Não consigo atualizar nenhum antivírus...

por Apsantos Qui 22 maio 2014, 14:30

O acesso a internet e o windows update estão funcionando normalmente, mas a atualização do antivírus não...instalei alguns antivírus e nenhum realizou a atualização.
Ja passei o Stinger, TDSSKiller e o Symantec, este ultimo informou para baixar o Patch MS08-067 mas não consegui.

Por favor me ajudem!!!

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 14:03:32, on 22/05/2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17041)
Boot mode: Normal

Running processes:
C:\Windows\jmesoft\hotkey.exe
C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc.exe
C:\Program Files (x86)\AdTrustMedia\PrivDog\1.8.0.15\trustedadssvc.exe
C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe
C:\Users\AP\Desktop\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: G-Buster Browser Defense Itaú Unibanco - {C41A1C0E-EA6C-11D4-B1B8-444553540008} - C:\Program Files (x86)\GbPlugin\gbiehUni.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O2 - BHO: PrivDogExtension - {FB16E5C3-A9E2-47A2-8EFC-319E775E62CC} - C:\Program Files (x86)\AdTrustMedia\PrivDog\1.8.0.15\trustedads.dll
O4 - HKLM\..\Run: [jmekey] C:\Windows\jmesoft\hotkey.exe
O4 - HKLM\..\Run: [jmesoft] C:\Windows\jmesoft\ServiceLoader.exe
O4 - HKLM\..\Run: [CLMLServer] "C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc.exe"
O4 - HKLM\..\Run: [PrivDogService] "C:\Program Files (x86)\AdTrustMedia\PrivDog\1.8.0.15\trustedadssvc.exe"
O4 - HKLM\..\Run: [tvncontrol] "C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe" -controlservice -slave
O4 - HKLM\..\RunOnce: [GrpConv] grpconv -o
O4 - HKCU\..\Run: [SGBNGERL2LAW] C:\Users\AP\AppData\Roaming\X4HYM9G0.exe
O4 - Startup: lnk_disabled
O4 - Global Startup: lnk_disabled
O4 - Global Startup: Start GeekBuddy.lnk = C:\Program Files\COMODO\GeekBuddy\launcher.exe
O8 - Extra context menu item: E&xportar para o Microsoft Excel - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: PrivDog - {2F5C139F-79BD-4C84-A95A-E7140525BC55} - C:\Program Files (x86)\AdTrustMedia\PrivDog\1.8.0.15\trustedads.dll
O9 - Extra button: Pesquisar - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~3\OFFICE11\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: bankline.itau.com.br
O15 - Trusted Zone: clickbanking.itau.com.br
O15 - Trusted Zone: guardiao.itau.com.br
O15 - Trusted Zone: [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O15 - Trusted Zone: *.itau.com.br
O17 - HKLM\System\CCS\Services\Tcpip\..\{BBB275CE-C972-4066-BAD9-135894EA5586}: NameServer = 8.26.56.26 156.154.70.22
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O20 - Winlogon Notify: GbPluginUni - C:\Program Files (x86)\GbPlugin\gbiehUni.dll
O23 - Service: Emsisoft Anti-Malware 6.5 - Service (a2AntiMalware) - Emsisoft GmbH - C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: COMODO LPS Launcher (CLPSLauncher) - Comodo Security Solutions, Inc. - C:\Program Files (x86)\Common Files\COMODO\launcher_service.exe
O23 - Service: COMODO Internet Security Helper Service (CmdAgent) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
O23 - Service: COMODO Virtual Service Manager (cmdvirth) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: COMODO Dragon Update Service (DragonUpdater) - Unknown owner - C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Gbp Service (GbpSv) - GAS Tecnologia - C:\PROGRA~2\GbPlugin\GbpSv.exe
O23 - Service: GeekBuddyRSP Server (GeekBuddyRSP) - Comodo Security Solutions, Inc. - C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe
O23 - Service: Intel(R) Integrated Clock Controller Service - Intel(R) ICCS (ICCS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: JME Keyboard Driver (JME Keyboard) - Unknown owner - C:\Windows\jmesoft\Service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Bitdefender 60-Second Virus Scanner Service (pdserv) - Bitdefender - C:\Program Files\Bitdefender\60-Second Virus Scanner\pdscan.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: Wise Boot Assistant (WiseBootAssistant) - Unknown owner - C:\Users\AP\Desktop\Portable\Wise Care 365\BootTime.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)

--
End of file - 9521 bytes

por **Power Max** Qui 22 maio 2014, 14:57

ANTIVIRUS - Não consigo atualizar nenhum antivírus... 648673379

Olá Apsantos.

Baixe o programa Adwcleaner clicando no link abaixo e depois clique no botão Download Now @BleepingComputer:
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

Para executar corretamente o AdwCleaner é só seguir as dicas deste tutorial:

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

* Na sua próxima resposta poste o log (relatório) do Adwcleaner que estará em C:\AdwCleaner\AdwCleaner[S0].txt

Ficamos na espera.

por Apsantos Qui 22 maio 2014, 15:06

Ja tinha utilizado ele outra vez

# AdwCleaner v3.210 - Relatório criado 22/05/2014 às 14:59:33
# Atualizado 19/05/2014 por Xplode
# Sistema Operacional : Windows 7 Home Basic Service Pack 1 (64 bits)
# Usuário : AP - AP-PC
# Executando de : C:\Users\AP\Desktop\AdwCleaner.exe
# Opção : Examinar

***** [ Serviços ] *****

***** [ Arquivos / Pastas ] *****

***** [ Atalhos ] *****

***** [ Registro ] *****

***** [ Navegadores ] *****

-\\ Internet Explorer v11.0.9600.17041

-\\ Mozilla Firefox v29.0.1 (pt-BR)

[ Arquivo : C:\Users\AP\APpData\Roaming\Mozilla\Firefox\Profiles\h0c8u7qe.default\prefs.js ]

*************************

AdwCleaner[R0].txt - [5931 octets] - [18/05/2014 00:50:22]
AdwCleaner[R1].txt - [1059 octets] - [21/05/2014 23:56:11]
AdwCleaner[R2].txt - [759 octets] - [22/05/2014 14:59:33]
AdwCleaner[S0].txt - [5369 octets] - [18/05/2014 00:51:49]
AdwCleaner[S1].txt - [1116 octets] - [21/05/2014 23:57:07]

########## EOF - C:\AdwCleaner\AdwCleaner[R2].txt - [938 octets] ##########

por **Power Max** Qui 22 maio 2014, 15:10

Desative temporariamente seu antivírus para evitar conflitos.

* Acesse este link abaixo e clique no primeiro botão da esquerda que é o botão Download Zoek.exe:
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

ANTIVIRUS - Não consigo atualizar nenhum antivírus... 772309

ANTIVIRUS - Não consigo atualizar nenhum antivírus... 772309

Para executá-lo corretamente siga as dicas deste tutorial:

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

* Assim que ele concluir a limpeza dos problemas acesse o log (relatório) do Zoek que estará em C:\zoek-results.txt e copie todo seu conteúdo e poste em sua próxima resposta.

por Apsantos Qui 22 maio 2014, 19:23

Zoek.exe v5.0.0.0 Updated 22-05-2014
Tool run by AP on 22/05/2014 at 16:41:57,02.
Microsoft Windows 7 Home Basic 6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\AP\Desktop\zoek.exe [Scan all users] [Script inserted]

==== Older Logs ======================

C:\zoek-results2014-05-22-193218.log 3418 bytes

==== System Restore Info ======================

22/05/2014 16:44:14 Zoek.exe System Restore Point Created Succesfully.

==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

# localhost name resolution is handle within DNS itself.
127.0.0.1 localhost
::1 localhost

==== Deleting CLSID Registry Keys ======================

==== Deleting CLSID Registry Values ======================

==== Deleting Services ======================

==== FireFox Fix ======================

Deleted from C:\Users\AP\AppData\Roaming\Mozilla\Firefox\Profiles\h0c8u7qe.default\prefs.js:
user_pref("browser.startup.homepage", "http://www.google.com");
user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.newtab.url", "http://www.google.com/");
user_pref("browser.search.defaultengine", "Google");
user_pref("browser.search.defaultenginename", "Google");
user_pref("browser.search.selectedEngine", "Google");
user_pref("browser.search.order.1", "Google");
user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.search.suggest.enabled", true);
user_pref("browser.search.useDBForOrder", true);

Added to C:\Users\AP\AppData\Roaming\Mozilla\Firefox\Profiles\h0c8u7qe.default\prefs.js:
user_pref("browser.startup.homepage", "http://www.google.com");
user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.newtab.url", "http://www.google.com/");
user_pref("browser.search.defaultengine", "Google");
user_pref("browser.search.defaultenginename", "Google");
user_pref("browser.search.selectedEngine", "Google");
user_pref("browser.search.order.1", "Google");
user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.search.suggest.enabled", true);
user_pref("browser.search.useDBForOrder", true);

==== Firefox Extensions ======================

ProfilePath: C:\Users\AP\AppData\Roaming\Mozilla\Firefox\Profiles\h0c8u7qe.default
- Undetermined - C:\Program Files (x86)\IObit Apps Toolbar\FF
- PrivDog - %ProfilePath%\extensions\PrivDog@AdTrustMedia.com.xpi
- Adblock Plus - %ProfilePath%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi

AppDir: C:\Program Files (x86)\Mozilla Firefox
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

==== Firefox Plugins ======================

Profilepath: C:\Users\AP\AppData\Roaming\Mozilla\Firefox\Profiles\h0c8u7qe.default
A58DE0A570148AF5FF3512B2A340D09F - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll - Shockwave Flash
0E8B2D0D9E3415A91EF259CE1112C579 - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1210150.dll - Shockwave for Director / Shockwave for Director
F6D12679B9112358AC705A1308156F59 - C:\Users\AP\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll - Unity Player

==== Chrome Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
cmaiofennmphjldldcpphcechfnnohja - C:\Program Files (x86)\AdTrustMedia\PrivDog\PrivDog_chrome.crx[21/05/2014 23:07]

Comodo DragDrop Service - AP\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\aneodkojaglhnkkdbbdnmmmgimlcaogo
Comodo Web Inspector - AP\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\bdngekjahnmlkinegnhdmmbcfnmbclnn
PrivDog - AP\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cmaiofennmphjldldcpphcechfnnohja
AdBlock - AP\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom
Comodo Share Page Service - AP\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\mcmdgbiocnkpnaccjkailibfgepaccgf
Google Wallet - AP\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
SaveClicker - Convidado\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\hodjbcfhgjapegkiikmkfphemjhajeel

==== Chrome Fix ======================

C:\Users\Convidado\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\hodjbcfhgjapegkiikmkfphemjhajeel deleted successfully

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Search Bar"="http://www.oquefazernainternet.com/"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]
@="http://www.oquefazernainternet.com/q/%s"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search]
"SearchAssistant"="http://www.google.com"
"CustomizeSearch"="http://www.google.com"
"Default_Search_URL"="http://www.oquefazernainternet.com/"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Search]
"SearchAssistant"="http://www.google.com"
"CustomizeSearch"="http://www.google.com"
"Default_Search_URL"="http://www.oquefazernainternet.com/"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
No DefaultScope Set For HKCU

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]
"(Default)"="http://search.msn.com/results.asp?q=%s"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search]
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"CustomizeSearch"="http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm"
"SearchAssistant"="http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Search]
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"CustomizeSearch"="http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm"
"SearchAssistant"="http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{0191A6B0-1154-4C22-9182-23A95BBE92D9} Google Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&form=LENDF8&pc=MALN&src=IE-SearchBox"
{17E05768-96BE-40BA-9B6C-952A5C7BCEBA} Bing Url="http://www.bing.com/search?q={searchTerms}&form=IE8SRC&src=IE-SearchBox"
{20D07661-B885-4893-967E-93AE5A952531} Google Url="http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?}"
{67A2568C-7A0A-4EED-AECC-B5405DE63B64} Google Url="http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7LEND_pt-BRBR473BR473"
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}"
{D6C939E6-CC2D-4025-88CC-904CF475B929} DuckDuckGo Url="https://duckduckgo.com/?q={searchTerms}"

==== Reset Google Chrome ======================

C:\Users\AP\AppData\Local\Chromium\User Data\Default\Preferences was reset successfully
C:\Users\AP\AppData\Local\Comodo\Dragon\User Data\Default\Preferences was reset successfully
C:\Users\AP\AppData\Local\Chromium\User Data\Default\Web Data was reset successfully
C:\Users\AP\AppData\Local\Comodo\Dragon\User Data\Default\Web Data was reset successfully

==== shortcuts on Users Desktops ======================

C:\Users\AP\Desktop\1by1.lnk - C:\Program Files (x86)\1by1_181\1by1.exe
C:\Users\AP\Desktop\Any Uninstaller.lnk - C:\Program Files (x86)\Soft4Boost\Any Uninstaller\S4BAnyUninstaller.exe
C:\Users\AP\Desktop\MediaCoder x64.lnk - C:\Program Files\MediaCoder\MediaCoder.exe
C:\Users\AP\Desktop\PotPlayer x64.lnk - C:\Program Files\DAUM\PotPlayer\PotPlayerMini64.exe
C:\Users\AP\Desktop\Search Everything.lnk - C:\Program Files (x86)\Everything\Everything.exe
C:\Users\AP\Desktop\Soulseek.lnk - C:\Program Files (x86)\SoulseekNS\slsk.exe
C:\Users\AP\Desktop\TagScanner.lnk - C:\Program Files (x86)\TagScanner\Tagscan.exe
C:\Users\AP\Desktop\Toolwiz Care.lnk - C:\Program Files (x86)\ToolwizCareFree\ToolwizCares.exe
C:\Users\AP\Desktop\VirtualDJ Home FREE.lnk - C:\Program Files (x86)\VirtualDJ\virtualdj_home.exe
C:\Users\Default\Desktop\Lenovo Power2Go.lnk - C:\Program Files (x86)\Lenovo\Power2Go\Power2Go.exe
C:\Users\Default\Desktop\Lenovo Rescue System.lnk - C:\Program Files\Lenovo\OneKey App\Lenovo Rescue System\OneKey Recovery.exe
C:\Users\Default User\Desktop\Lenovo Power2Go.lnk - C:\Program Files (x86)\Lenovo\Power2Go\Power2Go.exe
C:\Users\Default User\Desktop\Lenovo Rescue System.lnk - C:\Program Files\Lenovo\OneKey App\Lenovo Rescue System\OneKey Recovery.exe
C:\Users\USURIO~1\Desktop\Lenovo Power2Go.lnk - C:\Program Files (x86)\Lenovo\Power2Go\Power2Go.exe
C:\Users\USURIO~1\Desktop\Lenovo Rescue System.lnk - C:\Program Files\Lenovo\OneKey App\Lenovo Rescue System\OneKey Recovery.exe

==== shortcuts on All Users Desktop ======================

C:\Users\Public\Desktop\BurnAware Free.lnk - C:\Program Files (x86)\BurnAware Free\BurnAware.exe
C:\Users\Public\Desktop\CCleaner.lnk - C:\Program Files\CCleaner\CCleaner64.exe
C:\Users\Public\Desktop\COMODO Antivirus.lnk - C:\Program Files (x86)\COMODO\COMODO Internet Security\cistray.exe --shortcut
C:\Users\Public\Desktop\Comodo Dragon.lnk - C:\Program Files (x86)\Comodo\Dragon\dragon.exe
C:\Users\Public\Desktop\DiskMax.lnk - C:\Program Files (x86)\KoshyJohn.com\DiskMax\DiskMax.exe
C:\Users\Public\Desktop\Driver Booster.lnk - C:\Program Files (x86)\IObit\Driver Booster\SkipUacExec.exe
C:\Users\Public\Desktop\Emsisoft Anti-Malware.lnk - C:\Program Files (x86)\Emsisoft Anti-Malware\a2start.exe
C:\Users\Public\Desktop\GeekBuddy.lnk - C:\Program Files (x86)\COMODO\GeekBuddy\launcher.exe "unit_manager.exe" "lps-ca"
C:\Users\Public\Desktop\HitmanPro.lnk - C:\Program Files (x86)\HitmanPro\HitmanPro.exe
C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
C:\Users\Public\Desktop\Mozilla Firefox.lnk - C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Users\Public\Desktop\Mp3tag.lnk - C:\Program Files (x86)\Mp3tag\Mp3tag.exe
C:\Users\Public\Desktop\MyDefrag.lnk - C:\Program Files\MyDefrag v4.3.1\MyDefrag.exe
C:\Users\Public\Desktop\Pivot Animator.lnk - C:\Program Files (x86)\Pivot Animator\pivot.exe
C:\Users\Public\Desktop\PrivaZer.lnk - C:\Program Files (x86)\PrivaZer\PrivaZer.exe
C:\Users\Public\Desktop\Winyl.lnk - C:\Program Files (x86)\Winyl\Winyl.exe
C:\Users\Public\Desktop\Wise PC 1stAid.lnk - C:\Program Files (x86)\Wise\Wise PC 1stAid\WisePCAid.exe
C:\Users\Public\Desktop\WolfQuest 2.5 Manual.lnk - C:\Program Files (x86)\WolfQuest\WolfQuest_SotP_Deluxe_Manual_v25.pdf
C:\Users\Public\Desktop\WolfQuest 2.5.lnk - C:\Program Files (x86)\WolfQuest\WolfQuest.exe

==== shortcuts in Users Start Menu ======================

C:\Users\AP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Users\AP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe -extoff
C:\Users\AP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MediaCoder x64\MediaCoder Agent.lnk - C:\Program Files\MediaCoder\mcagent.exe
C:\Users\AP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MediaCoder x64\MediaCoder Dropbox.lnk - C:\Program Files\MediaCoder\MediaCoder.exe -dropbox
C:\Users\AP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MediaCoder x64\MediaCoder x64 Web Site.lnk - C:\Program Files\MediaCoder\MediaCoder x64.url
C:\Users\AP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MediaCoder x64\MediaCoder x64.lnk - C:\Program Files\MediaCoder\MediaCoder.exe
C:\Users\AP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MediaCoder x64\Uninstall MediaCoder x64.lnk - C:\Program Files\MediaCoder\uninst.exe

==== shortcuts in All Users Start Menu ======================

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Remote Desktop Connection.lnk - C:\Windows\system32\mstsc.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bitdefender 60-Second Virus Scanner\60-Second Virus Scanner.lnk - C:\Program Files (x86)\Bitdefender\60-Second Virus Scanner\pdiface.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BurnAware Free\BurnAware Free.lnk - C:\Program Files (x86)\BurnAware Free\BurnAware.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BurnAware Free\Desinstalar BurnAware Free.lnk - C:\Program Files (x86)\BurnAware Free\unins000.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BurnAware Free\Help.lnk - C:\Program Files (x86)\BurnAware Free\burnaware.chm
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Comodo\COMODO Antivirus\Adicionar e Remover componentes.lnk - C:\Windows\system32\msiexec.exe /I{2736B6BD-31EC-4FC8-A48C-F0A5C914C0B6}
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Comodo\COMODO Antivirus\COMODO Antivirus.lnk - C:\Program Files (x86)\COMODO\COMODO Internet Security\cistray.exe --shortcut
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Comodo\Dragon\Comodo Dragon.lnk - C:\Program Files (x86)\Comodo\Dragon\dragon.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Comodo\Dragon\Uninstall Comodo Dragon.lnk - C:\Program Files (x86)\Comodo\Dragon\uninstall.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Comodo\GeekBuddy\GeekBuddy.lnk - C:\Program Files (x86)\COMODO\GeekBuddy\launcher.exe "unit_manager.exe" "lps-ca"
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HitmanPro\HitmanPro.lnk - C:\Program Files (x86)\HitmanPro\HitmanPro.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HitmanPro\Remover HitmanPro 3.7.lnk - C:\Program Files (x86)\HitmanPro\HitmanPro.exe /uninstall
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware\Desinstalar Malwarebytes Anti-Malware.lnk - C:\Program Files (x86)\Malwarebytes Anti-Malware\unins000.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware\Malwarebytes Anti-Malware.lnk - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware\Tools\Malwarebytes Anti-Malware Chameleon.lnk - C:\Program Files (x86)\Malwarebytes Anti-Malware\Chameleon\Windows\chameleon.chm
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MyDefrag v4.3.1\Forum.lnk - C:\Program Files\MyDefrag v4.3.1\Forum.url
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MyDefrag v4.3.1\Manual.lnk - C:\Program Files\MyDefrag v4.3.1\Manual.chm
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MyDefrag v4.3.1\MyDefrag.lnk - C:\Program Files\MyDefrag v4.3.1\MyDefrag.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MyDefrag v4.3.1\Uninstall.lnk - C:\Program Files\MyDefrag v4.3.1\unins000.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MyDefrag v4.3.1\Website.lnk - C:\Program Files\MyDefrag v4.3.1\Website.url
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pivot Animator\Pivot Animator.lnk - C:\Program Files (x86)\Pivot Animator\pivot.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pivot Animator\Uninstall Pivot.lnk - C:\Program Files (x86)\Pivot Animator\unins000.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Soft4Boost\FixComponents.lnk - C:\Program Files (x86)\Common Files\Soft4Boost\FixComponents.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Soft4Boost\Any Uninstaller\Any Uninstaller.lnk - C:\Program Files (x86)\Soft4Boost\Any Uninstaller\S4BAnyUninstaller.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Soft4Boost\Any Uninstaller\Help.lnk - C:\Program Files (x86)\Soft4Boost\Any Uninstaller\AnyUninstaller.chm
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Soft4Boost\Any Uninstaller\Uninstall.lnk - C:\Program Files (x86)\Soft4Boost\Any Uninstaller\unins000.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Soft4Boost\Any Uninstaller\User Guide.lnk - C:\Program Files (x86)\Soft4Boost\Any Uninstaller\AnyUninstaller.pdf
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Start GeekBuddy.lnk - C:\Program Files (x86)\COMODO\GeekBuddy\launcher.exe "unit_manager.exe"
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Winyl\Uninstall Winyl.lnk - C:\Program Files (x86)\Winyl\unins000.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Winyl\Winyl.lnk - C:\Program Files (x86)\Winyl\Winyl.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WolfQuest\Play WolfQuest.lnk - C:\Program Files (x86)\WolfQuest\WolfQuest.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WolfQuest\Uninstall WolfQuest.lnk - C:\Windows\SysWOW64\msiexec.exe /x {9E6AD6CF-1EFF-43E4-86C4-5C00254C3D8E}
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WolfQuest\WolfQuest Manual.lnk - C:\Program Files (x86)\WolfQuest\WolfQuest_SotP_Deluxe_Manual_v25.pdf

==== shortcuts in Quick Launch ======================

C:\Users\AP\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Emsisoft Anti-Malware.lnk - C:\Program Files (x86)\Emsisoft Anti-Malware\a2start.exe
C:\Users\AP\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files\Internet Explorer\iexplore.exe
C:\Users\AP\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\AP\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\AP\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk - C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Users\AP\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Explorer.lnk - C:\Windows\explorer.exe
C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\USURIO~1\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\USURIO~1\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -

==== Reset IE Proxy ======================

Value(s) before fix:
"ProxyEnable"=dword:00000000

Value(s) after fix:
"ProxyEnable"=dword:00000000

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Persistence deleted successfully

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\AP\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\AP\AppData\Local\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

==== Empty FireFox Cache ======================

No FireFox Cache found

==== Empty Chrome Cache ======================

C:\Users\AP\AppData\Local\Comodo\Dragon\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=52 folders=31 3416717 bytes)

==== Empty Temp Folders ======================

C:\Users\AP\AppData\Local\Temp will be emptied at reboot
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\AP\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== EOF on 22/05/2014 at 19:16:29,12 ======================

por **Power Max** Qui 22 maio 2014, 19:50

Baixe o programa Junkware Removal Tool no link abaixo:
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

Para executar corretamente o programa acima é só seguir as dicas deste tutorial:

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

* Na sua próxima resposta poste o log (relatório) do Junkware Removal Tool que estará salvo em sua área de trabalho com o nome de JRT.txt

Ficamos na espera.

por Apsantos Qui 22 maio 2014, 20:36

Fiz conforme o tutorial mas apareceu uma mensagem de erro do windows que não tinha permissão para gerar o log.
Faço novamente?

por **Power Max** Qui 22 maio 2014, 20:39

Execute ele como administrador.

Se mesmo assim não funcionar, inicie o PC em Modo Seguro com rede (apertando a tecla F8 (ou a tecla F5 em alguns computadores) repetidas vezes quando o computador estiver iniciando e escolhendo a opção Modo Seguro com rede. Quando estiver no modo seguro com rede tente executá-lo novamente e veja se é possível.

