Flux RSS


Yahoo! 
MSN 
AOL 
Netvibes 
Bloglines 


Social bookmarking

Social bookmarking Digg  Social bookmarking Delicious  Social bookmarking Reddit  Social bookmarking Stumbleupon  Social bookmarking Slashdot  Social bookmarking Yahoo  Social bookmarking Google  Social bookmarking Blinklist  Social bookmarking Blogmarks  Social bookmarking Technorati  

Conservar e compartilhar o endereço de PC Seguro em seu site de social bookmarking

Conservar e compartilhar o endereço de Fórum PC Brasil em seu site de social bookmarking

Estatísticas
Temos 14412 usuários registrados
O último usuário registrado atende pelo nome de LucasDrBr

Os nossos membros postaram um total de 35075 mensagens em 3551 assuntos
Quem está conectado
1 usuário online :: Nenhum usuário registrado, Nenhum Invisível e 1 Visitante :: 1 Motor de busca

Nenhum

O recorde de usuários online foi de 108 em Qui 15 Maio 2014, 21:18
Buscar
 
 

Resultados por:
 


Rechercher Busca avançada

Julho 2017
SegTerQuaQuiSexSabDom
     12
3456789
10111213141516
17181920212223
24252627282930
31      

Calendário Calendário

Palavras chave


computador com malware baidu e outros

Página 2 de 2 Anterior  1, 2

Ver o tópico anterior Ver o tópico seguinte Ir em baixo

(RESOLVIDO) computador com malware baidu e outros

Mensagem por suportevam em Ter 26 Ago 2014, 11:00

---\\ Software installed (O42)
O42 - Logiciel: 7-Zip 9.20 - (...)  [HKLM] [64Bits] -- 7-Zip
O42 - Logiciel: DAEMON Tools Lite - (.Disc Soft Ltd.)  [HKLM] [64Bits] -- DAEMON Tools Lite
O42 - Logiciel: Instalação do DivX - (.DivX, LLC.)  [HKLM] [64Bits] -- DivX Setup
O42 - Logiciel: ESET Online Scanner v3 - (...)  [HKLM] [64Bits] -- ESET Online Scanner
O42 - Logiciel: CyberLink YouCam - (.CyberLink Corp..)  [HKLM] [64Bits] -- InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}  =>.© CyberLink Corp.
O42 - Logiciel: Kaspersky Security Center Network Agent - (.Kaspersky Lab.)  [HKLM] [64Bits] -- InstallWIX_{BCF4CF24-88AB-45E1-A6E6-40C8278A70C5}
O42 - Logiciel: Malwarebytes Anti-Malware versão 1.75.0.1300 - (.Malwarebytes Corporation.)  [HKLM] [64Bits] -- Malwarebytes' Anti-Malware_is1  =>.© Malwarebytes Corporation
O42 - Logiciel: Mozilla Firefox 26.0 (x86 pt-BR) - (.Mozilla.)  [HKLM] [64Bits] -- Mozilla Firefox 26.0 (x86 pt-BR)  =>.© Mozilla
O42 - Logiciel: Mozilla Maintenance Service - (.Mozilla.)  [HKLM] [64Bits] -- MozillaMaintenanceService  =>.© Mozilla
O42 - Logiciel: OCS Inventory Agent 4.0.5.4 - (.OCS Inventory NG Team.)  [HKLM] [64Bits] -- OCS Inventory Agent
O42 - Logiciel: SAP GUI for Windows 7.20 - (.SAP.)  [HKLM] [64Bits] -- SAPGUI710
O42 - Logiciel: UltraVnc - (.uvnc bvba.)  [HKLM] [64Bits] -- Ultravnc2_is1
O42 - Logiciel: VIVO INTERNET - (.Huawei Technologies Co.,Ltd.)  [HKLM] [64Bits] -- VIVO INTERNET
O42 - Logiciel: WinRAR 4.20 (32-bit) - (.win.rar GmbH.)  [HKLM] [64Bits] -- WinRAR archiver  =>.© win.rar GmbH
O42 - Logiciel: WorldUnlock Codes Calculator - (...)  [HKLM] [64Bits] -- WorldUnlock Codes Calculator
O42 - Logiciel: ZHPDiag 2014 - (.Nicolas Coolman.)  [HKLM] [64Bits] -- ZHPDiag_is1  =>.© Nicolas Coolman
O42 - Logiciel: CyberLink YouCam - (.CyberLink Corp..)  [HKLM] [64Bits] -- {01FB4998-33C4-4431-85ED-079E3EEFE75D}  =>.© CyberLink Corp.
O42 - Logiciel: HP Customer Experience Enhancements - (.Hewlett-Packard.)  [HKLM] [64Bits] -- {07FA4960-B038-49EB-891B-9F95930AA544}  =>.© Hewlett-Packard
O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 - (.Microsoft Corporation.)  [HKLM] [64Bits] -- {1F1C2DFC-2D24-3E06-BCB8-725134ADF989}  =>.© Microsoft Corporation
O42 - Logiciel: Java 7 Update 25 - (.Oracle.)  [HKLM] [64Bits] -- {26A24AE4-039D-4CA4-87B4-2F83217025FF}  =>.© Oracle
O42 - Logiciel: Softphone - (.Avaya.)  [HKLM] [64Bits] -- {355F7877-5D18-40D8-AD5E-966516A82A63}
O42 - Logiciel: opensource - (.Your Company Name.)  [HKLM] [64Bits] -- {3677D4D8-E5E0-49FC-B86E-06541CF00BBE}
O42 - Logiciel: Controle ActiveX do Windows Live Mesh para Conexões Remotas - (.Microsoft Corporation.)  [HKLM] [64Bits] -- {39B3184E-0BFB-40FA-ADDC-E7E2D535CDA9}  =>.© Microsoft Corporation
O42 - Logiciel: Intel(R) Rapid Storage Technology - (.Intel Corporation.)  [HKLM] [64Bits] -- {3E29EE6C-963A-4aae-86C1-DC237C4A49FC}  =>.© Intel Corporation
O42 - Logiciel: HP Setup - (.Hewlett-Packard Company.)  [HKLM] [64Bits] -- {438363A8-F486-4C37-834C-4955773CB3D3}  =>.© Hewlett-Packard Company
O42 - Logiciel: MSXML4.0 redistributable - (.SAP.)  [HKLM] [64Bits] -- {44D66AD9-AE19-4AFD-BE7E-A1B44C856697}
O42 - Logiciel: Java Auto Updater - (.Sun Microsystems, Inc..)  [HKLM] [64Bits] -- {4A03706F-666A-4037-7777-5F2748764D10}  =>.© Sun Microsystems, Inc.
O42 - Logiciel: HP Documentation - (.Hewlett-Packard.)  [HKLM] [64Bits] -- {4FAC8FE6-7EB2-47FF-A1FE-572E00EDB340}  =>.© Hewlett-Packard
O42 - Logiciel: HP Quick Launch - (.Hewlett-Packard Company.)  [HKLM] [64Bits] -- {53B17A98-5BF0-40BC-AAFF-850A357975AC}  =>.© Hewlett-Packard Company
O42 - Logiciel: swMSM - (.Adobe Systems, Inc.)  [HKLM] [64Bits] -- {612C34C7-5E90-47D8-9B5C-0F717DD82726}  =>.© Adobe Systems, Inc
O42 - Logiciel: Intel(R) Management Engine Components - (.Intel Corporation.)  [HKLM] [64Bits] -- {65153EA5-8B6E-43B6-857B-C6E4FC25798A}  =>.© Intel Corporation
O42 - Logiciel: ESU for Microsoft Windows 7 SP1 - (.Hewlett-Packard.)  [HKLM] [64Bits] -- {7DA9DD7F-F4D9-40FB-BD27-69B7731DEDD9}  =>.© Hewlett-Packard
O42 - Logiciel: HP Power Manager - (.Hewlett-Packard Company.)  [HKLM] [64Bits] -- {7E799992-5DA0-4A1A-9443-B1836B063FEC}  =>.© Hewlett-Packard Company
O42 - Logiciel: IP Office Admin Suite - (.Avaya.)  [HKLM] [64Bits] -- {87D14E59-B662-41AF-8D46-A70B44B00177}
O42 - Logiciel: Realtek Ethernet Controller Driver - (.Realtek.)  [HKLM] [64Bits] -- {8833FFB6-5B0C-4764-81AA-06DFEED9A476}  =>.© Realtek
O42 - Logiciel: Microsoft Silverlight - (.Microsoft Corporation.)  [HKLM] [64Bits] -- {89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}  =>.© Microsoft Corporation
O42 - Logiciel: Evernote v. 4.5.2 - (.Evernote Corp..)  [HKLM] [64Bits] -- {8CE152BA-1D16-11E1-867D-984BE15F174E}
O42 - Logiciel: Office 15 Click-to-Run Extensibility Component - (.Microsoft Corporation.)  [HKLM] [64Bits] -- {90150000-008C-0000-0000-0000000FF1CE}  =>.© Microsoft Corporation
O42 - Logiciel: Office 15 Click-to-Run Localization Component - (.Microsoft Corporation.)  [HKLM] [64Bits] -- {90150000-008C-0416-0000-0000000FF1CE}  =>.© Microsoft Corporation
O42 - Logiciel: VC80CRTRedist - 8.0.50727.6195 - (.DivX, Inc.)  [HKLM] [64Bits] -- {933B4015-4618-4716-A828-5289FC03165F}
O42 - Logiciel: Microsoft redistributable runtime DLLs VS2008 SP1(x86) - (.SAP AG.)  [HKLM] [64Bits] -- {A47A9101-6EB5-4314-BDA1-297880FBB908}
O42 - Logiciel: UltraVNC v1.0.2 - (.UltraVNC.)  [HKLM] [64Bits] -- {A8AD990E-355A-4413-8647-A9B168978423}_is1
O42 - Logiciel: Adobe Reader XI (11.0.08) - Português - (.Adobe Systems Incorporated.)  [HKLM] [64Bits] -- {AC76BA86-7AD7-1046-7B44-AB0000000001}  =>.© Adobe Systems Incorporated
O42 - Logiciel: Kaspersky Security Center Network Agent - (.Kaspersky Lab.)  [HKLM] [64Bits] -- {BCF4CF24-88AB-45E1-A6E6-40C8278A70C5}
O42 - Logiciel: Realtek PCIE Card Reader - (.Realtek Semiconductor Corp..)  [HKLM] [64Bits] -- {C1594429-8296-4652-BF54-9DBE4932A44C}  =>.© Realtek Semiconductor Corp.
O42 - Logiciel: HP Support Solutions Framework - (.Hewlett-Packard Company.)  [HKLM] [64Bits] -- {C43602FE-988C-47BA-9F9F-B95FDDAFB624}  =>.© Hewlett-Packard Company
O42 - Logiciel: vcredist_x86 - (.SAP.)  [HKLM] [64Bits] -- {CEC7A786-A9C8-4EF7-BB59-6518E3B3C878}
O42 - Logiciel: HP Recovery Manager - (.Hewlett-Packard.)  [HKLM] [64Bits] -- {DBCD5E64-7379-4648-9444-8A6558DCB614}  =>.© Hewlett-Packard
O42 - Logiciel: HP On Screen Display - (.Hewlett-Packard Company.)  [HKLM] [64Bits] -- {ED1BD69A-07E3-418C-91F1-D856582581BF}  =>.© Hewlett-Packard Company
O42 - Logiciel: Intel(R) Processor Graphics - (.Intel Corporation.)  [HKLM] [64Bits] -- {F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}  =>.© Intel Corporation
O42 - Logiciel: Realtek High Definition Audio Driver - (.Realtek Semiconductor Corp..)  [HKLM] [64Bits] -- {F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}  =>.© Realtek Semiconductor Corp.
O42 - Logiciel: Freedom Scientific Synthesizer Eloquence - (.Freedom Scientific.)  [HKLM] [64Bits] -- {F4DA19E5-A560-4313-8623-3493DCE3C681}
O42 - Logiciel: Intel(R) Control Center - (.Intel Corporation.)  [HKLM] [64Bits] -- {F8A9085D-4C7A-41a9-8A77-C8998A96C421}  =>.© Intel Corporation
O42 - Logiciel: Intel(R) OpenCL CPU Runtime - (.Intel Corporation.)  [HKLM] [64Bits] -- {FCB3772C-B7D0-4933-B1A9-3707EBACC573}  =>.© Intel Corporation
O42 - Logiciel: HP Software Framework - (.Hewlett-Packard Company.)  [HKLM] [64Bits] -- {FEDCBEE7-EB9D-42F6-939C-20781814ECFB}  =>.© Hewlett-Packard Company
O42 - Logiciel: Adobe Flash Player 11 ActiveX 64-bit - (.Adobe Systems Incorporated.)  [HKLM]-- Adobe Flash Player ActiveX  =>.© Adobe Systems Incorporated
O42 - Logiciel: CCleaner - (.Piriform.)  [HKLM]-- CCleaner  =>.© Piriform
O42 - Logiciel: CutePDF Writer 2.8 - (...)  [HKLM]-- CutePDF Writer Installation
O42 - Logiciel: Microsoft Office Home and Business 2013 - pt-br - (.Microsoft Corporation.)  [HKLM]-- HomeBusinessRetail - pt-br  =>.© Microsoft Corporation
O42 - Logiciel: Microsoft .NET Framework 4 Client Profile - (.Microsoft Corporation.)  [HKLM]-- Microsoft .NET Framework 4 Client Profile  =>.© Microsoft Corporation
O42 - Logiciel: Pacote de Idiomas do Microsoft .NET Framework 4 Client Profile - Português (Brasil) - (.Microsoft Corporation.)  [HKLM]-- Microsoft .NET Framework 4 Client Profile PTB Language Pack  =>.© Microsoft Corporation
O42 - Logiciel: Synaptics Pointing Device Driver - (.Synaptics Incorporated.)  [HKLM]-- SynTPDeinstKey  =>.© Synaptics Incorporated
O42 - Logiciel: Kaspersky Endpoint Security 10 para Windows - (.Kaspersky Lab.)  [HKLM]-- {04CF7FBD-E56C-446D-8FC9-DD444BDBEE8E}
O42 - Logiciel: Freedom Scientific XQilla 2.0 - (.Freedom Scientific.)  [HKLM]-- {283F4698-9A83-4D53-976C-0A6D29ACC6E7}
O42 - Logiciel: Freedom Scientific Braille - (.Freedom Scientific.)  [HKLM]-- {2AD45E41-2EA5-485E-81C7-9CE47A1D5BC3}
O42 - Logiciel: HP Security Assistant - (.Hewlett-Packard Company.)  [HKLM]-- {42719DC3-4982-47DD-B025-B21C4BDD504D}  =>.© Hewlett-Packard Company
O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 - (.Microsoft Corporation.)  [HKLM]-- {4B6C7001-C7D6-3710-913E-5BC23FCE91E6}  =>.© Microsoft Corporation
O42 - Logiciel: Freedom Scientific WOW64 Proxy - (.Freedom Scientific.)  [HKLM]-- {5691110B-7FF5-4622-95FC-63AF49E4C4EB}
O42 - Logiciel: HP Launch Box - (.Hewlett-Packard Company.)  [HKLM]-- {5A847522-375C-4D05-BD3D-88C450CC047F}  =>.© Hewlett-Packard Company
O42 - Logiciel: Intel® Trusted Connect Service Client - (.Intel Corporation.)  [HKLM]-- {6199B534-A1B6-46ED-873B-97B0ECF8F81E}  =>.© Intel Corporation
O42 - Logiciel: Freedom Scientific UIAHooks 1.0 - (.Freedom Scientific.)  [HKLM]-- {6C654742-DA97-4B78-B1CA-A0859A9B1243}
O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 - (.Microsoft Corporation.)  [HKLM]-- {8220EEFE-38CD-377E-8595-13398D740ACE}  =>.© Microsoft Corporation
O42 - Logiciel: Freedom Scientific Document Server - (.Freedom Scientific.)  [HKLM]-- {8E508198-1782-4ABD-AB02-246357C7AF41}
O42 - Logiciel: Office 15 Click-to-Run Licensing Component - (.Microsoft Corporation.)  [HKLM]-- {90150000-008F-0000-1000-0000000FF1CE}  =>.© Microsoft Corporation
O42 - Logiciel: Freedom Scientific FSRibbonSrv 1.0 - (.Freedom Scientific.)  [HKLM]-- {9FDFA3D9-C04C-4123-811D-DBD3F574F431}
O42 - Logiciel: Freedom Scientific Utilities - (.Freedom Scientific.)  [HKLM]-- {A334FFCA-53ED-4C84-9A60-48CA885382AB}
O42 - Logiciel: Freedom Scientific Synth - (.Freedom Scientific.)  [HKLM]-- {A82CCA82-3219-42A5-9AF4-E29F56D02E36}
O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable (x64) - (.Microsoft Corporation.)  [HKLM]-- {ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}  =>.© Microsoft Corporation
O42 - Logiciel: Freedom Scientific Elevation - (.Freedom Scientific.)  [HKLM]-- {AF6A5953-FE5F-451C-BD86-D0EB3F76A6E0}
O42 - Logiciel: Microsoft .NET Framework 4 Client Profile PTB Language Pack - (.Microsoft Corporation.)  [HKLM]-- {B7693CDE-074B-301C-9584-FC4343696C8B}  =>.© Microsoft Corporation
O42 - Logiciel: HP Auto - (.Hewlett-Packard Company.)  [HKLM]-- {CC4D56B7-6F18-470B-8734-ABCD75BCF4F1}  =>.© Hewlett-Packard Company
O42 - Logiciel: Microsoft .NET Framework 4 Client Profile - (.Microsoft Corporation.)  [HKLM]-- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}  =>.© Microsoft Corporation
~ 82  Softwares scanned in 0 second(s)


