D71CD62102457C3CD0E7803081357924] - 28.1.2014 - 22:41:51 ---A- . (...) -- C:\Windows\System32\qengineOff.ini [2672]
O44 - LFC:[MD5.7DA32487480E05EAEB92C7B8673128B0] - 6.2.2014 - 13:07:01 ---A- . (...) -- C:\Windows\System32\prfc0416.dat [128938]
O44 - LFC:[MD5.E95B5563300D3C29E161A5897E1058EB] - 6.2.2014 - 13:07:01 ---A- . (...) -- C:\Windows\System32\prfh0416.dat [666708]
O44 - LFC:[MD5.06F5E37AA1FFE28E55292CECFEA6C40E] - 6.2.2014 - 17:24:00 --HA- . (...) -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [21200]
O44 - LFC:[MD5.06F5E37AA1FFE28E55292CECFEA6C40E] - 6.2.2014 - 17:24:00 --HA- . (...) -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [21200]
~ Files: 17 Legitimates Filtered in 00mn 03s
---\\ Operações e funções ao arranque do Windows Explorer (046)
O46 - SEH:ShellExecuteHooks - Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
~ ShellExecuteHooks: Scanned in 00mn 00s
---\\ Enumeração das chaves do registo PoliciesSystem (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=0
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
~ MWPS: 18 Legitimates Filtered in 00mn 00s
---\\ Lista dos drivers do sistema (SDL) (O58)
O58 - SDL:[MD5.F385467DF95D0A73775CB3B076B8B969] - 9.12.2013 - 09:09:38 ---A- . (...) -- C:\Windows\System32\Drivers\aswRvrt.sys [49944]
O58 - SDL:[MD5.1B0662514A68C3A42E60D240C5ABEF28] - 31.12.2013 - 00:19:30 ---A- . (...) -- C:\Windows\System32\Drivers\aswVmm.sys [180248]
O58 - SDL:[MD5.0ED67910C8C326796FAA00B2BF6D9D3C] - 13.7.2009 - 22:20:28 ---A- . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\System32\Drivers\elxstor.sys [453712]
O58 - SDL:[MD5.C1258ADCBE6E51A3C06C234D2BDB81B5] - 9.8.2007 - 03:06:40 ---A- . (.Huawei Tech. Co., Ltd. - HUAWEI USB Smart Card Driver.) -- C:\Windows\System32\Drivers\ewdcsc.sys [23424]
O58 - SDL:[MD5.C44E3C2BAB6837DB337DDEE7544736DB] - 13.7.2009 - 19:54:14 ---A- . (.Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for eHome.) -- C:\Windows\System32\Drivers\hcw85cir.sys [26624]
O58 - SDL:[MD5.3AD9F673A25D0F89494529DB9D19769E] - 12.12.2013 - 18:54:30 ---A- . (.Qustodio - Watchdog Driver NF.) -- C:\Windows\System32\Drivers\qwd.sys [25304]
O58 - SDL:[MD5.DB32D325C192B801DF274BFD12A7E72B] - 13.7.2009 - 22:19:04 ---A- . (.Promise Technology - Promise SuperTrak EX Series Driver for Windows.) -- C:\Windows\System32\Drivers\stexstor.sys [21072]
O58 - SDL:[MD5.8AAD333C876590293F72B315E162BCC7] - 13.7.2009 - 18:40:41 ---A- . (...) -- C:\Windows\System32\ANSI.SYS [9029]
O58 - SDL:[MD5.0FE9F16075C9ACB941C957B7C649176E] - 13.7.2009 - 18:40:44 ---A- . (...) -- C:\Windows\System32\country.sys [27097]
O58 - SDL:[MD5.E6BC0F98FECEF245A0010D350C1A0B9B] - 13.7.2009 - 18:40:40 ---A- . (...) -- C:\Windows\System32\HIMEM.SYS [4768]
O58 - SDL:[MD5.492090267B9608C62B956CD29BE3AFB7] - 13.7.2009 - 18:40:43 ---A- . (...) -- C:\Windows\System32\KEY01.SYS [42809]
O58 - SDL:[MD5.FBBCFEC1379C5C02D88A361993EDF1B8] - 13.7.2009 - 18:40:43 ---A- . (...) -- C:\Windows\System32\KEYBOARD.SYS [42537]
O58 - SDL:[MD5.FFFF296A08DBF2AC0126C62E3778AC0D] - 13.7.2009 - 18:40:23 ---A- . (...) -- C:\Windows\System32\NTDOS.SYS [27866]
O58 - SDL:[MD5.CF9ED169FF86D935E47999E82359E898] - 13.7.2009 - 18:40:31 ---A- . (...) -- C:\Windows\System32\NTDOS404.SYS [29146]
O58 - SDL:[MD5.03B945AC0481CD8BB161C3569D8ED1C3] - 13.7.2009 - 18:40:35 ---A- . (...) -- C:\Windows\System32\NTDOS411.SYS [29370]
O58 - SDL:[MD5.BBC957DC18C17CC027EB80B7C77F2AEA] - 13.7.2009 - 18:40:39 ---A- . (...) -- C:\Windows\System32\NTDOS412.SYS [29274]
O58 - SDL:[MD5.3CFFAEFFF23B0D208214A6D3061A5B1B] - 13.7.2009 - 18:40:27 ---A- . (...) -- C:\Windows\System32\NTDOS804.SYS [29146]
O58 - SDL:[MD5.2E4112FB7D1B76E11ADFD7487B5D0E95] - 13.7.2009 - 18:40:11 ---A- . (...) -- C:\Windows\System32\NTIO.SYS [33952]
O58 - SDL:[MD5.A98EBD4C2DF983665BF2D1AF49949974] - 13.7.2009 - 18:40:15 ---A- . (...) -- C:\Windows\System32\NTIO404.SYS [34672]
O58 - SDL:[MD5.3F7E6406EDEF197C5CAAB2240EEF6F48] - 13.7.2009 - 18:40:17 ---A- . (...) -- C:\Windows\System32\NTIO411.SYS [35776]
O58 - SDL:[MD5.3E64D681B776CC57BDC38A46D881F85B] - 13.7.2009 - 18:40:19 ---A- . (...) -- C:\Windows\System32\NTIO412.SYS [35536]
O58 - SDL:[MD5.D86B6435729231C171432B4E77801BDB] - 13.7.2009 - 18:40:13 ---A- . (...) -- C:\Windows\System32\NTIO804.SYS [34672]
~ Drivers: 18 Legitimates Filtered in 00mn 03s
---\\ Lista das ferramentas de remoção de vírus (LAT) (063)
O63 - Logiciel: ZHPDiag 2014 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =>.Nicolas Coolman
~ ADS: Scanned in 00mn 00s
---\\ Lista dos serviços Legacy du registo (064)
O64 - Services: CurCS - 12.12.2013 - C:\Windows\system32\Drivers\qwd.sys (qwd) .(.Qustodio - Watchdog Driver NF.) - LEGACY_QWD
~ Legacy: 89 Legitimates Filtered in 00mn 00s
---\\ Associações Shell Spawning (O67)
O67 - Shell Spawning: <.html>[HKCU\..\open\Command] (.Not Key.)
