Flux 
Social bookmarking
Conservar e compartilhar o endereço de PC Seguro em seu site de social bookmarking
Conservar e compartilhar o endereço de Fórum PC Brasil em seu site de social bookmarking
Estatísticas
Temos 14810 usuários registradosO último membro registrado é Josevinil
Os nossos membros postaram um total de 36047 mensagens em 3685 assuntos
Quem está conectado?
Há 12 usuários online :: 0 registrados, 0 invisíveis e 12 visitantes Nenhum
O recorde de usuários online foi de 301 em Ter 26 Out 2021, 15:28
Procurar
Top dos mais postadores
| Power Max |
| |||
| joram |
| |||
| Wings [In Memoriam] |
| |||
| caedurodrigues |
| |||
| Amigo Brasileiro |
| |||
| luizvilarinho |
| |||
| Danii |
| |||
| Admin |
| |||
| Danilo Marsaro |
| |||
| Andreata |
|
Erro relacionado ao Baidu.
2 participantes
Página 1 de 2
Página 1 de 2 • 1, 2 
Erro relacionado ao Baidu.
por DjBruxinho Dom 27 Jul 2014, 17:43
Quando o windows inicia, ele registra nos logs um erro como o da imagem.
(acho que esses drives estao relacionados ao baidu.)
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
(acho que esses drives estao relacionados ao baidu.)
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
DjBruxinho- Iniciante
- Mensagens : 25
Reputação : 0
Data de inscrição : 27/07/2014
Re: Erro relacionado ao Baidu.
por Power Max Dom 27 Jul 2014, 17:54
Olá.
Baixe o programa Adwcleaner clicando no link abaixo e depois clique no botão Download Now @BleepingComputer:
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Para executar corretamente o AdwCleaner é só seguir as dicas deste tutorial:
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
* Na sua próxima resposta poste o log (relatório) do Adwcleaner que estará em C:\AdwCleaner\AdwCleaner[S0].txt
Ficamos na espera.
Baixe o programa Adwcleaner clicando no link abaixo e depois clique no botão Download Now @BleepingComputer:
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Para executar corretamente o AdwCleaner é só seguir as dicas deste tutorial:
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
* Na sua próxima resposta poste o log (relatório) do Adwcleaner que estará em C:\AdwCleaner\AdwCleaner[S0].txt
Ficamos na espera.
Power Max- Colaborador
- Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009
Re: Erro relacionado ao Baidu.
por DjBruxinho Dom 27 Jul 2014, 18:06
# AdwCleaner v3.300 - Relatório criado 27/07/2014 às 17:59:19
# Atualizado 27/07/2014 por Xplode
# Sistema Operacional : Windows 7 Ultimate Service Pack 1 (64 bits)
# Usuário : User - USER-PC
# Executando de : C:\Users\User\Downloads\AdwCleaner.exe
# Opção : Limpar
***** [ Serviços ] *****
Serviço Deletada : IePluginServices
Serviço Deletada : {a3f28269-ad17-41a8-b032-3e0313ef8979}Gw64
***** [ Arquivos / Pastas ] *****
Pasta Deletada : C:\ProgramData\baidu
Pasta Deletada : C:\ProgramData\IePluginServices
Pasta Deletada : C:\ProgramData\WindowsProtectManger
Pasta Deletada : C:\Program Files (x86)\globalUpdate
Pasta Deletada : C:\Program Files (x86)\SupTab
Pasta Deletada : C:\Users\User\AppData\Local\globalUpdate
Pasta Deletada : C:\Users\User\AppData\Local\Temp\focusbase
Pasta Deletada : C:\Users\User\AppData\Roaming\AppCloudUpdater
Pasta Deletada : C:\Users\User\AppData\Roaming\Smart Driver Updater
Pasta Deletada : C:\Users\User\AppData\Roaming\Solvusoft
Pasta Deletada : C:\Users\User\AppData\Roaming\sweet-page
Pasta Deletada : C:\Users\User\AppData\Roaming\VOPackage
Arquivo Deletada : C:\Windows\System32\drivers\{a3f28269-ad17-41a8-b032-3e0313ef8979}Gw64.sys
Arquivo Deletada : C:\Windows\System32\roboot64.exe
***** [ Tâches planifiées ] *****
***** [ Atalhos ] *****
***** [ Registro ] *****
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\APN_ATU3__RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\APN_ATU3__RASMANCS
Chave Deletedo : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\IePluginServices
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{6D4506CE-F855-4657-AA38-DB6B1F733982}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{3408AC0D-510E-4808-8F7B-6B70B1F88534}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Chave Deletedo : HKLM\SOFTWARE\Classes\TypeLib\{03771AEF-400D-4A13-B712-25878EC4A3F5}
Chave Deletedo : HKLM\SOFTWARE\Classes\TypeLib\{A2D733A7-73B0-4C6B-B0C7-06A432950B66}
Chave Deletedo : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{3408AC0D-510E-4808-8F7B-6B70B1F88534}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{917CAAE9-DD47-4025-936E-1414F07DF5B8}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{D95E57C2-53B3-4C38-BA1E-7980CB5E1803}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Chave Deletedo : HKCU\Software\AppCloudUpdater
Chave Deletedo : HKCU\Software\GlobalUpdate
Chave Deletedo : HKCU\Software\InstallCore
Chave Deletedo : HKCU\Software\AppDataLow\Software\Crossrider
Chave Deletedo : HKLM\Software\GlobalUpdate
Chave Deletedo : HKLM\Software\SupDp
Chave Deletedo : HKLM\Software\SupTab
Chave Deletedo : HKLM\Software\supWindowsProtectManger
Chave Deletedo : HKLM\Software\sweet-pageSoftware
Chave Deletedo : HKLM\Software\Wpm
***** [ Navegadores ] *****
-\\ Internet Explorer v11.0.9600.17207
Configurações Restauradas : HKCU\Software\Microsoft\Internet Explorer\Main [Search Page]
Configurações Restauradas : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Search_URL]
Configurações Restauradas : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
Configurações Restauradas : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
Configurações Restauradas : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
Configurações Restauradas : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
-\\ Google Chrome v36.0.1985.125
[ Arquivo : C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\preferences ]
Deletedo [Search Provider] : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Deletedo [Search Provider] : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Deletedo [Search Provider] : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Deletedo [Search Provider] : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Deletedo [Search Provider] : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Deletedo [Search Provider] : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Deletedo [Search Provider] : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Deletedo [Search Provider] : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Deletedo [Search Provider] : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Deletedo [Search Provider] : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Deletedo [Search Provider] : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Deletedo [Startup_urls] : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Deletedo [Startup_urls] : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Deletedo [Startup_urls] : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Deletedo [Startup_urls] : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Deletedo [Startup_urls] : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Deletedo [Startup_urls] : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Deletedo [Startup_urls] : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Deletedo [Startup_urls] : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Deletedo [Startup_urls] : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Deletedo [Startup_urls] : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Deletedo [Startup_urls] : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Deletedo [Startup_urls] : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Deletedo [Startup_urls] : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
*************************
AdwCleaner[R0].txt - [9247 octets] - [27/07/2014 17:57:43]
AdwCleaner[S0].txt - [8036 octets] - [27/07/2014 17:59:19]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [8096 octets] ##########
# Atualizado 27/07/2014 por Xplode
# Sistema Operacional : Windows 7 Ultimate Service Pack 1 (64 bits)
# Usuário : User - USER-PC
# Executando de : C:\Users\User\Downloads\AdwCleaner.exe
# Opção : Limpar
***** [ Serviços ] *****
Serviço Deletada : IePluginServices
Serviço Deletada : {a3f28269-ad17-41a8-b032-3e0313ef8979}Gw64
***** [ Arquivos / Pastas ] *****
Pasta Deletada : C:\ProgramData\baidu
Pasta Deletada : C:\ProgramData\IePluginServices
Pasta Deletada : C:\ProgramData\WindowsProtectManger
Pasta Deletada : C:\Program Files (x86)\globalUpdate
Pasta Deletada : C:\Program Files (x86)\SupTab
Pasta Deletada : C:\Users\User\AppData\Local\globalUpdate
Pasta Deletada : C:\Users\User\AppData\Local\Temp\focusbase
Pasta Deletada : C:\Users\User\AppData\Roaming\AppCloudUpdater
Pasta Deletada : C:\Users\User\AppData\Roaming\Smart Driver Updater
Pasta Deletada : C:\Users\User\AppData\Roaming\Solvusoft
Pasta Deletada : C:\Users\User\AppData\Roaming\sweet-page
Pasta Deletada : C:\Users\User\AppData\Roaming\VOPackage
Arquivo Deletada : C:\Windows\System32\drivers\{a3f28269-ad17-41a8-b032-3e0313ef8979}Gw64.sys
Arquivo Deletada : C:\Windows\System32\roboot64.exe
***** [ Tâches planifiées ] *****
***** [ Atalhos ] *****
***** [ Registro ] *****
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\APN_ATU3__RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\APN_ATU3__RASMANCS
Chave Deletedo : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\IePluginServices
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{6D4506CE-F855-4657-AA38-DB6B1F733982}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{3408AC0D-510E-4808-8F7B-6B70B1F88534}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Chave Deletedo : HKLM\SOFTWARE\Classes\TypeLib\{03771AEF-400D-4A13-B712-25878EC4A3F5}
Chave Deletedo : HKLM\SOFTWARE\Classes\TypeLib\{A2D733A7-73B0-4C6B-B0C7-06A432950B66}
Chave Deletedo : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{3408AC0D-510E-4808-8F7B-6B70B1F88534}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{917CAAE9-DD47-4025-936E-1414F07DF5B8}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{D95E57C2-53B3-4C38-BA1E-7980CB5E1803}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Chave Deletedo : HKCU\Software\AppCloudUpdater
Chave Deletedo : HKCU\Software\GlobalUpdate
Chave Deletedo : HKCU\Software\InstallCore
Chave Deletedo : HKCU\Software\AppDataLow\Software\Crossrider
Chave Deletedo : HKLM\Software\GlobalUpdate
Chave Deletedo : HKLM\Software\SupDp
Chave Deletedo : HKLM\Software\SupTab
Chave Deletedo : HKLM\Software\supWindowsProtectManger
Chave Deletedo : HKLM\Software\sweet-pageSoftware
Chave Deletedo : HKLM\Software\Wpm
***** [ Navegadores ] *****
-\\ Internet Explorer v11.0.9600.17207
Configurações Restauradas : HKCU\Software\Microsoft\Internet Explorer\Main [Search Page]
Configurações Restauradas : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Search_URL]
Configurações Restauradas : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
Configurações Restauradas : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
Configurações Restauradas : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
Configurações Restauradas : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
-\\ Google Chrome v36.0.1985.125
[ Arquivo : C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\preferences ]
Deletedo [Search Provider] : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Deletedo [Search Provider] : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Deletedo [Search Provider] : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Deletedo [Search Provider] : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Deletedo [Search Provider] : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Deletedo [Search Provider] : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Deletedo [Search Provider] : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Deletedo [Search Provider] : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Deletedo [Search Provider] : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Deletedo [Search Provider] : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Deletedo [Search Provider] : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Deletedo [Startup_urls] : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Deletedo [Startup_urls] : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Deletedo [Startup_urls] : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Deletedo [Startup_urls] : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Deletedo [Startup_urls] : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Deletedo [Startup_urls] : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Deletedo [Startup_urls] : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Deletedo [Startup_urls] : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Deletedo [Startup_urls] : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Deletedo [Startup_urls] : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Deletedo [Startup_urls] : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Deletedo [Startup_urls] : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Deletedo [Startup_urls] : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
*************************
AdwCleaner[R0].txt - [9247 octets] - [27/07/2014 17:57:43]
AdwCleaner[S0].txt - [8036 octets] - [27/07/2014 17:59:19]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [8096 octets] ##########
DjBruxinho- Iniciante
- Mensagens : 25
Reputação : 0
Data de inscrição : 27/07/2014
Re: Erro relacionado ao Baidu.
por Power Max Dom 27 Jul 2014, 18:07
Baixe o programa Junkware Removal Tool no link abaixo:
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Para executar corretamente o programa acima é só seguir as dicas deste tutorial:
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
* Na sua próxima resposta poste o log (relatório) do Junkware Removal Tool que estará salvo em sua área de trabalho com o nome de JRT.txt
Ficamos na espera.
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Para executar corretamente o programa acima é só seguir as dicas deste tutorial:
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
* Na sua próxima resposta poste o log (relatório) do Junkware Removal Tool que estará salvo em sua área de trabalho com o nome de JRT.txt
Ficamos na espera.
Power Max- Colaborador
- Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009
Re: Erro relacionado ao Baidu.
por DjBruxinho Dom 27 Jul 2014, 18:22
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 7 Ultimate x64
Ran by User on 27/07/2014 at 18:12:12,40
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
~~~ Registry Keys
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\baidu
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\wintask_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\wintask_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\wintask_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\wintask_RASMANCS
~~~ Files
~~~ Folders
Successfully deleted: [Folder] "C:\Users\User\AppData\Roaming\thinstall"
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 27/07/2014 at 18:21:16,01
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 7 Ultimate x64
Ran by User on 27/07/2014 at 18:12:12,40
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
~~~ Registry Keys
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\baidu
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\wintask_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\wintask_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\wintask_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\wintask_RASMANCS
~~~ Files
~~~ Folders
Successfully deleted: [Folder] "C:\Users\User\AppData\Roaming\thinstall"
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 27/07/2014 at 18:21:16,01
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
DjBruxinho- Iniciante
- Mensagens : 25
Reputação : 0
Data de inscrição : 27/07/2014
Re: Erro relacionado ao Baidu.
por Power Max Dom 27 Jul 2014, 18:29
Desative temporariamente seu antivirus para evitar conflitos.
Baixe: < [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] > ( de g3n-h@ckm@n )
|- Ao acessar o link acima, role a página e clique em Télécharger para fazer o download: [Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
Execute-o da forma indicada nesta postagem:
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Assim que a limpeza for concluída, poste o log (relatório) que estará em C:\Shortcut_Module_07_05_2014_17_05_22.txt (estes números em vermelho irão variar pois eles mostram a data e hora em que o escaneamento foi realizado).
Baixe: < [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] > ( de g3n-h@ckm@n )
|- Ao acessar o link acima, role a página e clique em Télécharger para fazer o download: [Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
Execute-o da forma indicada nesta postagem:
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Assim que a limpeza for concluída, poste o log (relatório) que estará em C:\Shortcut_Module_07_05_2014_17_05_22.txt (estes números em vermelho irão variar pois eles mostram a data e hora em que o escaneamento foi realizado).
Power Max- Colaborador
- Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009
Re: Erro relacionado ao Baidu.
por DjBruxinho Dom 27 Jul 2014, 19:29
¤¤¤¤¤¤¤¤¤¤ | Shortcut_Module | g3n-h@ckm@n | 27.07.2014.1
¤¤¤¤¤ Vista | 7 | 8 | 8.1 - 32/64 bits ¤¤¤¤¤ - Start 18:33:59 - 27/07/2014
Atualizado : 27/07/2014 | 23.20 Por g3n-h@ckm@n
Contact : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Assistance : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Feedbacks : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Boot: Normal boot
[User (Administrator)] - [USER-PC] - ( [0416])
SID = S-1-5-21-1758606025-4058047857-1023707703-1000
Sistema : Windows 7 Ultimate (64 bits) Ultimate Service Pack 1
Memória RAM = Total (MB) : 4177 | Livre (MB) : 2344
Pagefile = Total (MB) : 8351 | Livre (MB) : 6214
Virtual = Total (MB) : 4194 | Livre (MB) : 4027
Registro protegido, restabelecer : C:\Shortcut_Module\Save\Clean\ERDNT.exe
¤¤¤¤¤¤¤¤¤¤ | Windows atualizado
Nenhuma atualização descoberta !!!
¤¤¤¤¤¤¤¤¤¤ | Navegadores
IE : 11.0.9600.17207 (© Microsoft Corporation. Todos os direitos reservados.)
GC : 36.0.1985.125 (Copyright 2012 Google Inc. All rights reserved.)
¤¤¤¤¤¤¤¤¤¤ | Security
AV : avast! Antivirus Disabled
AS : avast! Antivirus Disabled
FW : avast! Antivirus Disabled
WMI : OK
WU: Windows Update Service [Auto(2)] = Ordem
AS: Windows Defender [Auto(2)] = Ordem
FW: Windows FireWall Service [Auto(2)] = Ordem
Colocação apagada em um modo auxiliar !
¤¤¤¤¤¤¤¤¤¤ | FlashPlayer
ActiveX : 14.0.0.125
Plugin : 14.0.0.145
¤¤¤¤¤¤¤¤¤¤ | Processos mortos
892 | [Owner : SISTEMA |Parent : 704] - (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 337.88.) - (8.17.13.3788) = C:\Windows\System32\nvvsvc.exe
916 | [Owner : SISTEMA |Parent : 704] - (.NVIDIA Corporation - Stereo Vision Control Panel API Server.) - (7.17.13.3788) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
1404 | [Owner : SISTEMA |Parent : 704] - (.Microsoft Corporation - Aplicativo de subsistema de spooler.) - (6.1.7601.17777) = C:\Windows\System32\spoolsv.exe
1532 | [Owner : SISTEMA |Parent : 892] - (.NVIDIA Corporation - NVIDIA User Experience Driver Component.) - (8.17.13.3788) = C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
1544 | [Owner : SISTEMA |Parent : 892] - (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 337.88.) - (8.17.13.3788) = C:\Windows\System32\nvvsvc.exe
1740 | [Owner : User |Parent : 704] - (.Microsoft Corporation - Processo de Host para Tarefas do Windows.) - (6.1.7601.18010) = C:\Windows\System32\taskhost.exe
1996 | [Owner : SISTEMA |Parent : 704] - (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) - (1.7.0.0) = C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
1028 | [Owner : SISTEMA |Parent : 704] - (.Apple Inc. - YSLoader.exe.) - (17.327.4.35) = C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
2320 | [Owner : SISTEMA |Parent : 704] - (.Apple Inc. - Bonjour Service.) - (3.0.0.10) = C:\Program Files\Bonjour\mDNSResponder.exe
2380 | [Owner : SISTEMA |Parent : 704] - (.Intel(R) Corporation - Intel(R) Capability Licensing Service Interface.) - (1.23.216.0) = C:\Program Files\Intel\iCLS Client\HeciServer.exe
2464 | [Owner : SISTEMA |Parent : 704] - (.LogMeIn, Inc. - LMIGuardianSvc.) - (10.1.0.1664) = C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
2496 | [Owner : SISTEMA |Parent : 704] - (.NVIDIA Corporation - NVIDIA Network Service.) - (1.0.5.16) = C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
2532 | [Owner : SISTEMA |Parent : 704] - (.NVIDIA Corporation - NVIDIA Streamer Service.) - (2.1.214.0) = C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
2600 | [Owner : SISTEMA |Parent : 704] - (.A-Volute - Maelstrom VAD Streaming Service.) - (1.1.58.1854) = C:\ProgramData\Razer\Synapse\Devices\Razer Surround\Driver\RzMaelstromVADStreamingService.exe
2784 | [Owner : SISTEMA |Parent : 704] - (.TeamViewer GmbH - TeamViewer 9.) - (9.0.29947.0) = C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
2800 | [Owner : User |Parent : 2016] - (.NVIDIA Corporation - NVIDIA GeForce Experience Backend.) - (14.6.22.1) = C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
2864 | [Owner : SISTEMA |Parent : 704] - (.LogMeIn Inc. - Hamachi Client Tunneling Engine.) - (2.2.0.227) = C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
2884 | [Owner : User |Parent : 2016] - (.Realtek Semiconductor - Gerenciador de áudio HD Realtek.) - (1.0.0.919) = C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
2140 | [Owner : User |Parent : 2016] - (.Skype Technologies S.A. - Skype .) - (6.16.0.105) = C:\Program Files (x86)\Skype\Phone\Skype.exe
3064 | [Owner : User |Parent : 2864] - (.LogMeIn Inc. - Hamachi Client Application.) - (2.2.0.227) = C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
3300 | [Owner : User |Parent : 2016] - (. - .) - (0.0.0.0) = C:\Program Files (x86)\RocketDock\RocketDock.exe
3484 | [Owner : User |Parent : 1532] - (.NVIDIA Corporation - NVIDIA Settings.) - (7.17.13.3788) = C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
3732 | [Owner : SERVIÇO DE REDE |Parent : 2532] - (.NVIDIA Corporation - NVIDIA Streamer Service.) - (2.1.214.0) = C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
3748 | [Owner : SISTEMA |Parent : 2532] - (.NVIDIA Corporation - NVIDIA Streamer Service.) - (2.1.214.0) = C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
3792 | [Owner : SISTEMA |Parent : 704] - (.Microsoft Corporation - Indexador do Microsoft Windows Search.) - (7.0.7601.17610) = C:\Windows\System32\SearchIndexer.exe
3100 | [Owner : SERVIÇO DE REDE |Parent : 704] - (.Microsoft Corporation - Serviço de Compartilhamento de Rede do Windows Media Player.) - (12.0.7601.17514) = C:\Program Files\Windows Media Player\wmpnetwk.exe
4548 | [Owner : User |Parent : 3532] - (.Razer Inc. - Razer Synapse.) - (1.18.15.20888) = C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe
4980 | [Owner : User |Parent : 3532] - (.Apple Inc. - iTunesHelper.) - (11.3.0.54) = C:\Program Files (x86)\iTunes\iTunesHelper.exe
4312 | [Owner : SISTEMA |Parent : 704] - (.Apple Inc. - iPodService Module (64-bit).) - (11.3.0.54) = C:\Program Files\iPod\bin\iPodService.exe
3532 | [Owner : User |Parent : 816] - (.Microsoft Corporation - Sink to receive asynchronous callbacks for WMI client application.) - (6.1.7600.16385) = C:\Windows\System32\wbem\unsecapp.exe
1736 | [Owner : User |Parent : 3300] - (.RAIDCALL.COM - Raidcall.) - (1.1.12943.129) = C:\Program Files\RaidCall.BR\raidcall.exe
4148 | [Owner : SISTEMA |Parent : 704] - (.Intel Corporation - Local Manageability Service.) - (8.0.0.1351) = C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
2452 | [Owner : SISTEMA |Parent : 704] - (.Intel Corporation - User Notification Service.) - (8.0.0.1351) = C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
2424 | [Owner : User |Parent : 4240] - (.Microsoft Corporation - Windows Explorer.) - (6.1.7601.17567) = C:\Windows\explorer.exe
1704 | [Owner : User |Parent : 3300] - (.Google Inc. - Google Chrome.) - (36.0.1985.125) = C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
5888 | [Owner : User |Parent : 1704] - (.Google Inc. - Google Chrome.) - (36.0.1985.125) = C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
5372 | [Owner : User |Parent : 1704] - (.Google Inc. - Google Chrome.) - (36.0.1985.125) = C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
2428 | [Owner : User |Parent : 784] - (.Microsoft Corporation - Mecanismo do Agendador de Tarefas.) - (6.1.7601.17514) = C:\Windows\System32\taskeng.exe
5132 | [Owner : SISTEMA |Parent : 704] - (.Intel(R) Corporation - Intel(R) Capability Licensing Service Interface.) - (1.23.216.0) = C:\Program Files\Intel\iCLS Client\HeciServer.exe
¤¤¤¤¤¤¤¤¤¤ | RUN
04 - HKLM\..\Run : [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
04 - HKLM64\..\Run : [NvBackend] "C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
04 - HKU\S-1-5-19\..\Run : [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
04 - HKU\S-1-5-19\..\RunOnce : [mctadmin] C:\Windows\System32\mctadmin.exe
04 - HKU\S-1-5-20\..\Run : [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
04 - HKU\S-1-5-20\..\RunOnce : [mctadmin] C:\Windows\System32\mctadmin.exe
04 - HKU\S-1-5-21-1758606025-4058047857-1023707703-1000\..\Run : [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
¤¤¤¤¤¤¤¤¤¤ | Serviços
funcionando : WINDEFEND
Serviço parado : WINDEFEND
funcionando : MMCSS
funcionando : Dhcp
Serviço parado : Dhcp
funcionando : TcpIp
funcionando : SSDPSRV
Serviço parado : SSDPSRV
funcionando : MPSSvc
Serviço parado : MPSSvc
funcionando : LanmanServer
funcionando : DNScache
Serviço parado : DNScache
¤¤¤¤¤¤¤¤¤¤ | Hosts
C:\Windows\System32\Drivers\etc\hosts : Reponha para zerar prosperamente
¤¤¤¤¤¤¤¤¤¤ | Registro
¤¤¤¤¤¤¤¤¤¤ | Offsets
¤¤¤¤¤¤¤¤¤¤ | reparsepoint
¤¤¤¤¤¤¤¤¤¤ | Arquivos
¤¤¤¤¤¤¤¤¤¤ | Shortcut_Module | g3n-h@ckm@n | 27.07.2014.1
¤¤¤¤¤ Vista | 7 | 8 | 8.1 - 32/64 bits ¤¤¤¤¤ - Start 18:47:29 - 27/07/2014
Atualizado : 27/07/2014 | 23.20 Por g3n-h@ckm@n
Contact : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Assistance : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Feedbacks : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Boot: Normal boot
[User (Administrator)] - [USER-PC] - (Brazil [0416])
SID = S-1-5-21-1758606025-4058047857-1023707703-1000
Sistema : Windows 7 Ultimate (64 bits) Ultimate Service Pack 1
Memória RAM = Total (MB) : 4177 | Livre (MB) : 2785
Pagefile = Total (MB) : 8351 | Livre (MB) : 6865
Virtual = Total (MB) : 4194 | Livre (MB) : 4027
Registro protegido, restabelecer : C:\Shortcut_Module\Save\Clean\ERDNT.exe
¤¤¤¤¤¤¤¤¤¤ | Windows atualizado
Nenhuma atualização descoberta !!!
¤¤¤¤¤¤¤¤¤¤ | Navegadores
IE : 11.0.9600.17207 (© Microsoft Corporation. Todos os direitos reservados.)
GC : 36.0.1985.125 (Copyright 2012 Google Inc. All rights reserved.)
¤¤¤¤¤¤¤¤¤¤ | Security
AV : avast! Antivirus Disabled
AS : avast! Antivirus Disabled
FW : avast! Antivirus Disabled
WMI : OK
WU: Windows Update Service [Auto(2)] = Ordem
AS: Windows Defender [Auto(2)] = Ordem
FW: Windows FireWall Service [Auto(2)] = Ordem
Colocação apagada em um modo auxiliar !
¤¤¤¤¤¤¤¤¤¤ | FlashPlayer
ActiveX : 14.0.0.125
Plugin : 14.0.0.145
¤¤¤¤¤¤¤¤¤¤ | Processos mortos
896 | [Owner : SISTEMA |Parent : 708] - (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 337.88.) - (8.17.13.3788) = C:\Windows\System32\nvvsvc.exe
920 | [Owner : SISTEMA |Parent : 708] - (.NVIDIA Corporation - Stereo Vision Control Panel API Server.) - (7.17.13.3788) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
1448 | [Owner : SISTEMA |Parent : 708] - (.Microsoft Corporation - Aplicativo de subsistema de spooler.) - (6.1.7601.17777) = C:\Windows\System32\spoolsv.exe
1548 | [Owner : SISTEMA |Parent : 896] - (.NVIDIA Corporation - NVIDIA User Experience Driver Component.) - (8.17.13.3788) = C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
1580 | [Owner : SISTEMA |Parent : 896] - (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 337.88.) - (8.17.13.3788) = C:\Windows\System32\nvvsvc.exe
1744 | [Owner : User |Parent : 708] - (.Microsoft Corporation - Processo de Host para Tarefas do Windows.) - (6.1.7601.18010) = C:\Windows\System32\taskhost.exe
1872 | [Owner : SISTEMA |Parent : 720] - (.Microsoft Corporation - Mecanismo do Agendador de Tarefas.) - (6.1.7601.17514) = C:\Windows\System32\taskeng.exe
1964 | [Owner : SISTEMA |Parent : 708] - (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) - (1.7.0.0) = C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
2016 | [Owner : User |Parent : 1756] - (.Microsoft Corporation - Windows Explorer.) - (6.1.7601.17567) = C:\Windows\explorer.exe
1288 | [Owner : User |Parent : 720] - (.Microsoft Corporation - Mecanismo do Agendador de Tarefas.) - (6.1.7601.17514) = C:\Windows\System32\taskeng.exe
2528 | [Owner : User |Parent : 2016] - (.NVIDIA Corporation - NVIDIA GeForce Experience Backend.) - (14.6.22.1) = C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
2812 | [Owner : User |Parent : 1548] - (.NVIDIA Corporation - NVIDIA Settings.) - (7.17.13.3788) = C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
2868 | [Owner : User |Parent : 2016] - (.Realtek Semiconductor - Gerenciador de áudio HD Realtek.) - (1.0.0.919) = C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
2876 | [Owner : User |Parent : 2016] - (.Skype Technologies S.A. - Skype .) - (6.16.0.105) = C:\Program Files (x86)\Skype\Phone\Skype.exe
2888 | [Owner : User |Parent : 2016] - (. - .) - (0.0.0.0) = C:\Program Files (x86)\RocketDock\RocketDock.exe
3056 | [Owner : User |Parent : 2976] - (.Razer Inc. - Razer Synapse.) - (1.18.15.20888) = C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe
2176 | [Owner : User |Parent : 2976] - (.Apple Inc. - iTunesHelper.) - (11.3.0.54) = C:\Program Files (x86)\iTunes\iTunesHelper.exe
2800 | [Owner : SISTEMA |Parent : 708] - (.Apple Inc. - Bonjour Service.) - (3.0.0.10) = C:\Program Files\Bonjour\mDNSResponder.exe
2672 | [Owner : SISTEMA |Parent : 708] - (.Intel(R) Corporation - Intel(R) Capability Licensing Service Interface.) - (1.23.216.0) = C:\Program Files\Intel\iCLS Client\HeciServer.exe
3088 | [Owner : SISTEMA |Parent : 708] - (.LogMeIn, Inc. - LMIGuardianSvc.) - (10.1.0.1664) = C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
3168 | [Owner : SISTEMA |Parent : 708] - (.NVIDIA Corporation - NVIDIA Network Service.) - (1.0.5.16) = C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
3212 | [Owner : SISTEMA |Parent : 708] - (.NVIDIA Corporation - NVIDIA Streamer Service.) - (2.1.214.0) = C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
3312 | [Owner : SISTEMA |Parent : 708] - (.A-Volute - Maelstrom VAD Streaming Service.) - (1.1.58.1854) = C:\ProgramData\Razer\Synapse\Devices\Razer Surround\Driver\RzMaelstromVADStreamingService.exe
3520 | [Owner : SISTEMA |Parent : 708] - (.TeamViewer GmbH - TeamViewer 9.) - (9.0.29947.0) = C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
3592 | [Owner : SISTEMA |Parent : 708] - (.LogMeIn Inc. - Hamachi Client Tunneling Engine.) - (2.2.0.227) = C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
3924 | [Owner : User |Parent : 820] - (.Microsoft Corporation - Sink to receive asynchronous callbacks for WMI client application.) - (6.1.7600.16385) = C:\Windows\System32\wbem\unsecapp.exe
1616 | [Owner : SERVIÇO DE REDE |Parent : 3212] - (.NVIDIA Corporation - NVIDIA Streamer Service.) - (2.1.214.0) = C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
3456 | [Owner : SISTEMA |Parent : 3212] - (.NVIDIA Corporation - NVIDIA Streamer Service.) - (2.1.214.0) = C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
1708 | [Owner : SISTEMA |Parent : 708] - (.Apple Inc. - iPodService Module (64-bit).) - (11.3.0.54) = C:\Program Files\iPod\bin\iPodService.exe
4176 | [Owner : SISTEMA |Parent : 708] - (.Microsoft Corporation - Indexador do Microsoft Windows Search.) - (7.0.7601.17610) = C:\Windows\System32\SearchIndexer.exe
4940 | [Owner : SERVIÇO DE REDE |Parent : 708] - (.Microsoft Corporation - Serviço de Compartilhamento de Rede do Windows Media Player.) - (12.0.7601.17514) = C:\Program Files\Windows Media Player\wmpnetwk.exe
5640 | [Owner : SISTEMA |Parent : 708] - (.Intel Corporation - Local Manageability Service.) - (8.0.0.1351) = C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
5564 | [Owner : SERVIÇO DE REDE |Parent : 708] - (.Microsoft Corporation - Serviço da Plataforma de Proteção de Software da Microsoft.) - (6.1.7601.17514) = C:\Windows\System32\sppsvc.exe
5328 | [Owner : SISTEMA |Parent : 708] - (.Intel Corporation - User Notification Service.) - (8.0.0.1351) = C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
3804 | [Owner : User |Parent : 4176] - (.Microsoft Corporation - Microsoft Windows Search Protocol Host.) - (7.0.7601.17610) = C:\Windows\System32\SearchProtocolHost.exe
4368 | [Owner : SISTEMA |Parent : 4176] - (.Microsoft Corporation - Microsoft Windows Search Filter Host.) - (7.0.7601.17610) = C:\Windows\System32\SearchFilterHost.exe
5476 | [Owner : SISTEMA |Parent : 708] - (.Intel(R) Corporation - Intel(R) Capability Licensing Service Interface.) - (1.23.216.0) = C:\Program Files\Intel\iCLS Client\HeciServer.exe
¤¤¤¤¤¤¤¤¤¤ | RUN
04 - HKLM\..\Run : [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
04 - HKLM64\..\Run : [NvBackend] "C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
04 - HKU\S-1-5-19\..\Run : [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
04 - HKU\S-1-5-19\..\RunOnce : [mctadmin] C:\Windows\System32\mctadmin.exe
04 - HKU\S-1-5-20\..\Run : [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
04 - HKU\S-1-5-20\..\RunOnce : [mctadmin] C:\Windows\System32\mctadmin.exe
04 - HKU\S-1-5-21-1758606025-4058047857-1023707703-1000\..\Run : [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
¤¤¤¤¤¤¤¤¤¤ | Serviços
funcionando : WINDEFEND
Serviço parado : WINDEFEND
funcionando : MMCSS
funcionando : Dhcp
funcionando : TcpIp
funcionando : WinHttpAutoProxysvc
Serviço parado : WinHttpAutoProxysvc
funcionando : SSDPSRV
Serviço parado : SSDPSRV
funcionando : MPSSvc
Serviço parado : MPSSvc
funcionando : LanmanServer
funcionando : DNScache
Serviço parado : DNScache
¤¤¤¤¤¤¤¤¤¤ | Hosts
C:\Windows\System32\Drivers\etc\hosts : Reponha para zerar prosperamente
¤¤¤¤¤¤¤¤¤¤ | Registro
¤¤¤¤¤¤¤¤¤¤ | Offsets
¤¤¤¤¤¤¤¤¤¤ | reparsepoint
¤¤¤¤¤¤¤¤¤¤ | Arquivos
¤¤¤¤¤¤¤¤¤¤ | Shortcut_Module | g3n-h@ckm@n | 27.07.2014.1
¤¤¤¤¤ Vista | 7 | 8 | 8.1 - 32/64 bits ¤¤¤¤¤ - Start 19:12:56 - 27/07/2014
Atualizado : 27/07/2014 | 23.20 Por g3n-h@ckm@n
Contact : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Assistance : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Feedbacks : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Boot: Normal boot
[User (Administrator)] - [USER-PC] - ( [0416])
SID = S-1-5-21-1758606025-4058047857-1023707703-1000
Sistema : Windows 7 Ultimate (64 bits) Ultimate Service Pack 1
Memória RAM = Total (MB) : 4177 | Livre (MB) : 2712
Pagefile = Total (MB) : 8351 | Livre (MB) : 6776
Virtual = Total (MB) : 4194 | Livre (MB) : 4022
Registro protegido, restabelecer : C:\Shortcut_Module\Save\Clean\ERDNT.exe
¤¤¤¤¤¤¤¤¤¤ | Windows atualizado
Nenhuma atualização descoberta !!!