---\\ HKCU & HKLM Software Registry Keys
HKLM\SOFTWARE\Acro Software Inc
HKLM\SOFTWARE\Atheros  =>.© Atheros
HKLM\SOFTWARE\ATI Technologies  =>.© ATI Technologies
HKLM\SOFTWARE\CBSTEST
HKLM\SOFTWARE\CXT
HKLM\SOFTWARE\Cyberlink  =>.© Cyberlink
HKLM\SOFTWARE\DivX
HKLM\SOFTWARE\Freedom Scientific
HKLM\SOFTWARE\HaaliMkx
HKLM\SOFTWARE\Hewlett-Packard  =>.© Hewlett-Packard
HKLM\SOFTWARE\HPQ
HKLM\SOFTWARE\Huawei technologies
HKLM\SOFTWARE\InstalledOptions
HKLM\SOFTWARE\Intel  =>.© Intel
HKLM\SOFTWARE\Khronos
HKLM\SOFTWARE\LEXMARK
HKLM\SOFTWARE\Macromedia  =>.© Macromedia
HKLM\SOFTWARE\Microsoft  =>.© Microsoft
HKLM\SOFTWARE\Mozilla  =>.© Mozilla
HKLM\SOFTWARE\MozillaPlugins  =>.© MozillaPlugins
HKLM\SOFTWARE\ODBC
HKLM\SOFTWARE\Piriform  =>.© Piriform
HKLM\SOFTWARE\Realtek  =>.© Realtek
HKLM\SOFTWARE\Realtek Semiconductor Corp.  =>.© Realtek Semiconductor Corp.
HKLM\SOFTWARE\RTLSetup
HKLM\SOFTWARE\SAMSUNG  =>.© SAMSUNG
HKLM\SOFTWARE\Sonic
HKLM\SOFTWARE\SRS Labs  =>.© SRS Labs
HKLM\SOFTWARE\Synaptics  =>.© Synaptics
HKLM\SOFTWARE\Wow6432Node\7-Zip
HKLM\SOFTWARE\Wow6432Node\Acro Software Inc
HKLM\SOFTWARE\Wow6432Node\Adobe  =>.© Adobe
HKLM\SOFTWARE\Wow6432Node\AdwCleaner
HKLM\SOFTWARE\Wow6432Node\Avaya
HKLM\SOFTWARE\Wow6432Node\Caphyon
HKLM\SOFTWARE\Wow6432Node\CyberLink  =>.© CyberLink
HKLM\SOFTWARE\Wow6432Node\Disc Soft
HKLM\SOFTWARE\Wow6432Node\DivX
HKLM\SOFTWARE\Wow6432Node\DivXNetworks
HKLM\SOFTWARE\Wow6432Node\Eset
HKLM\SOFTWARE\Wow6432Node\Evernote
HKLM\SOFTWARE\Wow6432Node\Freedom Scientific
HKLM\SOFTWARE\Wow6432Node\Google  =>.© Google
HKLM\SOFTWARE\Wow6432Node\GPL Ghostscript
HKLM\SOFTWARE\Wow6432Node\Hewlett-Packard  =>.© Hewlett-Packard
HKLM\SOFTWARE\Wow6432Node\Huawei technologies
HKLM\SOFTWARE\Wow6432Node\Insyde
HKLM\SOFTWARE\Wow6432Node\Intel  =>.© Intel
HKLM\SOFTWARE\Wow6432Node\JavaSoft  =>.© JavaSoft
HKLM\SOFTWARE\Wow6432Node\JreMetrics
HKLM\SOFTWARE\Wow6432Node\KasperskyLab
HKLM\SOFTWARE\Wow6432Node\Khronos
HKLM\SOFTWARE\Wow6432Node\Macromedia  =>.© Macromedia
HKLM\SOFTWARE\Wow6432Node\Macrovision  =>.© Macrovision
HKLM\SOFTWARE\Wow6432Node\Malwarebytes' Anti-Malware  =>.© Malwarebytes' Anti-Malware
HKLM\SOFTWARE\Wow6432Node\Microsoft  =>.© Microsoft
HKLM\SOFTWARE\Wow6432Node\Mozilla  =>.© Mozilla
HKLM\SOFTWARE\Wow6432Node\mozilla.org  =>.© mozilla.org
HKLM\SOFTWARE\Wow6432Node\MozillaPlugins  =>.© MozillaPlugins
HKLM\SOFTWARE\Wow6432Node\NokiaFREE Unlock Codes Calculator
HKLM\SOFTWARE\Wow6432Node\Nuance
HKLM\SOFTWARE\Wow6432Node\ODBC
HKLM\SOFTWARE\Wow6432Node\OldTimer Tools
HKLM\SOFTWARE\Wow6432Node\ORL
HKLM\SOFTWARE\Wow6432Node\PDFComplete
HKLM\SOFTWARE\Wow6432Node\PGWARE
HKLM\SOFTWARE\Wow6432Node\Piriform  =>.© Piriform
HKLM\SOFTWARE\Wow6432Node\Rainbow Technologies
HKLM\SOFTWARE\Wow6432Node\Realtek  =>.© Realtek
HKLM\SOFTWARE\Wow6432Node\Realtek Semiconductor Corp.  =>.© Realtek Semiconductor Corp.
HKLM\SOFTWARE\Wow6432Node\Safenet Sentinel
HKLM\SOFTWARE\Wow6432Node\SAP
HKLM\SOFTWARE\Wow6432Node\Symantec  =>.© Symantec
HKLM\SOFTWARE\Wow6432Node\TeamViewer
HKLM\SOFTWARE\Wow6432Node\TrendMicro  =>.© TrendMicro
HKLM\SOFTWARE\Wow6432Node\UltraVnc
HKLM\SOFTWARE\Wow6432Node\WildTangent  =>.© WildTangent
HKLM\SOFTWARE\Wow6432Node\WinRAR
HKLM\SOFTWARE\Wow6432Node\WorldUnlock Codes Calculator
HKCU\Software\Adobe  =>.© Adobe
HKCU\Software\ESET
HKCU\Software\Hewlett-Packard  =>.© Hewlett-Packard
HKCU\Software\Intel  =>.© Intel
HKCU\Software\KasperskyLab
HKCU\Software\Macromedia  =>.© Macromedia
HKCU\Software\Malwarebytes' Anti-Malware  =>.© Malwarebytes' Anti-Malware
HKCU\Software\Microsoft  =>.© Microsoft
HKCU\Software\Piriform  =>.© Piriform
HKCU\Software\Synaptics  =>.© Synaptics
HKCU\Software\WinRAR
HKCU\Software\ZebHelpProcess Helper
HKCU\Software\AppDataLow\Software\Microsoft  =>.© Microsoft
~ 92  Software Keys scanned in 0 second(s)


---\\ Contents of the Common Files folders (O43)
O43 - CFD: 30/08/2013 - 09:51:28 - [] ----D- C:\Program Files (x86)\7-Zip  =>.©
O43 - CFD: 29/08/2013 - 14:47:27 - [] ----D- C:\Program Files (x86)\Acro Software
O43 - CFD: 29/08/2013 - 14:43:49 - [] ----D- C:\Program Files (x86)\Adobe  =>.©
O43 - CFD: 30/08/2013 - 12:01:05 - [] ----D- C:\Program Files (x86)\Avaya
O43 - CFD: 14/07/2009 - 00:20:08 - [] ----D- C:\Program Files (x86)\Common Files
O43 - CFD: 28/05/2013 - 20:08:13 - [] ----D- C:\Program Files (x86)\CyberLink  =>.©
O43 - CFD: 07/03/2014 - 17:09:20 - [] ----D- C:\Program Files (x86)\DAEMON Tools Lite  =>.©
O43 - CFD: 29/08/2013 - 14:53:05 - [] ----D- C:\Program Files (x86)\EASEUS
O43 - CFD: 23/01/2014 - 13:57:48 - [] ----D- C:\Program Files (x86)\Emsisoft Anti-Malware
O43 - CFD: 18/08/2014 - 13:36:03 - [] ----D- C:\Program Files (x86)\ESET
O43 - CFD: 22/05/2012 - 17:20:47 - [] ----D- C:\Program Files (x86)\Evernote
O43 - CFD: 16/05/2014 - 13:01:50 - [] ----D- C:\Program Files (x86)\Freedom Scientific
O43 - CFD: 29/08/2013 - 14:44:56 - [] ----D- C:\Program Files (x86)\GPLGS
O43 - CFD: 22/05/2012 - 17:16:02 - [] ----D- C:\Program Files (x86)\Hewlett-Packard  =>.©
O43 - CFD: 26/08/2014 - 08:36:53 - [] ----D- C:\Program Files (x86)\Hp
O43 - CFD: 22/05/2012 - 17:21:52 - [] ----D- C:\Program Files (x86)\HP Games  =>.©
O43 - CFD: 05/09/2013 - 09:06:44 - [] ----D- C:\Program Files (x86)\InstallAffixationInfo
O43 - CFD: 22/05/2012 - 17:32:44 - [] --H-D- C:\Program Files (x86)\InstallShield Installation Information  =>.©
O43 - CFD: 28/05/2013 - 19:56:54 - [] ----D- C:\Program Files (x86)\Intel
O43 - CFD: 14/07/2009 - 00:20:08 - [] ----D- C:\Program Files (x86)\Internet Explorer  =>.©
O43 - CFD: 30/08/2013 - 11:19:43 - [] ----D- C:\Program Files (x86)\Java
O43 - CFD: 21/08/2014 - 07:22:02 - [] ----D- C:\Program Files (x86)\Kaspersky Lab  =>.©
O43 - CFD: 06/06/2014 - 10:18:19 - [] ----D- C:\Program Files (x86)\Malwarebytes' Anti-Malware  =>.©
O43 - CFD: 28/05/2013 - 20:11:51 - [] ----D- C:\Program Files (x86)\Microsoft  =>.© Microsoft
O43 - CFD: 30/08/2013 - 08:28:01 - [] ----D- C:\Program Files (x86)\Microsoft Office  =>.© Microsoft
O43 - CFD: 22/05/2012 - 17:26:57 - [] ----D- C:\Program Files (x86)\Microsoft Silverlight  =>.© Microsoft
O43 - CFD: 30/08/2013 - 08:30:43 - [] ----D- C:\Program Files (x86)\Microsoft SkyDrive  =>.© Microsoft
O43 - CFD: 07/11/2013 - 14:11:13 - [] ----D- C:\Program Files (x86)\Mozilla Firefox  =>.©
O43 - CFD: 03/07/2014 - 16:05:48 - [] ----D- C:\Program Files (x86)\Mozilla Maintenance Service  =>.©
O43 - CFD: 14/07/2009 - 02:32:38 - [] ----D- C:\Program Files (x86)\MSBuild  =>.©
O43 - CFD: 30/08/2013 - 09:59:05 - [] ----D- C:\Program Files (x86)\OCS Inventory Agent
O43 - CFD: 22/05/2012 - 17:20:15 - [] R---D- C:\Program Files (x86)\Online Services
O43 - CFD: 28/05/2013 - 19:59:06 - [] ----D- C:\Program Files (x86)\Realtek  =>.©
O43 - CFD: 14/07/2009 - 02:32:38 - [] ----D- C:\Program Files (x86)\Reference Assemblies  =>.©
O43 - CFD: 07/03/2014 - 16:54:00 - [] ----D- C:\Program Files (x86)\Rosetta Stone  =>.©
O43 - CFD: 29/08/2013 - 14:54:04 - [] ----D- C:\Program Files (x86)\SAP
O43 - CFD: 10/09/2013 - 20:01:35 - [] ----D- C:\Program Files (x86)\Scpad
O43 - CFD: 28/05/2013 - 20:12:14 - [] ----D- C:\Program Files (x86)\SymSilent  =>.©
O43 - CFD: 28/05/2013 - 19:59:06 - [0] --H-D- C:\Program Files (x86)\Temp
O43 - CFD: 29/08/2013 - 15:18:42 - [] ----D- C:\Program Files (x86)\UltraVNC
O43 - CFD: 14/07/2009 - 01:57:06 - [0] --H-D- C:\Program Files (x86)\Uninstall Information
O43 - CFD: 08/08/2014 - 14:12:01 - [] ----D- C:\Program Files (x86)\VIVO INTERNET
O43 - CFD: 14/07/2009 - 02:32:38 - [] ----D- C:\Program Files (x86)\Windows Defender  =>.©
O43 - CFD: 22/05/2012 - 17:27:40 - [] ----D- C:\Program Files (x86)\Windows Live  =>.©
O43 - CFD: 14/07/2009 - 00:20:08 - [] ----D- C:\Program Files (x86)\Windows Mail  =>.©
O43 - CFD: 14/07/2009 - 02:32:38 - [] ----D- C:\Program Files (x86)\Windows Media Player  =>.©
O43 - CFD: 14/07/2009 - 00:20:08 - [] ----D- C:\Program Files (x86)\Windows NT
O43 - CFD: 14/07/2009 - 02:32:38 - [] ----D- C:\Program Files (x86)\Windows Photo Viewer  =>.©
O43 - CFD: 14/07/2009 - 02:32:38 - [] ----D- C:\Program Files (x86)\Windows Portable Devices  =>.©
O43 - CFD: 14/07/2009 - 02:32:38 - [] ----D- C:\Program Files (x86)\Windows Sidebar  =>.©
O43 - CFD: 28/05/2013 - 20:03:23 - [] ----D- C:\Program Files (x86)\Windows Virtual PC  =>.©
O43 - CFD: 30/08/2013 - 09:33:40 - [] ----D- C:\Program Files (x86)\WinRAR  =>.©
O43 - CFD: 22/07/2014 - 13:30:57 - [] ----D- C:\Program Files (x86)\WorldUnlock Codes Calculator  =>.©
O43 - CFD: 26/08/2014 - 09:26:12 - [] ----D- C:\Program Files (x86)\ZHPDiag  =>.©
O43 - CFD: 29/08/2013 - 14:43:49 - [] ----D- C:\Program Files (x86)\Common Files\Adobe  =>.©
O43 - CFD: 21/08/2014 - 07:22:21 - [] ----D- C:\Program Files (x86)\Common Files\Cisco Systems  =>.©
O43 - CFD: 30/08/2013 - 08:30:24 - [] ----D- C:\Program Files (x86)\Common Files\DESIGNER  =>.©
O43 - CFD: 01/12/2013 - 19:57:37 - [] ----D- C:\Program Files (x86)\Common Files\DivX Shared
O43 - CFD: 28/05/2013 - 19:59:04 - [] ----D- C:\Program Files (x86)\Common Files\InstallShield  =>.©
O43 - CFD: 28/05/2013 - 20:07:22 - [] ----D- C:\Program Files (x86)\Common Files\Intel Corporation  =>.©
O43 - CFD: 30/08/2013 - 11:19:56 - [] ----D- C:\Program Files (x86)\Common Files\Java
O43 - CFD: 07/03/2014 - 16:54:16 - [] ----D- C:\Program Files (x86)\Common Files\Macrovision Shared  =>.©
O43 - CFD: 14/07/2009 - 00:20:08 - [] ----D- C:\Program Files (x86)\Common Files\microsoft shared  =>.©
O43 - CFD: 28/05/2013 - 20:00:27 - [] ----D- C:\Program Files (x86)\Common Files\postureAgent  =>.©
O43 - CFD: 30/08/2013 - 12:01:05 - [] ----D- C:\Program Files (x86)\Common Files\SafeNet Sentinel
O43 - CFD: 29/08/2013 - 14:55:00 - [] ----D- C:\Program Files (x86)\Common Files\SAP Shared
O43 - CFD: 14/07/2009 - 00:20:08 - [] ----D- C:\Program Files (x86)\Common Files\Services
O43 - CFD: 14/07/2009 - 00:20:08 - [] ----D- C:\Program Files (x86)\Common Files\SpeechEngines  =>.©
O43 - CFD: 14/07/2009 - 00:20:08 - [] ----D- C:\Program Files (x86)\Common Files\System
O43 - CFD: 22/05/2012 - 17:26:43 - [] ----D- C:\Program Files (x86)\Common Files\Windows Live  =>.©
O43 - CFD: 30/08/2013 - 09:51:29 - [] ----D- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip  =>.©
O43 - CFD: 14/07/2009 - 00:20:08 - [] R---D- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
O43 - CFD: 14/07/2009 - 02:32:38 - [] R---D- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools  =>.©
O43 - CFD: 18/08/2014 - 11:51:39 - [] ----D- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
O43 - CFD: 22/05/2012 - 17:26:28 - [] R---D- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Communication and Chat
O43 - CFD: 29/08/2013 - 14:47:28 - [] ----D- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CutePDF
O43 - CFD: 22/05/2012 - 17:25:58 - [] R---D- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eReaders and Document Viewers
O43 - CFD: 08/08/2014 - 13:40:41 - [0] ----D- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
O43 - CFD: 01/12/2013 - 19:55:21 - [] ----D- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Haali Media Splitter
O43 - CFD: 28/05/2013 - 20:10:46 - [] R---D- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP Help and Support
O43 - CFD: 28/05/2013 - 19:58:18 - [] R---D- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
O43 - CFD: 30/08/2013 - 12:05:01 - [] ----D- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IP Office
O43 - CFD: 21/08/2014 - 14:34:35 - [] ----D- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Endpoint Security 10 para Windows
O43 - CFD: 14/07/2009 - 00:20:08 - [] R---D- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance
O43 - CFD: 06/06/2014 - 10:18:21 - [] ----D- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware  =>.©
O43 - CFD: 14/07/2014 - 11:11:43 - [] ----D- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013  =>.© Microsoft
O43 - CFD: 22/05/2012 - 17:27:13 - [] ----D- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight  =>.© Microsoft
O43 - CFD: 29/08/2013 - 13:44:55 - [] R---D- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Music, Photos and Videos
O43 - CFD: 22/07/2014 - 10:17:59 - [] ----D- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NokiaFREE Calculator  =>.©
O43 - CFD: 22/05/2012 - 17:20:51 - [] R---D- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Productivity and Tools
O43 - CFD: 29/08/2013 - 14:54:49 - [] ----D- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SAP Front End
O43 - CFD: 22/05/2012 - 17:24:21 - [] R---D- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Security and Protection
O43 - CFD: 14/07/2009 - 00:20:08 - [] R---D- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
O43 - CFD: 08/08/2014 - 14:15:17 - [] ----D- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VIVO INTERNET
O43 - CFD: 28/05/2013 - 20:03:23 - [] R---D- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Virtual PC  =>.©
O43 - CFD: 30/08/2013 - 09:33:42 - [] ----D- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR  =>.©
O43 - CFD: 22/07/2014 - 13:30:57 - [] ----D- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WorldUnlock Calculator  =>.©
O43 - CFD: 26/08/2014 - 09:26:14 - [] ----D- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZHP  =>.©
O43 - CFD: 29/08/2013 - 14:42:41 - [] ----D- C:\ProgramData\Adobe  =>.©
O43 - CFD: 14/07/2009 - 02:08:56 - [?] -SH-D- C:\ProgramData\Application Data  =>.©
O43 - CFD: 27/03/2014 - 09:30:02 - [] ----D- C:\ProgramData\Applications
O43 - CFD: 28/05/2013 - 19:58:21 - [] ----D- C:\ProgramData\Atheros  =>.©
O43 - CFD: 02/09/2013 - 14:27:07 - [] ----D- C:\ProgramData\CyberLink  =>.©
O43 - CFD: 29/08/2013 - 13:43:52 - [?] -SH-D- C:\ProgramData\Dados de aplicativos
O43 - CFD: 07/03/2014 - 16:51:33 - [] ----D- C:\ProgramData\DAEMON Tools Lite  =>.©
O43 - CFD: 02/10/2013 - 15:24:52 - [] ----D- C:\ProgramData\DatacardService
O43 - CFD: 14/07/2009 - 02:08:56 - [?] -SH-D- C:\ProgramData\Desktop  =>.©
O43 - CFD: 29/08/2013 - 13:43:52 - [?] -SH-D- C:\ProgramData\Documentos
O43 - CFD: 14/07/2009 - 02:08:56 - [?] -SH-D- C:\ProgramData\Documents  =>.©
O43 - CFD: 14/07/2009 - 02:08:56 - [?] -SH-D- C:\ProgramData\Favorites  =>.©
O43 - CFD: 29/08/2013 - 13:43:52 - [?] -SH-D- C:\ProgramData\Favoritos
O43 - CFD: 22/05/2012 - 17:26:28 - [] ----D- C:\ProgramData\Hewlett-Packard  =>.©
O43 - CFD: 28/05/2013 - 20:01:19 - [] ----D- C:\ProgramData\Intel
O43 - CFD: 21/08/2014 - 07:24:37 - [] ----D- C:\ProgramData\Kaspersky Lab  =>.©
O43 - CFD: 20/08/2014 - 13:57:40 - [] ----D- C:\ProgramData\KasperskyLab  =>.©
O43 - CFD: 23/12/2013 - 01:24:39 - [] ----D- C:\ProgramData\Log
O43 - CFD: 25/11/2013 - 13:33:46 - [] ----D- C:\ProgramData\Malwarebytes  =>.©
O43 - CFD: 29/08/2013 - 13:43:52 - [?] -SH-D- C:\ProgramData\Menu Iniciar
O43 - CFD: 14/07/2009 - 00:20:08 - [] -S--D- C:\ProgramData\Microsoft  =>.© Microsoft
O43 - CFD: 30/08/2013 - 08:30:33 - [] ----D- C:\ProgramData\Microsoft OneDrive  =>.© Microsoft
O43 - CFD: 06/03/2014 - 11:40:49 - [] ----D- C:\ProgramData\MobileBrServ
O43 - CFD: 29/08/2013 - 13:43:52 - [?] -SH-D- C:\ProgramData\Modelos
O43 - CFD: 04/10/2013 - 14:24:47 - [] ----D- C:\ProgramData\Mozilla  =>.©
O43 - CFD: 28/05/2013 - 20:10:03 - [] ----D- C:\ProgramData\Norton  =>.©
O43 - CFD: 28/05/2013 - 20:09:38 - [] ----D- C:\ProgramData\NortonInstaller  =>.©
O43 - CFD: 07/03/2014 - 16:54:00 - [] ----D- C:\ProgramData\Rosetta Stone  =>.©
O43 - CFD: 18/10/2013 - 11:19:22 - [] ----D- C:\ProgramData\Samsung  =>.©
O43 - CFD: 22/05/2012 - 17:26:24 - [] ----D- C:\ProgramData\Skype  =>.©
O43 - CFD: 14/07/2009 - 02:08:56 - [?] -SH-D- C:\ProgramData\Start Menu
O43 - CFD: 30/08/2013 - 11:19:56 - [] ----D- C:\ProgramData\Sun
O43 - CFD: 28/05/2013 - 20:18:49 - [] ----D- C:\ProgramData\Synaptics  =>.©
O43 - CFD: 28/05/2013 - 20:07:17 - [] ----D- C:\ProgramData\Temp
O43 - CFD: 14/07/2009 - 02:08:56 - [?] -SH-D- C:\ProgramData\Templates  =>.©
O43 - CFD: 07/08/2014 - 14:52:30 - [] ----D- C:\ProgramData\VIVO INTERNET
O43 - CFD: 22/05/2012 - 17:21:41 - [] ----D- C:\ProgramData\WildTangent  =>.©
O43 - CFD: 14/09/2013 - 20:46:31 - [] ----D- C:\ProgramData\{9BF4D58B-C6D6-467B-BC5A-FD0C1278F4AF}
O43 - CFD: 29/08/2013 - 13:43:52 - [?] -SH-D- C:\ProgramData\Microsoft\Windows\Start Menu\Programas
O43 - CFD: 14/07/2009 - 00:20:08 - [] R---D- C:\ProgramData\Microsoft\Windows\Start Menu\Programs  =>.©
O43 - CFD: 18/08/2014 - 09:41:08 - [?] -SH-D- C:\Users\Administrador\AppData\Local\Dados de aplicativos
O43 - CFD: 18/08/2014 - 09:41:08 - [?] -SH-D- C:\Users\Administrador\AppData\Local\Histórico
O43 - CFD: 18/08/2014 - 09:41:07 - [] ----D- C:\Users\Administrador\AppData\Local\Microsoft  =>.© Microsoft
O43 - CFD: 18/08/2014 - 11:37:18 - [] ----D- C:\Users\Administrador\AppData\Local\Mozilla  =>.©
O43 - CFD: 18/08/2014 - 11:53:30 - [] ----D- C:\Users\Administrador\AppData\Local\Programs  =>.©
O43 - CFD: 22/08/2014 - 08:41:59 - [] ----D- C:\Users\Administrador\AppData\Local\Temp
O43 - CFD: 18/08/2014 - 09:41:08 - [?] -SH-D- C:\Users\Administrador\AppData\Local\Temporary Internet Files  =>.©
O43 - CFD: 18/08/2014 - 09:42:01 - [] ----D- C:\Users\Administrador\AppData\Roaming\Adobe  =>.©
O43 - CFD: 18/08/2014 - 09:41:46 - [] ----D- C:\Users\Administrador\AppData\Roaming\Identities
O43 - CFD: 18/08/2014 - 09:42:46 - [] ----D- C:\Users\Administrador\AppData\Roaming\Intel Corporation  =>.©
O43 - CFD: 21/08/2014 - 11:21:29 - [] ----D- C:\Users\Administrador\AppData\Roaming\Macromedia  =>.©
O43 - CFD: 18/08/2014 - 13:17:33 - [] ----D- C:\Users\Administrador\AppData\Roaming\Malwarebytes  =>.©
O43 - CFD: 18/08/2014 - 09:41:07 - [0] ----D- C:\Users\Administrador\AppData\Roaming\Media Center Programs  =>.©
O43 - CFD: 18/08/2014 - 09:41:07 - [] -S--D- C:\Users\Administrador\AppData\Roaming\Microsoft  =>.© Microsoft
O43 - CFD: 18/08/2014 - 11:37:18 - [] ----D- C:\Users\Administrador\AppData\Roaming\Mozilla  =>.©
O43 - CFD: 18/08/2014 - 09:42:37 - [] ----D- C:\Users\Administrador\AppData\Roaming\Synaptics  =>.©
O43 - CFD: 18/08/2014 - 09:42:40 - [] ----D- C:\Users\Administrador\AppData\Roaming\WinRAR  =>.©
O43 - CFD: 26/08/2014 - 09:26:12 - [] ----D- C:\Users\Administrador\AppData\Roaming\ZHP  =>.©
~ 156  Folders found in 0 second(s)
avatar
suportevam
Iniciante
Iniciante

