Flux RSS


Yahoo! 
MSN 
AOL 
Netvibes 
Bloglines 


Social bookmarking

Social bookmarking Digg  Social bookmarking Delicious  Social bookmarking Reddit  Social bookmarking Stumbleupon  Social bookmarking Slashdot  Social bookmarking Yahoo  Social bookmarking Google  Social bookmarking Blinklist  Social bookmarking Blogmarks  Social bookmarking Technorati  

Conservar e compartilhar o endereço de PC Seguro em seu site de social bookmarking

Conservar e compartilhar o endereço de Fórum PC Brasil em seu site de social bookmarking

Estatísticas
Temos 14418 usuários registrados
O último usuário registrado atende pelo nome de MendigoSemCasa

Os nossos membros postaram um total de 35101 mensagens em 3553 assuntos
Últimos assuntos
» Computador está lento
por joram Ontem à(s) 14:38

Quem está conectado
4 usuários online :: Nenhum usuário registrado, Nenhum Invisível e 4 Visitantes :: 1 Motor de busca

Nenhum

O recorde de usuários online foi de 108 em Qui 15 Maio 2014, 21:18
Buscar
 
 

Resultados por:
 


Rechercher Busca avançada

Agosto 2017
SegTerQuaQuiSexSabDom
 123456
78910111213
14151617181920
21222324252627
28293031   

Calendário Calendário

Palavras chave


É dificil abrir o Browser

Ver o tópico anterior Ver o tópico seguinte Ir em baixo

É dificil abrir o Browser

Mensagem por JoseCarlos em Seg 15 Set 2014, 18:45

~ Relatório do ZHPDiag v2014.8.28.125 - Nicolas Coolman  (28-08-2014)
~ Iniciado por Utilizador (15-09-2014 22:35:50)
~ Endereço do Website : [Você precisa estar registrado e conectado para ver este link.]
~ Endereço do Webforum : [Você precisa estar registrado e conectado para ver este link.]
~ Tradução pelo utilizador
~ Estatuto da versão : Nova Versão disponivel
~  Lista Branca : Desativado pelo Utilizador
~ Elevação dos Privilégios : OK
~ Controle de Conta de Utilizador : Activate by user


---\\ Navegadores Internet
MSIE: Internet Explorer v9.0.8112.16421 (Defaut)
GCIE: Google Chrome v37.0.2062.120

---\\ Informações sobre os produtos Windows
~ Langage: Portugais
Windows 7 Ultimate, 64-bit  (Build 7600)
Windows Server License Manager Script : OK
Software Protection Service (Protection logicielle) : OK
Windows Automatic Updates : OK
Windows Activation Technologies : OK

---\\ Softwares de proteçao do sistema
avast! Internet Security v9.0.2021
Microsoft Security Client PT-PT Language Pack v2.1.1116.0
Windows Defender W7 (Activate)

---\\ Softwares d'optimização do sistema
CCleaner v3.20

---\\ Softwares de partilha do PeerToPeer (P2P)

---\\ Monitoramento dos softwares
Adobe Flash Player 14 Plugin
Adobe Reader XI

---\\ Informações sobre o sistema
~ Processor: Intel64 Family 6 Model 15 Stepping 6, GenuineIntel
~ Operating System: 64 Bits
Boot mode: Normal (Normal boot)
Total RAM: 2046 MB (37% free)
System Restore: Activé (Enable)
System drive C: has 239 GB (80%) free of 298 GB

---\\ Modo de conexão ao sistema
~ Computer Name: TOSHIBAA100
~ User Name: Utilizador
~ All Users Names: Utilizador, Guest, Administrator,
~ Unselected Option: None
Logged in as Administrator

---\\ As variáveis de ambiente
~ System Unit : C:\
~ %AppZHP% : C:\Users\Utilizador\AppData\Roaming\ZHP\
~ %AppData% : C:\Users\Utilizador\AppData\Roaming\
~ %Desktop% : C:\Users\Utilizador\Desktop\
~ %Favorites% : C:\Users\Utilizador\Favorites\
~ %LocalAppData% : C:\Users\Utilizador\AppData\Local\
~ %StartMenu% : C:\Users\Utilizador\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\

---\\ Enumeração das unidades dos discos
C: Hard drive, Flash drive, Thumb drive (Free 239 Go of 298 Go)
D: CD-ROM drive (Not Inserted)



---\\ Estado do Centro de Segurança do Windows
[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center] FirewallDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center] UpdatesDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] DisableTaskMgr: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] DisableRegistryTools: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings] WarnOnHTTPSToHTTPRedirect: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
[HKLM\SYSTEM\CurrentControlSet\Services\COMSysApp] Type: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime :  OK
~ Security Center: 49 Scanned in 00mn 00s



---\\ Pesquisa particular de ficheiros genéricos
[MD5.0862495E0C825893DB75EF44FAEA8E93] - (.Microsoft Corporation - Explorador do Windows.) (.26-02-2011 - 06:23:14.) -- C:\Windows\Explorer.exe [2870272]
[MD5.94355C28C1970635A31B3FE52EB7CEBA] - (.Microsoft Corporation - Aplicação de Arranque do Windows.) (.14-07-2009 - 01:39:52.) -- C:\Windows\System32\Wininit.exe [129024]
[MD5.A4F6142CABA82FB7293ECE5FF864B440] - (.Microsoft Corporation - Extensões da Internet para Win32.) (.22-02-2013 - 06:20:51.) -- C:\Windows\System32\wininet.dll [1392128]
[MD5.DA3E2A6FA9660CC75B471530CE88453A] - (.Microsoft Corporation - Aplicação de início de sessão do Windows.) (.28-10-2009 - 06:24:40.) -- C:\Windows\System32\Winlogon.exe [389632]
[MD5.75341574F21E766748732BDF530C74BD] - (.Microsoft Corporation - Biblioteca de Licenciamento de Software.) (.14-07-2009 - 01:41:54.) -- C:\Windows\System32\sppcomapi.dll [231936]
[MD5.DB9D6C6B2CD95A9CA414D045B627422E] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.28-12-2011 - 03:59:11.) -- C:\Windows\system32\Drivers\AFD.sys [499200]
[MD5.02062C0B390B7729EDC9E69C680A6F3C] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.14-07-2009 - 01:52:21.) -- C:\Windows\system32\Drivers\atapi.sys [24128]
[MD5.B8BD2BB284668C84865658C77574381A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.13-07-2009 - 23:19:47.) -- C:\Windows\system32\Drivers\Cdfs.sys [92160]
[MD5.83D2D75E1EFB81B3450C18131443F7DB] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.13-07-2009 - 23:19:54.) -- C:\Windows\system32\Drivers\Cdrom.sys [147456]
[MD5.9C253CE7311CA60FC11C774692A13208] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.27-04-2011 - 02:57:40.) -- C:\Windows\system32\Drivers\DfsC.sys [102400]
[MD5.0A49913402747A0B67DE940FB42CBDBB] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.14-07-2009 - 00:06:13.) -- C:\Windows\system32\Drivers\HDAudBus.sys [122368]
[MD5.FA55C73D4AFFA7EE23AC4BE53B4592D3] - (.Microsoft Corporation - Controlador de porta i8042.) (.13-07-2009 - 23:19:57.) -- C:\Windows\system32\Drivers\i8042prt.sys [105472]
[MD5.AF9B39A7E7B6CAA203B3862582E9F2D0] - (.Microsoft Corporation - IP Network Address Translator.) (.14-07-2009 - 00:10:03.) -- C:\Windows\system32\Drivers\IpNat.sys [116224]
[MD5.040D62A9D8AD28922632137ACDD984F2] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.04-05-2011 - 02:51:08.) -- C:\Windows\system32\Drivers\MRxSmb.sys [157696]
[MD5.9162B273A44AB9DCE5B44362731D062A] - (.Microsoft Corporation - MBT Transport driver.) (.13-07-2009 - 23:21:29.) -- C:\Windows\system32\Drivers\netBT.sys [259072]
[MD5.9A6089B056EA1B83B36424FC9D0A300E] - (.Microsoft Corporation - Controlador de Sistema de Ficheiros NT.) (.12-04-2013 - 14:36:37.) -- C:\Windows\system32\Drivers\ntfs.sys [1653096]
[MD5.0086431C29C35BE1DBC43F52CC273887] - (.Microsoft Corporation - Controlador de porta paralela.) (.14-07-2009 - 00:00:41.) -- C:\Windows\system32\Drivers\Parport.sys [97280]
[MD5.87A6E852A22991580D6D39ADC4790463] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.14-07-2009 - 00:10:12.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [130048]
[MD5.9706B84DBABFC4B4CA46C5A82B14DFA3] - (.Microsoft Corporation - Microsoft RDP Device redirector.) (.14-07-2009 - 00:18:02.) -- C:\Windows\system32\Drivers\rdpdr.sys [165376]
[MD5.548260A7B8654E024DC30BF8A7C5BAA4] - (.Microsoft Corporation - SMB Transport driver.) (.14-07-2009 - 00:09:09.) -- C:\Windows\system32\Drivers\smb.sys [93184]
[MD5.079125C4B17B01FCAEEBCE0BCB290C0F] - (.Microsoft Corporation - TDI Translation Driver.) (.13-07-2009 - 23:21:15.) -- C:\Windows\system32\Drivers\tdx.sys [99840]
[MD5.9E425AC5C9A5A973273D169F43B4F5E1] - (.Microsoft Corporation - Controlador de cópia sombra do volume.) (.06-09-2012 - 17:38:18.) -- C:\Windows\system32\Drivers\volsnap.sys [295792]
~ Generic Processes:  Scanned in 00mn 00s



---\\ Estatuto dos ficheiros ocultos (Oculto/Total)
~ Mes images (My Pictures) : 1/18
~ Mes musiques (My Musics) : 1/8
~ Mes Videos (My Videos) : 1/2
~ Mes Favoris (My Favorites) : 1/22
~ Mes Documents (My Documents) : 1/2991
~ Mon Bureau (My Desktop) : 10/28
~ Menu demarrer (Programs) : 1/36
~ Hidden Files:  Scanned in 00mn 10s



---\\ Processos lançados
[MD5.26B558B2D31C7425B455B00E562EAD93] - (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\avastui.exe   [4085896] [PID.3368]
[MD5.AC08A03D7E579E2903925736E7AB48F2] - (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe   [852808] [PID.3200]
[MD5.D6D0EB77C43224ABC8E137FACDAED88E] - (.Google - Hangouts Plugin.) -- C:\Users\Utilizador\AppData\Local\Google\Google Talk Plugin\googletalkplugin.exe   [64384] [PID.3912]
[MD5.33BF80A2291C54DC7D7601CDEF63138E] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe   [8099328] [PID.1316]
[MD5.73F5C13B431915BAE35254B4E95DFB71] - (.AVAST Software - avast! Service.) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe   [50344] [PID.1292]
[MD5.D386D51B1839E208EF7CCFBFA964638E] - (.AVAST Software - avast! firewall service.) -- C:\Program Files\AVAST Software\Avast\afwServ.exe   [106488] [PID.1556]
[MD5.B362181ED3771DC03B4141927C80F801] - (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe   [65432] [PID.1648]
[MD5.1F79342D9EB530A48742F651E570983A] - (.Microsoft Corporation - Updates Skype Click to Call.) -- C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe   [1390176] [PID.1736]
[MD5.E4938E0A376CF0B9D989EE5C0A146891] - (.Microsoft Corporation - Phone Number Recognition (PNR) module.) -- C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe   [1767520] [PID.1764]
[MD5.506708142BC63DABA64F2D3AD1DCD5BF] - (.Google Inc. - Instalador do Google.) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe   [116648] [PID.1536]
[MD5.397D14958D6C9C2B365469A857B2AC4E] - (.Google Inc. - Google Crash Handler.) -- C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler.exe   [230792] [PID.152]
~ Processes Running:  Scanned in 00mn 02s



---\\ Google Chrome, Arranque,Pesquisa,Extensões (G0,G1,G2)
C:\Users\Utilizador\AppData\Local\Google\Chrome\User Data\Default\Preferences
G1 - GCS: Preference [User Data\Default] None
G0 - GCSP: Preference [User Data\Default][HomePage] EDA955527356170E0873561558F1BFAE9894F03D9F531430B1EC483968E2F301
G2 - GCE: Preference [User Data\Default] [ahfgeienlihckogmohjhadlkjgocpleb] Loja v.0.2 (Activé)
G2 - GCE: Preference [User Data\Default] [apdfllckaahabafndbhieahigkjlhalf] Google Drive v.6.3 (Activé)
G2 - GCE: Preference [User Data\Default] [blpcfgokakmgnkcojhhkbfbldkacnbeo] YouTube v.4.2.6 (Activé)
G2 - GCE: Preference [User Data\Default] [coobgpohoikkiipiblmjeljniedjpjpf] Pesquisa do Google v.0.0.0.20 (Activé)
G2 - GCE: Preference [User Data\Default] [eemcgdkfndhakfknompkggombfjjjeno] Bookmark Manager v.0.1 (Activé)
G2 - GCE: Preference [User Data\Default] [ennkphjdgehloodpbhlhldgbnhmacadg] Settings v.0.2 (Activé)
G2 - GCE: Preference [User Data\Default] [gfdkimpbcpahaombhbimeihdjnejgicl] Feedback v.1.0 (Activé)
G2 - GCE: Preference [User Data\Default] [gomekmidlodglbbmalcneegieacbdmki] avast! Online Security v.9.0.2022.121, (Activé)
G2 - GCE: Preference [User Data\Default] [kmendfapggjehodndflmmgagdbamhnfd] CryptoTokenExtension v.0.0.1 (Activé)
G2 - GCE: Preference [User Data\Default] [lifbcibllhkdhoafpjfnlhfpfgnpldfl] Skype Click to Call v.7.3.16540.9015, (Activé)
G2 - GCE: Preference [User Data\Default] [mfehgcgbbipciphmccgaenjidiccnmng] Cloud Print v.0.1 (Activé)
G2 - GCE: Preference [User Data\Default] [mfffpogegjflfpflabcdkioaeobkgjik] GaiaAuthExtension v.0.0.1, (Activé)
G2 - GCE: Preference [User Data\Default] [mgndgikekgjfcpckkfioiadnlibdjbkf] Chrome v.0.1 (Activé)
G2 - GCE: Preference [User Data\Default] [neajdppkdcdipfabeoofebfddakdcjhd] Google Network Speech v.1.0 (Activé)
G2 - GCE: Preference [User Data\Default] [nkeimhogjdpnpccoofpliimaahmaaome] Google+ Hangouts v.1.0 (Activé)
G2 - GCE: Preference [User Data\Default] [nmmhkkegccagdldgiimedpiccmgmieda] Google Wallet v.0.0.6.1 (Activé)
G2 - GCE: Preference [User Data\Default] [pafkbggdmjlpgkdkcbjmhmfcdpncadgh] Google Now v.1.2.0.1 (Activé)
G2 - GCE: Preference [User Data\Default] [pjkljhegncpnkpknbcohdijeoejaedia] Gmail v.7 (Activé)

---\\ Pasta de extensão do Google Chrome
G2 - EXT: C:\Users\Utilizador\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [Google Drive]
G2 - EXT: C:\Users\Utilizador\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [YouTube]
G2 - EXT: C:\Users\Utilizador\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [Pesquisa do Google]
G2 - EXT: C:\Users\Utilizador\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [avast! Online Security]
G2 - EXT: C:\Users\Utilizador\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [Google Wallet]
G2 - EXT: C:\Users\Utilizador\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [Gmail]
~ Google Lines Browser: 26 Scanned in 00mn 05s



