Flux RSS


Yahoo! 
MSN 
AOL 
Netvibes 
Bloglines 


Social bookmarking

Social bookmarking Digg  Social bookmarking Delicious  Social bookmarking Reddit  Social bookmarking Stumbleupon  Social bookmarking Slashdot  Social bookmarking Yahoo  Social bookmarking Google  Social bookmarking Blinklist  Social bookmarking Blogmarks  Social bookmarking Technorati  

Conservar e compartilhar o endereço de PC Seguro em seu site de social bookmarking

Conservar e compartilhar o endereço de Fórum PC Brasil em seu site de social bookmarking

Estatísticas
Temos 14449 usuários registrados
O último usuário registrado atende pelo nome de wostemberg3

Os nossos membros postaram um total de 35202 mensagens em 3565 assuntos
Últimos assuntos
» alguém pode me ajudar?
por joram Dom 19 Nov 2017, 22:51

Quem está conectado
2 usuários online :: Nenhum usuário registrado, Nenhum Invisível e 2 Visitantes :: 1 Motor de busca

Nenhum

O recorde de usuários online foi de 108 em Qui 15 Maio 2014, 21:18
Buscar
 
 

Resultados por:
 


Rechercher Busca avançada

Novembro 2017
SegTerQuaQuiSexSabDom
  12345
6789101112
13141516171819
20212223242526
27282930   

Calendário Calendário


Suprasavings + CE_Umbrellacert

Página 1 de 2 1, 2  Seguinte

Ver o tópico anterior Ver o tópico seguinte Ir em baixo

Suprasavings + CE_Umbrellacert

Mensagem por suegm em Seg 26 Maio 2014, 19:28

Boa noite!
Após fazer um download semana passada começou a aparecer uma janela pedindo pra instalar o CE_Umbrellacert.
Além disso, apareceram uns arquivos estranhos em algumas das minhas pastas (alguns como atalhos, outros ocultos)
e instalou também o suprasavings que não estou conseguindo deletar do pc.
Gostaria de saber como exclui-los permanentemente do pc, por favor.
Já tentei usar o Adwcleaner, o Zoek e o Kaspersky Virus Removal Tool.

Obrigada.


Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:17:41, on 26/05/2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17041)
Boot mode: Normal

Running processes:
C:\windows\system32\taskhost.exe
C:\windows\system32\Dwm.exe
C:\windows\Explorer.EXE
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\McAfee Security Scan\3.8.141\SSScheduler.exe
C:\Program Files\MagicDisc\MagicDisc.exe
C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
C:\windows\system32\taskeng.exe
C:\Program Files\CyberLink\YouCam\YCMMirage.exe
C:\Program Files\Samsung\Easy Display Manager\dmhkcore.exe
C:\Program Files\Samsung\Easy Display Manager\WifiManager.exe
C:\windows\system32\igfxext.exe
C:\windows\system32\igfxsrvc.exe
C:\Program Files\Samsung\Samsung Recovery Solution 5\WCScheduler.exe
C:\Program Files\Samsung\SamsungFastStart\SmartRestarter.exe
C:\Program Files\Samsung\Movie Color Enhancer\MovieColorEnhancer.exe
C:\Program Files\Samsung\Samsung Support Center\SSCKbdHk.exe
C:\Program Files\Bluetooth Suite\AthBtTray.exe
C:\Program Files\Bluetooth Suite\BtvStack.exe
C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe
C:\windows\system32\hkcmd.exe
C:\Program Files\Symantec\Norton Online Backup\NOBuClient.exe
C:\windows\system32\igfxpers.exe
C:\Program Files\CyberLink\Media+Player10\Media+Player10Serv.exe
C:\Program Files\SAMSUNG\EasySpeedUpManager\EasySpeedUpManager.exe
C:\Program Files\Samsung\Samsung Update Plus\SUPBackground.exe
C:\Program Files\Google\Drive\googledrivesync.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files\Google\Drive\googledrivesync.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Common Files\McAfee\Platform\mcuicnt.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Windows\System32\notepad.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Users\Suellen\Downloads\setup_11.0.1.1245.x01_2014_05_26_23_00.exe
C:\Users\Suellen\AppData\Local\Temp\RarSFX0\5189504.exe
C:\Users\Suellen\AppData\Local\Temp\1071308\5189504.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\windows\system32\taskhost.exe
C:\windows\system32\notepad.exe
C:\windows\system32\SearchFilterHost.exe
C:\Users\Suellen\Downloads\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = [Você precisa estar registrado e conectado para ver este link.]
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = [Você precisa estar registrado e conectado para ver este link.]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = [Você precisa estar registrado e conectado para ver este link.]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = [Você precisa estar registrado e conectado para ver este link.]
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = [Você precisa estar registrado e conectado para ver este link.]
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.141\McAfeeMSS_IE.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: IEExtension.VDownloaderBHO - {7b523e7c-f096-4e36-a0cb-7efeb5c675c1} - mscoree.dll (file missing)
O2 - BHO: IESpeakDoc - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files\Bluetooth Suite\IEPlugIn.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files\Windows Live\Companion\companioncore.dll
O2 - BHO: Samsung BHO Helper - {AA609D72-8482-4076-8991-8CDAE5B93BCB} - C:\Program Files\Samsung AnyWeb Print\W2PBrowser.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O2 - BHO: Advanced SystemCare Browser Protection - {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - C:\PROGRA~1\IObit\ADVANC~3\BROWER~1\ASCPLU~1.DLL
O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s
O4 - HKLM\..\Run: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [Sidebar] "C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [mcpltui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [DeskmediaReaper] C:\Positivo\Deskmedia\DeskmediaReaper.exe [Você precisa estar registrado e conectado para ver este link.] 0004 ed3035b4e26f5c48427ecc47081c7ccb
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKCU\..\Run: [WallpaperChanger] C:\Program Files\Wallpaper Master\Wallpaper.exe
O4 - HKCU\..\Run: [Facebook Update] "C:\Users\Suellen\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
O4 - HKCU\..\Run: [Advanced SystemCare 5] "C:\Program Files\IObit\Advanced SystemCare 5\ASCTray.exe" /AutoStart
O4 - HKCU\..\Run: [WordWeb] "C:\Program Files\WordWeb\wweb32.exe" -startup
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [EA Core] "C:\Program Files\Electronic Arts\EADM\Core.exe" -silent
O4 - HKCU\..\Run: [EADM] "C:\Program Files\Origin\Origin.exe" -AutoStart
O4 - HKCU\..\Run: [GoogleChromeAutoLaunch_C3E8D31D8757B5FA3DF83513FE338381] "C:\Program Files\Google\Chrome\Application\chrome.exe" --no-startup-window
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVIÇO LOCAL')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVIÇO LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVIÇO DE REDE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVIÇO DE REDE')
O4 - HKUS\S-1-5-18\..\Run: [Advanced SystemCare 6] "C:\Program Files\IObit\Advanced SystemCare 6\ASCTray.exe" /AutoStart (User 'SISTEMA')
O4 - HKUS\.DEFAULT\..\Run: [Advanced SystemCare 6] "C:\Program Files\IObit\Advanced SystemCare 6\ASCTray.exe" /AutoStart (User 'Default user')
O4 - Startup: MagicDisc.lnk = C:\Program Files\MagicDisc\MagicDisc.exe
O4 - Startup: Recorte de tela e Iniciador do OneNote 2007.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O4 - Startup: _uninst_24048721.lnk = C:\Users\Suellen\AppData\Local\Temp\_uninst_24048721.bat
O4 - Global Startup: McAfee Security Scan Plus.lnk = C:\Program Files\McAfee Security Scan\3.8.141\SSScheduler.exe
O8 - Extra context menu item: Add to Google Photos Screensa&ver - [Você precisa estar registrado e conectado para ver este link.]
O8 - Extra context menu item: Free YouTube Download - C:\Users\Suellen\AppData\Roaming\DVDVideoSoftIEHelpers\freeytvdownloader.htm
O9 - Extra button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files\Windows Live\Companion\companioncore.dll
O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Samsung AnyWeb Print - {328ECD19-C167-40eb-A0C7-16FE7634105E} - C:\Program Files\Samsung AnyWeb Print\W2PBrowser.dll
O9 - Extra button: (no name) - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files\Bluetooth Suite\IEPlugIn.dll
O9 - Extra 'Tools' menuitem: Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files\Bluetooth Suite\IEPlugIn.dll
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\PROGRA~1\mcafee\msc\mcsniepl.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Advanced SystemCare Service 6 (AdvancedSystemCareService6) - IObit - C:\Program Files\IObit\Advanced SystemCare 6\ASCService.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Atheros Bt&Wlan Coex Agent - Atheros - C:\Program Files\Bluetooth Suite\Ath_CoexAgent.exe
O23 - Service: AtherosSvc - Atheros Commnucations - C:\Program Files\Bluetooth Suite\adminservice.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Serviço do Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Serviço do Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Serviço do Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: McAfee Home Network (HomeNetSvc) - McAfee, Inc. - C:\Program Files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: McAfee SiteAdvisor Service - McAfee, Inc. - C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
O23 - Service: McAfee AP Service (McAPExe) - McAfee, Inc. - C:\Program Files\McAfee\MSC\McAPExe.exe
O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files\McAfee Security Scan\3.8.141\McCHSvc.exe
O23 - Service: McAfee Personal Firewall Service (McMPFSvc) - McAfee, Inc. - C:\Program Files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe
O23 - Service: McAfee VirusScan Announcer (McNaiAnn) - McAfee, Inc. - C:\Program Files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan\mcods.exe
O23 - Service: McAfee Platform Services (mcpltsvc) - McAfee, Inc. - C:\Program Files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - C:\Program Files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe
O23 - Service: McAfee Anti-Malware Core (mfecore) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe
O23 - Service: McAfee Firewall Core Service (mfefire) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
O23 - Service: McAfee Validation Trust Protection Service (mfevtp) - McAfee, Inc. - C:\windows\system32\mfevtps.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: McAfee Anti-Spam Service (MSK80Service) - McAfee, Inc. - C:\Program Files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe
O23 - Service: Norton Online Backup (NOBU) - Symantec Corporation - C:\Program Files\Symantec\Norton Online Backup\NOBuAgent.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo.exe
O23 - Service: Samsung UPD Service - Samsung Electronics CO., LTD. - C:\windows\System32\SUPDSvc.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: Intel(R) Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: xmkysecqun32 - Unknown owner - C:\Program Files\003\xmkysecqun32.exe (file missing)

--
End of file - 16129 bytes
avatar
suegm
Iniciante
Iniciante

Mensagens : 18
Reputação : 0
Data de inscrição : 26/05/2014

Voltar ao Topo Ir em baixo

Re: Suprasavings + CE_Umbrellacert

Mensagem por Power Max em Seg 26 Maio 2014, 19:31

Já tentei usar o Adwcleaner, o Zoek e o Kaspersky Virus Removal Tool.
Olá. Poste o relatório do Adwcleaner que está em C:\AdwCleaner\AdwCleaner[S0].txt
Poste também o relatório do Zoek que estará em C:\zoek-results.txt
Poste também o relatório do Kaspersky Virus Removal Tool.

_________________

Caixa de Dicas
= Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.

[Você precisa estar registrado e conectado para ver este link.] = O melhor da internet você encontra aqui.

[Você precisa estar registrado e conectado para ver este link.] = Mensagens de fé e esperança para o seu coração
avatar
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Voltar ao Topo Ir em baixo

Re: Suprasavings + CE_Umbrellacert

Mensagem por suegm em Seg 26 Maio 2014, 20:58

Não encontrei o relatório do Adwcleaner. Estou enviando o do Zoek e do ZNPdiag. O karpesky ainda está scaneando.

Zoek.exe v5.0.0.0 Updated 21-05-2014
Tool run by Suellen on 21/05/2014 at 11:36:09,92.
Microsoft Windows 7 Home Basic 6.1.7601 Service Pack 1 x86
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Suellen\Downloads\zoek.exe [Scan all users] [Script inserted]

==== System Restore Info ======================

21/05/2014 11:44:03 Zoek.exe System Restore Point Created Succesfully.

==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

# localhost name resolution is handle within DNS itself.
127.0.0.1 localhost
::1 localhost

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{31ad400d-1b06-4e33-a59a-90c2c140cba0} deleted successfully
HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{31ad400d-1b06-4e33-a59a-90c2c140cba0} deleted successfully
HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{ae07101b-46d4-4a98-af68-0333ea26e113} deleted successfully
HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{ae07101b-46d4-4a98-af68-0333ea26e113} deleted successfully
HKEY_USERS\S-1-5-21-1795128182-489873951-3285546841-1000\Software\Microsoft\Internet Explorer\SearchScopes\{8270EC90-7AF8-4148-AB4B-1058DF4DF927} deleted successfully

==== Deleting CLSID Registry Values ======================

HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Approved Extensions\{31ad400d-1b06-4e33-a59a-90c2c140cba0} deleted successfully
HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Approved Extensions\{ae07101b-46d4-4a98-af68-0333ea26e113} deleted successfully

==== Deleting Services ======================


==== Deleting Files \ Folders ======================

C:\PROGRA~2\{CED89F1A-945F-46EC-B23C-5EAF6D2DB12A} deleted
C:\Program Files\Mozilla Firefox\browser\searchplugins\search_the_web.xml deleted
C:\Program Files\Common Files\DVDVideoSoft\bin deleted
C:\Users\Suellen\AppData\Roaming\Bonanza deleted
C:\PROGRA~2\InstallMate deleted
C:\Users\Suellen\AppData\Local\cache deleted
C:\windows\system32\config\systemprofile\AppData\LocalLow\BabylonToolbar deleted
C:\user.js deleted
C:\windows\System32\sho341D.tmp deleted
C:\windows\System32\sho9085.tmp deleted
C:\windows\System32\shoC0C0.tmp deleted
C:\windows\System32\shoF7D8.tmp deleted
C:\windows\System32\~GLH000c.TMP deleted
C:\windows\System32\~GLH000d.TMP deleted
C:\windows\Installer\{C3E85EE9-5892-4142-B537-BCEB3DAC4C3D} deleted
"C:\Users\Suellen\AppData\Roaming\WordWeb" deleted

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions]
"support@vdownloader.com"="C:\Program Files\VDownloader\Addons\FireFox" []
[HKEY_CURRENT_USER\Software\Mozilla\Firefox\Extensions]
"wcapturex@deskperience.com"="C:\Program Files\WordWeb\WCaptureMoz" [01/10/2013 11:50]

==== Chrome Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
eoccbpoodnckjdnackiffhjfkogfhnhh - C:\Program Files\VDownloader\Addons\Chrome.crx[]
fheoggkfdfchfphceeifdbepaooicaho - No path found[]
lifbcibllhkdhoafpjfnlhfpfgnpldfl - C:\Program Files\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx[03/03/2014 09:53]
mjdepfkicdcciagbigfcmdhknnoaaegf - C:\Program Files\WordWeb\wcxChrome.crx[28/02/2013 23:24]
nfengeggddojhakldhlpjdlddgkkjkdd - C:\Program Files\IObit\Advanced SystemCare 6\BrowerProtect\ASC_GhromePlugin.crx[22/04/2013 19:01]

Google Drive - Suellen\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf
YouTube - Suellen\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
Google Search - Suellen\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
SiteAdvisor - Suellen\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho
Skype Click to Call - Suellen\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl
Advanced SystemCare Surfing Protection - Suellen\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfengeggddojhakldhlpjdlddgkkjkdd
Google Wallet - Suellen\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
Gmail - Suellen\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia

==== Chrome Fix ======================

C:\Users\Suellen\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_free-pdf-unlocker.en.softonic.com_0.localstorage deleted successfully
C:\Users\Suellen\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_free-pdf-unlocker.en.softonic.com_0.localstorage-journal deleted successfully
C:\Users\Suellen\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_utorrent.softonic.com.br_0.localstorage deleted successfully
C:\Users\Suellen\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_utorrent.softonic.com.br_0.localstorage-journal deleted successfully
C:\Users\Suellen\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho deleted successfully

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Search Page"="http://www.google.com"
"Search Bar"="http://www.google.com/ie"
"Default_Search_URL"="http://www.google.com/ie"
"Use Search Asst"="yes"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchUrl]
"Default"="http://www.google.com"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]
"Default"="http://www.google.com"
@="http://www.google.com/search?q=%s"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search]
"Default_Search_URL"="http://www.google.com/ie"
"SearchAssistant"="http://www.google.com/ie"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
No DefaultScope Set For HKCU

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Use Search Asst"="no"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchUrl]
"(Default)"="http://search.msn.com/results.asp?q=%s"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]
"(Default)"="http://search.msn.com/results.asp?q=%s"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search]
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"SearchAssistant"="http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE11SR"
{31FCC53F-5F98-4C8D-9E37-FBD7E6165EE2} Google Url="http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8"
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}"

==== Reset Google Chrome ======================

C:\Users\Suellen\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\Suellen\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-1795128182-489873951-3285546841-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{a1bcc327-7c56-4d0c-a1b7-fd4c30da8a09} deleted successfully
HKEY_USERS\S-1-5-21-1795128182-489873951-3285546841-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{a1bcc327-7c56-4d0c-a1b7-fd4c30da8a09} deleted successfully
HKEY_CLASSES_ROOT\CLSID\{a1bcc327-7c56-4d0c-a1b7-fd4c30da8a09} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{a1bcc327-7c56-4d0c-a1b7-fd4c30da8a09} deleted successfully

==== Deleting CLSID Registry Values ======================

HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\support@vdownloader.com deleted successfully

==== shortcuts on All Users Desktop ======================

C:\Users\Public\Desktop\calibre - E-book management.lnk - C:\Program Files\Calibre2\calibre.exe
C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk - C:\Program Files\McAfee Security Scan\3.8.141\McUICnt.exe SecurityScanner.dll
C:\Users\Public\Desktop\The Sims™ 3.lnk -

==== shortcuts in Users Start Menu ======================

C:\Users\Suellen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MagicDisc.lnk - C:\Program Files\MagicDisc\MagicDisc.exe

==== shortcuts in All Users Start Menu ======================

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk - C:\windows\Installer\{AC76BA86-7AD7-1046-7B44-AB0000000001}\SC_Reader.ico
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apostilas Objetiva\Agente Administrativo PRF 2014\Apostila Agente Administrativo PRF 2014.lnk - C:\Users\Suellen\Downloads\Agente Administrativo PRF 2014\ccb.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\calibre - E-book Management\calibre - E-book management.lnk - C:\Program Files\Calibre2\calibre.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\calibre - E-book Management\E-book viewer.lnk - C:\Program Files\Calibre2\ebook-viewer.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\calibre - E-book Management\Edit E-book.lnk - C:\Program Files\Calibre2\ebook-edit.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\calibre - E-book Management\LRF viewer.lnk - C:\Program Files\Calibre2\lrfviewer.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\The Sims™ 3.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk - C:\Program Files\Google\Chrome\Application\chrome.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MagicDisc\MagicDisc.lnk - C:\Program Files\MagicDisc\MagicDisc.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MagicDisc\Uninstall MagicDisc.lnk - C:\Program Files\MagicDisc\UNWISE.EXE
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee\McAfee SecurityCenter.lnk - C:\Program Files\McAfee.com\Agent\mcagent.exe /desktopicon /platui

==== shortcuts in Quick Launch ======================

C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\Suellen\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files\Internet Explorer\iexplore.exe
C:\Users\Suellen\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Picasa 3.lnk - C:\Program Files\Google\Picasa3\Picasa3.exe
C:\Users\Suellen\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\Suellen\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\Suellen\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Adobe Reader XI.lnk - C:\windows\Installer\{AC76BA86-7AD7-1046-7B44-AB0000000001}\SC_Reader.ico
C:\Users\Suellen\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Calculator.lnk - C:\windows\system32\calc.exe
C:\Users\Suellen\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Free YouTube Download Lite.lnk - C:\Program Files\Common Files\DVDVideoSoft\bin\ytgroovlc.exe
C:\Users\Suellen\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Microsoft Office Word 2007.lnk - C:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\wordicon.exe
C:\Users\Suellen\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Microsoft Word Starter 2010.lnk - C:\Program Files\Common Files\microsoft shared\Virtualization Handler\CVH.EXE "Microsoft Word Starter 2010 9014006604160000"
C:\Users\Suellen\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Skype.lnk - C:\Program Files\Skype\Phone\Skype.exe
C:\Users\Suellen\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Uninstall Programs.lnk - C:\Program Files\IObit\Advanced SystemCare 6\Suc10_Uninstal.exe
C:\Users\Suellen\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Wallpaper Master.lnk - C:\Program Files\Wallpaper Master\Wallpaper.exe
C:\Users\Suellen\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk - C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Users\Suellen\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Explorer.lnk - C:\windows\explorer.exe
C:\Users\Suellen\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Media Player.lnk - C:\Program Files\Windows Media Player\wmplayer.exe /prefetch:1

==== Reset IE Proxy ======================

Value(s) before fix:
"ProxyOverride"="<-loopback>"
"ProxyEnable"=dword:00000000

Value(s) after fix:
"ProxyEnable"=dword:00000000

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\97ce2917-a8ec-414d-8450-af7129b33fd7 deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\eoccbpoodnckjdnackiffhjfkogfhnhh deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\fheoggkfdfchfphceeifdbepaooicaho deleted successfully
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{7F6F62F0-7884-4CFB-B86C-597A4A6D9C4D} deleted successfully

==== Empty IE Cache ======================

C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Suellen\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Suellen\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Users\Suellen\AppData\Local\Temp\acrord32_sbx\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Suellen\AppData\Local\Temp\acro_rd_dir\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Suellen\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully
C:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

==== Empty FireFox Cache ======================

No FireFox Profiles found

==== Empty Chrome Cache ======================

C:\Users\Suellen\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=137 folders=29 13403290 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\Suellen\AppData\Local\Temp will be emptied at reboot
C:\windows\serviceprofiles\networkservice\AppData\Local\Temp will be emptied at reboot
C:\windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\windows\Temp successfully emptied
C:\Users\Suellen\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\windows\serviceprofiles\networkservice\AppData\Local\Temp\Low" not deleted

==== EOF on 21/05/2014 at 12:11:58,29 ======================
avatar
suegm
Iniciante
Iniciante

Mensagens : 18
Reputação : 0
Data de inscrição : 26/05/2014

Voltar ao Topo Ir em baixo

Re: Suprasavings + CE_Umbrellacert

Mensagem por suegm em Seg 26 Maio 2014, 20:58

~ Relatório do ZHPDiag v2014.5.26.74 - Nicolas Coolman (24/05/2014)
~ Iniciado por Suellen (26/05/2014 17:45:20)
~ Endereço do Website : [Você precisa estar registrado e conectado para ver este link.]
~ Tradução pelo utilizador
~ Estatuto da versão :
~ Lista Branca : Ativado pelo programa
~ Elevação dos Privilégios : OK
~ Controle de Conta de Utilizador : Deactivate by user


---\\ Navegadores Internet
MSIE: Internet Explorer v11.0.9600.17107
MFIE: Mozilla Firefox 29.0.1
GCIE: Google Chrome v35.0.1916.114 (Defaut)

---\\ Informações sobre os produtos Windows
~ Langage: Portugais
Windows 7 Home Basic, 32-bit Service Pack 1 (Build 7601)
Windows Server License Manager Script : OK
Software Protection Service (Protection logicielle) : OK
Windows Automatic Updates : OK
Windows Activation Technologies : OK

---\\ Softwares de proteçao do sistema
avast! Free Antivirus v7.0.1474.0
McAfee Security Scan Plus v3.8.141.11
Windows Defender W7 (Activate)

---\\ Softwares d'optimização do sistema

---\\ Softwares de partilha do PeerToPeer (P2P)

---\\ Monitoramento dos softwares
Adobe Flash Player 13 Plugin
Adobe Reader XI
Java 7 Update 51

---\\ Informações sobre o sistema
~ Processor: x86 Family 6 Model 37 Stepping 5, GenuineIntel
~ Operating System: 32 Bits
Boot mode: Normal (Normal boot)
Total RAM: 2932 MB (29% free)
System Restore: Activé (Enable)
System drive C: has 95 GB (34%) free of 279 GB

---\\ Modo de conexão ao sistema
~ Computer Name: NOTE-SUE
~ User Name: Suellen
~ All Users Names: Suellen, Convidado, Administrador,
~ Unselected Option: None
Logged in as Administrator

---\\ As variáveis de ambiente
~ System Unit : C:\
~ %AppZHP% : C:\Users\Suellen\AppData\Roaming\ZHP\
~ %AppData% : C:\Users\Suellen\AppData\Roaming\
~ %Desktop% : C:\Users\Suellen\Desktop\
~ %Favorites% : C:\Users\Suellen\Favorites\
~ %LocalAppData% : C:\Users\Suellen\AppData\Local\
~ %StartMenu% : C:\Users\Suellen\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\

---\\ Enumeração das unidades dos discos
C: Hard drive, Flash drive, Thumb drive (Free 95 Go of 279 Go)
D: CD-ROM drive (Not Inserted)
F: Floppy drive, Flash card reader, USB Key (Not Inserted)
G: CD-ROM drive (Not Inserted)
Q: Hard drive, Flash drive, Thumb drive (Free 0 Go of 0 Go)



