É dificil abrir o Browser

por JoseCarlos Seg 15 Set 2014, 18:45

~ Relatório do ZHPDiag v2014.8.28.125 - Nicolas Coolman (28-08-2014)
~ Iniciado por Utilizador (15-09-2014 22:35:50)
~ Endereço do Website : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
~ Endereço do Webforum : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
~ Tradução pelo utilizador
~ Estatuto da versão : Nova Versão disponivel
~ Lista Branca : Desativado pelo Utilizador
~ Elevação dos Privilégios : OK
~ Controle de Conta de Utilizador : Activate by user

---\\ Navegadores Internet
MSIE: Internet Explorer v9.0.8112.16421 (Defaut)
GCIE: Google Chrome v37.0.2062.120

---\\ Informações sobre os produtos Windows
~ Langage: Portugais
Windows 7 Ultimate, 64-bit (Build 7600)
Windows Server License Manager Script : OK
Software Protection Service (Protection logicielle) : OK
Windows Automatic Updates : OK
Windows Activation Technologies : OK

---\\ Softwares de proteçao do sistema
avast! Internet Security v9.0.2021
Microsoft Security Client PT-PT Language Pack v2.1.1116.0
Windows Defender W7 (Activate)

---\\ Softwares d'optimização do sistema
CCleaner v3.20

---\\ Softwares de partilha do PeerToPeer (P2P)

---\\ Monitoramento dos softwares
Adobe Flash Player 14 Plugin
Adobe Reader XI

---\\ Informações sobre o sistema
~ Processor: Intel64 Family 6 Model 15 Stepping 6, GenuineIntel
~ Operating System: 64 Bits
Boot mode: Normal (Normal boot)
Total RAM: 2046 MB (37% free)
System Restore: Activé (Enable)
System drive C: has 239 GB (80%) free of 298 GB

---\\ Modo de conexão ao sistema
~ Computer Name: TOSHIBAA100
~ User Name: Utilizador
~ All Users Names: Utilizador, Guest, Administrator,
~ Unselected Option: None
Logged in as Administrator

---\\ As variáveis de ambiente
~ System Unit : C:\
~ %AppZHP% : C:\Users\Utilizador\AppData\Roaming\ZHP\
~ %AppData% : C:\Users\Utilizador\AppData\Roaming\
~ %Desktop% : C:\Users\Utilizador\Desktop\
~ %Favorites% : C:\Users\Utilizador\Favorites\
~ %LocalAppData% : C:\Users\Utilizador\AppData\Local\
~ %StartMenu% : C:\Users\Utilizador\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\

---\\ Enumeração das unidades dos discos
C: Hard drive, Flash drive, Thumb drive (Free 239 Go of 298 Go)
D: CD-ROM drive (Not Inserted)

---\\ Estado do Centro de Segurança do Windows
[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center] FirewallDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center] UpdatesDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] DisableTaskMgr: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] DisableRegistryTools: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings] WarnOnHTTPSToHTTPRedirect: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
[HKLM\SYSTEM\CurrentControlSet\Services\COMSysApp] Type: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime : OK
~ Security Center: 49 Scanned in 00mn 00s

---\\ Pesquisa particular de ficheiros genéricos
[MD5.0862495E0C825893DB75EF44FAEA8E93] - (.Microsoft Corporation - Explorador do Windows.) (.26-02-2011 - 06:23:14.) -- C:\Windows\Explorer.exe [2870272]
[MD5.94355C28C1970635A31B3FE52EB7CEBA] - (.Microsoft Corporation - Aplicação de Arranque do Windows.) (.14-07-2009 - 01:39:52.) -- C:\Windows\System32\Wininit.exe [129024]
[MD5.A4F6142CABA82FB7293ECE5FF864B440] - (.Microsoft Corporation - Extensões da Internet para Win32.) (.22-02-2013 - 06:20:51.) -- C:\Windows\System32\wininet.dll [1392128]
[MD5.DA3E2A6FA9660CC75B471530CE88453A] - (.Microsoft Corporation - Aplicação de início de sessão do Windows.) (.28-10-2009 - 06:24:40.) -- C:\Windows\System32\Winlogon.exe [389632]
[MD5.75341574F21E766748732BDF530C74BD] - (.Microsoft Corporation - Biblioteca de Licenciamento de Software.) (.14-07-2009 - 01:41:54.) -- C:\Windows\System32\sppcomapi.dll [231936]
[MD5.DB9D6C6B2CD95A9CA414D045B627422E] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.28-12-2011 - 03:59:11.) -- C:\Windows\system32\Drivers\AFD.sys [499200]
[MD5.02062C0B390B7729EDC9E69C680A6F3C] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.14-07-2009 - 01:52:21.) -- C:\Windows\system32\Drivers\atapi.sys [24128]
[MD5.B8BD2BB284668C84865658C77574381A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.13-07-2009 - 23:19:47.) -- C:\Windows\system32\Drivers\Cdfs.sys [92160]
[MD5.83D2D75E1EFB81B3450C18131443F7DB] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.13-07-2009 - 23:19:54.) -- C:\Windows\system32\Drivers\Cdrom.sys [147456]
[MD5.9C253CE7311CA60FC11C774692A13208] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.27-04-2011 - 02:57:40.) -- C:\Windows\system32\Drivers\DfsC.sys [102400]
[MD5.0A49913402747A0B67DE940FB42CBDBB] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.14-07-2009 - 00:06:13.) -- C:\Windows\system32\Drivers\HDAudBus.sys [122368]
[MD5.FA55C73D4AFFA7EE23AC4BE53B4592D3] - (.Microsoft Corporation - Controlador de porta i8042.) (.13-07-2009 - 23:19:57.) -- C:\Windows\system32\Drivers\i8042prt.sys [105472]
[MD5.AF9B39A7E7B6CAA203B3862582E9F2D0] - (.Microsoft Corporation - IP Network Address Translator.) (.14-07-2009 - 00:10:03.) -- C:\Windows\system32\Drivers\IpNat.sys [116224]
[MD5.040D62A9D8AD28922632137ACDD984F2] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.04-05-2011 - 02:51:08.) -- C:\Windows\system32\Drivers\MRxSmb.sys [157696]
[MD5.9162B273A44AB9DCE5B44362731D062A] - (.Microsoft Corporation - MBT Transport driver.) (.13-07-2009 - 23:21:29.) -- C:\Windows\system32\Drivers\netBT.sys [259072]
[MD5.9A6089B056EA1B83B36424FC9D0A300E] - (.Microsoft Corporation - Controlador de Sistema de Ficheiros NT.) (.12-04-2013 - 14:36:37.) -- C:\Windows\system32\Drivers\ntfs.sys [1653096]
[MD5.0086431C29C35BE1DBC43F52CC273887] - (.Microsoft Corporation - Controlador de porta paralela.) (.14-07-2009 - 00:00:41.) -- C:\Windows\system32\Drivers\Parport.sys [97280]
[MD5.87A6E852A22991580D6D39ADC4790463] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.14-07-2009 - 00:10:12.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [130048]
[MD5.9706B84DBABFC4B4CA46C5A82B14DFA3] - (.Microsoft Corporation - Microsoft RDP Device redirector.) (.14-07-2009 - 00:18:02.) -- C:\Windows\system32\Drivers\rdpdr.sys [165376]
[MD5.548260A7B8654E024DC30BF8A7C5BAA4] - (.Microsoft Corporation - SMB Transport driver.) (.14-07-2009 - 00:09:09.) -- C:\Windows\system32\Drivers\smb.sys [93184]
[MD5.079125C4B17B01FCAEEBCE0BCB290C0F] - (.Microsoft Corporation - TDI Translation Driver.) (.13-07-2009 - 23:21:15.) -- C:\Windows\system32\Drivers\tdx.sys [99840]
[MD5.9E425AC5C9A5A973273D169F43B4F5E1] - (.Microsoft Corporation - Controlador de cópia sombra do volume.) (.06-09-2012 - 17:38:18.) -- C:\Windows\system32\Drivers\volsnap.sys [295792]
~ Generic Processes: Scanned in 00mn 00s

---\\ Estatuto dos ficheiros ocultos (Oculto/Total)
~ Mes images (My Pictures) : 1/18
~ Mes musiques (My Musics) : 1/8
~ Mes Videos (My Videos) : 1/2
~ Mes Favoris (My Favorites) : 1/22
~ Mes Documents (My Documents) : 1/2991
~ Mon Bureau (My Desktop) : 10/28
~ Menu demarrer (Programs) : 1/36
~ Hidden Files: Scanned in 00mn 10s

---\\ Processos lançados
[MD5.26B558B2D31C7425B455B00E562EAD93] - (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\avastui.exe [4085896] [PID.3368]
[MD5.AC08A03D7E579E2903925736E7AB48F2] - (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [852808] [PID.3200]
[MD5.D6D0EB77C43224ABC8E137FACDAED88E] - (.Google - Hangouts Plugin.) -- C:\Users\Utilizador\AppData\Local\Google\Google Talk Plugin\googletalkplugin.exe [64384] [PID.3912]
[MD5.33BF80A2291C54DC7D7601CDEF63138E] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [8099328] [PID.1316]
[MD5.73F5C13B431915BAE35254B4E95DFB71] - (.AVAST Software - avast! Service.) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344] [PID.1292]
[MD5.D386D51B1839E208EF7CCFBFA964638E] - (.AVAST Software - avast! firewall service.) -- C:\Program Files\AVAST Software\Avast\afwServ.exe [106488] [PID.1556]
[MD5.B362181ED3771DC03B4141927C80F801] - (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [65432] [PID.1648]
[MD5.1F79342D9EB530A48742F651E570983A] - (.Microsoft Corporation - Updates Skype Click to Call.) -- C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176] [PID.1736]
[MD5.E4938E0A376CF0B9D989EE5C0A146891] - (.Microsoft Corporation - Phone Number Recognition (PNR) module.) -- C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520] [PID.1764]
[MD5.506708142BC63DABA64F2D3AD1DCD5BF] - (.Google Inc. - Instalador do Google.) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [116648] [PID.1536]
[MD5.397D14958D6C9C2B365469A857B2AC4E] - (.Google Inc. - Google Crash Handler.) -- C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler.exe [230792] [PID.152]
~ Processes Running: Scanned in 00mn 02s

---\\ Google Chrome, Arranque,Pesquisa,Extensões (G0,G1,G2)
C:\Users\Utilizador\AppData\Local\Google\Chrome\User Data\Default\Preferences
G1 - GCS: Preference [User Data\Default] None
G0 - GCSP: Preference [User Data\Default][HomePage] EDA955527356170E0873561558F1BFAE9894F03D9F531430B1EC483968E2F301
G2 - GCE: Preference [User Data\Default] [ahfgeienlihckogmohjhadlkjgocpleb] Loja v.0.2 (Activé)
G2 - GCE: Preference [User Data\Default] [apdfllckaahabafndbhieahigkjlhalf] Google Drive v.6.3 (Activé)
G2 - GCE: Preference [User Data\Default] [blpcfgokakmgnkcojhhkbfbldkacnbeo] YouTube v.4.2.6 (Activé)
G2 - GCE: Preference [User Data\Default] [coobgpohoikkiipiblmjeljniedjpjpf] Pesquisa do Google v.0.0.0.20 (Activé)
G2 - GCE: Preference [User Data\Default] [eemcgdkfndhakfknompkggombfjjjeno] Bookmark Manager v.0.1 (Activé)
G2 - GCE: Preference [User Data\Default] [ennkphjdgehloodpbhlhldgbnhmacadg] Settings v.0.2 (Activé)
G2 - GCE: Preference [User Data\Default] [gfdkimpbcpahaombhbimeihdjnejgicl] Feedback v.1.0 (Activé)
G2 - GCE: Preference [User Data\Default] [gomekmidlodglbbmalcneegieacbdmki] avast! Online Security v.9.0.2022.121, (Activé)
G2 - GCE: Preference [User Data\Default] [kmendfapggjehodndflmmgagdbamhnfd] CryptoTokenExtension v.0.0.1 (Activé)
G2 - GCE: Preference [User Data\Default] [lifbcibllhkdhoafpjfnlhfpfgnpldfl] Skype Click to Call v.7.3.16540.9015, (Activé)
G2 - GCE: Preference [User Data\Default] [mfehgcgbbipciphmccgaenjidiccnmng] Cloud Print v.0.1 (Activé)
G2 - GCE: Preference [User Data\Default] [mfffpogegjflfpflabcdkioaeobkgjik] GaiaAuthExtension v.0.0.1, (Activé)
G2 - GCE: Preference [User Data\Default] [mgndgikekgjfcpckkfioiadnlibdjbkf] Chrome v.0.1 (Activé)
G2 - GCE: Preference [User Data\Default] [neajdppkdcdipfabeoofebfddakdcjhd] Google Network Speech v.1.0 (Activé)
G2 - GCE: Preference [User Data\Default] [nkeimhogjdpnpccoofpliimaahmaaome] Google+ Hangouts v.1.0 (Activé)
G2 - GCE: Preference [User Data\Default] [nmmhkkegccagdldgiimedpiccmgmieda] Google Wallet v.0.0.6.1 (Activé)
G2 - GCE: Preference [User Data\Default] [pafkbggdmjlpgkdkcbjmhmfcdpncadgh] Google Now v.1.2.0.1 (Activé)
G2 - GCE: Preference [User Data\Default] [pjkljhegncpnkpknbcohdijeoejaedia] Gmail v.7 (Activé)

---\\ Pasta de extensão do Google Chrome
G2 - EXT: C:\Users\Utilizador\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [Google Drive]
G2 - EXT: C:\Users\Utilizador\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [YouTube]
G2 - EXT: C:\Users\Utilizador\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [Pesquisa do Google]
G2 - EXT: C:\Users\Utilizador\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [avast! Online Security]
G2 - EXT: C:\Users\Utilizador\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [Google Wallet]
G2 - EXT: C:\Users\Utilizador\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [Gmail]
~ Google Lines Browser: 26 Scanned in 00mn 05s

---\\ Mozilla Firefox, Plugins,Arranque,Pesquisa,Extensões (P2,M0,M1,M2,M3)
P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (...) -- C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_179.dll
P2 - FPN: [HKLM] [@Microsoft.com/NpCtrl,version=1.0] - (. Microsoft Corporation - 5.1.30514.0.) -- c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll
P2 - FPN: [HKCU] [@Skype Limited.com/Facebook Video Calling Plugin] - (...) -- C:\Users\Utilizador\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (.not file.)
P2 - FPN: [HKCU] [@talk.google.com/GoogleTalkPlugin] - (.Google - Version 5.2.4.18058.) -- C:\Users\Utilizador\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll
P2 - FPN: [HKCU] [@talk.google.com/O1DPlugin] - (.Google - Version 5.2.4.18058.) -- C:\Users\Utilizador\AppData\Roaming\Mozilla\plugins\npo1d.dll
P2 - FPN: [HKCU] [@tools.google.com/Google Update;version=3] - (.Google Inc. - Google Update.) -- C:\Users\Utilizador\AppData\Local\Google\Update\1.3.22.5\npGoogleUpdate3.dll
P2 - FPN: [HKCU] [@tools.google.com/Google Update;version=9] - (.Google Inc. - Google Update.) -- C:\Users\Utilizador\AppData\Local\Google\Update\1.3.22.5\npGoogleUpdate3.dll
~ Firefox Browser: 7 Scanned in 00mn 00s