Mensagens : 23
Reputação : 0
Data de inscrição : 18/08/2014

Voltar ao Topo Ir em baixo

(RESOLVIDO) computador com malware baidu e outros

Mensagem por suportevam em Ter 26 Ago 2014, 11:01

---\\ Last modified or created files under Windows and System32 (O44)
O44 - LFC:[MD5.00000000000000000000000000000000] - ----D- . (...) -- C:\Windows\ELAMBKUP   [0]
O44 - LFC:[MD5.00000000000000000000000000000000] - ----D- . (...) -- C:\Windows\ERUNT   [0]
O44 - LFC:[MD5.1DFE69CD24456F1ACC337AFCC3F01909] - ---A-- . (...) -- C:\Windows\ntbtlog.txt   [208296]
O44 - LFC:[MD5.4AF91A1C14243253FBECC1DDAC6264D3] - ---A-- . (...) -- C:\Windows\PFRO.log   [8152]
O44 - LFC:[MD5.2C13AF5EFEAF221ED4F862C1EBBBEA40] - ---A-- . (...) -- C:\Windows\setupact.log   [2018]
O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - ---A-- . (...) -- C:\Windows\setuperr.log   [0]
O44 - LFC:[MD5.00000000000000000000000000000000] - ----D- . (...) -- C:\Windows\Temp   [0]
~ 7  Last Acceded System File scanned in 1 second(s)




---\\ Local Security Authority-LSA Deny (O48)
O48 - LSA:Local Security Authority Authentication Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\Windows\System32\msv1_0.dll  =>.© Microsoft
O48 - LSA:Local Security Authority Notification Packages . (.Microsoft Corporation - Mecanismo cliente do 'Editor de configuraçã.) -- C:\Windows\System32\scecli.dll  =>.© Microsoft
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Pacote de Segurança Kerberos.) -- C:\Windows\System32\kerberos.dll  =>.© Microsoft
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\Windows\System32\msv1_0.dll  =>.© Microsoft
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - TLS / SSL Security Provider.) -- C:\Windows\System32\schannel.dll  =>.© Microsoft
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Digest Access.) -- C:\Windows\System32\wdigest.dll  =>.© Microsoft
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Web Service Security Package.) -- C:\Windows\System32\tspkg.dll  =>.© Microsoft
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Pku2u Security Package.) -- C:\Windows\System32\pku2u.dll  =>.© Microsoft
~ 8  Local Security Authority found in 0 second(s)


---\\ Safe Boot Control (O49)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sermouse.sys . (.Microsoft Corporation - Driver de porta de mouse serial.) -- C:\Windows\System32\drivers\sermouse.sys  =>.© Microsoft
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\Windows\System32\drivers\vga.sys  =>.© Microsoft
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vgasave.sys . (...) -- C:\Windows\System32\drivers\vgasave.sys (.not file.)  =>.©
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\System32\drivers\volmgr.sys  =>.© Microsoft
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgrx.sys . (.Microsoft Corporation - Driver de Extensão do Gerenciador de Volume.) -- C:\Windows\System32\drivers\volmgrx.sys  =>.© Microsoft
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ipnat.sys . (.Microsoft Corporation - IP Network Address Translator.) -- C:\Windows\System32\drivers\ipnat.sys  =>.© Microsoft
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\nsiproxy.sys . (.Microsoft Corporation - NSI Proxy.) -- C:\Windows\System32\drivers\nsiproxy.sys  =>.© Microsoft
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpencdd.sys . (.Microsoft Corporation - RDP Encoder Miniport.) -- C:\Windows\System32\drivers\rdpencdd.sys  =>.© Microsoft
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sermouse.sys . (.Microsoft Corporation - Driver de porta de mouse serial.) -- C:\Windows\System32\drivers\sermouse.sys  =>.© Microsoft
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\Windows\System32\drivers\vga.sys  =>.© Microsoft
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vgasave.sys . (...) -- C:\Windows\System32\drivers\vgasave.sys (.not file.)  =>.©
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\System32\drivers\volmgr.sys  =>.© Microsoft
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgrx.sys . (.Microsoft Corporation - Driver de Extensão do Gerenciador de Volume.) -- C:\Windows\System32\drivers\volmgrx.sys  =>.© Microsoft
~ 13  Safe Boot Control scanned in 0 second(s)


---\\
O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\Windows\System32\credssp.dll  =>.© Microsoft
~ 1 Control Security Providers scanned in 0 second(s)


---\\ System Drivers List (SDL) (O58)
O58 - SDL:[MD5.79059559E89D06E8B80CE2944BE20228] - 18/11/2013-11:00:23 . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) -- C:\Windows\system32\drivers\afd.sys   [497152]  =>.© Microsoft
O58 - SDL:[MD5.61583EE3C3A17003C4ACD0475646B4D3] - 13/07/2009-20:35:59 . (.Microsoft Corporation - BLB Drive Driver.) -- C:\Windows\system32\drivers\blbdrive.sys   [45056]  =>.© Microsoft
O58 - SDL:[MD5.F036CE71586E93D94DAB220D7BDF4416] - 21/11/2010-00:23:47 . (.Microsoft Corporation - SCSI CD-ROM Driver.) -- C:\Windows\system32\DRIVERS\cdrom.sys   [147456]  =>.© Microsoft
O58 - SDL:[MD5.54DA3DFD29ED9F1619B6F53F3CE55E49] - 21/11/2010-00:24:41 . (.Microsoft Corporation - Windows Client Side Caching Driver.) -- C:\Windows\system32\drivers\csc.sys   [514560]  =>.© Microsoft
O58 - SDL:[MD5.9BB2EF44EAA163B29C4A4587887A0FE4] - 21/11/2010-00:24:32 . (.Microsoft Corporation - DFS Namespace Client Driver.) -- C:\Windows\system32\Drivers\dfsc.sys   [102400]  =>.© Microsoft
O58 - SDL:[MD5.13096B05847EC78F0977F2C0F79E9AB3] - 13/07/2009-20:37:18 . (.Microsoft Corporation - System Indexer/Cache Driver.) -- C:\Windows\system32\drivers\discache.sys   [40448]  =>.© Microsoft
O58 - SDL:[MD5.6A0E850DDCB136AA3D2FB7234382DF12] - 07/03/2014-17:09:25 . (.Disc Soft Ltd - DAEMON Tools Virtual Bus Driver.) -- C:\Windows\system32\DRIVERS\dtsoftbus01.sys   [283064]
O58 - SDL:[MD5.8D95B55F012EDF844009C689F2240442] - 21/08/2014-07:25:31 . (.Kaspersky Lab ZAO - Klfltdev Pnp device filter [fre_wlh_amd64].) -- C:\Windows\system32\DRIVERS\klfltdev.sys   [30816]
O58 - SDL:[MD5.447E039420F56F4B11DA001FC9DDA1F4] - 21/08/2014-07:24:28 . (.Kaspersky Lab ZAO - Klif Mini-Filter [fre_wlh_x64].) -- C:\Windows\system32\DRIVERS\klif.sys   [661600]
O58 - SDL:[MD5.31B69BFF28348503E4BD10C2A4F66D05] - 21/08/2014-07:25:31 . (.Kaspersky Lab ZAO - Kaspersky Lab Intermediate Network Driver.) -- C:\Windows\system32\DRIVERS\klim6.sys   [29792]
O58 - SDL:[MD5.50965746A05FE99565A0FBE0B5BFB666] - 21/08/2014-07:25:31 . (.Kaspersky Lab ZAO - Network filtering component.) -- C:\Windows\system32\DRIVERS\kltdi.sys   [54104]
O58 - SDL:[MD5.59B9817EEC41F6A4F7AEB1829F92A851] - 21/08/2014-07:25:31 . (.Kaspersky Lab ZAO - KNEPS Power.) -- C:\Windows\system32\DRIVERS\kneps.sys   [177760]
O58 - SDL:[MD5.1538831CF8AD2979A04C423779465827] - 13/07/2009-21:08:51 . (.Microsoft Corporation - Link-Layer Topology Mapper I/O Driver.) -- C:\Windows\system32\DRIVERS\lltdio.sys   [60928]  =>.© Microsoft
O58 - SDL:[MD5.43D0F98E1D56CCDDB0D5254CFF7B356E] - 13/07/2009-20:26:13 . (.Microsoft Corporation - Driver do Filtro de Virtualização do Arquiv.) -- C:\Windows\system32\drivers\luafv.sys   [113152]  =>.© Microsoft
O58 - SDL:[MD5.0EED230E37515A0EAEE3C2E1BC97B288] - 13/07/2009-20:31:10 . (.Microsoft Corporation - System Management BIOS Driver.) -- C:\Windows\system32\drivers\mssmbios.sys   [32320]  =>.© Microsoft
O58 - SDL:[MD5.86743D9F5D2B1048062B14B1D84501C4] - 13/07/2009-21:09:26 . (.Microsoft Corporation - NetBIOS interface driver.) -- C:\Windows\system32\DRIVERS\netbios.sys   [44544]  =>.© Microsoft
O58 - SDL:[MD5.09594D1089C523423B32A4229263F068] - 21/11/2010-00:23:51 . (.Microsoft Corporation - MBT Transport driver.) -- C:\Windows\system32\DRIVERS\netbt.sys   [261632]  =>.© Microsoft
O58 - SDL:[MD5.E7F5AE18AF4168178A642A9247C63001] - 13/07/2009-20:21:03 . (.Microsoft Corporation - NSI Proxy.) -- C:\Windows\system32\drivers\nsiproxy.sys   [24576]  =>.© Microsoft
O58 - SDL:[MD5.68769C3356B3BE5D1C732C97B9A80D6E] - 13/07/2009-20:51:01 . (.Microsoft Corporation - Protected Environment Authentication and Au.) -- C:\Windows\system32\drivers\peauth.sys   [651264]  =>.© Microsoft
O58 - SDL:[MD5.0557CF5A2556BD58E26384169D72438D] - 21/11/2010-00:24:08 . (.Microsoft Corporation - Agendador de pacotes de serviço.) -- C:\Windows\system32\DRIVERS\pacer.sys   [131584]  =>.© Microsoft
O58 - SDL:[MD5.77F665941019A1594D887A74F301FA2F] - 21/11/2010-00:24:08 . (.Microsoft Corporation - Driver do Subsistema de Buffer da Unidade R.) -- C:\Windows\system32\DRIVERS\rdbss.sys   [309248]  =>.© Microsoft
O58 - SDL:[MD5.CEA6CC257FC9B7715F1C2B4849286D24] - 13/07/2009-21:16:34 . (.Microsoft Corporation - RDP Miniport.) -- C:\Windows\system32\DRIVERS\RDPCDD.sys   [7680]  =>.© Microsoft
O58 - SDL:[MD5.BB5971A4F00659529A5C44831AF22365] - 13/07/2009-21:16:34 . (.Microsoft Corporation - RDP Encoder Miniport.) -- C:\Windows\system32\drivers\rdpencdd.sys   [7680]  =>.© Microsoft
O58 - SDL:[MD5.216F3FA57533D98E1F74DED70113177A] - 13/07/2009-21:16:35 . (.Microsoft Corporation - RDP Reflector Driver Miniport.) -- C:\Windows\system32\drivers\rdprefmp.sys   [8192]  =>.© Microsoft
O58 - SDL:[MD5.DDC86E4F8E7456261E637E3552E804FF] - 13/07/2009-21:08:51 . (.Microsoft Corporation - Link-Layer Topology Responder Driver for ND.) -- C:\Windows\system32\DRIVERS\rspndr.sys   [76800]  =>.© Microsoft
O58 - SDL:[MD5.255476B54C82A89416EFDF09FD62F107] - 16/05/2014-13:03:18 . (.SafeNet, Inc. - Sentinel System Driver (NT Parallel x64 dri.) -- C:\Windows\System32\Drivers\Sentinel64.sys   [145448]
O58 - SDL:[MD5.1B16D0BD9841794A6E0CDE0CEF744ABC] - 30/08/2013-11:00:22 . (.Microsoft Corporation - TCP/IP Registry Compatibility Driver.) -- C:\Windows\system32\drivers\tcpipreg.sys   [45568]  =>.© Microsoft
O58 - SDL:[MD5.DDAD5A7AB24D8B65F8D724F5C20FD806] - 21/11/2010-00:24:32 . (.Microsoft Corporation - TDI Translation Driver.) -- C:\Windows\system32\DRIVERS\tdx.sys   [119296]  =>.© Microsoft
O58 - SDL:[MD5.561E7E1F06895D78DE991E01DD0FB6E5] - 21/11/2010-00:23:47 . (.Microsoft Corporation - Remote Desktop Server Driver.) -- C:\Windows\system32\drivers\termdd.sys   [63360]  =>.© Microsoft
O58 - SDL:[MD5.53E92A310193CB3C03BEA963DE7D9CFC] - 13/07/2009-20:38:48 . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\Windows\System32\drivers\vga.sys   [29184]  =>.© Microsoft
O58 - SDL:[MD5.E675FB2B48C54F09895482E2253B289C] - 28/05/2013-20:02:23 . (.Microsoft Corporation - Virtual PC Network Filter Driver.) -- C:\Windows\system32\DRIVERS\vpcnfltr.sys   [59392]  =>.© Microsoft
O58 - SDL:[MD5.207B6539799CC1C112661A9B620DD233] - 28/05/2013-20:02:22 . (.Microsoft Corporation - Monitor da Máquina Virtual do Virtual PC.) -- C:\Windows\system32\drivers\vpcvmm.sys   [360832]  =>.© Microsoft
O58 - SDL:[MD5.6A3D66263414FF0D6FA754C646612F3F] - 13/07/2009-21:07:22 . (.Microsoft Corporation - Virtual WiFi Filter Driver.) -- C:\Windows\system32\DRIVERS\vwififlt.sys   [59904]  =>.© Microsoft
O58 - SDL:[MD5.356AFD78A6ED4457169241AC3965230C] - 21/11/2010-00:24:11 . (.Microsoft Corporation - MS Remote Access and Routing ARP Driver.) -- C:\Windows\system32\DRIVERS\wanarp.sys   [88576]  =>.© Microsoft
O58 - SDL:[MD5.611B23304BF067451A9FDEE01FBDD725] - 13/07/2009-21:09:26 . (.Microsoft Corporation - WFP NDIS 6.20 Lightweight Filter Driver.) -- C:\Windows\system32\DRIVERS\wfplwf.sys   [12800]  =>.© Microsoft
~ 35  System Drivers scanned in 0 second(s)