Se mesmo assim não for possível, me avise para buscarmos outra alternativa.

por Apsantos Qui 22 maio 2014, 21:31

Não consegui, o programa executa e pede para reiniciar o pc, depois de reiniciado aparece essa mensagem:

"C:\Users\AP\AppData\Local\Temp\OEgetPrivileges.vbs

O Windows não pode acessar o dispositivo, caminho ou arquivo especificado. Talvez você não tenha as permissões adequadas para acessar o item"

Esse problema com atualização de antivírus começou quando eu utilizei um programa chamado "Remo MORE".
Provavelmente ele fez alguma modificação no meu hosts, desinstalei o mesmo.

por **Power Max** Qui 22 maio 2014, 21:34

Faça o download do < [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] > < [Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]> ( ... de Nicolas Coolman )

Para instalá-lo e executá-lo corretamente siga as dicas deste artigo:

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

* Assim que ele concluir a sua verificação, copie todo o conteúdo do seu relatório ZHPDiag.txt e poste em sua próxima resposta.

por Apsantos Qui 22 maio 2014, 21:54

~ Relatório do ZHPDiag v2014.5.22.71 - Nicolas Coolman (22/05/2014)
~ Iniciado por AP (22/05/2014 21:47:22)
~ Endereço do Website : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
~ Tradução pelo utilizador
~ Estatuto da versão :
~ Lista Branca : Ativado pelo programa
~ Elevação dos Privilégios : OK
~ Controle de Conta de Utilizador : Activate by user

---\\ Navegadores Internet
MSIE: Internet Explorer v11.0.9600.17107
MFIE: Mozilla Firefox 29.0.1 (Defaut)

---\\ Informações sobre os produtos Windows
~ Langage: Portugais
Windows 7 Home Basic, 64-bit Service Pack 1 (Build 7601)
Windows Server License Manager Script : OK
Software Protection Service (Protection logicielle) : OK
Windows Automatic Updates : OK
Windows Activation Technologies : OK

---\\ Softwares de proteçao do sistema
Bitdefender 60-Second Virus Scanner v1.0.3.76
Emsisoft Anti-Malware
Malwarebytes Anti-Malware versão 2.0.2.1012
Windows Defender W7

---\\ Softwares d'optimização do sistema
CCleaner v4.13

---\\ Softwares de partilha do PeerToPeer (P2P)

---\\ Monitoramento dos softwares
Adobe Flash Player 13 Plugin
Java 7 Update 9
Java 7 Update 55

---\\ Informações sobre o sistema
~ Processor: Intel64 Family 6 Model 42 Stepping 7, GenuineIntel
~ Operating System: 64 Bits
Boot mode: Normal (Normal boot)
Total RAM: 1896 MB (48% free)
System Restore: Activé (Enable)
System drive C: has 319 GB (74%) free of 430 GB

---\\ Modo de conexão ao sistema
~ Computer Name: AP-PC
~ User Name: AP
~ All Users Names: Convidado, AP, Administrador,
~ Unselected Option: 045,061,O62,065,066,080,O82,089
Logged in as Administrator

---\\ As variáveis de ambiente
~ System Unit : C:\
~ %AppZHP% : C:\Users\AP\AppData\Roaming\ZHP\
~ %AppData% : C:\Users\AP\AppData\Roaming\
~ %Desktop% : C:\Users\AP\Desktop\
~ %Favorites% : C:\Users\AP\Favorites\
~ %LocalAppData% : C:\Users\AP\AppData\Local\
~ %StartMenu% : C:\Users\AP\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\

---\\ Enumeração das unidades dos discos
C: Hard drive, Flash drive, Thumb drive (Free 319 Go of 430 Go)
E: CD-ROM drive (Not Inserted)

---\\ Estado do Centro de Segurança do Windows
~ Security Center: 49 Legitimates Filtered in 00mn 00s

---\\ Pesquisa particular de ficheiros genéricos
[MD5.332FEAB1435662FC6C672E25BEB37BE3] - (.Microsoft Corporation - Windows Explorer.) (.05/11/2011 - 07:55:36.) -- C:\Windows\Explorer.exe [2871808]
[MD5.94355C28C1970635A31B3FE52EB7CEBA] - (.Microsoft Corporation - Aplicativo de Inicialização do Windows.) (.13/07/2009 - 22:39:52.) -- C:\Windows\System32\Wininit.exe [129024]
[MD5.F220BA78AB542C70211D73AE4729B2CD] - (.Microsoft Corporation - Internet Extensions para Win32.) (.06/03/2014 - 03:22:40.) -- C:\Windows\System32\wininet.dll [2260480]
[MD5.88AB9B72B4BF3963A0DE0820B4B0B06C] - (.Microsoft Corporation - Aplicativo de Logon do Windows.) (.04/03/2014 - 06:43:50.) -- C:\Windows\System32\Winlogon.exe [455168]
[MD5.067FA52BFB59A56110A12312EF9AF243] - (.Microsoft Corporation - Biblioteca de Licenciamento de Software.) (.21/11/2010 - 00:24:16.) -- C:\Windows\System32\sppcomapi.dll [232448]
[MD5.79059559E89D06E8B80CE2944BE20228] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.27/09/2013 - 22:09:10.) -- C:\Windows\system32\Drivers\AFD.sys [497152]
[MD5.02062C0B390B7729EDC9E69C680A6F3C] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.13/07/2009 - 22:52:21.) -- C:\Windows\system32\Drivers\atapi.sys [24128]
[MD5.B8BD2BB284668C84865658C77574381A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.13/07/2009 - 20:19:47.) -- C:\Windows\system32\Drivers\Cdfs.sys [92160]
[MD5.F036CE71586E93D94DAB220D7BDF4416] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.21/11/2010 - 00:23:47.) -- C:\Windows\system32\Drivers\Cdrom.sys [147456]
[MD5.9BB2EF44EAA163B29C4A4587887A0FE4] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.21/11/2010 - 00:24:32.) -- C:\Windows\system32\Drivers\DfsC.sys [102400]
[MD5.97BFED39B6B79EB12CDDBFEED51F56BB] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.21/11/2010 - 00:23:47.) -- C:\Windows\system32\Drivers\HDAudBus.sys [122368]
[MD5.FA55C73D4AFFA7EE23AC4BE53B4592D3] - (.Microsoft Corporation - i8042 Port Driver.) (.13/07/2009 - 20:19:57.) -- C:\Windows\system32\Drivers\i8042prt.sys [105472]
[MD5.AF9B39A7E7B6CAA203B3862582E9F2D0] - (.Microsoft Corporation - IP Network Address Translator.) (.13/07/2009 - 21:10:03.) -- C:\Windows\system32\Drivers\IpNat.sys [116224]
[MD5.A5D9106A73DC88564C825D317CAC68AC] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.05/11/2011 - 07:57:31.) -- C:\Windows\system32\Drivers\MRxSmb.sys [158208]
[MD5.09594D1089C523423B32A4229263F068] - (.Microsoft Corporation - MBT Transport driver.) (.21/11/2010 - 00:23:51.) -- C:\Windows\system32\Drivers\netBT.sys [261632]
[MD5.1A29A59A4C5BA6F8C85062A613B7E2B2] - (.Microsoft Corporation - NT File System Driver.) (.23/01/2014 - 23:37:55.) -- C:\Windows\system32\Drivers\ntfs.sys [1684928]
[MD5.0086431C29C35BE1DBC43F52CC273887] - (.Microsoft Corporation - Parallel Port Driver.) (.13/07/2009 - 21:00:41.) -- C:\Windows\system32\Drivers\Parport.sys [97280]
[MD5.471815800AE33E6F1C32FB1B97C490CA] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.21/11/2010 - 00:24:33.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [129536]
[MD5.548260A7B8654E024DC30BF8A7C5BAA4] - (.Microsoft Corporation - SMB Transport driver.) (.13/07/2009 - 21:09:09.) -- C:\Windows\system32\Drivers\smb.sys [93184]
[MD5.DDAD5A7AB24D8B65F8D724F5C20FD806] - (.Microsoft Corporation - TDI Translation Driver.) (.21/11/2010 - 00:24:32.) -- C:\Windows\system32\Drivers\tdx.sys [119296]
[MD5.0D08D2F3B3FF84E433346669B5E0F639] - (.Microsoft Corporation - Volume Shadow Copy Driver.) (.21/11/2010 - 00:23:47.) -- C:\Windows\system32\Drivers\volsnap.sys [295808]
~ Generic Processes: Scanned in 00mn 00s

---\\ Estatuto dos ficheiros ocultos (Oculto/Total)
~ Mes images (My Pictures) : 1/1340
~ Mes musiques (My Musics) : 1/9152
~ Mes Favoris (My Favorites) : 2/20
~ Mes Documents (My Documents) : 1/1127
~ Mon Bureau (My Desktop) : 3/327
~ Menu demarrer (Programs) : 1/45
~ Hidden Files: Scanned in 00mn 34s

---\\ Processos lançados
[MD5.7CF072E03D4F943B1FE20339B973EDBB] - (.Lenovo - TinianFn.) -- C:\Windows\jmesoft\hotkey.exe [118784] [PID.2024]
[MD5.0B427D9943C838620AFA30CBB24A6D77] - (.CyberLink - CyberLink MediaLibray Service.) -- C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc.exe [103720] [PID.2512]
[MD5.39B47A50DC3D5E898298468307765710] - (.Comodo Security Solutions, Inc. - GeekBuddy Remote Screen Protocol Server.) -- C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe [2327248] [PID.1760]
[MD5.9827006052EDEBA43D3BA0B34523AD62] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [7876608] [PID.4080]
[MD5.A20EECED6328A2AF43BF1F53B84F868D] - (.IObit - Driver Booster.) -- C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe [3775808] [PID.3348]
[MD5.133E9D8945F8ADAA60101902DB7467B3] - (.Emsisoft GmbH - Emsisoft Anti-Malware Service.) -- C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe [4163584] [PID.900]
[MD5.E450DA5CA7CA895198635F006ABA8419] - (.Comodo Security Solutions, Inc. - livePCsupport Component.) -- C:\Program Files (x86)\Common Files\COMODO\launcher_service.exe [70864] [PID.940]
[MD5.99738954CDFF4BBFEED59513195D5064] - (.GAS Tecnologia - G-Buster Browser Defense - Service.) -- C:\Program Files (x86)\GbPlugin\GbpSv.exe [449592] [PID.1016]
[MD5.49B2C034D77F9F73C80AC55E795CCB6E] - (...) -- C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe [2135232] [PID.1684]
[MD5.1DED0D0AA513E2A5862B20A520D3A1E1] - (...) -- C:\Windows\jmesoft\Service.exe [32768] [PID.900]
[MD5.D84AEA3F3329D622DFC1297DDDF6163B] - (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720] [PID.1844]
[MD5.9E100706E0DAF8C1966C91BE8BA8A5BE] - (.No owner - JME_LOAD Microsoft 基础类应用程序.) -- C:\Windows\jmesoft\JME_LOAD.exe [20480] [PID.2500]
[MD5.83FF82FE209E7997067B375DAD6CF23D] - (.Intel Corporation - Intel(R) Integrated Clock Controller Servic.) -- C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [169752] [PID.2728]
[MD5.926EBA26A8B49D1597751CED06B50862] - (.Intel Corporation - Local Manageability Service.) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [325656] [PID.3768]
~ Processes Running: Scanned in 00mn 00s

---\\ Internet Explorer, Arranque, Pesquisa, URLSearchHook( gancho de URL), Phishing (R0,R1,R3,R4)
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
~ IE Browser: 17 Legitimates Filtered in 00mn 00s

---\\ Internet Explorer, Gestão do Proxy (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s

---\\ Análise das linhas F0, F1, F2, F3 - Ficheiros ini, Carregamento Automático de programas
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys: Scanned in 00mn 00s

---\\ Redireção do ficheiro Hosts (01)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File: Scanned in 00mn 00s
~ Nombre de lignes (Lines number): 21

---\\ Browser Helper Objects do navegador (02)
O2 - BHO: G-Buster Browser Defense Itaú Unibanco [64Bits] - {C41A1C0E-EA6C-11D4-B1B8-444553540008} . (.Banco Itaú Unibanco - Gbieh Module.) -- C:\Program Files (x86)\GbPlugin\gbiehUni.dll
~ BHO: 5 Legitimates Filtered in 00mn 00s

---\\ Aplicações iniciadas por registo & pastas (04)
O4 - HKLM\..\Run: [RtHDVCpl] . (.Realtek Semiconductor - Gerenciador de áudio HD Realtek.) -- C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
O4 - HKLM\..\Run: [Lenovo EE Boot Optimizer] . (.Lenovo - Lenovo EE Boot Optimizer Software.) -- C:\Program Files (x86)\Lenovo\Boot Optimizer\PopWnd.exe
O4 - HKLM\..\Run: [RtHDVBg_LENOVO_MICPKEY] . (.Realtek Semiconductor - HD Audio Background Process.) -- C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
O4 - HKLM\..\Run: [IgfxTray] . (.Intel Corporation - igfxTray Module.) -- C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] . (.Intel Corporation - hkcmd Module.) -- C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] . (.Intel Corporation - persistence Module.) -- C:\Windows\system32\igfxpers.exe
O4 - HKCU\..\Run: [SGBNGERL2LAW] C:\Users\AP\AppData\Roaming\X4HYM9G0.exe (.not file.)
O4 - HKLM\..\Wow6432Node\Run: [jmekey] . (.Lenovo - TinianFn.) -- C:\Windows\jmesoft\hotkey.exe
O4 - HKLM\..\Wow6432Node\Run: [jmesoft] . (...) -- C:\Windows\jmesoft\ServiceLoader.exe
O4 - HKLM\..\Wow6432Node\Run: [CLMLServer] . (.CyberLink - CyberLink MediaLibray Service.) -- C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc.exe
O4 - HKLM\..\Wow6432Node\Run: [tvncontrol] . (.Comodo Security Solutions, Inc. - GeekBuddy Remote Screen Protocol Server.) -- C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets da Área de Trabalho do Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets da Área de Trabalho do Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-21-651244756-2065235722-1491846433-1000\..\Run: [SGBNGERL2LAW] C:\Users\AP\AppData\Roaming\X4HYM9G0.exe (.not file.)
~ Application: Scanned in 00mn 00s

---\\ Boutões da barra de ferramentas principal do Internet Explorer (09)
O9 - Extra button: PrivDog [64Bits] - {2F5C139F-79BD-4C84-A95A-E7140525BC55} . (.AdTrustMedia - PrivDog Extension.) -- C:\Program Files\AdTrustMedia\PrivDog\1.8.0.15\trustedads.dll
~ IE Extra Buttons: Scanned in 00mn 00s

---\\ Site na zona confiavél do Internet Explorer (05)
O15 - Trusted Zone: [HKCU\...\Domains] *.itau.com.br
O15 - Trusted Zone: [HKCU\...\Domains\www] *.itau.com.br
~ IE Zone Confiance: Scanned in 00mn 00s

---\\ Alteração Dominio/Clientes DNS (017)
O17 - HKLM\System\CCS\Services\Tcpip\..\{BBB275CE-C972-4066-BAD9-135894EA5586}: NameServer = 8.26.56.26 156.154.70.22
O17 - HKLM\System\CS1\Services\Tcpip\..\{BBB275CE-C972-4066-BAD9-135894EA5586}: NameServer = 8.26.56.26 156.154.70.22
~ Domain: Scanned in 00mn 00s

---\\ Protocolo adicional (018)
O18 - Handler: wlpg [64Bits] - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (...) --
O18 - Filter: text/xml [64Bits] - {807553E5-5146-11D5-A672-00B0D022E945} . (...) --
~ Protocole Additionnel: Scanned in 00mn 00s

---\\ Valor do Registo AppInit_DLLs e sub-chaves Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: igfxcui . (.Intel Corporation - igfxdev Module.) -- C:\Windows\System32\igfxdev.dll
~ Winlogon: Scanned in 00mn 00s

---\\ Lista dos serviços NT não Microsoft e não desativados (023)
O23 - Service: Gbp Service (GbpSv) . (.GAS Tecnologia - G-Buster Browser Defense - Service.) - C:\Program Files (x86)\GbPlugin\GbpSv.exe
O23 - Service: JME Keyboard Driver (JME Keyboard) . (...) - C:\Windows\jmesoft\Service.exe
O23 - Service: Wise Boot Assistant (WiseBootAssistant) . (...) - C:\Users\AP\Desktop\Portable\Wise Care 365\BootTime.exe (.not file.)
~ Services: 11 Legitimates Filtered in 00mn 02s

---\\ Listagem dos dados do BootExecute (Bex) (034)
O34 - HKLM BootExecute: (PDBoot.exe) - File not found
O34 - HKLM BootExecute: (bootdelete) - File not found
~ BEX: 3 Legitimates Filtered in 00mn 00s

---\\ Tarefas planificadas automaticamente (039)
[MD5.E79EC7DA6234192663BBB53129B93F50] [APT] [ToolwizCareFree] (.Toolwiz.) -- C:\Program Files (x86)\ToolwizCareFree\ToolwizCares.exe [5274328]
[MD5.00000000000000000000000000000000] [APT] [{22CDF1A9-D6C6-4D13-A71B-943EF364FC49}] (...) -- C:\Program Files (x86)\1by1\1by1.exe (.not file.) [0]
O39 - APT: - (..) -- C:\Windows\System32\Tasks\Adobe Flash Player Updater [902]
~ Scheduled Task: 12 Legitimates Filtered in 00mn 01s

---\\ Drivers lançados ao arranque do sistema (041)
O41 - Driver: (360Box64) . (.Qihu 360 Software Co., Ltd. - 360 Internet Security Proactive Defense.) - C:\Windows\System32\DRIVERS\360Box64.sys
O41 - Driver: (360fsflt) . (.Qihu 360 Software Co., Ltd. - 360 Internet Security Proactive Defense.) - C:\Windows\System32\DRIVERS\360FsFlt.sys
O41 - Driver: (BAPIDRV) . (.Qihu 360 Software Co., Ltd. - 360 Internet Security Cloud Security.) - C:\Windows\system32\Drivers\BAPIDRV64.sys
O41 - Driver: (Bfilter) . (. - .) - C:\Windows\system32\drivers\Bfilter.sys (.not file.)
O41 - Driver: (Bfmon) . (. - .) - C:\Windows\system32\drivers\Bfmon.sys (.not file.)
O41 - Driver: (Bnbase) . (. - .) - C:\Windows\System32\drivers\bnbasex64.sys (.not file.)
O41 - Driver: (Bndef) . (. - .) - C:\Windows\system32\drivers\bndef64.sys (.not file.)
O41 - Driver: (Bprotect) . (. - .) - C:\Windows\system32\drivers\Bprotect.sys (.not file.)
O41 - Driver: (BTOWSFF) . (.Toolwiz.com - Toolwiz File Engine.) - C:\Windows\system32\Drivers\BTOWSFF.sys
O41 - Driver: (HMD) . (...) - C:\Windows\System32\DRIVERS\hmd.sys
~ Drivers: 99 Legitimates Filtered in 00mn 00s

---\\ Software instalados (042)
O42 - Logiciel: Pivot Animator version 4.1.10 - (.Motus Software Ltd.) [HKLM][64Bits] -- Pivot Animator_is1
O42 - Logiciel: SoulSeek 157 NS 13e - (...) [HKLM][64Bits] -- Soulseek2 =>P2P.SoulSeek
O42 - Logiciel: Toolwiz Care - (.ToolWiz Care.) [HKLM][64Bits] -- ToolwizCareFree
O42 - Logiciel: Winyl 3.0.1 - (.Vinyl Software.) [HKLM][64Bits] -- {5BEA5008-5317-4526-92C9-9685E7AF5F5A}_is1
O42 - Logiciel: WolfQuest - (.eduweb.) [HKLM][64Bits] -- {9E6AD6CF-1EFF-43E4-86C4-5C00254C3D8E}
~ Logic: 10 Legitimates Filtered in 00mn 00s

---\\ HKCU & HKLM Software Keys
[HKCU\Software\360SD]
[HKCU\Software\360Safe]
[HKCU\Software\Baidu Security]
[HKCU\Software\MRT.Player]
[HKCU\Software\Mr QuestionMan]
[HKCU\Software\Soulseek2] =>P2P.SoulSeek
[HKCU\Software\XinYi Network]
[HKCU\Software\dx20120105]
[HKCU\Software\eduweb]
[HKCU\Software\mp3Trim]
[HKCU\Software\sting (USA.svc)]
[HKCU\Software\superdownloads.com.br]
[HKLM\Software\360Safe]
[HKLM\Software\Baidu Security]
[HKLM\Software\KoshyJohn.com]
[HKLM\Software\Wow6432Node\360SD]
[HKLM\Software\Wow6432Node\360Safe]
[HKLM\Software\Wow6432Node\AutoHelpDesk]
[HKLM\Software\Wow6432Node\Baidu Security]
[HKLM\Software\Wow6432Node\Winyl]
[HKLM\Software\Wow6432Node\XinYi Network]
~ Key Software: 316 Legitimates Filtered in 00mn 00s

---\\ Conteúdo das pastas Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 03/03/2014 - 21:15:25 - [] ----D C:\Program Files (x86)\1by1_181
O43 - CFD: 16/07/2012 - 08:27:36 - [] ----D C:\Program Files (x86)\Gizmo
O43 - CFD: 22/03/2012 - 19:23:22 - [] ----D C:\Program Files (x86)\Mr QuestionMan
O43 - CFD: 14/05/2014 - 20:32:15 - [] ----D C:\Program Files (x86)\Pivot Animator
O43 - CFD: 18/03/2012 - 23:12:15 - [] ----D C:\Program Files (x86)\SoulseekNS =>P2P.SoulSeek
O43 - CFD: 17/05/2014 - 19:11:28 - [] ----D C:\Program Files (x86)\Winyl
O43 - CFD: 28/04/2014 - 19:36:46 - [] ----D C:\Program Files (x86)\WolfQuest
O43 - CFD: 04/02/2014 - 10:37:32 - [0] ----D C:\ProgramData\360SD
O43 - CFD: 08/02/2013 - 22:39:37 - [] ----D C:\ProgramData\AntiTracks
O43 - CFD: 14/05/2014 - 20:33:13 - [] ----D C:\ProgramData\Pivot Animator
O43 - CFD: 21/05/2014 - 18:50:38 - [] ----D C:\ProgramData\Soulseek =>P2P.SoulSeek
O43 - CFD: 12/03/2014 - 19:19:09 - [] ----D C:\Users\AP\AppData\Roaming\ActiveX
O43 - CFD: 25/10/2012 - 23:14:55 - [0] ----D C:\Users\AP\AppData\Roaming\Fenrir Inc
O43 - CFD: 12/08/2013 - 23:02:14 - [] ----D C:\Users\AP\AppData\Roaming\KoshyJohn.com
O43 - CFD: 15/05/2014 - 23:50:12 - [] ----D C:\Users\AP\AppData\Roaming\Mediatronic
O43 - CFD: 12/01/2014 - 20:55:57 - [] ----D C:\Users\AP\AppData\Roaming\mgyun
O43 - CFD: 02/04/2014 - 17:53:22 - [] ----D C:\Users\AP\AppData\Roaming\ProductData
O43 - CFD: 22/04/2013 - 22:46:30 - [] ----D C:\Users\AP\AppData\Roaming\TFP
O43 - CFD: 18/01/2014 - 08:39:12 - [0] ----D C:\Users\AP\AppData\Roaming\WandoujiaUsbDriver
O43 - CFD: 17/05/2014 - 19:17:02 - [] ----D C:\Users\AP\AppData\Roaming\Winyl
O43 - CFD: 05/08/2013 - 23:33:44 - [] ----D C:\Users\AP\AppData\Roaming\Wise PC 1stAid
O43 - CFD: 14/04/2014 - 19:30:11 - [0] ----D C:\Users\AP\AppData\Roaming\WiseUpdate
O43 - CFD: 21/03/2012 - 20:47:13 - [] ----D C:\Users\AP\AppData\Local\LoRd_MuldeR
O43 - CFD: 12/03/2014 - 19:19:09 - [0] ----D C:\Users\AP\AppData\Local\MalwareScan
O43 - CFD: 07/05/2013 - 23:10:05 - [] ----D C:\Users\AP\AppData\Local\Max_HD
O43 - CFD: 12/03/2014 - 19:19:09 - [0] --H-D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\lnk_disabled
~ Program Folder: 214 Legitimates Filtered in 00mn 01s

---\\ Últimos ficheiros alterados ou criados no Windows e Sistema32 (044)
O44 - LFC:[MD5.AC0FC518EFF980D7AFB6A02ECB208679] - 08/05/2014 - 21:31:20 ---A- . (...) -- C:\Windows\System32\prfc0416.dat [147638]
O44 - LFC:[MD5.74A6AA1DCF3118BE1353C8FD9471C2B3] - 08/05/2014 - 21:31:20 ---A- . (...) -- C:\Windows\System32\prfh0416.dat [705798]
O44 - LFC:[MD5.B10C40FA613D461CFEF1FBBB04D5E47C] - 15/05/2014 - 09:16:03 ---A- . (...) -- C:\Windows\System32\.crusader [18248]
O44 - LFC:[MD5.30D44B87584D8AE0B16E09C4846A248D] - 15/05/2014 - 15:10:40 ---A- . (...) -- C:\EamClean.log [712]
O44 - LFC:[MD5.4EA5458FCA8518344686C543749365B1] - 18/05/2014 - 00:31:28 ---A- . (.ThreatTrack Security - gfiark64.sys.) -- C:\Windows\System32\Drivers\gfiark.sys [41032]
O44 - LFC:[MD5.8676604DDC439DDCAF6463DE114A80A9] - 22/05/2014 - 11:54:51 ---A- . (...) -- C:\TDSSKiller.3.0.0.34_22.05.2014_11.47.34_log.txt [198128]
O44 - LFC:[MD5.3F66EF45C3BEDD8BC7A11734D55407AE] - 22/05/2014 - 11:58:27 ---A- . (...) -- C:\TDSSKiller.3.0.0.34_22.05.2014_11.56.16_log.txt [195632]
O44 - LFC:[MD5.798267CDD7B6ECBA3889E20F11919159] - 22/05/2014 - 12:00:30 ---A- . (...) -- C:\TDSSKiller.3.0.0.34_22.05.2014_11.59.39_log.txt [196214]
O44 - LFC:[MD5.AC4B8187C59C038B60088F95526E4326] - 22/05/2014 - 16:32:18 ---A- . (...) -- C:\zoek-results2014-05-22-193218.log [3418]
O44 - LFC:[MD5.CC7AA7B42CF418FC3D926913490048F8] - 22/05/2014 - 16:41:37 ---A- . (...) -- C:\Windows\zoek-delete.exe [24064]
O44 - LFC:[MD5.20045C859DECD9309F248FA6F909634F] - 22/05/2014 - 19:16:29 ---A- . (...) -- C:\zoek-results.log [22230]
O44 - LFC:[MD5.B5AC485863FEDA484D5CD7C7B0569A6C] - 22/05/2014 - 20:51:49 ---A- . (...) -- C:\Windows\ntbtlog.txt [56932]
O44 - LFC:[MD5.F6CA364DEB7328A990AF46401E6EC3BA] - 22/05/2014 - 21:46:03 ---A- . (...) -- C:\Windows\System32\fastboot.set [178168]
~ Files: 83 Legitimates Filtered in 00mn 04s

---\\ Controlo do Modo de Segurança (CSB) (49)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\16593094.sys . (...) -- C:\Windows\System32\Drivers\16593094.sys (.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\CleanHlp.sys . (...) -- C:\Windows\System32\Drivers\CleanHlp.sys (.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\hitmanpro37.sys . (...) -- C:\Windows\System32\Drivers\hitmanpro37.sys (.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\16593094.sys . (...) -- C:\Windows\System32\Drivers\16593094.sys (.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\CleanHlp.sys . (...) -- C:\Windows\System32\Drivers\CleanHlp.sys (.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\hitmanpro37.sys . (...) -- C:\Windows\System32\Drivers\hitmanpro37.sys (.not file.)
~ CSB: 19 Legitimates Filtered in 00mn 00s

---\\ Enumeração das chaves do registo PoliciesSystem (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
~ MWPS: 18 Legitimates Filtered in 00mn 00s

---\\ Enumeração das chaves do registo PoliciesExplorer (MWPE) (O56)
O56 - MWPE:[HKCU\...\policies\Explorer] - "NoLowDiskSpaceChecks"=1
O56 - MWPE:[HKLM\...\policies\Explorer] - "LinkResolveIgnoreLinkInfo"=0
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoResolveSearch"=1
~ MWPE Keys: 7 Legitimates Filtered in 00mn 00s