---\\ Internet Explorer, Arranque, Pesquisa, URLSearchHook( gancho de URL), Phishing (R0,R1,R3,R4)
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R0 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R3 - URLSearchHook: Microsoft Url Search Hook [64Bits] - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Browser.) (9.00.8112.16421 (WIN7_IE9_RTM.110308-0330)) -- C:\Windows\SysWOW64\ieframe.dll
R4 - HKLM\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,EnabledV8 = 0
R4 - HKCU\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,Enabled = 2
R4 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\PhishingFilter,EnabledV8 = 0
~ IE Browser: 18 Scanned in 00mn 00s

---\\ Internet Explorer, Gestão do Proxy (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s

---\\ Análise das linhas F0, F1, F2, F3 - Ficheiros ini, Carregamento Automático de programas
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys: Scanned in 00mn 00s

---\\ Redireção do ficheiro Hosts (01)
~ Le fichier hôte est sain (The hosts file is clean) (669)
~ Hosts File: Scanned in 00mn 00s

---\\ Browser Helper Objects do navegador (02)
O2 - BHO: Java(tm) Plug-In SSV Helper [64Bits] - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} . (.Oracle Corporation - Java(TM) Platform SE binary.) -- C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: avast! Online Security [64Bits] - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} . (.AVAST Software - IE Webrep plugin.) -- C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: SkypeIEPluginBHO [64Bits] - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} . (.Microsoft Corporation - Skype Click to Call IE Add-on.) -- C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper [64Bits] - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Oracle Corporation - Java(TM) Platform SE binary.) -- C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
~ BHO: 6 Scanned in 00mn 00s

---\\ Outras conexões do utilizador (04)
O4 - GS\Desktop [Public]: FLV Media Player.lnk . (...) -- C:\Program Files (x86)\FLV Media Player\FLVMPlayer.exe =>PUP.FLVMPlayer
O4 - GS\Desktop [Utilizador]: SpyHunter.lnk . (...) -- C:\Program Files (x86)\Enigma Software Group\SpyHunter\SpyHunter4.exe (.not file.) =>Crapware.SpyHunter
~ Global Startup: 2 Scanned in 00mn 04s

---\\ Aplicações iniciadas por registo & pastas (04)
O4 - HKLM\..\Wow6432Node\Run: [AvastUI.exe] . (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
~ Application: Scanned in 00mn 00s

---\\ Icones das opções IE invisiveis no painel das configurações (05)
O5 - control.ini: [HKLM\..\Control Panel] inetcpl.cpl=no
~ IE Control Panel: 1 Scanned in 00mn 00s

---\\ Boutões da barra de ferramentas principal do Internet Explorer (09)
O9 - Extra button: Skype Click to Call settings [64Bits] - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} . (...) -- c:\program files (x86)\skype\toolbars\internet explorer x64\icon.ico
~ IE Extra Buttons: Scanned in 00mn 00s

---\\ Winsock hijacker (Layered Service Provider) (O10)
O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Network Location Awareness 2.) -- C:\Windows\system32\NLAapi.dll
O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - Fornecedor de serviços de Microsoft Windows Sockets 2.0.) -- C:\Windows\system32\mswsock.dll
O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\Windows\system32\winrnr.dll
O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - Fornecedor de Correcções de Compatibilidade de Nomenclatura de Correio El.) -- C:\Windows\system32\napinsp.dll
O10 - WLSP:\000000000005\Winsock LSP File . (.Microsoft Corporation - Fornecedor de Espaço de Nomes PNRP.) -- C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000006\Winsock LSP File . (.Microsoft Corporation - Fornecedor de Espaço de Nomes PNRP.) -- C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000007\Winsock LSP File . (.Microsoft Corp. - Microsoft® Windows Live ID Namespace Provider.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.dll =>.Microsoft Corporation
O10 - WLSP:\000000000008\Winsock LSP File . (.Microsoft Corp. - Microsoft® Windows Live ID Namespace Provider.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.dll =>.Microsoft Corporation
~ Winsock: 8 Scanned in 00mn 00s

---\\ Alteração Dominio/Clientes DNS (017)
O17 - HKLM\System\CCS\Services\Tcpip\..\{EE7A8BE6-057B-4CCA-BAB4-23EEBDAFB2B1}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{EE7A8BE6-057B-4CCA-BAB4-23EEBDAFB2B1}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{EE7A8BE6-057B-4CCA-BAB4-23EEBDAFB2B1}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
~ Domain: Scanned in 00mn 00s

---\\ Protocolo adicional (018)
O18 - Handler: wlpg [64Bits] - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (...) --
O18 - Filter: text/xml [64Bits] - {807563E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.dll =>.Microsoft Corporation
~ Protocole Additionnel: Scanned in 00mn 00s

por JoseCarlos Seg 15 Set 2014, 18:47

---\\ Lista dos serviços NT não Microsoft e não desativados (023)
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) . (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) . (.LSI Corporation - LSI Soft Modem Call Progress Service.) - C:\Program Files\LSI SoftModem\agr64svc.exe
O23 - Service: avast! Antivirus (avast! Antivirus) . (.AVAST Software - avast! Service.) - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: avast! Firewall (avast! Firewall) . (.AVAST Software - avast! firewall service.) - C:\Program Files\AVAST Software\Avast\afwServ.exe
O23 - Service: Serviço Google Update (gupdate) (gupdate) . (.Google Inc. - Instalador do Google.) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) . (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 179.6.) - C:\Windows\System32\nvvsvc.exe
O23 - Service: Skype Updater (SkypeUpdate) . (.Skype Technologies - Skype Updater Service.) - C:\Program Files (x86)\Skype\Updater\Updater.exe
~ Services: 7 Scanned in 00mn 09s

---\\ Enumeração Ativa do Ambiente de trabalho & Editor MHTML (024)
O24 - Default MHTML Editor: Last - .(...) - (.not file.)
~ Desktop Component: 4 Scanned in 00mn 00s

---\\ Listagem dos dados do BootExecute (Bex) (034)
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (sdnclean64.exe) - File not found
~ BEX: 2 Scanned in 00mn 00s

---\\ Tarefas planificadas automaticamente (039)
[MD5.F4BF3ADDDDC1AD372604F13C2B0C1F65] [APT] [Adobe Flash Player Updater] (.Adobe Systems Incorporated.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [262320]
[MD5.1AD8512A5C40AD1A0558498D8E0AC2AA] [APT] [avast! Emergency Update] (.AVAST Software.) -- C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [808448]
[MD5.00000000000000000000000000000000] [APT] [Driver Booster SkipUAC (Utilizador)] (...) -- C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [FacebookUpdateTaskUserS-1-5-21-3136738229-3321464536-2784466607-1000Core] (...) -- C:\Users\Utilizador\AppData\Local\Facebook\Update\FacebookUpdate.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [FacebookUpdateTaskUserS-1-5-21-3136738229-3321464536-2784466607-1000UA] (...) -- C:\Users\Utilizador\AppData\Local\Facebook\Update\FacebookUpdate.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [AppleSoftwareUpdate] (...) -- C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [Check for updates] (...) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [Refresh immunization] (...) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [Scan the system] (...) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe (.not file.) [0]
O39 - APT: Adobe Flash Player Updater - (.Adobe Systems Incorporated.) -- C:\Windows\Tasks\Adobe Flash Player Updater.job [830]
O39 - APT: Adobe Flash Player Updater - (.Adobe Systems Incorporated.) -- C:\Windows\System32\Tasks\Adobe Flash Player Updater [830]
O39 - APT: FacebookUpdateTaskUserS-1-5-21-3136738229-3321464536-2784466607-1000Core - (...) -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3136738229-3321464536-2784466607-1000Core.job [926]
O39 - APT: FacebookUpdateTaskUserS-1-5-21-3136738229-3321464536-2784466607-1000Core - (...) -- C:\Windows\System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3136738229-3321464536-2784466607-1000Core [926]
O39 - APT: FacebookUpdateTaskUserS-1-5-21-3136738229-3321464536-2784466607-1000UA - (...) -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3136738229-3321464536-2784466607-1000UA.job [948]
O39 - APT: FacebookUpdateTaskUserS-1-5-21-3136738229-3321464536-2784466607-1000UA - (...) -- C:\Windows\System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3136738229-3321464536-2784466607-1000UA [948]
~ Scheduled Task: 14 Scanned in 00mn 05s

---\\ Componentes instalados (ActiveSetup Installed Components) (040)
O40 - ASIC: Microsoft Windows Media Player [64Bits] - >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Recursos do Windows Media Player.) -- C:\Windows\System32\wmploc.dll =>.Microsoft Corporation
O40 - ASIC: Internet Explorer [64Bits] - >{26923b43-4d38-484f-9b9e-de460746276c} . (.Microsoft Corporation - Utilitário de Inicialização por utilizador do IE.) -- C:\Windows\System32\ie4uinit.exe
O40 - ASIC: Browser Customizations [64Bits] - >{60B49E34-C7CC-11D0-8953-00A0C90347FF} . (.Microsoft Corporation - IEAK branding.) -- C:\Windows\System32\iedkcs32.dll
O40 - ASIC: Microsoft Windows Media Player 12.0 [64Bits] - {22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Windows Media Player Extension.) -- C:\Windows\SysWOW64\wmpdxm.dll =>.Microsoft Corporation
O40 - ASIC: Themes Setup [64Bits] - {2C7339CF-2B09-4501-B3F3-F3508C9228ED} . (.Microsoft Corporation - API de tema do Windows.) -- C:\Windows\System32\themeui.dll
O40 - ASIC: Microsoft Windows [64Bits] - {44BBA840-CC51-11CF-AAFA-00AA00B6015C} . (.Microsoft Corporation - Windows Mail.) -- C:\Program Files (x86)\Windows Mail\WinMail.exe =>.Microsoft Corporation
O40 - ASIC: Browsing Enhancements [64Bits] - {630b1da0-b465-11d1-9948-00c04f98bbc9} . (.Microsoft Corporation - Extensão da shell da pasta de FTP do Microsoft Internet Explore.) -- C:\Windows\System32\msieftp.dll
O40 - ASIC: Microsoft Windows Media Player [64Bits] - {6BF52A52-394A-11d3-B153-00C04F79FAA6} . (.Microsoft Corporation - Recursos do Windows Media Player.) -- C:\Windows\System32\wmploc.dll =>.Microsoft Corporation
O40 - ASIC: Windows Desktop Update [64Bits] - {89820200-ECBD-11cf-8B85-00AA005B4340} . (.Microsoft Corporation - DLL comum da shell do Windows.) -- C:\Windows\System32\shell32.dll
O40 - ASIC: Web Platform Customizations [64Bits] - {89820200-ECBD-11cf-8B85-00AA005B4383} . (.Microsoft Corporation - Utilitário de Inicialização por utilizador do IE.) -- C:\Windows\System32\ie4uinit.exe
O40 - ASIC: (no name) [64Bits] - {89B4C1CD-B018-4511-B0A1-5476DBF70820} . (.Microsoft Corporation - Microsoft .NET IE SECURITY REGISTRATION.) -- C:\Windows\system32\mscories.dll
~ Active Setup: 11 Scanned in 00mn 00s

---\\ Drivers lançados ao arranque do sistema (041)
O41 - Driver: (44278511) . (.Kaspersky Lab - Kaspersky Unified Driver.) - C:\Windows\System32\DRIVERS\44278511.sys
O41 - Driver: C:\Windows\System32\drivers\afd.sys (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\Windows\system32\drivers\afd.sys
O41 - Driver: (aswKbd) . (.AVAST Software - avast! Keyboard Filter Driver.) - C:\Windows\system32\drivers\aswKbd.sys
O41 - Driver: (aswRdr) . (.AVAST Software - avast! WFP Redirect Driver.) - C:\Windows\system32\drivers\aswRdr2.sys
O41 - Driver: (aswSnx) . (.AVAST Software - avast! Virtualization Driver.) - C:\Windows\system32\drivers\aswSnx.sys
O41 - Driver: (aswSP) . (.AVAST Software - avast! self protection module.) - C:\Windows\system32\drivers\aswSP.sys
O41 - Driver: (blbdrive) . (.Microsoft Corporation - BLB Drive Driver.) - C:\Windows\System32\DRIVERS\blbdrive.sys
O41 - Driver: (cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\Windows\System32\DRIVERS\cdrom.sys
O41 - Driver: C:\Windows\System32\cscsvc.dll (CSC) . (.Microsoft Corporation - Windows Client Side Caching Driver.) - C:\Windows\System32\drivers\csc.sys
O41 - Driver: C:\Windows\System32\drivers\dfsc.sys (DfsC) . (.Microsoft Corporation - DFS Namespace Client Driver.) - C:\Windows\System32\Drivers\dfsc.sys
O41 - Driver: C:\Windows\System32\drivers\discache.sys (discache) . (.Microsoft Corporation - System Indexer/Cache Driver.) - C:\Windows\System32\drivers\discache.sys
O41 - Driver: (mssmbios) . (.Microsoft Corporation - System Management BIOS Driver.) - C:\Windows\System32\DRIVERS\mssmbios.sys
O41 - Driver: (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\Windows\System32\DRIVERS\netbios.sys
O41 - Driver: C:\Windows\System32\drivers\netbt.sys (NetBT) . (.Microsoft Corporation - MBT Transport driver.) - C:\Windows\System32\DRIVERS\netbt.sys
O41 - Driver: C:\Windows\System32\drivers\nsiproxy.sys (nsiproxy) . (.Microsoft Corporation - NSI Proxy.) - C:\Windows\System32\drivers\nsiproxy.sys
O41 - Driver: C:\Windows\System32\drivers\pacer.sys (Psched) . (.Microsoft Corporation - Agendador de pacotes QoS.) - C:\Windows\System32\DRIVERS\pacer.sys
O41 - Driver: C:\Windows\System32\wkssvc.dll (rdbss) . (.Microsoft Corporation - Controlador de Subsistema de Colocação em M.) - C:\Windows\System32\DRIVERS\rdbss.sys
O41 - Driver: C:\Windows\System32\DRIVERS\RDPCDD.sys (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\System32\DRIVERS\RDPCDD.sys
O41 - Driver: C:\Windows\System32\drivers\RDPENCDD.sys (RDPENCDD) . (.Microsoft Corporation - RDP Encoder Miniport.) - C:\Windows\System32\drivers\rdpencdd.sys
O41 - Driver: C:\Windows\System32\drivers\RdpRefMp.sys (RDPREFMP) . (.Microsoft Corporation - RDP Reflector Driver Miniport.) - C:\Windows\System32\drivers\rdprefmp.sys
O41 - Driver: setup_9.0.0.722_22.04.2013_05-21drv (setup_9.0.0.722_22.04.2013_05-21drv) . (.Kaspersky Lab - Klif Mini-Filter [fre_wlh_AMD64].) - C:\Windows\System32\DRIVERS\4427851.sys
O41 - Driver: C:\Windows\System32\tcpipcfg.dll (tdx) . (.Microsoft Corporation - TDI Translation Driver.) - C:\Windows\System32\DRIVERS\tdx.sys
O41 - Driver: (TermDD) . (.Microsoft Corporation - Remote Desktop Server Driver.) - C:\Windows\System32\DRIVERS\termdd.sys
O41 - Driver: (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\Windows\system32\drivers\vga.sys
O41 - Driver: C:\Windows\System32\rascfg.dll (Wanarpv6) . (.Microsoft Corporation - MS Remote Access and Routing ARP Driver.) - C:\Windows\System32\DRIVERS\wanarp.sys
O41 - Driver: (WfpLwf) . (.Microsoft Corporation - WFP NDIS 6.20 Lightweight Filter Driver.) - C:\Windows\System32\DRIVERS\wfplwf.sys
O41 - Driver: Ambiente de compatibilidade com fornecedores de serviços não IFS do Windows Socket 2.0 (ws2ifsl) . (.Microsoft Corporation - Camada IFS Winsock2.) - C:\Windows\system32\drivers\ws2ifsl.sys
~ Drivers: 81 Scanned in 00mn 00s

