Social bookmarking
Conservar e compartilhar o endereço de PC Seguro em seu site de social bookmarking
Conservar e compartilhar o endereço de Fórum PC Brasil em seu site de social bookmarking
Estatísticas
Temos 14810 usuários registradosO último membro registrado é Josevinil
Os nossos membros postaram um total de 36047 mensagens em 3685 assuntos
Quem está conectado?
Há 19 usuários online :: 0 registrados, 0 invisíveis e 19 visitantes :: 1 motor de buscaNenhum
O recorde de usuários online foi de 301 em Ter 26 Out 2021, 15:28
Procurar
Top dos mais postadores
Power Max | ||||
joram | ||||
Wings [In Memoriam] | ||||
caedurodrigues | ||||
Amigo Brasileiro | ||||
luizvilarinho | ||||
Danii | ||||
Admin | ||||
Danilo Marsaro | ||||
Andreata |
Google Chrome com problemas
2 participantes
Página 1 de 1
Google Chrome com problemas
Boa Tarde
Acabei de formatar um PC, onde antes da formatação o chrome funcionava normal, e agora o chrome não funciona mais a barra de tarefas, a configuração, e as setas para avançar ou voltar.
Espero que alguém saiba o que ocorre, Já instalei e desinstalei várias vezes e não muda nada.
Desde já obrigado.
Acabei de formatar um PC, onde antes da formatação o chrome funcionava normal, e agora o chrome não funciona mais a barra de tarefas, a configuração, e as setas para avançar ou voltar.
Espero que alguém saiba o que ocorre, Já instalei e desinstalei várias vezes e não muda nada.
Desde já obrigado.
Mau leite- Iniciante
- Mensagens : 27
Reputação : 1
Data de inscrição : 27/11/2013
Idade : 51
Localização : Mogi das Cruzes
Re: Google Chrome com problemas
Olá.
Faça o download do < [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] > < [Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]> ( ... de Nicolas Coolman )
Obs: Ao acessar o link acima clique no botão Télécharger referente ao ZHPDiag para baixá-lo, tal como mostra a imagem abaixo:
[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
Para instalá-lo e executá-lo corretamente siga as dicas deste artigo:
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
* Assim que ele concluir a sua verificação, copie todo o conteúdo do seu relatório ZHPDiag.txt e poste em sua próxima resposta.
Faça o download do < [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] > < [Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]> ( ... de Nicolas Coolman )
Obs: Ao acessar o link acima clique no botão Télécharger referente ao ZHPDiag para baixá-lo, tal como mostra a imagem abaixo:
[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
Para instalá-lo e executá-lo corretamente siga as dicas deste artigo:
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
* Assim que ele concluir a sua verificação, copie todo o conteúdo do seu relatório ZHPDiag.txt e poste em sua próxima resposta.
Power Max- Colaborador
- Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009
Re: Google Chrome com problemas
Boa Noite PowerMax
Segue o relatório:
~ Relatório do ZHPDiag v2014.6.9.87 - Nicolas Coolman (9/6/2014)
~ Iniciado por Mau Leite (9/6/2014 19:14:33)
~ Endereço do Website : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
~ Tradução pelo utilizador
~ Estatuto da versão : Versão atualizada.
~ Lista Branca : Ativado pelo programa
~ Elevação dos Privilégios : OK
~ Controle de Conta de Utilizador : Not Found
---\\ Navegadores Internet
MSIE: Internet Explorer v8.0.6001.18702
GCIE: Google Chrome v35.0.1916.114 (Defaut)
---\\ Informações sobre os produtos Windows
~ Langage: Portugais
Microsoft Windows XP, 32-bit Service Pack 3 (Build 2600)
Windows Automatic Updates : OK
Windows Genuine Advantage : KO
---\\ Softwares de proteçao do sistema
Avira Free Antivirus v14.0.4.642
---\\ Softwares d'optimização do sistema
CCleaner v4.14
---\\ Softwares de partilha do PeerToPeer (P2P)
---\\ Monitoramento dos softwares
Adobe Flash Player 13 Plugin
Java 7 Update 60
---\\ Informações sobre o sistema
~ Processor: x86 Family 6 Model 15 Stepping 13, GenuineIntel
~ Operating System: 32 Bits
Boot mode: Normal (Normal boot)
Total RAM: 2039 MB (69% free)
System Restore: Activé (Enable)
System drive C: has 142 GB (95%) free of 149 GB
---\\ Modo de conexão ao sistema
~ Computer Name: MAU-A792268E606
~ User Name: Mau Leite
~ All Users Names: SUPPORT_388945a0, Mau Leite, HelpAssistant, Convidado, Administrador,
~ Unselected Option: 045,061,O62,065,066,080,O82,089
Logged in as Administrator
---\\ As variáveis de ambiente
~ System Unit : C:\
~ %AppZHP% : C:\Documents and Settings\Mau Leite\Dados de aplicativos\ZHP\
~ %AppData% : C:\Documents and Settings\Mau Leite\Dados de aplicativos\
~ %Desktop% : C:\Documents and Settings\Mau Leite\Desktop\
~ %Favorites% : C:\Documents and Settings\Mau Leite\Favoritos\
~ %LocalAppData% : C:\Documents and Settings\Mau Leite\Configurações locais\Dados de aplicativos\
~ %StartMenu% : C:\Documents and Settings\Mau Leite\Menu Iniciar\
~ %Windir% : C:\WINDOWS\
~ %System% : C:\WINDOWS\system32\
---\\ Enumeração das unidades dos discos
A: Floppy drive, Flash card reader, USB Key (Not Inserted)
C: Hard drive, Flash drive, Thumb drive (Free 142 Go of 149 Go)
D: CD-ROM drive (Not Inserted)
---\\ Estado do Centro de Segurança do Windows
~ Security Center: 38 Legitimates Filtered in 00mn 00s
---\\ Pesquisa particular de ficheiros genéricos
[MD5.064EC7FF5F58B928C3E119402977FA6D] - (.Microsoft Corporation - Windows Explorer.) (.14/4/2008 - 09:00:00.) -- C:\WINDOWS\Explorer.exe [1035776]
[MD5.E2FFA50357056ADE4FCDB5FD09F9D2FF] - (.Microsoft Corporation - Internet Extensions for Win32.) (.6/3/2014 - 14:58:35.) -- C:\WINDOWS\system32\wininet.dll [920064]
[MD5.71D440F79B711627B12B567FB2EADB42] - (.Microsoft Corporation - Aplicativo de logon do Windows NT.) (.14/4/2008 - 09:00:00.) -- C:\WINDOWS\system32\Winlogon.exe [509952]
[MD5.1E44BC1E83D8FD2305F8D452DB109CF9] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.17/8/2011 - 10:49:54.) -- C:\WINDOWS\system32\Drivers\AFD.sys [138496]
[MD5.9F3A2F5AA6875C72BF062C712CFA2674] - (.Microsoft Corporation - IDE/ATAPI Port Driver.) (.13/4/2008 - 11:40:32.) -- C:\WINDOWS\system32\Drivers\atapi.sys [96512]
[MD5.C885B02847F5D2FD45A24E219ED93B32] - (.Microsoft Corporation - CD-ROM File System Driver.) (.14/4/2008 - 09:00:00.) -- C:\WINDOWS\system32\Drivers\Cdfs.sys [63744]
[MD5.1F4260CC5B42272D71F79E570A27A4FE] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.14/4/2008 - 09:00:00.) -- C:\WINDOWS\system32\Drivers\Cdrom.sys [62976]
[MD5.A8D31E836CCF2F51009CE7DFFECF6D51] - (.Microsoft Corporation - FIPS Crypto Driver.) (.14/4/2008 - 09:00:00.) -- C:\WINDOWS\system32\Drivers\Fips.sys [44672]
[MD5.573C7D0A32852B48F3058CFD8026F511] - (.Windows (R) Server 2003 DDK provider - High Definition Audio Bus Driver v1.0a.) (.14/4/2008 - 09:00:00.) -- C:\WINDOWS\system32\Drivers\HDAudBus.sys [144384]
[MD5.485BC6BEB778B5E9702E6AA3D384C0CB] - (.Microsoft Corporation - Driver de porta i8042.) (.14/4/2008 - 09:00:00.) -- C:\WINDOWS\system32\Drivers\i8042prt.sys [53504]
[MD5.083A052659F5310DD8B6A6CB05EDCF8E] - (.Microsoft Corporation - IMAPI Kernel Driver.) (.14/4/2008 - 09:00:00.) -- C:\WINDOWS\system32\Drivers\Imapi.sys [42112]
[MD5.CC748EA12C6EFFDE940EE98098BF96BB] - (.Microsoft Corporation - IP Network Address Translator.) (.14/4/2008 - 09:00:00.) -- C:\WINDOWS\system32\Drivers\IpNat.sys [152832]
[MD5.23C74D75E36E7158768DD63D92789A91] - (.Microsoft Corporation - IPSec Driver.) (.14/4/2008 - 09:00:00.) -- C:\WINDOWS\system32\Drivers\IPSec.sys [75264]
[MD5.7D304A5EB4344EBEEAB53A2FE3FFB9F0] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.15/7/2011 - 10:29:31.) -- C:\WINDOWS\system32\Drivers\MRxSmb.sys [456320]
[MD5.74B2B2F5BEA5E9A3DC021D685551BD3D] - (.Microsoft Corporation - MBT Transport driver.) (.14/4/2008 - 09:00:00.) -- C:\WINDOWS\system32\Drivers\netBT.sys [162816]
[MD5.78A08DD6A8D65E697C18E1DB01C5CDCA] - (.Microsoft Corporation - NT File System Driver.) (.14/4/2008 - 09:00:00.) -- C:\WINDOWS\system32\Drivers\ntfs.sys [574976]
[MD5.9BADEE6B698BF1AF36E25A1A64A89EAB] - (.Microsoft Corporation - Driver de porta paralela.) (.14/4/2008 - 09:00:00.) -- C:\WINDOWS\system32\Drivers\Parport.sys [80384]
[MD5.11B4A627BC9614B885C4969BFA5FF8A6] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.14/4/2008 - 09:00:00.) -- C:\WINDOWS\system32\Drivers\Rasl2tp.sys [51328]
[MD5.15CABD0F7C00C47C70124907916AF3F1] - (.Microsoft Corporation - Microsoft RDP Device redirector.) (.13/4/2008 - 11:32:52.) -- C:\WINDOWS\system32\Drivers\rdpdr.sys [196224]
[MD5.68D749B04BFBBD4D4D15CC5185AFA4DD] - (.Microsoft Corporation - Redbook Audio Filter Driver.) (.13/4/2008 - 15:53:18.) -- C:\WINDOWS\system32\Drivers\redbook.sys [58240]
[MD5.EB6B1E2C984D84470FF4FE7EF98CD44A] - (.Microsoft Corporation - Driver de cópia de sombra de volume.) (.14/4/2008 - 09:00:00.) -- C:\WINDOWS\system32\Drivers\volsnap.sys [53248]
~ Generic Processes: Scanned in 00mn 00s
---\\ Estatuto dos ficheiros ocultos (Oculto/Total)
~ Mes images (My Pictures) : 1/2
~ Mes musiques (My Musics) : 1/2
~ Mes Videos (My Videos) : 0/0
~ Mes Favoris (My Favorites) : 1/11
~ Mes Documents (My Documents) : 1/7
~ Mon Bureau (My Desktop) : 0/5
~ Menu demarrer (Programs) : 1/21
~ Hidden Files: Scanned in 00mn 00s
---\\ Processos lançados
[MD5.0BF3BE441B226D018767C28F92830D34] - (.Avira Operations GmbH & Co. KG - Antivirus Host Framework Service.) -- C:\Arquivos de programas\Avira\AntiVir Desktop\sched.exe [430160] [PID.1560]
[MD5.D5A444B63637EC0932172C6719A10252] - (.Google Inc. - Google Crash Handler.) -- C:\Arquivos de programas\Google\Update\1.3.24.7\GoogleCrashHandler.exe [263048] [PID.1892]
[MD5.58D794455A6CEA851D13274224E42730] - (.Intel Corporation - igfxTray Module.) -- C:\WINDOWS\system32\igfxtray.exe [98304] [PID.2004]
[MD5.E822BA2DB5811E6C8491E24C710D3455] - (.Intel Corporation - hkcmd Module.) -- C:\WINDOWS\system32\hkcmd.exe [77824] [PID.2012]
[MD5.2738657127E7C3D08399D3943D0C5C0E] - (.Intel Corporation - persistence Module.) -- C:\WINDOWS\system32\igfxpers.exe [118784] [PID.2020]
[MD5.EABE00B18DCBEAB7D5B3823FD371F008] - (.Realtek Semiconductor Corp. - Realtek HD Audio Control Panel.) -- C:\WINDOWS\RTHDCPL.exe [16270848] [PID.168]
[MD5.5374D3363F5B87CF03125F5FB584C8CE] - (.Avira Operations GmbH & Co. KG - Avira system tray application.) -- C:\Arquivos de programas\Avira\AntiVir Desktop\avgnt.exe [737872] [PID.224]
[MD5.EDAD4A8A1D46AFCF9E76B996D55116EB] - (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Arquivos de programas\Arquivos comuns\Java\Java Update\jusched.exe [256896] [PID.248]
[MD5.FB73EA22CA1F42C44D6A20BACAA871B5] - (.LightSurf Technologies, Inc. - IconMgr.) -- C:\Arquivos de programas\LightSurf\Common\IconMgr.exe [98304] [PID.376]
[MD5.25FAFF96E0F6E598D7D333BBF702465B] - (.LightSurf Technologies, Inc. - TICIcon.exe.) -- C:\Arquivos de programas\LightSurf\Color Indicator\TICIcon.exe [270336] [PID.384]
[MD5.0BF3BE441B226D018767C28F92830D34] - (.Avira Operations GmbH & Co. KG - Antivirus Host Framework Service.) -- C:\Arquivos de programas\Avira\AntiVir Desktop\avguard.exe [430160] [PID.516]
[MD5.E87885A59FDC241B6575943A75E495D9] - (.Oracle Corporation - Java Quick Starter Service.) -- C:\Arquivos de programas\Java\jre7\bin\jqs.exe [182696] [PID.652]
[MD5.E349ED8E6F380C23BBFDB3E813FF8E6C] - (.Avira Operations GmbH & Co. KG - AntiVir shadow copy service.) -- C:\Arquivos de programas\Avira\AntiVir Desktop\avshadow.exe [425552] [PID.1132]
[MD5.2E0B0A051FFAA86E358465BB0880D453] - (.Microsoft Corporation - Windows Update.) -- C:\WINDOWS\system32\wuauclt.exe [53784] [PID.568]
[MD5.1620FE36666F4BBC2314B7F360FB1965] - (.Google Inc. - Google Chrome.) -- C:\Arquivos de programas\Google\Chrome\Application\chrome.exe [860488] [PID.3820]
[MD5.F5546A846F16DB4578DF72F30AACB1FC] - (.Nicolas Coolman - ZHPDiag.) -- C:\Arquivos de programas\ZHPDiag\ZHPDiag.exe [8066560] [PID.888]
~ Processes Running: Scanned in 00mn 00s
---\\ Internet Explorer, Gestão do Proxy (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s
---\\ Análise das linhas F0, F1, F2, F3 - Ficheiros ini, Carregamento Automático de programas
F2 - REG:system.ini: USERINIT=C:\WINDOWS\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\WINDOWS\explorer.exe
F2 - REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL "sysdm.cpl"
~ Keys: Scanned in 00mn 00s
---\\ Redireção do ficheiro Hosts (01)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File: Scanned in 00mn 00s
~ Nombre de lignes (Lines number): 19
---\\ Barras do Internet Explorer (03))
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{01E04581-4EEE-11D0-BFE9-00AA005B4383} Chave orfã
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{0E5CBF21-D15F-11D0-8301-00AA005B4383} Chave orfã
~ Toolbar: Scanned in 00mn 00s
---\\ Aplicações iniciadas por registo & pastas (04)
O4 - HKLM\..\Run: [igfxtray] . (.Intel Corporation - igfxTray Module.) -- C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] . (.Intel Corporation - hkcmd Module.) -- C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] . (.Intel Corporation - persistence Module.) -- C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [RTHDCPL] . (.Realtek Semiconductor Corp. - Realtek HD Audio Control Panel.) -- C:\WINDOWS\RTHDCPL.exe =>.Realtek Semiconductor Corp
O4 - HKLM\..\Run: [SkyTel] . (.Realtek Semiconductor Corp. - Realtek Voice Manager.) -- C:\WINDOWS\SkyTel.exe =>.Realtek Semiconductor Corp
O4 - HKLM\..\Run: [Alcmtr] . (.Realtek Semiconductor Corp. - Realtek Azalia Audio - Event Monitor.) -- C:\WINDOWS\ALCMTR.exe
O4 - HKLM\..\Run: [avgnt] . (.Avira Operations GmbH & Co. KG - Avira system tray application.) -- C:\Arquivos de programas\Avira\AntiVir Desktop\avgnt.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] . (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Arquivos de programas\Arquivos comuns\Java\Java Update\jusched.exe =>.Oracle Corporation
O4 - HKCU\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\CTFMON.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\CTFMON.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\CTFMON.exe
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\CTFMON.exe
O4 - HKUS\S-1-5-21-117609710-1645522239-1801674531-1003\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe
~ Application: Scanned in 00mn 00s
---\\ Boutões da barra de ferramentas principal do Internet Explorer (09)
O9 - Extra button: Pesquisar - {92780B25-18CC-41C8-B9BE-3C9C571A8263} . (...) -- C:\Arquivos de programas\Microsoft Office\OFFICE11\REFBARH.ICO
O9 - Extra button: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} -- Chave orfã
O9 - Extra button: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} . (.Microsoft Corporation - Windows Messenger.) -- C:\Arquivos de programas\Messenger\msmsgs.exe
~ IE Extra Buttons: Scanned in 00mn 00s
---\\ Piratagem da Opção " Redefinir Configurações da Web " (014)
O14 - IERESET.INF: SEARCH_PAGE_URL=SEARCH_PAGE_URL="&http://home.microsoft.com/intl/br/access/allinone.asp"
O14 - IERESET.INF: SAFESITE_VALUE=SAFESITE_VALUE="search.msn.com.br"
~ IE Paramètres WEB: Scanned in 00mn 00s
---\\ Alteração Dominio/Clientes DNS (017)
O17 - HKLM\System\CCS\Services\Tcpip\..\{ACF92D88-2C46-48F7-AB3A-9378E381B6CC}: DhcpNameServer = 200.204.0.10 200.204.0.138 192.168.0.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{ACF92D88-2C46-48F7-AB3A-9378E381B6CC}: DhcpNameServer = 200.204.0.10 200.204.0.138 192.168.0.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{ACF92D88-2C46-48F7-AB3A-9378E381B6CC}: DhcpNameServer = 200.204.0.10 200.204.0.138 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 200.204.0.10 200.204.0.138 192.168.0.1
~ Domain: Scanned in 00mn 00s
---\\ Protocolo adicional (018)
O18 - Handler: wia - {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} . (.Microsoft Corporation - WIA Scripting Layer.) -- C:\WINDOWS\system32\wiascr.dll
O18 - Filter: text/xml - {807553E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\OFFICE11\MSOXMLMF.dll =>.Microsoft Corporation
~ Protocole Additionnel: Scanned in 00mn 00s
---\\ Valor do Registo AppInit_DLLs e sub-chaves Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: crypt32chain . (.Microsoft Corporation - Crypto API32.) -- C:\WINDOWS\system32\crypt32.dll
O20 - Winlogon Notify: cryptnet . (.Microsoft Corporation - Crypto Network Related API.) -- C:\WINDOWS\system32\cryptnet.dll
O20 - Winlogon Notify: cscdll . (.Microsoft Corporation - Agente de rede off-line.) -- C:\WINDOWS\system32\cscdll.dll
O20 - Winlogon Notify: dimsntfy . (.Microsoft Corporation - DIMS Notification Handler.) -- C:\WINDOWS\system32\dimsntfy.dll
O20 - Winlogon Notify: igfxcui . (.Intel Corporation - igfxdev Module.) -- C:\WINDOWS\system32\igfxdev.dll
O20 - Winlogon Notify: ScCertProp . (.Microsoft Corporation - DLL comum para receber notificações do Winl.) -- C:\WINDOWS\system32\wlnotify.dll
O20 - Winlogon Notify: Schedule . (.Microsoft Corporation - DLL comum para receber notificações do Winl.) -- C:\WINDOWS\system32\wlnotify.dll
O20 - Winlogon Notify: sclgntfy . (.Microsoft Corporation - DLL de notificação do serviço de logon secu.) -- C:\WINDOWS\system32\sclgntfy.dll
O20 - Winlogon Notify: SensLogn . (.Microsoft Corporation - DLL comum para receber notificações do Winl.) -- C:\WINDOWS\system32\WlNotify.dll
O20 - Winlogon Notify: termsrv . (.Microsoft Corporation - DLL comum para receber notificações do Winl.) -- C:\WINDOWS\system32\wlnotify.dll
O20 - Winlogon Notify: wlballoon . (.Microsoft Corporation - DLL comum para receber notificações do Winl.) -- C:\WINDOWS\system32\wlnotify.dll
~ Winlogon: Scanned in 00mn 00s
---\\ Chave do Registo autorun SharedTaskScheduler (STS) (O22)
O22 - SharedTaskScheduler: Pré-carregador Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} . (.Microsoft Corporation - Biblioteca da interface de usuário do naveg.) -- C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Pré-carregador Browseui - {8C7461EF-2B13-11d2-BE35-3078302C2030} . (.Microsoft Corporation - Biblioteca da interface de usuário do naveg.) -- C:\WINDOWS\system32\browseui.dll
~ STS/SSO: Scanned in 00mn 00s
---\\ Enumeração Ativa do Ambiente de trabalho & Editor MHTML (024)
O24 - Desktop Component 0: Minha página inicial atual - file:About:Home
O24 - Desktop General: BackupWallPaper - .(...) - C:\Documents and Settings\Mau Leite\Configurações locais\Dados de aplicativos\Microsoft\Wallpaper1.bmp
O24 - Desktop General: WallPaper - .(...) - C:\Documents and Settings\Mau Leite\Configurações locais\Dados de aplicativos\Microsoft\Wallpaper1.bmp
~ Desktop Component: 4 Legitimates Filtered in 00mn 00s
---\\ Software instalados (042)
O42 - Logiciel: Color Indicator - (...) [HKLM] -- True Internet Color
~ Logic: 17 Legitimates Filtered in 00mn 00s
---\\ HKCU & HKLM Software Keys
[HKCU\Software\Softonic] =>Toolbar.Conduit
[HKLM\Software\Conduit] =>Toolbar.Conduit
[HKLM\Software\LightSurf Technologies, Inc.]
