Fórum PC Brasil
Gostaria de reagir a esta mensagem? Crie uma conta em poucos cliques ou inicie sessão para continuar.
Flux RSS


Yahoo! 
MSN 
AOL 
Netvibes 
Bloglines 


Social bookmarking

Social bookmarking reddit      

Conservar e compartilhar o endereço de PC Seguro em seu site de social bookmarking

Conservar e compartilhar o endereço de Fórum PC Brasil em seu site de social bookmarking

Estatísticas
Temos 14807 usuários registrados
O último membro registrado é Costa24

Os nossos membros postaram um total de 36044 mensagens em 3685 assuntos
Últimos assuntos
» Problema no disco rígido do Windows 11
por Costa24 Hoje à(s) 10:19

Quem está conectado?
14 usuários online :: 0 registrados, 0 invisíveis e 14 visitantes

Nenhum

O recorde de usuários online foi de 301 em Ter 26 Out 2021, 15:28
Procurar
 
 

Resultados por:
 


Rechercher Pesquisa avançada

março 2024
SegTerQuaQuiSexSábDom
    123
45678910
11121314151617
18192021222324
25262728293031

Calendário Calendário


pc lento para ligar ...

2 participantes

Página 1 de 2 1, 2  Seguinte

Ir para baixo

pc lento para ligar ... Empty pc lento para ligar ...

Mensagem por kipper Ter 14 Out 2014, 17:41

Meu pc demora para ligar e entrar na net.
kipper
kipper
Iniciante
Iniciante

Mensagens : 48
Reputação : 1
Data de inscrição : 06/06/2014
Idade : 46

Ir para o topo Ir para baixo

pc lento para ligar ... Empty Re: pc lento para ligar ...

Mensagem por joram Ter 14 Out 2014, 23:09

Boa Noite! kipper

< [Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem] >

> Poste o log do HijackThis,segundo a [Tens de ter uma conta e sessão iniciada para poderes visualizar este link].

A+
joram
joram
Administrador
Administrador

Mensagens : 4160
Reputação : 471
Data de inscrição : 26/01/2014
Localização : Rio de Janeiro

Ir para o topo Ir para baixo

pc lento para ligar ... Empty Re: pc lento para ligar ...

Mensagem por kipper Qua 15 Out 2014, 15:39

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 15:34:19, on 15/10/2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16496)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Users\User\AppData\Roaming\Crazy.Frog.Racer\upd.exe
C:\Program Files (x86)\Sony\Sony Picture Utility\PMBCore\SPUVolumeWatcher.exe
C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMR\PowerDVD12DMREngine.exe
C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12Agent.exe
C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Tomb Raider - Legend\trl.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Users\User\Desktop\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = <-loopback>
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office15\URLREDIR.DLL
O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~2\MICROS~1\Office15\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [AdobeCS5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [PowerDVD12DMREngine] "C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMR\PowerDVD12DMREngine.exe"
O4 - HKLM\..\Run: [PowerDVD12Agent] "C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12Agent.exe"
O4 - HKLM\..\Run: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [uTorrent] "C:\Users\User\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [Crazy.Frog.Racer] C:\Users\User\AppData\Roaming\Crazy.Frog.Racer\upd.exe
O4 - HKCU\..\Run: [Facebook Update] "C:\Users\User\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
O4 - Startup: Ferramenta de Verificação de Mídia do PMB.lnk = C:\Program Files (x86)\Sony\Sony Picture Utility\PMBCore\SPUVolumeWatcher.exe
O4 - Startup: Novo(a) Documento do Microsoft Word (2).docx
O8 - Extra context menu item: &Enviar para o OneNote - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O8 - Extra context menu item: E&xportar para o Microsoft Excel - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O9 - Extra button: Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra button: Clique para Telefonar do Lync - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O9 - Extra 'Tools' menuitem: Clique para Telefonar do Lync - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O9 - Extra button: &Anotações Vinculadas do OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: &Anotações Vinculadas do OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O17 - HKLM\System\CCS\Services\Tcpip\..\{2AA5F584-48F4-4717-8706-73E96D441DA6}: NameServer = 8.8.8.8,8.8.4.4
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: ASUS Com Service (asComSvc) - Unknown owner - C:\Program Files (x86)\ASUS\AXSP\1.01.01\atkexComSvc.exe
O23 - Service: CLHNServiceForPowerDVD12 - CyberLink Corp. - C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMP\CLHNServer\CLHNServiceForPowerDVD12.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: CyberLink PowerDVD 12 Media Server Monitor Service - CyberLink - C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe
O23 - Service: CyberLink PowerDVD 12 Media Server Service - CyberLink - C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Serviço do Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Serviço do Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Protexis Licensing V2 x64 (PSI_SVC_2_x64) - arvato digital services llc - c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 11628 bytes
kipper
kipper
Iniciante
Iniciante