---\\ Lista dos drivers do sistema (SDL) (O58)
O58 - SDL:27/11/2013 - 09:10:43 ---A- . (.Qihu 360 Software Co., Ltd. - 360 Internet Security Proactive Defense.) -- C:\Windows\System32\Drivers\360AntiHacker64.sys [97480]
O58 - SDL:27/03/2013 - 23:11:29 ---A- . (.Qihu 360 Software Co., Ltd. - 360 Internet Security 2013.) -- C:\Windows\System32\Drivers\360AvFlt.sys [67272]
O58 - SDL:29/11/2013 - 04:55:11 ---A- . (.Qihu 360 Software Co., Ltd. - 360 Internet Security Proactive Defense.) -- C:\Windows\System32\Drivers\360Box64.sys [305856]
O58 - SDL:08/12/2013 - 23:04:01 ---A- . (.Qihu 360 Software Co., Ltd. - 360 Internet Security Proactive Defense.) -- C:\Windows\System32\Drivers\360Camera64.sys [41152]
O58 - SDL:24/12/2013 - 06:27:57 ---A- . (.Qihu 360 Software Co., Ltd. - 360 Internet Security Proactive Defense.) -- C:\Windows\System32\Drivers\360FsFlt.sys [286912]
O58 - SDL:10/12/2013 - 00:49:34 ---A- . (.Qihu 360 Software Co., Ltd. - 360 Internet Security Cloud Security.) -- C:\Windows\System32\Drivers\BAPIDRV64.SYS [179904]
O58 - SDL:26/03/2014 - 00:32:49 ---A- . (.Toolwiz.com - Toolwiz File Engine.) -- C:\Windows\System32\Drivers\BTOWSFF.sys [33024]
O58 - SDL:26/03/2014 - 00:32:48 ---A- . (.Toolwiz.com - Toolwiz TimeFreeze.) -- C:\Windows\System32\Drivers\BTOWSVF.sys [52480]
O58 - SDL:07/05/2013 - 04:00:18 ---A- . (.Windows (R) Win 7 DDK provider - Safe Deletion Driver.) -- C:\Windows\System32\Drivers\CFRMD.sys [37976]
O58 - SDL:06/12/2013 - 09:03:14 ---A- . (.Qihu 360 Software Co., Ltd. - 360 Internet Security Efimon Driver.) -- C:\Windows\System32\Drivers\efimon.sys [22584]
O58 - SDL:13/07/2009 - 22:47:48 ---A- . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\System32\Drivers\elxstor.sys [530496]
O58 - SDL:23/05/2013 - 08:39:23 ---A- . (.ThreatTrack Security - gfiark64.sys.) -- C:\Windows\System32\Drivers\gfiark.sys [41032]
O58 - SDL:12/07/2012 - 22:22:39 ---A- . (.Arainia Solutions LLC - Gizmo Drive, kernel-mode device driver.) -- C:\Windows\System32\Drivers\gizmodrv.sys [34704]
O58 - SDL:10/06/2009 - 17:31:59 ---A- . (.Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for eHome.) -- C:\Windows\System32\Drivers\hcw85cir.sys [31232]
O58 - SDL:07/10/2013 - 02:17:38 ---A- . (...) -- C:\Windows\System32\Drivers\hmd.sys [14888]
O58 - SDL:26/03/2014 - 00:32:49 ---A- . (.Toolwiz.com - Toolwiz BSafe.) -- C:\Windows\System32\Drivers\KSafeDISK.sys [52992]
O58 - SDL:13/07/2009 - 22:45:55 ---A- . (.Promise Technology - Promise SuperTrak EX Series Driver for Windows.) -- C:\Windows\System32\Drivers\stexstor.sys [24656]
O58 - SDL:22/05/2014 - 00:59:57 ---A- . (...) -- C:\Windows\SysWOW64\drivers\fsbts.sys [26624]
O58 - SDL:22/05/2014 - 21:45:17 ---A- . (.GbPlugin NDIS Device Driver - GbPlugin NDIS Device Driver.) -- C:\Windows\SysWOW64\drivers\gbpndisrd.sys [31088]
~ Drivers: 82 Legitimates Filtered in 00mn 01s

---\\ Lista das ferramentas de remoção de vírus (LAT) (063)
O63 - Logiciel: ZHPDiag 2014 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =>.Nicolas Coolman
~ ADS: Scanned in 00mn 00s

---\\ Lista dos serviços Legacy du registo (064)
O64 - Services: CurCS - 29/11/2013 - C:\Windows\System32\DRIVERS\360Box64.sys (360Box64) .(.Qihu 360 Software Co., Ltd. - 360 Internet Security Proactive Defense.) - LEGACY_360BOX64
O64 - Services: CurCS - 24/12/2013 - C:\Windows\System32\DRIVERS\360FsFlt.sys (360fsflt) .(.Qihu 360 Software Co., Ltd. - 360 Internet Security Proactive Defense.) - LEGACY_360FSFLT
O64 - Services: CurCS - 10/12/2013 - C:\Windows\system32\Drivers\BAPIDRV64.sys (BAPIDRV) .(.Qihu 360 Software Co., Ltd. - 360 Internet Security Cloud Security.) - LEGACY_BAPIDRV
O64 - Services: CurCS - 05/11/2011 - C:\Windows\System32\drivers\BPntDrv.sys (BPntDrv) .(.Lenovo - BpntDrv.) - LEGACY_BPNTDRV
O64 - Services: CurCS - 26/03/2014 - C:\Windows\system32\Drivers\BTOWSFF.sys (BTOWSFF) .(.Toolwiz.com - Toolwiz File Engine.) - LEGACY_BTOWSFF
O64 - Services: CurCS - 12/07/2012 - C:\Windows\System32\Drivers\GizmoDrv.sys (GizmoDrv) .(.Arainia Solutions LLC - Gizmo Drive, kernel-mode device driver.) - LEGACY_GIZMODRV
O64 - Services: CurCS - 07/10/2013 - C:\Windows\System32\DRIVERS\hmd.sys (HMD) .(...) - LEGACY_HMD
O64 - Services: CurCS - 26/03/2014 - C:\Windows\System32\Drivers\KSafeDISK.sys (KSafeDISK) .(.Toolwiz.com - Toolwiz BSafe.) - LEGACY_KSAFEDISK
~ Legacy: 126 Legitimates Filtered in 00mn 00s

---\\ Menu de inicialização Internet (068)
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Comodo - Comodo Dragon.) -- C:\Program Files (x86)\Comodo\Dragon\dragon.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- c:\program files\internet explorer\iexplore.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Not Key.)
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Not Key.)
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (...) -- c:\program files (x86)\superbird\superbird.exe (.not file.)
O68 - StartMenuInternet: <>[HKLM\..\Shell\open\Command] (.Not Key.)
~ Keys: Scanned in 00mn 00s

---\\ Pesquisa de infeção nos navegadores da Internet (SBI) (069)
O69 - SBI: SearchScopes [HKCU] {0191A6B0-1154-4C22-9182-23A95BBE92D9} - (Google) - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (Bing) - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O69 - SBI: SearchScopes [HKCU] {17E05768-96BE-40BA-9B6C-952A5C7BCEBA} - (Bing) - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O69 - SBI: SearchScopes [HKCU] {20D07661-B885-4893-967E-93AE5A952531} - (Google) - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O69 - SBI: SearchScopes [HKCU] {67A2568C-7A0A-4EED-AECC-B5405DE63B64} - (Google) - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O69 - SBI: SearchScopes [HKCU] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} [DefaultScope] - (Google) - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O69 - SBI: SearchScopes [HKCU] {D6C939E6-CC2D-4025-88CC-904CF475B929} - (DuckDuckGo) - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O69 - SBI: SearchScopes [HKUS\.DEFAULT] {0191A6B0-1154-4C22-9182-23A95BBE92D9} - (Google) - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O69 - SBI: SearchScopes [HKUS\S-1-5-18] {0191A6B0-1154-4C22-9182-23A95BBE92D9} - (Google) - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
~ Keys: Scanned in 00mn 00s

---\\ Pesquisa adicional à raiz do sistema (radicular) (SPRF) (O84)
[MD5.38CB990A0B9CEE93E0ADC40D188D524E] [SPRF][17/05/2014] (...) -- C:\ProgramData\1400360009.bdinstall.bin [51825]
[MD5.45961EE698A9A0262692CCE556762EA7] [SPRF][17/05/2014] (...) -- C:\ProgramData\1400360224.bdinstall.bin [202986]
[MD5.6DBAFAEB7502CD06B7FB8F9419C54225] [SPRF][17/05/2014] (...) -- C:\ProgramData\1400361380.bdinstall.bin [32296]
[MD5.0B80048447F9C6B218452A3772503FC6] [SPRF][18/05/2014] (...) -- C:\ProgramData\1400382321.bdinstall.bin [37842]
[MD5.6AA3D08797AE5D8148FF94ECF3CF2D00] [SPRF][18/05/2014] (...) -- C:\ProgramData\1400382324.bdinstall.bin [97658]
[MD5.DB81C6BD76440265BC409FF90F037D31] [SPRF][22/05/2014] (...) -- C:\ProgramData\1400766204.bdinstall.bin [50805]
[MD5.70F851F7A524071E13F17DC401A21906] [SPRF][22/05/2014] (...) -- C:\Users\AP\Desktop\AdwCleaner.exe [1326389]
[MD5.71DDE75D01C0F6EB2E85D29B3E9B4D53] [SPRF][21/05/2014] (...) -- C:\Users\AP\Desktop\cwxjbyja.exe [149398168]
[MD5.7091B2EEEC02B800350D454099E41EDE] [SPRF][17/05/2014] (.Geek Uninstaller - Geek Unіnstaller.) -- C:\Users\AP\Desktop\geek.exe [6169608]
[MD5.36C9CE21A11AB4D46400869881A8CCCB] [SPRF][22/06/2009] (...) -- C:\Users\AP\Desktop\mp3Trim PRO.exe [267776]
[MD5.73C59736FB3538BCD9E7778AC6D0B17F] [SPRF][22/05/2014] (...) -- C:\Users\AP\Desktop\setup_11.0.1.1245.x01_2014_05_22_08_37.exe [137816584]
[MD5.352E8561E633B17ED22012366721FFDC] [SPRF][22/05/2014] (...) -- C:\Users\AP\Desktop\zoek.exe [1285120]
~ Files: 14 Legitimates Filtered in 00mn 18s

---\\ Search Tracing Registry Key (O100)
HKLM\SOFTWARE\Microsoft\Tracing\Disk Cleaner_RASAPI32 =>Rogue.DiskCleaner
HKLM\SOFTWARE\Microsoft\Tracing\Disk Cleaner_RASMANCS =>Rogue.DiskCleaner
HKLM\SOFTWARE\Microsoft\Tracing\SoftwareUpdater_RASAPI32 =>PUP.Eorezo
HKLM\SOFTWARE\Microsoft\Tracing\SoftwareUpdater_RASMANCS =>PUP.Eorezo
HKLM\SOFTWARE\Microsoft\Tracing\utorrent-3_RASAPI32 =>P2P.µTorrent
HKLM\SOFTWARE\Microsoft\Tracing\utorrent-3_RASMANCS =>P2P.µTorrent
HKLM\SOFTWARE\Microsoft\Tracing\uTorrent_RASAPI32 =>P2P.µTorrent
HKLM\SOFTWARE\Microsoft\Tracing\uTorrent_RASMANCS =>P2P.µTorrent
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\BetterInstaller_RASAPI32 =>Adware.MegaSearch
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\BetterInstaller_RASMANCS =>Adware.MegaSearch
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\GoogleToolbarInstaller_updater_signed_RASAPI32 =>Toolbar.Google
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\GoogleToolbarInstaller_updater_signed_RASMANCS =>Toolbar.Google
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\GoogleToolbarManager_F91D44FAA5479127_RASAPI32 =>Toolbar.Google
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\GoogleToolbarManager_F91D44FAA5479127_RASMANCS =>Toolbar.Google
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\GoogleToolbarNotifier_RASAPI32 =>Toolbar.Google
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\GoogleToolbarNotifier_RASDLG =>Toolbar.Google
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\GoogleToolbarNotifier_RASMANCS =>Toolbar.Google
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\tuto4pc_br_31_RASAPI32 =>PUP.AgenceExclusive
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\tuto4pc_br_31_RASMANCS =>PUP.AgenceExclusive
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\Tuto4PC_widget_RASAPI32 =>PUP.AgenceExclusive
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\Tuto4PC_widget_RASMANCS =>PUP.AgenceExclusive
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\updatewebget_RASAPI32 =>PUP.WebGet
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\updatewebget_RASMANCS =>PUP.WebGet
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\utilwebget_RASAPI32 =>PUP.WebGet
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\utilwebget_RASMANCS =>PUP.WebGet
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\utorrent-32-build-27568-baixaki-32-bits_RASAPI32 =>P2P.µTorrent
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\utorrent-32-build-27568-baixaki-32-bits_RASMANCS =>P2P.µTorrent
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\uTorrentPortable_3_RASAPI32 =>P2P.µTorrent
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\uTorrentPortable_3_RASMANCS =>P2P.µTorrent
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\WajamInternetEnhancer_RASAPI32 =>PUP.Wajam
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\WajamInternetEnhancer_RASMANCS =>PUP.Wajam
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\webget_RASAPI32 =>PUP.WebGet
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\webget_RASMANCS =>PUP.WebGet
~ BTK: 551 Legitimates Filtered in 00mn 00s

---\\ Search CLSID Registry Key (O101)
[HKCR\CLSID\{D72683FB-13B8-04EB-DA01-34991CD9E483}] (SaveClicker) =>PUP.SaveClicker
~ BCK: 4621 Legitimates Filtered in 00mn 03s

---\\ Estado general dos serviços não Microsoft (EGS) (SR=Executados, SS=Parados)
SS - | Demand 16/05/2014 257712 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
SS - | Demand 30/04/2014 279024 | (cphs) . (.Intel Corporation.) - C:\Windows\SysWow64\IntelCpHeciSvc.exe
SS - | Auto 12/05/2014 860472 | (MBAMService) . (.Malwarebytes Corporation.) - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
SS - | Demand 06/05/2014 119408 | (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
SS - | Demand 21/06/2013 162408 | (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files (x86)\Skype\Updater\Updater.exe
SS - | Auto 10/07/1658 0 | (WiseBootAssistant) . (...) - C:\Users\AP\Desktop\Portable\Wise Care 365\BootTime.exe
SR - | Auto 15/05/2014 4163584 | (a2AntiMalware) . (.Emsisoft GmbH.) - C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe
SR - | Auto 05/05/2014 70864 | (CLPSLauncher) . (.Comodo Security Solutions, Inc..) - C:\Program Files (x86)\Common Files\COMODO\launcher_service.exe
SR - | Auto 28/01/2014 2135232 | (DragonUpdater) . (...) - C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe
SR - | Auto 22/11/2013 449592 | (GbpSv) . (.GAS Tecnologia.) - C:\Program Files (x86)\GbPlugin\GbpSv.exe
SR - | Auto 05/05/2014 2327248 | (GeekBuddyRSP) . (.Comodo Security Solutions, Inc..) - C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe
SR - | Demand 24/04/2012 169752 | (ICCS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
SR - | Auto 15/03/2011 32768 | (JME Keyboard) . (...) - C:\Windows\jmesoft\Service.exe
SR - | Auto 05/10/2010 325656 | (LMS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
SR - | Auto 12/05/2014 1809720 | (MBAMScheduler) . (.Malwarebytes Corporation.) - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
SR - | Auto 11/11/2013 1445424 | (pdserv) . (.Bitdefender.) - C:\Program Files\Bitdefender\60-Second Virus Scanner\pdscan.exe
SR - | Auto 05/10/2010 2655768 | (UNS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
SR - | Auto 13/07/2009 27136 | C:\Program Files (x86)\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SR - | Auto 13/07/2009 27136 | C:\Windows\system32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
~ Services: Scanned in 00mn 05s

---\\ Scâner Aditional (088)
Database Version : 13029 - (22/05/2014)
Clés trouvées (Keys found) : 4
Valeurs trouvées (Values found) : 0
Dossiers trouvés (Folders found) : 2
Fichiers trouvés (Files found) : 2

[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Soulseek2] =>P2P.SoulSeek^
[HKCU\Software\360Safe] =>Trojan.Lozavita
[HKLM\Software\360Safe] =>Trojan.Lozavita
[HKLM\Software\Wow6432Node\360Safe] =>Trojan.Lozavita
C:\Program Files (x86)\SoulseekNS =>P2P.SoulSeek^
C:\ProgramData\Soulseek =>P2P.SoulSeek^
[HKCU\Software\Soulseek2] =>P2P.SoulSeek^
[HKCR\CLSID\{D72683FB-13B8-04EB-DA01-34991CD9E483}] (SaveClicker) =>PUP.SaveClicker^
~ Additionnel Scan: 220763 Items scanned in 00mn 41s

---\\ Sumário das deteções encontradas na sua estação
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>PUP.Eorezo
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>Adware.MegaSearch
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>PUP.AgenceExclusive
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>PUP.WebGet
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>PUP.Wajam
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>PUP.SaveClicker
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>Trojan.Lozavita
~ MSI: 7 link(s) detected in 00mn 00s

~ 993 Legitimates filtered by white list
End of the scan (557 lines in 02mn 13s)(0)

por **Power Max** Qui 22 maio 2014, 23:42

Estou analisando o seu relatório. Mas desde já percebo que há um excesso de programas de segurança no seu PC: veja que estão presentes o 360 Internet Security, Bitdefender, restos do Baidu... Seria bom desinstalar este 360 Internet Security para evitar conflitos.

por **Power Max** Qui 22 maio 2014, 23:51

Há programas desnecessários iniciando junto com o Windows, o que torna o seu PC mais lento. Para corrigir isto, siga as dicas deste tutorial:

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

De preferência deixe apenas os programas de segurança (anti-vírus/anti-spywares/firewall) iniciarem junto com o Windows.

Use também o programa Ccleaner, indicado neste tutorial acima, para fazer uma limpeza e otimização do PC agora e de tempos em tempos.
___________________________________________________________________________________________________________

ANTIVIRUS - Não consigo atualizar nenhum antivírus... 772309

Selecione e copie todo o texto destacado em vermelho que te passei.
_____________________________________________________________________________________________________________

ANTIVIRUS - Não consigo atualizar nenhum antivírus... 772309

Vá no menu: Iniciar > Todos os programas > ZHP > Clique com o botão direito do mouse sobre o Zhpfix e escolha a opção de Executar como administrador > Clique em Importação > Clique no botão GO > Clique em Oui > Caso queira que os arquivos da lixeira sejam excluídos clique em Oui novamente > Um relatório aparecerá no bloco de notas.

Copie este relatório e poste em sua próxima resposta.

por Apsantos Sex 23 maio 2014, 11:34

O 360 Internet Security e o Baidu eu ja desinstalei faz um tempo, mesmo assim essas pragas estão no meu pc...

Rapport de ZHPFix 2014.4.13.3 par Nicolas Coolman, Update du 13/04/2014
Fichier d'export Registre :
Run by AP at 23/05/2014 11:19:49
High Elevated Privileges : OK
Windows 7 Home Basic Edition, 64-bit Service Pack 1 (Build 7601)

Reciclagem vazia (00mn 02s)
Reparação de atalhos do navegador

========== Processo memória ==========
AUSENTE Memory Process: O34 - HKLM BootExecute: (PDBoot.exe) - File not found
AUSENTE Memory Process: O34 - HKLM BootExecute: (bootdelete) - File not found

========== Estado dos serviços ==========
360BOX64 Parado
360FSFLT Parado
BAPIDRV Parado

========== Chaves do Registo ==========
ELIMINÉ Driver Key: 360Box64
ELIMINÉ Driver Key: 360fsflt
ELIMINÉ Driver Key: BAPIDRV
ELIMINÉ Driver Key: Bfilter
ELIMINÉ Driver Key: Bfmon
ELIMINÉ Driver Key: Bnbase
ELIMINÉ Driver Key: Bndef
ELIMINÉ Driver Key: Bprotect
ELIMINÉ: HKCU\Software\360SD
ELIMINÉ: HKCU\Software\360Safe
ELIMINÉ: HKCU\Software\Baidu Security
ELIMINÉ:* HKLM\Software\360Safe
ELIMINÉ:* HKLM\Software\Baidu Security
ELIMINÉ: HKLM\Software\Wow6432Node\360SD
ELIMINÉ O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\16593094.sys . (...) -- C:\Windows\System32\Drivers\16593094.sys (.not file.)
ELIMINÉ O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\CleanHlp.sys . (...) -- C:\Windows\System32\Drivers\CleanHlp.sys (.not file.)
ELIMINÉ O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\hitmanpro37.sys . (...) -- C:\Windows\System32\Drivers\hitmanpro37.sys (.not file.)
ELIMINÉ O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\16593094.sys . (...) -- C:\Windows\System32\Drivers\16593094.sys (.not file.)
ELIMINÉ O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\CleanHlp.sys . (...) -- C:\Windows\System32\Drivers\CleanHlp.sys (.not file.)
ELIMINÉ O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\hitmanpro37.sys . (...) -- C:\Windows\System32\Drivers\hitmanpro37.sys (.not file.)
ELIMINÉ:* HKLM\SOFTWARE\Microsoft\Tracing\Disk Cleaner_RASAPI32
ELIMINÉ:* HKLM\SOFTWARE\Microsoft\Tracing\Disk Cleaner_RASMANCS
ELIMINÉ:* HKLM\SOFTWARE\Microsoft\Tracing\SoftwareUpdater_RASAPI32
ELIMINÉ:* HKLM\SOFTWARE\Microsoft\Tracing\SoftwareUpdater_RASMANCS
ELIMINÉ: HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\BetterInstaller_RASAPI32
ELIMINÉ: HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\BetterInstaller_RASMANCS
ELIMINÉ: HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\tuto4pc_br_31_RASAPI32
ELIMINÉ: HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\tuto4pc_br_31_RASMANCS
ELIMINÉ: HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\Tuto4PC_widget_RASAPI32
ELIMINÉ: HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\Tuto4PC_widget_RASMANCS
ELIMINÉ: HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\updatewebget_RASAPI32
ELIMINÉ: HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\updatewebget_RASMANCS
ELIMINÉ: HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\utilwebget_RASAPI32
ELIMINÉ: HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\utilwebget_RASMANCS
ELIMINÉ: HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\WajamInternetEnhancer_RASAPI32
ELIMINÉ: HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\WajamInternetEnhancer_RASMANCS
ELIMINÉ: HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\webget_RASAPI32
ELIMINÉ: HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\webget_RASMANCS
ELIMINÉ:* HKCR\CLSID\{D72683FB-13B8-04EB-DA01-34991CD9E483}

========== Valores do Registo ==========
ELIMINÉ RunValue: SGBNGERL2LAW
ProxyFix : Configuração proxy removida com sucesso
ELIMINÉ ProxyServer Value
ELIMINÉ ProxyEnable Value
ELIMINÉ EnableHttp1_1 Value
ELIMINÉ ProxyHttp1.1 Value
ELIMINÉ ProxyOverride Value

========== Elementos dos dados do Registo ==========
ELIMINÉ: R1 Search Page =

========== Pastas ==========
Nenhuma pasta CLSID local utilizador vazia

========== Ficheiros ==========
ELIMINA REINICIAR: c:\windows\system32\drivers\360antihacker64.sys
ELIMINA REINICIAR: c:\windows\system32\drivers\360avflt.sys
ELIMINA REINICIAR: c:\windows\system32\drivers\360box64.sys
ELIMINA REINICIAR: c:\windows\system32\drivers\360camera64.sys
ELIMINA REINICIAR: c:\windows\system32\drivers\360fsflt.sys
ELIMINA REINICIAR: c:\windows\system32\drivers\bapidrv64.sys
ELIMINA REINICIAR: c:\windows\system32\drivers\efimon.sys
ELIMINÉ Temporários windows (2) (970 octets)
ELIMINÉ Flash Cookies (0) (0 octets)

========== Tarefa planificada ==========
ELIMINÉ: {22CDF1A9-D6C6-4D13-A71B-943EF364FC49}

========== Restauração Sistema ==========
Ponto de restauro do sistema criado com sucesso

========== Recapitulativo ==========
2 : Processo memória
39 : Chaves do Registo
7 : Valores do Registo
1 : Elementos dos dados do Registo
1 : Pastas
9 : Ficheiros
3 : Estado dos serviços
1 : Tarefa planificada
1 : Restauração Sistema

End of clean in 00mn 37s

========== Caminho do ficheiro do relatório ==========
C:\Users\AP\AppData\Roaming\ZHP\ZHPFix[R1].txt - 23/05/2014 11:19:51 [4824]

por **Power Max** Sex 23 maio 2014, 11:37

Reinicie o PC para a limpeza dos problemas ser completada.

Depois de reiniciar o PC faça o seguinte, por gentileza:

ANTIVIRUS - Não consigo atualizar nenhum antivírus... 772309

Abra novamente o ( ZHPDiag )

[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]

|- Clique "SEARCH" ou "PESQUISAR" e aguarde a conclusão.