---\\ Mozilla Firefox, Plugins,Arranque,Pesquisa,Extensões (P2,M0,M1,M2,M3)
P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (...) -- C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_179.dll
P2 - FPN: [HKLM] [@Microsoft.com/NpCtrl,version=1.0] - (. Microsoft Corporation - 5.1.30514.0.) -- c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll
P2 - FPN: [HKCU] [@Skype Limited.com/Facebook Video Calling Plugin] - (...) -- C:\Users\Utilizador\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (.not file.)
P2 - FPN: [HKCU] [@talk.google.com/GoogleTalkPlugin] - (.Google - Version 5.2.4.18058.) -- C:\Users\Utilizador\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll
P2 - FPN: [HKCU] [@talk.google.com/O1DPlugin] - (.Google - Version 5.2.4.18058.) -- C:\Users\Utilizador\AppData\Roaming\Mozilla\plugins\npo1d.dll
P2 - FPN: [HKCU] [@tools.google.com/Google Update;version=3] - (.Google Inc. - Google Update.) -- C:\Users\Utilizador\AppData\Local\Google\Update\1.3.22.5\npGoogleUpdate3.dll
P2 - FPN: [HKCU] [@tools.google.com/Google Update;version=9] - (.Google Inc. - Google Update.) -- C:\Users\Utilizador\AppData\Local\Google\Update\1.3.22.5\npGoogleUpdate3.dll
~ Firefox Browser: 7 Scanned in 00mn 00s



---\\ Internet Explorer, Arranque, Pesquisa, URLSearchHook( gancho de URL), Phishing (R0,R1,R3,R4)
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [Você precisa estar registrado e conectado para ver este link.]
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [Você precisa estar registrado e conectado para ver este link.]
R0 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = [Você precisa estar registrado e conectado para ver este link.]
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = [Você precisa estar registrado e conectado para ver este link.]
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = [Você precisa estar registrado e conectado para ver este link.]
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = [Você precisa estar registrado e conectado para ver este link.]
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = [Você precisa estar registrado e conectado para ver este link.]
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = [Você precisa estar registrado e conectado para ver este link.]
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = [Você precisa estar registrado e conectado para ver este link.]
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R3 - URLSearchHook: Microsoft Url Search Hook [64Bits] - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Browser.) (9.00.8112.16421 (WIN7_IE9_RTM.110308-0330)) -- C:\Windows\SysWOW64\ieframe.dll
R4 - HKLM\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,EnabledV8 = 0
R4 - HKCU\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,Enabled = 2
R4 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\PhishingFilter,EnabledV8 = 0
~ IE Browser: 18 Scanned in 00mn 00s



---\\ Internet Explorer, Gestão do Proxy (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management:  Scanned in 00mn 00s



---\\ Análise das linhas F0, F1, F2, F3 - Ficheiros ini, Carregamento Automático de programas
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys:  Scanned in 00mn 00s



---\\ Redireção do ficheiro Hosts (01)
~ Le fichier hôte est sain (The hosts file is clean) (669)
~ Hosts File:  Scanned in 00mn 00s



---\\ Browser Helper Objects do navegador (02)
O2 - BHO: Java(tm) Plug-In SSV Helper [64Bits] - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} . (.Oracle Corporation - Java(TM) Platform SE binary.) -- C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: avast! Online Security [64Bits] - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} . (.AVAST Software - IE Webrep plugin.) -- C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: SkypeIEPluginBHO [64Bits] - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} . (.Microsoft Corporation - Skype Click to Call IE Add-on.) -- C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper [64Bits] - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Oracle Corporation - Java(TM) Platform SE binary.) -- C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
~ BHO: 6 Scanned in 00mn 00s



---\\ Outras conexões do utilizador (04)
O4 - GS\Desktop [Public]: FLV Media Player.lnk . (...)  -- C:\Program Files (x86)\FLV Media Player\FLVMPlayer.exe  =>PUP.FLVMPlayer
O4 - GS\Desktop [Utilizador]: SpyHunter.lnk . (...)  -- C:\Program Files (x86)\Enigma Software Group\SpyHunter\SpyHunter4.exe (.not file.)  =>Crapware.SpyHunter
~ Global Startup: 2 Scanned in 00mn 04s



---\\ Aplicações iniciadas por registo & pastas (04)
O4 - HKLM\..\Wow6432Node\Run: [AvastUI.exe] . (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
~ Application:  Scanned in 00mn 00s



---\\ Icones das opções IE invisiveis no painel das configurações (05)
O5 - control.ini: [HKLM\..\Control Panel] inetcpl.cpl=no
~ IE Control Panel: 1 Scanned in 00mn 00s



---\\ Boutões da barra de ferramentas principal do Internet Explorer (09)
O9 - Extra button: Skype Click to Call settings [64Bits] - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} . (...) -- c:\program files (x86)\skype\toolbars\internet explorer x64\icon.ico
~ IE Extra Buttons:  Scanned in 00mn 00s



---\\ Winsock hijacker (Layered Service Provider) (O10)
O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Network Location Awareness 2.) -- C:\Windows\system32\NLAapi.dll
O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - Fornecedor de serviços de Microsoft Windows Sockets 2.0.) -- C:\Windows\system32\mswsock.dll
O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\Windows\system32\winrnr.dll
O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - Fornecedor de Correcções de Compatibilidade de Nomenclatura de Correio El.) -- C:\Windows\system32\napinsp.dll
O10 - WLSP:\000000000005\Winsock LSP File . (.Microsoft Corporation - Fornecedor de Espaço de Nomes PNRP.) -- C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000006\Winsock LSP File . (.Microsoft Corporation - Fornecedor de Espaço de Nomes PNRP.) -- C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000007\Winsock LSP File . (.Microsoft Corp. - Microsoft® Windows Live ID Namespace Provider.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.dll  =>.Microsoft Corporation
O10 - WLSP:\000000000008\Winsock LSP File . (.Microsoft Corp. - Microsoft® Windows Live ID Namespace Provider.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.dll  =>.Microsoft Corporation
~ Winsock: 8 Scanned in 00mn 00s



---\\ Alteração Dominio/Clientes DNS (017)
O17 - HKLM\System\CCS\Services\Tcpip\..\{EE7A8BE6-057B-4CCA-BAB4-23EEBDAFB2B1}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{EE7A8BE6-057B-4CCA-BAB4-23EEBDAFB2B1}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{EE7A8BE6-057B-4CCA-BAB4-23EEBDAFB2B1}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
~ Domain:  Scanned in 00mn 00s



---\\ Protocolo adicional (018)
O18 - Handler: wlpg [64Bits] - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (...) --
O18 - Filter: text/xml [64Bits] - {807563E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.dll  =>.Microsoft Corporation
~ Protocole Additionnel:  Scanned in 00mn 00s
avatar
JoseCarlos
Membro
Membro

Mensagens : 159
Reputação : 0
Data de inscrição : 05/04/2014

Voltar ao Topo Ir em baixo

É dificil abrir o Browser

Mensagem por JoseCarlos em Seg 15 Set 2014, 18:47

---\\ Lista dos serviços NT não Microsoft e não desativados (023)
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) . (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) . (.LSI Corporation - LSI Soft Modem Call Progress Service.) - C:\Program Files\LSI SoftModem\agr64svc.exe
O23 - Service: avast! Antivirus (avast! Antivirus) . (.AVAST Software - avast! Service.) - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: avast! Firewall (avast! Firewall) . (.AVAST Software - avast! firewall service.) - C:\Program Files\AVAST Software\Avast\afwServ.exe
O23 - Service: Serviço Google Update (gupdate) (gupdate) . (.Google Inc. - Instalador do Google.) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) . (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 179.6.) - C:\Windows\System32\nvvsvc.exe
O23 - Service: Skype Updater (SkypeUpdate) . (.Skype Technologies - Skype Updater Service.) - C:\Program Files (x86)\Skype\Updater\Updater.exe
~ Services: 7 Scanned in 00mn 09s



---\\ Enumeração Ativa do Ambiente de trabalho & Editor MHTML (024)
O24 - Default MHTML Editor: Last - .(...) - (.not file.)
~ Desktop Component: 4 Scanned in 00mn 00s



---\\ Listagem dos dados do BootExecute (Bex) (034)
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (sdnclean64.exe) - File not found
~ BEX: 2 Scanned in 00mn 00s



---\\ Tarefas planificadas automaticamente (039)
[MD5.F4BF3ADDDDC1AD372604F13C2B0C1F65] [APT] [Adobe Flash Player Updater] (.Adobe Systems Incorporated.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [262320]
[MD5.1AD8512A5C40AD1A0558498D8E0AC2AA] [APT] [avast! Emergency Update] (.AVAST Software.) -- C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [808448]
[MD5.00000000000000000000000000000000] [APT] [Driver Booster SkipUAC (Utilizador)] (...) -- C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [FacebookUpdateTaskUserS-1-5-21-3136738229-3321464536-2784466607-1000Core] (...) -- C:\Users\Utilizador\AppData\Local\Facebook\Update\FacebookUpdate.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [FacebookUpdateTaskUserS-1-5-21-3136738229-3321464536-2784466607-1000UA] (...) -- C:\Users\Utilizador\AppData\Local\Facebook\Update\FacebookUpdate.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [AppleSoftwareUpdate] (...) -- C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [Check for updates] (...) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [Refresh immunization] (...) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [Scan the system] (...) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe (.not file.) [0]
O39 - APT: Adobe Flash Player Updater - (.Adobe Systems Incorporated.) -- C:\Windows\Tasks\Adobe Flash Player Updater.job [830]
O39 - APT: Adobe Flash Player Updater - (.Adobe Systems Incorporated.) -- C:\Windows\System32\Tasks\Adobe Flash Player Updater [830]
O39 - APT: FacebookUpdateTaskUserS-1-5-21-3136738229-3321464536-2784466607-1000Core - (...) -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3136738229-3321464536-2784466607-1000Core.job [926]
O39 - APT: FacebookUpdateTaskUserS-1-5-21-3136738229-3321464536-2784466607-1000Core - (...) -- C:\Windows\System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3136738229-3321464536-2784466607-1000Core [926]
O39 - APT: FacebookUpdateTaskUserS-1-5-21-3136738229-3321464536-2784466607-1000UA - (...) -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3136738229-3321464536-2784466607-1000UA.job [948]
O39 - APT: FacebookUpdateTaskUserS-1-5-21-3136738229-3321464536-2784466607-1000UA - (...) -- C:\Windows\System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3136738229-3321464536-2784466607-1000UA [948]
~ Scheduled Task: 14 Scanned in 00mn 05s



---\\ Componentes instalados (ActiveSetup Installed Components) (040)
O40 - ASIC: Microsoft Windows Media Player [64Bits] - >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Recursos do Windows Media Player.) -- C:\Windows\System32\wmploc.dll =>.Microsoft Corporation
O40 - ASIC: Internet Explorer [64Bits] - >{26923b43-4d38-484f-9b9e-de460746276c} . (.Microsoft Corporation - Utilitário de Inicialização por utilizador do IE.) -- C:\Windows\System32\ie4uinit.exe
O40 - ASIC: Browser Customizations [64Bits] - >{60B49E34-C7CC-11D0-8953-00A0C90347FF} . (.Microsoft Corporation - IEAK branding.) -- C:\Windows\System32\iedkcs32.dll
O40 - ASIC: Microsoft Windows Media Player 12.0 [64Bits] - {22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Windows Media Player Extension.) -- C:\Windows\SysWOW64\wmpdxm.dll =>.Microsoft Corporation
O40 - ASIC: Themes Setup [64Bits] - {2C7339CF-2B09-4501-B3F3-F3508C9228ED} . (.Microsoft Corporation - API de tema do Windows.) -- C:\Windows\System32\themeui.dll
O40 - ASIC: Microsoft Windows [64Bits] - {44BBA840-CC51-11CF-AAFA-00AA00B6015C} . (.Microsoft Corporation - Windows Mail.) -- C:\Program Files (x86)\Windows Mail\WinMail.exe =>.Microsoft Corporation
O40 - ASIC: Browsing Enhancements [64Bits] - {630b1da0-b465-11d1-9948-00c04f98bbc9} . (.Microsoft Corporation - Extensão da shell da pasta de FTP do Microsoft Internet Explore.) -- C:\Windows\System32\msieftp.dll
O40 - ASIC: Microsoft Windows Media Player [64Bits] - {6BF52A52-394A-11d3-B153-00C04F79FAA6} . (.Microsoft Corporation - Recursos do Windows Media Player.) -- C:\Windows\System32\wmploc.dll =>.Microsoft Corporation
O40 - ASIC: Windows Desktop Update [64Bits] - {89820200-ECBD-11cf-8B85-00AA005B4340} . (.Microsoft Corporation - DLL comum da shell do Windows.) -- C:\Windows\System32\shell32.dll
O40 - ASIC: Web Platform Customizations [64Bits] - {89820200-ECBD-11cf-8B85-00AA005B4383} . (.Microsoft Corporation - Utilitário de Inicialização por utilizador do IE.) -- C:\Windows\System32\ie4uinit.exe
O40 - ASIC: (no name) [64Bits] - {89B4C1CD-B018-4511-B0A1-5476DBF70820} . (.Microsoft Corporation - Microsoft .NET IE SECURITY REGISTRATION.) -- C:\Windows\system32\mscories.dll
~ Active Setup: 11 Scanned in 00mn 00s