---\\ Software instalados (042)
O42 - Logiciel: 64 Bit HP CIO Components Installer - (.Hewlett-Packard.) [HKLM][64Bits] -- {BE930E38-7BB3-45B6-85B2-5251F374F844}
O42 - Logiciel: Adobe Flash Player 13 ActiveX - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- Adobe Flash Player ActiveX
O42 - Logiciel: Adobe Flash Player 14 Plugin - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- Adobe Flash Player Plugin
O42 - Logiciel: Adobe Reader XI (11.0.08) - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {AC76BA86-7AD7-1033-7B44-AB0000000001}
O42 - Logiciel: CCleaner - (.Piriform.) [HKLM][64Bits] -- CCleaner
O42 - Logiciel: CPUID CPU-Z 1.61 - (...) [HKLM][64Bits] -- CPUID CPU-Z_is1
O42 - Logiciel: Complemento Messenger - (.Microsoft Corporation.) [HKLM][64Bits] -- {3A09ED0F-8DDF-47BB-B53D-841AB9D1D3A7}
O42 - Logiciel: D3DX10 - (.Microsoft.) [HKLM][64Bits] -- {E09C4DB7-630C-4F06-A631-8EA7239923AF}
O42 - Logiciel: Dropbox - (.Dropbox, Inc..) [HKCU][64Bits] -- Dropbox
O42 - Logiciel: FLV Media Player version 1.3 - (.FLVMPlayer.) [HKLM][64Bits] -- {0E08BAC8-845B-4327-8CDB-4B0F8C9857A5}_is1 =>PUP.FLVMPlayer
O42 - Logiciel: Facebook Video Calling 2.0.0.447 - (.Skype Limited.) [HKLM][64Bits] -- {8DF41A9F-FE13-43E8-A003-5F9B55A011EE}
O42 - Logiciel: Flvto Youtube Downloader - (.Hotger.) [HKLM][64Bits] -- Flvto Youtube Downloader
O42 - Logiciel: Google Chrome - (.Google Inc..) [HKLM][64Bits] -- Google Chrome
O42 - Logiciel: Google Drive - (.Google, Inc..) [HKLM][64Bits] -- {C6640705-7479-4EE5-BC86-879F05F65E74}
O42 - Logiciel: Google Earth - (.Google.) [HKLM][64Bits] -- {4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E} =>.Google Inc
O42 - Logiciel: Google Earth Plug-in - (.Google.) [HKLM][64Bits] -- {4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E} =>.Google Inc
O42 - Logiciel: Google Talk Plugin - (.Google.) [HKLM][64Bits] -- {E121A4FE-009B-385B-BB0D-B934E2A88288}
O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM][64Bits] -- {A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
O42 - Logiciel: HP Photosmart Wireless B110 All-In-One Driver 14.0 Rel. 7 - (.HP.) [HKLM][64Bits] -- {014E482A-0C27-47E3-BA82-307E9DCA2F47} =>.Hewlett-Packard Co
O42 - Logiciel: Java 7 Update 65 - (.Oracle.) [HKLM][64Bits] -- {26A24AE4-039D-4CA4-87B4-2F83217051FF}
O42 - Logiciel: Junk Mail filter update - (.Microsoft Corporation.) [HKLM][64Bits] -- {1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}
O42 - Logiciel: Kobo - (.Kobo Inc..) [HKLM][64Bits] -- Kobo
O42 - Logiciel: LSI V92 MOH Application - (.LSI Corporation.) [HKLM][64Bits] -- LTMOH
O42 - Logiciel: MSVCRT - (.Microsoft.) [HKLM][64Bits] -- {8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}
O42 - Logiciel: MSVCRT110 - (.Microsoft.) [HKLM][64Bits] -- {8E14DDC8-EA60-4E18-B3E3-1937104D5BDA}
O42 - Logiciel: MSVCRT110_amd64 - (.Microsoft.) [HKLM][64Bits] -- {E9FA781F-3E80-4399-825A-AD3E11C28C77}
O42 - Logiciel: MSVCRT_amd64 - (.Microsoft.) [HKLM][64Bits] -- {D0B44725-3666-492D-BEF6-587A14BD9BD9}
O42 - Logiciel: MSXML 4.0 SP2 (KB954430) - (.Microsoft Corporation.) [HKLM][64Bits] -- {86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
O42 - Logiciel: MSXML 4.0 SP2 (KB973688) - (.Microsoft Corporation.) [HKLM][64Bits] -- {F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
O42 - Logiciel: Mesh Runtime - (.Microsoft Corporation.) [HKLM][64Bits] -- {8C6D6116-B724-4810-8F2D-D047E6B7D68E}
O42 - Logiciel: Messenger Companion - (.Microsoft Corporation.) [HKLM][64Bits] -- {3889988F-762B-4B85-AB17-71C9CC3AE445}
O42 - Logiciel: Messenger Companion - (.Microsoft Corporation.) [HKLM][64Bits] -- {50816F92-1652-4A7C-B9BC-48F682742C4B}
O42 - Logiciel: Microsoft Antimalware Service PT-PT Language Pack - (.Microsoft Corporation.) [HKLM][64Bits] -- {8AF5E619-22FB-450A-A85A-F20C147618B6}
O42 - Logiciel: Microsoft Security Client PT-PT Language Pack - (.Microsoft Corporation.) [HKLM][64Bits] -- {DC911ADF-7B60-40F2-A112-FB1EB6402D07}
O42 - Logiciel: Microsoft Silverlight - (.Microsoft Corporation.) [HKLM][64Bits] -- {89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
O42 - Logiciel: Microsoft SkyDrive - (.Microsoft Corporation.) [HKCU][64Bits] -- SkyDriveSetup.exe =>.Microsoft Corporation
O42 - Logiciel: NVIDIA Drivers - (.NVIDIA Corporation.) [HKLM][64Bits] -- NVIDIA Drivers
O42 - Logiciel: Revo Uninstaller 1.95 - (.VS Revo Group.) [HKLM][64Bits] -- Revo Uninstaller
O42 - Logiciel: Skype Click to Call - (.Microsoft Corporation.) [HKLM][64Bits] -- {6D1221A9-17BF-4EC0-81F2-27D30EC30701}
O42 - Logiciel: Skype™ 6.18 - (.Skype Technologies S.A..) [HKLM][64Bits] -- {7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}
O42 - Logiciel: SpyHunter - (.Enigma Software Group USA, LLC.) [HKLM][64Bits] -- {ACF5FE1B-3772-4068-8B87-2D2A6EFD0A05} =>Crapware.SpyHunter
O42 - Logiciel: Synaptics Pointing Device Driver - (.Synaptics.) [HKLM][64Bits] -- SynTPDeinstKey
O42 - Logiciel: System Requirements Lab for Intel - (.Husdawg, LLC.) [HKLM][64Bits] -- {1EBDF6D2-CEA0-484C-A23E-2DDAD7FD0DD0}
O42 - Logiciel: TOSHIBA Software Modem - (.LSI Corporation.) [HKLM][64Bits] -- TOSHIBA Software Modem
O42 - Logiciel: Viber - (.Viber Media Inc.) [HKCU][64Bits] -- Viber
O42 - Logiciel: ZON NET MOBILE - (...) [HKLM][64Bits] -- {93D34EE3-99B3-4DB1-8B0A-0A657466F90D}
O42 - Logiciel: avast! Internet Security v9.0.2021 - (.AVAST Software.) [HKLM][64Bits] -- Avast
~ Logic: 26 Scanned in 00mn 00s

---\\ HKCU & HKLM Software Keys
[HKCU\Software\ASProtect]
[HKCU\Software\AVAST Software]
[HKCU\Software\Adobe]
[HKCU\Software\AppDataLow\Software\JavaSoft]
[HKCU\Software\AppDataLow]
[HKCU\Software\Apple Computer, Inc.]
[HKCU\Software\Apple Inc.]
[HKCU\Software\BancoBest]
[HKCU\Software\BitTorrent] =>P2P.BitTorrent
[HKCU\Software\ChemTable Software]
[HKCU\Software\Classes]
[HKCU\Software\Clients]
[HKCU\Software\FlvtoConverter]
[HKCU\Software\Google]
[HKCU\Software\HWiNFO64]
[HKCU\Software\Hewlett-Packard]
[HKCU\Software\IM Providers]
[HKCU\Software\Icaros]
[HKCU\Software\Innovative Solutions]
[HKCU\Software\JavaSoft]
[HKCU\Software\Kobo]
[HKCU\Software\Licenses]
[HKCU\Software\Macromedia]
[HKCU\Software\Malwarebytes' Anti-Malware (portable)]
[HKCU\Software\McAfee]
[HKCU\Software\MetaGeek, LLC]
[HKCU\Software\Mirage]
[HKCU\Software\MozillaPlugins]
[HKCU\Software\NVIDIA Corporation]
[HKCU\Software\Naviextras]
[HKCU\Software\Netscape]
[HKCU\Software\ODBC]
[HKCU\Software\Opera Software]
[HKCU\Software\POIPedia]
[HKCU\Software\PTEID]
[HKCU\Software\Piriform]
[HKCU\Software\Policies]
[HKCU\Software\Priberam]
[HKCU\Software\Safer Networking Limited]
[HKCU\Software\Samsung]
[HKCU\Software\SkypeRS]
[HKCU\Software\Skype]
[HKCU\Software\SlimWare Utilities Inc]
[HKCU\Software\Sysinternals]
[HKCU\Software\System Requirements Lab]
[HKCU\Software\TAdvCheckList]
[HKCU\Software\Trolltech]
[HKCU\Software\VB and VBA Program Settings]
[HKCU\Software\VSRevoGroup]
[HKCU\Software\Wow6432Node]
[HKCU\Software\ZebHelpProcess Helper]
[HKCU\Software\eSupport.com]
[HKCU\Software\hotger]
[HKLM\Software\ATI Technologies]
[HKLM\Software\Agere]
[HKLM\Software\CPUID]
[HKLM\Software\Classes]
[HKLM\Software\Clients]
[HKLM\Software\EnigmaSoftwareGroup]
[HKLM\Software\GEAR Software]
[HKLM\Software\Hewlett-Packard]
[HKLM\Software\IM Providers]
[HKLM\Software\InstalledOptions]
[HKLM\Software\Intel]
[HKLM\Software\LSI]
[HKLM\Software\Macromedia]
[HKLM\Software\MozillaPlugins]
[HKLM\Software\Mozilla]
[HKLM\Software\NVIDIA Corporation]
[HKLM\Software\ODBC]
[HKLM\Software\Piriform]
[HKLM\Software\Policies]
[HKLM\Software\RegisteredApplications]
[HKLM\Software\Safer Networking Limited]
[HKLM\Software\Sonic]
[HKLM\Software\Synaptics]
[HKLM\Software\Wow6432Node\AVAST Software]
[HKLM\Software\Wow6432Node\Adobe]
[HKLM\Software\Wow6432Node\AdwCleaner]
[HKLM\Software\Wow6432Node\Anvisoft]
[HKLM\Software\Wow6432Node\Apple Inc.]
[HKLM\Software\Wow6432Node\AutoHelpDesk]
[HKLM\Software\Wow6432Node\BlueStacks]
[HKLM\Software\Wow6432Node\CallingID]
[HKLM\Software\Wow6432Node\Classes]
[HKLM\Software\Wow6432Node\Clients]
[HKLM\Software\Wow6432Node\Freemake]
[HKLM\Software\Wow6432Node\G Data]
[HKLM\Software\Wow6432Node\Google]
[HKLM\Software\Wow6432Node\Hewlett-Packard]
[HKLM\Software\Wow6432Node\IM Providers]
[HKLM\Software\Wow6432Node\Innovative Solutions]
[HKLM\Software\Wow6432Node\Intel]
[HKLM\Software\Wow6432Node\JavaSoft]
[HKLM\Software\Wow6432Node\JreMetrics]
[HKLM\Software\Wow6432Node\Macromedia]
[HKLM\Software\Wow6432Node\Malwarebytes' Anti-Malware (Trial)]
[HKLM\Software\Wow6432Node\Malwarebytes' Anti-Malware (portable)]
[HKLM\Software\Wow6432Node\Malwarebytes' Anti-Malware]
[HKLM\Software\Wow6432Node\McAfee.com]
[HKLM\Software\Wow6432Node\MozillaPlugins]
[HKLM\Software\Wow6432Node\Mozilla]
[HKLM\Software\Wow6432Node\Naviextras]
[HKLM\Software\Wow6432Node\ODBC]
[HKLM\Software\Wow6432Node\OldTimer Tools]
[HKLM\Software\Wow6432Node\Policies]
[HKLM\Software\Wow6432Node\RegisteredApplications]
[HKLM\Software\Wow6432Node\Safer Networking Limited]
[HKLM\Software\Wow6432Node\Skype]
[HKLM\Software\Wow6432Node\SoftExtreme]
[HKLM\Software\Wow6432Node\Swearware]
[HKLM\Software\Wow6432Node\Wondershare]
[HKLM\Software\Wow6432Node\mozilla.org]
[HKLM\Software\Wow6432Node]
~ Key Software: 193 Scanned in 00mn 00s