[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]

|- Clique OK e, ao concluir, poste o relatório ZHPDiag.txt

[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]

por Apsantos Sex 23 maio 2014, 11:48

~ Relatório do ZHPDiag v2014.5.23.72 - Nicolas Coolman (23/05/2014)
~ Iniciado por AP (23/05/2014 11:42:06)
~ Endereço do Website : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
~ Tradução pelo utilizador
~ Estatuto da versão :
~ Lista Branca : Ativado pelo programa
~ Elevação dos Privilégios : OK
~ Controle de Conta de Utilizador : Deactivate by program

---\\ Navegadores Internet
MSIE: Internet Explorer v11.0.9600.17107
MFIE: Mozilla Firefox 29.0.1 (Defaut)

---\\ Informações sobre os produtos Windows
~ Langage: Portugais
Windows 7 Home Basic, 64-bit Service Pack 1 (Build 7601)
Windows Server License Manager Script : OK
Software Protection Service (Protection logicielle) : OK
Windows Automatic Updates : OK
Windows Activation Technologies : OK

---\\ Softwares de proteçao do sistema
Bitdefender 60-Second Virus Scanner v1.0.3.76
Emsisoft Anti-Malware
Malwarebytes Anti-Malware versão 2.0.2.1012
Windows Defender W7 (Activate)

---\\ Softwares d'optimização do sistema
CCleaner v4.13

---\\ Softwares de partilha do PeerToPeer (P2P)

---\\ Monitoramento dos softwares
Adobe Flash Player 13 Plugin
Java 7 Update 9
Java 7 Update 55

---\\ Informações sobre o sistema
~ Processor: Intel64 Family 6 Model 42 Stepping 7, GenuineIntel
~ Operating System: 64 Bits
Boot mode: Normal (Normal boot)
Total RAM: 1896 MB (64% free)
System Restore: Activé (Enable)
System drive C: has 319 GB (74%) free of 430 GB

---\\ Modo de conexão ao sistema
~ Computer Name: AP-PC
~ User Name: AP
~ All Users Names: Convidado, AP, Administrador,
~ Unselected Option: 045,061,O62,065,066,080,O82,089
Logged in as Administrator

---\\ As variáveis de ambiente
~ System Unit : C:\
~ %AppZHP% : C:\Users\AP\AppData\Roaming\ZHP\
~ %AppData% : C:\Users\AP\AppData\Roaming\
~ %Desktop% : C:\Users\AP\Desktop\
~ %Favorites% : C:\Users\AP\Favorites\
~ %LocalAppData% : C:\Users\AP\AppData\Local\
~ %StartMenu% : C:\Users\AP\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\

---\\ Enumeração das unidades dos discos
C: Hard drive, Flash drive, Thumb drive (Free 319 Go of 430 Go)
E: CD-ROM drive (Not Inserted)

---\\ Estado do Centro de Segurança do Windows
~ Security Center: 49 Legitimates Filtered in 00mn 00s

---\\ Pesquisa particular de ficheiros genéricos
[MD5.332FEAB1435662FC6C672E25BEB37BE3] - (.Microsoft Corporation - Windows Explorer.) (.05/11/2011 - 07:55:36.) -- C:\Windows\Explorer.exe [2871808]
[MD5.94355C28C1970635A31B3FE52EB7CEBA] - (.Microsoft Corporation - Aplicativo de Inicialização do Windows.) (.13/07/2009 - 22:39:52.) -- C:\Windows\System32\Wininit.exe [129024]
[MD5.F220BA78AB542C70211D73AE4729B2CD] - (.Microsoft Corporation - Internet Extensions para Win32.) (.06/03/2014 - 03:22:40.) -- C:\Windows\System32\wininet.dll [2260480]
[MD5.88AB9B72B4BF3963A0DE0820B4B0B06C] - (.Microsoft Corporation - Aplicativo de Logon do Windows.) (.04/03/2014 - 06:43:50.) -- C:\Windows\System32\Winlogon.exe [455168]
[MD5.067FA52BFB59A56110A12312EF9AF243] - (.Microsoft Corporation - Biblioteca de Licenciamento de Software.) (.21/11/2010 - 00:24:16.) -- C:\Windows\System32\sppcomapi.dll [232448]
[MD5.79059559E89D06E8B80CE2944BE20228] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.27/09/2013 - 22:09:10.) -- C:\Windows\system32\Drivers\AFD.sys [497152]
[MD5.02062C0B390B7729EDC9E69C680A6F3C] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.13/07/2009 - 22:52:21.) -- C:\Windows\system32\Drivers\atapi.sys [24128]
[MD5.B8BD2BB284668C84865658C77574381A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.13/07/2009 - 20:19:47.) -- C:\Windows\system32\Drivers\Cdfs.sys [92160]
[MD5.F036CE71586E93D94DAB220D7BDF4416] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.21/11/2010 - 00:23:47.) -- C:\Windows\system32\Drivers\Cdrom.sys [147456]
[MD5.9BB2EF44EAA163B29C4A4587887A0FE4] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.21/11/2010 - 00:24:32.) -- C:\Windows\system32\Drivers\DfsC.sys [102400]
[MD5.97BFED39B6B79EB12CDDBFEED51F56BB] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.21/11/2010 - 00:23:47.) -- C:\Windows\system32\Drivers\HDAudBus.sys [122368]
[MD5.FA55C73D4AFFA7EE23AC4BE53B4592D3] - (.Microsoft Corporation - i8042 Port Driver.) (.13/07/2009 - 20:19:57.) -- C:\Windows\system32\Drivers\i8042prt.sys [105472]
[MD5.AF9B39A7E7B6CAA203B3862582E9F2D0] - (.Microsoft Corporation - IP Network Address Translator.) (.13/07/2009 - 21:10:03.) -- C:\Windows\system32\Drivers\IpNat.sys [116224]
[MD5.A5D9106A73DC88564C825D317CAC68AC] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.05/11/2011 - 07:57:31.) -- C:\Windows\system32\Drivers\MRxSmb.sys [158208]
[MD5.09594D1089C523423B32A4229263F068] - (.Microsoft Corporation - MBT Transport driver.) (.21/11/2010 - 00:23:51.) -- C:\Windows\system32\Drivers\netBT.sys [261632]
[MD5.1A29A59A4C5BA6F8C85062A613B7E2B2] - (.Microsoft Corporation - NT File System Driver.) (.23/01/2014 - 23:37:55.) -- C:\Windows\system32\Drivers\ntfs.sys [1684928]
[MD5.0086431C29C35BE1DBC43F52CC273887] - (.Microsoft Corporation - Parallel Port Driver.) (.13/07/2009 - 21:00:41.) -- C:\Windows\system32\Drivers\Parport.sys [97280]
[MD5.471815800AE33E6F1C32FB1B97C490CA] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.21/11/2010 - 00:24:33.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [129536]
[MD5.548260A7B8654E024DC30BF8A7C5BAA4] - (.Microsoft Corporation - SMB Transport driver.) (.13/07/2009 - 21:09:09.) -- C:\Windows\system32\Drivers\smb.sys [93184]
[MD5.DDAD5A7AB24D8B65F8D724F5C20FD806] - (.Microsoft Corporation - TDI Translation Driver.) (.21/11/2010 - 00:24:32.) -- C:\Windows\system32\Drivers\tdx.sys [119296]
[MD5.0D08D2F3B3FF84E433346669B5E0F639] - (.Microsoft Corporation - Volume Shadow Copy Driver.) (.21/11/2010 - 00:23:47.) -- C:\Windows\system32\Drivers\volsnap.sys [295808]
~ Generic Processes: Scanned in 00mn 03s

---\\ Estatuto dos ficheiros ocultos (Oculto/Total)
~ Mes images (My Pictures) : 1/1340
~ Mes musiques (My Musics) : 1/9152
~ Mes Favoris (My Favorites) : 2/20
~ Mes Documents (My Documents) : 1/1127
~ Mon Bureau (My Desktop) : 3/324
~ Menu demarrer (Programs) : 1/45
~ Hidden Files: Scanned in 00mn 29s

---\\ Processos lançados
[MD5.7CF072E03D4F943B1FE20339B973EDBB] - (.Lenovo - TinianFn.) -- C:\Windows\jmesoft\hotkey.exe [118784] [PID.2932]
[MD5.0B427D9943C838620AFA30CBB24A6D77] - (.CyberLink - CyberLink MediaLibray Service.) -- C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc.exe [103720] [PID.2976]
[MD5.39B47A50DC3D5E898298468307765710] - (.Comodo Security Solutions, Inc. - GeekBuddy Remote Screen Protocol Server.) -- C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe [2327248] [PID.1828]
[MD5.2BE28172DB7CB4C3AB8AC061D5420316] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [7877120] [PID.4956]
[MD5.133E9D8945F8ADAA60101902DB7467B3] - (.Emsisoft GmbH - Emsisoft Anti-Malware Service.) -- C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe [4163584] [PID.880]
[MD5.E450DA5CA7CA895198635F006ABA8419] - (.Comodo Security Solutions, Inc. - livePCsupport Component.) -- C:\Program Files (x86)\Common Files\COMODO\launcher_service.exe [70864] [PID.920]
[MD5.99738954CDFF4BBFEED59513195D5064] - (.GAS Tecnologia - G-Buster Browser Defense - Service.) -- C:\Program Files (x86)\GbPlugin\GbpSv.exe [449592] [PID.996]
[MD5.49B2C034D77F9F73C80AC55E795CCB6E] - (...) -- C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe [2135232] [PID.1704]
[MD5.1DED0D0AA513E2A5862B20A520D3A1E1] - (...) -- C:\Windows\jmesoft\Service.exe [32768] [PID.880]
[MD5.D84AEA3F3329D622DFC1297DDDF6163B] - (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720] [PID.1920]
[MD5.83FF82FE209E7997067B375DAD6CF23D] - (.Intel Corporation - Intel(R) Integrated Clock Controller Servic.) -- C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [169752] [PID.2944]
[MD5.9E100706E0DAF8C1966C91BE8BA8A5BE] - (.No owner - JME_LOAD Microsoft 基础类应用程序.) -- C:\Windows\jmesoft\JME_LOAD.exe [20480] [PID.1424]
[MD5.926EBA26A8B49D1597751CED06B50862] - (.Intel Corporation - Local Manageability Service.) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [325656] [PID.4508]
[MD5.FDF92EC84FECEE834FB10A2A0A19BCDA] - (.Intel Corporation - User Notification Service.) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2655768] [PID.4732]
~ Processes Running: Scanned in 00mn 00s

---\\ Internet Explorer, Arranque, Pesquisa, URLSearchHook( gancho de URL), Phishing (R0,R1,R3,R4)
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
~ IE Browser: 17 Legitimates Filtered in 00mn 00s

---\\ Internet Explorer, Gestão do Proxy (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s

---\\ Análise das linhas F0, F1, F2, F3 - Ficheiros ini, Carregamento Automático de programas
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys: Scanned in 00mn 00s

---\\ Redireção do ficheiro Hosts (01)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File: Scanned in 00mn 00s
~ Nombre de lignes (Lines number): 21

---\\ Browser Helper Objects do navegador (02)
O2 - BHO: G-Buster Browser Defense Itaú Unibanco [64Bits] - {C41A1C0E-EA6C-11D4-B1B8-444553540008} . (.Banco Itaú Unibanco - Gbieh Module.) -- C:\Program Files (x86)\GbPlugin\gbiehUni.dll
~ BHO: 5 Legitimates Filtered in 00mn 00s

---\\ Aplicações iniciadas por registo & pastas (04)
O4 - HKLM\..\Run: [RtHDVCpl] . (.Realtek Semiconductor - Gerenciador de áudio HD Realtek.) -- C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
O4 - HKLM\..\Run: [Lenovo EE Boot Optimizer] . (.Lenovo - Lenovo EE Boot Optimizer Software.) -- C:\Program Files (x86)\Lenovo\Boot Optimizer\PopWnd.exe
O4 - HKLM\..\Run: [RtHDVBg_LENOVO_MICPKEY] . (.Realtek Semiconductor - HD Audio Background Process.) -- C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
O4 - HKLM\..\Run: [IgfxTray] . (.Intel Corporation - igfxTray Module.) -- C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] . (.Intel Corporation - hkcmd Module.) -- C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] . (.Intel Corporation - persistence Module.) -- C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Wow6432Node\Run: [jmekey] . (.Lenovo - TinianFn.) -- C:\Windows\jmesoft\hotkey.exe
O4 - HKLM\..\Wow6432Node\Run: [jmesoft] . (...) -- C:\Windows\jmesoft\ServiceLoader.exe
O4 - HKLM\..\Wow6432Node\Run: [CLMLServer] . (.CyberLink - CyberLink MediaLibray Service.) -- C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc.exe
O4 - HKLM\..\Wow6432Node\Run: [tvncontrol] . (.Comodo Security Solutions, Inc. - GeekBuddy Remote Screen Protocol Server.) -- C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets da Área de Trabalho do Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets da Área de Trabalho do Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
~ Application: Scanned in 00mn 00s

---\\ Boutões da barra de ferramentas principal do Internet Explorer (09)
O9 - Extra button: PrivDog [64Bits] - {2F5C139F-79BD-4C84-A95A-E7140525BC55} . (.AdTrustMedia - PrivDog Extension.) -- C:\Program Files\AdTrustMedia\PrivDog\1.8.0.15\trustedads.dll
~ IE Extra Buttons: Scanned in 00mn 00s

---\\ Site na zona confiavél do Internet Explorer (05)
O15 - Trusted Zone: [HKCU\...\Domains] *.itau.com.br
O15 - Trusted Zone: [HKCU\...\Domains\www] *.itau.com.br
~ IE Zone Confiance: Scanned in 00mn 00s

---\\ Alteração Dominio/Clientes DNS (017)
O17 - HKLM\System\CCS\Services\Tcpip\..\{BBB275CE-C972-4066-BAD9-135894EA5586}: NameServer = 8.26.56.26 156.154.70.22
O17 - HKLM\System\CS1\Services\Tcpip\..\{BBB275CE-C972-4066-BAD9-135894EA5586}: NameServer = 8.26.56.26 156.154.70.22
O17 - HKLM\System\CS2\Services\Tcpip\..\{BBB275CE-C972-4066-BAD9-135894EA5586}: NameServer = 8.26.56.26 156.154.70.22
~ Domain: Scanned in 00mn 00s

---\\ Protocolo adicional (018)
O18 - Handler: wlpg [64Bits] - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (...) --
O18 - Filter: text/xml [64Bits] - {807553E5-5146-11D5-A672-00B0D022E945} . (...) --
~ Protocole Additionnel: Scanned in 00mn 00s

---\\ Valor do Registo AppInit_DLLs e sub-chaves Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: igfxcui . (.Intel Corporation - igfxdev Module.) -- C:\Windows\System32\igfxdev.dll
~ Winlogon: Scanned in 00mn 00s

---\\ Lista dos serviços NT não Microsoft e não desativados (023)
O23 - Service: Gbp Service (GbpSv) . (.GAS Tecnologia - G-Buster Browser Defense - Service.) - C:\Program Files (x86)\GbPlugin\GbpSv.exe
O23 - Service: JME Keyboard Driver (JME Keyboard) . (...) - C:\Windows\jmesoft\Service.exe
O23 - Service: Wise Boot Assistant (WiseBootAssistant) . (...) - C:\Users\AP\Desktop\Portable\Wise Care 365\BootTime.exe (.not file.)
~ Services: 11 Legitimates Filtered in 00mn 02s

---\\ Listagem dos dados do BootExecute (Bex) (034)
O34 - HKLM BootExecute: (PDBoot.exe) - File not found
O34 - HKLM BootExecute: (bootdelete) - File not found
~ BEX: 3 Legitimates Filtered in 00mn 00s

---\\ Tarefas planificadas automaticamente (039)
[MD5.00000000000000000000000000000000] [APT] [CIS_{15198508-521A-4D69-8E5B-B94A6CCFF805}] (...) -- C:\Users\AP\APpData\Local\Temp\cisD3F1.exe (.not file.) [0]
O39 - APT: - (..) -- C:\Windows\System32\Tasks\Adobe Flash Player Updater [902]
~ Scheduled Task: 5 Legitimates Filtered in 00mn 01s

---\\ Drivers lançados ao arranque do sistema (041)
O41 - Driver: (BTOWSFF) . (.Toolwiz.com - Toolwiz File Engine.) - C:\Windows\system32\Drivers\BTOWSFF.sys
O41 - Driver: (HMD) . (...) - C:\Windows\System32\DRIVERS\hmd.sys
~ Drivers: 75 Legitimates Filtered in 00mn 00s

---\\ Software instalados (042)
O42 - Logiciel: Pivot Animator version 4.1.10 - (.Motus Software Ltd.) [HKLM][64Bits] -- Pivot Animator_is1
O42 - Logiciel: SoulSeek 157 NS 13e - (...) [HKLM][64Bits] -- Soulseek2 =>P2P.SoulSeek
O42 - Logiciel: Toolwiz Care - (.ToolWiz Care.) [HKLM][64Bits] -- ToolwizCareFree
O42 - Logiciel: Winyl 3.0.1 - (.Vinyl Software.) [HKLM][64Bits] -- {5BEA5008-5317-4526-92C9-9685E7AF5F5A}_is1
O42 - Logiciel: WolfQuest - (.eduweb.) [HKLM][64Bits] -- {9E6AD6CF-1EFF-43E4-86C4-5C00254C3D8E}
~ Logic: 10 Legitimates Filtered in 00mn 00s

---\\ HKCU & HKLM Software Keys
[HKCU\Software\MRT.Player]
[HKCU\Software\Mr QuestionMan]
[HKCU\Software\Soulseek2] =>P2P.SoulSeek
[HKCU\Software\XinYi Network]
[HKCU\Software\dx20120105]
[HKCU\Software\eduweb]
[HKCU\Software\mp3Trim]
[HKCU\Software\sting (USA.svc)]
[HKCU\Software\superdownloads.com.br]
[HKLM\Software\KoshyJohn.com]
[HKLM\Software\Wow6432Node\AutoHelpDesk]
[HKLM\Software\Wow6432Node\Winyl]
[HKLM\Software\Wow6432Node\XinYi Network]
~ Key Software: 308 Legitimates Filtered in 00mn 00s

---\\ Conteúdo das pastas Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 03/03/2014 - 21:15:25 - [] ----D C:\Program Files (x86)\1by1_181
O43 - CFD: 16/07/2012 - 08:27:36 - [] ----D C:\Program Files (x86)\Gizmo
O43 - CFD: 22/03/2012 - 19:23:22 - [] ----D C:\Program Files (x86)\Mr QuestionMan
O43 - CFD: 14/05/2014 - 20:32:15 - [] ----D C:\Program Files (x86)\Pivot Animator
O43 - CFD: 18/03/2012 - 23:12:15 - [] ----D C:\Program Files (x86)\SoulseekNS =>P2P.SoulSeek
O43 - CFD: 17/05/2014 - 19:11:28 - [] ----D C:\Program Files (x86)\Winyl
O43 - CFD: 28/04/2014 - 19:36:46 - [] ----D C:\Program Files (x86)\WolfQuest
O43 - CFD: 08/02/2013 - 22:39:37 - [] ----D C:\ProgramData\AntiTracks
O43 - CFD: 14/05/2014 - 20:33:13 - [] ----D C:\ProgramData\Pivot Animator
O43 - CFD: 21/05/2014 - 18:50:38 - [] ----D C:\ProgramData\Soulseek =>P2P.SoulSeek
O43 - CFD: 12/03/2014 - 19:19:09 - [] ----D C:\Users\AP\AppData\Roaming\ActiveX
O43 - CFD: 25/10/2012 - 23:14:55 - [0] ----D C:\Users\AP\AppData\Roaming\Fenrir Inc
O43 - CFD: 12/08/2013 - 23:02:14 - [] ----D C:\Users\AP\AppData\Roaming\KoshyJohn.com
O43 - CFD: 15/05/2014 - 23:50:12 - [] ----D C:\Users\AP\AppData\Roaming\Mediatronic
O43 - CFD: 12/01/2014 - 20:55:57 - [] ----D C:\Users\AP\AppData\Roaming\mgyun
O43 - CFD: 02/04/2014 - 17:53:22 - [] ----D C:\Users\AP\AppData\Roaming\ProductData
O43 - CFD: 22/04/2013 - 22:46:30 - [] ----D C:\Users\AP\AppData\Roaming\TFP
O43 - CFD: 18/01/2014 - 08:39:12 - [0] ----D C:\Users\AP\AppData\Roaming\WandoujiaUsbDriver
O43 - CFD: 17/05/2014 - 19:17:02 - [] ----D C:\Users\AP\AppData\Roaming\Winyl
O43 - CFD: 05/08/2013 - 23:33:44 - [] ----D C:\Users\AP\AppData\Roaming\Wise PC 1stAid
O43 - CFD: 14/04/2014 - 19:30:11 - [0] ----D C:\Users\AP\AppData\Roaming\WiseUpdate
O43 - CFD: 21/03/2012 - 20:47:13 - [] ----D C:\Users\AP\AppData\Local\LoRd_MuldeR
O43 - CFD: 12/03/2014 - 19:19:09 - [0] ----D C:\Users\AP\AppData\Local\MalwareScan
O43 - CFD: 07/05/2013 - 23:10:05 - [] ----D C:\Users\AP\AppData\Local\Max_HD
O43 - CFD: 12/03/2014 - 19:19:09 - [0] --H-D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\lnk_disabled
~ Program Folder: 213 Legitimates Filtered in 00mn 01s

---\\ Últimos ficheiros alterados ou criados no Windows e Sistema32 (044)
O44 - LFC:[MD5.AC0FC518EFF980D7AFB6A02ECB208679] - 08/05/2014 - 21:31:20 ---A- . (...) -- C:\Windows\System32\prfc0416.dat [147638]
O44 - LFC:[MD5.74A6AA1DCF3118BE1353C8FD9471C2B3] - 08/05/2014 - 21:31:20 ---A- . (...) -- C:\Windows\System32\prfh0416.dat [705798]
O44 - LFC:[MD5.B10C40FA613D461CFEF1FBBB04D5E47C] - 15/05/2014 - 09:16:03 ---A- . (...) -- C:\Windows\System32\.crusader [18248]
O44 - LFC:[MD5.30D44B87584D8AE0B16E09C4846A248D] - 15/05/2014 - 15:10:40 ---A- . (...) -- C:\EamClean.log [712]
O44 - LFC:[MD5.4EA5458FCA8518344686C543749365B1] - 18/05/2014 - 00:31:28 ---A- . (.ThreatTrack Security - gfiark64.sys.) -- C:\Windows\System32\Drivers\gfiark.sys [41032]
O44 - LFC:[MD5.8676604DDC439DDCAF6463DE114A80A9] - 22/05/2014 - 11:54:51 ---A- . (...) -- C:\TDSSKiller.3.0.0.34_22.05.2014_11.47.34_log.txt [198128]
O44 - LFC:[MD5.3F66EF45C3BEDD8BC7A11734D55407AE] - 22/05/2014 - 11:58:27 ---A- . (...) -- C:\TDSSKiller.3.0.0.34_22.05.2014_11.56.16_log.txt [195632]
O44 - LFC:[MD5.798267CDD7B6ECBA3889E20F11919159] - 22/05/2014 - 12:00:30 ---A- . (...) -- C:\TDSSKiller.3.0.0.34_22.05.2014_11.59.39_log.txt [196214]
O44 - LFC:[MD5.AC4B8187C59C038B60088F95526E4326] - 22/05/2014 - 16:32:18 ---A- . (...) -- C:\zoek-results2014-05-22-193218.log [3418]
O44 - LFC:[MD5.CC7AA7B42CF418FC3D926913490048F8] - 22/05/2014 - 16:41:37 ---A- . (...) -- C:\Windows\zoek-delete.exe [24064]
O44 - LFC:[MD5.20045C859DECD9309F248FA6F909634F] - 22/05/2014 - 19:16:29 ---A- . (...) -- C:\zoek-results.log [22230]
O44 - LFC:[MD5.D430666459529D483242456103753638] - 23/05/2014 - 11:24:40 ---A- . (...) -- C:\Windows\System32\fastboot.set [200344]
~ Files: 82 Legitimates Filtered in 00mn 10s

---\\ Enumeração das chaves do registo PoliciesSystem (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
~ MWPS: 18 Legitimates Filtered in 00mn 00s

---\\ Enumeração das chaves do registo PoliciesExplorer (MWPE) (O56)
O56 - MWPE:[HKCU\...\policies\Explorer] - "NoLowDiskSpaceChecks"=1
O56 - MWPE:[HKLM\...\policies\Explorer] - "LinkResolveIgnoreLinkInfo"=0
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoResolveSearch"=1
~ MWPE Keys: 7 Legitimates Filtered in 00mn 00s

---\\ Lista dos drivers do sistema (SDL) (O58)
O58 - SDL:27/11/2013 - 09:10:43 ---A- . (.Qihu 360 Software Co., Ltd. - 360 Internet Security Proactive Defense.) -- C:\Windows\System32\Drivers\360AntiHacker64.sys [97480]
O58 - SDL:27/03/2013 - 23:11:29 ---A- . (.Qihu 360 Software Co., Ltd. - 360 Internet Security 2013.) -- C:\Windows\System32\Drivers\360AvFlt.sys [67272]
O58 - SDL:29/11/2013 - 04:55:11 ---A- . (.Qihu 360 Software Co., Ltd. - 360 Internet Security Proactive Defense.) -- C:\Windows\System32\Drivers\360Box64.sys [305856]
O58 - SDL:08/12/2013 - 23:04:01 ---A- . (.Qihu 360 Software Co., Ltd. - 360 Internet Security Proactive Defense.) -- C:\Windows\System32\Drivers\360Camera64.sys [41152]
O58 - SDL:24/12/2013 - 06:27:57 ---A- . (.Qihu 360 Software Co., Ltd. - 360 Internet Security Proactive Defense.) -- C:\Windows\System32\Drivers\360FsFlt.sys [286912]
O58 - SDL:10/12/2013 - 00:49:34 ---A- . (.Qihu 360 Software Co., Ltd. - 360 Internet Security Cloud Security.) -- C:\Windows\System32\Drivers\BAPIDRV64.SYS [179904]
O58 - SDL:26/03/2014 - 00:32:49 ---A- . (.Toolwiz.com - Toolwiz File Engine.) -- C:\Windows\System32\Drivers\BTOWSFF.sys [33024]
O58 - SDL:26/03/2014 - 00:32:48 ---A- . (.Toolwiz.com - Toolwiz TimeFreeze.) -- C:\Windows\System32\Drivers\BTOWSVF.sys [52480]
O58 - SDL:07/05/2013 - 04:00:18 ---A- . (.Windows (R) Win 7 DDK provider - Safe Deletion Driver.) -- C:\Windows\System32\Drivers\CFRMD.sys [37976]
O58 - SDL:06/12/2013 - 09:03:14 ---A- . (.Qihu 360 Software Co., Ltd. - 360 Internet Security Efimon Driver.) -- C:\Windows\System32\Drivers\efimon.sys [22584]
O58 - SDL:13/07/2009 - 22:47:48 ---A- . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\System32\Drivers\elxstor.sys [530496]
O58 - SDL:23/05/2013 - 08:39:23 ---A- . (.ThreatTrack Security - gfiark64.sys.) -- C:\Windows\System32\Drivers\gfiark.sys [41032]
O58 - SDL:12/07/2012 - 22:22:39 ---A- . (.Arainia Solutions LLC - Gizmo Drive, kernel-mode device driver.) -- C:\Windows\System32\Drivers\gizmodrv.sys [34704]
O58 - SDL:10/06/2009 - 17:31:59 ---A- . (.Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for eHome.) -- C:\Windows\System32\Drivers\hcw85cir.sys [31232]
O58 - SDL:07/10/2013 - 02:17:38 ---A- . (...) -- C:\Windows\System32\Drivers\hmd.sys [14888]
O58 - SDL:26/03/2014 - 00:32:49 ---A- . (.Toolwiz.com - Toolwiz BSafe.) -- C:\Windows\System32\Drivers\KSafeDISK.sys [52992]
O58 - SDL:13/07/2009 - 22:45:55 ---A- . (.Promise Technology - Promise SuperTrak EX Series Driver for Windows.) -- C:\Windows\System32\Drivers\stexstor.sys [24656]
O58 - SDL:22/05/2014 - 00:59:57 ---A- . (...) -- C:\Windows\SysWOW64\drivers\fsbts.sys [26624]
O58 - SDL:23/05/2014 - 11:23:48 ---A- . (.GbPlugin NDIS Device Driver - GbPlugin NDIS Device Driver.) -- C:\Windows\SysWOW64\drivers\gbpndisrd.sys [31088]
~ Drivers: 82 Legitimates Filtered in 00mn 03s

---\\ Lista das ferramentas de remoção de vírus (LAT) (063)
O63 - Logiciel: ZHPDiag 2014 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =>.Nicolas Coolman
~ ADS: Scanned in 00mn 00s

---\\ Lista dos serviços Legacy du registo (064)
O64 - Services: CurCS - 26/03/2014 - C:\Windows\system32\Drivers\BTOWSFF.sys (BTOWSFF) .(.Toolwiz.com - Toolwiz File Engine.) - LEGACY_BTOWSFF
O64 - Services: CurCS - 12/07/2012 - C:\Windows\System32\Drivers\GizmoDrv.sys (GizmoDrv) .(.Arainia Solutions LLC - Gizmo Drive, kernel-mode device driver.) - LEGACY_GIZMODRV
O64 - Services: CurCS - 07/10/2013 - C:\Windows\System32\DRIVERS\hmd.sys (HMD) .(...) - LEGACY_HMD
O64 - Services: CurCS - 26/03/2014 - C:\Windows\System32\Drivers\KSafeDISK.sys (KSafeDISK) .(.Toolwiz.com - Toolwiz BSafe.) - LEGACY_KSAFEDISK
~ Legacy: 126 Legitimates Filtered in 00mn 00s

---\\ Menu de inicialização Internet (068)
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Comodo - Comodo Dragon.) -- C:\Program Files (x86)\Comodo\Dragon\dragon.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- c:\program files\internet explorer\iexplore.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Not Key.)
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Not Key.)
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (...) -- c:\program files (x86)\superbird\superbird.exe (.not file.)
O68 - StartMenuInternet: <>[HKLM\..\Shell\open\Command] (.Not Key.)
~ Keys: Scanned in 00mn 00s

---\\ Pesquisa de infeção nos navegadores da Internet (SBI) (069)
O69 - SBI: SearchScopes [HKCU] {0191A6B0-1154-4C22-9182-23A95BBE92D9} - (Google) - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (Bing) - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O69 - SBI: SearchScopes [HKCU] {17E05768-96BE-40BA-9B6C-952A5C7BCEBA} - (Bing) - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O69 - SBI: SearchScopes [HKCU] {20D07661-B885-4893-967E-93AE5A952531} - (Google) - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O69 - SBI: SearchScopes [HKCU] {67A2568C-7A0A-4EED-AECC-B5405DE63B64} - (Google) - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O69 - SBI: SearchScopes [HKCU] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} [DefaultScope] - (Google) - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O69 - SBI: SearchScopes [HKCU] {D6C939E6-CC2D-4025-88CC-904CF475B929} - (DuckDuckGo) - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O69 - SBI: SearchScopes [HKUS\.DEFAULT] {0191A6B0-1154-4C22-9182-23A95BBE92D9} - (Google) - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O69 - SBI: SearchScopes [HKUS\S-1-5-18] {0191A6B0-1154-4C22-9182-23A95BBE92D9} - (Google) - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
~ Keys: Scanned in 00mn 00s