---\\ Drivers lançados ao arranque do sistema (041)
O41 - Driver: (44278511) . (.Kaspersky Lab - Kaspersky Unified Driver.) - C:\Windows\System32\DRIVERS\44278511.sys
O41 - Driver: C:\Windows\System32\drivers\afd.sys (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\Windows\system32\drivers\afd.sys
O41 - Driver: (aswKbd) . (.AVAST Software - avast! Keyboard Filter Driver.) - C:\Windows\system32\drivers\aswKbd.sys
O41 - Driver: (aswRdr) . (.AVAST Software - avast! WFP Redirect Driver.) - C:\Windows\system32\drivers\aswRdr2.sys
O41 - Driver: (aswSnx) . (.AVAST Software - avast! Virtualization Driver.) - C:\Windows\system32\drivers\aswSnx.sys
O41 - Driver: (aswSP) . (.AVAST Software - avast! self protection module.) - C:\Windows\system32\drivers\aswSP.sys
O41 - Driver: (blbdrive) . (.Microsoft Corporation - BLB Drive Driver.) - C:\Windows\System32\DRIVERS\blbdrive.sys
O41 - Driver: (cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\Windows\System32\DRIVERS\cdrom.sys
O41 - Driver: C:\Windows\System32\cscsvc.dll (CSC) . (.Microsoft Corporation - Windows Client Side Caching Driver.) - C:\Windows\System32\drivers\csc.sys
O41 - Driver: C:\Windows\System32\drivers\dfsc.sys (DfsC) . (.Microsoft Corporation - DFS Namespace Client Driver.) - C:\Windows\System32\Drivers\dfsc.sys
O41 - Driver: C:\Windows\System32\drivers\discache.sys (discache) . (.Microsoft Corporation - System Indexer/Cache Driver.) - C:\Windows\System32\drivers\discache.sys
O41 - Driver: (mssmbios) . (.Microsoft Corporation - System Management BIOS Driver.) - C:\Windows\System32\DRIVERS\mssmbios.sys
O41 - Driver: (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\Windows\System32\DRIVERS\netbios.sys
O41 - Driver: C:\Windows\System32\drivers\netbt.sys (NetBT) . (.Microsoft Corporation - MBT Transport driver.) - C:\Windows\System32\DRIVERS\netbt.sys
O41 - Driver: C:\Windows\System32\drivers\nsiproxy.sys (nsiproxy) . (.Microsoft Corporation - NSI Proxy.) - C:\Windows\System32\drivers\nsiproxy.sys
O41 - Driver: C:\Windows\System32\drivers\pacer.sys (Psched) . (.Microsoft Corporation - Agendador de pacotes QoS.) - C:\Windows\System32\DRIVERS\pacer.sys
O41 - Driver: C:\Windows\System32\wkssvc.dll (rdbss) . (.Microsoft Corporation - Controlador de Subsistema de Colocação em M.) - C:\Windows\System32\DRIVERS\rdbss.sys
O41 - Driver: C:\Windows\System32\DRIVERS\RDPCDD.sys (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\System32\DRIVERS\RDPCDD.sys
O41 - Driver: C:\Windows\System32\drivers\RDPENCDD.sys (RDPENCDD) . (.Microsoft Corporation - RDP Encoder Miniport.) - C:\Windows\System32\drivers\rdpencdd.sys
O41 - Driver: C:\Windows\System32\drivers\RdpRefMp.sys (RDPREFMP) . (.Microsoft Corporation - RDP Reflector Driver Miniport.) - C:\Windows\System32\drivers\rdprefmp.sys
O41 - Driver: setup_9.0.0.722_22.04.2013_05-21drv (setup_9.0.0.722_22.04.2013_05-21drv) . (.Kaspersky Lab - Klif Mini-Filter [fre_wlh_AMD64].) - C:\Windows\System32\DRIVERS\4427851.sys
O41 - Driver: C:\Windows\System32\tcpipcfg.dll (tdx) . (.Microsoft Corporation - TDI Translation Driver.) - C:\Windows\System32\DRIVERS\tdx.sys
O41 - Driver: (TermDD) . (.Microsoft Corporation - Remote Desktop Server Driver.) - C:\Windows\System32\DRIVERS\termdd.sys
O41 - Driver: (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\Windows\system32\drivers\vga.sys
O41 - Driver: C:\Windows\System32\rascfg.dll (Wanarpv6) . (.Microsoft Corporation - MS Remote Access and Routing ARP Driver.) - C:\Windows\System32\DRIVERS\wanarp.sys
O41 - Driver: (WfpLwf) . (.Microsoft Corporation - WFP NDIS 6.20 Lightweight Filter Driver.) - C:\Windows\System32\DRIVERS\wfplwf.sys
O41 - Driver: Ambiente de compatibilidade com fornecedores de serviços não IFS do Windows Socket 2.0 (ws2ifsl) . (.Microsoft Corporation - Camada IFS Winsock2.) - C:\Windows\system32\drivers\ws2ifsl.sys
~ Drivers: 81 Scanned in 00mn 00s



---\\ Software instalados (042)
O42 - Logiciel: 64 Bit HP CIO Components Installer - (.Hewlett-Packard.) [HKLM][64Bits] -- {BE930E38-7BB3-45B6-85B2-5251F374F844}
O42 - Logiciel: Adobe Flash Player 13 ActiveX - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- Adobe Flash Player ActiveX
O42 - Logiciel: Adobe Flash Player 14 Plugin - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- Adobe Flash Player Plugin
O42 - Logiciel: Adobe Reader XI (11.0.08) - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {AC76BA86-7AD7-1033-7B44-AB0000000001}
O42 - Logiciel: CCleaner - (.Piriform.) [HKLM][64Bits] -- CCleaner
O42 - Logiciel: CPUID CPU-Z 1.61 - (...) [HKLM][64Bits] -- CPUID CPU-Z_is1
O42 - Logiciel: Complemento Messenger - (.Microsoft Corporation.) [HKLM][64Bits] -- {3A09ED0F-8DDF-47BB-B53D-841AB9D1D3A7}
O42 - Logiciel: D3DX10 - (.Microsoft.) [HKLM][64Bits] -- {E09C4DB7-630C-4F06-A631-8EA7239923AF}
O42 - Logiciel: Dropbox - (.Dropbox, Inc..) [HKCU][64Bits] -- Dropbox
O42 - Logiciel: FLV Media Player version 1.3 - (.FLVMPlayer.) [HKLM][64Bits] -- {0E08BAC8-845B-4327-8CDB-4B0F8C9857A5}_is1 =>PUP.FLVMPlayer
O42 - Logiciel: Facebook Video Calling 2.0.0.447 - (.Skype Limited.) [HKLM][64Bits] -- {8DF41A9F-FE13-43E8-A003-5F9B55A011EE}
O42 - Logiciel: Flvto Youtube Downloader - (.Hotger.) [HKLM][64Bits] -- Flvto Youtube Downloader
O42 - Logiciel: Google Chrome - (.Google Inc..) [HKLM][64Bits] -- Google Chrome
O42 - Logiciel: Google Drive - (.Google, Inc..) [HKLM][64Bits] -- {C6640705-7479-4EE5-BC86-879F05F65E74}
O42 - Logiciel: Google Earth - (.Google.) [HKLM][64Bits] -- {4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E} =>.Google Inc
O42 - Logiciel: Google Earth Plug-in - (.Google.) [HKLM][64Bits] -- {4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E} =>.Google Inc
O42 - Logiciel: Google Talk Plugin - (.Google.) [HKLM][64Bits] -- {E121A4FE-009B-385B-BB0D-B934E2A88288}
O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM][64Bits] -- {A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
O42 - Logiciel: HP Photosmart Wireless B110 All-In-One Driver 14.0 Rel. 7 - (.HP.) [HKLM][64Bits] -- {014E482A-0C27-47E3-BA82-307E9DCA2F47} =>.Hewlett-Packard Co
O42 - Logiciel: Java 7 Update 65 - (.Oracle.) [HKLM][64Bits] -- {26A24AE4-039D-4CA4-87B4-2F83217051FF}
O42 - Logiciel: Junk Mail filter update - (.Microsoft Corporation.) [HKLM][64Bits] -- {1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}
O42 - Logiciel: Kobo - (.Kobo Inc..) [HKLM][64Bits] -- Kobo
O42 - Logiciel: LSI V92 MOH Application - (.LSI Corporation.) [HKLM][64Bits] -- LTMOH
O42 - Logiciel: MSVCRT - (.Microsoft.) [HKLM][64Bits] -- {8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}
O42 - Logiciel: MSVCRT110 - (.Microsoft.) [HKLM][64Bits] -- {8E14DDC8-EA60-4E18-B3E3-1937104D5BDA}
O42 - Logiciel: MSVCRT110_amd64 - (.Microsoft.) [HKLM][64Bits] -- {E9FA781F-3E80-4399-825A-AD3E11C28C77}
O42 - Logiciel: MSVCRT_amd64 - (.Microsoft.) [HKLM][64Bits] -- {D0B44725-3666-492D-BEF6-587A14BD9BD9}
O42 - Logiciel: MSXML 4.0 SP2 (KB954430) - (.Microsoft Corporation.) [HKLM][64Bits] -- {86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
O42 - Logiciel: MSXML 4.0 SP2 (KB973688) - (.Microsoft Corporation.) [HKLM][64Bits] -- {F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
O42 - Logiciel: Mesh Runtime - (.Microsoft Corporation.) [HKLM][64Bits] -- {8C6D6116-B724-4810-8F2D-D047E6B7D68E}
O42 - Logiciel: Messenger Companion - (.Microsoft Corporation.) [HKLM][64Bits] -- {3889988F-762B-4B85-AB17-71C9CC3AE445}
O42 - Logiciel: Messenger Companion - (.Microsoft Corporation.) [HKLM][64Bits] -- {50816F92-1652-4A7C-B9BC-48F682742C4B}
O42 - Logiciel: Microsoft Antimalware Service PT-PT Language Pack - (.Microsoft Corporation.) [HKLM][64Bits] -- {8AF5E619-22FB-450A-A85A-F20C147618B6}
O42 - Logiciel: Microsoft Security Client PT-PT Language Pack - (.Microsoft Corporation.) [HKLM][64Bits] -- {DC911ADF-7B60-40F2-A112-FB1EB6402D07}
O42 - Logiciel: Microsoft Silverlight - (.Microsoft Corporation.) [HKLM][64Bits] -- {89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
O42 - Logiciel: Microsoft SkyDrive - (.Microsoft Corporation.) [HKCU][64Bits] -- SkyDriveSetup.exe =>.Microsoft Corporation
O42 - Logiciel: NVIDIA Drivers - (.NVIDIA Corporation.) [HKLM][64Bits] -- NVIDIA Drivers
O42 - Logiciel: Revo Uninstaller 1.95 - (.VS Revo Group.) [HKLM][64Bits] -- Revo Uninstaller
O42 - Logiciel: Skype Click to Call - (.Microsoft Corporation.) [HKLM][64Bits] -- {6D1221A9-17BF-4EC0-81F2-27D30EC30701}
O42 - Logiciel: Skype™ 6.18 - (.Skype Technologies S.A..) [HKLM][64Bits] -- {7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}
O42 - Logiciel: SpyHunter - (.Enigma Software Group USA, LLC.) [HKLM][64Bits] -- {ACF5FE1B-3772-4068-8B87-2D2A6EFD0A05} =>Crapware.SpyHunter
O42 - Logiciel: Synaptics Pointing Device Driver - (.Synaptics.) [HKLM][64Bits] -- SynTPDeinstKey
O42 - Logiciel: System Requirements Lab for Intel - (.Husdawg, LLC.) [HKLM][64Bits] -- {1EBDF6D2-CEA0-484C-A23E-2DDAD7FD0DD0}
O42 - Logiciel: TOSHIBA Software Modem - (.LSI Corporation.) [HKLM][64Bits] -- TOSHIBA Software Modem
O42 - Logiciel: Viber - (.Viber Media Inc.) [HKCU][64Bits] -- Viber
O42 - Logiciel: ZON NET MOBILE - (...) [HKLM][64Bits] -- {93D34EE3-99B3-4DB1-8B0A-0A657466F90D}
O42 - Logiciel: avast! Internet Security v9.0.2021 - (.AVAST Software.) [HKLM][64Bits] -- Avast
~ Logic: 26 Scanned in 00mn 00s



---\\ HKCU & HKLM Software Keys
[HKCU\Software\ASProtect]
[HKCU\Software\AVAST Software]
[HKCU\Software\Adobe]
[HKCU\Software\AppDataLow\Software\JavaSoft]
[HKCU\Software\AppDataLow]
[HKCU\Software\Apple Computer, Inc.]
[HKCU\Software\Apple Inc.]
[HKCU\Software\BancoBest]
[HKCU\Software\BitTorrent] =>P2P.BitTorrent
[HKCU\Software\ChemTable Software]
[HKCU\Software\Classes]
[HKCU\Software\Clients]
[HKCU\Software\FlvtoConverter]
[HKCU\Software\Google]
[HKCU\Software\HWiNFO64]
[HKCU\Software\Hewlett-Packard]
[HKCU\Software\IM Providers]
[HKCU\Software\Icaros]
[HKCU\Software\Innovative Solutions]
[HKCU\Software\JavaSoft]
[HKCU\Software\Kobo]
[HKCU\Software\Licenses]
[HKCU\Software\Macromedia]
[HKCU\Software\Malwarebytes' Anti-Malware (portable)]
[HKCU\Software\McAfee]
[HKCU\Software\MetaGeek, LLC]
[HKCU\Software\Mirage]
[HKCU\Software\MozillaPlugins]
[HKCU\Software\NVIDIA Corporation]
[HKCU\Software\Naviextras]
[HKCU\Software\Netscape]
[HKCU\Software\ODBC]
[HKCU\Software\Opera Software]
[HKCU\Software\POIPedia]
[HKCU\Software\PTEID]
[HKCU\Software\Piriform]
[HKCU\Software\Policies]
[HKCU\Software\Priberam]
[HKCU\Software\Safer Networking Limited]
[HKCU\Software\Samsung]
[HKCU\Software\SkypeRS]
[HKCU\Software\Skype]
[HKCU\Software\SlimWare Utilities Inc]
[HKCU\Software\Sysinternals]
[HKCU\Software\System Requirements Lab]
[HKCU\Software\TAdvCheckList]
[HKCU\Software\Trolltech]
[HKCU\Software\VB and VBA Program Settings]
[HKCU\Software\VSRevoGroup]
[HKCU\Software\Wow6432Node]
[HKCU\Software\ZebHelpProcess Helper]
[HKCU\Software\eSupport.com]
[HKCU\Software\hotger]
[HKLM\Software\ATI Technologies]
[HKLM\Software\Agere]
[HKLM\Software\CPUID]
[HKLM\Software\Classes]
[HKLM\Software\Clients]
[HKLM\Software\EnigmaSoftwareGroup]
[HKLM\Software\GEAR Software]
[HKLM\Software\Hewlett-Packard]
[HKLM\Software\IM Providers]
[HKLM\Software\InstalledOptions]
[HKLM\Software\Intel]
[HKLM\Software\LSI]
[HKLM\Software\Macromedia]
[HKLM\Software\MozillaPlugins]
[HKLM\Software\Mozilla]
[HKLM\Software\NVIDIA Corporation]
[HKLM\Software\ODBC]
[HKLM\Software\Piriform]
[HKLM\Software\Policies]
[HKLM\Software\RegisteredApplications]
[HKLM\Software\Safer Networking Limited]
[HKLM\Software\Sonic]
[HKLM\Software\Synaptics]
[HKLM\Software\Wow6432Node\AVAST Software]
[HKLM\Software\Wow6432Node\Adobe]
[HKLM\Software\Wow6432Node\AdwCleaner]
[HKLM\Software\Wow6432Node\Anvisoft]
[HKLM\Software\Wow6432Node\Apple Inc.]
[HKLM\Software\Wow6432Node\AutoHelpDesk]
[HKLM\Software\Wow6432Node\BlueStacks]
[HKLM\Software\Wow6432Node\CallingID]
[HKLM\Software\Wow6432Node\Classes]
[HKLM\Software\Wow6432Node\Clients]
[HKLM\Software\Wow6432Node\Freemake]
[HKLM\Software\Wow6432Node\G Data]
[HKLM\Software\Wow6432Node\Google]
[HKLM\Software\Wow6432Node\Hewlett-Packard]
[HKLM\Software\Wow6432Node\IM Providers]
[HKLM\Software\Wow6432Node\Innovative Solutions]
[HKLM\Software\Wow6432Node\Intel]
[HKLM\Software\Wow6432Node\JavaSoft]
[HKLM\Software\Wow6432Node\JreMetrics]
[HKLM\Software\Wow6432Node\Macromedia]
[HKLM\Software\Wow6432Node\Malwarebytes' Anti-Malware (Trial)]
[HKLM\Software\Wow6432Node\Malwarebytes' Anti-Malware (portable)]
[HKLM\Software\Wow6432Node\Malwarebytes' Anti-Malware]
[HKLM\Software\Wow6432Node\McAfee.com]
[HKLM\Software\Wow6432Node\MozillaPlugins]
[HKLM\Software\Wow6432Node\Mozilla]
[HKLM\Software\Wow6432Node\Naviextras]
[HKLM\Software\Wow6432Node\ODBC]
[HKLM\Software\Wow6432Node\OldTimer Tools]
[HKLM\Software\Wow6432Node\Policies]
[HKLM\Software\Wow6432Node\RegisteredApplications]
[HKLM\Software\Wow6432Node\Safer Networking Limited]
[HKLM\Software\Wow6432Node\Skype]
[HKLM\Software\Wow6432Node\SoftExtreme]
[HKLM\Software\Wow6432Node\Swearware]
[HKLM\Software\Wow6432Node\Wondershare]
[HKLM\Software\Wow6432Node\mozilla.org]
[HKLM\Software\Wow6432Node]
~ Key Software: 193 Scanned in 00mn 00s