---\\ Last modified or created user files (O61)
O61 - LFC: 18/08/2014 - 09:41:58 -SHA-- . (...) -- C:\Users\Administrador\Downloads\desktop.ini   [282]
O61 - LFC: 18/08/2014 - 13:33:12 ---A-- . (.ESET - ESET Smart Installer.) -- C:\Users\Administrador\Downloads\esetsmartinstaller_ptg.exe   [2347384]
~ 2  Last File Acceded scanned in 0 second(s)


---\\ List all legacy services(LALS) (O64)
---\\ List all legacy services(LALS) (O64)
O64 - Services: CurCS - Beep (Beep)  .(.Microsoft Corporation - Beep Driver.) -- LEGACY_BEEP  =>.© Microsoft Corporation
O64 - Services: CurCS - Beep (Beep)  .(.Microsoft Corporation - Beep Driver.) -- LEGACY_BEEP  =>.© Microsoft Corporation
O64 - Services: CurCS - C:\Program Files (x86)\Emsisoft Anti-Malware\cleanhlp64.sys (cleanhlp)  .(...) - LEGACY_CLEANHLP
O64 - Services: CurCS - C:\Program Files (x86)\Emsisoft Anti-Malware\cleanhlp64.sys (cleanhlp)  .(...) - LEGACY_CLEANHLP
O64 - Services: CurCS - FAT12/16/32 File System Driver (fastfat)  .(...) - LEGACY_FASTFAT
O64 - Services: CurCS - FAT12/16/32 File System Driver (fastfat)  .(...) - LEGACY_FASTFAT
O64 - Services: CurCS - C:\Windows\system32\DRIVERS\kl1.sys (KL1)  .(.Kaspersky Lab ZAO - Kaspersky Unified Driver.) -- LEGACY_KL1
O64 - Services: CurCS - C:\Windows\system32\DRIVERS\kl1.sys (KL1)  .(.Kaspersky Lab ZAO - Kaspersky Unified Driver.) -- LEGACY_KL1
O64 - Services: CurCS - C:\Windows\system32\DRIVERS\klif.sys (KLIF)  .(.Kaspersky Lab ZAO - Klif Mini-Filter [fre_wlh_x64].) -- LEGACY_KLIF
O64 - Services: CurCS - C:\Windows\system32\DRIVERS\klif.sys (KLIF)  .(.Kaspersky Lab ZAO - Klif Mini-Filter [fre_wlh_x64].) -- LEGACY_KLIF
O64 - Services: CurCS - C:\Windows\system32\DRIVERS\klim6.sys (KLIM6)  .(.Kaspersky Lab ZAO - Kaspersky Lab Intermediate Network Driver.) -- LEGACY_KLIM6
O64 - Services: CurCS - C:\Windows\system32\DRIVERS\klim6.sys (KLIM6)  .(.Kaspersky Lab ZAO - Kaspersky Lab Intermediate Network Driver.) -- LEGACY_KLIM6
O64 - Services: CurCS - C:\Windows\system32\DRIVERS\kltdi.sys (kltdi)  .(.Kaspersky Lab ZAO - Network filtering component.) -- LEGACY_KLTDI
O64 - Services: CurCS - C:\Windows\system32\DRIVERS\kltdi.sys (kltdi)  .(.Kaspersky Lab ZAO - Network filtering component.) -- LEGACY_KLTDI
O64 - Services: CurCS - C:\Windows\system32\DRIVERS\kneps.sys (kneps)  .(.Kaspersky Lab ZAO - KNEPS Power.) -- LEGACY_KNEPS
O64 - Services: CurCS - C:\Windows\system32\DRIVERS\kneps.sys (kneps)  .(.Kaspersky Lab ZAO - KNEPS Power.) -- LEGACY_KNEPS
O64 - Services: CurCS - RDP Winstation Driver (RDPWD)  .(...) - LEGACY_RDPWD
O64 - Services: CurCS - RDP Winstation Driver (RDPWD)  .(...) - LEGACY_RDPWD
O64 - Services: CurCS - Security Driver (secdrv)  .(...) - LEGACY_SECDRV
O64 - Services: CurCS - Security Driver (secdrv)  .(...) - LEGACY_SECDRV
O64 - Services: CurCS - C:\Windows\System32\Drivers\Sentinel64.sys (Sentinel64)  .(.SafeNet, Inc. - Sentinel System Driver (NT Parallel x64 dri.) -- LEGACY_SENTINEL64
O64 - Services: CurCS - C:\Windows\System32\Drivers\Sentinel64.sys (Sentinel64)  .(.SafeNet, Inc. - Sentinel System Driver (NT Parallel x64 dri.) -- LEGACY_SENTINEL64
O64 - Services: CurCS - Security Processor Loader Driver (spldr)  .(...) - LEGACY_SPLDR
~ 12  Legacy Keys found in 23 second(s)


O64 - Services: CurCS - Security Processor Loader Driver (spldr)  .(...) - LEGACY_SPLDR
~ 12  Legacy Keys found in 5 second(s)


---\\ File Associations Shell Spawning (O67)
---\\ File Associations Shell Spawning (O67)
O67 - Shell Spawning: <.bat> [HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.bat> [HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.cpl> [HKLM\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe
O67 - Shell Spawning: <.cpl> [HKLM\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe
O67 - Shell Spawning: <.cmd> [HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.cmd> [HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.com> [HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.com> [HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.evt> [HKLM\..\open\Command] (.Microsoft Corporation - Iniciador do snap-in de 'Visualizar eventos.) -- C:\Windows\system32\eventvwr.exe
O67 - Shell Spawning: <.evt> [HKLM\..\open\Command] (.Microsoft Corporation - Iniciador do snap-in de 'Visualizar eventos.) -- C:\Windows\system32\eventvwr.exe
O67 - Shell Spawning: <.exe> [HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.exe> [HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.html> [HKLM\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O67 - Shell Spawning: <.html> [HKLM\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O67 - Shell Spawning: <.js> [HKLM\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\WScript.exe
O67 - Shell Spawning: <.js> [HKLM\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\WScript.exe
O67 - Shell Spawning: <.reg> [HKLM\..\open\Command] (.Microsoft Corporation - Editor do Registro.) -- C:\Windows\System32\regedit.exe
O67 - Shell Spawning: <.reg> [HKLM\..\open\Command] (.Microsoft Corporation - Editor do Registro.) -- C:\Windows\System32\regedit.exe
O67 - Shell Spawning: <.scr> [HKLM\..\open\Command] (...) -- "%1" /S
~ 10  File Association Shell Spawning scanned in 0 second(s)
O67 - Shell Spawning: <.scr> [HKLM\..\open\Command] (...) -- "%1" /S


~ 10  File Association Shell Spawning scanned in 0 second(s)


---\\ Start Menu Internet (SMI) (O68)
---\\ Start Menu Internet (SMI) (O68)
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] . (...) -- firefox.exe  =>.© Mozilla
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] . (...) -- firefox.exe  =>.© Mozilla
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] . (...) -- iexplore.exe  =>.© Microsoft
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] . (...) -- iexplore.exe  =>.© Microsoft
O68 - StartMenuInternet: [HKLM\..\InstallInfo\ShowIconsCommand] . (.Mozilla Corporation - Firefox Helper.) -- C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe  =>.Mozilla Corporation
O68 - StartMenuInternet: [HKLM\..\InstallInfo\ShowIconsCommand] . (.Mozilla Corporation - Firefox Helper.) -- C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe  =>.Mozilla Corporation
O68 - StartMenuInternet: [HKLM\..\InstallInfo\ShowIconsCommand] . (.Microsoft Corporation - Utilitário de Inicialização por Usuário do .) -- C:\Windows\System32\ie4uinit.exe  =>.Microsoft Corporation
O68 - StartMenuInternet: [HKLM\..\InstallInfo\ShowIconsCommand] . (.Microsoft Corporation - Utilitário de Inicialização por Usuário do .) -- C:\Windows\System32\ie4uinit.exe  =>.Microsoft Corporation
O68 - StartMenuInternet: [HKLM\..\InstallInfo\ReinstallCommand] . (.Mozilla Corporation - Firefox Helper.) -- C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe  =>.Mozilla Corporation
oration
O68 - StartMenuInternet: [HKLM\..\InstallInfo\ReinstallCommand] . (.Microsoft Corporation - Utilitário de Inicialização por Usuário do .) -- C:\Windows\System32\ie4uinit.exe  =>.Microsoft Corporation
O68 - StartMenuInternet: [HKLM\..\InstallInfo\HideIconsCommand] . (.Microsoft Corporation - Utilitário de Inicialização por Usuário do .) -- C:\Windows\System32\ie4uinit.exe  =>.Microsoft Corporation
O68 - StartMenuInternet: [HKLM\..\InstallInfo\HideIconsCommand] . (.Microsoft Corporation - Utilitário de Inicialização por Usuário do .) -- C:\Windows\System32\ie4uinit.exe  =>.Microsoft Corporation
~ 8  Start Menu Internet found in 0 second(s)
~ 8  Start Menu Internet found in 0 second(s)




---\\ Search Browser Infection (SBI) (O69)
---\\ Search Browser Infection (SBI) (O69)
O69 - SBI: SearchScopes [HKCU] {012E1000-F331-11DB-8314-0800200C9A66} [DefaultScope] - (Google) - [Você precisa estar registrado e conectado para ver este link.]
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} [DefaultScope] - (Bing) - [Você precisa estar registrado e conectado para ver este link.]
~ 2  Search Browser Infection scanned in 0 second(s)


O69 - SBI: SearchScopes [HKCU] {012E1000-F331-11DB-8314-0800200C9A66} [DefaultScope] - (Google) - [Você precisa estar registrado e conectado para ver este link.]
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} [DefaultScope] - (Bing) - [Você precisa estar registrado e conectado para ver este link.]
~ 2  Search Browser Infection scanned in 0 second(s)


---\\ General States of Services not Microsoft (EGS) (SR=Running, SS=Stopped)
---\\ General States of Services not Microsoft (EGS) (SR=Running, SS=Stopped)
SR - | Auto 29/01/2014-09:08:04 65432 || Adobe Acrobat Update Service (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
SS - | Demand 22/05/2012-17:20:25 253600 || Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
SR - | Auto 28/05/2013-19:59:06 98208 || Andrea RT Filters Service (AERTFilters) . (.Andrea Electronics Corporation.) - C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
SR - | Auto 21/08/2014-07:25:02 741360 || Serviço do Kaspersky Endpoint Security (AVP) . (.Kaspersky Lab ZAO.) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Endpoint Security 10 para Windows\avp.exe
SS - | Demand 21/12/2012-10:52:28 277616 || Intel(R) Content Protection HECI Service (cphs) . (.Intel Corporation.) - C:\Windows\SysWow64\IntelCpHeciSvc.exe
SR - | Auto 29/01/2014-09:08:04 65432 || Adobe Acrobat Update Service (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
SS - | Demand 56/56/64340-52168:119:63620 0 || @%SystemRoot%\system32\efssvc.dll,-100 (EFS) . (...) - C:\Windows\System32\lsass.exe (.not file.)
SS - | Demand 22/05/2012-17:20:25 253600 || Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
SS - | Demand 56/56/64340-51160:119:63620 0 || @%systemroot%\system32\fxsresm.dll,-118 (Fax) . (...) - C:\Windows\system32\fxssvc.exe (.not file.)
SR - | Auto 28/05/2013-19:59:06 98208 || Andrea RT Filters Service (AERTFilters) . (.Andrea Electronics Corporation.) - C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
SR - | Auto 21/08/2014-07:25:02 741360 || Serviço do Kaspersky Endpoint Security (AVP) . (.Kaspersky Lab ZAO.) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Endpoint Security 10 para Windows\avp.exe
SS - | Demand 07/03/2014-16:54:16 655624 || FLEXnet Licensing Service (FLEXnet Licensing Service) . (.Acresso Software Inc..) - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
SS - | Demand 21/12/2012-10:52:28 277616 || Intel(R) Content Protection HECI Service (cphs) . (.Intel Corporation.) - C:\Windows\SysWow64\IntelCpHeciSvc.exe
SR - | Demand 14/09/2013-20:47:40 994688 || HP Software Framework Service (hpqwmiex) . (.Hewlett-Packard Company.) - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
SS - | Demand 36/36/62924-28336:73:62204 0 || @%SystemRoot%\system32\efssvc.dll,-100 (EFS) . (...) - C:\Windows\System32\lsass.exe (.not file.)
SR - | Auto 26/08/2014-08:36:55 72992 || HP Support Solutions Framework Service (HPSupportSolutionsFrameworkService) . (.Hewlett-Packard Company.) - C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe
SS - | Demand 36/36/62924-27328:73:62204 0 || @%systemroot%\system32\fxsresm.dll,-118 (Fax) . (...) - C:\Windows\system32\fxssvc.exe (.not file.)
SR - | Auto 22/05/2012-17:20:09 35200 || HPWMISVC (HPWMISVC) . (.Hewlett-Packard Development Company, L.P..) - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
SS - | Demand 07/03/2014-16:54:16 655624 || FLEXnet Licensing Service (FLEXnet Licensing Service) . (.Acresso Software Inc..) - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
SR - | Auto 08/08/2014-14:15:06 351824 || HWDeviceService64.exe (HWDeviceService64.exe) . (...) - C:\ProgramData\DatacardService\HWDeviceService64.exe
SR - | Demand 14/09/2013-20:47:40 994688 || HP Software Framework Service (hpqwmiex) . (.Hewlett-Packard Company.) - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
SR - | Auto 28/05/2013-19:58:07 13592 || Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
SR - | Auto 26/08/2014-08:36:55 72992 || HP Support Solutions Framework Service (HPSupportSolutionsFrameworkService) . (.Hewlett-Packard Company.) - C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe
SR - | Auto 28/05/2013-20:01:19 607456 || Intel(R) Capability Licensing Service Interface (Intel(R) Capability Licensing Service Interface) . (.Intel(R) Corporation.) - C:\Program Files\Intel\iCLS Client\HeciServer.exe
SR - | Auto 22/05/2012-17:20:09 35200 || HPWMISVC (HPWMISVC) . (.Hewlett-Packard Development Company, L.P..) - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
SR - | Auto 28/05/2013-20:01:30 161560 || Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
SR - | Auto 08/08/2014-14:15:06 351824 || HWDeviceService64.exe (HWDeviceService64.exe) . (...) - C:\ProgramData\DatacardService\HWDeviceService64.exe
SR - | Auto 21/08/2014-07:22:19 132600 || Kaspersky Lab Network Agent (klnagent) . (.Kaspersky Lab ZAO.) - C:\Program Files (x86)\Kaspersky Lab\NetworkAgent\klnagent.exe
SR - | Auto 28/05/2013-19:58:07 13592 || Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
SR - | Auto 19/03/2014-14:09:14 239184 || Mobile Broadband HL Service (Mobile Broadband HL Service) . (...) - C:\ProgramData\MobileBrServ\mbbservice.exe
SR - | Auto 28/05/2013-20:01:19 607456 || Intel(R) Capability Licensing Service Interface (Intel(R) Capability Licensing Service Interface) . (.Intel(R) Corporation.) - C:\Program Files\Intel\iCLS Client\HeciServer.exe
SS - | Demand 03/07/2014-16:05:49 119408 || Mozilla Maintenance Service (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
SR - | Auto 28/05/2013-20:01:30 161560 || Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
SR - | Auto 30/08/2013-09:59:20 69632 || OCS INVENTORY SERVICE (OCS INVENTORY) . (.http://www.ocsinventory-ng.org.) - C:\Program Files (x86)\OCS Inventory Agent\ocsservice.exe
SR - | Auto 21/08/2014-07:22:19 132600 || Kaspersky Lab Network Agent (klnagent) . (.Kaspersky Lab ZAO.) - C:\Program Files (x86)\Kaspersky Lab\NetworkAgent\klnagent.exe
SR - | Auto 30/08/2013-11:27:40 245832 || Realtek Audio Service (RtkAudioService) . (.Realtek Semiconductor.) - C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
SR - | Auto 19/03/2014-14:09:14 239184 || Mobile Broadband HL Service (Mobile Broadband HL Service) . (...) - C:\ProgramData\MobileBrServ\mbbservice.exe
SR - | Auto 10/09/2013-20:01:36 360624 || scpVista (scpVista) . (.Banco Bradesco S.A..) - C:\Program Files (x86)\Scpad\scpVista.exe
SS - | Demand 03/07/2014-16:05:49 119408 || Mozilla Maintenance Service (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
SR - | Auto 30/08/2013-12:02:18 316992 || Sentinel Keys Server (SentinelKeysServer) . (.SafeNet, Inc..) - C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Keys Server\sntlkeyssrvr.exe
SR - | Auto 30/08/2013-09:59:20 69632 || OCS INVENTORY SERVICE (OCS INVENTORY) . (.http://www.ocsinventory-ng.org.) - C:\Program Files (x86)\OCS Inventory Agent\ocsservice.exe
SS - | Demand 56/56/64340-30480:123:63620 0 ||  (SrvHsfHDA) . (...) - C:\Windows\system32\DRIVERS\VSTAZL6.SYS (.not file.)
SR - | Auto 30/08/2013-11:27:40 245832 || Realtek Audio Service (RtkAudioService) . (.Realtek Semiconductor.) - C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
SS - | Demand 56/56/64340-31200:123:63620 0 ||  (SrvHsfV92) . (...) - C:\Windows\system32\DRIVERS\VSTDPV6.SYS (.not file.)
SR - | Auto 10/09/2013-20:01:36 360624 || scpVista (scpVista) . (.Banco Bradesco S.A..) - C:\Program Files (x86)\Scpad\scpVista.exe
SS - | Demand 56/56/64340-30840:123:63620 0 ||  (SrvHsfWinac) . (...) - C:\Windows\system32\DRIVERS\VSTCNXT6.SYS (.not file.)
SR - | Auto 30/08/2013-12:02:18 316992 || Sentinel Keys Server (SentinelKeysServer) . (.SafeNet, Inc..) - C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Keys Server\sntlkeyssrvr.exe
SR - | Auto 28/05/2013-20:00:53 363800 || Intel(R) Management and Security Application User Notification Service (UNS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
SS - | Demand 36/36/62924-34016:767:62204 0 ||  (SrvHsfHDA) . (...) - C:\Windows\system32\DRIVERS\VSTAZL6.SYS (.not file.)
SR - | Auto 29/08/2013-15:18:49 2015968 || uvnc_service (uvnc_service) . (.UltraVNC.) - C:\Program Files (x86)\UltraVNC\WinVNC.exe
SS - | Demand 36/36/62924-36680:767:62204 0 ||  (SrvHsfV92) . (...) - C:\Windows\system32\DRIVERS\VSTDPV6.SYS (.not file.)
SS - | Auto 08/08/2014-14:13:44 650320 || VIVO INTERNET. OUC (VIVO INTERNET. RunOuc) . (...) - C:\Program Files (x86)\VIVO INTERNET\UpdateDog\ouc.exe
SS - | Demand 36/36/62924-33944:767:62204 0 ||  (SrvHsfWinac) . (...) - C:\Windows\system32\DRIVERS\VSTCNXT6.SYS (.not file.)
SS - | Demand 56/56/64340-31056:123:63620 0 || @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) . (...) - C:\Windows\system32\Wat\WatAdminSvc.exe (.not file.)
SR - | Auto 28/05/2013-20:00:53 363800 || Intel(R) Management and Security Application User Notification Service (UNS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
SR - | Auto 17/09/2013-07:58:01 712704 || VNC Server (winvnc) . (.UltraVNC.) - C:\Arquivos de programas\UltraVNC\WinVNC.exe
~ 30  Services scanned in 1 second(s)