~ FASS Keys: 11 Legitimates Filtered in 00mn 00s
---\\ Menu de inicialização Internet (068)
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
~ Keys: Scanned in 00mn 00s
---\\ Pesquisa de infeção nos navegadores da Internet (SBI) (069)
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (Bing) - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
~ Keys: Scanned in 00mn 00s
---\\ Pesquisa adicional à raiz do sistema (radicular) (SPRF) (O84)
[MD5.F1AAAD57373832346B367E3B91916984] [SPRF][22.11.2013] (.Baidu, Inc. - Baidu Antivirus FileSplitUpLoad Library.) -- C:\ProgramData\FileSplitUpLoad.dll [170344] =>Adware.BDSearch
[MD5.FBC207AD85D053D4FD9DD93C595D1A1D] [SPRF][6.2.2014] (.No owner - HOSTS Anti-PUPs/Adwares.) -- C:\Users\Weliton\AppData\Local\Temp\Install_HOSTS_Anti-Adware.exe [285455]
[MD5.D41D8CD98F00B204E9800998ECF8427E] [SPRF][4.2.2014] (...) -- C:\Users\Weliton\AppData\Local\Temp\{019ED8BD-F979-408C-B70C-56D68CB44725}-32.0.1700.107_chrome_installer.exe [0]
[MD5.D41D8CD98F00B204E9800998ECF8427E] [SPRF][6.2.2014] (...) -- C:\Users\Weliton\AppData\Local\Temp\{3D529785-BC6A-4492-8479-28F3E9855C49}-32.0.1700.107_chrome_installer.exe [0]
[MD5.D41D8CD98F00B204E9800998ECF8427E] [SPRF][5.2.2014] (...) -- C:\Users\Weliton\AppData\Local\Temp\{48529DCD-BC79-4522-A980-E91731C05B83}-32.0.1700.107_chrome_installer.exe [0]
[MD5.D41D8CD98F00B204E9800998ECF8427E] [SPRF][3.2.2014] (...) -- C:\Users\Weliton\AppData\Local\Temp\{525D1F78-132F-4E89-AC57-244B137F90EE}-32.0.1700.107_chrome_installer.exe [0]
[MD5.D41D8CD98F00B204E9800998ECF8427E] [SPRF][6.2.2014] (...) -- C:\Users\Weliton\AppData\Local\Temp\{56F70835-6C0A-4ACF-824F-59E42F6D065D}-32.0.1700.107_chrome_installer.exe [0]
[MD5.D41D8CD98F00B204E9800998ECF8427E] [SPRF][1.2.2014] (...) -- C:\Users\Weliton\AppData\Local\Temp\{EB22AC2F-52FC-43FB-B374-36DEBCB79058}-32.0.1700.102_chrome_installer.exe [0]
[MD5.D41D8CD98F00B204E9800998ECF8427E] [SPRF][30.1.2014] (...) -- C:\Users\Weliton\AppData\Local\Temp\{EFA8CF08-9116-4190-AB64-6E1E332F8598}-32.0.1700.102_32.0.1700.76_chrome_updater.exe [0]
[MD5.D41D8CD98F00B204E9800998ECF8427E] [SPRF][29.1.2014] (...) -- C:\Users\Weliton\AppData\Local\Temp\{FD30FB0A-60E9-4825-9449-14727ECC816F}-32.0.1700.102_32.0.1700.76_chrome_updater.exe [0]
[MD5.54DB2B8C60F04C5ADE6D711D47EABA75] [SPRF][6.2.2014] (...) -- C:\Users\Weliton\Desktop\AdwCleaner.exe [1166132]
[MD5.A51E0EF08613E063F9F6DE65D45182D8] [SPRF][30.9.2012] (...) -- C:\Users\Weliton\Desktop\runserver.bat [38]
~ Files: 17 Legitimates Filtered in 00mn 00s
---\\ Listagem dos códigos dos software (PUC) (090)
O90 - PUC: "4211977E3628AA44699708B8FD017602" . (.Lugueres Sulsoftware.) -- C:\Windows\Installer\{E7791124-8263-44AA-9679-808BDF106720}\ARPPRODUCTICON.exe
~ Update Products: 45 Legitimates Filtered in 00mn 00s
---\\ Pesquisa dos pacotes WindowsInstaller (WIS) (O93) (NTFS)
[MD5.CFA5875B0EA7364AD782A17B2CAB4FC2] [WIS][30.12.2013] (.Qustodio - Qustodio.) -- C:\Windows\Installer\1167db.msi [46372864]
[MD5.F3EAF1658552F1D3C54CAF728C53766A] [WIS][27.12.2013] (.BlueStack Systems, Inc. - BlueStacks.) -- C:\Windows\Installer\2f88a86.msi [9678848]
~ WIS: 50 Legitimates Filtered in 00mn 12s
---\\ Estado general dos serviços não Microsoft (EGS) (SR=Executados, SS=Parados)
SS - | Demand 6.2.2014 257928 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
SS - | Auto 20.12.2013 402192 | (BstHdAndroidSvc) . (.BlueStack Systems, Inc..) - C:\Program Files\BlueStacks\HD-Service.exe
SS - | Auto 4.11.2013 116648 | (gupdate) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe
SS - | Demand 4.11.2013 116648 | (gupdatem) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe
SS - | Auto 6.2.2014 285795 | (HOSTS Anti-PUPs) . (...) - C:\Program Files\Hosts_Anti_Adwares_PUPs\HOSTS_Anti-Adware.exe
SS - | Demand 7.1.2014 119408 | (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
SS - | Auto 12.12.2013 3710288 | (qengine) . (.Qustodio.) - C:\Program Files\Qustodio\qproxy\qengine.exe
SS - | Auto 12.12.2013 1850168 | (qupdate) . (.Qustodio.) - C:\Program Files\Qustodio\qapp\QUpdateService.exe
SS - | Auto 10.7.1658 0 | (Update Bizzybolt) . (...) - C:\Program Files\Bizzybolt\updateBizzybolt.exe =>PUP.Bizzybolt
SR - | Auto 31.12.2013 50344 | (avast! Antivirus) . (.AVAST Software.) - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
SR - | Auto 20.12.2013 385808 | (BstHdLogRotatorSvc) . (.BlueStack Systems, Inc..) - C:\Program Files\BlueStacks\HD-LogRotatorService.exe
SR - | Auto 24.10.2012 360624 | (scpVista) . (.Banco Bradesco S.A..) - C:\Program Files\Scpad\scpVista.exe
SR - | Auto 17.12.2013 5341536 | (TeamViewer9) . (.TeamViewer GmbH.) - C:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe
SR - | Auto 13.7.2009 20992 | C:\Program Files\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SR - | Auto 13.7.2009 20992 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
~ Services: Scanned in 00mn 14s
---\\ Scâner Aditional (088)
Database Version : 13030 - (25.1.2014)
Clés trouvées (Keys found) : 3
Valeurs trouvées (Values found) : 3
Dossiers trouvés (Folders found) : 6
Fichiers trouvés (Files found) : 9
[HKLM\Software\Google\Chrome\Extensions\pflphaooapbgpeakohlggbpidpppgdff] =>Adware.MyWebSearch^
[HKLM\SYSTEM\CurrentControlSet\Services\Update Bizzybolt] =>PUP.Bizzybolt^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Baidu Antivirus] =>Adware.BDSearch
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]:mobilegeni daemon =>PUP.Mobogenie^
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]:NextLive =>PUP.NextLive^
C:\Users\Weliton\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff =>Adware.MyWebSearch^
C:\Program Files\Baidu Security =>Adware.BDSearch^
C:\ProgramData\Baidu Security =>Adware.BDSearch^
C:\ProgramData\InstallMate =>PUP.Tarma^
C:\Users\Weliton\AppData\Roaming\Baidu Security =>Adware.BDSearch^
C:\Users\Weliton\AppData\Roaming\newnext.me =>PUP.NextLive^
[HKCU\Software\Baidu Security] =>Adware.BDSearch^
[HKCU\Software\Baidu] =>Adware.BDSearch^
[HKCU\Software\BonanzaDeals] =>Adware.BonanzaDeals^
[HKCU\Software\Iminent Browser] =>Adware.IMBooster^
[HKLM\Software\Baidu Security] =>Adware.BDSearch^
[HKLM\Software\Baidu_Drp_pos] =>Adware.BDSearch^
[HKLM\Software\BonanzaDeals] =>Adware.BonanzaDeals^
[HKLM\Software\baidu] =>Adware.BDSearch^
C:\ProgramData\FileSplitUpLoad.dll =>Adware.BDSearch^
~ Additionnel Scan: 234880 Items scanned in 00mn 53s
---\\ Sumário das deteções encontradas na sua estação
~ [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>Adware.MyWebSearch
~ [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>PUP.VuuPC
~ [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>PUP.Mobogenie
~ [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>PUP.NextLive
~ [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>PUP.Bizzybolt
~ [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>Adware.MegaSearch
~ [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>Adware.BDSearch
~ [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>Adware.BonanzaDeals
~ [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>Adware.IMBooster
~ [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>PUP.Tarma
~ MSI: 10 link(s) detected in 00mn 53s
~ 974 Legitimates filtered by white list
End of the scan (588 lines in 06mn 55s)(0)
~ Relatório do ZHPDiag v2014.1.25.26 - Nicolas Coolman (25.1.2014)
~ Iniciado por Weliton (6.2.2014 18:18:58)
~ Endereço do Website : http://nicolascoolman.webs.com
~ Fóruns de suporte gratuito para desinfecção : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
~ Tradução pelo utilizador
~ Estatuto da versão :
~ Lista Branca : Ativado pelo programa
~ Elevação dos Privilégios : OK
~ Controle de Conta de Utilizador : Deactivate by user
---\\ Navegadores Internet
MSIE: Internet Explorer v11.0.9600.16476
MFIE: Mozilla Firefox 26.0
GCIE: Google Chrome v32.0.1700.76 (Defaut)
---\\ Informações sobre os produtos Windows
~ Langage: Portugais
Windows 7 Ultimate, 32-bit Service Pack 1 (Build 7601)
Windows Server License Manager Script : OK
System - Enable Open file C:\Users\Weliton\AppData\Roaming\ZHP\Licence.txt =>.Nicolas Coolman
---\\ Softwares de proteçao do sistema
avast! Free Antivirus v9.0.2011
Windows Defender W7
---\\ Softwares d'optimização do sistema
CCleaner v4.09 =>Piriform Ltd
---\\ Softwares de partilha do PeerToPeer (P2P)
---\\ Monitoramento dos softwares
Adobe Flash Player 11 Plugin
Java 7 Update 51
---\\ Informações sobre o sistema
~ Processor: x86 Family 6 Model 37 Stepping 5, GenuineIntel
~ Operating System: 32 Bits
Boot mode: Normal (Normal boot)
Total RAM: 2997 MB (63% free)
System Restore: Activé (Enable)
System drive C: has 419 GB (90%) free of 466 GB