¤¤¤¤¤¤¤¤¤¤ | Navegadores
IE : 11.0.9600.17207 (© Microsoft Corporation. Todos os direitos reservados.)
GC : 36.0.1985.125 (Copyright 2012 Google Inc. All rights reserved.)
¤¤¤¤¤¤¤¤¤¤ | Security
AV : avast! Antivirus Disabled
AS : avast! Antivirus Disabled
FW : avast! Antivirus Disabled
WMI : OK
WU: Windows Update Service [Auto(2)] = Ordem
AS: Windows Defender [Auto(2)] = Ordem
FW: Windows FireWall Service [Auto(2)] = Ordem
Colocação apagada em um modo auxiliar !
¤¤¤¤¤¤¤¤¤¤ | FlashPlayer
ActiveX : 14.0.0.125
Plugin : 14.0.0.145
¤¤¤¤¤¤¤¤¤¤ | Processos mortos
896 | [Owner : SISTEMA |Parent : 712] - (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 337.88.) - (8.17.13.3788) = C:\Windows\System32\nvvsvc.exe
920 | [Owner : SISTEMA |Parent : 712] - (.NVIDIA Corporation - Stereo Vision Control Panel API Server.) - (7.17.13.3788) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
1444 | [Owner : SISTEMA |Parent : 712] - (.Microsoft Corporation - Aplicativo de subsistema de spooler.) - (6.1.7601.17777) = C:\Windows\System32\spoolsv.exe
1572 | [Owner : SISTEMA |Parent : 896] - (.NVIDIA Corporation - NVIDIA User Experience Driver Component.) - (8.17.13.3788) = C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
1580 | [Owner : SISTEMA |Parent : 896] - (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 337.88.) - (8.17.13.3788) = C:\Windows\System32\nvvsvc.exe
1740 | [Owner : User |Parent : 712] - (.Microsoft Corporation - Processo de Host para Tarefas do Windows.) - (6.1.7601.18010) = C:\Windows\System32\taskhost.exe
1924 | [Owner : SISTEMA |Parent : 724] - (.Microsoft Corporation - Mecanismo do Agendador de Tarefas.) - (6.1.7601.17514) = C:\Windows\System32\taskeng.exe
2000 | [Owner : SISTEMA |Parent : 712] - (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) - (1.7.0.0) = C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
2008 | [Owner : User |Parent : 1764] - (.Microsoft Corporation - Windows Explorer.) - (6.1.7601.17567) = C:\Windows\explorer.exe
1084 | [Owner : SISTEMA |Parent : 712] - (.Apple Inc. - YSLoader.exe.) - (17.327.4.35) = C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
1736 | [Owner : User |Parent : 724] - (.Microsoft Corporation - Mecanismo do Agendador de Tarefas.) - (6.1.7601.17514) = C:\Windows\System32\taskeng.exe
2052 | [Owner : User |Parent : 1736] - (.RAIDCALL.COM - Raidcall.) - (1.1.12943.129) = C:\Program Files\RaidCall.BR\raidcall.exe
2288 | [Owner : SISTEMA |Parent : 712] - (.Apple Inc. - Bonjour Service.) - (3.0.0.10) = C:\Program Files\Bonjour\mDNSResponder.exe
2344 | [Owner : SISTEMA |Parent : 712] - (.Intel(R) Corporation - Intel(R) Capability Licensing Service Interface.) - (1.23.216.0) = C:\Program Files\Intel\iCLS Client\HeciServer.exe
2396 | [Owner : SISTEMA |Parent : 712] - (.LogMeIn, Inc. - LMIGuardianSvc.) - (10.1.0.1664) = C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
2428 | [Owner : SISTEMA |Parent : 712] - (.NVIDIA Corporation - NVIDIA Network Service.) - (1.0.5.16) = C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
2476 | [Owner : SISTEMA |Parent : 712] - (.NVIDIA Corporation - NVIDIA Streamer Service.) - (2.1.214.0) = C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
2548 | [Owner : SISTEMA |Parent : 712] - (.A-Volute - Maelstrom VAD Streaming Service.) - (1.1.58.1854) = C:\ProgramData\Razer\Synapse\Devices\Razer Surround\Driver\RzMaelstromVADStreamingService.exe
2704 | [Owner : SISTEMA |Parent : 712] - (.TeamViewer GmbH - TeamViewer 9.) - (9.0.29947.0) = C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
2804 | [Owner : User |Parent : 2008] - (.NVIDIA Corporation - NVIDIA GeForce Experience Backend.) - (14.6.22.1) = C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
2844 | [Owner : User |Parent : 2008] - (.Realtek Semiconductor - Gerenciador de áudio HD Realtek.) - (1.0.0.919) = C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
3008 | [Owner : User |Parent : 2008] - (.Skype Technologies S.A. - Skype .) - (6.16.0.105) = C:\Program Files (x86)\Skype\Phone\Skype.exe
1768 | [Owner : User |Parent : 2008] - (. - .) - (0.0.0.0) = C:\Program Files (x86)\RocketDock\RocketDock.exe
2824 | [Owner : User |Parent : 1572] - (.NVIDIA Corporation - NVIDIA Settings.) - (7.17.13.3788) = C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
3312 | [Owner : User |Parent : 2652] - (.Razer Inc. - Razer Synapse.) - (1.18.15.20888) = C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe
3336 | [Owner : User |Parent : 2652] - (.Apple Inc. - iTunesHelper.) - (11.3.0.54) = C:\Program Files (x86)\iTunes\iTunesHelper.exe
3640 | [Owner : User |Parent : 820] - (.Microsoft Corporation - Sink to receive asynchronous callbacks for WMI client application.) - (6.1.7600.16385) = C:\Windows\System32\wbem\unsecapp.exe
3436 | [Owner : SERVIÇO DE REDE |Parent : 2476] - (.NVIDIA Corporation - NVIDIA Streamer Service.) - (2.1.214.0) = C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
2060 | [Owner : SISTEMA |Parent : 712] - (.Apple Inc. - iPodService Module (64-bit).) - (11.3.0.54) = C:\Program Files\iPod\bin\iPodService.exe
316 | [Owner : SISTEMA |Parent : 712] - (.Microsoft Corporation - Indexador do Microsoft Windows Search.) - (7.0.7601.17610) = C:\Windows\System32\SearchIndexer.exe
5044 | [Owner : SERVIÇO DE REDE |Parent : 712] - (.Microsoft Corporation - Serviço de Compartilhamento de Rede do Windows Media Player.) - (12.0.7601.17514) = C:\Program Files\Windows Media Player\wmpnetwk.exe
5532 | [Owner : SISTEMA |Parent : 712] - (.Intel Corporation - Local Manageability Service.) - (8.0.0.1351) = C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
5556 | [Owner : SERVIÇO DE REDE |Parent : 712] - (.Microsoft Corporation - Serviço da Plataforma de Proteção de Software da Microsoft.) - (6.1.7601.17514) = C:\Windows\System32\sppsvc.exe
5744 | [Owner : SISTEMA |Parent : 712] - (.Intel Corporation - User Notification Service.) - (8.0.0.1351) = C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
¤¤¤¤¤¤¤¤¤¤ | RUN
04 - HKLM\..\Run : [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
04 - HKLM64\..\Run : [NvBackend] "C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
04 - HKU\S-1-5-19\..\Run : [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
04 - HKU\S-1-5-19\..\RunOnce : [mctadmin] C:\Windows\System32\mctadmin.exe
04 - HKU\S-1-5-20\..\Run : [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
04 - HKU\S-1-5-20\..\RunOnce : [mctadmin] C:\Windows\System32\mctadmin.exe
04 - HKU\S-1-5-21-1758606025-4058047857-1023707703-1000\..\Run : [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
¤¤¤¤¤¤¤¤¤¤ | Serviços
funcionando : WINDEFEND
Serviço parado : WINDEFEND
funcionando : MMCSS
funcionando : Dhcp
funcionando : TcpIp
funcionando : WinHttpAutoProxysvc
Serviço parado : WinHttpAutoProxysvc
funcionando : SSDPSRV
Serviço parado : SSDPSRV
funcionando : MPSSvc
Serviço parado : MPSSvc
funcionando : LanmanServer
funcionando : DNScache
Serviço parado : DNScache
¤¤¤¤¤¤¤¤¤¤ | Hosts
C:\Windows\System32\Drivers\etc\hosts : Reponha para zerar prosperamente
¤¤¤¤¤¤¤¤¤¤ | Registro
¤¤¤¤¤¤¤¤¤¤ | Offsets
¤¤¤¤¤¤¤¤¤¤ | reparsepoint
¤¤¤¤¤¤¤¤¤¤ | Arquivos
---------------------------------------------------------
Esta dando esse erro:
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
¤¤¤¤¤ Vista | 7 | 8 | 8.1 - 32/64 bits ¤¤¤¤¤ - Start 18:33:59 - 27/07/2014
Atualizado : 27/07/2014 | 23.20 Por g3n-h@ckm@n
Contact : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Assistance : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Feedbacks : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Boot: Normal boot
[User (Administrator)] - [USER-PC] - ( [0416])
SID = S-1-5-21-1758606025-4058047857-1023707703-1000
Sistema : Windows 7 Ultimate (64 bits) Ultimate Service Pack 1
Memória RAM = Total (MB) : 4177 | Livre (MB) : 2344
Pagefile = Total (MB) : 8351 | Livre (MB) : 6214
Virtual = Total (MB) : 4194 | Livre (MB) : 4027
Registro protegido, restabelecer : C:\Shortcut_Module\Save\Clean\ERDNT.exe
¤¤¤¤¤¤¤¤¤¤ | Windows atualizado
Nenhuma atualização descoberta !!!
¤¤¤¤¤¤¤¤¤¤ | Navegadores
IE : 11.0.9600.17207 (© Microsoft Corporation. Todos os direitos reservados.)
GC : 36.0.1985.125 (Copyright 2012 Google Inc. All rights reserved.)
¤¤¤¤¤¤¤¤¤¤ | Security
AV : avast! Antivirus Disabled
AS : avast! Antivirus Disabled
FW : avast! Antivirus Disabled
WMI : OK
WU: Windows Update Service [Auto(2)] = Ordem
AS: Windows Defender [Auto(2)] = Ordem
FW: Windows FireWall Service [Auto(2)] = Ordem
Colocação apagada em um modo auxiliar !
¤¤¤¤¤¤¤¤¤¤ | FlashPlayer
ActiveX : 14.0.0.125
Plugin : 14.0.0.145
¤¤¤¤¤¤¤¤¤¤ | Processos mortos
892 | [Owner : SISTEMA |Parent : 704] - (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 337.88.) - (8.17.13.3788) = C:\Windows\System32\nvvsvc.exe
916 | [Owner : SISTEMA |Parent : 704] - (.NVIDIA Corporation - Stereo Vision Control Panel API Server.) - (7.17.13.3788) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
1404 | [Owner : SISTEMA |Parent : 704] - (.Microsoft Corporation - Aplicativo de subsistema de spooler.) - (6.1.7601.17777) = C:\Windows\System32\spoolsv.exe
1532 | [Owner : SISTEMA |Parent : 892] - (.NVIDIA Corporation - NVIDIA User Experience Driver Component.) - (8.17.13.3788) = C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
1544 | [Owner : SISTEMA |Parent : 892] - (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 337.88.) - (8.17.13.3788) = C:\Windows\System32\nvvsvc.exe
1740 | [Owner : User |Parent : 704] - (.Microsoft Corporation - Processo de Host para Tarefas do Windows.) - (6.1.7601.18010) = C:\Windows\System32\taskhost.exe
1996 | [Owner : SISTEMA |Parent : 704] - (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) - (1.7.0.0) = C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
1028 | [Owner : SISTEMA |Parent : 704] - (.Apple Inc. - YSLoader.exe.) - (17.327.4.35) = C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
2320 | [Owner : SISTEMA |Parent : 704] - (.Apple Inc. - Bonjour Service.) - (3.0.0.10) = C:\Program Files\Bonjour\mDNSResponder.exe
2380 | [Owner : SISTEMA |Parent : 704] - (.Intel(R) Corporation - Intel(R) Capability Licensing Service Interface.) - (1.23.216.0) = C:\Program Files\Intel\iCLS Client\HeciServer.exe
2464 | [Owner : SISTEMA |Parent : 704] - (.LogMeIn, Inc. - LMIGuardianSvc.) - (10.1.0.1664) = C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
2496 | [Owner : SISTEMA |Parent : 704] - (.NVIDIA Corporation - NVIDIA Network Service.) - (1.0.5.16) = C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
2532 | [Owner : SISTEMA |Parent : 704] - (.NVIDIA Corporation - NVIDIA Streamer Service.) - (2.1.214.0) = C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
2600 | [Owner : SISTEMA |Parent : 704] - (.A-Volute - Maelstrom VAD Streaming Service.) - (1.1.58.1854) = C:\ProgramData\Razer\Synapse\Devices\Razer Surround\Driver\RzMaelstromVADStreamingService.exe
2784 | [Owner : SISTEMA |Parent : 704] - (.TeamViewer GmbH - TeamViewer 9.) - (9.0.29947.0) = C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
2800 | [Owner : User |Parent : 2016] - (.NVIDIA Corporation - NVIDIA GeForce Experience Backend.) - (14.6.22.1) = C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
2864 | [Owner : SISTEMA |Parent : 704] - (.LogMeIn Inc. - Hamachi Client Tunneling Engine.) - (2.2.0.227) = C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
2884 | [Owner : User |Parent : 2016] - (.Realtek Semiconductor - Gerenciador de áudio HD Realtek.) - (1.0.0.919) = C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
2140 | [Owner : User |Parent : 2016] - (.Skype Technologies S.A. - Skype .) - (6.16.0.105) = C:\Program Files (x86)\Skype\Phone\Skype.exe
3064 | [Owner : User |Parent : 2864] - (.LogMeIn Inc. - Hamachi Client Application.) - (2.2.0.227) = C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
3300 | [Owner : User |Parent : 2016] - (. - .) - (0.0.0.0) = C:\Program Files (x86)\RocketDock\RocketDock.exe
3484 | [Owner : User |Parent : 1532] - (.NVIDIA Corporation - NVIDIA Settings.) - (7.17.13.3788) = C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
3732 | [Owner : SERVIÇO DE REDE |Parent : 2532] - (.NVIDIA Corporation - NVIDIA Streamer Service.) - (2.1.214.0) = C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
3748 | [Owner : SISTEMA |Parent : 2532] - (.NVIDIA Corporation - NVIDIA Streamer Service.) - (2.1.214.0) = C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
3792 | [Owner : SISTEMA |Parent : 704] - (.Microsoft Corporation - Indexador do Microsoft Windows Search.) - (7.0.7601.17610) = C:\Windows\System32\SearchIndexer.exe
3100 | [Owner : SERVIÇO DE REDE |Parent : 704] - (.Microsoft Corporation - Serviço de Compartilhamento de Rede do Windows Media Player.) - (12.0.7601.17514) = C:\Program Files\Windows Media Player\wmpnetwk.exe
4548 | [Owner : User |Parent : 3532] - (.Razer Inc. - Razer Synapse.) - (1.18.15.20888) = C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe
4980 | [Owner : User |Parent : 3532] - (.Apple Inc. - iTunesHelper.) - (11.3.0.54) = C:\Program Files (x86)\iTunes\iTunesHelper.exe
4312 | [Owner : SISTEMA |Parent : 704] - (.Apple Inc. - iPodService Module (64-bit).) - (11.3.0.54) = C:\Program Files\iPod\bin\iPodService.exe
3532 | [Owner : User |Parent : 816] - (.Microsoft Corporation - Sink to receive asynchronous callbacks for WMI client application.) - (6.1.7600.16385) = C:\Windows\System32\wbem\unsecapp.exe
1736 | [Owner : User |Parent : 3300] - (.RAIDCALL.COM - Raidcall.) - (1.1.12943.129) = C:\Program Files\RaidCall.BR\raidcall.exe
4148 | [Owner : SISTEMA |Parent : 704] - (.Intel Corporation - Local Manageability Service.) - (8.0.0.1351) = C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
2452 | [Owner : SISTEMA |Parent : 704] - (.Intel Corporation - User Notification Service.) - (8.0.0.1351) = C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
2424 | [Owner : User |Parent : 4240] - (.Microsoft Corporation - Windows Explorer.) - (6.1.7601.17567) = C:\Windows\explorer.exe
1704 | [Owner : User |Parent : 3300] - (.Google Inc. - Google Chrome.) - (36.0.1985.125) = C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
5888 | [Owner : User |Parent : 1704] - (.Google Inc. - Google Chrome.) - (36.0.1985.125) = C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
5372 | [Owner : User |Parent : 1704] - (.Google Inc. - Google Chrome.) - (36.0.1985.125) = C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
2428 | [Owner : User |Parent : 784] - (.Microsoft Corporation - Mecanismo do Agendador de Tarefas.) - (6.1.7601.17514) = C:\Windows\System32\taskeng.exe
5132 | [Owner : SISTEMA |Parent : 704] - (.Intel(R) Corporation - Intel(R) Capability Licensing Service Interface.) - (1.23.216.0) = C:\Program Files\Intel\iCLS Client\HeciServer.exe
¤¤¤¤¤¤¤¤¤¤ | RUN
04 - HKLM\..\Run : [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
04 - HKLM64\..\Run : [NvBackend] "C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
04 - HKU\S-1-5-19\..\Run : [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
04 - HKU\S-1-5-19\..\RunOnce : [mctadmin] C:\Windows\System32\mctadmin.exe
04 - HKU\S-1-5-20\..\Run : [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
04 - HKU\S-1-5-20\..\RunOnce : [mctadmin] C:\Windows\System32\mctadmin.exe
04 - HKU\S-1-5-21-1758606025-4058047857-1023707703-1000\..\Run : [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
¤¤¤¤¤¤¤¤¤¤ | Serviços
funcionando : WINDEFEND
Serviço parado : WINDEFEND
funcionando : MMCSS
funcionando : Dhcp
Serviço parado : Dhcp
funcionando : TcpIp
funcionando : SSDPSRV
Serviço parado : SSDPSRV
funcionando : MPSSvc
Serviço parado : MPSSvc
funcionando : LanmanServer
funcionando : DNScache
Serviço parado : DNScache
¤¤¤¤¤¤¤¤¤¤ | Hosts
C:\Windows\System32\Drivers\etc\hosts : Reponha para zerar prosperamente
¤¤¤¤¤¤¤¤¤¤ | Registro
¤¤¤¤¤¤¤¤¤¤ | Offsets
¤¤¤¤¤¤¤¤¤¤ | reparsepoint
¤¤¤¤¤¤¤¤¤¤ | Arquivos
¤¤¤¤¤¤¤¤¤¤ | Shortcut_Module | g3n-h@ckm@n | 27.07.2014.1
¤¤¤¤¤ Vista | 7 | 8 | 8.1 - 32/64 bits ¤¤¤¤¤ - Start 18:47:29 - 27/07/2014
Atualizado : 27/07/2014 | 23.20 Por g3n-h@ckm@n
Contact : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Assistance : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Feedbacks : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Boot: Normal boot
[User (Administrator)] - [USER-PC] - (Brazil [0416])
SID = S-1-5-21-1758606025-4058047857-1023707703-1000
Sistema : Windows 7 Ultimate (64 bits) Ultimate Service Pack 1
Memória RAM = Total (MB) : 4177 | Livre (MB) : 2785
Pagefile = Total (MB) : 8351 | Livre (MB) : 6865
Virtual = Total (MB) : 4194 | Livre (MB) : 4027
Registro protegido, restabelecer : C:\Shortcut_Module\Save\Clean\ERDNT.exe
¤¤¤¤¤¤¤¤¤¤ | Windows atualizado
Nenhuma atualização descoberta !!!
¤¤¤¤¤¤¤¤¤¤ | Navegadores
IE : 11.0.9600.17207 (© Microsoft Corporation. Todos os direitos reservados.)
GC : 36.0.1985.125 (Copyright 2012 Google Inc. All rights reserved.)
¤¤¤¤¤¤¤¤¤¤ | Security
AV : avast! Antivirus Disabled
AS : avast! Antivirus Disabled
FW : avast! Antivirus Disabled
WMI : OK
WU: Windows Update Service [Auto(2)] = Ordem
AS: Windows Defender [Auto(2)] = Ordem
FW: Windows FireWall Service [Auto(2)] = Ordem
Colocação apagada em um modo auxiliar !
¤¤¤¤¤¤¤¤¤¤ | FlashPlayer
ActiveX : 14.0.0.125
Plugin : 14.0.0.145
¤¤¤¤¤¤¤¤¤¤ | Processos mortos
896 | [Owner : SISTEMA |Parent : 708] - (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 337.88.) - (8.17.13.3788) = C:\Windows\System32\nvvsvc.exe
920 | [Owner : SISTEMA |Parent : 708] - (.NVIDIA Corporation - Stereo Vision Control Panel API Server.) - (7.17.13.3788) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
1448 | [Owner : SISTEMA |Parent : 708] - (.Microsoft Corporation - Aplicativo de subsistema de spooler.) - (6.1.7601.17777) = C:\Windows\System32\spoolsv.exe
1548 | [Owner : SISTEMA |Parent : 896] - (.NVIDIA Corporation - NVIDIA User Experience Driver Component.) - (8.17.13.3788) = C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
1580 | [Owner : SISTEMA |Parent : 896] - (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 337.88.) - (8.17.13.3788) = C:\Windows\System32\nvvsvc.exe
1744 | [Owner : User |Parent : 708] - (.Microsoft Corporation - Processo de Host para Tarefas do Windows.) - (6.1.7601.18010) = C:\Windows\System32\taskhost.exe
1872 | [Owner : SISTEMA |Parent : 720] - (.Microsoft Corporation - Mecanismo do Agendador de Tarefas.) - (6.1.7601.17514) = C:\Windows\System32\taskeng.exe
1964 | [Owner : SISTEMA |Parent : 708] - (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) - (1.7.0.0) = C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
2016 | [Owner : User |Parent : 1756] - (.Microsoft Corporation - Windows Explorer.) - (6.1.7601.17567) = C:\Windows\explorer.exe
1288 | [Owner : User |Parent : 720] - (.Microsoft Corporation - Mecanismo do Agendador de Tarefas.) - (6.1.7601.17514) = C:\Windows\System32\taskeng.exe
2528 | [Owner : User |Parent : 2016] - (.NVIDIA Corporation - NVIDIA GeForce Experience Backend.) - (14.6.22.1) = C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
2812 | [Owner : User |Parent : 1548] - (.NVIDIA Corporation - NVIDIA Settings.) - (7.17.13.3788) = C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
2868 | [Owner : User |Parent : 2016] - (.Realtek Semiconductor - Gerenciador de áudio HD Realtek.) - (1.0.0.919) = C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
2876 | [Owner : User |Parent : 2016] - (.Skype Technologies S.A. - Skype .) - (6.16.0.105) = C:\Program Files (x86)\Skype\Phone\Skype.exe
2888 | [Owner : User |Parent : 2016] - (. - .) - (0.0.0.0) = C:\Program Files (x86)\RocketDock\RocketDock.exe
3056 | [Owner : User |Parent : 2976] - (.Razer Inc. - Razer Synapse.) - (1.18.15.20888) = C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe
2176 | [Owner : User |Parent : 2976] - (.Apple Inc. - iTunesHelper.) - (11.3.0.54) = C:\Program Files (x86)\iTunes\iTunesHelper.exe
2800 | [Owner : SISTEMA |Parent : 708] - (.Apple Inc. - Bonjour Service.) - (3.0.0.10) = C:\Program Files\Bonjour\mDNSResponder.exe
2672 | [Owner : SISTEMA |Parent : 708] - (.Intel(R) Corporation - Intel(R) Capability Licensing Service Interface.) - (1.23.216.0) = C:\Program Files\Intel\iCLS Client\HeciServer.exe
3088 | [Owner : SISTEMA |Parent : 708] - (.LogMeIn, Inc. - LMIGuardianSvc.) - (10.1.0.1664) = C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
3168 | [Owner : SISTEMA |Parent : 708] - (.NVIDIA Corporation - NVIDIA Network Service.) - (1.0.5.16) = C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
3212 | [Owner : SISTEMA |Parent : 708] - (.NVIDIA Corporation - NVIDIA Streamer Service.) - (2.1.214.0) = C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
3312 | [Owner : SISTEMA |Parent : 708] - (.A-Volute - Maelstrom VAD Streaming Service.) - (1.1.58.1854) = C:\ProgramData\Razer\Synapse\Devices\Razer Surround\Driver\RzMaelstromVADStreamingService.exe
3520 | [Owner : SISTEMA |Parent : 708] - (.TeamViewer GmbH - TeamViewer 9.) - (9.0.29947.0) = C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
3592 | [Owner : SISTEMA |Parent : 708] - (.LogMeIn Inc. - Hamachi Client Tunneling Engine.) - (2.2.0.227) = C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
3924 | [Owner : User |Parent : 820] - (.Microsoft Corporation - Sink to receive asynchronous callbacks for WMI client application.) - (6.1.7600.16385) = C:\Windows\System32\wbem\unsecapp.exe
1616 | [Owner : SERVIÇO DE REDE |Parent : 3212] - (.NVIDIA Corporation - NVIDIA Streamer Service.) - (2.1.214.0) = C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
3456 | [Owner : SISTEMA |Parent : 3212] - (.NVIDIA Corporation - NVIDIA Streamer Service.) - (2.1.214.0) = C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
1708 | [Owner : SISTEMA |Parent : 708] - (.Apple Inc. - iPodService Module (64-bit).) - (11.3.0.54) = C:\Program Files\iPod\bin\iPodService.exe
4176 | [Owner : SISTEMA |Parent : 708] - (.Microsoft Corporation - Indexador do Microsoft Windows Search.) - (7.0.7601.17610) = C:\Windows\System32\SearchIndexer.exe
4940 | [Owner : SERVIÇO DE REDE |Parent : 708] - (.Microsoft Corporation - Serviço de Compartilhamento de Rede do Windows Media Player.) - (12.0.7601.17514) = C:\Program Files\Windows Media Player\wmpnetwk.exe
5640 | [Owner : SISTEMA |Parent : 708] - (.Intel Corporation - Local Manageability Service.) - (8.0.0.1351) = C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
5564 | [Owner : SERVIÇO DE REDE |Parent : 708] - (.Microsoft Corporation - Serviço da Plataforma de Proteção de Software da Microsoft.) - (6.1.7601.17514) = C:\Windows\System32\sppsvc.exe
5328 | [Owner : SISTEMA |Parent : 708] - (.Intel Corporation - User Notification Service.) - (8.0.0.1351) = C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
3804 | [Owner : User |Parent : 4176] - (.Microsoft Corporation - Microsoft Windows Search Protocol Host.) - (7.0.7601.17610) = C:\Windows\System32\SearchProtocolHost.exe
4368 | [Owner : SISTEMA |Parent : 4176] - (.Microsoft Corporation - Microsoft Windows Search Filter Host.) - (7.0.7601.17610) = C:\Windows\System32\SearchFilterHost.exe
5476 | [Owner : SISTEMA |Parent : 708] - (.Intel(R) Corporation - Intel(R) Capability Licensing Service Interface.) - (1.23.216.0) = C:\Program Files\Intel\iCLS Client\HeciServer.exe
¤¤¤¤¤¤¤¤¤¤ | RUN
04 - HKLM\..\Run : [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
04 - HKLM64\..\Run : [NvBackend] "C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
04 - HKU\S-1-5-19\..\Run : [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
04 - HKU\S-1-5-19\..\RunOnce : [mctadmin] C:\Windows\System32\mctadmin.exe
04 - HKU\S-1-5-20\..\Run : [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
04 - HKU\S-1-5-20\..\RunOnce : [mctadmin] C:\Windows\System32\mctadmin.exe
04 - HKU\S-1-5-21-1758606025-4058047857-1023707703-1000\..\Run : [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
¤¤¤¤¤¤¤¤¤¤ | Serviços
funcionando : WINDEFEND
Serviço parado : WINDEFEND
funcionando : MMCSS
funcionando : Dhcp
funcionando : TcpIp
funcionando : WinHttpAutoProxysvc
Serviço parado : WinHttpAutoProxysvc
funcionando : SSDPSRV
Serviço parado : SSDPSRV
funcionando : MPSSvc
Serviço parado : MPSSvc
funcionando : LanmanServer
funcionando : DNScache
Serviço parado : DNScache
¤¤¤¤¤¤¤¤¤¤ | Hosts
C:\Windows\System32\Drivers\etc\hosts : Reponha para zerar prosperamente
¤¤¤¤¤¤¤¤¤¤ | Registro
¤¤¤¤¤¤¤¤¤¤ | Offsets
¤¤¤¤¤¤¤¤¤¤ | reparsepoint
¤¤¤¤¤¤¤¤¤¤ | Arquivos
¤¤¤¤¤¤¤¤¤¤ | Shortcut_Module | g3n-h@ckm@n | 27.07.2014.1
¤¤¤¤¤ Vista | 7 | 8 | 8.1 - 32/64 bits ¤¤¤¤¤ - Start 19:12:56 - 27/07/2014
Atualizado : 27/07/2014 | 23.20 Por g3n-h@ckm@n
Contact : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Assistance : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Feedbacks : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Boot: Normal boot
[User (Administrator)] - [USER-PC] - ( [0416])
SID = S-1-5-21-1758606025-4058047857-1023707703-1000
Sistema : Windows 7 Ultimate (64 bits) Ultimate Service Pack 1
Memória RAM = Total (MB) : 4177 | Livre (MB) : 2712
Pagefile = Total (MB) : 8351 | Livre (MB) : 6776
Virtual = Total (MB) : 4194 | Livre (MB) : 4022
Registro protegido, restabelecer : C:\Shortcut_Module\Save\Clean\ERDNT.exe
¤¤¤¤¤¤¤¤¤¤ | Windows atualizado
Nenhuma atualização descoberta !!!