~ Key Software: 93 Legitimates Filtered in 00mn 00s
---\\ Conteúdo das pastas Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 9/6/2014 - 11:07:07 - [] ----D C:\Arquivos de programas\LightSurf
O43 - CFD: 9/6/2014 - 10:36:49 - [] ----D C:\Arquivos de programas\Serviços on-line
O43 - CFD: 9/6/2014 - 10:36:16 - [] ----D C:\Arquivos de programas\Arquivos comuns\Serviços
O43 - CFD: 9/6/2014 - 12:07:02 - [] R---D C:\Documents and Settings\Mau Leite\Menu Iniciar\Programas\Acessórios
O43 - CFD: 9/6/2014 - 07:27:07 - [] R---D C:\Documents and Settings\Mau Leite\Menu Iniciar\Programas\Inicializar
~ Program Folder: 51 Legitimates Filtered in 00mn 00s
---\\ Últimos ficheiros alterados ou criados no Windows e Sistema32 (044)
O44 - LFC:[MD5.C4410DE4A538C7D287C970286B02EC1A] - 9/6/2014 - 07:26:56 R--A- . (...) -- C:\WINDOWS\SET3.tmp [1233746]
O44 - LFC:[MD5.4FF246BD83D90840ED65C2FBBB8F06B2] - 9/6/2014 - 07:26:57 R--A- . (...) -- C:\WINDOWS\SET4.tmp [1088840]
O44 - LFC:[MD5.1C71E6C3739DC91441DD64DFD21F6F6B] - 9/6/2014 - 07:27:03 R--A- . (...) -- C:\WINDOWS\SET8.tmp [16825]
O44 - LFC:[MD5.756E3FFE7E4A96DB54F977AE98D7BF9F] - 9/6/2014 - 07:27:16 ----- . (...) -- C:\WINDOWS\system32\CONFIG.TMP [2969]
O44 - LFC:[MD5.5312FE00B4EBE013C57A7A3089E2275C] - 9/6/2014 - 07:27:16 ---A- . (...) -- C:\WINDOWS\system32\AUTOEXEC.NT [515]
O44 - LFC:[MD5.6CB26848BCDAA361B6EE21264FB362C3] - 9/6/2014 - 07:27:19 ---A- . (...) -- C:\WINDOWS\system32\c_20127.nls [66082]
O44 - LFC:[MD5.6F8A509550FE8C92D07EE0143BF29BA1] - 9/6/2014 - 07:27:21 ---A- . (...) -- C:\WINDOWS\system32\c_10010.nls [66082]
O44 - LFC:[MD5.D2CA471D36A69D17F82D5C1B64FAEE39] - 9/6/2014 - 07:27:21 ---A- . (...) -- C:\WINDOWS\system32\c_10029.nls [66082]
O44 - LFC:[MD5.9CA501D2A8E6909C5B2E8C9274682BF1] - 9/6/2014 - 07:27:21 ---A- . (...) -- C:\WINDOWS\system32\c_10082.nls [66082]
O44 - LFC:[MD5.21E928C8E6ED8EEAB0D1AAEE82ACDD76] - 9/6/2014 - 07:27:21 ---A- . (...) -- C:\WINDOWS\system32\c_852.nls [66594]
O44 - LFC:[MD5.5D038EEABA8EA438F6B5ABD5E91BC851] - 9/6/2014 - 07:27:23 ---A- . (...) -- C:\WINDOWS\system32\C_28594.NLS [66082]
O44 - LFC:[MD5.3E969213F35127D83DAB48FF1283E8E4] - 9/6/2014 - 07:27:23 ---A- . (...) -- C:\WINDOWS\system32\c_855.nls [66594]
O44 - LFC:[MD5.5CD475CA7B87844DE1E0483B536F9AAE] - 9/6/2014 - 07:27:23 ---A- . (...) -- C:\WINDOWS\system32\c_866.nls [66594]
O44 - LFC:[MD5.B537ACFAB9E70F0EF48DB696A08ADC81] - 9/6/2014 - 07:27:24 ---A- . (...) -- C:\WINDOWS\system32\C_28597.NLS [66082]
O44 - LFC:[MD5.0A206B5CACD3CA70D2044DA691304765] - 9/6/2014 - 07:27:24 ---A- . (...) -- C:\WINDOWS\system32\c_10006.nls [66082]
O44 - LFC:[MD5.BAC7072B365F9648CA318154BA7E03EC] - 9/6/2014 - 07:27:24 ---A- . (...) -- C:\WINDOWS\system32\c_737.nls [66594]
O44 - LFC:[MD5.780C444EB16B65E6DE96F794A732DA12] - 9/6/2014 - 07:27:24 ---A- . (...) -- C:\WINDOWS\system32\c_869.nls [66594]
O44 - LFC:[MD5.8BE0D77A873730B4EB1DAB7C6622CD46] - 9/6/2014 - 07:27:24 ---A- . (...) -- C:\WINDOWS\system32\c_875.nls [66082]
O44 - LFC:[MD5.E22D1B9AC7854C0A654E4C4232074E49] - 9/6/2014 - 07:27:26 ---A- . (...) -- C:\WINDOWS\system32\C_28595.NLS [66082]
O44 - LFC:[MD5.AF4A866226BD04ACF06135088D75BB63] - 9/6/2014 - 07:27:26 ---A- . (...) -- C:\WINDOWS\system32\c_10007.nls [66082]
O44 - LFC:[MD5.314E85390BEBDAE5D1E11DB2D8CBC6E9] - 9/6/2014 - 07:27:26 ---A- . (...) -- C:\WINDOWS\system32\c_10017.nls [66082]
O44 - LFC:[MD5.EFFDFF60A38CF648811BBCDD722ECF5E] - 9/6/2014 - 07:27:28 ---A- . (...) -- C:\WINDOWS\system32\c_10081.nls [66082]
O44 - LFC:[MD5.C37A21EE1ADFDC13FC707D97073148ED] - 9/6/2014 - 07:27:28 ---A- . (...) -- C:\WINDOWS\system32\c_28599.nls [66082]
O44 - LFC:[MD5.A8764750B22B528D85A691A52CB21856] - 9/6/2014 - 07:27:28 ---A- . (...) -- C:\WINDOWS\system32\c_857.nls [66594]
O44 - LFC:[MD5.A0E02492452D4E237465D99D005D91FD] - 9/6/2014 - 07:27:31 ---A- . (...) -- C:\WINDOWS\system.ini [231]
O44 - LFC:[MD5.35448F3A71EBBECF8E997FAD3A99327D] - 9/6/2014 - 07:27:31 ---A- . (...) -- C:\WINDOWS\system32\c_28603.nls [66082]
O44 - LFC:[MD5.C8A7CC72469941CE5D17CD9CABCB6C0A] - 9/6/2014 - 07:31:19 ---A- . (...) -- C:\WINDOWS\system32\pid.PNF [4444]
O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 9/6/2014 - 07:32:43 ---A- . (...) -- C:\WINDOWS\system32\h323log.txt [0]
O44 - LFC:[MD5.10D344BCEC483F21ED47095CDB019E9C] - 9/6/2014 - 10:33:55 ---A- . (...) -- C:\WINDOWS\system32\wmimgmt.msc [63488]
O44 - LFC:[MD5.CDD932EDCB756FB5F7CE5E2F090BA838] - 9/6/2014 - 10:34:00 ---A- . (...) -- C:\WINDOWS\system32\msdtcprf.h [768]
O44 - LFC:[MD5.485FA3E9779BB443B21D783D3A3F4A6F] - 9/6/2014 - 10:34:00 ---A- . (...) -- C:\WINDOWS\system32\msdtcprf.ini [3828]
O44 - LFC:[MD5.4A547D74B435E78418BE06406250C1D3] - 9/6/2014 - 10:34:02 ---A- . (...) -- C:\WINDOWS\system32\tslabels.h [3286]
O44 - LFC:[MD5.33FA18A1E3941B727CC6A3A40818F890] - 9/6/2014 - 10:34:02 ---A- . (...) -- C:\WINDOWS\system32\tslabels.ini [26931]
O44 - LFC:[MD5.B6857A23806A85E16E9B9EFAFA2DA1AC] - 9/6/2014 - 10:34:02 ---A- . (...) -- C:\WINDOWS\system32\usrlogon.cmd [1221]
O44 - LFC:[MD5.405E1EF8E3C88E9BCD2853382BB12430] - 9/6/2014 - 10:34:04 ---A- . (...) -- C:\WINDOWS\system32\bopomofo.uce [22984]
O44 - LFC:[MD5.4FDED87068052EEB9B72A97FDBC141DB] - 9/6/2014 - 10:34:04 ---A- . (...) -- C:\WINDOWS\system32\gb2312.uce [24006]
O44 - LFC:[MD5.038F6AD6CEE43585D814CDBC7CDFD3EC] - 9/6/2014 - 10:34:04 ---A- . (...) -- C:\WINDOWS\system32\ideograf.uce [60458]
O44 - LFC:[MD5.7C0C25F4BA1084C4ABBEEA2C74194C5F] - 9/6/2014 - 10:34:04 ---A- . (...) -- C:\WINDOWS\system32\kanji_1.uce [6948]
O44 - LFC:[MD5.529BBD63519BBD654EF328454019693F] - 9/6/2014 - 10:34:04 ---A- . (...) -- C:\WINDOWS\system32\kanji_2.uce [8484]
O44 - LFC:[MD5.7A7A04370A6030B9B0E8178DAD4A6E41] - 9/6/2014 - 10:34:04 ---A- . (...) -- C:\WINDOWS\system32\korean.uce [12876]
O44 - LFC:[MD5.8CA32E9D986FA76F60EFBCFCD9D80A58] - 9/6/2014 - 10:34:04 ---A- . (...) -- C:\WINDOWS\system32\shiftjis.uce [16740]
O44 - LFC:[MD5.30F5568679A54042F99CA9EC1102EBCD] - 9/6/2014 - 10:34:04 ---A- . (...) -- C:\WINDOWS\system32\subrange.uce [93702]
O44 - LFC:[MD5.1AC5E83598D4F2143B59A2D893C3279A] - 9/6/2014 - 10:34:05 ---A- . (...) -- C:\WINDOWS\Areia.bmp [26582]
O44 - LFC:[MD5.39F43DBCE366B2561DF073B4C0839299] - 9/6/2014 - 10:34:05 ---A- . (...) -- C:\WINDOWS\Bolhas de sabão.bmp [65978]
O44 - LFC:[MD5.280920B6773C74C3649A934257112BE1] - 9/6/2014 - 10:34:05 ---A- . (...) -- C:\WINDOWS\Bruma.bmp [65954]
O44 - LFC:[MD5.73D70ED3EC3BBFD8FD35DF431C38F374] - 9/6/2014 - 10:34:05 ---A- . (...) -- C:\WINDOWS\Cafezinho.bmp [17062]
O44 - LFC:[MD5.203EF178BF8B0A8EC34E27E4DEDB6349] - 9/6/2014 - 10:34:05 ---A- . (...) -- C:\WINDOWS\Pescaria.bmp [17336]
O44 - LFC:[MD5.DAC71A10A6A71CB6E3F427AE3283734B] - 9/6/2014 - 10:34:05 ---A- . (...) -- C:\WINDOWS\Renda azul 16.bmp [1272]
O44 - LFC:[MD5.927A66BD587E31CB12D3AB25381658DC] - 9/6/2014 - 10:34:05 ---A- . (...) -- C:\WINDOWS\Rododentro.bmp [17362]
O44 - LFC:[MD5.3A8B85AB7B415BF3F8AFE285DFE0CE29] - 9/6/2014 - 10:34:05 ---A- . (...) -- C:\WINDOWS\Seda.bmp [16730]
O44 - LFC:[MD5.EB3BFC14E41FBAA41B4FD4489AA82D39] - 9/6/2014 - 10:34:06 ---A- . (...) -- C:\WINDOWS\Deserto.bmp [65832]
O44 - LFC:[MD5.5B4AC407E566076BB726BA91E067D313] - 9/6/2014 - 10:34:06 ---A- . (...) -- C:\WINDOWS\Leques.bmp [26680]
O44 - LFC:[MD5.5290EA6951F4724259F423B12C8E1393] - 9/6/2014 - 10:34:06 ---A- . (...) -- C:\WINDOWS\Tapete.bmp [9522]
O44 - LFC:[MD5.487403459F0B2F1A3ADEEF02496BD80E] - 9/6/2014 - 10:34:42 ---A- . (...) -- C:\WINDOWS\vb.ini [36]
O44 - LFC:[MD5.6C2F0BA210C2B53EF07653ABAC6C2490] - 9/6/2014 - 10:34:42 ---A- . (...) -- C:\WINDOWS\vbaddin.ini [37]
O44 - LFC:[MD5.31B889C43D0BA87C5993DEF7EECC5E46] - 9/6/2014 - 10:34:52 ---A- . (...) -- C:\WINDOWS\system32\emptyregdb.dat [21844]
O44 - LFC:[MD5.81051BCC2CF1BEDF378224B0A93E2877] - 9/6/2014 - 10:36:24 ---A- . (...) -- C:\WINDOWS\desktop.ini [2]
O44 - LFC:[MD5.81051BCC2CF1BEDF378224B0A93E2877] - 9/6/2014 - 10:36:24 ---A- . (...) -- C:\WINDOWS\system32\desktop.ini [2]
O44 - LFC:[MD5.2F3CDC1D898FD25B2547F5BFEB01FD0D] - 9/6/2014 - 10:36:24 -SH-- . (...) -- C:\WINDOWS\winnt.bmp [48680]
O44 - LFC:[MD5.2F3CDC1D898FD25B2547F5BFEB01FD0D] - 9/6/2014 - 10:36:24 -SH-- . (...) -- C:\WINDOWS\winnt256.bmp [48680]
O44 - LFC:[MD5.5A5CFF37F1BD0F86B9BDAAD7A9445882] - 9/6/2014 - 10:36:55 R-HA- . (...) -- C:\WINDOWS\WindowsShell.Manifest [749]
O44 - LFC:[MD5.5A5CFF37F1BD0F86B9BDAAD7A9445882] - 9/6/2014 - 10:36:55 R-HA- . (...) -- C:\WINDOWS\system32\cdplayer.exe.manifest [749]
O44 - LFC:[MD5.5A5CFF37F1BD0F86B9BDAAD7A9445882] - 9/6/2014 - 10:36:55 R-HA- . (...) -- C:\WINDOWS\system32\ncpa.cpl.manifest [749]
O44 - LFC:[MD5.5A5CFF37F1BD0F86B9BDAAD7A9445882] - 9/6/2014 - 10:36:55 R-HA- . (...) -- C:\WINDOWS\system32\nwc.cpl.manifest [749]
O44 - LFC:[MD5.5A5CFF37F1BD0F86B9BDAAD7A9445882] - 9/6/2014 - 10:36:55 R-HA- . (...) -- C:\WINDOWS\system32\sapi.cpl.manifest [749]
O44 - LFC:[MD5.5A5CFF37F1BD0F86B9BDAAD7A9445882] - 9/6/2014 - 10:36:55 R-HA- . (...) -- C:\WINDOWS\system32\wuaucpl.cpl.manifest [749]
O44 - LFC:[MD5.5D76C3FB736514E1D7C88791E7322784] - 9/6/2014 - 10:37:00 R-HA- . (...) -- C:\WINDOWS\system32\WindowsLogon.manifest [488]
O44 - LFC:[MD5.5D76C3FB736514E1D7C88791E7322784] - 9/6/2014 - 10:37:00 R-HA- . (...) -- C:\WINDOWS\system32\logonui.exe.manifest [488]
O44 - LFC:[MD5.2B9C717D21A1331BA3731886E3EE87BB] - 9/6/2014 - 10:37:43 ---A- . (...) -- C:\WINDOWS\ODBCINST.INI [4205]
O44 - LFC:[MD5.6D6F4B1886E91EB37ABCCAD19C561EE0] - 9/6/2014 - 10:37:52 ---A- . (...) -- C:\WINDOWS\system32\amcompat.tlb [16832]
O44 - LFC:[MD5.A32B14BE5EDAE794FCE1A9E970827509] - 9/6/2014 - 10:37:52 ---A- . (...) -- C:\WINDOWS\system32\nscompat.tlb [23392]
O44 - LFC:[MD5.DC17DD0189B0C36D863B4DD0A036C10F] - 9/6/2014 - 10:37:53 ---A- . (...) -- C:\WINDOWS\WMSysPr9.prx [316640]
O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 9/6/2014 - 10:37:55 ---A- . (...) -- C:\AUTOEXEC.BAT [0]
O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 9/6/2014 - 10:37:55 ---A- . (...) -- C:\CONFIG.SYS [0]
O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 9/6/2014 - 10:37:55 ---A- . (...) -- C:\WINDOWS\control.ini [0]
O44 - LFC:[MD5.8715347D6B7B2E3A7CFE5ADF2D510CE3] - 9/6/2014 - 10:37:55 ---A- . (...) -- C:\WINDOWS\win.ini [477]
O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 9/6/2014 - 10:37:55 RSHA- . (...) -- C:\IO.SYS [0]
O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 9/6/2014 - 10:37:55 RSHA- . (...) -- C:\MSDOS.SYS [0]
O44 - LFC:[MD5.D77BBE394E419A31AD8AF29B36D6F735] - 9/6/2014 - 10:39:52 ---A- . (...) -- C:\WINDOWS\system32\$winnt$.inf [261]
O44 - LFC:[MD5.FA81439F83192564A78236CC8A6EE1A9] - 9/6/2014 - 10:40:42 ---A- . (...) -- C:\WINDOWS\REGLOCS.OLD [8192]
O44 - LFC:[MD5.DE4C5379216ACE6197B77D0D6C6C8D8A] - 9/6/2014 - 10:50:51 R--A- . (...) -- C:\WINDOWS\system32\igxpxa32.cpa [524850]
O44 - LFC:[MD5.54EABEC05A84181FCEDD7F974850116C] - 9/6/2014 - 10:50:52 R--A- . (...) -- C:\WINDOWS\system32\igxpxa32.vp [929]
O44 - LFC:[MD5.765CB03717D62E6F7C9F0D42D6420BE3] - 9/6/2014 - 10:50:52 R--A- . (...) -- C:\WINDOWS\system32\igxpxk32.vp [58704]
O44 - LFC:[MD5.595CDDE1D6399305403F7BA3231779CF] - 9/6/2014 - 10:50:52 R--A- . (...) -- C:\WINDOWS\system32\igxpxs32.vp [25920]
O44 - LFC:[MD5.43C3571EADA5BC1EDEAD7CA22AD66F30] - 9/6/2014 - 10:53:43 R---- . (...) -- C:\WINDOWS\system32\ChCfg.exe [49152]
O44 - LFC:[MD5.6D0634CEBBFF7F428DD816706F5AA1FB] - 9/6/2014 - 10:54:42 ---A- . (...) -- C:\WINDOWS\system32\BuzzingBee.wav [146650]
O44 - LFC:[MD5.E2FA75ADE398C9A44815B11CC141105C] - 9/6/2014 - 10:54:42 ---A- . (...) -- C:\WINDOWS\system32\LoopyMusic.wav [940794]
O44 - LFC:[MD5.ACA0EA9BCE034D91E661ABF3356719E3] - 9/6/2014 - 11:17:54 ---A- . (...) -- C:\WINDOWS\ODBC.INI [421]
O44 - LFC:[MD5.45FC4C72E78BC7ED0240B05A2BEF4F66] - 9/6/2014 - 11:53:31 ---A- . (...) -- C:\WINDOWS\system32\TZLog.log [6716]
~ Files: 417 Legitimates Filtered in 00mn 32s
---\\ Operações e funções ao arranque do Windows Explorer (046)
O46 - SEH:ShellExecuteHooks - URL Exec Hook - {AEB6717E-7E19-11d0-97EE-00C04FD91972} - shell32.dll
~ ShellExecuteHooks: Scanned in 00mn 00s
---\\ Image File Execution Options (IFEO) (O50)
O50 - IFEO:Image File Execution Options - Your Image File Name Here without a path - ntsd -d
~ IFEO: Scanned in 00mn 00s
---\\ Lista dos drivers do sistema (SDL) (O58)
O58 - SDL:14/4/2008 - 09:00:00 ---A- . (.RAVISENT Technologies Inc. - CineMaster C 1.2 WDM Main Driver.) -- C:\WINDOWS\system32\Drivers\cinemst2.sys [262528]
O58 - SDL:14/4/2008 - 09:00:00 ---A- . (.Windows (R) Server 2003 DDK provider - High Definition Audio Bus Driver v1.0a.) -- C:\WINDOWS\system32\Drivers\hdaudbus.sys [144384]
O58 - SDL:14/4/2008 - 09:00:00 ---A- . (.Parallel Technologies, Inc. - Parallel Technologies DirectParallel IO Library.) -- C:\WINDOWS\system32\Drivers\ptilink.sys [17792]
O58 - SDL:16/5/2014 - 09:07:14 ---A- . (.Avira GmbH - AVIRA SnapShot Driver.) -- C:\WINDOWS\system32\Drivers\ssmdrv.sys [28520]
O58 - SDL:14/4/2008 - 09:00:00 ---A- . (.RAVISENT Technologies Inc. - CineMaster C WDM DVD Minidriver.) -- C:\WINDOWS\system32\Drivers\vdmindvd.sys [58112]
O58 - SDL:14/4/2008 - 09:00:00 ---A- . (...) -- C:\WINDOWS\system32\ansi.sys [9032]
O58 - SDL:14/4/2008 - 09:00:00 ---A- . (...) -- C:\WINDOWS\system32\country.sys [27097]
O58 - SDL:14/4/2008 - 09:00:00 ---A- . (...) -- C:\WINDOWS\system32\himem.sys [4896]
O58 - SDL:14/4/2008 - 09:00:00 ---A- . (...) -- C:\WINDOWS\system32\key01.sys [42809]
O58 - SDL:14/4/2008 - 09:00:00 ---A- . (...) -- C:\WINDOWS\system32\keyboard.sys [42537]
O58 - SDL:14/4/2008 - 09:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntdos.sys [27900]
O58 - SDL:14/4/2008 - 09:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntdos404.sys [29146]
O58 - SDL:14/4/2008 - 09:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntdos411.sys [29370]
O58 - SDL:14/4/2008 - 09:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntdos412.sys [29274]
O58 - SDL:14/4/2008 - 09:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntdos804.sys [29146]
O58 - SDL:14/4/2008 - 09:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntio.sys [33984]
O58 - SDL:14/4/2008 - 09:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntio404.sys [34560]
O58 - SDL:14/4/2008 - 09:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntio411.sys [35648]
O58 - SDL:14/4/2008 - 09:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntio412.sys [35424]
O58 - SDL:14/4/2008 - 09:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntio804.sys [34560]
~ Drivers: 35 Legitimates Filtered in 00mn 00s
---\\ Lista das ferramentas de remoção de vírus (LAT) (063)
O63 - Logiciel: ZHPDiag 2014 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =>.Nicolas Coolman
~ ADS: Scanned in 00mn 00s
---\\ Associações Shell Spawning (O67)
O67 - Shell Spawning: <.html>[HKCU\..\open\Command] (.Not Key.)
~ FASS Keys: 10 Legitimates Filtered in 00mn 00s
---\\ Menu de inicialização Internet (068)
O68 - StartMenuInternet: <>[HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Arquivos de programas\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Arquivos de programas\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Arquivos de programas\Internet Explorer\iexplore.exe
~ Keys: Scanned in 00mn 00s
---\\ Pesquisa de infeção nos navegadores da Internet (SBI) (069)
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} [DefaultScope] - (Bing) - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
~ Keys: Scanned in 00mn 00s
---\\ Estado general dos serviços não Microsoft (EGS) (SR=Executados, SS=Parados)
SS - | Demand 9/6/2014 257712 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
SS - | Disabled 16/5/2014 1039440 | (AntiVirWebService) . (.Avira Operations GmbH & Co. KG.) - C:\Arquivos de programas\Avira\AntiVir Desktop\AVWEBGRD.exe
SS - | Demand 14/4/2008 225280 | (dmadmin) . (.Microsoft Corp., Veritas Software.) - C:\WINDOWS\system32\dmadmin.exe
SS - | Auto 9/6/2014 116648 | (gupdate) . (.Google Inc..) - C:\Arquivos de programas\Google\Update\GoogleUpdate.exe
SS - | Demand 9/6/2014 116648 | (gupdatem) . (.Google Inc..) - C:\Arquivos de programas\Google\Update\GoogleUpdate.exe
SR - | Auto 16/5/2014 430160 | (AntiVirSchedulerService) . (.Avira Operations GmbH & Co. KG.) - C:\Arquivos de programas\Avira\AntiVir Desktop\sched.exe
SR - | Auto 16/5/2014 430160 | (AntiVirService) . (.Avira Operations GmbH & Co. KG.) - C:\Arquivos de programas\Avira\AntiVir Desktop\avguard.exe
SR - | Auto 9/6/2014 182696 | (JavaQuickStarterService) . (.Oracle Corporation.) - C:\Arquivos de programas\Java\jre7\bin\jqs.exe
~ Services: Scanned in 00mn 07s
---\\ Scâner Aditional (088)
Database Version : 13026 - (9/6/2014)
Clés trouvées (Keys found) : 1
Valeurs trouvées (Values found) : 0
Dossiers trouvés (Folders found) : 0
Fichiers trouvés (Files found) : 1
[HKCU\Software\Softonic] =>Toolbar.Conduit
[HKLM\Software\Conduit] =>Toolbar.Conduit^
~ Additionnel Scan: 118010 Items scanned in 00mn 17s
---\\ Informações complémentaires do módulos
~ [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>.Internet Explorer, Proxy Management (R5)
~ [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>.Image File Execution Options (O50)
~ AMI: 2 Legitimates Filtered in 00mn 00s
---\\ Sumário das deteções encontradas na sua estação
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>Toolbar.Conduit
~ MSI: 1 link(s) detected in 00mn 00s
~ 923 Legitimates filtered by white list
End of the scan (463 lines in 01mn 09s)(0)
Segue o relatório:
~ Relatório do ZHPDiag v2014.6.9.87 - Nicolas Coolman (9/6/2014)
~ Iniciado por Mau Leite (9/6/2014 19:14:33)
~ Endereço do Website : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
~ Tradução pelo utilizador
~ Estatuto da versão : Versão atualizada.