---\\ Conteúdo das pastas Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 15-11-2013 - 23:31:56 - [] ----D C:\Program Files (x86)\Adobe
O43 - CFD: 20-10-2013 - 21:40:05 - [0] ----D C:\Program Files (x86)\Anvisoft
O43 - CFD: 19-10-2013 - 08:59:42 - [] ----D C:\Program Files (x86)\B1 Free Archiver
O43 - CFD: 05-08-2012 - 22:49:50 - [0] ----D C:\Program Files (x86)\BancoBest
O43 - CFD: 03-08-2014 - 02:23:48 - [] ----D C:\Program Files (x86)\Common Files
O43 - CFD: 17-04-2014 - 20:11:24 - [0] ----D C:\Program Files (x86)\DsNET Corp
O43 - CFD: 18-03-2014 - 09:13:30 - [] ----D C:\Program Files (x86)\FLV Media Player
O43 - CFD: 13-05-2014 - 00:01:21 - [] ----D C:\Program Files (x86)\Flvto Youtube Downloader
O43 - CFD: 04-07-2013 - 09:08:10 - [] ----D C:\Program Files (x86)\Freemake
O43 - CFD: 20-07-2013 - 00:03:41 - [] ----D C:\Program Files (x86)\G Data
O43 - CFD: 29-06-2014 - 21:15:06 - [] ----D C:\Program Files (x86)\Google
O43 - CFD: 04-06-2014 - 11:02:55 - [0] ----D C:\Program Files (x86)\Hosts_Anti_Adwares_PUPs
O43 - CFD: 05-04-2014 - 00:45:49 - [] ----D C:\Program Files (x86)\HP
O43 - CFD: 03-08-2014 - 02:36:43 - [] --H-D C:\Program Files (x86)\InstallShield Installation Information
O43 - CFD: 04-07-2013 - 09:08:03 - [] ----D C:\Program Files (x86)\Internet Explorer
O43 - CFD: 03-08-2014 - 02:26:44 - [0] ----D C:\Program Files (x86)\IObit
O43 - CFD: 18-07-2014 - 00:03:46 - [] ----D C:\Program Files (x86)\Java
O43 - CFD: 26-04-2013 - 23:36:30 - [] ----D C:\Program Files (x86)\Kobo
O43 - CFD: 07-11-2012 - 00:37:48 - [] ----D C:\Program Files (x86)\MarkAny
O43 - CFD: 28-10-2013 - 23:40:43 - [0] ----D C:\Program Files (x86)\Microsoft
O43 - CFD: 06-11-2012 - 20:07:07 - [] ----D C:\Program Files (x86)\Microsoft Office
O43 - CFD: 25-07-2014 - 20:39:46 - [] ----D C:\Program Files (x86)\Microsoft Silverlight
O43 - CFD: 02-11-2012 - 17:12:16 - [] ----D C:\Program Files (x86)\Microsoft SkyDrive =>.Microsoft Corporation
O43 - CFD: 21-06-2012 - 17:38:18 - [] ----D C:\Program Files (x86)\Microsoft Visual Studio
O43 - CFD: 21-06-2012 - 17:34:39 - [] ----D C:\Program Files (x86)\Microsoft Visual Studio 8
O43 - CFD: 02-11-2012 - 17:46:41 - [] ----D C:\Program Files (x86)\Microsoft Works
O43 - CFD: 03-08-2012 - 14:33:30 - [] ----D C:\Program Files (x86)\Microsoft.NET
O43 - CFD: 30-06-2012 - 09:19:45 - [] ----D C:\Program Files (x86)\Mozilla Firefox
O43 - CFD: 21-06-2012 - 17:38:46 - [] ----D C:\Program Files (x86)\MSBuild
O43 - CFD: 07-07-2012 - 12:42:05 - [0] ----D C:\Program Files (x86)\MSXML 4.0
O43 - CFD: 09-04-2014 - 01:18:34 - [0] ----D C:\Program Files (x86)\Naviextras
O43 - CFD: 12-04-2013 - 23:38:58 - [] ----D C:\Program Files (x86)\Opera
O43 - CFD: 01-05-2013 - 20:38:28 - [] ----D C:\Program Files (x86)\Pendrive Virus Remover
O43 - CFD: 14-07-2009 - 06:32:38 - [] ----D C:\Program Files (x86)\Reference Assemblies
O43 - CFD: 23-12-2013 - 00:13:23 - [0] ----D C:\Program Files (x86)\Samsung
O43 - CFD: 30-11-2013 - 16:07:12 - [] ----D C:\Program Files (x86)\SecurityXploded
O43 - CFD: 06-08-2014 - 18:56:37 - [] R---D C:\Program Files (x86)\Skype
O43 - CFD: 03-08-2014 - 10:43:14 - [] ----D C:\Program Files (x86)\Spybot - Search & Destroy 2
O43 - CFD: 17-05-2014 - 21:31:01 - [0] ----D C:\Program Files (x86)\ssavee Nett =>PUP.SaveNet
O43 - CFD: 27-04-2014 - 11:08:51 - [] ----D C:\Program Files (x86)\SystemRequirementsLab
O43 - CFD: 14-07-2009 - 05:57:06 - [0] --H-D C:\Program Files (x86)\Uninstall Information
O43 - CFD: 09-12-2013 - 23:56:04 - [] ----D C:\Program Files (x86)\VS Revo Group
O43 - CFD: 03-08-2014 - 02:22:29 - [0] ----D C:\Program Files (x86)\Webfuel
O43 - CFD: 21-06-2012 - 11:21:21 - [] ----D C:\Program Files (x86)\Windows Defender
O43 - CFD: 01-11-2013 - 02:30:23 - [] ----D C:\Program Files (x86)\Windows Live
O43 - CFD: 21-06-2012 - 15:06:33 - [] ----D C:\Program Files (x86)\Windows Mail =>.Microsoft Corporation
O43 - CFD: 07-03-2013 - 16:10:37 - [] ----D C:\Program Files (x86)\Windows Media Player =>.Microsoft Corporation
O43 - CFD: 14-07-2009 - 06:32:38 - [] ----D C:\Program Files (x86)\Windows NT
O43 - CFD: 21-06-2012 - 11:21:22 - [] ----D C:\Program Files (x86)\Windows Photo Viewer
O43 - CFD: 14-07-2009 - 06:32:40 - [] ----D C:\Program Files (x86)\Windows Portable Devices
O43 - CFD: 21-06-2012 - 11:21:22 - [] ----D C:\Program Files (x86)\Windows Sidebar
O43 - CFD: 19-07-2014 - 00:39:28 - [0] ----D C:\Program Files (x86)\Wondershare
O43 - CFD: 15-09-2014 - 22:21:48 - [] ----D C:\Program Files (x86)\ZHPDiag =>.Nicolas Coolman
O43 - CFD: 10-04-2014 - 15:38:02 - [] ----D C:\Program Files (x86)\ZON NET MOBILE
O43 - CFD: 18-05-2014 - 22:01:26 - [] ----D C:\Program Files (x86)\Common Files\Adobe
O43 - CFD: 03-08-2014 - 02:42:57 - [] ----D C:\Program Files (x86)\Common Files\Apple
O43 - CFD: 15-05-2014 - 20:41:08 - [] ----D C:\Program Files (x86)\Common Files\DESIGNER
O43 - CFD: 20-07-2013 - 00:55:08 - [0] ----D C:\Program Files (x86)\Common Files\G Data
O43 - CFD: 03-07-2012 - 10:51:55 - [] ----D C:\Program Files (x86)\Common Files\Hewlett-Packard
O43 - CFD: 05-04-2014 - 00:45:49 - [] ----D C:\Program Files (x86)\Common Files\HP
O43 - CFD: 18-07-2014 - 00:04:15 - [] ----D C:\Program Files (x86)\Common Files\Java
O43 - CFD: 02-11-2012 - 17:46:52 - [] ----D C:\Program Files (x86)\Common Files\microsoft shared
O43 - CFD: 14-07-2009 - 04:20:08 - [] ----D C:\Program Files (x86)\Common Files\Services
O43 - CFD: 02-08-2014 - 14:01:52 - [] ----D C:\Program Files (x86)\Common Files\Skype
O43 - CFD: 14-07-2009 - 04:20:08 - [] ----D C:\Program Files (x86)\Common Files\SpeechEngines
O43 - CFD: 04-11-2012 - 03:52:32 - [] ----D C:\Program Files (x86)\Common Files\System
O43 - CFD: 21-06-2012 - 17:52:41 - [] ----D C:\Program Files (x86)\Common Files\Windows Live
O43 - CFD: 15-05-2014 - 01:03:24 - [] ----D C:\Program Files (x86)\Common Files\Wise Installation Wizard
O43 - CFD: 19-07-2014 - 00:07:58 - [] ----D C:\Program Files (x86)\Common Files\Wondershare
O43 - CFD: 23-12-2013 - 00:06:20 - [] ----D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
O43 - CFD: 15-11-2013 - 23:31:59 - [] ----D C:\ProgramData\Adobe
O43 - CFD: 20-05-2013 - 23:43:34 - [] ----D C:\ProgramData\Apple
O43 - CFD: 01-11-2013 - 02:01:06 - [] ----D C:\ProgramData\Apple Computer
O43 - CFD: 14-07-2009 - 06:08:56 - [] -SH-D C:\ProgramData\Application Data
O43 - CFD: 13-01-2014 - 11:23:50 - [] ----D C:\ProgramData\AVAST Software
O43 - CFD: 13-01-2014 - 11:30:22 - [] ----D C:\ProgramData\Avira
O43 - CFD: 10-07-2013 - 05:41:06 - [] ----D C:\ProgramData\BlueStacks
O43 - CFD: 10-07-2013 - 05:41:10 - [] ----D C:\ProgramData\BlueStacksSetup
O43 - CFD: 27-11-2013 - 12:43:52 - [] --H-D C:\ProgramData\Common Files
O43 - CFD: 17-05-2014 - 21:50:23 - [] ----D C:\ProgramData\dd88b75382065299
O43 - CFD: 14-07-2009 - 06:08:56 - [] -SH-D C:\ProgramData\Desktop
O43 - CFD: 14-07-2009 - 06:08:56 - [] -SH-D C:\ProgramData\Documents
O43 - CFD: 14-07-2009 - 06:08:56 - [] -SH-D C:\ProgramData\Favorites
O43 - CFD: 28-11-2013 - 22:54:05 - [0] ----D C:\ProgramData\Freemake
O43 - CFD: 20-07-2013 - 00:55:08 - [] ----D C:\ProgramData\G DATA
O43 - CFD: 03-04-2014 - 23:33:56 - [] ----D C:\ProgramData\HP
O43 - CFD: 17-05-2014 - 21:35:51 - [] ----D C:\ProgramData\InstallMate =>PUP.Tarma
O43 - CFD: 06-05-2014 - 18:34:51 - [] ----D C:\ProgramData\IObit
O43 - CFD: 12-08-2013 - 19:24:49 - [] ----D C:\ProgramData\Kaspersky Lab
O43 - CFD: 18-06-2014 - 09:30:02 - [] ----D C:\ProgramData\Launcher
O43 - CFD: 21-06-2012 - 16:05:04 - [] ----D C:\ProgramData\McAfee
O43 - CFD: 08-05-2014 - 15:13:43 - [] -S--D C:\ProgramData\Microsoft
O43 - CFD: 11-09-2014 - 03:09:34 - [] ----D C:\ProgramData\Microsoft Help
O43 - CFD: 02-11-2012 - 17:11:49 - [] ----D C:\ProgramData\Microsoft SkyDrive =>.Microsoft Corporation
O43 - CFD: 28-06-2012 - 13:38:51 - [] ----D C:\ProgramData\Mozilla
O43 - CFD: 21-06-2012 - 15:10:08 - [] ----D C:\ProgramData\NVIDIA
O43 - CFD: 18-07-2014 - 00:04:28 - [0] ----D C:\ProgramData\Oracle
O43 - CFD: 24-12-2012 - 23:49:34 - [] ----D C:\ProgramData\PassMark
O43 - CFD: 23-12-2013 - 00:12:07 - [] ----D C:\ProgramData\Samsung
O43 - CFD: 02-08-2014 - 14:02:42 - [] ----D C:\ProgramData\Skype
O43 - CFD: 03-08-2014 - 03:07:52 - [] ----D C:\ProgramData\Spybot - Search & Destroy
O43 - CFD: 14-07-2009 - 06:08:56 - [] -SH-D C:\ProgramData\Start Menu
O43 - CFD: 21-06-2012 - 15:41:15 - [] ----D C:\ProgramData\Sun
O43 - CFD: 20-10-2013 - 11:19:00 - [0] ----D C:\ProgramData\TEMP
O43 - CFD: 14-07-2009 - 06:08:56 - [] -SH-D C:\ProgramData\Templates
O43 - CFD: 26-02-2013 - 00:19:35 - [] ----D C:\ProgramData\VS Revo Group
O43 - CFD: 25-06-2012 - 20:52:35 - [] ----D C:\Users\Utilizador\AppData\Roaming\Adobe
O43 - CFD: 17-07-2014 - 23:53:01 - [] ----D C:\Users\Utilizador\AppData\Roaming\Apowersoft
O43 - CFD: 21-05-2013 - 00:03:42 - [] ----D C:\Users\Utilizador\AppData\Roaming\Apple Computer
O43 - CFD: 13-01-2014 - 14:32:00 - [] ----D C:\Users\Utilizador\AppData\Roaming\AVAST Software
O43 - CFD: 03-08-2012 - 18:11:55 - [] ----D C:\Users\Utilizador\AppData\Roaming\BancoBest
O43 - CFD: 16-05-2014 - 19:40:48 - [0] ----D C:\Users\Utilizador\AppData\Roaming\CBS Interactive
O43 - CFD: 06-03-2013 - 17:54:27 - [] ----D C:\Users\Utilizador\AppData\Roaming\ChemTable Software
O43 - CFD: 09-07-2014 - 08:41:56 - [] ----D C:\Users\Utilizador\AppData\Roaming\com.boonzi.desktop
O43 - CFD: 12-02-2014 - 21:35:30 - [0] ----D C:\Users\Utilizador\AppData\Roaming\driveridentifier
O43 - CFD: 13-04-2014 - 20:23:00 - [] ----D C:\Users\Utilizador\AppData\Roaming\Dropbox
O43 - CFD: 05-04-2014 - 20:46:15 - [] ----D C:\Users\Utilizador\AppData\Roaming\DropboxMaster
O43 - CFD: 14-06-2014 - 23:59:11 - [] ----D C:\Users\Utilizador\AppData\Roaming\FlvtoConverter
O43 - CFD: 21-06-2012 - 10:51:08 - [] ----D C:\Users\Utilizador\AppData\Roaming\Identities
O43 - CFD: 06-05-2014 - 18:34:49 - [] ----D C:\Users\Utilizador\AppData\Roaming\IObit
O43 - CFD: 25-06-2012 - 19:53:59 - [] ----D C:\Users\Utilizador\AppData\Roaming\Macromedia
O43 - CFD: 14-07-2009 - 08:45:14 - [0] ----D C:\Users\Utilizador\AppData\Roaming\Media Center Programs
O43 - CFD: 18-07-2014 - 00:05:04 - [] -S--D C:\Users\Utilizador\AppData\Roaming\Microsoft
O43 - CFD: 30-03-2014 - 01:12:42 - [] ----D C:\Users\Utilizador\AppData\Roaming\Mozilla
O43 - CFD: 07-04-2014 - 05:06:27 - [] ----D C:\Users\Utilizador\AppData\Roaming\naviextras
O43 - CFD: 12-04-2013 - 23:38:54 - [0] ----D C:\Users\Utilizador\AppData\Roaming\Opera
O43 - CFD: 11-12-2013 - 22:42:57 - [] ----D C:\Users\Utilizador\AppData\Roaming\Paltalk
O43 - CFD: 13-03-2014 - 23:30:20 - [0] ----D C:\Users\Utilizador\AppData\Roaming\PFStaticIP
O43 - CFD: 02-09-2014 - 21:29:29 - [] ----D C:\Users\Utilizador\AppData\Roaming\Skype
O43 - CFD: 27-04-2014 - 11:08:38 - [] ----D C:\Users\Utilizador\AppData\Roaming\SystemRequirementsLab
O43 - CFD: 12-02-2014 - 11:28:17 - [] ----D C:\Users\Utilizador\AppData\Roaming\ViberPC
O43 - CFD: 07-04-2014 - 00:53:25 - [] ----D C:\Users\Utilizador\AppData\Roaming\WinRAR
O43 - CFD: 15-09-2014 - 22:36:46 - [] ----D C:\Users\Utilizador\AppData\Roaming\ZHP =>.Nicolas Coolman
O43 - CFD: 19-08-2014 - 21:31:42 - [] ----D C:\Users\Utilizador\AppData\Local\Adobe
O43 - CFD: 20-10-2013 - 19:00:30 - [] ----D C:\Users\Utilizador\AppData\Local\Anvisoft
O43 - CFD: 20-05-2013 - 23:44:43 - [] ----D C:\Users\Utilizador\AppData\Local\Apple
O43 - CFD: 20-05-2013 - 23:58:35 - [] ----D C:\Users\Utilizador\AppData\Local\Apple Computer
O43 - CFD: 21-06-2012 - 10:50:41 - [] -SH-D C:\Users\Utilizador\AppData\Local\Application Data
O43 - CFD: 30-06-2012 - 09:36:42 - [] ----D C:\Users\Utilizador\AppData\Local\Apps
O43 - CFD: 03-08-2012 - 18:11:45 - [] ----D C:\Users\Utilizador\AppData\Local\BancoBest
O43 - CFD: 06-03-2014 - 13:13:35 - [] ----D C:\Users\Utilizador\AppData\Local\BeAnywhere Support Express
O43 - CFD: 03-03-2013 - 01:20:48 - [] ----D C:\Users\Utilizador\AppData\Local\ChemTable Software
O43 - CFD: 17-05-2014 - 21:30:30 - [] ----D C:\Users\Utilizador\AppData\Local\Comodo
O43 - CFD: 09-02-2013 - 00:07:52 - [0] ----D C:\Users\Utilizador\AppData\Local\CrashDumps
O43 - CFD: 30-06-2012 - 09:36:51 - [0] ----D C:\Users\Utilizador\AppData\Local\Deployment
O43 - CFD: 10-09-2014 - 15:09:17 - [] ----D C:\Users\Utilizador\AppData\Local\Diagnostics
O43 - CFD: 01-05-2013 - 20:34:07 - [] ----D C:\Users\Utilizador\AppData\Local\Downloaded Installations
O43 - CFD: 13-05-2014 - 00:02:12 - [] ----D C:\Users\Utilizador\AppData\Local\FlvtoYoutubeDownloader
O43 - CFD: 18-04-2013 - 23:13:41 - [] ----D C:\Users\Utilizador\AppData\Local\G DATA
O43 - CFD: 29-06-2014 - 21:15:15 - [] ----D C:\Users\Utilizador\AppData\Local\Google
O43 - CFD: 21-06-2012 - 10:50:41 - [] -SH-D C:\Users\Utilizador\AppData\Local\History
O43 - CFD: 27-11-2013 - 12:50:07 - [] ----D C:\Users\Utilizador\AppData\Local\Innovative Solutions
O43 - CFD: 13-03-2014 - 02:06:21 - [] ----D C:\Users\Utilizador\AppData\Local\IsolatedStorage
O43 - CFD: 26-04-2013 - 23:39:51 - [] ----D C:\Users\Utilizador\AppData\Local\Kobo
O43 - CFD: 29-06-2012 - 01:24:51 - [] ----D C:\Users\Utilizador\AppData\Local\Macromedia
O43 - CFD: 13-03-2014 - 12:16:30 - [] ----D C:\Users\Utilizador\AppData\Local\MetaGeek,_LLC
O43 - CFD: 18-07-2014 - 00:05:05 - [] ----D C:\Users\Utilizador\AppData\Local\Microsoft
O43 - CFD: 23-08-2013 - 19:46:37 - [] ----D C:\Users\Utilizador\AppData\Local\Microsoft Games
O43 - CFD: 05-07-2012 - 18:17:24 - [] ----D C:\Users\Utilizador\AppData\Local\Microsoft Help
O43 - CFD: 21-06-2012 - 15:46:24 - [] ----D C:\Users\Utilizador\AppData\Local\Mozilla
O43 - CFD: 13-03-2014 - 02:06:43 - [0] -SH-D C:\Users\Utilizador\AppData\Local\ms-drivers
O43 - CFD: 12-04-2013 - 23:38:55 - [0] ----D C:\Users\Utilizador\AppData\Local\Opera
O43 - CFD: 19-01-2013 - 20:04:32 - [] ----D C:\Users\Utilizador\AppData\Local\Programs
O43 - CFD: 23-12-2013 - 00:13:23 - [0] ----D C:\Users\Utilizador\AppData\Local\Samsung
O43 - CFD: 11-03-2014 - 12:26:33 - [] ----D C:\Users\Utilizador\AppData\Local\Skype
O43 - CFD: 18-07-2014 - 23:23:36 - [] ----D C:\Users\Utilizador\AppData\Local\SlimWare Utilities Inc
O43 - CFD: 15-09-2014 - 22:36:40 - [] ----D C:\Users\Utilizador\AppData\Local\Temp
O43 - CFD: 21-06-2012 - 10:50:41 - [] -SH-D C:\Users\Utilizador\AppData\Local\Temporary Internet Files
O43 - CFD: 12-02-2014 - 16:49:07 - [] ----D C:\Users\Utilizador\AppData\Local\Viber
O43 - CFD: 23-09-2012 - 14:35:17 - [] ----D C:\Users\Utilizador\AppData\Local\VirtualStore
O43 - CFD: 26-02-2013 - 00:20:08 - [] ----D C:\Users\Utilizador\AppData\Local\VS Revo Group
O43 - CFD: 18-03-2014 - 09:04:39 - [] ----D C:\Users\Utilizador\AppData\Local\Windows Live
O43 - CFD: 19-07-2014 - 00:08:00 - [] ----D C:\Users\Utilizador\AppData\Local\Wondershare
O43 - CFD: 14-07-2009 - 05:54:32 - [] R---D C:\Users\Utilizador\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
O43 - CFD: 12-07-2012 - 08:49:13 - [] R---D C:\Users\Utilizador\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
O43 - CFD: 20-10-2013 - 21:39:11 - [0] ----D C:\Users\Utilizador\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Anvisoft
O43 - CFD: 05-04-2014 - 20:43:00 - [] ----D C:\Users\Utilizador\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
O43 - CFD: 14-07-2009 - 05:49:38 - [] R---D C:\Users\Utilizador\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
O43 - CFD: 09-04-2014 - 01:18:34 - [0] ----D C:\Users\Utilizador\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Naviextras
O43 - CFD: 13-03-2014 - 23:21:27 - [] ----D C:\Users\Utilizador\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Portforward.com
O43 - CFD: 09-12-2013 - 23:56:06 - [] ----D C:\Users\Utilizador\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
O43 - CFD: 15-09-2014 - 15:57:22 - [] ----D C:\Users\Utilizador\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpyHunter =>Crapware.SpyHunter
O43 - CFD: 16-05-2014 - 19:37:36 - [] R---D C:\Users\Utilizador\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
~ Program Folder: 183 Scanned in 00mn 01s