¤¤¤¤¤¤¤¤¤¤ | Navegadores
IE : 11.0.9600.17207 (© Microsoft Corporation. Todos os direitos reservados.)
GC : 36.0.1985.125 (Copyright 2012 Google Inc. All rights reserved.)
¤¤¤¤¤¤¤¤¤¤ | Security
AV : avast! Antivirus Disabled
AS : avast! Antivirus Disabled
FW : avast! Antivirus Disabled
WMI : OK
WU: Windows Update Service [Auto(2)] = Ordem
AS: Windows Defender [Auto(2)] = Ordem
FW: Windows FireWall Service [Auto(2)] = Ordem
Colocação apagada em um modo auxiliar !
¤¤¤¤¤¤¤¤¤¤ | FlashPlayer
ActiveX : 14.0.0.125
Plugin : 14.0.0.145
¤¤¤¤¤¤¤¤¤¤ | Processos mortos
896 | [Owner : SISTEMA |Parent : 712] - (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 337.88.) - (8.17.13.3788) = C:\Windows\System32\nvvsvc.exe
920 | [Owner : SISTEMA |Parent : 712] - (.NVIDIA Corporation - Stereo Vision Control Panel API Server.) - (7.17.13.3788) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
1444 | [Owner : SISTEMA |Parent : 712] - (.Microsoft Corporation - Aplicativo de subsistema de spooler.) - (6.1.7601.17777) = C:\Windows\System32\spoolsv.exe
1572 | [Owner : SISTEMA |Parent : 896] - (.NVIDIA Corporation - NVIDIA User Experience Driver Component.) - (8.17.13.3788) = C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
1580 | [Owner : SISTEMA |Parent : 896] - (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 337.88.) - (8.17.13.3788) = C:\Windows\System32\nvvsvc.exe
1740 | [Owner : User |Parent : 712] - (.Microsoft Corporation - Processo de Host para Tarefas do Windows.) - (6.1.7601.18010) = C:\Windows\System32\taskhost.exe
1924 | [Owner : SISTEMA |Parent : 724] - (.Microsoft Corporation - Mecanismo do Agendador de Tarefas.) - (6.1.7601.17514) = C:\Windows\System32\taskeng.exe
2000 | [Owner : SISTEMA |Parent : 712] - (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) - (1.7.0.0) = C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
2008 | [Owner : User |Parent : 1764] - (.Microsoft Corporation - Windows Explorer.) - (6.1.7601.17567) = C:\Windows\explorer.exe
1084 | [Owner : SISTEMA |Parent : 712] - (.Apple Inc. - YSLoader.exe.) - (17.327.4.35) = C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
1736 | [Owner : User |Parent : 724] - (.Microsoft Corporation - Mecanismo do Agendador de Tarefas.) - (6.1.7601.17514) = C:\Windows\System32\taskeng.exe
2052 | [Owner : User |Parent : 1736] - (.RAIDCALL.COM - Raidcall.) - (1.1.12943.129) = C:\Program Files\RaidCall.BR\raidcall.exe
2288 | [Owner : SISTEMA |Parent : 712] - (.Apple Inc. - Bonjour Service.) - (3.0.0.10) = C:\Program Files\Bonjour\mDNSResponder.exe
2344 | [Owner : SISTEMA |Parent : 712] - (.Intel(R) Corporation - Intel(R) Capability Licensing Service Interface.) - (1.23.216.0) = C:\Program Files\Intel\iCLS Client\HeciServer.exe
2396 | [Owner : SISTEMA |Parent : 712] - (.LogMeIn, Inc. - LMIGuardianSvc.) - (10.1.0.1664) = C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
2428 | [Owner : SISTEMA |Parent : 712] - (.NVIDIA Corporation - NVIDIA Network Service.) - (1.0.5.16) = C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
2476 | [Owner : SISTEMA |Parent : 712] - (.NVIDIA Corporation - NVIDIA Streamer Service.) - (2.1.214.0) = C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
2548 | [Owner : SISTEMA |Parent : 712] - (.A-Volute - Maelstrom VAD Streaming Service.) - (1.1.58.1854) = C:\ProgramData\Razer\Synapse\Devices\Razer Surround\Driver\RzMaelstromVADStreamingService.exe
2704 | [Owner : SISTEMA |Parent : 712] - (.TeamViewer GmbH - TeamViewer 9.) - (9.0.29947.0) = C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
2804 | [Owner : User |Parent : 2008] - (.NVIDIA Corporation - NVIDIA GeForce Experience Backend.) - (14.6.22.1) = C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
2844 | [Owner : User |Parent : 2008] - (.Realtek Semiconductor - Gerenciador de áudio HD Realtek.) - (1.0.0.919) = C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
3008 | [Owner : User |Parent : 2008] - (.Skype Technologies S.A. - Skype .) - (6.16.0.105) = C:\Program Files (x86)\Skype\Phone\Skype.exe
1768 | [Owner : User |Parent : 2008] - (. - .) - (0.0.0.0) = C:\Program Files (x86)\RocketDock\RocketDock.exe
2824 | [Owner : User |Parent : 1572] - (.NVIDIA Corporation - NVIDIA Settings.) - (7.17.13.3788) = C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
3312 | [Owner : User |Parent : 2652] - (.Razer Inc. - Razer Synapse.) - (1.18.15.20888) = C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe
3336 | [Owner : User |Parent : 2652] - (.Apple Inc. - iTunesHelper.) - (11.3.0.54) = C:\Program Files (x86)\iTunes\iTunesHelper.exe
3640 | [Owner : User |Parent : 820] - (.Microsoft Corporation - Sink to receive asynchronous callbacks for WMI client application.) - (6.1.7600.16385) = C:\Windows\System32\wbem\unsecapp.exe
3436 | [Owner : SERVIÇO DE REDE |Parent : 2476] - (.NVIDIA Corporation - NVIDIA Streamer Service.) - (2.1.214.0) = C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
2060 | [Owner : SISTEMA |Parent : 712] - (.Apple Inc. - iPodService Module (64-bit).) - (11.3.0.54) = C:\Program Files\iPod\bin\iPodService.exe
316 | [Owner : SISTEMA |Parent : 712] - (.Microsoft Corporation - Indexador do Microsoft Windows Search.) - (7.0.7601.17610) = C:\Windows\System32\SearchIndexer.exe
5044 | [Owner : SERVIÇO DE REDE |Parent : 712] - (.Microsoft Corporation - Serviço de Compartilhamento de Rede do Windows Media Player.) - (12.0.7601.17514) = C:\Program Files\Windows Media Player\wmpnetwk.exe
5532 | [Owner : SISTEMA |Parent : 712] - (.Intel Corporation - Local Manageability Service.) - (8.0.0.1351) = C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
5556 | [Owner : SERVIÇO DE REDE |Parent : 712] - (.Microsoft Corporation - Serviço da Plataforma de Proteção de Software da Microsoft.) - (6.1.7601.17514) = C:\Windows\System32\sppsvc.exe
5744 | [Owner : SISTEMA |Parent : 712] - (.Intel Corporation - User Notification Service.) - (8.0.0.1351) = C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
¤¤¤¤¤¤¤¤¤¤ | RUN
04 - HKLM\..\Run : [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
04 - HKLM64\..\Run : [NvBackend] "C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
04 - HKU\S-1-5-19\..\Run : [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
04 - HKU\S-1-5-19\..\RunOnce : [mctadmin] C:\Windows\System32\mctadmin.exe
04 - HKU\S-1-5-20\..\Run : [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
04 - HKU\S-1-5-20\..\RunOnce : [mctadmin] C:\Windows\System32\mctadmin.exe
04 - HKU\S-1-5-21-1758606025-4058047857-1023707703-1000\..\Run : [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
¤¤¤¤¤¤¤¤¤¤ | Serviços
funcionando : WINDEFEND
Serviço parado : WINDEFEND
funcionando : MMCSS
funcionando : Dhcp
funcionando : TcpIp
funcionando : WinHttpAutoProxysvc
Serviço parado : WinHttpAutoProxysvc
funcionando : SSDPSRV
Serviço parado : SSDPSRV
funcionando : MPSSvc
Serviço parado : MPSSvc
funcionando : LanmanServer
funcionando : DNScache
Serviço parado : DNScache
¤¤¤¤¤¤¤¤¤¤ | Hosts
C:\Windows\System32\Drivers\etc\hosts : Reponha para zerar prosperamente
¤¤¤¤¤¤¤¤¤¤ | Registro
¤¤¤¤¤¤¤¤¤¤ | Offsets
¤¤¤¤¤¤¤¤¤¤ | reparsepoint
¤¤¤¤¤¤¤¤¤¤ | Arquivos
---------------------------------------------------------
Esta dando esse erro:
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
DjBruxinho- Iniciante
- Mensagens : 25
Reputação : 0
Data de inscrição : 27/07/2014
Re: Erro relacionado ao Baidu.
por Power Max Dom 27 Jul 2014, 19:33
O relatório que você postou está incompleto. O programa ainda está executando ou já terminou o escaneamento?
Power Max- Colaborador
- Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009
Re: Erro relacionado ao Baidu.
por DjBruxinho Dom 27 Jul 2014, 19:37
Esta dando esse erro:
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
o programa vai ate 65% da o erro, aperto em ok, some tudo. esperei uns 10min entao nao deu nada apertei o botao reset do pc.
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
o programa vai ate 65% da o erro, aperto em ok, some tudo. esperei uns 10min entao nao deu nada apertei o botao reset do pc.
DjBruxinho- Iniciante
- Mensagens : 25
Reputação : 0
Data de inscrição : 27/07/2014
Re: Erro relacionado ao Baidu.
por Power Max Dom 27 Jul 2014, 19:45
inicie o PC em Modo Seguro com rede (apertando a tecla F8 (ou a tecla F5 em alguns computadores) repetidas vezes quando o computador estiver iniciando e escolhendo a opção Modo Seguro com rede (ou Modo seguro). Quando o PC estiver em modo seguro faça a limpeza com este programa que te passei.
Se mesmo assim não der certo, me avise.
Se mesmo assim não der certo, me avise.
Power Max- Colaborador
- Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009
Re: Erro relacionado ao Baidu.
por DjBruxinho Dom 27 Jul 2014, 20:01
Continua com o mesmo erro. chegou no 65% da o erro
DjBruxinho- Iniciante
- Mensagens : 25
Reputação : 0
Data de inscrição : 27/07/2014
Re: Erro relacionado ao Baidu.
por Power Max Dom 27 Jul 2014, 20:07
Desative temporariamente seu antivírus para evitar conflitos.
Acesse este link abaixo e clique no primeiro botão da esquerda que é o botão Download Zoek.exe:
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
*Clique com o botão direito do mouse no Zoek.exe e selecione [Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
* Selecione e copie todo este texto destacado em vermelho que te passei e cole-o no espaço em branco do Zoek
*Clique [Run Script]
*Durante o scan uma mensagem parecida com esta abaixo mostrando o progresso do escaneamento será apresentada. Aguarde o término...pode demorar!
[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
*Caso a reinicialização do PC seja solicitada, clique [OK]
* Poste o log do Zoek que estará em C:\zoek-results.txt em sua próxima resposta.
Acesse este link abaixo e clique no primeiro botão da esquerda que é o botão Download Zoek.exe:
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
*Clique com o botão direito do mouse no Zoek.exe e selecione [Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
* Selecione e copie todo este texto destacado em vermelho que te passei e cole-o no espaço em branco do Zoek
*Clique [Run Script]
*Durante o scan uma mensagem parecida com esta abaixo mostrando o progresso do escaneamento será apresentada. Aguarde o término...pode demorar!
[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
*Caso a reinicialização do PC seja solicitada, clique [OK]
* Poste o log do Zoek que estará em C:\zoek-results.txt em sua próxima resposta.
Última edição por Power Max em Sáb 02 Ago 2014, 20:30, editado 1 vez(es)
Power Max- Colaborador
- Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009
Re: Erro relacionado ao Baidu.
por DjBruxinho Dom 27 Jul 2014, 20:35
Zoek.exe v5.0.0.0 Updated 26-07-2014
Tool run by User on 27/07/2014 at 20:09:28,02.
Microsoft Windows 7 Ultimate 6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\User\Desktop\zoek.exe [Scan all users] [Script inserted]
==== System Restore Info ======================
27/07/2014 20:10:45 Zoek.exe System Restore Point Created Succesfully.
==== Reset Hosts File ======================
# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host
# localhost name resolution is handle within DNS itself.
127.0.0.1 localhost
::1 localhost
==== Deleting CLSID Registry Keys ======================
==== Deleting CLSID Registry Values ======================
==== Deleting Services ======================
==== Deleting Files \ Folders ======================
C:\PROGRA~3\{3C5CBD7B-3D1D-411E-96C2-513FFCA84D2D} deleted
C:\found.000 deleted
C:\found.001 deleted
C:\found.002 deleted
C:\Users\User\AppData\Roaming\WinInstallFlashLog.ini deleted
C:\PROGRA~3\ProductData deleted
C:\Users\User\AppData\Local\Thinstall deleted
C:\Users\User\Searches deleted
C:\Users\User\Downloads\SoftonicDownloader_para_hamachi.exe deleted
C:\windows\SysNative\tasks\AppSafe deleted
C:\Windows\tasks\AppSafe.job deleted
"C:\Windows\Installer\1a212f1.msi" deleted
==== Folders Found ======================
2014-06-12 20:07:26 2014-06-12 20:26:55 -------- d-----w- C:\$Recycle.Bin\S-1-5-21-1758606025-4058047857-1023707703-1000\$RKKV9SI\Baidu Antivirus
2014-07-27 20:59:26 2014-07-27 20:59:26 -------- d-----w- C:\AdwCleaner\Quarantine\C\ProgramData\baidu
2014-06-12 20:07:21 2014-06-19 20:43:05 -------- d-----w- C:\ProgramData\Baidu Security
2014-06-12 20:07:21 2014-06-19 20:43:05 -------- d-----w- C:\Users\All Users\Baidu Security
==== Files Found ======================
==== Registry Search Results for "Baidu" ======================
[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security]
[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security\Antivirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security\Antivirus]
"uuurl"="http://sync.br.bav.baidu.com/cgi-bin/report_uu_msg_bavv2.cgi"
[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security\DuplicateRecord]
[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security\PC Faster]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{77FEF28E-EB96-44FF-B511-3185DEA48697}]
"DllName"="baidubar.dll;BaiduBarX.dll;BaiduBarX.dll;BaiduBarX.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{B580CF65-E151-49C3-B73F-70B13FCA8E86}]
"DllName"="baidubar.dll;BaiduBarX.dll;BaiduBarX.dll;BaiduBarX.dll"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BFILTER\0000]
"DeviceDesc"="Baidu Antivirus Minifilter Driver"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BFMON\0000]
"DeviceDesc"="Baidu FS Monitor Driver"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BNDEF\0000]
"DeviceDesc"="Baidu NetDefense"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BPROTECT\0000]
"DeviceDesc"="Baidu Protect"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Bfilter]
"DisplayName"="Baidu Antivirus Minifilter Driver"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Bfmon]
"DisplayName"="Baidu FS Monitor Driver"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Bndef]
"DisplayName"="Baidu NetDefense"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Bprotect]
"InstPath"="C:\\Program Files (x86)\\Baidu Security\\Baidu Antivirus"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Bprotect]
"DisplayName"="Baidu Protect"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BFILTER\0000]
"DeviceDesc"="Baidu Antivirus Minifilter Driver"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BFMON\0000]
"DeviceDesc"="Baidu FS Monitor Driver"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BNDEF\0000]
"DeviceDesc"="Baidu NetDefense"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BPROTECT\0000]
"DeviceDesc"="Baidu Protect"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\Bfilter]
"DisplayName"="Baidu Antivirus Minifilter Driver"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\Bfmon]
"DisplayName"="Baidu FS Monitor Driver"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\Bndef]
"DisplayName"="Baidu NetDefense"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\Bprotect]
"InstPath"="C:\\Program Files (x86)\\Baidu Security\\Baidu Antivirus"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\Bprotect]
"DisplayName"="Baidu Protect"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BFILTER\0000]
"DeviceDesc"="Baidu Antivirus Minifilter Driver"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BFMON\0000]
"DeviceDesc"="Baidu FS Monitor Driver"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BNDEF\0000]
"DeviceDesc"="Baidu NetDefense"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BPROTECT\0000]
"DeviceDesc"="Baidu Protect"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Bfilter]
"DisplayName"="Baidu Antivirus Minifilter Driver"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Bfmon]
"DisplayName"="Baidu FS Monitor Driver"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Bndef]
"DisplayName"="Baidu NetDefense"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Bprotect]
"InstPath"="C:\\Program Files (x86)\\Baidu Security\\Baidu Antivirus"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Bprotect]
"DisplayName"="Baidu Protect"
[HKEY_USERS\.DEFAULT\Software\Baidu]
[HKEY_USERS\.DEFAULT\Software\Baidu\Application Bug]
[HKEY_USERS\.DEFAULT\Software\Baidu\Application Bug\Bav]
[HKEY_USERS\.DEFAULT\Software\Baidu\Application Bug\Bav\log]
[HKEY_USERS\.DEFAULT\Software\Baidu\Application Bug\Bav\log\BavSvc.exe]
[HKEY_USERS\.DEFAULT\Software\Baidu Security]
[HKEY_USERS\.DEFAULT\Software\Baidu Security\Antivirus]
[HKEY_USERS\.DEFAULT\Software\Baidu Security\Antivirus\bug]
[HKEY_USERS\.DEFAULT\Software\Baidu Security\Antivirus\bug\driver]
[HKEY_USERS\.DEFAULT\Software\Baidu Security\Antivirus\bug\driver\060414-33774-01.dmp]
[HKEY_USERS\.DEFAULT\Software\Baidu Security\Antivirus\bug\driver\060514-26769-01.dmp]
[HKEY_USERS\.DEFAULT\Software\Baidu Security\Antivirus\bug\driver\060514-29468-01.dmp]
[HKEY_USERS\.DEFAULT\Software\Baidu Security\Antivirus\bug\driver\060914-27003-01.dmp]
[HKEY_USERS\.DEFAULT\Software\Baidu Security\Antivirus\bug\driver\061014-39078-01.dmp]
[HKEY_USERS\.DEFAULT\Software\Baidu Security\Antivirus\bug\driver\061114-28345-01.dmp]
[HKEY_USERS\.DEFAULT\Software\Baidu Security\Antivirus\bug\driver\MEMORY_130469618211016257.dmp]
[HKEY_USERS\.DEFAULT\Software\Baidu Security\Antivirus\web]
[HKEY_USERS\.DEFAULT\Software\Baidu Security\Antivirus\web]
"ucloud"="u.br.bav.baidu.com"
[HKEY_USERS\.DEFAULT\Software\Baidu Security\Antivirus\web]
"dcloud"="http://up.br.bav.baidu.com/cgi-bin/url_warnning/url_warnning.cgi"
[HKEY_USERS\.DEFAULT\Software\Baidu Security\Antivirus\web]
"rcloud"="http://up.br.bav.baidu.com/cgi-bin/url_visit_action.cgi"
[HKEY_USERS\S-1-5-21-1758606025-4058047857-1023707703-1000\Software\Baidu Security]
[HKEY_USERS\S-1-5-21-1758606025-4058047857-1023707703-1000\Software\Baidu Security\Antivirus]
[HKEY_USERS\S-1-5-21-1758606025-4058047857-1023707703-1000\Software\Baidu Security\Antivirus\web]
[HKEY_USERS\S-1-5-21-1758606025-4058047857-1023707703-1000\Software\Baidu Security\Antivirus\web]
"ucloud"="u.br.bav.baidu.com"
[HKEY_USERS\S-1-5-21-1758606025-4058047857-1023707703-1000\Software\Baidu Security\Antivirus\web]
"dcloud"="http://up.br.bav.baidu.com/cgi-bin/url_warnning/url_warnning.cgi"
[HKEY_USERS\S-1-5-21-1758606025-4058047857-1023707703-1000\Software\Baidu Security\Antivirus\web]
"rcloud"="http://up.br.bav.baidu.com/cgi-bin/url_visit_action.cgi"
[HKEY_USERS\S-1-5-21-1758606025-4058047857-1023707703-1000\Software\Baidu Security\PC Faster]
[HKEY_USERS\S-1-5-18\Software\Baidu]
[HKEY_USERS\S-1-5-18\Software\Baidu\Application Bug]
[HKEY_USERS\S-1-5-18\Software\Baidu\Application Bug\Bav]
[HKEY_USERS\S-1-5-18\Software\Baidu\Application Bug\Bav\log]
[HKEY_USERS\S-1-5-18\Software\Baidu\Application Bug\Bav\log\BavSvc.exe]
[HKEY_USERS\S-1-5-18\Software\Baidu Security]
[HKEY_USERS\S-1-5-18\Software\Baidu Security\Antivirus]
[HKEY_USERS\S-1-5-18\Software\Baidu Security\Antivirus\bug]
[HKEY_USERS\S-1-5-18\Software\Baidu Security\Antivirus\bug\driver]
[HKEY_USERS\S-1-5-18\Software\Baidu Security\Antivirus\bug\driver\060414-33774-01.dmp]
[HKEY_USERS\S-1-5-18\Software\Baidu Security\Antivirus\bug\driver\060514-26769-01.dmp]
[HKEY_USERS\S-1-5-18\Software\Baidu Security\Antivirus\bug\driver\060514-29468-01.dmp]
[HKEY_USERS\S-1-5-18\Software\Baidu Security\Antivirus\bug\driver\060914-27003-01.dmp]
[HKEY_USERS\S-1-5-18\Software\Baidu Security\Antivirus\bug\driver\061014-39078-01.dmp]
[HKEY_USERS\S-1-5-18\Software\Baidu Security\Antivirus\bug\driver\061114-28345-01.dmp]
[HKEY_USERS\S-1-5-18\Software\Baidu Security\Antivirus\bug\driver\MEMORY_130469618211016257.dmp]
[HKEY_USERS\S-1-5-18\Software\Baidu Security\Antivirus\web]
[HKEY_USERS\S-1-5-18\Software\Baidu Security\Antivirus\web]
"ucloud"="u.br.bav.baidu.com"
[HKEY_USERS\S-1-5-18\Software\Baidu Security\Antivirus\web]
"dcloud"="http://up.br.bav.baidu.com/cgi-bin/url_warnning/url_warnning.cgi"
[HKEY_USERS\S-1-5-18\Software\Baidu Security\Antivirus\web]
"rcloud"="http://up.br.bav.baidu.com/cgi-bin/url_visit_action.cgi"
==== Firefox Extensions Registry ======================
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"wrc@avast.com"="C:\Program Files\AVAST Software\Avast\WebRep\FF" [13/07/2014 16:56]
==== Chrome Look ======================
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
gomekmidlodglbbmalcneegieacbdmki - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx[13/07/2014 16:55]
Google Drive - User\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf
YouTube - User\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
Google Search - User\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
Timer Countdown Alarm Clock and Stopwatch - User\AppData\Local\Google\Chrome\User Data\Default\Extensions\edebbhkhcaafmolanelponjjanocpacd
Digital Clock - User\AppData\Local\Google\Chrome\User Data\Default\Extensions\gdkjifoifglkpcdffkenpinlbjgephlo
Google Wallet - User\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
Gmail - User\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia
==== Set IE to Default ======================
Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Search Page"="http://www.google.com"
"Search Bar"="http://www.google.com/ie"
"Default_Search_URL"="http://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://www.google.com"
"Search Page"="http://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://www.google.com"
"Search Page"="http://www.google.com"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]
@="http://www.google.com/search?q=%s"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search]
"SearchAssistant"="http://www.google.com/ie"
"Default_Search_URL"="http://www.google.com/ie"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
No DefaultScope Set For HKCU
New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]
"(Default)"="http://search.msn.com/results.asp?q=%s"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search]
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"SearchAssistant"="http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}"
==== All HKCU SearchScopes ======================
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"
{6551AB67-100C-45E6-B2F1-B9A058B4191D} Google Url="http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8"
==== Reset Google Chrome ======================
C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
==== shortcuts in Users Start Menu ======================
C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\RaidCall.lnk - C:\Program Files (x86)\RaidCall.BR\raidcall.exe
C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe -extoff
C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\Ajuda do WinRAR.lnk - C:\Program Files (x86)\WinRAR\WinRAR.chm
C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\Manual do Console RAR.lnk - C:\Program Files (x86)\WinRAR\Rar.txt
C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\WinRAR.lnk - C:\Program Files (x86)\WinRAR\WinRAR.exe
==== shortcuts in All Users Start Menu ======================
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 9.lnk - C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast\avast Internet Security.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner\CCleaner.lnk - C:\Program Files (x86)\CCleaner\CCleaner64.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Euro Truck Simulator 2 Multiplayer\Play Euro Truck Simulator 2 Multiplayer.lnk - C:\Program Files (x86)\Euro Truck Simulator 2 Multiplayer\launcher.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes\iTunes.lnk - C:\Program Files (x86)\iTunes\iTunes.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes\Sobre o iTunes.lnk - C:\Program Files (x86)\iTunes\iTunes.Resources\pt.lproj\About iTunes.rtf
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RaidCall\RaidCall.lnk - C:\Program Files (x86)\RaidCall.BR\raidcall.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RaidCall\Uninstall RaidCall.lnk - C:\Program Files (x86)\RaidCall.BR\uninst.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Razer\Razer Synapse 2.0\Razer Synapse 2.0.lnk - C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe -launch
==== shortcuts in Quick Launch ======================
C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Users\User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\7e4dca80246863e3\pinned.lnk - C:\Windows\system32\control.exe
C:\Users\USURIO~1\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\USURIO~1\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
==== Reset IE Proxy ======================
Value(s) before fix:
"ProxyOverride"="*.local"
"ProxyEnable"=dword:00000000
Value(s) after fix:
"ProxyEnable"=dword:00000000
==== Deleting Registry Keys ======================
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\F60730A4A66673047777F5728467D401 deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{4A03706F-666A-4037-7777-5F2748764D10} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\F60730A4A66673047777F5728467D401 deleted successfully
==== Empty IE Cache ======================
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\User\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\2IG57TI4 will be deleted at reboot
C:\Users\User\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\2T2NOZ0M will be deleted at reboot
C:\Users\User\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NZQUF5HR will be deleted at reboot
C:\Users\User\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\WITA5NQ9 will be deleted at reboot
==== Empty FireFox Cache ======================
No FireFox Cache found
==== Empty Chrome Cache ======================
C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
==== Empty All Flash Cache ======================
Flash Cache Emptied Successfully
==== Empty All Java Cache ======================
Java Cache cleared successfully
==== C:\zoek_backup content ======================
C:\zoek_backup (files=12 folders=8 587264 bytes)
==== Empty Temp Folders ======================
C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\User\AppData\Local\Temp will be emptied at reboot
C:\Users\USURIO~1\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot
==== After Reboot ======================
==== Empty Temp Folders ======================
C:\Windows\Temp successfully emptied
C:\Users\User\AppData\Local\Temp successfully emptied
==== Empty Recycle Bin ======================
C:\$RECYCLE.BIN successfully emptied
==== Deleting Files / Folders ======================
"C:\Users\User\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\2IG57TI4" not found
"C:\Users\User\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\2T2NOZ0M" not found
"C:\Users\User\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NZQUF5HR" not found
"C:\Users\User\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\WITA5NQ9" not found
==== EOF on 27/07/2014 at 20:29:58,22 ======================
DjBruxinho- Iniciante
- Mensagens : 25
Reputação : 0
Data de inscrição : 27/07/2014
Re: Erro relacionado ao Baidu.
por Power Max Dom 27 Jul 2014, 21:17
Desative temporariamente seu antivírus para evitar conflitos.
*Clique com o botão direito do mouse no Zoek.exe e selecione [Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
* Selecione e copie todo este texto destacado em vermelho que te passei e cole-o no espaço em branco do Zoek
*Clique [Run Script]
*Durante o scan uma mensagem parecida com esta abaixo mostrando o progresso do escaneamento será apresentada. Aguarde o término...pode demorar!