---\\ Conteúdo das pastas Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 15-11-2013 - 23:31:56 - [] ----D C:\Program Files (x86)\Adobe
O43 - CFD: 20-10-2013 - 21:40:05 - [0] ----D C:\Program Files (x86)\Anvisoft
O43 - CFD: 19-10-2013 - 08:59:42 - [] ----D C:\Program Files (x86)\B1 Free Archiver
O43 - CFD: 05-08-2012 - 22:49:50 - [0] ----D C:\Program Files (x86)\BancoBest
O43 - CFD: 03-08-2014 - 02:23:48 - [] ----D C:\Program Files (x86)\Common Files
O43 - CFD: 17-04-2014 - 20:11:24 - [0] ----D C:\Program Files (x86)\DsNET Corp
O43 - CFD: 18-03-2014 - 09:13:30 - [] ----D C:\Program Files (x86)\FLV Media Player
O43 - CFD: 13-05-2014 - 00:01:21 - [] ----D C:\Program Files (x86)\Flvto Youtube Downloader
O43 - CFD: 04-07-2013 - 09:08:10 - [] ----D C:\Program Files (x86)\Freemake
O43 - CFD: 20-07-2013 - 00:03:41 - [] ----D C:\Program Files (x86)\G Data
O43 - CFD: 29-06-2014 - 21:15:06 - [] ----D C:\Program Files (x86)\Google
O43 - CFD: 04-06-2014 - 11:02:55 - [0] ----D C:\Program Files (x86)\Hosts_Anti_Adwares_PUPs
O43 - CFD: 05-04-2014 - 00:45:49 - [] ----D C:\Program Files (x86)\HP
O43 - CFD: 03-08-2014 - 02:36:43 - [] --H-D C:\Program Files (x86)\InstallShield Installation Information
O43 - CFD: 04-07-2013 - 09:08:03 - [] ----D C:\Program Files (x86)\Internet Explorer
O43 - CFD: 03-08-2014 - 02:26:44 - [0] ----D C:\Program Files (x86)\IObit
O43 - CFD: 18-07-2014 - 00:03:46 - [] ----D C:\Program Files (x86)\Java
O43 - CFD: 26-04-2013 - 23:36:30 - [] ----D C:\Program Files (x86)\Kobo
O43 - CFD: 07-11-2012 - 00:37:48 - [] ----D C:\Program Files (x86)\MarkAny
O43 - CFD: 28-10-2013 - 23:40:43 - [0] ----D C:\Program Files (x86)\Microsoft
O43 - CFD: 06-11-2012 - 20:07:07 - [] ----D C:\Program Files (x86)\Microsoft Office
O43 - CFD: 25-07-2014 - 20:39:46 - [] ----D C:\Program Files (x86)\Microsoft Silverlight
O43 - CFD: 02-11-2012 - 17:12:16 - [] ----D C:\Program Files (x86)\Microsoft SkyDrive =>.Microsoft Corporation
O43 - CFD: 21-06-2012 - 17:38:18 - [] ----D C:\Program Files (x86)\Microsoft Visual Studio
O43 - CFD: 21-06-2012 - 17:34:39 - [] ----D C:\Program Files (x86)\Microsoft Visual Studio 8
O43 - CFD: 02-11-2012 - 17:46:41 - [] ----D C:\Program Files (x86)\Microsoft Works
O43 - CFD: 03-08-2012 - 14:33:30 - [] ----D C:\Program Files (x86)\Microsoft.NET
O43 - CFD: 30-06-2012 - 09:19:45 - [] ----D C:\Program Files (x86)\Mozilla Firefox
O43 - CFD: 21-06-2012 - 17:38:46 - [] ----D C:\Program Files (x86)\MSBuild
O43 - CFD: 07-07-2012 - 12:42:05 - [0] ----D C:\Program Files (x86)\MSXML 4.0
O43 - CFD: 09-04-2014 - 01:18:34 - [0] ----D C:\Program Files (x86)\Naviextras
O43 - CFD: 12-04-2013 - 23:38:58 - [] ----D C:\Program Files (x86)\Opera
O43 - CFD: 01-05-2013 - 20:38:28 - [] ----D C:\Program Files (x86)\Pendrive Virus Remover
O43 - CFD: 14-07-2009 - 06:32:38 - [] ----D C:\Program Files (x86)\Reference Assemblies
O43 - CFD: 23-12-2013 - 00:13:23 - [0] ----D C:\Program Files (x86)\Samsung
O43 - CFD: 30-11-2013 - 16:07:12 - [] ----D C:\Program Files (x86)\SecurityXploded
O43 - CFD: 06-08-2014 - 18:56:37 - [] R---D C:\Program Files (x86)\Skype
O43 - CFD: 03-08-2014 - 10:43:14 - [] ----D C:\Program Files (x86)\Spybot - Search & Destroy 2
O43 - CFD: 17-05-2014 - 21:31:01 - [0] ----D C:\Program Files (x86)\ssavee Nett =>PUP.SaveNet
O43 - CFD: 27-04-2014 - 11:08:51 - [] ----D C:\Program Files (x86)\SystemRequirementsLab
O43 - CFD: 14-07-2009 - 05:57:06 - [0] --H-D C:\Program Files (x86)\Uninstall Information
O43 - CFD: 09-12-2013 - 23:56:04 - [] ----D C:\Program Files (x86)\VS Revo Group
O43 - CFD: 03-08-2014 - 02:22:29 - [0] ----D C:\Program Files (x86)\Webfuel
O43 - CFD: 21-06-2012 - 11:21:21 - [] ----D C:\Program Files (x86)\Windows Defender
O43 - CFD: 01-11-2013 - 02:30:23 - [] ----D C:\Program Files (x86)\Windows Live
O43 - CFD: 21-06-2012 - 15:06:33 - [] ----D C:\Program Files (x86)\Windows Mail =>.Microsoft Corporation
O43 - CFD: 07-03-2013 - 16:10:37 - [] ----D C:\Program Files (x86)\Windows Media Player =>.Microsoft Corporation
O43 - CFD: 14-07-2009 - 06:32:38 - [] ----D C:\Program Files (x86)\Windows NT
O43 - CFD: 21-06-2012 - 11:21:22 - [] ----D C:\Program Files (x86)\Windows Photo Viewer
O43 - CFD: 14-07-2009 - 06:32:40 - [] ----D C:\Program Files (x86)\Windows Portable Devices
O43 - CFD: 21-06-2012 - 11:21:22 - [] ----D C:\Program Files (x86)\Windows Sidebar
O43 - CFD: 19-07-2014 - 00:39:28 - [0] ----D C:\Program Files (x86)\Wondershare
O43 - CFD: 15-09-2014 - 22:21:48 - [] ----D C:\Program Files (x86)\ZHPDiag =>.Nicolas Coolman
O43 - CFD: 10-04-2014 - 15:38:02 - [] ----D C:\Program Files (x86)\ZON NET MOBILE
O43 - CFD: 18-05-2014 - 22:01:26 - [] ----D C:\Program Files (x86)\Common Files\Adobe
O43 - CFD: 03-08-2014 - 02:42:57 - [] ----D C:\Program Files (x86)\Common Files\Apple
O43 - CFD: 15-05-2014 - 20:41:08 - [] ----D C:\Program Files (x86)\Common Files\DESIGNER
O43 - CFD: 20-07-2013 - 00:55:08 - [0] ----D C:\Program Files (x86)\Common Files\G Data
O43 - CFD: 03-07-2012 - 10:51:55 - [] ----D C:\Program Files (x86)\Common Files\Hewlett-Packard
O43 - CFD: 05-04-2014 - 00:45:49 - [] ----D C:\Program Files (x86)\Common Files\HP
O43 - CFD: 18-07-2014 - 00:04:15 - [] ----D C:\Program Files (x86)\Common Files\Java
O43 - CFD: 02-11-2012 - 17:46:52 - [] ----D C:\Program Files (x86)\Common Files\microsoft shared
O43 - CFD: 14-07-2009 - 04:20:08 - [] ----D C:\Program Files (x86)\Common Files\Services
O43 - CFD: 02-08-2014 - 14:01:52 - [] ----D C:\Program Files (x86)\Common Files\Skype
O43 - CFD: 14-07-2009 - 04:20:08 - [] ----D C:\Program Files (x86)\Common Files\SpeechEngines
O43 - CFD: 04-11-2012 - 03:52:32 - [] ----D C:\Program Files (x86)\Common Files\System
O43 - CFD: 21-06-2012 - 17:52:41 - [] ----D C:\Program Files (x86)\Common Files\Windows Live
O43 - CFD: 15-05-2014 - 01:03:24 - [] ----D C:\Program Files (x86)\Common Files\Wise Installation Wizard
O43 - CFD: 19-07-2014 - 00:07:58 - [] ----D C:\Program Files (x86)\Common Files\Wondershare
O43 - CFD: 23-12-2013 - 00:06:20 - [] ----D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
O43 - CFD: 15-11-2013 - 23:31:59 - [] ----D C:\ProgramData\Adobe
O43 - CFD: 20-05-2013 - 23:43:34 - [] ----D C:\ProgramData\Apple
O43 - CFD: 01-11-2013 - 02:01:06 - [] ----D C:\ProgramData\Apple Computer
O43 - CFD: 14-07-2009 - 06:08:56 - [] -SH-D C:\ProgramData\Application Data
O43 - CFD: 13-01-2014 - 11:23:50 - [] ----D C:\ProgramData\AVAST Software
O43 - CFD: 13-01-2014 - 11:30:22 - [] ----D C:\ProgramData\Avira
O43 - CFD: 10-07-2013 - 05:41:06 - [] ----D C:\ProgramData\BlueStacks
O43 - CFD: 10-07-2013 - 05:41:10 - [] ----D C:\ProgramData\BlueStacksSetup
O43 - CFD: 27-11-2013 - 12:43:52 - [] --H-D C:\ProgramData\Common Files
O43 - CFD: 17-05-2014 - 21:50:23 - [] ----D C:\ProgramData\dd88b75382065299
O43 - CFD: 14-07-2009 - 06:08:56 - [] -SH-D C:\ProgramData\Desktop
O43 - CFD: 14-07-2009 - 06:08:56 - [] -SH-D C:\ProgramData\Documents
O43 - CFD: 14-07-2009 - 06:08:56 - [] -SH-D C:\ProgramData\Favorites
O43 - CFD: 28-11-2013 - 22:54:05 - [0] ----D C:\ProgramData\Freemake
O43 - CFD: 20-07-2013 - 00:55:08 - [] ----D C:\ProgramData\G DATA
O43 - CFD: 03-04-2014 - 23:33:56 - [] ----D C:\ProgramData\HP
O43 - CFD: 17-05-2014 - 21:35:51 - [] ----D C:\ProgramData\InstallMate =>PUP.Tarma
O43 - CFD: 06-05-2014 - 18:34:51 - [] ----D C:\ProgramData\IObit
O43 - CFD: 12-08-2013 - 19:24:49 - [] ----D C:\ProgramData\Kaspersky Lab
O43 - CFD: 18-06-2014 - 09:30:02 - [] ----D C:\ProgramData\Launcher
O43 - CFD: 21-06-2012 - 16:05:04 - [] ----D C:\ProgramData\McAfee
O43 - CFD: 08-05-2014 - 15:13:43 - [] -S--D C:\ProgramData\Microsoft
O43 - CFD: 11-09-2014 - 03:09:34 - [] ----D C:\ProgramData\Microsoft Help
O43 - CFD: 02-11-2012 - 17:11:49 - [] ----D C:\ProgramData\Microsoft SkyDrive =>.Microsoft Corporation
O43 - CFD: 28-06-2012 - 13:38:51 - [] ----D C:\ProgramData\Mozilla
O43 - CFD: 21-06-2012 - 15:10:08 - [] ----D C:\ProgramData\NVIDIA
O43 - CFD: 18-07-2014 - 00:04:28 - [0] ----D C:\ProgramData\Oracle
O43 - CFD: 24-12-2012 - 23:49:34 - [] ----D C:\ProgramData\PassMark
O43 - CFD: 23-12-2013 - 00:12:07 - [] ----D C:\ProgramData\Samsung
O43 - CFD: 02-08-2014 - 14:02:42 - [] ----D C:\ProgramData\Skype
O43 - CFD: 03-08-2014 - 03:07:52 - [] ----D C:\ProgramData\Spybot - Search & Destroy
O43 - CFD: 14-07-2009 - 06:08:56 - [] -SH-D C:\ProgramData\Start Menu
O43 - CFD: 21-06-2012 - 15:41:15 - [] ----D C:\ProgramData\Sun
O43 - CFD: 20-10-2013 - 11:19:00 - [0] ----D C:\ProgramData\TEMP
O43 - CFD: 14-07-2009 - 06:08:56 - [] -SH-D C:\ProgramData\Templates
O43 - CFD: 26-02-2013 - 00:19:35 - [] ----D C:\ProgramData\VS Revo Group
O43 - CFD: 25-06-2012 - 20:52:35 - [] ----D C:\Users\Utilizador\AppData\Roaming\Adobe
O43 - CFD: 17-07-2014 - 23:53:01 - [] ----D C:\Users\Utilizador\AppData\Roaming\Apowersoft
O43 - CFD: 21-05-2013 - 00:03:42 - [] ----D C:\Users\Utilizador\AppData\Roaming\Apple Computer
O43 - CFD: 13-01-2014 - 14:32:00 - [] ----D C:\Users\Utilizador\AppData\Roaming\AVAST Software
O43 - CFD: 03-08-2012 - 18:11:55 - [] ----D C:\Users\Utilizador\AppData\Roaming\BancoBest
O43 - CFD: 16-05-2014 - 19:40:48 - [0] ----D C:\Users\Utilizador\AppData\Roaming\CBS Interactive
O43 - CFD: 06-03-2013 - 17:54:27 - [] ----D C:\Users\Utilizador\AppData\Roaming\ChemTable Software
O43 - CFD: 09-07-2014 - 08:41:56 - [] ----D C:\Users\Utilizador\AppData\Roaming\com.boonzi.desktop
O43 - CFD: 12-02-2014 - 21:35:30 - [0] ----D C:\Users\Utilizador\AppData\Roaming\driveridentifier
O43 - CFD: 13-04-2014 - 20:23:00 - [] ----D C:\Users\Utilizador\AppData\Roaming\Dropbox
O43 - CFD: 05-04-2014 - 20:46:15 - [] ----D C:\Users\Utilizador\AppData\Roaming\DropboxMaster
O43 - CFD: 14-06-2014 - 23:59:11 - [] ----D C:\Users\Utilizador\AppData\Roaming\FlvtoConverter
O43 - CFD: 21-06-2012 - 10:51:08 - [] ----D C:\Users\Utilizador\AppData\Roaming\Identities
O43 - CFD: 06-05-2014 - 18:34:49 - [] ----D C:\Users\Utilizador\AppData\Roaming\IObit
O43 - CFD: 25-06-2012 - 19:53:59 - [] ----D C:\Users\Utilizador\AppData\Roaming\Macromedia
O43 - CFD: 14-07-2009 - 08:45:14 - [0] ----D C:\Users\Utilizador\AppData\Roaming\Media Center Programs
O43 - CFD: 18-07-2014 - 00:05:04 - [] -S--D C:\Users\Utilizador\AppData\Roaming\Microsoft
O43 - CFD: 30-03-2014 - 01:12:42 - [] ----D C:\Users\Utilizador\AppData\Roaming\Mozilla
O43 - CFD: 07-04-2014 - 05:06:27 - [] ----D C:\Users\Utilizador\AppData\Roaming\naviextras
O43 - CFD: 12-04-2013 - 23:38:54 - [0] ----D C:\Users\Utilizador\AppData\Roaming\Opera
O43 - CFD: 11-12-2013 - 22:42:57 - [] ----D C:\Users\Utilizador\AppData\Roaming\Paltalk
O43 - CFD: 13-03-2014 - 23:30:20 - [0] ----D C:\Users\Utilizador\AppData\Roaming\PFStaticIP
O43 - CFD: 02-09-2014 - 21:29:29 - [] ----D C:\Users\Utilizador\AppData\Roaming\Skype
O43 - CFD: 27-04-2014 - 11:08:38 - [] ----D C:\Users\Utilizador\AppData\Roaming\SystemRequirementsLab
O43 - CFD: 12-02-2014 - 11:28:17 - [] ----D C:\Users\Utilizador\AppData\Roaming\ViberPC
O43 - CFD: 07-04-2014 - 00:53:25 - [] ----D C:\Users\Utilizador\AppData\Roaming\WinRAR
O43 - CFD: 15-09-2014 - 22:36:46 - [] ----D C:\Users\Utilizador\AppData\Roaming\ZHP =>.Nicolas Coolman
O43 - CFD: 19-08-2014 - 21:31:42 - [] ----D C:\Users\Utilizador\AppData\Local\Adobe
O43 - CFD: 20-10-2013 - 19:00:30 - [] ----D C:\Users\Utilizador\AppData\Local\Anvisoft
O43 - CFD: 20-05-2013 - 23:44:43 - [] ----D C:\Users\Utilizador\AppData\Local\Apple
O43 - CFD: 20-05-2013 - 23:58:35 - [] ----D C:\Users\Utilizador\AppData\Local\Apple Computer
O43 - CFD: 21-06-2012 - 10:50:41 - [] -SH-D C:\Users\Utilizador\AppData\Local\Application Data
O43 - CFD: 30-06-2012 - 09:36:42 - [] ----D C:\Users\Utilizador\AppData\Local\Apps
O43 - CFD: 03-08-2012 - 18:11:45 - [] ----D C:\Users\Utilizador\AppData\Local\BancoBest
O43 - CFD: 06-03-2014 - 13:13:35 - [] ----D C:\Users\Utilizador\AppData\Local\BeAnywhere Support Express
O43 - CFD: 03-03-2013 - 01:20:48 - [] ----D C:\Users\Utilizador\AppData\Local\ChemTable Software
O43 - CFD: 17-05-2014 - 21:30:30 - [] ----D C:\Users\Utilizador\AppData\Local\Comodo
O43 - CFD: 09-02-2013 - 00:07:52 - [0] ----D C:\Users\Utilizador\AppData\Local\CrashDumps
O43 - CFD: 30-06-2012 - 09:36:51 - [0] ----D C:\Users\Utilizador\AppData\Local\Deployment
O43 - CFD: 10-09-2014 - 15:09:17 - [] ----D C:\Users\Utilizador\AppData\Local\Diagnostics
O43 - CFD: 01-05-2013 - 20:34:07 - [] ----D C:\Users\Utilizador\AppData\Local\Downloaded Installations
O43 - CFD: 13-05-2014 - 00:02:12 - [] ----D C:\Users\Utilizador\AppData\Local\FlvtoYoutubeDownloader
O43 - CFD: 18-04-2013 - 23:13:41 - [] ----D C:\Users\Utilizador\AppData\Local\G DATA
O43 - CFD: 29-06-2014 - 21:15:15 - [] ----D C:\Users\Utilizador\AppData\Local\Google
O43 - CFD: 21-06-2012 - 10:50:41 - [] -SH-D C:\Users\Utilizador\AppData\Local\History
O43 - CFD: 27-11-2013 - 12:50:07 - [] ----D C:\Users\Utilizador\AppData\Local\Innovative Solutions
O43 - CFD: 13-03-2014 - 02:06:21 - [] ----D C:\Users\Utilizador\AppData\Local\IsolatedStorage
O43 - CFD: 26-04-2013 - 23:39:51 - [] ----D C:\Users\Utilizador\AppData\Local\Kobo
O43 - CFD: 29-06-2012 - 01:24:51 - [] ----D C:\Users\Utilizador\AppData\Local\Macromedia
O43 - CFD: 13-03-2014 - 12:16:30 - [] ----D C:\Users\Utilizador\AppData\Local\MetaGeek,_LLC
O43 - CFD: 18-07-2014 - 00:05:05 - [] ----D C:\Users\Utilizador\AppData\Local\Microsoft
O43 - CFD: 23-08-2013 - 19:46:37 - [] ----D C:\Users\Utilizador\AppData\Local\Microsoft Games
O43 - CFD: 05-07-2012 - 18:17:24 - [] ----D C:\Users\Utilizador\AppData\Local\Microsoft Help
O43 - CFD: 21-06-2012 - 15:46:24 - [] ----D C:\Users\Utilizador\AppData\Local\Mozilla
O43 - CFD: 13-03-2014 - 02:06:43 - [0] -SH-D C:\Users\Utilizador\AppData\Local\ms-drivers
O43 - CFD: 12-04-2013 - 23:38:55 - [0] ----D C:\Users\Utilizador\AppData\Local\Opera
O43 - CFD: 19-01-2013 - 20:04:32 - [] ----D C:\Users\Utilizador\AppData\Local\Programs
O43 - CFD: 23-12-2013 - 00:13:23 - [0] ----D C:\Users\Utilizador\AppData\Local\Samsung
O43 - CFD: 11-03-2014 - 12:26:33 - [] ----D C:\Users\Utilizador\AppData\Local\Skype
O43 - CFD: 18-07-2014 - 23:23:36 - [] ----D C:\Users\Utilizador\AppData\Local\SlimWare Utilities Inc
O43 - CFD: 15-09-2014 - 22:36:40 - [] ----D C:\Users\Utilizador\AppData\Local\Temp
O43 - CFD: 21-06-2012 - 10:50:41 - [] -SH-D C:\Users\Utilizador\AppData\Local\Temporary Internet Files
O43 - CFD: 12-02-2014 - 16:49:07 - [] ----D C:\Users\Utilizador\AppData\Local\Viber
O43 - CFD: 23-09-2012 - 14:35:17 - [] ----D C:\Users\Utilizador\AppData\Local\VirtualStore
O43 - CFD: 26-02-2013 - 00:20:08 - [] ----D C:\Users\Utilizador\AppData\Local\VS Revo Group
O43 - CFD: 18-03-2014 - 09:04:39 - [] ----D C:\Users\Utilizador\AppData\Local\Windows Live
O43 - CFD: 19-07-2014 - 00:08:00 - [] ----D C:\Users\Utilizador\AppData\Local\Wondershare
O43 - CFD: 14-07-2009 - 05:54:32 - [] R---D C:\Users\Utilizador\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
O43 - CFD: 12-07-2012 - 08:49:13 - [] R---D C:\Users\Utilizador\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
O43 - CFD: 20-10-2013 - 21:39:11 - [0] ----D C:\Users\Utilizador\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Anvisoft
O43 - CFD: 05-04-2014 - 20:43:00 - [] ----D C:\Users\Utilizador\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
O43 - CFD: 14-07-2009 - 05:49:38 - [] R---D C:\Users\Utilizador\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
O43 - CFD: 09-04-2014 - 01:18:34 - [0] ----D C:\Users\Utilizador\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Naviextras
O43 - CFD: 13-03-2014 - 23:21:27 - [] ----D C:\Users\Utilizador\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Portforward.com
O43 - CFD: 09-12-2013 - 23:56:06 - [] ----D C:\Users\Utilizador\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
O43 - CFD: 15-09-2014 - 15:57:22 - [] ----D C:\Users\Utilizador\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpyHunter =>Crapware.SpyHunter
O43 - CFD: 16-05-2014 - 19:37:36 - [] R---D C:\Users\Utilizador\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
~ Program Folder: 183 Scanned in 00mn 01s