---\\ Estado do Centro de Segurança do Windows
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: Modified
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowMyComputer: Modified
~ Security Center: 50 Legitimates Filtered in 00mn 00s



---\\ Pesquisa particular de ficheiros genéricos
[MD5.8B88EBBB05A0E56B7DCC708498C02B3E] - (.Microsoft Corporation - Windows Explorer.) (.25/02/2011 - 02:30:54.) -- C:\Windows\Explorer.exe [2616320]
[MD5.B5C5DCAD3899512020D135600129D665] - (.Microsoft Corporation - Aplicativo de Inicialização do Windows.) (.13/07/2009 - 22:14:45.) -- C:\Windows\System32\Wininit.exe [96256]
[MD5.E4E829EE073E046B0EB19B5FECB19B8C] - (.Microsoft Corporation - Internet Extensions para Win32.) (.06/03/2014 - 02:41:49.) -- C:\Windows\System32\wininet.dll [1789440]
[MD5.998507B046BA314CE8245364C686FA67] - (.Microsoft Corporation - Aplicativo de Logon do Windows.) (.04/03/2014 - 06:17:02.) -- C:\Windows\System32\Winlogon.exe [304128]
[MD5.E3AE23569749DE12D45BA3B489A036AE] - (.Microsoft Corporation - Biblioteca de Licenciamento de Software.) (.20/11/2010 - 18:29:24.) -- C:\Windows\System32\sppcomapi.dll [193536]
[MD5.F81BB7E487EDCEAB630A7EE66CF23913] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.13/09/2013 - 21:48:58.) -- C:\Windows\system32\Drivers\AFD.sys [338944]
[MD5.338C86357871C167A96AB976519BF59E] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.13/07/2009 - 22:26:15.) -- C:\Windows\system32\Drivers\atapi.sys [21584]
[MD5.77EA11B065E0A8AB902D78145CA51E10] - (.Microsoft Corporation - CD-ROM File System Driver.) (.13/07/2009 - 20:11:15.) -- C:\Windows\system32\Drivers\Cdfs.sys [70656]
[MD5.BE167ED0FDB9C1FA1133953C18D5A6C9] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.20/11/2010 - 18:29:03.) -- C:\Windows\system32\Drivers\Cdrom.sys [108544]
[MD5.F024449C97EC1E464AAFFDA18593DB88] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.20/11/2010 - 18:29:07.) -- C:\Windows\system32\Drivers\DfsC.sys [78336]
[MD5.9036377B8A6C15DC2EEC53E489D159B5] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.20/11/2010 - 18:29:03.) -- C:\Windows\system32\Drivers\HDAudBus.sys [108544]
[MD5.F151F0BDC47F4A28B1B20A0818EA36D6] - (.Microsoft Corporation - Driver de porta i8042.) (.13/07/2009 - 20:11:24.) -- C:\Windows\system32\Drivers\i8042prt.sys [80896]
[MD5.A5FA468D67ABCDAA36264E463A7BB0CD] - (.Microsoft Corporation - IP Network Address Translator.) (.13/07/2009 - 20:54:29.) -- C:\Windows\system32\Drivers\IpNat.sys [101888]
[MD5.5D16C921E3671636C0EBA3BBAAC5FD25] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.26/04/2011 - 23:17:22.) -- C:\Windows\system32\Drivers\MRxSmb.sys [123904]
[MD5.280122DDCF04B378EDD1AD54D71C1E54] - (.Microsoft Corporation - MBT Transport driver.) (.20/11/2010 - 18:29:08.) -- C:\Windows\system32\Drivers\netBT.sys [187904]
[MD5.C8DFF8D07755A66C7A4A738930F0FEAC] - (.Microsoft Corporation - Driver do Sistema de Arquivos NT.) (.23/01/2014 - 23:18:22.) -- C:\Windows\system32\Drivers\ntfs.sys [1212352]
[MD5.2EA877ED5DD9713C5AC74E8EA7348D14] - (.Microsoft Corporation - Driver de porta paralela.) (.13/07/2009 - 20:45:35.) -- C:\Windows\system32\Drivers\Parport.sys [79360]
[MD5.D9F91EAFEC2815365CBE6D167E4E332A] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.13/07/2009 - 20:54:34.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [78848]
[MD5.3E21C083B8A01CB70BA1F09303010FCE] - (.Microsoft Corporation - SMB Transport driver.) (.13/07/2009 - 20:53:41.) -- C:\Windows\system32\Drivers\smb.sys [71168]
[MD5.B459575348C20E8121D6039DA063C704] - (.Microsoft Corporation - TDI Translation Driver.) (.20/11/2010 - 18:29:07.) -- C:\Windows\system32\Drivers\tdx.sys [74752]
[MD5.F497F67932C6FA693D7DE2780631CFE7] - (.Microsoft Corporation - Driver de cópia de sombra de volume.) (.20/11/2010 - 18:29:03.) -- C:\Windows\system32\Drivers\volsnap.sys [245632]
~ Generic Processes: Scanned in 00mn 00s



---\\ Estatuto dos ficheiros ocultos (Oculto/Total)
~ Mes images (My Pictures) : 1/27
~ Mes musiques (My Musics) : 1/78
~ Mes Videos (My Videos) : 1/30
~ Mes Favoris (My Favorites) : 1/6
~ Mes Documents (My Documents) : 2/408
~ Mon Bureau (My Desktop) : 0/6
~ Menu demarrer (Programs) : 1/99
~ Hidden Files: Scanned in 00mn 00s



---\\ Processos lançados
[MD5.E708F1FDB3B20F2656827FCB0581CBCD] - (.Realtek Semiconductor - Gerenciador de áudio HD Realtek.) -- C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [10119784] [PID.5248]
[MD5.4BBC56EF5BE49978468F2983B9A2AFFB] - (.Synaptics Incorporated - Synaptics TouchPad Enhancements.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1770792] [PID.5300]
[MD5.0AA31720D0A1C9756859164E6840E223] - (.Synaptics Incorporated - Synaptics Pointing Device Helper.) -- C:\Program Files\Synaptics\SynTP\SynTPHelper.exe [103720] [PID.5472]
[MD5.0E34B7BB1FCF22BCC1E394D16F9E992B] - (.Microsoft Corporation - GrooveMonitor Utility.) -- C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [30040] [PID.5600]
[MD5.BAF535F843A3E790E04A7613811B55BC] - (.Apple Inc. - iTunesHelper.) -- C:\Program Files\iTunes\iTunesHelper.exe [152392] [PID.5736]
[MD5.5B6E8E09BE6401A7E022F52FDFCB2FF8] - (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336] [PID.5768]
[MD5.43E2CFC37953501EA40D852AE585E7C0] - (.McAfee, Inc. - McAfee Security Scanner Scheduler.) -- C:\Program Files\McAfee Security Scan\3.8.141\SSScheduler.exe [277920] [PID.6136]
[MD5.A16852B04C0A5654B0B8DFD5E1A25718] - (.MagicISO, Inc. - MagicISO Virtual CD/DVD Manager.) -- C:\Program Files\MagicDisc\MagicDisc.exe [576000] [PID.6500]
[MD5.32C26797AB646074A2BB562F9D10ADB5] - (.Microsoft Corporation - Microsoft Office OneNote Quick Launcher.) -- C:\Program Files\Microsoft Office\Office12\ONENOTEM.exe [97680] [PID.6572]
[MD5.B00F98FF6FE8682FF941BEB2559BF191] - (.CyberLink - YouCam Mirage.) -- C:\Program Files\CyberLink\YouCam\YCMMirage.exe [136488] [PID.6768]
[MD5.B5330086613D69F5ED3954535E8F33F1] - (.Samsung Electronics Co., Ltd. - Easy Display Manager.) -- C:\Program Files\Samsung\Easy Display Manager\dmhkcore.exe [943984] [PID.6776]
[MD5.43EE79052668643317E3B530E9892DE7] - (.Samsung Electronics Co., Ltd. - Wifi Manager.) -- C:\Program Files\Samsung\Easy Display Manager\WifiManager.exe [7053168] [PID.6800]
[MD5.C5CF364816DE0AE422345801A2AFBC8D] - (.Intel Corporation - igfxext Module.) -- C:\windows\system32\igfxext.exe [179224] [PID.7428]
[MD5.C56EEBADA8A4978CFB51A3FD6B6AC12A] - (.Intel Corporation - igfxsrvc Module.) -- C:\windows\system32\igfxsrvc.exe [266776] [PID.7500]
[MD5.113EA52D953E79BCD37E672E4A9860DC] - (.SEC - Samsung Recovery Solution 5.) -- C:\Program Files\Samsung\Samsung Recovery Solution 5\WCScheduler.exe [4387632] [PID.3844]
[MD5.D9C70E8552670E7A67778ED238C18975] - (.Samsung Electronics Co., Ltd. - Smart Restarter Program.) -- C:\Program Files\Samsung\SamsungFastStart\SmartRestarter.exe [2208624] [PID.6904]
[MD5.15DC04031C19CCF380A69E50E589317B] - (.Samsung Electronics Co., Ltd. - MovieColorEnhancer.exe.) -- C:\Program Files\Samsung\Movie Color Enhancer\MovieColorEnhancer.exe [775336] [PID.5380]
[MD5.596054F68A7C7EDD5E8A19BF511AC475] - (.SAMSUNG Electronics - SSCKbdHk.) -- C:\Program Files\Samsung\Samsung Support Center\SSCKbdHk.exe [1757264] [PID.4852]
[MD5.136A1670196C883C2ECE89B0B9D851DD] - (.Atheros Commnucations - Bluetooth Suite Common Rescource.) -- C:\Program Files\Bluetooth Suite\AthBtTray.exe [519328] [PID.2456]
[MD5.998B2E425CDCA8E96EBD9F506B4E3AAF] - (.Atheros Communications - Bluetooth Stack Server.) -- C:\Program Files\Bluetooth Suite\BtvStack.exe [609440] [PID.4708]
[MD5.57B4D34232852BFE4453BE571DF90D21] - (.CyberLink - CyberLink MediaLibray Service.) -- C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe [103720] [PID.4184]
[MD5.A3F3760429AD8C3345504F86EF560A96] - (.Intel Corporation - hkcmd Module.) -- C:\windows\system32\hkcmd.exe [171032] [PID.4172]
[MD5.C86FD55A276BBA6009F0E7749A9CB1AF] - (.Symantec Corporation - Norton Online Backup Service.) -- C:\Program Files\Symantec\Norton Online Backup\NOBuClient.exe [966488] [PID.3580]
[MD5.C40276DD74119D841EFAE36BA4AED22B] - (.Intel Corporation - persistence Module.) -- C:\windows\system32\igfxpers.exe [170520] [PID.4864]
[MD5.2C7CF4D4A17B5765E23F6B82C16AF4EB] - (.CyberLink Corp. - Media+Player RC Service.) -- C:\Program Files\CyberLink\Media+Player10\Media+Player10Serv.exe [87336] [PID.4900]
[MD5.5AFC1F763562C453C64B70886B460CDD] - (.Samsung Electronics Co., Ltd. - EasySpeedUpManager.) -- C:\Program Files\SAMSUNG\EasySpeedUpManager\EasySpeedUpManager.exe [719360] [PID.4804]
[MD5.B8C44BF5A86B4662458F4AA8F901C94B] - (.Samsung Electronics - Samsung Update Plus Background.) -- C:\Program Files\Samsung\Samsung Update Plus\SUPBackground.exe [2782064] [PID.6092]
[MD5.648584CDD57A2392993EC4155D1C09E2] - (.Google - Google Drive.) -- C:\Program Files\Google\Drive\googledrivesync.exe [22415552] [PID.4160]
[MD5.083649EF692A066880C9326020915AFE] - (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe [4297136] [PID.2732]
[MD5.1620FE36666F4BBC2314B7F360FB1965] - (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe [860488] [PID.5692]
[MD5.74557BFD04530E512DBB9C151C4DA110] - (.McAfee, Inc. - McAfee.) -- C:\Program Files\Common Files\McAfee\Platform\mcuicnt.exe [499384] [PID.5904]
[MD5.1D040D09300DE4F68B6E5936FBA0E59A] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [7878144] [PID.2836]
[MD5.A131FF6AF7E2B2492566FB57683CE6CB] - (.Nicolas Coolman - ZHPFix.) -- C:\Program Files\ZHPDiag\ZHPFix\ZHPFix.exe [3054592] [PID.5660]
~ Processes Running: Scanned in 00mn 02s



---\\ Google Chrome, Arranque,Pesquisa,Extensões (G0,G1,G2)
C:\Users\Suellen\AppData\Local\Google\Chrome\User Data\Default\Preferences
G2 - GCE: Preference [User Data\Default] [ahfgeienlihckogmohjhadlkjgocpleb] Loja v.0.2 (Activé)
G2 - GCE: Preference [User Data\Default] [neajdppkdcdipfabeoofebfddakdcjhd] Google Network Speech v.1.0 (Activé)
G2 - GCE: Preference [User Data\Default] [nkeimhogjdpnpccoofpliimaahmaaome] Hangout Services v.1.0 (Activé)

---\\ Pasta de extensão do Google Chrome
G2 - EXT: C:\Users\Suellen\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda [avast! WebRep]
~ Google Lines Browser: 37 Legitimates Filtered in 00mn 12s



---\\ Mozilla Firefox, Plugins,Arranque,Pesquisa,Extensões (P2,M0,M1,M2,M3)
P2 - FPN: [HKLM] [@mcafee.com/MSC,version=10] - (...) -- C:\Program Files\McAfee\MSC\npMcSnFFPl.dll
P2 - FPN: [HKCU] [vitzo.com/VDownloader] - (...) -- C:\Program Files\VDownloader\Addons\npVDownloader.dll (.not file.)
~ Firefox Browser: 16 Legitimates Filtered in 00mn 00s



---\\ Internet Explorer, Arranque, Pesquisa, URLSearchHook( gancho de URL), Phishing (R0,R1,R3,R4)
R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (...) (No version) -- (.not file.)
~ IE Browser: 16 Legitimates Filtered in 00mn 00s



---\\ Internet Explorer, Gestão do Proxy (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s



---\\ Análise das linhas F0, F1, F2, F3 - Ficheiros ini, Carregamento Automático de programas
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys: Scanned in 00mn 00s



---\\ Redireção do ficheiro Hosts (01)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File: Scanned in 00mn 00s
~ Nombre de lignes (Lines number): 21



---\\ Browser Helper Objects do navegador (02)
O2 - BHO: Samsung BHO Helper - {AA609D72-8482-4076-8991-8CDAE5B93BCB} . (...) -- C:\Program Files\Samsung AnyWeb Print\W2PBrowser.dll
~ BHO: 60 Legitimates Filtered in 00mn 00s



---\\ Barras do Internet Explorer (03))
O3 - Toolbar: McAfee SiteAdvisor Toolbar - [HKLM]{0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} . (.McAfee, Inc. - SiteAdvisor.) -- C:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll
O3 - Toolbar: avast! WebRep - [HKLM]{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} . (.AVAST Software - avast! WebRep Plugin.) -- C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} Chave orfã
~ Toolbar: Scanned in 00mn 00s



---\\ Aplicações iniciadas por registo & pastas (04)
O4 - HKLM\..\Run: [RtHDVCpl] . (.Realtek Semiconductor - Gerenciador de áudio HD Realtek.) -- C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
O4 - HKLM\..\Run: [SynTPEnh] . (.Synaptics Incorporated - Synaptics TouchPad Enhancements.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [mcui_exe] . (.McAfee, Inc. - McAfee Security Center.) -- C:\Program Files\McAfee.com\Agent\mcagent.exe
O4 - HKLM\..\Run: [GrooveMonitor] . (.Microsoft Corporation - GrooveMonitor Utility.) -- C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
O4 - HKLM\..\Run: [APSDaemon] . (.Apple Inc. - Apple Push.) -- C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe
O4 - HKLM\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets da Área de Trabalho do Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe
O4 - HKLM\..\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe =>.Adobe Systems Incorporated
O4 - HKLM\..\Run: [QuickTime Task] . (.Apple Inc. - QuickTime Task.) -- C:\Program Files\QuickTime\QTTask.exe
O4 - HKLM\..\Run: [iTunesHelper] . (.Apple Inc. - iTunesHelper.) -- C:\Program Files\iTunes\iTunesHelper.exe
O4 - HKLM\..\Run: [mcpltui_exe] . (.McAfee, Inc. - McAfee Security Center.) -- C:\Program Files\McAfee.com\Agent\mcagent.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] . (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe =>.Oracle Corporation
O4 - HKLM\..\Run: [fst_br_132] Chave orfã
O4 - HKLM\..\Run: [DeskmediaReaper] C:\Positivo\Deskmedia\DeskmediaReaper.exe (.not file.)
O4 - HKLM\..\Run: [avast] . (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\avastUI.exe
O4 - HKCU\..\Run: [WallpaperChanger] . (.James Garton - Desktop Wallpaper Changer.) -- C:\Program Files\Wallpaper Master\Wallpaper.exe
O4 - HKCU\..\Run: [Facebook Update] . (.Facebook Inc. - Facebook Installer.) -- C:\Users\Suellen\AppData\Local\Facebook\Update\FacebookUpdate.exe
O4 - HKCU\..\Run: [Advanced SystemCare 5] C:\Program Files\IObit\Advanced SystemCare 5\ASCTray.exe (.not file.)
O4 - HKCU\..\Run: [WordWeb] . (.WordWeb Software - WordWeb.) -- C:\Program Files\WordWeb\wweb32.exe
O4 - HKCU\..\Run: [Skype] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files\Skype\Phone\Skype.exe =>.Skype Technologies S.A.
O4 - HKCU\..\Run: [EA Core] C:\Program Files\Electronic Arts\EADM\Core.exe (.not file.)
O4 - HKCU\..\Run: [EADM] C:\Program Files\Origin\Origin.exe (.not file.)
O4 - HKCU\..\Run: [GoogleChromeAutoLaunch_C3E8D31D8757B5FA3DF83513FE338381] . (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
O4 - HKUS\.DEFAULT\..\Run: [Advanced SystemCare 6] . (.IObit - ASCTray.) -- C:\Program Files\IObit\Advanced SystemCare 6\ASCTray.exe
O4 - HKUS\S-1-5-18\..\Run: [Advanced SystemCare 6] . (.IObit - ASCTray.) -- C:\Program Files\IObit\Advanced SystemCare 6\ASCTray.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets da Área de Trabalho do Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets da Área de Trabalho do Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-21-1795128182-489873951-3285546841-1000\..\Run: [WallpaperChanger] . (.James Garton - Desktop Wallpaper Changer.) -- C:\Program Files\Wallpaper Master\Wallpaper.exe
O4 - HKUS\S-1-5-21-1795128182-489873951-3285546841-1000\..\Run: [Facebook Update] . (.Facebook Inc. - Facebook Installer.) -- C:\Users\Suellen\AppData\Local\Facebook\Update\FacebookUpdate.exe
O4 - HKUS\S-1-5-21-1795128182-489873951-3285546841-1000\..\Run: [Advanced SystemCare 5] C:\Program Files\IObit\Advanced SystemCare 5\ASCTray.exe (.not file.)
O4 - HKUS\S-1-5-21-1795128182-489873951-3285546841-1000\..\Run: [WordWeb] . (.WordWeb Software - WordWeb.) -- C:\Program Files\WordWeb\wweb32.exe
O4 - HKUS\S-1-5-21-1795128182-489873951-3285546841-1000\..\Run: [Skype] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files\Skype\Phone\Skype.exe =>.Skype Technologies S.A.
O4 - HKUS\S-1-5-21-1795128182-489873951-3285546841-1000\..\Run: [EA Core] C:\Program Files\Electronic Arts\EADM\Core.exe (.not file.)
O4 - HKUS\S-1-5-21-1795128182-489873951-3285546841-1000\..\Run: [EADM] C:\Program Files\Origin\Origin.exe (.not file.)
O4 - HKUS\S-1-5-21-1795128182-489873951-3285546841-1000\..\Run: [GoogleChromeAutoLaunch_C3E8D31D8757B5FA3DF83513FE338381] . (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
~ Application: Scanned in 00mn 00s



---\\ Boutões da barra de ferramentas principal do Internet Explorer (09)
O9 - Extra button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} . (.Microsoft Corporation - Windows Live Messenger Companion core resources.) -- C:\Program Files\Windows Live\Companion\companionres.dll
O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} . (.Microsoft Corporation - Windows Live Writer Blog This Extension.) -- C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} . (.Microsoft Corporation - Microsoft Office OneNote Internet Explorer Add-in.) -- C:\Program Files\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Samsung AnyWeb Print - {328ECD19-C167-40eb-A0C7-16FE7634105E} . (...) -- C:\Program Files\Samsung AnyWeb Print\W2PBrowser.dll
O9 - Extra button: Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} -- Chave orfã
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} . (...) -- C:\Program Files\Skype\Toolbars\Internet Explorer\icon.ico
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} . (...) -- C:\Program Files\Microsoft Office\Office12\REFBARH.ICO
~ IE Extra Buttons: Scanned in 00mn 00s



---\\ Alteração Dominio/Clientes DNS (017)
O17 - HKLM\System\CCS\Services\Tcpip\..\{A4F9698D-6354-43D8-BE6A-7F1D2A5006D8}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{E62483AD-5D9A-4224-BBCD-48C778DC0C9D}: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{F00DCE30-6062-4678-A342-E10356B5305E}: DhcpNameServer = 192.168.25.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{A4F9698D-6354-43D8-BE6A-7F1D2A5006D8}: DhcpDomain = domain.name
O17 - HKLM\System\CCS\Services\Tcpip\..\{F00DCE30-6062-4678-A342-E10356B5305E}: DhcpDomain = dqx.tvgvt
O17 - HKLM\System\CS1\Services\Tcpip\..\{A4F9698D-6354-43D8-BE6A-7F1D2A5006D8}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{E62483AD-5D9A-4224-BBCD-48C778DC0C9D}: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{F00DCE30-6062-4678-A342-E10356B5305E}: DhcpNameServer = 192.168.25.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{A4F9698D-6354-43D8-BE6A-7F1D2A5006D8}: DhcpDomain = domain.name
O17 - HKLM\System\CS1\Services\Tcpip\..\{F00DCE30-6062-4678-A342-E10356B5305E}: DhcpDomain = dqx.tvgvt
O17 - HKLM\System\CS2\Services\Tcpip\..\{A4F9698D-6354-43D8-BE6A-7F1D2A5006D8}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{E62483AD-5D9A-4224-BBCD-48C778DC0C9D}: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{F00DCE30-6062-4678-A342-E10356B5305E}: DhcpNameServer = 192.168.25.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{A4F9698D-6354-43D8-BE6A-7F1D2A5006D8}: DhcpDomain = domain.name
O17 - HKLM\System\CS2\Services\Tcpip\..\{F00DCE30-6062-4678-A342-E10356B5305E}: DhcpDomain = dqx.tvgvt
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.25.1
~ Domain: Scanned in 00mn 00s



---\\ Protocolo adicional (018)
O18 - Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (.Microsoft Corporation - Windows Live Album Download Protocol Handle.) -- C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.dll =>.Microsoft Corporation
~ Protocole Additionnel: Scanned in 00mn 00s



---\\ Valor do Registo AppInit_DLLs e sub-chaves Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: igfxcui . (.Intel Corporation - igfxdev Module.) -- C:\Windows\System32\igfxdev.dll
~ Winlogon: Scanned in 00mn 00s



---\\ Lista dos serviços NT não Microsoft e não desativados (023)
O23 - Service: xmkysecqun32 (xmkysecqun32) . (...) - C:\Program Files\003\xmkysecqun32.exe (.not file.) =>PUP.AdPeak
~ Services: 24 Legitimates Filtered in 00mn 18s



---\\ Tarefas planificadas automaticamente (039)
[MD5.00000000000000000000000000000000] [APT] [Bonanza] (...) -- C:\Users\Suellen\AppData\Roaming\Bonanza\UPDATE~1\UPDATE~1.exe (.not file.) [0] =>Adware.BonanzaDeals
[MD5.00000000000000000000000000000000] [APT] [EasyPartitionManager] (...) -- C:\Windows\MSetup\BA46-12225A02\EPM.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{3FA247A8-3771-4F9B-9AF6-E860D8DB4931}] (...) -- E:\iTunes64Setup.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{41E702EF-1460-4185-91A1-557021F7CE8D}] (...) -- C:\Users\Suellen\Downloads\fontes_adicionais.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{4AA7947C-385D-4414-878C-B4C40874BCDE}] (...) -- C:\Users\Suellen\Suellen\Livros\Livros Animais\Dermatologia\Veterinaria dermatologia\ST6UNST.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{6131F8B0-4CC2-4ECB-95E5-4AACC79D8E9D}] (...) -- E:\iTunes64Setup.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{D8D03C67-1F00-44F7-A073-D3B8E093F7DA}] (...) -- E:\iTunes64Setup.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{DFC3500B-02C6-477E-A078-9204679C59D4}] (...) -- E:\iTunes64Setup.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{DFE97A6A-6A8F-4765-8B0A-A18F2F7BE124}] (...) -- E:\iTunes64Setup.exe (.not file.) [0]
O39 - APT: - (..) -- C:\Windows\System32\Tasks\Adobe Flash Player Updater [902]
O39 - APT: Bonanza - (...) -- C:\Windows\Tasks\Bonanza.job [298] =>Adware.BonanzaDeals
O39 - APT: Bonanza - (...) -- C:\Windows\System32\Tasks\Bonanza [298] =>Adware.BonanzaDeals
O39 - APT: - (..) -- C:\Windows\System32\Tasks\FacebookUpdateTaskUserS-1-5-21-1795128182-489873951-3285546841-1000Core [1060]
O39 - APT: - (..) -- C:\Windows\System32\Tasks\FacebookUpdateTaskUserS-1-5-21-1795128182-489873951-3285546841-1000UA [1082]
O39 - APT: - (..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore [1054]
O39 - APT: - (..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA1cf281cb81f3d82 [1058]
~ Scheduled Task: 90 Legitimates Filtered in 00mn 06s