[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
*Caso a reinicialização do PC seja solicitada, clique [OK]
* Poste o log do Zoek que estará em C:\zoek-results.txt em sua próxima resposta.
*Clique com o botão direito do mouse no Zoek.exe e selecione [Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
* Selecione e copie todo este texto destacado em vermelho que te passei e cole-o no espaço em branco do Zoek
*Clique [Run Script]
*Durante o scan uma mensagem parecida com esta abaixo mostrando o progresso do escaneamento será apresentada. Aguarde o término...pode demorar!
[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
*Caso a reinicialização do PC seja solicitada, clique [OK]
* Poste o log do Zoek que estará em C:\zoek-results.txt em sua próxima resposta.
Última edição por Power Max em Sáb 02 Ago 2014, 20:30, editado 1 vez(es)
Power Max- Colaborador
- Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009
Re: Erro relacionado ao Baidu.
por DjBruxinho Seg 28 Jul 2014, 12:21
Zoek.exe v5.0.0.0 Updated 26-07-2014
Tool run by User on 28/07/2014 at 12:15:25,04.
Microsoft Windows 7 Ultimate 6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\User\Desktop\zoek.exe [Scan all users] [Script inserted]
==== Older Logs ======================
C:\zoek-results2014-07-27-232958.log 21600 bytes
==== System Restore Info ======================
28/07/2014 12:16:39 Zoek.exe System Restore Point Created Succesfully.
==== Deleting CLSID Registry Keys ======================
==== Deleting CLSID Registry Values ======================
==== Deleting Services ======================
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Bfilter deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Bfilter deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Bfmon deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Bfmon deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Bndef deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Bndef deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Bprotect deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Bprotect deleted successfully
==== Registry Fix Code x64 ======================
Windows Registry Editor Version 5.00
[-HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security\Antivirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security\Antivirus]
"uuurl"=-
[-HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security\DuplicateRecord]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security\PC Faster]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{77FEF28E-EB96-44FF-B511-3185DEA48697}]
"DllName"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{B580CF65-E151-49C3-B73F-70B13FCA8E86}]
"DllName"=-
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BFILTER\0000]
"DeviceDesc"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BFILTER\0000]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BFMON\0000]
"DeviceDesc"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BFMON\0000]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BNDEF\0000]
"DeviceDesc"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BNDEF\0000]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BPROTECT\0000]
"DeviceDesc"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BPROTECT\0000]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Bfilter]
"DisplayName"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Bfilter]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Bfmon]
"DisplayName"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Bfmon]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Bndef]
"DisplayName"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Bndef]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Bprotect]
"InstPath"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Bprotect]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Bprotect]
"DisplayName"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Bprotect]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BFILTER\0000]
"DeviceDesc"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BFILTER\0000]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BFMON\0000]
"DeviceDesc"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BFMON\0000]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BNDEF\0000]
"DeviceDesc"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BNDEF\0000]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BPROTECT\0000]
"DeviceDesc"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BPROTECT\0000]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\Bfilter]
"DisplayName"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\Bfilter]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\Bfmon]
"DisplayName"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\Bfmon]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\Bndef]
"DisplayName"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\Bndef]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\Bprotect]
"InstPath"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\Bprotect]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\Bprotect]
"DisplayName"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\Bprotect]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BFILTER\0000]
"DeviceDesc"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BFILTER\0000]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BFMON\0000]
"DeviceDesc"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BFMON\0000]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BNDEF\0000]
"DeviceDesc"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BNDEF\0000]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BPROTECT\0000]
"DeviceDesc"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BPROTECT\0000]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Bfilter]
"DisplayName"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Bfilter]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Bfmon]
"DisplayName"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Bfmon]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Bndef]
"DisplayName"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Bndef]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Bprotect]
"InstPath"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Bprotect]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Bprotect]
"DisplayName"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Bprotect]
[-HKEY_USERS\.DEFAULT\Software\Baidu]
[-HKEY_USERS\.DEFAULT\Software\Baidu\Application Bug]
[-HKEY_USERS\.DEFAULT\Software\Baidu\Application Bug\Bav]
[-HKEY_USERS\.DEFAULT\Software\Baidu\Application Bug\Bav\log]
[-HKEY_USERS\.DEFAULT\Software\Baidu\Application Bug\Bav\log\BavSvc.exe]
[-HKEY_USERS\.DEFAULT\Software\Baidu Security]
[-HKEY_USERS\.DEFAULT\Software\Baidu Security\Antivirus]
[-HKEY_USERS\.DEFAULT\Software\Baidu Security\Antivirus\bug]
[-HKEY_USERS\.DEFAULT\Software\Baidu Security\Antivirus\bug\driver]
[-HKEY_USERS\.DEFAULT\Software\Baidu Security\Antivirus\bug\driver\060414-33774-01.dmp]
[-HKEY_USERS\.DEFAULT\Software\Baidu Security\Antivirus\bug\driver\060514-26769-01.dmp]
[-HKEY_USERS\.DEFAULT\Software\Baidu Security\Antivirus\bug\driver\060514-29468-01.dmp]
[-HKEY_USERS\.DEFAULT\Software\Baidu Security\Antivirus\bug\driver\060914-27003-01.dmp]
[-HKEY_USERS\.DEFAULT\Software\Baidu Security\Antivirus\bug\driver\061014-39078-01.dmp]
[-HKEY_USERS\.DEFAULT\Software\Baidu Security\Antivirus\bug\driver\061114-28345-01.dmp]
[-HKEY_USERS\.DEFAULT\Software\Baidu Security\Antivirus\bug\driver\MEMORY_130469618211016257.dmp]
[-HKEY_USERS\.DEFAULT\Software\Baidu Security\Antivirus\web]
[HKEY_USERS\.DEFAULT\Software\Baidu Security\Antivirus\web]
"ucloud"=-
[HKEY_USERS\.DEFAULT\Software\Baidu Security\Antivirus\web]
"dcloud"=-
[HKEY_USERS\.DEFAULT\Software\Baidu Security\Antivirus\web]
"rcloud"=-
[-HKEY_USERS\S-1-5-21-1758606025-4058047857-1023707703-1000\Software\Baidu Security]
[-HKEY_USERS\S-1-5-21-1758606025-4058047857-1023707703-1000\Software\Baidu Security\Antivirus]
[-HKEY_USERS\S-1-5-21-1758606025-4058047857-1023707703-1000\Software\Baidu Security\Antivirus\web]
[HKEY_USERS\S-1-5-21-1758606025-4058047857-1023707703-1000\Software\Baidu Security\Antivirus\web]
"ucloud"=-
[HKEY_USERS\S-1-5-21-1758606025-4058047857-1023707703-1000\Software\Baidu Security\Antivirus\web]
"dcloud"=-
[HKEY_USERS\S-1-5-21-1758606025-4058047857-1023707703-1000\Software\Baidu Security\Antivirus\web]
"rcloud"=-
[-HKEY_USERS\S-1-5-21-1758606025-4058047857-1023707703-1000\Software\Baidu Security\PC Faster]
[-HKEY_USERS\S-1-5-18\Software\Baidu]
[-HKEY_USERS\S-1-5-18\Software\Baidu\Application Bug]
[-HKEY_USERS\S-1-5-18\Software\Baidu\Application Bug\Bav]
[-HKEY_USERS\S-1-5-18\Software\Baidu\Application Bug\Bav\log]
[-HKEY_USERS\S-1-5-18\Software\Baidu\Application Bug\Bav\log\BavSvc.exe]
[-HKEY_USERS\S-1-5-18\Software\Baidu Security]
[-HKEY_USERS\S-1-5-18\Software\Baidu Security\Antivirus]
[-HKEY_USERS\S-1-5-18\Software\Baidu Security\Antivirus\bug]
[-HKEY_USERS\S-1-5-18\Software\Baidu Security\Antivirus\bug\driver]
[-HKEY_USERS\S-1-5-18\Software\Baidu Security\Antivirus\bug\driver\060414-33774-01.dmp]
[-HKEY_USERS\S-1-5-18\Software\Baidu Security\Antivirus\bug\driver\060514-26769-01.dmp]
[-HKEY_USERS\S-1-5-18\Software\Baidu Security\Antivirus\bug\driver\060514-29468-01.dmp]
[-HKEY_USERS\S-1-5-18\Software\Baidu Security\Antivirus\bug\driver\060914-27003-01.dmp]
[-HKEY_USERS\S-1-5-18\Software\Baidu Security\Antivirus\bug\driver\061014-39078-01.dmp]
[-HKEY_USERS\S-1-5-18\Software\Baidu Security\Antivirus\bug\driver\061114-28345-01.dmp]
[-HKEY_USERS\S-1-5-18\Software\Baidu Security\Antivirus\bug\driver\MEMORY_130469618211016257.dmp]
[-HKEY_USERS\S-1-5-18\Software\Baidu Security\Antivirus\web]
[HKEY_USERS\S-1-5-18\Software\Baidu Security\Antivirus\web]
"ucloud"=-
[HKEY_USERS\S-1-5-18\Software\Baidu Security\Antivirus\web]
"dcloud"=-
[HKEY_USERS\S-1-5-18\Software\Baidu Security\Antivirus\web]
"rcloud"=-
==== Deleting Files \ Folders ======================
C:\$Recycle.Bin\S-1-5-21-1758606025-4058047857-1023707703-1000\$RKKV9SI\Baidu Antivirus not found
C:\ProgramData\Baidu Security deleted
==== Folders Found ======================
2014-07-27 20:59:26 2014-07-27 20:59:26 -------- d-----w- C:\AdwCleaner\Quarantine\C\ProgramData\baidu
2014-07-28 15:17:44 2014-06-19 20:43:05 -------- d---a-w- C:\zoek_backup\C_ProgramData_Baidu Security
2014-07-28 15:17:44 2014-06-19 20:43:05 -------- d---a-w- C:\zoek_backup\C_Users_All Users_Baidu Security
==== Files Found ======================
==== Registry Search Results for "Baidu" ======================
[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security]
[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security\Antivirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security\Antivirus]
"uuurl"="http://sync.br.bav.baidu.com/cgi-bin/report_uu_msg_bavv2.cgi"
[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security\DuplicateRecord]
[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security\PC Faster]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{77FEF28E-EB96-44FF-B511-3185DEA48697}]
"DllName"="baidubar.dll;BaiduBarX.dll;BaiduBarX.dll;BaiduBarX.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{B580CF65-E151-49C3-B73F-70B13FCA8E86}]
"DllName"="baidubar.dll;BaiduBarX.dll;BaiduBarX.dll;BaiduBarX.dll"
[HKEY_USERS\.DEFAULT\Software\Baidu Security]
[HKEY_USERS\.DEFAULT\Software\Baidu Security\Antivirus]
[HKEY_USERS\.DEFAULT\Software\Baidu Security\Antivirus\web]
[HKEY_USERS\S-1-5-21-1758606025-4058047857-1023707703-1000\Software\Baidu Security]
[HKEY_USERS\S-1-5-21-1758606025-4058047857-1023707703-1000\Software\Baidu Security\Antivirus]
[HKEY_USERS\S-1-5-21-1758606025-4058047857-1023707703-1000\Software\Baidu Security\Antivirus\web]
[HKEY_USERS\S-1-5-18\Software\Baidu Security]
[HKEY_USERS\S-1-5-18\Software\Baidu Security\Antivirus]
[HKEY_USERS\S-1-5-18\Software\Baidu Security\Antivirus\web]
==== C:\zoek_backup content ======================
C:\zoek_backup (files=12 folders=10 587410 bytes)
==== EOF on 28/07/2014 at 12:20:21,43 ======================
Tool run by User on 28/07/2014 at 12:15:25,04.
Microsoft Windows 7 Ultimate 6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\User\Desktop\zoek.exe [Scan all users] [Script inserted]
==== Older Logs ======================
C:\zoek-results2014-07-27-232958.log 21600 bytes
==== System Restore Info ======================
28/07/2014 12:16:39 Zoek.exe System Restore Point Created Succesfully.
==== Deleting CLSID Registry Keys ======================
==== Deleting CLSID Registry Values ======================
==== Deleting Services ======================
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Bfilter deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Bfilter deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Bfmon deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Bfmon deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Bndef deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Bndef deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Bprotect deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Bprotect deleted successfully
==== Registry Fix Code x64 ======================
Windows Registry Editor Version 5.00
[-HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security\Antivirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security\Antivirus]
"uuurl"=-
[-HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security\DuplicateRecord]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security\PC Faster]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{77FEF28E-EB96-44FF-B511-3185DEA48697}]
"DllName"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{B580CF65-E151-49C3-B73F-70B13FCA8E86}]
"DllName"=-
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BFILTER\0000]
"DeviceDesc"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BFILTER\0000]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BFMON\0000]
"DeviceDesc"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BFMON\0000]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BNDEF\0000]
"DeviceDesc"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BNDEF\0000]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BPROTECT\0000]
"DeviceDesc"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BPROTECT\0000]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Bfilter]
"DisplayName"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Bfilter]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Bfmon]
"DisplayName"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Bfmon]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Bndef]
"DisplayName"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Bndef]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Bprotect]
"InstPath"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Bprotect]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Bprotect]
"DisplayName"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Bprotect]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BFILTER\0000]
"DeviceDesc"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BFILTER\0000]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BFMON\0000]
"DeviceDesc"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BFMON\0000]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BNDEF\0000]
"DeviceDesc"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BNDEF\0000]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BPROTECT\0000]
"DeviceDesc"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BPROTECT\0000]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\Bfilter]
"DisplayName"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\Bfilter]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\Bfmon]
"DisplayName"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\Bfmon]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\Bndef]
"DisplayName"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\Bndef]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\Bprotect]
"InstPath"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\Bprotect]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\Bprotect]
"DisplayName"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\Bprotect]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BFILTER\0000]
"DeviceDesc"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BFILTER\0000]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BFMON\0000]
"DeviceDesc"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BFMON\0000]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BNDEF\0000]
"DeviceDesc"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BNDEF\0000]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BPROTECT\0000]
"DeviceDesc"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BPROTECT\0000]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Bfilter]
"DisplayName"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Bfilter]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Bfmon]
"DisplayName"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Bfmon]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Bndef]
"DisplayName"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Bndef]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Bprotect]
"InstPath"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Bprotect]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Bprotect]
"DisplayName"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Bprotect]
[-HKEY_USERS\.DEFAULT\Software\Baidu]
[-HKEY_USERS\.DEFAULT\Software\Baidu\Application Bug]
[-HKEY_USERS\.DEFAULT\Software\Baidu\Application Bug\Bav]
[-HKEY_USERS\.DEFAULT\Software\Baidu\Application Bug\Bav\log]
[-HKEY_USERS\.DEFAULT\Software\Baidu\Application Bug\Bav\log\BavSvc.exe]
[-HKEY_USERS\.DEFAULT\Software\Baidu Security]
[-HKEY_USERS\.DEFAULT\Software\Baidu Security\Antivirus]
[-HKEY_USERS\.DEFAULT\Software\Baidu Security\Antivirus\bug]
[-HKEY_USERS\.DEFAULT\Software\Baidu Security\Antivirus\bug\driver]
[-HKEY_USERS\.DEFAULT\Software\Baidu Security\Antivirus\bug\driver\060414-33774-01.dmp]
[-HKEY_USERS\.DEFAULT\Software\Baidu Security\Antivirus\bug\driver\060514-26769-01.dmp]
[-HKEY_USERS\.DEFAULT\Software\Baidu Security\Antivirus\bug\driver\060514-29468-01.dmp]
[-HKEY_USERS\.DEFAULT\Software\Baidu Security\Antivirus\bug\driver\060914-27003-01.dmp]
[-HKEY_USERS\.DEFAULT\Software\Baidu Security\Antivirus\bug\driver\061014-39078-01.dmp]
[-HKEY_USERS\.DEFAULT\Software\Baidu Security\Antivirus\bug\driver\061114-28345-01.dmp]
[-HKEY_USERS\.DEFAULT\Software\Baidu Security\Antivirus\bug\driver\MEMORY_130469618211016257.dmp]
[-HKEY_USERS\.DEFAULT\Software\Baidu Security\Antivirus\web]
[HKEY_USERS\.DEFAULT\Software\Baidu Security\Antivirus\web]
"ucloud"=-
[HKEY_USERS\.DEFAULT\Software\Baidu Security\Antivirus\web]
"dcloud"=-
[HKEY_USERS\.DEFAULT\Software\Baidu Security\Antivirus\web]
"rcloud"=-
[-HKEY_USERS\S-1-5-21-1758606025-4058047857-1023707703-1000\Software\Baidu Security]
[-HKEY_USERS\S-1-5-21-1758606025-4058047857-1023707703-1000\Software\Baidu Security\Antivirus]
[-HKEY_USERS\S-1-5-21-1758606025-4058047857-1023707703-1000\Software\Baidu Security\Antivirus\web]
[HKEY_USERS\S-1-5-21-1758606025-4058047857-1023707703-1000\Software\Baidu Security\Antivirus\web]
"ucloud"=-
[HKEY_USERS\S-1-5-21-1758606025-4058047857-1023707703-1000\Software\Baidu Security\Antivirus\web]
"dcloud"=-
[HKEY_USERS\S-1-5-21-1758606025-4058047857-1023707703-1000\Software\Baidu Security\Antivirus\web]
"rcloud"=-
[-HKEY_USERS\S-1-5-21-1758606025-4058047857-1023707703-1000\Software\Baidu Security\PC Faster]
[-HKEY_USERS\S-1-5-18\Software\Baidu]
[-HKEY_USERS\S-1-5-18\Software\Baidu\Application Bug]
[-HKEY_USERS\S-1-5-18\Software\Baidu\Application Bug\Bav]
[-HKEY_USERS\S-1-5-18\Software\Baidu\Application Bug\Bav\log]
[-HKEY_USERS\S-1-5-18\Software\Baidu\Application Bug\Bav\log\BavSvc.exe]
[-HKEY_USERS\S-1-5-18\Software\Baidu Security]
[-HKEY_USERS\S-1-5-18\Software\Baidu Security\Antivirus]
[-HKEY_USERS\S-1-5-18\Software\Baidu Security\Antivirus\bug]
[-HKEY_USERS\S-1-5-18\Software\Baidu Security\Antivirus\bug\driver]
[-HKEY_USERS\S-1-5-18\Software\Baidu Security\Antivirus\bug\driver\060414-33774-01.dmp]
[-HKEY_USERS\S-1-5-18\Software\Baidu Security\Antivirus\bug\driver\060514-26769-01.dmp]
[-HKEY_USERS\S-1-5-18\Software\Baidu Security\Antivirus\bug\driver\060514-29468-01.dmp]
[-HKEY_USERS\S-1-5-18\Software\Baidu Security\Antivirus\bug\driver\060914-27003-01.dmp]
[-HKEY_USERS\S-1-5-18\Software\Baidu Security\Antivirus\bug\driver\061014-39078-01.dmp]
[-HKEY_USERS\S-1-5-18\Software\Baidu Security\Antivirus\bug\driver\061114-28345-01.dmp]
[-HKEY_USERS\S-1-5-18\Software\Baidu Security\Antivirus\bug\driver\MEMORY_130469618211016257.dmp]
[-HKEY_USERS\S-1-5-18\Software\Baidu Security\Antivirus\web]
[HKEY_USERS\S-1-5-18\Software\Baidu Security\Antivirus\web]
"ucloud"=-
[HKEY_USERS\S-1-5-18\Software\Baidu Security\Antivirus\web]
"dcloud"=-
[HKEY_USERS\S-1-5-18\Software\Baidu Security\Antivirus\web]
"rcloud"=-
==== Deleting Files \ Folders ======================
C:\$Recycle.Bin\S-1-5-21-1758606025-4058047857-1023707703-1000\$RKKV9SI\Baidu Antivirus not found
C:\ProgramData\Baidu Security deleted
==== Folders Found ======================
2014-07-27 20:59:26 2014-07-27 20:59:26 -------- d-----w- C:\AdwCleaner\Quarantine\C\ProgramData\baidu
2014-07-28 15:17:44 2014-06-19 20:43:05 -------- d---a-w- C:\zoek_backup\C_ProgramData_Baidu Security
2014-07-28 15:17:44 2014-06-19 20:43:05 -------- d---a-w- C:\zoek_backup\C_Users_All Users_Baidu Security
==== Files Found ======================
==== Registry Search Results for "Baidu" ======================
[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security]
[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security\Antivirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security\Antivirus]
"uuurl"="http://sync.br.bav.baidu.com/cgi-bin/report_uu_msg_bavv2.cgi"
[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security\DuplicateRecord]
[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security\PC Faster]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{77FEF28E-EB96-44FF-B511-3185DEA48697}]
"DllName"="baidubar.dll;BaiduBarX.dll;BaiduBarX.dll;BaiduBarX.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{B580CF65-E151-49C3-B73F-70B13FCA8E86}]
"DllName"="baidubar.dll;BaiduBarX.dll;BaiduBarX.dll;BaiduBarX.dll"
[HKEY_USERS\.DEFAULT\Software\Baidu Security]
[HKEY_USERS\.DEFAULT\Software\Baidu Security\Antivirus]
[HKEY_USERS\.DEFAULT\Software\Baidu Security\Antivirus\web]
[HKEY_USERS\S-1-5-21-1758606025-4058047857-1023707703-1000\Software\Baidu Security]
[HKEY_USERS\S-1-5-21-1758606025-4058047857-1023707703-1000\Software\Baidu Security\Antivirus]
[HKEY_USERS\S-1-5-21-1758606025-4058047857-1023707703-1000\Software\Baidu Security\Antivirus\web]
[HKEY_USERS\S-1-5-18\Software\Baidu Security]
[HKEY_USERS\S-1-5-18\Software\Baidu Security\Antivirus]
[HKEY_USERS\S-1-5-18\Software\Baidu Security\Antivirus\web]
==== C:\zoek_backup content ======================
C:\zoek_backup (files=12 folders=10 587410 bytes)
==== EOF on 28/07/2014 at 12:20:21,43 ======================
DjBruxinho- Iniciante
- Mensagens : 25
Reputação : 0
Data de inscrição : 27/07/2014
Re: Erro relacionado ao Baidu.
por Power Max Seg 28 Jul 2014, 13:47
Desative temporariamente seu antivírus para evitar conflitos.
*Clique com o botão direito do mouse no Zoek.exe e selecione [Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
* Selecione e copie todo este texto destacado em vermelho que te passei e cole-o no espaço em branco do Zoek
*Clique [Run Script]
*Durante o scan uma mensagem parecida com esta abaixo mostrando o progresso do escaneamento será apresentada. Aguarde o término...pode demorar!
[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
*Caso a reinicialização do PC seja solicitada, clique [OK]
* Poste o log do Zoek que estará em C:\zoek-results.txt em sua próxima resposta.
*Clique com o botão direito do mouse no Zoek.exe e selecione [Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
* Selecione e copie todo este texto destacado em vermelho que te passei e cole-o no espaço em branco do Zoek
*Clique [Run Script]
*Durante o scan uma mensagem parecida com esta abaixo mostrando o progresso do escaneamento será apresentada. Aguarde o término...pode demorar!
[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
*Caso a reinicialização do PC seja solicitada, clique [OK]
* Poste o log do Zoek que estará em C:\zoek-results.txt em sua próxima resposta.
Última edição por Power Max em Sáb 02 Ago 2014, 20:31, editado 1 vez(es)
Power Max- Colaborador
- Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009
Re: Erro relacionado ao Baidu.
por DjBruxinho Seg 28 Jul 2014, 13:54
Zoek.exe v5.0.0.0 Updated 28-07-2014
Tool run by User on 28/07/2014 at 13:48:49,85.
Microsoft Windows 7 Ultimate 6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\User\Desktop\zoek.exe [Scan all users] [Script inserted]
==== Older Logs ======================
C:\zoek-results2014-07-27-232958.log 21600 bytes
C:\zoek-results2014-07-28-152021.log 11979 bytes
==== System Restore Info ======================
28/07/2014 13:50:11 Zoek.exe System Restore Point Created Succesfully.
==== Deleting CLSID Registry Keys ======================
==== Deleting CLSID Registry Values ======================
==== Registry Fix Code x64 ======================
Windows Registry Editor Version 5.00
[-HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security\Antivirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security\Antivirus]
"uuurl"=-
[-HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security\DuplicateRecord]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security\PC Faster]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{77FEF28E-EB96-44FF-B511-3185DEA48697}]
"DllName"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{B580CF65-E151-49C3-B73F-70B13FCA8E86}]
"DllName"=-
[-HKEY_USERS\.DEFAULT\Software\Baidu Security]
[-HKEY_USERS\.DEFAULT\Software\Baidu Security\Antivirus]
[-HKEY_USERS\.DEFAULT\Software\Baidu Security\Antivirus\web]
[-HKEY_USERS\S-1-5-21-1758606025-4058047857-1023707703-1000\Software\Baidu Security]
[-HKEY_USERS\S-1-5-21-1758606025-4058047857-1023707703-1000\Software\Baidu Security\Antivirus]
[-HKEY_USERS\S-1-5-21-1758606025-4058047857-1023707703-1000\Software\Baidu Security\Antivirus\web]
[-HKEY_USERS\S-1-5-18\Software\Baidu Security]
[-HKEY_USERS\S-1-5-18\Software\Baidu Security\Antivirus]
[-HKEY_USERS\S-1-5-18\Software\Baidu Security\Antivirus\web]
==== Folders Found ======================
2014-07-27 20:59:26 2014-07-27 20:59:26 -------- d-----w- C:\AdwCleaner\Quarantine\C\ProgramData\baidu
2014-07-28 15:17:44 2014-06-19 20:43:05 -------- d---a-w- C:\zoek_backup\C_ProgramData_Baidu Security
2014-07-28 15:17:44 2014-06-19 20:43:05 -------- d---a-w- C:\zoek_backup\C_Users_All Users_Baidu Security
==== Files Found ======================
==== Registry Search Results for "Baidu" ======================
[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security]
[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security\Antivirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security\Antivirus]
"uuurl"="http://sync.br.bav.baidu.com/cgi-bin/report_uu_msg_bavv2.cgi"
[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security\DuplicateRecord]
[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security\PC Faster]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{77FEF28E-EB96-44FF-B511-3185DEA48697}]
"DllName"="baidubar.dll;BaiduBarX.dll;BaiduBarX.dll;BaiduBarX.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{B580CF65-E151-49C3-B73F-70B13FCA8E86}]
"DllName"="baidubar.dll;BaiduBarX.dll;BaiduBarX.dll;BaiduBarX.dll"
==== C:\zoek_backup content ======================
C:\zoek_backup (files=12 folders=10 587410 bytes)
==== EOF on 28/07/2014 at 13:53:37,38 ======================
DjBruxinho- Iniciante
- Mensagens : 25
Reputação : 0
Data de inscrição : 27/07/2014
Re: Erro relacionado ao Baidu.
por Power Max Seg 28 Jul 2014, 13:58
Desative temporariamente seu antivírus para evitar conflitos.
*Clique com o botão direito do mouse no Zoek.exe e selecione [Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
* Selecione e copie todo este texto destacado em vermelho que te passei e cole-o no espaço em branco do Zoek
*Clique [Run Script]
*Durante o scan uma mensagem parecida com esta abaixo mostrando o progresso do escaneamento será apresentada. Aguarde o término...pode demorar!
[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
*Caso a reinicialização do PC seja solicitada, clique [OK]
* Poste o log do Zoek que estará em C:\zoek-results.txt em sua próxima resposta.
*Clique com o botão direito do mouse no Zoek.exe e selecione [Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
* Selecione e copie todo este texto destacado em vermelho que te passei e cole-o no espaço em branco do Zoek
*Clique [Run Script]
*Durante o scan uma mensagem parecida com esta abaixo mostrando o progresso do escaneamento será apresentada. Aguarde o término...pode demorar!
[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
*Caso a reinicialização do PC seja solicitada, clique [OK]
* Poste o log do Zoek que estará em C:\zoek-results.txt em sua próxima resposta.
Última edição por Power Max em Sáb 02 Ago 2014, 20:31, editado 1 vez(es)
Power Max- Colaborador
- Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009
Re: Erro relacionado ao Baidu.
por DjBruxinho Seg 28 Jul 2014, 14:13
Zoek.exe v5.0.0.0 Updated 28-07-2014
Tool run by User on 28/07/2014 at 14:00:34,73.
Microsoft Windows 7 Ultimate 6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\User\Desktop\zoek.exe [Scan all users] [Script inserted]
==== Older Logs ======================
C:\zoek-results2014-07-27-232958.log 21600 bytes
C:\zoek-results2014-07-28-152021.log 11979 bytes
C:\zoek-results2014-07-28-165337.log 3351 bytes
==== System Restore Info ======================
28/07/2014 14:03:19 Zoek.exe System Restore Point Created Succesfully.
==== Deleting CLSID Registry Keys ======================
==== Deleting CLSID Registry Values ======================
==== Registry Fix Code x64 ======================
Windows Registry Editor Version 5.00
[-HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security\Antivirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security\Antivirus]
"uuurl"=-
[-HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security\DuplicateRecord]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security\PC Faster]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{77FEF28E-EB96-44FF-B511-3185DEA48697}]
"DllName"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{B580CF65-E151-49C3-B73F-70B13FCA8E86}]
"DllName"=-
==== Registry Search Results for "Baidu" ======================
[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security]
[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security\Antivirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security\Antivirus]
"uuurl"="http://sync.br.bav.baidu.com/cgi-bin/report_uu_msg_bavv2.cgi"
[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security\DuplicateRecord]
[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security\PC Faster]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{77FEF28E-EB96-44FF-B511-3185DEA48697}]
"DllName"="baidubar.dll;BaiduBarX.dll;BaiduBarX.dll;BaiduBarX.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{B580CF65-E151-49C3-B73F-70B13FCA8E86}]
"DllName"="baidubar.dll;BaiduBarX.dll;BaiduBarX.dll;BaiduBarX.dll"
==== C:\zoek_backup content ======================
C:\zoek_backup (files=12 folders=10 587410 bytes)
==== EOF on 28/07/2014 at 14:04:29,69 ======================
DjBruxinho- Iniciante
- Mensagens : 25
Reputação : 0
Data de inscrição : 27/07/2014
Re: Erro relacionado ao Baidu.
por Power Max Seg 28 Jul 2014, 14:14
Faça o download do < [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] > < [Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]> ( ... de Nicolas Coolman )Obs: Ao acessar o link acima clique no botão Télécharger referente ao ZHPDiag para baixá-lo, tal como mostra a imagem abaixo:
[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
Para instalá-lo e executá-lo corretamente siga as dicas deste artigo:
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
* Assim que ele concluir a sua verificação, copie todo o conteúdo do seu relatório ZHPDiag.txt e poste em sua próxima resposta.
Power Max- Colaborador
- Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009
Re: Erro relacionado ao Baidu.
por DjBruxinho Seg 28 Jul 2014, 15:31
~ Relatório do ZHPDiag v2014.7.27.109 - Nicolas Coolman (27/07/2014)
~ Iniciado por User (28/07/2014 15:25:18)
~ Endereço do Website : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
~ Endereço do Webforum : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
~ Tradução pelo utilizador
~ Estatuto da versão : Versão atualizada.