---\\ Pesquisa adicional à raiz do sistema (radicular) (SPRF) (O84)
[MD5.38CB990A0B9CEE93E0ADC40D188D524E] [SPRF][17/05/2014] (...) -- C:\ProgramData\1400360009.bdinstall.bin [51825]
[MD5.45961EE698A9A0262692CCE556762EA7] [SPRF][17/05/2014] (...) -- C:\ProgramData\1400360224.bdinstall.bin [202986]
[MD5.6DBAFAEB7502CD06B7FB8F9419C54225] [SPRF][17/05/2014] (...) -- C:\ProgramData\1400361380.bdinstall.bin [32296]
[MD5.0B80048447F9C6B218452A3772503FC6] [SPRF][18/05/2014] (...) -- C:\ProgramData\1400382321.bdinstall.bin [37842]
[MD5.6AA3D08797AE5D8148FF94ECF3CF2D00] [SPRF][18/05/2014] (...) -- C:\ProgramData\1400382324.bdinstall.bin [97658]
[MD5.DB81C6BD76440265BC409FF90F037D31] [SPRF][22/05/2014] (...) -- C:\ProgramData\1400766204.bdinstall.bin [50805]
[MD5.70F851F7A524071E13F17DC401A21906] [SPRF][22/05/2014] (...) -- C:\Users\AP\Desktop\AdwCleaner.exe [1326389]
[MD5.71DDE75D01C0F6EB2E85D29B3E9B4D53] [SPRF][21/05/2014] (...) -- C:\Users\AP\Desktop\cwxjbyja.exe [149398168]
[MD5.7091B2EEEC02B800350D454099E41EDE] [SPRF][17/05/2014] (.Geek Uninstaller - Geek Unіnstaller.) -- C:\Users\AP\Desktop\geek.exe [6169608]
[MD5.36C9CE21A11AB4D46400869881A8CCCB] [SPRF][22/06/2009] (...) -- C:\Users\AP\Desktop\mp3Trim PRO.exe [267776]
[MD5.73C59736FB3538BCD9E7778AC6D0B17F] [SPRF][22/05/2014] (...) -- C:\Users\AP\Desktop\setup_11.0.1.1245.x01_2014_05_22_08_37.exe [137816584]
[MD5.352E8561E633B17ED22012366721FFDC] [SPRF][22/05/2014] (...) -- C:\Users\AP\Desktop\zoek.exe [1285120]
~ Files: 14 Legitimates Filtered in 00mn 06s

---\\ Search Tracing Registry Key (O100)
HKLM\SOFTWARE\Microsoft\Tracing\utorrent-3_RASAPI32 =>P2P.µTorrent
HKLM\SOFTWARE\Microsoft\Tracing\utorrent-3_RASMANCS =>P2P.µTorrent
HKLM\SOFTWARE\Microsoft\Tracing\uTorrent_RASAPI32 =>P2P.µTorrent
HKLM\SOFTWARE\Microsoft\Tracing\uTorrent_RASMANCS =>P2P.µTorrent
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\GoogleToolbarInstaller_updater_signed_RASAPI32 =>Toolbar.Google
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\GoogleToolbarInstaller_updater_signed_RASMANCS =>Toolbar.Google
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\GoogleToolbarManager_F91D44FAA5479127_RASAPI32 =>Toolbar.Google
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\GoogleToolbarManager_F91D44FAA5479127_RASMANCS =>Toolbar.Google
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\GoogleToolbarNotifier_RASAPI32 =>Toolbar.Google
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\GoogleToolbarNotifier_RASDLG =>Toolbar.Google
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\GoogleToolbarNotifier_RASMANCS =>Toolbar.Google
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\utorrent-32-build-27568-baixaki-32-bits_RASAPI32 =>P2P.µTorrent
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\utorrent-32-build-27568-baixaki-32-bits_RASMANCS =>P2P.µTorrent
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\uTorrentPortable_3_RASAPI32 =>P2P.µTorrent
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\uTorrentPortable_3_RASMANCS =>P2P.µTorrent
~ BTK: 533 Legitimates Filtered in 00mn 00s

---\\ Estado general dos serviços não Microsoft (EGS) (SR=Executados, SS=Parados)
SS - | Demand 16/05/2014 257712 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
SS - | Demand 30/04/2014 279024 | (cphs) . (.Intel Corporation.) - C:\Windows\SysWow64\IntelCpHeciSvc.exe
SS - | Auto 12/05/2014 860472 | (MBAMService) . (.Malwarebytes Corporation.) - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
SS - | Demand 06/05/2014 119408 | (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
SS - | Demand 21/06/2013 162408 | (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files (x86)\Skype\Updater\Updater.exe
SS - | Auto 10/07/1658 0 | (WiseBootAssistant) . (...) - C:\Users\AP\Desktop\Portable\Wise Care 365\BootTime.exe
SR - | Auto 15/05/2014 4163584 | (a2AntiMalware) . (.Emsisoft GmbH.) - C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe
SR - | Auto 05/05/2014 70864 | (CLPSLauncher) . (.Comodo Security Solutions, Inc..) - C:\Program Files (x86)\Common Files\COMODO\launcher_service.exe
SR - | Auto 28/01/2014 2135232 | (DragonUpdater) . (...) - C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe
SR - | Auto 22/11/2013 449592 | (GbpSv) . (.GAS Tecnologia.) - C:\Program Files (x86)\GbPlugin\GbpSv.exe
SR - | Auto 05/05/2014 2327248 | (GeekBuddyRSP) . (.Comodo Security Solutions, Inc..) - C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe
SR - | Demand 24/04/2012 169752 | (ICCS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
SR - | Auto 15/03/2011 32768 | (JME Keyboard) . (...) - C:\Windows\jmesoft\Service.exe
SR - | Auto 05/10/2010 325656 | (LMS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
SR - | Auto 12/05/2014 1809720 | (MBAMScheduler) . (.Malwarebytes Corporation.) - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
SR - | Auto 11/11/2013 1445424 | (pdserv) . (.Bitdefender.) - C:\Program Files\Bitdefender\60-Second Virus Scanner\pdscan.exe
SR - | Auto 05/10/2010 2655768 | (UNS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
SR - | Auto 13/07/2009 27136 | C:\Program Files (x86)\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SR - | Auto 13/07/2009 27136 | C:\Windows\system32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
~ Services: Scanned in 00mn 06s

---\\ Scâner Aditional (088)
Database Version : 13029 - (23/05/2014)
Clés trouvées (Keys found) : 1
Valeurs trouvées (Values found) : 0
Dossiers trouvés (Folders found) : 2
Fichiers trouvés (Files found) : 1

[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Soulseek2] =>P2P.SoulSeek^
C:\Program Files (x86)\SoulseekNS =>P2P.SoulSeek^
C:\ProgramData\Soulseek =>P2P.SoulSeek^
[HKCU\Software\Soulseek2] =>P2P.SoulSeek^
~ Additionnel Scan: 220323 Items scanned in 00mn 14s

---\\ Sumário das deteções encontradas na sua estação
~ MSI: 0 link(s) detected in 00mn 00s

~ 946 Legitimates filtered by white list
End of the scan (487 lines in 01mn 40s)(0)

por **Power Max** Sex 23 maio 2014, 12:26

Selecione e copie todo o texto destacado em vermelho que te passei.
_____________________________________________________________________________________________________________

ANTIVIRUS - Não consigo atualizar nenhum antivírus... 772309

Vá no menu: Iniciar > Todos os programas > ZHP > Clique com o botão direito do mouse sobre o Zhpfix e escolha a opção de Executar como administrador > Clique em Importação > Clique no botão GO > Clique em Oui > Caso queira que os arquivos da lixeira sejam excluídos clique em Oui novamente > Um relatório aparecerá no bloco de notas.

Copie este relatório e poste em sua próxima resposta.

por Apsantos Sex 23 maio 2014, 12:38

Rapport de ZHPFix 2014.4.13.3 par Nicolas Coolman, Update du 13/04/2014
Fichier d'export Registre :
Run by AP at 23/05/2014 12:30:34
High Elevated Privileges : OK
Windows 7 Home Basic Edition, 64-bit Service Pack 1 (Build 7601)

Reciclagem vazia (00mn 03s)

========== Pastas ==========
Nenhuma pasta CLSID local utilizador vazia

========== Ficheiros ==========
ELIMINA REINICIAR: c:\windows\system32\drivers\360antihacker64.sys
ELIMINA REINICIAR: c:\windows\system32\drivers\360avflt.sys
ELIMINA REINICIAR: c:\windows\system32\drivers\360box64.sys
ELIMINA REINICIAR: c:\windows\system32\drivers\360camera64.sys
ELIMINA REINICIAR: c:\windows\system32\drivers\360fsflt.sys
ELIMINA REINICIAR: c:\windows\system32\drivers\bapidrv64.sys
ELIMINA REINICIAR: c:\windows\system32\drivers\efimon.sys
ELIMINÉ Temporários windows (2) (970 octets)
ELIMINÉ Flash Cookies (0) (0 octets)

========== Tarefa planificada ==========
ELIMINÉ: CIS_{15198508-521A-4D69-8E5B-B94A6CCFF805}
ELIMINÉ: CIS_{15198508-521A-4D69-8E5B-B94A6CCFF805}

========== Restauração Sistema ==========
Ponto de restauro do sistema criado com sucesso

========== Recapitulativo ==========
1 : Pastas
9 : Ficheiros
2 : Tarefa planificada
1 : Restauração Sistema

End of clean in 00mn 31s

========== Caminho do ficheiro do relatório ==========
C:\Users\AP\AppData\Roaming\ZHP\ZHPFix[R1].txt - 23/05/2014 11:19:51 [4901]
C:\Users\AP\AppData\Roaming\ZHP\ZHPFix[R2].txt - 23/05/2014 12:30:37 [1423]

por **Power Max** Sex 23 maio 2014, 12:44

Baixe o [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] e salve-o no Desktop (Área de Trabalho)

Obs: Ao acessar o link acima, clique no botão Download Now 64-Bit Version

Execute o Farbar seguindo as dicas deste tutorial:

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

*Serão criados dois relatórios no Desktop: FRST.txt e Addition.txt

Poste estes dois relatórios em sua próxima resposta. (Obs: se não couber em uma só resposta, pode dividi-la em mais postagens).

por Apsantos Sex 23 maio 2014, 12:55

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 21-05-2014
Ran by AP (administrator) on AP-PC on 23-05-2014 12:47:30
Running from C:\Users\AP\Desktop
Platform: Windows 7 Home Basic Service Pack 1 (X64) OS Language: Portuguese Brazilian
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Download link for 64-Bit Version: [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

==================== Processes (Whitelisted) =================

(Emsisoft GmbH) C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe
(Comodo Security Solutions, Inc.) C:\Program Files (x86)\Common Files\COMODO\launcher_service.exe
(GAS Tecnologia) C:\Program Files (x86)\GbPlugin\GbpSv.exe
() C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe
(Comodo Security Solutions, Inc.) C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe
() C:\Windows\jmesoft\Service.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Bitdefender) C:\Program Files\Bitdefender\60-Second Virus Scanner\pdscan.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Lenovo) C:\Windows\jmesoft\hotkey.exe
(CyberLink) C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc.exe
(Comodo Security Solutions, Inc.) C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe
(Comodo Security Solutions, Inc.) C:\Program Files\COMODO\GeekBuddy\unit_manager.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
(Comodo Security Solutions, Inc.) C:\Program Files\COMODO\GeekBuddy\unit.exe
() C:\Windows\jmesoft\JME_LOAD.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13667032 2014-04-30] (Realtek Semiconductor)
HKLM\...\Run: [Lenovo EE Boot Optimizer] => C:\Program Files (x86)\Lenovo\Boot Optimizer\PopWnd.exe [206176 2011-11-05] (Lenovo)
HKLM\...\Run: [RtHDVBg_LENOVO_MICPKEY] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1381744 2014-04-30] (Realtek Semiconductor)
HKLM-x32\...\Run: [jmekey] => C:\Windows\jmesoft\hotkey.exe [118784 2011-03-21] (Lenovo)
HKLM-x32\...\Run: [jmesoft] => C:\Windows\jmesoft\ServiceLoader.exe [28672 2011-03-15] ()
HKLM-x32\...\Run: [CLMLServer] => C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc.exe [103720 2009-12-04] (CyberLink)
HKLM-x32\...\Run: [tvncontrol] => C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe [2327248 2014-05-05] (Comodo Security Solutions, Inc.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\ GbPluginUni-x32: C:\Program Files (x86)\GbPlugin\gbiehUni.dll (Banco Itaú Unibanco)
HKLM\...\Policies\Explorer: [LinkResolveIgnoreLinkInfo] 0
HKLM\...\Policies\Explorer: [NoResolveSearch] 1
HKU\S-1-5-21-651244756-2065235722-1491846433-1000\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\lnk_disabled ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Start GeekBuddy.lnk
ShortcutTarget: Start GeekBuddy.lnk -> C:\Program Files\COMODO\GeekBuddy\launcher.exe (Comodo Security Solutions, Inc.)
Startup: C:\Users\AP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\lnk_disabled ()

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
HKLM\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Secondary Start Pages = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
SearchScopes: HKLM - DefaultScope {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
SearchScopes: HKLM - {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
SearchScopes: HKLM-x32 - {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
SearchScopes: HKCU - DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
SearchScopes: HKCU - {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
SearchScopes: HKCU - {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
SearchScopes: HKCU - {D6C939E6-CC2D-4025-88CC-904CF475B929} URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
BHO: PrivDog Extension - {FB16E5C3-A9E2-47A2-8EFC-319E775E62CC} - C:\Program Files\AdTrustMedia\PrivDog\1.8.0.15\trustedads.dll (AdTrustMedia)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: GbIehObj Class - {C41A1C0E-EA6C-11D4-B1B8-444553540008} - C:\Program Files (x86)\GbPlugin\gbiehUni.dll (Banco Itaú Unibanco)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: PrivDog Extension - {FB16E5C3-A9E2-47A2-8EFC-319E775E62CC} - C:\Program Files (x86)\AdTrustMedia\PrivDog\1.8.0.15\trustedads.dll No File
Handler-x32: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Filter: text/xml - {807553E5-5146-11D5-A672-00B0D022E945} - No File
ShellExecuteHooks-x32: GbPluginObj Class - {E37CB5F0-51F5-4395-A808-5FA49E399008} - C:\Program Files (x86)\GbPlugin\gbiehuni.dll [1513528 2013-11-22] (Banco Itaú Unibanco)
Tcpip\..\Interfaces\{BBB275CE-C972-4066-BAD9-135894EA5586}: [NameServer]8.26.56.26 156.154.70.22

FireFox:
========
FF ProfilePath: C:\Users\AP\AppData\Roaming\Mozilla\Firefox\Profiles\h0c8u7qe.default
FF NewTab: [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
FF SearchEngineOrder.1: Google
FF SelectedSearchEngine: Google
FF Homepage: [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
FF Keyword.URL: [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_214.dll ()
FF Plugin: @java.com/DTPlugin,version=10.9.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.9.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1210150.dll (Adobe Systems, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\AP\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\buscape.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\mercadolivre.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-br.xml
FF Extension: PrivDog - C:\Users\AP\AppData\Roaming\Mozilla\Firefox\Profiles\h0c8u7qe.default\Extensions\PrivDog@AdTrustMedia.com [2014-05-22]
FF Extension: Adblock Plus - C:\Users\AP\AppData\Roaming\Mozilla\Firefox\Profiles\h0c8u7qe.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-05-18]

==================== Services (Whitelisted) =================

R2 a2AntiMalware; C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe [4163584 2014-05-15] (Emsisoft GmbH)
R2 CLPSLauncher; C:\Program Files (x86)\Common Files\COMODO\launcher_service.exe [70864 2014-05-05] (Comodo Security Solutions, Inc.)
R2 DragonUpdater; C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe [2135232 2014-01-28] ()
R2 GbpSv; C:\Program Files (x86)\GbPlugin\GbpSv.exe [449592 2013-11-22] (GAS Tecnologia)
R2 GeekBuddyRSP; C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe [2327248 2014-05-05] (Comodo Security Solutions, Inc.)
R2 JME Keyboard; C:\Windows\jmesoft\Service.exe [32768 2011-03-15] ()
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation)
R2 pdserv; C:\Program Files\Bitdefender\60-Second Virus Scanner\pdscan.exe [1445424 2013-11-11] (Bitdefender)
S3 scan; C:\Windows\System32\svchost.exe [27136 2009-07-13] (Microsoft Corporation)
S2 WiseBootAssistant; C:\Users\AP\Desktop\Portable\Wise Care 365\BootTime.exe [X]

==================== Drivers (Whitelisted) ====================

S3 360AntiHacker; C:\Windows\System32\Drivers\360AntiHacker64.sys [97480 2013-11-27] (Qihu 360 Software Co., Ltd.)
S3 360AvFlt; C:\Windows\System32\DRIVERS\360AvFlt.sys [67272 2013-03-27] (Qihu 360 Software Co., Ltd.)
S3 360Camera; C:\Windows\System32\Drivers\360Camera64.sys [41152 2013-12-08] (Qihu 360 Software Co., Ltd.)
S3 a2acc; C:\PROGRAM FILES (X86)\EMSISOFT ANTI-MALWARE\a2accx64.sys [71472 2014-05-15] (Emsisoft GmbH)
R1 A2DDA; C:\Program Files (x86)\Emsisoft Anti-Malware\a2ddax64.sys [26176 2013-05-27] (Emsisoft GmbH)
S3 andnetadb; C:\Windows\System32\Drivers\lgandnetadb.sys [31744 2012-07-03] (Google Inc)
S3 AndNetDiag; C:\Windows\System32\DRIVERS\lgandnetdiag64.sys [29184 2012-07-03] (LG Electronics Inc.)
S3 ANDNetModem; C:\Windows\System32\DRIVERS\lgandnetmodem64.sys [36352 2012-07-03] (LG Electronics Inc.)
S3 andnetndis; C:\Windows\System32\DRIVERS\lgandnetndis64.sys [93184 2012-07-04] (LG Electronics Inc.)
R1 BTOWSFF; C:\Windows\System32\Drivers\BTOWSFF.sys [33024 2014-03-26] (Toolwiz.com)
R0 BTOWSVF; C:\Windows\System32\Drivers\BTOWSVF.sys [52480 2014-03-26] (Toolwiz.com)
R1 CFRMD; C:\Windows\System32\DRIVERS\CFRMD.sys [37976 2013-05-07] (Windows (R) Win 7 DDK provider)
S3 cleanhlp; C:\Program Files (x86)\Emsisoft Anti-Malware\cleanhlp64.sys [57024 2014-05-15] (Emsisoft GmbH)
R1 ElRawDisk; C:\Windows\system32\drivers\rsdrvx64.sys [26024 2009-02-12] (EldoS Corporation)
S3 gfiark; C:\Windows\System32\drivers\gfiark.sys [41032 2013-05-23] (ThreatTrack Security)
R1 GizmoDrv; C:\Windows\System32\Drivers\GizmoDrv.sys [34704 2012-07-12] (Arainia Solutions LLC)
R1 HMD; C:\Windows\System32\DRIVERS\hmd.sys [14888 2013-10-07] ()
R0 KSafeDISK; C:\Windows\System32\Drivers\KSafeDISK.sys [52992 2014-03-26] (Toolwiz.com)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-05-12] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [122584 2014-05-23] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-05-12] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [100312 2014-04-30] (Intel Corporation)
S0 hitmanpro37duringboot; system32\drivers\hitmanpro37.sys [X]