---\\ Software instalados (042)
O42 - Logiciel: Apostila concurso PRF versão 1.0 - (.DownloadApostilaConcurso.com.) [HKLM] -- {E3ED1756-CAFF-4BF3-843D-41C61E416ABA}_is1
O42 - Logiciel: Dic Michaelis - UOL - (...) [HKLM] -- WDIC
O42 - Logiciel: Plants vs Zombies - (...) [HKLM] -- Plants vs Zombies
O42 - Logiciel: SupraSavings - (.SupraSavings.) [HKLM] -- {E6B105B8-1F65-4428-9397-1DFD8A03B94D} =>PUP.SupraSavings
O42 - Logiciel: The 5-Minute Veterinary Consult - (...) [HKLM] -- The 5-Minute Veterinary Consult
O42 - Logiciel: Update_for_BonanzaDeals - (.Update_for_BonanzaDeals.) [HKCU] -- Bonanza =>Adware.BonanzaDeals
O42 - Logiciel: VADEMECUM VETERINARIO 2004-2005 - (...) [HKLM] -- VADEMECUM VETERINARIO 2004-20051.0
O42 - Logiciel: Veterinaria - (...) [HKLM] -- ST6UNST #1
O42 - Logiciel: Wallpaper Master v2.16 - (.James Garton.) [HKLM] -- Wallpaper Master_is1
O42 - Logiciel: WordWeb - (.WordWeb Software.) [HKLM] -- WordWeb
~ Logic: 22 Legitimates Filtered in 00mn 02s



---\\ HKCU & HKLM Software Keys
[HKCU\Software\ASKHomePage]
[HKCU\Software\Amigo Mouse]
[HKCU\Software\Baidu Security]
[HKCU\Software\SP22]
[HKCU\Software\UltraDownloads.com.br]
[HKCU\Software\WordWeb]
[HKLM\Software\360Safe]
[HKLM\Software\Baidu Security]
[HKLM\Software\Baidu_Drp_pos]
[HKLM\Software\CCB]
~ Key Software: 314 Legitimates Filtered in 00mn 02s



---\\ Conteúdo das pastas Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 12/04/2012 - 00:15:47 - [] ----D C:\Program Files\5-MVC
O43 - CFD: 14/02/2014 - 22:44:54 - [] ----D C:\Program Files\KanjiGold
O43 - CFD: 04/07/2012 - 21:30:49 - [] ----D C:\Program Files\Plants vs Zombies
O43 - CFD: 19/03/2012 - 00:53:10 - [] ----D C:\Program Files\Vademecum
O43 - CFD: 19/01/2012 - 22:46:35 - [] ----D C:\Program Files\Veterinaria
O43 - CFD: 23/03/2012 - 17:37:25 - [] ----D C:\Program Files\Wallpaper Master
O43 - CFD: 01/10/2013 - 11:50:44 - [] ----D C:\Program Files\WordWeb
O43 - CFD: 20/05/2014 - 20:07:13 - [] ----D C:\ProgramData\Baidu Security
O43 - CFD: 20/05/2014 - 20:07:29 - [] ----D C:\Users\Suellen\AppData\Roaming\Baidu Security
O43 - CFD: 12/04/2012 - 00:16:53 - [] ----D C:\Users\Suellen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CPVet
O43 - CFD: 04/02/2013 - 22:57:46 - [0] ----D C:\Users\Suellen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dic Michaelis - UOL
~ Program Folder: 206 Legitimates Filtered in 00mn 01s



---\\ Últimos ficheiros alterados ou criados no Windows e Sistema32 (044)
O44 - LFC:[MD5.BE125797A510CD7E9E77D0D79CB989EF] - 20/05/2014 - 20:07:28 ---A- . (.Baidu, Inc. - Baidu Antivirus Hook Base.) -- C:\Windows\System32\Drivers\Bhbase.sys [47456]
O44 - LFC:[MD5.0DC5AF80D059DEC792B665ED598C6567] - 21/05/2014 - 10:34:35 ---A- . (.SQLite Development Team - SQLite Dynamic Link Library (No TCL).) -- C:\Windows\System32\sqlite3.dll [536576]
O44 - LFC:[MD5.CC7AA7B42CF418FC3D926913490048F8] - 21/05/2014 - 11:35:37 ---A- . (...) -- C:\Windows\zoek-delete.exe [24064]
O44 - LFC:[MD5.7EC03C25D5DB656F2C7A9C85AC35CD67] - 21/05/2014 - 12:11:58 ---A- . (...) -- C:\zoek-results.log [17428]
O44 - LFC:[MD5.4FF40AAF09781BCE1D850B306E0AF7BC] - 26/05/2014 - 14:08:04 ---A- . (...) -- C:\Windows\System32\prfc0416.dat [147808]
O44 - LFC:[MD5.DFD2433C51C330C8C1A2D7C825B653C5] - 26/05/2014 - 14:08:04 ---A- . (...) -- C:\Windows\System32\prfh0416.dat [706226]
~ Files: 58 Legitimates Filtered in 00mn 04s



---\\ Operações e funções ao arranque do Windows Explorer (046)
O46 - SEH:ShellExecuteHooks - Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
~ ShellExecuteHooks: Scanned in 00mn 00s



---\\ Chave do registo Shell MountPoints2 (MPKS) (O51)
O51 - MPSK:{1c7b2546-3486-11e1-9611-e81132a687c4}\AutoRun\command. (...) -- E:\AutoRun.exe (.not file.)
O51 - MPSK:{1c7b2548-3486-11e1-9611-e81132a687c4}\AutoRun\command. (...) -- E:\AutoRun.exe (.not file.)
O51 - MPSK:{8e5426c8-09cf-11e2-98ad-e81132a687c4}\AutoRun\command. (...) -- D:\Windows\AutoRun.exe (.not file.)
O51 - MPSK:{991ce9e4-694e-11e1-9dec-e81132a687c4}\AutoRun\command. (...) -- E:\AutoRun.exe (.not file.)
O51 - MPSK:{991ce9f2-694e-11e1-9dec-e81132a687c4}\AutoRun\command. (...) -- E:\AutoRun.exe (.not file.)
O51 - MPSK:{a14023e5-3324-11e1-a7b7-e81132a687c4}\AutoRun\command. (...) -- E:\AutoRun.exe (.not file.)
O51 - MPSK:{a1402403-3324-11e1-a7b7-e81132a687c4}\AutoRun\command. (...) -- F:\AutoRun.exe (.not file.)
O51 - MPSK:{b27da688-da07-11e3-8258-e81132a687c4}\AutoRun\command. (...) -- G:\Autorun.exe (.not file.)
~ Keys: Scanned in 00mn 00s



---\\ Enumeração das chaves do registo PoliciesSystem (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorUser"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
~ MWPS: 20 Legitimates Filtered in 00mn 00s



---\\ Lista dos drivers do sistema (SDL) (O58)
O58 - SDL:17/09/2012 - 19:58:30 R--A- . (.360.cn - 360FileOem.) -- C:\Windows\System32\Drivers\360FileOem.sys [152880]
O58 - SDL:17/09/2012 - 19:58:32 R--A- . (.360安全中心 - 360HookOem.) -- C:\Windows\System32\Drivers\360HookOem.sys [61488]
O58 - SDL:17/09/2012 - 19:58:32 R--A- . (.360安全中心 - 360RegOem.) -- C:\Windows\System32\Drivers\360RegOem.sys [29744]
O58 - SDL:17/09/2012 - 19:58:32 R--A- . (.360安全中心 - 360安全卫士 - SelfProtection.) -- C:\Windows\System32\Drivers\360SpOEM.sys [64048]
O58 - SDL:11/03/2014 - 00:14:02 ---A- . (.Baidu, Inc. - Baidu Antivirus Hook Base.) -- C:\Windows\System32\Drivers\Bhbase.sys [47456]
O58 - SDL:13/07/2009 - 22:20:28 ---A- . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\System32\Drivers\elxstor.sys [453712]
O58 - SDL:13/07/2009 - 19:54:14 ---A- . (.Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for eHome.) -- C:\Windows\System32\Drivers\hcw85cir.sys [26624]
O58 - SDL:21/10/2011 - 03:19:53 ---A- . (.Windows (R) 2003 DDK 3790 provider - Generic Port I/O for Win32.) -- C:\Windows\System32\Drivers\rtport.sys [15656]
O58 - SDL:13/07/2009 - 22:19:04 ---A- . (.Promise Technology - Promise SuperTrak EX Series Driver for Windows.) -- C:\Windows\System32\Drivers\stexstor.sys [21072]
O58 - SDL:13/12/2012 - 13:50:38 ---A- . (.Apple, Inc. - Apple Mobile Device USB Driver.) -- C:\Windows\System32\Drivers\usbaapl.sys [45056]
O58 - SDL:13/07/2009 - 18:40:41 ---A- . (...) -- C:\Windows\System32\ANSI.SYS [9029]
O58 - SDL:13/07/2009 - 18:40:44 ---A- . (...) -- C:\Windows\System32\country.sys [27097]
O58 - SDL:13/07/2009 - 18:40:40 ---A- . (...) -- C:\Windows\System32\HIMEM.SYS [4768]
O58 - SDL:13/07/2009 - 18:40:43 ---A- . (...) -- C:\Windows\System32\KEY01.SYS [42809]
O58 - SDL:13/07/2009 - 18:40:43 ---A- . (...) -- C:\Windows\System32\KEYBOARD.SYS [42537]
O58 - SDL:13/07/2009 - 18:40:23 ---A- . (...) -- C:\Windows\System32\NTDOS.SYS [27866]
O58 - SDL:13/07/2009 - 18:40:31 ---A- . (...) -- C:\Windows\System32\NTDOS404.SYS [29146]
O58 - SDL:13/07/2009 - 18:40:35 ---A- . (...) -- C:\Windows\System32\NTDOS411.SYS [29370]
O58 - SDL:13/07/2009 - 18:40:39 ---A- . (...) -- C:\Windows\System32\NTDOS412.SYS [29274]
O58 - SDL:13/07/2009 - 18:40:27 ---A- . (...) -- C:\Windows\System32\NTDOS804.SYS [29146]
O58 - SDL:13/07/2009 - 18:40:11 ---A- . (...) -- C:\Windows\System32\NTIO.SYS [33952]
O58 - SDL:13/07/2009 - 18:40:15 ---A- . (...) -- C:\Windows\System32\NTIO404.SYS [34672]
O58 - SDL:13/07/2009 - 18:40:17 ---A- . (...) -- C:\Windows\System32\NTIO411.SYS [35776]
O58 - SDL:13/07/2009 - 18:40:19 ---A- . (...) -- C:\Windows\System32\NTIO412.SYS [35536]
O58 - SDL:13/07/2009 - 18:40:13 ---A- . (...) -- C:\Windows\System32\NTIO804.SYS [34672]
~ Drivers: 105 Legitimates Filtered in 00mn 02s



---\\ Últimos ficheiros alterados ou criados (Utilizador) (061)
O61 - LFC: 21/05/2014 - 17:46:47 ---A- . (...) -- C:\Users\Suellen\Downloads\adwcleaner_3.210.exe [1326389]
O61 - LFC: 26/05/2014 - 17:46:45 ---A- . (...) -- C:\Users\Suellen\AppData\Local\Google\Chrome\User Data\nacl_validation_cache.bin [236]
~ 1035 Fichiers temporaires (Temporary files)
~ 306 Fichiers cookies (Cookies files)
~ Files: 28 Legitimates Filtered in 00mn 07s



---\\ Lista das ferramentas de remoção de vírus (LAT) (063)
O63 - Logiciel: ZHPDiag 2014 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =>.Nicolas Coolman
~ ADS: Scanned in 00mn 00s



---\\ Lista dos serviços Legacy du registo (064)
O64 - Services: CurCS - 11/03/2014 - C:\Windows\System32\drivers\Bhbase.sys (Bhbase) .(.Baidu, Inc. - Baidu Antivirus Hook Base.) - LEGACY_BHBASE
~ Legacy: 112 Legitimates Filtered in 00mn 00s



---\\ Associações Shell Spawning (O67)
O67 - Shell Spawning: <.html> [HKCU\..\open\Command] (.Not Key.)
~ FASS Keys: 11 Legitimates Filtered in 00mn 00s



---\\ Menu de inicialização Internet (068)
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
~ Keys: Scanned in 00mn 00s



---\\ Pesquisa de infeção nos navegadores da Internet (SBI) (069)
O69 - SBI: SearchScopes [HKCU] Web - (Web) - [Você precisa estar registrado e conectado para ver este link.]
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (Bing) - [Você precisa estar registrado e conectado para ver este link.]
O69 - SBI: SearchScopes [HKCU] {31FCC53F-5F98-4C8D-9E37-FBD7E6165EE2} - (Google) - [Você precisa estar registrado e conectado para ver este link.]
O69 - SBI: SearchScopes [HKCU] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} [DefaultScope] - (Google) - [Você precisa estar registrado e conectado para ver este link.]
O69 - SBI: SearchScopes [HKUS\.DEFAULT] {C810A113-4E78-4D95-92A4-2887D79DD4E1} - (Pesquisa Segura) - [Você precisa estar registrado e conectado para ver este link.]
O69 - SBI: SearchScopes [HKUS\S-1-5-18] {C810A113-4E78-4D95-92A4-2887D79DD4E1} - (Pesquisa Segura) - [Você precisa estar registrado e conectado para ver este link.]
~ Keys: Scanned in 00mn 00s



---\\ Pesquisa adicional à raiz do sistema (radicular) (SPRF) (O84)
[MD5.94E28010255D126FE7BFE4E55C06492C] [SPRF][04/12/2012] (.No owner - AVAST Software Setup Engine.) -- C:\Program Files\avast_free_antivirus_setup.exe [97495576]
~ Files: 1 Legitimates Filtered in 00mn 01s



---\\ Listagem dos códigos dos software (PUC) (090)
O90 - PUC: "8B501B6E56F182443979D1DFA8309BD4" . (.SupraSavings.) -- c:\windows\Installer\{E6B105B8-1F65-4428-9397-1DFD8A03B94D}\icon64.ico =>PUP.SupraSavings
~ Update Products: 1 Legitimates Filtered in 00mn 01s



---\\ Pesquisa dos pacotes WindowsInstaller (WIS) (O93) (NTFS)
[MD5.3F13781D8AF0D9B0495FE4301F71F99A] [WIS][30/05/2012] (.Babylon Ltd - BabylonObjectInstaller.) -- C:\Windows\Installer\196cfa.msi [346624] =>PUP.Babylon
[MD5.937E6957911EFF7B740EE814C75C95D2] [WIS][03/04/2014] (.APN, LLC - MediaCaster by Ask.) -- C:\Windows\Installer\22c7af4.msi [381952] =>Adware.Bandoo
[MD5.9D0767859EE938C0C4FAC30693109843] [WIS][20/05/2014] (.SupraSavings - SupraSavings.) -- C:\Windows\Installer\22ce5dc.msi [3162112] =>PUP.SupraSavings
[MD5.46F2667ADB3EF8EFBEB0505D2FAD321B] [WIS][13/11/2012] (.SweetIM Technologies Ltd. - SweetPacks Toolbar for Internet Explorer 4.0.) -- C:\Windows\Installer\30f3203.msi [3350528] =>PUP.SweetIM
~ WIS: 4 Legitimates Filtered in 00mn 06s



---\\ Search Tracing Registry Key (O100)
HKLM\SOFTWARE\Microsoft\Tracing\BingBar_RASAPI32 =>Toolbar.Bing
HKLM\SOFTWARE\Microsoft\Tracing\funmoods91212_RASAPI32 =>PUP.Funmoods
HKLM\SOFTWARE\Microsoft\Tracing\funmoods91212_RASMANCS =>PUP.Funmoods
HKLM\SOFTWARE\Microsoft\Tracing\InstTracker_RASAPI32 =>Adware.PredictAd
HKLM\SOFTWARE\Microsoft\Tracing\InstTracker_RASMANCS =>Adware.PredictAd
~ BTK: 280 Legitimates Filtered in 00mn 00s



---\\ Estado general dos serviços não Microsoft (EGS) (SR=Executados, SS=Parados)
SS - | Demand 14/05/2014 257712 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
SS - | Auto 11/12/2012 116648 | (gupdate) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe
SS - | Demand 11/12/2012 116648 | (gupdatem) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe
SS - | Demand 11/03/2014 136120 | (gusvc) . (.Google.) - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
SS - | Demand 15/01/2014 235696 | (McComponentHostService) . (.McAfee, Inc..) - C:\Program Files\McAfee Security Scan\3.8.141\McCHSvc.exe
SS - | Demand 02/08/2013 471592 | (McODS) . (.McAfee, Inc..) - C:\Program Files\McAfee\VirusScan\mcods.exe
SS - | Demand 06/05/2014 119408 | (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
SS - | Demand 09/08/2010 131888 | (Samsung UPD Service) . (.Samsung Electronics CO., LTD..) - C:\windows\System32\SUPDSvc.exe
SS - | Auto 23/10/2013 172192 | (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files\Skype\Updater\Updater.exe
SS - | Auto 10/07/1658 0 | (xmkysecqun32) . (...) - C:\Program Files\003\xmkysecqun32.exe =>PUP.AdPeak
SR - | Auto 21/12/2013 65432 | (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
SR - | Auto 18/04/2013 574272 | (AdvancedSystemCareService6) . (.IObit.) - C:\Program Files\IObit\Advanced SystemCare 6\ASCService.exe
SR - | Auto 07/09/2013 55624 | (Apple Mobile Device) . (.Apple Inc..) - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
SR - | Auto 15/06/2011 146592 | (Atheros Bt&Wlan Coex Agent) . (.Atheros.) - C:\Program Files\Bluetooth Suite\Ath_CoexAgent.exe
SR - | Auto 15/06/2011 76960 | (AtherosSvc) . (.Atheros Commnucations.) - C:\Program Files\Bluetooth Suite\adminservice.exe
SR - | Auto 30/10/2012 44808 | (avast! Antivirus) . (.AVAST Software.) - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
SR - | Auto 30/08/2011 390504 | (Bonjour Service) . (.Apple Inc..) - C:\Program Files\Bonjour\mDNSResponder.exe
SR - | Auto 30/07/2013 281560 | (HomeNetSvc) . (.McAfee, Inc..) - C:\Program Files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe
SR - | Demand 01/11/2013 553288 | (iPod Service) . (.Apple Inc..) - C:\Program Files\iPod\bin\iPodService.exe
SR - | Auto 01/07/2010 325656 | (LMS) . (.Intel Corporation.) - C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
SR - | Auto 31/08/2012 167784 | (McAfee SiteAdvisor Service) . (.McAfee, Inc..) - C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
SR - | Auto 25/04/2014 145568 | (McAPExe) . (.McAfee, Inc..) - C:\Program Files\McAfee\MSC\McAPexe.exe
SR - | Auto 30/07/2013 281560 | (McMPFSvc) . (.McAfee, Inc..) - C:\Program Files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe
SR - | Auto 30/07/2013 281560 | (McNaiAnn) . (.McAfee, Inc..) - C:\Program Files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe
SR - | Auto 30/07/2013 281560 | (mcpltsvc) . (.McAfee, Inc..) - C:\Program Files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe
SR - | Auto 30/07/2013 281560 | (McProxy) . (.McAfee, Inc..) - C:\Program Files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe
SR - | Auto 18/03/2014 655936 | (mfecore) . (.McAfee, Inc..) - C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe
SR - | Auto 03/04/2014 169800 | (mfefire) . (.McAfee, Inc..) - C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
SR - | Auto 03/04/2014 179600 | (mfevtp) . (.McAfee, Inc..) - C:\windows\system32\mfevtps.exe
SR - | Auto 30/07/2013 281560 | (MSK80Service) . (.McAfee, Inc..) - C:\Program Files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe
SR - | Auto 01/06/2010 2057560 | (NOBU) . (.Symantec Corporation.) - C:\Program Files\Symantec\Norton Online Backup\NOBuAgent.exe =>.Symantec Corporation
SR - | Auto 01/12/2009 244904 | (RichVideo) . (...) - C:\Program Files\CyberLink\Shared files\RichVideo.exe
SR - | Auto 01/07/2010 2533400 | (UNS) . (.Intel Corporation.) - C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
SR - | Auto 13/07/2009 20992 | C:\Program Files\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SR - | Auto 13/07/2009 20992 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
~ Services: Scanned in 00mn 24s



---\\ Pesquisa de infeção no Registo Mestre de Inicialização (MBR) (080)
Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, [Você precisa estar registrado e conectado para ver este link.]
Run by Suellen at 26/05/2014 17:48:25
device: opened successfully
user: MBR read successfully
Disk trace:
called modules: ntkrnlpa.exe CLASSPNP.SYS disk.sys iaStor.sys halmacpi.dll
C:\windows\system32\DRIVERS\iaStor.sys Intel Corporation Intel Rapid Storage Technology driver
1 ntkrnlpa!IofCallDriver[0x83A83BBA] >> \Device\Harddisk0\DR0[0x889668A0]
kernel: MBR read successfully
user & kernel MBR OK
~ MBR: 27 Legitimates Filtered in 00mn 02s



---\\ Pesquisa de infeção no Registo Mestre de Inicialização (MBRCheck) (080)
Written by ad13, [Você precisa estar registrado e conectado para ver este link.]
Run by Suellen at 26/05/2014 17:48:27
********* Dump file Name *********
C:\PhysicalDisk0_MBR.bin
~ MBR: Scanned in 00mn 04s



---\\ Scâner Aditional (088)
Database Version : 13026 - (24/05/2014)
Clés trouvées (Keys found) : 10
Valeurs trouvées (Values found) : 0
Dossiers trouvés (Folders found) : 0
Fichiers trouvés (Files found) : 6

[HKLM\SYSTEM\CurrentControlSet\Services\xmkysecqun32] =>PUP.AdPeak^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{E6B105B8-1F65-4428-9397-1DFD8A03B94D}] =>PUP.SupraSavings^
[HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Bonanza] =>Adware.BonanzaDeals^
[HKLM\Software\Microsoft\Tracing\BingBar_RASAPI32] =>Toolbar.Bing
[HKLM\Software\360Safe] =>Trojan.Lozavita
[HKLM\Software\Classes\MyWebSearch.SkinLauncher] =>Adware.MyWebSearch
[HKLM\Software\Classes\MyWebSearch.SkinLauncher.1] =>Adware.MyWebSearch
[HKLM\Software\Classes\MyWebSearch.SkinLauncherSettings] =>Adware.MyWebSearch
[HKLM\Software\Classes\MyWebSearch.SkinLauncherSettings.1] =>Adware.MyWebSearch
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110011221158}] =>PUP.CrossRider
C:\Windows\Tasks\Bonanza.job =>Adware.BonanzaDeals^
C:\Windows\System32\Tasks\Bonanza =>Adware.BonanzaDeals^
C:\Windows\Installer\196cfa.msi =>PUP.Babylon^
C:\Windows\Installer\22c7af4.msi =>Adware.Bandoo^
C:\Windows\Installer\22ce5dc.msi =>PUP.SupraSavings^
C:\Windows\Installer\30f3203.msi =>PUP.SweetIM^
~ Additionnel Scan: 391246 Items scanned in 01mn 14s



---\\ Sumário das deteções encontradas na sua estação
[Você precisa estar registrado e conectado para ver este link.] =>PUP.AdPeak
[Você precisa estar registrado e conectado para ver este link.] =>Adware.BonanzaDeals
[Você precisa estar registrado e conectado para ver este link.] =>PUP.SupraSavings
[Você precisa estar registrado e conectado para ver este link.] =>PUP.Babylon
[Você precisa estar registrado e conectado para ver este link.] =>Adware.Bandoo
[Você precisa estar registrado e conectado para ver este link.] =>PUP.SweetIM
[Você precisa estar registrado e conectado para ver este link.] =>PUP.Funmoods
[Você precisa estar registrado e conectado para ver este link.] =>Adware.PredictAd
[Você precisa estar registrado e conectado para ver este link.] =>Trojan.Lozavita
[Você precisa estar registrado e conectado para ver este link.] =>Adware.MyWebSearch
[Você precisa estar registrado e conectado para ver este link.] =>PUP.CrossRider
~ MSI: 11 link(s) detected in 00mn 00s



~ 1089 Legitimates filtered by white list
End of the scan (633 lines in 04mn 23s)(0)
avatar
suegm
Iniciante
Iniciante

Mensagens : 18
Reputação : 0
Data de inscrição : 26/05/2014

Voltar ao Topo Ir em baixo

Re: Suprasavings + CE_Umbrellacert

Mensagem por Power Max em Seg 26 Maio 2014, 23:55

Faça uma nova limpeza com o AdwCleaner seguindo as dicas deste tutorial abaixo:

[Você precisa estar registrado e conectado para ver este link.]