~ Lista Branca : Ativado pelo programa
~ Elevação dos Privilégios : OK
~ Controle de Conta de Utilizador : Deactivate by user
---\\ Navegadores Internet
MSIE: Internet Explorer v11.0.9600.17207
GCIE: Google Chrome v36.0.1985.125 (Defaut)
---\\ Informações sobre os produtos Windows
~ Langage: Portugais
Windows 7 Ultimate, 64-bit Service Pack 1 (Build 7601)
Windows Server License Manager Script : OK
Software Protection Service (Protection logicielle) : OK
Windows Automatic Updates : OK
Windows Activation Technologies : OK
---\\ Softwares de proteçao do sistema
avast! Internet Security v9.0.2021
Windows Defender W7 (Activate)
---\\ Softwares d'optimização do sistema
CCleaner v4.14
---\\ Softwares de partilha do PeerToPeer (P2P)
---\\ Monitoramento dos softwares
Adobe Flash Player 14 Plugin
Adobe Reader XI - Português
Java 7 Update 60
---\\ Informações sobre o sistema
~ Processor: Intel64 Family 6 Model 42 Stepping 7, GenuineIntel
~ Operating System: 64 Bits
Boot mode: Normal (Normal boot)
Total RAM: 4078 MB (45% free)
System Restore: Activé (Enable)
System drive C: has 479 GB (80%) free of 596 GB
---\\ Modo de conexão ao sistema
~ Computer Name: USER-PC
~ User Name: User
~ All Users Names: User, Convidado, Administrador,
~ Unselected Option: 045,061,O62,065,066,080,O82,089
Logged in as Administrator
---\\ As variáveis de ambiente
~ System Unit : C:\
~ %AppZHP% : C:\Users\User\AppData\Roaming\ZHP\
~ %AppData% : C:\Users\User\AppData\Roaming\
~ %Desktop% : C:\Users\User\Desktop\
~ %Favorites% : C:\Users\User\Favorites\
~ %LocalAppData% : C:\Users\User\AppData\Local\
~ %StartMenu% : C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\
---\\ Enumeração das unidades dos discos
C: Hard drive, Flash drive, Thumb drive (Free 479 Go of 596 Go)
F: CD-ROM drive (Not Inserted)
---\\ Estado do Centro de Segurança do Windows
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: Modified
~ Security Center: 49 Legitimates Filtered in 00mn 00s
---\\ Pesquisa particular de ficheiros genéricos
[MD5.332FEAB1435662FC6C672E25BEB37BE3] - (.Microsoft Corporation - Windows Explorer.) (.04/05/2012 - 09:25:41.) -- C:\Windows\Explorer.exe [2871808]
[MD5.94355C28C1970635A31B3FE52EB7CEBA] - (.Microsoft Corporation - Aplicativo de Inicialização do Windows.) (.13/07/2009 - 22:39:52.) -- C:\Windows\System32\Wininit.exe [129024]
[MD5.2EE102DF0EDD8A1EDD3D1E9B99A91BEC] - (.Microsoft Corporation - Internet Extensions para Win32.) (.18/06/2014 - 19:58:27.) -- C:\Windows\System32\wininet.dll [2266112]
[MD5.88AB9B72B4BF3963A0DE0820B4B0B06C] - (.Microsoft Corporation - Aplicativo de Logon do Windows.) (.04/03/2014 - 06:43:50.) -- C:\Windows\System32\Winlogon.exe [455168]
[MD5.067FA52BFB59A56110A12312EF9AF243] - (.Microsoft Corporation - Biblioteca de Licenciamento de Software.) (.21/11/2010 - 00:24:16.) -- C:\Windows\System32\sppcomapi.dll [232448]
[MD5.FA886682CFC5D36718D3E436AACF10B9] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.30/05/2014 - 03:45:52.) -- C:\Windows\system32\Drivers\AFD.sys [497152]
[MD5.02062C0B390B7729EDC9E69C680A6F3C] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.13/07/2009 - 22:52:21.) -- C:\Windows\system32\Drivers\atapi.sys [24128]
[MD5.B8BD2BB284668C84865658C77574381A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.13/07/2009 - 20:19:47.) -- C:\Windows\system32\Drivers\Cdfs.sys [92160]
[MD5.F036CE71586E93D94DAB220D7BDF4416] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.21/11/2010 - 00:23:47.) -- C:\Windows\system32\Drivers\Cdrom.sys [147456]
[MD5.9BB2EF44EAA163B29C4A4587887A0FE4] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.21/11/2010 - 00:24:32.) -- C:\Windows\system32\Drivers\DfsC.sys [102400]
[MD5.97BFED39B6B79EB12CDDBFEED51F56BB] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.21/11/2010 - 00:23:47.) -- C:\Windows\system32\Drivers\HDAudBus.sys [122368]
[MD5.FA55C73D4AFFA7EE23AC4BE53B4592D3] - (.Microsoft Corporation - Driver de porta i8042.) (.13/07/2009 - 20:19:57.) -- C:\Windows\system32\Drivers\i8042prt.sys [105472]
[MD5.AF9B39A7E7B6CAA203B3862582E9F2D0] - (.Microsoft Corporation - IP Network Address Translator.) (.13/07/2009 - 21:10:03.) -- C:\Windows\system32\Drivers\IpNat.sys [116224]
[MD5.A5D9106A73DC88564C825D317CAC68AC] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.04/05/2012 - 09:26:51.) -- C:\Windows\system32\Drivers\MRxSmb.sys [158208]
[MD5.09594D1089C523423B32A4229263F068] - (.Microsoft Corporation - MBT Transport driver.) (.21/11/2010 - 00:23:51.) -- C:\Windows\system32\Drivers\netBT.sys [261632]
[MD5.1A29A59A4C5BA6F8C85062A613B7E2B2] - (.Microsoft Corporation - Driver do Sistema de Arquivos NT.) (.23/01/2014 - 23:37:55.) -- C:\Windows\system32\Drivers\ntfs.sys [1684928]
[MD5.0086431C29C35BE1DBC43F52CC273887] - (.Microsoft Corporation - Driver de porta paralela.) (.13/07/2009 - 21:00:41.) -- C:\Windows\system32\Drivers\Parport.sys [97280]
[MD5.471815800AE33E6F1C32FB1B97C490CA] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.21/11/2010 - 00:24:33.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [129536]
[MD5.1B6163C503398B23FF8B939C67747683] - (.Microsoft Corporation - Microsoft RDP Device redirector.) (.21/11/2010 - 00:25:07.) -- C:\Windows\system32\Drivers\rdpdr.sys [165888]
[MD5.548260A7B8654E024DC30BF8A7C5BAA4] - (.Microsoft Corporation - SMB Transport driver.) (.13/07/2009 - 21:09:09.) -- C:\Windows\system32\Drivers\smb.sys [93184]
[MD5.DDAD5A7AB24D8B65F8D724F5C20FD806] - (.Microsoft Corporation - TDI Translation Driver.) (.21/11/2010 - 00:24:32.) -- C:\Windows\system32\Drivers\tdx.sys [119296]
[MD5.0D08D2F3B3FF84E433346669B5E0F639] - (.Microsoft Corporation - Driver de cópia de sombra de volume.) (.21/11/2010 - 00:23:47.) -- C:\Windows\system32\Drivers\volsnap.sys [295808]
~ Generic Processes: Scanned in 00mn 01s
---\\ Estatuto dos ficheiros ocultos (Oculto/Total)
~ Mes images (My Pictures) : 2/1074
~ Mes musiques (My Musics) : 1/159
~ Mes Videos (My Videos) : 1/3
~ Mes Favoris (My Favorites) : 1/8
~ Mes Documents (My Documents) : 1/78
~ Mon Bureau (My Desktop) : 1/30
~ Menu demarrer (Programs) : 1/26
~ Hidden Files: Scanned in 00mn 01s
---\\ Processos lançados
[MD5.80F11EB20864E94CFA97D673456027FB] - (.RAIDCALL.COM - Raidcall.) -- C:\Program Files\RaidCall.BR\raidcall.exe [4136648] [PID.1704]
[MD5.42663C9A625EA030F10746EBA60F8CCD] - (.NVIDIA Corporation - NVIDIA GeForce Experience Backend.) -- C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2350880] [PID.2500]
[MD5.449E6CD914920B84DDDF0F12880411EE] - (.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe [21444224] [PID.2548]
[MD5.7DFCCC67990B6DE7F30F553A4E4612A4] - (...) -- C:\Program Files (x86)\RocketDock\RocketDock.exe [495616] [PID.2556]
[MD5.26AFC1F16494FFE66F2197153B342A27] - (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe [4086432] [PID.2860]
[MD5.A56B9225499D0B709F8D67EC18A59958] - (.Razer Inc. - Razer Synapse.) -- C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [585560] [PID.2868]
[MD5.B43E68B8A022FB00FF54360D408E871B] - (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [860488] [PID.1140]
[MD5.509E0687DA8749E65D002011E57BF20A] - (.No owner - PVP.net Patcher Kernel.) -- C:\Program Files (x86)\League of Legends\RADS\system\rads_user_kernel.exe [1302080] [PID.1496]
[MD5.16EAD29F732BE18A5ABFF190379593C1] - (.No owner - PVP.net Patcher.) -- C:\Program Files (x86)\League of Legends\RADS\projects\lol_launcher\releases\0.0.0.213\deploy\LoLLauncher.exe [5430776] [PID.4152]
[MD5.5B93A9C1BB894EFA4D6429EEADA5007C] - (...) -- C:\Program Files (x86)\League of Legends\RADS\projects\lol_air_client\releases\0.0.1.100\deploy\LolClient.exe [74752] [PID.1404]
[MD5.0DA8636ACBF55A4CA6350FEA7D789828] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [8082432] [PID.1592]
[MD5.718D79F2E7EC3AFFD3661DA81F93BBEA] - (.NVIDIA Corporation - Stereo Vision Control Panel API Server.) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [413128] [PID.920]
[MD5.73F5C13B431915BAE35254B4E95DFB71] - (.AVAST Software - avast! Service.) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344] [PID.1244]
[MD5.D386D51B1839E208EF7CCFBFA964638E] - (.AVAST Software - avast! firewall service.) -- C:\Program Files\AVAST Software\Avast\afwServ.exe [106488] [PID.1464]
[MD5.B1EA9681502EE57F87DB71D726288A5B] - (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [65192] [PID.1956]
[MD5.6B73E94F9FE82D45781B8C8A09483082] - (.Apple Inc. - YSLoader.exe.) -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [43336] [PID.1276]
[MD5.E09C5339746C10596C1BA740956F3416] - (.NVIDIA Corporation - NVIDIA Network Service.) -- C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1631008] [PID.2352]
[MD5.3438EFDC30F7A41D3598ED60BBF6CF2A] - (.TeamViewer GmbH - TeamViewer 9.) -- C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe [5037888] [PID.3104]
[MD5.C56E64BA70DC822B84D100A6F8D690D3] - (.Intel Corporation - Local Manageability Service.) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [277784] [PID.5116]
[MD5.0F9E1BC7E2BEA1A4108EC9736CF0C2D9] - (.Intel Corporation - User Notification Service.) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [363800] [PID.3940]
~ Processes Running: Scanned in 00mn 02s
---\\ Google Chrome, Arranque,Pesquisa,Extensões (G0,G1,G2)
C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Preferences
G2 - GCE: Preference [User Data\Default] [ahfgeienlihckogmohjhadlkjgocpleb] Loja v.0.2 (Activé)
G2 - GCE: Preference [User Data\Default] [kmendfapggjehodndflmmgagdbamhnfd] CryptoTokenExtension v.0.0.1 (Activé)
G2 - GCE: Preference [User Data\Default] [neajdppkdcdipfabeoofebfddakdcjhd] Google Network Speech v.1.0 (Activé)
G2 - GCE: Preference [User Data\Default] [pafkbggdmjlpgkdkcbjmhmfcdpncadgh] Google Now v.1.2.0.1 (Activé)
---\\ Pasta de extensão do Google Chrome
~ Google Lines Browser: 16 Legitimates Filtered in 00mn 02s
---\\ Internet Explorer, Gestão do Proxy (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s
---\\ Análise das linhas F0, F1, F2, F3 - Ficheiros ini, Carregamento Automático de programas
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys: Scanned in 00mn 00s
---\\ Redireção do ficheiro Hosts (01)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File: Scanned in 00mn 00s
~ Nombre de lignes (Lines number): 21
---\\ Aplicações iniciadas por registo & pastas (04)
O4 - HKLM\..\Run: [NvBackend] . (.NVIDIA Corporation - NVIDIA GeForce Experience Backend.) -- C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
O4 - HKLM\..\Run: [ShadowPlay] . (.NVIDIA Corporation - NVIDIA Capture Server Proxy.) -- C:\Windows\system32\nvspcap64.dll
O4 - HKLM\..\Run: [RTHDVCPL] . (.Realtek Semiconductor - Gerenciador de áudio HD Realtek.) -- C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
O4 - HKCU\..\Run: [Skype] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe =>.Skype Technologies S.A.
O4 - HKCU\..\Run: [RocketDock] . (...) -- C:\Program Files (x86)\RocketDock\RocketDock.exe
O4 - HKLM\..\Wow6432Node\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe =>.Adobe Systems Incorporated
O4 - HKLM\..\Wow6432Node\Run: [AvastUI.exe] . (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
O4 - HKLM\..\Wow6432Node\Run: [Razer Synapse] . (.Razer Inc. - Razer Synapse.) -- C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets da Área de Trabalho do Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets da Área de Trabalho do Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-21-1758606025-4058047857-1023707703-1000\..\Run: [Skype] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe =>.Skype Technologies S.A.
O4 - HKUS\S-1-5-21-1758606025-4058047857-1023707703-1000\..\Run: [RocketDock] . (...) -- C:\Program Files (x86)\RocketDock\RocketDock.exe
~ Application: Scanned in 00mn 00s
---\\ Boutões da barra de ferramentas principal do Internet Explorer (09)
O9 - Extra button: &Enviar para o OneNote [64Bits] - {2670000A-7350-4f3c-8081-5663EE0C6C49} -- C:\Program Files (x86)\MICROS~2\Office15\ONBttnIE.dll (.not file.)
O9 - Extra button: Clique para Telefonar do Lync [64Bits] - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} . (.Microsoft Corporation - Microsoft Lync.) -- C:\Program Files\Microsoft Office\Office15\lync.exe
O9 - Extra button: &Anotações Vinculadas do OneNote [64Bits] - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} -- C:\Program Files (x86)\MICROS~2\Office15\ONBTTN~1.dll (.not file.)
~ IE Extra Buttons: Scanned in 00mn 00s
---\\ Alteração Dominio/Clientes DNS (017)
O17 - HKLM\System\CCS\Services\Tcpip\..\{4E52E742-8D85-4154-909C-7201A340A52F}: NameServer = 187.84.240.11,187.84.240.14
O17 - HKLM\System\CCS\Services\Tcpip\..\{4E52E742-8D85-4154-909C-7201A340A52F}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{4E52E742-8D85-4154-909C-7201A340A52F}: NameServer = 187.84.240.11,187.84.240.14
O17 - HKLM\System\CS1\Services\Tcpip\..\{4E52E742-8D85-4154-909C-7201A340A52F}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{4E52E742-8D85-4154-909C-7201A340A52F}: NameServer = 187.84.240.11,187.84.240.14
O17 - HKLM\System\CS2\Services\Tcpip\..\{4E52E742-8D85-4154-909C-7201A340A52F}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
~ Domain: Scanned in 00mn 00s
---\\ Protocolo adicional (018)
O18 - Handler: vbscript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visualizador de HTML da Microsoft (R).) -- C:\Windows\System32\mshtml.dll
O18 - Filter: text/xml [64Bits] - {807583E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.dll =>.Microsoft Corporation
~ Protocole Additionnel: Scanned in 00mn 00s
---\\ Lista dos serviços NT não Microsoft e não desativados (023)
O23 - Service: Razer Surround Audio Service (RzMaelstromVADStreamingService) . (.A-Volute - Maelstrom VAD Streaming Service.) - C:\ProgramData\Razer\Synapse\Devices\Razer Surround\Driver\RzMaelstromVADStreamingService.exe
~ Services: 16 Legitimates Filtered in 00mn 07s
---\\ Tarefas planificadas automaticamente (039)
[MD5.00000000000000000000000000000000] [APT] [DriverEasy Scheduled Scan] (...) -- C:\Program Files\Easeware\DriverEasy\DriverEasy.exe (.not file.) [0]
[MD5.80F11EB20864E94CFA97D673456027FB] [APT] [Raidcall_EN] (.RAIDCALL.COM.) -- C:\Program Files\RaidCall.BR\raidcall.exe [4136648]
O39 - APT: DriverEasy Scheduled Scan - (...) -- C:\Windows\Tasks\DriverEasy Scheduled Scan.job [404]
O39 - APT: DriverEasy Scheduled Scan - (...) -- C:\Windows\System32\Tasks\DriverEasy Scheduled Scan [404]
O39 - APT: - (..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore [1060]
O39 - APT: - (..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA [1064]
~ Scheduled Task: 14 Legitimates Filtered in 00mn 08s
---\\ Software instalados (042)
O42 - Logiciel: PSoul versão 2.7.8 - (.PSoul.) [HKLM][64Bits] -- {5C5FB05F-B231-4A43-BD55-20A593AE740F}_is1
O42 - Logiciel: Strike Suit Infinity - (.Born Ready Games Ltd..) [HKLM][64Bits] -- Steam App 234160
O42 - Logiciel: Woodle Tree Adventures - (.Fabio Ferrara.) [HKLM][64Bits] -- Steam App 299460
~ Logic: 18 Legitimates Filtered in 00mn 00s
---\\ HKCU & HKLM Software Keys
[HKCU\Software\Administrator]
[HKCU\Software\Error Fix]
[HKCU\Software\OB]
[HKCU\Software\Shortcut_Module]
[HKLM\Software\Baidu Security]
[HKLM\Software\Shortcut_Module]
[HKLM\Software\Wow6432Node\Baidu Security]
[HKLM\Software\Wow6432Node\ETS2MP]
[HKLM\Software\Wow6432Node\Error Fix]
[HKLM\Software\Wow6432Node\RCBR]
[HKLM\Software\Wow6432Node\Shortcut_Module]
~ Key Software: 267 Legitimates Filtered in 00mn 00s
---\\ Conteúdo das pastas Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 04/06/2014 - 22:32:18 - [] ----D C:\Program Files (x86)\PSoul
O43 - CFD: 17/06/2014 - 20:00:40 - [] ----D C:\Users\User\AppData\Roaming\.technic
O43 - CFD: 12/06/2014 - 19:07:51 - [] ----D C:\Users\User\AppData\Roaming\ProductData
O43 - CFD: 22/07/2014 - 21:40:38 - [0] ----D C:\Users\User\AppData\Local\pangu
~ Program Folder: 155 Legitimates Filtered in 00mn 00s
---\\ Últimos ficheiros alterados ou criados no Windows e Sistema32 (044)
O44 - LFC:[MD5.D95E64416A4A3ED6986E0F474DA934BD] - 13/07/2014 - 16:55:59 ---A- . (...) -- C:\Windows\System32\Drivers\aswHwid.sys [29208]
O44 - LFC:[MD5.FED0FC103F369F49A166DCDE2A45DCA4] - 15/07/2014 - 15:58:24 ---A- . (...) -- C:\Windows\System32\prfc0416.dat [147314]
O44 - LFC:[MD5.0ADD1ACEDF5489B36D7785DE111037B0] - 15/07/2014 - 15:58:24 ---A- . (...) -- C:\Windows\System32\prfh0416.dat [705474]
O44 - LFC:[MD5.AAEECC26548C8FFA79E0CA779B50C0B4] - 26/07/2014 - 12:09:02 ---A- . (...) -- C:\Windows\System32\ASOROSet.bin [1656]
O44 - LFC:[MD5.2884DA0E5CE6D42F31FC4476A8947F1B] - 27/07/2014 - 02:03:17 ---A- . (.No owner - SDL.) -- C:\Windows\System32\sdl.dll [647168]
O44 - LFC:[MD5.C443419ACA85827AD626CBDFC185B6CB] - 27/07/2014 - 19:49:02 ---A- . (...) -- C:\Windows\ntbtlog.txt [114876]
O44 - LFC:[MD5.AF90C0AB83C7481A433026E2319FB78C] - 27/07/2014 - 19:54:47 ---A- . (...) -- C:\Shortcut_Module.txt [29250]
O44 - LFC:[MD5.D534B20A68DF6B54CE6E72E9D3730416] - 27/07/2014 - 20:29:58 ---A- . (...) -- C:\zoek-results2014-07-27-232958.log [21600]
O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 28/07/2014 - 12:02:04 ---A- . (...) -- C:\Windows\System32\RzMaelstromVADAudioDeviceManager_log.txt [0]
O44 - LFC:[MD5.29CE98551097D8328F6451225A50FA35] - 28/07/2014 - 12:20:21 ---A- . (...) -- C:\zoek-results2014-07-28-152021.log [11979]
O44 - LFC:[MD5.AB28A0FD16FCD2D604B3ABF11B82227D] - 28/07/2014 - 13:53:37 ---A- . (...) -- C:\zoek-results2014-07-28-165337.log [3351]
O44 - LFC:[MD5.521A10F9CB8C11AAE69BEB996DFF42A6] - 28/07/2014 - 14:04:29 ---A- . (...) -- C:\zoek-results.log [2367]
~ Files: 63 Legitimates Filtered in 00mn 05s
---\\ Chave do registo Shell MountPoints2 (MPKS) (O51)
O51 - MPSK:{ec50912b-e902-11e3-b87c-e06995fdfcd6}\AutoRun\command. (...) -- F:\cdstart.exe (.not file.)
~ Keys: Scanned in 00mn 00s
---\\ Pesquisa de infeções nos drivers (HKLM)(TDSD) (O52)
O52 - TDSD: \Drivers32\"VIDC.X264"="x264vfw64.dll" . (.x264vfw project - x264vfw - H.264/MPEG-4 AVC codec.) -- C:\Windows\System32\x264vfw64.dll
~ TDSD: 12 Legitimates Filtered in 00mn 00s
---\\ Enumeração das chaves do registo PoliciesSystem (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=0
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
~ MWPS: 18 Legitimates Filtered in 00mn 00s
---\\ Enumeração das chaves do registo PoliciesExplorer (MWPE) (O56)
O56 - MWPE:[HKCU\...\policies\Explorer] - "NoThumbnailCache"=1
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktopChanges"=1
~ MWPE Keys: 5 Legitimates Filtered in 00mn 00s
---\\ Lista dos drivers do sistema (SDL) (O58)
O58 - SDL:13/07/2014 - 16:55:59 ---A- . (...) -- C:\Windows\System32\Drivers\aswHwid.sys [29208] =>.ALWIL Software
O58 - SDL:13/07/2014 - 16:55:59 ---A- . (...) -- C:\Windows\System32\Drivers\aswRvrt.sys [65776] =>.ALWIL Software
O58 - SDL:13/07/2014 - 16:56:00 ---A- . (...) -- C:\Windows\System32\Drivers\aswVmm.sys [224896] =>.ALWIL Software
O58 - SDL:13/07/2009 - 22:47:48 ---A- . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\System32\Drivers\elxstor.sys [530496]
O58 - SDL:10/06/2009 - 17:31:59 ---A- . (.Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for eHome.) -- C:\Windows\System32\Drivers\hcw85cir.sys [31232]
O58 - SDL:09/06/2014 - 06:49:00 ---A- . (.Windows (R) Win 7 DDK provider - Maelstrom VAD Audio driver.) -- C:\Windows\System32\Drivers\RzMaelstromVAD.sys [32768]
O58 - SDL:13/07/2009 - 22:45:55 ---A- . (.Promise Technology - Promise SuperTrak EX Series Driver for Windows.) -- C:\Windows\System32\Drivers\stexstor.sys [24656]
O58 - SDL:06/06/2014 - 16:13:19 ---A- . (...) -- C:\Windows\System32\Drivers\SWDUMon.sys [16152]
O58 - SDL:18/03/2013 - 16:51:08 ---A- . (.Apple, Inc. - Apple Mobile Device USB Driver.) -- C:\Windows\System32\Drivers\usbaapl64.sys [54784]
~ Drivers: 68 Legitimates Filtered in 00mn 05s
---\\ Lista das ferramentas de remoção de vírus (LAT) (063)
O63 - Logiciel: ZHPDiag 2014 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =>.Nicolas Coolman
~ ADS: Scanned in 00mn 00s
---\\ Lista dos serviços Legacy du registo (064)
O64 - Services: CurCS - 13/07/2014 - C:\Windows\system32\drivers\aswHwid.sys (aswHwid) .(...) - LEGACY_ASWHWID
O64 - Services: CurCS - 10/06/2009 - C:\Windows\System32\Drivers\secdrv.sys (secdrv) .(.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) - LEGACY_SECDRV
~ Legacy: 82 Legitimates Filtered in 00mn 00s
---\\ Associações Shell Spawning (O67)
O67 - Shell Spawning: <.html>[HKCU\..\open\Command] (.Not Key.)
~ FASS Keys: 11 Legitimates Filtered in 00mn 00s
---\\ Menu de inicialização Internet (068)
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
~ Keys: Scanned in 00mn 00s
---\\ Pesquisa de infeção nos navegadores da Internet (SBI) (069)
O69 - SBI: SearchScopes [HKCU] {012E1000-F331-11DB-8314-0800200C9A66} [DefaultScope] - (Google) - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (Bing) - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O69 - SBI: SearchScopes [HKCU] {6551AB67-100C-45E6-B2F1-B9A058B4191D} - (Google) - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
~ Keys: Scanned in 00mn 00s
---\\ Pesquisa adicional à raiz do sistema (radicular) (SPRF) (O84)
[MD5.5A3E1852C59194FC29F4332B40A960A7] [SPRF][27/07/2014] (.No owner - Shortcut_Module.) -- C:\Users\User\Desktop\Shortcut_Module.exe [2679808]
[MD5.B6F3EFF7F38D65A0C54B11A675173300] [SPRF][27/07/2014] (...) -- C:\Users\User\Desktop\zoek.exe [1287168]
~ Files: 2 Legitimates Filtered in 00mn 01s
---\\ Lista das exceções do FireWall (FirewallRules) (O87)
O87 - FAEL: "{782D799E-89A8-48CE-B402-5BAA5A31C71A}" | In - None - P6 - TRUE | .(.BitTorrent Inc. - µTorrent.) -- C:\Users\User\Tudo\Programas\utorrent.exe =>P2P.BitTorrent
O87 - FAEL: "{125948D4-6AB7-4244-8811-EE986E95BBEF}" | In - None - P17 - TRUE | .(.BitTorrent Inc. - µTorrent.) -- C:\Users\User\Tudo\Programas\utorrent.exe =>P2P.BitTorrent
~ Firewall: 2 Legitimates Filtered in 00mn 02s
---\\ Estado general dos serviços não Microsoft (EGS) (SR=Executados, SS=Parados)
SS - | Auto 31/05/2014 116648 | (gupdate) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 31/05/2014 116648 | (gupdatem) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 09/05/2011 136120 | (gusvc) . (.Google.) - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
SS - | Demand 08/07/2014 641352 | (iPod Service) . (.Apple Inc..) - C:\Program Files\iPod\bin\iPodService.exe
SS - | Auto 29/05/2014 21055432 | (NvStreamSvc) . (.NVIDIA Corporation.) - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
SS - | Auto 23/10/2013 172192 | (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files (x86)\Skype\Updater\Updater.exe
SS - | Demand 08/02/2014 569024 | (Steam Client Service) . (.Valve Corporation.) - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
SS - | Demand 10/07/1658 0 | (WMPNetworkSvc) . (...) - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe =>.Microsoft Corporation
SR - | Auto 23/09/2012 65192 | (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
SR - | Auto 12/06/2014 43336 | (Apple Mobile Device) . (.Apple Inc..) - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
SR - | Auto 13/07/2014 50344 | (avast! Antivirus) . (.AVAST Software.) - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
SR - | Auto 13/07/2014 106488 | (avast! Firewall) . (.AVAST Software.) - C:\Program Files\AVAST Software\Avast\afwServ.exe
SR - | Auto 30/08/2011 462184 | (Bonjour Service) . (.Apple Inc..) - C:\Program Files\Bonjour\mDNSResponder.exe
SR - | Auto 08/12/2011 607456 | (Intel(R) Capability Licensing Service Interface) . (.Intel(R) Corporation.) - C:\Program Files\Intel\iCLS Client\HeciServer.exe
SR - | Auto 16/12/2011 277784 | (LMS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
SR - | Auto 29/05/2014 1631008 | (NvNetworkService) . (.NVIDIA Corporation.) - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
SR - | Auto 19/05/2014 927520 | (nvsvc) . (.NVIDIA Corporation.) - C:\Windows\system32\nvvsvc.exe
SR - | Auto 09/06/2014 4250624 | (RzMaelstromVADStreamingService) . (.A-Volute.) - C:\ProgramData\Razer\Synapse\Devices\Razer Surround\Driver\RzMaelstromVADStreamingService.exe
SR - | Auto 19/05/2014 413128 | (Stereo Service) . (.NVIDIA Corporation.) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
SR - | Auto 02/07/2014 5037888 | (TeamViewer9) . (.TeamViewer GmbH.) - C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
SR - | Auto 16/12/2011 363800 | (UNS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
SR - | Auto 13/07/2009 27136 | C:\Program Files (x86)\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SR - | Auto 13/07/2009 27136 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
~ Services: Scanned in 00mn 12s
---\\ Scâner Aditional (088)
Database Version : 13026 - (27/07/2014)
Clés trouvées (Keys found) : 0
Valeurs trouvées (Values found) : 0
Dossiers trouvés (Folders found) : 0
Fichiers trouvés (Files found) : 0
~ Additionnel Scan: 307764 Items scanned in 01mn 00s
---\\ Informações complémentaires do módulos
~ [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>.Google Chrome, Arranque,Pesquisa,Extensões (G0,G1,G2)
~ [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>.Internet Explorer, Gestão do Proxy (R5)
~ [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>.Aplicações iniciadas por registo & pastas (04)
~ [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>.Chave do registo Shell MountPoints2 (MPKS) (O51)
~ AMI: 4 Legitimates Filtered in 00mn 00s
---\\ Sumário das deteções encontradas na sua estação
~ MSI: 0 link(s) detected in 00mn 00s
~ 829 Legitimates filtered by white list
End of the scan (435 lines in 02mn 43s)(0)
~ Iniciado por User (28/07/2014 15:25:18)
~ Endereço do Website : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
~ Endereço do Webforum : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
~ Tradução pelo utilizador
~ Estatuto da versão : Versão atualizada.