~ Lista Branca : Ativado pelo programa
~ Elevação dos Privilégios : OK
~ Controle de Conta de Utilizador : Not Found
---\\ Navegadores Internet
MSIE: Internet Explorer v8.0.6001.18702
GCIE: Google Chrome v35.0.1916.114 (Defaut)
---\\ Informações sobre os produtos Windows
~ Langage: Portugais
Microsoft Windows XP, 32-bit Service Pack 3 (Build 2600)
Windows Automatic Updates : OK
Windows Genuine Advantage : KO
---\\ Softwares de proteçao do sistema
Avira Free Antivirus v14.0.4.642
---\\ Softwares d'optimização do sistema
CCleaner v4.14
---\\ Softwares de partilha do PeerToPeer (P2P)
---\\ Monitoramento dos softwares
Adobe Flash Player 13 Plugin
Java 7 Update 60
---\\ Informações sobre o sistema
~ Processor: x86 Family 6 Model 15 Stepping 13, GenuineIntel
~ Operating System: 32 Bits
Boot mode: Normal (Normal boot)
Total RAM: 2039 MB (69% free)
System Restore: Activé (Enable)
System drive C: has 142 GB (95%) free of 149 GB
---\\ Modo de conexão ao sistema
~ Computer Name: MAU-A792268E606
~ User Name: Mau Leite
~ All Users Names: SUPPORT_388945a0, Mau Leite, HelpAssistant, Convidado, Administrador,
~ Unselected Option: 045,061,O62,065,066,080,O82,089
Logged in as Administrator
---\\ As variáveis de ambiente
~ System Unit : C:\
~ %AppZHP% : C:\Documents and Settings\Mau Leite\Dados de aplicativos\ZHP\
~ %AppData% : C:\Documents and Settings\Mau Leite\Dados de aplicativos\
~ %Desktop% : C:\Documents and Settings\Mau Leite\Desktop\
~ %Favorites% : C:\Documents and Settings\Mau Leite\Favoritos\
~ %LocalAppData% : C:\Documents and Settings\Mau Leite\Configurações locais\Dados de aplicativos\
~ %StartMenu% : C:\Documents and Settings\Mau Leite\Menu Iniciar\
~ %Windir% : C:\WINDOWS\
~ %System% : C:\WINDOWS\system32\
---\\ Enumeração das unidades dos discos
A: Floppy drive, Flash card reader, USB Key (Not Inserted)
C: Hard drive, Flash drive, Thumb drive (Free 142 Go of 149 Go)
D: CD-ROM drive (Not Inserted)
---\\ Estado do Centro de Segurança do Windows
~ Security Center: 38 Legitimates Filtered in 00mn 00s
---\\ Pesquisa particular de ficheiros genéricos
[MD5.064EC7FF5F58B928C3E119402977FA6D] - (.Microsoft Corporation - Windows Explorer.) (.14/4/2008 - 09:00:00.) -- C:\WINDOWS\Explorer.exe [1035776]
[MD5.E2FFA50357056ADE4FCDB5FD09F9D2FF] - (.Microsoft Corporation - Internet Extensions for Win32.) (.6/3/2014 - 14:58:35.) -- C:\WINDOWS\system32\wininet.dll [920064]
[MD5.71D440F79B711627B12B567FB2EADB42] - (.Microsoft Corporation - Aplicativo de logon do Windows NT.) (.14/4/2008 - 09:00:00.) -- C:\WINDOWS\system32\Winlogon.exe [509952]
[MD5.1E44BC1E83D8FD2305F8D452DB109CF9] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.17/8/2011 - 10:49:54.) -- C:\WINDOWS\system32\Drivers\AFD.sys [138496]
[MD5.9F3A2F5AA6875C72BF062C712CFA2674] - (.Microsoft Corporation - IDE/ATAPI Port Driver.) (.13/4/2008 - 11:40:32.) -- C:\WINDOWS\system32\Drivers\atapi.sys [96512]
[MD5.C885B02847F5D2FD45A24E219ED93B32] - (.Microsoft Corporation - CD-ROM File System Driver.) (.14/4/2008 - 09:00:00.) -- C:\WINDOWS\system32\Drivers\Cdfs.sys [63744]
[MD5.1F4260CC5B42272D71F79E570A27A4FE] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.14/4/2008 - 09:00:00.) -- C:\WINDOWS\system32\Drivers\Cdrom.sys [62976]
[MD5.A8D31E836CCF2F51009CE7DFFECF6D51] - (.Microsoft Corporation - FIPS Crypto Driver.) (.14/4/2008 - 09:00:00.) -- C:\WINDOWS\system32\Drivers\Fips.sys [44672]
[MD5.573C7D0A32852B48F3058CFD8026F511] - (.Windows (R) Server 2003 DDK provider - High Definition Audio Bus Driver v1.0a.) (.14/4/2008 - 09:00:00.) -- C:\WINDOWS\system32\Drivers\HDAudBus.sys [144384]
[MD5.485BC6BEB778B5E9702E6AA3D384C0CB] - (.Microsoft Corporation - Driver de porta i8042.) (.14/4/2008 - 09:00:00.) -- C:\WINDOWS\system32\Drivers\i8042prt.sys [53504]
[MD5.083A052659F5310DD8B6A6CB05EDCF8E] - (.Microsoft Corporation - IMAPI Kernel Driver.) (.14/4/2008 - 09:00:00.) -- C:\WINDOWS\system32\Drivers\Imapi.sys [42112]
[MD5.CC748EA12C6EFFDE940EE98098BF96BB] - (.Microsoft Corporation - IP Network Address Translator.) (.14/4/2008 - 09:00:00.) -- C:\WINDOWS\system32\Drivers\IpNat.sys [152832]
[MD5.23C74D75E36E7158768DD63D92789A91] - (.Microsoft Corporation - IPSec Driver.) (.14/4/2008 - 09:00:00.) -- C:\WINDOWS\system32\Drivers\IPSec.sys [75264]
[MD5.7D304A5EB4344EBEEAB53A2FE3FFB9F0] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.15/7/2011 - 10:29:31.) -- C:\WINDOWS\system32\Drivers\MRxSmb.sys [456320]
[MD5.74B2B2F5BEA5E9A3DC021D685551BD3D] - (.Microsoft Corporation - MBT Transport driver.) (.14/4/2008 - 09:00:00.) -- C:\WINDOWS\system32\Drivers\netBT.sys [162816]
[MD5.78A08DD6A8D65E697C18E1DB01C5CDCA] - (.Microsoft Corporation - NT File System Driver.) (.14/4/2008 - 09:00:00.) -- C:\WINDOWS\system32\Drivers\ntfs.sys [574976]
[MD5.9BADEE6B698BF1AF36E25A1A64A89EAB] - (.Microsoft Corporation - Driver de porta paralela.) (.14/4/2008 - 09:00:00.) -- C:\WINDOWS\system32\Drivers\Parport.sys [80384]
[MD5.11B4A627BC9614B885C4969BFA5FF8A6] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.14/4/2008 - 09:00:00.) -- C:\WINDOWS\system32\Drivers\Rasl2tp.sys [51328]
[MD5.15CABD0F7C00C47C70124907916AF3F1] - (.Microsoft Corporation - Microsoft RDP Device redirector.) (.13/4/2008 - 11:32:52.) -- C:\WINDOWS\system32\Drivers\rdpdr.sys [196224]
[MD5.68D749B04BFBBD4D4D15CC5185AFA4DD] - (.Microsoft Corporation - Redbook Audio Filter Driver.) (.13/4/2008 - 15:53:18.) -- C:\WINDOWS\system32\Drivers\redbook.sys [58240]
[MD5.EB6B1E2C984D84470FF4FE7EF98CD44A] - (.Microsoft Corporation - Driver de cópia de sombra de volume.) (.14/4/2008 - 09:00:00.) -- C:\WINDOWS\system32\Drivers\volsnap.sys [53248]
~ Generic Processes: Scanned in 00mn 00s
---\\ Estatuto dos ficheiros ocultos (Oculto/Total)
~ Mes images (My Pictures) : 1/2
~ Mes musiques (My Musics) : 1/2
~ Mes Videos (My Videos) : 0/0
~ Mes Favoris (My Favorites) : 1/11
~ Mes Documents (My Documents) : 1/7
~ Mon Bureau (My Desktop) : 0/5
~ Menu demarrer (Programs) : 1/21
~ Hidden Files: Scanned in 00mn 00s
---\\ Processos lançados
[MD5.0BF3BE441B226D018767C28F92830D34] - (.Avira Operations GmbH & Co. KG - Antivirus Host Framework Service.) -- C:\Arquivos de programas\Avira\AntiVir Desktop\sched.exe [430160] [PID.1560]
[MD5.D5A444B63637EC0932172C6719A10252] - (.Google Inc. - Google Crash Handler.) -- C:\Arquivos de programas\Google\Update\1.3.24.7\GoogleCrashHandler.exe [263048] [PID.1892]
[MD5.58D794455A6CEA851D13274224E42730] - (.Intel Corporation - igfxTray Module.) -- C:\WINDOWS\system32\igfxtray.exe [98304] [PID.2004]
[MD5.E822BA2DB5811E6C8491E24C710D3455] - (.Intel Corporation - hkcmd Module.) -- C:\WINDOWS\system32\hkcmd.exe [77824] [PID.2012]
[MD5.2738657127E7C3D08399D3943D0C5C0E] - (.Intel Corporation - persistence Module.) -- C:\WINDOWS\system32\igfxpers.exe [118784] [PID.2020]
[MD5.EABE00B18DCBEAB7D5B3823FD371F008] - (.Realtek Semiconductor Corp. - Realtek HD Audio Control Panel.) -- C:\WINDOWS\RTHDCPL.exe [16270848] [PID.168]
[MD5.5374D3363F5B87CF03125F5FB584C8CE] - (.Avira Operations GmbH & Co. KG - Avira system tray application.) -- C:\Arquivos de programas\Avira\AntiVir Desktop\avgnt.exe [737872] [PID.224]
[MD5.EDAD4A8A1D46AFCF9E76B996D55116EB] - (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Arquivos de programas\Arquivos comuns\Java\Java Update\jusched.exe [256896] [PID.248]
[MD5.FB73EA22CA1F42C44D6A20BACAA871B5] - (.LightSurf Technologies, Inc. - IconMgr.) -- C:\Arquivos de programas\LightSurf\Common\IconMgr.exe [98304] [PID.376]
[MD5.25FAFF96E0F6E598D7D333BBF702465B] - (.LightSurf Technologies, Inc. - TICIcon.exe.) -- C:\Arquivos de programas\LightSurf\Color Indicator\TICIcon.exe [270336] [PID.384]
[MD5.0BF3BE441B226D018767C28F92830D34] - (.Avira Operations GmbH & Co. KG - Antivirus Host Framework Service.) -- C:\Arquivos de programas\Avira\AntiVir Desktop\avguard.exe [430160] [PID.516]
[MD5.E87885A59FDC241B6575943A75E495D9] - (.Oracle Corporation - Java Quick Starter Service.) -- C:\Arquivos de programas\Java\jre7\bin\jqs.exe [182696] [PID.652]
[MD5.E349ED8E6F380C23BBFDB3E813FF8E6C] - (.Avira Operations GmbH & Co. KG - AntiVir shadow copy service.) -- C:\Arquivos de programas\Avira\AntiVir Desktop\avshadow.exe [425552] [PID.1132]
[MD5.2E0B0A051FFAA86E358465BB0880D453] - (.Microsoft Corporation - Windows Update.) -- C:\WINDOWS\system32\wuauclt.exe [53784] [PID.568]
[MD5.1620FE36666F4BBC2314B7F360FB1965] - (.Google Inc. - Google Chrome.) -- C:\Arquivos de programas\Google\Chrome\Application\chrome.exe [860488] [PID.3820]
[MD5.F5546A846F16DB4578DF72F30AACB1FC] - (.Nicolas Coolman - ZHPDiag.) -- C:\Arquivos de programas\ZHPDiag\ZHPDiag.exe [8066560] [PID.888]
~ Processes Running: Scanned in 00mn 00s
---\\ Internet Explorer, Gestão do Proxy (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s
---\\ Análise das linhas F0, F1, F2, F3 - Ficheiros ini, Carregamento Automático de programas
F2 - REG:system.ini: USERINIT=C:\WINDOWS\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\WINDOWS\explorer.exe
F2 - REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL "sysdm.cpl"
~ Keys: Scanned in 00mn 00s
---\\ Redireção do ficheiro Hosts (01)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File: Scanned in 00mn 00s
~ Nombre de lignes (Lines number): 19
---\\ Barras do Internet Explorer (03))
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{01E04581-4EEE-11D0-BFE9-00AA005B4383} Chave orfã
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{0E5CBF21-D15F-11D0-8301-00AA005B4383} Chave orfã
~ Toolbar: Scanned in 00mn 00s
---\\ Aplicações iniciadas por registo & pastas (04)
O4 - HKLM\..\Run: [igfxtray] . (.Intel Corporation - igfxTray Module.) -- C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] . (.Intel Corporation - hkcmd Module.) -- C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] . (.Intel Corporation - persistence Module.) -- C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [RTHDCPL] . (.Realtek Semiconductor Corp. - Realtek HD Audio Control Panel.) -- C:\WINDOWS\RTHDCPL.exe =>.Realtek Semiconductor Corp
O4 - HKLM\..\Run: [SkyTel] . (.Realtek Semiconductor Corp. - Realtek Voice Manager.) -- C:\WINDOWS\SkyTel.exe =>.Realtek Semiconductor Corp
O4 - HKLM\..\Run: [Alcmtr] . (.Realtek Semiconductor Corp. - Realtek Azalia Audio - Event Monitor.) -- C:\WINDOWS\ALCMTR.exe
O4 - HKLM\..\Run: [avgnt] . (.Avira Operations GmbH & Co. KG - Avira system tray application.) -- C:\Arquivos de programas\Avira\AntiVir Desktop\avgnt.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] . (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Arquivos de programas\Arquivos comuns\Java\Java Update\jusched.exe =>.Oracle Corporation
O4 - HKCU\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\CTFMON.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\CTFMON.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\CTFMON.exe
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\CTFMON.exe
O4 - HKUS\S-1-5-21-117609710-1645522239-1801674531-1003\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe
~ Application: Scanned in 00mn 00s
---\\ Boutões da barra de ferramentas principal do Internet Explorer (09)
O9 - Extra button: Pesquisar - {92780B25-18CC-41C8-B9BE-3C9C571A8263} . (...) -- C:\Arquivos de programas\Microsoft Office\OFFICE11\REFBARH.ICO
O9 - Extra button: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} -- Chave orfã
O9 - Extra button: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} . (.Microsoft Corporation - Windows Messenger.) -- C:\Arquivos de programas\Messenger\msmsgs.exe
~ IE Extra Buttons: Scanned in 00mn 00s
---\\ Piratagem da Opção " Redefinir Configurações da Web " (014)
O14 - IERESET.INF: SEARCH_PAGE_URL=SEARCH_PAGE_URL="&http://home.microsoft.com/intl/br/access/allinone.asp"
O14 - IERESET.INF: SAFESITE_VALUE=SAFESITE_VALUE="search.msn.com.br"
~ IE Paramètres WEB: Scanned in 00mn 00s
---\\ Alteração Dominio/Clientes DNS (017)
O17 - HKLM\System\CCS\Services\Tcpip\..\{ACF92D88-2C46-48F7-AB3A-9378E381B6CC}: DhcpNameServer = 200.204.0.10 200.204.0.138 192.168.0.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{ACF92D88-2C46-48F7-AB3A-9378E381B6CC}: DhcpNameServer = 200.204.0.10 200.204.0.138 192.168.0.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{ACF92D88-2C46-48F7-AB3A-9378E381B6CC}: DhcpNameServer = 200.204.0.10 200.204.0.138 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 200.204.0.10 200.204.0.138 192.168.0.1
~ Domain: Scanned in 00mn 00s
---\\ Protocolo adicional (018)
O18 - Handler: wia - {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} . (.Microsoft Corporation - WIA Scripting Layer.) -- C:\WINDOWS\system32\wiascr.dll
O18 - Filter: text/xml - {807553E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\OFFICE11\MSOXMLMF.dll =>.Microsoft Corporation
~ Protocole Additionnel: Scanned in 00mn 00s
---\\ Valor do Registo AppInit_DLLs e sub-chaves Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: crypt32chain . (.Microsoft Corporation - Crypto API32.) -- C:\WINDOWS\system32\crypt32.dll
O20 - Winlogon Notify: cryptnet . (.Microsoft Corporation - Crypto Network Related API.) -- C:\WINDOWS\system32\cryptnet.dll
O20 - Winlogon Notify: cscdll . (.Microsoft Corporation - Agente de rede off-line.) -- C:\WINDOWS\system32\cscdll.dll
O20 - Winlogon Notify: dimsntfy . (.Microsoft Corporation - DIMS Notification Handler.) -- C:\WINDOWS\system32\dimsntfy.dll
O20 - Winlogon Notify: igfxcui . (.Intel Corporation - igfxdev Module.) -- C:\WINDOWS\system32\igfxdev.dll
O20 - Winlogon Notify: ScCertProp . (.Microsoft Corporation - DLL comum para receber notificações do Winl.) -- C:\WINDOWS\system32\wlnotify.dll
O20 - Winlogon Notify: Schedule . (.Microsoft Corporation - DLL comum para receber notificações do Winl.) -- C:\WINDOWS\system32\wlnotify.dll
O20 - Winlogon Notify: sclgntfy . (.Microsoft Corporation - DLL de notificação do serviço de logon secu.) -- C:\WINDOWS\system32\sclgntfy.dll
O20 - Winlogon Notify: SensLogn . (.Microsoft Corporation - DLL comum para receber notificações do Winl.) -- C:\WINDOWS\system32\WlNotify.dll
O20 - Winlogon Notify: termsrv . (.Microsoft Corporation - DLL comum para receber notificações do Winl.) -- C:\WINDOWS\system32\wlnotify.dll
O20 - Winlogon Notify: wlballoon . (.Microsoft Corporation - DLL comum para receber notificações do Winl.) -- C:\WINDOWS\system32\wlnotify.dll
~ Winlogon: Scanned in 00mn 00s
---\\ Chave do Registo autorun SharedTaskScheduler (STS) (O22)
O22 - SharedTaskScheduler: Pré-carregador Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} . (.Microsoft Corporation - Biblioteca da interface de usuário do naveg.) -- C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Pré-carregador Browseui - {8C7461EF-2B13-11d2-BE35-3078302C2030} . (.Microsoft Corporation - Biblioteca da interface de usuário do naveg.) -- C:\WINDOWS\system32\browseui.dll
~ STS/SSO: Scanned in 00mn 00s
---\\ Enumeração Ativa do Ambiente de trabalho & Editor MHTML (024)
O24 - Desktop Component 0: Minha página inicial atual - file:About:Home
O24 - Desktop General: BackupWallPaper - .(...) - C:\Documents and Settings\Mau Leite\Configurações locais\Dados de aplicativos\Microsoft\Wallpaper1.bmp
O24 - Desktop General: WallPaper - .(...) - C:\Documents and Settings\Mau Leite\Configurações locais\Dados de aplicativos\Microsoft\Wallpaper1.bmp
~ Desktop Component: 4 Legitimates Filtered in 00mn 00s
---\\ Software instalados (042)
O42 - Logiciel: Color Indicator - (...) [HKLM] -- True Internet Color
~ Logic: 17 Legitimates Filtered in 00mn 00s
---\\ HKCU & HKLM Software Keys
[HKCU\Software\Softonic] =>Toolbar.Conduit
[HKLM\Software\Conduit] =>Toolbar.Conduit
[HKLM\Software\LightSurf Technologies, Inc.]