---\\ Últimos ficheiros alterados ou criados no Windows e Sistema32 (044)
O44 - LFC:[MD5.66FC85C4728B6FBA8E7AAD59854F3730] - 11-09-2014 - 02:01:43 ---A- . (.Microsoft Corporation - Ferramenta de Remoção de Software Malicioso.) -- C:\Windows\System32\MRT.exe [101694776]
O44 - LFC:[MD5.79C3B9985E3F56E38192C7671D0D1E9D] - 15-09-2014 - 20:54:29 ---A- . (...) -- C:\PureRa.txt [2922]
O44 - LFC:[MD5.73DD0245BF6FE824A290FA16598DA671] - 15-09-2014 - 20:59:10 ---A- . (...) -- C:\PhysicalDisk0_MBR.bin [512]
O44 - LFC:[MD5.4CBBD738FA908C8E6FC3B138E042FA35] - 15-09-2014 - 21:29:52 ---A- . (...) -- C:\Windows\MEMORY.DMP [414698343]
O44 - LFC:[MD5.89D0478ADF86EA4B3A618AF462A8BBE4] - 15-09-2014 - 21:29:59 -S-A- . (...) -- C:\Windows\bootstat.dat [67584]
O44 - LFC:[MD5.D74E3C688AA4F552EB9F55CB8EA67170] - 15-09-2014 - 21:30:00 ---A- . (...) -- C:\Windows\setupact.log [56]
O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 15-09-2014 - 21:30:00 ---A- . (...) -- C:\Windows\setuperr.log [0]
O44 - LFC:[MD5.2AB8473B3099DBFEC94EC7F6D3975F6F] - 15-09-2014 - 21:34:29 ---A- . (...) -- C:\Windows\WindowsUpdate.log [44477]
~ Files: 8 Scanned in 00mn 34s



---\\ Exportar a chave da aplicação autorizada (047)
O47 - AAKE:Key Export SP - "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe" [Enabled] .(...) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe (.not file.)
O47 - AAKE:Key Export SP - "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe" [Enabled] .(...) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe (.not file.)
O47 - AAKE:Key Export SP - "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe" [Enabled] .(...) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe (.not file.)
O47 - AAKE:Key Export SP - "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe" [Enabled] .(...) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe (.not file.)
~ Keys Export: 4 Scanned in 00mn 00s



---\\ Negação do serviço (Local Security Authority) (048)
O48 - LSA:Local Security Authority Authentication Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\Windows\System32\msv1_0.dll
O48 - LSA:Local Security Authority Notification Packages . (.Microsoft Corporation - Motor cliente do editor de configuração de protecção do Windows.) -- C:\Windows\System32\scecli.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Pacote de segurança Kerberos.) -- C:\Windows\System32\kerberos.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\Windows\System32\msv1_0.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - TLS / SSL Security Provider.) -- C:\Windows\System32\schannel.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Digest Access.) -- C:\Windows\System32\wdigest.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Web Service Security Package.) -- C:\Windows\System32\tspkg.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Pku2u Security Package.) -- C:\Windows\System32\pku2u.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corp. - LiveSSP.) -- C:\Windows\System32\livessp.dll
~ LSA: 9 Scanned in 00mn 00s



---\\ Controlo do Modo de Segurança (CSB) (49)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sermouse.sys . (.Microsoft Corporation - Controlador de filtro de rato série.) -- C:\Windows\System32\Drivers\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\Windows\System32\Drivers\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vgasave.sys . (...) -- C:\Windows\System32\Drivers\vgasave.sys (.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\System32\Drivers\volmgr.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgrx.sys . (.Microsoft Corporation - Controlador de Extensão do Gestor de Volumes.) -- C:\Windows\System32\Drivers\volmgrx.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ipnat.sys . (.Microsoft Corporation - IP Network Address Translator.) -- C:\Windows\System32\Drivers\ipnat.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\nsiproxy.sys . (.Microsoft Corporation - NSI Proxy.) -- C:\Windows\System32\Drivers\nsiproxy.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpencdd.sys . (.Microsoft Corporation - RDP Encoder Miniport.) -- C:\Windows\System32\Drivers\rdpencdd.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sermouse.sys . (.Microsoft Corporation - Controlador de filtro de rato série.) -- C:\Windows\System32\Drivers\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\Windows\System32\Drivers\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vgasave.sys . (...) -- C:\Windows\System32\Drivers\vgasave.sys (.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\System32\Drivers\volmgr.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgrx.sys . (.Microsoft Corporation - Controlador de Extensão do Gestor de Volumes.) -- C:\Windows\System32\Drivers\volmgrx.sys
~ CSB: 13 Scanned in 00mn 00s
avatar
JoseCarlos
Membro
Membro

Mensagens : 159
Reputação : 0
Data de inscrição : 05/04/2014

Voltar ao Topo Ir em baixo

É dificil abrir o Browser

Mensagem por JoseCarlos em Seg 15 Set 2014, 18:48

---\\ Pesquisa de infeções nos drivers (HKLM)(TDSD) (O52)
O52 - TDSD: \Drivers32\"msacm.l3acm"="C:\Windows\System32\l3codeca.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm
O52 - TDSD: \drivers.desc\"C:\Windows\System32\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm
~ TDSD: 2 Scanned in 00mn 00s



---\\ Enumeração das chaves do registo StartupReg (SMSR) (O53)
O53 - SMSR:HKLM\...\startupreg\Adobe ARM [Key] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe =>.Adobe Systems Incorporated
O53 - SMSR:HKLM\...\startupreg\ccleaner [Key] . (.Piriform Ltd - CCleaner.) -- C:\Program Files\CCleaner\CCleaner64.exe =>.Piriform Ltd
O53 - SMSR:HKLM\...\startupreg\Facebook Update [Key] . (...) -- C:\Users\Utilizador\AppData\Local\Facebook\Update\FacebookUpdate.exe (.not file.)
O53 - SMSR:HKLM\...\startupreg\SDTray [Key] . (...) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe (.not file.)
O53 - SMSR:HKLM\...\startupreg\Spybot-S&D Cleaning [Key] . (...) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe (.not file.)
O53 - SMSR:HKLM\...\startupreg\uTorrent [Key] . (...) -- C:\Users\Utilizador\AppData\Roaming\uTorrent\uTorrent.exe (.not file.) =>P2P.µTorrent
~ SMSR Keys: 6 Scanned in 00mn 00s



---\\ Enumeração das chaves do registo SecurityProviders (MCSP) (O54)
O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\Windows\System32\credssp.dll
O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\Windows\System32\credssp.dll
~ MSCP: 2 Scanned in 00mn 00s



---\\ Enumeração das chaves do registo PoliciesSystem (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorAdmin"=5
O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorUser"=3
O55 - MWPS:[HKLM\...\Policies\System] - "EnableInstallerDetection"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableSecureUIAPaths"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableVirtualization"=1
O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=1
O55 - MWPS:[HKLM\...\Policies\System] - "ValidateAdminCodeSignatures"=0
O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"=0
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"=0
O55 - MWPS:[HKLM\...\Policies\System] - "scforceoption"=0
O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1
O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
O55 - MWPS:[HKLM\...\Policies\System] - "DisableRegistryTools"=0
O55 - MWPS:[HKCU\...\Policies\System] - "DisableRegistryTools"=0
O55 - MWPS:[HKCU\...\Policies\System] - "DisableTaskMgr"=0
~ MWPS: 19 Scanned in 00mn 00s