* Na sua próxima resposta poste o log (relatório) do Adwcleaner que estará em C:\AdwCleaner\AdwCleaner[S0].txt (obs: este número vai aumentando de acordo com a quantidade de vezes que você vai usando o Adwcleaner, portanto se esta for a segunda vez que você o usou o arquivo terá o nome de AdwCleaner[S1].txt

Ficamos na espera.

_________________

Caixa de Dicas
= Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.

[Você precisa estar registrado e conectado para ver este link.] = O melhor da internet você encontra aqui.

[Você precisa estar registrado e conectado para ver este link.] = Mensagens de fé e esperança para o seu coração
avatar
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Voltar ao Topo Ir em baixo

Re: Suprasavings + CE_Umbrellacert

Mensagem por suegm em Ter 27 Maio 2014, 00:56

Encontrei o relatório de semana passada do Adwcleaner.

# AdwCleaner v3.210 - Relatório criado 21/05/2014 às 10:39:50
# Atualizado 19/05/2014 por Xplode
# Sistema Operacional : Windows 7 Home Basic Service Pack 1 (32 bits)
# Usuário : Suellen - NOTE-SUE
# Executando de : C:\Users\Suellen\Downloads\AdwCleaner.exe
# Opção : Limpar

***** [ Serviços ] *****

[#] Serviço Deletada : bonanzadealslive
[#] Serviço Deletada : bonanzadealslivem

***** [ Arquivos / Pastas ] *****

Pasta Deletada : C:\ProgramData\apn
Pasta Deletada : C:\ProgramData\BonanzaDealsLive
Pasta Deletada : C:\ProgramData\SoftWarehouse
Pasta Deletada : C:\Program Files\003
Pasta Deletada : C:\Program Files\BonanzaDeals
Pasta Deletada : C:\Program Files\BonanzaDealsLive
Pasta Deletada : C:\Program Files\Mobogenie
Pasta Deletada : C:\Program Files\predm
Pasta Deletada : C:\Program Files\ScanTack
Pasta Deletada : C:\Program Files\SupraSavings
Pasta Deletada : C:\Users\Public\Documents\baidu
Pasta Deletada : C:\Users\Suellen\AppData\Local\BonanzaDealsLive
Pasta Deletada : C:\Users\Suellen\AppData\Local\genienext
Pasta Deletada : C:\Users\Suellen\AppData\Local\Mobogenie
Pasta Deletada : C:\Users\Suellen\AppData\Local\Temp\apn
Pasta Deletada : C:\Users\Suellen\AppData\Roaming\newnext.me
Pasta Deletada : C:\Users\Suellen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BonanzaDeals
Pasta Deletada : C:\Users\Suellen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mobogenie
Pasta Deletada : C:\Users\Suellen\AppData\Roaming\Mozilla\Firefox\Profiles\fhbqix8w.default\Extensions\SupraSavings@jetpack
Pasta Deletada : C:\Users\Suellen\AppData\Roaming\Mozilla\Firefox\Profiles\fhbqix8w.default\Extensions\crossriderapp2258@crossrider.com
Pasta Deletada : C:\Users\Suellen\AppData\Local\Google\Chrome\User Data\Default\Extensions\ieadcoanfjloocmfafkebdnfefmohngj
Pasta Deletada : C:\Users\Suellen\AppData\Local\Google\Chrome\User Data\Default\Extensions\afjegdojkkoghnbiollpogeeimocanmk
Arquivo Deletada : C:\Users\Suellen\AppData\Roaming\Mozilla\Firefox\Profiles\fhbqix8w.default\Extensions\firefox@scantack.net.xpi
Arquivo Deletada : C:\Users\Suellen\daemonprocess.txt
Arquivo Deletada : C:\Users\Suellen\AppData\Roaming\Mozilla\Firefox\Profiles\fhbqix8w.default\searchplugins\ask-search.xml
Arquivo Deletada : C:\windows\Tasks\BonanzaDealsLiveUpdateTaskMachineCore.job
Arquivo Deletada : C:\windows\System32\Tasks\BonanzaDealsLiveUpdateTaskMachineCore
Arquivo Deletada : C:\windows\Tasks\BonanzaDealsLiveUpdateTaskMachineUA.job
Arquivo Deletada : C:\windows\System32\Tasks\BonanzaDealsLiveUpdateTaskMachineUA
Arquivo Deletada : C:\windows\System32\Tasks\BonanzaDealsUpdate

***** [ Atalhos ] *****


***** [ Registro ] *****

Chave Deletedo : HKLM\SOFTWARE\Google\Chrome\Extensions\bopakagnckmlgajfccecajhnimjiiedh
[#] Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{A7B315F1-EB0A-4F9F-8287-A7ECA218354D}
[#] Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A7B315F1-EB0A-4F9F-8287-A7ECA218354D}
[#] Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{55D7383E-A1AC-483E-B587-E955400D9C13}
[#] Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{55D7383E-A1AC-483E-B587-E955400D9C13}
[#] Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{26087A32-469F-4FBA-927A-C12DB5C6449D}
[#] Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{26087A32-469F-4FBA-927A-C12DB5C6449D}
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\BonanzaDealsLive.exe
Chave Deletedo : HKLM\SOFTWARE\Classes\BonanzaDealsLive.OneClickCtrl.9
Chave Deletedo : HKLM\SOFTWARE\Classes\BonanzaDealsLive.OneClickProcessLauncherMachine
Chave Deletedo : HKLM\SOFTWARE\Classes\BonanzaDealsLive.OneClickProcessLauncherMachine.1.0
Chave Deletedo : HKLM\SOFTWARE\Classes\BonanzaDealsLive.Update3WebControl.3
Chave Deletedo : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.CoCreateAsync
Chave Deletedo : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.CoCreateAsync.1.0
Chave Deletedo : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.CoreClass
Chave Deletedo : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.CoreClass.1
Chave Deletedo : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.CoreMachineClass
Chave Deletedo : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.CoreMachineClass.1
Chave Deletedo : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.CredentialDialogMachine
Chave Deletedo : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.CredentialDialogMachine.1.0
Chave Deletedo : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.OnDemandCOMClassMachine
Chave Deletedo : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.OnDemandCOMClassMachine.1.0
Chave Deletedo : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.OnDemandCOMClassMachineFallback
Chave Deletedo : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.OnDemandCOMClassMachineFallback.1.0
Chave Deletedo : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.OnDemandCOMClassSvc
Chave Deletedo : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.OnDemandCOMClassSvc.1.0
Chave Deletedo : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.ProcessLauncher
Chave Deletedo : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.ProcessLauncher.1.0
Chave Deletedo : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.Update3COMClassService
Chave Deletedo : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.Update3COMClassService.1.0
Chave Deletedo : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.Update3WebMachine
Chave Deletedo : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.Update3WebMachine.1.0
Chave Deletedo : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.Update3WebMachineFallback
Chave Deletedo : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.Update3WebMachineFallback.1.0
Chave Deletedo : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.Update3WebSvc
Chave Deletedo : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.Update3WebSvc.1.0
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\BonanzaDealsLive.exe
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\Mobogenie.exe
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\MobogenieAdd
Valor Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [mobilegeni daemon]
Chave Deletedo : HKLM\SOFTWARE\MozillaPlugins\@tools.bdupdater.com/BonanzaDealsLive Update;version=3
Chave Deletedo : HKLM\SOFTWARE\MozillaPlugins\@tools.bdupdater.com/BonanzaDealsLive Update;version=9
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\{9EA8702C-EEDB-4731-BE68-E9A167DD3597}
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\{D34F391D-4CB7-467F-A543-F583857C63B0}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{10AD2C61-0898-4348-8600-14A342F22AC3}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{118E1BF6-6279-432F-A285-373A77B90C7A}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{14CEEA2F-3D21-46ED-A7D2-89056C520E5E}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{1CC8D970-F626-4F19-815F-890032BB6606}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{29494049-211F-4F5C-8545-7DA8BF7A6CF8}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{33BAF587-9647-4281-A34F-F4830CDC1B9F}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{5B5E5D0E-7C83-4A32-ADD2-E5F488DD6783}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{6802463D-636F-41FE-9924-4CAD56906590}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{806785D0-375F-4C2C-92E3-B8EE65D28E83}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{944661E7-67B9-4DF7-BFF2-05388C166D34}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{9EA8702C-EEDB-4731-BE68-E9A167DD3597}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{A7CF66EF-4F0D-46B1-AF71-A500378D6C34}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{B71934E5-6B93-448D-9D32-CBAA5150C5D8}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{C4BEF720-313C-420A-ACF6-77DD95D8F553}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{D34F391D-4CB7-467F-A543-F583857C63B0}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{E970727E-0508-4BEB-8B72-BBA9D0D047C7}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{EBF1F869-D2F0-4D31-A877-386C853A9C3D}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{F3CF4912-CF0A-451B-AF3B-C4F216C715E4}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{F904AC50-215C-42AB-A532-77E9FDBA9B19}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{FE063412-BEA4-4D76-8ED3-183BE6220D17}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{10AD2C61-0898-4348-8600-14A342F22AC3}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FE063412-BEA4-4D76-8ED3-183BE6220D17}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{10AD2C61-0898-4348-8600-14A342F22AC3}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FE063412-BEA4-4D76-8ED3-183BE6220D17}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{10AD2C61-0898-4348-8600-14A342F22AC3}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FE063412-BEA4-4D76-8ED3-183BE6220D17}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{29494049-211F-4F5C-8545-7DA8BF7A6CF8}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C4BEF720-313C-420A-ACF6-77DD95D8F553}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{29494049-211F-4F5C-8545-7DA8BF7A6CF8}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{33BAF587-9647-4281-A34F-F4830CDC1B9F}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C4BEF720-313C-420A-ACF6-77DD95D8F553}
Chave Deletedo : HKCU\Software\BonanzaDeals
Chave Deletedo : HKCU\Software\BonanzaDealsLive
Chave Deletedo : HKCU\Software\FreeSoftToday
Chave Deletedo : HKCU\Software\InstallCore
Chave Deletedo : HKCU\Software\ScanTack
Chave Deletedo : HKCU\Software\suprasavings
Chave Deletedo : HKCU\Software\TutoTag
Chave Deletedo : HKCU\Software\AppDataLow\Software\Supra Savings
Chave Deletedo : HKCU\Software\AppDataLow\Software\suprasavings
Chave Deletedo : HKLM\Software\BonanzaDeals
Chave Deletedo : HKLM\Software\BonanzaDealsLive
Chave Deletedo : HKLM\Software\FreeSoftToday
Chave Deletedo : HKLM\Software\LevelQualityWatcher
Chave Deletedo : HKLM\Software\ScanTack
Chave Deletedo : HKLM\Software\suprasavings
Chave Deletedo : HKLM\Software\Tutorials
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Bonanza Deals
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Mobogenie
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ScanTack
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\suprasavings
Chave Deletedo : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1C19AC53289098045B06B0DD1D37CBAB
Chave Deletedo : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\23D9E9D21B4E77E41B9F50DD22F24E20
Chave Deletedo : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\23EEA1F105A7F45449974D9B95E7AC89
Chave Deletedo : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\26982796A8AFD1246B95E00265A95BF9
Chave Deletedo : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\42D92D0D75AFEF74297E03876C8D9D33
Chave Deletedo : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4B2468513CA2D6943A1A233CD3F88CE7
Chave Deletedo : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\50FFE845C555A6E4BADB7CB7A145BFEB
Chave Deletedo : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\715A3348920B6534690067594BB69F60
Chave Deletedo : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7B7B13B037A7C2A42AC3E3EAF14D7107
Chave Deletedo : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7D05B2942E9CC80499F397F6114DFB35
Chave Deletedo : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8591B8948E1C4A04F90505B3CDEE8555
Chave Deletedo : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8D841C5FEC311624CB88D49DB3884FA7
Chave Deletedo : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\AD746BF3B3B3FD8409B86604BA85982A
Chave Deletedo : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F355F0DB7A2E3A14B8E7A568FBA25937

***** [ Navegadores ] *****

-\\ Internet Explorer v11.0.9600.17041


-\\ Mozilla Firefox v29.0.1 (en-US)

[ Arquivo : C:\Users\Suellen\AppData\Roaming\Mozilla\Firefox\Profiles\fhbqix8w.default\prefs.js ]

Linha deletada : user_pref("browser.uiCustomization.state", "{\"placements\":{\"PanelUI-contents\":[\"edit-controls\",\"zoom-controls\",\"new-window-button\",\"privatebrowsing-button\",\"save-page-button\",\"print-but[...]
Linha deletada : user_pref("extensions.crossrider.bic", "1429075d97db8001ef695e96f0761385");
Linha deletada : user_pref("extensions.crossriderapp2258.2258.InstallationTime", 1385403112);
Linha deletada : user_pref("extensions.crossriderapp2258.2258.cookie.InstallationTime.expiration", "Fri Feb 01 2030 00:00:00 GMT-0200");
Linha deletada : user_pref("extensions.crossriderapp2258.2258.cookie.InstallationTime.value", "1385403112");
Linha deletada : user_pref("extensions.crossriderapp2258.bic", "1429075d97db8001ef695e96f0761385");
Linha deletada : user_pref("extensions.crossriderapp2258.firstrun", false);
Linha deletada : user_pref("extensions.crossriderapp2258.installationdate", 1385403112);
Linha deletada : user_pref("extensions.crossriderapp2258.lastcheck", 23344609);
Linha deletada : user_pref("extensions.crossriderapp2258.lastcheckitem", 23344626);
Linha deletada : user_pref("extensions.crossriderapp2258.reportInstall", true);
Linha deletada : user_pref("extensions.enabledAddons", "ascsurfingprotection%40iobit.com:1.0,crossriderapp2258%40crossrider.com:0.89.133,DivXWebPlayer%40divx.com:2.0.2.039,%7Bf9d03c26-0575-497e-821d-f7956d23e0ca%7D:3.[...]

-\\ Google Chrome v34.0.1847.137

[ Arquivo : C:\Users\Suellen\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Deletedo [Search Provider] : [Você precisa estar registrado e conectado para ver este link.]
Deletedo [Search Provider] : [Você precisa estar registrado e conectado para ver este link.]
Deletedo [Search Provider] : [Você precisa estar registrado e conectado para ver este link.]
Deletedo [Extension] : afjegdojkkoghnbiollpogeeimocanmk
Deletedo [Extension] : bopakagnckmlgajfccecajhnimjiiedh
Deletedo [Extension] : ieadcoanfjloocmfafkebdnfefmohngj

*************************

AdwCleaner[R0].txt - [88044 octets] - [25/11/2013 12:31:00]
AdwCleaner[R1].txt - [15968 octets] - [21/05/2014 10:33:11]
AdwCleaner[S0].txt - [85013 octets] - [25/11/2013 12:44:26]
AdwCleaner[S1].txt - [15468 octets] - [21/05/2014 10:39:50]

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [15529 octets] ##########
avatar
suegm
Iniciante
Iniciante

Mensagens : 18
Reputação : 0
Data de inscrição : 26/05/2014

Voltar ao Topo Ir em baixo

Re: Suprasavings + CE_Umbrellacert

Mensagem por Power Max em Ter 27 Maio 2014, 01:19

Baixe o programa Junkware Removal Tool no link abaixo:
[Você precisa estar registrado e conectado para ver este link.]

Para executar corretamente o programa acima é só seguir as dicas deste tutorial:

[Você precisa estar registrado e conectado para ver este link.]

* Na sua próxima resposta poste o log (relatório) do Junkware Removal Tool que estará salvo em sua área de trabalho com o nome de JRT.txt

Ficamos na espera.

_________________

Caixa de Dicas
= Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.

[Você precisa estar registrado e conectado para ver este link.] = O melhor da internet você encontra aqui.

[Você precisa estar registrado e conectado para ver este link.] = Mensagens de fé e esperança para o seu coração
avatar
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Voltar ao Topo Ir em baixo

Re: Suprasavings + CE_Umbrellacert

Mensagem por suegm em Ter 27 Maio 2014, 10:44

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 7 Home Basic x86
Ran by Suellen on 27/05/2014 at 10:30:16,08
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\mywebsearch.skinlauncher
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\mywebsearch.skinlauncher.1
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\mywebsearch.skinlaunchersettings
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\mywebsearch.skinlaunchersettings.1
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-1795128182-489873951-3285546841-1000\Software\sweetim
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-1795128182-489873951-3285546841-1000\Software\wajam



~~~ Files

Successfully deleted: [File] C:\windows\Tasks\Bonanza.job



~~~ Folders



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 27/05/2014 at 10:43:08,68
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
avatar
suegm
Iniciante
Iniciante

Mensagens : 18
Reputação : 0
Data de inscrição : 26/05/2014

Voltar ao Topo Ir em baixo

Re: Suprasavings + CE_Umbrellacert

Mensagem por suegm em Ter 27 Maio 2014, 10:56

Karpesky


Status: Absent (events: 1)
26/05/2014 18:26:01 Not found adware not-a-virus:AdWare.Win32.Agent.ahbx C:\AdwCleaner\Quarantine\C\Program Files\ScanTack\ScanTackBHO.dll.vir Medium
Status: Deleted (events: 2)
26/05/2014 18:25:58 Deleted adware not-a-virus:AdWare.Win32.Agent.aiyc C:\AdwCleaner\Quarantine\C\Program Files\Wajam\Updater\update.exe.vir Medium
26/05/2014 18:25:58 Deleted adware not-a-virus:AdWare.Win32.Agent.aiyc C:\AdwCleaner\Quarantine\C\Program Files\Wajam\Updater\update.exe.vir//WajamUpdaterV3.exe Medium
avatar
suegm
Iniciante
Iniciante

Mensagens : 18
Reputação : 0
Data de inscrição : 26/05/2014

Voltar ao Topo Ir em baixo

Re: Suprasavings + CE_Umbrellacert

Mensagem por Power Max em Ter 27 Maio 2014, 11:42

 Há programas desnecessários iniciando junto com o Windows, o que torna o seu PC mais lento. Para corrigir isto, siga as dicas deste tutorial:

[Você precisa estar registrado e conectado para ver este link.]

De preferência deixe apenas os programas de segurança (anti-vírus/anti-spywares/firewall) iniciarem junto com o Windows.

Use também o programa Ccleaner, indicado neste tutorial acima, para fazer uma limpeza e otimização do PC agora e de tempos em tempos.
_____________________________________________________________________________________________________________

 No seu relatório está constando o uso de dois antivirus: Avast e McAfee. É muito importante você ter apenas um antivírus no seu computador, pois mais de um antivírus pode gerar conflito entre eles e prejudicar o funcionamento de seu PC. Veja mais informações sobre esta questão nesta matéria abaixo:

Por que não se deve utilizar dois ou mais antivírus?
[Você precisa estar registrado e conectado para ver este link.]
_________________________________________________________________________________________________________

 Selecione e copie todo o texto destacado em vermelho que te passei.
_____________________________________________________________________________________________________________

 Vá no menu: Iniciar > Todos os programas > ZHP > Clique com o botão direito do mouse sobre o Zhpfix e escolha a opção de Executar como administrador > Clique em Importação > Clique no botão GO > Clique em Oui > Caso queira que os arquivos da lixeira sejam excluídos clique em Oui novamente > Um relatório aparecerá no bloco de notas.

Copie este relatório e poste em sua próxima resposta.


Última edição por Power Max em Ter 27 Maio 2014, 16:39, editado 1 vez(es)

_________________

Caixa de Dicas
= Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.

[Você precisa estar registrado e conectado para ver este link.] = O melhor da internet você encontra aqui.

[Você precisa estar registrado e conectado para ver este link.] = Mensagens de fé e esperança para o seu coração
avatar
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Voltar ao Topo Ir em baixo

Re: Suprasavings + CE_Umbrellacert

Mensagem por Power Max em Ter 27 Maio 2014, 11:44

Faça também o seguinte:

Faça o download do Usbfix [Você precisa estar registrado e conectado para ver este link.] (ao acessar a página clique no botão representado nesta imagem (na parte inferior direita da página) para baixá-lo:
[Você precisa estar registrado e conectado para ver esta imagem.]

Utilize o USBFix conforme é mostrado nesta postagem:

[Você precisa estar registrado e conectado para ver este link.]

Poste o log (relatório) do Usbfix que estará em C:\UsbFix.txt em sua próxima resposta juntamente com o relatório do ZHPFix pedido na resposta anterior.

_________________

Caixa de Dicas
= Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.

[Você precisa estar registrado e conectado para ver este link.] = O melhor da internet você encontra aqui.

[Você precisa estar registrado e conectado para ver este link.] = Mensagens de fé e esperança para o seu coração
avatar
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Voltar ao Topo Ir em baixo

Re: Suprasavings + CE_Umbrellacert

Mensagem por suegm em Ter 27 Maio 2014, 12:02

Rapport de ZHPFix 2014.4.13.3 par Nicolas Coolman, Update du 13/04/2014
Fichier d'export Registre :
Run by Suellen at 27/05/2014 12:00:57
High Elevated Privileges : OK
Windows 7 Home Basic Edition, 32-bit Service Pack 1 (Build 7601)

Reciclagem vazia (00mn 20s)
Reparação de atalhos do navegador

========== Softwares ==========
ELIMINÉ: SupraSavings

========== Estado dos serviços ==========
BHBASE Parado

========== Chaves do Registo ==========
ELIMINÉ: Service: xmkysecqun32
ELIMINÉ: HKCU\Software\ASKHomePage
ELIMINÉ: HKCU\Software\Baidu Security
ELIMINÉ: HKLM\Software\360Safe
ELIMINÉ: HKLM\Software\Baidu Security
ELIMINÉ: HKLM\Software\Baidu_Drp_pos
ELIMINÉ CLSID MPSK: {1c7b2546-3486-11e1-9611-e81132a687c4}
ELIMINÉ CLSID MPSK: {1c7b2548-3486-11e1-9611-e81132a687c4}
ELIMINÉ CLSID MPSK: {8e5426c8-09cf-11e2-98ad-e81132a687c4}
ELIMINÉ CLSID MPSK: {991ce9e4-694e-11e1-9dec-e81132a687c4}
ELIMINÉ CLSID MPSK: {991ce9f2-694e-11e1-9dec-e81132a687c4}
ELIMINÉ CLSID MPSK: {a14023e5-3324-11e1-a7b7-e81132a687c4}
ELIMINÉ CLSID MPSK: {a1402403-3324-11e1-a7b7-e81132a687c4}
ELIMINÉ CLSID MPSK: {b27da688-da07-11e3-8258-e81132a687c4}
ELIMINÉ:* SearchScopes :{C810A113-4E78-4D95-92A4-2887D79DD4E1}
ELIMINÉ: HKLM\SOFTWARE\Microsoft\Tracing\funmoods91212_RASAPI32
ELIMINÉ: HKLM\SOFTWARE\Microsoft\Tracing\funmoods91212_RASMANCS
ELIMINÉ: HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110011221158}

========== Valores do Registo ==========
ELIMINÉ: Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA}
ELIMINÉ RunValue: fst_br_132
ELIMINÉ RunValue: DeskmediaReaper
ELIMINÉ RunValue: Advanced SystemCare 5
ELIMINÉ RunValue: EA Core
ELIMINÉ RunValue: EADM
ProxyFix : Configuração proxy removida com sucesso
ELIMINÉ ProxyServer Value
ELIMINÉ ProxyEnable Value
ELIMINÉ EnableHttp1_1 Value
ELIMINÉ ProxyHttp1.1 Value
ELIMINÉ ProxyOverride Value

========== Pastas ==========
Nenhuma pasta CLSID local utilizador vazia

========== Ficheiros ==========
ELIMINÉ: c:\windows\system32\drivers\bhbase.sys
ELIMINÉ: C:\Windows\Installer\196cfa.msi
ELIMINÉ: C:\Windows\Installer\22c7af4.msi
ELIMINÉ: C:\Windows\Installer\30f3203.msi
ELIMINÉ Temporários windows (3175) (572.617.511 octets)
ELIMINÉ Flash Cookies (0) (0 octets)

========== Tarefa planificada ==========
ELIMINÉ: EasyPartitionManager
ELIMINÉ: {3FA247A8-3771-4F9B-9AF6-E860D8DB4931}
ELIMINÉ: {41E702EF-1460-4185-91A1-557021F7CE8D}
ELIMINÉ: {4AA7947C-385D-4414-878C-B4C40874BCDE}
ELIMINÉ: {6131F8B0-4CC2-4ECB-95E5-4AACC79D8E9D}
ELIMINÉ: {D8D03C67-1F00-44F7-A073-D3B8E093F7DA}
ELIMINÉ: {DFC3500B-02C6-477E-A078-9204679C59D4}
ELIMINÉ: {DFE97A6A-6A8F-4765-8B0A-A18F2F7BE124}

========== Restauração Sistema ==========
Ponto de restauro do sistema criado com sucesso


========== Recapitulativo ==========
18 : Chaves do Registo
12 : Valores do Registo
1 : Pastas
6 : Ficheiros
1 : Softwares
1 : Estado dos serviços
8 : Tarefa planificada
1 : Restauração Sistema


End of clean in 09mn 06s

========== Caminho do ficheiro do relatório ==========
C:\Users\Suellen\AppData\Roaming\ZHP\ZHPFix[R1].txt - 27/05/2014 12:01:17 [3121]
avatar
suegm
Iniciante
Iniciante

Mensagens : 18
Reputação : 0
Data de inscrição : 26/05/2014

Voltar ao Topo Ir em baixo

Re: Suprasavings + CE_Umbrellacert

Mensagem por suegm em Ter 27 Maio 2014, 12:08

Antivirus eu uso só o McAfee. Instalei o Avast ontem, pq ele tinha identificado algo no pendrive em outro pc que o Mcafee não identificou quando botei o pendrive no meu pc. E deixei o Mcafee inativo pra testar o Avast. Obrigada pela dica!
avatar
suegm
Iniciante
Iniciante

Mensagens : 18
Reputação : 0
Data de inscrição : 26/05/2014

Voltar ao Topo Ir em baixo

Re: Suprasavings + CE_Umbrellacert

Mensagem por suegm em Ter 27 Maio 2014, 12:25

############################## | UsbFix V 7.171 | [Limpar]

Usuário: Suellen (Administrador) # NOTE-SUE
Atualizado em 18/05/2014 por El Desaparecido - SosVirus
Começou em 12:22:05 | 27/05/2014

Site : [Você precisa estar registrado e conectado para ver este link.]
Changelog : [Você precisa estar registrado e conectado para ver este link.]
Asistencia : [Você precisa estar registrado e conectado para ver este link.]
Upload Malware : [Você precisa estar registrado e conectado para ver este link.]
Contato : [Você precisa estar registrado e conectado para ver este link.]