---\\ Últimos ficheiros alterados ou criados no Windows e Sistema32 (044)
O44 - LFC:[MD5.66FC85C4728B6FBA8E7AAD59854F3730] - 11-09-2014 - 02:01:43 ---A- . (.Microsoft Corporation - Ferramenta de Remoção de Software Malicioso.) -- C:\Windows\System32\MRT.exe [101694776]
O44 - LFC:[MD5.79C3B9985E3F56E38192C7671D0D1E9D] - 15-09-2014 - 20:54:29 ---A- . (...) -- C:\PureRa.txt [2922]
O44 - LFC:[MD5.73DD0245BF6FE824A290FA16598DA671] - 15-09-2014 - 20:59:10 ---A- . (...) -- C:\PhysicalDisk0_MBR.bin [512]
O44 - LFC:[MD5.4CBBD738FA908C8E6FC3B138E042FA35] - 15-09-2014 - 21:29:52 ---A- . (...) -- C:\Windows\MEMORY.DMP [414698343]
O44 - LFC:[MD5.89D0478ADF86EA4B3A618AF462A8BBE4] - 15-09-2014 - 21:29:59 -S-A- . (...) -- C:\Windows\bootstat.dat [67584]
O44 - LFC:[MD5.D74E3C688AA4F552EB9F55CB8EA67170] - 15-09-2014 - 21:30:00 ---A- . (...) -- C:\Windows\setupact.log [56]
O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 15-09-2014 - 21:30:00 ---A- . (...) -- C:\Windows\setuperr.log [0]
O44 - LFC:[MD5.2AB8473B3099DBFEC94EC7F6D3975F6F] - 15-09-2014 - 21:34:29 ---A- . (...) -- C:\Windows\WindowsUpdate.log [44477]
~ Files: 8 Scanned in 00mn 34s

---\\ Exportar a chave da aplicação autorizada (047)
O47 - AAKE:Key Export SP - "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe" [Enabled] .(...) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe (.not file.)
O47 - AAKE:Key Export SP - "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe" [Enabled] .(...) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe (.not file.)
O47 - AAKE:Key Export SP - "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe" [Enabled] .(...) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe (.not file.)
O47 - AAKE:Key Export SP - "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe" [Enabled] .(...) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe (.not file.)
~ Keys Export: 4 Scanned in 00mn 00s

---\\ Negação do serviço (Local Security Authority) (048)
O48 - LSA:Local Security Authority Authentication Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\Windows\System32\msv1_0.dll
O48 - LSA:Local Security Authority Notification Packages . (.Microsoft Corporation - Motor cliente do editor de configuração de protecção do Windows.) -- C:\Windows\System32\scecli.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Pacote de segurança Kerberos.) -- C:\Windows\System32\kerberos.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\Windows\System32\msv1_0.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - TLS / SSL Security Provider.) -- C:\Windows\System32\schannel.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Digest Access.) -- C:\Windows\System32\wdigest.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Web Service Security Package.) -- C:\Windows\System32\tspkg.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Pku2u Security Package.) -- C:\Windows\System32\pku2u.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corp. - LiveSSP.) -- C:\Windows\System32\livessp.dll
~ LSA: 9 Scanned in 00mn 00s

---\\ Controlo do Modo de Segurança (CSB) (49)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sermouse.sys . (.Microsoft Corporation - Controlador de filtro de rato série.) -- C:\Windows\System32\Drivers\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\Windows\System32\Drivers\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vgasave.sys . (...) -- C:\Windows\System32\Drivers\vgasave.sys (.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\System32\Drivers\volmgr.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgrx.sys . (.Microsoft Corporation - Controlador de Extensão do Gestor de Volumes.) -- C:\Windows\System32\Drivers\volmgrx.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ipnat.sys . (.Microsoft Corporation - IP Network Address Translator.) -- C:\Windows\System32\Drivers\ipnat.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\nsiproxy.sys . (.Microsoft Corporation - NSI Proxy.) -- C:\Windows\System32\Drivers\nsiproxy.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpencdd.sys . (.Microsoft Corporation - RDP Encoder Miniport.) -- C:\Windows\System32\Drivers\rdpencdd.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sermouse.sys . (.Microsoft Corporation - Controlador de filtro de rato série.) -- C:\Windows\System32\Drivers\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\Windows\System32\Drivers\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vgasave.sys . (...) -- C:\Windows\System32\Drivers\vgasave.sys (.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\System32\Drivers\volmgr.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgrx.sys . (.Microsoft Corporation - Controlador de Extensão do Gestor de Volumes.) -- C:\Windows\System32\Drivers\volmgrx.sys
~ CSB: 13 Scanned in 00mn 00s

por JoseCarlos Seg 15 Set 2014, 18:48

---\\ Pesquisa de infeções nos drivers (HKLM)(TDSD) (O52)
O52 - TDSD: \Drivers32\"msacm.l3acm"="C:\Windows\System32\l3codeca.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm
O52 - TDSD: \drivers.desc\"C:\Windows\System32\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm
~ TDSD: 2 Scanned in 00mn 00s

---\\ Enumeração das chaves do registo StartupReg (SMSR) (O53)
O53 - SMSR:HKLM\...\startupreg\Adobe ARM [Key] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe =>.Adobe Systems Incorporated
O53 - SMSR:HKLM\...\startupreg\ccleaner [Key] . (.Piriform Ltd - CCleaner.) -- C:\Program Files\CCleaner\CCleaner64.exe =>.Piriform Ltd
O53 - SMSR:HKLM\...\startupreg\Facebook Update [Key] . (...) -- C:\Users\Utilizador\AppData\Local\Facebook\Update\FacebookUpdate.exe (.not file.)
O53 - SMSR:HKLM\...\startupreg\SDTray [Key] . (...) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe (.not file.)
O53 - SMSR:HKLM\...\startupreg\Spybot-S&D Cleaning [Key] . (...) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe (.not file.)
O53 - SMSR:HKLM\...\startupreg\uTorrent [Key] . (...) -- C:\Users\Utilizador\AppData\Roaming\uTorrent\uTorrent.exe (.not file.) =>P2P.µTorrent
~ SMSR Keys: 6 Scanned in 00mn 00s