~ Key Software: 93 Legitimates Filtered in 00mn 00s
---\\ Conteúdo das pastas Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 9/6/2014 - 11:07:07 - [] ----D C:\Arquivos de programas\LightSurf
O43 - CFD: 9/6/2014 - 10:36:49 - [] ----D C:\Arquivos de programas\Serviços on-line
O43 - CFD: 9/6/2014 - 10:36:16 - [] ----D C:\Arquivos de programas\Arquivos comuns\Serviços
O43 - CFD: 9/6/2014 - 12:07:02 - [] R---D C:\Documents and Settings\Mau Leite\Menu Iniciar\Programas\Acessórios
O43 - CFD: 9/6/2014 - 07:27:07 - [] R---D C:\Documents and Settings\Mau Leite\Menu Iniciar\Programas\Inicializar
~ Program Folder: 51 Legitimates Filtered in 00mn 00s
---\\ Últimos ficheiros alterados ou criados no Windows e Sistema32 (044)
O44 - LFC:[MD5.C4410DE4A538C7D287C970286B02EC1A] - 9/6/2014 - 07:26:56 R--A- . (...) -- C:\WINDOWS\SET3.tmp [1233746]
O44 - LFC:[MD5.4FF246BD83D90840ED65C2FBBB8F06B2] - 9/6/2014 - 07:26:57 R--A- . (...) -- C:\WINDOWS\SET4.tmp [1088840]
O44 - LFC:[MD5.1C71E6C3739DC91441DD64DFD21F6F6B] - 9/6/2014 - 07:27:03 R--A- . (...) -- C:\WINDOWS\SET8.tmp [16825]
O44 - LFC:[MD5.756E3FFE7E4A96DB54F977AE98D7BF9F] - 9/6/2014 - 07:27:16 ----- . (...) -- C:\WINDOWS\system32\CONFIG.TMP [2969]
O44 - LFC:[MD5.5312FE00B4EBE013C57A7A3089E2275C] - 9/6/2014 - 07:27:16 ---A- . (...) -- C:\WINDOWS\system32\AUTOEXEC.NT [515]
O44 - LFC:[MD5.6CB26848BCDAA361B6EE21264FB362C3] - 9/6/2014 - 07:27:19 ---A- . (...) -- C:\WINDOWS\system32\c_20127.nls [66082]
O44 - LFC:[MD5.6F8A509550FE8C92D07EE0143BF29BA1] - 9/6/2014 - 07:27:21 ---A- . (...) -- C:\WINDOWS\system32\c_10010.nls [66082]
O44 - LFC:[MD5.D2CA471D36A69D17F82D5C1B64FAEE39] - 9/6/2014 - 07:27:21 ---A- . (...) -- C:\WINDOWS\system32\c_10029.nls [66082]
O44 - LFC:[MD5.9CA501D2A8E6909C5B2E8C9274682BF1] - 9/6/2014 - 07:27:21 ---A- . (...) -- C:\WINDOWS\system32\c_10082.nls [66082]
O44 - LFC:[MD5.21E928C8E6ED8EEAB0D1AAEE82ACDD76] - 9/6/2014 - 07:27:21 ---A- . (...) -- C:\WINDOWS\system32\c_852.nls [66594]
O44 - LFC:[MD5.5D038EEABA8EA438F6B5ABD5E91BC851] - 9/6/2014 - 07:27:23 ---A- . (...) -- C:\WINDOWS\system32\C_28594.NLS [66082]
O44 - LFC:[MD5.3E969213F35127D83DAB48FF1283E8E4] - 9/6/2014 - 07:27:23 ---A- . (...) -- C:\WINDOWS\system32\c_855.nls [66594]
O44 - LFC:[MD5.5CD475CA7B87844DE1E0483B536F9AAE] - 9/6/2014 - 07:27:23 ---A- . (...) -- C:\WINDOWS\system32\c_866.nls [66594]
O44 - LFC:[MD5.B537ACFAB9E70F0EF48DB696A08ADC81] - 9/6/2014 - 07:27:24 ---A- . (...) -- C:\WINDOWS\system32\C_28597.NLS [66082]
O44 - LFC:[MD5.0A206B5CACD3CA70D2044DA691304765] - 9/6/2014 - 07:27:24 ---A- . (...) -- C:\WINDOWS\system32\c_10006.nls [66082]
O44 - LFC:[MD5.BAC7072B365F9648CA318154BA7E03EC] - 9/6/2014 - 07:27:24 ---A- . (...) -- C:\WINDOWS\system32\c_737.nls [66594]
O44 - LFC:[MD5.780C444EB16B65E6DE96F794A732DA12] - 9/6/2014 - 07:27:24 ---A- . (...) -- C:\WINDOWS\system32\c_869.nls [66594]
O44 - LFC:[MD5.8BE0D77A873730B4EB1DAB7C6622CD46] - 9/6/2014 - 07:27:24 ---A- . (...) -- C:\WINDOWS\system32\c_875.nls [66082]
O44 - LFC:[MD5.E22D1B9AC7854C0A654E4C4232074E49] - 9/6/2014 - 07:27:26 ---A- . (...) -- C:\WINDOWS\system32\C_28595.NLS [66082]
O44 - LFC:[MD5.AF4A866226BD04ACF06135088D75BB63] - 9/6/2014 - 07:27:26 ---A- . (...) -- C:\WINDOWS\system32\c_10007.nls [66082]
O44 - LFC:[MD5.314E85390BEBDAE5D1E11DB2D8CBC6E9] - 9/6/2014 - 07:27:26 ---A- . (...) -- C:\WINDOWS\system32\c_10017.nls [66082]
O44 - LFC:[MD5.EFFDFF60A38CF648811BBCDD722ECF5E] - 9/6/2014 - 07:27:28 ---A- . (...) -- C:\WINDOWS\system32\c_10081.nls [66082]
O44 - LFC:[MD5.C37A21EE1ADFDC13FC707D97073148ED] - 9/6/2014 - 07:27:28 ---A- . (...) -- C:\WINDOWS\system32\c_28599.nls [66082]
O44 - LFC:[MD5.A8764750B22B528D85A691A52CB21856] - 9/6/2014 - 07:27:28 ---A- . (...) -- C:\WINDOWS\system32\c_857.nls [66594]
O44 - LFC:[MD5.A0E02492452D4E237465D99D005D91FD] - 9/6/2014 - 07:27:31 ---A- . (...) -- C:\WINDOWS\system.ini [231]
O44 - LFC:[MD5.35448F3A71EBBECF8E997FAD3A99327D] - 9/6/2014 - 07:27:31 ---A- . (...) -- C:\WINDOWS\system32\c_28603.nls [66082]
O44 - LFC:[MD5.C8A7CC72469941CE5D17CD9CABCB6C0A] - 9/6/2014 - 07:31:19 ---A- . (...) -- C:\WINDOWS\system32\pid.PNF [4444]
O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 9/6/2014 - 07:32:43 ---A- . (...) -- C:\WINDOWS\system32\h323log.txt [0]
O44 - LFC:[MD5.10D344BCEC483F21ED47095CDB019E9C] - 9/6/2014 - 10:33:55 ---A- . (...) -- C:\WINDOWS\system32\wmimgmt.msc [63488]
O44 - LFC:[MD5.CDD932EDCB756FB5F7CE5E2F090BA838] - 9/6/2014 - 10:34:00 ---A- . (...) -- C:\WINDOWS\system32\msdtcprf.h [768]
O44 - LFC:[MD5.485FA3E9779BB443B21D783D3A3F4A6F] - 9/6/2014 - 10:34:00 ---A- . (...) -- C:\WINDOWS\system32\msdtcprf.ini [3828]
O44 - LFC:[MD5.4A547D74B435E78418BE06406250C1D3] - 9/6/2014 - 10:34:02 ---A- . (...) -- C:\WINDOWS\system32\tslabels.h [3286]
O44 - LFC:[MD5.33FA18A1E3941B727CC6A3A40818F890] - 9/6/2014 - 10:34:02 ---A- . (...) -- C:\WINDOWS\system32\tslabels.ini [26931]
O44 - LFC:[MD5.B6857A23806A85E16E9B9EFAFA2DA1AC] - 9/6/2014 - 10:34:02 ---A- . (...) -- C:\WINDOWS\system32\usrlogon.cmd [1221]
O44 - LFC:[MD5.405E1EF8E3C88E9BCD2853382BB12430] - 9/6/2014 - 10:34:04 ---A- . (...) -- C:\WINDOWS\system32\bopomofo.uce [22984]
O44 - LFC:[MD5.4FDED87068052EEB9B72A97FDBC141DB] - 9/6/2014 - 10:34:04 ---A- . (...) -- C:\WINDOWS\system32\gb2312.uce [24006]
O44 - LFC:[MD5.038F6AD6CEE43585D814CDBC7CDFD3EC] - 9/6/2014 - 10:34:04 ---A- . (...) -- C:\WINDOWS\system32\ideograf.uce [60458]
O44 - LFC:[MD5.7C0C25F4BA1084C4ABBEEA2C74194C5F] - 9/6/2014 - 10:34:04 ---A- . (...) -- C:\WINDOWS\system32\kanji_1.uce [6948]
O44 - LFC:[MD5.529BBD63519BBD654EF328454019693F] - 9/6/2014 - 10:34:04 ---A- . (...) -- C:\WINDOWS\system32\kanji_2.uce [8484]
O44 - LFC:[MD5.7A7A04370A6030B9B0E8178DAD4A6E41] - 9/6/2014 - 10:34:04 ---A- . (...) -- C:\WINDOWS\system32\korean.uce [12876]
O44 - LFC:[MD5.8CA32E9D986FA76F60EFBCFCD9D80A58] - 9/6/2014 - 10:34:04 ---A- . (...) -- C:\WINDOWS\system32\shiftjis.uce [16740]
O44 - LFC:[MD5.30F5568679A54042F99CA9EC1102EBCD] - 9/6/2014 - 10:34:04 ---A- . (...) -- C:\WINDOWS\system32\subrange.uce [93702]
O44 - LFC:[MD5.1AC5E83598D4F2143B59A2D893C3279A] - 9/6/2014 - 10:34:05 ---A- . (...) -- C:\WINDOWS\Areia.bmp [26582]
O44 - LFC:[MD5.39F43DBCE366B2561DF073B4C0839299] - 9/6/2014 - 10:34:05 ---A- . (...) -- C:\WINDOWS\Bolhas de sabão.bmp [65978]
O44 - LFC:[MD5.280920B6773C74C3649A934257112BE1] - 9/6/2014 - 10:34:05 ---A- . (...) -- C:\WINDOWS\Bruma.bmp [65954]
O44 - LFC:[MD5.73D70ED3EC3BBFD8FD35DF431C38F374] - 9/6/2014 - 10:34:05 ---A- . (...) -- C:\WINDOWS\Cafezinho.bmp [17062]
O44 - LFC:[MD5.203EF178BF8B0A8EC34E27E4DEDB6349] - 9/6/2014 - 10:34:05 ---A- . (...) -- C:\WINDOWS\Pescaria.bmp [17336]
O44 - LFC:[MD5.DAC71A10A6A71CB6E3F427AE3283734B] - 9/6/2014 - 10:34:05 ---A- . (...) -- C:\WINDOWS\Renda azul 16.bmp [1272]
O44 - LFC:[MD5.927A66BD587E31CB12D3AB25381658DC] - 9/6/2014 - 10:34:05 ---A- . (...) -- C:\WINDOWS\Rododentro.bmp [17362]
O44 - LFC:[MD5.3A8B85AB7B415BF3F8AFE285DFE0CE29] - 9/6/2014 - 10:34:05 ---A- . (...) -- C:\WINDOWS\Seda.bmp [16730]
O44 - LFC:[MD5.EB3BFC14E41FBAA41B4FD4489AA82D39] - 9/6/2014 - 10:34:06 ---A- . (...) -- C:\WINDOWS\Deserto.bmp [65832]
O44 - LFC:[MD5.5B4AC407E566076BB726BA91E067D313] - 9/6/2014 - 10:34:06 ---A- . (...) -- C:\WINDOWS\Leques.bmp [26680]
O44 - LFC:[MD5.5290EA6951F4724259F423B12C8E1393] - 9/6/2014 - 10:34:06 ---A- . (...) -- C:\WINDOWS\Tapete.bmp [9522]
O44 - LFC:[MD5.487403459F0B2F1A3ADEEF02496BD80E] - 9/6/2014 - 10:34:42 ---A- . (...) -- C:\WINDOWS\vb.ini [36]
O44 - LFC:[MD5.6C2F0BA210C2B53EF07653ABAC6C2490] - 9/6/2014 - 10:34:42 ---A- . (...) -- C:\WINDOWS\vbaddin.ini [37]
O44 - LFC:[MD5.31B889C43D0BA87C5993DEF7EECC5E46] - 9/6/2014 - 10:34:52 ---A- . (...) -- C:\WINDOWS\system32\emptyregdb.dat [21844]
O44 - LFC:[MD5.81051BCC2CF1BEDF378224B0A93E2877] - 9/6/2014 - 10:36:24 ---A- . (...) -- C:\WINDOWS\desktop.ini [2]
O44 - LFC:[MD5.81051BCC2CF1BEDF378224B0A93E2877] - 9/6/2014 - 10:36:24 ---A- . (...) -- C:\WINDOWS\system32\desktop.ini [2]
O44 - LFC:[MD5.2F3CDC1D898FD25B2547F5BFEB01FD0D] - 9/6/2014 - 10:36:24 -SH-- . (...) -- C:\WINDOWS\winnt.bmp [48680]
O44 - LFC:[MD5.2F3CDC1D898FD25B2547F5BFEB01FD0D] - 9/6/2014 - 10:36:24 -SH-- . (...) -- C:\WINDOWS\winnt256.bmp [48680]
O44 - LFC:[MD5.5A5CFF37F1BD0F86B9BDAAD7A9445882] - 9/6/2014 - 10:36:55 R-HA- . (...) -- C:\WINDOWS\WindowsShell.Manifest [749]
O44 - LFC:[MD5.5A5CFF37F1BD0F86B9BDAAD7A9445882] - 9/6/2014 - 10:36:55 R-HA- . (...) -- C:\WINDOWS\system32\cdplayer.exe.manifest [749]
O44 - LFC:[MD5.5A5CFF37F1BD0F86B9BDAAD7A9445882] - 9/6/2014 - 10:36:55 R-HA- . (...) -- C:\WINDOWS\system32\ncpa.cpl.manifest [749]
O44 - LFC:[MD5.5A5CFF37F1BD0F86B9BDAAD7A9445882] - 9/6/2014 - 10:36:55 R-HA- . (...) -- C:\WINDOWS\system32\nwc.cpl.manifest [749]
O44 - LFC:[MD5.5A5CFF37F1BD0F86B9BDAAD7A9445882] - 9/6/2014 - 10:36:55 R-HA- . (...) -- C:\WINDOWS\system32\sapi.cpl.manifest [749]
O44 - LFC:[MD5.5A5CFF37F1BD0F86B9BDAAD7A9445882] - 9/6/2014 - 10:36:55 R-HA- . (...) -- C:\WINDOWS\system32\wuaucpl.cpl.manifest [749]
O44 - LFC:[MD5.5D76C3FB736514E1D7C88791E7322784] - 9/6/2014 - 10:37:00 R-HA- . (...) -- C:\WINDOWS\system32\WindowsLogon.manifest [488]
O44 - LFC:[MD5.5D76C3FB736514E1D7C88791E7322784] - 9/6/2014 - 10:37:00 R-HA- . (...) -- C:\WINDOWS\system32\logonui.exe.manifest [488]
O44 - LFC:[MD5.2B9C717D21A1331BA3731886E3EE87BB] - 9/6/2014 - 10:37:43 ---A- . (...) -- C:\WINDOWS\ODBCINST.INI [4205]
O44 - LFC:[MD5.6D6F4B1886E91EB37ABCCAD19C561EE0] - 9/6/2014 - 10:37:52 ---A- . (...) -- C:\WINDOWS\system32\amcompat.tlb [16832]
O44 - LFC:[MD5.A32B14BE5EDAE794FCE1A9E970827509] - 9/6/2014 - 10:37:52 ---A- . (...) -- C:\WINDOWS\system32\nscompat.tlb [23392]
O44 - LFC:[MD5.DC17DD0189B0C36D863B4DD0A036C10F] - 9/6/2014 - 10:37:53 ---A- . (...) -- C:\WINDOWS\WMSysPr9.prx [316640]
O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 9/6/2014 - 10:37:55 ---A- . (...) -- C:\AUTOEXEC.BAT [0]
O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 9/6/2014 - 10:37:55 ---A- . (...) -- C:\CONFIG.SYS [0]
O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 9/6/2014 - 10:37:55 ---A- . (...) -- C:\WINDOWS\control.ini [0]
O44 - LFC:[MD5.8715347D6B7B2E3A7CFE5ADF2D510CE3] - 9/6/2014 - 10:37:55 ---A- . (...) -- C:\WINDOWS\win.ini [477]
O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 9/6/2014 - 10:37:55 RSHA- . (...) -- C:\IO.SYS [0]
O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 9/6/2014 - 10:37:55 RSHA- . (...) -- C:\MSDOS.SYS [0]
O44 - LFC:[MD5.D77BBE394E419A31AD8AF29B36D6F735] - 9/6/2014 - 10:39:52 ---A- . (...) -- C:\WINDOWS\system32\$winnt$.inf [261]
O44 - LFC:[MD5.FA81439F83192564A78236CC8A6EE1A9] - 9/6/2014 - 10:40:42 ---A- . (...) -- C:\WINDOWS\REGLOCS.OLD [8192]
O44 - LFC:[MD5.DE4C5379216ACE6197B77D0D6C6C8D8A] - 9/6/2014 - 10:50:51 R--A- . (...) -- C:\WINDOWS\system32\igxpxa32.cpa [524850]
O44 - LFC:[MD5.54EABEC05A84181FCEDD7F974850116C] - 9/6/2014 - 10:50:52 R--A- . (...) -- C:\WINDOWS\system32\igxpxa32.vp [929]
O44 - LFC:[MD5.765CB03717D62E6F7C9F0D42D6420BE3] - 9/6/2014 - 10:50:52 R--A- . (...) -- C:\WINDOWS\system32\igxpxk32.vp [58704]
O44 - LFC:[MD5.595CDDE1D6399305403F7BA3231779CF] - 9/6/2014 - 10:50:52 R--A- . (...) -- C:\WINDOWS\system32\igxpxs32.vp [25920]
O44 - LFC:[MD5.43C3571EADA5BC1EDEAD7CA22AD66F30] - 9/6/2014 - 10:53:43 R---- . (...) -- C:\WINDOWS\system32\ChCfg.exe [49152]
O44 - LFC:[MD5.6D0634CEBBFF7F428DD816706F5AA1FB] - 9/6/2014 - 10:54:42 ---A- . (...) -- C:\WINDOWS\system32\BuzzingBee.wav [146650]
O44 - LFC:[MD5.E2FA75ADE398C9A44815B11CC141105C] - 9/6/2014 - 10:54:42 ---A- . (...) -- C:\WINDOWS\system32\LoopyMusic.wav [940794]
O44 - LFC:[MD5.ACA0EA9BCE034D91E661ABF3356719E3] - 9/6/2014 - 11:17:54 ---A- . (...) -- C:\WINDOWS\ODBC.INI [421]
O44 - LFC:[MD5.45FC4C72E78BC7ED0240B05A2BEF4F66] - 9/6/2014 - 11:53:31 ---A- . (...) -- C:\WINDOWS\system32\TZLog.log [6716]
~ Files: 417 Legitimates Filtered in 00mn 32s
---\\ Operações e funções ao arranque do Windows Explorer (046)
O46 - SEH:ShellExecuteHooks - URL Exec Hook - {AEB6717E-7E19-11d0-97EE-00C04FD91972} - shell32.dll
~ ShellExecuteHooks: Scanned in 00mn 00s
---\\ Image File Execution Options (IFEO) (O50)
O50 - IFEO:Image File Execution Options - Your Image File Name Here without a path - ntsd -d
~ IFEO: Scanned in 00mn 00s
---\\ Lista dos drivers do sistema (SDL) (O58)
O58 - SDL:14/4/2008 - 09:00:00 ---A- . (.RAVISENT Technologies Inc. - CineMaster C 1.2 WDM Main Driver.) -- C:\WINDOWS\system32\Drivers\cinemst2.sys [262528]
O58 - SDL:14/4/2008 - 09:00:00 ---A- . (.Windows (R) Server 2003 DDK provider - High Definition Audio Bus Driver v1.0a.) -- C:\WINDOWS\system32\Drivers\hdaudbus.sys [144384]
O58 - SDL:14/4/2008 - 09:00:00 ---A- . (.Parallel Technologies, Inc. - Parallel Technologies DirectParallel IO Library.) -- C:\WINDOWS\system32\Drivers\ptilink.sys [17792]
O58 - SDL:16/5/2014 - 09:07:14 ---A- . (.Avira GmbH - AVIRA SnapShot Driver.) -- C:\WINDOWS\system32\Drivers\ssmdrv.sys [28520]
O58 - SDL:14/4/2008 - 09:00:00 ---A- . (.RAVISENT Technologies Inc. - CineMaster C WDM DVD Minidriver.) -- C:\WINDOWS\system32\Drivers\vdmindvd.sys [58112]
O58 - SDL:14/4/2008 - 09:00:00 ---A- . (...) -- C:\WINDOWS\system32\ansi.sys [9032]
O58 - SDL:14/4/2008 - 09:00:00 ---A- . (...) -- C:\WINDOWS\system32\country.sys [27097]
O58 - SDL:14/4/2008 - 09:00:00 ---A- . (...) -- C:\WINDOWS\system32\himem.sys [4896]
O58 - SDL:14/4/2008 - 09:00:00 ---A- . (...) -- C:\WINDOWS\system32\key01.sys [42809]
O58 - SDL:14/4/2008 - 09:00:00 ---A- . (...) -- C:\WINDOWS\system32\keyboard.sys [42537]
O58 - SDL:14/4/2008 - 09:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntdos.sys [27900]
O58 - SDL:14/4/2008 - 09:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntdos404.sys [29146]
O58 - SDL:14/4/2008 - 09:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntdos411.sys [29370]
O58 - SDL:14/4/2008 - 09:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntdos412.sys [29274]
O58 - SDL:14/4/2008 - 09:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntdos804.sys [29146]
O58 - SDL:14/4/2008 - 09:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntio.sys [33984]
O58 - SDL:14/4/2008 - 09:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntio404.sys [34560]
O58 - SDL:14/4/2008 - 09:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntio411.sys [35648]
O58 - SDL:14/4/2008 - 09:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntio412.sys [35424]
O58 - SDL:14/4/2008 - 09:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntio804.sys [34560]
~ Drivers: 35 Legitimates Filtered in 00mn 00s
---\\ Lista das ferramentas de remoção de vírus (LAT) (063)
O63 - Logiciel: ZHPDiag 2014 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =>.Nicolas Coolman
~ ADS: Scanned in 00mn 00s
---\\ Associações Shell Spawning (O67)
O67 - Shell Spawning: <.html>
~ FASS Keys: 10 Legitimates Filtered in 00mn 00s
---\\ Menu de inicialização Internet (068)
O68 - StartMenuInternet:
O68 - StartMenuInternet:
O68 - StartMenuInternet:
~ Keys: Scanned in 00mn 00s
---\\ Pesquisa de infeção nos navegadores da Internet (SBI) (069)
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} [DefaultScope] - (Bing) - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
~ Keys: Scanned in 00mn 00s
---\\ Estado general dos serviços não Microsoft (EGS) (SR=Executados, SS=Parados)
SS - | Demand 9/6/2014 257712 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
SS - | Disabled 16/5/2014 1039440 | (AntiVirWebService) . (.Avira Operations GmbH & Co. KG.) - C:\Arquivos de programas\Avira\AntiVir Desktop\AVWEBGRD.exe
SS - | Demand 14/4/2008 225280 | (dmadmin) . (.Microsoft Corp., Veritas Software.) - C:\WINDOWS\system32\dmadmin.exe
SS - | Auto 9/6/2014 116648 | (gupdate) . (.Google Inc..) - C:\Arquivos de programas\Google\Update\GoogleUpdate.exe
SS - | Demand 9/6/2014 116648 | (gupdatem) . (.Google Inc..) - C:\Arquivos de programas\Google\Update\GoogleUpdate.exe
SR - | Auto 16/5/2014 430160 | (AntiVirSchedulerService) . (.Avira Operations GmbH & Co. KG.) - C:\Arquivos de programas\Avira\AntiVir Desktop\sched.exe
SR - | Auto 16/5/2014 430160 | (AntiVirService) . (.Avira Operations GmbH & Co. KG.) - C:\Arquivos de programas\Avira\AntiVir Desktop\avguard.exe
SR - | Auto 9/6/2014 182696 | (JavaQuickStarterService) . (.Oracle Corporation.) - C:\Arquivos de programas\Java\jre7\bin\jqs.exe
~ Services: Scanned in 00mn 07s
---\\ Scâner Aditional (088)
Database Version : 13026 - (9/6/2014)
Clés trouvées (Keys found) : 1
Valeurs trouvées (Values found) : 0
Dossiers trouvés (Folders found) : 0
Fichiers trouvés (Files found) : 1
[HKCU\Software\Softonic] =>Toolbar.Conduit
[HKLM\Software\Conduit] =>Toolbar.Conduit^
~ Additionnel Scan: 118010 Items scanned in 00mn 17s
---\\ Informações complémentaires do módulos
~ [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>.Internet Explorer, Proxy Management (R5)
~ [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>.Image File Execution Options (O50)
~ AMI: 2 Legitimates Filtered in 00mn 00s
---\\ Sumário das deteções encontradas na sua estação
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>Toolbar.Conduit
~ MSI: 1 link(s) detected in 00mn 00s
~ 923 Legitimates filtered by white list
End of the scan (463 lines in 01mn 09s)(0)
Mau leite- Iniciante
- Mensagens : 27
Reputação : 1
Data de inscrição : 27/11/2013
Idade : 51
Localização : Mogi das Cruzes
Re: Google Chrome com problemas
Selecione e copie todo o texto destacado em vermelho que te passei.
_____________________________________________________________________________________________________________
Vá no menu: Iniciar > Todos os programas > ZHP > Clique com o botão direito do mouse sobre o Zhpfix e escolha a opção de Executar como administrador > Clique em Importação > Clique no botão GO > Clique em Oui > Caso queira que os arquivos da lixeira sejam excluídos clique em Oui novamente > Um relatório aparecerá no bloco de notas.
Copie este relatório e poste em sua próxima resposta.
_____________________________________________________________________________________________________________
Vá no menu: Iniciar > Todos os programas > ZHP > Clique com o botão direito do mouse sobre o Zhpfix e escolha a opção de Executar como administrador > Clique em Importação > Clique no botão GO > Clique em Oui > Caso queira que os arquivos da lixeira sejam excluídos clique em Oui novamente > Um relatório aparecerá no bloco de notas.
Copie este relatório e poste em sua próxima resposta.
Última edição por Power Max em Ter 10 Jun 2014, 17:01, editado 1 vez(es)
Power Max- Colaborador
- Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009
Re: Google Chrome com problemas
segue relatório
Rapport de ZHPFix 2014.4.13.3 par Nicolas Coolman, Update du 13/04/2014
Fichier d'export Registre :
Run by Mau Leite at 9/6/2014 20:20:45
High Elevated Privileges : OK
Windows XP Professional Service Pack 3 (Build 2600)
Reciclagem vazia (00mn 01s)
Reparação de atalhos do navegador
========== Chaves do Registo ==========
ELIMINÉ:³ HKCU\Software\Softonic
ELIMINÉ:³ HKLM\Software\Conduit
========== Valores do Registo ==========
ProxyFix : Configuração proxy removida com sucesso
ELIMINÉ ProxyServer Value
ELIMINÉ ProxyEnable Value
ELIMINÉ EnableHttp1_1 Value
ELIMINÉ ProxyHttp1.1 Value
ELIMINÉ ProxyOverride Value
========== Pastas ==========
Nenhuma pasta CLSID local utilizador vazia
========== Ficheiros ==========
ELIMINÉ Temporários windows (0) (0 octets)
ELIMINÉ Flash Cookies (0) (0 octets)
========== Restauração Sistema ==========
Nenhum ponto de restauro do sistema foi criado
========== Outros ==========
NÃO-TRATADO _________________
Rapport de ZHPFix 2014.4.13.3 par Nicolas Coolman, Update du 13/04/2014
Fichier d'export Registre :
Run by Mau Leite at 9/6/2014 20:20:45
High Elevated Privileges : OK
Windows XP Professional Service Pack 3 (Build 2600)
Reciclagem vazia (00mn 01s)
Reparação de atalhos do navegador
========== Chaves do Registo ==========
ELIMINÉ:³ HKCU\Software\Softonic
ELIMINÉ:³ HKLM\Software\Conduit
========== Valores do Registo ==========
ProxyFix : Configuração proxy removida com sucesso
ELIMINÉ ProxyServer Value
ELIMINÉ ProxyEnable Value
ELIMINÉ EnableHttp1_1 Value
ELIMINÉ ProxyHttp1.1 Value
ELIMINÉ ProxyOverride Value
========== Pastas ==========
Nenhuma pasta CLSID local utilizador vazia
========== Ficheiros ==========
ELIMINÉ Temporários windows (0) (0 octets)
ELIMINÉ Flash Cookies (0) (0 octets)
========== Restauração Sistema ==========
Nenhum ponto de restauro do sistema foi criado
========== Outros ==========
NÃO-TRATADO _________________
Mau leite- Iniciante
- Mensagens : 27
Reputação : 1
Data de inscrição : 27/11/2013
Idade : 51
Localização : Mogi das Cruzes
Re: Google Chrome com problemas
Abra novamente o ( ZHPDiag )
[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
|- Clique "SEARCH" ou "PESQUISAR" e aguarde a conclusão.
[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
|- Clique OK e, ao concluir, poste o relatório ZHPDiag.txt
[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
|- Clique "SEARCH" ou "PESQUISAR" e aguarde a conclusão.
[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
|- Clique OK e, ao concluir, poste o relatório ZHPDiag.txt
[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
Power Max- Colaborador
- Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009
Re: Google Chrome com problemas
segue relatório anexado
~ Relatório do ZHPDiag v2014.6.9.87 - Nicolas Coolman (9/6/2014)
~ Iniciado por Mau Leite (9/6/2014 20:31:40)
~ Endereço do Website : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
~ Tradução pelo utilizador
~ Estatuto da versão : Versão atualizada.