---\\ Enumeração das chaves do registo PoliciesExplorer (MWPE) (O56)
O56 - MWPE:[HKCU\...\policies\Explorer] - "NoDriveTypeAutoRun"=145
O56 - MWPE:[HKCU\...\policies\Explorer] - "NoLowDiskSpaceChecks"=1
O56 - MWPE:[HKCU\...\policies\Explorer] - "NoDrives"=0
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoDrives"=0
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoDriveTypeAutoRun"=145
~ MWPE Keys: 5 Scanned in 00mn 00s



---\\ Lista dos drivers do sistema (SDL) (O58)
O58 - SDL:10-10-2009 - 02:30:56 ---A- . (.Kaspersky Lab - Klif Mini-Filter [fre_wlh_AMD64].) -- C:\Windows\System32\Drivers\4427851.sys [352784]
O58 - SDL:25-09-2009 - 20:59:46 ---A- . (.Kaspersky Lab - Kaspersky Unified Driver.) -- C:\Windows\System32\Drivers\44278511.sys [157712]
O58 - SDL:22-10-2009 - 16:54:24 ---A- . (.Kaspersky Lab - Kaspersky Lab Boot Guard Driver.) -- C:\Windows\System32\Drivers\44278512.sys [40464]
O58 - SDL:14-07-2009 - 01:52:21 ---A- . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) -- C:\Windows\System32\Drivers\adp94xx.sys [491088]
O58 - SDL:14-07-2009 - 01:52:21 ---A- . (.Adaptec, Inc. - Adaptec Windows SATA Storport Driver.) -- C:\Windows\System32\Drivers\adpahci.sys [339536]
O58 - SDL:14-07-2009 - 01:52:21 ---A- . (.Adaptec, Inc. - Adaptec StorPort Ultra320 SCSI Driver (X64).) -- C:\Windows\System32\Drivers\adpu320.sys [182864]
O58 - SDL:01-01-2000 - 00:00:00 ---A- . (.LSI Corporation - SoftModem Device Driver.) -- C:\Windows\System32\Drivers\agrsm64.sys [1208320]
O58 - SDL:14-07-2009 - 01:52:21 ---A- . (.Acer Laboratories Inc. - ALi mini IDE Driver.) -- C:\Windows\System32\Drivers\aliide.sys [15440]
O58 - SDL:11-03-2011 - 06:22:41 ---A- . (.Advanced Micro Devices - AHCI 1.2 Device Driver.) -- C:\Windows\System32\Drivers\amdsata.sys [107904]
O58 - SDL:14-07-2009 - 01:52:20 ---A- . (.AMD Technologies Inc. - AMD Technology AHCI Compatible Controller Driver for Windows -.) -- C:\Windows\System32\Drivers\amdsbs.sys [194128]
O58 - SDL:11-03-2011 - 06:22:40 ---A- . (.Advanced Micro Devices - Storage Filter Driver.) -- C:\Windows\System32\Drivers\amdxata.sys [27008]
O58 - SDL:14-07-2009 - 01:52:21 ---A- . (.Adaptec, Inc. - Adaptec RAID Storport Driver.) -- C:\Windows\System32\Drivers\arc.sys [87632]
O58 - SDL:14-07-2009 - 01:52:21 ---A- . (.Adaptec, Inc. - Adaptec SAS RAID WS03 Driver.) -- C:\Windows\System32\Drivers\arcsas.sys [97856]
O58 - SDL:16-07-2014 - 18:56:39 ---A- . (...) -- C:\Windows\System32\Drivers\aswHwid.sys [29208] =>.ALWIL Software
O58 - SDL:16-07-2014 - 18:56:25 ---A- . (.AVAST Software - avast! Keyboard Filter Driver.) -- C:\Windows\System32\Drivers\aswKbd.sys [28184]
O58 - SDL:16-07-2014 - 18:56:39 ---A- . (.AVAST Software - avast! File System Minifilter for Windows 2003/Vista.) -- C:\Windows\System32\Drivers\aswMonFlt.sys [79184]
O58 - SDL:16-07-2014 - 18:56:18 ---A- . (.AVAST Software - avast! Filtering NDIS driver.) -- C:\Windows\System32\Drivers\aswNdisFlt.sys [448400]
O58 - SDL:08-05-2014 - 20:41:37 ---A- . (.AVAST Software - avast! Filtering NDIS driver.) -- C:\Windows\System32\Drivers\aswndisflt.sys.1400161449598 [447888]
O58 - SDL:16-07-2014 - 18:56:38 ---A- . (.AVAST Software - avast! WFP Redirect Driver.) -- C:\Windows\System32\Drivers\aswRdr2.sys [93568]
O58 - SDL:16-07-2014 - 18:56:39 ---A- . (...) -- C:\Windows\System32\Drivers\aswRvrt.sys [65776] =>.ALWIL Software
O58 - SDL:16-07-2014 - 18:56:39 ---A- . (.AVAST Software - avast! Virtualization Driver.) -- C:\Windows\System32\Drivers\aswsnx.sys [1041168]
O58 - SDL:08-05-2014 - 20:41:54 ---A- . (.AVAST Software - avast! Virtualization Driver.) -- C:\Windows\System32\Drivers\aswsnx.sys.1400161449598 [1039096]
O58 - SDL:16-07-2014 - 18:57:17 ---A- . (.AVAST Software - avast! self protection module.) -- C:\Windows\System32\Drivers\aswsp.sys [427360]
O58 - SDL:08-05-2014 - 20:41:54 ---A- . (.AVAST Software - avast! self protection module.) -- C:\Windows\System32\Drivers\aswsp.sys.1400161449598 [423240]
O58 - SDL:16-07-2014 - 18:56:39 ---A- . (.AVAST Software - Stream Filter.) -- C:\Windows\System32\Drivers\aswstm.sys [92008]
O58 - SDL:13-01-2014 - 12:59:33 ---A- . (.The OpenVPN Project - TAP-Windows Virtual Network Driver.) -- C:\Windows\System32\Drivers\aswTap.sys [44640]
O58 - SDL:16-07-2014 - 18:56:39 ---A- . (...) -- C:\Windows\System32\Drivers\aswVmm.sys [224896] =>.ALWIL Software
O58 - SDL:10-06-2009 - 20:34:23 ---A- . (.Broadcom Corporation - Broadcom NetXtreme Gigabit Ethernet NDIS6.x Unified Driver..) -- C:\Windows\System32\Drivers\b57nd60a.sys [270848]
O58 - SDL:13-02-2012 - 19:07:34 ---A- . (.Blue Coat Systems, Inc. - K9 Web Protection Driver.) -- C:\Windows\System32\Drivers\bckd.sys [108304]
O58 - SDL:10-06-2009 - 20:41:06 ---A- . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver.) -- C:\Windows\System32\Drivers\BrFiltLo.sys [18432]
O58 - SDL:10-06-2009 - 20:41:06 ---A- . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver.) -- C:\Windows\System32\Drivers\BrFiltUp.sys [8704]
O58 - SDL:14-07-2009 - 01:19:07 ---A- . (.Brother Industries Ltd. - Controlador Série Brother I/F(WDM).) -- C:\Windows\System32\Drivers\BrSerId.sys [286720]
O58 - SDL:10-06-2009 - 20:41:10 ---A- . (.Brother Industries Ltd. - Brother Serial driver (WDM version).) -- C:\Windows\System32\Drivers\BrSerWdm.sys [47104]
O58 - SDL:10-06-2009 - 20:41:10 ---A- . (.Brother Industries Ltd. - Brother USB MDM Driver.) -- C:\Windows\System32\Drivers\BrUsbMdm.sys [14976]
O58 - SDL:10-06-2009 - 20:41:10 ---A- . (.Brother Industries Ltd. - Brother USB Serial Driver.) -- C:\Windows\System32\Drivers\BrUsbSer.sys [14720]
O58 - SDL:10-06-2009 - 20:34:28 ---A- . (.Broadcom Corporation - Broadcom NetXtreme II GigE VBD.) -- C:\Windows\System32\Drivers\bxvbda.sys [468480]
O58 - SDL:14-07-2009 - 01:52:31 ---A- . (.CMD Technology, Inc. - CMD PCI IDE Bus Driver.) -- C:\Windows\System32\Drivers\cmdide.sys [17488]
O58 - SDL:10-06-2009 - 20:35:03 ---A- . (.Intel Corporation - Intel(R) PRO/100 Adapter NDIS 5.1 driver.) -- C:\Windows\System32\Drivers\eFE5b32e.sys [192256]
O58 - SDL:14-07-2009 - 01:47:48 ---A- . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\System32\Drivers\elxstor.sys [530496]
O58 - SDL:10-06-2009 - 20:34:33 ---A- . (.Broadcom Corporation - Broadcom NetXtreme II 10 GigE VBD.) -- C:\Windows\System32\Drivers\evbda.sys [3286016]
O58 - SDL:05-04-2013 - 22:48:44 ---A- . (.G Data Software AG - Behavior Blocker.) -- C:\Windows\System32\Drivers\GDBehave.sys [50552]
O58 - SDL:05-04-2013 - 22:48:39 ---A- . (.G Data Software AG - G Data WFP Callout Driver.) -- C:\Windows\System32\Drivers\gdwfpcd64.sys [65912]
O58 - SDL:05-04-2013 - 23:42:53 ---A- . (.G Data Software - G Data Rootkit Detector Driver.) -- C:\Windows\System32\Drivers\GRD.sys [106648]
O58 - SDL:10-06-2009 - 20:31:59 ---A- . (.Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for eHome.) -- C:\Windows\System32\Drivers\hcw85cir.sys [31232]
O58 - SDL:14-07-2009 - 01:47:48 ---A- . (.Hewlett-Packard Company - Smart Array SAS/SATA Controller Media Driver.) -- C:\Windows\System32\Drivers\HpSAMD.sys [77888]
O58 - SDL:11-03-2011 - 06:23:00 ---A- . (.Intel Corporation - Intel Matrix Storage Manager driver - x64.) -- C:\Windows\System32\Drivers\iaStorV.sys [410496]
O58 - SDL:14-07-2009 - 01:48:04 ---A- . (.Intel Corp./ICP vortex GmbH - Intel/ICP Raid Storport Driver.) -- C:\Windows\System32\Drivers\iirsp.sys [44112]
O58 - SDL:14-07-2009 - 01:48:04 ---A- . (.LSI Corporation - LSI Fusion-MPT FC Driver (StorPort).) -- C:\Windows\System32\Drivers\lsi_fc.sys [114752]
O58 - SDL:14-07-2009 - 01:48:04 ---A- . (.LSI Corporation - LSI Fusion-MPT SAS Driver (StorPort).) -- C:\Windows\System32\Drivers\lsi_sas.sys [106560]
O58 - SDL:14-07-2009 - 01:48:04 ---A- . (.LSI Corporation - LSI SAS Gen2 Driver (StorPort).) -- C:\Windows\System32\Drivers\lsi_sas2.sys [65600]
O58 - SDL:14-07-2009 - 01:48:04 ---A- . (.LSI Corporation - LSI Fusion-MPT SCSI Driver (StorPort).) -- C:\Windows\System32\Drivers\lsi_scsi.sys [115776]
O58 - SDL:14-07-2009 - 01:48:04 ---A- . (.LSI Corporation - MEGASAS RAID Controller Driver for Windows 7\Server 2008 R2 for.) -- C:\Windows\System32\Drivers\megasas.sys [35392]
O58 - SDL:14-07-2009 - 01:48:04 ---A- . (.LSI Corporation, Inc. - LSI MegaRAID Software RAID Driver.) -- C:\Windows\System32\Drivers\MegaSR.sys [284736]
O58 - SDL:05-04-2013 - 22:48:45 ---A- . (.G Data Software AG - Filesystem MiniInterceptor (Mini Filter).) -- C:\Windows\System32\Drivers\MiniIcpt.sys [110968]
O58 - SDL:10-06-2009 - 20:35:28 ---A- . (.Intel Corporation - Intel® Wireless WiFi Link Driver.) -- C:\Windows\System32\Drivers\netw5v64.sys [5434368]
O58 - SDL:06-05-2014 - 17:40:10 ---A- . (.Intel Corporation - Intel® Wireless WiFi Link Driver.) -- C:\Windows\System32\Drivers\NETwLv64.sys [7533568]
O58 - SDL:14-07-2009 - 01:48:26 ---A- . (.IBM Corporation - IBM ServeRAID Controller Driver.) -- C:\Windows\System32\Drivers\nfrd960.sys [51264]
O58 - SDL:11-02-2011 - 21:23:34 ---A- . (.CACE Technologies, Inc. - npf.sys (NT5/6 AMD64) Kernel Driver.) -- C:\Windows\System32\Drivers\npf.sys [35344]
O58 - SDL:06-03-2009 - 10:52:00 ---A- . (.NVIDIA Corporation - NVIDIA Compatible Windows Vista Kernel Mode Driver, Version 179.) -- C:\Windows\System32\Drivers\nvlddmkm.sys [9677600]
O58 - SDL:11-03-2011 - 06:23:06 ---A- . (.NVIDIA Corporation - NVIDIA® nForce(TM) RAID Driver.) -- C:\Windows\System32\Drivers\nvraid.sys [148352]
O58 - SDL:11-03-2011 - 06:23:06 ---A- . (.NVIDIA Corporation - NVIDIA® nForce(TM) Sata Performance Driver.) -- C:\Windows\System32\Drivers\nvstor.sys [166272]
O58 - SDL:05-04-2013 - 22:50:28 ---A- . (.G Data Software AG - WFP PktInterceptor 2 (Pkt2 Filter).) -- C:\Windows\System32\Drivers\PktIcpt.sys [59256]
O58 - SDL:14-07-2009 - 01:45:46 ---A- . (.QLogic Corporation - QLogic Fibre Channel Stor Miniport Driver.) -- C:\Windows\System32\Drivers\ql2300.sys [1524816]
O58 - SDL:14-07-2009 - 01:45:45 ---A- . (.QLogic Corporation - QLogic iSCSI Storport Miniport Driver.) -- C:\Windows\System32\Drivers\ql40xx.sys [128592]
O58 - SDL:10-06-2009 - 20:37:19 ---A- . (.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) -- C:\Windows\System32\Drivers\secdrv.sys [23040]
O58 - SDL:14-07-2009 - 01:45:45 ---A- . (.Silicon Integrated Systems Corp. - SiS RAID Stor Miniport Driver.) -- C:\Windows\System32\Drivers\sisraid2.sys [43584]
O58 - SDL:14-07-2009 - 01:45:46 ---A- . (.Silicon Integrated Systems - SiS AHCI Stor-Miniport Driver.) -- C:\Windows\System32\Drivers\sisraid4.sys [80464]
O58 - SDL:14-07-2009 - 01:45:55 ---A- . (.Promise Technology - Promise SuperTrak EX Series Driver for Windows.) -- C:\Windows\System32\Drivers\stexstor.sys [24656]
O58 - SDL:20-07-2014 - 17:07:24 ---A- . (...) -- C:\Windows\System32\Drivers\SWDUMon.sys [16152]
O58 - SDL:14-08-2008 - 09:40:44 ---A- . (.Synaptics, Inc. - Synaptics Touchpad Driver.) -- C:\Windows\System32\Drivers\SynTP.sys [260144]
O58 - SDL:16-10-2013 - 01:44:42 ---A- . (.Anchorfree Inc. - Anchorfree HSS VPN Adapter.) -- C:\Windows\System32\Drivers\taphss6.sys [42184]
O58 - SDL:01-01-2000 - 00:00:00 ---A- . (.Texas Instruments - tifm21.sys.) -- C:\Windows\System32\Drivers\tifm21.sys [314880]
O58 - SDL:14-07-2009 - 01:45:55 ---A- . (.VIA Technologies, Inc. - VIA Generic PCI IDE Bus Driver.) -- C:\Windows\System32\Drivers\viaide.sys [17488]
O58 - SDL:14-07-2009 - 01:45:55 ---A- . (.VIA Technologies Inc.,Ltd - VIA RAID DRIVER FOR AMD-X86-64.) -- C:\Windows\System32\Drivers\vsmraid.sys [161872]
O58 - SDL:30-03-2009 - 09:39:44 ---A- . (.ZTE Inc. - USB Modem/Serial Device Driver.) -- C:\Windows\System32\Drivers\ZTEusbmdm6k.sys [150656]
O58 - SDL:30-03-2009 - 09:39:56 ---A- . (.ZTE Corporation. - USB NDIS Miniport Driver.) -- C:\Windows\System32\Drivers\ZTEusbnet.sys [167424]
O58 - SDL:30-03-2009 - 09:40:02 ---A- . (.ZTE Inc. - USB Modem/Serial Device Driver.) -- C:\Windows\System32\Drivers\ZTEusbnmea.sys [150784]
O58 - SDL:30-03-2009 - 09:40:06 ---A- . (.ZTE Inc. - USB Modem/Serial Device Driver.) -- C:\Windows\System32\Drivers\ZTEusbser6k.sys [150656]
O58 - SDL:26-04-2014 - 00:13:18 ---A- . (.Phoenix Technologies - DriverAgent Direct I/O for 64-bit Windows.) -- C:\Windows\SysWOW64\drivers\DrvAgent64.SYS [21712]
O58 - SDL:05-06-2012 - 07:37:22 ---A- . (.Trend Micro Inc. - TrendMicro Common Module.) -- C:\Windows\SysWOW64\drivers\tmcomm.sys [256904]
~ Drivers: 80 Scanned in 00mn 03s