---\\ Enumeração das chaves do registo SecurityProviders (MCSP) (O54)
O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\Windows\System32\credssp.dll
O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\Windows\System32\credssp.dll
~ MSCP: 2 Scanned in 00mn 00s

---\\ Enumeração das chaves do registo PoliciesSystem (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorAdmin"=5
O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorUser"=3
O55 - MWPS:[HKLM\...\Policies\System] - "EnableInstallerDetection"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableSecureUIAPaths"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableVirtualization"=1
O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=1
O55 - MWPS:[HKLM\...\Policies\System] - "ValidateAdminCodeSignatures"=0
O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"=0
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"=0
O55 - MWPS:[HKLM\...\Policies\System] - "scforceoption"=0
O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1
O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
O55 - MWPS:[HKLM\...\Policies\System] - "DisableRegistryTools"=0
O55 - MWPS:[HKCU\...\Policies\System] - "DisableRegistryTools"=0
O55 - MWPS:[HKCU\...\Policies\System] - "DisableTaskMgr"=0
~ MWPS: 19 Scanned in 00mn 00s

---\\ Enumeração das chaves do registo PoliciesExplorer (MWPE) (O56)
O56 - MWPE:[HKCU\...\policies\Explorer] - "NoDriveTypeAutoRun"=145
O56 - MWPE:[HKCU\...\policies\Explorer] - "NoLowDiskSpaceChecks"=1
O56 - MWPE:[HKCU\...\policies\Explorer] - "NoDrives"=0
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoDrives"=0
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoDriveTypeAutoRun"=145
~ MWPE Keys: 5 Scanned in 00mn 00s

---\\ Lista dos drivers do sistema (SDL) (O58)
O58 - SDL:10-10-2009 - 02:30:56 ---A- . (.Kaspersky Lab - Klif Mini-Filter [fre_wlh_AMD64].) -- C:\Windows\System32\Drivers\4427851.sys [352784]
O58 - SDL:25-09-2009 - 20:59:46 ---A- . (.Kaspersky Lab - Kaspersky Unified Driver.) -- C:\Windows\System32\Drivers\44278511.sys [157712]
O58 - SDL:22-10-2009 - 16:54:24 ---A- . (.Kaspersky Lab - Kaspersky Lab Boot Guard Driver.) -- C:\Windows\System32\Drivers\44278512.sys [40464]
O58 - SDL:14-07-2009 - 01:52:21 ---A- . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) -- C:\Windows\System32\Drivers\adp94xx.sys [491088]
O58 - SDL:14-07-2009 - 01:52:21 ---A- . (.Adaptec, Inc. - Adaptec Windows SATA Storport Driver.) -- C:\Windows\System32\Drivers\adpahci.sys [339536]
O58 - SDL:14-07-2009 - 01:52:21 ---A- . (.Adaptec, Inc. - Adaptec StorPort Ultra320 SCSI Driver (X64).) -- C:\Windows\System32\Drivers\adpu320.sys [182864]
O58 - SDL:01-01-2000 - 00:00:00 ---A- . (.LSI Corporation - SoftModem Device Driver.) -- C:\Windows\System32\Drivers\agrsm64.sys [1208320]
O58 - SDL:14-07-2009 - 01:52:21 ---A- . (.Acer Laboratories Inc. - ALi mini IDE Driver.) -- C:\Windows\System32\Drivers\aliide.sys [15440]
O58 - SDL:11-03-2011 - 06:22:41 ---A- . (.Advanced Micro Devices - AHCI 1.2 Device Driver.) -- C:\Windows\System32\Drivers\amdsata.sys [107904]
O58 - SDL:14-07-2009 - 01:52:20 ---A- . (.AMD Technologies Inc. - AMD Technology AHCI Compatible Controller Driver for Windows -.) -- C:\Windows\System32\Drivers\amdsbs.sys [194128]
O58 - SDL:11-03-2011 - 06:22:40 ---A- . (.Advanced Micro Devices - Storage Filter Driver.) -- C:\Windows\System32\Drivers\amdxata.sys [27008]
O58 - SDL:14-07-2009 - 01:52:21 ---A- . (.Adaptec, Inc. - Adaptec RAID Storport Driver.) -- C:\Windows\System32\Drivers\arc.sys [87632]
O58 - SDL:14-07-2009 - 01:52:21 ---A- . (.Adaptec, Inc. - Adaptec SAS RAID WS03 Driver.) -- C:\Windows\System32\Drivers\arcsas.sys [97856]
O58 - SDL:16-07-2014 - 18:56:39 ---A- . (...) -- C:\Windows\System32\Drivers\aswHwid.sys [29208] =>.ALWIL Software
O58 - SDL:16-07-2014 - 18:56:25 ---A- . (.AVAST Software - avast! Keyboard Filter Driver.) -- C:\Windows\System32\Drivers\aswKbd.sys [28184]
O58 - SDL:16-07-2014 - 18:56:39 ---A- . (.AVAST Software - avast! File System Minifilter for Windows 2003/Vista.) -- C:\Windows\System32\Drivers\aswMonFlt.sys [79184]
O58 - SDL:16-07-2014 - 18:56:18 ---A- . (.AVAST Software - avast! Filtering NDIS driver.) -- C:\Windows\System32\Drivers\aswNdisFlt.sys [448400]
O58 - SDL:08-05-2014 - 20:41:37 ---A- . (.AVAST Software - avast! Filtering NDIS driver.) -- C:\Windows\System32\Drivers\aswndisflt.sys.1400161449598 [447888]
O58 - SDL:16-07-2014 - 18:56:38 ---A- . (.AVAST Software - avast! WFP Redirect Driver.) -- C:\Windows\System32\Drivers\aswRdr2.sys [93568]
O58 - SDL:16-07-2014 - 18:56:39 ---A- . (...) -- C:\Windows\System32\Drivers\aswRvrt.sys [65776] =>.ALWIL Software
O58 - SDL:16-07-2014 - 18:56:39 ---A- . (.AVAST Software - avast! Virtualization Driver.) -- C:\Windows\System32\Drivers\aswsnx.sys [1041168]
O58 - SDL:08-05-2014 - 20:41:54 ---A- . (.AVAST Software - avast! Virtualization Driver.) -- C:\Windows\System32\Drivers\aswsnx.sys.1400161449598 [1039096]
O58 - SDL:16-07-2014 - 18:57:17 ---A- . (.AVAST Software - avast! self protection module.) -- C:\Windows\System32\Drivers\aswsp.sys [427360]
O58 - SDL:08-05-2014 - 20:41:54 ---A- . (.AVAST Software - avast! self protection module.) -- C:\Windows\System32\Drivers\aswsp.sys.1400161449598 [423240]
O58 - SDL:16-07-2014 - 18:56:39 ---A- . (.AVAST Software - Stream Filter.) -- C:\Windows\System32\Drivers\aswstm.sys [92008]
O58 - SDL:13-01-2014 - 12:59:33 ---A- . (.The OpenVPN Project - TAP-Windows Virtual Network Driver.) -- C:\Windows\System32\Drivers\aswTap.sys [44640]
O58 - SDL:16-07-2014 - 18:56:39 ---A- . (...) -- C:\Windows\System32\Drivers\aswVmm.sys [224896] =>.ALWIL Software
O58 - SDL:10-06-2009 - 20:34:23 ---A- . (.Broadcom Corporation - Broadcom NetXtreme Gigabit Ethernet NDIS6.x Unified Driver..) -- C:\Windows\System32\Drivers\b57nd60a.sys [270848]
O58 - SDL:13-02-2012 - 19:07:34 ---A- . (.Blue Coat Systems, Inc. - K9 Web Protection Driver.) -- C:\Windows\System32\Drivers\bckd.sys [108304]
O58 - SDL:10-06-2009 - 20:41:06 ---A- . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver.) -- C:\Windows\System32\Drivers\BrFiltLo.sys [18432]
O58 - SDL:10-06-2009 - 20:41:06 ---A- . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver.) -- C:\Windows\System32\Drivers\BrFiltUp.sys [8704]
O58 - SDL:14-07-2009 - 01:19:07 ---A- . (.Brother Industries Ltd. - Controlador Série Brother I/F(WDM).) -- C:\Windows\System32\Drivers\BrSerId.sys [286720]
O58 - SDL:10-06-2009 - 20:41:10 ---A- . (.Brother Industries Ltd. - Brother Serial driver (WDM version).) -- C:\Windows\System32\Drivers\BrSerWdm.sys [47104]
O58 - SDL:10-06-2009 - 20:41:10 ---A- . (.Brother Industries Ltd. - Brother USB MDM Driver.) -- C:\Windows\System32\Drivers\BrUsbMdm.sys [14976]
O58 - SDL:10-06-2009 - 20:41:10 ---A- . (.Brother Industries Ltd. - Brother USB Serial Driver.) -- C:\Windows\System32\Drivers\BrUsbSer.sys [14720]
O58 - SDL:10-06-2009 - 20:34:28 ---A- . (.Broadcom Corporation - Broadcom NetXtreme II GigE VBD.) -- C:\Windows\System32\Drivers\bxvbda.sys [468480]
O58 - SDL:14-07-2009 - 01:52:31 ---A- . (.CMD Technology, Inc. - CMD PCI IDE Bus Driver.) -- C:\Windows\System32\Drivers\cmdide.sys [17488]
O58 - SDL:10-06-2009 - 20:35:03 ---A- . (.Intel Corporation - Intel(R) PRO/100 Adapter NDIS 5.1 driver.) -- C:\Windows\System32\Drivers\eFE5b32e.sys [192256]
O58 - SDL:14-07-2009 - 01:47:48 ---A- . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\System32\Drivers\elxstor.sys [530496]
O58 - SDL:10-06-2009 - 20:34:33 ---A- . (.Broadcom Corporation - Broadcom NetXtreme II 10 GigE VBD.) -- C:\Windows\System32\Drivers\evbda.sys [3286016]
O58 - SDL:05-04-2013 - 22:48:44 ---A- . (.G Data Software AG - Behavior Blocker.) -- C:\Windows\System32\Drivers\GDBehave.sys [50552]
O58 - SDL:05-04-2013 - 22:48:39 ---A- . (.G Data Software AG - G Data WFP Callout Driver.) -- C:\Windows\System32\Drivers\gdwfpcd64.sys [65912]
O58 - SDL:05-04-2013 - 23:42:53 ---A- . (.G Data Software - G Data Rootkit Detector Driver.) -- C:\Windows\System32\Drivers\GRD.sys [106648]
O58 - SDL:10-06-2009 - 20:31:59 ---A- . (.Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for eHome.) -- C:\Windows\System32\Drivers\hcw85cir.sys [31232]
O58 - SDL:14-07-2009 - 01:47:48 ---A- . (.Hewlett-Packard Company - Smart Array SAS/SATA Controller Media Driver.) -- C:\Windows\System32\Drivers\HpSAMD.sys [77888]
O58 - SDL:11-03-2011 - 06:23:00 ---A- . (.Intel Corporation - Intel Matrix Storage Manager driver - x64.) -- C:\Windows\System32\Drivers\iaStorV.sys [410496]
O58 - SDL:14-07-2009 - 01:48:04 ---A- . (.Intel Corp./ICP vortex GmbH - Intel/ICP Raid Storport Driver.) -- C:\Windows\System32\Drivers\iirsp.sys [44112]
O58 - SDL:14-07-2009 - 01:48:04 ---A- . (.LSI Corporation - LSI Fusion-MPT FC Driver (StorPort).) -- C:\Windows\System32\Drivers\lsi_fc.sys [114752]
O58 - SDL:14-07-2009 - 01:48:04 ---A- . (.LSI Corporation - LSI Fusion-MPT SAS Driver (StorPort).) -- C:\Windows\System32\Drivers\lsi_sas.sys [106560]
O58 - SDL:14-07-2009 - 01:48:04 ---A- . (.LSI Corporation - LSI SAS Gen2 Driver (StorPort).) -- C:\Windows\System32\Drivers\lsi_sas2.sys [65600]
O58 - SDL:14-07-2009 - 01:48:04 ---A- . (.LSI Corporation - LSI Fusion-MPT SCSI Driver (StorPort).) -- C:\Windows\System32\Drivers\lsi_scsi.sys [115776]
O58 - SDL:14-07-2009 - 01:48:04 ---A- . (.LSI Corporation - MEGASAS RAID Controller Driver for Windows 7\Server 2008 R2 for.) -- C:\Windows\System32\Drivers\megasas.sys [35392]
O58 - SDL:14-07-2009 - 01:48:04 ---A- . (.LSI Corporation, Inc. - LSI MegaRAID Software RAID Driver.) -- C:\Windows\System32\Drivers\MegaSR.sys [284736]
O58 - SDL:05-04-2013 - 22:48:45 ---A- . (.G Data Software AG - Filesystem MiniInterceptor (Mini Filter).) -- C:\Windows\System32\Drivers\MiniIcpt.sys [110968]
O58 - SDL:10-06-2009 - 20:35:28 ---A- . (.Intel Corporation - Intel® Wireless WiFi Link Driver.) -- C:\Windows\System32\Drivers\netw5v64.sys [5434368]
O58 - SDL:06-05-2014 - 17:40:10 ---A- . (.Intel Corporation - Intel® Wireless WiFi Link Driver.) -- C:\Windows\System32\Drivers\NETwLv64.sys [7533568]
O58 - SDL:14-07-2009 - 01:48:26 ---A- . (.IBM Corporation - IBM ServeRAID Controller Driver.) -- C:\Windows\System32\Drivers\nfrd960.sys [51264]
O58 - SDL:11-02-2011 - 21:23:34 ---A- . (.CACE Technologies, Inc. - npf.sys (NT5/6 AMD64) Kernel Driver.) -- C:\Windows\System32\Drivers\npf.sys [35344]
O58 - SDL:06-03-2009 - 10:52:00 ---A- . (.NVIDIA Corporation - NVIDIA Compatible Windows Vista Kernel Mode Driver, Version 179.) -- C:\Windows\System32\Drivers\nvlddmkm.sys [9677600]
O58 - SDL:11-03-2011 - 06:23:06 ---A- . (.NVIDIA Corporation - NVIDIA® nForce(TM) RAID Driver.) -- C:\Windows\System32\Drivers\nvraid.sys [148352]
O58 - SDL:11-03-2011 - 06:23:06 ---A- . (.NVIDIA Corporation - NVIDIA® nForce(TM) Sata Performance Driver.) -- C:\Windows\System32\Drivers\nvstor.sys [166272]
O58 - SDL:05-04-2013 - 22:50:28 ---A- . (.G Data Software AG - WFP PktInterceptor 2 (Pkt2 Filter).) -- C:\Windows\System32\Drivers\PktIcpt.sys [59256]
O58 - SDL:14-07-2009 - 01:45:46 ---A- . (.QLogic Corporation - QLogic Fibre Channel Stor Miniport Driver.) -- C:\Windows\System32\Drivers\ql2300.sys [1524816]
O58 - SDL:14-07-2009 - 01:45:45 ---A- . (.QLogic Corporation - QLogic iSCSI Storport Miniport Driver.) -- C:\Windows\System32\Drivers\ql40xx.sys [128592]
O58 - SDL:10-06-2009 - 20:37:19 ---A- . (.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) -- C:\Windows\System32\Drivers\secdrv.sys [23040]
O58 - SDL:14-07-2009 - 01:45:45 ---A- . (.Silicon Integrated Systems Corp. - SiS RAID Stor Miniport Driver.) -- C:\Windows\System32\Drivers\sisraid2.sys [43584]
O58 - SDL:14-07-2009 - 01:45:46 ---A- . (.Silicon Integrated Systems - SiS AHCI Stor-Miniport Driver.) -- C:\Windows\System32\Drivers\sisraid4.sys [80464]
O58 - SDL:14-07-2009 - 01:45:55 ---A- . (.Promise Technology - Promise SuperTrak EX Series Driver for Windows.) -- C:\Windows\System32\Drivers\stexstor.sys [24656]
O58 - SDL:20-07-2014 - 17:07:24 ---A- . (...) -- C:\Windows\System32\Drivers\SWDUMon.sys [16152]
O58 - SDL:14-08-2008 - 09:40:44 ---A- . (.Synaptics, Inc. - Synaptics Touchpad Driver.) -- C:\Windows\System32\Drivers\SynTP.sys [260144]
O58 - SDL:16-10-2013 - 01:44:42 ---A- . (.Anchorfree Inc. - Anchorfree HSS VPN Adapter.) -- C:\Windows\System32\Drivers\taphss6.sys [42184]
O58 - SDL:01-01-2000 - 00:00:00 ---A- . (.Texas Instruments - tifm21.sys.) -- C:\Windows\System32\Drivers\tifm21.sys [314880]
O58 - SDL:14-07-2009 - 01:45:55 ---A- . (.VIA Technologies, Inc. - VIA Generic PCI IDE Bus Driver.) -- C:\Windows\System32\Drivers\viaide.sys [17488]
O58 - SDL:14-07-2009 - 01:45:55 ---A- . (.VIA Technologies Inc.,Ltd - VIA RAID DRIVER FOR AMD-X86-64.) -- C:\Windows\System32\Drivers\vsmraid.sys [161872]
O58 - SDL:30-03-2009 - 09:39:44 ---A- . (.ZTE Inc. - USB Modem/Serial Device Driver.) -- C:\Windows\System32\Drivers\ZTEusbmdm6k.sys [150656]
O58 - SDL:30-03-2009 - 09:39:56 ---A- . (.ZTE Corporation. - USB NDIS Miniport Driver.) -- C:\Windows\System32\Drivers\ZTEusbnet.sys [167424]
O58 - SDL:30-03-2009 - 09:40:02 ---A- . (.ZTE Inc. - USB Modem/Serial Device Driver.) -- C:\Windows\System32\Drivers\ZTEusbnmea.sys [150784]
O58 - SDL:30-03-2009 - 09:40:06 ---A- . (.ZTE Inc. - USB Modem/Serial Device Driver.) -- C:\Windows\System32\Drivers\ZTEusbser6k.sys [150656]
O58 - SDL:26-04-2014 - 00:13:18 ---A- . (.Phoenix Technologies - DriverAgent Direct I/O for 64-bit Windows.) -- C:\Windows\SysWOW64\drivers\DrvAgent64.SYS [21712]
O58 - SDL:05-06-2012 - 07:37:22 ---A- . (.Trend Micro Inc. - TrendMicro Common Module.) -- C:\Windows\SysWOW64\drivers\tmcomm.sys [256904]
~ Drivers: 80 Scanned in 00mn 03s