==================== NetSvcs (Whitelisted) ===================

==================== One Month Created Files and Folders ========

2014-05-23 12:47 - 2014-05-23 12:47 - 00014546 _____ () C:\Users\AP\Desktop\FRST.txt
2014-05-23 12:46 - 2014-05-23 12:47 - 00000000 ____D () C:\FRST
2014-05-23 12:44 - 2014-05-23 12:45 - 02067456 _____ (Farbar) C:\Users\AP\Desktop\FRST64.exe
2014-05-23 11:05 - 2014-05-23 12:32 - 00004980 _____ () C:\Windows\PFRO.log
2014-05-23 11:05 - 2014-05-23 12:32 - 00000168 _____ () C:\Windows\setupact.log
2014-05-23 11:05 - 2014-05-23 11:05 - 00000000 _____ () C:\Windows\setuperr.log
2014-05-23 00:20 - 2014-01-08 23:22 - 05694464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2014-05-23 00:20 - 2014-01-03 19:44 - 06574592 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2014-05-22 21:39 - 2014-05-23 12:30 - 00000000 ____D () C:\Users\AP\AppData\Roaming\ZHP
2014-05-22 21:39 - 2014-05-23 11:42 - 00000000 ____D () C:\Program Files (x86)\ZHPDiag
2014-05-22 21:39 - 2014-05-23 11:41 - 00001987 _____ () C:\Users\AP\Desktop\ZHPFix.lnk
2014-05-22 21:39 - 2014-05-23 11:41 - 00001860 _____ () C:\Users\AP\Desktop\ZHPDiag.lnk
2014-05-22 21:39 - 2014-05-23 11:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZHP
2014-05-22 20:41 - 2014-05-22 20:41 - 01016261 _____ (Thisisu) C:\Users\AP\Desktop\JRT.exe
2014-05-22 19:57 - 2014-05-22 19:57 - 00000000 ____D () C:\Windows\ERUNT
2014-05-22 19:14 - 2014-05-22 16:41 - 00024064 _____ () C:\Windows\zoek-delete.exe
2014-05-22 16:43 - 2014-05-22 16:32 - 00003418 _____ () C:\zoek-results2014-05-22-193218.log
2014-05-22 15:15 - 2014-05-22 19:16 - 00022230 _____ () C:\zoek-results.log
2014-05-22 15:13 - 2014-05-22 18:24 - 00000000 ____D () C:\zoek_backup
2014-05-22 15:10 - 2014-05-22 15:11 - 01285120 _____ () C:\Users\AP\Desktop\zoek.exe
2014-05-22 14:57 - 2014-05-22 14:57 - 01326389 _____ () C:\Users\AP\Desktop\AdwCleaner.exe
2014-05-22 13:39 - 2014-05-22 13:40 - 00388608 _____ (Trend Micro Inc.) C:\Users\AP\Desktop\HijackThis.exe
2014-05-22 12:05 - 2014-05-22 12:05 - 00000000 ____D () C:\Users\Todos os Usuários\Kaspersky Lab
2014-05-22 12:05 - 2014-05-22 12:05 - 00000000 ____D () C:\ProgramData\Kaspersky Lab
2014-05-22 11:54 - 2014-05-22 11:54 - 00000000 ____D () C:\TDSSKiller_Quarantine
2014-05-22 11:32 - 2014-05-22 11:46 - 137816584 _____ () C:\Users\AP\Desktop\setup_11.0.1.1245.x01_2014_05_22_08_37.exe
2014-05-22 11:32 - 2014-04-30 09:26 - 00000000 ____D () C:\Users\AP\Desktop\TDSSKiller
2014-05-22 10:49 - 2013-10-01 23:22 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\TsUsbFlt.sys
2014-05-22 10:49 - 2013-10-01 23:11 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2014-05-22 10:49 - 2013-10-01 23:08 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2014-05-22 10:49 - 2013-10-01 22:48 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\MsRdpWebAccess.dll
2014-05-22 10:49 - 2013-10-01 22:48 - 00018944 _____ (Microsoft Corporation) C:\Windows\system32\wksprtPS.dll
2014-05-22 10:49 - 2013-10-01 22:29 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2014-05-22 10:49 - 2013-10-01 22:10 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbGDCoInstaller.dll
2014-05-22 10:49 - 2013-10-01 21:15 - 01057280 _____ (Microsoft Corporation) C:\Windows\system32\rdvidcrl.dll
2014-05-22 10:49 - 2013-10-01 21:14 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MsRdpWebAccess.dll
2014-05-22 10:49 - 2013-10-01 21:14 - 00017920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wksprtPS.dll
2014-05-22 10:49 - 2013-10-01 21:08 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2014-05-22 10:49 - 2013-10-01 21:01 - 00420864 _____ (Microsoft Corporation) C:\Windows\system32\wksprt.exe
2014-05-22 10:49 - 2013-10-01 20:58 - 00053248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2014-05-22 10:49 - 2013-10-01 20:31 - 01147392 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2014-05-22 10:49 - 2013-10-01 20:08 - 00855552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdvidcrl.dll
2014-05-22 10:49 - 2013-10-01 19:34 - 01068544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe
2014-05-22 10:49 - 2012-08-23 11:13 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2014-05-22 10:49 - 2012-08-23 11:10 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpvideominiport.sys
2014-05-22 10:49 - 2012-08-23 11:08 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\TsUsbGD.sys
2014-05-22 10:49 - 2012-08-23 10:24 - 00015360 _____ (Microsoft Corporation) C:\Windows\system32\RdpGroupPolicyExtension.dll
2014-05-22 10:49 - 2012-08-23 08:12 - 00192000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpendp_winip.dll
2014-05-22 10:49 - 2012-08-23 07:51 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\rdpendp_winip.dll
2014-05-22 10:49 - 2012-08-23 06:51 - 03174912 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2014-05-22 10:48 - 2013-09-24 23:23 - 01030144 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll
2014-05-22 10:48 - 2013-09-24 22:57 - 00792576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSWorkspace.dll
2014-05-22 10:48 - 2012-05-04 08:00 - 00366592 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2014-05-22 10:48 - 2012-05-04 06:59 - 00514560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2014-05-22 10:44 - 2014-05-22 10:44 - 00050805 _____ () C:\Users\Todos os Usuários\1400766204.bdinstall.bin
2014-05-22 10:44 - 2014-05-22 10:44 - 00050805 _____ () C:\ProgramData\1400766204.bdinstall.bin
2014-05-22 10:44 - 2014-05-22 10:44 - 00000000 ____D () C:\Users\Todos os Usuários\Bitdefender
2014-05-22 10:44 - 2014-05-22 10:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bitdefender 60-Second Virus Scanner
2014-05-22 10:44 - 2014-05-22 10:44 - 00000000 ____D () C:\ProgramData\Bitdefender
2014-05-22 10:44 - 2014-05-22 10:44 - 00000000 ____D () C:\Program Files\Bitdefender
2014-05-22 00:59 - 2014-05-22 00:59 - 00026624 _____ () C:\Windows\SysWOW64\Drivers\fsbts.sys
2014-05-21 23:07 - 2014-05-21 23:07 - 00000000 ____D () C:\Program Files\AdTrustMedia
2014-05-21 23:06 - 2014-05-22 21:45 - 00000000 ____D () C:\Program Files\COMODO
2014-05-21 23:06 - 2014-05-22 21:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Comodo
2014-05-21 23:06 - 2014-05-22 01:12 - 00002013 _____ () C:\Users\Public\Desktop\GeekBuddy.lnk
2014-05-21 23:06 - 2014-05-21 23:06 - 00057096 _____ (COMODO CA Limited) C:\Windows\system32\certsentry.dll
2014-05-21 23:06 - 2014-05-21 23:06 - 00048392 _____ (COMODO CA Limited) C:\Windows\SysWOW64\certsentry.dll
2014-05-21 23:06 - 2014-05-21 23:06 - 00001116 _____ () C:\Users\Public\Desktop\Comodo Dragon.lnk
2014-05-21 23:06 - 2014-05-21 23:06 - 00000000 ____D () C:\Users\AP\AppData\Local\Comodo
2014-05-21 23:06 - 2014-05-21 23:06 - 00000000 ____D () C:\Program Files (x86)\Comodo
2014-05-21 23:05 - 2014-05-22 21:45 - 00000000 ____D () C:\Users\Todos os Usuários\Comodo
2014-05-21 23:05 - 2014-05-22 21:45 - 00000000 ____D () C:\ProgramData\Comodo
2014-05-21 21:00 - 2014-05-22 03:12 - 00000000 ____D () C:\Users\AP\Doctor Web
2014-05-21 20:38 - 2014-05-21 20:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Soft4Boost
2014-05-21 20:38 - 2014-05-21 20:38 - 00000000 ____D () C:\Program Files (x86)\Soft4Boost
2014-05-21 20:33 - 2014-05-21 21:00 - 00000000 ____D () C:\Program Files\stinger
2014-05-21 20:33 - 2014-05-21 20:44 - 00000104 ___RH () C:\Users\AP\Desktop\Stinger.opt
2014-05-21 20:32 - 2014-05-21 20:32 - 00022312 _____ (EldoS Corporation) C:\Windows\SysWOW64\Drivers\rsdrv.sys
2014-05-21 20:31 - 2014-05-21 20:31 - 00000000 ____D () C:\Users\Todos os Usuários\Licenses
2014-05-21 20:31 - 2014-05-21 20:31 - 00000000 ____D () C:\ProgramData\Licenses
2014-05-21 20:31 - 2009-02-12 15:11 - 00026024 _____ (EldoS Corporation) C:\Windows\system32\Drivers\rsdrvx64.sys
2014-05-21 20:28 - 2014-05-21 20:46 - 149398168 _____ () C:\Users\AP\Desktop\cwxjbyja.exe
2014-05-21 08:41 - 2014-05-21 08:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-05-21 08:41 - 2014-05-21 08:41 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-05-21 08:41 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-05-21 08:41 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-05-21 08:41 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-05-20 11:12 - 2014-05-20 11:12 - 00000000 ____D () C:\SUPERDelete
2014-05-20 10:36 - 2014-05-23 12:36 - 00274186 _____ () C:\Windows\WindowsUpdate.log
2014-05-19 21:57 - 2014-05-21 21:18 - 00065968 _____ () C:\Users\AP\AppData\Local\GDIPFONTCACHEV1.DAT
2014-05-18 13:55 - 2014-05-19 21:33 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-05-18 13:55 - 2014-05-18 13:55 - 00000000 ____D () C:\Users\AP\AppData\Roaming\Mozilla
2014-05-18 13:55 - 2014-05-18 13:55 - 00000000 ____D () C:\Users\AP\AppData\Local\Mozilla
2014-05-18 13:55 - 2014-05-18 13:55 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-05-18 12:41 - 2014-05-18 13:11 - 00000000 ____D () C:\Program Files\MyDefrag v4.3.1
2014-05-18 12:41 - 2014-05-18 12:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MyDefrag v4.3.1
2014-05-18 12:41 - 2010-05-21 12:11 - 01147392 _____ (J.C. Kessels) C:\Windows\system32\MyDefragScreenSaver_v4.3.1.exe
2014-05-18 12:41 - 2010-05-21 12:11 - 00485376 _____ (J.C. Kessels) C:\Windows\system32\MyDefragScreenSaver_v4.3.1.scr
2014-05-18 00:50 - 2014-05-22 14:59 - 00000000 ____D () C:\AdwCleaner
2014-05-18 00:50 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
2014-05-18 00:31 - 2013-05-23 08:39 - 00041032 _____ (ThreatTrack Security) C:\Windows\system32\Drivers\gfiark.sys
2014-05-18 00:14 - 2014-01-22 11:34 - 00047496 _____ (GFI Software) C:\Windows\system32\sbbd.exe
2014-05-18 00:06 - 2014-05-18 00:06 - 00097658 _____ () C:\Users\Todos os Usuários\1400382324.bdinstall.bin
2014-05-18 00:06 - 2014-05-18 00:06 - 00097658 _____ () C:\ProgramData\1400382324.bdinstall.bin
2014-05-18 00:05 - 2014-05-18 00:05 - 00037842 _____ () C:\Users\Todos os Usuários\1400382321.bdinstall.bin
2014-05-18 00:05 - 2014-05-18 00:05 - 00037842 _____ () C:\ProgramData\1400382321.bdinstall.bin
2014-05-17 19:11 - 2014-05-17 19:17 - 00000000 ____D () C:\Users\AP\AppData\Roaming\Winyl
2014-05-17 19:11 - 2014-05-17 19:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Winyl
2014-05-17 19:11 - 2014-05-17 19:11 - 00000000 ____D () C:\Program Files (x86)\Winyl
2014-05-17 18:16 - 2014-05-17 18:16 - 00032296 _____ () C:\Users\Todos os Usuários\1400361380.bdinstall.bin
2014-05-17 18:16 - 2014-05-17 18:16 - 00032296 _____ () C:\ProgramData\1400361380.bdinstall.bin
2014-05-17 17:59 - 2014-05-17 17:59 - 00202986 _____ () C:\Users\Todos os Usuários\1400360224.bdinstall.bin
2014-05-17 17:59 - 2014-05-17 17:59 - 00202986 _____ () C:\ProgramData\1400360224.bdinstall.bin
2014-05-17 17:59 - 2012-11-02 14:17 - 00261056 _____ (BitDefender) C:\Windows\system32\Drivers\avchv.sys
2014-05-17 17:59 - 2009-07-15 01:21 - 01721576 _____ (Microsoft Corporation) C:\Windows\system32\WdfCoInstaller01009.dll
2014-05-17 17:57 - 2014-05-17 17:57 - 00000000 ____D () C:\Users\AP\AppData\Roaming\QuickScan
2014-05-17 17:54 - 2014-05-17 17:54 - 00051825 _____ () C:\Users\Todos os Usuários\1400360009.bdinstall.bin
2014-05-17 17:54 - 2014-05-17 17:54 - 00051825 _____ () C:\ProgramData\1400360009.bdinstall.bin
2014-05-17 13:50 - 2014-05-17 13:50 - 06169608 _____ (Geek Uninstaller) C:\Users\AP\Desktop\geek.exe
2014-05-16 14:04 - 2014-05-16 14:04 - 17938608 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2014-05-15 23:50 - 2014-05-15 23:50 - 00000000 ____D () C:\Users\AP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MediaCoder x64
2014-05-15 23:50 - 2014-05-15 23:50 - 00000000 ____D () C:\Users\AP\AppData\Roaming\Mediatronic
2014-05-15 23:50 - 2014-05-15 23:50 - 00000000 ____D () C:\Program Files\MediaCoder
2014-05-15 15:10 - 2014-05-15 15:10 - 00000712 _____ () C:\EamClean.log
2014-05-15 09:18 - 2014-05-21 23:14 - 00293704 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-05-15 08:56 - 2014-05-15 08:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HitmanPro
2014-05-15 08:55 - 2014-05-15 09:15 - 00000000 ____D () C:\Users\Todos os Usuários\HitmanPro
2014-05-15 08:55 - 2014-05-15 09:15 - 00000000 ____D () C:\ProgramData\HitmanPro
2014-05-15 08:55 - 2014-05-15 09:15 - 00000000 ____D () C:\Program Files\HitmanPro
2014-05-15 07:41 - 2014-05-15 07:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BurnAware Free
2014-05-15 07:41 - 2014-05-15 07:41 - 00000000 ____D () C:\Program Files (x86)\BurnAware Free
2014-05-15 03:03 - 2014-05-06 01:40 - 23544320 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-15 03:03 - 2014-05-06 01:17 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-15 03:03 - 2014-05-06 00:25 - 17382912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-05-15 03:03 - 2014-05-06 00:07 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-05-15 03:03 - 2014-05-06 00:00 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-05-15 03:03 - 2014-05-05 23:10 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-05-14 20:33 - 2014-05-14 20:33 - 00000000 ____D () C:\Users\Todos os Usuários\Pivot Animator
2014-05-14 20:33 - 2014-05-14 20:33 - 00000000 ____D () C:\ProgramData\Pivot Animator
2014-05-14 20:32 - 2014-05-14 20:32 - 00001030 _____ () C:\Users\Public\Desktop\Pivot Animator.lnk
2014-05-14 20:32 - 2014-05-14 20:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pivot Animator
2014-05-14 20:32 - 2014-05-14 20:32 - 00000000 ____D () C:\Program Files (x86)\Pivot Animator
2014-05-14 12:58 - 2014-05-09 03:14 - 00477184 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-05-14 12:58 - 2014-05-09 03:11 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-05-14 12:58 - 2014-04-11 23:22 - 00155072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-05-14 12:58 - 2014-04-11 23:22 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2014-05-14 12:58 - 2014-04-11 23:19 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-05-14 12:58 - 2014-04-11 23:19 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2014-05-14 12:58 - 2014-04-11 23:19 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2014-05-14 12:58 - 2014-04-11 23:19 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2014-05-14 12:58 - 2014-04-11 23:19 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2014-05-14 12:58 - 2014-04-11 23:12 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-05-14 12:58 - 2014-04-11 23:10 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-05-14 12:58 - 2014-03-24 23:43 - 14175744 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-05-14 12:58 - 2014-03-24 23:09 - 12874240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-05-14 12:58 - 2014-03-04 06:47 - 05550016 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-05-14 12:58 - 2014-03-04 06:44 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-05-14 12:58 - 2014-03-04 06:44 - 00722944 _____ (Microsoft Corporation) C:\Windows\system32\objsel.dll
2014-05-14 12:58 - 2014-03-04 06:44 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2014-05-14 12:58 - 2014-03-04 06:44 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-05-14 12:58 - 2014-03-04 06:44 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-05-14 12:58 - 2014-03-04 06:44 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-05-14 12:58 - 2014-03-04 06:44 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-05-14 12:58 - 2014-03-04 06:44 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\wincredprovider.dll
2014-05-14 12:58 - 2014-03-04 06:43 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2014-05-14 12:58 - 2014-03-04 06:43 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\cngprovider.dll
2014-05-14 12:58 - 2014-03-04 06:43 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\adprovider.dll
2014-05-14 12:58 - 2014-03-04 06:43 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\capiprovider.dll
2014-05-14 12:58 - 2014-03-04 06:43 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\dpapiprovider.dll
2014-05-14 12:58 - 2014-03-04 06:43 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\dimsroam.dll
2014-05-14 12:58 - 2014-03-04 06:43 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-05-14 12:58 - 2014-03-04 06:20 - 03969984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2014-05-14 12:58 - 2014-03-04 06:20 - 03914176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2014-05-14 12:58 - 2014-03-04 06:17 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-05-14 12:58 - 2014-03-04 06:17 - 00538112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\objsel.dll
2014-05-14 12:58 - 2014-03-04 06:17 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2014-05-14 12:58 - 2014-03-04 06:17 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-05-14 12:58 - 2014-03-04 06:17 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2014-05-14 12:58 - 2014-03-04 06:17 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-05-14 12:58 - 2014-03-04 06:17 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cngprovider.dll
2014-05-14 12:58 - 2014-03-04 06:17 - 00049664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adprovider.dll
2014-05-14 12:58 - 2014-03-04 06:17 - 00048128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\capiprovider.dll
2014-05-14 12:58 - 2014-03-04 06:17 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpapiprovider.dll
2014-05-14 12:58 - 2014-03-04 06:17 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dimsroam.dll
2014-05-14 12:58 - 2014-03-04 06:17 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wincredprovider.dll
2014-05-14 12:58 - 2014-03-04 06:17 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-05-14 12:58 - 2014-03-04 06:16 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2014-05-13 14:33 - 2014-05-13 14:33 - 00004420 _____ () C:\Users\AP\Documents\batalha epica.piv
2014-05-06 13:00 - 2014-05-15 03:22 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-04-30 08:22 - 2014-04-30 08:22 - 00494864 _____ (Intel Corporation) C:\Windows\system32\Drivers\e1c62x64.sys
2014-04-30 08:22 - 2014-04-30 08:22 - 00089888 _____ (Intel Corporation) C:\Windows\system32\NicInstC.dll
2014-04-30 08:22 - 2014-04-30 08:22 - 00073480 _____ (Intel Corporation) C:\Windows\system32\e1cmsg.dll
2014-04-30 08:22 - 2014-04-30 08:22 - 00003114 _____ () C:\Windows\system32\e1c62x64.din
2014-04-30 08:20 - 2014-04-30 08:20 - 56270848 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoRes64.dat
2014-04-30 08:20 - 2014-04-30 08:20 - 28310104 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioVnA64.dll
2014-04-30 08:20 - 2014-04-30 08:20 - 14737496 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioRealtek64.dll
2014-04-30 08:20 - 2014-04-30 08:20 - 12793944 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVoiceAPO3064.dll
2014-04-30 08:20 - 2014-04-30 08:20 - 05804772 _____ () C:\Windows\system32\Drivers\rtvienna.dat
2014-04-30 08:20 - 2014-04-30 08:20 - 03923032 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioVnN64.dll
2014-04-30 08:20 - 2014-04-30 08:20 - 03872984 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTKVHD64.sys
2014-04-30 08:20 - 2014-04-30 08:20 - 02792152 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkAPO64.dll
2014-04-30 08:20 - 2014-04-30 08:20 - 02770976 _____ (Fortemedia Corporation) C:\Windows\system32\FMAPO64.dll
2014-04-30 08:20 - 2014-04-30 08:20 - 02319960 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO6064.dll
2014-04-30 08:20 - 2014-04-30 08:20 - 02157704 _____ (Yamaha Corporation) C:\Windows\system32\YamahaAE.dll
2014-04-30 08:20 - 2014-04-30 08:20 - 02101848 _____ (Waves Audio Ltd.) C:\Windows\system32\WavesGUILib64.dll
2014-04-30 08:20 - 2014-04-30 08:20 - 02037336 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioEQ64.dll
2014-04-30 08:20 - 2014-04-30 08:20 - 01932888 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioRealtek264.dll
2014-04-30 08:20 - 2014-04-30 08:20 - 01419376 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO5064.dll
2014-04-30 08:20 - 2014-04-30 08:20 - 01419376 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO4064.dll
2014-04-30 08:20 - 2014-04-30 08:20 - 01313904 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxSpeechAPO64.dll
2014-04-30 08:20 - 2014-04-30 08:20 - 01286872 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTCOM64.dll
2014-04-30 08:20 - 2014-04-30 08:20 - 01033304 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPOShell64.dll
2014-04-30 08:20 - 2014-04-30 08:20 - 01024216 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkApi64.dll
2014-04-30 08:20 - 2014-04-30 08:20 - 00946392 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoInstII64.dll
2014-04-30 08:20 - 2014-04-30 08:20 - 00938608 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVoiceAPO2064.dll
2014-04-30 08:20 - 2014-04-30 08:20 - 00757301 _____ () C:\Windows\system32\Drivers\RTAIODAT.DAT
2014-04-30 08:20 - 2014-04-30 08:20 - 00624344 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtDataProc64.dll
2014-04-30 08:19 - 2014-04-30 08:19 - 13031424 _____ (Intel Corporation) C:\Windows\system32\ig4icd64.dll
2014-04-30 08:19 - 2014-04-30 08:19 - 12859392 _____ (Intel Corporation) C:\Windows\system32\igd10umd64.dll
2014-04-30 08:19 - 2014-04-30 08:19 - 12617728 _____ (Intel Corporation) C:\Windows\system32\igdumd64.dll
2014-04-30 08:19 - 2014-04-30 08:19 - 11176448 _____ (Intel Corporation) C:\Windows\SysWOW64\igd10umd32.dll
2014-04-30 08:19 - 2014-04-30 08:19 - 11049984 _____ (Intel Corporation) C:\Windows\SysWOW64\igdumd32.dll
2014-04-30 08:19 - 2014-04-30 08:19 - 10812928 _____ (Intel Corporation) C:\Windows\SysWOW64\ig4icd32.dll
2014-04-30 08:19 - 2014-04-30 08:19 - 05904880 _____ (Intel Corporation) C:\Windows\system32\GfxUI.exe
2014-04-30 08:19 - 2014-04-30 08:19 - 05363520 _____ (Intel Corporation) C:\Windows\system32\Drivers\igdkmd64.sys
2014-04-30 08:19 - 2014-04-30 08:19 - 00515568 _____ (Intel Corporation) C:\Windows\system32\igfxsrvc.exe
2014-04-30 08:19 - 2014-04-30 08:19 - 00442880 _____ (Intel Corporation) C:\Windows\system32\igfxdev.dll
2014-04-30 08:19 - 2014-04-30 08:19 - 00442352 _____ (Intel Corporation) C:\Windows\system32\igfxpers.exe
2014-04-30 08:19 - 2014-04-30 08:19 - 00440320 _____ (Intel Corporation) C:\Windows\system32\igfxrell.lrc
2014-04-30 08:19 - 2014-04-30 08:19 - 00439808 _____ (Intel Corporation) C:\Windows\system32\igfxrfra.lrc
2014-04-30 08:19 - 2014-04-30 08:19 - 00439808 _____ (Intel Corporation) C:\Windows\system32\igfxresn.lrc
2014-04-30 08:19 - 2014-04-30 08:19 - 00439296 _____ (Intel Corporation) C:\Windows\system32\igfxrrus.lrc
2014-04-30 08:19 - 2014-04-30 08:19 - 00439296 _____ (Intel Corporation) C:\Windows\system32\igfxrrom.lrc
2014-04-30 08:19 - 2014-04-30 08:19 - 00438784 _____ (Intel Corporation) C:\Windows\system32\igfxrsky.lrc
2014-04-30 08:19 - 2014-04-30 08:19 - 00438784 _____ (Intel Corporation) C:\Windows\system32\igfxrptg.lrc
2014-04-30 08:19 - 2014-04-30 08:19 - 00438784 _____ (Intel Corporation) C:\Windows\system32\igfxrplk.lrc
2014-04-30 08:19 - 2014-04-30 08:19 - 00438784 _____ (Intel Corporation) C:\Windows\system32\igfxrnld.lrc
2014-04-30 08:19 - 2014-04-30 08:19 - 00438784 _____ (Intel Corporation) C:\Windows\system32\igfxrita.lrc
2014-04-30 08:19 - 2014-04-30 08:19 - 00438784 _____ (Intel Corporation) C:\Windows\system32\igfxrhrv.lrc
2014-04-30 08:19 - 2014-04-30 08:19 - 00438784 _____ (Intel Corporation) C:\Windows\system32\igfxrdeu.lrc
2014-04-30 08:19 - 2014-04-30 08:19 - 00438272 _____ (Intel Corporation) C:\Windows\system32\igfxrhun.lrc
2014-04-30 08:19 - 2014-04-30 08:19 - 00438272 _____ (Intel Corporation) C:\Windows\system32\igfxrfin.lrc
2014-04-30 08:19 - 2014-04-30 08:19 - 00438272 _____ (Intel Corporation) C:\Windows\system32\igfxrcsy.lrc
2014-04-30 08:19 - 2014-04-30 08:19 - 00437760 _____ (Intel Corporation) C:\Windows\system32\igfxrtrk.lrc
2014-04-30 08:19 - 2014-04-30 08:19 - 00437760 _____ (Intel Corporation) C:\Windows\system32\igfxrsve.lrc
2014-04-30 08:19 - 2014-04-30 08:19 - 00437760 _____ (Intel Corporation) C:\Windows\system32\igfxrslv.lrc
2014-04-30 08:19 - 2014-04-30 08:19 - 00437760 _____ (Intel Corporation) C:\Windows\system32\igfxrptb.lrc
2014-04-30 08:19 - 2014-04-30 08:19 - 00437760 _____ (Intel Corporation) C:\Windows\system32\igfxrnor.lrc
2014-04-30 08:19 - 2014-04-30 08:19 - 00437248 _____ (Intel Corporation) C:\Windows\system32\igfxrtha.lrc
2014-04-30 08:19 - 2014-04-30 08:19 - 00437248 _____ (Intel Corporation) C:\Windows\system32\igfxrdan.lrc
2014-04-30 08:19 - 2014-04-30 08:19 - 00435712 _____ (Intel Corporation) C:\Windows\system32\igfxrheb.lrc
2014-04-30 08:19 - 2014-04-30 08:19 - 00435712 _____ (Intel Corporation) C:\Windows\system32\igfxrara.lrc
2014-04-30 08:19 - 2014-04-30 08:19 - 00432128 _____ (Intel Corporation) C:\Windows\system32\igfxrjpn.lrc
2014-04-30 08:19 - 2014-04-30 08:19 - 00431104 _____ (Intel Corporation) C:\Windows\system32\igfxrkor.lrc
2014-04-30 08:19 - 2014-04-30 08:19 - 00429056 _____ (Intel Corporation) C:\Windows\system32\igfxrcht.lrc
2014-04-30 08:19 - 2014-04-30 08:19 - 00428544 _____ (Intel Corporation) C:\Windows\system32\igfxrchs.lrc
2014-04-30 08:19 - 2014-04-30 08:19 - 00410624 _____ (Intel Corporation) C:\Windows\system32\igfxTMM.dll
2014-04-30 08:19 - 2014-04-30 08:19 - 00399856 _____ (Intel Corporation) C:\Windows\system32\hkcmd.exe
2014-04-30 08:19 - 2014-04-30 08:19 - 00384512 _____ (Intel Corporation) C:\Windows\system32\igfxpph.dll
2014-04-30 08:19 - 2014-04-30 08:19 - 00330752 _____ (Intel Corporation) C:\Windows\SysWOW64\igfxdv32.dll
2014-04-30 08:19 - 2014-04-30 08:19 - 00286208 _____ (Intel Corporation) C:\Windows\system32\igfxrenu.lrc
2014-04-30 08:19 - 2014-04-30 08:19 - 00279024 _____ (Intel Corporation) C:\Windows\SysWOW64\IntelCpHeciSvc.exe
2014-04-30 08:19 - 2014-04-30 08:19 - 00254960 _____ (Intel Corporation) C:\Windows\system32\igfxext.exe
2014-04-30 08:19 - 2014-04-30 08:19 - 00185840 _____ (Intel Corporation) C:\Windows\system32\difx64.exe
2014-04-30 08:19 - 2014-04-30 08:19 - 00175104 _____ (Intel Corporation) C:\Windows\system32\gfxSrvc.dll
2014-04-30 08:19 - 2014-04-30 08:19 - 00172016 _____ (Intel Corporation) C:\Windows\system32\igfxtray.exe
2014-04-30 08:19 - 2014-04-30 08:19 - 00142336 _____ (Intel Corporation) C:\Windows\system32\igfxdo.dll
2014-04-30 08:19 - 2014-04-30 08:19 - 00126976 _____ (Intel Corporation) C:\Windows\system32\igfxcpl.cpl
2014-04-30 08:19 - 2014-04-30 08:19 - 00116224 _____ (Intel Corporation) C:\Windows\system32\igfxCoIn_v3517.dll
2014-04-30 08:19 - 2014-04-30 08:19 - 00099328 _____ () C:\Windows\system32\igdde64.dll
2014-04-30 08:19 - 2014-04-30 08:19 - 00078848 _____ () C:\Windows\SysWOW64\igdde32.dll
2014-04-30 08:19 - 2014-04-30 08:19 - 00028672 _____ (Intel Corporation) C:\Windows\system32\igfxexps.dll
2014-04-30 08:19 - 2014-04-30 08:19 - 00025088 _____ (Intel Corporation) C:\Windows\SysWOW64\igfxexps32.dll
2014-04-30 08:19 - 2014-04-30 08:19 - 00017074 _____ () C:\Windows\system32\iglhxs64.vp
2014-04-30 08:19 - 2014-04-30 08:19 - 00009728 _____ ( ) C:\Windows\system32\IGFXDEVLib.dll
2014-04-30 08:18 - 2014-04-30 08:18 - 00100312 _____ (Intel Corporation) C:\Windows\system32\Drivers\TeeDriverx64.sys
2014-04-29 08:57 - 2014-04-29 08:57 - 00000000 ____D () C:\Users\Todos os Usuários\Lenovo
2014-04-29 08:57 - 2014-04-29 08:57 - 00000000 ____D () C:\ProgramData\Lenovo
2014-04-28 19:36 - 2014-04-28 19:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WolfQuest
2014-04-28 19:36 - 2014-04-28 19:36 - 00000000 ____D () C:\Program Files (x86)\WolfQuest
2014-04-23 20:36 - 2014-04-23 20:36 - 00000000 ____D () C:\Users\Todos os Usuários\Auslogics
2014-04-23 20:36 - 2014-04-23 20:36 - 00000000 ____D () C:\ProgramData\Auslogics