---\\ Modo de conexão ao sistema
~ Computer Name: ITAUTEC
~ User Name: Weliton
~ All Users Names: Weliton, Keyla, HomeGroupUser$, Ester, Davi, Convidado, Administrador,
~ Unselected Option: 045,061,O62,065,066,080,O82,089
Logged in as Administrator
---\\ As variáveis de ambiente
~ System Unit : C:\
~ %AppZHP% : C:\Users\Weliton\AppData\Roaming\ZHP\
~ %AppData% : C:\Users\Weliton\AppData\Roaming\
~ %Desktop% : C:\Users\Weliton\Desktop\
~ %Favorites% : C:\Users\Weliton\Favorites\
~ %LocalAppData% : C:\Users\Weliton\AppData\Local\
~ %StartMenu% : C:\Users\Weliton\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\
---\\ Enumeração das unidades dos discos
C: Hard drive, Flash drive, Thumb drive (Free 419 Go of 466 Go)
D: CD-ROM drive (Not Inserted)
---\\ Estado do Centro de Segurança do Windows
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: Modified
~ Security Center: 46 Legitimates Filtered in 00mn 00s
---\\ Pesquisa particular de ficheiros genéricos
[MD5.8B88EBBB05A0E56B7DCC708498C02B3E] - (.Microsoft Corporation - Windows Explorer.) (.25.2.2011 - 02:30:54.) -- C:\Windows\Explorer.exe [2616320]
[MD5.B5C5DCAD3899512020D135600129D665] - (.Microsoft Corporation - Aplicativo de Inicialização do Windows.) (.13.7.2009 - 22:14:45.) -- C:\Windows\System32\Wininit.exe [96256]
[MD5.927FA6456AD6D7630F6854828D2FD16B] - (.Microsoft Corporation - Internet Extensions para Win32.) (.26.11.2013 - 03:33:33.) -- C:\Windows\System32\wininet.dll [1820160]
[MD5.6D13E1406F50C66E2A95D97F22C47560] - (.Microsoft Corporation - Aplicativo de Logon do Windows.) (.20.11.2010 - 09:17:54.) -- C:\Windows\System32\Winlogon.exe [286720]
[MD5.E3AE23569749DE12D45BA3B489A036AE] - (.Microsoft Corporation - Biblioteca de Licenciamento de Software.) (.20.11.2010 - 09:21:24.) -- C:\Windows\System32\sppcomapi.dll [193536]
[MD5.F81BB7E487EDCEAB630A7EE66CF23913] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.13.9.2013 - 21:48:58.) -- C:\Windows\system32\Drivers\AFD.sys [338944]
[MD5.338C86357871C167A96AB976519BF59E] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.13.7.2009 - 22:26:15.) -- C:\Windows\system32\Drivers\atapi.sys [21584]
[MD5.77EA11B065E0A8AB902D78145CA51E10] - (.Microsoft Corporation - CD-ROM File System Driver.) (.13.7.2009 - 20:11:15.) -- C:\Windows\system32\Drivers\Cdfs.sys [70656]
[MD5.BE167ED0FDB9C1FA1133953C18D5A6C9] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.20.11.2010 - 05:38:10.) -- C:\Windows\system32\Drivers\Cdrom.sys [108544]
[MD5.F024449C97EC1E464AAFFDA18593DB88] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.20.11.2010 - 05:42:32.) -- C:\Windows\system32\Drivers\DfsC.sys [78336]
[MD5.9036377B8A6C15DC2EEC53E489D159B5] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.20.11.2010 - 06:59:29.) -- C:\Windows\system32\Drivers\HDAudBus.sys [108544]
[MD5.F151F0BDC47F4A28B1B20A0818EA36D6] - (.Microsoft Corporation - Driver de porta i8042.) (.13.7.2009 - 20:11:24.) -- C:\Windows\system32\Drivers\i8042prt.sys [80896]
[MD5.A5FA468D67ABCDAA36264E463A7BB0CD] - (.Microsoft Corporation - IP Network Address Translator.) (.13.7.2009 - 20:54:29.) -- C:\Windows\system32\Drivers\IpNat.sys [101888]
[MD5.5D16C921E3671636C0EBA3BBAAC5FD25] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.26.4.2011 - 23:17:22.) -- C:\Windows\system32\Drivers\MRxSmb.sys [123904]
[MD5.280122DDCF04B378EDD1AD54D71C1E54] - (.Microsoft Corporation - MBT Transport driver.) (.20.11.2010 - 05:39:44.) -- C:\Windows\system32\Drivers\netBT.sys [187904]
[MD5.5E43D2B0EE64123D4880DFA6626DEFDE] - (.Microsoft Corporation - Driver do Sistema de Arquivos NT.) (.12.4.2013 - 10:45:29.) -- C:\Windows\system32\Drivers\ntfs.sys [1211752]
[MD5.2EA877ED5DD9713C5AC74E8EA7348D14] - (.Microsoft Corporation - Driver de porta paralela.) (.13.7.2009 - 20:45:35.) -- C:\Windows\system32\Drivers\Parport.sys [79360]
[MD5.D9F91EAFEC2815365CBE6D167E4E332A] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.13.7.2009 - 20:54:34.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [78848]
[MD5.B973FCFC50DC1434E1970A146F7E3885] - (.Microsoft Corporation - Microsoft RDP Device redirector.) (.20.11.2010 - 07:24:46.) -- C:\Windows\system32\Drivers\rdpdr.sys [133632]
[MD5.3E21C083B8A01CB70BA1F09303010FCE] - (.Microsoft Corporation - SMB Transport driver.) (.13.7.2009 - 20:53:41.) -- C:\Windows\system32\Drivers\smb.sys [71168]
[MD5.B459575348C20E8121D6039DA063C704] - (.Microsoft Corporation - TDI Translation Driver.) (.20.11.2010 - 05:39:17.) -- C:\Windows\system32\Drivers\tdx.sys [74752]
[MD5.F497F67932C6FA693D7DE2780631CFE7] - (.Microsoft Corporation - Driver de cópia de sombra de volume.) (.20.11.2010 - 09:30:16.) -- C:\Windows\system32\Drivers\volsnap.sys [245632]
~ Generic Processes: Scanned in 00mn 00s
---\\ Estatuto dos ficheiros ocultos (Oculto/Total)
~ Mes images (My Pictures) : 2/23
~ Mes musiques (My Musics) : 1/2
~ Mes Videos (My Videos) : 2/74
~ Mes Favoris (My Favorites) : 1/21
~ Mes Documents (My Documents) : 7/110
~ Mon Bureau (My Desktop) : 1/10
~ Menu demarrer (Programs) : 1/28
~ Hidden Files: Scanned in 00mn 00s
---\\ Processos lançados
[MD5.EC5C7B254E974170B949DCB1EC08CF98] - (.Dritek System Inc. - On Screen Display for Notebook Function Key.) -- C:\Program Files\Hotkey OSD Driver\HotKeyOSD.exe [232528] [PID.2968]
[MD5.0E34B7BB1FCF22BCC1E394D16F9E992B] - (.Microsoft Corporation - GrooveMonitor Utility.) -- C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [30040] [PID.2976]
[MD5.160E8A6C3FF72C76E7E4218CBF6824E7] - (.Nuance Communications, Inc. - PaperPort Print to Desktop for NT.) -- C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe [29984] [PID.3108]
[MD5.5B6E8E09BE6401A7E022F52FDFCB2FF8] - (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336] [PID.3164]
[MD5.AFEBF9E0B223FF04709F747C172D3540] - (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe [3764024] [PID.3176]
[MD5.7904F8A82DCC8C20545BD3B81B1623F3] - (.Qustodio - Qustodio Tray Icon.) -- C:\Program Files\Qustodio\qapp\QAppTray.exe [3855672] [PID.3224]
[MD5.A2E9FE64D1EC22F2B0BF6DB122739802] - (.BlueStack Systems, Inc. - BlueStacks Agent.) -- C:\Program Files\BlueStacks\HD-Agent.exe [807696] [PID.3248]
[MD5.7B2DC4B1DF3672BFD13247C7649214BC] - (.Intel Corporation - igfxTray Module.) -- C:\Windows\System32\igfxtray.exe [143856] [PID.3308]
[MD5.CCFA6A74908B913DBFEC1FEB31C723DC] - (.Intel Corporation - hkcmd Module.) -- C:\Windows\System32\hkcmd.exe [178672] [PID.3444]
[MD5.B8FECD7B8D2AE449F5D75F08AED70BE7] - (.Intel Corporation - persistence Module.) -- C:\Windows\System32\igfxpers.exe [179184] [PID.3504]
[MD5.51138BEEA3E2C21EC44D0932C71762A8] - (...) -- ystem32\rundll32.exe [0] [PID.3540]
[MD5.C1DB9BDF885C2F1ADC15264FBEA2788F] - (.No owner - HOSTS Anti-PUPs/Adwares.) -- C:\Program Files\Hosts_Anti_Adwares_PUPs\HOSTS_Anti-Adware_main.exe [302961] [PID.6044]
[MD5.3B0BA44D5691E00088B956394FDE64B6] - (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe [866584] [PID.4820]
[MD5.22A524EB3D7DAC385F5F036EEF589881] - (.Qustodio - Qustodio App.) -- C:\Program Files\Qustodio\qapp\QReport.exe [598840] [PID.6304]
[MD5.CA25CAEEBDBE25D85565877219F684F8] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [8339968] [PID.7372]
[MD5.A3A35EE79C64A640152B3113E6E254E2] - (.Microsoft Corporation - Microsoft ® Console Based Script Host.) -- C:\Windows\system32\cscript.exe [126976] [PID.6720]
~ Processes Running: Scanned in 00mn 00s
---\\ Google Chrome, Arranque,Pesquisa,Extensões (G0,G1,G2)
C:\Users\Weliton\AppData\Local\Google\Chrome\User Data\Default\Preferences
G1 - GCS: Preference [User Data\Default] [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
G2 - GCE: Preference [User Data\Default] [ahfgeienlihckogmohjhadlkjgocpleb] Loja v.0.2 (Activé)
G2 - GCE: Preference [User Data\Default] [aikjpcffhgkefggfobgcdobpnofgfhia] Doolphy v.2.1.3 (Activé)
G2 - GCE: Preference [User Data\Default] [bkgoccjhfjgjedhkiefaclppgbmoobnk] Audiotool v.1.1 (Activé)
G2 - GCE: Preference [User Data\Default] [cecjchnhpbngjggfolkpjggdpbnmnahm] Afinador v.1.0 (Activé)
G2 - GCE: Preference [User Data\Default] [cgjnhhjpfcdhbhlcmmjppicjmgfkppok] Download FB Album mod v.0.14.2.1 (Désactivé)
G2 - GCE: Preference [User Data\Default] [dbkchnicaiglcjpgbmpfmoafckkomdcm] Ajudante de Download de v\u00EDdeo v.1.1.5.3, (Activé)
G2 - GCE: Preference [User Data\Default] [eemaaomlfllldamnpoajaedaemnblgal] Dolar Hoje v.0.36 (Désactivé)
G2 - GCE: Preference [User Data\Default] [ejnkaeblpdcamcioiiabclakabcbjmbl] Box - 10GB of FREE storage v.1.1.7 (Activé)
G2 - GCE: Preference [User Data\Default] [epbmllnadbdnppblcebkkmapkinkdchd] Skype Links v.0.3 (Désactivé)
G2 - GCE: Preference [User Data\Default] [faijocccbppcdmakdenmbbiflcagbapp] Android Freeware v.1.0 (Activé)