---\\ Últimos ficheiros alterados ou criados (Utilizador) (061)
O61 - LFC: 09-09-2014 - 22:37:33 ---A- . (...) -- C:\Users\Utilizador\AppData\Local\Adobe\Acrobat\11.0\UserCache.bin [116025]
O61 - LFC: 15-09-2014 - 22:37:44 R--A- . (...) -- C:\Users\Utilizador\AppData\Roaming\Microsoft\Installer\{ACF5FE1B-3772-4068-8B87-2D2A6EFD0A05}\Icon1226A4C5.exe [110080]
O61 - LFC: 15-09-2014 - 22:37:44 R--A- . (...) -- C:\Users\Utilizador\AppData\Roaming\Microsoft\Installer\{ACF5FE1B-3772-4068-8B87-2D2A6EFD0A05}\IconD7F16134.exe [110080]
O61 - LFC: 15-09-2014 - 22:37:44 R--A- . (...) -- C:\Users\Utilizador\AppData\Roaming\Microsoft\Installer\{ACF5FE1B-3772-4068-8B87-2D2A6EFD0A05}\IconF7A21AF7.exe [110080]
O61 - LFC: 15-09-2014 - 22:37:54 ---A- . (.Nicolas Coolman.) -- C:\Users\Utilizador\Downloads\ZHPDiag2 (2).exe [6860008] =>.Nicolas Coolman
~ 5 Fichiers temporaires (Temporary files)
~ 4 Fichiers cookies (Cookies files)
~ Files: 5 Scanned in 00mn 21s



---\\ Lista das ferramentas de remoção de vírus (LAT) (063)
O63 - Logiciel: ZHPDiag 2014 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =>.Nicolas Coolman
~ ADS: Scanned in 00mn 00s



---\\ Lista dos serviços Legacy du registo (064)
O64 - Services: CurCS - 25-09-2009 - C:\Windows\System32\DRIVERS\44278511.sys (44278511) .(.Kaspersky Lab - Kaspersky Unified Driver.) - LEGACY_44278511
O64 - Services: CurCS - 22-10-2009 - C:\Windows\System32\DRIVERS\44278512.sys (44278512) .(.Kaspersky Lab - Kaspersky Lab Boot Guard Driver.) - LEGACY_44278512
O64 - Services: CurCS - 16-07-2014 - C:\Windows\system32\drivers\aswHwid.sys (aswHwid) .(...) - LEGACY_ASWHWID
O64 - Services: CurCS - 16-07-2014 - C:\Windows\system32\drivers\aswMonFlt.sys (aswMonFlt) .(.AVAST Software - avast! File System Minifilter for Windows 2.) - LEGACY_ASWMONFLT
O64 - Services: CurCS - 16-07-2014 - C:\Windows\System32\DRIVERS\aswNdisFlt.sys (aswNdisFlt) .(.AVAST Software - avast! Filtering NDIS driver.) - LEGACY_ASWNDISFLT
O64 - Services: CurCS - 16-07-2014 - C:\Windows\system32\drivers\aswRdr2.sys (aswRdr) .(.AVAST Software - avast! WFP Redirect Driver.) - LEGACY_ASWRDR
O64 - Services: CurCS - 16-07-2014 - C:\Windows\System32\Drivers\aswRvrt.sys (aswRvrt) .(...) - LEGACY_ASWRVRT
O64 - Services: CurCS - 16-07-2014 - C:\Windows\system32\drivers\aswSnx.sys (aswSnx) .(.AVAST Software - avast! Virtualization Driver.) - LEGACY_ASWSNX
O64 - Services: CurCS - 16-07-2014 - C:\Windows\system32\drivers\aswSP.sys (aswSP) .(.AVAST Software - avast! self protection module.) - LEGACY_ASWSP
O64 - Services: CurCS - 16-07-2014 - C:\Windows\system32\drivers\aswStm.sys (aswStm) .(.AVAST Software - Stream Filter.) - LEGACY_ASWSTM
O64 - Services: CurCS - 16-07-2014 - C:\Windows\System32\Drivers\aswVmm.sys (aswVmm) .(...) - LEGACY_ASWVMM
O64 - Services: CurCS - 10-06-2009 - C:\Windows\System32\Drivers\secdrv.sys (secdrv) .(.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) - LEGACY_SECDRV
O64 - Services: CurCS - 10-10-2009 - C:\Windows\System32\DRIVERS\4427851.sys (setup_9.0.0.722_22.04.2013_05-21drv) .(.Kaspersky Lab - Klif Mini-Filter [fre_wlh_AMD64].) - LEGACY_SETUP_9.0.0.722_22.04.2013_05-21DRV
~ Legacy: 94 Scanned in 00mn 00s



---\\ Associações Shell Spawning (O67)
O67 - Shell Spawning: <.bat> <batfile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.cpl> <cplfile>[HKLM\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe =>.Microsoft Corporation
O67 - Shell Spawning: <.cmd> <cmdfile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.com> <ComFile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.evt> <evtfile>[HKLM\..\open\Command] (.Microsoft Corporation - Iniciador do Snap-in Visualizador de Eventos.) -- C:\Windows\System32\eventvwr.exe
O67 - Shell Spawning: <.exe> <exefile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.html> <htmlfile>[HKLM\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O67 - Shell Spawning: <.js> <jsfile>[HKLM\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\WScript.exe
O67 - Shell Spawning: <.reg> <regfile>[HKLM\..\open\Command] (.Microsoft Corporation - Editor de registo.) -- C:\Windows\regedit.exe
O67 - Shell Spawning: <.scr> <scrfile>[HKLM\..\open\Command] (...) -- "%1" /S
O67 - Shell Spawning: <.html> <ChromeHTML>[HKCU\..\open\Command] (.Not Key.)
O67 - Shell Spawning: <.com> <>[HKU\..\open\Command] (.Not Key.)
O67 - Shell Spawning: <.exe> <>[HKU\..\open\Command] (.Not Key.)
~ FASS Keys: 13 Scanned in 00mn 00s



---\\ Menu de inicialização Internet (068)
O68 - StartMenuInternet: <Google Chrome> <Google Chrome>[HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O68 - StartMenuInternet: <Opera> <Opera>[HKLM\..\Shell\open\Command] (.Not Key.)
~ Keys: Scanned in 00mn 00s



---\\ Pesquisa de infeção nos navegadores da Internet (SBI) (069)
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (Bing) - [Você precisa estar registrado e conectado para ver este link.]
O69 - SBI: SearchScopes [HKCU] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} - (Google) - [Você precisa estar registrado e conectado para ver este link.]
O69 - SBI: SearchScopes [HKCU] {938BDA3D-2E80-4EB6-B3A1-3669B2F67AB5} [DefaultScope] - (Yahoo) - [Você precisa estar registrado e conectado para ver este link.]
~ Keys: Scanned in 00mn 00s



---\\ Listagem dos serviços iniciados pelo Svchost (SSS) (O83)
O83 - Search Svchost Services: AeLookupSvc (AeLookupSvc) . (.Microsoft Corporation - Serviço Experiência de Aplicação.) -- C:\Windows\System32\aelupsvc.dll [72192]
O83 - Search Svchost Services: CertPropSvc (CertPropSvc) . (.Microsoft Corporation - Serviço de Propagação de Certificados de Smart Card da Microsoft.) -- C:\Windows\System32\certprop.dll [80384]
O83 - Search Svchost Services: SCPolicySvc (SCPolicySvc) . (.Microsoft Corporation - Serviço de Propagação de Certificados de Smart Card da Microsoft.) -- C:\Windows\System32\certprop.dll [80384]
O83 - Search Svchost Services: lanmanserver (lanmanserver) . (.Microsoft Corporation - DLL do Serviço de Servidor.) -- C:\Windows\System32\srvsvc.dll [236032]
O83 - Search Svchost Services: gpsvc (gpsvc) . (.Microsoft Corporation - Cliente de Política de Grupo.) -- C:\Windows\System32\gpsvc.dll [776192]
O83 - Search Svchost Services: IKEEXT (IKEEXT) . (.Microsoft Corporation - Extensão IKE.) -- C:\Windows\System32\ikeext.dll [845824]
O83 - Search Svchost Services: AudioSrv (AudioSrv) . (.Microsoft Corporation - Serviço de Áudio do Windows.) -- C:\Windows\System32\Audiosrv.dll [676864]
O83 - Search Svchost Services: Rasauto (Rasauto) . (.Microsoft Corporation - Gestor de Marcação Automática de Acesso Remoto.) -- C:\Windows\System32\rasauto.dll [99328]
O83 - Search Svchost Services: Rasman (Rasman) . (.Microsoft Corporation - Gestor de Ligação de Acesso Remoto.) -- C:\Windows\System32\rasmans.dll [343552]
O83 - Search Svchost Services: Remoteaccess (Remoteaccess) . (.Microsoft Corporation - Gestor de Interfaces Dinâmicas.) -- C:\Windows\System32\mprdim.dll [97792]
O83 - Search Svchost Services: SENS (SENS) . (.Microsoft Corporation - Serviço de Notificação de Eventos do Sistema (SENS).) -- C:\Windows\System32\sens.dll [64512]
O83 - Search Svchost Services: Sharedaccess (Sharedaccess) . (.Microsoft Corporation - Componentes do Microsoft NAT Helper.) -- C:\Windows\System32\ipnathlp.dll [359424]
O83 - Search Svchost Services: Tapisrv (Tapisrv) . (.Microsoft Corporation - Servidor de telefonia Microsoft® Windows(TM).) -- C:\Windows\System32\tapisrv.dll [316416]
O83 - Search Svchost Services: TermService (TermService) . (.Microsoft Corporation - Gestor de Ligações Remotas do Servidor de Anfitrião de Sessões de Ambi.) -- C:\Windows\System32\termsrv.dll [706560]
O83 - Search Svchost Services: wuauserv (wuauserv) . (.Microsoft Corporation - Windows Update Agent.) -- C:\Windows\System32\wuaueng.dll [2428952]
O83 - Search Svchost Services: BITS (BITS) . (.Microsoft Corporation - Serviço de transferência inteligente em segundo plano.) -- C:\Windows\System32\qmgr.dll [848384]
O83 - Search Svchost Services: ShellHWDetection (ShellHWDetection) . (.Microsoft Corporation - DLL de serviços da shell do Windows.) -- C:\Windows\System32\shsvcs.dll [369664]
O83 - Search Svchost Services: iphlpsvc (iphlpsvc) . (.Microsoft Corporation - Serviço que oferece conectividade IPv6 numa rede IPv4..) -- C:\Windows\System32\iphlpsvc.dll [565760]
O83 - Search Svchost Services: seclogon (seclogon) . (.Microsoft Corporation - DLL secundária de serviço de início de sessão.) -- C:\Windows\system32\seclogon.dll [30720]
O83 - Search Svchost Services: AppInfo (AppInfo) . (.Microsoft Corporation - Serviço de Informações sobre Aplicações.) -- C:\Windows\System32\appinfo.dll [70144]
O83 - Search Svchost Services: msiscsi (msiscsi) . (.Microsoft Corporation - Serviço de Detecção iSCSI.) -- C:\Windows\System32\iscsiexe.dll [156672]
O83 - Search Svchost Services: MMCSS (MMCSS) . (.Microsoft Corporation - Serviço do Programador de Classes de Multimédia.) -- C:\Windows\System32\mmcss.dll [67584]
O83 - Search Svchost Services: winmgmt (winmgmt) . (.Microsoft Corporation - WMI.) -- C:\Windows\System32\wbem\WMIsvc.dll [242688]
O83 - Search Svchost Services: SessionEnv (SessionEnv) . (.Microsoft Corporation - Serviço de Configuração do Ambiente de Trabalho Remoto.) -- C:\Windows\System32\sessenv.dll [104960]
O83 - Search Svchost Services: browser (browser) . (.Microsoft Corporation - DLL do Browser de Computador.) -- C:\Windows\System32\browser.dll [136704]
O83 - Search Svchost Services: EapHost (EapHost) . (.Microsoft Corporation - Serviço EAPHost da Microsoft.) -- C:\Windows\System32\eapsvc.dll [111104]
O83 - Search Svchost Services: schedule (schedule) . (.Microsoft Corporation - Serviço Programador de Tarefas.) -- C:\Windows\System32\schedsvc.dll [1114624]
O83 - Search Svchost Services: hkmsvc (hkmsvc) . (.Microsoft Corporation - Key Management Service.) -- C:\Windows\System32\kmsvc.dll [90624]
O83 - Search Svchost Services: wercplsupport (wercplsupport) . (.Microsoft Corporation - Relatórios e Soluções de Problemas.) -- C:\Windows\System32\wercplsupport.dll [84480]
O83 - Search Svchost Services: ProfSvc (ProfSvc) . (.Microsoft Corporation - ProfSvc.) -- C:\Windows\System32\profsvc.dll [208896]
O83 - Search Svchost Services: Themes (Themes) . (.Microsoft Corporation - DLL de Serviços de Tema da Shell do Windows.) -- C:\Windows\System32\themeservice.dll [44544]
O83 - Search Svchost Services: BDESVC (BDESVC) . (.Microsoft Corporation - Serviço BDE.) -- C:\Windows\System32\bdesvc.dll [100864]
O83 - Search Svchost Services: AppMgmt (AppMgmt) . (.Microsoft Corporation - Serviço de instalação de software.) -- C:\Windows\System32\appmgmts.dll [193536]
~ Services: 33 Scanned in 00mn 00s