SR - | Auto 29/08/2013-15:18:49 2015968 || uvnc_service (uvnc_service) . (.UltraVNC.) - C:\Program Files (x86)\UltraVNC\WinVNC.exe
SS - | Auto 08/08/2014-14:13:44 650320 || VIVO INTERNET. OUC (VIVO INTERNET. RunOuc) . (...) - C:\Program Files (x86)\VIVO INTERNET\UpdateDog\ouc.exe
SS - | Demand 36/36/62924-34304:767:62204 0 || @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) . (...) - C:\Windows\system32\Wat\WatAdminSvc.exe (.not file.)
SR - | Auto 17/09/2013-07:58:01 712704 || VNC Server (winvnc) . (.UltraVNC.) - C:\Arquivos de programas\UltraVNC\WinVNC.exe
~ 30  Services scanned in 1 second(s)


---\\ Search of Tracing Keys (O100)
HKLM\SOFTWARE\WOW6432Node\Microsoft\Tracing\BingBar_RASAPI32  =>Toolbar.Bing
~ 1 Search Tracing Keys scanned in 0 second(s)


---\\ Search of Tracing Keys (O100)
HKLM\SOFTWARE\WOW6432Node\Microsoft\Tracing\BingBar_RASAPI32  =>Toolbar.Bing
~ 1 Search Tracing Keys scanned in 0 second(s)


---\\ Scan Additionnel (O88 )
Database Version : 13036 (30/03/2014)
Clés trouvées (Keys found) : 0
Dossiers trouvés  (Folders found) :  0
Fichiers trouvés  (Files found) :  0


~ Additionnal Scan: 112889 Items scanned in 5 seconds


---\\ Cleanup with ZHPFix script
Script ZHPFix
FirewallRaz
EmptyPrefetch
EmptyTemp
EmptyFlash
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer]  NoActiveDesktopChanges: Modified
[HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowMyGames: Modified
HKLM\SOFTWARE\WOW6432Node\Microsoft\Tracing\BingBar_RASAPI32  =>Toolbar.Bing
~ ATTENTION, this script is given by way of indication, it must be validated by an disinfection expert.
~ 9  ZHPFix Script Files found in 0 second(s)



~ End of the scan (0/896 lines) in 48 seconds)---\\ Scan Additionnel (O88 )
Database Version : 13036 (30/03/2014)
Clés trouvées (Keys found) : 0
Dossiers trouvés  (Folders found) :  0
Fichiers trouvés  (Files found) :  0


~ Additionnal Scan: 112889 Items scanned in 5 seconds


---\\ Cleanup with ZHPFix script
Script ZHPFix
FirewallRaz
EmptyPrefetch
EmptyTemp
EmptyFlash
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer]  NoActiveDesktopChanges: Modified
[HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowMyGames: Modified
HKLM\SOFTWARE\WOW6432Node\Microsoft\Tracing\BingBar_RASAPI32  =>Toolbar.Bing
~ ATTENTION, this script is given by way of indication, it must be validated by an disinfection expert.
~ 9  ZHPFix Script Files found in 0 second(s)



~ End of the scan (0/896 lines) in 25 seconds)
avatar
suportevam
Iniciante
Iniciante

Mensagens : 23
Reputação : 0
Data de inscrição : 18/08/2014

Voltar ao Topo Ir em baixo

Re: computador com malware baidu e outros

Mensagem por Power Max em Ter 26 Ago 2014, 11:21

Nada do Baidu foi encontrado neste escaneamento.

Baixe o Farbar Recovery Scan Tool e salve-o no Desktop (Área de Trabalho)

Obs: Ao acessar o link acima, clique no botão Download Now 64-Bit Version

Execute o Farbar seguindo as dicas deste tutorial:

Analise importantes áreas do Windows com Farbar Recovery Scan Tool (versão 64 bits)

*Serão criados dois relatórios no Desktop: FRST.txt e Addition.txt

Poste estes dois relatórios em sua próxima resposta. (Obs: se não couber em uma só resposta, pode dividi-la em mais postagens).

_________________

Caixa de Dicas
= Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.

Fórum PC Brasil = O melhor da internet você encontra aqui.

Super Links = Mensagens de fé e esperança para o seu coração
avatar
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Voltar ao Topo Ir em baixo

Re: computador com malware baidu e outros

Mensagem por suportevam em Ter 26 Ago 2014, 11:48

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 25-08-2014
Ran by Administrador at 2014-08-26 11:37:15
Running from C:\Users\Administrador\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Kaspersky Endpoint Security 10 para Windows (Enabled - Up to date) {179979E8-273D-D14E-0543-2861940E4886}
AS: Kaspersky Endpoint Security 10 para Windows (Enabled - Up to date) {ACF8980C-0107-DEC0-3FF3-1313EF89023B}
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version: - )
Adobe Flash Player 11 ActiveX 64-bit (HKLM\...\Adobe Flash Player ActiveX) (Version: 11.2.202.223 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.08) - Português (HKLM-x32\...\{AC76BA86-7AD7-1046-7B44-AB0000000001}) (Version: 11.0.08 - Adobe Systems Incorporated)
CCleaner (HKLM\...\CCleaner) (Version: 4.09 - Piriform)
Controle ActiveX do Windows Live Mesh para Conexões Remotas (HKLM-x32\...\{39B3184E-0BFB-40FA-ADDC-E7E2D535CDA9}) (Version: 15.4.5722.2 - Microsoft Corporation)
CutePDF Writer 2.8 (HKLM\...\CutePDF Writer Installation) (Version: - )
CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.5.3.5010 - CyberLink Corp.)
CyberLink YouCam (x32 Version: 3.5.3.5010 - CyberLink Corp.) Hidden
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.48.1.0347 - Disc Soft Ltd)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version: - )
ESU for Microsoft Windows 7 SP1 (HKLM-x32\...\{7DA9DD7F-F4D9-40FB-BD27-69B7731DEDD9}) (Version: 5.1.3 - Hewlett-Packard)
Evernote v. 4.5.2 (HKLM-x32\...\{8CE152BA-1D16-11E1-867D-984BE15F174E}) (Version: 4.5.2.5904 - Evernote Corp.)
Freedom Scientific Braille (Version: 14.0.5420.0 - Freedom Scientific) Hidden
Freedom Scientific Document Server (Version: 15.0.9023.400 - Freedom Scientific) Hidden
Freedom Scientific Elevation (Version: 14.0.5420.0 - Freedom Scientific) Hidden
Freedom Scientific FSRibbonSrv 1.0 (Version: 14.0.5420.0 - Freedom Scientific) Hidden
Freedom Scientific Synth (Version: 14.0.5420.0 - Freedom Scientific) Hidden
Freedom Scientific Synthesizer Eloquence (x32 Version: 6.1.004 - Freedom Scientific) Hidden
Freedom Scientific UIAHooks 1.0 (Version: 14.0.5420.0 - Freedom Scientific) Hidden
Freedom Scientific Utilities (Version: 15.0.9023.400 - Freedom Scientific) Hidden
Freedom Scientific WOW64 Proxy (Version: 14.0.5420.0 - Freedom Scientific) Hidden
Freedom Scientific XQilla 2.0 (Version: 14.0.5420.0 - Freedom Scientific) Hidden
HP Auto (Version: 1.0.12935.3667 - Hewlett-Packard Company) Hidden
HP Customer Experience Enhancements (x32 Version: 6.0.1.8 - Hewlett-Packard) Hidden
HP Documentation (HKLM-x32\...\{4FAC8FE6-7EB2-47FF-A1FE-572E00EDB340}) (Version: 1.1.0.0 - Hewlett-Packard)
HP Launch Box (HKLM\...\{5A847522-375C-4D05-BD3D-88C450CC047F}) (Version: 1.1.5 - Hewlett-Packard Company)
HP On Screen Display (HKLM-x32\...\{ED1BD69A-07E3-418C-91F1-D856582581BF}) (Version: 1.3.5 - Hewlett-Packard Company)
HP Power Manager (HKLM-x32\...\{7E799992-5DA0-4A1A-9443-B1836B063FEC}) (Version: 1.4.8 - Hewlett-Packard Company)
HP Quick Launch (HKLM-x32\...\{53B17A98-5BF0-40BC-AAFF-850A357975AC}) (Version: 2.7.2 - Hewlett-Packard Company)
HP Recovery Manager (x32 Version: 2.0.0 - Hewlett-Packard) Hidden
HP Security Assistant (HKLM\...\{42719DC3-4982-47DD-B025-B21C4BDD504D}) (Version: 3.0.3 - Hewlett-Packard Company)
HP Setup (HKLM-x32\...\{438363A8-F486-4C37-834C-4955773CB3D3}) (Version: 9.1.15430.4033 - Hewlett-Packard Company)
HP Software Framework (HKLM-x32\...\{FEDCBEE7-EB9D-42F6-939C-20781814ECFB}) (Version: 4.5.6.1 - Hewlett-Packard Company)
HP Support Solutions Framework (HKLM-x32\...\{C43602FE-988C-47BA-9F9F-B95FDDAFB624}) (Version: 11.50.0031 - Hewlett-Packard Company)
Instalação do DivX (HKLM-x32\...\DivX Setup) (Version: 2.6.1.8 - DivX, LLC)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.0.0.1351 - Intel Corporation)
Intel(R) OpenCL CPU Runtime (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.2932 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.0.0.1032 - Intel Corporation)
Intel® Trusted Connect Service Client (HKLM\...\{6199B534-A1B6-46ED-873B-97B0ECF8F81E}) (Version: 1.23.216.0 - Intel Corporation)
IP Office Admin Suite (HKLM-x32\...\{87D14E59-B662-41AF-8D46-A70B44B00177}) (Version: 8.1.63 - Avaya)
Java 7 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.250 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.5 - Sun Microsystems, Inc.) Hidden
Kaspersky Endpoint Security 10 para Windows (HKLM\...\{04CF7FBD-E56C-446D-8FC9-DD444BDBEE8E}) (Version: 10.2.1.23 - Kaspersky Lab)
Kaspersky Security Center Network Agent (HKLM-x32\...\InstallWIX_{BCF4CF24-88AB-45E1-A6E6-40C8278A70C5}) (Version: 10.1.249 - Kaspersky Lab)
Kaspersky Security Center Network Agent (x32 Version: 10.1.249 - Kaspersky Lab) Hidden
Malwarebytes Anti-Malware versão 1.75.0.1300 (HKLM-x32\...\Malwarebytes' Anti-Malware_is1) (Version: 1.75.0.1300 - Malwarebytes Corporation)
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Client Profile PTB Language Pack (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft Office Home and Business 2013 - pt-br (HKLM\...\HomeBusinessRetail - pt-br) (Version: 15.0.4631.1004 - Microsoft Corporation)
Microsoft redistributable runtime DLLs VS2008 SP1(x86) (HKLM-x32\...\{A47A9101-6EB5-4314-BDA1-297880FBB908}) (Version: 9.0 - SAP AG)
Microsoft Silverlight (HKLM-x32\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 4.0.60310.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Mozilla Firefox 26.0 (x86 pt-BR) (HKLM-x32\...\Mozilla Firefox 26.0 (x86 pt-BR)) (Version: 26.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 26.0 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML4.0 redistributable (HKLM-x32\...\{44D66AD9-AE19-4AFD-BE7E-A1B44C856697}) (Version: 4.0.0.0 - SAP)
OCS Inventory Agent 4.0.5.4 (HKLM-x32\...\OCS Inventory Agent) (Version: 4.0.5.4 - OCS Inventory NG Team)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4631.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4631.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4551.1512 - Microsoft Corporation) Hidden
opensource (x32 Version: 1.0.14960.3876 - Your Company Name) Hidden
Pacote de Idiomas do Microsoft .NET Framework 4 Client Profile - Português (Brasil) (HKLM\...\Microsoft .NET Framework 4 Client Profile PTB Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.50.1123.2011 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6937 - Realtek Semiconductor Corp.)
Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.1.7601.29011 - Realtek Semiconductor Corp.)
SAP GUI for Windows 7.20 (HKLM-x32\...\SAPGUI710) (Version: 7.20 Compilation 1 - SAP)
Softphone (HKLM-x32\...\{355F7877-5D18-40D8-AD5E-966516A82A63}) (Version: 32.6.7009 - Avaya)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 16.6.1.3 - Synaptics Incorporated)
UltraVnc (HKLM-x32\...\Ultravnc2_is1) (Version: 1.0.9.62 - uvnc bvba)
UltraVNC v1.0.2 (HKLM-x32\...\{A8AD990E-355A-4413-8647-A9B168978423}_is1) (Version: 1.1.0.2 - UltraVNC)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (HKLM-x32\...\{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2468871) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (HKLM-x32\...\{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2533523) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (HKLM-x32\...\{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2600217) (Version: 1 - Microsoft Corporation)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
vcredist_x86 (HKLM-x32\...\{CEC7A786-A9C8-4EF7-BB59-6518E3B3C878}) (Version: 1.0.0 - SAP)
VIVO INTERNET (HKLM-x32\...\VIVO INTERNET) (Version: 23.009.19.00.149 - Huawei Technologies Co.,Ltd)
WinRAR 4.20 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
WorldUnlock Codes Calculator (HKLM-x32\...\WorldUnlock Codes Calculator) (Version: - )
ZHPDiag 2014 (HKLM-x32\...\ZHPDiag_is1) (Version: 2014 - Nicolas Coolman)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)


==================== Restore Points =========================

22-08-2014 11:21:19 zoek.exe restore point
25-08-2014 10:27:51 Backup do Windows
25-08-2014 10:32:30 OTM Restore Point
26-08-2014 10:15:00 zoek.exe restore point
26-08-2014 11:36:12 Installed HP Support Solutions Framework
26-08-2014 13:26:22 ZHPFix Restore System Point

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-13 23:34 - 2014-08-22 08:21 - 00000840 ____A C:\Windows\system32\Drivers\etc\hosts