G2 - GCE: Preference [User Data\Default] [figjjaggcjcojopflaabmebmocabdglm] Creately - Online Diagramming v.1.1 (Activé)
G2 - GCE: Preference [User Data\Default] [gchlfahfcdodhnempckahoanmmaflhkl] Sr. Dinheiro v.5 (Activé)
G2 - GCE: Preference [User Data\Default] [gddpjhpnedgjejmooocheicegbpfmhne] HelpDesk v.0.0.0.1 (Activé)
G2 - GCE: Preference [User Data\Default] [hihakjfhbmlmjdnnhegiciffjplmdhin] Rapportive v.1.4.1 (Activé)
G2 - GCE: Preference [User Data\Default] [imcbnnnoghiihopefblgehihofbfbmei] Desprotetor de Links v.2.0.0.13, (Désactivé)
G2 - GCE: Preference [User Data\Default] [imokeandodnlammaoenbgcnbhigjbpjh] iPiccy Photo Editor v.1.1 (Activé)
G2 - GCE: Preference [User Data\Default] [jfnniehafojoidolddmhfnpnbiolbppi] Roomstyler 3D planner v.3.0 (Activé)
G2 - GCE: Preference [User Data\Default] [jhegddohmncgelkehhnigphmloinkinj] Zoho Sheet v.1.2 (Activé)
G2 - GCE: Preference [User Data\Default] [jpnjjlbngpejmmhgcaagljaomgnginml] Endereç o IP v.7.1, (Activé)
G2 - GCE: Preference [User Data\Default] [kfoaifmljjopjdffohdndabjeejbnipm] Emqualcinema v.1.0.2 (Activé)
G2 - GCE: Preference [User Data\Default] [kneloppijbcidgidihgdjnooihjcdbij] HootSuite v.5.244 (Activé)
G2 - GCE: Preference [User Data\Default] [lelffnbhjliaaecgedgbolamdmhbbgpc] Imoveis no mapa v.1.2 (Activé)
G2 - GCE: Preference [User Data\Default] [lljagjbdinjommccodelnfmkepbdoafl] PadMapper v.1 (Activé)
G2 - GCE: Preference [User Data\Default] [mcafejemebbngbglfoinpoaannbihjna] Planeador de ambientes v.1.2.0.4 (Activé)
G2 - GCE: Preference [User Data\Default] [mdddabjhelpilpnpgondfmehhcplpiin] Envie Capturas de Tela com Coment\u00E1rios v.6.8.3, (Activé)
G2 - GCE: Preference [User Data\Default] [midfegdkjdhphhbffnfeaknedfjiepne] Island Road 1440x900 v.1 (Désactivé)
G2 - GCE: Preference [User Data\Default] [mihcahmgecmbnbcchbopgniflfhgnkff] Verificador de mensagens do Google v.4.4.0 (Désactivé)
G2 - GCE: Preference [User Data\Default] [mojgmjbdekkokcnihmbifiknnpboifkc] Conversion Support Live Chat For Websites v.0.1.1208.27 (Activé)
G2 - GCE: Preference [User Data\Default] [nkeimhogjdpnpccoofpliimaahmaaome] Hangout Services v.1.0 (Activé)
G2 - GCE: Preference [User Data\Default] [oglhhmnmdocfhmhlekfdecokagmbchnf] Do Share v.6.0.13, (Désactivé)
G2 - GCE: Preference [User Data\Default] [pbldopcdkcepddcophogapjebhfjbpfp] Tarifa de T\u00E1xi v.1.0.1.2 (Activé)
G2 - GCE: Preference [User Data\Default] [pflphaooapbgpeakohlggbpidpppgdff] MySearchDial Nova Guia v.9.4.4 (Désactivé) =>Adware.MyWebSearch
G2 - GCE: Preference [User Data\Default] [pmkffmgahaepmhkhkblhopnpleeikokc] Connected Mind v.1.2 (Activé)
~ Google Browser: 57 Legitimates Filtered in 04mn 40s
---\\ Mozilla Firefox, Plugins,Arranque,Pesquisa,Extensões (P2,M0,M1,M2,M3)
C:\Users\Weliton\AppData\Roaming\Mozilla\Firefox\Profiles\lk4ip86g.default\prefs.js
P2 - FPN: [HKLM] [Web Components] - (...) -- C:\Program Files\Web Components\npWebVideoPlugin.dll (.not file.)
~ Firefox Browser: 9 Legitimates Filtered in 00mn 00s
---\\ Internet Explorer, Arranque, Pesquisa, URLSearchHook( gancho de URL), Phishing (R0,R1,R3,R4)
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
~ IE Browser: 12 Legitimates Filtered in 00mn 00s
---\\ Internet Explorer, Gestão do Proxy (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s
---\\ Análise das linhas F0, F1, F2, F3 - Ficheiros ini, Carregamento Automático de programas
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys: Scanned in 00mn 00s
---\\ Redireção do ficheiro Hosts (01)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File: Scanned in 00mn 00s
~ Nombre de lignes (Lines number): 693
---\\ Browser Helper Objects do navegador (02)
O2 - BHO: CompSegIB - {2E3C3651-B19C-4DD9-A979-901EC3E930AF} . (.Banco Bradesco S.A. - scpsssh2 Module.) -- C:\Program Files\Scpad\scpsssh2.dll
~ BHO: 12 Legitimates Filtered in 00mn 00s
---\\ Barras do Internet Explorer (03))
O3 - Toolbar: avast! Online Security - [HKLM]{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} . (.AVAST Software - IE Webrep plugin.) -- C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
~ Toolbar: Scanned in 00mn 00s
---\\ Outras conexões do utilizador (04)
O4 - GS\Desktop [Public]: Doméstico.lnk . (.Ivan Mecenas Informática - Domestic.) -- C:\Program Files\MCsoft\Domestic\Domestic.exe
O4 - GS\Desktop [Public]: Inkscape.lnk . (.inkscape.org - Inkscape.) -- C:\Program Files\Inkscape\inkscape.exe
O4 - GS\Program [Public]: Inkscape.lnk . (.inkscape.org - Inkscape.) -- C:\Program Files\Inkscape\inkscape.exe
O4 - GS\Program [Public]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe
O4 - GS\QuickLaunch [Weliton]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
O4 - GS\QuickLaunch [Weliton]: Inkscape.lnk . (.inkscape.org - Inkscape.) -- C:\Program Files\Inkscape\inkscape.exe
O4 - GS\QuickLaunch [Weliton]: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\TaskBar [Weliton]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
O4 - GS\TaskBar [Weliton]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\TaskBar [Weliton]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe
O4 - GS\TaskBar [Weliton]: SMPlayer.lnk . (.Ricardo Villalba - SMPlayer.) -- C:\Program Files\SMPlayer\smplayer.exe
O4 - GS\Program [Weliton]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\SystemTools [Weliton]: Internet Explorer (No Add-ons).lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\SendTo [Weliton]: Transferência de Arquivo Bluetooth.LNK . (.Microsoft Corporation - No Comment.) -- C:\Windows\System32\fsquirt.exe
O4 - GS\QuickLaunch [Keyla]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
O4 - GS\QuickLaunch [Keyla]: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\TaskBar [Keyla]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
O4 - GS\TaskBar [Keyla]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\Program [Keyla]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\SystemTools [Keyla]: Internet Explorer (No Add-ons).lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\SendTo [Keyla]: Transferência de Arquivo Bluetooth.LNK . (.Microsoft Corporation - No Comment.) -- C:\Windows\System32\fsquirt.exe
O4 - GS\Desktop [Keyla]: Google Chromejogosdaba.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
O4 - GS\Desktop [Keyla]: Lugueres.lnk . (...) -- C:\Sulsoftware\WinCTI\WinCTI.exe
O4 - GS\Desktop [Keyla]: Start BlueStacks.lnk . (.BlueStack Systems, Inc. - BlueStacks StartLauncher.) -- C:\Program Files\BlueStacks\HD-StartLauncher.exe
O4 - GS\QuickLaunch [Ester]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
O4 - GS\QuickLaunch [Ester]: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\TaskBar [Ester]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
O4 - GS\TaskBar [Ester]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\Program [Ester]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\SystemTools [Ester]: Internet Explorer (No Add-ons).lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\SendTo [Ester]: Transferência de Arquivo Bluetooth.LNK . (.Microsoft Corporation - No Comment.) -- C:\Windows\System32\fsquirt.exe
O4 - GS\Desktop [Ester]: Continue VuuPC Installation.lnk . (...) -- C:\Users\Weliton\AppData\Local\Temp\ICReinstall_Setup.exe (.not file.) =>PUP.VuuPC
O4 - GS\Desktop [Ester]: Free Screen Video Capture by Topviewsoft.lnk . (.Topviewsoft.com - Free Screen Video Capture by Topviewsoft.) -- C:\Program Files\Free Screen Video Capture by Topviewsoft\videocapture.exe
O4 - GS\Desktop [Ester]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
O4 - GS\QuickLaunch [Convidado]: Club Cooee.lnk . (...) -- C:\Users\Weliton\AppData\Local\ClubCooee\Program\cooee.exe (.not file.)
O4 - GS\QuickLaunch [Convidado]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
O4 - GS\QuickLaunch [Convidado]: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\TaskBar [Convidado]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
O4 - GS\TaskBar [Convidado]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\Program [Convidado]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\SystemTools [Convidado]: Internet Explorer (No Add-ons).lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\SendTo [Convidado]: Transferência de Arquivo Bluetooth.LNK . (.Microsoft Corporation - No Comment.) -- C:\Windows\System32\fsquirt.exe
O4 - GS\Desktop [Convidado]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
~ Global Startup: 113 Legitimates Filtered in 00mn 03s
---\\ Aplicações iniciadas por registo & pastas (04)
O4 - GS\Startup [Weliton]: AndroidPCRemote.lnk . (...) -- C:\Users\Weliton\Desktop\AndroidPCServer.exe (.not file.)