~ Lista Branca : Ativado pelo programa
~ Elevação dos Privilégios : OK
~ Controle de Conta de Utilizador : Not Found
---\\ Navegadores Internet
MSIE: Internet Explorer v8.0.6001.18702
GCIE: Google Chrome v35.0.1916.114 (Defaut)
---\\ Informações sobre os produtos Windows
~ Langage: Portugais
Microsoft Windows XP, 32-bit Service Pack 3 (Build 2600)
Windows Automatic Updates : OK
Windows Genuine Advantage : KO
---\\ Softwares de proteçao do sistema
Avira Free Antivirus v14.0.4.642
---\\ Softwares d'optimização do sistema
CCleaner v4.14
---\\ Softwares de partilha do PeerToPeer (P2P)
---\\ Monitoramento dos softwares
Adobe Flash Player 13 Plugin
Java 7 Update 60
---\\ Informações sobre o sistema
~ Processor: x86 Family 6 Model 15 Stepping 13, GenuineIntel
~ Operating System: 32 Bits
Boot mode: Normal (Normal boot)
Total RAM: 2039 MB (72% free)
System Restore: Activé (Enable)
System drive C: has 142 GB (95%) free of 149 GB
---\\ Modo de conexão ao sistema
~ Computer Name: MAU-A792268E606
~ User Name: Mau Leite
~ All Users Names: SUPPORT_388945a0, Mau Leite, HelpAssistant, Convidado, Administrador,
~ Unselected Option: 045,061,O62,065,066,080,O82,089
Logged in as Administrator
---\\ As variáveis de ambiente
~ System Unit : C:\
~ %AppZHP% : C:\Documents and Settings\Mau Leite\Dados de aplicativos\ZHP\
~ %AppData% : C:\Documents and Settings\Mau Leite\Dados de aplicativos\
~ %Desktop% : C:\Documents and Settings\Mau Leite\Desktop\
~ %Favorites% : C:\Documents and Settings\Mau Leite\Favoritos\
~ %LocalAppData% : C:\Documents and Settings\Mau Leite\Configurações locais\Dados de aplicativos\
~ %StartMenu% : C:\Documents and Settings\Mau Leite\Menu Iniciar\
~ %Windir% : C:\WINDOWS\
~ %System% : C:\WINDOWS\system32\
---\\ Enumeração das unidades dos discos
A: Floppy drive, Flash card reader, USB Key (Not Inserted)
C: Hard drive, Flash drive, Thumb drive (Free 142 Go of 149 Go)
D: CD-ROM drive (Not Inserted)
---\\ Estado do Centro de Segurança do Windows
~ Security Center: 38 Legitimates Filtered in 00mn 00s
---\\ Pesquisa particular de ficheiros genéricos
[MD5.064EC7FF5F58B928C3E119402977FA6D] - (.Microsoft Corporation - Windows Explorer.) (.14/4/2008 - 09:00:00.) -- C:\WINDOWS\Explorer.exe [1035776]
[MD5.E2FFA50357056ADE4FCDB5FD09F9D2FF] - (.Microsoft Corporation - Internet Extensions for Win32.) (.6/3/2014 - 14:58:35.) -- C:\WINDOWS\system32\wininet.dll [920064]
[MD5.71D440F79B711627B12B567FB2EADB42] - (.Microsoft Corporation - Aplicativo de logon do Windows NT.) (.14/4/2008 - 09:00:00.) -- C:\WINDOWS\system32\Winlogon.exe [509952]
[MD5.1E44BC1E83D8FD2305F8D452DB109CF9] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.17/8/2011 - 10:49:54.) -- C:\WINDOWS\system32\Drivers\AFD.sys [138496]
[MD5.9F3A2F5AA6875C72BF062C712CFA2674] - (.Microsoft Corporation - IDE/ATAPI Port Driver.) (.13/4/2008 - 11:40:32.) -- C:\WINDOWS\system32\Drivers\atapi.sys [96512]
[MD5.C885B02847F5D2FD45A24E219ED93B32] - (.Microsoft Corporation - CD-ROM File System Driver.) (.14/4/2008 - 09:00:00.) -- C:\WINDOWS\system32\Drivers\Cdfs.sys [63744]
[MD5.1F4260CC5B42272D71F79E570A27A4FE] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.14/4/2008 - 09:00:00.) -- C:\WINDOWS\system32\Drivers\Cdrom.sys [62976]
[MD5.A8D31E836CCF2F51009CE7DFFECF6D51] - (.Microsoft Corporation - FIPS Crypto Driver.) (.14/4/2008 - 09:00:00.) -- C:\WINDOWS\system32\Drivers\Fips.sys [44672]
[MD5.573C7D0A32852B48F3058CFD8026F511] - (.Windows (R) Server 2003 DDK provider - High Definition Audio Bus Driver v1.0a.) (.14/4/2008 - 09:00:00.) -- C:\WINDOWS\system32\Drivers\HDAudBus.sys [144384]
[MD5.485BC6BEB778B5E9702E6AA3D384C0CB] - (.Microsoft Corporation - Driver de porta i8042.) (.14/4/2008 - 09:00:00.) -- C:\WINDOWS\system32\Drivers\i8042prt.sys [53504]
[MD5.083A052659F5310DD8B6A6CB05EDCF8E] - (.Microsoft Corporation - IMAPI Kernel Driver.) (.14/4/2008 - 09:00:00.) -- C:\WINDOWS\system32\Drivers\Imapi.sys [42112]
[MD5.CC748EA12C6EFFDE940EE98098BF96BB] - (.Microsoft Corporation - IP Network Address Translator.) (.14/4/2008 - 09:00:00.) -- C:\WINDOWS\system32\Drivers\IpNat.sys [152832]
[MD5.23C74D75E36E7158768DD63D92789A91] - (.Microsoft Corporation - IPSec Driver.) (.14/4/2008 - 09:00:00.) -- C:\WINDOWS\system32\Drivers\IPSec.sys [75264]
[MD5.7D304A5EB4344EBEEAB53A2FE3FFB9F0] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.15/7/2011 - 10:29:31.) -- C:\WINDOWS\system32\Drivers\MRxSmb.sys [456320]
[MD5.74B2B2F5BEA5E9A3DC021D685551BD3D] - (.Microsoft Corporation - MBT Transport driver.) (.14/4/2008 - 09:00:00.) -- C:\WINDOWS\system32\Drivers\netBT.sys [162816]
[MD5.78A08DD6A8D65E697C18E1DB01C5CDCA] - (.Microsoft Corporation - NT File System Driver.) (.14/4/2008 - 09:00:00.) -- C:\WINDOWS\system32\Drivers\ntfs.sys [574976]
[MD5.9BADEE6B698BF1AF36E25A1A64A89EAB] - (.Microsoft Corporation - Driver de porta paralela.) (.14/4/2008 - 09:00:00.) -- C:\WINDOWS\system32\Drivers\Parport.sys [80384]
[MD5.11B4A627BC9614B885C4969BFA5FF8A6] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.14/4/2008 - 09:00:00.) -- C:\WINDOWS\system32\Drivers\Rasl2tp.sys [51328]
[MD5.15CABD0F7C00C47C70124907916AF3F1] - (.Microsoft Corporation - Microsoft RDP Device redirector.) (.13/4/2008 - 11:32:52.) -- C:\WINDOWS\system32\Drivers\rdpdr.sys [196224]
[MD5.68D749B04BFBBD4D4D15CC5185AFA4DD] - (.Microsoft Corporation - Redbook Audio Filter Driver.) (.13/4/2008 - 15:53:18.) -- C:\WINDOWS\system32\Drivers\redbook.sys [58240]
[MD5.EB6B1E2C984D84470FF4FE7EF98CD44A] - (.Microsoft Corporation - Driver de cópia de sombra de volume.) (.14/4/2008 - 09:00:00.) -- C:\WINDOWS\system32\Drivers\volsnap.sys [53248]
~ Generic Processes: Scanned in 00mn 00s
---\\ Estatuto dos ficheiros ocultos (Oculto/Total)
~ Mes images (My Pictures) : 1/2
~ Mes musiques (My Musics) : 1/2
~ Mes Videos (My Videos) : 0/0
~ Mes Favoris (My Favorites) : 1/11
~ Mes Documents (My Documents) : 1/7
~ Mon Bureau (My Desktop) : 0/5
~ Menu demarrer (Programs) : 1/21
~ Hidden Files: Scanned in 00mn 00s
---\\ Processos lançados
[MD5.0BF3BE441B226D018767C28F92830D34] - (.Avira Operations GmbH & Co. KG - Antivirus Host Framework Service.) -- C:\Arquivos de programas\Avira\AntiVir Desktop\sched.exe [430160] [PID.1556]
[MD5.D5A444B63637EC0932172C6719A10252] - (.Google Inc. - Google Crash Handler.) -- C:\Arquivos de programas\Google\Update\1.3.24.7\GoogleCrashHandler.exe [263048] [PID.1840]
[MD5.58D794455A6CEA851D13274224E42730] - (.Intel Corporation - igfxTray Module.) -- C:\WINDOWS\system32\igfxtray.exe [98304] [PID.1968]
[MD5.E822BA2DB5811E6C8491E24C710D3455] - (.Intel Corporation - hkcmd Module.) -- C:\WINDOWS\system32\hkcmd.exe [77824] [PID.1976]
[MD5.2738657127E7C3D08399D3943D0C5C0E] - (.Intel Corporation - persistence Module.) -- C:\WINDOWS\system32\igfxpers.exe [118784] [PID.1984]
[MD5.EABE00B18DCBEAB7D5B3823FD371F008] - (.Realtek Semiconductor Corp. - Realtek HD Audio Control Panel.) -- C:\WINDOWS\RTHDCPL.exe [16270848] [PID.2044]
[MD5.5374D3363F5B87CF03125F5FB584C8CE] - (.Avira Operations GmbH & Co. KG - Avira system tray application.) -- C:\Arquivos de programas\Avira\AntiVir Desktop\avgnt.exe [737872] [PID.172]
[MD5.EDAD4A8A1D46AFCF9E76B996D55116EB] - (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Arquivos de programas\Arquivos comuns\Java\Java Update\jusched.exe [256896] [PID.152]
[MD5.FB73EA22CA1F42C44D6A20BACAA871B5] - (.LightSurf Technologies, Inc. - IconMgr.) -- C:\Arquivos de programas\LightSurf\Common\IconMgr.exe [98304] [PID.252]
[MD5.25FAFF96E0F6E598D7D333BBF702465B] - (.LightSurf Technologies, Inc. - TICIcon.exe.) -- C:\Arquivos de programas\LightSurf\Color Indicator\TICIcon.exe [270336] [PID.264]
[MD5.0BF3BE441B226D018767C28F92830D34] - (.Avira Operations GmbH & Co. KG - Antivirus Host Framework Service.) -- C:\Arquivos de programas\Avira\AntiVir Desktop\avguard.exe [430160] [PID.492]
[MD5.E87885A59FDC241B6575943A75E495D9] - (.Oracle Corporation - Java Quick Starter Service.) -- C:\Arquivos de programas\Java\jre7\bin\jqs.exe [182696] [PID.832]
[MD5.E349ED8E6F380C23BBFDB3E813FF8E6C] - (.Avira Operations GmbH & Co. KG - AntiVir shadow copy service.) -- C:\Arquivos de programas\Avira\AntiVir Desktop\avshadow.exe [425552] [PID.1492]
[MD5.1620FE36666F4BBC2314B7F360FB1965] - (.Google Inc. - Google Chrome.) -- C:\Arquivos de programas\Google\Chrome\Application\chrome.exe [860488] [PID.3280]
[MD5.F5546A846F16DB4578DF72F30AACB1FC] - (.Nicolas Coolman - ZHPDiag.) -- C:\Arquivos de programas\ZHPDiag\ZHPDiag.exe [8066560] [PID.752]
~ Processes Running: Scanned in 00mn 00s
---\\ Internet Explorer, Gestão do Proxy (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s
---\\ Análise das linhas F0, F1, F2, F3 - Ficheiros ini, Carregamento Automático de programas
F2 - REG:system.ini: USERINIT=C:\WINDOWS\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\WINDOWS\explorer.exe
F2 - REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL "sysdm.cpl"
~ Keys: Scanned in 00mn 00s
---\\ Redireção do ficheiro Hosts (01)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File: Scanned in 00mn 00s
~ Nombre de lignes (Lines number): 19
---\\ Barras do Internet Explorer (03))
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{01E04581-4EEE-11D0-BFE9-00AA005B4383} Chave orfã
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{0E5CBF21-D15F-11D0-8301-00AA005B4383} Chave orfã
~ Toolbar: Scanned in 00mn 00s
---\\ Aplicações iniciadas por registo & pastas (04)
O4 - HKLM\..\Run: [igfxtray] . (.Intel Corporation - igfxTray Module.) -- C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] . (.Intel Corporation - hkcmd Module.) -- C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] . (.Intel Corporation - persistence Module.) -- C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [RTHDCPL] . (.Realtek Semiconductor Corp. - Realtek HD Audio Control Panel.) -- C:\WINDOWS\RTHDCPL.exe =>.Realtek Semiconductor Corp
O4 - HKLM\..\Run: [SkyTel] . (.Realtek Semiconductor Corp. - Realtek Voice Manager.) -- C:\WINDOWS\SkyTel.exe =>.Realtek Semiconductor Corp
O4 - HKLM\..\Run: [Alcmtr] . (.Realtek Semiconductor Corp. - Realtek Azalia Audio - Event Monitor.) -- C:\WINDOWS\ALCMTR.exe
O4 - HKLM\..\Run: [avgnt] . (.Avira Operations GmbH & Co. KG - Avira system tray application.) -- C:\Arquivos de programas\Avira\AntiVir Desktop\avgnt.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] . (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Arquivos de programas\Arquivos comuns\Java\Java Update\jusched.exe =>.Oracle Corporation
O4 - HKCU\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\CTFMON.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\CTFMON.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\CTFMON.exe
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\CTFMON.exe
O4 - HKUS\S-1-5-21-117609710-1645522239-1801674531-1003\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe
~ Application: Scanned in 00mn 00s
---\\ Boutões da barra de ferramentas principal do Internet Explorer (09)
O9 - Extra button: Pesquisar - {92780B25-18CC-41C8-B9BE-3C9C571A8263} . (...) -- C:\Arquivos de programas\Microsoft Office\OFFICE11\REFBARH.ICO
O9 - Extra button: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} -- Chave orfã
O9 - Extra button: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} . (.Microsoft Corporation - Windows Messenger.) -- C:\Arquivos de programas\Messenger\msmsgs.exe
~ IE Extra Buttons: Scanned in 00mn 00s
---\\ Piratagem da Opção " Redefinir Configurações da Web " (014)
O14 - IERESET.INF: SEARCH_PAGE_URL=SEARCH_PAGE_URL="&http://home.microsoft.com/intl/br/access/allinone.asp"
O14 - IERESET.INF: SAFESITE_VALUE=SAFESITE_VALUE="search.msn.com.br"
~ IE Paramètres WEB: Scanned in 00mn 00s
---\\ Alteração Dominio/Clientes DNS (017)
O17 - HKLM\System\CCS\Services\Tcpip\..\{ACF92D88-2C46-48F7-AB3A-9378E381B6CC}: DhcpNameServer = 200.204.0.10 200.204.0.138 192.168.0.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{ACF92D88-2C46-48F7-AB3A-9378E381B6CC}: DhcpNameServer = 200.204.0.10 200.204.0.138 192.168.0.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{ACF92D88-2C46-48F7-AB3A-9378E381B6CC}: DhcpNameServer = 200.204.0.10 200.204.0.138 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 200.204.0.10 200.204.0.138 192.168.0.1
~ Domain: Scanned in 00mn 00s
---\\ Protocolo adicional (018)
O18 - Handler: wia - {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} . (.Microsoft Corporation - WIA Scripting Layer.) -- C:\WINDOWS\system32\wiascr.dll
O18 - Filter: text/xml - {807553E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\OFFICE11\MSOXMLMF.dll =>.Microsoft Corporation
~ Protocole Additionnel: Scanned in 00mn 00s
---\\ Valor do Registo AppInit_DLLs e sub-chaves Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: crypt32chain . (.Microsoft Corporation - Crypto API32.) -- C:\WINDOWS\system32\crypt32.dll
O20 - Winlogon Notify: cryptnet . (.Microsoft Corporation - Crypto Network Related API.) -- C:\WINDOWS\system32\cryptnet.dll
O20 - Winlogon Notify: cscdll . (.Microsoft Corporation - Agente de rede off-line.) -- C:\WINDOWS\system32\cscdll.dll
O20 - Winlogon Notify: dimsntfy . (.Microsoft Corporation - DIMS Notification Handler.) -- C:\WINDOWS\system32\dimsntfy.dll
O20 - Winlogon Notify: igfxcui . (.Intel Corporation - igfxdev Module.) -- C:\WINDOWS\system32\igfxdev.dll
O20 - Winlogon Notify: ScCertProp . (.Microsoft Corporation - DLL comum para receber notificações do Winl.) -- C:\WINDOWS\system32\wlnotify.dll
O20 - Winlogon Notify: Schedule . (.Microsoft Corporation - DLL comum para receber notificações do Winl.) -- C:\WINDOWS\system32\wlnotify.dll
O20 - Winlogon Notify: sclgntfy . (.Microsoft Corporation - DLL de notificação do serviço de logon secu.) -- C:\WINDOWS\system32\sclgntfy.dll
O20 - Winlogon Notify: SensLogn . (.Microsoft Corporation - DLL comum para receber notificações do Winl.) -- C:\WINDOWS\system32\WlNotify.dll
O20 - Winlogon Notify: termsrv . (.Microsoft Corporation - DLL comum para receber notificações do Winl.) -- C:\WINDOWS\system32\wlnotify.dll
O20 - Winlogon Notify: wlballoon . (.Microsoft Corporation - DLL comum para receber notificações do Winl.) -- C:\WINDOWS\system32\wlnotify.dll
~ Winlogon: Scanned in 00mn 00s
---\\ Chave do Registo autorun SharedTaskScheduler (STS) (O22)
O22 - SharedTaskScheduler: Pré-carregador Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} . (.Microsoft Corporation - Biblioteca da interface de usuário do naveg.) -- C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Pré-carregador Browseui - {8C7461EF-2B13-11d2-BE35-3078302C2030} . (.Microsoft Corporation - Biblioteca da interface de usuário do naveg.) -- C:\WINDOWS\system32\browseui.dll
~ STS/SSO: Scanned in 00mn 00s
---\\ Enumeração Ativa do Ambiente de trabalho & Editor MHTML (024)
O24 - Desktop Component 0: Minha página inicial atual - file:About:Home
O24 - Desktop General: BackupWallPaper - .(...) - C:\Documents and Settings\Mau Leite\Configurações locais\Dados de aplicativos\Microsoft\Wallpaper1.bmp
O24 - Desktop General: WallPaper - .(...) - C:\Documents and Settings\Mau Leite\Configurações locais\Dados de aplicativos\Microsoft\Wallpaper1.bmp
~ Desktop Component: 4 Legitimates Filtered in 00mn 00s
---\\ Software instalados (042)
O42 - Logiciel: Color Indicator - (...) [HKLM] -- True Internet Color
~ Logic: 17 Legitimates Filtered in 00mn 00s
---\\ HKCU & HKLM Software Keys
[HKCU\Software\Softonic] =>Toolbar.Conduit
[HKLM\Software\Conduit] =>Toolbar.Conduit
[HKLM\Software\LightSurf Technologies, Inc.]
~ Key Software: 93 Legitimates Filtered in 00mn 00s
---\\ Conteúdo das pastas Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 9/6/2014 - 11:07:07 - [] ----D C:\Arquivos de programas\LightSurf
O43 - CFD: 9/6/2014 - 10:36:49 - [] ----D C:\Arquivos de programas\Serviços on-line
O43 - CFD: 9/6/2014 - 10:36:16 - [] ----D C:\Arquivos de programas\Arquivos comuns\Serviços
O43 - CFD: 9/6/2014 - 12:07:02 - [] R---D C:\Documents and Settings\Mau Leite\Menu Iniciar\Programas\Acessórios
O43 - CFD: 9/6/2014 - 07:27:07 - [] R---D C:\Documents and Settings\Mau Leite\Menu Iniciar\Programas\Inicializar
~ Program Folder: 51 Legitimates Filtered in 00mn 00s
---\\ Últimos ficheiros alterados ou criados no Windows e Sistema32 (044)
O44 - LFC:[MD5.C4410DE4A538C7D287C970286B02EC1A] - 9/6/2014 - 07:26:56 R--A- . (...) -- C:\WINDOWS\SET3.tmp [1233746]
O44 - LFC:[MD5.4FF246BD83D90840ED65C2FBBB8F06B2] - 9/6/2014 - 07:26:57 R--A- . (...) -- C:\WINDOWS\SET4.tmp [1088840]
O44 - LFC:[MD5.1C71E6C3739DC91441DD64DFD21F6F6B] - 9/6/2014 - 07:27:03 R--A- . (...) -- C:\WINDOWS\SET8.tmp [16825]
O44 - LFC:[MD5.756E3FFE7E4A96DB54F977AE98D7BF9F] - 9/6/2014 - 07:27:16 ----- . (...) -- C:\WINDOWS\system32\CONFIG.TMP [2969]