127.0.0.1 localhost
::1 localhost

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {2E62B249-56FD-4D9F-9919-F18E42BFBADC} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: {3D97790A-D6C6-4223-9B11-4DB87119BD3A} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-12-17] (Piriform Ltd)
Task: {4DA0FE66-0BC7-42E1-85E3-D66DF80A9521} - System32\Tasks\MirageAgent => C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe [2012-02-10] (CyberLink)
Task: {6D740421-E577-45BD-A33A-D93610083995} - System32\Tasks\Microsoft Office 15 Sync Maintenance for {96e3b6c1-cb58-49ad-979a-67a7f07d4c79} DDNBK001.delga.com.br => C:\Program Files\Microsoft Office 15\Root\Office15\MsoSync.exe [2014-07-14] (Microsoft Corporation)
Task: {C9A1AE0F-DDE1-414E-9757-229683A83B8E} - System32\Tasks\HPCeeScheduleForgabriela.richter => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2011-07-15] (Hewlett-Packard)
Task: {DD202BAA-6C99-48E0-891D-7F2A71BAD290} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2014-06-19] (Microsoft Corporation)
Task: {E6B02776-3BC0-4007-9FE4-2368A8169CB3} - System32\Tasks\Registration => C:\Program Files (x86)\Hewlett-Packard\HP Setup\Dependencies\RemEngine.exe [2012-02-17] ()
Task: {F9B5D214-542E-4D49-8D55-D846D54F95A0} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-05-22] (Adobe Systems Incorporated)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\HPCeeScheduleForgabriela.richter.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe

==================== Loaded Modules (whitelisted) =============

2013-08-29 14:47 - 2009-11-05 07:40 - 00085504 _____ () C:\Windows\System32\cpwmon64.dll
2014-07-14 11:14 - 2014-05-20 09:19 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2013-02-06 03:10 - 2013-02-06 03:10 - 00351824 _____ () C:\ProgramData\DatacardService\HWDeviceService64.exe
2014-03-06 11:41 - 2013-01-27 23:49 - 00239184 _____ () C:\ProgramData\MobileBrServ\mbbservice.exe
2014-08-07 14:52 - 2013-08-13 23:02 - 00650320 _____ () C:\ProgramData\VIVO INTERNET\OnlineUpdate\ouc.exe
2012-02-14 14:53 - 2012-02-14 14:53 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2011-12-19 23:34 - 2011-12-19 23:34 - 00108880 _____ () C:\Program Files\Hewlett-Packard\HP LaunchBox\HPTaskBar1.exe
2014-08-07 14:52 - 2012-10-31 06:11 - 02417152 _____ () C:\ProgramData\VIVO INTERNET\OnlineUpdate\QtCore4.dll
2014-08-07 14:52 - 2009-01-10 15:32 - 00011362 _____ () C:\ProgramData\VIVO INTERNET\OnlineUpdate\mingwm10.dll
2014-08-07 14:52 - 2009-06-22 23:42 - 00043008 _____ () C:\ProgramData\VIVO INTERNET\OnlineUpdate\libgcc_s_dw2-1.dll
2014-08-07 14:52 - 2012-10-31 06:14 - 01148416 _____ () C:\ProgramData\VIVO INTERNET\OnlineUpdate\QtNetwork4.dll
2013-11-27 21:21 - 2013-11-27 21:21 - 01309888 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Endpoint Security 10 para Windows\kpcengine.2.2.dll
2013-09-04 12:37 - 2013-09-04 12:37 - 00172032 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\991a8d378a3e64b31c0f4770ba9ae071\IsdiInterop.ni.dll
2013-05-28 19:58 - 2011-11-30 01:00 - 00059392 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
2013-05-28 20:00 - 2012-01-10 18:42 - 01198872 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp => ""="Driver"

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)


==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (08/26/2014 10:45:29 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/26/2014 09:53:49 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Falha na geração de contexto de ativação para "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Erro no arquivo de manifesto ou de diretiva "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2", na linhaC:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Uma versão de componente exigida pelo aplicativo está em conflito com outra versão de componente já ativa.
Os componentes conflitantes são:.
Componente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Componente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (08/26/2014 07:45:10 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Falha na geração de contexto de ativação para "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Erro no arquivo de manifesto ou de diretiva "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2", na linhaC:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Uma versão de componente exigida pelo aplicativo está em conflito com outra versão de componente já ativa.
Os componentes conflitantes são:.
Componente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Componente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (08/26/2014 07:45:10 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Falha na geração de contexto de ativação para "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Erro no arquivo de manifesto ou de diretiva "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2", na linhaC:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Uma versão de componente exigida pelo aplicativo está em conflito com outra versão de componente já ativa.
Os componentes conflitantes são:.
Componente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Componente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (08/26/2014 07:25:49 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/25/2014 07:40:15 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/25/2014 07:32:31 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Falha dos Serviços de Criptografia ao processar a chamada de OnIdentity() no Objeto de Gravador do Sistema..


Details:
AddLegacyDriverFiles: Unable to back up image of binary Baidu Protect.

System Error:
O sistema não pode encontrar o arquivo especificado.
.

Error: (08/25/2014 07:18:20 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/22/2014 08:45:50 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/22/2014 08:11:51 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


System errors:
=============
Error: (08/26/2014 11:23:48 AM) (Source: iaStor) (EventID: 9) (User: )
Description: O dispositivo, \Device\Ide\iaStor0, não respondeu dentro do tempo limite.

Error: (08/26/2014 11:23:44 AM) (Source: iaStor) (EventID: 9) (User: )
Description: O dispositivo, \Device\Ide\iaStor0, não respondeu dentro do tempo limite.

Error: (08/26/2014 11:23:42 AM) (Source: iaStor) (EventID: 9) (User: )
Description: O dispositivo, \Device\Ide\iaStor0, não respondeu dentro do tempo limite.

Error: (08/26/2014 11:23:23 AM) (Source: iaStor) (EventID: 9) (User: )
Description: O dispositivo, \Device\Ide\iaStor0, não respondeu dentro do tempo limite.

Error: (08/26/2014 11:23:19 AM) (Source: iaStor) (EventID: 9) (User: )
Description: O dispositivo, \Device\Ide\iaStor0, não respondeu dentro do tempo limite.

Error: (08/26/2014 11:23:15 AM) (Source: iaStor) (EventID: 9) (User: )
Description: O dispositivo, \Device\Ide\iaStor0, não respondeu dentro do tempo limite.

Error: (08/26/2014 10:55:15 AM) (Source: iaStor) (EventID: 9) (User: )
Description: O dispositivo, \Device\Ide\iaStor0, não respondeu dentro do tempo limite.

Error: (08/26/2014 10:55:13 AM) (Source: iaStor) (EventID: 9) (User: )
Description: O dispositivo, \Device\Ide\iaStor0, não respondeu dentro do tempo limite.

Error: (08/26/2014 10:54:51 AM) (Source: iaStor) (EventID: 9) (User: )
Description: O dispositivo, \Device\Ide\iaStor0, não respondeu dentro do tempo limite.

Error: (08/26/2014 10:54:49 AM) (Source: iaStor) (EventID: 9) (User: )
Description: O dispositivo, \Device\Ide\iaStor0, não respondeu dentro do tempo limite.


Microsoft Office Sessions:
=========================
Error: (08/26/2014 10:45:29 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/26/2014 09:53:49 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestc:\program files (x86)\ESET\eset online scanner\ESETSmartInstaller.exe

Error: (08/26/2014 07:45:10 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Administrador\Downloads\esetsmartinstaller_ptg.exe

Error: (08/26/2014 07:45:10 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Administrador\Downloads\esetsmartinstaller_ptg.exe

Error: (08/26/2014 07:25:49 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/25/2014 07:40:15 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/25/2014 07:32:31 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description:
Details:
AddLegacyDriverFiles: Unable to back up image of binary Baidu Protect.

System Error:
O sistema não pode encontrar o arquivo especificado.

Error: (08/25/2014 07:18:20 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/22/2014 08:45:50 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/22/2014 08:11:51 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


CodeIntegrity Errors:
===================================
Date: 2014-08-26 09:52:55.140
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.

Date: 2014-08-26 09:52:55.138
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.

Date: 2014-08-26 09:52:55.135
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.

Date: 2014-08-26 09:52:46.231
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\Kaspersky Lab\Kaspersky Endpoint Security 10 para Windows\KLELAMX64\klelam.sys because the set of per-page image hashes could not be found on the system.

Date: 2014-08-26 09:52:46.228
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\Kaspersky Lab\Kaspersky Endpoint Security 10 para Windows\KLELAMX64\klelam.sys because the set of per-page image hashes could not be found on the system.

Date: 2014-08-26 09:52:46.225
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\Kaspersky Lab\Kaspersky Endpoint Security 10 para Windows\KLELAMX64\klelam.sys because the set of per-page image hashes could not be found on the system.

Date: 2014-08-20 07:36:05.111
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.

Date: 2014-08-20 07:36:05.107
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.

Date: 2014-08-20 07:36:05.104
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.

Date: 2014-08-20 07:35:59.254
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\Kaspersky Lab\Kaspersky Endpoint Security 10 para Windows\KLELAMX64\klelam.sys because the set of per-page image hashes could not be found on the system.


==================== Memory info ===========================

Processor: Intel(R) Core(TM) i3-2328M CPU @ 2.20GHz
Percentage of memory in use: 39%
Total physical RAM: 3989.36 MB
Available physical RAM: 2433.32 MB
Total Pagefile: 7976.9 MB
Available Pagefile: 6341.06 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:122.34 GB) (Free:79.3 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (Recovery) (Fixed) (Total:14.29 GB) (Free:1.57 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive g: (Dados) (Fixed) (Total:328.83 GB) (Free:251.15 GB) NTFS

==================== MBR & Partition Table ==================

==================== End Of Log ============================
avatar
suportevam
Iniciante
Iniciante

Mensagens : 23
Reputação : 0
Data de inscrição : 18/08/2014

Voltar ao Topo Ir em baixo

Re: computador com malware baidu e outros

Mensagem por suportevam em Ter 26 Ago 2014, 11:49

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 25-08-2014
Ran by Administrador (administrator) on DDNBK001 on 26-08-2014 11:36:23
Running from C:\Users\Administrador\Desktop
Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: Português (Brasil)
Internet Explorer Version 10
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: [Você precisa estar registrado e conectado para ver este link.]
Download link for 64-Bit Version: [Você precisa estar registrado e conectado para ver este link.]
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: [Você precisa estar registrado e conectado para ver este link.]

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RTKAUDIOSERVICE64.EXE
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
() C:\ProgramData\DatacardService\HWDeviceService64.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\NetworkAgent\klnagent.exe
() C:\ProgramData\MobileBrServ\mbbService.exe
(http://www.ocsinventory-ng.org) C:\Program Files (x86)\OCS Inventory Agent\OcsService.exe
(Banco Bradesco S.A.) C:\Program Files (x86)\Scpad\scpVista.exe
(SafeNet, Inc.) C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Keys Server\sntlkeyssrvr.exe
(SafeNet, Inc) C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe
(UltraVNC) C:\Program Files (x86)\UltraVNC\winvnc.exe
() C:\ProgramData\VIVO INTERNET\OnlineUpdate\ouc.exe
(UltraVNC) C:\Program Files\UltraVNC\winvnc.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Endpoint Security 10 para Windows\avp.exe
(UltraVNC) C:\Program Files (x86)\UltraVNC\winvnc.exe
(Huawei Technologies Co., Ltd.) C:\ProgramData\DatacardService\DCSHelper.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(CyberLink) C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
() C:\Program Files\Hewlett-Packard\HP LaunchBox\HPTaskBar1.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Endpoint Security 10 para Windows\avp.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SetDefault] => C:\Program Files\Hewlett-Packard\HP LaunchBox\SetDefault.exe [44880 2011-12-19] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284440 2011-11-30] (Intel Corporation)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [WinVNC] => C:\Arquivos de programas\UltraVNC\WinVNC.exe [712704 2006-06-18] (UltraVNC)
HKLM-x32\...\Run: [HPOSD] => C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe [379960 2011-08-19] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [HP Quick Launch] => C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [578944 2012-03-05] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [AVP] => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Endpoint Security 10 para Windows\avp.exe [741360 2013-11-27] (Kaspersky Lab ZAO)
HKLM Group Policy restriction on software: %HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRoot% <====== ATTENTION
HKLM Group Policy restriction on software: %HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRoot%*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRoot%System32\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ProgramFilesDir% <====== ATTENTION
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
Startup: C:\Users\gabriela.richter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Enviar para o OneNote.lnk
ShortcutTarget: Enviar para o OneNote.lnk -> C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE (Microsoft Corporation)
SSODL-x32: CompIBBrd - {A3717295-941D-416F-9384-ED1736729F1C} - C:\Program Files (x86)\Scpad\scpLIB.dll (Banco Bradesco S.A.)
ShellIconOverlayIdentifiers: SkyDrive1 -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File
ShellIconOverlayIdentifiers: SkyDrive2 -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File
ShellIconOverlayIdentifiers: SkyDrive3 -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File
ShellIconOverlayIdentifiers-x32: SkyDrive1 -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File
ShellIconOverlayIdentifiers-x32: SkyDrive2 -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File
ShellIconOverlayIdentifiers-x32: SkyDrive3 -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = [Você precisa estar registrado e conectado para ver este link.]
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = [Você precisa estar registrado e conectado para ver este link.]
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
SearchScopes: HKCU - {012E1000-F331-11DB-8314-0800200C9A66} URL = [Você precisa estar registrado e conectado para ver este link.]
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: ssh2 Class -> {2E3C3651-B19C-4DD9-A979-901EC3E930AF} -> C:\Program Files (x86)\Scpad\scpsssh2.dll (Banco Bradesco S.A.)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Handler: saphtmlp - {D1F8BD1E-7967-11D2-B43A-006094B9EADB} - No File
Handler: sapr3 - {D1F8BD1E-7967-11D2-B43A-006094B9EADB} - No File
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
Handler-x32: saphtmlp - {D1F8BD1E-7967-11D2-B43A-006094B9EADB} - c:\program files (x86)\sap\frontend\sapgui\saphtmlp.dll (SAP, Walldorf)
Handler-x32: sapr3 - {D1F8BD1E-7967-11D2-B43A-006094B9EADB} - c:\program files (x86)\sap\frontend\sapgui\saphtmlp.dll (SAP, Walldorf)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.23 192.168.0.10

FireFox:
========
FF ProfilePath: C:\Users\Administrador\AppData\Roaming\Mozilla\Firefox\Profiles\mgfhn8kg.default
FF NewTab: [Você precisa estar registrado e conectado para ver este link.]
FF DefaultSearchEngine: Google
FF SearchEngineOrder.1: Google
FF SelectedSearchEngine: Google
FF Homepage: [Você precisa estar registrado e conectado para ver este link.]
FF Keyword.URL: [Você precisa estar registrado e conectado para ver este link.]
FF Plugin: @microsoft.com/GENUINE -> C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.52 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 -> C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.25.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\4.0.60310.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll No File
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\buscape.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\mercadolivre.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-br.xml
FF Extension: Firefox Old Version Update Hotfix - C:\Users\Administrador\AppData\Roaming\Mozilla\Firefox\Profiles\mgfhn8kg.default\Extensions\firefox-hotfix@mozilla.org.xpi [2014-08-18]
FF StartMenuInternet: FIREFOX.EXE - firefox.exe