O4 - HKLM\..\Run: [HotKeyOSD] . (.Dritek System Inc. - On Screen Display for Notebook Function Key.) -- C:\Program Files\Hotkey OSD Driver\HotKeyOSD.exe
O4 - HKLM\..\Run: [GrooveMonitor] . (.Microsoft Corporation - GrooveMonitor Utility.) -- C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
O4 - HKLM\..\Run: [SSBkgdUpdate] . (.Nuance Communications, Inc. - SSBkgdUpdate.) -- C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe
O4 - HKLM\..\Run: [PaperPort PTD] . (.Nuance Communications, Inc. - PaperPort Print to Desktop for NT.) -- C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
O4 - HKLM\..\Run: [IndexSearch] . (.Nuance Communications, Inc. - PaperPort IndexSearch.) -- C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe
O4 - HKLM\..\Run: [PPort11reminder] . (.Nuance Communications, Inc. - Ereg.) -- C:\Program Files\ScanSoft\PaperPort\Ereg\Ereg.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] . (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe =>.Oracle Corporation
O4 - HKLM\..\Run: [AvastUI.exe] . (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
O4 - HKLM\..\Run: [QAppTray] . (.Qustodio - Qustodio Tray Icon.) -- C:\Program Files\Qustodio\qapp\QAppTray.exe
O4 - HKLM\..\Run: [BlueStacks Agent] . (.BlueStack Systems, Inc. - BlueStacks Agent.) -- C:\Program Files\BlueStacks\HD-Agent.exe
O4 - HKLM\..\Run: [IgfxTray] . (.Intel Corporation - igfxTray Module.) -- C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] . (.Intel Corporation - hkcmd Module.) -- C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] . (.Intel Corporation - persistence Module.) -- C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [mobilegeni daemon] C:\Program Files\Mobogenie\DaemonProcess.exe (.not file.) =>PUP.Mobogenie
O4 - HKLM\..\Run: [HOSTS Anti-Adware_PUPs] . (.No owner - HOSTS Anti-PUPs/Adwares.) -- C:\Program Files\Hosts_Anti_Adwares_PUPs\HOSTS_Anti-Adware_main.exe
O4 - HKCU\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets da Área de Trabalho do Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe
O4 - HKCU\..\Run: [NextLive] . (.NewNextDotMe - NewNext Helper Engine.) -- C:\Users\Weliton\AppData\Roaming\newnext.me\nengine.dll =>PUP.NextLive
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets da Área de Trabalho do Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets da Área de Trabalho do Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe
O4 - HKUS\.DEFAULT\..\RunOnce: [SPReview] . (.Microsoft Corporation - SP Reviewer.) -- C:\Windows\System32\SPReview\SPReview.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-18\..\RunOnce: [SPReview] . (.Microsoft Corporation - SP Reviewer.) -- C:\Windows\System32\SPReview\SPReview.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-21-438549365-1466117216-4133764897-1000\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets da Área de Trabalho do Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe
O4 - HKUS\S-1-5-21-438549365-1466117216-4133764897-1000\..\Run: [NextLive] . (.NewNextDotMe - NewNext Helper Engine.) -- C:\Users\Weliton\AppData\Roaming\newnext.me\nengine.dll =>PUP.NextLive
~ Application: Scanned in 00mn 00s
---\\ Boutões da barra de ferramentas principal do Internet Explorer (09)
O9 - Extra button: &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} . (.Microsoft Corporation - Microsoft Office OneNote Internet Explorer Add-in.) -- C:\Program Files\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} . (...) -- C:\Program Files\Microsoft Office\Office12\REFBARH.ICO
~ IE Extra Buttons: Scanned in 00mn 00s
---\\ Alteração Dominio/Clientes DNS (017)
O17 - HKLM\System\CCS\Services\Tcpip\..\{0B7E44F8-59E6-4BBB-BDE6-050578BC8EAE}: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{0B7E44F8-59E6-4BBB-BDE6-050578BC8EAE}: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{0B7E44F8-59E6-4BBB-BDE6-050578BC8EAE}: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 192.168.1.1
~ Domain: Scanned in 00mn 00s
---\\ Protocolo adicional (018)
O18 - Handler: vbscript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visualizador de HTML da Microsoft (R).) -- C:\Windows\System32\mshtml.dll
O18 - Filter: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.dll =>.Microsoft Corporation
~ Protocole Additionnel: Scanned in 00mn 00s
---\\ Valor do Registo AppInit_DLLs e sub-chaves Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: igfxcui . (.Intel Corporation - igfxdev Module.) -- C:\Windows\System32\igfxdev.dll
~ Winlogon: Scanned in 00mn 00s
---\\ Chave do Registo autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21)
O21 - SSODL: CompIBBrd - {A3717295-941D-416F-9384-ED1736729F1C} . (.Banco Bradesco S.A. - scpIBLoad Module.) -- C:\Program Files\Scpad\scpLIB.dll
~ SSODL: 2 Legitimates Filtered in 00mn 00s
---\\ Lista dos serviços NT não Microsoft e não desativados (023)
O23 - Service: qengine (qengine) . (.Qustodio - No Comment.) - C:\Program Files\Qustodio\qproxy\qengine.exe
O23 - Service: qupdate (qupdate) . (.Qustodio - Qustodio App.) - C:\Program Files\Qustodio\qapp\QUpdateService.exe
O23 - Service: scpVista (scpVista) . (.Banco Bradesco S.A. - scpVista.) - C:\Program Files\Scpad\scpVista.exe
O23 - Service: Update Bizzybolt (Update Bizzybolt) . (...) - C:\Program Files\Bizzybolt\updateBizzybolt.exe (.not file.) =>PUP.Bizzybolt
~ Services: 9 Legitimates Filtered in 00mn 07s
---\\ Tarefas planificadas automaticamente (039)
[MD5.00000000000000000000000000000000] [APT] [SomotoUpdateCheckerAutoStart] (...) -- C:\Users\Weliton\AppData\Local\FilesFrog Update Checker\update_checker.exe (.not file.) [0] =>Adware.MegaSearch
[MD5.00000000000000000000000000000000] [APT] [{389A7561-097D-42D4-870C-5081EDDF0A6E}] (...) -- C:\Program Files\Remote PC Server 1.0.4\Remote PC Server.exe (.not file.) [0]
~ Scheduled Task: 29 Legitimates Filtered in 00mn 06s
---\\ Drivers lançados ao arranque do sistema (041)
O41 - Driver: (Bfilter) . (. - .) - C:\Windows\system32\drivers\Bfilter.sys (.not file.)
O41 - Driver: (Bfmon) . (. - .) - C:\Windows\system32\drivers\Bfmon.sys (.not file.)
O41 - Driver: (Bprotect) . (. - .) - C:\Windows\system32\drivers\Bprotect.sys (.not file.)
O41 - Driver: (qwd) . (.Qustodio - Watchdog Driver NF.) - C:\Windows\system32\Drivers\qwd.sys
~ Drivers: 87 Legitimates Filtered in 00mn 00s
---\\ Software instalados (042)
O42 - Logiciel: Free Screen Video Capture by Topviewsoft 4.1.7 - (.Topviewsoft, Inc..) [HKLM] -- {180CAD6C-B0ED-42A9-8C4A-CF49C6682A06}_is1
O42 - Logiciel: Ivan Mecenas Domestic 6.6.7.1 - (.Ivan Mecenas.) [HKLM] -- Domestic
O42 - Logiciel: Qustodio - (.Qustodio.) [HKLM] -- Qustodio
~ Logic: 17 Legitimates Filtered in 00mn 00s
---\\ HKCU & HKLM Software Keys
[HKCU\Software\Baidu Security] =>Adware.BDSearch
[HKCU\Software\Baidu] =>Adware.BDSearch
[HKCU\Software\BonanzaDeals] =>Adware.BonanzaDeals
[HKCU\Software\Data Cempro]
[HKCU\Software\Iminent Browser] =>Adware.IMBooster
[HKCU\Software\MCsoft]
[HKLM\Software\Baidu Security] =>Adware.BDSearch
[HKLM\Software\Baidu_Drp_pos] =>Adware.BDSearch
[HKLM\Software\BonanzaDeals] =>Adware.BonanzaDeals
[HKLM\Software\MCsoft]
[HKLM\Software\QustodioInstaller]
[HKLM\Software\baidu] =>Adware.BDSearch
~ Key Software: 162 Legitimates Filtered in 00mn 00s
---\\ Conteúdo das pastas Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 25.12.2013 - 22:16:29 - [0] ----D C:\Program Files\Baidu Security =>Adware.BDSearch
O43 - CFD: 25.12.2013 - 22:28:05 - [1,718] ----D C:\Program Files\Free Screen Video Capture by Topviewsoft
O43 - CFD: 4.11.2013 - 22:18:46 - [2,571] ----D C:\Program Files\Hotkey OSD Driver
O43 - CFD: 22.1.2014 - 20:46:28 - [38,578] ----D C:\Program Files\MCsoft
O43 - CFD: 30.12.2013 - 18:57:22 - [51,439] ----D C:\Program Files\Qustodio
O43 - CFD: 31.12.2013 - 11:37:16 - [1,511] ----D C:\Program Files\Scpad
O43 - CFD: 25.12.2013 - 22:17:28 - [29,192] ----D C:\ProgramData\Baidu Security =>Adware.BDSearch
O43 - CFD: 16.12.2013 - 23:12:37 - [0,113] ----D C:\ProgramData\InstallMate =>PUP.Tarma
O43 - CFD: 8.1.2014 - 21:42:02 - [105,850] ----D C:\ProgramData\qustodio
O43 - CFD: 25.12.2013 - 22:17:45 - [2,876] ----D C:\Users\Weliton\AppData\Roaming\Baidu Security =>Adware.BDSearch