---\\ Últimos ficheiros alterados ou criados (Utilizador) (061)
O61 - LFC: 09-09-2014 - 22:37:33 ---A- . (...) -- C:\Users\Utilizador\AppData\Local\Adobe\Acrobat\11.0\UserCache.bin [116025]
O61 - LFC: 15-09-2014 - 22:37:44 R--A- . (...) -- C:\Users\Utilizador\AppData\Roaming\Microsoft\Installer\{ACF5FE1B-3772-4068-8B87-2D2A6EFD0A05}\Icon1226A4C5.exe [110080]
O61 - LFC: 15-09-2014 - 22:37:44 R--A- . (...) -- C:\Users\Utilizador\AppData\Roaming\Microsoft\Installer\{ACF5FE1B-3772-4068-8B87-2D2A6EFD0A05}\IconD7F16134.exe [110080]
O61 - LFC: 15-09-2014 - 22:37:44 R--A- . (...) -- C:\Users\Utilizador\AppData\Roaming\Microsoft\Installer\{ACF5FE1B-3772-4068-8B87-2D2A6EFD0A05}\IconF7A21AF7.exe [110080]
O61 - LFC: 15-09-2014 - 22:37:54 ---A- . (.Nicolas Coolman.) -- C:\Users\Utilizador\Downloads\ZHPDiag2 (2).exe [6860008] =>.Nicolas Coolman
~ 5 Fichiers temporaires (Temporary files)
~ 4 Fichiers cookies (Cookies files)
~ Files: 5 Scanned in 00mn 21s

---\\ Lista das ferramentas de remoção de vírus (LAT) (063)
O63 - Logiciel: ZHPDiag 2014 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =>.Nicolas Coolman
~ ADS: Scanned in 00mn 00s

---\\ Lista dos serviços Legacy du registo (064)
O64 - Services: CurCS - 25-09-2009 - C:\Windows\System32\DRIVERS\44278511.sys (44278511) .(.Kaspersky Lab - Kaspersky Unified Driver.) - LEGACY_44278511
O64 - Services: CurCS - 22-10-2009 - C:\Windows\System32\DRIVERS\44278512.sys (44278512) .(.Kaspersky Lab - Kaspersky Lab Boot Guard Driver.) - LEGACY_44278512
O64 - Services: CurCS - 16-07-2014 - C:\Windows\system32\drivers\aswHwid.sys (aswHwid) .(...) - LEGACY_ASWHWID
O64 - Services: CurCS - 16-07-2014 - C:\Windows\system32\drivers\aswMonFlt.sys (aswMonFlt) .(.AVAST Software - avast! File System Minifilter for Windows 2.) - LEGACY_ASWMONFLT
O64 - Services: CurCS - 16-07-2014 - C:\Windows\System32\DRIVERS\aswNdisFlt.sys (aswNdisFlt) .(.AVAST Software - avast! Filtering NDIS driver.) - LEGACY_ASWNDISFLT
O64 - Services: CurCS - 16-07-2014 - C:\Windows\system32\drivers\aswRdr2.sys (aswRdr) .(.AVAST Software - avast! WFP Redirect Driver.) - LEGACY_ASWRDR
O64 - Services: CurCS - 16-07-2014 - C:\Windows\System32\Drivers\aswRvrt.sys (aswRvrt) .(...) - LEGACY_ASWRVRT
O64 - Services: CurCS - 16-07-2014 - C:\Windows\system32\drivers\aswSnx.sys (aswSnx) .(.AVAST Software - avast! Virtualization Driver.) - LEGACY_ASWSNX
O64 - Services: CurCS - 16-07-2014 - C:\Windows\system32\drivers\aswSP.sys (aswSP) .(.AVAST Software - avast! self protection module.) - LEGACY_ASWSP
O64 - Services: CurCS - 16-07-2014 - C:\Windows\system32\drivers\aswStm.sys (aswStm) .(.AVAST Software - Stream Filter.) - LEGACY_ASWSTM
O64 - Services: CurCS - 16-07-2014 - C:\Windows\System32\Drivers\aswVmm.sys (aswVmm) .(...) - LEGACY_ASWVMM
O64 - Services: CurCS - 10-06-2009 - C:\Windows\System32\Drivers\secdrv.sys (secdrv) .(.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) - LEGACY_SECDRV
O64 - Services: CurCS - 10-10-2009 - C:\Windows\System32\DRIVERS\4427851.sys (setup_9.0.0.722_22.04.2013_05-21drv) .(.Kaspersky Lab - Klif Mini-Filter [fre_wlh_AMD64].) - LEGACY_SETUP_9.0.0.722_22.04.2013_05-21DRV
~ Legacy: 94 Scanned in 00mn 00s

---\\ Associações Shell Spawning (O67)
O67 - Shell Spawning: <.bat> <batfile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.cpl> <cplfile>[HKLM\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe =>.Microsoft Corporation
O67 - Shell Spawning: <.cmd> <cmdfile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.com> <ComFile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.evt> <evtfile>[HKLM\..\open\Command] (.Microsoft Corporation - Iniciador do Snap-in Visualizador de Eventos.) -- C:\Windows\System32\eventvwr.exe
O67 - Shell Spawning: <.exe> <exefile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.html> <htmlfile>[HKLM\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O67 - Shell Spawning: <.js> <jsfile>[HKLM\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\WScript.exe
O67 - Shell Spawning: <.reg> <regfile>[HKLM\..\open\Command] (.Microsoft Corporation - Editor de registo.) -- C:\Windows\regedit.exe
O67 - Shell Spawning: <.scr> <scrfile>[HKLM\..\open\Command] (...) -- "%1" /S
O67 - Shell Spawning: <.html> <ChromeHTML>[HKCU\..\open\Command] (.Not Key.)
O67 - Shell Spawning: <.com> <>[HKU\..\open\Command] (.Not Key.)
O67 - Shell Spawning: <.exe> <>[HKU\..\open\Command] (.Not Key.)
~ FASS Keys: 13 Scanned in 00mn 00s

---\\ Menu de inicialização Internet (068)
O68 - StartMenuInternet: <Google Chrome> <Google Chrome>[HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O68 - StartMenuInternet: <Opera> <Opera>[HKLM\..\Shell\open\Command] (.Not Key.)
~ Keys: Scanned in 00mn 00s

---\\ Pesquisa de infeção nos navegadores da Internet (SBI) (069)
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (Bing) - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O69 - SBI: SearchScopes [HKCU] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} - (Google) - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O69 - SBI: SearchScopes [HKCU] {938BDA3D-2E80-4EB6-B3A1-3669B2F67AB5} [DefaultScope] - (Yahoo) - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
~ Keys: Scanned in 00mn 00s

---\\ Listagem dos serviços iniciados pelo Svchost (SSS) (O83)
O83 - Search Svchost Services: AeLookupSvc (AeLookupSvc) . (.Microsoft Corporation - Serviço Experiência de Aplicação.) -- C:\Windows\System32\aelupsvc.dll [72192]
O83 - Search Svchost Services: CertPropSvc (CertPropSvc) . (.Microsoft Corporation - Serviço de Propagação de Certificados de Smart Card da Microsoft.) -- C:\Windows\System32\certprop.dll [80384]
O83 - Search Svchost Services: SCPolicySvc (SCPolicySvc) . (.Microsoft Corporation - Serviço de Propagação de Certificados de Smart Card da Microsoft.) -- C:\Windows\System32\certprop.dll [80384]
O83 - Search Svchost Services: lanmanserver (lanmanserver) . (.Microsoft Corporation - DLL do Serviço de Servidor.) -- C:\Windows\System32\srvsvc.dll [236032]
O83 - Search Svchost Services: gpsvc (gpsvc) . (.Microsoft Corporation - Cliente de Política de Grupo.) -- C:\Windows\System32\gpsvc.dll [776192]
O83 - Search Svchost Services: IKEEXT (IKEEXT) . (.Microsoft Corporation - Extensão IKE.) -- C:\Windows\System32\ikeext.dll [845824]
O83 - Search Svchost Services: AudioSrv (AudioSrv) . (.Microsoft Corporation - Serviço de Áudio do Windows.) -- C:\Windows\System32\Audiosrv.dll [676864]
O83 - Search Svchost Services: Rasauto (Rasauto) . (.Microsoft Corporation - Gestor de Marcação Automática de Acesso Remoto.) -- C:\Windows\System32\rasauto.dll [99328]
O83 - Search Svchost Services: Rasman (Rasman) . (.Microsoft Corporation - Gestor de Ligação de Acesso Remoto.) -- C:\Windows\System32\rasmans.dll [343552]
O83 - Search Svchost Services: Remoteaccess (Remoteaccess) . (.Microsoft Corporation - Gestor de Interfaces Dinâmicas.) -- C:\Windows\System32\mprdim.dll [97792]
O83 - Search Svchost Services: SENS (SENS) . (.Microsoft Corporation - Serviço de Notificação de Eventos do Sistema (SENS).) -- C:\Windows\System32\sens.dll [64512]
O83 - Search Svchost Services: Sharedaccess (Sharedaccess) . (.Microsoft Corporation - Componentes do Microsoft NAT Helper.) -- C:\Windows\System32\ipnathlp.dll [359424]
O83 - Search Svchost Services: Tapisrv (Tapisrv) . (.Microsoft Corporation - Servidor de telefonia Microsoft® Windows(TM).) -- C:\Windows\System32\tapisrv.dll [316416]
O83 - Search Svchost Services: TermService (TermService) . (.Microsoft Corporation - Gestor de Ligações Remotas do Servidor de Anfitrião de Sessões de Ambi.) -- C:\Windows\System32\termsrv.dll [706560]
O83 - Search Svchost Services: wuauserv (wuauserv) . (.Microsoft Corporation - Windows Update Agent.) -- C:\Windows\System32\wuaueng.dll [2428952]
O83 - Search Svchost Services: BITS (BITS) . (.Microsoft Corporation - Serviço de transferência inteligente em segundo plano.) -- C:\Windows\System32\qmgr.dll [848384]
O83 - Search Svchost Services: ShellHWDetection (ShellHWDetection) . (.Microsoft Corporation - DLL de serviços da shell do Windows.) -- C:\Windows\System32\shsvcs.dll [369664]
O83 - Search Svchost Services: iphlpsvc (iphlpsvc) . (.Microsoft Corporation - Serviço que oferece conectividade IPv6 numa rede IPv4..) -- C:\Windows\System32\iphlpsvc.dll [565760]
O83 - Search Svchost Services: seclogon (seclogon) . (.Microsoft Corporation - DLL secundária de serviço de início de sessão.) -- C:\Windows\system32\seclogon.dll [30720]
O83 - Search Svchost Services: AppInfo (AppInfo) . (.Microsoft Corporation - Serviço de Informações sobre Aplicações.) -- C:\Windows\System32\appinfo.dll [70144]
O83 - Search Svchost Services: msiscsi (msiscsi) . (.Microsoft Corporation - Serviço de Detecção iSCSI.) -- C:\Windows\System32\iscsiexe.dll [156672]
O83 - Search Svchost Services: MMCSS (MMCSS) . (.Microsoft Corporation - Serviço do Programador de Classes de Multimédia.) -- C:\Windows\System32\mmcss.dll [67584]
O83 - Search Svchost Services: winmgmt (winmgmt) . (.Microsoft Corporation - WMI.) -- C:\Windows\System32\wbem\WMIsvc.dll [242688]
O83 - Search Svchost Services: SessionEnv (SessionEnv) . (.Microsoft Corporation - Serviço de Configuração do Ambiente de Trabalho Remoto.) -- C:\Windows\System32\sessenv.dll [104960]
O83 - Search Svchost Services: browser (browser) . (.Microsoft Corporation - DLL do Browser de Computador.) -- C:\Windows\System32\browser.dll [136704]
O83 - Search Svchost Services: EapHost (EapHost) . (.Microsoft Corporation - Serviço EAPHost da Microsoft.) -- C:\Windows\System32\eapsvc.dll [111104]
O83 - Search Svchost Services: schedule (schedule) . (.Microsoft Corporation - Serviço Programador de Tarefas.) -- C:\Windows\System32\schedsvc.dll [1114624]
O83 - Search Svchost Services: hkmsvc (hkmsvc) . (.Microsoft Corporation - Key Management Service.) -- C:\Windows\System32\kmsvc.dll [90624]
O83 - Search Svchost Services: wercplsupport (wercplsupport) . (.Microsoft Corporation - Relatórios e Soluções de Problemas.) -- C:\Windows\System32\wercplsupport.dll [84480]
O83 - Search Svchost Services: ProfSvc (ProfSvc) . (.Microsoft Corporation - ProfSvc.) -- C:\Windows\System32\profsvc.dll [208896]
O83 - Search Svchost Services: Themes (Themes) . (.Microsoft Corporation - DLL de Serviços de Tema da Shell do Windows.) -- C:\Windows\System32\themeservice.dll [44544]
O83 - Search Svchost Services: BDESVC (BDESVC) . (.Microsoft Corporation - Serviço BDE.) -- C:\Windows\System32\bdesvc.dll [100864]
O83 - Search Svchost Services: AppMgmt (AppMgmt) . (.Microsoft Corporation - Serviço de instalação de software.) -- C:\Windows\System32\appmgmts.dll [193536]
~ Services: 33 Scanned in 00mn 00s