Chrome:
=======

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AVP; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Endpoint Security 10 para Windows\avp.exe [741360 2013-11-27] (Kaspersky Lab ZAO)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2356912 2014-07-19] (Microsoft Corporation)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe [72992 2014-07-07] (Hewlett-Packard Company)
R2 HWDeviceService64.exe; C:\ProgramData\DatacardService\HWDeviceService64.exe [351824 2013-02-06] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [161560 2012-01-10] (Intel Corporation)
R2 klnagent; C:\Program Files (x86)\Kaspersky Lab\NetworkAgent\klnagent.exe [132600 2013-11-19] (Kaspersky Lab ZAO)
R2 Mobile Broadband HL Service; C:\ProgramData\MobileBrServ\mbbservice.exe [239184 2013-01-27] ()
R2 OCS INVENTORY; C:\Program Files (x86)\OCS Inventory Agent\ocsservice.exe [69632 2009-04-16] (http://www.ocsinventory-ng.org) [File not signed]
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [245832 2013-06-06] (Realtek Semiconductor)
R2 scpVista; C:\Program Files (x86)\Scpad\scpVista.exe [360624 2012-10-24] (Banco Bradesco S.A.)
R2 SentinelKeysServer; C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Keys Server\sntlkeyssrvr.exe [316992 2007-04-27] (SafeNet, Inc.)
R2 SentinelProtectionServer; C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe [206400 2007-04-27] (SafeNet, Inc)
R2 uvnc_service; C:\Program Files (x86)\UltraVNC\WinVNC.exe [2015968 2012-02-14] (UltraVNC)
S2 VIVO INTERNET. RunOuc; C:\Program Files (x86)\VIVO INTERNET\UpdateDog\ouc.exe [650320 2013-08-13] ()
R2 winvnc; C:\Arquivos de programas\UltraVNC\WinVNC.exe [712704 2006-06-18] (UltraVNC) [File not signed]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-03-07] (Disc Soft Ltd)
S3 huawei_wwanecm; C:\Windows\System32\DRIVERS\ew_juwwanecm.sys [246272 2013-06-29] (Huawei Technologies Co., Ltd.)
R0 KL1; C:\Windows\System32\DRIVERS\kl1.sys [7717984 2013-09-05] (Kaspersky Lab ZAO)
U5 klflt; C:\Windows\System32\Drivers\klflt.sys [98400 2014-08-21] (Kaspersky Lab ZAO)
R1 KLFLTDEV; C:\Windows\System32\DRIVERS\klfltdev.sys [30816 2013-07-08] (Kaspersky Lab ZAO)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [661600 2014-08-21] (Kaspersky Lab ZAO)
R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [29792 2013-07-11] (Kaspersky Lab ZAO)
R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [54104 2012-11-22] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [177760 2013-07-01] (Kaspersky Lab ZAO)
S3 PortTalk; C:\Windows\SysWOW64\Drivers\PortTalk.sys [3567 2002-01-12] (Beyond Logic [Você precisa estar registrado e conectado para ver este link.] [File not signed]
S3 RSP2STOR; C:\Windows\System32\DRIVERS\RtsP2Stor.sys [260712 2012-01-30] (Realtek Semiconductor Corp.)
R2 Sentinel64; C:\Windows\System32\Drivers\Sentinel64.sys [145448 2008-07-11] (SafeNet, Inc.)
R3 SmbDrv; C:\Windows\system32\drivers\Smb_driver.sys [21264 2012-02-24] (Synaptics Incorporated)
S3 cleanhlp; \??\C:\Program Files (x86)\Emsisoft Anti-Malware\cleanhlp64.sys [X]
S3 ZTEusbmdm6k; system32\DRIVERS\ZTEusbmdm6k.sys [X]
S3 ZTEusbnmea; system32\DRIVERS\ZTEusbnmea.sys [X]
S3 ZTEusbser6k; system32\DRIVERS\ZTEusbser6k.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-08-26 11:36 - 2014-08-26 11:36 - 00015353 _____ () C:\Users\Administrador\Desktop\FRST.txt
2014-08-26 11:36 - 2014-08-26 11:36 - 00000000 ____D () C:\FRST
2014-08-26 11:35 - 2014-08-26 11:33 - 02103296 _____ (Farbar) C:\Users\Administrador\Desktop\FRST64.exe
2014-08-26 10:55 - 2014-08-26 10:55 - 00105514 _____ () C:\Users\Administrador\Desktop\NCDiag.txt
2014-08-26 10:55 - 2014-08-26 10:55 - 00000885 _____ () C:\Users\Administrador\Desktop\NCScript.txt
2014-08-26 10:54 - 2014-08-26 10:53 - 01234944 _____ (Nicolas Coolman) C:\Users\Administrador\Desktop\NCDiag.exe
2014-08-26 10:42 - 2014-08-26 10:42 - 00003196 _____ () C:\Windows\System32\Tasks\{D2961CB4-503D-4B22-A44B-E9DE77BEB569}
2014-08-26 10:42 - 2014-08-26 10:26 - 00001698 _____ () C:\Users\Administrador\Desktop\ZHPFixReport.txt
2014-08-26 09:29 - 2014-08-26 09:29 - 00031936 _____ () C:\Users\Administrador\Desktop\ZHPDiag.txt
2014-08-26 09:26 - 2014-08-26 10:55 - 00000000 ____D () C:\Users\Administrador\AppData\Roaming\ZHP
2014-08-26 09:26 - 2014-08-26 09:26 - 00001947 _____ () C:\Users\Administrador\Desktop\ZHPFix.lnk
2014-08-26 09:26 - 2014-08-26 09:26 - 00001820 _____ () C:\Users\Administrador\Desktop\ZHPDiag.lnk
2014-08-26 09:26 - 2014-08-26 09:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZHP
2014-08-26 09:26 - 2014-08-26 09:26 - 00000000 ____D () C:\Program Files (x86)\ZHPDiag
2014-08-26 09:25 - 2014-08-26 09:22 - 06860246 _____ (Nicolas Coolman ) C:\Users\Administrador\Desktop\ZHPDiag2.exe
2014-08-26 08:36 - 2014-08-26 08:36 - 00000000 ____D () C:\Program Files (x86)\Hp
2014-08-26 07:14 - 2014-08-25 09:57 - 00001332 _____ () C:\zoek-results2014-08-25-125750.log
2014-08-25 09:56 - 2014-08-22 09:02 - 00007322 _____ () C:\zoek-results2014-08-22-120202.log
2014-08-25 07:31 - 2014-08-25 07:31 - 00000000 ____D () C:\_OTM
2014-08-25 07:30 - 2014-08-25 07:28 - 00007188 _____ () C:\Users\Administrador\Desktop\otm2.txt
2014-08-25 07:29 - 2014-08-25 07:27 - 00522240 _____ (OldTimer Tools) C:\Users\Administrador\Desktop\OTM.exe
2014-08-22 09:00 - 2014-08-22 08:45 - 00050792 _____ () C:\zoek-results2014-08-22-114552.log
2014-08-22 08:21 - 2014-08-26 07:16 - 00002113 _____ () C:\zoek-results.log
2014-08-22 08:19 - 2014-08-22 08:34 - 00000000 ____D () C:\zoek_backup
2014-08-22 08:15 - 2014-08-22 08:16 - 01288704 _____ () C:\Users\Administrador\Desktop\zoek.exe
2014-08-21 14:34 - 2014-08-21 14:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Endpoint Security 10 para Windows
2014-08-21 13:31 - 2014-08-21 13:31 - 00001107 _____ () C:\Users\Administrador\Desktop\JRT.txt
2014-08-21 13:22 - 2014-08-21 13:22 - 00000000 ____D () C:\Windows\ERUNT
2014-08-21 13:21 - 2014-08-21 13:21 - 01016261 _____ (Thisisu) C:\Users\Administrador\Desktop\JRT.exe
2014-08-21 11:21 - 2014-08-21 11:21 - 00000000 ____D () C:\Users\Administrador\AppData\Roaming\Macromedia
2014-08-21 07:25 - 2014-08-21 07:25 - 00000000 ____D () C:\Windows\ELAMBKUP
2014-08-21 07:24 - 2014-08-26 10:45 - 00000000 ____D () C:\Users\Todos os Usuários\Kaspersky Lab
2014-08-21 07:24 - 2014-08-26 10:45 - 00000000 ____D () C:\ProgramData\Kaspersky Lab
2014-08-21 07:24 - 2014-08-21 07:24 - 00661600 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klif.sys
2014-08-21 07:24 - 2014-08-21 07:24 - 00098400 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klflt.sys
2014-08-21 07:22 - 2014-08-21 07:24 - 00000000 ____D () C:\Program Files (x86)\Kaspersky Lab
2014-08-20 13:57 - 2014-08-20 13:57 - 00000000 ____D () C:\Users\Todos os Usuários\KasperskyLab
2014-08-20 13:57 - 2014-08-20 13:57 - 00000000 ____D () C:\ProgramData\KasperskyLab
2014-08-18 13:36 - 2014-08-18 13:36 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-08-18 13:33 - 2014-08-18 13:34 - 02347384 _____ (ESET) C:\Users\Administrador\Downloads\esetsmartinstaller_ptg.exe
2014-08-18 13:17 - 2014-08-18 13:17 - 00000000 ____D () C:\Users\Administrador\AppData\Roaming\Malwarebytes
2014-08-18 11:54 - 2014-08-26 10:44 - 00002018 _____ () C:\Windows\setupact.log
2014-08-18 11:54 - 2014-08-26 10:43 - 00008152 _____ () C:\Windows\PFRO.log
2014-08-18 11:54 - 2014-08-18 11:54 - 00000000 _____ () C:\Windows\setuperr.log
2014-08-18 11:51 - 2014-08-18 11:51 - 00000822 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-08-18 11:51 - 2014-08-18 11:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2014-08-18 11:37 - 2014-08-18 11:37 - 00000000 ____D () C:\Users\Administrador\AppData\Roaming\Mozilla
2014-08-18 11:37 - 2014-08-18 11:37 - 00000000 ____D () C:\Users\Administrador\AppData\Local\Mozilla
2014-08-18 11:36 - 2014-08-18 11:36 - 00011450 _____ () C:\Users\Administrador\Desktop\hijackthis.log
2014-08-18 11:36 - 2014-08-18 11:32 - 00388608 _____ (Trend Micro Inc.) C:\Users\Administrador\Desktop\HijackThis.exe
2014-08-18 11:34 - 2014-08-18 11:35 - 00001644 _____ () C:\Users\Administrador\Desktop\rede_geral (192.168.0.20).lnk
2014-08-18 09:42 - 2014-08-26 10:46 - 00073608 _____ () C:\Users\Administrador\AppData\Local\GDIPFONTCACHEV1.DAT
2014-08-18 09:42 - 2014-08-26 09:32 - 00003974 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{6A930B94-AE00-4427-A1E1-CADC50B6EBA0}
2014-08-18 09:42 - 2014-08-18 09:42 - 00001389 _____ () C:\Users\Administrador\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-08-18 09:42 - 2014-08-18 09:42 - 00000000 ____D () C:\Users\Administrador\AppData\Roaming\WinRAR
2014-08-18 09:42 - 2014-08-18 09:42 - 00000000 ____D () C:\Users\Administrador\AppData\Roaming\Synaptics
2014-08-18 09:42 - 2014-08-18 09:42 - 00000000 ____D () C:\Users\Administrador\AppData\Roaming\Intel Corporation
2014-08-18 09:42 - 2014-08-18 09:42 - 00000000 ____D () C:\Users\Administrador\AppData\Roaming\Adobe
2014-08-18 09:41 - 2014-08-25 07:43 - 00000000 ____D () C:\Users\Administrador
2014-08-18 09:41 - 2014-08-18 09:42 - 00000000 ___RD () C:\Users\Administrador\Virtual Machines
2014-08-18 09:41 - 2014-08-18 09:41 - 00000020 ___SH () C:\Users\Administrador\ntuser.ini
2014-08-18 09:41 - 2014-08-18 09:41 - 00000000 _SHDL () C:\Users\Administrador\Modelos
2014-08-18 09:41 - 2014-08-18 09:41 - 00000000 _SHDL () C:\Users\Administrador\Meus documentos
2014-08-18 09:41 - 2014-08-18 09:41 - 00000000 _SHDL () C:\Users\Administrador\Menu Iniciar
2014-08-18 09:41 - 2014-08-18 09:41 - 00000000 _SHDL () C:\Users\Administrador\Documents\Minhas músicas
2014-08-18 09:41 - 2014-08-18 09:41 - 00000000 _SHDL () C:\Users\Administrador\Documents\Minhas imagens
2014-08-18 09:41 - 2014-08-18 09:41 - 00000000 _SHDL () C:\Users\Administrador\Documents\Meus vídeos
2014-08-18 09:41 - 2014-08-18 09:41 - 00000000 _SHDL () C:\Users\Administrador\Dados de aplicativos
2014-08-18 09:41 - 2014-08-18 09:41 - 00000000 _SHDL () C:\Users\Administrador\Configurações locais
2014-08-18 09:41 - 2014-08-18 09:41 - 00000000 _SHDL () C:\Users\Administrador\AppData\Roaming\Microsoft\Windows\Start Menu\Programas
2014-08-18 09:41 - 2014-08-18 09:41 - 00000000 _SHDL () C:\Users\Administrador\AppData\Local\Histórico
2014-08-18 09:41 - 2014-08-18 09:41 - 00000000 _SHDL () C:\Users\Administrador\AppData\Local\Dados de aplicativos
2014-08-18 09:41 - 2014-08-18 09:41 - 00000000 _SHDL () C:\Users\Administrador\Ambiente de rede
2014-08-18 09:41 - 2014-08-18 09:41 - 00000000 _SHDL () C:\Users\Administrador\Ambiente de impressão
2014-08-18 09:41 - 2013-08-30 08:30 - 00002110 _____ () C:\Users\Administrador\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft SkyDrive.lnk
2014-08-18 09:41 - 2009-07-14 01:54 - 00000000 ___RD () C:\Users\Administrador\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-08-18 09:41 - 2009-07-14 01:49 - 00000000 ___RD () C:\Users\Administrador\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-08-18 09:35 - 2014-08-18 09:25 - 04181856 _____ (Kaspersky Lab ZAO) C:\Users\Administrador\Desktop\tdsskiller.exe
2014-08-18 09:32 - 2014-08-21 11:07 - 00000000 ____D () C:\AdwCleaner
2014-08-18 09:31 - 2014-08-12 08:39 - 01366203 _____ () C:\Users\Administrador\Desktop\AdwCleaner.exe
2014-08-08 14:15 - 2014-08-08 14:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VIVO INTERNET
2014-08-08 14:14 - 2013-08-21 23:33 - 00375040 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ew_wwanecm.sys
2014-08-08 14:14 - 2013-08-21 23:32 - 00121728 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ew_cdcacm.sys
2014-08-08 14:14 - 2013-06-30 21:29 - 00455680 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ewusbwwan.sys
2014-08-08 14:14 - 2013-06-29 06:17 - 00246272 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ew_juwwanecm.sys
2014-08-08 14:14 - 2013-03-04 05:32 - 00110592 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ew_jucdcacm.sys
2014-08-08 14:14 - 2013-03-04 05:32 - 00091648 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ew_jubusenum.sys
2014-08-08 14:14 - 2013-03-04 05:32 - 00077312 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ew_jucdcecm.sys
2014-08-08 14:14 - 2013-03-04 05:32 - 00030720 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ew_juextctrl.sys
2014-08-08 14:14 - 2013-03-04 05:21 - 00226048 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ewusbmdm.sys
2014-08-08 14:14 - 2013-01-24 22:16 - 00109568 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ew_hwusbdev.sys
2014-08-08 14:14 - 2012-12-21 22:46 - 00014976 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ew_usbenumfilter.sys
2014-08-08 14:14 - 2010-10-08 05:59 - 00032768 _____ (Huawei Tech. Co., Ltd.) C:\Windows\system32\Drivers\ewdcsc.sys
2014-08-08 14:14 - 2010-09-26 07:09 - 00022016 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ew_hwupgrade.sys
2014-08-08 14:14 - 2010-08-05 20:43 - 01001472 _____ (DiBcom SA) C:\Windows\system32\Drivers\mod7700.sys
2014-08-08 14:12 - 2014-08-08 14:15 - 00000000 ____D () C:\Program Files (x86)\VIVO INTERNET
2014-08-08 13:40 - 2014-08-08 13:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-08-07 14:57 - 2014-08-07 14:57 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_ew_juextctrl_01007.Wdf
2014-08-07 14:52 - 2014-08-07 14:52 - 00000000 ____D () C:\Users\Todos os Usuários\VIVO INTERNET
2014-08-07 14:52 - 2014-08-07 14:52 - 00000000 ____D () C:\ProgramData\VIVO INTERNET
2014-08-05 10:43 - 2014-08-05 10:43 - 00007006 _____ () C:\Users\gabriela.richter\Downloads\Bradesco_04082014_155815.html
2014-07-30 08:03 - 2014-07-30 08:03 - 00001304 _____ () C:\Users\gabriela.richter\Desktop\Celular VIVO -.lnk
2014-07-30 08:03 - 2014-07-30 08:03 - 00001266 _____ () C:\Users\gabriela.richter\Desktop\Controle Req. Ped.lnk
2014-07-28 11:42 - 2014-07-28 11:42 - 00000044 _____ () C:\Users\gabriela.richter\AppData\Roaming\WB.CFG