O43 - CFD: 6.2.2014 - 14:27:08 - [1,228] ----D C:\Users\Weliton\AppData\Roaming\newnext.me =>PUP.NextLive
O43 - CFD: 10.1.2014 - 23:41:31 - [1,224] ----D C:\Users\Weliton\AppData\Local\genienext
~ Program Folder: 138 Legitimates Filtered in 00mn 26s
---\\ Últimos ficheiros alterados ou criados no Windows e Sistema32 (044)
O44 - LFC:[MD5.8AB58E4CB9545978A03313113E5CE114] - 28.1.2014 - 22:41:51 ---A- . (...) -- C:\Windows\System32\qengine.ini [19160]
O44 - LFC:[MD5.D71CD62102457C3CD0E7803081357924] - 28.1.2014 - 22:41:51 ---A- . (...) -- C:\Windows\System32\qengineOff.ini [2672]
O44 - LFC:[MD5.7DA32487480E05EAEB92C7B8673128B0] - 6.2.2014 - 13:07:01 ---A- . (...) -- C:\Windows\System32\prfc0416.dat [128938]
O44 - LFC:[MD5.E95B5563300D3C29E161A5897E1058EB] - 6.2.2014 - 13:07:01 ---A- . (...) -- C:\Windows\System32\prfh0416.dat [666708]
O44 - LFC:[MD5.06F5E37AA1FFE28E55292CECFEA6C40E] - 6.2.2014 - 17:24:00 --HA- . (...) -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [21200]
O44 - LFC:[MD5.06F5E37AA1FFE28E55292CECFEA6C40E] - 6.2.2014 - 17:24:00 --HA- . (...) -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [21200]
~ Files: 17 Legitimates Filtered in 00mn 03s
---\\ Operações e funções ao arranque do Windows Explorer (046)
O46 - SEH:ShellExecuteHooks - Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
~ ShellExecuteHooks: Scanned in 00mn 00s
---\\ Enumeração das chaves do registo PoliciesSystem (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=0
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
~ MWPS: 18 Legitimates Filtered in 00mn 00s
---\\ Lista dos drivers do sistema (SDL) (O58)
O58 - SDL:[MD5.F385467DF95D0A73775CB3B076B8B969] - 9.12.2013 - 09:09:38 ---A- . (...) -- C:\Windows\System32\Drivers\aswRvrt.sys [49944]
O58 - SDL:[MD5.1B0662514A68C3A42E60D240C5ABEF28] - 31.12.2013 - 00:19:30 ---A- . (...) -- C:\Windows\System32\Drivers\aswVmm.sys [180248]
O58 - SDL:[MD5.0ED67910C8C326796FAA00B2BF6D9D3C] - 13.7.2009 - 22:20:28 ---A- . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\System32\Drivers\elxstor.sys [453712]
O58 - SDL:[MD5.C1258ADCBE6E51A3C06C234D2BDB81B5] - 9.8.2007 - 03:06:40 ---A- . (.Huawei Tech. Co., Ltd. - HUAWEI USB Smart Card Driver.) -- C:\Windows\System32\Drivers\ewdcsc.sys [23424]
O58 - SDL:[MD5.C44E3C2BAB6837DB337DDEE7544736DB] - 13.7.2009 - 19:54:14 ---A- . (.Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for eHome.) -- C:\Windows\System32\Drivers\hcw85cir.sys [26624]
O58 - SDL:[MD5.3AD9F673A25D0F89494529DB9D19769E] - 12.12.2013 - 18:54:30 ---A- . (.Qustodio - Watchdog Driver NF.) -- C:\Windows\System32\Drivers\qwd.sys [25304]
O58 - SDL:[MD5.DB32D325C192B801DF274BFD12A7E72B] - 13.7.2009 - 22:19:04 ---A- . (.Promise Technology - Promise SuperTrak EX Series Driver for Windows.) -- C:\Windows\System32\Drivers\stexstor.sys [21072]
O58 - SDL:[MD5.8AAD333C876590293F72B315E162BCC7] - 13.7.2009 - 18:40:41 ---A- . (...) -- C:\Windows\System32\ANSI.SYS [9029]
O58 - SDL:[MD5.0FE9F16075C9ACB941C957B7C649176E] - 13.7.2009 - 18:40:44 ---A- . (...) -- C:\Windows\System32\country.sys [27097]
O58 - SDL:[MD5.E6BC0F98FECEF245A0010D350C1A0B9B] - 13.7.2009 - 18:40:40 ---A- . (...) -- C:\Windows\System32\HIMEM.SYS [4768]
O58 - SDL:[MD5.492090267B9608C62B956CD29BE3AFB7] - 13.7.2009 - 18:40:43 ---A- . (...) -- C:\Windows\System32\KEY01.SYS [42809]
O58 - SDL:[MD5.FBBCFEC1379C5C02D88A361993EDF1B8] - 13.7.2009 - 18:40:43 ---A- . (...) -- C:\Windows\System32\KEYBOARD.SYS [42537]
O58 - SDL:[MD5.FFFF296A08DBF2AC0126C62E3778AC0D] - 13.7.2009 - 18:40:23 ---A- . (...) -- C:\Windows\System32\NTDOS.SYS [27866]
O58 - SDL:[MD5.CF9ED169FF86D935E47999E82359E898] - 13.7.2009 - 18:40:31 ---A- . (...) -- C:\Windows\System32\NTDOS404.SYS [29146]
O58 - SDL:[MD5.03B945AC0481CD8BB161C3569D8ED1C3] - 13.7.2009 - 18:40:35 ---A- . (...) -- C:\Windows\System32\NTDOS411.SYS [29370]
O58 - SDL:[MD5.BBC957DC18C17CC027EB80B7C77F2AEA] - 13.7.2009 - 18:40:39 ---A- . (...) -- C:\Windows\System32\NTDOS412.SYS [29274]
O58 - SDL:[MD5.3CFFAEFFF23B0D208214A6D3061A5B1B] - 13.7.2009 - 18:40:27 ---A- . (...) -- C:\Windows\System32\NTDOS804.SYS [29146]
O58 - SDL:[MD5.2E4112FB7D1B76E11ADFD7487B5D0E95] - 13.7.2009 - 18:40:11 ---A- . (...) -- C:\Windows\System32\NTIO.SYS [33952]
O58 - SDL:[MD5.A98EBD4C2DF983665BF2D1AF49949974] - 13.7.2009 - 18:40:15 ---A- . (...) -- C:\Windows\System32\NTIO404.SYS [34672]
O58 - SDL:[MD5.3F7E6406EDEF197C5CAAB2240EEF6F48] - 13.7.2009 - 18:40:17 ---A- . (...) -- C:\Windows\System32\NTIO411.SYS [35776]
O58 - SDL:[MD5.3E64D681B776CC57BDC38A46D881F85B] - 13.7.2009 - 18:40:19 ---A- . (...) -- C:\Windows\System32\NTIO412.SYS [35536]
O58 - SDL:[MD5.D86B6435729231C171432B4E77801BDB] - 13.7.2009 - 18:40:13 ---A- . (...) -- C:\Windows\System32\NTIO804.SYS [34672]
~ Drivers: 18 Legitimates Filtered in 00mn 03s
---\\ Lista das ferramentas de remoção de vírus (LAT) (063)
O63 - Logiciel: ZHPDiag 2014 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =>.Nicolas Coolman
~ ADS: Scanned in 00mn 00s
---\\ Lista dos serviços Legacy du registo (064)
O64 - Services: CurCS - 12.12.2013 - C:\Windows\system32\Drivers\qwd.sys (qwd) .(.Qustodio - Watchdog Driver NF.) - LEGACY_QWD
~ Legacy: 89 Legitimates Filtered in 00mn 00s
---\\ Associações Shell Spawning (O67)
O67 - Shell Spawning: <.html>
~ FASS Keys: 11 Legitimates Filtered in 00mn 00s
---\\ Menu de inicialização Internet (068)
O68 - StartMenuInternet:
O68 - StartMenuInternet:
O68 - StartMenuInternet:
~ Keys: Scanned in 00mn 00s
---\\ Pesquisa de infeção nos navegadores da Internet (SBI) (069)
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (Bing) - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
~ Keys: Scanned in 00mn 00s
---\\ Pesquisa adicional à raiz do sistema (radicular) (SPRF) (O84)
[MD5.F1AAAD57373832346B367E3B91916984] [SPRF][22.11.2013] (.Baidu, Inc. - Baidu Antivirus FileSplitUpLoad Library.) -- C:\ProgramData\FileSplitUpLoad.dll [170344] =>Adware.BDSearch
[MD5.FBC207AD85D053D4FD9DD93C595D1A1D] [SPRF][6.2.2014] (.No owner - HOSTS Anti-PUPs/Adwares.) -- C:\Users\Weliton\AppData\Local\Temp\Install_HOSTS_Anti-Adware.exe [285455]
[MD5.D41D8CD98F00B204E9800998ECF8427E] [SPRF][4.2.2014] (...) -- C:\Users\Weliton\AppData\Local\Temp\{019ED8BD-F979-408C-B70C-56D68CB44725}-32.0.1700.107_chrome_installer.exe [0]
[MD5.D41D8CD98F00B204E9800998ECF8427E] [SPRF][6.2.2014] (...) -- C:\Users\Weliton\AppData\Local\Temp\{3D529785-BC6A-4492-8479-28F3E9855C49}-32.0.1700.107_chrome_installer.exe [0]
[MD5.D41D8CD98F00B204E9800998ECF8427E] [SPRF][5.2.2014] (...) -- C:\Users\Weliton\AppData\Local\Temp\{48529DCD-BC79-4522-A980-E91731C05B83}-32.0.1700.107_chrome_installer.exe [0]
[MD5.D41D8CD98F00B204E9800998ECF8427E] [SPRF][3.2.2014] (...) -- C:\Users\Weliton\AppData\Local\Temp\{525D1F78-132F-4E89-AC57-244B137F90EE}-32.0.1700.107_chrome_installer.exe [0]
[MD5.D41D8CD98F00B204E9800998ECF8427E] [SPRF][6.2.2014] (...) -- C:\Users\Weliton\AppData\Local\Temp\{56F70835-6C0A-4ACF-824F-59E42F6D065D}-32.0.1700.107_chrome_installer.exe [0]
[MD5.D41D8CD98F00B204E9800998ECF8427E] [SPRF][1.2.2014] (...) -- C:\Users\Weliton\AppData\Local\Temp\{EB22AC2F-52FC-43FB-B374-36DEBCB79058}-32.0.1700.102_chrome_installer.exe [0]
[MD5.D41D8CD98F00B204E9800998ECF8427E] [SPRF][30.1.2014] (...) -- C:\Users\Weliton\AppData\Local\Temp\{EFA8CF08-9116-4190-AB64-6E1E332F8598}-32.0.1700.102_32.0.1700.76_chrome_updater.exe [0]
[MD5.D41D8CD98F00B204E9800998ECF8427E] [SPRF][29.1.2014] (...) -- C:\Users\Weliton\AppData\Local\Temp\{FD30FB0A-60E9-4825-9449-14727ECC816F}-32.0.1700.102_32.0.1700.76_chrome_updater.exe [0]
[MD5.54DB2B8C60F04C5ADE6D711D47EABA75] [SPRF][6.2.2014] (...) -- C:\Users\Weliton\Desktop\AdwCleaner.exe [1166132]
[MD5.A51E0EF08613E063F9F6DE65D45182D8] [SPRF][30.9.2012] (...) -- C:\Users\Weliton\Desktop\runserver.bat [38]
~ Files: 17 Legitimates Filtered in 00mn 00s
---\\ Listagem dos códigos dos software (PUC) (090)
O90 - PUC: "4211977E3628AA44699708B8FD017602" . (.Lugueres Sulsoftware.) -- C:\Windows\Installer\{E7791124-8263-44AA-9679-808BDF106720}\ARPPRODUCTICON.exe
~ Update Products: 45 Legitimates Filtered in 00mn 00s
---\\ Pesquisa dos pacotes WindowsInstaller (WIS) (O93) (NTFS)