PC: SAMSUNG ELECTRONICS CO., LTD. (RV411/RV511/E3511/S3511/RV711/E3411)
CPU: Intel(R) Core(TM) i3 CPU M 380 @ 2.53GHz
RAM -> [Total : 2933 Mo| Free : 896 Mo]
Bios: Phoenix Technologies Ltd.
Boot: Normal boot

OS: Microsoft Windows 7 Home Basic (6.1.7601 32-Bit) Service Pack 1
WB: Windows Internet Explorer : 11.0.9600.17107
WB: Google Chrome : 35.0.1916.114
WB: Mozilla Firefox : 29.0.1

SC: Security Center [Enabled]
WU: Windows Update [Enabled]
AV: McAfee Anti-Virus and Anti-Spyware [(!) Disabled | Updated]
AV: avast! Antivirus [(!) Disabled | Updated]
AS: McAfee Anti-Virus and Anti-Spyware [(!) Disabled | Updated]
AS: avast! Antivirus [(!) Disabled | Updated]
AS: Windows Defender [Enabled | Updated]
FW: McAfee Firewall [(!) Disabled]
FW: Windows FireWall [Enabled]

C:\ (%SystemDrive%) -> Disco fixo # 279 Gb (95 Mb livre - 34%) [] # NTFS
D:\ -> CD-ROM
G:\ -> CD-ROM

################## | Processos parados |

C:\Program Files\IObit\Advanced SystemCare 6\ASCService.exe (ID: 1024|ParentID: 768)
C:\Windows\System32\spoolsv.exe (ID: 1780|ParentID: 768|SISTEMA)
C:\Windows\System32\taskeng.exe (ID: 1788|ParentID: 1272|SISTEMA)
C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe (ID: 2008|ParentID: 768|SISTEMA)
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (ID: 2028|ParentID: 768|SISTEMA)
C:\Program Files\Bluetooth Suite\Ath_CoexAgent.exe (ID: 128|ParentID: 768|SISTEMA)
C:\Program Files\Bluetooth Suite\AdminService.exe (ID: 520|ParentID: 768|SISTEMA)
C:\Program Files\Bonjour\mDNSResponder.exe (ID: 624|ParentID: 768|SISTEMA)
C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe (ID: 1376|ParentID: 768|SISTEMA)
C:\Program Files\Symantec\Norton Online Backup\NOBuAgent.exe (ID: 1680|ParentID: 768|SISTEMA)
C:\Windows\System32\taskhost.exe (ID: 2300|ParentID: 768|Suellen)
C:\Program Files\IObit\Advanced SystemCare 6\Monitor.exe (ID: 2592|ParentID: 1788|SISTEMA)
C:\Program Files\CyberLink\Shared files\RichVideo.exe (ID: 2604|ParentID: 768|SISTEMA)
C:\Program Files\Microsoft Application Virtualization Client\sftvsa.exe (ID: 3068|ParentID: 768|SISTEMA)
C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE (ID: 3220|ParentID: 768|SISTEMA)
C:\Windows\System32\taskeng.exe (ID: 3296|ParentID: 1272|Suellen)
C:\Program Files\CyberLink\YouCam\YCMMirage.exe (ID: 3364|ParentID: 3296|Suellen)
C:\Program Files\Samsung\Easy Display Manager\dmhkcore.exe (ID: 3372|ParentID: 3296|Suellen)
C:\Program Files\Samsung\Easy Display Manager\WifiManager.exe (ID: 3388|ParentID: 3296|Suellen)
C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE (ID: 3596|ParentID: 3220|SISTEMA)
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe (ID: 3708|ParentID: 2380|Suellen)
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (ID: 3732|ParentID: 2380|Suellen)
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe (ID: 4000|ParentID: 2380|Suellen)
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe (ID: 4016|ParentID: 3732|Suellen)
C:\Program Files\Windows Sidebar\sidebar.exe (ID: 2288|ParentID: 2380|Suellen)
C:\Program Files\iTunes\iTunesHelper.exe (ID: 2316|ParentID: 2380|Suellen)
C:\Program Files\Common Files\Java\Java Update\jusched.exe (ID: 2944|ParentID: 2380|Suellen)
C:\Windows\System32\igfxext.exe (ID: 2796|ParentID: 940|Suellen)
C:\Windows\System32\igfxsrvc.exe (ID: 616|ParentID: 940|Suellen)
C:\Program Files\McAfee Security Scan\3.8.141\SSScheduler.exe (ID: 2948|ParentID: 2380|Suellen)
C:\Program Files\MagicDisc\MagicDisc.exe (ID: 4116|ParentID: 2380|Suellen)
C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (ID: 4300|ParentID: 2380|Suellen)
C:\Program Files\iPod\bin\iPodService.exe (ID: 4660|ParentID: 768|SISTEMA)
C:\Program Files\Samsung\Samsung Recovery Solution 5\WCScheduler.exe (ID: 4668|ParentID: 3296|Suellen)
C:\Windows\System32\SearchIndexer.exe (ID: 4976|ParentID: 768|SISTEMA)
C:\Program Files\Samsung\SamsungFastStart\SmartRestarter.exe (ID: 5160|ParentID: 3296|Suellen)
C:\Windows\System32\WUDFHost.exe (ID: 6088|ParentID: 1216|SERVIÇO LOCAL)
C:\Program Files\Samsung\Movie Color Enhancer\MovieColorEnhancer.exe (ID: 1904|ParentID: 3296|Suellen)
C:\Program Files\Samsung\Samsung Support Center\SSCKbdHk.exe (ID: 3892|ParentID: 3296|Suellen)
C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (ID: 5036|ParentID: 768|SISTEMA)
C:\Program Files\Bluetooth Suite\AthBtTray.exe (ID: 5148|ParentID: 3348|Suellen)
C:\Program Files\Samsung\Samsung Update Plus\SUPBackground.exe (ID: 5492|ParentID: 3296|Suellen)
C:\Program Files\Bluetooth Suite\BtvStack.exe (ID: 6148|ParentID: 3348|Suellen)
C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe (ID: 6324|ParentID: 3348|Suellen)
C:\Windows\System32\hkcmd.exe (ID: 6344|ParentID: 3348|Suellen)
C:\Program Files\Symantec\Norton Online Backup\NOBuClient.exe (ID: 6492|ParentID: 3348|Suellen)
C:\Windows\System32\igfxpers.exe (ID: 6516|ParentID: 3348|Suellen)
C:\Program Files\CyberLink\Media+Player10\Media+Player10Serv.exe (ID: 6964|ParentID: 3348|Suellen)
C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (ID: 6264|ParentID: 768|SISTEMA)
C:\Windows\explorer.exe (ID: 5040|ParentID: 6212|Suellen)
C:\Program Files\Google\Chrome\Application\chrome.exe (ID: 30376|ParentID: 5040|Suellen)
C:\Program Files\Google\Chrome\Application\chrome.exe (ID: 30652|ParentID: 30376|Suellen)
C:\Program Files\Google\Chrome\Application\chrome.exe (ID: 19676|ParentID: 30376|Suellen)

################## | Autorun |


################## | Procura genérica |


(!) Ficheiros temporários suprimido.

################## | Registro |

Supprimido ! HKU\S-1-5-21-1795128182-489873951-3285546841-1000\Software\.\.\.\.\Mountpoints2\F

################## | Regedit Run |

F2 - HKLM\..\Winlogon : [Shell] Explorer.exe
F2 - HKLM\..\Winlogon : [Userinit] C:\Windows\system32\userinit.exe,
04 - HKCU\..\Run : [WallpaperChanger] C:\Program Files\Wallpaper Master\Wallpaper.exe
04 - HKCU\..\Run : [Facebook Update] "C:\Users\Suellen\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
04 - HKCU\..\Run : [WordWeb] "C:\Program Files\WordWeb\wweb32.exe" -startup
04 - HKCU\..\Run : [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun
04 - HKCU\..\Run : [GoogleChromeAutoLaunch_C3E8D31D8757B5FA3DF83513FE338381] "C:\Program Files\Google\Chrome\Application\chrome.exe" --no-startup-window
04 - HKCU\..\Run : [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
04 - HKLM\..\Run : [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s
04 - HKLM\..\Run : [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
04 - HKLM\..\Run : [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
04 - HKLM\..\Run : [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
04 - HKLM\..\Run : [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
04 - HKLM\..\Run : [Sidebar] "C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun
04 - HKLM\..\Run : [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
04 - HKLM\..\Run : [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
04 - HKLM\..\Run : [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
04 - HKLM\..\Run : [mcpltui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
04 - HKLM\..\Run : [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
04 - HKLM\..\Run : [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
04 - HKU\S-1-5-19\..\Run : [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
04 - HKU\S-1-5-20\..\Run : [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
04 - HKU\S-1-5-21-1795128182-489873951-3285546841-1000\..\Run : [WallpaperChanger] C:\Program Files\Wallpaper Master\Wallpaper.exe
04 - HKU\S-1-5-21-1795128182-489873951-3285546841-1000\..\Run : [Facebook Update] "C:\Users\Suellen\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
04 - HKU\S-1-5-21-1795128182-489873951-3285546841-1000\..\Run : [WordWeb] "C:\Program Files\WordWeb\wweb32.exe" -startup
04 - HKU\S-1-5-21-1795128182-489873951-3285546841-1000\..\Run : [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun
04 - HKU\S-1-5-21-1795128182-489873951-3285546841-1000\..\Run : [GoogleChromeAutoLaunch_C3E8D31D8757B5FA3DF83513FE338381] "C:\Program Files\Google\Chrome\Application\chrome.exe" --no-startup-window
04 - HKU\S-1-5-21-1795128182-489873951-3285546841-1000\..\Run : [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
04 - HKU\S-1-5-18\..\Run : [Advanced SystemCare 6] "C:\Program Files\IObit\Advanced SystemCare 6\ASCTray.exe" /AutoStart
04 - HKU\S-1-5-19\..\RunOnce : [mctadmin] C:\Windows\System32\mctadmin.exe
04 - HKU\S-1-5-20\..\RunOnce : [mctadmin] C:\Windows\System32\mctadmin.exe

################## | C:\ %SystemDrive% - Disco fixo (NTFS) |

[10/06/2009 - 18:42:20 | N | 0 Ko] - C:\config.sys
[19/03/2012 - 00:50:17 | RASH | 0 Ko] - C:\MSDOS.SYS
[19/03/2012 - 00:50:17 | RASH | 0 Ko] - C:\IO.SYS
[27/05/2014 - 10:14:04 | ASH | 3002944 Ko] - C:\hiberfil.sys
[27/05/2014 - 10:14:06 | ASH | 3002944 Ko] - C:\pagefile.sys
[19/07/2011 - 01:41:17 | N | 2 Ko] - C:\RHDSetup.log
[19/07/2011 - 02:04:59 | N | 0 Ko] - C:\setup.log
[21/05/2014 - 12:11:58 | N | 17 Ko] - C:\zoek-results.log
[21/05/2014 - 12:12:30 | SHD] - C:\$RECYCLE.BIN
[26/05/2014 - 17:48:26 | N | 1 Ko] - C:\PhysicalDisk0_MBR.bin
[10/06/2009 - 18:42:20 | A | 0 Ko] - C:\autoexec.bat
[13/07/2009 - 23:37:05 | D] - C:\PerfLogs
[14/07/2009 - 01:53:55 | SHD] - C:\Documents and Settings
[19/07/2011 - 01:40:09 | D] - C:\Intel
[19/12/2011 - 00:26:40 | SHD] - C:\Recovery
[19/12/2011 - 00:27:47 | D] - C:\Users
[03/01/2012 - 23:44:50 | RHD] - C:\MSOCache
[12/04/2012 - 00:17:34 | D] - C:\CPVET
[04/02/2013 - 22:57:47 | D] - C:\Dic
[22/11/2013 - 22:58:34 | D] - C:\Positivo
[20/05/2014 - 20:18:47 | D] - C:\temp
[21/05/2014 - 12:08:27 | D] - C:\zoek_backup
[26/05/2014 - 16:55:55 | D] - C:\Program Files
[26/05/2014 - 20:59:36 | D] - C:\AdwCleaner
[27/05/2014 - 10:29:57 | D] - C:\Windows
[27/05/2014 - 11:54:11 | SHD] - C:\System Volume Information
[27/05/2014 - 11:54:22 | HD] - C:\ProgramData
[27/05/2014 - 12:21:53 | D] - C:\UsbFix

################## | Vaccin |


################## | E.O.F | [Você precisa estar registrado e conectado para ver este link.] | [Você precisa estar registrado e conectado para ver este link.] |
avatar
suegm
Iniciante
Iniciante

Mensagens : 18
Reputação : 0
Data de inscrição : 26/05/2014

Voltar ao Topo Ir em baixo

Re: Suprasavings + CE_Umbrellacert

Mensagem por Power Max em Ter 27 Maio 2014, 12:27

Abra novamente o ( ZHPDiag )

[Você precisa estar registrado e conectado para ver esta imagem.]

|- Clique "SEARCH" ou "PESQUISAR" e aguarde a conclusão.

[Você precisa estar registrado e conectado para ver esta imagem.]

|- Clique OK e, ao concluir, poste o relatório ZHPDiag.txt

[Você precisa estar registrado e conectado para ver esta imagem.]

_________________

Caixa de Dicas
= Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.

[Você precisa estar registrado e conectado para ver este link.] = O melhor da internet você encontra aqui.

[Você precisa estar registrado e conectado para ver este link.] = Mensagens de fé e esperança para o seu coração
avatar
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Voltar ao Topo Ir em baixo

Re: Suprasavings + CE_Umbrellacert

Mensagem por suegm em Ter 27 Maio 2014, 12:35

~ Relatório do ZHPDiag v2014.5.26.74 - Nicolas Coolman (24/05/2014)
~ Iniciado por Suellen (27/05/2014 12:28:59)
~ Endereço do Website : [Você precisa estar registrado e conectado para ver este link.]
~ Tradução pelo utilizador
~ Estatuto da versão :
~ Lista Branca : Ativado pelo programa
~ Elevação dos Privilégios : OK
~ Controle de Conta de Utilizador : Deactivate by user


---\\ Navegadores Internet
MSIE: Internet Explorer v11.0.9600.17107
MFIE: Mozilla Firefox 29.0.1
GCIE: Google Chrome v35.0.1916.114 (Defaut)

---\\ Informações sobre os produtos Windows
~ Langage: Portugais
Windows 7 Home Basic, 32-bit Service Pack 1 (Build 7601)
Windows Server License Manager Script : OK
Software Protection Service (Protection logicielle) : OK
Windows Automatic Updates : OK
Windows Activation Technologies : OK

---\\ Softwares de proteçao do sistema
avast! Free Antivirus v7.0.1474.0
McAfee Security Scan Plus v3.8.141.11
Windows Defender W7 (Activate)

---\\ Softwares d'optimização do sistema

---\\ Softwares de partilha do PeerToPeer (P2P)

---\\ Monitoramento dos softwares
Adobe Flash Player 13 Plugin
Adobe Reader XI
Java 7 Update 51

---\\ Informações sobre o sistema
~ Processor: x86 Family 6 Model 37 Stepping 5, GenuineIntel
~ Operating System: 32 Bits
Boot mode: Normal (Normal boot)
Total RAM: 2932 MB (35% free)
System Restore: Activé (Enable)
System drive C: has 95 GB (34%) free of 279 GB

---\\ Modo de conexão ao sistema
~ Computer Name: NOTE-SUE
~ User Name: Suellen
~ All Users Names: Suellen, Convidado, Administrador,
~ Unselected Option: 045,061,O62,065,066,080,O82,089
Logged in as Administrator

---\\ As variáveis de ambiente
~ System Unit : C:\
~ %AppZHP% : C:\Users\Suellen\AppData\Roaming\ZHP\
~ %AppData% : C:\Users\Suellen\AppData\Roaming\
~ %Desktop% : C:\Users\Suellen\Desktop\
~ %Favorites% : C:\Users\Suellen\Favorites\
~ %LocalAppData% : C:\Users\Suellen\AppData\Local\
~ %StartMenu% : C:\Users\Suellen\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\

---\\ Enumeração das unidades dos discos
C: Hard drive, Flash drive, Thumb drive (Free 95 Go of 279 Go)
D: CD-ROM drive (Not Inserted)
F: Floppy drive, Flash card reader, USB Key (Not Inserted)
G: CD-ROM drive (Not Inserted)
Q: Hard drive, Flash drive, Thumb drive (Free 0 Go of 0 Go)



---\\ Estado do Centro de Segurança do Windows
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: Modified
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowMyComputer: Modified
~ Security Center: 50 Legitimates Filtered in 00mn 00s



---\\ Pesquisa particular de ficheiros genéricos
[MD5.8B88EBBB05A0E56B7DCC708498C02B3E] - (.Microsoft Corporation - Windows Explorer.) (.25/02/2011 - 02:30:54.) -- C:\Windows\Explorer.exe [2616320]
[MD5.B5C5DCAD3899512020D135600129D665] - (.Microsoft Corporation - Aplicativo de Inicialização do Windows.) (.13/07/2009 - 22:14:45.) -- C:\Windows\System32\Wininit.exe [96256]
[MD5.E4E829EE073E046B0EB19B5FECB19B8C] - (.Microsoft Corporation - Internet Extensions para Win32.) (.06/03/2014 - 02:41:49.) -- C:\Windows\System32\wininet.dll [1789440]
[MD5.998507B046BA314CE8245364C686FA67] - (.Microsoft Corporation - Aplicativo de Logon do Windows.) (.04/03/2014 - 06:17:02.) -- C:\Windows\System32\Winlogon.exe [304128]
[MD5.E3AE23569749DE12D45BA3B489A036AE] - (.Microsoft Corporation - Biblioteca de Licenciamento de Software.) (.20/11/2010 - 18:29:24.) -- C:\Windows\System32\sppcomapi.dll [193536]
[MD5.F81BB7E487EDCEAB630A7EE66CF23913] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.13/09/2013 - 21:48:58.) -- C:\Windows\system32\Drivers\AFD.sys [338944]
[MD5.338C86357871C167A96AB976519BF59E] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.13/07/2009 - 22:26:15.) -- C:\Windows\system32\Drivers\atapi.sys [21584]
[MD5.77EA11B065E0A8AB902D78145CA51E10] - (.Microsoft Corporation - CD-ROM File System Driver.) (.13/07/2009 - 20:11:15.) -- C:\Windows\system32\Drivers\Cdfs.sys [70656]
[MD5.BE167ED0FDB9C1FA1133953C18D5A6C9] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.20/11/2010 - 18:29:03.) -- C:\Windows\system32\Drivers\Cdrom.sys [108544]
[MD5.F024449C97EC1E464AAFFDA18593DB88] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.20/11/2010 - 18:29:07.) -- C:\Windows\system32\Drivers\DfsC.sys [78336]
[MD5.9036377B8A6C15DC2EEC53E489D159B5] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.20/11/2010 - 18:29:03.) -- C:\Windows\system32\Drivers\HDAudBus.sys [108544]
[MD5.F151F0BDC47F4A28B1B20A0818EA36D6] - (.Microsoft Corporation - Driver de porta i8042.) (.13/07/2009 - 20:11:24.) -- C:\Windows\system32\Drivers\i8042prt.sys [80896]
[MD5.A5FA468D67ABCDAA36264E463A7BB0CD] - (.Microsoft Corporation - IP Network Address Translator.) (.13/07/2009 - 20:54:29.) -- C:\Windows\system32\Drivers\IpNat.sys [101888]
[MD5.5D16C921E3671636C0EBA3BBAAC5FD25] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.26/04/2011 - 23:17:22.) -- C:\Windows\system32\Drivers\MRxSmb.sys [123904]
[MD5.280122DDCF04B378EDD1AD54D71C1E54] - (.Microsoft Corporation - MBT Transport driver.) (.20/11/2010 - 18:29:08.) -- C:\Windows\system32\Drivers\netBT.sys [187904]
[MD5.C8DFF8D07755A66C7A4A738930F0FEAC] - (.Microsoft Corporation - Driver do Sistema de Arquivos NT.) (.23/01/2014 - 23:18:22.) -- C:\Windows\system32\Drivers\ntfs.sys [1212352]
[MD5.2EA877ED5DD9713C5AC74E8EA7348D14] - (.Microsoft Corporation - Driver de porta paralela.) (.13/07/2009 - 20:45:35.) -- C:\Windows\system32\Drivers\Parport.sys [79360]
[MD5.D9F91EAFEC2815365CBE6D167E4E332A] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.13/07/2009 - 20:54:34.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [78848]
[MD5.3E21C083B8A01CB70BA1F09303010FCE] - (.Microsoft Corporation - SMB Transport driver.) (.13/07/2009 - 20:53:41.) -- C:\Windows\system32\Drivers\smb.sys [71168]
[MD5.B459575348C20E8121D6039DA063C704] - (.Microsoft Corporation - TDI Translation Driver.) (.20/11/2010 - 18:29:07.) -- C:\Windows\system32\Drivers\tdx.sys [74752]
[MD5.F497F67932C6FA693D7DE2780631CFE7] - (.Microsoft Corporation - Driver de cópia de sombra de volume.) (.20/11/2010 - 18:29:03.) -- C:\Windows\system32\Drivers\volsnap.sys [245632]
~ Generic Processes: Scanned in 00mn 01s



---\\ Estatuto dos ficheiros ocultos (Oculto/Total)
~ Mes images (My Pictures) : 1/27
~ Mes musiques (My Musics) : 1/78
~ Mes Videos (My Videos) : 1/10
~ Mes Favoris (My Favorites) : 1/2
~ Mes Documents (My Documents) : 2/136
~ Mon Bureau (My Desktop) : 0/8
~ Menu demarrer (Programs) : 1/34
~ Hidden Files: Scanned in 00mn 00s