---\\ Pesquisa adicional à raiz do sistema (radicular) (SPRF) (O84)
[MD5.64BAEC464B396B66A353D8FC2F42A4E3] [SPRF][31-07-2011] (.RaProducts.org - System Purification Tool.) -- C:\Users\Utilizador\Desktop\PureRa.exe [76565]
~ Files: 1 Scanned in 00mn 00s

---\\ Search Tracing Registry Key (O100)
HKLM\SOFTWARE\Microsoft\Tracing\RegHunter_RASAPI32 =>Crapware.RegHunter
HKLM\SOFTWARE\Microsoft\Tracing\RegHunter_RASMANCS =>Crapware.RegHunter
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\dlLogic_RASAPI32 =>Toolbar.Conduit
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\dlLogic_RASMANCS =>Toolbar.Conduit
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\searchprotect1204_RASAPI32 =>PUP.SearchProtect
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\searchprotect1204_RASMANCS =>PUP.SearchProtect
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\SEDownloader_RASAPI32 =>PUP.SoftwareEngine
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\SEDownloader_RASMANCS =>PUP.SoftwareEngine
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\uTorrent-2-_RASAPI32 =>P2P.µTorrent
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\uTorrent-2-_RASMANCS =>P2P.µTorrent
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\uTorrent_RASAPI32 =>P2P.µTorrent
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\uTorrent_RASMANCS =>P2P.µTorrent
~ BTK: 674 Scanned in 00mn 01s

---\\ Estado general dos serviços não Microsoft (EGS) (SR=Executados, SS=Parados)
SS - | Demand 19-08-2014 262320 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
SS - | Auto 17-02-2014 116648 | (gupdate) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 17-02-2014 116648 | (gupdatem) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Auto 23-10-2013 172192 | (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files (x86)\Skype\Updater\Updater.exe
SS - | Demand 10-07-1658 0 | (WMPNetworkSvc) . (...) - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe =>.Microsoft Corporation
SR - | Auto 21-12-2013 65432 | (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
SR - | Auto 01-01-2000 16896 | (AgereModemAudio) . (.LSI Corporation.) - C:\Program Files\LSI SoftModem\agr64svc.exe
SR - | Auto 16-07-2014 50344 | (avast! Antivirus) . (.AVAST Software.) - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
SR - | Auto 16-07-2014 106488 | (avast! Firewall) . (.AVAST Software.) - C:\Program Files\AVAST Software\Avast\afwServ.exe
SR - | Auto 14-07-2009 27136 | C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.dll (HPSLPSVC) . (.Hewlett-Packard Co..) - C:\Windows\System32\svchost.exe
SR - | Auto 14-07-2009 27136 | C:\Windows\system32\HPZinw12.dll (Net Driver HPZ12) . (.Hewlett-Packard.) - C:\Windows\System32\svchost.exe
SR - | Auto 06-03-2009 364064 | (nvsvc) . (.NVIDIA Corporation.) - C:\Windows\System32\nvvsvc.exe
SR - | Auto 14-07-2009 27136 | C:\Windows\system32\HPZipm12.dll (Pml Driver HPZ12) . (.Hewlett-Packard.) - C:\Windows\System32\svchost.exe
SR - | Auto 14-07-2009 27136 | C:\Program Files (x86)\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SR - | Auto 14-07-2009 27136 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
~ Services: Scanned in 00mn 13s

---\\ Pesquisa de infeção no Registo Mestre de Inicialização (MBR) (080)
Run by Utilizador at 15-09-2014 22:38:50
~ OS 64 not supported by MBR tool
~ MBR: 0 Scanned in 00mn 00s

---\\ Pesquisa de infeção no Registo Mestre de Inicialização (MBRCheck) (080)
Written by ad13, [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Run by Utilizador at 15-09-2014 22:38:52
********* Dump file Name *********
C:\PhysicalDisk0_MBR.bin
~ MBR: Scanned in 00mn 02s

---\\ Scâner Aditional (088)
Database Version : 13026 - (28-08-2014)
Clés trouvées (Keys found) : 3
Valeurs trouvées (Values found) : 2
Dossiers trouvés (Folders found) : 3
Fichiers trouvés (Files found) : 2

[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{0E08BAC8-845B-4327-8CDB-4B0F8C9857A5}_is1] =>PUP.FLVMPlayer^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{ACF5FE1B-3772-4068-8B87-2D2A6EFD0A05}] =>Crapware.SpyHunter^
[HKLM\Software\Microsoft\Shared Tools\MSConfig\startupreg\uTorrent] =>P2P.µTorrent^
C:\Program Files (x86)\ssavee Nett =>PUP.SaveNet^
C:\ProgramData\InstallMate =>PUP.Tarma^
C:\Users\Utilizador\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpyHunter =>Crapware.SpyHunter^
[HKCU\Software\BitTorrent] =>P2P.BitTorrent^
C:\Users\Utilizador\Desktop\SpyHunter.lnk =>Crapware.SpyHunter
~ Additionnel Scan: 206183 Items scanned in 00mn 46s

---\\ Informações complémentaires do módulos
~ [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>.Google Chrome, Arranque,Pesquisa,Extensões (G0,G1,G2)
~ [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>.Google Chrome, Arranque,Pesquisa,Extensões (G0,G1,G2)
~ [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>.Internet Explorer, Gestão do Proxy (R5)
~ [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>.Browser Helper Objects do navegador (02)
~ [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>.Aplicações iniciadas por registo & pastas (04)
~ AMI: 5 Scanned in 00mn 00s

---\\ Sumário das deteções encontradas na sua estação
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>Crapware.SpyHunter
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>PUP.Tarma
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>Crapware.RegHunter
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>Toolbar.Conduit
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>PUP.SearchProtect
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>PUP.SoftwareEngine
~ MSI: 6 link(s) detected in 00mn 00s

End of the scan (1158 lines in 03mn 52s)(0)

por JoseCarlos Seg 15 Set 2014, 18:51

Eu fiz a verificação com o Adwcleaner que nada detectou. O PureRa tem obstáculoes em eliminar. Por isso passei o ZHP em análise completa

por **joram** Seg 15 Set 2014, 19:37

Boa Noite! JoseCarlos

> Desinstale: Spybot ( Este software está ultrapassado! )

-/-

> Execute este script na ferramenta ZHPFix.
> Selecione e copie estas informações que estão em vermelho,para o Bloco de Notas.
> Com o Bloco de Notas aberto,faça: ctrl+a >> ctrl+c ( Selecionar e Copiar )
> À seguir,minimize o Bloco de Notas.

Script ZHPFix
FirewallRaz
EmptyPrefetch
EmptyTemp
EmptyFlash
O4 - GS\Desktop [Public]: FLV Media Player.lnk . (...) -- C:\Program Files (x86)\FLV Media Player\FLVMPlayer.exe
O4 - GS\Desktop [Utilizador]: SpyHunter.lnk . (...) -- C:\Program Files (x86)\Enigma Software Group\SpyHunter\SpyHunter4.exe (.not file.)
O42 - Logiciel: FLV Media Player version 1.3 - (.FLVMPlayer.) [HKLM][64Bits] -- {0E08BAC8-845B-4327-8CDB-4B0F8C9857A5}_is1
O42 - Logiciel: SpyHunter - (.Enigma Software Group USA, LLC.) [HKLM][64Bits] -- {ACF5FE1B-3772-4068-8B87-2D2A6EFD0A05}
C:\Program Files (x86)\ssavee Nett
C:\ProgramData\InstallMate
C:\Users\Utilizador\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpyHunter
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\dlLogic_RASAPI32
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\dlLogic_RASMANCS
HKLM\SOFTWARE\Microsoft\Tracing\RegHunter_RASAPI32
HKLM\SOFTWARE\Microsoft\Tracing\RegHunter_RASMANCS
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\searchprotect1204_RASAPI32
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\searchprotect1204_RASMANCS
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\SEDownloader_RASAPI32
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\SEDownloader_RASMANCS
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{0E08BAC8-845B-4327-8CDB-4B0F8C9857A5}_is1]
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{ACF5FE1B-3772-4068-8B87-2D2A6EFD0A05}]
C:\Users\Utilizador\Desktop\SpyHunter.lnk

> Abra a ferramenta ZHPFix. < [Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem] >
> Clique IMPORTAÇÃO >> OK.
> Ps: Ao clicar "OK",verifique se o campo está limpo para que receba,somente,as informações do script.
> Clique "GO".
> Poste o relatório!

A+

por JoseCarlos Seg 15 Set 2014, 20:05

Rapport de ZHPFix 2014.8.3.6 par Nicolas Coolman, Update du 03/08/2014
Fichier d'export Registre :
Run by Utilizador at 16-09-2014 00:04:13
High Elevated Privileges : OK
Windows 7 Ultimate Edition, 64-bit (Build 7600)

Reciclagem vazia (00mn 04s)
Prefetcher vazio

========== Softwares ==========
ELIMINÉ: FLV Media Player version 1.3

========== Chaves do Registo ==========
ELIMINÉ: HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\dlLogic_RASAPI32
ELIMINÉ: HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\dlLogic_RASMANCS
ELIMINÉ:* HKLM\SOFTWARE\Microsoft\Tracing\RegHunter_RASAPI32
ELIMINÉ:* HKLM\SOFTWARE\Microsoft\Tracing\RegHunter_RASMANCS
ELIMINÉ: HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\searchprotect1204_RASAPI32
ELIMINÉ: HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\searchprotect1204_RASMANCS
ELIMINÉ: HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\SEDownloader_RASAPI32
ELIMINÉ: HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\SEDownloader_RASMANCS
ELIMINÉ:* HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{ACF5FE1B-3772-4068-8B87-2D2A6EFD0A05}

========== Valores do Registo ==========
ELIMINÉ: FirewallRaz (SP) : C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
ELIMINÉ: FirewallRaz (SP) : C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
ELIMINÉ: FirewallRaz (SP) : C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe
ELIMINÉ: FirewallRaz (SP) : C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
Ausente Valor Perfil Domínio FirewallRaz :

========== Pastas ==========
ELIMINÉ Temporários windows (5)
ELIMINÉ Flash Cookies (0)
ELIMINÉ: c:\programdata\installmate

========== Ficheiros ==========
ELIMINÉ Temporários windows (6) (830.064 octets)
ELIMINÉ Flash Cookies (0) (0 octets)

========== Recapitulativo ==========
9 : Chaves do Registo
5 : Valores do Registo
3 : Pastas
2 : Ficheiros
1 : Softwares

End of clean in 00mn 16s

========== Caminho do ficheiro do relatório ==========
C:\Users\Utilizador\AppData\Roaming\ZHP\ZHPFix[R1].txt - 28-08-2014 09:34:11 [3180]
C:\Users\Utilizador\AppData\Roaming\ZHP\ZHPFix[R2].txt - 28-08-2014 22:19:31 [1171]
C:\Users\Utilizador\AppData\Roaming\ZHP\ZHPFix[R3].txt - 28-08-2014 23:09:42 [3336]
C:\Users\Utilizador\AppData\Roaming\ZHP\ZHPFix[R4].txt - 28-08-2014 11:22:22 [1069]
C:\Users\Utilizador\AppData\Roaming\ZHP\ZHPFix[R5].txt - 28-08-2014 08:53:50 [1814]
C:\Users\Utilizador\AppData\Roaming\ZHP\ZHPFix[R6].txt - 28-08-2014 13:34:09 [1464]
C:\Users\Utilizador\AppData\Roaming\ZHP\ZHPFix[R7].txt - 16-09-2014 00:04:18 [2517]

por **joram** Seg 15 Set 2014, 20:58

Boa Noite! JoseCarlos

> Baixe: < [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] > ( ... by techsupportall.com )
> Salve-a no desktop!

[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]

> Execute o arquivo Adware-Removal-Tool-v3.5.exe <<

[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]

> Dê início a verificação,clicando em Scan.

[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]

> Ao concluir seu prescan,clique OK.
> Ps: Cada guia irá mostrar o que será removido!

[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]

> Clique "Next" >> Aguarde!

< Computador >> Windows (C:) >> Program Files >> Adware-Removal-Tool >> Reports >> Repair_Logs_2014_09_dia_h_min_seg.txt <<

> Poste o relatório!

Abs!

por JoseCarlos Dom 28 Set 2014, 15:07

Foi concluído com sucesso a operação.
Obrigado.

por **joram** Dom 28 Set 2014, 15:13

Caso Resolvido

Caso o autor do tópico necessite, o mesmo será reaberto, para isso deverá entrar em contato com um dos membros da [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] solicitando o desbloqueio.

por Conteúdo patrocinado

É dificil abrir o Browser