O44 - LFC:[MD5.5312FE00B4EBE013C57A7A3089E2275C] - 9/6/2014 - 07:27:16 ---A- . (...) -- C:\WINDOWS\system32\AUTOEXEC.NT [515]
O44 - LFC:[MD5.6CB26848BCDAA361B6EE21264FB362C3] - 9/6/2014 - 07:27:19 ---A- . (...) -- C:\WINDOWS\system32\c_20127.nls [66082]
O44 - LFC:[MD5.6F8A509550FE8C92D07EE0143BF29BA1] - 9/6/2014 - 07:27:21 ---A- . (...) -- C:\WINDOWS\system32\c_10010.nls [66082]
O44 - LFC:[MD5.D2CA471D36A69D17F82D5C1B64FAEE39] - 9/6/2014 - 07:27:21 ---A- . (...) -- C:\WINDOWS\system32\c_10029.nls [66082]
O44 - LFC:[MD5.9CA501D2A8E6909C5B2E8C9274682BF1] - 9/6/2014 - 07:27:21 ---A- . (...) -- C:\WINDOWS\system32\c_10082.nls [66082]
O44 - LFC:[MD5.21E928C8E6ED8EEAB0D1AAEE82ACDD76] - 9/6/2014 - 07:27:21 ---A- . (...) -- C:\WINDOWS\system32\c_852.nls [66594]
O44 - LFC:[MD5.5D038EEABA8EA438F6B5ABD5E91BC851] - 9/6/2014 - 07:27:23 ---A- . (...) -- C:\WINDOWS\system32\C_28594.NLS [66082]
O44 - LFC:[MD5.3E969213F35127D83DAB48FF1283E8E4] - 9/6/2014 - 07:27:23 ---A- . (...) -- C:\WINDOWS\system32\c_855.nls [66594]
O44 - LFC:[MD5.5CD475CA7B87844DE1E0483B536F9AAE] - 9/6/2014 - 07:27:23 ---A- . (...) -- C:\WINDOWS\system32\c_866.nls [66594]
O44 - LFC:[MD5.B537ACFAB9E70F0EF48DB696A08ADC81] - 9/6/2014 - 07:27:24 ---A- . (...) -- C:\WINDOWS\system32\C_28597.NLS [66082]
O44 - LFC:[MD5.0A206B5CACD3CA70D2044DA691304765] - 9/6/2014 - 07:27:24 ---A- . (...) -- C:\WINDOWS\system32\c_10006.nls [66082]
O44 - LFC:[MD5.BAC7072B365F9648CA318154BA7E03EC] - 9/6/2014 - 07:27:24 ---A- . (...) -- C:\WINDOWS\system32\c_737.nls [66594]
O44 - LFC:[MD5.780C444EB16B65E6DE96F794A732DA12] - 9/6/2014 - 07:27:24 ---A- . (...) -- C:\WINDOWS\system32\c_869.nls [66594]
O44 - LFC:[MD5.8BE0D77A873730B4EB1DAB7C6622CD46] - 9/6/2014 - 07:27:24 ---A- . (...) -- C:\WINDOWS\system32\c_875.nls [66082]
O44 - LFC:[MD5.E22D1B9AC7854C0A654E4C4232074E49] - 9/6/2014 - 07:27:26 ---A- . (...) -- C:\WINDOWS\system32\C_28595.NLS [66082]
O44 - LFC:[MD5.AF4A866226BD04ACF06135088D75BB63] - 9/6/2014 - 07:27:26 ---A- . (...) -- C:\WINDOWS\system32\c_10007.nls [66082]
O44 - LFC:[MD5.314E85390BEBDAE5D1E11DB2D8CBC6E9] - 9/6/2014 - 07:27:26 ---A- . (...) -- C:\WINDOWS\system32\c_10017.nls [66082]
O44 - LFC:[MD5.EFFDFF60A38CF648811BBCDD722ECF5E] - 9/6/2014 - 07:27:28 ---A- . (...) -- C:\WINDOWS\system32\c_10081.nls [66082]
O44 - LFC:[MD5.C37A21EE1ADFDC13FC707D97073148ED] - 9/6/2014 - 07:27:28 ---A- . (...) -- C:\WINDOWS\system32\c_28599.nls [66082]
O44 - LFC:[MD5.A8764750B22B528D85A691A52CB21856] - 9/6/2014 - 07:27:28 ---A- . (...) -- C:\WINDOWS\system32\c_857.nls [66594]
O44 - LFC:[MD5.A0E02492452D4E237465D99D005D91FD] - 9/6/2014 - 07:27:31 ---A- . (...) -- C:\WINDOWS\system.ini [231]
O44 - LFC:[MD5.35448F3A71EBBECF8E997FAD3A99327D] - 9/6/2014 - 07:27:31 ---A- . (...) -- C:\WINDOWS\system32\c_28603.nls [66082]
O44 - LFC:[MD5.C8A7CC72469941CE5D17CD9CABCB6C0A] - 9/6/2014 - 07:31:19 ---A- . (...) -- C:\WINDOWS\system32\pid.PNF [4444]
O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 9/6/2014 - 07:32:43 ---A- . (...) -- C:\WINDOWS\system32\h323log.txt [0]
O44 - LFC:[MD5.10D344BCEC483F21ED47095CDB019E9C] - 9/6/2014 - 10:33:55 ---A- . (...) -- C:\WINDOWS\system32\wmimgmt.msc [63488]
O44 - LFC:[MD5.CDD932EDCB756FB5F7CE5E2F090BA838] - 9/6/2014 - 10:34:00 ---A- . (...) -- C:\WINDOWS\system32\msdtcprf.h [768]
O44 - LFC:[MD5.485FA3E9779BB443B21D783D3A3F4A6F] - 9/6/2014 - 10:34:00 ---A- . (...) -- C:\WINDOWS\system32\msdtcprf.ini [3828]
O44 - LFC:[MD5.4A547D74B435E78418BE06406250C1D3] - 9/6/2014 - 10:34:02 ---A- . (...) -- C:\WINDOWS\system32\tslabels.h [3286]
O44 - LFC:[MD5.33FA18A1E3941B727CC6A3A40818F890] - 9/6/2014 - 10:34:02 ---A- . (...) -- C:\WINDOWS\system32\tslabels.ini [26931]
O44 - LFC:[MD5.B6857A23806A85E16E9B9EFAFA2DA1AC] - 9/6/2014 - 10:34:02 ---A- . (...) -- C:\WINDOWS\system32\usrlogon.cmd [1221]
O44 - LFC:[MD5.405E1EF8E3C88E9BCD2853382BB12430] - 9/6/2014 - 10:34:04 ---A- . (...) -- C:\WINDOWS\system32\bopomofo.uce [22984]
O44 - LFC:[MD5.4FDED87068052EEB9B72A97FDBC141DB] - 9/6/2014 - 10:34:04 ---A- . (...) -- C:\WINDOWS\system32\gb2312.uce [24006]
O44 - LFC:[MD5.038F6AD6CEE43585D814CDBC7CDFD3EC] - 9/6/2014 - 10:34:04 ---A- . (...) -- C:\WINDOWS\system32\ideograf.uce [60458]
O44 - LFC:[MD5.7C0C25F4BA1084C4ABBEEA2C74194C5F] - 9/6/2014 - 10:34:04 ---A- . (...) -- C:\WINDOWS\system32\kanji_1.uce [6948]
O44 - LFC:[MD5.529BBD63519BBD654EF328454019693F] - 9/6/2014 - 10:34:04 ---A- . (...) -- C:\WINDOWS\system32\kanji_2.uce [8484]
O44 - LFC:[MD5.7A7A04370A6030B9B0E8178DAD4A6E41] - 9/6/2014 - 10:34:04 ---A- . (...) -- C:\WINDOWS\system32\korean.uce [12876]
O44 - LFC:[MD5.8CA32E9D986FA76F60EFBCFCD9D80A58] - 9/6/2014 - 10:34:04 ---A- . (...) -- C:\WINDOWS\system32\shiftjis.uce [16740]
O44 - LFC:[MD5.30F5568679A54042F99CA9EC1102EBCD] - 9/6/2014 - 10:34:04 ---A- . (...) -- C:\WINDOWS\system32\subrange.uce [93702]
O44 - LFC:[MD5.1AC5E83598D4F2143B59A2D893C3279A] - 9/6/2014 - 10:34:05 ---A- . (...) -- C:\WINDOWS\Areia.bmp [26582]
O44 - LFC:[MD5.39F43DBCE366B2561DF073B4C0839299] - 9/6/2014 - 10:34:05 ---A- . (...) -- C:\WINDOWS\Bolhas de sabão.bmp [65978]
O44 - LFC:[MD5.280920B6773C74C3649A934257112BE1] - 9/6/2014 - 10:34:05 ---A- . (...) -- C:\WINDOWS\Bruma.bmp [65954]
O44 - LFC:[MD5.73D70ED3EC3BBFD8FD35DF431C38F374] - 9/6/2014 - 10:34:05 ---A- . (...) -- C:\WINDOWS\Cafezinho.bmp [17062]
O44 - LFC:[MD5.203EF178BF8B0A8EC34E27E4DEDB6349] - 9/6/2014 - 10:34:05 ---A- . (...) -- C:\WINDOWS\Pescaria.bmp [17336]
O44 - LFC:[MD5.DAC71A10A6A71CB6E3F427AE3283734B] - 9/6/2014 - 10:34:05 ---A- . (...) -- C:\WINDOWS\Renda azul 16.bmp [1272]
O44 - LFC:[MD5.927A66BD587E31CB12D3AB25381658DC] - 9/6/2014 - 10:34:05 ---A- . (...) -- C:\WINDOWS\Rododentro.bmp [17362]
O44 - LFC:[MD5.3A8B85AB7B415BF3F8AFE285DFE0CE29] - 9/6/2014 - 10:34:05 ---A- . (...) -- C:\WINDOWS\Seda.bmp [16730]
O44 - LFC:[MD5.EB3BFC14E41FBAA41B4FD4489AA82D39] - 9/6/2014 - 10:34:06 ---A- . (...) -- C:\WINDOWS\Deserto.bmp [65832]
O44 - LFC:[MD5.5B4AC407E566076BB726BA91E067D313] - 9/6/2014 - 10:34:06 ---A- . (...) -- C:\WINDOWS\Leques.bmp [26680]
O44 - LFC:[MD5.5290EA6951F4724259F423B12C8E1393] - 9/6/2014 - 10:34:06 ---A- . (...) -- C:\WINDOWS\Tapete.bmp [9522]
O44 - LFC:[MD5.487403459F0B2F1A3ADEEF02496BD80E] - 9/6/2014 - 10:34:42 ---A- . (...) -- C:\WINDOWS\vb.ini [36]
O44 - LFC:[MD5.6C2F0BA210C2B53EF07653ABAC6C2490] - 9/6/2014 - 10:34:42 ---A- . (...) -- C:\WINDOWS\vbaddin.ini [37]
O44 - LFC:[MD5.31B889C43D0BA87C5993DEF7EECC5E46] - 9/6/2014 - 10:34:52 ---A- . (...) -- C:\WINDOWS\system32\emptyregdb.dat [21844]
O44 - LFC:[MD5.81051BCC2CF1BEDF378224B0A93E2877] - 9/6/2014 - 10:36:24 ---A- . (...) -- C:\WINDOWS\desktop.ini [2]
O44 - LFC:[MD5.81051BCC2CF1BEDF378224B0A93E2877] - 9/6/2014 - 10:36:24 ---A- . (...) -- C:\WINDOWS\system32\desktop.ini [2]
O44 - LFC:[MD5.2F3CDC1D898FD25B2547F5BFEB01FD0D] - 9/6/2014 - 10:36:24 -SH-- . (...) -- C:\WINDOWS\winnt.bmp [48680]
O44 - LFC:[MD5.2F3CDC1D898FD25B2547F5BFEB01FD0D] - 9/6/2014 - 10:36:24 -SH-- . (...) -- C:\WINDOWS\winnt256.bmp [48680]
O44 - LFC:[MD5.5D76C3FB736514E1D7C88791E7322784] - 9/6/2014 - 10:37:00 R-HA- . (...) -- C:\WINDOWS\system32\WindowsLogon.manifest [488]
O44 - LFC:[MD5.5D76C3FB736514E1D7C88791E7322784] - 9/6/2014 - 10:37:00 R-HA- . (...) -- C:\WINDOWS\system32\logonui.exe.manifest [488]
O44 - LFC:[MD5.2B9C717D21A1331BA3731886E3EE87BB] - 9/6/2014 - 10:37:43 ---A- . (...) -- C:\WINDOWS\ODBCINST.INI [4205]
O44 - LFC:[MD5.6D6F4B1886E91EB37ABCCAD19C561EE0] - 9/6/2014 - 10:37:52 ---A- . (...) -- C:\WINDOWS\system32\amcompat.tlb [16832]
O44 - LFC:[MD5.A32B14BE5EDAE794FCE1A9E970827509] - 9/6/2014 - 10:37:52 ---A- . (...) -- C:\WINDOWS\system32\nscompat.tlb [23392]
O44 - LFC:[MD5.DC17DD0189B0C36D863B4DD0A036C10F] - 9/6/2014 - 10:37:53 ---A- . (...) -- C:\WINDOWS\WMSysPr9.prx [316640]
O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 9/6/2014 - 10:37:55 ---A- . (...) -- C:\AUTOEXEC.BAT [0]
O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 9/6/2014 - 10:37:55 ---A- . (...) -- C:\CONFIG.SYS [0]
O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 9/6/2014 - 10:37:55 ---A- . (...) -- C:\WINDOWS\control.ini [0]
O44 - LFC:[MD5.8715347D6B7B2E3A7CFE5ADF2D510CE3] - 9/6/2014 - 10:37:55 ---A- . (...) -- C:\WINDOWS\win.ini [477]
O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 9/6/2014 - 10:37:55 RSHA- . (...) -- C:\IO.SYS [0]
O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 9/6/2014 - 10:37:55 RSHA- . (...) -- C:\MSDOS.SYS [0]
O44 - LFC:[MD5.D77BBE394E419A31AD8AF29B36D6F735] - 9/6/2014 - 10:39:52 ---A- . (...) -- C:\WINDOWS\system32\$winnt$.inf [261]
O44 - LFC:[MD5.FA81439F83192564A78236CC8A6EE1A9] - 9/6/2014 - 10:40:42 ---A- . (...) -- C:\WINDOWS\REGLOCS.OLD [8192]
O44 - LFC:[MD5.DE4C5379216ACE6197B77D0D6C6C8D8A] - 9/6/2014 - 10:50:51 R--A- . (...) -- C:\WINDOWS\system32\igxpxa32.cpa [524850]
O44 - LFC:[MD5.54EABEC05A84181FCEDD7F974850116C] - 9/6/2014 - 10:50:52 R--A- . (...) -- C:\WINDOWS\system32\igxpxa32.vp [929]
O44 - LFC:[MD5.765CB03717D62E6F7C9F0D42D6420BE3] - 9/6/2014 - 10:50:52 R--A- . (...) -- C:\WINDOWS\system32\igxpxk32.vp [58704]
O44 - LFC:[MD5.595CDDE1D6399305403F7BA3231779CF] - 9/6/2014 - 10:50:52 R--A- . (...) -- C:\WINDOWS\system32\igxpxs32.vp [25920]
O44 - LFC:[MD5.43C3571EADA5BC1EDEAD7CA22AD66F30] - 9/6/2014 - 10:53:43 R---- . (...) -- C:\WINDOWS\system32\ChCfg.exe [49152]
O44 - LFC:[MD5.6D0634CEBBFF7F428DD816706F5AA1FB] - 9/6/2014 - 10:54:42 ---A- . (...) -- C:\WINDOWS\system32\BuzzingBee.wav [146650]
O44 - LFC:[MD5.E2FA75ADE398C9A44815B11CC141105C] - 9/6/2014 - 10:54:42 ---A- . (...) -- C:\WINDOWS\system32\LoopyMusic.wav [940794]
O44 - LFC:[MD5.ACA0EA9BCE034D91E661ABF3356719E3] - 9/6/2014 - 11:17:54 ---A- . (...) -- C:\WINDOWS\ODBC.INI [421]
O44 - LFC:[MD5.45FC4C72E78BC7ED0240B05A2BEF4F66] - 9/6/2014 - 11:53:31 ---A- . (...) -- C:\WINDOWS\system32\TZLog.log [6716]
O44 - LFC:[MD5.5A5CFF37F1BD0F86B9BDAAD7A9445882] - 9/6/2014 - 19:46:49 R-HA- . (...) -- C:\WINDOWS\system32\ncpa.cpl.manifest [749]
O44 - LFC:[MD5.5A5CFF37F1BD0F86B9BDAAD7A9445882] - 9/6/2014 - 19:46:49 R-HA- . (...) -- C:\WINDOWS\system32\nwc.cpl.manifest [749]
O44 - LFC:[MD5.5A5CFF37F1BD0F86B9BDAAD7A9445882] - 9/6/2014 - 19:46:49 R-HA- . (...) -- C:\WINDOWS\system32\sapi.cpl.manifest [749]
O44 - LFC:[MD5.5A5CFF37F1BD0F86B9BDAAD7A9445882] - 9/6/2014 - 19:46:49 R-HA- . (...) -- C:\WINDOWS\system32\wuaucpl.cpl.manifest [749]
O44 - LFC:[MD5.5A5CFF37F1BD0F86B9BDAAD7A9445882] - 9/6/2014 - 19:46:50 R-HA- . (...) -- C:\WINDOWS\WindowsShell.Manifest [749]
O44 - LFC:[MD5.5A5CFF37F1BD0F86B9BDAAD7A9445882] - 9/6/2014 - 19:46:50 R-HA- . (...) -- C:\WINDOWS\system32\cdplayer.exe.manifest [749]
~ Files: 420 Legitimates Filtered in 00mn 33s
---\\ Operações e funções ao arranque do Windows Explorer (046)
O46 - SEH:ShellExecuteHooks - URL Exec Hook - {AEB6717E-7E19-11d0-97EE-00C04FD91972} - shell32.dll
~ ShellExecuteHooks: Scanned in 00mn 00s
---\\ Image File Execution Options (IFEO) (O50)
O50 - IFEO:Image File Execution Options - Your Image File Name Here without a path - ntsd -d
~ IFEO: Scanned in 00mn 00s
---\\ Lista dos drivers do sistema (SDL) (O58)
O58 - SDL:14/4/2008 - 09:00:00 ---A- . (.RAVISENT Technologies Inc. - CineMaster C 1.2 WDM Main Driver.) -- C:\WINDOWS\system32\Drivers\cinemst2.sys [262528]
O58 - SDL:14/4/2008 - 09:00:00 ---A- . (.Windows (R) Server 2003 DDK provider - High Definition Audio Bus Driver v1.0a.) -- C:\WINDOWS\system32\Drivers\hdaudbus.sys [144384]
O58 - SDL:14/4/2008 - 09:00:00 ---A- . (.Parallel Technologies, Inc. - Parallel Technologies DirectParallel IO Library.) -- C:\WINDOWS\system32\Drivers\ptilink.sys [17792]
O58 - SDL:16/5/2014 - 09:07:14 ---A- . (.Avira GmbH - AVIRA SnapShot Driver.) -- C:\WINDOWS\system32\Drivers\ssmdrv.sys [28520]
O58 - SDL:14/4/2008 - 09:00:00 ---A- . (.RAVISENT Technologies Inc. - CineMaster C WDM DVD Minidriver.) -- C:\WINDOWS\system32\Drivers\vdmindvd.sys [58112]
O58 - SDL:14/4/2008 - 09:00:00 ---A- . (...) -- C:\WINDOWS\system32\ansi.sys [9032]
O58 - SDL:14/4/2008 - 09:00:00 ---A- . (...) -- C:\WINDOWS\system32\country.sys [27097]
O58 - SDL:14/4/2008 - 09:00:00 ---A- . (...) -- C:\WINDOWS\system32\himem.sys [4896]
O58 - SDL:14/4/2008 - 09:00:00 ---A- . (...) -- C:\WINDOWS\system32\key01.sys [42809]
O58 - SDL:14/4/2008 - 09:00:00 ---A- . (...) -- C:\WINDOWS\system32\keyboard.sys [42537]
O58 - SDL:14/4/2008 - 09:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntdos.sys [27900]
O58 - SDL:14/4/2008 - 09:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntdos404.sys [29146]
O58 - SDL:14/4/2008 - 09:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntdos411.sys [29370]
O58 - SDL:14/4/2008 - 09:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntdos412.sys [29274]
O58 - SDL:14/4/2008 - 09:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntdos804.sys [29146]
O58 - SDL:14/4/2008 - 09:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntio.sys [33984]
O58 - SDL:14/4/2008 - 09:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntio404.sys [34560]
O58 - SDL:14/4/2008 - 09:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntio411.sys [35648]
O58 - SDL:14/4/2008 - 09:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntio412.sys [35424]
O58 - SDL:14/4/2008 - 09:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntio804.sys [34560]
~ Drivers: 35 Legitimates Filtered in 00mn 00s
---\\ Lista das ferramentas de remoção de vírus (LAT) (063)
O63 - Logiciel: ZHPDiag 2014 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =>.Nicolas Coolman
~ ADS: Scanned in 00mn 00s
---\\ Associações Shell Spawning (O67)
O67 - Shell Spawning: <.html>[HKCU\..\open\Command] (.Not Key.)
~ FASS Keys: 10 Legitimates Filtered in 00mn 00s
---\\ Menu de inicialização Internet (068)
O68 - StartMenuInternet: <>[HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Arquivos de programas\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Arquivos de programas\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Arquivos de programas\Internet Explorer\iexplore.exe
~ Keys: Scanned in 00mn 00s
---\\ Pesquisa de infeção nos navegadores da Internet (SBI) (069)
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} [DefaultScope] - (Bing) - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
~ Keys: Scanned in 00mn 00s
---\\ Pesquisa adicional à raiz do sistema (radicular) (SPRF) (O84)
[MD5.4409BBCDDC28F0AF3A4940B926E2BDC9] [SPRF][9/6/2014] (...) -- C:\Arquivos de programas\arrastar.reg [593]
~ Files: 1 Legitimates Filtered in 00mn 00s
---\\ Estado general dos serviços não Microsoft (EGS) (SR=Executados, SS=Parados)
SS - | Demand 9/6/2014 257712 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
SS - | Disabled 16/5/2014 1039440 | (AntiVirWebService) . (.Avira Operations GmbH & Co. KG.) - C:\Arquivos de programas\Avira\AntiVir Desktop\AVWEBGRD.exe
SS - | Demand 14/4/2008 225280 | (dmadmin) . (.Microsoft Corp., Veritas Software.) - C:\WINDOWS\system32\dmadmin.exe
SS - | Auto 9/6/2014 116648 | (gupdate) . (.Google Inc..) - C:\Arquivos de programas\Google\Update\GoogleUpdate.exe
SS - | Demand 9/6/2014 116648 | (gupdatem) . (.Google Inc..) - C:\Arquivos de programas\Google\Update\GoogleUpdate.exe
SR - | Auto 16/5/2014 430160 | (AntiVirSchedulerService) . (.Avira Operations GmbH & Co. KG.) - C:\Arquivos de programas\Avira\AntiVir Desktop\sched.exe
SR - | Auto 16/5/2014 430160 | (AntiVirService) . (.Avira Operations GmbH & Co. KG.) - C:\Arquivos de programas\Avira\AntiVir Desktop\avguard.exe
SR - | Auto 9/6/2014 182696 | (JavaQuickStarterService) . (.Oracle Corporation.) - C:\Arquivos de programas\Java\jre7\bin\jqs.exe
~ Services: Scanned in 00mn 07s
---\\ Scâner Aditional (088)
Database Version : 13026 - (9/6/2014)
Clés trouvées (Keys found) : 1
Valeurs trouvées (Values found) : 0
Dossiers trouvés (Folders found) : 0
Fichiers trouvés (Files found) : 1
[HKCU\Software\Softonic] =>Toolbar.Conduit
[HKLM\Software\Conduit] =>Toolbar.Conduit^
~ Additionnel Scan: 118014 Items scanned in 00mn 17s
---\\ Informações complémentaires do módulos
~ [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>.Internet Explorer, Proxy Management (R5)
~ [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>.Image File Execution Options (O50)
~ AMI: 2 Legitimates Filtered in 00mn 00s
---\\ Sumário das deteções encontradas na sua estação
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>Toolbar.Conduit
~ MSI: 1 link(s) detected in 00mn 00s
~ 926 Legitimates filtered by white list
End of the scan (468 lines in 01mn 10s)(0)
~ Relatório do ZHPDiag v2014.6.9.87 - Nicolas Coolman (9/6/2014)
~ Iniciado por Mau Leite (9/6/2014 20:31:40)
~ Endereço do Website : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
~ Tradução pelo utilizador
~ Estatuto da versão : Versão atualizada.