[MD5.CFA5875B0EA7364AD782A17B2CAB4FC2] [WIS][30.12.2013] (.Qustodio - Qustodio.) -- C:\Windows\Installer\1167db.msi [46372864]
[MD5.F3EAF1658552F1D3C54CAF728C53766A] [WIS][27.12.2013] (.BlueStack Systems, Inc. - BlueStacks.) -- C:\Windows\Installer\2f88a86.msi [9678848]
~ WIS: 50 Legitimates Filtered in 00mn 12s
---\\ Estado general dos serviços não Microsoft (EGS) (SR=Executados, SS=Parados)
SS - | Demand 6.2.2014 257928 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
SS - | Auto 20.12.2013 402192 | (BstHdAndroidSvc) . (.BlueStack Systems, Inc..) - C:\Program Files\BlueStacks\HD-Service.exe
SS - | Auto 4.11.2013 116648 | (gupdate) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe
SS - | Demand 4.11.2013 116648 | (gupdatem) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe
SS - | Auto 6.2.2014 285795 | (HOSTS Anti-PUPs) . (...) - C:\Program Files\Hosts_Anti_Adwares_PUPs\HOSTS_Anti-Adware.exe
SS - | Demand 7.1.2014 119408 | (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
SS - | Auto 12.12.2013 3710288 | (qengine) . (.Qustodio.) - C:\Program Files\Qustodio\qproxy\qengine.exe
SS - | Auto 12.12.2013 1850168 | (qupdate) . (.Qustodio.) - C:\Program Files\Qustodio\qapp\QUpdateService.exe
SS - | Auto 10.7.1658 0 | (Update Bizzybolt) . (...) - C:\Program Files\Bizzybolt\updateBizzybolt.exe =>PUP.Bizzybolt
SR - | Auto 31.12.2013 50344 | (avast! Antivirus) . (.AVAST Software.) - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
SR - | Auto 20.12.2013 385808 | (BstHdLogRotatorSvc) . (.BlueStack Systems, Inc..) - C:\Program Files\BlueStacks\HD-LogRotatorService.exe
SR - | Auto 24.10.2012 360624 | (scpVista) . (.Banco Bradesco S.A..) - C:\Program Files\Scpad\scpVista.exe
SR - | Auto 17.12.2013 5341536 | (TeamViewer9) . (.TeamViewer GmbH.) - C:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe
SR - | Auto 13.7.2009 20992 | C:\Program Files\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SR - | Auto 13.7.2009 20992 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
~ Services: Scanned in 00mn 14s
---\\ Scâner Aditional (088)
Database Version : 13030 - (25.1.2014)
Clés trouvées (Keys found) : 3
Valeurs trouvées (Values found) : 3
Dossiers trouvés (Folders found) : 6
Fichiers trouvés (Files found) : 9
[HKLM\Software\Google\Chrome\Extensions\pflphaooapbgpeakohlggbpidpppgdff] =>Adware.MyWebSearch^
[HKLM\SYSTEM\CurrentControlSet\Services\Update Bizzybolt] =>PUP.Bizzybolt^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Baidu Antivirus] =>Adware.BDSearch
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]:mobilegeni daemon =>PUP.Mobogenie^
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]:NextLive =>PUP.NextLive^
C:\Users\Weliton\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff =>Adware.MyWebSearch^
C:\Program Files\Baidu Security =>Adware.BDSearch^
C:\ProgramData\Baidu Security =>Adware.BDSearch^
C:\ProgramData\InstallMate =>PUP.Tarma^
C:\Users\Weliton\AppData\Roaming\Baidu Security =>Adware.BDSearch^
C:\Users\Weliton\AppData\Roaming\newnext.me =>PUP.NextLive^
[HKCU\Software\Baidu Security] =>Adware.BDSearch^
[HKCU\Software\Baidu] =>Adware.BDSearch^
[HKCU\Software\BonanzaDeals] =>Adware.BonanzaDeals^
[HKCU\Software\Iminent Browser] =>Adware.IMBooster^
[HKLM\Software\Baidu Security] =>Adware.BDSearch^
[HKLM\Software\Baidu_Drp_pos] =>Adware.BDSearch^
[HKLM\Software\BonanzaDeals] =>Adware.BonanzaDeals^
[HKLM\Software\baidu] =>Adware.BDSearch^
C:\ProgramData\FileSplitUpLoad.dll =>Adware.BDSearch^
~ Additionnel Scan: 234880 Items scanned in 00mn 53s
---\\ Sumário das deteções encontradas na sua estação
~ [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>Adware.MyWebSearch
~ [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>PUP.VuuPC
~ [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>PUP.Mobogenie
~ [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>PUP.NextLive
~ [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>PUP.Bizzybolt
~ [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>Adware.MegaSearch
~ [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>Adware.BDSearch
~ [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>Adware.BonanzaDeals
~ [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>Adware.IMBooster
~ [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>PUP.Tarma
~ MSI: 10 link(s) detected in 00mn 53s
~ 974 Legitimates filtered by white list
End of the scan (588 lines in 06mn 55s)(0)
Rodovalho- Iniciante
- Mensagens : 7
Reputação : 0
Data de inscrição : 31/12/2013
Idade : 55
Re: (RESOLVIDO) Navegadores lentos
Há programas desnecessários iniciando junto com o Windows, o que torna o seu PC mais lento. Para corrigir isto, siga as dicas deste tutorial:
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
De preferência deixe apenas os programas de segurança (anti-vírus/anti-spywares/firewall) iniciarem junto com o Windows.
Use também o programa Ccleaner, indicado neste tutorial acima, para fazer uma limpeza e otimização do PC agora e de tempos em tempos.
______________________________________________________________________________________________________________
Acesse o site [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] e envie estes arquivos abaixo para serem analisados lá (um de cada vez) e à medida em que o escaneamento de cada um deles terminar copie o link que aparecerá na barra de endereços do seu navegador e informe aqui em seu tópico estes links com os resultados:
C:\Program Files\MCsoft\Domestic\Domestic.exe
C:\Sulsoftware\WinCTI\WinCTI.exe
C:\Users\Weliton\Desktop\runserver.bat
_______________________________________________________________________________________
Há muitas extensões instaladas em seus navegadores, isto pode deixar eles mais lentos. Seria bom deixar neles só as que você use mais e remover as que não esteja usando.
_________________________________________________________________________________________
Baixe o arquivo script1que está anexado nesta minha resposta > Abra o arquivo e copie todo o texto em vermelho que está nele.
Vá no menu: Iniciar > Todos os programas > ZHP > Abra o Zhpfix > Clique em Importação > Clique no botão GO > Clique em Oui > Caso queira que os arquivos da lixeira sejam excluídos clique em Oui novamente > Um relatório aparecerá no bloco de notas.
Copie este relatório e poste em sua próxima resposta juntamente com os links dos arquivos analisados no site Virus Total e nos diga como está seu PC após estes procedimentos.
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
De preferência deixe apenas os programas de segurança (anti-vírus/anti-spywares/firewall) iniciarem junto com o Windows.
Use também o programa Ccleaner, indicado neste tutorial acima, para fazer uma limpeza e otimização do PC agora e de tempos em tempos.
______________________________________________________________________________________________________________
Acesse o site [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] e envie estes arquivos abaixo para serem analisados lá (um de cada vez) e à medida em que o escaneamento de cada um deles terminar copie o link que aparecerá na barra de endereços do seu navegador e informe aqui em seu tópico estes links com os resultados:
C:\Program Files\MCsoft\Domestic\Domestic.exe
C:\Sulsoftware\WinCTI\WinCTI.exe
C:\Users\Weliton\Desktop\runserver.bat
_______________________________________________________________________________________
Há muitas extensões instaladas em seus navegadores, isto pode deixar eles mais lentos. Seria bom deixar neles só as que você use mais e remover as que não esteja usando.
_________________________________________________________________________________________
Baixe o arquivo script1que está anexado nesta minha resposta > Abra o arquivo e copie todo o texto em vermelho que está nele.
Vá no menu: Iniciar > Todos os programas > ZHP > Abra o Zhpfix > Clique em Importação > Clique no botão GO > Clique em Oui > Caso queira que os arquivos da lixeira sejam excluídos clique em Oui novamente > Um relatório aparecerá no bloco de notas.
Copie este relatório e poste em sua próxima resposta juntamente com os links dos arquivos analisados no site Virus Total e nos diga como está seu PC após estes procedimentos.