---\\ Processos lançados
[MD5.8FA553E9AE69808D99C164733A0F9590] - (.AVAST Software - avast! Service.) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe [44808] [PID.1572]
[MD5.20C4FAB164451E396C403DEB59E4441E] - (.McAfee, Inc. - McAfee Process Validation Service.) -- C:\windows\system32\mfevtps.exe [179600] [PID.1952]
[MD5.16B115E3706F493BE99FCA5D75EE54CF] - (.McAfee, Inc. - McAfee Access Protection.) -- C:\Program Files\McAfee\MSC\McAPexe.exe [145568] [PID.3504]
[MD5.6E35C41DE0FAA9889238C21BE445B61C] - (.McAfee, Inc. - McAfee On-Access Scanner service.) -- C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe [655936] [PID.3680]
[MD5.ECC57611D3CED496F918C6E624BE635C] - (.McAfee, Inc. - McAfee Core Firewall Service.) -- C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe [169800] [PID.2624]
[MD5.74557BFD04530E512DBB9C151C4DA110] - (.McAfee, Inc. - McAfee.) -- C:\Program Files\Common Files\McAfee\Platform\mcuicnt.exe [499384] [PID.1836]
[MD5.083649EF692A066880C9326020915AFE] - (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe [4297136] [PID.2724]
[MD5.5007E21208DA68F60EBF43352BDFE6D0] - (.McAfee, Inc. - McAfee Service Host.) -- C:\Program Files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe [281560] [PID.1896]
[MD5.51138BEEA3E2C21EC44D0932C71762A8] - (...) -- ystem32\rundll32.exe [0] [PID.10724]
[MD5.23D990150D56B670A62B21B9ABDD45EE] - (.Intel Corporation - Local Manageability Service.) -- C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [325656] [PID.11384]
[MD5.30E3850F303EAE5C364782EA78579CC9] - (.Apple Inc. - MobileDeviceService.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [55624] [PID.5188]
[MD5.1620FE36666F4BBC2314B7F360FB1965] - (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe [860488] [PID.10464]
[MD5.1D040D09300DE4F68B6E5936FBA0E59A] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [7878144] [PID.13832]
[MD5.A63DC5C2EA944E6657203E0C8EDEAF61] - (.Microsoft Corporation - COM Surrogate.) -- C:\windows\system32\DllHost.exe [7168] [PID.14092]
[MD5.F119B9096D2767F454C7CD406E5D9224] - (.McAfee, Inc. - McAfee Update Manager Service.) -- C:\Program Files\McAfee\MSC\mcupdmgr.exe [1346512] [PID.12424]
[MD5.CF87A1DE791347E75B98885214CED2B8] - (.Microsoft Corporation - Serviço da Plataforma de Proteção de Softwa.) -- C:\windows\system32\sppsvc.exe [3179520] [PID.13688]
[MD5.1336353BEA811485CF24C0877B309F22] - (.McAfee, Inc. - McAfee Update Launcher.) -- C:\Program Files\mcafee.com\agent\McUpdate.exe [1261576] [PID.0]
~ Processes Running: Scanned in 00mn 03s



---\\ Google Chrome, Arranque,Pesquisa,Extensões (G0,G1,G2)
C:\Users\Suellen\AppData\Local\Google\Chrome\User Data\Default\Preferences
G2 - GCE: Preference [User Data\Default] [ahfgeienlihckogmohjhadlkjgocpleb] Loja v.0.2 (Activé)
G2 - GCE: Preference [User Data\Default] [neajdppkdcdipfabeoofebfddakdcjhd] Google Network Speech v.1.0 (Activé)
G2 - GCE: Preference [User Data\Default] [nkeimhogjdpnpccoofpliimaahmaaome] Hangout Services v.1.0 (Activé)

---\\ Pasta de extensão do Google Chrome
~ Google Lines Browser: 12 Legitimates Filtered in 00mn 11s



---\\ Mozilla Firefox, Plugins,Arranque,Pesquisa,Extensões (P2,M0,M1,M2,M3)
P2 - FPN: [HKLM] [@mcafee.com/MSC,version=10] - (...) -- C:\Program Files\McAfee\MSC\npMcSnFFPl.dll
P2 - FPN: [HKCU] [vitzo.com/VDownloader] - (...) -- C:\Program Files\VDownloader\Addons\npVDownloader.dll (.not file.)
~ Firefox Browser: 16 Legitimates Filtered in 00mn 00s



---\\ Internet Explorer, Arranque, Pesquisa, URLSearchHook( gancho de URL), Phishing (R0,R1,R3,R4)
R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (...) (No version) -- (.not file.)
~ IE Browser: 16 Legitimates Filtered in 00mn 00s



---\\ Internet Explorer, Gestão do Proxy (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s



---\\ Análise das linhas F0, F1, F2, F3 - Ficheiros ini, Carregamento Automático de programas
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys: Scanned in 00mn 00s



---\\ Redireção do ficheiro Hosts (01)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File: Scanned in 00mn 00s
~ Nombre de lignes (Lines number): 21



---\\ Browser Helper Objects do navegador (02)
O2 - BHO: Samsung BHO Helper - {AA609D72-8482-4076-8991-8CDAE5B93BCB} . (...) -- C:\Program Files\Samsung AnyWeb Print\W2PBrowser.dll
~ BHO: 20 Legitimates Filtered in 00mn 00s



---\\ Barras do Internet Explorer (03))
O3 - Toolbar: McAfee SiteAdvisor Toolbar - [HKLM]{0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} . (.McAfee, Inc. - SiteAdvisor.) -- C:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll
O3 - Toolbar: avast! WebRep - [HKLM]{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} . (.AVAST Software - avast! WebRep Plugin.) -- C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
~ Toolbar: Scanned in 00mn 00s



---\\ Aplicações iniciadas por registo & pastas (04)
O4 - HKLM\..\Run: [RtHDVCpl] . (.Realtek Semiconductor - Gerenciador de áudio HD Realtek.) -- C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
O4 - HKLM\..\Run: [SynTPEnh] . (.Synaptics Incorporated - Synaptics TouchPad Enhancements.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [mcui_exe] . (.McAfee, Inc. - McAfee Security Center.) -- C:\Program Files\McAfee.com\Agent\mcagent.exe
O4 - HKLM\..\Run: [GrooveMonitor] . (.Microsoft Corporation - GrooveMonitor Utility.) -- C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
O4 - HKLM\..\Run: [APSDaemon] . (.Apple Inc. - Apple Push.) -- C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe
O4 - HKLM\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets da Área de Trabalho do Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe
O4 - HKLM\..\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe =>.Adobe Systems Incorporated
O4 - HKLM\..\Run: [QuickTime Task] . (.Apple Inc. - QuickTime Task.) -- C:\Program Files\QuickTime\QTTask.exe
O4 - HKLM\..\Run: [iTunesHelper] . (.Apple Inc. - iTunesHelper.) -- C:\Program Files\iTunes\iTunesHelper.exe
O4 - HKLM\..\Run: [mcpltui_exe] . (.McAfee, Inc. - McAfee Security Center.) -- C:\Program Files\McAfee.com\Agent\mcagent.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] . (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe =>.Oracle Corporation
O4 - HKLM\..\Run: [avast] . (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\avastUI.exe
O4 - HKCU\..\Run: [WallpaperChanger] . (.James Garton - Desktop Wallpaper Changer.) -- C:\Program Files\Wallpaper Master\Wallpaper.exe
O4 - HKCU\..\Run: [Facebook Update] . (.Facebook Inc. - Facebook Installer.) -- C:\Users\Suellen\AppData\Local\Facebook\Update\FacebookUpdate.exe
O4 - HKCU\..\Run: [WordWeb] . (.WordWeb Software - WordWeb.) -- C:\Program Files\WordWeb\wweb32.exe
O4 - HKCU\..\Run: [Skype] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files\Skype\Phone\Skype.exe =>.Skype Technologies S.A.
O4 - HKCU\..\Run: [GoogleChromeAutoLaunch_C3E8D31D8757B5FA3DF83513FE338381] . (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
O4 - HKCU\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets da Área de Trabalho do Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe
O4 - HKUS\.DEFAULT\..\Run: [Advanced SystemCare 6] . (.IObit - ASCTray.) -- C:\Program Files\IObit\Advanced SystemCare 6\ASCTray.exe
O4 - HKUS\S-1-5-18\..\Run: [Advanced SystemCare 6] . (.IObit - ASCTray.) -- C:\Program Files\IObit\Advanced SystemCare 6\ASCTray.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets da Área de Trabalho do Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets da Área de Trabalho do Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-21-1795128182-489873951-3285546841-1000\..\Run: [WallpaperChanger] . (.James Garton - Desktop Wallpaper Changer.) -- C:\Program Files\Wallpaper Master\Wallpaper.exe
O4 - HKUS\S-1-5-21-1795128182-489873951-3285546841-1000\..\Run: [Facebook Update] . (.Facebook Inc. - Facebook Installer.) -- C:\Users\Suellen\AppData\Local\Facebook\Update\FacebookUpdate.exe
O4 - HKUS\S-1-5-21-1795128182-489873951-3285546841-1000\..\Run: [WordWeb] . (.WordWeb Software - WordWeb.) -- C:\Program Files\WordWeb\wweb32.exe
O4 - HKUS\S-1-5-21-1795128182-489873951-3285546841-1000\..\Run: [Skype] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files\Skype\Phone\Skype.exe =>.Skype Technologies S.A.
O4 - HKUS\S-1-5-21-1795128182-489873951-3285546841-1000\..\Run: [GoogleChromeAutoLaunch_C3E8D31D8757B5FA3DF83513FE338381] . (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
O4 - HKUS\S-1-5-21-1795128182-489873951-3285546841-1000\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets da Área de Trabalho do Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe
~ Application: Scanned in 00mn 00s



---\\ Boutões da barra de ferramentas principal do Internet Explorer (09)
O9 - Extra button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} . (.Microsoft Corporation - Windows Live Messenger Companion core resources.) -- C:\Program Files\Windows Live\Companion\companionres.dll
O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} . (.Microsoft Corporation - Windows Live Writer Blog This Extension.) -- C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} . (.Microsoft Corporation - Microsoft Office OneNote Internet Explorer Add-in.) -- C:\Program Files\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Samsung AnyWeb Print - {328ECD19-C167-40eb-A0C7-16FE7634105E} . (...) -- C:\Program Files\Samsung AnyWeb Print\W2PBrowser.dll
O9 - Extra button: Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} -- Chave orfã
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} . (...) -- C:\Program Files\Microsoft Office\Office12\REFBARH.ICO
~ IE Extra Buttons: Scanned in 00mn 00s



---\\ Alteração Dominio/Clientes DNS (017)
O17 - HKLM\System\CCS\Services\Tcpip\..\{A4F9698D-6354-43D8-BE6A-7F1D2A5006D8}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{E62483AD-5D9A-4224-BBCD-48C778DC0C9D}: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{F00DCE30-6062-4678-A342-E10356B5305E}: DhcpNameServer = 192.168.25.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{A4F9698D-6354-43D8-BE6A-7F1D2A5006D8}: DhcpDomain = domain.name
O17 - HKLM\System\CCS\Services\Tcpip\..\{F00DCE30-6062-4678-A342-E10356B5305E}: DhcpDomain = dqx.tvgvt
O17 - HKLM\System\CS1\Services\Tcpip\..\{A4F9698D-6354-43D8-BE6A-7F1D2A5006D8}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{E62483AD-5D9A-4224-BBCD-48C778DC0C9D}: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{F00DCE30-6062-4678-A342-E10356B5305E}: DhcpNameServer = 192.168.25.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{A4F9698D-6354-43D8-BE6A-7F1D2A5006D8}: DhcpDomain = domain.name
O17 - HKLM\System\CS1\Services\Tcpip\..\{F00DCE30-6062-4678-A342-E10356B5305E}: DhcpDomain = dqx.tvgvt
O17 - HKLM\System\CS2\Services\Tcpip\..\{A4F9698D-6354-43D8-BE6A-7F1D2A5006D8}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{E62483AD-5D9A-4224-BBCD-48C778DC0C9D}: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{F00DCE30-6062-4678-A342-E10356B5305E}: DhcpNameServer = 192.168.25.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{A4F9698D-6354-43D8-BE6A-7F1D2A5006D8}: DhcpDomain = domain.name
O17 - HKLM\System\CS2\Services\Tcpip\..\{F00DCE30-6062-4678-A342-E10356B5305E}: DhcpDomain = dqx.tvgvt
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.25.1
~ Domain: Scanned in 00mn 00s



---\\ Protocolo adicional (018)
O18 - Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (.Microsoft Corporation - Windows Live Album Download Protocol Handle.) -- C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.dll =>.Microsoft Corporation
~ Protocole Additionnel: Scanned in 00mn 00s



---\\ Valor do Registo AppInit_DLLs e sub-chaves Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: igfxcui . (.Intel Corporation - igfxdev Module.) -- C:\Windows\System32\igfxdev.dll
~ Winlogon: Scanned in 00mn 00s



---\\ Tarefas planificadas automaticamente (039)
O39 - APT: - (..) -- C:\Windows\System32\Tasks\Adobe Flash Player Updater [902]
O39 - APT: - (..) -- C:\Windows\System32\Tasks\FacebookUpdateTaskUserS-1-5-21-1795128182-489873951-3285546841-1000Core [1060]
O39 - APT: - (..) -- C:\Windows\System32\Tasks\FacebookUpdateTaskUserS-1-5-21-1795128182-489873951-3285546841-1000UA [1082]
O39 - APT: - (..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore [1054]
O39 - APT: - (..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA1cf281cb81f3d82 [1058]
~ Scheduled Task: 20 Legitimates Filtered in 00mn 06s



---\\ Software instalados (042)
O42 - Logiciel: Apostila concurso PRF versão 1.0 - (.DownloadApostilaConcurso.com.) [HKLM] -- {E3ED1756-CAFF-4BF3-843D-41C61E416ABA}_is1
O42 - Logiciel: Dic Michaelis - UOL - (...) [HKLM] -- WDIC
O42 - Logiciel: Plants vs Zombies - (...) [HKLM] -- Plants vs Zombies
O42 - Logiciel: The 5-Minute Veterinary Consult - (...) [HKLM] -- The 5-Minute Veterinary Consult
O42 - Logiciel: VADEMECUM VETERINARIO 2004-2005 - (...) [HKLM] -- VADEMECUM VETERINARIO 2004-20051.0
O42 - Logiciel: Veterinaria - (...) [HKLM] -- ST6UNST #1
O42 - Logiciel: Wallpaper Master v2.16 - (.James Garton.) [HKLM] -- Wallpaper Master_is1
O42 - Logiciel: WordWeb - (.WordWeb Software.) [HKLM] -- WordWeb
~ Logic: 21 Legitimates Filtered in 00mn 02s



---\\ HKCU & HKLM Software Keys
[HKCU\Software\Amigo Mouse]
[HKCU\Software\Bonanza] =>Adware.BonanzaDeals
[HKCU\Software\SP22]
[HKCU\Software\UltraDownloads.com.br]
[HKCU\Software\WordWeb]
[HKLM\Software\CCB]
~ Key Software: 304 Legitimates Filtered in 00mn 02s



---\\ Conteúdo das pastas Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 12/04/2012 - 00:15:47 - [] ----D C:\Program Files\5-MVC
O43 - CFD: 14/02/2014 - 22:44:54 - [] ----D C:\Program Files\KanjiGold
O43 - CFD: 04/07/2012 - 21:30:49 - [] ----D C:\Program Files\Plants vs Zombies
O43 - CFD: 19/03/2012 - 00:53:10 - [] ----D C:\Program Files\Vademecum
O43 - CFD: 19/01/2012 - 22:46:35 - [] ----D C:\Program Files\Veterinaria
O43 - CFD: 23/03/2012 - 17:37:25 - [] ----D C:\Program Files\Wallpaper Master
O43 - CFD: 01/10/2013 - 11:50:44 - [] ----D C:\Program Files\WordWeb
O43 - CFD: 12/04/2012 - 00:16:53 - [] ----D C:\Users\Suellen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CPVet
O43 - CFD: 04/02/2013 - 22:57:46 - [0] ----D C:\Users\Suellen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dic Michaelis - UOL
~ Program Folder: 205 Legitimates Filtered in 00mn 01s



---\\ Últimos ficheiros alterados ou criados no Windows e Sistema32 (044)
O44 - LFC:[MD5.0DC5AF80D059DEC792B665ED598C6567] - 21/05/2014 - 10:34:35 ---A- . (.SQLite Development Team - SQLite Dynamic Link Library (No TCL).) -- C:\Windows\System32\sqlite3.dll [536576]
O44 - LFC:[MD5.CC7AA7B42CF418FC3D926913490048F8] - 21/05/2014 - 11:35:37 ---A- . (...) -- C:\Windows\zoek-delete.exe [24064]
O44 - LFC:[MD5.7EC03C25D5DB656F2C7A9C85AC35CD67] - 21/05/2014 - 12:11:58 ----- . (...) -- C:\zoek-results.log [17428]
O44 - LFC:[MD5.DBB542C0DB47EEE74C5488FBA90E4FED] - 26/05/2014 - 22:26:43 ---A- . (...) -- C:\Windows\System32\dentro-do-mesmo-quarto-de-bebe-com-decoracao-provencal-a-arquiteta-e-urbanista-magaly-gentil-montou-um-cantinho-para-a-higiene-da-crianca-sobre-a-bancada-de-madeira-com-pintura-1394145309806_102.jpg.lnk [1177]
O44 - LFC:[MD5.3A0D70384AECF220F84C741B5E966EC1] - 27/05/2014 - 10:13:25 ---A- . (...) -- C:\Windows\ntbtlog.txt [297306]
O44 - LFC:[MD5.4FF40AAF09781BCE1D850B306E0AF7BC] - 27/05/2014 - 10:21:33 ---A- . (...) -- C:\Windows\System32\prfc0416.dat [147808]
O44 - LFC:[MD5.DFD2433C51C330C8C1A2D7C825B653C5] - 27/05/2014 - 10:21:33 ---A- . (...) -- C:\Windows\System32\prfh0416.dat [706226]
~ Files: 60 Legitimates Filtered in 00mn 10s



---\\ Operações e funções ao arranque do Windows Explorer (046)
O46 - SEH:ShellExecuteHooks - Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
~ ShellExecuteHooks: Scanned in 00mn 00s



---\\ Enumeração das chaves do registo PoliciesSystem (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorUser"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
~ MWPS: 19 Legitimates Filtered in 00mn 00s



---\\ Lista dos drivers do sistema (SDL) (O58)
O58 - SDL:17/09/2012 - 19:58:30 R--A- . (.360.cn - 360FileOem.) -- C:\Windows\System32\Drivers\360FileOem.sys [152880]
O58 - SDL:17/09/2012 - 19:58:32 R--A- . (.360安全中心 - 360HookOem.) -- C:\Windows\System32\Drivers\360HookOem.sys [61488]
O58 - SDL:17/09/2012 - 19:58:32 R--A- . (.360安全中心 - 360RegOem.) -- C:\Windows\System32\Drivers\360RegOem.sys [29744]
O58 - SDL:17/09/2012 - 19:58:32 R--A- . (.360安全中心 - 360安全卫士 - SelfProtection.) -- C:\Windows\System32\Drivers\360SpOEM.sys [64048]
O58 - SDL:13/07/2009 - 22:20:28 ---A- . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\System32\Drivers\elxstor.sys [453712]
O58 - SDL:13/07/2009 - 19:54:14 ---A- . (.Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for eHome.) -- C:\Windows\System32\Drivers\hcw85cir.sys [26624]
O58 - SDL:21/10/2011 - 03:19:53 ---A- . (.Windows (R) 2003 DDK 3790 provider - Generic Port I/O for Win32.) -- C:\Windows\System32\Drivers\rtport.sys [15656]
O58 - SDL:13/07/2009 - 22:19:04 ---A- . (.Promise Technology - Promise SuperTrak EX Series Driver for Windows.) -- C:\Windows\System32\Drivers\stexstor.sys [21072]
O58 - SDL:13/12/2012 - 13:50:38 ---A- . (.Apple, Inc. - Apple Mobile Device USB Driver.) -- C:\Windows\System32\Drivers\usbaapl.sys [45056]
O58 - SDL:13/07/2009 - 18:40:41 ---A- . (...) -- C:\Windows\System32\ANSI.SYS [9029]
O58 - SDL:13/07/2009 - 18:40:44 ---A- . (...) -- C:\Windows\System32\country.sys [27097]
O58 - SDL:13/07/2009 - 18:40:40 ---A- . (...) -- C:\Windows\System32\HIMEM.SYS [4768]
O58 - SDL:13/07/2009 - 18:40:43 ---A- . (...) -- C:\Windows\System32\KEY01.SYS [42809]
O58 - SDL:13/07/2009 - 18:40:43 ---A- . (...) -- C:\Windows\System32\KEYBOARD.SYS [42537]
O58 - SDL:13/07/2009 - 18:40:23 ---A- . (...) -- C:\Windows\System32\NTDOS.SYS [27866]
O58 - SDL:13/07/2009 - 18:40:31 ---A- . (...) -- C:\Windows\System32\NTDOS404.SYS [29146]
O58 - SDL:13/07/2009 - 18:40:35 ---A- . (...) -- C:\Windows\System32\NTDOS411.SYS [29370]
O58 - SDL:13/07/2009 - 18:40:39 ---A- . (...) -- C:\Windows\System32\NTDOS412.SYS [29274]
O58 - SDL:13/07/2009 - 18:40:27 ---A- . (...) -- C:\Windows\System32\NTDOS804.SYS [29146]
O58 - SDL:13/07/2009 - 18:40:11 ---A- . (...) -- C:\Windows\System32\NTIO.SYS [33952]
O58 - SDL:13/07/2009 - 18:40:15 ---A- . (...) -- C:\Windows\System32\NTIO404.SYS [34672]
O58 - SDL:13/07/2009 - 18:40:17 ---A- . (...) -- C:\Windows\System32\NTIO411.SYS [35776]
O58 - SDL:13/07/2009 - 18:40:19 ---A- . (...) -- C:\Windows\System32\NTIO412.SYS [35536]
O58 - SDL:13/07/2009 - 18:40:13 ---A- . (...) -- C:\Windows\System32\NTIO804.SYS [34672]
~ Drivers: 105 Legitimates Filtered in 00mn 20s



---\\ Lista das ferramentas de remoção de vírus (LAT) (063)
O63 - Logiciel: UsbFix - (.El Desaparecido - [Você precisa estar registrado e conectado para ver este link.] - [Você precisa estar registrado e conectado para ver este link.] [HKLM] -- Usbfix
O63 - Logiciel: ZHPDiag 2014 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =>.Nicolas Coolman
~ ADS: Scanned in 00mn 00s



---\\ Lista dos serviços Legacy du registo (064)
O64 - Services: CurCS - 28/06/1742 - C:\Windows\System32\drivers\Bhbase.sys (Bhbase) .(...) - LEGACY_BHBASE
~ Legacy: 114 Legitimates Filtered in 00mn 01s



---\\ Associações Shell Spawning (O67)
O67 - Shell Spawning: <.html> [HKCU\..\open\Command] (.Not Key.)
~ FASS Keys: 11 Legitimates Filtered in 00mn 00s



---\\ Menu de inicialização Internet (068)
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
~ Keys: Scanned in 00mn 00s



---\\ Pesquisa de infeção nos navegadores da Internet (SBI) (069)
O69 - SBI: SearchScopes [HKCU] Web - (Web) - [Você precisa estar registrado e conectado para ver este link.]
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (Bing) - [Você precisa estar registrado e conectado para ver este link.]
O69 - SBI: SearchScopes [HKCU] {31FCC53F-5F98-4C8D-9E37-FBD7E6165EE2} - (Google) - [Você precisa estar registrado e conectado para ver este link.]
O69 - SBI: SearchScopes [HKCU] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} - (Google) - [Você precisa estar registrado e conectado para ver este link.]
~ Keys: Scanned in 00mn 00s



---\\ Pesquisa adicional à raiz do sistema (radicular) (SPRF) (O84)
[MD5.94E28010255D126FE7BFE4E55C06492C] [SPRF][04/12/2012] (.No owner - AVAST Software Setup Engine.) -- C:\Program Files\avast_free_antivirus_setup.exe [97495576]
~ Files: 1 Legitimates Filtered in 00mn 42s



---\\ Search Tracing Registry Key (O100)
HKLM\SOFTWARE\Microsoft\Tracing\BingBar_RASAPI32 =>Toolbar.Bing
~ BTK: 276 Legitimates Filtered in 00mn 00s