---\\ Pesquisa adicional à raiz do sistema (radicular) (SPRF) (O84)
[MD5.64BAEC464B396B66A353D8FC2F42A4E3] [SPRF][31-07-2011] (.RaProducts.org - System Purification Tool.) -- C:\Users\Utilizador\Desktop\PureRa.exe [76565]
~ Files: 1 Scanned in 00mn 00s



---\\ Search Tracing Registry Key (O100)
HKLM\SOFTWARE\Microsoft\Tracing\RegHunter_RASAPI32 =>Crapware.RegHunter
HKLM\SOFTWARE\Microsoft\Tracing\RegHunter_RASMANCS =>Crapware.RegHunter
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\dlLogic_RASAPI32 =>Toolbar.Conduit
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\dlLogic_RASMANCS =>Toolbar.Conduit
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\searchprotect1204_RASAPI32 =>PUP.SearchProtect
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\searchprotect1204_RASMANCS =>PUP.SearchProtect
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\SEDownloader_RASAPI32 =>PUP.SoftwareEngine
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\SEDownloader_RASMANCS =>PUP.SoftwareEngine
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\uTorrent-2-_RASAPI32 =>P2P.µTorrent
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\uTorrent-2-_RASMANCS =>P2P.µTorrent
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\uTorrent_RASAPI32 =>P2P.µTorrent
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\uTorrent_RASMANCS =>P2P.µTorrent
~ BTK: 674 Scanned in 00mn 01s



---\\ Estado general dos serviços não Microsoft (EGS) (SR=Executados, SS=Parados)
SS - | Demand 19-08-2014 262320 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
SS - | Auto 17-02-2014 116648 | (gupdate) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 17-02-2014 116648 | (gupdatem) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Auto 23-10-2013 172192 | (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files (x86)\Skype\Updater\Updater.exe
SS - | Demand 10-07-1658 0 | (WMPNetworkSvc) . (...) - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe =>.Microsoft Corporation
SR - | Auto 21-12-2013 65432 | (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
SR - | Auto 01-01-2000 16896 | (AgereModemAudio) . (.LSI Corporation.) - C:\Program Files\LSI SoftModem\agr64svc.exe
SR - | Auto 16-07-2014 50344 | (avast! Antivirus) . (.AVAST Software.) - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
SR - | Auto 16-07-2014 106488 | (avast! Firewall) . (.AVAST Software.) - C:\Program Files\AVAST Software\Avast\afwServ.exe
SR - | Auto 14-07-2009 27136 | C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.dll (HPSLPSVC) . (.Hewlett-Packard Co..) - C:\Windows\System32\svchost.exe
SR - | Auto 14-07-2009 27136 | C:\Windows\system32\HPZinw12.dll (Net Driver HPZ12) . (.Hewlett-Packard.) - C:\Windows\System32\svchost.exe
SR - | Auto 06-03-2009 364064 | (nvsvc) . (.NVIDIA Corporation.) - C:\Windows\System32\nvvsvc.exe
SR - | Auto 14-07-2009 27136 | C:\Windows\system32\HPZipm12.dll (Pml Driver HPZ12) . (.Hewlett-Packard.) - C:\Windows\System32\svchost.exe
SR - | Auto 14-07-2009 27136 | C:\Program Files (x86)\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SR - | Auto 14-07-2009 27136 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
~ Services: Scanned in 00mn 13s



---\\ Pesquisa de infeção no Registo Mestre de Inicialização (MBR) (080)
Run by Utilizador at 15-09-2014 22:38:50
~ OS 64 not supported by MBR tool
~ MBR: 0 Scanned in 00mn 00s



---\\ Pesquisa de infeção no Registo Mestre de Inicialização (MBRCheck) (080)
Written by ad13, [Você precisa estar registrado e conectado para ver este link.]
Run by Utilizador at 15-09-2014 22:38:52
********* Dump file Name *********
C:\PhysicalDisk0_MBR.bin
~ MBR: Scanned in 00mn 02s



---\\ Scâner Aditional (088)
Database Version : 13026 - (28-08-2014)
Clés trouvées (Keys found) : 3
Valeurs trouvées (Values found) : 2
Dossiers trouvés (Folders found) : 3
Fichiers trouvés (Files found) : 2

[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{0E08BAC8-845B-4327-8CDB-4B0F8C9857A5}_is1] =>PUP.FLVMPlayer^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{ACF5FE1B-3772-4068-8B87-2D2A6EFD0A05}] =>Crapware.SpyHunter^
[HKLM\Software\Microsoft\Shared Tools\MSConfig\startupreg\uTorrent] =>P2P.µTorrent^
C:\Program Files (x86)\ssavee Nett =>PUP.SaveNet^
C:\ProgramData\InstallMate =>PUP.Tarma^
C:\Users\Utilizador\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpyHunter =>Crapware.SpyHunter^
[HKCU\Software\BitTorrent] =>P2P.BitTorrent^
C:\Users\Utilizador\Desktop\SpyHunter.lnk =>Crapware.SpyHunter
~ Additionnel Scan: 206183 Items scanned in 00mn 46s



---\\ Informações complémentaires do módulos
~ [Você precisa estar registrado e conectado para ver este link.] =>.Google Chrome, Arranque,Pesquisa,Extensões (G0,G1,G2)
~ [Você precisa estar registrado e conectado para ver este link.] =>.Google Chrome, Arranque,Pesquisa,Extensões (G0,G1,G2)
~ [Você precisa estar registrado e conectado para ver este link.] =>.Internet Explorer, Gestão do Proxy (R5)
~ [Você precisa estar registrado e conectado para ver este link.] =>.Browser Helper Objects do navegador (02)
~ [Você precisa estar registrado e conectado para ver este link.] =>.Aplicações iniciadas por registo & pastas (04)
~ AMI: 5 Scanned in 00mn 00s



---\\ Sumário das deteções encontradas na sua estação
[Você precisa estar registrado e conectado para ver este link.] =>Crapware.SpyHunter
[Você precisa estar registrado e conectado para ver este link.] =>PUP.Tarma
[Você precisa estar registrado e conectado para ver este link.] =>Crapware.RegHunter
[Você precisa estar registrado e conectado para ver este link.] =>Toolbar.Conduit
[Você precisa estar registrado e conectado para ver este link.] =>PUP.SearchProtect
[Você precisa estar registrado e conectado para ver este link.] =>PUP.SoftwareEngine
~ MSI: 6 link(s) detected in 00mn 00s



End of the scan (1158 lines in 03mn 52s)(0)
avatar
JoseCarlos
Membro
Membro

Mensagens : 159
Reputação : 0
Data de inscrição : 05/04/2014

Voltar ao Topo Ir em baixo

É dificil abrir o Browser

Mensagem por JoseCarlos em Seg 15 Set 2014, 18:51

Eu fiz a verificação com o Adwcleaner que nada detectou. O PureRa tem obstáculoes em eliminar. Por isso passei o ZHP em análise completa
avatar
JoseCarlos
Membro
Membro

Mensagens : 159
Reputação : 0
Data de inscrição : 05/04/2014

Voltar ao Topo Ir em baixo

Re: É dificil abrir o Browser

Mensagem por joram em Seg 15 Set 2014, 19:37

Boa Noite! JoseCarlos

> Desinstale: Spybot ( Este software está ultrapassado! )

-/-

> Execute este script na ferramenta ZHPFix.
> Selecione e copie estas informações que estão em vermelho,para o Bloco de Notas.
> Com o Bloco de Notas aberto,faça: ctrl+a >> ctrl+c ( Selecionar e Copiar )
> À seguir,minimize o Bloco de Notas.

Script ZHPFix
FirewallRaz
EmptyPrefetch
EmptyTemp
EmptyFlash
O4 - GS\Desktop [Public]: FLV Media Player.lnk . (...) -- C:\Program Files (x86)\FLV Media Player\FLVMPlayer.exe
O4 - GS\Desktop [Utilizador]: SpyHunter.lnk . (...) -- C:\Program Files (x86)\Enigma Software Group\SpyHunter\SpyHunter4.exe (.not file.)
O42 - Logiciel: FLV Media Player version 1.3 - (.FLVMPlayer.) [HKLM][64Bits] -- {0E08BAC8-845B-4327-8CDB-4B0F8C9857A5}_is1
O42 - Logiciel: SpyHunter - (.Enigma Software Group USA, LLC.) [HKLM][64Bits] -- {ACF5FE1B-3772-4068-8B87-2D2A6EFD0A05}
C:\Program Files (x86)\ssavee Nett
C:\ProgramData\InstallMate
C:\Users\Utilizador\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpyHunter
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\dlLogic_RASAPI32
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\dlLogic_RASMANCS
HKLM\SOFTWARE\Microsoft\Tracing\RegHunter_RASAPI32
HKLM\SOFTWARE\Microsoft\Tracing\RegHunter_RASMANCS
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\searchprotect1204_RASAPI32
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\searchprotect1204_RASMANCS
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\SEDownloader_RASAPI32
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\SEDownloader_RASMANCS
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{0E08BAC8-845B-4327-8CDB-4B0F8C9857A5}_is1]
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{ACF5FE1B-3772-4068-8B87-2D2A6EFD0A05}]
C:\Users\Utilizador\Desktop\SpyHunter.lnk


> Abra a ferramenta ZHPFix. < [Você precisa estar registrado e conectado para ver esta imagem.] >
> Clique IMPORTAÇÃO >> OK.
>  Ps: Ao clicar "OK",verifique se o campo está limpo para que receba,somente,as informações do script.
> Clique "GO".
> Poste o relatório!

A+
avatar
joram
Administrador
Administrador

Mensagens : 3719
Reputação : 416
Data de inscrição : 26/01/2014
Localização : Rio de Janeiro

Voltar ao Topo Ir em baixo

É dificil abrir o Browser

Mensagem por JoseCarlos em Seg 15 Set 2014, 20:05

Rapport de ZHPFix 2014.8.3.6 par Nicolas Coolman, Update du 03/08/2014
Fichier d'export Registre :
Run by Utilizador at 16-09-2014 00:04:13
High Elevated Privileges : OK
Windows 7 Ultimate Edition, 64-bit (Build 7600)

Reciclagem vazia (00mn 04s)
Prefetcher vazio

========== Softwares ==========
ELIMINÉ: FLV Media Player version 1.3

========== Chaves do Registo ==========
ELIMINÉ: HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\dlLogic_RASAPI32
ELIMINÉ: HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\dlLogic_RASMANCS
ELIMINÉ:* HKLM\SOFTWARE\Microsoft\Tracing\RegHunter_RASAPI32
ELIMINÉ:* HKLM\SOFTWARE\Microsoft\Tracing\RegHunter_RASMANCS
ELIMINÉ: HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\searchprotect1204_RASAPI32
ELIMINÉ: HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\searchprotect1204_RASMANCS
ELIMINÉ: HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\SEDownloader_RASAPI32
ELIMINÉ: HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\SEDownloader_RASMANCS
ELIMINÉ:* HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{ACF5FE1B-3772-4068-8B87-2D2A6EFD0A05}

========== Valores do Registo ==========
ELIMINÉ: FirewallRaz (SP) : C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
ELIMINÉ: FirewallRaz (SP) : C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
ELIMINÉ: FirewallRaz (SP) : C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe
ELIMINÉ: FirewallRaz (SP) : C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
Ausente Valor Perfil Domínio FirewallRaz :

========== Pastas ==========
ELIMINÉ Temporários windows (5)
ELIMINÉ Flash Cookies (0)
ELIMINÉ: c:\programdata\installmate

========== Ficheiros ==========
ELIMINÉ Temporários windows (6) (830.064 octets)
ELIMINÉ Flash Cookies (0) (0 octets)


========== Recapitulativo ==========
9 : Chaves do Registo
5 : Valores do Registo
3 : Pastas
2 : Ficheiros
1 : Softwares


End of clean in 00mn 16s

========== Caminho do ficheiro do relatório ==========
C:\Users\Utilizador\AppData\Roaming\ZHP\ZHPFix[R1].txt - 28-08-2014 09:34:11 [3180]
C:\Users\Utilizador\AppData\Roaming\ZHP\ZHPFix[R2].txt - 28-08-2014 22:19:31 [1171]
C:\Users\Utilizador\AppData\Roaming\ZHP\ZHPFix[R3].txt - 28-08-2014 23:09:42 [3336]
C:\Users\Utilizador\AppData\Roaming\ZHP\ZHPFix[R4].txt - 28-08-2014 11:22:22 [1069]
C:\Users\Utilizador\AppData\Roaming\ZHP\ZHPFix[R5].txt - 28-08-2014 08:53:50 [1814]
C:\Users\Utilizador\AppData\Roaming\ZHP\ZHPFix[R6].txt - 28-08-2014 13:34:09 [1464]
C:\Users\Utilizador\AppData\Roaming\ZHP\ZHPFix[R7].txt - 16-09-2014 00:04:18 [2517]
avatar
JoseCarlos
Membro
Membro

Mensagens : 159
Reputação : 0
Data de inscrição : 05/04/2014

Voltar ao Topo Ir em baixo

Re: É dificil abrir o Browser

Mensagem por joram em Seg 15 Set 2014, 20:58

Boa Noite! JoseCarlos

> Baixe: < Adware Removal Tool > ( ... by techsupportall.com )
> Salve-a no desktop!

[Você precisa estar registrado e conectado para ver esta imagem.]

> Execute o arquivo Adware-Removal-Tool-v3.5.exe <<

[Você precisa estar registrado e conectado para ver esta imagem.]

> Dê início a verificação,clicando em Scan.

[Você precisa estar registrado e conectado para ver esta imagem.]

> Ao concluir seu prescan,clique OK.
> Ps: Cada guia irá mostrar o que será removido!

[Você precisa estar registrado e conectado para ver esta imagem.]

> Clique "Next" >> Aguarde!

< Computador >> Windows (C:) >> Program Files >> Adware-Removal-Tool >> Reports >> Repair_Logs_2014_09_dia_h_min_seg.txt <<

> Poste o relatório!

Abs!
avatar
joram
Administrador
Administrador

Mensagens : 3719
Reputação : 416
Data de inscrição : 26/01/2014
Localização : Rio de Janeiro

Voltar ao Topo Ir em baixo

É difícil abrir o browser

Mensagem por JoseCarlos em Dom 28 Set 2014, 15:07

Foi concluído com sucesso a operação.
Obrigado.
avatar
JoseCarlos
Membro
Membro

Mensagens : 159
Reputação : 0
Data de inscrição : 05/04/2014

Voltar ao Topo Ir em baixo

Re: É dificil abrir o Browser

Mensagem por joram em Dom 28 Set 2014, 15:13

Caso Resolvido

Caso o autor do tópico necessite, o mesmo será reaberto, para isso deverá entrar em contato com um dos membros da Equipe da Moderação solicitando o desbloqueio.

_________________
Fórum PC Brasil >> O que há de melhor,para desinfectar seu computador!
Fórum SecSecurity >> Não deixem de conhecer!
Fórum iMasters >> Tradição em informática!
avatar
joram
Administrador
Administrador

Mensagens : 3719
Reputação : 416
Data de inscrição : 26/01/2014
Localização : Rio de Janeiro

Voltar ao Topo Ir em baixo

Re: É dificil abrir o Browser

Mensagem por Conteúdo patrocinado


Conteúdo patrocinado


Voltar ao Topo Ir em baixo

Ver o tópico anterior Ver o tópico seguinte Voltar ao Topo


 
Permissão deste fórum:
Você não pode responder aos tópicos neste fórum