~ Lista Branca : Ativado pelo programa
~ Elevação dos Privilégios : OK
~ Controle de Conta de Utilizador : Deactivate by user
---\\ Navegadores Internet
MSIE: Internet Explorer v11.0.9600.17207
GCIE: Google Chrome v36.0.1985.125 (Defaut)
---\\ Informações sobre os produtos Windows
~ Langage: Portugais
Windows 7 Ultimate, 64-bit Service Pack 1 (Build 7601)
Windows Server License Manager Script : OK
Software Protection Service (Protection logicielle) : OK
Windows Automatic Updates : OK
Windows Activation Technologies : OK
---\\ Softwares de proteçao do sistema
avast! Internet Security v9.0.2021
Windows Defender W7 (Activate)
---\\ Softwares d'optimização do sistema
CCleaner v4.14
---\\ Softwares de partilha do PeerToPeer (P2P)
---\\ Monitoramento dos softwares
Adobe Flash Player 14 Plugin
Adobe Reader XI - Português
Java 7 Update 60
---\\ Informações sobre o sistema
~ Processor: Intel64 Family 6 Model 42 Stepping 7, GenuineIntel
~ Operating System: 64 Bits
Boot mode: Normal (Normal boot)
Total RAM: 4078 MB (45% free)
System Restore: Activé (Enable)
System drive C: has 479 GB (80%) free of 596 GB
---\\ Modo de conexão ao sistema
~ Computer Name: USER-PC
~ User Name: User
~ All Users Names: User, Convidado, Administrador,
~ Unselected Option: 045,061,O62,065,066,080,O82,089
Logged in as Administrator
---\\ As variáveis de ambiente
~ System Unit : C:\
~ %AppZHP% : C:\Users\User\AppData\Roaming\ZHP\
~ %AppData% : C:\Users\User\AppData\Roaming\
~ %Desktop% : C:\Users\User\Desktop\
~ %Favorites% : C:\Users\User\Favorites\
~ %LocalAppData% : C:\Users\User\AppData\Local\
~ %StartMenu% : C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\
---\\ Enumeração das unidades dos discos
C: Hard drive, Flash drive, Thumb drive (Free 479 Go of 596 Go)
F: CD-ROM drive (Not Inserted)
---\\ Estado do Centro de Segurança do Windows
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: Modified
~ Security Center: 49 Legitimates Filtered in 00mn 00s
---\\ Pesquisa particular de ficheiros genéricos
[MD5.332FEAB1435662FC6C672E25BEB37BE3] - (.Microsoft Corporation - Windows Explorer.) (.04/05/2012 - 09:25:41.) -- C:\Windows\Explorer.exe [2871808]
[MD5.94355C28C1970635A31B3FE52EB7CEBA] - (.Microsoft Corporation - Aplicativo de Inicialização do Windows.) (.13/07/2009 - 22:39:52.) -- C:\Windows\System32\Wininit.exe [129024]
[MD5.2EE102DF0EDD8A1EDD3D1E9B99A91BEC] - (.Microsoft Corporation - Internet Extensions para Win32.) (.18/06/2014 - 19:58:27.) -- C:\Windows\System32\wininet.dll [2266112]
[MD5.88AB9B72B4BF3963A0DE0820B4B0B06C] - (.Microsoft Corporation - Aplicativo de Logon do Windows.) (.04/03/2014 - 06:43:50.) -- C:\Windows\System32\Winlogon.exe [455168]
[MD5.067FA52BFB59A56110A12312EF9AF243] - (.Microsoft Corporation - Biblioteca de Licenciamento de Software.) (.21/11/2010 - 00:24:16.) -- C:\Windows\System32\sppcomapi.dll [232448]
[MD5.FA886682CFC5D36718D3E436AACF10B9] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.30/05/2014 - 03:45:52.) -- C:\Windows\system32\Drivers\AFD.sys [497152]
[MD5.02062C0B390B7729EDC9E69C680A6F3C] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.13/07/2009 - 22:52:21.) -- C:\Windows\system32\Drivers\atapi.sys [24128]
[MD5.B8BD2BB284668C84865658C77574381A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.13/07/2009 - 20:19:47.) -- C:\Windows\system32\Drivers\Cdfs.sys [92160]
[MD5.F036CE71586E93D94DAB220D7BDF4416] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.21/11/2010 - 00:23:47.) -- C:\Windows\system32\Drivers\Cdrom.sys [147456]
[MD5.9BB2EF44EAA163B29C4A4587887A0FE4] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.21/11/2010 - 00:24:32.) -- C:\Windows\system32\Drivers\DfsC.sys [102400]
[MD5.97BFED39B6B79EB12CDDBFEED51F56BB] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.21/11/2010 - 00:23:47.) -- C:\Windows\system32\Drivers\HDAudBus.sys [122368]
[MD5.FA55C73D4AFFA7EE23AC4BE53B4592D3] - (.Microsoft Corporation - Driver de porta i8042.) (.13/07/2009 - 20:19:57.) -- C:\Windows\system32\Drivers\i8042prt.sys [105472]
[MD5.AF9B39A7E7B6CAA203B3862582E9F2D0] - (.Microsoft Corporation - IP Network Address Translator.) (.13/07/2009 - 21:10:03.) -- C:\Windows\system32\Drivers\IpNat.sys [116224]
[MD5.A5D9106A73DC88564C825D317CAC68AC] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.04/05/2012 - 09:26:51.) -- C:\Windows\system32\Drivers\MRxSmb.sys [158208]
[MD5.09594D1089C523423B32A4229263F068] - (.Microsoft Corporation - MBT Transport driver.) (.21/11/2010 - 00:23:51.) -- C:\Windows\system32\Drivers\netBT.sys [261632]
[MD5.1A29A59A4C5BA6F8C85062A613B7E2B2] - (.Microsoft Corporation - Driver do Sistema de Arquivos NT.) (.23/01/2014 - 23:37:55.) -- C:\Windows\system32\Drivers\ntfs.sys [1684928]
[MD5.0086431C29C35BE1DBC43F52CC273887] - (.Microsoft Corporation - Driver de porta paralela.) (.13/07/2009 - 21:00:41.) -- C:\Windows\system32\Drivers\Parport.sys [97280]
[MD5.471815800AE33E6F1C32FB1B97C490CA] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.21/11/2010 - 00:24:33.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [129536]
[MD5.1B6163C503398B23FF8B939C67747683] - (.Microsoft Corporation - Microsoft RDP Device redirector.) (.21/11/2010 - 00:25:07.) -- C:\Windows\system32\Drivers\rdpdr.sys [165888]
[MD5.548260A7B8654E024DC30BF8A7C5BAA4] - (.Microsoft Corporation - SMB Transport driver.) (.13/07/2009 - 21:09:09.) -- C:\Windows\system32\Drivers\smb.sys [93184]
[MD5.DDAD5A7AB24D8B65F8D724F5C20FD806] - (.Microsoft Corporation - TDI Translation Driver.) (.21/11/2010 - 00:24:32.) -- C:\Windows\system32\Drivers\tdx.sys [119296]
[MD5.0D08D2F3B3FF84E433346669B5E0F639] - (.Microsoft Corporation - Driver de cópia de sombra de volume.) (.21/11/2010 - 00:23:47.) -- C:\Windows\system32\Drivers\volsnap.sys [295808]
~ Generic Processes: Scanned in 00mn 01s
---\\ Estatuto dos ficheiros ocultos (Oculto/Total)
~ Mes images (My Pictures) : 2/1074
~ Mes musiques (My Musics) : 1/159
~ Mes Videos (My Videos) : 1/3
~ Mes Favoris (My Favorites) : 1/8
~ Mes Documents (My Documents) : 1/78
~ Mon Bureau (My Desktop) : 1/30
~ Menu demarrer (Programs) : 1/26
~ Hidden Files: Scanned in 00mn 01s
---\\ Processos lançados
[MD5.80F11EB20864E94CFA97D673456027FB] - (.RAIDCALL.COM - Raidcall.) -- C:\Program Files\RaidCall.BR\raidcall.exe [4136648] [PID.1704]
[MD5.42663C9A625EA030F10746EBA60F8CCD] - (.NVIDIA Corporation - NVIDIA GeForce Experience Backend.) -- C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2350880] [PID.2500]
[MD5.449E6CD914920B84DDDF0F12880411EE] - (.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe [21444224] [PID.2548]
[MD5.7DFCCC67990B6DE7F30F553A4E4612A4] - (...) -- C:\Program Files (x86)\RocketDock\RocketDock.exe [495616] [PID.2556]
[MD5.26AFC1F16494FFE66F2197153B342A27] - (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe [4086432] [PID.2860]
[MD5.A56B9225499D0B709F8D67EC18A59958] - (.Razer Inc. - Razer Synapse.) -- C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [585560] [PID.2868]
[MD5.B43E68B8A022FB00FF54360D408E871B] - (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [860488] [PID.1140]
[MD5.509E0687DA8749E65D002011E57BF20A] - (.No owner - PVP.net Patcher Kernel.) -- C:\Program Files (x86)\League of Legends\RADS\system\rads_user_kernel.exe [1302080] [PID.1496]
[MD5.16EAD29F732BE18A5ABFF190379593C1] - (.No owner - PVP.net Patcher.) -- C:\Program Files (x86)\League of Legends\RADS\projects\lol_launcher\releases\0.0.0.213\deploy\LoLLauncher.exe [5430776] [PID.4152]
[MD5.5B93A9C1BB894EFA4D6429EEADA5007C] - (...) -- C:\Program Files (x86)\League of Legends\RADS\projects\lol_air_client\releases\0.0.1.100\deploy\LolClient.exe [74752] [PID.1404]
[MD5.0DA8636ACBF55A4CA6350FEA7D789828] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [8082432] [PID.1592]
[MD5.718D79F2E7EC3AFFD3661DA81F93BBEA] - (.NVIDIA Corporation - Stereo Vision Control Panel API Server.) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [413128] [PID.920]
[MD5.73F5C13B431915BAE35254B4E95DFB71] - (.AVAST Software - avast! Service.) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344] [PID.1244]
[MD5.D386D51B1839E208EF7CCFBFA964638E] - (.AVAST Software - avast! firewall service.) -- C:\Program Files\AVAST Software\Avast\afwServ.exe [106488] [PID.1464]
[MD5.B1EA9681502EE57F87DB71D726288A5B] - (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [65192] [PID.1956]
[MD5.6B73E94F9FE82D45781B8C8A09483082] - (.Apple Inc. - YSLoader.exe.) -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [43336] [PID.1276]
[MD5.E09C5339746C10596C1BA740956F3416] - (.NVIDIA Corporation - NVIDIA Network Service.) -- C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1631008] [PID.2352]
[MD5.3438EFDC30F7A41D3598ED60BBF6CF2A] - (.TeamViewer GmbH - TeamViewer 9.) -- C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe [5037888] [PID.3104]
[MD5.C56E64BA70DC822B84D100A6F8D690D3] - (.Intel Corporation - Local Manageability Service.) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [277784] [PID.5116]
[MD5.0F9E1BC7E2BEA1A4108EC9736CF0C2D9] - (.Intel Corporation - User Notification Service.) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [363800] [PID.3940]
~ Processes Running: Scanned in 00mn 02s
---\\ Google Chrome, Arranque,Pesquisa,Extensões (G0,G1,G2)
C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Preferences
G2 - GCE: Preference [User Data\Default] [ahfgeienlihckogmohjhadlkjgocpleb] Loja v.0.2 (Activé)
G2 - GCE: Preference [User Data\Default] [kmendfapggjehodndflmmgagdbamhnfd] CryptoTokenExtension v.0.0.1 (Activé)
G2 - GCE: Preference [User Data\Default] [neajdppkdcdipfabeoofebfddakdcjhd] Google Network Speech v.1.0 (Activé)
G2 - GCE: Preference [User Data\Default] [pafkbggdmjlpgkdkcbjmhmfcdpncadgh] Google Now v.1.2.0.1 (Activé)
---\\ Pasta de extensão do Google Chrome
~ Google Lines Browser: 16 Legitimates Filtered in 00mn 02s
---\\ Internet Explorer, Gestão do Proxy (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s
---\\ Análise das linhas F0, F1, F2, F3 - Ficheiros ini, Carregamento Automático de programas
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys: Scanned in 00mn 00s
---\\ Redireção do ficheiro Hosts (01)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File: Scanned in 00mn 00s
~ Nombre de lignes (Lines number): 21
---\\ Aplicações iniciadas por registo & pastas (04)
O4 - HKLM\..\Run: [NvBackend] . (.NVIDIA Corporation - NVIDIA GeForce Experience Backend.) -- C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
O4 - HKLM\..\Run: [ShadowPlay] . (.NVIDIA Corporation - NVIDIA Capture Server Proxy.) -- C:\Windows\system32\nvspcap64.dll
O4 - HKLM\..\Run: [RTHDVCPL] . (.Realtek Semiconductor - Gerenciador de áudio HD Realtek.) -- C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
O4 - HKCU\..\Run: [Skype] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe =>.Skype Technologies S.A.
O4 - HKCU\..\Run: [RocketDock] . (...) -- C:\Program Files (x86)\RocketDock\RocketDock.exe
O4 - HKLM\..\Wow6432Node\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe =>.Adobe Systems Incorporated
O4 - HKLM\..\Wow6432Node\Run: [AvastUI.exe] . (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
O4 - HKLM\..\Wow6432Node\Run: [Razer Synapse] . (.Razer Inc. - Razer Synapse.) -- C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets da Área de Trabalho do Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets da Área de Trabalho do Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-21-1758606025-4058047857-1023707703-1000\..\Run: [Skype] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe =>.Skype Technologies S.A.
O4 - HKUS\S-1-5-21-1758606025-4058047857-1023707703-1000\..\Run: [RocketDock] . (...) -- C:\Program Files (x86)\RocketDock\RocketDock.exe
~ Application: Scanned in 00mn 00s
---\\ Boutões da barra de ferramentas principal do Internet Explorer (09)
O9 - Extra button: &Enviar para o OneNote [64Bits] - {2670000A-7350-4f3c-8081-5663EE0C6C49} -- C:\Program Files (x86)\MICROS~2\Office15\ONBttnIE.dll (.not file.)
O9 - Extra button: Clique para Telefonar do Lync [64Bits] - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} . (.Microsoft Corporation - Microsoft Lync.) -- C:\Program Files\Microsoft Office\Office15\lync.exe
O9 - Extra button: &Anotações Vinculadas do OneNote [64Bits] - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} -- C:\Program Files (x86)\MICROS~2\Office15\ONBTTN~1.dll (.not file.)
~ IE Extra Buttons: Scanned in 00mn 00s
---\\ Alteração Dominio/Clientes DNS (017)
O17 - HKLM\System\CCS\Services\Tcpip\..\{4E52E742-8D85-4154-909C-7201A340A52F}: NameServer = 187.84.240.11,187.84.240.14
O17 - HKLM\System\CCS\Services\Tcpip\..\{4E52E742-8D85-4154-909C-7201A340A52F}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{4E52E742-8D85-4154-909C-7201A340A52F}: NameServer = 187.84.240.11,187.84.240.14
O17 - HKLM\System\CS1\Services\Tcpip\..\{4E52E742-8D85-4154-909C-7201A340A52F}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{4E52E742-8D85-4154-909C-7201A340A52F}: NameServer = 187.84.240.11,187.84.240.14
O17 - HKLM\System\CS2\Services\Tcpip\..\{4E52E742-8D85-4154-909C-7201A340A52F}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
~ Domain: Scanned in 00mn 00s
---\\ Protocolo adicional (018)
O18 - Handler: vbscript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visualizador de HTML da Microsoft (R).) -- C:\Windows\System32\mshtml.dll
O18 - Filter: text/xml [64Bits] - {807583E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.dll =>.Microsoft Corporation
~ Protocole Additionnel: Scanned in 00mn 00s
---\\ Lista dos serviços NT não Microsoft e não desativados (023)
O23 - Service: Razer Surround Audio Service (RzMaelstromVADStreamingService) . (.A-Volute - Maelstrom VAD Streaming Service.) - C:\ProgramData\Razer\Synapse\Devices\Razer Surround\Driver\RzMaelstromVADStreamingService.exe
~ Services: 16 Legitimates Filtered in 00mn 07s
---\\ Tarefas planificadas automaticamente (039)
[MD5.00000000000000000000000000000000] [APT] [DriverEasy Scheduled Scan] (...) -- C:\Program Files\Easeware\DriverEasy\DriverEasy.exe (.not file.) [0]
[MD5.80F11EB20864E94CFA97D673456027FB] [APT] [Raidcall_EN] (.RAIDCALL.COM.) -- C:\Program Files\RaidCall.BR\raidcall.exe [4136648]
O39 - APT: DriverEasy Scheduled Scan - (...) -- C:\Windows\Tasks\DriverEasy Scheduled Scan.job [404]
O39 - APT: DriverEasy Scheduled Scan - (...) -- C:\Windows\System32\Tasks\DriverEasy Scheduled Scan [404]
O39 - APT: - (..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore [1060]
O39 - APT: - (..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA [1064]
~ Scheduled Task: 14 Legitimates Filtered in 00mn 08s
---\\ Software instalados (042)
O42 - Logiciel: PSoul versão 2.7.8 - (.PSoul.) [HKLM][64Bits] -- {5C5FB05F-B231-4A43-BD55-20A593AE740F}_is1
O42 - Logiciel: Strike Suit Infinity - (.Born Ready Games Ltd..) [HKLM][64Bits] -- Steam App 234160
O42 - Logiciel: Woodle Tree Adventures - (.Fabio Ferrara.) [HKLM][64Bits] -- Steam App 299460
~ Logic: 18 Legitimates Filtered in 00mn 00s
---\\ HKCU & HKLM Software Keys
[HKCU\Software\Administrator]
[HKCU\Software\Error Fix]
[HKCU\Software\OB]
[HKCU\Software\Shortcut_Module]
[HKLM\Software\Baidu Security]
[HKLM\Software\Shortcut_Module]
[HKLM\Software\Wow6432Node\Baidu Security]
[HKLM\Software\Wow6432Node\ETS2MP]
[HKLM\Software\Wow6432Node\Error Fix]
[HKLM\Software\Wow6432Node\RCBR]
[HKLM\Software\Wow6432Node\Shortcut_Module]
~ Key Software: 267 Legitimates Filtered in 00mn 00s
---\\ Conteúdo das pastas Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 04/06/2014 - 22:32:18 - [] ----D C:\Program Files (x86)\PSoul
O43 - CFD: 17/06/2014 - 20:00:40 - [] ----D C:\Users\User\AppData\Roaming\.technic
O43 - CFD: 12/06/2014 - 19:07:51 - [] ----D C:\Users\User\AppData\Roaming\ProductData
O43 - CFD: 22/07/2014 - 21:40:38 - [0] ----D C:\Users\User\AppData\Local\pangu
~ Program Folder: 155 Legitimates Filtered in 00mn 00s
---\\ Últimos ficheiros alterados ou criados no Windows e Sistema32 (044)
O44 - LFC:[MD5.D95E64416A4A3ED6986E0F474DA934BD] - 13/07/2014 - 16:55:59 ---A- . (...) -- C:\Windows\System32\Drivers\aswHwid.sys [29208]
O44 - LFC:[MD5.FED0FC103F369F49A166DCDE2A45DCA4] - 15/07/2014 - 15:58:24 ---A- . (...) -- C:\Windows\System32\prfc0416.dat [147314]
O44 - LFC:[MD5.0ADD1ACEDF5489B36D7785DE111037B0] - 15/07/2014 - 15:58:24 ---A- . (...) -- C:\Windows\System32\prfh0416.dat [705474]
O44 - LFC:[MD5.AAEECC26548C8FFA79E0CA779B50C0B4] - 26/07/2014 - 12:09:02 ---A- . (...) -- C:\Windows\System32\ASOROSet.bin [1656]
O44 - LFC:[MD5.2884DA0E5CE6D42F31FC4476A8947F1B] - 27/07/2014 - 02:03:17 ---A- . (.No owner - SDL.) -- C:\Windows\System32\sdl.dll [647168]
O44 - LFC:[MD5.C443419ACA85827AD626CBDFC185B6CB] - 27/07/2014 - 19:49:02 ---A- . (...) -- C:\Windows\ntbtlog.txt [114876]
O44 - LFC:[MD5.AF90C0AB83C7481A433026E2319FB78C] - 27/07/2014 - 19:54:47 ---A- . (...) -- C:\Shortcut_Module.txt [29250]
O44 - LFC:[MD5.D534B20A68DF6B54CE6E72E9D3730416] - 27/07/2014 - 20:29:58 ---A- . (...) -- C:\zoek-results2014-07-27-232958.log [21600]
O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 28/07/2014 - 12:02:04 ---A- . (...) -- C:\Windows\System32\RzMaelstromVADAudioDeviceManager_log.txt [0]
O44 - LFC:[MD5.29CE98551097D8328F6451225A50FA35] - 28/07/2014 - 12:20:21 ---A- . (...) -- C:\zoek-results2014-07-28-152021.log [11979]
O44 - LFC:[MD5.AB28A0FD16FCD2D604B3ABF11B82227D] - 28/07/2014 - 13:53:37 ---A- . (...) -- C:\zoek-results2014-07-28-165337.log [3351]
O44 - LFC:[MD5.521A10F9CB8C11AAE69BEB996DFF42A6] - 28/07/2014 - 14:04:29 ---A- . (...) -- C:\zoek-results.log [2367]
~ Files: 63 Legitimates Filtered in 00mn 05s
---\\ Chave do registo Shell MountPoints2 (MPKS) (O51)
O51 - MPSK:{ec50912b-e902-11e3-b87c-e06995fdfcd6}\AutoRun\command. (...) -- F:\cdstart.exe (.not file.)
~ Keys: Scanned in 00mn 00s
---\\ Pesquisa de infeções nos drivers (HKLM)(TDSD) (O52)
O52 - TDSD: \Drivers32\"VIDC.X264"="x264vfw64.dll" . (.x264vfw project - x264vfw - H.264/MPEG-4 AVC codec.) -- C:\Windows\System32\x264vfw64.dll
~ TDSD: 12 Legitimates Filtered in 00mn 00s
---\\ Enumeração das chaves do registo PoliciesSystem (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=0
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
~ MWPS: 18 Legitimates Filtered in 00mn 00s
---\\ Enumeração das chaves do registo PoliciesExplorer (MWPE) (O56)
O56 - MWPE:[HKCU\...\policies\Explorer] - "NoThumbnailCache"=1
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktopChanges"=1
~ MWPE Keys: 5 Legitimates Filtered in 00mn 00s
---\\ Lista dos drivers do sistema (SDL) (O58)
O58 - SDL:13/07/2014 - 16:55:59 ---A- . (...) -- C:\Windows\System32\Drivers\aswHwid.sys [29208] =>.ALWIL Software
O58 - SDL:13/07/2014 - 16:55:59 ---A- . (...) -- C:\Windows\System32\Drivers\aswRvrt.sys [65776] =>.ALWIL Software
O58 - SDL:13/07/2014 - 16:56:00 ---A- . (...) -- C:\Windows\System32\Drivers\aswVmm.sys [224896] =>.ALWIL Software
O58 - SDL:13/07/2009 - 22:47:48 ---A- . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\System32\Drivers\elxstor.sys [530496]
O58 - SDL:10/06/2009 - 17:31:59 ---A- . (.Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for eHome.) -- C:\Windows\System32\Drivers\hcw85cir.sys [31232]
O58 - SDL:09/06/2014 - 06:49:00 ---A- . (.Windows (R) Win 7 DDK provider - Maelstrom VAD Audio driver.) -- C:\Windows\System32\Drivers\RzMaelstromVAD.sys [32768]
O58 - SDL:13/07/2009 - 22:45:55 ---A- . (.Promise Technology - Promise SuperTrak EX Series Driver for Windows.) -- C:\Windows\System32\Drivers\stexstor.sys [24656]
O58 - SDL:06/06/2014 - 16:13:19 ---A- . (...) -- C:\Windows\System32\Drivers\SWDUMon.sys [16152]
O58 - SDL:18/03/2013 - 16:51:08 ---A- . (.Apple, Inc. - Apple Mobile Device USB Driver.) -- C:\Windows\System32\Drivers\usbaapl64.sys [54784]
~ Drivers: 68 Legitimates Filtered in 00mn 05s
---\\ Lista das ferramentas de remoção de vírus (LAT) (063)
O63 - Logiciel: ZHPDiag 2014 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =>.Nicolas Coolman
~ ADS: Scanned in 00mn 00s
---\\ Lista dos serviços Legacy du registo (064)
O64 - Services: CurCS - 13/07/2014 - C:\Windows\system32\drivers\aswHwid.sys (aswHwid) .(...) - LEGACY_ASWHWID
O64 - Services: CurCS - 10/06/2009 - C:\Windows\System32\Drivers\secdrv.sys (secdrv) .(.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) - LEGACY_SECDRV
~ Legacy: 82 Legitimates Filtered in 00mn 00s
---\\ Associações Shell Spawning (O67)
O67 - Shell Spawning: <.html>
~ FASS Keys: 11 Legitimates Filtered in 00mn 00s
---\\ Menu de inicialização Internet (068)
O68 - StartMenuInternet:
O68 - StartMenuInternet:
~ Keys: Scanned in 00mn 00s
---\\ Pesquisa de infeção nos navegadores da Internet (SBI) (069)
O69 - SBI: SearchScopes [HKCU] {012E1000-F331-11DB-8314-0800200C9A66} [DefaultScope] - (Google) - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (Bing) - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O69 - SBI: SearchScopes [HKCU] {6551AB67-100C-45E6-B2F1-B9A058B4191D} - (Google) - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
~ Keys: Scanned in 00mn 00s
---\\ Pesquisa adicional à raiz do sistema (radicular) (SPRF) (O84)
[MD5.5A3E1852C59194FC29F4332B40A960A7] [SPRF][27/07/2014] (.No owner - Shortcut_Module.) -- C:\Users\User\Desktop\Shortcut_Module.exe [2679808]
[MD5.B6F3EFF7F38D65A0C54B11A675173300] [SPRF][27/07/2014] (...) -- C:\Users\User\Desktop\zoek.exe [1287168]
~ Files: 2 Legitimates Filtered in 00mn 01s
---\\ Lista das exceções do FireWall (FirewallRules) (O87)
O87 - FAEL: "{782D799E-89A8-48CE-B402-5BAA5A31C71A}" | In - None - P6 - TRUE | .(.BitTorrent Inc. - µTorrent.) -- C:\Users\User\Tudo\Programas\utorrent.exe =>P2P.BitTorrent
O87 - FAEL: "{125948D4-6AB7-4244-8811-EE986E95BBEF}" | In - None - P17 - TRUE | .(.BitTorrent Inc. - µTorrent.) -- C:\Users\User\Tudo\Programas\utorrent.exe =>P2P.BitTorrent
~ Firewall: 2 Legitimates Filtered in 00mn 02s
---\\ Estado general dos serviços não Microsoft (EGS) (SR=Executados, SS=Parados)
SS - | Auto 31/05/2014 116648 | (gupdate) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 31/05/2014 116648 | (gupdatem) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 09/05/2011 136120 | (gusvc) . (.Google.) - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
SS - | Demand 08/07/2014 641352 | (iPod Service) . (.Apple Inc..) - C:\Program Files\iPod\bin\iPodService.exe
SS - | Auto 29/05/2014 21055432 | (NvStreamSvc) . (.NVIDIA Corporation.) - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
SS - | Auto 23/10/2013 172192 | (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files (x86)\Skype\Updater\Updater.exe
SS - | Demand 08/02/2014 569024 | (Steam Client Service) . (.Valve Corporation.) - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
SS - | Demand 10/07/1658 0 | (WMPNetworkSvc) . (...) - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe =>.Microsoft Corporation
SR - | Auto 23/09/2012 65192 | (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
SR - | Auto 12/06/2014 43336 | (Apple Mobile Device) . (.Apple Inc..) - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
SR - | Auto 13/07/2014 50344 | (avast! Antivirus) . (.AVAST Software.) - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
SR - | Auto 13/07/2014 106488 | (avast! Firewall) . (.AVAST Software.) - C:\Program Files\AVAST Software\Avast\afwServ.exe
SR - | Auto 30/08/2011 462184 | (Bonjour Service) . (.Apple Inc..) - C:\Program Files\Bonjour\mDNSResponder.exe
SR - | Auto 08/12/2011 607456 | (Intel(R) Capability Licensing Service Interface) . (.Intel(R) Corporation.) - C:\Program Files\Intel\iCLS Client\HeciServer.exe
SR - | Auto 16/12/2011 277784 | (LMS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
SR - | Auto 29/05/2014 1631008 | (NvNetworkService) . (.NVIDIA Corporation.) - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
SR - | Auto 19/05/2014 927520 | (nvsvc) . (.NVIDIA Corporation.) - C:\Windows\system32\nvvsvc.exe
SR - | Auto 09/06/2014 4250624 | (RzMaelstromVADStreamingService) . (.A-Volute.) - C:\ProgramData\Razer\Synapse\Devices\Razer Surround\Driver\RzMaelstromVADStreamingService.exe
SR - | Auto 19/05/2014 413128 | (Stereo Service) . (.NVIDIA Corporation.) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
SR - | Auto 02/07/2014 5037888 | (TeamViewer9) . (.TeamViewer GmbH.) - C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
SR - | Auto 16/12/2011 363800 | (UNS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
SR - | Auto 13/07/2009 27136 | C:\Program Files (x86)\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SR - | Auto 13/07/2009 27136 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
~ Services: Scanned in 00mn 12s
---\\ Scâner Aditional (088)
Database Version : 13026 - (27/07/2014)
Clés trouvées (Keys found) : 0
Valeurs trouvées (Values found) : 0
Dossiers trouvés (Folders found) : 0
Fichiers trouvés (Files found) : 0
~ Additionnel Scan: 307764 Items scanned in 01mn 00s
---\\ Informações complémentaires do módulos
~ [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>.Google Chrome, Arranque,Pesquisa,Extensões (G0,G1,G2)
~ [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>.Internet Explorer, Gestão do Proxy (R5)
~ [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>.Aplicações iniciadas por registo & pastas (04)
~ [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>.Chave do registo Shell MountPoints2 (MPKS) (O51)
~ AMI: 4 Legitimates Filtered in 00mn 00s
---\\ Sumário das deteções encontradas na sua estação
~ MSI: 0 link(s) detected in 00mn 00s
~ 829 Legitimates filtered by white list
End of the scan (435 lines in 02mn 43s)(0)
DjBruxinho- Iniciante
- Mensagens : 25
Reputação : 0
Data de inscrição : 27/07/2014
Re: Erro relacionado ao Baidu.
por Power Max Seg 28 Jul 2014, 16:03
Há programas desnecessários iniciando junto com o Windows, o que torna o seu PC mais lento. Para corrigir isto, siga as dicas deste tutorial:[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
De preferência deixe apenas os programas de segurança (anti-vírus/anti-spywares/firewall) iniciarem junto com o Windows.
Use também o programa Ccleaner, indicado neste tutorial acima, para fazer uma limpeza e otimização do PC.
________________________________________________________________________________________
Selecione e copie todo o texto destacado em vermelho que te passei._____________________________________________________________________________________________________________
Vá no menu: Iniciar > Todos os programas > ZHP > Clique com o botão direito do mouse sobre o Zhpfix e escolha a opção de Executar como administrador > Clique em Importação > Clique no botão GO > Clique em Oui > Caso queira que os arquivos da lixeira sejam excluídos clique em Oui novamente > Um relatório aparecerá no bloco de notas. Copie este relatório e poste em sua próxima resposta.