---\\ Estado general dos serviços não Microsoft (EGS) (SR=Executados, SS=Parados)
SS - | Auto 21/12/2013 65432 | (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
SS - | Demand 14/05/2014 257712 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
SS - | Auto 18/04/2013 574272 | (AdvancedSystemCareService6) . (.IObit.) - C:\Program Files\IObit\Advanced SystemCare 6\ASCService.exe
SS - | Auto 15/06/2011 146592 | (Atheros Bt&Wlan Coex Agent) . (.Atheros.) - C:\Program Files\Bluetooth Suite\Ath_CoexAgent.exe
SS - | Auto 15/06/2011 76960 | (AtherosSvc) . (.Atheros Commnucations.) - C:\Program Files\Bluetooth Suite\adminservice.exe
SS - | Auto 30/08/2011 390504 | (Bonjour Service) . (.Apple Inc..) - C:\Program Files\Bonjour\mDNSResponder.exe
SS - | Auto 11/12/2012 116648 | (gupdate) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe
SS - | Demand 11/12/2012 116648 | (gupdatem) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe
SS - | Demand 11/03/2014 136120 | (gusvc) . (.Google.) - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
SS - | Demand 01/11/2013 553288 | (iPod Service) . (.Apple Inc..) - C:\Program Files\iPod\bin\iPodService.exe
SS - | Demand 15/01/2014 235696 | (McComponentHostService) . (.McAfee, Inc..) - C:\Program Files\McAfee Security Scan\3.8.141\McCHSvc.exe
SS - | Demand 02/08/2013 471592 | (McODS) . (.McAfee, Inc..) - C:\Program Files\McAfee\VirusScan\mcods.exe
SS - | Demand 06/05/2014 119408 | (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
SS - | Auto 01/06/2010 2057560 | (NOBU) . (.Symantec Corporation.) - C:\Program Files\Symantec\Norton Online Backup\NOBuAgent.exe =>.Symantec Corporation
SS - | Auto 01/12/2009 244904 | (RichVideo) . (...) - C:\Program Files\CyberLink\Shared files\RichVideo.exe
SS - | Demand 09/08/2010 131888 | (Samsung UPD Service) . (.Samsung Electronics CO., LTD..) - C:\windows\System32\SUPDSvc.exe
SS - | Auto 23/10/2013 172192 | (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files\Skype\Updater\Updater.exe
SS - | Auto 01/07/2010 2533400 | (UNS) . (.Intel Corporation.) - C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
SR - | Auto 07/09/2013 55624 | (Apple Mobile Device) . (.Apple Inc..) - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
SR - | Auto 30/10/2012 44808 | (avast! Antivirus) . (.AVAST Software.) - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
SR - | Auto 30/07/2013 281560 | (HomeNetSvc) . (.McAfee, Inc..) - C:\Program Files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe
SR - | Auto 01/07/2010 325656 | (LMS) . (.Intel Corporation.) - C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
SR - | Auto 31/08/2012 167784 | (McAfee SiteAdvisor Service) . (.McAfee, Inc..) - C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
SR - | Auto 25/04/2014 145568 | (McAPExe) . (.McAfee, Inc..) - C:\Program Files\McAfee\MSC\McAPexe.exe
SR - | Auto 30/07/2013 281560 | (McMPFSvc) . (.McAfee, Inc..) - C:\Program Files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe
SR - | Auto 30/07/2013 281560 | (McNaiAnn) . (.McAfee, Inc..) - C:\Program Files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe
SR - | Auto 30/07/2013 281560 | (mcpltsvc) . (.McAfee, Inc..) - C:\Program Files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe
SR - | Auto 30/07/2013 281560 | (McProxy) . (.McAfee, Inc..) - C:\Program Files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe
SR - | Auto 18/03/2014 655936 | (mfecore) . (.McAfee, Inc..) - C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe
SR - | Auto 03/04/2014 169800 | (mfefire) . (.McAfee, Inc..) - C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
SR - | Auto 03/04/2014 179600 | (mfevtp) . (.McAfee, Inc..) - C:\windows\system32\mfevtps.exe
SR - | Auto 30/07/2013 281560 | (MSK80Service) . (.McAfee, Inc..) - C:\Program Files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe
SR - | Auto 13/07/2009 20992 | C:\Program Files\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SR - | Auto 13/07/2009 20992 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
~ Services: Scanned in 00mn 26s



---\\ Scâner Aditional (088)
Database Version : 13026 - (24/05/2014)
Clés trouvées (Keys found) : 1
Valeurs trouvées (Values found) : 0
Dossiers trouvés (Folders found) : 0
Fichiers trouvés (Files found) : 1

[HKLM\Software\Microsoft\Tracing\BingBar_RASAPI32] =>Toolbar.Bing
[HKCU\Software\Bonanza] =>Adware.BonanzaDeals^
~ Additionnel Scan: 389038 Items scanned in 01mn 31s



---\\ Sumário das deteções encontradas na sua estação
[Você precisa estar registrado e conectado para ver este link.] =>Adware.BonanzaDeals
~ MSI: 1 link(s) detected in 00mn 00s



~ 908 Legitimates filtered by white list
End of the scan (492 lines in 05mn 10s)(0)
avatar
suegm
Iniciante
Iniciante

Mensagens : 18
Reputação : 0
Data de inscrição : 26/05/2014

Voltar ao Topo Ir em baixo

Re: Suprasavings + CE_Umbrellacert

Mensagem por Power Max em Ter 27 Maio 2014, 13:30

 Parece que você não seguiu aquele tutorial que passei, continuam vários programas desnecessários iniciando com o Windows. Seria bom segui-lo para deixar seu PC mais eficiente.
_____________________________________________________________________________________________________________

 Selecione e copie todo o texto destacado em vermelho que te passei.
_____________________________________________________________________________________________________________

 Vá no menu: Iniciar > Todos os programas > ZHP > Clique com o botão direito do mouse sobre o Zhpfix e escolha a opção de Executar como administrador > Clique em Importação > Clique no botão GO > Clique em Oui > Caso queira que os arquivos da lixeira sejam excluídos clique em Oui novamente > Um relatório aparecerá no bloco de notas.

Copie este relatório e poste em sua próxima resposta e nos diga como está seu PC depois disto.


Última edição por Power Max em Ter 27 Maio 2014, 16:38, editado 1 vez(es)

_________________

Caixa de Dicas
= Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.

[Você precisa estar registrado e conectado para ver este link.] = O melhor da internet você encontra aqui.

[Você precisa estar registrado e conectado para ver este link.] = Mensagens de fé e esperança para o seu coração
avatar
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Voltar ao Topo Ir em baixo

Re: Suprasavings + CE_Umbrellacert

Mensagem por suegm em Ter 27 Maio 2014, 13:53

É que eu passei ele por último. E fiquei em dúvida do que eu posso tirar.
avatar
suegm
Iniciante
Iniciante

Mensagens : 18
Reputação : 0
Data de inscrição : 26/05/2014

Voltar ao Topo Ir em baixo

Re: Suprasavings + CE_Umbrellacert

Mensagem por suegm em Ter 27 Maio 2014, 14:02

Rapport de ZHPFix 2014.4.13.3 par Nicolas Coolman, Update du 13/04/2014
Fichier d'export Registre :
Run by Suellen at 27/05/2014 14:01:02
High Elevated Privileges : OK
Windows 7 Home Basic Edition, 32-bit Service Pack 1 (Build 7601)

Reciclagem vazia (00mn 05s)
Reparação de atalhos do navegador

========== Estado dos serviços ==========
BHBASE Parado

========== Chaves do Registo ==========
ELIMINÉ: HKCU\Software\Bonanza

========== Valores do Registo ==========
ProxyFix : Configuração proxy removida com sucesso
ELIMINÉ ProxyServer Value
ELIMINÉ ProxyEnable Value
ELIMINÉ EnableHttp1_1 Value
ELIMINÉ ProxyHttp1.1 Value
ELIMINÉ ProxyOverride Value

========== Pastas ==========
Nenhuma pasta CLSID local utilizador vazia

========== Ficheiros ==========
ELIMINÉ Temporários windows (3005) (330.262.168 octets)
ELIMINÉ Flash Cookies (0) (0 octets)

========== Restauração Sistema ==========
Ponto de restauro do sistema criado com sucesso


========== Recapitulativo ==========
1 : Chaves do Registo
6 : Valores do Registo
1 : Pastas
2 : Ficheiros
1 : Estado dos serviços
1 : Restauração Sistema


End of clean in 04mn 46s

========== Caminho do ficheiro do relatório ==========
C:\Users\Suellen\AppData\Roaming\ZHP\ZHPFix[R1].txt - 27/05/2014 12:01:17 [3203]
C:\Users\Suellen\AppData\Roaming\ZHP\ZHPFix[R2].txt - 27/05/2014 14:01:08 [1312]
avatar
suegm
Iniciante
Iniciante

Mensagens : 18
Reputação : 0
Data de inscrição : 26/05/2014

Voltar ao Topo Ir em baixo

Re: Suprasavings + CE_Umbrellacert

Mensagem por Power Max em Ter 27 Maio 2014, 14:03

Todos estes abaixo você pode desativar seguindo aquele tutorial que lhe passei e se no futuro você quiser que algum deles inicie novamente com o sistema basta ativar novamente no Ccleaner seguindo aquele tutorial:

O4 - HKLM\..\Run: [RtHDVCpl] . (.Realtek Semiconductor - Gerenciador de áudio HD Realtek.) -- C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
O4 - HKLM\..\Run: [SynTPEnh] . (.Synaptics Incorporated - Synaptics TouchPad Enhancements.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [GrooveMonitor] . (.Microsoft Corporation - GrooveMonitor Utility.) -- C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
O4 - HKLM\..\Run: [APSDaemon] . (.Apple Inc. - Apple Push.) -- C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe
O4 - HKLM\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets da Área de Trabalho do Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe
O4 - HKLM\..\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe =>.Adobe Systems Incorporated
O4 - HKLM\..\Run: [QuickTime Task] . (.Apple Inc. - QuickTime Task.) -- C:\Program Files\QuickTime\QTTask.exe
O4 - HKLM\..\Run: [iTunesHelper] . (.Apple Inc. - iTunesHelper.) -- C:\Program Files\iTunes\iTunesHelper.exe
O4 - HKCU\..\Run: [WallpaperChanger] . (.James Garton - Desktop Wallpaper Changer.) -- C:\Program Files\Wallpaper Master\Wallpaper.exe
O4 - HKCU\..\Run: [Facebook Update] . (.Facebook Inc. - Facebook Installer.) -- C:\Users\Suellen\AppData\Local\Facebook\Update\FacebookUpdate.exe
O4 - HKCU\..\Run: [WordWeb] . (.WordWeb Software - WordWeb.) -- C:\Program Files\WordWeb\wweb32.exe
O4 - HKCU\..\Run: [Skype] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files\Skype\Phone\Skype.exe =>.Skype Technologies S.A.
O4 - HKCU\..\Run: [GoogleChromeAutoLaunch_C3E8D31D8757B5FA3DF83513FE338381] . (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
O4 - HKCU\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets da Área de Trabalho do Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe
O4 - HKUS\.DEFAULT\..\Run: [Advanced SystemCare 6] . (.IObit - ASCTray.) -- C:\Program Files\IObit\Advanced SystemCare 6\ASCTray.exe
O4 - HKUS\S-1-5-18\..\Run: [Advanced SystemCare 6] . (.IObit - ASCTray.) -- C:\Program Files\IObit\Advanced SystemCare 6\ASCTray.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets da Área de Trabalho do Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets da Área de Trabalho do Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-21-1795128182-489873951-3285546841-1000\..\Run: [WallpaperChanger] . (.James Garton - Desktop Wallpaper Changer.) -- C:\Program Files\Wallpaper Master\Wallpaper.exe
O4 - HKUS\S-1-5-21-1795128182-489873951-3285546841-1000\..\Run: [Facebook Update] . (.Facebook Inc. - Facebook Installer.) -- C:\Users\Suellen\AppData\Local\Facebook\Update\FacebookUpdate.exe
O4 - HKUS\S-1-5-21-1795128182-489873951-3285546841-1000\..\Run: [WordWeb] . (.WordWeb Software - WordWeb.) -- C:\Program Files\WordWeb\wweb32.exe
O4 - HKUS\S-1-5-21-1795128182-489873951-3285546841-1000\..\Run: [Skype] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files\Skype\Phone\Skype.exe =>.Skype Technologies S.A.
O4 - HKUS\S-1-5-21-1795128182-489873951-3285546841-1000\..\Run: [GoogleChromeAutoLaunch_C3E8D31D8757B5FA3DF83513FE338381] . (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
O4 - HKUS\S-1-5-21-1795128182-489873951-3285546841-1000\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets da Área de Trabalho do Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe

_________________

Caixa de Dicas
= Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.

[Você precisa estar registrado e conectado para ver este link.] = O melhor da internet você encontra aqui.

[Você precisa estar registrado e conectado para ver este link.] = Mensagens de fé e esperança para o seu coração
avatar
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Voltar ao Topo Ir em baixo

Re: Suprasavings + CE_Umbrellacert

Mensagem por suegm em Ter 27 Maio 2014, 14:46

Agora tá tudo certo?


~ Relatório do ZHPDiag v2014.5.26.74 - Nicolas Coolman (24/05/2014)
~ Iniciado por Suellen (27/05/2014 14:21:59)
~ Endereço do Website : [Você precisa estar registrado e conectado para ver este link.]
~ Tradução pelo utilizador
~ Estatuto da versão :
~ Lista Branca : Ativado pelo programa
~ Elevação dos Privilégios : OK
~ Controle de Conta de Utilizador : Deactivate by user


---\\ Navegadores Internet
MSIE: Internet Explorer v11.0.9600.17107
MFIE: Mozilla Firefox 29.0.1
GCIE: Google Chrome v35.0.1916.114 (Defaut)

---\\ Informações sobre os produtos Windows
~ Langage: Portugais
Windows 7 Home Basic, 32-bit Service Pack 1 (Build 7601)
Windows Server License Manager Script : OK
Software Protection Service (Protection logicielle) : OK
Windows Automatic Updates : OK
Windows Activation Technologies : OK

---\\ Softwares de proteçao do sistema
McAfee Security Scan Plus v3.8.141.11
Windows Defender W7 (Activate)

---\\ Softwares d'optimização do sistema
CCleaner v4.14

---\\ Softwares de partilha do PeerToPeer (P2P)

---\\ Monitoramento dos softwares
Adobe Flash Player 13 Plugin
Adobe Reader XI
Java 7 Update 51

---\\ Informações sobre o sistema
~ Processor: x86 Family 6 Model 37 Stepping 5, GenuineIntel
~ Operating System: 32 Bits
Boot mode: Normal (Normal boot)
Total RAM: 2932 MB (29% free)
System Restore: Activé (Enable)
System drive C: has 95 GB (34%) free of 279 GB

---\\ Modo de conexão ao sistema
~ Computer Name: NOTE-SUE
~ User Name: Suellen
~ All Users Names: Suellen, Convidado, Administrador,
~ Unselected Option: 045,061,O62,065,066,080,O82,089
Logged in as Administrator

---\\ As variáveis de ambiente
~ System Unit : C:\
~ %AppZHP% : C:\Users\Suellen\AppData\Roaming\ZHP\
~ %AppData% : C:\Users\Suellen\AppData\Roaming\
~ %Desktop% : C:\Users\Suellen\Desktop\
~ %Favorites% : C:\Users\Suellen\Favorites\
~ %LocalAppData% : C:\Users\Suellen\AppData\Local\
~ %StartMenu% : C:\Users\Suellen\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\

---\\ Enumeração das unidades dos discos
C: Hard drive, Flash drive, Thumb drive (Free 95 Go of 279 Go)
D: CD-ROM drive (Not Inserted)
F: Floppy drive, Flash card reader, USB Key (Not Inserted)
G: CD-ROM drive (Not Inserted)
Q: Hard drive, Flash drive, Thumb drive (Free 0 Go of 0 Go)



---\\ Estado do Centro de Segurança do Windows
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: Modified
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowMyComputer: Modified
~ Security Center: 50 Legitimates Filtered in 00mn 00s



---\\ Pesquisa particular de ficheiros genéricos
[MD5.8B88EBBB05A0E56B7DCC708498C02B3E] - (.Microsoft Corporation - Windows Explorer.) (.25/02/2011 - 02:30:54.) -- C:\Windows\Explorer.exe [2616320]
[MD5.B5C5DCAD3899512020D135600129D665] - (.Microsoft Corporation - Aplicativo de Inicialização do Windows.) (.13/07/2009 - 22:14:45.) -- C:\Windows\System32\Wininit.exe [96256]
[MD5.E4E829EE073E046B0EB19B5FECB19B8C] - (.Microsoft Corporation - Internet Extensions para Win32.) (.06/03/2014 - 02:41:49.) -- C:\Windows\System32\wininet.dll [1789440]
[MD5.998507B046BA314CE8245364C686FA67] - (.Microsoft Corporation - Aplicativo de Logon do Windows.) (.04/03/2014 - 06:17:02.) -- C:\Windows\System32\Winlogon.exe [304128]
[MD5.E3AE23569749DE12D45BA3B489A036AE] - (.Microsoft Corporation - Biblioteca de Licenciamento de Software.) (.20/11/2010 - 18:29:24.) -- C:\Windows\System32\sppcomapi.dll [193536]
[MD5.F81BB7E487EDCEAB630A7EE66CF23913] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.13/09/2013 - 21:48:58.) -- C:\Windows\system32\Drivers\AFD.sys [338944]
[MD5.338C86357871C167A96AB976519BF59E] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.13/07/2009 - 22:26:15.) -- C:\Windows\system32\Drivers\atapi.sys [21584]
[MD5.77EA11B065E0A8AB902D78145CA51E10] - (.Microsoft Corporation - CD-ROM File System Driver.) (.13/07/2009 - 20:11:15.) -- C:\Windows\system32\Drivers\Cdfs.sys [70656]
[MD5.BE167ED0FDB9C1FA1133953C18D5A6C9] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.20/11/2010 - 18:29:03.) -- C:\Windows\system32\Drivers\Cdrom.sys [108544]
[MD5.F024449C97EC1E464AAFFDA18593DB88] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.20/11/2010 - 18:29:07.) -- C:\Windows\system32\Drivers\DfsC.sys [78336]
[MD5.9036377B8A6C15DC2EEC53E489D159B5] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.20/11/2010 - 18:29:03.) -- C:\Windows\system32\Drivers\HDAudBus.sys [108544]
[MD5.F151F0BDC47F4A28B1B20A0818EA36D6] - (.Microsoft Corporation - Driver de porta i8042.) (.13/07/2009 - 20:11:24.) -- C:\Windows\system32\Drivers\i8042prt.sys [80896]
[MD5.A5FA468D67ABCDAA36264E463A7BB0CD] - (.Microsoft Corporation - IP Network Address Translator.) (.13/07/2009 - 20:54:29.) -- C:\Windows\system32\Drivers\IpNat.sys [101888]
[MD5.5D16C921E3671636C0EBA3BBAAC5FD25] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.26/04/2011 - 23:17:22.) -- C:\Windows\system32\Drivers\MRxSmb.sys [123904]
[MD5.280122DDCF04B378EDD1AD54D71C1E54] - (.Microsoft Corporation - MBT Transport driver.) (.20/11/2010 - 18:29:08.) -- C:\Windows\system32\Drivers\netBT.sys [187904]
[MD5.C8DFF8D07755A66C7A4A738930F0FEAC] - (.Microsoft Corporation - Driver do Sistema de Arquivos NT.) (.23/01/2014 - 23:18:22.) -- C:\Windows\system32\Drivers\ntfs.sys [1212352]
[MD5.2EA877ED5DD9713C5AC74E8EA7348D14] - (.Microsoft Corporation - Driver de porta paralela.) (.13/07/2009 - 20:45:35.) -- C:\Windows\system32\Drivers\Parport.sys [79360]
[MD5.D9F91EAFEC2815365CBE6D167E4E332A] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.13/07/2009 - 20:54:34.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [78848]
[MD5.3E21C083B8A01CB70BA1F09303010FCE] - (.Microsoft Corporation - SMB Transport driver.) (.13/07/2009 - 20:53:41.) -- C:\Windows\system32\Drivers\smb.sys [71168]
[MD5.B459575348C20E8121D6039DA063C704] - (.Microsoft Corporation - TDI Translation Driver.) (.20/11/2010 - 18:29:07.) -- C:\Windows\system32\Drivers\tdx.sys [74752]
[MD5.F497F67932C6FA693D7DE2780631CFE7] - (.Microsoft Corporation - Driver de cópia de sombra de volume.) (.20/11/2010 - 18:29:03.) -- C:\Windows\system32\Drivers\volsnap.sys [245632]
~ Generic Processes: Scanned in 00mn 03s



---\\ Estatuto dos ficheiros ocultos (Oculto/Total)
~ Mes images (My Pictures) : 1/27
~ Mes musiques (My Musics) : 1/78
~ Mes Videos (My Videos) : 1/10
~ Mes Favoris (My Favorites) : 1/2
~ Mes Documents (My Documents) : 2/136
~ Mon Bureau (My Desktop) : 0/8
~ Menu demarrer (Programs) : 1/32
~ Hidden Files: Scanned in 00mn 01s



---\\ Processos lançados
[MD5.20C4FAB164451E396C403DEB59E4441E] - (.McAfee, Inc. - McAfee Process Validation Service.) -- C:\windows\system32\mfevtps.exe [179600] [PID.1952]
[MD5.16B115E3706F493BE99FCA5D75EE54CF] - (.McAfee, Inc. - McAfee Access Protection.) -- C:\Program Files\McAfee\MSC\McAPexe.exe [145568] [PID.3504]
[MD5.6E35C41DE0FAA9889238C21BE445B61C] - (.McAfee, Inc. - McAfee On-Access Scanner service.) -- C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe [655936] [PID.3680]
[MD5.ECC57611D3CED496F918C6E624BE635C] - (.McAfee, Inc. - McAfee Core Firewall Service.) -- C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe [169800] [PID.2624]
[MD5.083649EF692A066880C9326020915AFE] - (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe [4297136] [PID.2724]
[MD5.51138BEEA3E2C21EC44D0932C71762A8] - (...) -- ystem32\rundll32.exe [0] [PID.10724]
[MD5.23D990150D56B670A62B21B9ABDD45EE] - (.Intel Corporation - Local Manageability Service.) -- C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [325656] [PID.11384]
[MD5.30E3850F303EAE5C364782EA78579CC9] - (.Apple Inc. - MobileDeviceService.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [55624] [PID.5188]
[MD5.A63DC5C2EA944E6657203E0C8EDEAF61] - (.Microsoft Corporation - COM Surrogate.) -- C:\windows\system32\DllHost.exe [7168] [PID.14092]
[MD5.74557BFD04530E512DBB9C151C4DA110] - (.McAfee, Inc. - McAfee.) -- C:\Program Files\Common Files\McAfee\Platform\mcuicnt.exe [499384] [PID.17004]
[MD5.5007E21208DA68F60EBF43352BDFE6D0] - (.McAfee, Inc. - McAfee Service Host.) -- C:\Program Files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe [281560] [PID.17540]
[MD5.ECAB006AC6136F1307E140B633CDB8C2] - (.McAfee, Inc. - McAfee Service Host.) -- C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe [167784] [PID.17540]
[MD5.1620FE36666F4BBC2314B7F360FB1965] - (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe [860488] [PID.23844]
[MD5.244892A655DC5606833AB953C7491F0B] - (.McAfee, Inc. - McAfee Host.) -- C:\Program Files\Common Files\McAfee\Platform\Core\mchost.exe [148696] [PID.21596]
[MD5.1D040D09300DE4F68B6E5936FBA0E59A] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [7878144] [PID.6652]
[MD5.CF87A1DE791347E75B98885214CED2B8] - (.Microsoft Corporation - Serviço da Plataforma de Proteção de Softwa.) -- C:\windows\system32\sppsvc.exe [3179520] [PID.6528]
~ Processes Running: Scanned in 00mn 03s



---\\ Google Chrome, Arranque,Pesquisa,Extensões (G0,G1,G2)
C:\Users\Suellen\AppData\Local\Google\Chrome\User Data\Default\Preferences
G2 - GCE: Preference [User Data\Default] [ahfgeienlihckogmohjhadlkjgocpleb] Loja v.0.2 (Activé)
G2 - GCE: Preference [User Data\Default] [neajdppkdcdipfabeoofebfddakdcjhd] Google Network Speech v.1.0 (Activé)
G2 - GCE: Preference [User Data\Default] [nkeimhogjdpnpccoofpliimaahmaaome] Hangout Services v.1.0 (Activé)

---\\ Pasta de extensão do Google Chrome
~ Google Lines Browser: 12 Legitimates Filtered in 00mn 06s



---\\ Mozilla Firefox, Plugins,Arranque,Pesquisa,Extensões (P2,M0,M1,M2,M3)
P2 - FPN: [HKLM] [@mcafee.com/MSC,version=10] - (...) -- C:\Program Files\McAfee\MSC\npMcSnFFPl.dll
P2 - FPN: [HKCU] [vitzo.com/VDownloader] - (...) -- C:\Program Files\VDownloader\Addons\npVDownloader.dll (.not file.)
~ Firefox Browser: 16 Legitimates Filtered in 00mn 02s



---\\ Internet Explorer, Arranque, Pesquisa, URLSearchHook( gancho de URL), Phishing (R0,R1,R3,R4)
R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (...) (No version) -- (.not file.)
~ IE Browser: 16 Legitimates Filtered in 00mn 00s



---\\ Internet Explorer, Gestão do Proxy (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s



---\\ Análise das linhas F0, F1, F2, F3 - Ficheiros ini, Carregamento Automático de programas
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys: Scanned in 00mn 00s



---\\ Redireção do ficheiro Hosts (01)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File: Scanned in 00mn 00s
~ Nombre de lignes (Lines number): 21



---\\ Browser Helper Objects do navegador (02)
O2 - BHO: Samsung BHO Helper - {AA609D72-8482-4076-8991-8CDAE5B93BCB} . (...) -- C:\Program Files\Samsung AnyWeb Print\W2PBrowser.dll
~ BHO: 18 Legitimates Filtered in 00mn 01s



---\\ Barras do Internet Explorer (03))
O3 - Toolbar: McAfee SiteAdvisor Toolbar - [HKLM]{0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} . (.McAfee, Inc. - SiteAdvisor.) -- C:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll
~ Toolbar: Scanned in 00mn 00s