por Apsantos Sex 23 maio 2014, 12:55

==================== One Month Modified Files and Folders =======

2014-05-23 12:47 - 2014-05-23 12:47 - 00014546 _____ () C:\Users\AP\Desktop\FRST.txt
2014-05-23 12:47 - 2014-05-23 12:46 - 00000000 ____D () C:\FRST
2014-05-23 12:47 - 2014-04-11 09:45 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-05-23 12:45 - 2014-05-23 12:44 - 02067456 _____ (Farbar) C:\Users\AP\Desktop\FRST64.exe
2014-05-23 12:40 - 2009-07-14 01:45 - 00025760 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-05-23 12:40 - 2009-07-14 01:45 - 00025760 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-05-23 12:36 - 2014-05-20 10:36 - 00274186 _____ () C:\Windows\WindowsUpdate.log
2014-05-23 12:33 - 2011-11-05 02:53 - 00502088 _____ () C:\Windows\system32\fastboot.set
2014-05-23 12:32 - 2014-05-23 11:05 - 00004980 _____ () C:\Windows\PFRO.log
2014-05-23 12:32 - 2014-05-23 11:05 - 00000168 _____ () C:\Windows\setupact.log
2014-05-23 12:32 - 2014-02-24 12:54 - 00031088 _____ (GbPlugin NDIS Device Driver) C:\Windows\SysWOW64\Drivers\gbpndisrd.sys
2014-05-23 12:32 - 2014-02-24 12:54 - 00010266 _____ () C:\Windows\SysWOW64\Drivers\ndisrd.cat
2014-05-23 12:32 - 2014-02-24 12:54 - 00001402 _____ () C:\Windows\SysWOW64\Drivers\gas.cer
2014-05-23 12:32 - 2009-07-14 02:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-05-23 12:30 - 2014-05-22 21:39 - 00000000 ____D () C:\Users\AP\AppData\Roaming\ZHP
2014-05-23 12:02 - 2012-04-03 06:04 - 00000902 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-05-23 11:42 - 2014-05-22 21:39 - 00000000 ____D () C:\Program Files (x86)\ZHPDiag
2014-05-23 11:41 - 2014-05-22 21:39 - 00001987 _____ () C:\Users\AP\Desktop\ZHPFix.lnk
2014-05-23 11:41 - 2014-05-22 21:39 - 00001860 _____ () C:\Users\AP\Desktop\ZHPDiag.lnk
2014-05-23 11:41 - 2014-05-22 21:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZHP
2014-05-23 11:37 - 2013-05-26 12:07 - 00003840 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-05-23 11:05 - 2014-05-23 11:05 - 00000000 _____ () C:\Windows\setuperr.log
2014-05-22 22:17 - 2012-07-22 15:36 - 00000000 ____D () C:\Program Files (x86)\Everything
2014-05-22 21:45 - 2014-05-21 23:06 - 00000000 ____D () C:\Program Files\COMODO
2014-05-22 21:45 - 2014-05-21 23:05 - 00000000 ____D () C:\Users\Todos os Usuários\Comodo
2014-05-22 21:45 - 2014-05-21 23:05 - 00000000 ____D () C:\ProgramData\Comodo
2014-05-22 21:44 - 2014-05-21 23:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Comodo
2014-05-22 20:41 - 2014-05-22 20:41 - 01016261 _____ (Thisisu) C:\Users\AP\Desktop\JRT.exe
2014-05-22 19:57 - 2014-05-22 19:57 - 00000000 ____D () C:\Windows\ERUNT
2014-05-22 19:16 - 2014-05-22 15:15 - 00022230 _____ () C:\zoek-results.log
2014-05-22 18:24 - 2014-05-22 15:13 - 00000000 ____D () C:\zoek_backup
2014-05-22 16:41 - 2014-05-22 19:14 - 00024064 _____ () C:\Windows\zoek-delete.exe
2014-05-22 16:33 - 2014-02-04 10:36 - 00000000 _RSHD () C:\360SANDBOX
2014-05-22 16:32 - 2014-05-22 16:43 - 00003418 _____ () C:\zoek-results2014-05-22-193218.log
2014-05-22 16:31 - 2012-01-19 15:45 - 00000000 ____D () C:\Users\AP
2014-05-22 15:11 - 2014-05-22 15:10 - 01285120 _____ () C:\Users\AP\Desktop\zoek.exe
2014-05-22 14:59 - 2014-05-18 00:50 - 00000000 ____D () C:\AdwCleaner
2014-05-22 14:57 - 2014-05-22 14:57 - 01326389 _____ () C:\Users\AP\Desktop\AdwCleaner.exe
2014-05-22 13:40 - 2014-05-22 13:39 - 00388608 _____ (Trend Micro Inc.) C:\Users\AP\Desktop\HijackThis.exe
2014-05-22 13:38 - 2013-06-24 06:13 - 00000000 ___RD () C:\Users\AP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-05-22 12:05 - 2014-05-22 12:05 - 00000000 ____D () C:\Users\Todos os Usuários\Kaspersky Lab
2014-05-22 12:05 - 2014-05-22 12:05 - 00000000 ____D () C:\ProgramData\Kaspersky Lab
2014-05-22 11:54 - 2014-05-22 11:54 - 00000000 ____D () C:\TDSSKiller_Quarantine
2014-05-22 11:46 - 2014-05-22 11:32 - 137816584 _____ () C:\Users\AP\Desktop\setup_11.0.1.1245.x01_2014_05_22_08_37.exe
2014-05-22 10:53 - 2009-07-14 00:20 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2014-05-22 10:51 - 2009-07-14 00:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-05-22 10:44 - 2014-05-22 10:44 - 00050805 _____ () C:\Users\Todos os Usuários\1400766204.bdinstall.bin
2014-05-22 10:44 - 2014-05-22 10:44 - 00050805 _____ () C:\ProgramData\1400766204.bdinstall.bin
2014-05-22 10:44 - 2014-05-22 10:44 - 00000000 ____D () C:\Users\Todos os Usuários\Bitdefender
2014-05-22 10:44 - 2014-05-22 10:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bitdefender 60-Second Virus Scanner
2014-05-22 10:44 - 2014-05-22 10:44 - 00000000 ____D () C:\ProgramData\Bitdefender
2014-05-22 10:44 - 2014-05-22 10:44 - 00000000 ____D () C:\Program Files\Bitdefender
2014-05-22 03:48 - 2012-07-21 10:15 - 00000000 ____D () C:\Users\AP\AppData\Local\privazer
2014-05-22 03:12 - 2014-05-21 21:00 - 00000000 ____D () C:\Users\AP\Doctor Web
2014-05-22 03:12 - 2013-03-01 12:35 - 00000000 ____D () C:\Users\Public\Documents\Wondershare
2014-05-22 01:13 - 2012-03-02 10:03 - 00000000 ____D () C:\Users\AP\AppData\Local\Windows Live
2014-05-22 01:12 - 2014-05-21 23:06 - 00002013 _____ () C:\Users\Public\Desktop\GeekBuddy.lnk
2014-05-22 01:12 - 2009-07-14 00:20 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
2014-05-22 00:59 - 2014-05-22 00:59 - 00026624 _____ () C:\Windows\SysWOW64\Drivers\fsbts.sys
2014-05-21 23:38 - 2012-05-06 12:41 - 00000000 ____D () C:\Program Files (x86)\Emsisoft Anti-Malware
2014-05-21 23:26 - 2009-07-14 00:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-05-21 23:14 - 2014-05-15 09:18 - 00293704 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-05-21 23:08 - 2014-04-14 19:41 - 00000000 ____D () C:\Users\Convidado
2014-05-21 23:08 - 2014-04-14 19:41 - 00000000 ____D () C:\Users\Administrador
2014-05-21 23:07 - 2014-05-21 23:07 - 00000000 ____D () C:\Program Files\AdTrustMedia
2014-05-21 23:06 - 2014-05-21 23:06 - 00057096 _____ (COMODO CA Limited) C:\Windows\system32\certsentry.dll
2014-05-21 23:06 - 2014-05-21 23:06 - 00048392 _____ (COMODO CA Limited) C:\Windows\SysWOW64\certsentry.dll
2014-05-21 23:06 - 2014-05-21 23:06 - 00001116 _____ () C:\Users\Public\Desktop\Comodo Dragon.lnk
2014-05-21 23:06 - 2014-05-21 23:06 - 00000000 ____D () C:\Users\AP\AppData\Local\Comodo
2014-05-21 23:06 - 2014-05-21 23:06 - 00000000 ____D () C:\Program Files (x86)\Comodo
2014-05-21 22:29 - 2012-02-28 17:12 - 00000000 ____D () C:\Users\AP\AppData\Roaming\Macromedia
2014-05-21 21:18 - 2014-05-19 21:57 - 00065968 _____ () C:\Users\AP\AppData\Local\GDIPFONTCACHEV1.DAT
2014-05-21 21:00 - 2014-05-21 20:33 - 00000000 ____D () C:\Program Files\stinger
2014-05-21 20:46 - 2014-05-21 20:28 - 149398168 _____ () C:\Users\AP\Desktop\cwxjbyja.exe
2014-05-21 20:44 - 2014-05-21 20:33 - 00000104 ___RH () C:\Users\AP\Desktop\Stinger.opt
2014-05-21 20:38 - 2014-05-21 20:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Soft4Boost
2014-05-21 20:38 - 2014-05-21 20:38 - 00000000 ____D () C:\Program Files (x86)\Soft4Boost
2014-05-21 20:32 - 2014-05-21 20:32 - 00022312 _____ (EldoS Corporation) C:\Windows\SysWOW64\Drivers\rsdrv.sys
2014-05-21 20:32 - 2009-07-14 00:20 - 00000000 ____D () C:\Windows\security
2014-05-21 20:31 - 2014-05-21 20:31 - 00000000 ____D () C:\Users\Todos os Usuários\Licenses
2014-05-21 20:31 - 2014-05-21 20:31 - 00000000 ____D () C:\ProgramData\Licenses
2014-05-21 18:50 - 2012-03-18 23:12 - 00000000 ____D () C:\Users\Todos os Usuários\Soulseek
2014-05-21 18:50 - 2012-03-18 23:12 - 00000000 ____D () C:\ProgramData\Soulseek
2014-05-21 08:41 - 2014-05-21 08:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-05-21 08:41 - 2014-05-21 08:41 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-05-21 08:31 - 2014-04-14 19:41 - 00000000 ____D () C:\Users\Convidado\AppData\Local\Google
2014-05-21 08:31 - 2014-04-14 19:41 - 00000000 ____D () C:\Users\Administrador\AppData\Local\Google
2014-05-21 08:31 - 2012-10-25 23:15 - 00000000 ____D () C:\Users\AP\AppData\Local\Google
2014-05-20 23:55 - 2013-09-08 17:05 - 00000000 ____D () C:\Users\Todos os Usuários\IObit
2014-05-20 23:55 - 2013-09-08 17:05 - 00000000 ____D () C:\ProgramData\IObit
2014-05-20 11:17 - 2014-03-20 11:20 - 00000000 ____D () C:\Program Files (x86)\IObit
2014-05-20 11:12 - 2014-05-20 11:12 - 00000000 ____D () C:\SUPERDelete
2014-05-20 11:12 - 2013-09-08 17:05 - 00000000 ____D () C:\Users\AP\AppData\Roaming\IObit
2014-05-19 21:33 - 2014-05-18 13:55 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-05-18 13:55 - 2014-05-18 13:55 - 00000000 ____D () C:\Users\AP\AppData\Roaming\Mozilla
2014-05-18 13:55 - 2014-05-18 13:55 - 00000000 ____D () C:\Users\AP\AppData\Local\Mozilla
2014-05-18 13:55 - 2014-05-18 13:55 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-05-18 13:39 - 2013-04-05 14:19 - 00000000 ____D () C:\Users\AP\AppData\Roaming\Mp3tag
2014-05-18 13:11 - 2014-05-18 12:41 - 00000000 ____D () C:\Program Files\MyDefrag v4.3.1
2014-05-18 12:43 - 2013-04-06 19:56 - 00000000 ____D () C:\Program Files (x86)\Auslogics
2014-05-18 12:42 - 2012-07-17 21:36 - 00000000 ____D () C:\Users\AP\AppData\Roaming\Moonchild Productions
2014-05-18 12:41 - 2014-05-18 12:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MyDefrag v4.3.1
2014-05-18 00:06 - 2014-05-18 00:06 - 00097658 _____ () C:\Users\Todos os Usuários\1400382324.bdinstall.bin
2014-05-18 00:06 - 2014-05-18 00:06 - 00097658 _____ () C:\ProgramData\1400382324.bdinstall.bin
2014-05-18 00:05 - 2014-05-18 00:05 - 00037842 _____ () C:\Users\Todos os Usuários\1400382321.bdinstall.bin
2014-05-18 00:05 - 2014-05-18 00:05 - 00037842 _____ () C:\ProgramData\1400382321.bdinstall.bin
2014-05-17 19:17 - 2014-05-17 19:11 - 00000000 ____D () C:\Users\AP\AppData\Roaming\Winyl
2014-05-17 19:11 - 2014-05-17 19:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Winyl
2014-05-17 19:11 - 2014-05-17 19:11 - 00000000 ____D () C:\Program Files (x86)\Winyl
2014-05-17 18:16 - 2014-05-17 18:16 - 00032296 _____ () C:\Users\Todos os Usuários\1400361380.bdinstall.bin
2014-05-17 18:16 - 2014-05-17 18:16 - 00032296 _____ () C:\ProgramData\1400361380.bdinstall.bin
2014-05-17 17:59 - 2014-05-17 17:59 - 00202986 _____ () C:\Users\Todos os Usuários\1400360224.bdinstall.bin
2014-05-17 17:59 - 2014-05-17 17:59 - 00202986 _____ () C:\ProgramData\1400360224.bdinstall.bin
2014-05-17 17:57 - 2014-05-17 17:57 - 00000000 ____D () C:\Users\AP\AppData\Roaming\QuickScan
2014-05-17 17:54 - 2014-05-17 17:54 - 00051825 _____ () C:\Users\Todos os Usuários\1400360009.bdinstall.bin
2014-05-17 17:54 - 2014-05-17 17:54 - 00051825 _____ () C:\ProgramData\1400360009.bdinstall.bin
2014-05-17 13:50 - 2014-05-17 13:50 - 06169608 _____ (Geek Uninstaller) C:\Users\AP\Desktop\geek.exe
2014-05-16 14:04 - 2014-05-16 14:04 - 17938608 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2014-05-16 14:04 - 2012-04-03 06:04 - 00692400 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-05-16 14:04 - 2012-03-03 10:30 - 00070832 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-05-16 01:41 - 2009-07-14 00:20 - 00000000 ____D () C:\Windows\LiveKernelReports
2014-05-15 23:50 - 2014-05-15 23:50 - 00000000 ____D () C:\Users\AP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MediaCoder x64
2014-05-15 23:50 - 2014-05-15 23:50 - 00000000 ____D () C:\Users\AP\AppData\Roaming\Mediatronic
2014-05-15 23:50 - 2014-05-15 23:50 - 00000000 ____D () C:\Program Files\MediaCoder
2014-05-15 23:41 - 2013-05-12 12:58 - 00000000 ____D () C:\Users\AP\AppData\Roaming\Broad Intelligence
2014-05-15 22:25 - 2012-01-19 15:46 - 00001389 _____ () C:\Users\AP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-05-15 15:10 - 2014-05-15 15:10 - 00000712 _____ () C:\EamClean.log
2014-05-15 09:16 - 2013-08-28 23:16 - 00018248 _____ () C:\Windows\system32\.crusader
2014-05-15 09:15 - 2014-05-15 08:55 - 00000000 ____D () C:\Users\Todos os Usuários\HitmanPro
2014-05-15 09:15 - 2014-05-15 08:55 - 00000000 ____D () C:\ProgramData\HitmanPro
2014-05-15 09:15 - 2014-05-15 08:55 - 00000000 ____D () C:\Program Files\HitmanPro
2014-05-15 08:56 - 2014-05-15 08:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HitmanPro
2014-05-15 08:26 - 2013-07-18 03:01 - 00000000 ____D () C:\Windows\system32\MRT
2014-05-15 08:24 - 2012-03-09 13:20 - 93223848 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-05-15 08:08 - 2013-08-05 23:32 - 00000000 ____D () C:\Program Files (x86)\Wise
2014-05-15 07:41 - 2014-05-15 07:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BurnAware Free
2014-05-15 07:41 - 2014-05-15 07:41 - 00000000 ____D () C:\Program Files (x86)\BurnAware Free
2014-05-15 07:00 - 2012-01-19 15:46 - 00000000 ___RD () C:\Users\AP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-05-15 03:22 - 2014-05-06 13:00 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-05-14 20:33 - 2014-05-14 20:33 - 00000000 ____D () C:\Users\Todos os Usuários\Pivot Animator
2014-05-14 20:33 - 2014-05-14 20:33 - 00000000 ____D () C:\ProgramData\Pivot Animator
2014-05-14 20:32 - 2014-05-14 20:32 - 00001030 _____ () C:\Users\Public\Desktop\Pivot Animator.lnk
2014-05-14 20:32 - 2014-05-14 20:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pivot Animator
2014-05-14 20:32 - 2014-05-14 20:32 - 00000000 ____D () C:\Program Files (x86)\Pivot Animator
2014-05-13 14:33 - 2014-05-13 14:33 - 00004420 _____ () C:\Users\AP\Documents\batalha epica.piv
2014-05-12 07:26 - 2014-05-21 08:41 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-05-12 07:26 - 2014-05-21 08:41 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-05-12 07:25 - 2014-05-21 08:41 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-05-11 18:53 - 2012-05-17 12:14 - 00000000 ____D () C:\Users\AP\AppData\Local\CutePDF Writer
2014-05-09 03:14 - 2014-05-14 12:58 - 00477184 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-05-09 03:11 - 2014-05-14 12:58 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-05-08 21:31 - 2011-11-05 07:47 - 00705798 _____ () C:\Windows\system32\prfh0416.dat
2014-05-08 21:31 - 2011-11-05 07:47 - 00147638 _____ () C:\Windows\system32\prfc0416.dat
2014-05-08 21:31 - 2009-07-14 02:13 - 01635826 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-05-07 17:31 - 2013-12-01 09:55 - 00000047 _____ () C:\Archive.ini
2014-05-07 11:16 - 2014-03-13 17:00 - 00000822 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-05-07 11:16 - 2014-03-13 17:00 - 00000000 ____D () C:\Program Files\CCleaner
2014-05-07 00:28 - 2014-01-28 09:15 - 00000000 ____D () C:\Windows\System32\Tasks\NCH Software
2014-05-06 01:40 - 2014-05-15 03:03 - 23544320 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-06 01:17 - 2014-05-15 03:03 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-06 00:25 - 2014-05-15 03:03 - 17382912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-05-06 00:07 - 2014-05-15 03:03 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-05-06 00:00 - 2014-05-15 03:03 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-05-05 23:10 - 2014-05-15 03:03 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-05-03 10:47 - 2009-07-14 02:08 - 00032608 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-04-30 09:26 - 2014-05-22 11:32 - 00000000 ____D () C:\Users\AP\Desktop\TDSSKiller
2014-04-30 08:22 - 2014-04-30 08:22 - 00494864 _____ (Intel Corporation) C:\Windows\system32\Drivers\e1c62x64.sys
2014-04-30 08:22 - 2014-04-30 08:22 - 00089888 _____ (Intel Corporation) C:\Windows\system32\NicInstC.dll
2014-04-30 08:22 - 2014-04-30 08:22 - 00073480 _____ (Intel Corporation) C:\Windows\system32\e1cmsg.dll
2014-04-30 08:22 - 2014-04-30 08:22 - 00003114 _____ () C:\Windows\system32\e1c62x64.din
2014-04-30 08:21 - 2011-11-05 02:08 - 00000000 ____D () C:\Windows\SysWOW64\RTCOM
2014-04-30 08:20 - 2014-04-30 08:20 - 56270848 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoRes64.dat
2014-04-30 08:20 - 2014-04-30 08:20 - 28310104 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioVnA64.dll
2014-04-30 08:20 - 2014-04-30 08:20 - 14737496 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioRealtek64.dll
2014-04-30 08:20 - 2014-04-30 08:20 - 12793944 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVoiceAPO3064.dll
2014-04-30 08:20 - 2014-04-30 08:20 - 05804772 _____ () C:\Windows\system32\Drivers\rtvienna.dat
2014-04-30 08:20 - 2014-04-30 08:20 - 03923032 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioVnN64.dll
2014-04-30 08:20 - 2014-04-30 08:20 - 03872984 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTKVHD64.sys
2014-04-30 08:20 - 2014-04-30 08:20 - 02792152 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkAPO64.dll
2014-04-30 08:20 - 2014-04-30 08:20 - 02770976 _____ (Fortemedia Corporation) C:\Windows\system32\FMAPO64.dll
2014-04-30 08:20 - 2014-04-30 08:20 - 02319960 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO6064.dll
2014-04-30 08:20 - 2014-04-30 08:20 - 02157704 _____ (Yamaha Corporation) C:\Windows\system32\YamahaAE.dll
2014-04-30 08:20 - 2014-04-30 08:20 - 02101848 _____ (Waves Audio Ltd.) C:\Windows\system32\WavesGUILib64.dll
2014-04-30 08:20 - 2014-04-30 08:20 - 02037336 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioEQ64.dll
2014-04-30 08:20 - 2014-04-30 08:20 - 01932888 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioRealtek264.dll
2014-04-30 08:20 - 2014-04-30 08:20 - 01419376 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO5064.dll
2014-04-30 08:20 - 2014-04-30 08:20 - 01419376 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO4064.dll
2014-04-30 08:20 - 2014-04-30 08:20 - 01313904 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxSpeechAPO64.dll
2014-04-30 08:20 - 2014-04-30 08:20 - 01286872 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTCOM64.dll
2014-04-30 08:20 - 2014-04-30 08:20 - 01033304 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPOShell64.dll
2014-04-30 08:20 - 2014-04-30 08:20 - 01024216 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkApi64.dll
2014-04-30 08:20 - 2014-04-30 08:20 - 00946392 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoInstII64.dll
2014-04-30 08:20 - 2014-04-30 08:20 - 00938608 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVoiceAPO2064.dll
2014-04-30 08:20 - 2014-04-30 08:20 - 00757301 _____ () C:\Windows\system32\Drivers\RTAIODAT.DAT
2014-04-30 08:20 - 2014-04-30 08:20 - 00624344 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtDataProc64.dll
2014-04-30 08:19 - 2014-04-30 08:19 - 13031424 _____ (Intel Corporation) C:\Windows\system32\ig4icd64.dll
2014-04-30 08:19 - 2014-04-30 08:19 - 12859392 _____ (Intel Corporation) C:\Windows\system32\igd10umd64.dll
2014-04-30 08:19 - 2014-04-30 08:19 - 12617728 _____ (Intel Corporation) C:\Windows\system32\igdumd64.dll
2014-04-30 08:19 - 2014-04-30 08:19 - 11176448 _____ (Intel Corporation) C:\Windows\SysWOW64\igd10umd32.dll
2014-04-30 08:19 - 2014-04-30 08:19 - 11049984 _____ (Intel Corporation) C:\Windows\SysWOW64\igdumd32.dll
2014-04-30 08:19 - 2014-04-30 08:19 - 10812928 _____ (Intel Corporation) C:\Windows\SysWOW64\ig4icd32.dll
2014-04-30 08:19 - 2014-04-30 08:19 - 05904880 _____ (Intel Corporation) C:\Windows\system32\GfxUI.exe
2014-04-30 08:19 - 2014-04-30 08:19 - 05363520 _____ (Intel Corporation) C:\Windows\system32\Drivers\igdkmd64.sys
2014-04-30 08:19 - 2014-04-30 08:19 - 00515568 _____ (Intel Corporation) C:\Windows\system32\igfxsrvc.exe
2014-04-30 08:19 - 2014-04-30 08:19 - 00442880 _____ (Intel Corporation) C:\Windows\system32\igfxdev.dll
2014-04-30 08:19 - 2014-04-30 08:19 - 00442352 _____ (Intel Corporation) C:\Windows\system32\igfxpers.exe
2014-04-30 08:19 - 2014-04-30 08:19 - 00440320 _____ (Intel Corporation) C:\Windows\system32\igfxrell.lrc
2014-04-30 08:19 - 2014-04-30 08:19 - 00439808 _____ (Intel Corporation) C:\Windows\system32\igfxrfra.lrc
2014-04-30 08:19 - 2014-04-30 08:19 - 00439808 _____ (Intel Corporation) C:\Windows\system32\igfxresn.lrc
2014-04-30 08:19 - 2014-04-30 08:19 - 00439296 _____ (Intel Corporation) C:\Windows\system32\igfxrrus.lrc
2014-04-30 08:19 - 2014-04-30 08:19 - 00439296 _____ (Intel Corporation) C:\Windows\system32\igfxrrom.lrc
2014-04-30 08:19 - 2014-04-30 08:19 - 00438784 _____ (Intel Corporation) C:\Windows\system32\igfxrsky.lrc
2014-04-30 08:19 - 2014-04-30 08:19 - 00438784 _____ (Intel Corporation) C:\Windows\system32\igfxrptg.lrc
2014-04-30 08:19 - 2014-04-30 08:19 - 00438784 _____ (Intel Corporation) C:\Windows\system32\igfxrplk.lrc
2014-04-30 08:19 - 2014-04-30 08:19 - 00438784 _____ (Intel Corporation) C:\Windows\system32\igfxrnld.lrc
2014-04-30 08:19 - 2014-04-30 08:19 - 00438784 _____ (Intel Corporation) C:\Windows\system32\igfxrita.lrc
2014-04-30 08:19 - 2014-04-30 08:19 - 00438784 _____ (Intel Corporation) C:\Windows\system32\igfxrhrv.lrc
2014-04-30 08:19 - 2014-04-30 08:19 - 00438784 _____ (Intel Corporation) C:\Windows\system32\igfxrdeu.lrc
2014-04-30 08:19 - 2014-04-30 08:19 - 00438272 _____ (Intel Corporation) C:\Windows\system32\igfxrhun.lrc
2014-04-30 08:19 - 2014-04-30 08:19 - 00438272 _____ (Intel Corporation) C:\Windows\system32\igfxrfin.lrc
2014-04-30 08:19 - 2014-04-30 08:19 - 00438272 _____ (Intel Corporation) C:\Windows\system32\igfxrcsy.lrc
2014-04-30 08:19 - 2014-04-30 08:19 - 00437760 _____ (Intel Corporation) C:\Windows\system32\igfxrtrk.lrc
2014-04-30 08:19 - 2014-04-30 08:19 - 00437760 _____ (Intel Corporation) C:\Windows\system32\igfxrsve.lrc
2014-04-30 08:19 - 2014-04-30 08:19 - 00437760 _____ (Intel Corporation) C:\Windows\system32\igfxrslv.lrc
2014-04-30 08:19 - 2014-04-30 08:19 - 00437760 _____ (Intel Corporation) C:\Windows\system32\igfxrptb.lrc
2014-04-30 08:19 - 2014-04-30 08:19 - 00437760 _____ (Intel Corporation) C:\Windows\system32\igfxrnor.lrc
2014-04-30 08:19 - 2014-04-30 08:19 - 00437248 _____ (Intel Corporation) C:\Windows\system32\igfxrtha.lrc
2014-04-30 08:19 - 2014-04-30 08:19 - 00437248 _____ (Intel Corporation) C:\Windows\system32\igfxrdan.lrc
2014-04-30 08:19 - 2014-04-30 08:19 - 00435712 _____ (Intel Corporation) C:\Windows\system32\igfxrheb.lrc
2014-04-30 08:19 - 2014-04-30 08:19 - 00435712 _____ (Intel Corporation) C:\Windows\system32\igfxrara.lrc
2014-04-30 08:19 - 2014-04-30 08:19 - 00432128 _____ (Intel Corporation) C:\Windows\system32\igfxrjpn.lrc
2014-04-30 08:19 - 2014-04-30 08:19 - 00431104 _____ (Intel Corporation) C:\Windows\system32\igfxrkor.lrc
2014-04-30 08:19 - 2014-04-30 08:19 - 00429056 _____ (Intel Corporation) C:\Windows\system32\igfxrcht.lrc
2014-04-30 08:19 - 2014-04-30 08:19 - 00428544 _____ (Intel Corporation) C:\Windows\system32\igfxrchs.lrc
2014-04-30 08:19 - 2014-04-30 08:19 - 00410624 _____ (Intel Corporation) C:\Windows\system32\igfxTMM.dll
2014-04-30 08:19 - 2014-04-30 08:19 - 00399856 _____ (Intel Corporation) C:\Windows\system32\hkcmd.exe
2014-04-30 08:19 - 2014-04-30 08:19 - 00384512 _____ (Intel Corporation) C:\Windows\system32\igfxpph.dll
2014-04-30 08:19 - 2014-04-30 08:19 - 00330752 _____ (Intel Corporation) C:\Windows\SysWOW64\igfxdv32.dll
2014-04-30 08:19 - 2014-04-30 08:19 - 00286208 _____ (Intel Corporation) C:\Windows\system32\igfxrenu.lrc
2014-04-30 08:19 - 2014-04-30 08:19 - 00279024 _____ (Intel Corporation) C:\Windows\SysWOW64\IntelCpHeciSvc.exe
2014-04-30 08:19 - 2014-04-30 08:19 - 00254960 _____ (Intel Corporation) C:\Windows\system32\igfxext.exe
2014-04-30 08:19 - 2014-04-30 08:19 - 00185840 _____ (Intel Corporation) C:\Windows\system32\difx64.exe
2014-04-30 08:19 - 2014-04-30 08:19 - 00175104 _____ (Intel Corporation) C:\Windows\system32\gfxSrvc.dll
2014-04-30 08:19 - 2014-04-30 08:19 - 00172016 _____ (Intel Corporation) C:\Windows\system32\igfxtray.exe
2014-04-30 08:19 - 2014-04-30 08:19 - 00142336 _____ (Intel Corporation) C:\Windows\system32\igfxdo.dll
2014-04-30 08:19 - 2014-04-30 08:19 - 00126976 _____ (Intel Corporation) C:\Windows\system32\igfxcpl.cpl
2014-04-30 08:19 - 2014-04-30 08:19 - 00116224 _____ (Intel Corporation) C:\Windows\system32\igfxCoIn_v3517.dll
2014-04-30 08:19 - 2014-04-30 08:19 - 00099328 _____ () C:\Windows\system32\igdde64.dll
2014-04-30 08:19 - 2014-04-30 08:19 - 00078848 _____ () C:\Windows\SysWOW64\igdde32.dll
2014-04-30 08:19 - 2014-04-30 08:19 - 00028672 _____ (Intel Corporation) C:\Windows\system32\igfxexps.dll
2014-04-30 08:19 - 2014-04-30 08:19 - 00025088 _____ (Intel Corporation) C:\Windows\SysWOW64\igfxexps32.dll
2014-04-30 08:19 - 2014-04-30 08:19 - 00017074 _____ () C:\Windows\system32\iglhxs64.vp
2014-04-30 08:19 - 2014-04-30 08:19 - 00009728 _____ ( ) C:\Windows\system32\IGFXDEVLib.dll
2014-04-30 08:19 - 2011-07-19 00:26 - 09007616 _____ (Intel Corporation) C:\Windows\system32\igfxress.dll
2014-04-30 08:19 - 2011-07-19 00:26 - 00110592 _____ (Intel Corporation) C:\Windows\system32\hccutils.dll
2014-04-30 08:19 - 2011-07-19 00:26 - 00064000 _____ (Intel Corporation) C:\Windows\system32\igfxsrvc.dll
2014-04-30 08:18 - 2014-04-30 08:18 - 00100312 _____ (Intel Corporation) C:\Windows\system32\Drivers\TeeDriverx64.sys
2014-04-29 08:57 - 2014-04-29 08:57 - 00000000 ____D () C:\Users\Todos os Usuários\Lenovo
2014-04-29 08:57 - 2014-04-29 08:57 - 00000000 ____D () C:\ProgramData\Lenovo
2014-04-28 19:37 - 2014-04-28 19:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WolfQuest
2014-04-28 19:36 - 2014-04-28 19:36 - 00000000 ____D () C:\Program Files (x86)\WolfQuest
2014-04-23 20:36 - 2014-04-23 20:36 - 00000000 ____D () C:\Users\Todos os Usuários\Auslogics
2014-04-23 20:36 - 2014-04-23 20:36 - 00000000 ____D () C:\ProgramData\Auslogics
2014-04-23 20:36 - 2013-04-06 19:58 - 00000000 ____D () C:\Users\AP\AppData\Roaming\Auslogics
2014-04-23 19:16 - 2013-04-14 22:36 - 00000000 ____D () C:\Users\AP\.gstreamer-0.10