Última edição por Power Max em Sáb 02 Ago 2014, 20:32, editado 1 vez(es)
Power Max- Colaborador
- Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009
Re: Erro relacionado ao Baidu.
por DjBruxinho Seg 28 Jul 2014, 16:23
Rapport de ZHPFix 2014.7.9.4 par Nicolas Coolman, Update du 09/07/2014
Fichier d'export Registre :
Run by User at 28/07/2014 16:21:46
High Elevated Privileges : OK
Windows 7 Ultimate Edition, 64-bit Service Pack 1 (Build 7601)
Reciclagem vazia (00mn 11s)
Reparação de atalhos do navegador
========== Chaves do Registo ==========
ELIMINÉ: HKCU\Software\Error Fix
ELIMINÉ:* HKLM\Software\Baidu Security
ELIMINÉ: HKLM\Software\Wow6432Node\Error Fix
========== Pastas ==========
Nenhuma pasta CLSID local utilizador vazia
========== Ficheiros ==========
ELIMINÉ Temporários windows (12) (160.028 octets)
ELIMINÉ Flash Cookies (0) (0 octets)
========== Tarefa planificada ==========
ELIMINÉ: DriverEasy Scheduled Scan
========== Restauração Sistema ==========
Ponto de restauro do sistema criado com sucesso
========== Recapitulativo ==========
3 : Chaves do Registo
1 : Pastas
2 : Ficheiros
1 : Tarefa planificada
1 : Restauração Sistema
End of clean in 00mn 53s
========== Caminho do ficheiro do relatório ==========
C:\Users\User\AppData\Roaming\ZHP\ZHPFix[R1].txt - 28/07/2014 16:21:58 [1065]
Fichier d'export Registre :
Run by User at 28/07/2014 16:21:46
High Elevated Privileges : OK
Windows 7 Ultimate Edition, 64-bit Service Pack 1 (Build 7601)
Reciclagem vazia (00mn 11s)
Reparação de atalhos do navegador
========== Chaves do Registo ==========
ELIMINÉ: HKCU\Software\Error Fix
ELIMINÉ:* HKLM\Software\Baidu Security
ELIMINÉ: HKLM\Software\Wow6432Node\Error Fix
========== Pastas ==========
Nenhuma pasta CLSID local utilizador vazia
========== Ficheiros ==========
ELIMINÉ Temporários windows (12) (160.028 octets)
ELIMINÉ Flash Cookies (0) (0 octets)
========== Tarefa planificada ==========
ELIMINÉ: DriverEasy Scheduled Scan
========== Restauração Sistema ==========
Ponto de restauro do sistema criado com sucesso
========== Recapitulativo ==========
3 : Chaves do Registo
1 : Pastas
2 : Ficheiros
1 : Tarefa planificada
1 : Restauração Sistema
End of clean in 00mn 53s
========== Caminho do ficheiro do relatório ==========
C:\Users\User\AppData\Roaming\ZHP\ZHPFix[R1].txt - 28/07/2014 16:21:58 [1065]
DjBruxinho- Iniciante
- Mensagens : 25
Reputação : 0
Data de inscrição : 27/07/2014
Re: Erro relacionado ao Baidu.
por Power Max Seg 28 Jul 2014, 16:25
Abra novamente o ( ZHPDiag )[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
|- Clique "SEARCH" ou "PESQUISAR" e aguarde a conclusão.
[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
|- Clique OK e, ao concluir, poste o relatório ZHPDiag.txt
[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
Power Max- Colaborador
- Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009
Re: Erro relacionado ao Baidu.
por DjBruxinho Seg 28 Jul 2014, 16:29
~ Relatório do ZHPDiag v2014.7.27.109 - Nicolas Coolman (27/07/2014)
~ Iniciado por User (28/07/2014 16:26:26)
~ Endereço do Website : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
~ Endereço do Webforum : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
~ Tradução pelo utilizador
~ Estatuto da versão : Versão atualizada.
~ Lista Branca : Ativado pelo programa
~ Elevação dos Privilégios : OK
~ Controle de Conta de Utilizador : Deactivate by user
---\\ Navegadores Internet
MSIE: Internet Explorer v11.0.9600.17207
GCIE: Google Chrome v36.0.1985.125 (Defaut)
---\\ Informações sobre os produtos Windows
~ Langage: Portugais
Windows Vista (TM) Ultimate, 64-bit Service Pack 1 (Build 6000)
Windows Server License Manager Script : OK
Software Protection Service (Protection logicielle) : OK
Windows Automatic Updates : OK
---\\ Softwares de proteçao do sistema
avast! Internet Security v9.0.2021
---\\ Softwares d'optimização do sistema
CCleaner v4.14
---\\ Softwares de partilha do PeerToPeer (P2P)
---\\ Monitoramento dos softwares
Adobe Flash Player 14 Plugin
Adobe Reader XI - Português
Java 7 Update 60
---\\ Informações sobre o sistema
~ Processor: Intel64 Family 6 Model 42 Stepping 7, GenuineIntel
~ Operating System: 64 Bits
Boot mode: Normal (Normal boot)
Total RAM: 4078 MB (56% free)
System Restore: Activé (Enable)
System drive C: has 480 GB (80%) free of 596 GB
---\\ Modo de conexão ao sistema
~ Computer Name: USER-PC
~ User Name: User
~ All Users Names: User, Convidado, Administrador,
~ Unselected Option: 045,061,O62,065,066,080,O82,089
Logged in as Administrator
---\\ As variáveis de ambiente
~ System Unit : C:\
~ %AppZHP% : C:\Users\User\AppData\Roaming\ZHP\
~ %AppData% : C:\Users\User\AppData\Roaming\
~ %Desktop% : C:\Users\User\Desktop\
~ %Favorites% : C:\Users\User\Favorites\
~ %LocalAppData% : C:\Users\User\AppData\Local\
~ %StartMenu% : C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\
---\\ Enumeração das unidades dos discos
C: Hard drive, Flash drive, Thumb drive (Free 480 Go of 596 Go)
F: CD-ROM drive (Not Inserted)
---\\ Estado do Centro de Segurança do Windows
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: Modified
~ Security Center: 49 Legitimates Filtered in 00mn 00s
---\\ Pesquisa particular de ficheiros genéricos
[MD5.332FEAB1435662FC6C672E25BEB37BE3] - (.Microsoft Corporation - Windows Explorer.) (.04/05/2012 - 09:25:41.) -- C:\Windows\Explorer.exe [2871808]
[MD5.94355C28C1970635A31B3FE52EB7CEBA] - (.Microsoft Corporation - Aplicativo de Inicialização do Windows.) (.13/07/2009 - 22:39:52.) -- C:\Windows\System32\Wininit.exe [129024]
[MD5.2EE102DF0EDD8A1EDD3D1E9B99A91BEC] - (.Microsoft Corporation - Internet Extensions para Win32.) (.18/06/2014 - 19:58:27.) -- C:\Windows\System32\wininet.dll [2266112]
[MD5.88AB9B72B4BF3963A0DE0820B4B0B06C] - (.Microsoft Corporation - Aplicativo de Logon do Windows.) (.04/03/2014 - 06:43:50.) -- C:\Windows\System32\Winlogon.exe [455168]
[MD5.067FA52BFB59A56110A12312EF9AF243] - (.Microsoft Corporation - Biblioteca de Licenciamento de Software.) (.21/11/2010 - 00:24:16.) -- C:\Windows\System32\sppcomapi.dll [232448]
[MD5.FA886682CFC5D36718D3E436AACF10B9] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.30/05/2014 - 03:45:52.) -- C:\Windows\system32\Drivers\AFD.sys [497152]
[MD5.02062C0B390B7729EDC9E69C680A6F3C] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.13/07/2009 - 22:52:21.) -- C:\Windows\system32\Drivers\atapi.sys [24128]
[MD5.B8BD2BB284668C84865658C77574381A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.13/07/2009 - 20:19:47.) -- C:\Windows\system32\Drivers\Cdfs.sys [92160]
[MD5.F036CE71586E93D94DAB220D7BDF4416] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.21/11/2010 - 00:23:47.) -- C:\Windows\system32\Drivers\Cdrom.sys [147456]
[MD5.9BB2EF44EAA163B29C4A4587887A0FE4] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.21/11/2010 - 00:24:32.) -- C:\Windows\system32\Drivers\DfsC.sys [102400]
[MD5.97BFED39B6B79EB12CDDBFEED51F56BB] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.21/11/2010 - 00:23:47.) -- C:\Windows\system32\Drivers\HDAudBus.sys [122368]
[MD5.FA55C73D4AFFA7EE23AC4BE53B4592D3] - (.Microsoft Corporation - Driver de porta i8042.) (.13/07/2009 - 20:19:57.) -- C:\Windows\system32\Drivers\i8042prt.sys [105472]
[MD5.AF9B39A7E7B6CAA203B3862582E9F2D0] - (.Microsoft Corporation - IP Network Address Translator.) (.13/07/2009 - 21:10:03.) -- C:\Windows\system32\Drivers\IpNat.sys [116224]
[MD5.A5D9106A73DC88564C825D317CAC68AC] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.04/05/2012 - 09:26:51.) -- C:\Windows\system32\Drivers\MRxSmb.sys [158208]
[MD5.09594D1089C523423B32A4229263F068] - (.Microsoft Corporation - MBT Transport driver.) (.21/11/2010 - 00:23:51.) -- C:\Windows\system32\Drivers\netBT.sys [261632]
[MD5.1A29A59A4C5BA6F8C85062A613B7E2B2] - (.Microsoft Corporation - Driver do Sistema de Arquivos NT.) (.23/01/2014 - 23:37:55.) -- C:\Windows\system32\Drivers\ntfs.sys [1684928]
[MD5.0086431C29C35BE1DBC43F52CC273887] - (.Microsoft Corporation - Driver de porta paralela.) (.13/07/2009 - 21:00:41.) -- C:\Windows\system32\Drivers\Parport.sys [97280]
[MD5.471815800AE33E6F1C32FB1B97C490CA] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.21/11/2010 - 00:24:33.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [129536]
[MD5.1B6163C503398B23FF8B939C67747683] - (.Microsoft Corporation - Microsoft RDP Device redirector.) (.21/11/2010 - 00:25:07.) -- C:\Windows\system32\Drivers\rdpdr.sys [165888]
[MD5.548260A7B8654E024DC30BF8A7C5BAA4] - (.Microsoft Corporation - SMB Transport driver.) (.13/07/2009 - 21:09:09.) -- C:\Windows\system32\Drivers\smb.sys [93184]
[MD5.DDAD5A7AB24D8B65F8D724F5C20FD806] - (.Microsoft Corporation - TDI Translation Driver.) (.21/11/2010 - 00:24:32.) -- C:\Windows\system32\Drivers\tdx.sys [119296]
[MD5.0D08D2F3B3FF84E433346669B5E0F639] - (.Microsoft Corporation - Driver de cópia de sombra de volume.) (.21/11/2010 - 00:23:47.) -- C:\Windows\system32\Drivers\volsnap.sys [295808]
~ Generic Processes: Scanned in 00mn 00s
---\\ Estatuto dos ficheiros ocultos (Oculto/Total)
~ Mes images (My Pictures) : 2/1074
~ Mes musiques (My Musics) : 1/159
~ Mes Videos (My Videos) : 1/3
~ Mes Favoris (My Favorites) : 1/8
~ Mes Documents (My Documents) : 1/78
~ Mon Bureau (My Desktop) : 1/31
~ Menu demarrer (Programs) : 1/26
~ Hidden Files: Scanned in 00mn 00s
---\\ Processos lançados
[MD5.80F11EB20864E94CFA97D673456027FB] - (.RAIDCALL.COM - Raidcall.) -- C:\Program Files\RaidCall.BR\raidcall.exe [4136648] [PID.1704]
[MD5.42663C9A625EA030F10746EBA60F8CCD] - (.NVIDIA Corporation - NVIDIA GeForce Experience Backend.) -- C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2350880] [PID.2500]
[MD5.449E6CD914920B84DDDF0F12880411EE] - (.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe [21444224] [PID.2548]
[MD5.7DFCCC67990B6DE7F30F553A4E4612A4] - (...) -- C:\Program Files (x86)\RocketDock\RocketDock.exe [495616] [PID.2556]
[MD5.26AFC1F16494FFE66F2197153B342A27] - (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe [4086432] [PID.2860]
[MD5.A56B9225499D0B709F8D67EC18A59958] - (.Razer Inc. - Razer Synapse.) -- C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [585560] [PID.2868]
[MD5.C368EA4E7312AF32FAD85967777121F4] - (.Valve Corporation - Steam Client Bootstrapper.) -- C:\Program Files (x86)\Steam\Steam.exe [1753280] [PID.5268]
[MD5.B43E68B8A022FB00FF54360D408E871B] - (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [860488] [PID.900]
[MD5.0DA8636ACBF55A4CA6350FEA7D789828] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [8082432] [PID.2064]
[MD5.718D79F2E7EC3AFFD3661DA81F93BBEA] - (.NVIDIA Corporation - Stereo Vision Control Panel API Server.) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [413128] [PID.920]
[MD5.73F5C13B431915BAE35254B4E95DFB71] - (.AVAST Software - avast! Service.) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344] [PID.1244]
[MD5.D386D51B1839E208EF7CCFBFA964638E] - (.AVAST Software - avast! firewall service.) -- C:\Program Files\AVAST Software\Avast\afwServ.exe [106488] [PID.1464]
[MD5.B1EA9681502EE57F87DB71D726288A5B] - (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [65192] [PID.1956]
[MD5.6B73E94F9FE82D45781B8C8A09483082] - (.Apple Inc. - YSLoader.exe.) -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [43336] [PID.1276]
[MD5.E09C5339746C10596C1BA740956F3416] - (.NVIDIA Corporation - NVIDIA Network Service.) -- C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1631008] [PID.2352]
[MD5.3438EFDC30F7A41D3598ED60BBF6CF2A] - (.TeamViewer GmbH - TeamViewer 9.) -- C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe [5037888] [PID.3104]
[MD5.C56E64BA70DC822B84D100A6F8D690D3] - (.Intel Corporation - Local Manageability Service.) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [277784] [PID.5116]
[MD5.0F9E1BC7E2BEA1A4108EC9736CF0C2D9] - (.Intel Corporation - User Notification Service.) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [363800] [PID.3940]
~ Processes Running: Scanned in 00mn 01s
---\\ Google Chrome, Arranque,Pesquisa,Extensões (G0,G1,G2)
C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Preferences
G2 - GCE: Preference [User Data\Default] [ahfgeienlihckogmohjhadlkjgocpleb] Loja v.0.2 (Activé)
G2 - GCE: Preference [User Data\Default] [kmendfapggjehodndflmmgagdbamhnfd] CryptoTokenExtension v.0.0.1 (Activé)
G2 - GCE: Preference [User Data\Default] [neajdppkdcdipfabeoofebfddakdcjhd] Google Network Speech v.1.0 (Activé)
G2 - GCE: Preference [User Data\Default] [pafkbggdmjlpgkdkcbjmhmfcdpncadgh] Google Now v.1.2.0.1 (Activé)
---\\ Pasta de extensão do Google Chrome
~ Google Lines Browser: 16 Legitimates Filtered in 00mn 04s
---\\ Internet Explorer, Gestão do Proxy (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s
---\\ Análise das linhas F0, F1, F2, F3 - Ficheiros ini, Carregamento Automático de programas
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys: Scanned in 00mn 00s
---\\ Redireção do ficheiro Hosts (01)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File: Scanned in 00mn 00s
~ Nombre de lignes (Lines number): 21
---\\ Aplicações iniciadas por registo & pastas (04)
O4 - HKLM\..\Run: [NvBackend] . (.NVIDIA Corporation - NVIDIA GeForce Experience Backend.) -- C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
O4 - HKLM\..\Run: [ShadowPlay] . (.NVIDIA Corporation - NVIDIA Capture Server Proxy.) -- C:\Windows\system32\nvspcap64.dll
O4 - HKLM\..\Run: [RTHDVCPL] . (.Realtek Semiconductor - Gerenciador de áudio HD Realtek.) -- C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
O4 - HKCU\..\Run: [Skype] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe =>.Skype Technologies S.A.
O4 - HKCU\..\Run: [RocketDock] . (...) -- C:\Program Files (x86)\RocketDock\RocketDock.exe
O4 - HKLM\..\Wow6432Node\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe =>.Adobe Systems Incorporated
O4 - HKLM\..\Wow6432Node\Run: [AvastUI.exe] . (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
O4 - HKLM\..\Wow6432Node\Run: [Razer Synapse] . (.Razer Inc. - Razer Synapse.) -- C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets da Área de Trabalho do Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets da Área de Trabalho do Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-21-1758606025-4058047857-1023707703-1000\..\Run: [Skype] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe =>.Skype Technologies S.A.
O4 - HKUS\S-1-5-21-1758606025-4058047857-1023707703-1000\..\Run: [RocketDock] . (...) -- C:\Program Files (x86)\RocketDock\RocketDock.exe
~ Application: Scanned in 00mn 00s
---\\ Boutões da barra de ferramentas principal do Internet Explorer (09)
O9 - Extra button: &Enviar para o OneNote [64Bits] - {2670000A-7350-4f3c-8081-5663EE0C6C49} -- C:\Program Files (x86)\MICROS~2\Office15\ONBttnIE.dll (.not file.)
O9 - Extra button: Clique para Telefonar do Lync [64Bits] - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} . (.Microsoft Corporation - Microsoft Lync.) -- C:\Program Files\Microsoft Office\Office15\lync.exe
O9 - Extra button: &Anotações Vinculadas do OneNote [64Bits] - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} -- C:\Program Files (x86)\MICROS~2\Office15\ONBTTN~1.dll (.not file.)
~ IE Extra Buttons: Scanned in 00mn 00s
---\\ Alteração Dominio/Clientes DNS (017)
O17 - HKLM\System\CCS\Services\Tcpip\..\{4E52E742-8D85-4154-909C-7201A340A52F}: NameServer = 187.84.240.11,187.84.240.14
O17 - HKLM\System\CCS\Services\Tcpip\..\{4E52E742-8D85-4154-909C-7201A340A52F}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{4E52E742-8D85-4154-909C-7201A340A52F}: NameServer = 187.84.240.11,187.84.240.14
O17 - HKLM\System\CS1\Services\Tcpip\..\{4E52E742-8D85-4154-909C-7201A340A52F}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{4E52E742-8D85-4154-909C-7201A340A52F}: NameServer = 187.84.240.11,187.84.240.14
O17 - HKLM\System\CS2\Services\Tcpip\..\{4E52E742-8D85-4154-909C-7201A340A52F}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
~ Domain: Scanned in 00mn 00s
---\\ Protocolo adicional (018)
O18 - Handler: vbscript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visualizador de HTML da Microsoft (R).) -- C:\Windows\System32\mshtml.dll
O18 - Filter: text/xml [64Bits] - {807583E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.dll =>.Microsoft Corporation
~ Protocole Additionnel: Scanned in 00mn 00s
---\\ Lista dos serviços NT não Microsoft e não desativados (023)
O23 - Service: Razer Surround Audio Service (RzMaelstromVADStreamingService) . (.A-Volute - Maelstrom VAD Streaming Service.) - C:\ProgramData\Razer\Synapse\Devices\Razer Surround\Driver\RzMaelstromVADStreamingService.exe
~ Services: 16 Legitimates Filtered in 00mn 16s
---\\ Tarefas planificadas automaticamente (039)
[MD5.80F11EB20864E94CFA97D673456027FB] [APT] [Raidcall_EN] (.RAIDCALL.COM.) -- C:\Program Files\RaidCall.BR\raidcall.exe [4136648]
O39 - APT: - (..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore [1060]
O39 - APT: - (..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA [1064]
~ Scheduled Task: 13 Legitimates Filtered in 00mn 06s
---\\ Software instalados (042)
O42 - Logiciel: PSoul versão 2.7.8 - (.PSoul.) [HKLM][64Bits] -- {5C5FB05F-B231-4A43-BD55-20A593AE740F}_is1
O42 - Logiciel: Strike Suit Infinity - (.Born Ready Games Ltd..) [HKLM][64Bits] -- Steam App 234160
O42 - Logiciel: Woodle Tree Adventures - (.Fabio Ferrara.) [HKLM][64Bits] -- Steam App 299460
~ Logic: 18 Legitimates Filtered in 00mn 00s
---\\ HKCU & HKLM Software Keys
[HKCU\Software\Administrator]
[HKCU\Software\OB]
[HKCU\Software\Shortcut_Module]
[HKLM\Software\Shortcut_Module]
[HKLM\Software\Wow6432Node\ETS2MP]
[HKLM\Software\Wow6432Node\RCBR]
[HKLM\Software\Wow6432Node\Shortcut_Module]
~ Key Software: 264 Legitimates Filtered in 00mn 00s
---\\ Conteúdo das pastas Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 04/06/2014 - 22:32:18 - [] ----D C:\Program Files (x86)\PSoul
O43 - CFD: 17/06/2014 - 20:00:40 - [] ----D C:\Users\User\AppData\Roaming\.technic
O43 - CFD: 12/06/2014 - 19:07:51 - [] ----D C:\Users\User\AppData\Roaming\ProductData
O43 - CFD: 22/07/2014 - 21:40:38 - [0] ----D C:\Users\User\AppData\Local\pangu
~ Program Folder: 155 Legitimates Filtered in 00mn 00s
---\\ Últimos ficheiros alterados ou criados no Windows e Sistema32 (044)
O44 - LFC:[MD5.D95E64416A4A3ED6986E0F474DA934BD] - 13/07/2014 - 16:55:59 ---A- . (...) -- C:\Windows\System32\Drivers\aswHwid.sys [29208]
O44 - LFC:[MD5.FED0FC103F369F49A166DCDE2A45DCA4] - 15/07/2014 - 15:58:24 ---A- . (...) -- C:\Windows\System32\prfc0416.dat [147314]
O44 - LFC:[MD5.0ADD1ACEDF5489B36D7785DE111037B0] - 15/07/2014 - 15:58:24 ---A- . (...) -- C:\Windows\System32\prfh0416.dat [705474]
O44 - LFC:[MD5.AAEECC26548C8FFA79E0CA779B50C0B4] - 26/07/2014 - 12:09:02 ---A- . (...) -- C:\Windows\System32\ASOROSet.bin [1656]
O44 - LFC:[MD5.2884DA0E5CE6D42F31FC4476A8947F1B] - 27/07/2014 - 02:03:17 ---A- . (.No owner - SDL.) -- C:\Windows\System32\sdl.dll [647168]
O44 - LFC:[MD5.C443419ACA85827AD626CBDFC185B6CB] - 27/07/2014 - 19:49:02 ---A- . (...) -- C:\Windows\ntbtlog.txt [114876]
O44 - LFC:[MD5.AF90C0AB83C7481A433026E2319FB78C] - 27/07/2014 - 19:54:47 ---A- . (...) -- C:\Shortcut_Module.txt [29250]
O44 - LFC:[MD5.D534B20A68DF6B54CE6E72E9D3730416] - 27/07/2014 - 20:29:58 ---A- . (...) -- C:\zoek-results2014-07-27-232958.log [21600]
O44 - LFC:[MD5.29CE98551097D8328F6451225A50FA35] - 28/07/2014 - 12:20:21 ---A- . (...) -- C:\zoek-results2014-07-28-152021.log [11979]
O44 - LFC:[MD5.AB28A0FD16FCD2D604B3ABF11B82227D] - 28/07/2014 - 13:53:37 ---A- . (...) -- C:\zoek-results2014-07-28-165337.log [3351]
O44 - LFC:[MD5.521A10F9CB8C11AAE69BEB996DFF42A6] - 28/07/2014 - 14:04:29 ---A- . (...) -- C:\zoek-results.log [2367]
O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 28/07/2014 - 16:25:15 ---A- . (...) -- C:\Windows\System32\RzMaelstromVADAudioDeviceManager_log.txt [0]
~ Files: 32 Legitimates Filtered in 00mn 03s
---\\ Chave do registo Shell MountPoints2 (MPKS) (O51)
O51 - MPSK:{ec50912b-e902-11e3-b87c-e06995fdfcd6}\AutoRun\command. (...) -- F:\cdstart.exe (.not file.)
~ Keys: Scanned in 00mn 00s
---\\ Pesquisa de infeções nos drivers (HKLM)(TDSD) (O52)
O52 - TDSD: \Drivers32\"VIDC.X264"="x264vfw64.dll" . (.x264vfw project - x264vfw - H.264/MPEG-4 AVC codec.) -- C:\Windows\System32\x264vfw64.dll
~ TDSD: 12 Legitimates Filtered in 00mn 00s
---\\ Enumeração das chaves do registo PoliciesSystem (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=0
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
~ MWPS: 18 Legitimates Filtered in 00mn 00s
---\\ Enumeração das chaves do registo PoliciesExplorer (MWPE) (O56)
O56 - MWPE:[HKCU\...\policies\Explorer] - "NoThumbnailCache"=1
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktopChanges"=1
~ MWPE Keys: 5 Legitimates Filtered in 00mn 00s
---\\ Lista dos drivers do sistema (SDL) (O58)
O58 - SDL:13/07/2014 - 16:55:59 ---A- . (...) -- C:\Windows\System32\Drivers\aswHwid.sys [29208] =>.ALWIL Software
O58 - SDL:13/07/2014 - 16:55:59 ---A- . (...) -- C:\Windows\System32\Drivers\aswRvrt.sys [65776] =>.ALWIL Software
O58 - SDL:13/07/2014 - 16:56:00 ---A- . (...) -- C:\Windows\System32\Drivers\aswVmm.sys [224896] =>.ALWIL Software
O58 - SDL:13/07/2009 - 22:47:48 ---A- . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\System32\Drivers\elxstor.sys [530496]
O58 - SDL:10/06/2009 - 17:31:59 ---A- . (.Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for eHome.) -- C:\Windows\System32\Drivers\hcw85cir.sys [31232]
O58 - SDL:09/06/2014 - 06:49:00 ---A- . (.Windows (R) Win 7 DDK provider - Maelstrom VAD Audio driver.) -- C:\Windows\System32\Drivers\RzMaelstromVAD.sys [32768]
O58 - SDL:13/07/2009 - 22:45:55 ---A- . (.Promise Technology - Promise SuperTrak EX Series Driver for Windows.) -- C:\Windows\System32\Drivers\stexstor.sys [24656]
O58 - SDL:06/06/2014 - 16:13:19 ---A- . (...) -- C:\Windows\System32\Drivers\SWDUMon.sys [16152]
O58 - SDL:18/03/2013 - 16:51:08 ---A- . (.Apple, Inc. - Apple Mobile Device USB Driver.) -- C:\Windows\System32\Drivers\usbaapl64.sys [54784]
~ Drivers: 68 Legitimates Filtered in 00mn 01s
---\\ Lista das ferramentas de remoção de vírus (LAT) (063)
O63 - Logiciel: ZHPDiag 2014 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =>.Nicolas Coolman
~ ADS: Scanned in 00mn 00s
---\\ Lista dos serviços Legacy du registo (064)
O64 - Services: CurCS - 13/07/2014 - C:\Windows\system32\drivers\aswHwid.sys (aswHwid) .(...) - LEGACY_ASWHWID
O64 - Services: CurCS - 10/06/2009 - C:\Windows\System32\Drivers\secdrv.sys (secdrv) .(.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) - LEGACY_SECDRV
~ Legacy: 82 Legitimates Filtered in 00mn 00s
---\\ Associações Shell Spawning (O67)
O67 - Shell Spawning: <.html>[HKCU\..\open\Command] (.Not Key.)
~ FASS Keys: 11 Legitimates Filtered in 00mn 00s
---\\ Menu de inicialização Internet (068)
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
~ Keys: Scanned in 00mn 00s
---\\ Pesquisa de infeção nos navegadores da Internet (SBI) (069)
O69 - SBI: SearchScopes [HKCU] {012E1000-F331-11DB-8314-0800200C9A66} [DefaultScope] - (Google) - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (Bing) - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O69 - SBI: SearchScopes [HKCU] {6551AB67-100C-45E6-B2F1-B9A058B4191D} - (Google) - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
~ Keys: Scanned in 00mn 00s
---\\ Pesquisa adicional à raiz do sistema (radicular) (SPRF) (O84)
[MD5.5A3E1852C59194FC29F4332B40A960A7] [SPRF][27/07/2014] (.No owner - Shortcut_Module.) -- C:\Users\User\Desktop\Shortcut_Module.exe [2679808]
[MD5.B6F3EFF7F38D65A0C54B11A675173300] [SPRF][27/07/2014] (...) -- C:\Users\User\Desktop\zoek.exe [1287168]
~ Files: 2 Legitimates Filtered in 00mn 00s
---\\ Lista das exceções do FireWall (FirewallRules) (O87)
O87 - FAEL: "{782D799E-89A8-48CE-B402-5BAA5A31C71A}" | In - None - P6 - TRUE | .(.BitTorrent Inc. - µTorrent.) -- C:\Users\User\Tudo\Programas\utorrent.exe =>P2P.BitTorrent
O87 - FAEL: "{125948D4-6AB7-4244-8811-EE986E95BBEF}" | In - None - P17 - TRUE | .(.BitTorrent Inc. - µTorrent.) -- C:\Users\User\Tudo\Programas\utorrent.exe =>P2P.BitTorrent
~ Firewall: 2 Legitimates Filtered in 00mn 01s
---\\ Estado general dos serviços não Microsoft (EGS) (SR=Executados, SS=Parados)
SS - | Auto 31/05/2014 116648 | (gupdate) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 31/05/2014 116648 | (gupdatem) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 09/05/2011 136120 | (gusvc) . (.Google.) - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
SS - | Demand 08/07/2014 641352 | (iPod Service) . (.Apple Inc..) - C:\Program Files\iPod\bin\iPodService.exe
SS - | Auto 29/05/2014 21055432 | (NvStreamSvc) . (.NVIDIA Corporation.) - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
SS - | Auto 23/10/2013 172192 | (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files (x86)\Skype\Updater\Updater.exe
SS - | Demand 08/02/2014 569024 | (Steam Client Service) . (.Valve Corporation.) - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
SS - | Demand 10/07/1658 0 | (WMPNetworkSvc) . (...) - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe =>.Microsoft Corporation
SR - | Auto 23/09/2012 65192 | (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
SR - | Auto 12/06/2014 43336 | (Apple Mobile Device) . (.Apple Inc..) - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
SR - | Auto 13/07/2014 50344 | (avast! Antivirus) . (.AVAST Software.) - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
SR - | Auto 13/07/2014 106488 | (avast! Firewall) . (.AVAST Software.) - C:\Program Files\AVAST Software\Avast\afwServ.exe
SR - | Auto 30/08/2011 462184 | (Bonjour Service) . (.Apple Inc..) - C:\Program Files\Bonjour\mDNSResponder.exe
SR - | Auto 08/12/2011 607456 | (Intel(R) Capability Licensing Service Interface) . (.Intel(R) Corporation.) - C:\Program Files\Intel\iCLS Client\HeciServer.exe
SR - | Auto 16/12/2011 277784 | (LMS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
SR - | Auto 29/05/2014 1631008 | (NvNetworkService) . (.NVIDIA Corporation.) - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
SR - | Auto 19/05/2014 927520 | (nvsvc) . (.NVIDIA Corporation.) - C:\Windows\system32\nvvsvc.exe
SR - | Auto 09/06/2014 4250624 | (RzMaelstromVADStreamingService) . (.A-Volute.) - C:\ProgramData\Razer\Synapse\Devices\Razer Surround\Driver\RzMaelstromVADStreamingService.exe
SR - | Auto 19/05/2014 413128 | (Stereo Service) . (.NVIDIA Corporation.) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
SR - | Auto 02/07/2014 5037888 | (TeamViewer9) . (.TeamViewer GmbH.) - C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
SR - | Auto 16/12/2011 363800 | (UNS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
SR - | Auto 13/07/2009 27136 | C:\Program Files (x86)\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SR - | Auto 13/07/2009 27136 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
~ Services: Scanned in 00mn 13s
---\\ Scâner Aditional (088)
Database Version : 13026 - (27/07/2014)
Clés trouvées (Keys found) : 0
Valeurs trouvées (Values found) : 0
Dossiers trouvés (Folders found) : 0
Fichiers trouvés (Files found) : 0
~ Additionnel Scan: 307623 Items scanned in 01mn 17s
---\\ Informações complémentaires do módulos
~ [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>.Google Chrome, Arranque,Pesquisa,Extensões (G0,G1,G2)
~ [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>.Internet Explorer, Gestão do Proxy (R5)
~ [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>.Aplicações iniciadas por registo & pastas (04)
~ [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>.Chave do registo Shell MountPoints2 (MPKS) (O51)
~ AMI: 4 Legitimates Filtered in 00mn 00s
---\\ Sumário das deteções encontradas na sua estação
~ MSI: 0 link(s) detected in 00mn 00s
~ 794 Legitimates filtered by white list
End of the scan (424 lines in 02mn 29s)(0)
~ Iniciado por User (28/07/2014 16:26:26)
~ Endereço do Website : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
~ Endereço do Webforum : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
~ Tradução pelo utilizador
~ Estatuto da versão : Versão atualizada.