~ Lista Branca : Ativado pelo programa
~ Elevação dos Privilégios : OK
~ Controle de Conta de Utilizador : Not Found
---\\ Navegadores Internet
MSIE: Internet Explorer v8.0.6001.18702
GCIE: Google Chrome v35.0.1916.114 (Defaut)
---\\ Informações sobre os produtos Windows
~ Langage: Portugais
Microsoft Windows XP, 32-bit Service Pack 3 (Build 2600)
Windows Automatic Updates : OK
Windows Genuine Advantage : KO
---\\ Softwares de proteçao do sistema
Avira Free Antivirus v14.0.4.642
---\\ Softwares d'optimização do sistema
CCleaner v4.14
---\\ Softwares de partilha do PeerToPeer (P2P)
---\\ Monitoramento dos softwares
Adobe Flash Player 13 Plugin
Java 7 Update 60
---\\ Informações sobre o sistema
~ Processor: x86 Family 6 Model 15 Stepping 13, GenuineIntel
~ Operating System: 32 Bits
Boot mode: Normal (Normal boot)
Total RAM: 2039 MB (72% free)
System Restore: Activé (Enable)
System drive C: has 142 GB (95%) free of 149 GB
---\\ Modo de conexão ao sistema
~ Computer Name: MAU-A792268E606
~ User Name: Mau Leite
~ All Users Names: SUPPORT_388945a0, Mau Leite, HelpAssistant, Convidado, Administrador,
~ Unselected Option: 045,061,O62,065,066,080,O82,089
Logged in as Administrator
---\\ As variáveis de ambiente
~ System Unit : C:\
~ %AppZHP% : C:\Documents and Settings\Mau Leite\Dados de aplicativos\ZHP\
~ %AppData% : C:\Documents and Settings\Mau Leite\Dados de aplicativos\
~ %Desktop% : C:\Documents and Settings\Mau Leite\Desktop\
~ %Favorites% : C:\Documents and Settings\Mau Leite\Favoritos\
~ %LocalAppData% : C:\Documents and Settings\Mau Leite\Configurações locais\Dados de aplicativos\
~ %StartMenu% : C:\Documents and Settings\Mau Leite\Menu Iniciar\
~ %Windir% : C:\WINDOWS\
~ %System% : C:\WINDOWS\system32\
---\\ Enumeração das unidades dos discos
A: Floppy drive, Flash card reader, USB Key (Not Inserted)
C: Hard drive, Flash drive, Thumb drive (Free 142 Go of 149 Go)
D: CD-ROM drive (Not Inserted)
---\\ Estado do Centro de Segurança do Windows
~ Security Center: 38 Legitimates Filtered in 00mn 00s
---\\ Pesquisa particular de ficheiros genéricos
[MD5.064EC7FF5F58B928C3E119402977FA6D] - (.Microsoft Corporation - Windows Explorer.) (.14/4/2008 - 09:00:00.) -- C:\WINDOWS\Explorer.exe [1035776]
[MD5.E2FFA50357056ADE4FCDB5FD09F9D2FF] - (.Microsoft Corporation - Internet Extensions for Win32.) (.6/3/2014 - 14:58:35.) -- C:\WINDOWS\system32\wininet.dll [920064]
[MD5.71D440F79B711627B12B567FB2EADB42] - (.Microsoft Corporation - Aplicativo de logon do Windows NT.) (.14/4/2008 - 09:00:00.) -- C:\WINDOWS\system32\Winlogon.exe [509952]
[MD5.1E44BC1E83D8FD2305F8D452DB109CF9] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.17/8/2011 - 10:49:54.) -- C:\WINDOWS\system32\Drivers\AFD.sys [138496]
[MD5.9F3A2F5AA6875C72BF062C712CFA2674] - (.Microsoft Corporation - IDE/ATAPI Port Driver.) (.13/4/2008 - 11:40:32.) -- C:\WINDOWS\system32\Drivers\atapi.sys [96512]
[MD5.C885B02847F5D2FD45A24E219ED93B32] - (.Microsoft Corporation - CD-ROM File System Driver.) (.14/4/2008 - 09:00:00.) -- C:\WINDOWS\system32\Drivers\Cdfs.sys [63744]
[MD5.1F4260CC5B42272D71F79E570A27A4FE] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.14/4/2008 - 09:00:00.) -- C:\WINDOWS\system32\Drivers\Cdrom.sys [62976]
[MD5.A8D31E836CCF2F51009CE7DFFECF6D51] - (.Microsoft Corporation - FIPS Crypto Driver.) (.14/4/2008 - 09:00:00.) -- C:\WINDOWS\system32\Drivers\Fips.sys [44672]
[MD5.573C7D0A32852B48F3058CFD8026F511] - (.Windows (R) Server 2003 DDK provider - High Definition Audio Bus Driver v1.0a.) (.14/4/2008 - 09:00:00.) -- C:\WINDOWS\system32\Drivers\HDAudBus.sys [144384]
[MD5.485BC6BEB778B5E9702E6AA3D384C0CB] - (.Microsoft Corporation - Driver de porta i8042.) (.14/4/2008 - 09:00:00.) -- C:\WINDOWS\system32\Drivers\i8042prt.sys [53504]
[MD5.083A052659F5310DD8B6A6CB05EDCF8E] - (.Microsoft Corporation - IMAPI Kernel Driver.) (.14/4/2008 - 09:00:00.) -- C:\WINDOWS\system32\Drivers\Imapi.sys [42112]
[MD5.CC748EA12C6EFFDE940EE98098BF96BB] - (.Microsoft Corporation - IP Network Address Translator.) (.14/4/2008 - 09:00:00.) -- C:\WINDOWS\system32\Drivers\IpNat.sys [152832]
[MD5.23C74D75E36E7158768DD63D92789A91] - (.Microsoft Corporation - IPSec Driver.) (.14/4/2008 - 09:00:00.) -- C:\WINDOWS\system32\Drivers\IPSec.sys [75264]
[MD5.7D304A5EB4344EBEEAB53A2FE3FFB9F0] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.15/7/2011 - 10:29:31.) -- C:\WINDOWS\system32\Drivers\MRxSmb.sys [456320]
[MD5.74B2B2F5BEA5E9A3DC021D685551BD3D] - (.Microsoft Corporation - MBT Transport driver.) (.14/4/2008 - 09:00:00.) -- C:\WINDOWS\system32\Drivers\netBT.sys [162816]
[MD5.78A08DD6A8D65E697C18E1DB01C5CDCA] - (.Microsoft Corporation - NT File System Driver.) (.14/4/2008 - 09:00:00.) -- C:\WINDOWS\system32\Drivers\ntfs.sys [574976]
[MD5.9BADEE6B698BF1AF36E25A1A64A89EAB] - (.Microsoft Corporation - Driver de porta paralela.) (.14/4/2008 - 09:00:00.) -- C:\WINDOWS\system32\Drivers\Parport.sys [80384]
[MD5.11B4A627BC9614B885C4969BFA5FF8A6] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.14/4/2008 - 09:00:00.) -- C:\WINDOWS\system32\Drivers\Rasl2tp.sys [51328]
[MD5.15CABD0F7C00C47C70124907916AF3F1] - (.Microsoft Corporation - Microsoft RDP Device redirector.) (.13/4/2008 - 11:32:52.) -- C:\WINDOWS\system32\Drivers\rdpdr.sys [196224]
[MD5.68D749B04BFBBD4D4D15CC5185AFA4DD] - (.Microsoft Corporation - Redbook Audio Filter Driver.) (.13/4/2008 - 15:53:18.) -- C:\WINDOWS\system32\Drivers\redbook.sys [58240]
[MD5.EB6B1E2C984D84470FF4FE7EF98CD44A] - (.Microsoft Corporation - Driver de cópia de sombra de volume.) (.14/4/2008 - 09:00:00.) -- C:\WINDOWS\system32\Drivers\volsnap.sys [53248]
~ Generic Processes: Scanned in 00mn 00s
---\\ Estatuto dos ficheiros ocultos (Oculto/Total)
~ Mes images (My Pictures) : 1/2
~ Mes musiques (My Musics) : 1/2
~ Mes Videos (My Videos) : 0/0
~ Mes Favoris (My Favorites) : 1/11
~ Mes Documents (My Documents) : 1/7
~ Mon Bureau (My Desktop) : 0/5
~ Menu demarrer (Programs) : 1/21
~ Hidden Files: Scanned in 00mn 00s
---\\ Processos lançados
[MD5.0BF3BE441B226D018767C28F92830D34] - (.Avira Operations GmbH & Co. KG - Antivirus Host Framework Service.) -- C:\Arquivos de programas\Avira\AntiVir Desktop\sched.exe [430160] [PID.1556]
[MD5.D5A444B63637EC0932172C6719A10252] - (.Google Inc. - Google Crash Handler.) -- C:\Arquivos de programas\Google\Update\1.3.24.7\GoogleCrashHandler.exe [263048] [PID.1840]
[MD5.58D794455A6CEA851D13274224E42730] - (.Intel Corporation - igfxTray Module.) -- C:\WINDOWS\system32\igfxtray.exe [98304] [PID.1968]
[MD5.E822BA2DB5811E6C8491E24C710D3455] - (.Intel Corporation - hkcmd Module.) -- C:\WINDOWS\system32\hkcmd.exe [77824] [PID.1976]
[MD5.2738657127E7C3D08399D3943D0C5C0E] - (.Intel Corporation - persistence Module.) -- C:\WINDOWS\system32\igfxpers.exe [118784] [PID.1984]
[MD5.EABE00B18DCBEAB7D5B3823FD371F008] - (.Realtek Semiconductor Corp. - Realtek HD Audio Control Panel.) -- C:\WINDOWS\RTHDCPL.exe [16270848] [PID.2044]
[MD5.5374D3363F5B87CF03125F5FB584C8CE] - (.Avira Operations GmbH & Co. KG - Avira system tray application.) -- C:\Arquivos de programas\Avira\AntiVir Desktop\avgnt.exe [737872] [PID.172]
[MD5.EDAD4A8A1D46AFCF9E76B996D55116EB] - (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Arquivos de programas\Arquivos comuns\Java\Java Update\jusched.exe [256896] [PID.152]
[MD5.FB73EA22CA1F42C44D6A20BACAA871B5] - (.LightSurf Technologies, Inc. - IconMgr.) -- C:\Arquivos de programas\LightSurf\Common\IconMgr.exe [98304] [PID.252]
[MD5.25FAFF96E0F6E598D7D333BBF702465B] - (.LightSurf Technologies, Inc. - TICIcon.exe.) -- C:\Arquivos de programas\LightSurf\Color Indicator\TICIcon.exe [270336] [PID.264]
[MD5.0BF3BE441B226D018767C28F92830D34] - (.Avira Operations GmbH & Co. KG - Antivirus Host Framework Service.) -- C:\Arquivos de programas\Avira\AntiVir Desktop\avguard.exe [430160] [PID.492]
[MD5.E87885A59FDC241B6575943A75E495D9] - (.Oracle Corporation - Java Quick Starter Service.) -- C:\Arquivos de programas\Java\jre7\bin\jqs.exe [182696] [PID.832]
[MD5.E349ED8E6F380C23BBFDB3E813FF8E6C] - (.Avira Operations GmbH & Co. KG - AntiVir shadow copy service.) -- C:\Arquivos de programas\Avira\AntiVir Desktop\avshadow.exe [425552] [PID.1492]
[MD5.1620FE36666F4BBC2314B7F360FB1965] - (.Google Inc. - Google Chrome.) -- C:\Arquivos de programas\Google\Chrome\Application\chrome.exe [860488] [PID.3280]
[MD5.F5546A846F16DB4578DF72F30AACB1FC] - (.Nicolas Coolman - ZHPDiag.) -- C:\Arquivos de programas\ZHPDiag\ZHPDiag.exe [8066560] [PID.752]
~ Processes Running: Scanned in 00mn 00s
---\\ Internet Explorer, Gestão do Proxy (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s
---\\ Análise das linhas F0, F1, F2, F3 - Ficheiros ini, Carregamento Automático de programas
F2 - REG:system.ini: USERINIT=C:\WINDOWS\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\WINDOWS\explorer.exe
F2 - REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL "sysdm.cpl"
~ Keys: Scanned in 00mn 00s
---\\ Redireção do ficheiro Hosts (01)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File: Scanned in 00mn 00s
~ Nombre de lignes (Lines number): 19
---\\ Barras do Internet Explorer (03))
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{01E04581-4EEE-11D0-BFE9-00AA005B4383} Chave orfã
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{0E5CBF21-D15F-11D0-8301-00AA005B4383} Chave orfã
~ Toolbar: Scanned in 00mn 00s
---\\ Aplicações iniciadas por registo & pastas (04)
O4 - HKLM\..\Run: [igfxtray] . (.Intel Corporation - igfxTray Module.) -- C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] . (.Intel Corporation - hkcmd Module.) -- C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] . (.Intel Corporation - persistence Module.) -- C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [RTHDCPL] . (.Realtek Semiconductor Corp. - Realtek HD Audio Control Panel.) -- C:\WINDOWS\RTHDCPL.exe =>.Realtek Semiconductor Corp
O4 - HKLM\..\Run: [SkyTel] . (.Realtek Semiconductor Corp. - Realtek Voice Manager.) -- C:\WINDOWS\SkyTel.exe =>.Realtek Semiconductor Corp
O4 - HKLM\..\Run: [Alcmtr] . (.Realtek Semiconductor Corp. - Realtek Azalia Audio - Event Monitor.) -- C:\WINDOWS\ALCMTR.exe
O4 - HKLM\..\Run: [avgnt] . (.Avira Operations GmbH & Co. KG - Avira system tray application.) -- C:\Arquivos de programas\Avira\AntiVir Desktop\avgnt.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] . (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Arquivos de programas\Arquivos comuns\Java\Java Update\jusched.exe =>.Oracle Corporation
O4 - HKCU\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\CTFMON.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\CTFMON.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\CTFMON.exe
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\CTFMON.exe
O4 - HKUS\S-1-5-21-117609710-1645522239-1801674531-1003\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe
~ Application: Scanned in 00mn 00s
---\\ Boutões da barra de ferramentas principal do Internet Explorer (09)
O9 - Extra button: Pesquisar - {92780B25-18CC-41C8-B9BE-3C9C571A8263} . (...) -- C:\Arquivos de programas\Microsoft Office\OFFICE11\REFBARH.ICO
O9 - Extra button: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} -- Chave orfã
O9 - Extra button: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} . (.Microsoft Corporation - Windows Messenger.) -- C:\Arquivos de programas\Messenger\msmsgs.exe
~ IE Extra Buttons: Scanned in 00mn 00s
---\\ Piratagem da Opção " Redefinir Configurações da Web " (014)
O14 - IERESET.INF: SEARCH_PAGE_URL=SEARCH_PAGE_URL="&http://home.microsoft.com/intl/br/access/allinone.asp"
O14 - IERESET.INF: SAFESITE_VALUE=SAFESITE_VALUE="search.msn.com.br"
~ IE Paramètres WEB: Scanned in 00mn 00s
---\\ Alteração Dominio/Clientes DNS (017)
O17 - HKLM\System\CCS\Services\Tcpip\..\{ACF92D88-2C46-48F7-AB3A-9378E381B6CC}: DhcpNameServer = 200.204.0.10 200.204.0.138 192.168.0.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{ACF92D88-2C46-48F7-AB3A-9378E381B6CC}: DhcpNameServer = 200.204.0.10 200.204.0.138 192.168.0.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{ACF92D88-2C46-48F7-AB3A-9378E381B6CC}: DhcpNameServer = 200.204.0.10 200.204.0.138 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 200.204.0.10 200.204.0.138 192.168.0.1
~ Domain: Scanned in 00mn 00s
---\\ Protocolo adicional (018)
O18 - Handler: wia - {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} . (.Microsoft Corporation - WIA Scripting Layer.) -- C:\WINDOWS\system32\wiascr.dll
O18 - Filter: text/xml - {807553E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\OFFICE11\MSOXMLMF.dll =>.Microsoft Corporation
~ Protocole Additionnel: Scanned in 00mn 00s
---\\ Valor do Registo AppInit_DLLs e sub-chaves Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: crypt32chain . (.Microsoft Corporation - Crypto API32.) -- C:\WINDOWS\system32\crypt32.dll
O20 - Winlogon Notify: cryptnet . (.Microsoft Corporation - Crypto Network Related API.) -- C:\WINDOWS\system32\cryptnet.dll
O20 - Winlogon Notify: cscdll . (.Microsoft Corporation - Agente de rede off-line.) -- C:\WINDOWS\system32\cscdll.dll
O20 - Winlogon Notify: dimsntfy . (.Microsoft Corporation - DIMS Notification Handler.) -- C:\WINDOWS\system32\dimsntfy.dll
O20 - Winlogon Notify: igfxcui . (.Intel Corporation - igfxdev Module.) -- C:\WINDOWS\system32\igfxdev.dll
O20 - Winlogon Notify: ScCertProp . (.Microsoft Corporation - DLL comum para receber notificações do Winl.) -- C:\WINDOWS\system32\wlnotify.dll
O20 - Winlogon Notify: Schedule . (.Microsoft Corporation - DLL comum para receber notificações do Winl.) -- C:\WINDOWS\system32\wlnotify.dll
O20 - Winlogon Notify: sclgntfy . (.Microsoft Corporation - DLL de notificação do serviço de logon secu.) -- C:\WINDOWS\system32\sclgntfy.dll
O20 - Winlogon Notify: SensLogn . (.Microsoft Corporation - DLL comum para receber notificações do Winl.) -- C:\WINDOWS\system32\WlNotify.dll
O20 - Winlogon Notify: termsrv . (.Microsoft Corporation - DLL comum para receber notificações do Winl.) -- C:\WINDOWS\system32\wlnotify.dll
O20 - Winlogon Notify: wlballoon . (.Microsoft Corporation - DLL comum para receber notificações do Winl.) -- C:\WINDOWS\system32\wlnotify.dll
~ Winlogon: Scanned in 00mn 00s
---\\ Chave do Registo autorun SharedTaskScheduler (STS) (O22)
O22 - SharedTaskScheduler: Pré-carregador Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} . (.Microsoft Corporation - Biblioteca da interface de usuário do naveg.) -- C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Pré-carregador Browseui - {8C7461EF-2B13-11d2-BE35-3078302C2030} . (.Microsoft Corporation - Biblioteca da interface de usuário do naveg.) -- C:\WINDOWS\system32\browseui.dll
~ STS/SSO: Scanned in 00mn 00s
---\\ Enumeração Ativa do Ambiente de trabalho & Editor MHTML (024)
O24 - Desktop Component 0: Minha página inicial atual - file:About:Home
O24 - Desktop General: BackupWallPaper - .(...) - C:\Documents and Settings\Mau Leite\Configurações locais\Dados de aplicativos\Microsoft\Wallpaper1.bmp
O24 - Desktop General: WallPaper - .(...) - C:\Documents and Settings\Mau Leite\Configurações locais\Dados de aplicativos\Microsoft\Wallpaper1.bmp
~ Desktop Component: 4 Legitimates Filtered in 00mn 00s
---\\ Software instalados (042)
O42 - Logiciel: Color Indicator - (...) [HKLM] -- True Internet Color
~ Logic: 17 Legitimates Filtered in 00mn 00s
---\\ HKCU & HKLM Software Keys
[HKCU\Software\Softonic] =>Toolbar.Conduit
[HKLM\Software\Conduit] =>Toolbar.Conduit
[HKLM\Software\LightSurf Technologies, Inc.]
~ Key Software: 93 Legitimates Filtered in 00mn 00s
---\\ Conteúdo das pastas Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 9/6/2014 - 11:07:07 - [] ----D C:\Arquivos de programas\LightSurf
O43 - CFD: 9/6/2014 - 10:36:49 - [] ----D C:\Arquivos de programas\Serviços on-line
O43 - CFD: 9/6/2014 - 10:36:16 - [] ----D C:\Arquivos de programas\Arquivos comuns\Serviços
O43 - CFD: 9/6/2014 - 12:07:02 - [] R---D C:\Documents and Settings\Mau Leite\Menu Iniciar\Programas\Acessórios
O43 - CFD: 9/6/2014 - 07:27:07 - [] R---D C:\Documents and Settings\Mau Leite\Menu Iniciar\Programas\Inicializar
~ Program Folder: 51 Legitimates Filtered in 00mn 00s
---\\ Últimos ficheiros alterados ou criados no Windows e Sistema32 (044)
O44 - LFC:[MD5.C4410DE4A538C7D287C970286B02EC1A] - 9/6/2014 - 07:26:56 R--A- . (...) -- C:\WINDOWS\SET3.tmp [1233746]
O44 - LFC:[MD5.4FF246BD83D90840ED65C2FBBB8F06B2] - 9/6/2014 - 07:26:57 R--A- . (...) -- C:\WINDOWS\SET4.tmp [1088840]
O44 - LFC:[MD5.1C71E6C3739DC91441DD64DFD21F6F6B] - 9/6/2014 - 07:27:03 R--A- . (...) -- C:\WINDOWS\SET8.tmp [16825]
O44 - LFC:[MD5.756E3FFE7E4A96DB54F977AE98D7BF9F] - 9/6/2014 - 07:27:16 ----- . (...) -- C:\WINDOWS\system32\CONFIG.TMP [2969]
O44 - LFC:[MD5.5312FE00B4EBE013C57A7A3089E2275C] - 9/6/2014 - 07:27:16 ---A- . (...) -- C:\WINDOWS\system32\AUTOEXEC.NT [515]
O44 - LFC:[MD5.6CB26848BCDAA361B6EE21264FB362C3] - 9/6/2014 - 07:27:19 ---A- . (...) -- C:\WINDOWS\system32\c_20127.nls [66082]
O44 - LFC:[MD5.6F8A509550FE8C92D07EE0143BF29BA1] - 9/6/2014 - 07:27:21 ---A- . (...) -- C:\WINDOWS\system32\c_10010.nls [66082]
O44 - LFC:[MD5.D2CA471D36A69D17F82D5C1B64FAEE39] - 9/6/2014 - 07:27:21 ---A- . (...) -- C:\WINDOWS\system32\c_10029.nls [66082]
O44 - LFC:[MD5.9CA501D2A8E6909C5B2E8C9274682BF1] - 9/6/2014 - 07:27:21 ---A- . (...) -- C:\WINDOWS\system32\c_10082.nls [66082]
O44 - LFC:[MD5.21E928C8E6ED8EEAB0D1AAEE82ACDD76] - 9/6/2014 - 07:27:21 ---A- . (...) -- C:\WINDOWS\system32\c_852.nls [66594]
O44 - LFC:[MD5.5D038EEABA8EA438F6B5ABD5E91BC851] - 9/6/2014 - 07:27:23 ---A- . (...) -- C:\WINDOWS\system32\C_28594.NLS [66082]
O44 - LFC:[MD5.3E969213F35127D83DAB48FF1283E8E4] - 9/6/2014 - 07:27:23 ---A- . (...) -- C:\WINDOWS\system32\c_855.nls [66594]
O44 - LFC:[MD5.5CD475CA7B87844DE1E0483B536F9AAE] - 9/6/2014 - 07:27:23 ---A- . (...) -- C:\WINDOWS\system32\c_866.nls [66594]
O44 - LFC:[MD5.B537ACFAB9E70F0EF48DB696A08ADC81] - 9/6/2014 - 07:27:24 ---A- . (...) -- C:\WINDOWS\system32\C_28597.NLS [66082]
O44 - LFC:[MD5.0A206B5CACD3CA70D2044DA691304765] - 9/6/2014 - 07:27:24 ---A- . (...) -- C:\WINDOWS\system32\c_10006.nls [66082]
O44 - LFC:[MD5.BAC7072B365F9648CA318154BA7E03EC] - 9/6/2014 - 07:27:24 ---A- . (...) -- C:\WINDOWS\system32\c_737.nls [66594]
O44 - LFC:[MD5.780C444EB16B65E6DE96F794A732DA12] - 9/6/2014 - 07:27:24 ---A- . (...) -- C:\WINDOWS\system32\c_869.nls [66594]
O44 - LFC:[MD5.8BE0D77A873730B4EB1DAB7C6622CD46] - 9/6/2014 - 07:27:24 ---A- . (...) -- C:\WINDOWS\system32\c_875.nls [66082]
O44 - LFC:[MD5.E22D1B9AC7854C0A654E4C4232074E49] - 9/6/2014 - 07:27:26 ---A- . (...) -- C:\WINDOWS\system32\C_28595.NLS [66082]
O44 - LFC:[MD5.AF4A866226BD04ACF06135088D75BB63] - 9/6/2014 - 07:27:26 ---A- . (...) -- C:\WINDOWS\system32\c_10007.nls [66082]
O44 - LFC:[MD5.314E85390BEBDAE5D1E11DB2D8CBC6E9] - 9/6/2014 - 07:27:26 ---A- . (...) -- C:\WINDOWS\system32\c_10017.nls [66082]
O44 - LFC:[MD5.EFFDFF60A38CF648811BBCDD722ECF5E] - 9/6/2014 - 07:27:28 ---A- . (...) -- C:\WINDOWS\system32\c_10081.nls [66082]
O44 - LFC:[MD5.C37A21EE1ADFDC13FC707D97073148ED] - 9/6/2014 - 07:27:28 ---A- . (...) -- C:\WINDOWS\system32\c_28599.nls [66082]
O44 - LFC:[MD5.A8764750B22B528D85A691A52CB21856] - 9/6/2014 - 07:27:28 ---A- . (...) -- C:\WINDOWS\system32\c_857.nls [66594]
O44 - LFC:[MD5.A0E02492452D4E237465D99D005D91FD] - 9/6/2014 - 07:27:31 ---A- . (...) -- C:\WINDOWS\system.ini [231]
O44 - LFC:[MD5.35448F3A71EBBECF8E997FAD3A99327D] - 9/6/2014 - 07:27:31 ---A- . (...) -- C:\WINDOWS\system32\c_28603.nls [66082]
O44 - LFC:[MD5.C8A7CC72469941CE5D17CD9CABCB6C0A] - 9/6/2014 - 07:31:19 ---A- . (...) -- C:\WINDOWS\system32\pid.PNF [4444]
O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 9/6/2014 - 07:32:43 ---A- . (...) -- C:\WINDOWS\system32\h323log.txt [0]
O44 - LFC:[MD5.10D344BCEC483F21ED47095CDB019E9C] - 9/6/2014 - 10:33:55 ---A- . (...) -- C:\WINDOWS\system32\wmimgmt.msc [63488]
O44 - LFC:[MD5.CDD932EDCB756FB5F7CE5E2F090BA838] - 9/6/2014 - 10:34:00 ---A- . (...) -- C:\WINDOWS\system32\msdtcprf.h [768]
O44 - LFC:[MD5.485FA3E9779BB443B21D783D3A3F4A6F] - 9/6/2014 - 10:34:00 ---A- . (...) -- C:\WINDOWS\system32\msdtcprf.ini [3828]
O44 - LFC:[MD5.4A547D74B435E78418BE06406250C1D3] - 9/6/2014 - 10:34:02 ---A- . (...) -- C:\WINDOWS\system32\tslabels.h [3286]
O44 - LFC:[MD5.33FA18A1E3941B727CC6A3A40818F890] - 9/6/2014 - 10:34:02 ---A- . (...) -- C:\WINDOWS\system32\tslabels.ini [26931]
O44 - LFC:[MD5.B6857A23806A85E16E9B9EFAFA2DA1AC] - 9/6/2014 - 10:34:02 ---A- . (...) -- C:\WINDOWS\system32\usrlogon.cmd [1221]
O44 - LFC:[MD5.405E1EF8E3C88E9BCD2853382BB12430] - 9/6/2014 - 10:34:04 ---A- . (...) -- C:\WINDOWS\system32\bopomofo.uce [22984]
O44 - LFC:[MD5.4FDED87068052EEB9B72A97FDBC141DB] - 9/6/2014 - 10:34:04 ---A- . (...) -- C:\WINDOWS\system32\gb2312.uce [24006]
O44 - LFC:[MD5.038F6AD6CEE43585D814CDBC7CDFD3EC] - 9/6/2014 - 10:34:04 ---A- . (...) -- C:\WINDOWS\system32\ideograf.uce [60458]
O44 - LFC:[MD5.7C0C25F4BA1084C4ABBEEA2C74194C5F] - 9/6/2014 - 10:34:04 ---A- . (...) -- C:\WINDOWS\system32\kanji_1.uce [6948]
O44 - LFC:[MD5.529BBD63519BBD654EF328454019693F] - 9/6/2014 - 10:34:04 ---A- . (...) -- C:\WINDOWS\system32\kanji_2.uce [8484]
O44 - LFC:[MD5.7A7A04370A6030B9B0E8178DAD4A6E41] - 9/6/2014 - 10:34:04 ---A- . (...) -- C:\WINDOWS\system32\korean.uce [12876]
O44 - LFC:[MD5.8CA32E9D986FA76F60EFBCFCD9D80A58] - 9/6/2014 - 10:34:04 ---A- . (...) -- C:\WINDOWS\system32\shiftjis.uce [16740]
O44 - LFC:[MD5.30F5568679A54042F99CA9EC1102EBCD] - 9/6/2014 - 10:34:04 ---A- . (...) -- C:\WINDOWS\system32\subrange.uce [93702]
O44 - LFC:[MD5.1AC5E83598D4F2143B59A2D893C3279A] - 9/6/2014 - 10:34:05 ---A- . (...) -- C:\WINDOWS\Areia.bmp [26582]
O44 - LFC:[MD5.39F43DBCE366B2561DF073B4C0839299] - 9/6/2014 - 10:34:05 ---A- . (...) -- C:\WINDOWS\Bolhas de sabão.bmp [65978]
O44 - LFC:[MD5.280920B6773C74C3649A934257112BE1] - 9/6/2014 - 10:34:05 ---A- . (...) -- C:\WINDOWS\Bruma.bmp [65954]
O44 - LFC:[MD5.73D70ED3EC3BBFD8FD35DF431C38F374] - 9/6/2014 - 10:34:05 ---A- . (...) -- C:\WINDOWS\Cafezinho.bmp [17062]
O44 - LFC:[MD5.203EF178BF8B0A8EC34E27E4DEDB6349] - 9/6/2014 - 10:34:05 ---A- . (...) -- C:\WINDOWS\Pescaria.bmp [17336]
O44 - LFC:[MD5.DAC71A10A6A71CB6E3F427AE3283734B] - 9/6/2014 - 10:34:05 ---A- . (...) -- C:\WINDOWS\Renda azul 16.bmp [1272]
O44 - LFC:[MD5.927A66BD587E31CB12D3AB25381658DC] - 9/6/2014 - 10:34:05 ---A- . (...) -- C:\WINDOWS\Rododentro.bmp [17362]