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

LastRegBack: 2012-07-08 13:39

==================== End Of Log ============================

por Apsantos Sex 23 maio 2014, 12:56

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 21-05-2014
Ran by AP at 2014-05-23 12:48:07
Running from C:\Users\AP\Desktop
Boot Mode: Normal
==========================================================

==================== Security Center ========================

AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

7-Zip 9.21 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0921-000001000000}) (Version: 9.21.00.0 - Igor Pavlov)
Adobe Flash Player 13 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 13.0.0.214 - Adobe Systems Incorporated)
Adobe Flash Player 13 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 13.0.0.214 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.0.150 - Adobe Systems, Inc.)
Bitdefender 60-Second Virus Scanner (HKLM\...\{CCEA2053-D975-4E38-AC09-4D5E6DAC6B6F}) (Version: 1.0.3.76 - Bitdefender)
BurnAware Free 7.0 (HKLM-x32\...\BurnAware Free_is1) (Version: - Burnaware)
CCleaner (HKLM\...\CCleaner) (Version: 4.13 - Piriform)
CDex - Open Source Digital Audio CD Extractor (HKLM-x32\...\CDex) (Version: 1.70.4.2009 - Georgy Berdyshev)
Comodo Dragon (HKLM-x32\...\Comodo Dragon) (Version: 31.1.0.0 - COMODO)
Controle ActiveX do Windows Live Mesh para Conexões Remotas (HKLM-x32\...\{39B3184E-0BFB-40FA-ADDC-E7E2D535CDA9}) (Version: 15.4.5722.2 - Microsoft Corporation)
CutePDF Writer 2.8 (HKLM\...\CutePDF Writer Installation) (Version: - )
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Daum PotPlayer 1.5.44465 x64 Edition (HKLM\...\PotPlayer64) (Version: - )
DiskMax 4.71 (HKLM\...\DiskMax) (Version: 4.71 - KoshyJohn.com)
Driver & Application Installation (HKLM-x32\...\{BFECCF2A-F094-4066-8BFA-29CCBB7F6602}) (Version: 6.01.0726 - Lenovo)
Driver Booster (HKLM-x32\...\Driver Booster_is1) (Version: 1.3 - IObit)
Emsisoft Anti-Malware (HKLM-x32\...\{BC30E5E7-047D-4232-A7E8-F2CB7CC7B2E0}_is1) (Version: 6.5 - Emsisoft GmbH)
Everything 1.2.1.371 (HKLM-x32\...\Everything) (Version: - )
GeekBuddy (HKLM\...\{6E2F0618-2867-4DA8-870B-3750588F06A6}) (Version: 4.12.99 - Comodo Security Solutions Inc)
HitmanPro 3.7 (HKLM\...\HitmanPro37) (Version: 3.7.9.216 - SurfRight B.V.)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1118 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.3517 - Intel Corporation)
Java 7 Update 55 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.550 - Oracle)
Java 7 Update 9 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417009FF}) (Version: 7.0.90 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Java(TM) SE Development Kit 6 Update 20 (HKLM-x32\...\{32A3A4F4-B792-11D6-A78A-00B0D0160200}) (Version: 1.6.0.200 - Sun Microsystems, Inc.)
JavaFX 2.1.1 (HKLM-x32\...\{1111706F-666A-4037-7777-211328764D10}) (Version: 2.1.1 - Oracle Corporation)
JavaFX(TM) 1.3 SDK (HKLM-x32\...\{5aa47dba-b584-4d47-a626-76e53f010300}) (Version: 1.3.0 - Sun Microsystems, Inc.)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version: - )
Lenovo EE Boot Optimizer (HKLM\...\Lenovo EE Boot Optimizer) (Version: 0.0.1.9 - Lenovo)
Lenovo Escolar (HKLM-x32\...\{D445A7B9-69A8-4860-95B9-BB957281D9A0}_is1) (Version: - Lenovo)
Lenovo Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.0.5317 - CyberLink Corp.)
Lenovo Power2Go (x32 Version: 6.0.5317 - CyberLink Corp.) Hidden
Lenovo PowerDVD10 (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.2927.52 - CyberLink Corp.)
Lenovo PowerDVD10 (x32 Version: 10.0.2927.52 - CyberLink Corp.) Hidden
Lenovo Rescue System (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 3.0.1409 - CyberLink Corp.)
Lenovo Rescue System (Version: 3.0.1409 - CyberLink Corp.) Hidden
Lenovo Tinian Fn PS/2 Keyboard Driver (HKLM-x32\...\{B266E062-D6C5-485B-B426-51B152B041A6}) (Version: V1.0.11.0321 - Lenovo)
LG United Mobile Drivers (HKLM-x32\...\{5DB849D6-9392-4FB7-9ABB-87ED433152E5}) (Version: 3.8.1 - LG Electronics)
LVT (HKLM-x32\...\{D3063097-EC84-4D21-84A4-9D852E974355}) (Version: 4.1.3.0309 - Lenovo)
Malwarebytes Anti-Malware versão 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
MediaCoder x64 0.8.30.5620 (HKLM\...\MediaCoder x64) (Version: 0.8.30.5620 - Mediatronic)
Medieval CUE Splitter (HKLM-x32\...\{B96D2269-568B-4CBF-9332-12FAE8B158F7}) (Version: 1.2.0 - Medieval Software)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (PTB) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Professional Edição 2003 (HKLM-x32\...\{90110416-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Monkey's Audio (HKLM-x32\...\Monkey's Audio_is1) (Version: - )
Mozilla Firefox 29.0.1 (x86 pt-BR) (HKLM-x32\...\Mozilla Firefox 29.0.1 (x86 pt-BR)) (Version: 29.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
Mp3tag v2.58 (HKLM-x32\...\Mp3tag) (Version: v2.58 - Florian Heidenreich)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MyDefrag v4.3.1 (HKLM\...\MyDefrag v4.3.1_is1) (Version: 4.0.0.0 - J.C. Kessels)
Pivot Animator version 4.1.10 (HKLM-x32\...\Pivot Animator_is1) (Version: 4.1.10 - Motus Software Ltd)
PrivaZer (HKLM-x32\...\PrivaZer) (Version: 2.17.0.0 - Goversoft LLC)
PrivDog (HKLM-x32\...\PrivDog) (Version: 1.8.0.15 - privdog.com)
QMP3Gain 0.9.0 (HKLM-x32\...\QMP3Gain) (Version: - )
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7183 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7600.30123 - Realtek Semiconductor Corp.)
Skype™ 6.6 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.6.106 - Skype Technologies S.A.)
Soft4Boost Any Uninstaller (HKLM-x32\...\Soft4Boost Any Uninstaller_is1) (Version: 5.2.3.297 - Soft4Boost Ltd.)
SoulSeek 157 NS 13e (HKLM-x32\...\Soulseek2) (Version: - )
SumatraPDF (HKLM-x32\...\SumatraPDF) (Version: 2.4 - Krzysztof Kowalczyk)
TagScanner 5.1.648 (HKLM-x32\...\TagScanner_is1) (Version: - Sergey Serkov)
Toolwiz Care (HKLM-x32\...\ToolwizCareFree) (Version: 3.1.0.5500 - ToolWiz Care)
Unity Web Player (HKCU\...\UnityWebPlayer) (Version: - Unity Technologies ApS)
VirtualDJ Home FREE (HKLM-x32\...\{5E1375CB-6792-4464-8715-CC3EC83D48FA}) (Version: 7.0.5 - Atomix Productions)
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Galeria de Fotos (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3555.0308 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Messenger (x32 Version: 15.4.3538.0513 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Media Player Firefox Plugin (HKLM-x32\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
Winyl 3.0.1 (HKLM-x32\...\{5BEA5008-5317-4526-92C9-9685E7AF5F5A}_is1) (Version: - Vinyl Software)
Wise PC 1stAid 1.12 (HKLM-x32\...\Wise PC 1stAid_is1) (Version: 1.12 - WiseCleaner.com, Inc.)
WolfQuest (HKLM-x32\...\{9E6AD6CF-1EFF-43E4-86C4-5C00254C3D8E}) (Version: 2.5.1 - eduweb)
XP Codec Pack (HKLM-x32\...\XP Codec Pack) (Version: - )
ZHPDiag 2014 (HKLM-x32\...\ZHPDiag_is1) (Version: 2014 - Nicolas Coolman)

==================== Restore Points =========================

22-05-2014 00:17:20 Registry Cleaner
22-05-2014 13:48:35 Windows Update
22-05-2014 18:16:03 zoek.exe restore point
22-05-2014 19:43:48 zoek.exe restore point
23-05-2014 03:28:59 Windows Update
23-05-2014 14:19:17 ZHPFix Restore System Point
23-05-2014 15:30:10 ZHPFix Restore System Point

==================== Hosts content: ==========================

2009-07-13 23:34 - 2014-05-22 16:44 - 00000840 ____N C:\Windows\system32\Drivers\etc\hosts

127.0.0.1 localhost
::1 localhost

==================== Scheduled Tasks (whitelisted) =============

Task: {13DF7EE7-1949-4761-B3E0-37FB7937FDA1} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-04-17] (Piriform Ltd)
Task: {30B409F3-D0C3-4487-9FF5-EFA3C6B8FA98} - \Software Updater No Task File <==== ATTENTION
Task: {3A927F7B-2416-4092-B46E-50F1A19E4E41} - \SidebarExecute No Task File <==== ATTENTION
Task: {4A31DFE9-615E-47B2-AEF6-97B4D6B64A4C} - \Software Updater Ui No Task File <==== ATTENTION
Task: {9260EC66-7459-45D2-9718-5D5FC600DBC3} - \Freemium1ClickMaint No Task File <==== ATTENTION
Task: {B25AD5A1-2FAD-450C-98FE-59FF851FC29B} - \{864BA883-EF4B-4F9C-BBF2-5EFE4D7EC960} No Task File <==== ATTENTION
Task: {B5002BCE-A84A-4606-9084-ACD359E93237} - \RunAsStdUser Task No Task File <==== ATTENTION
Task: {B58BAE29-8A14-4E11-B5FD-5FE994350104} - \{EB5A17F7-59B1-4914-80F9-8981CBF7FF0B} No Task File <==== ATTENTION
Task: {CA02B8ED-3EC5-4369-9B50-40B5F9ABD383} - \Driver Booster Update No Task File <==== ATTENTION
Task: {F86D89C3-B2D9-4D45-B0C9-CE4B41770355} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-05-16] (Adobe Systems Incorporated)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Loaded Modules (whitelisted) =============

2012-05-17 12:14 - 2012-03-11 14:56 - 00086608 _____ () C:\Windows\System32\cpwmon64.dll
2014-01-28 11:35 - 2014-01-28 11:35 - 02135232 _____ () C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe
2011-11-05 02:09 - 2011-03-15 19:47 - 00032768 _____ () C:\Windows\jmesoft\Service.exe
2011-07-19 00:26 - 2010-11-12 01:08 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2014-05-05 12:19 - 2014-05-05 12:19 - 01283792 _____ () C:\Program Files\COMODO\GeekBuddy\QtNetwork4.dll
2014-05-05 12:19 - 2014-05-05 12:19 - 02875600 _____ () C:\Program Files\COMODO\GeekBuddy\QtCore4.dll
2014-05-05 12:19 - 2014-05-05 12:19 - 10451664 _____ () C:\Program Files\COMODO\GeekBuddy\QtGui4.dll
2014-05-05 12:19 - 2014-05-05 12:19 - 00039120 _____ () C:\Program Files\COMODO\GeekBuddy\imageformats\qgif4.dll
2014-05-05 12:19 - 2014-05-05 12:19 - 01529040 _____ () C:\Program Files\COMODO\GeekBuddy\QtScript4.dll
2011-11-05 02:09 - 2011-03-21 13:12 - 00020480 _____ () C:\Windows\jmesoft\JME_LOAD.exe
2011-11-05 02:09 - 2007-12-31 09:27 - 00007168 _____ () C:\Windows\jmesoft\VistaVolume.dll
2009-12-04 15:59 - 2009-12-04 15:59 - 00619816 _____ () C:\Program Files (x86)\Lenovo\Power2Go\CLMediaLibrary.dll
2009-12-04 16:04 - 2009-12-04 16:04 - 00013096 _____ () C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvcPS.dll
2011-11-05 02:09 - 2009-07-16 08:20 - 00032768 _____ () C:\Windows\jmesoft\Keyhook.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\Windows\System32:05047D9C_Uni.gbp
AlternateDataStreams: C:\ProgramData\Temp:44DDF6DC
AlternateDataStreams: C:\Users\Todos os Usuários\Temp:44DDF6DC

==================== Safe Mode (whitelisted) ===================

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp => ""="Driver"

==================== EXE Association (whitelisted) =============

==================== Disabled items from MSCONFIG ==============

MSCONFIG\Services: EFS => 2

==================== Faulty Device Manager Devices =============

Name: Teredo Tunneling Pseudo-Interface
Description: Adaptador de Túnel Teredo da Microsoft
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

==================== Event log errors: =========================

Application errors:
==================
Error: (05/23/2014 00:34:37 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/23/2014 11:25:33 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/23/2014 11:07:38 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

System errors:
=============
Error: (05/23/2014 00:33:01 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Não foi possível iniciar o serviço Wise Boot Assistant devido ao seguinte erro:
%%2

Error: (05/23/2014 00:32:14 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Não foi possível iniciar o serviço Serviço de Descoberta Automática de Proxy da Web do WinHTTP devido ao seguinte erro:
%%1069

Error: (05/23/2014 00:32:14 PM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: O serviço WinHttpAutoProxySvc não pôde fazer logon como NT AUTHORITY\LocalService com a senha configurada atualmente devido ao seguinte erro:
%%1352

Para verificar se o serviço está configurado corretamente, use o snap-in de Serviços do Console de Gerenciamento Microsoft.

Error: (05/23/2014 11:23:58 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Não foi possível iniciar o serviço Wise Boot Assistant devido ao seguinte erro:
%%2

Error: (05/23/2014 11:06:04 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Falha ao carregar o(s) seguinte(s) driver(s) de início do sistema ou de inicialização:
Bnbase
Bndef
Bprotect

Error: (05/23/2014 11:06:04 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Não foi possível iniciar o serviço Wise Boot Assistant devido ao seguinte erro:
%%2

Microsoft Office Sessions:
=========================
Error: (05/23/2014 00:34:37 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/23/2014 11:25:33 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/23/2014 11:07:38 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

CodeIntegrity Errors:
===================================
Date: 2014-05-22 01:00:18.587
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Users\AP\AppData\Local\Temp\{0ABF58FA-066E-4170-ACF8-A8691F96B0AF}\fsgk.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2014-05-22 01:00:18.525
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Users\AP\AppData\Local\Temp\{0ABF58FA-066E-4170-ACF8-A8691F96B0AF}\fsgk.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

==================== Memory info ===========================

Percentage of memory in use: 48%
Total physical RAM: 1896.37 MB
Available physical RAM: 980.87 MB
Total Pagefile: 3792.74 MB
Available Pagefile: 2513.9 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:430.49 GB) (Free:318.54 GB) NTFS ==>[System with boot components (obtained from reading drive)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 466 GB) (Disk ID: D11A0698)
Partition 1: (Active) - (Size=200 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=430 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=35 GB) - (Type=12)

==================== End Of Log ============================

por **Power Max** Sáb 24 maio 2014, 19:33

Acesse o site [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] e envie este arquivo destacado em azul abaixo para ser analisado:
C:\Users\AP\Desktop\cwxjbyja.exe

Assim que a análise dele for concluída, copie o link que aparecerá na barra de endereços de seu navegador e poste este link em sua próxima resposta juntamente com o log (relatório) do Farbar pedido abaixo nesta postagem.

Maiores informações de como analisar arquivos no site Virus Total você encontra neste tutorial:

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
__________________________________________________________________________________________________

ANTIVIRUS - Não consigo atualizar nenhum antivírus... 772309

Baixe o arquivo fixlist.txt que está anexado nesta postagem e salve-o no desktop (área de trabalho).

Clique com o botão direito do mouse sobre o FRST64, depois clique em [Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem].

Clique no botão Fix.

Aguarde e ao final, o log Fixlog.txt será salvo no seu desktop.

Selecione, copie e cole o conteúdo deste Fixlog.txt em sua próxima resposta juntamente com o link da análise do arquivo no site Virus Total.

por Apsantos Sáb 24 maio 2014, 21:11

Segui esses caminhos mas não achei o arquivo cwxjbyja.exe

por Apsantos Sáb 24 maio 2014, 21:19

ix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 24-05-2014 1
Ran by AP at 2014-05-24 21:16:16 Run:1
Running from C:\Users\AP\Desktop
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
start
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
SearchScopes: HKCU - {D6C939E6-CC2D-4025-88CC-904CF475B929} URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
BHO: PrivDog Extension - {FB16E5C3-A9E2-47A2-8EFC-319E775E62CC} - C:\Program Files\AdTrustMedia\PrivDog\1.8.0.15\trustedads.dll (AdTrustMedia)
BHO-x32: PrivDog Extension - {FB16E5C3-A9E2-47A2-8EFC-319E775E62CC} - C:\Program Files (x86)\AdTrustMedia\PrivDog\1.8.0.15\trustedads.dll No File
FF Extension: PrivDog - C:\Users\AP\AppData\Roaming\Mozilla\Firefox\Profiles\h0c8u7qe.default\Extensions\PrivDog@AdTrustMedia.com [2014-05-22]
S3 360AntiHacker; C:\Windows\System32\Drivers\360AntiHacker64.sys [97480 2013-11-27] (Qihu 360 Software Co., Ltd.)
S3 360AvFlt; C:\Windows\System32\DRIVERS\360AvFlt.sys [67272 2013-03-27] (Qihu 360 Software Co., Ltd.)
S3 360Camera; C:\Windows\System32\Drivers\360Camera64.sys [41152 2013-12-08] (Qihu 360 Software Co., Ltd.)
2014-05-21 23:07 - 2014-05-21 23:07 - 00000000 ____D () C:\Program Files\AdTrustMedia
2014-05-22 16:33 - 2014-02-04 10:36 - 00000000 _RSHD () C:\360SANDBOX
2014-05-07 00:28 - 2014-01-28 09:15 - 00000000 ____D () C:\Windows\System32\Tasks\NCH Software
PrivDog (HKLM-x32\...\PrivDog) (Version: 1.8.0.15 - privdog.com)
Task: {30B409F3-D0C3-4487-9FF5-EFA3C6B8FA98} - \Software Updater No Task File <==== ATTENTION
Task: {3A927F7B-2416-4092-B46E-50F1A19E4E41} - \SidebarExecute No Task File <==== ATTENTION
Task: {4A31DFE9-615E-47B2-AEF6-97B4D6B64A4C} - \Software Updater Ui No Task File <==== ATTENTION
Task: {9260EC66-7459-45D2-9718-5D5FC600DBC3} - \Freemium1ClickMaint No Task File <==== ATTENTION
Task: {B25AD5A1-2FAD-450C-98FE-59FF851FC29B} - \{864BA883-EF4B-4F9C-BBF2-5EFE4D7EC960} No Task File <==== ATTENTION
Task: {B5002BCE-A84A-4606-9084-ACD359E93237} - \RunAsStdUser Task No Task File <==== ATTENTION
Task: {B58BAE29-8A14-4E11-B5FD-5FE994350104} - \{EB5A17F7-59B1-4914-80F9-8981CBF7FF0B} No Task File <==== ATTENTION
Task: {CA02B8ED-3EC5-4369-9B50-40B5F9ABD383} - \Driver Booster Update No Task File <==== ATTENTION
AlternateDataStreams: C:\ProgramData\Temp:44DDF6DC
AlternateDataStreams: C:\Users\Todos os Usuários\Temp:44DDF6DC
end
*****************

HKCU\Software\Microsoft\Internet Explorer\Main\\Start Page Redirect Cache => Value deleted successfully.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{D6C939E6-CC2D-4025-88CC-904CF475B929} => Key deleted successfully.
HKCR\CLSID\{D6C939E6-CC2D-4025-88CC-904CF475B929} => Key not found.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FB16E5C3-A9E2-47A2-8EFC-319E775E62CC} => Key deleted successfully.
HKCR\CLSID\{FB16E5C3-A9E2-47A2-8EFC-319E775E62CC} => Key deleted successfully.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FB16E5C3-A9E2-47A2-8EFC-319E775E62CC} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{FB16E5C3-A9E2-47A2-8EFC-319E775E62CC} => Key deleted successfully.
C:\Users\AP\AppData\Roaming\Mozilla\Firefox\Profiles\h0c8u7qe.default\Extensions\PrivDog@AdTrustMedia.com => Moved successfully.
360AntiHacker => Service deleted successfully.
360AvFlt => Service deleted successfully.
360Camera => Service deleted successfully.
C:\Program Files\AdTrustMedia => Moved successfully.
C:\360SANDBOX => Moved successfully.
C:\Windows\System32\Tasks\NCH Software => Moved successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{30B409F3-D0C3-4487-9FF5-EFA3C6B8FA98} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{30B409F3-D0C3-4487-9FF5-EFA3C6B8FA98} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Software Updater => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{3A927F7B-2416-4092-B46E-50F1A19E4E41} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3A927F7B-2416-4092-B46E-50F1A19E4E41} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\SidebarExecute => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{4A31DFE9-615E-47B2-AEF6-97B4D6B64A4C} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4A31DFE9-615E-47B2-AEF6-97B4D6B64A4C} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Software Updater Ui => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{9260EC66-7459-45D2-9718-5D5FC600DBC3} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9260EC66-7459-45D2-9718-5D5FC600DBC3} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Freemium1ClickMaint => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{B25AD5A1-2FAD-450C-98FE-59FF851FC29B} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B25AD5A1-2FAD-450C-98FE-59FF851FC29B} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{864BA883-EF4B-4F9C-BBF2-5EFE4D7EC960} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{B5002BCE-A84A-4606-9084-ACD359E93237} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B5002BCE-A84A-4606-9084-ACD359E93237} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\RunAsStdUser Task => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{B58BAE29-8A14-4E11-B5FD-5FE994350104} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B58BAE29-8A14-4E11-B5FD-5FE994350104} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{EB5A17F7-59B1-4914-80F9-8981CBF7FF0B} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{CA02B8ED-3EC5-4369-9B50-40B5F9ABD383} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CA02B8ED-3EC5-4369-9B50-40B5F9ABD383} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Driver Booster Update => Key deleted successfully.
C:\ProgramData\Temp => ":44DDF6DC" ADS removed successfully.
"C:\Users\Todos os Usuários\Temp" => ":44DDF6DC" ADS not found.

==== End of Fixlog ====

por Conteúdo patrocinado

Não consigo atualizar nenhum antivírus...

Não consigo atualizar nenhum antivírus...

Re: Não consigo atualizar nenhum antivírus...

Re: Não consigo atualizar nenhum antivírus...

Re: Não consigo atualizar nenhum antivírus...

Re: Não consigo atualizar nenhum antivírus...

Re: Não consigo atualizar nenhum antivírus...

Re: Não consigo atualizar nenhum antivírus...

Re: Não consigo atualizar nenhum antivírus...

Re: Não consigo atualizar nenhum antivírus...

Re: Não consigo atualizar nenhum antivírus...

Re: Não consigo atualizar nenhum antivírus...

Re: Não consigo atualizar nenhum antivírus...

Re: Não consigo atualizar nenhum antivírus...

Re: Não consigo atualizar nenhum antivírus...

Re: Não consigo atualizar nenhum antivírus...

Re: Não consigo atualizar nenhum antivírus...

Re: Não consigo atualizar nenhum antivírus...

Re: Não consigo atualizar nenhum antivírus...

Re: Não consigo atualizar nenhum antivírus...

Re: Não consigo atualizar nenhum antivírus...

Re: Não consigo atualizar nenhum antivírus...

Re: Não consigo atualizar nenhum antivírus...

Re: Não consigo atualizar nenhum antivírus...

Re: Não consigo atualizar nenhum antivírus...

Re: Não consigo atualizar nenhum antivírus...

Re: Não consigo atualizar nenhum antivírus...

Seg	Ter	Qua	Qui	Sex	Sáb	Dom
1	2	3	4	5	6	7
8	9	10	11	12	13	14
15	16	17	18	19	20	21
22	23	24	25	26	27	28
29	30