~ Lista Branca : Ativado pelo programa
~ Elevação dos Privilégios : OK
~ Controle de Conta de Utilizador : Deactivate by user
---\\ Navegadores Internet
MSIE: Internet Explorer v11.0.9600.17207
GCIE: Google Chrome v36.0.1985.125 (Defaut)
---\\ Informações sobre os produtos Windows
~ Langage: Portugais
Windows Vista (TM) Ultimate, 64-bit Service Pack 1 (Build 6000)
Windows Server License Manager Script : OK
Software Protection Service (Protection logicielle) : OK
Windows Automatic Updates : OK
---\\ Softwares de proteçao do sistema
avast! Internet Security v9.0.2021
---\\ Softwares d'optimização do sistema
CCleaner v4.14
---\\ Softwares de partilha do PeerToPeer (P2P)
---\\ Monitoramento dos softwares
Adobe Flash Player 14 Plugin
Adobe Reader XI - Português
Java 7 Update 60
---\\ Informações sobre o sistema
~ Processor: Intel64 Family 6 Model 42 Stepping 7, GenuineIntel
~ Operating System: 64 Bits
Boot mode: Normal (Normal boot)
Total RAM: 4078 MB (56% free)
System Restore: Activé (Enable)
System drive C: has 480 GB (80%) free of 596 GB
---\\ Modo de conexão ao sistema
~ Computer Name: USER-PC
~ User Name: User
~ All Users Names: User, Convidado, Administrador,
~ Unselected Option: 045,061,O62,065,066,080,O82,089
Logged in as Administrator
---\\ As variáveis de ambiente
~ System Unit : C:\
~ %AppZHP% : C:\Users\User\AppData\Roaming\ZHP\
~ %AppData% : C:\Users\User\AppData\Roaming\
~ %Desktop% : C:\Users\User\Desktop\
~ %Favorites% : C:\Users\User\Favorites\
~ %LocalAppData% : C:\Users\User\AppData\Local\
~ %StartMenu% : C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\
---\\ Enumeração das unidades dos discos
C: Hard drive, Flash drive, Thumb drive (Free 480 Go of 596 Go)
F: CD-ROM drive (Not Inserted)
---\\ Estado do Centro de Segurança do Windows
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: Modified
~ Security Center: 49 Legitimates Filtered in 00mn 00s
---\\ Pesquisa particular de ficheiros genéricos
[MD5.332FEAB1435662FC6C672E25BEB37BE3] - (.Microsoft Corporation - Windows Explorer.) (.04/05/2012 - 09:25:41.) -- C:\Windows\Explorer.exe [2871808]
[MD5.94355C28C1970635A31B3FE52EB7CEBA] - (.Microsoft Corporation - Aplicativo de Inicialização do Windows.) (.13/07/2009 - 22:39:52.) -- C:\Windows\System32\Wininit.exe [129024]
[MD5.2EE102DF0EDD8A1EDD3D1E9B99A91BEC] - (.Microsoft Corporation - Internet Extensions para Win32.) (.18/06/2014 - 19:58:27.) -- C:\Windows\System32\wininet.dll [2266112]
[MD5.88AB9B72B4BF3963A0DE0820B4B0B06C] - (.Microsoft Corporation - Aplicativo de Logon do Windows.) (.04/03/2014 - 06:43:50.) -- C:\Windows\System32\Winlogon.exe [455168]
[MD5.067FA52BFB59A56110A12312EF9AF243] - (.Microsoft Corporation - Biblioteca de Licenciamento de Software.) (.21/11/2010 - 00:24:16.) -- C:\Windows\System32\sppcomapi.dll [232448]
[MD5.FA886682CFC5D36718D3E436AACF10B9] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.30/05/2014 - 03:45:52.) -- C:\Windows\system32\Drivers\AFD.sys [497152]
[MD5.02062C0B390B7729EDC9E69C680A6F3C] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.13/07/2009 - 22:52:21.) -- C:\Windows\system32\Drivers\atapi.sys [24128]
[MD5.B8BD2BB284668C84865658C77574381A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.13/07/2009 - 20:19:47.) -- C:\Windows\system32\Drivers\Cdfs.sys [92160]
[MD5.F036CE71586E93D94DAB220D7BDF4416] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.21/11/2010 - 00:23:47.) -- C:\Windows\system32\Drivers\Cdrom.sys [147456]
[MD5.9BB2EF44EAA163B29C4A4587887A0FE4] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.21/11/2010 - 00:24:32.) -- C:\Windows\system32\Drivers\DfsC.sys [102400]
[MD5.97BFED39B6B79EB12CDDBFEED51F56BB] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.21/11/2010 - 00:23:47.) -- C:\Windows\system32\Drivers\HDAudBus.sys [122368]
[MD5.FA55C73D4AFFA7EE23AC4BE53B4592D3] - (.Microsoft Corporation - Driver de porta i8042.) (.13/07/2009 - 20:19:57.) -- C:\Windows\system32\Drivers\i8042prt.sys [105472]
[MD5.AF9B39A7E7B6CAA203B3862582E9F2D0] - (.Microsoft Corporation - IP Network Address Translator.) (.13/07/2009 - 21:10:03.) -- C:\Windows\system32\Drivers\IpNat.sys [116224]
[MD5.A5D9106A73DC88564C825D317CAC68AC] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.04/05/2012 - 09:26:51.) -- C:\Windows\system32\Drivers\MRxSmb.sys [158208]
[MD5.09594D1089C523423B32A4229263F068] - (.Microsoft Corporation - MBT Transport driver.) (.21/11/2010 - 00:23:51.) -- C:\Windows\system32\Drivers\netBT.sys [261632]
[MD5.1A29A59A4C5BA6F8C85062A613B7E2B2] - (.Microsoft Corporation - Driver do Sistema de Arquivos NT.) (.23/01/2014 - 23:37:55.) -- C:\Windows\system32\Drivers\ntfs.sys [1684928]
[MD5.0086431C29C35BE1DBC43F52CC273887] - (.Microsoft Corporation - Driver de porta paralela.) (.13/07/2009 - 21:00:41.) -- C:\Windows\system32\Drivers\Parport.sys [97280]
[MD5.471815800AE33E6F1C32FB1B97C490CA] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.21/11/2010 - 00:24:33.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [129536]
[MD5.1B6163C503398B23FF8B939C67747683] - (.Microsoft Corporation - Microsoft RDP Device redirector.) (.21/11/2010 - 00:25:07.) -- C:\Windows\system32\Drivers\rdpdr.sys [165888]
[MD5.548260A7B8654E024DC30BF8A7C5BAA4] - (.Microsoft Corporation - SMB Transport driver.) (.13/07/2009 - 21:09:09.) -- C:\Windows\system32\Drivers\smb.sys [93184]
[MD5.DDAD5A7AB24D8B65F8D724F5C20FD806] - (.Microsoft Corporation - TDI Translation Driver.) (.21/11/2010 - 00:24:32.) -- C:\Windows\system32\Drivers\tdx.sys [119296]
[MD5.0D08D2F3B3FF84E433346669B5E0F639] - (.Microsoft Corporation - Driver de cópia de sombra de volume.) (.21/11/2010 - 00:23:47.) -- C:\Windows\system32\Drivers\volsnap.sys [295808]
~ Generic Processes: Scanned in 00mn 00s
---\\ Estatuto dos ficheiros ocultos (Oculto/Total)
~ Mes images (My Pictures) : 2/1074
~ Mes musiques (My Musics) : 1/159
~ Mes Videos (My Videos) : 1/3
~ Mes Favoris (My Favorites) : 1/8
~ Mes Documents (My Documents) : 1/78
~ Mon Bureau (My Desktop) : 1/31
~ Menu demarrer (Programs) : 1/26
~ Hidden Files: Scanned in 00mn 00s
---\\ Processos lançados
[MD5.80F11EB20864E94CFA97D673456027FB] - (.RAIDCALL.COM - Raidcall.) -- C:\Program Files\RaidCall.BR\raidcall.exe [4136648] [PID.1704]
[MD5.42663C9A625EA030F10746EBA60F8CCD] - (.NVIDIA Corporation - NVIDIA GeForce Experience Backend.) -- C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2350880] [PID.2500]
[MD5.449E6CD914920B84DDDF0F12880411EE] - (.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe [21444224] [PID.2548]
[MD5.7DFCCC67990B6DE7F30F553A4E4612A4] - (...) -- C:\Program Files (x86)\RocketDock\RocketDock.exe [495616] [PID.2556]
[MD5.26AFC1F16494FFE66F2197153B342A27] - (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe [4086432] [PID.2860]
[MD5.A56B9225499D0B709F8D67EC18A59958] - (.Razer Inc. - Razer Synapse.) -- C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [585560] [PID.2868]
[MD5.C368EA4E7312AF32FAD85967777121F4] - (.Valve Corporation - Steam Client Bootstrapper.) -- C:\Program Files (x86)\Steam\Steam.exe [1753280] [PID.5268]
[MD5.B43E68B8A022FB00FF54360D408E871B] - (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [860488] [PID.900]
[MD5.0DA8636ACBF55A4CA6350FEA7D789828] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [8082432] [PID.2064]
[MD5.718D79F2E7EC3AFFD3661DA81F93BBEA] - (.NVIDIA Corporation - Stereo Vision Control Panel API Server.) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [413128] [PID.920]
[MD5.73F5C13B431915BAE35254B4E95DFB71] - (.AVAST Software - avast! Service.) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344] [PID.1244]
[MD5.D386D51B1839E208EF7CCFBFA964638E] - (.AVAST Software - avast! firewall service.) -- C:\Program Files\AVAST Software\Avast\afwServ.exe [106488] [PID.1464]
[MD5.B1EA9681502EE57F87DB71D726288A5B] - (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [65192] [PID.1956]
[MD5.6B73E94F9FE82D45781B8C8A09483082] - (.Apple Inc. - YSLoader.exe.) -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [43336] [PID.1276]
[MD5.E09C5339746C10596C1BA740956F3416] - (.NVIDIA Corporation - NVIDIA Network Service.) -- C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1631008] [PID.2352]
[MD5.3438EFDC30F7A41D3598ED60BBF6CF2A] - (.TeamViewer GmbH - TeamViewer 9.) -- C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe [5037888] [PID.3104]
[MD5.C56E64BA70DC822B84D100A6F8D690D3] - (.Intel Corporation - Local Manageability Service.) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [277784] [PID.5116]
[MD5.0F9E1BC7E2BEA1A4108EC9736CF0C2D9] - (.Intel Corporation - User Notification Service.) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [363800] [PID.3940]
~ Processes Running: Scanned in 00mn 01s
---\\ Google Chrome, Arranque,Pesquisa,Extensões (G0,G1,G2)
C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Preferences
G2 - GCE: Preference [User Data\Default] [ahfgeienlihckogmohjhadlkjgocpleb] Loja v.0.2 (Activé)
G2 - GCE: Preference [User Data\Default] [kmendfapggjehodndflmmgagdbamhnfd] CryptoTokenExtension v.0.0.1 (Activé)
G2 - GCE: Preference [User Data\Default] [neajdppkdcdipfabeoofebfddakdcjhd] Google Network Speech v.1.0 (Activé)
G2 - GCE: Preference [User Data\Default] [pafkbggdmjlpgkdkcbjmhmfcdpncadgh] Google Now v.1.2.0.1 (Activé)
---\\ Pasta de extensão do Google Chrome
~ Google Lines Browser: 16 Legitimates Filtered in 00mn 04s
---\\ Internet Explorer, Gestão do Proxy (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s
---\\ Análise das linhas F0, F1, F2, F3 - Ficheiros ini, Carregamento Automático de programas
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys: Scanned in 00mn 00s
---\\ Redireção do ficheiro Hosts (01)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File: Scanned in 00mn 00s
~ Nombre de lignes (Lines number): 21
---\\ Aplicações iniciadas por registo & pastas (04)
O4 - HKLM\..\Run: [NvBackend] . (.NVIDIA Corporation - NVIDIA GeForce Experience Backend.) -- C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
O4 - HKLM\..\Run: [ShadowPlay] . (.NVIDIA Corporation - NVIDIA Capture Server Proxy.) -- C:\Windows\system32\nvspcap64.dll
O4 - HKLM\..\Run: [RTHDVCPL] . (.Realtek Semiconductor - Gerenciador de áudio HD Realtek.) -- C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
O4 - HKCU\..\Run: [Skype] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe =>.Skype Technologies S.A.
O4 - HKCU\..\Run: [RocketDock] . (...) -- C:\Program Files (x86)\RocketDock\RocketDock.exe
O4 - HKLM\..\Wow6432Node\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe =>.Adobe Systems Incorporated
O4 - HKLM\..\Wow6432Node\Run: [AvastUI.exe] . (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
O4 - HKLM\..\Wow6432Node\Run: [Razer Synapse] . (.Razer Inc. - Razer Synapse.) -- C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets da Área de Trabalho do Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets da Área de Trabalho do Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-21-1758606025-4058047857-1023707703-1000\..\Run: [Skype] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe =>.Skype Technologies S.A.
O4 - HKUS\S-1-5-21-1758606025-4058047857-1023707703-1000\..\Run: [RocketDock] . (...) -- C:\Program Files (x86)\RocketDock\RocketDock.exe
~ Application: Scanned in 00mn 00s
---\\ Boutões da barra de ferramentas principal do Internet Explorer (09)
O9 - Extra button: &Enviar para o OneNote [64Bits] - {2670000A-7350-4f3c-8081-5663EE0C6C49} -- C:\Program Files (x86)\MICROS~2\Office15\ONBttnIE.dll (.not file.)
O9 - Extra button: Clique para Telefonar do Lync [64Bits] - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} . (.Microsoft Corporation - Microsoft Lync.) -- C:\Program Files\Microsoft Office\Office15\lync.exe
O9 - Extra button: &Anotações Vinculadas do OneNote [64Bits] - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} -- C:\Program Files (x86)\MICROS~2\Office15\ONBTTN~1.dll (.not file.)
~ IE Extra Buttons: Scanned in 00mn 00s
---\\ Alteração Dominio/Clientes DNS (017)
O17 - HKLM\System\CCS\Services\Tcpip\..\{4E52E742-8D85-4154-909C-7201A340A52F}: NameServer = 187.84.240.11,187.84.240.14
O17 - HKLM\System\CCS\Services\Tcpip\..\{4E52E742-8D85-4154-909C-7201A340A52F}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{4E52E742-8D85-4154-909C-7201A340A52F}: NameServer = 187.84.240.11,187.84.240.14
O17 - HKLM\System\CS1\Services\Tcpip\..\{4E52E742-8D85-4154-909C-7201A340A52F}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{4E52E742-8D85-4154-909C-7201A340A52F}: NameServer = 187.84.240.11,187.84.240.14
O17 - HKLM\System\CS2\Services\Tcpip\..\{4E52E742-8D85-4154-909C-7201A340A52F}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
~ Domain: Scanned in 00mn 00s
---\\ Protocolo adicional (018)
O18 - Handler: vbscript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visualizador de HTML da Microsoft (R).) -- C:\Windows\System32\mshtml.dll
O18 - Filter: text/xml [64Bits] - {807583E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.dll =>.Microsoft Corporation
~ Protocole Additionnel: Scanned in 00mn 00s
---\\ Lista dos serviços NT não Microsoft e não desativados (023)
O23 - Service: Razer Surround Audio Service (RzMaelstromVADStreamingService) . (.A-Volute - Maelstrom VAD Streaming Service.) - C:\ProgramData\Razer\Synapse\Devices\Razer Surround\Driver\RzMaelstromVADStreamingService.exe
~ Services: 16 Legitimates Filtered in 00mn 16s
---\\ Tarefas planificadas automaticamente (039)
[MD5.80F11EB20864E94CFA97D673456027FB] [APT] [Raidcall_EN] (.RAIDCALL.COM.) -- C:\Program Files\RaidCall.BR\raidcall.exe [4136648]
O39 - APT: - (..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore [1060]
O39 - APT: - (..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA [1064]
~ Scheduled Task: 13 Legitimates Filtered in 00mn 06s
---\\ Software instalados (042)
O42 - Logiciel: PSoul versão 2.7.8 - (.PSoul.) [HKLM][64Bits] -- {5C5FB05F-B231-4A43-BD55-20A593AE740F}_is1
O42 - Logiciel: Strike Suit Infinity - (.Born Ready Games Ltd..) [HKLM][64Bits] -- Steam App 234160
O42 - Logiciel: Woodle Tree Adventures - (.Fabio Ferrara.) [HKLM][64Bits] -- Steam App 299460
~ Logic: 18 Legitimates Filtered in 00mn 00s
---\\ HKCU & HKLM Software Keys
[HKCU\Software\Administrator]
[HKCU\Software\OB]
[HKCU\Software\Shortcut_Module]
[HKLM\Software\Shortcut_Module]
[HKLM\Software\Wow6432Node\ETS2MP]
[HKLM\Software\Wow6432Node\RCBR]
[HKLM\Software\Wow6432Node\Shortcut_Module]
~ Key Software: 264 Legitimates Filtered in 00mn 00s
---\\ Conteúdo das pastas Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 04/06/2014 - 22:32:18 - [] ----D C:\Program Files (x86)\PSoul
O43 - CFD: 17/06/2014 - 20:00:40 - [] ----D C:\Users\User\AppData\Roaming\.technic
O43 - CFD: 12/06/2014 - 19:07:51 - [] ----D C:\Users\User\AppData\Roaming\ProductData
O43 - CFD: 22/07/2014 - 21:40:38 - [0] ----D C:\Users\User\AppData\Local\pangu
~ Program Folder: 155 Legitimates Filtered in 00mn 00s
---\\ Últimos ficheiros alterados ou criados no Windows e Sistema32 (044)
O44 - LFC:[MD5.D95E64416A4A3ED6986E0F474DA934BD] - 13/07/2014 - 16:55:59 ---A- . (...) -- C:\Windows\System32\Drivers\aswHwid.sys [29208]
O44 - LFC:[MD5.FED0FC103F369F49A166DCDE2A45DCA4] - 15/07/2014 - 15:58:24 ---A- . (...) -- C:\Windows\System32\prfc0416.dat [147314]
O44 - LFC:[MD5.0ADD1ACEDF5489B36D7785DE111037B0] - 15/07/2014 - 15:58:24 ---A- . (...) -- C:\Windows\System32\prfh0416.dat [705474]
O44 - LFC:[MD5.AAEECC26548C8FFA79E0CA779B50C0B4] - 26/07/2014 - 12:09:02 ---A- . (...) -- C:\Windows\System32\ASOROSet.bin [1656]
O44 - LFC:[MD5.2884DA0E5CE6D42F31FC4476A8947F1B] - 27/07/2014 - 02:03:17 ---A- . (.No owner - SDL.) -- C:\Windows\System32\sdl.dll [647168]
O44 - LFC:[MD5.C443419ACA85827AD626CBDFC185B6CB] - 27/07/2014 - 19:49:02 ---A- . (...) -- C:\Windows\ntbtlog.txt [114876]
O44 - LFC:[MD5.AF90C0AB83C7481A433026E2319FB78C] - 27/07/2014 - 19:54:47 ---A- . (...) -- C:\Shortcut_Module.txt [29250]
O44 - LFC:[MD5.D534B20A68DF6B54CE6E72E9D3730416] - 27/07/2014 - 20:29:58 ---A- . (...) -- C:\zoek-results2014-07-27-232958.log [21600]
O44 - LFC:[MD5.29CE98551097D8328F6451225A50FA35] - 28/07/2014 - 12:20:21 ---A- . (...) -- C:\zoek-results2014-07-28-152021.log [11979]
O44 - LFC:[MD5.AB28A0FD16FCD2D604B3ABF11B82227D] - 28/07/2014 - 13:53:37 ---A- . (...) -- C:\zoek-results2014-07-28-165337.log [3351]
O44 - LFC:[MD5.521A10F9CB8C11AAE69BEB996DFF42A6] - 28/07/2014 - 14:04:29 ---A- . (...) -- C:\zoek-results.log [2367]
O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 28/07/2014 - 16:25:15 ---A- . (...) -- C:\Windows\System32\RzMaelstromVADAudioDeviceManager_log.txt [0]
~ Files: 32 Legitimates Filtered in 00mn 03s
---\\ Chave do registo Shell MountPoints2 (MPKS) (O51)
O51 - MPSK:{ec50912b-e902-11e3-b87c-e06995fdfcd6}\AutoRun\command. (...) -- F:\cdstart.exe (.not file.)
~ Keys: Scanned in 00mn 00s
---\\ Pesquisa de infeções nos drivers (HKLM)(TDSD) (O52)
O52 - TDSD: \Drivers32\"VIDC.X264"="x264vfw64.dll" . (.x264vfw project - x264vfw - H.264/MPEG-4 AVC codec.) -- C:\Windows\System32\x264vfw64.dll
~ TDSD: 12 Legitimates Filtered in 00mn 00s
---\\ Enumeração das chaves do registo PoliciesSystem (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=0
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
~ MWPS: 18 Legitimates Filtered in 00mn 00s
---\\ Enumeração das chaves do registo PoliciesExplorer (MWPE) (O56)
O56 - MWPE:[HKCU\...\policies\Explorer] - "NoThumbnailCache"=1
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktopChanges"=1
~ MWPE Keys: 5 Legitimates Filtered in 00mn 00s
---\\ Lista dos drivers do sistema (SDL) (O58)
O58 - SDL:13/07/2014 - 16:55:59 ---A- . (...) -- C:\Windows\System32\Drivers\aswHwid.sys [29208] =>.ALWIL Software
O58 - SDL:13/07/2014 - 16:55:59 ---A- . (...) -- C:\Windows\System32\Drivers\aswRvrt.sys [65776] =>.ALWIL Software
O58 - SDL:13/07/2014 - 16:56:00 ---A- . (...) -- C:\Windows\System32\Drivers\aswVmm.sys [224896] =>.ALWIL Software
O58 - SDL:13/07/2009 - 22:47:48 ---A- . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\System32\Drivers\elxstor.sys [530496]
O58 - SDL:10/06/2009 - 17:31:59 ---A- . (.Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for eHome.) -- C:\Windows\System32\Drivers\hcw85cir.sys [31232]
O58 - SDL:09/06/2014 - 06:49:00 ---A- . (.Windows (R) Win 7 DDK provider - Maelstrom VAD Audio driver.) -- C:\Windows\System32\Drivers\RzMaelstromVAD.sys [32768]
O58 - SDL:13/07/2009 - 22:45:55 ---A- . (.Promise Technology - Promise SuperTrak EX Series Driver for Windows.) -- C:\Windows\System32\Drivers\stexstor.sys [24656]
O58 - SDL:06/06/2014 - 16:13:19 ---A- . (...) -- C:\Windows\System32\Drivers\SWDUMon.sys [16152]
O58 - SDL:18/03/2013 - 16:51:08 ---A- . (.Apple, Inc. - Apple Mobile Device USB Driver.) -- C:\Windows\System32\Drivers\usbaapl64.sys [54784]
~ Drivers: 68 Legitimates Filtered in 00mn 01s
---\\ Lista das ferramentas de remoção de vírus (LAT) (063)
O63 - Logiciel: ZHPDiag 2014 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =>.Nicolas Coolman
~ ADS: Scanned in 00mn 00s
---\\ Lista dos serviços Legacy du registo (064)
O64 - Services: CurCS - 13/07/2014 - C:\Windows\system32\drivers\aswHwid.sys (aswHwid) .(...) - LEGACY_ASWHWID
O64 - Services: CurCS - 10/06/2009 - C:\Windows\System32\Drivers\secdrv.sys (secdrv) .(.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) - LEGACY_SECDRV
~ Legacy: 82 Legitimates Filtered in 00mn 00s
---\\ Associações Shell Spawning (O67)
O67 - Shell Spawning: <.html>
~ FASS Keys: 11 Legitimates Filtered in 00mn 00s
---\\ Menu de inicialização Internet (068)
O68 - StartMenuInternet:
O68 - StartMenuInternet:
~ Keys: Scanned in 00mn 00s
---\\ Pesquisa de infeção nos navegadores da Internet (SBI) (069)
O69 - SBI: SearchScopes [HKCU] {012E1000-F331-11DB-8314-0800200C9A66} [DefaultScope] - (Google) - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (Bing) - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O69 - SBI: SearchScopes [HKCU] {6551AB67-100C-45E6-B2F1-B9A058B4191D} - (Google) - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
~ Keys: Scanned in 00mn 00s
---\\ Pesquisa adicional à raiz do sistema (radicular) (SPRF) (O84)
[MD5.5A3E1852C59194FC29F4332B40A960A7] [SPRF][27/07/2014] (.No owner - Shortcut_Module.) -- C:\Users\User\Desktop\Shortcut_Module.exe [2679808]
[MD5.B6F3EFF7F38D65A0C54B11A675173300] [SPRF][27/07/2014] (...) -- C:\Users\User\Desktop\zoek.exe [1287168]
~ Files: 2 Legitimates Filtered in 00mn 00s
---\\ Lista das exceções do FireWall (FirewallRules) (O87)
O87 - FAEL: "{782D799E-89A8-48CE-B402-5BAA5A31C71A}" | In - None - P6 - TRUE | .(.BitTorrent Inc. - µTorrent.) -- C:\Users\User\Tudo\Programas\utorrent.exe =>P2P.BitTorrent
O87 - FAEL: "{125948D4-6AB7-4244-8811-EE986E95BBEF}" | In - None - P17 - TRUE | .(.BitTorrent Inc. - µTorrent.) -- C:\Users\User\Tudo\Programas\utorrent.exe =>P2P.BitTorrent
~ Firewall: 2 Legitimates Filtered in 00mn 01s
---\\ Estado general dos serviços não Microsoft (EGS) (SR=Executados, SS=Parados)
SS - | Auto 31/05/2014 116648 | (gupdate) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 31/05/2014 116648 | (gupdatem) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 09/05/2011 136120 | (gusvc) . (.Google.) - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
SS - | Demand 08/07/2014 641352 | (iPod Service) . (.Apple Inc..) - C:\Program Files\iPod\bin\iPodService.exe
SS - | Auto 29/05/2014 21055432 | (NvStreamSvc) . (.NVIDIA Corporation.) - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
SS - | Auto 23/10/2013 172192 | (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files (x86)\Skype\Updater\Updater.exe
SS - | Demand 08/02/2014 569024 | (Steam Client Service) . (.Valve Corporation.) - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
SS - | Demand 10/07/1658 0 | (WMPNetworkSvc) . (...) - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe =>.Microsoft Corporation
SR - | Auto 23/09/2012 65192 | (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
SR - | Auto 12/06/2014 43336 | (Apple Mobile Device) . (.Apple Inc..) - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
SR - | Auto 13/07/2014 50344 | (avast! Antivirus) . (.AVAST Software.) - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
SR - | Auto 13/07/2014 106488 | (avast! Firewall) . (.AVAST Software.) - C:\Program Files\AVAST Software\Avast\afwServ.exe
SR - | Auto 30/08/2011 462184 | (Bonjour Service) . (.Apple Inc..) - C:\Program Files\Bonjour\mDNSResponder.exe
SR - | Auto 08/12/2011 607456 | (Intel(R) Capability Licensing Service Interface) . (.Intel(R) Corporation.) - C:\Program Files\Intel\iCLS Client\HeciServer.exe
SR - | Auto 16/12/2011 277784 | (LMS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
SR - | Auto 29/05/2014 1631008 | (NvNetworkService) . (.NVIDIA Corporation.) - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
SR - | Auto 19/05/2014 927520 | (nvsvc) . (.NVIDIA Corporation.) - C:\Windows\system32\nvvsvc.exe
SR - | Auto 09/06/2014 4250624 | (RzMaelstromVADStreamingService) . (.A-Volute.) - C:\ProgramData\Razer\Synapse\Devices\Razer Surround\Driver\RzMaelstromVADStreamingService.exe
SR - | Auto 19/05/2014 413128 | (Stereo Service) . (.NVIDIA Corporation.) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
SR - | Auto 02/07/2014 5037888 | (TeamViewer9) . (.TeamViewer GmbH.) - C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
SR - | Auto 16/12/2011 363800 | (UNS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
SR - | Auto 13/07/2009 27136 | C:\Program Files (x86)\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SR - | Auto 13/07/2009 27136 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
~ Services: Scanned in 00mn 13s
---\\ Scâner Aditional (088)
Database Version : 13026 - (27/07/2014)
Clés trouvées (Keys found) : 0
Valeurs trouvées (Values found) : 0
Dossiers trouvés (Folders found) : 0
Fichiers trouvés (Files found) : 0
~ Additionnel Scan: 307623 Items scanned in 01mn 17s
---\\ Informações complémentaires do módulos
~ [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>.Google Chrome, Arranque,Pesquisa,Extensões (G0,G1,G2)
~ [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>.Internet Explorer, Gestão do Proxy (R5)
~ [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>.Aplicações iniciadas por registo & pastas (04)
~ [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>.Chave do registo Shell MountPoints2 (MPKS) (O51)
~ AMI: 4 Legitimates Filtered in 00mn 00s
---\\ Sumário das deteções encontradas na sua estação
~ MSI: 0 link(s) detected in 00mn 00s
~ 794 Legitimates filtered by white list
End of the scan (424 lines in 02mn 29s)(0)
DjBruxinho- Iniciante
- Mensagens : 25
Reputação : 0
Data de inscrição : 27/07/2014
Página 1 de 2 • 1, 2
Tópicos semelhantes» Erro ERR_CONNECTION_REFUSED
» Como excluir Baidu Antivirus e Baidu PC Faster
» Erro 711 e erro 1068
» Erro Run DLL
» COMO REMOVER LINK BUCKS
» Como excluir Baidu Antivirus e Baidu PC Faster
» Erro 711 e erro 1068
» Erro Run DLL
» COMO REMOVER LINK BUCKS
Página 1 de 2
Permissões neste sub-fórum
Não podes responder a tópicos|
|
|