O44 - LFC:[MD5.3A8B85AB7B415BF3F8AFE285DFE0CE29] - 9/6/2014 - 10:34:05 ---A- . (...) -- C:\WINDOWS\Seda.bmp [16730]
O44 - LFC:[MD5.EB3BFC14E41FBAA41B4FD4489AA82D39] - 9/6/2014 - 10:34:06 ---A- . (...) -- C:\WINDOWS\Deserto.bmp [65832]
O44 - LFC:[MD5.5B4AC407E566076BB726BA91E067D313] - 9/6/2014 - 10:34:06 ---A- . (...) -- C:\WINDOWS\Leques.bmp [26680]
O44 - LFC:[MD5.5290EA6951F4724259F423B12C8E1393] - 9/6/2014 - 10:34:06 ---A- . (...) -- C:\WINDOWS\Tapete.bmp [9522]
O44 - LFC:[MD5.487403459F0B2F1A3ADEEF02496BD80E] - 9/6/2014 - 10:34:42 ---A- . (...) -- C:\WINDOWS\vb.ini [36]
O44 - LFC:[MD5.6C2F0BA210C2B53EF07653ABAC6C2490] - 9/6/2014 - 10:34:42 ---A- . (...) -- C:\WINDOWS\vbaddin.ini [37]
O44 - LFC:[MD5.31B889C43D0BA87C5993DEF7EECC5E46] - 9/6/2014 - 10:34:52 ---A- . (...) -- C:\WINDOWS\system32\emptyregdb.dat [21844]
O44 - LFC:[MD5.81051BCC2CF1BEDF378224B0A93E2877] - 9/6/2014 - 10:36:24 ---A- . (...) -- C:\WINDOWS\desktop.ini [2]
O44 - LFC:[MD5.81051BCC2CF1BEDF378224B0A93E2877] - 9/6/2014 - 10:36:24 ---A- . (...) -- C:\WINDOWS\system32\desktop.ini [2]
O44 - LFC:[MD5.2F3CDC1D898FD25B2547F5BFEB01FD0D] - 9/6/2014 - 10:36:24 -SH-- . (...) -- C:\WINDOWS\winnt.bmp [48680]
O44 - LFC:[MD5.2F3CDC1D898FD25B2547F5BFEB01FD0D] - 9/6/2014 - 10:36:24 -SH-- . (...) -- C:\WINDOWS\winnt256.bmp [48680]
O44 - LFC:[MD5.5D76C3FB736514E1D7C88791E7322784] - 9/6/2014 - 10:37:00 R-HA- . (...) -- C:\WINDOWS\system32\WindowsLogon.manifest [488]
O44 - LFC:[MD5.5D76C3FB736514E1D7C88791E7322784] - 9/6/2014 - 10:37:00 R-HA- . (...) -- C:\WINDOWS\system32\logonui.exe.manifest [488]
O44 - LFC:[MD5.2B9C717D21A1331BA3731886E3EE87BB] - 9/6/2014 - 10:37:43 ---A- . (...) -- C:\WINDOWS\ODBCINST.INI [4205]
O44 - LFC:[MD5.6D6F4B1886E91EB37ABCCAD19C561EE0] - 9/6/2014 - 10:37:52 ---A- . (...) -- C:\WINDOWS\system32\amcompat.tlb [16832]
O44 - LFC:[MD5.A32B14BE5EDAE794FCE1A9E970827509] - 9/6/2014 - 10:37:52 ---A- . (...) -- C:\WINDOWS\system32\nscompat.tlb [23392]
O44 - LFC:[MD5.DC17DD0189B0C36D863B4DD0A036C10F] - 9/6/2014 - 10:37:53 ---A- . (...) -- C:\WINDOWS\WMSysPr9.prx [316640]
O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 9/6/2014 - 10:37:55 ---A- . (...) -- C:\AUTOEXEC.BAT [0]
O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 9/6/2014 - 10:37:55 ---A- . (...) -- C:\CONFIG.SYS [0]
O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 9/6/2014 - 10:37:55 ---A- . (...) -- C:\WINDOWS\control.ini [0]
O44 - LFC:[MD5.8715347D6B7B2E3A7CFE5ADF2D510CE3] - 9/6/2014 - 10:37:55 ---A- . (...) -- C:\WINDOWS\win.ini [477]
O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 9/6/2014 - 10:37:55 RSHA- . (...) -- C:\IO.SYS [0]
O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 9/6/2014 - 10:37:55 RSHA- . (...) -- C:\MSDOS.SYS [0]
O44 - LFC:[MD5.D77BBE394E419A31AD8AF29B36D6F735] - 9/6/2014 - 10:39:52 ---A- . (...) -- C:\WINDOWS\system32\$winnt$.inf [261]
O44 - LFC:[MD5.FA81439F83192564A78236CC8A6EE1A9] - 9/6/2014 - 10:40:42 ---A- . (...) -- C:\WINDOWS\REGLOCS.OLD [8192]
O44 - LFC:[MD5.DE4C5379216ACE6197B77D0D6C6C8D8A] - 9/6/2014 - 10:50:51 R--A- . (...) -- C:\WINDOWS\system32\igxpxa32.cpa [524850]
O44 - LFC:[MD5.54EABEC05A84181FCEDD7F974850116C] - 9/6/2014 - 10:50:52 R--A- . (...) -- C:\WINDOWS\system32\igxpxa32.vp [929]
O44 - LFC:[MD5.765CB03717D62E6F7C9F0D42D6420BE3] - 9/6/2014 - 10:50:52 R--A- . (...) -- C:\WINDOWS\system32\igxpxk32.vp [58704]
O44 - LFC:[MD5.595CDDE1D6399305403F7BA3231779CF] - 9/6/2014 - 10:50:52 R--A- . (...) -- C:\WINDOWS\system32\igxpxs32.vp [25920]
O44 - LFC:[MD5.43C3571EADA5BC1EDEAD7CA22AD66F30] - 9/6/2014 - 10:53:43 R---- . (...) -- C:\WINDOWS\system32\ChCfg.exe [49152]
O44 - LFC:[MD5.6D0634CEBBFF7F428DD816706F5AA1FB] - 9/6/2014 - 10:54:42 ---A- . (...) -- C:\WINDOWS\system32\BuzzingBee.wav [146650]
O44 - LFC:[MD5.E2FA75ADE398C9A44815B11CC141105C] - 9/6/2014 - 10:54:42 ---A- . (...) -- C:\WINDOWS\system32\LoopyMusic.wav [940794]
O44 - LFC:[MD5.ACA0EA9BCE034D91E661ABF3356719E3] - 9/6/2014 - 11:17:54 ---A- . (...) -- C:\WINDOWS\ODBC.INI [421]
O44 - LFC:[MD5.45FC4C72E78BC7ED0240B05A2BEF4F66] - 9/6/2014 - 11:53:31 ---A- . (...) -- C:\WINDOWS\system32\TZLog.log [6716]
O44 - LFC:[MD5.5A5CFF37F1BD0F86B9BDAAD7A9445882] - 9/6/2014 - 19:46:49 R-HA- . (...) -- C:\WINDOWS\system32\ncpa.cpl.manifest [749]
O44 - LFC:[MD5.5A5CFF37F1BD0F86B9BDAAD7A9445882] - 9/6/2014 - 19:46:49 R-HA- . (...) -- C:\WINDOWS\system32\nwc.cpl.manifest [749]
O44 - LFC:[MD5.5A5CFF37F1BD0F86B9BDAAD7A9445882] - 9/6/2014 - 19:46:49 R-HA- . (...) -- C:\WINDOWS\system32\sapi.cpl.manifest [749]
O44 - LFC:[MD5.5A5CFF37F1BD0F86B9BDAAD7A9445882] - 9/6/2014 - 19:46:49 R-HA- . (...) -- C:\WINDOWS\system32\wuaucpl.cpl.manifest [749]
O44 - LFC:[MD5.5A5CFF37F1BD0F86B9BDAAD7A9445882] - 9/6/2014 - 19:46:50 R-HA- . (...) -- C:\WINDOWS\WindowsShell.Manifest [749]
O44 - LFC:[MD5.5A5CFF37F1BD0F86B9BDAAD7A9445882] - 9/6/2014 - 19:46:50 R-HA- . (...) -- C:\WINDOWS\system32\cdplayer.exe.manifest [749]
~ Files: 420 Legitimates Filtered in 00mn 33s
---\\ Operações e funções ao arranque do Windows Explorer (046)
O46 - SEH:ShellExecuteHooks - URL Exec Hook - {AEB6717E-7E19-11d0-97EE-00C04FD91972} - shell32.dll
~ ShellExecuteHooks: Scanned in 00mn 00s
---\\ Image File Execution Options (IFEO) (O50)
O50 - IFEO:Image File Execution Options - Your Image File Name Here without a path - ntsd -d
~ IFEO: Scanned in 00mn 00s
---\\ Lista dos drivers do sistema (SDL) (O58)
O58 - SDL:14/4/2008 - 09:00:00 ---A- . (.RAVISENT Technologies Inc. - CineMaster C 1.2 WDM Main Driver.) -- C:\WINDOWS\system32\Drivers\cinemst2.sys [262528]
O58 - SDL:14/4/2008 - 09:00:00 ---A- . (.Windows (R) Server 2003 DDK provider - High Definition Audio Bus Driver v1.0a.) -- C:\WINDOWS\system32\Drivers\hdaudbus.sys [144384]
O58 - SDL:14/4/2008 - 09:00:00 ---A- . (.Parallel Technologies, Inc. - Parallel Technologies DirectParallel IO Library.) -- C:\WINDOWS\system32\Drivers\ptilink.sys [17792]
O58 - SDL:16/5/2014 - 09:07:14 ---A- . (.Avira GmbH - AVIRA SnapShot Driver.) -- C:\WINDOWS\system32\Drivers\ssmdrv.sys [28520]
O58 - SDL:14/4/2008 - 09:00:00 ---A- . (.RAVISENT Technologies Inc. - CineMaster C WDM DVD Minidriver.) -- C:\WINDOWS\system32\Drivers\vdmindvd.sys [58112]
O58 - SDL:14/4/2008 - 09:00:00 ---A- . (...) -- C:\WINDOWS\system32\ansi.sys [9032]
O58 - SDL:14/4/2008 - 09:00:00 ---A- . (...) -- C:\WINDOWS\system32\country.sys [27097]
O58 - SDL:14/4/2008 - 09:00:00 ---A- . (...) -- C:\WINDOWS\system32\himem.sys [4896]
O58 - SDL:14/4/2008 - 09:00:00 ---A- . (...) -- C:\WINDOWS\system32\key01.sys [42809]
O58 - SDL:14/4/2008 - 09:00:00 ---A- . (...) -- C:\WINDOWS\system32\keyboard.sys [42537]
O58 - SDL:14/4/2008 - 09:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntdos.sys [27900]
O58 - SDL:14/4/2008 - 09:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntdos404.sys [29146]
O58 - SDL:14/4/2008 - 09:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntdos411.sys [29370]
O58 - SDL:14/4/2008 - 09:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntdos412.sys [29274]
O58 - SDL:14/4/2008 - 09:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntdos804.sys [29146]
O58 - SDL:14/4/2008 - 09:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntio.sys [33984]
O58 - SDL:14/4/2008 - 09:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntio404.sys [34560]
O58 - SDL:14/4/2008 - 09:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntio411.sys [35648]
O58 - SDL:14/4/2008 - 09:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntio412.sys [35424]
O58 - SDL:14/4/2008 - 09:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntio804.sys [34560]
~ Drivers: 35 Legitimates Filtered in 00mn 00s
---\\ Lista das ferramentas de remoção de vírus (LAT) (063)
O63 - Logiciel: ZHPDiag 2014 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =>.Nicolas Coolman
~ ADS: Scanned in 00mn 00s
---\\ Associações Shell Spawning (O67)
O67 - Shell Spawning: <.html>
~ FASS Keys: 10 Legitimates Filtered in 00mn 00s
---\\ Menu de inicialização Internet (068)
O68 - StartMenuInternet:
O68 - StartMenuInternet:
O68 - StartMenuInternet:
~ Keys: Scanned in 00mn 00s
---\\ Pesquisa de infeção nos navegadores da Internet (SBI) (069)
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} [DefaultScope] - (Bing) - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
~ Keys: Scanned in 00mn 00s
---\\ Pesquisa adicional à raiz do sistema (radicular) (SPRF) (O84)
[MD5.4409BBCDDC28F0AF3A4940B926E2BDC9] [SPRF][9/6/2014] (...) -- C:\Arquivos de programas\arrastar.reg [593]
~ Files: 1 Legitimates Filtered in 00mn 00s
---\\ Estado general dos serviços não Microsoft (EGS) (SR=Executados, SS=Parados)
SS - | Demand 9/6/2014 257712 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
SS - | Disabled 16/5/2014 1039440 | (AntiVirWebService) . (.Avira Operations GmbH & Co. KG.) - C:\Arquivos de programas\Avira\AntiVir Desktop\AVWEBGRD.exe
SS - | Demand 14/4/2008 225280 | (dmadmin) . (.Microsoft Corp., Veritas Software.) - C:\WINDOWS\system32\dmadmin.exe
SS - | Auto 9/6/2014 116648 | (gupdate) . (.Google Inc..) - C:\Arquivos de programas\Google\Update\GoogleUpdate.exe
SS - | Demand 9/6/2014 116648 | (gupdatem) . (.Google Inc..) - C:\Arquivos de programas\Google\Update\GoogleUpdate.exe
SR - | Auto 16/5/2014 430160 | (AntiVirSchedulerService) . (.Avira Operations GmbH & Co. KG.) - C:\Arquivos de programas\Avira\AntiVir Desktop\sched.exe
SR - | Auto 16/5/2014 430160 | (AntiVirService) . (.Avira Operations GmbH & Co. KG.) - C:\Arquivos de programas\Avira\AntiVir Desktop\avguard.exe
SR - | Auto 9/6/2014 182696 | (JavaQuickStarterService) . (.Oracle Corporation.) - C:\Arquivos de programas\Java\jre7\bin\jqs.exe
~ Services: Scanned in 00mn 07s
---\\ Scâner Aditional (088)
Database Version : 13026 - (9/6/2014)
Clés trouvées (Keys found) : 1
Valeurs trouvées (Values found) : 0
Dossiers trouvés (Folders found) : 0
Fichiers trouvés (Files found) : 1
[HKCU\Software\Softonic] =>Toolbar.Conduit
[HKLM\Software\Conduit] =>Toolbar.Conduit^
~ Additionnel Scan: 118014 Items scanned in 00mn 17s
---\\ Informações complémentaires do módulos
~ [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>.Internet Explorer, Proxy Management (R5)
~ [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>.Image File Execution Options (O50)
~ AMI: 2 Legitimates Filtered in 00mn 00s
---\\ Sumário das deteções encontradas na sua estação
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>Toolbar.Conduit
~ MSI: 1 link(s) detected in 00mn 00s
~ 926 Legitimates filtered by white list
End of the scan (468 lines in 01mn 10s)(0)
Mau leite- Iniciante
- Mensagens : 27
Reputação : 1
Data de inscrição : 27/11/2013
Idade : 51
Localização : Mogi das Cruzes
Re: Google Chrome com problemas
Acesse o site [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] e envie este arquivo destacado em negrito abaixo para ser analisado:
C:\Arquivos de programas\arrastar.reg
Assim que a análise dele for concluída, copie o link que aparecerá na barra de endereços de seu navegador e poste este link em sua próxima resposta juntamente com o relatório do ZHPFix pedido abaixo nesta postagem.
Maiores informações de como analisar arquivos no site Virus Total você encontra neste tutorial:
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
____________________________________________________________________________________
Selecione e copie todo o texto destacado em vermelho que te passei.
_____________________________________________________________________________________________________________
Vá no menu: Iniciar > Todos os programas > ZHP > Clique com o botão direito do mouse sobre o Zhpfix e escolha a opção de Executar como administrador > Clique em Importação > Clique no botão GO > Clique em Oui > Caso queira que os arquivos da lixeira sejam excluídos clique em Oui novamente > Um relatório aparecerá no bloco de notas.
Copie este relatório e poste em sua próxima resposta juntamente com o link da análise do arquivo no site Virus Total.
C:\Arquivos de programas\arrastar.reg
Assim que a análise dele for concluída, copie o link que aparecerá na barra de endereços de seu navegador e poste este link em sua próxima resposta juntamente com o relatório do ZHPFix pedido abaixo nesta postagem.
Maiores informações de como analisar arquivos no site Virus Total você encontra neste tutorial:
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
____________________________________________________________________________________
Selecione e copie todo o texto destacado em vermelho que te passei.
_____________________________________________________________________________________________________________
Vá no menu: Iniciar > Todos os programas > ZHP > Clique com o botão direito do mouse sobre o Zhpfix e escolha a opção de Executar como administrador > Clique em Importação > Clique no botão GO > Clique em Oui > Caso queira que os arquivos da lixeira sejam excluídos clique em Oui novamente > Um relatório aparecerá no bloco de notas.
Copie este relatório e poste em sua próxima resposta juntamente com o link da análise do arquivo no site Virus Total.
Última edição por Power Max em Ter 10 Jun 2014, 17:01, editado 1 vez(es)
Power Max- Colaborador
- Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009
Re: Google Chrome com problemas
Segue o link:
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Segue o relatório:
script zhpfix
SysRestore
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{01E04581-4EEE-11D0-BFE9-00AA005B4383} Chave orfã
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{0E5CBF21-D15F-11D0-8301-00AA005B4383} Chave orfã
[HKCU\Software\Softonic] =>Toolbar.Conduit
[HKLM\Software\Conduit] =>Toolbar.Conduit
[HKCU\Software\Softonic] =>Toolbar.Conduit
[HKLM\Software\Conduit] =>Toolbar.Conduit^
ShortcutFix
ProxyFix
EmptyTemp
EmptyFlash
emptyclsid
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Segue o relatório:
script zhpfix
SysRestore
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{01E04581-4EEE-11D0-BFE9-00AA005B4383} Chave orfã
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{0E5CBF21-D15F-11D0-8301-00AA005B4383} Chave orfã
[HKCU\Software\Softonic] =>Toolbar.Conduit
[HKLM\Software\Conduit] =>Toolbar.Conduit
[HKCU\Software\Softonic] =>Toolbar.Conduit
[HKLM\Software\Conduit] =>Toolbar.Conduit^
ShortcutFix
ProxyFix
EmptyTemp
EmptyFlash
emptyclsid
Mau leite- Iniciante
- Mensagens : 27
Reputação : 1
Data de inscrição : 27/11/2013
Idade : 51
Localização : Mogi das Cruzes
Re: Google Chrome com problemas
PowerMax
Terei que sair agora. Amanhã só tenho a tarde livre.
Desde já agradeço.
Tenha uma ótima noite.
Até amanhã.
Terei que sair agora. Amanhã só tenho a tarde livre.
Desde já agradeço.
Tenha uma ótima noite.
Até amanhã.
Mau leite- Iniciante
- Mensagens : 27
Reputação : 1
Data de inscrição : 27/11/2013
Idade : 51
Localização : Mogi das Cruzes
Re: Google Chrome com problemas
Ok, assim que for possível faça o seguinte:
Baixe o programa Adwcleaner clicando no link abaixo e depois clique no botão Download Now @BleepingComputer:
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Para executar corretamente o AdwCleaner é só seguir as dicas deste tutorial:
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
* Na sua próxima resposta poste o log (relatório) do Adwcleaner que estará em C:\AdwCleaner\AdwCleaner[S0].txt
Ficamos na espera.
Baixe o programa Adwcleaner clicando no link abaixo e depois clique no botão Download Now @BleepingComputer:
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Para executar corretamente o AdwCleaner é só seguir as dicas deste tutorial:
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
* Na sua próxima resposta poste o log (relatório) do Adwcleaner que estará em C:\AdwCleaner\AdwCleaner[S0].txt
Ficamos na espera.
Power Max- Colaborador
- Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009
Re: Google Chrome com problemas
Boa Tarde PowerMax
O Google Chrome está funcionando normal. Todos os comandos, configurações, abas, enfim...está perfeito de novo. Mas mesmo assim executei os procedimentos de seu último tópico. Segue anexado o relatório do ADWCleaner. Por sinal estou utilizando o chrome para navegar agora.
# AdwCleaner v3.212 - Relatório criado 10/06/2014 às 16:48:20
# Atualizado 05/06/2014 por Xplode
# Sistema Operacional : Microsoft Windows XP Service Pack 3 (32 bits)
# Usuário : Mau Leite - MAU-A792268E606
# Executando de : C:\Documents and Settings\Mau Leite\Meus documentos\Downloads\AdwCleaner.exe
# Opção : Limpar
***** [ Serviços ] *****
***** [ Arquivos / Pastas ] *****
***** [ Atalhos ] *****
***** [ Registro ] *****
Chave Deletedo : HKCU\Software\Softonic
Chave Deletedo : HKLM\Software\Conduit
***** [ Navegadores ] *****
-\\ Internet Explorer v8.0.6001.18702
-\\ Google Chrome v35.0.1916.114
[ Arquivo : C:\Documents and Settings\Mau Leite\Configurações locais\Dados de aplicativos\Google\Chrome\User Data\Default\preferences ]
Deletedo [Search Provider] : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Deletedo [Search Provider] : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Deletedo [Search Provider] : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Deletedo [Search Provider] : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Deletedo [Search Provider] : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Deletedo [Extension] : fgboogeaaklojbicocbcepgdjjfbmgli
*************************
AdwCleaner[R0].txt - [1732 octets] - [10/06/2014 16:47:32]
AdwCleaner[S0].txt - [1634 octets] - [10/06/2014 16:48:20]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [1694 octets] ##########
O Google Chrome está funcionando normal. Todos os comandos, configurações, abas, enfim...está perfeito de novo. Mas mesmo assim executei os procedimentos de seu último tópico. Segue anexado o relatório do ADWCleaner. Por sinal estou utilizando o chrome para navegar agora.
# AdwCleaner v3.212 - Relatório criado 10/06/2014 às 16:48:20
# Atualizado 05/06/2014 por Xplode
# Sistema Operacional : Microsoft Windows XP Service Pack 3 (32 bits)
# Usuário : Mau Leite - MAU-A792268E606
# Executando de : C:\Documents and Settings\Mau Leite\Meus documentos\Downloads\AdwCleaner.exe
# Opção : Limpar
***** [ Serviços ] *****
***** [ Arquivos / Pastas ] *****
***** [ Atalhos ] *****
***** [ Registro ] *****
Chave Deletedo : HKCU\Software\Softonic
Chave Deletedo : HKLM\Software\Conduit
***** [ Navegadores ] *****
-\\ Internet Explorer v8.0.6001.18702
-\\ Google Chrome v35.0.1916.114
[ Arquivo : C:\Documents and Settings\Mau Leite\Configurações locais\Dados de aplicativos\Google\Chrome\User Data\Default\preferences ]
Deletedo [Search Provider] : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Deletedo [Search Provider] : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Deletedo [Search Provider] : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Deletedo [Search Provider] : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Deletedo [Search Provider] : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Deletedo [Extension] : fgboogeaaklojbicocbcepgdjjfbmgli
*************************
AdwCleaner[R0].txt - [1732 octets] - [10/06/2014 16:47:32]
AdwCleaner[S0].txt - [1634 octets] - [10/06/2014 16:48:20]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [1694 octets] ##########
Mau leite- Iniciante
- Mensagens : 27
Reputação : 1
Data de inscrição : 27/11/2013
Idade : 51
Localização : Mogi das Cruzes
Re: Google Chrome com problemas
Fico feliz que o problema tenha sido resolvido.
Só para finalizar siga estes tutoriais abaixo, por gentileza:
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
_______________________________________________________________________________________________________________________
Para remover os programas usados na limpeza deste PC e criar um novo ponto de restauração seguro e sem problemas, utilize o DelFix seguindo as dicas [Tens de ter uma conta e sessão iniciada para poderes visualizar este link].
_______________________________________________________________________________________________________________________
Foi um prazer ajudar. Conte sempre conosco!
Só para finalizar siga estes tutoriais abaixo, por gentileza:
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
_______________________________________________________________________________________________________________________
Para remover os programas usados na limpeza deste PC e criar um novo ponto de restauração seguro e sem problemas, utilize o DelFix seguindo as dicas [Tens de ter uma conta e sessão iniciada para poderes visualizar este link].
_______________________________________________________________________________________________________________________
Foi um prazer ajudar. Conte sempre conosco!
Power Max- Colaborador
- Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009
Re: Google Chrome com problemas
PowerMax
Valeu mesmo pela ajuda. Muito OBRIGADO.
Seus tópicos me ajudaram e me salvaram.....
Mais uma vez muito obrigado.
Uma ótima semana para você.
Obrigadão.
PS: farei agora os últimos passos.
Valeu mesmo pela ajuda. Muito OBRIGADO.
Seus tópicos me ajudaram e me salvaram.....
Mais uma vez muito obrigado.
Uma ótima semana para você.
Obrigadão.
PS: farei agora os últimos passos.
Mau leite- Iniciante
- Mensagens : 27
Reputação : 1
Data de inscrição : 27/11/2013
Idade : 51
Localização : Mogi das Cruzes
Re: Google Chrome com problemas
CASO RESOLVIDO
Caso o autor do tópico necessite, o mesmo será reaberto, para isso deverá entrar em contato com um dos membros da [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] solicitando o desbloqueio.
Caso o autor do tópico necessite, o mesmo será reaberto, para isso deverá entrar em contato com um dos membros da [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] solicitando o desbloqueio.
Power Max- Colaborador
- Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009
Tópicos semelhantes
» Problemas com o google chrome
» Google Chrome com problemas
» Malwares no google chrome
» Problema no Google chrome
» Google Chrome não consigo achar a extensão Google search para o chrome
» Google Chrome com problemas
» Malwares no google chrome
» Problema no Google chrome
» Google Chrome não consigo achar a extensão Google search para o chrome
Página 1 de 1
Permissões neste sub-fórum
Não podes responder a tópicos
|
|