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-08-26 11:36 - 2014-08-26 11:36 - 00015353 _____ () C:\Users\Administrador\Desktop\FRST.txt
2014-08-26 11:36 - 2014-08-26 11:36 - 00000000 ____D () C:\FRST
2014-08-26 11:33 - 2014-08-26 11:35 - 02103296 _____ (Farbar) C:\Users\Administrador\Desktop\FRST64.exe
2014-08-26 11:32 - 2014-06-06 09:41 - 01694390 _____ () C:\Windows\WindowsUpdate.log
2014-08-26 11:10 - 2012-05-22 17:20 - 00003840 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-08-26 11:10 - 2012-05-22 17:20 - 00000902 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-08-26 11:00 - 2009-07-14 01:45 - 00034432 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-08-26 11:00 - 2009-07-14 01:45 - 00034432 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-08-26 10:55 - 2014-08-26 10:55 - 00105514 _____ () C:\Users\Administrador\Desktop\NCDiag.txt
2014-08-26 10:55 - 2014-08-26 10:55 - 00000885 _____ () C:\Users\Administrador\Desktop\NCScript.txt
2014-08-26 10:55 - 2014-08-26 09:26 - 00000000 ____D () C:\Users\Administrador\AppData\Roaming\ZHP
2014-08-26 10:53 - 2014-08-26 10:54 - 01234944 _____ (Nicolas Coolman) C:\Users\Administrador\Desktop\NCDiag.exe
2014-08-26 10:46 - 2014-08-18 09:42 - 00073608 _____ () C:\Users\Administrador\AppData\Local\GDIPFONTCACHEV1.DAT
2014-08-26 10:45 - 2014-08-21 07:24 - 00000000 ____D () C:\Users\Todos os Usuários\Kaspersky Lab
2014-08-26 10:45 - 2014-08-21 07:24 - 00000000 ____D () C:\ProgramData\Kaspersky Lab
2014-08-26 10:44 - 2014-08-18 11:54 - 00002018 _____ () C:\Windows\setupact.log
2014-08-26 10:44 - 2013-08-30 09:55 - 00000136 _____ () C:\Windows\system32\config\netlogon.ftl
2014-08-26 10:44 - 2009-07-14 02:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-08-26 10:43 - 2014-08-18 11:54 - 00008152 _____ () C:\Windows\PFRO.log
2014-08-26 10:43 - 2009-07-14 01:45 - 00343240 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-08-26 10:42 - 2014-08-26 10:42 - 00003196 _____ () C:\Windows\System32\Tasks\{D2961CB4-503D-4B22-A44B-E9DE77BEB569}
2014-08-26 10:26 - 2014-08-26 10:42 - 00001698 _____ () C:\Users\Administrador\Desktop\ZHPFixReport.txt
2014-08-26 09:32 - 2014-08-18 09:42 - 00003974 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{6A930B94-AE00-4427-A1E1-CADC50B6EBA0}
2014-08-26 09:29 - 2014-08-26 09:29 - 00031936 _____ () C:\Users\Administrador\Desktop\ZHPDiag.txt
2014-08-26 09:26 - 2014-08-26 09:26 - 00001947 _____ () C:\Users\Administrador\Desktop\ZHPFix.lnk
2014-08-26 09:26 - 2014-08-26 09:26 - 00001820 _____ () C:\Users\Administrador\Desktop\ZHPDiag.lnk
2014-08-26 09:26 - 2014-08-26 09:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZHP
2014-08-26 09:26 - 2014-08-26 09:26 - 00000000 ____D () C:\Program Files (x86)\ZHPDiag
2014-08-26 09:22 - 2014-08-26 09:25 - 06860246 _____ (Nicolas Coolman ) C:\Users\Administrador\Desktop\ZHPDiag2.exe
2014-08-26 08:50 - 2013-09-13 11:35 - 00000376 _____ () C:\Windows\Tasks\HPCeeScheduleForgabriela.richter.job
2014-08-26 08:36 - 2014-08-26 08:36 - 00000000 ____D () C:\Program Files (x86)\Hp
2014-08-26 08:36 - 2012-05-22 17:16 - 00000000 ____D () C:\Program Files (x86)\Hewlett-Packard
2014-08-26 07:16 - 2014-08-22 08:21 - 00002113 _____ () C:\zoek-results.log
2014-08-25 09:57 - 2014-08-26 07:14 - 00001332 _____ () C:\zoek-results2014-08-25-125750.log
2014-08-25 07:43 - 2014-08-18 09:41 - 00000000 ____D () C:\Users\Administrador
2014-08-25 07:31 - 2014-08-25 07:31 - 00000000 ____D () C:\_OTM
2014-08-25 07:28 - 2014-08-25 07:30 - 00007188 _____ () C:\Users\Administrador\Desktop\otm2.txt
2014-08-25 07:27 - 2014-08-25 07:29 - 00522240 _____ (OldTimer Tools) C:\Users\Administrador\Desktop\OTM.exe
2014-08-22 09:02 - 2014-08-25 09:56 - 00007322 _____ () C:\zoek-results2014-08-22-120202.log
2014-08-22 08:45 - 2014-08-22 09:00 - 00050792 _____ () C:\zoek-results2014-08-22-114552.log
2014-08-22 08:35 - 2013-09-02 10:57 - 00000000 ____D () C:\Users\gabriela.richter
2014-08-22 08:34 - 2014-08-22 08:19 - 00000000 ____D () C:\zoek_backup
2014-08-22 08:16 - 2014-08-22 08:15 - 01288704 _____ () C:\Users\Administrador\Desktop\zoek.exe
2014-08-21 14:34 - 2014-08-21 14:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Endpoint Security 10 para Windows
2014-08-21 13:31 - 2014-08-21 13:31 - 00001107 _____ () C:\Users\Administrador\Desktop\JRT.txt
2014-08-21 13:22 - 2014-08-21 13:22 - 00000000 ____D () C:\Windows\ERUNT
2014-08-21 13:21 - 2014-08-21 13:21 - 01016261 _____ (Thisisu) C:\Users\Administrador\Desktop\JRT.exe
2014-08-21 13:20 - 2013-08-30 09:59 - 00000000 ____D () C:\Program Files (x86)\OCS Inventory Agent
2014-08-21 11:21 - 2014-08-21 11:21 - 00000000 ____D () C:\Users\Administrador\AppData\Roaming\Macromedia
2014-08-21 11:07 - 2014-08-18 09:32 - 00000000 ____D () C:\AdwCleaner
2014-08-21 07:25 - 2014-08-21 07:25 - 00000000 ____D () C:\Windows\ELAMBKUP
2014-08-21 07:24 - 2014-08-21 07:24 - 00661600 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klif.sys
2014-08-21 07:24 - 2014-08-21 07:24 - 00098400 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klflt.sys
2014-08-21 07:24 - 2014-08-21 07:22 - 00000000 ____D () C:\Program Files (x86)\Kaspersky Lab
2014-08-20 13:57 - 2014-08-20 13:57 - 00000000 ____D () C:\Users\Todos os Usuários\KasperskyLab
2014-08-20 13:57 - 2014-08-20 13:57 - 00000000 ____D () C:\ProgramData\KasperskyLab
2014-08-20 13:28 - 2012-05-22 21:23 - 00664342 _____ () C:\Windows\system32\prfh0416.dat
2014-08-20 13:28 - 2012-05-22 21:23 - 00128632 _____ () C:\Windows\system32\prfc0416.dat
2014-08-20 13:28 - 2009-07-14 02:13 - 01517030 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-08-19 09:02 - 2013-09-17 13:54 - 00000498 _____ () C:\Users\gabriela.richter\address.ser
2014-08-19 08:59 - 2014-01-20 08:12 - 00005076 _____ () C:\Windows\System32\Tasks\Microsoft Office 15 Sync Maintenance for {96e3b6c1-cb58-49ad-979a-67a7f07d4c79} DDNBK001.delga.com.br
2014-08-19 08:38 - 2013-09-02 14:26 - 04196406 _____ () C:\Users\gabriela.richter\BGInfo.bmp
2014-08-18 13:36 - 2014-08-18 13:36 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-08-18 13:34 - 2014-08-18 13:33 - 02347384 _____ (ESET) C:\Users\Administrador\Downloads\esetsmartinstaller_ptg.exe
2014-08-18 13:17 - 2014-08-18 13:17 - 00000000 ____D () C:\Users\Administrador\AppData\Roaming\Malwarebytes
2014-08-18 11:54 - 2014-08-18 11:54 - 00000000 _____ () C:\Windows\setuperr.log
2014-08-18 11:54 - 2014-01-23 13:57 - 00000000 ____D () C:\Program Files (x86)\Emsisoft Anti-Malware
2014-08-18 11:53 - 2014-01-23 13:57 - 00000000 ____D () C:\Users\gabriela.richter\Documents\Anti-Malware
2014-08-18 11:52 - 2014-04-14 07:27 - 00000000 ____D () C:\Windows\Minidump
2014-08-18 11:51 - 2014-08-18 11:51 - 00000822 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-08-18 11:51 - 2014-08-18 11:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2014-08-18 11:51 - 2013-12-17 07:47 - 00002788 _____ () C:\Windows\System32\Tasks\CCleanerSkipUAC
2014-08-18 11:51 - 2013-12-17 07:47 - 00000000 ____D () C:\Program Files\CCleaner
2014-08-18 11:37 - 2014-08-18 11:37 - 00000000 ____D () C:\Users\Administrador\AppData\Roaming\Mozilla
2014-08-18 11:37 - 2014-08-18 11:37 - 00000000 ____D () C:\Users\Administrador\AppData\Local\Mozilla
2014-08-18 11:36 - 2014-08-18 11:36 - 00011450 _____ () C:\Users\Administrador\Desktop\hijackthis.log
2014-08-18 11:35 - 2014-08-18 11:34 - 00001644 _____ () C:\Users\Administrador\Desktop\rede_geral (192.168.0.20).lnk
2014-08-18 11:32 - 2014-08-18 11:36 - 00388608 _____ (Trend Micro Inc.) C:\Users\Administrador\Desktop\HijackThis.exe
2014-08-18 09:42 - 2014-08-18 09:42 - 00001389 _____ () C:\Users\Administrador\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-08-18 09:42 - 2014-08-18 09:42 - 00000000 ____D () C:\Users\Administrador\AppData\Roaming\WinRAR
2014-08-18 09:42 - 2014-08-18 09:42 - 00000000 ____D () C:\Users\Administrador\AppData\Roaming\Synaptics
2014-08-18 09:42 - 2014-08-18 09:42 - 00000000 ____D () C:\Users\Administrador\AppData\Roaming\Intel Corporation
2014-08-18 09:42 - 2014-08-18 09:42 - 00000000 ____D () C:\Users\Administrador\AppData\Roaming\Adobe
2014-08-18 09:42 - 2014-08-18 09:41 - 00000000 ___RD () C:\Users\Administrador\Virtual Machines
2014-08-18 09:42 - 2009-07-14 01:57 - 00001547 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2014-08-18 09:41 - 2014-08-18 09:41 - 00000020 ___SH () C:\Users\Administrador\ntuser.ini
2014-08-18 09:41 - 2014-08-18 09:41 - 00000000 _SHDL () C:\Users\Administrador\Modelos
2014-08-18 09:41 - 2014-08-18 09:41 - 00000000 _SHDL () C:\Users\Administrador\Meus documentos
2014-08-18 09:41 - 2014-08-18 09:41 - 00000000 _SHDL () C:\Users\Administrador\Menu Iniciar
2014-08-18 09:41 - 2014-08-18 09:41 - 00000000 _SHDL () C:\Users\Administrador\Documents\Minhas músicas
2014-08-18 09:41 - 2014-08-18 09:41 - 00000000 _SHDL () C:\Users\Administrador\Documents\Minhas imagens
2014-08-18 09:41 - 2014-08-18 09:41 - 00000000 _SHDL () C:\Users\Administrador\Documents\Meus vídeos
2014-08-18 09:41 - 2014-08-18 09:41 - 00000000 _SHDL () C:\Users\Administrador\Dados de aplicativos
2014-08-18 09:41 - 2014-08-18 09:41 - 00000000 _SHDL () C:\Users\Administrador\Configurações locais
2014-08-18 09:41 - 2014-08-18 09:41 - 00000000 _SHDL () C:\Users\Administrador\AppData\Roaming\Microsoft\Windows\Start Menu\Programas
2014-08-18 09:41 - 2014-08-18 09:41 - 00000000 _SHDL () C:\Users\Administrador\AppData\Local\Histórico
2014-08-18 09:41 - 2014-08-18 09:41 - 00000000 _SHDL () C:\Users\Administrador\AppData\Local\Dados de aplicativos
2014-08-18 09:41 - 2014-08-18 09:41 - 00000000 _SHDL () C:\Users\Administrador\Ambiente de rede
2014-08-18 09:41 - 2014-08-18 09:41 - 00000000 _SHDL () C:\Users\Administrador\Ambiente de impressão
2014-08-18 09:25 - 2014-08-18 09:35 - 04181856 _____ (Kaspersky Lab ZAO) C:\Users\Administrador\Desktop\tdsskiller.exe
2014-08-18 08:36 - 2013-09-03 10:55 - 00000000 ____D () C:\Users\gabriela.richter\Documents\SAP
2014-08-18 08:36 - 2013-09-03 10:55 - 00000000 ____D () C:\Users\gabriela.richter\AppData\Roaming\SAP
2014-08-18 08:36 - 2013-09-03 10:55 - 00000000 ____D () C:\Users\gabriela.richter\AppData\Local\SAP
2014-08-15 14:50 - 2013-09-13 11:35 - 00003252 _____ () C:\Windows\System32\Tasks\HPCeeScheduleForgabriela.richter
2014-08-14 13:30 - 2013-09-04 15:50 - 00000000 ____D () C:\Users\gabriela.richter\AppData\Local\CrashDumps
2014-08-12 08:39 - 2014-08-18 09:31 - 01366203 _____ () C:\Users\Administrador\Desktop\AdwCleaner.exe
2014-08-08 14:16 - 2013-10-02 15:24 - 00000000 ____D () C:\Users\Todos os Usuários\DatacardService
2014-08-08 14:16 - 2013-10-02 15:24 - 00000000 ____D () C:\ProgramData\DatacardService
2014-08-08 14:15 - 2014-08-08 14:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VIVO INTERNET
2014-08-08 14:15 - 2014-08-08 14:12 - 00000000 ____D () C:\Program Files (x86)\VIVO INTERNET
2014-08-08 14:09 - 2013-10-18 11:22 - 00000000 ____D () C:\Users\gabriela.richter\AppData\Roaming\Samsung
2014-08-08 14:08 - 2013-10-18 11:19 - 00000000 ____D () C:\Users\Todos os Usuários\Samsung
2014-08-08 14:08 - 2013-10-18 11:19 - 00000000 ____D () C:\ProgramData\Samsung
2014-08-08 14:07 - 2012-05-22 17:32 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-08-08 13:51 - 2009-07-14 00:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-08-08 13:49 - 2009-07-14 00:20 - 00000000 ____D () C:\Windows\system32\tr-TR
2014-08-08 13:45 - 2014-03-07 16:54 - 00000000 ____D () C:\Users\Todos os Usuários\Rosetta Stone
2014-08-08 13:45 - 2014-03-07 16:54 - 00000000 ____D () C:\ProgramData\Rosetta Stone
2014-08-08 13:43 - 2012-05-22 17:21 - 00000000 ____D () C:\Program Files (x86)\HP Games
2014-08-08 13:40 - 2014-08-08 13:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-08-08 13:40 - 2013-09-14 20:39 - 00000000 ____D () C:\Users\gabriela.richter\AppData\Roaming\WildTangent
2014-08-08 13:40 - 2012-05-22 17:21 - 00000000 ____D () C:\Users\Todos os Usuários\WildTangent
2014-08-08 13:40 - 2012-05-22 17:21 - 00000000 ____D () C:\ProgramData\WildTangent
2014-08-08 13:39 - 2013-09-05 09:06 - 00000000 ____D () C:\Program Files (x86)\InstallAffixationInfo
2014-08-07 14:57 - 2014-08-07 14:57 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_ew_juextctrl_01007.Wdf
2014-08-07 14:57 - 2013-09-02 10:59 - 00000000 ____D () C:\Users\gabriela.richter\AppData\Local\VirtualStore
2014-08-07 14:52 - 2014-08-07 14:52 - 00000000 ____D () C:\Users\Todos os Usuários\VIVO INTERNET
2014-08-07 14:52 - 2014-08-07 14:52 - 00000000 ____D () C:\ProgramData\VIVO INTERNET
2014-08-05 10:43 - 2014-08-05 10:43 - 00007006 _____ () C:\Users\gabriela.richter\Downloads\Bradesco_04082014_155815.html
2014-08-04 07:34 - 2014-07-14 11:14 - 00000000 ____D () C:\Program Files\Microsoft Office 15
2014-07-30 08:03 - 2014-07-30 08:03 - 00001304 _____ () C:\Users\gabriela.richter\Desktop\Celular VIVO -.lnk
2014-07-30 08:03 - 2014-07-30 08:03 - 00001266 _____ () C:\Users\gabriela.richter\Desktop\Controle Req. Ped.lnk
2014-07-28 11:42 - 2014-07-28 11:42 - 00000044 _____ () C:\Users\gabriela.richter\AppData\Roaming\WB.CFG

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-08-19 08:01

==================== End Of Log ============================
avatar
suportevam
Iniciante
Iniciante

Mensagens : 23
Reputação : 0
Data de inscrição : 18/08/2014

Voltar ao Topo Ir em baixo

Re: computador com malware baidu e outros

Mensagem por Power Max em Ter 26 Ago 2014, 12:39

Baixe o arquivo fixlist.txt que está anexado nesta postagem e salve-o no desktop (área de trabalho).

Clique com o botão direito do mouse sobre o FRST64, depois clique em [Você precisa estar registrado e conectado para ver esta imagem.].

Clique no botão Fix.

Aguarde e ao final, o log Fixlog.txt será salvo no seu desktop.

Selecione, copie e cole o conteúdo deste Fixlog.txt em sua próxima resposta.

_________________

Caixa de Dicas
= Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.

Fórum PC Brasil = O melhor da internet você encontra aqui.

Super Links = Mensagens de fé e esperança para o seu coração
avatar
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Voltar ao Topo Ir em baixo

Re: computador com malware baidu e outros

Mensagem por suportevam em Ter 26 Ago 2014, 13:09

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 25-08-2014
Ran by Administrador at 2014-08-26 13:07:26 Run:1
Running from C:\Users\Administrador\Desktop
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
start
HKLM Group Policy restriction on software: %HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRoot% <====== ATTENTION
HKLM Group Policy restriction on software: %HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRoot%*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRoot%System32\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ProgramFilesDir% <====== ATTENTION
end
*****************

HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.

==== End of Fixlog ====
avatar
suportevam
Iniciante
Iniciante

Mensagens : 23
Reputação : 0
Data de inscrição : 18/08/2014

Voltar ao Topo Ir em baixo

Re: computador com malware baidu e outros

Mensagem por suportevam em Ter 26 Ago 2014, 13:16

esse baidu n saiu ainda Crying or Very sad Crying or Very sad Crying or Very sad Crying or Very sad
avatar
suportevam
Iniciante
Iniciante

Mensagens : 23
Reputação : 0
Data de inscrição : 18/08/2014

Voltar ao Topo Ir em baixo

Re: computador com malware baidu e outros

Mensagem por Power Max em Ter 26 Ago 2014, 13:35

O Farbar removeu outros problemas, mas nada referente ao Baidu foi encontrado.
__________________________________________

Na verdade os itens ativos do Baidu já foram removidos, o que sobrou foram apenas alguns poucos restos dele que não interferem no PC.


_________________

Caixa de Dicas
= Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.

Fórum PC Brasil = O melhor da internet você encontra aqui.

Super Links = Mensagens de fé e esperança para o seu coração
avatar
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Voltar ao Topo Ir em baixo

Re: computador com malware baidu e outros

Mensagem por suportevam em Ter 26 Ago 2014, 13:57

não vou correr o risco de ter senhas copiadas com o q restou do baidu?
avatar
suportevam
Iniciante
Iniciante

Mensagens : 23
Reputação : 0
Data de inscrição : 18/08/2014

Voltar ao Topo Ir em baixo

Re: computador com malware baidu e outros

Mensagem por Power Max em Ter 26 Ago 2014, 14:06

O Baidu não copia senhas, mesmo se ele estivesse completo.

_________________

Caixa de Dicas
= Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.

Fórum PC Brasil = O melhor da internet você encontra aqui.

Super Links = Mensagens de fé e esperança para o seu coração
avatar
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Voltar ao Topo Ir em baixo

Re: computador com malware baidu e outros

Mensagem por Power Max em Ter 26 Ago 2014, 14:55

Seu PC está seguro.

Só para finalizar siga estes tutoriais abaixo, por gentileza:

Excluindo erros e otimizando seu PC com o CCleaner

Elimine arquivos inúteis de seu PC com o PureRa
_______________________________________________________________________________________________________________________

Para remover os programas usados na limpeza deste PC e criar um novo ponto de restauração seguro e sem problemas, utilize o DelFix seguindo as dicas deste tutorial.
_______________________________________________________________________________________________________________________

Foi um prazer ajudar. Conte sempre conosco!

_________________

Caixa de Dicas
= Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.

Fórum PC Brasil = O melhor da internet você encontra aqui.

Super Links = Mensagens de fé e esperança para o seu coração
avatar
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Voltar ao Topo Ir em baixo

Re: computador com malware baidu e outros

Mensagem por suportevam em Qua 27 Ago 2014, 07:37

Afinal o que esse baidu faz no computador?
avatar
suportevam
Iniciante
Iniciante

Mensagens : 23
Reputação : 0
Data de inscrição : 18/08/2014

Voltar ao Topo Ir em baixo

Re: computador com malware baidu e outros

Mensagem por Power Max em Qua 27 Ago 2014, 09:30

suportevam escreveu:Afinal o que esse baidu faz no computador?
O Baidu é um antivirus que se instala normalmente embutido em outros programas sem a vontade da pessoa.

_________________

Caixa de Dicas
= Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.

Fórum PC Brasil = O melhor da internet você encontra aqui.

Super Links = Mensagens de fé e esperança para o seu coração
avatar
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Voltar ao Topo Ir em baixo

Re: computador com malware baidu e outros

Mensagem por Power Max em Qua 27 Ago 2014, 13:49

CASO RESOLVIDO

Caso o autor do tópico necessite, o mesmo será reaberto, para isso deverá entrar em contato com um dos membros da Equipe da Moderação solicitando o desbloqueio.

_________________

Caixa de Dicas
= Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.

Fórum PC Brasil = O melhor da internet você encontra aqui.

Super Links = Mensagens de fé e esperança para o seu coração
avatar
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Voltar ao Topo Ir em baixo

Re: computador com malware baidu e outros

Mensagem por Conteúdo patrocinado


Conteúdo patrocinado


Voltar ao Topo Ir em baixo

Página 2 de 2 Anterior  1, 2

Ver o tópico anterior Ver o tópico seguinte Voltar ao Topo


 
Permissão deste fórum:
Você não pode responder aos tópicos neste fórum