---\\ Aplicações iniciadas por registo & pastas (04)
O4 - HKCU\..\Run: [WallpaperChanger] . (.James Garton - Desktop Wallpaper Changer.) -- C:\Program Files\Wallpaper Master\Wallpaper.exe
O4 - HKUS\.DEFAULT\..\Run: [Advanced SystemCare 6] . (.IObit - ASCTray.) -- C:\Program Files\IObit\Advanced SystemCare 6\ASCTray.exe
O4 - HKUS\S-1-5-18\..\Run: [Advanced SystemCare 6] . (.IObit - ASCTray.) -- C:\Program Files\IObit\Advanced SystemCare 6\ASCTray.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets da Área de Trabalho do Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets da Área de Trabalho do Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-21-1795128182-489873951-3285546841-1000\..\Run: [WallpaperChanger] . (.James Garton - Desktop Wallpaper Changer.) -- C:\Program Files\Wallpaper Master\Wallpaper.exe
~ Application: Scanned in 00mn 00s



---\\ Boutões da barra de ferramentas principal do Internet Explorer (09)
O9 - Extra button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} . (.Microsoft Corporation - Windows Live Messenger Companion core resources.) -- C:\Program Files\Windows Live\Companion\companionres.dll
O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} . (.Microsoft Corporation - Windows Live Writer Blog This Extension.) -- C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} . (.Microsoft Corporation - Microsoft Office OneNote Internet Explorer Add-in.) -- C:\Program Files\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Samsung AnyWeb Print - {328ECD19-C167-40eb-A0C7-16FE7634105E} . (...) -- C:\Program Files\Samsung AnyWeb Print\W2PBrowser.dll
O9 - Extra button: Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} -- Chave orfã
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} . (...) -- C:\Program Files\Microsoft Office\Office12\REFBARH.ICO
~ IE Extra Buttons: Scanned in 00mn 00s



---\\ Alteração Dominio/Clientes DNS (017)
O17 - HKLM\System\CCS\Services\Tcpip\..\{A4F9698D-6354-43D8-BE6A-7F1D2A5006D8}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{E62483AD-5D9A-4224-BBCD-48C778DC0C9D}: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{F00DCE30-6062-4678-A342-E10356B5305E}: DhcpNameServer = 192.168.25.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{A4F9698D-6354-43D8-BE6A-7F1D2A5006D8}: DhcpDomain = domain.name
O17 - HKLM\System\CCS\Services\Tcpip\..\{F00DCE30-6062-4678-A342-E10356B5305E}: DhcpDomain = dqx.tvgvt
O17 - HKLM\System\CS1\Services\Tcpip\..\{A4F9698D-6354-43D8-BE6A-7F1D2A5006D8}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{E62483AD-5D9A-4224-BBCD-48C778DC0C9D}: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{F00DCE30-6062-4678-A342-E10356B5305E}: DhcpNameServer = 192.168.25.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{A4F9698D-6354-43D8-BE6A-7F1D2A5006D8}: DhcpDomain = domain.name
O17 - HKLM\System\CS1\Services\Tcpip\..\{F00DCE30-6062-4678-A342-E10356B5305E}: DhcpDomain = dqx.tvgvt
O17 - HKLM\System\CS2\Services\Tcpip\..\{A4F9698D-6354-43D8-BE6A-7F1D2A5006D8}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{E62483AD-5D9A-4224-BBCD-48C778DC0C9D}: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{F00DCE30-6062-4678-A342-E10356B5305E}: DhcpNameServer = 192.168.25.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{A4F9698D-6354-43D8-BE6A-7F1D2A5006D8}: DhcpDomain = domain.name
O17 - HKLM\System\CS2\Services\Tcpip\..\{F00DCE30-6062-4678-A342-E10356B5305E}: DhcpDomain = dqx.tvgvt
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.25.1
~ Domain: Scanned in 00mn 00s



---\\ Protocolo adicional (018)
O18 - Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (.Microsoft Corporation - Windows Live Album Download Protocol Handle.) -- C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.dll =>.Microsoft Corporation
~ Protocole Additionnel: Scanned in 00mn 00s



---\\ Valor do Registo AppInit_DLLs e sub-chaves Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: igfxcui . (.Intel Corporation - igfxdev Module.) -- C:\Windows\System32\igfxdev.dll
~ Winlogon: Scanned in 00mn 00s



---\\ Tarefas planificadas automaticamente (039)
O39 - APT: - (..) -- C:\Windows\System32\Tasks\Adobe Flash Player Updater [902]
O39 - APT: - (..) -- C:\Windows\System32\Tasks\FacebookUpdateTaskUserS-1-5-21-1795128182-489873951-3285546841-1000Core [1060]
O39 - APT: - (..) -- C:\Windows\System32\Tasks\FacebookUpdateTaskUserS-1-5-21-1795128182-489873951-3285546841-1000UA [1082]
O39 - APT: - (..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore [1054]
O39 - APT: - (..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA1cf281cb81f3d82 [1058]
~ Scheduled Task: 19 Legitimates Filtered in 00mn 09s



---\\ Drivers lançados ao arranque do sistema (041)
O41 - Driver: (aswRdr) . (. - .) - C:\Windows\system32\Drivers\aswrdr2.sys (.not file.)
~ Drivers: 64 Legitimates Filtered in 00mn 02s



---\\ Software instalados (042)
O42 - Logiciel: Apostila concurso PRF versão 1.0 - (.DownloadApostilaConcurso.com.) [HKLM] -- {E3ED1756-CAFF-4BF3-843D-41C61E416ABA}_is1
O42 - Logiciel: Dic Michaelis - UOL - (...) [HKLM] -- WDIC
O42 - Logiciel: Plants vs Zombies - (...) [HKLM] -- Plants vs Zombies
O42 - Logiciel: The 5-Minute Veterinary Consult - (...) [HKLM] -- The 5-Minute Veterinary Consult
O42 - Logiciel: VADEMECUM VETERINARIO 2004-2005 - (...) [HKLM] -- VADEMECUM VETERINARIO 2004-20051.0
O42 - Logiciel: Veterinaria - (...) [HKLM] -- ST6UNST #1
O42 - Logiciel: Wallpaper Master v2.16 - (.James Garton.) [HKLM] -- Wallpaper Master_is1
O42 - Logiciel: WordWeb - (.WordWeb Software.) [HKLM] -- WordWeb
~ Logic: 21 Legitimates Filtered in 00mn 02s



---\\ HKCU & HKLM Software Keys
[HKCU\Software\Amigo Mouse]
[HKCU\Software\SP22]
[HKCU\Software\UltraDownloads.com.br]
[HKCU\Software\WordWeb]
[HKLM\Software\CCB]
~ Key Software: 305 Legitimates Filtered in 00mn 02s



---\\ Conteúdo das pastas Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 12/04/2012 - 00:15:47 - [] ----D C:\Program Files\5-MVC
O43 - CFD: 14/02/2014 - 22:44:54 - [] ----D C:\Program Files\KanjiGold
O43 - CFD: 04/07/2012 - 21:30:49 - [] ----D C:\Program Files\Plants vs Zombies
O43 - CFD: 19/03/2012 - 00:53:10 - [] ----D C:\Program Files\Vademecum
O43 - CFD: 19/01/2012 - 22:46:35 - [] ----D C:\Program Files\Veterinaria
O43 - CFD: 23/03/2012 - 17:37:25 - [] ----D C:\Program Files\Wallpaper Master
O43 - CFD: 01/10/2013 - 11:50:44 - [] ----D C:\Program Files\WordWeb
O43 - CFD: 12/04/2012 - 00:16:53 - [] ----D C:\Users\Suellen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CPVet
O43 - CFD: 04/02/2013 - 22:57:46 - [0] ----D C:\Users\Suellen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dic Michaelis - UOL
~ Program Folder: 206 Legitimates Filtered in 00mn 01s



---\\ Últimos ficheiros alterados ou criados no Windows e Sistema32 (044)
O44 - LFC:[MD5.0DC5AF80D059DEC792B665ED598C6567] - 21/05/2014 - 10:34:35 ---A- . (.SQLite Development Team - SQLite Dynamic Link Library (No TCL).) -- C:\Windows\System32\sqlite3.dll [536576]
O44 - LFC:[MD5.CC7AA7B42CF418FC3D926913490048F8] - 21/05/2014 - 11:35:37 ---A- . (...) -- C:\Windows\zoek-delete.exe [24064]
O44 - LFC:[MD5.7EC03C25D5DB656F2C7A9C85AC35CD67] - 21/05/2014 - 12:11:58 ----- . (...) -- C:\zoek-results.log [17428]
O44 - LFC:[MD5.DBB542C0DB47EEE74C5488FBA90E4FED] - 26/05/2014 - 22:26:43 ---A- . (...) -- C:\Windows\System32\dentro-do-mesmo-quarto-de-bebe-com-decoracao-provencal-a-arquiteta-e-urbanista-magaly-gentil-montou-um-cantinho-para-a-higiene-da-crianca-sobre-a-bancada-de-madeira-com-pintura-1394145309806_102.jpg.lnk [1177]
O44 - LFC:[MD5.4FF40AAF09781BCE1D850B306E0AF7BC] - 27/05/2014 - 10:21:33 ---A- . (...) -- C:\Windows\System32\prfc0416.dat [147808]
O44 - LFC:[MD5.DFD2433C51C330C8C1A2D7C825B653C5] - 27/05/2014 - 10:21:33 ---A- . (...) -- C:\Windows\System32\prfh0416.dat [706226]
~ Files: 50 Legitimates Filtered in 05mn 11s



---\\ Operações e funções ao arranque do Windows Explorer (046)
O46 - SEH:ShellExecuteHooks - Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
~ ShellExecuteHooks: Scanned in 00mn 00s



---\\ Enumeração das chaves do registo StartupReg (SMSR) (O53)
O53 - SMSR:HKLM\...\startupreg\WordWeb [Key] . (.WordWeb Software - WordWeb.) -- C:\Program Files\WordWeb\wweb32.exe
~ SMSR Keys: 15 Legitimates Filtered in 00mn 01s



---\\ Enumeração das chaves do registo PoliciesSystem (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorUser"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
~ MWPS: 19 Legitimates Filtered in 00mn 00s



---\\ Lista dos drivers do sistema (SDL) (O58)
O58 - SDL:17/09/2012 - 19:58:30 R--A- . (.360.cn - 360FileOem.) -- C:\Windows\System32\Drivers\360FileOem.sys [152880]
O58 - SDL:17/09/2012 - 19:58:32 R--A- . (.360安全中心 - 360HookOem.) -- C:\Windows\System32\Drivers\360HookOem.sys [61488]
O58 - SDL:17/09/2012 - 19:58:32 R--A- . (.360安全中心 - 360RegOem.) -- C:\Windows\System32\Drivers\360RegOem.sys [29744]
O58 - SDL:17/09/2012 - 19:58:32 R--A- . (.360安全中心 - 360安全卫士 - SelfProtection.) -- C:\Windows\System32\Drivers\360SpOEM.sys [64048]
O58 - SDL:13/07/2009 - 22:20:28 ---A- . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\System32\Drivers\elxstor.sys [453712]
O58 - SDL:13/07/2009 - 19:54:14 ---A- . (.Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for eHome.) -- C:\Windows\System32\Drivers\hcw85cir.sys [26624]
O58 - SDL:21/10/2011 - 03:19:53 ---A- . (.Windows (R) 2003 DDK 3790 provider - Generic Port I/O for Win32.) -- C:\Windows\System32\Drivers\rtport.sys [15656]
O58 - SDL:13/07/2009 - 22:19:04 ---A- . (.Promise Technology - Promise SuperTrak EX Series Driver for Windows.) -- C:\Windows\System32\Drivers\stexstor.sys [21072]
O58 - SDL:13/12/2012 - 13:50:38 ---A- . (.Apple, Inc. - Apple Mobile Device USB Driver.) -- C:\Windows\System32\Drivers\usbaapl.sys [45056]
O58 - SDL:13/07/2009 - 18:40:41 ---A- . (...) -- C:\Windows\System32\ANSI.SYS [9029]
O58 - SDL:13/07/2009 - 18:40:44 ---A- . (...) -- C:\Windows\System32\country.sys [27097]
O58 - SDL:13/07/2009 - 18:40:40 ---A- . (...) -- C:\Windows\System32\HIMEM.SYS [4768]
O58 - SDL:13/07/2009 - 18:40:43 ---A- . (...) -- C:\Windows\System32\KEY01.SYS [42809]
O58 - SDL:13/07/2009 - 18:40:43 ---A- . (...) -- C:\Windows\System32\KEYBOARD.SYS [42537]
O58 - SDL:13/07/2009 - 18:40:23 ---A- . (...) -- C:\Windows\System32\NTDOS.SYS [27866]
O58 - SDL:13/07/2009 - 18:40:31 ---A- . (...) -- C:\Windows\System32\NTDOS404.SYS [29146]
O58 - SDL:13/07/2009 - 18:40:35 ---A- . (...) -- C:\Windows\System32\NTDOS411.SYS [29370]
O58 - SDL:13/07/2009 - 18:40:39 ---A- . (...) -- C:\Windows\System32\NTDOS412.SYS [29274]
O58 - SDL:13/07/2009 - 18:40:27 ---A- . (...) -- C:\Windows\System32\NTDOS804.SYS [29146]
O58 - SDL:13/07/2009 - 18:40:11 ---A- . (...) -- C:\Windows\System32\NTIO.SYS [33952]
O58 - SDL:13/07/2009 - 18:40:15 ---A- . (...) -- C:\Windows\System32\NTIO404.SYS [34672]
O58 - SDL:13/07/2009 - 18:40:17 ---A- . (...) -- C:\Windows\System32\NTIO411.SYS [35776]
O58 - SDL:13/07/2009 - 18:40:19 ---A- . (...) -- C:\Windows\System32\NTIO412.SYS [35536]
O58 - SDL:13/07/2009 - 18:40:13 ---A- . (...) -- C:\Windows\System32\NTIO804.SYS [34672]
~ Drivers: 99 Legitimates Filtered in 00mn 09s



---\\ Lista das ferramentas de remoção de vírus (LAT) (063)
O63 - Logiciel: UsbFix - (.El Desaparecido - [Você precisa estar registrado e conectado para ver este link.] - [Você precisa estar registrado e conectado para ver este link.] [HKLM] -- Usbfix
O63 - Logiciel: ZHPDiag 2014 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =>.Nicolas Coolman
~ ADS: Scanned in 00mn 00s



---\\ Lista dos serviços Legacy du registo (064)
O64 - Services: CurCS - 28/06/1742 - C:\Windows\System32\drivers\Bhbase.sys (Bhbase) .(...) - LEGACY_BHBASE
~ Legacy: 114 Legitimates Filtered in 00mn 01s



---\\ Associações Shell Spawning (O67)
O67 - Shell Spawning: <.html> [HKCU\..\open\Command] (.Not Key.)
~ FASS Keys: 11 Legitimates Filtered in 00mn 00s



---\\ Menu de inicialização Internet (068)
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
~ Keys: Scanned in 00mn 00s



---\\ Pesquisa de infeção nos navegadores da Internet (SBI) (069)
O69 - SBI: SearchScopes [HKCU] Web - (Web) - [Você precisa estar registrado e conectado para ver este link.]
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (Bing) - [Você precisa estar registrado e conectado para ver este link.]
O69 - SBI: SearchScopes [HKCU] {31FCC53F-5F98-4C8D-9E37-FBD7E6165EE2} - (Google) - [Você precisa estar registrado e conectado para ver este link.]
O69 - SBI: SearchScopes [HKCU] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} - (Google) - [Você precisa estar registrado e conectado para ver este link.]
~ Keys: Scanned in 00mn 00s



---\\ Pesquisa adicional à raiz do sistema (radicular) (SPRF) (O84)
[MD5.94E28010255D126FE7BFE4E55C06492C] [SPRF][04/12/2012] (.No owner - AVAST Software Setup Engine.) -- C:\Program Files\avast_free_antivirus_setup.exe [97495576]
~ Files: 1 Legitimates Filtered in 00mn 03s



---\\ Search Tracing Registry Key (O100)
HKLM\SOFTWARE\Microsoft\Tracing\BingBar_RASAPI32 =>Toolbar.Bing
~ BTK: 276 Legitimates Filtered in 00mn 00s



---\\ Estado general dos serviços não Microsoft (EGS) (SR=Executados, SS=Parados)
SS - | Auto 21/12/2013 65432 | (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
SS - | Demand 14/05/2014 257712 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
SS - | Auto 18/04/2013 574272 | (AdvancedSystemCareService6) . (.IObit.) - C:\Program Files\IObit\Advanced SystemCare 6\ASCService.exe
SS - | Auto 15/06/2011 146592 | (Atheros Bt&Wlan Coex Agent) . (.Atheros.) - C:\Program Files\Bluetooth Suite\Ath_CoexAgent.exe
SS - | Auto 15/06/2011 76960 | (AtherosSvc) . (.Atheros Commnucations.) - C:\Program Files\Bluetooth Suite\adminservice.exe
SS - | Auto 30/08/2011 390504 | (Bonjour Service) . (.Apple Inc..) - C:\Program Files\Bonjour\mDNSResponder.exe
SS - | Auto 11/12/2012 116648 | (gupdate) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe
SS - | Demand 11/12/2012 116648 | (gupdatem) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe
SS - | Demand 11/03/2014 136120 | (gusvc) . (.Google.) - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
SS - | Demand 01/11/2013 553288 | (iPod Service) . (.Apple Inc..) - C:\Program Files\iPod\bin\iPodService.exe
SS - | Demand 15/01/2014 235696 | (McComponentHostService) . (.McAfee, Inc..) - C:\Program Files\McAfee Security Scan\3.8.141\McCHSvc.exe
SS - | Demand 02/08/2013 471592 | (McODS) . (.McAfee, Inc..) - C:\Program Files\McAfee\VirusScan\mcods.exe
SS - | Demand 06/05/2014 119408 | (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
SS - | Auto 01/06/2010 2057560 | (NOBU) . (.Symantec Corporation.) - C:\Program Files\Symantec\Norton Online Backup\NOBuAgent.exe =>.Symantec Corporation
SS - | Auto 01/12/2009 244904 | (RichVideo) . (...) - C:\Program Files\CyberLink\Shared files\RichVideo.exe
SS - | Demand 09/08/2010 131888 | (Samsung UPD Service) . (.Samsung Electronics CO., LTD..) - C:\windows\System32\SUPDSvc.exe
SS - | Auto 23/10/2013 172192 | (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files\Skype\Updater\Updater.exe
SS - | Auto 01/07/2010 2533400 | (UNS) . (.Intel Corporation.) - C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
SR - | Auto 07/09/2013 55624 | (Apple Mobile Device) . (.Apple Inc..) - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
SR - | Auto 30/07/2013 281560 | (HomeNetSvc) . (.McAfee, Inc..) - C:\Program Files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe
SR - | Auto 01/07/2010 325656 | (LMS) . (.Intel Corporation.) - C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
SR - | Auto 31/08/2012 167784 | (McAfee SiteAdvisor Service) . (.McAfee, Inc..) - C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
SR - | Auto 25/04/2014 145568 | (McAPExe) . (.McAfee, Inc..) - C:\Program Files\McAfee\MSC\McAPexe.exe
SR - | Auto 30/07/2013 281560 | (McMPFSvc) . (.McAfee, Inc..) - C:\Program Files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe
SR - | Auto 30/07/2013 281560 | (McNaiAnn) . (.McAfee, Inc..) - C:\Program Files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe
SR - | Auto 30/07/2013 281560 | (mcpltsvc) . (.McAfee, Inc..) - C:\Program Files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe
SR - | Auto 30/07/2013 281560 | (McProxy) . (.McAfee, Inc..) - C:\Program Files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe
SR - | Auto 18/03/2014 655936 | (mfecore) . (.McAfee, Inc..) - C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe
SR - | Auto 03/04/2014 169800 | (mfefire) . (.McAfee, Inc..) - C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
SR - | Auto 03/04/2014 179600 | (mfevtp) . (.McAfee, Inc..) - C:\windows\system32\mfevtps.exe
SR - | Auto 30/07/2013 281560 | (MSK80Service) . (.McAfee, Inc..) - C:\Program Files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe
SR - | Auto 13/07/2009 20992 | C:\Program Files\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SR - | Auto 13/07/2009 20992 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
~ Services: Scanned in 00mn 36s



---\\ Scâner Aditional (088)
Database Version : 13026 - (24/05/2014)
Clés trouvées (Keys found) : 1
Valeurs trouvées (Values found) : 0
Dossiers trouvés (Folders found) : 0
Fichiers trouvés (Files found) : 0

[HKLM\Software\Microsoft\Tracing\BingBar_RASAPI32] =>Toolbar.Bing
~ Additionnel Scan: 388058 Items scanned in 01mn 33s



---\\ Sumário das deteções encontradas na sua estação
~ MSI: 0 link(s) detected in 00mn 00s



~ 909 Legitimates filtered by white list
End of the scan (475 lines in 10mn 55s)(0)
avatar
suegm
Iniciante
Iniciante

Mensagens : 18
Reputação : 0
Data de inscrição : 26/05/2014

Voltar ao Topo Ir em baixo

Re: Suprasavings + CE_Umbrellacert

Mensagem por Power Max em Ter 27 Maio 2014, 14:56

 Selecione e copie todo o texto destacado em vermelho que te passei.
_____________________________________________________________________________________________________________

 Vá no menu: Iniciar > Todos os programas > ZHP > Clique com o botão direito do mouse sobre o Zhpfix e escolha a opção de Executar como administrador > Clique em Importação > Clique no botão GO > Clique em Oui > Caso queira que os arquivos da lixeira sejam excluídos clique em Oui novamente > Um relatório aparecerá no bloco de notas.

Copie este relatório e poste em sua próxima resposta e nos diga como está seu PC depois disto.


Última edição por Power Max em Ter 27 Maio 2014, 16:37, editado 1 vez(es)

_________________

Caixa de Dicas
= Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.

[Você precisa estar registrado e conectado para ver este link.] = O melhor da internet você encontra aqui.

[Você precisa estar registrado e conectado para ver este link.] = Mensagens de fé e esperança para o seu coração
avatar
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Voltar ao Topo Ir em baixo

Re: Suprasavings + CE_Umbrellacert

Mensagem por suegm em Ter 27 Maio 2014, 15:23

Rapport de ZHPFix 2014.4.13.3 par Nicolas Coolman, Update du 13/04/2014
Fichier d'export Registre :
Run by Suellen at 27/05/2014 15:22:33
High Elevated Privileges : OK
Windows 7 Home Basic Edition, 32-bit Service Pack 1 (Build 7601)

Reciclagem vazia (00mn 44s)
Reparação de atalhos do navegador

========== Estado dos serviços ==========
BHBASE Parado

========== Chaves do Registo ==========
ELIMINÉ: Service: Bonjour Service

========== Pastas ==========
Nenhuma pasta CLSID local utilizador vazia

========== Ficheiros ==========
ELIMINÉ: c:\program files\bonjour\mdnsresponder.exe
ELIMINÉ Temporários windows (3005) (330.262.168 octets)
ELIMINÉ Flash Cookies (0) (0 octets)

========== Restauração Sistema ==========
Ponto de restauro do sistema criado com sucesso


========== Recapitulativo ==========
1 : Chaves do Registo
1 : Pastas
3 : Ficheiros
1 : Estado dos serviços
1 : Restauração Sistema


End of clean in 08mn 35s

========== Caminho do ficheiro do relatório ==========
C:\Users\Suellen\AppData\Roaming\ZHP\ZHPFix[R1].txt - 27/05/2014 12:01:17 [3203]
C:\Users\Suellen\AppData\Roaming\ZHP\ZHPFix[R2].txt - 27/05/2014 14:01:08 [1394]
C:\Users\Suellen\AppData\Roaming\ZHP\ZHPFix[R3].txt - 27/05/2014 15:23:18 [1190]
avatar
suegm
Iniciante
Iniciante

Mensagens : 18
Reputação : 0
Data de inscrição : 26/05/2014

Voltar ao Topo Ir em baixo

Re: Suprasavings + CE_Umbrellacert

Mensagem por Power Max em Ter 27 Maio 2014, 15:34

Como está o computador?

_________________

Caixa de Dicas
= Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.

[Você precisa estar registrado e conectado para ver este link.] = O melhor da internet você encontra aqui.

[Você precisa estar registrado e conectado para ver este link.] = Mensagens de fé e esperança para o seu coração
avatar
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Voltar ao Topo Ir em baixo

Re: Suprasavings + CE_Umbrellacert

Mensagem por suegm em Ter 27 Maio 2014, 15:59

O pc parece estar normal. Só o programa que abre o papel de parede não está funcionando. Tem também umas pastas que desconhecia antes, mas pelo que li elas são do sistema mesmo. Vc pode me confirmar, por favor? Default user; Documents and Settings; System volume Information; MSOCache; Recovery (Todas ocultas e com acesso negado) e Program Data; Default (ocultas).


Última edição por suegm em Ter 27 Maio 2014, 16:05, editado 1 vez(es)
avatar
suegm
Iniciante
Iniciante

Mensagens : 18
Reputação : 0
Data de inscrição : 26/05/2014

Voltar ao Topo Ir em baixo

Re: Suprasavings + CE_Umbrellacert

Mensagem por Conteúdo patrocinado


Conteúdo patrocinado


Voltar ao Topo Ir em baixo

Página 1 de 2 1, 2  Seguinte

Ver o tópico anterior Ver o tópico seguinte Voltar ao Topo


 
Permissão deste fórum:
Você não pode responder aos tópicos neste fórum