Power Max- Colaborador
- Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009
Re: (RESOLVIDO) Navegadores lentos
Domestic: [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Runserver: [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Sulsoft: [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Script:
Rapport de ZHPFix 2014.1.17.2 par Nicolas Coolman, Update du 17/01/2014
Fichier d'export Registre :
Run by Weliton at 7.2.2014 13:19:31
High Elevated Privileges : OK
Windows 7 Ultimate Edition, 32-bit Service Pack 1 (Build 7601)
Reciclagem vazia (00mn 35s)
========== Modulos memória ==========
ELIMINÉ: Memory Module: C:\ProgramData\FileSplitUpLoad.dll
========== Chaves do Registo ==========
ELIMINÉ: Mozilla Plugin: Web Components
ELIMINÉ: Service: Update Bizzybolt
ELIMINÉ Driver Key: Bfilter
ELIMINÉ Driver Key: Bfmon
ELIMINÉ Driver Key: Bprotect
ELIMINÉ: HKCU\Software\Baidu Security
ELIMINÉ: HKCU\Software\Baidu
ELIMINÉ: HKCU\Software\BonanzaDeals
ELIMINÉ: HKCU\Software\Iminent Browser
ELIMINÉ: HKLM\Software\Baidu Security
ELIMINÉ: HKLM\Software\Baidu_Drp_pos
ELIMINÉ: HKLM\Software\BonanzaDeals
ELIMINÉ: HKLM\Software\baidu
ELIMINÉ: HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Baidu Antivirus
========== Valores do Registo ==========
ELIMINÉ RunValue: mobilegeni daemon
ELIMINÉ RunValue: NextLive
ProxyFix : Configuração proxy removida com sucesso
ELIMINÉ ProxyServer Value
ELIMINÉ ProxyEnable Value
ELIMINÉ EnableHttp1_1 Value
ELIMINÉ ProxyHttp1.1 Value
ELIMINÉ ProxyOverride Value
========== Elementos dos dados do Registo ==========
ELIMINÉ: R0 - Main,Start Page = KCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page
========== Pastas ==========
Nenhuma pasta CLSID local utilizador vazia
ELIMINÉ Flash Cookies (0)
========== Ficheiros ==========
ELIMINÉ: c:\users\weliton\appdata\local\google\chrome\user data\default\preferences
ELIMINÉ: c:\users\weliton\appdata\roaming\microsoft\windows\start menu\programs\startup\androidpcremote.lnk
ELIMINA REINICIAR: c:\users\weliton\appdata\roaming\newnext.me\nengine.dll
ELIMINÉ Temporários windows (95) (106.681.366 octets)
ELIMINÉ Flash Cookies (0) (0 octets)
========== Tarefa planificada ==========
ELIMINÉ: SomotoUpdateCheckerAutoStart
ELIMINÉ: {389A7561-097D-42D4-870C-5081EDDF0A6E}
========== Restauração Sistema ==========
Ponto de restauro do sistema criado com sucesso
========== Recapitulativo ==========
1 : Modulos memória
14 : Chaves do Registo
8 : Valores do Registo
1 : Elementos dos dados do Registo
2 : Pastas
5 : Ficheiros
2 : Tarefa planificada
1 : Restauração Sistema
End of clean in 01mn 23s
========== Caminho do ficheiro do relatório ==========
C:\Users\Weliton\AppData\Roaming\ZHP\ZHPFix[R1].txt - 7.2.2014 13:20:07 [2431]
Runserver: [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Sulsoft: [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Script:
Rapport de ZHPFix 2014.1.17.2 par Nicolas Coolman, Update du 17/01/2014
Fichier d'export Registre :
Run by Weliton at 7.2.2014 13:19:31
High Elevated Privileges : OK
Windows 7 Ultimate Edition, 32-bit Service Pack 1 (Build 7601)
Reciclagem vazia (00mn 35s)
========== Modulos memória ==========
ELIMINÉ: Memory Module: C:\ProgramData\FileSplitUpLoad.dll
========== Chaves do Registo ==========
ELIMINÉ: Mozilla Plugin: Web Components
ELIMINÉ: Service: Update Bizzybolt
ELIMINÉ Driver Key: Bfilter
ELIMINÉ Driver Key: Bfmon
ELIMINÉ Driver Key: Bprotect
ELIMINÉ: HKCU\Software\Baidu Security
ELIMINÉ: HKCU\Software\Baidu
ELIMINÉ: HKCU\Software\BonanzaDeals
ELIMINÉ: HKCU\Software\Iminent Browser
ELIMINÉ: HKLM\Software\Baidu Security
ELIMINÉ: HKLM\Software\Baidu_Drp_pos
ELIMINÉ: HKLM\Software\BonanzaDeals
ELIMINÉ: HKLM\Software\baidu
ELIMINÉ: HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Baidu Antivirus
========== Valores do Registo ==========
ELIMINÉ RunValue: mobilegeni daemon
ELIMINÉ RunValue: NextLive
ProxyFix : Configuração proxy removida com sucesso
ELIMINÉ ProxyServer Value
ELIMINÉ ProxyEnable Value
ELIMINÉ EnableHttp1_1 Value
ELIMINÉ ProxyHttp1.1 Value
ELIMINÉ ProxyOverride Value
========== Elementos dos dados do Registo ==========
ELIMINÉ: R0 - Main,Start Page = KCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page
========== Pastas ==========
Nenhuma pasta CLSID local utilizador vazia
ELIMINÉ Flash Cookies (0)
========== Ficheiros ==========
ELIMINÉ: c:\users\weliton\appdata\local\google\chrome\user data\default\preferences
ELIMINÉ: c:\users\weliton\appdata\roaming\microsoft\windows\start menu\programs\startup\androidpcremote.lnk
ELIMINA REINICIAR: c:\users\weliton\appdata\roaming\newnext.me\nengine.dll
ELIMINÉ Temporários windows (95) (106.681.366 octets)
ELIMINÉ Flash Cookies (0) (0 octets)
========== Tarefa planificada ==========
ELIMINÉ: SomotoUpdateCheckerAutoStart
ELIMINÉ: {389A7561-097D-42D4-870C-5081EDDF0A6E}
========== Restauração Sistema ==========
Ponto de restauro do sistema criado com sucesso
========== Recapitulativo ==========
1 : Modulos memória
14 : Chaves do Registo
8 : Valores do Registo
1 : Elementos dos dados do Registo
2 : Pastas
5 : Ficheiros
2 : Tarefa planificada
1 : Restauração Sistema
End of clean in 01mn 23s
========== Caminho do ficheiro do relatório ==========
C:\Users\Weliton\AppData\Roaming\ZHP\ZHPFix[R1].txt - 7.2.2014 13:20:07 [2431]
Rodovalho- Iniciante
- Mensagens : 7
Reputação : 0
Data de inscrição : 31/12/2013
Idade : 55
Re: (RESOLVIDO) Navegadores lentos
Como está o PC após estas limpezas?
Power Max- Colaborador
- Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009
(RESOLVIDO) Navegadores lentos
Sobre os navegadores, o principal que eu uso é o chrome, está excelente, o que realmente era?
Rodovalho- Iniciante
- Mensagens : 7
Reputação : 0
Data de inscrição : 31/12/2013
Idade : 55
Re: (RESOLVIDO) Navegadores lentos
Tinha alguns programas desnecessários iniciando com o Windows, alguns adwares e extensões em excesso no navegador.
Power Max- Colaborador
- Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009
Re: (RESOLVIDO) Navegadores lentos
Fico feliz que o problema tenha sido resolvido.
Só para finalizar faça estes últimos procedimentos, por gentileza:
Instale o [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] (caso já tenha ele, não precisa instalar de novo).
Abra o Ccleaner > clique no botão Limpeza > clique na opção Executar Limpeza. Isto é demonstrado na imagem abaixo:
Confirme a operação acima clicando no botão OK. Aguarde a conclusão do procedimento.
Depois disto, clique no botão botão Registro > Procurar Erros > Corrigir erro(s) selecionado(s) > neste momento você poderá optar por fazer uma cópia das alterações que serão feitas no registro (por motivos de segurança), escolha a opção que desejar (sim ou não) > e confirme a limpeza clicando no botão Corrigir todos os erros selecionados > clique no botão Fechar (ou OK):
Depois disto siga também as dicas deste tutorial abaixo:
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
_______________________________________________________________________________________________________________________
Para remover os programas usados na limpeza deste PC e criar um novo ponto de restauração seguro e sem problemas, baixe o [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] (...de Xplode) e salve no Desktop (Área de Trabalho)
*Depois disto é só executá-lo, deixar selecionadas as opções Remove disinfection tools e Purge system restore
[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
*Clique em [Run]
Depois de executar o Delfix conforme descrito acima, é só deletar o DelFix e o arquivo C:\DelFix.txt
_______________________________________________________________________________________________________________________
Foi um prazer ajudar. Conte sempre conosco!
Só para finalizar faça estes últimos procedimentos, por gentileza:
Instale o [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] (caso já tenha ele, não precisa instalar de novo).
Abra o Ccleaner > clique no botão Limpeza > clique na opção Executar Limpeza. Isto é demonstrado na imagem abaixo:
[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
Confirme a operação acima clicando no botão OK. Aguarde a conclusão do procedimento.
Depois disto, clique no botão botão Registro > Procurar Erros > Corrigir erro(s) selecionado(s) > neste momento você poderá optar por fazer uma cópia das alterações que serão feitas no registro (por motivos de segurança), escolha a opção que desejar (sim ou não) > e confirme a limpeza clicando no botão Corrigir todos os erros selecionados > clique no botão Fechar (ou OK):
[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
__________________________________________________________________________________________________________________Depois disto siga também as dicas deste tutorial abaixo:
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
_______________________________________________________________________________________________________________________
Para remover os programas usados na limpeza deste PC e criar um novo ponto de restauração seguro e sem problemas, baixe o [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] (...de Xplode) e salve no Desktop (Área de Trabalho)
*Depois disto é só executá-lo, deixar selecionadas as opções Remove disinfection tools e Purge system restore
[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
*Clique em [Run]
Depois de executar o Delfix conforme descrito acima, é só deletar o DelFix e o arquivo C:\DelFix.txt
_______________________________________________________________________________________________________________________
Foi um prazer ajudar. Conte sempre conosco!
Power Max- Colaborador
- Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009
Re: (RESOLVIDO) Navegadores lentos
CASO RESOLVIDO
Caso o autor do tópico necessite, o mesmo será reaberto, para isso deverá entrar em contato com um dos membros da [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] solicitando o desbloqueio.
Caso o autor do tópico necessite, o mesmo será reaberto, para isso deverá entrar em contato com um dos membros da [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] solicitando o desbloqueio.
Power Max- Colaborador
- Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009
Tópicos semelhantes
» navegadores lentos
» Navegadores alterados
» Não abre orkut e ocorre redirecionamento.
» Computador e navegadores infectados com CE_UMBRELLACERT
» videos travando, navegadores travando
» Navegadores alterados
» Não abre orkut e ocorre redirecionamento.
» Computador e navegadores infectados com CE_UMBRELLACERT
» videos travando, navegadores travando
Página 1 de 1
Permissões neste sub-fórum
Não podes responder a tópicos
|
|