Mensagens : 48
Reputação : 1
Data de inscrição : 06/06/2014
Idade : 46

Ir para o topo Ir para baixo

pc lento para ligar ... Empty Re: pc lento para ligar ...

Mensagem por joram Qua 15 Out 2014, 15:43

Boa Tarde! kipper

> Baixe: < [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] > ( ... par Xplode )
>
> Ou daqui: < [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] >
> Ao acessar,clique em "Download Now".
>
> Salve-o no desktop!

< [Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem] >

> Clique direito em adwcleaner.exe,e escolha sua execução como administrador.

[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]

> Ps: Dê início ao scan,clicando em "Examinar". 

< [Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem] >

> Ao concluir,clique "Limpar" >> Ok >> Ok >> Ok.
> Copie o log ou clique "Relatório".
> Poste: < C:\AdwCleaner\AdwCleaner[S0].txt > 

A+

_________________
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] >> O que há de melhor,para desinfectar seu computador!
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] >> Não deixem de conhecer!
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] >> Tradição em informática!
joram
joram
Administrador
Administrador

Mensagens : 4160
Reputação : 471
Data de inscrição : 26/01/2014
Localização : Rio de Janeiro

Ir para o topo Ir para baixo

pc lento para ligar ... Empty Re: pc lento para ligar ...

Mensagem por kipper Qua 15 Out 2014, 16:10

# AdwCleaner v3.215 - Relatório criado 16/07/2014 às 14:32:32
# Atualizado 09/07/2014 por Xplode
# Sistema Operacional : Windows 7 Ultimate Service Pack 1 (64 bits)
# Usuário : User - USER-PC
# Executando de : E:\programas para limpeza do pc\adwcleaner_3.215.exe
# Opção : Limpar

***** [ Serviços ] *****


***** [ Arquivos / Pastas ] *****

Pasta Deletada : C:\Program Files\003
Arquivo Deletada : C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\02dwc90y.default-1399424852910\user.js

***** [ Atalhos ] *****


***** [ Registro ] *****

Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{D95E57C2-53B3-4C38-BA1E-7980CB5E1803}
Chave Deletedo : HKLM\SOFTWARE\Classes\TypeLib\{3A1BEABE-0DC5-4615-8099-83973B843C06}
Chave Deletedo : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{D95E57C2-53B3-4C38-BA1E-7980CB5E1803}
Chave Deletedo : HKCU\Software\InstallCore
Chave Deletedo : HKCU\Software\AppDataLow\Software\suprasavings
Chave Deletedo : HKLM\Software\HQPro-1
Chave Deletedo : HKLM\Software\Lightspark Team
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\HQPro-1
Chave Deletedo : [x64] HKLM\SOFTWARE\suprasavings

***** [ Navegadores ] *****

-\\ Internet Explorer v9.0.8112.16496


-\\ Mozilla Firefox v30.0 (pt-BR)

[ Arquivo : C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\02dwc90y.default-1399424852910\prefs.js ]


-\\ Google Chrome v35.0.1916.153

[ Arquivo : C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Deletedo [Search Provider] : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

*************************

AdwCleaner[R0].txt - [2289 octets] - [16/07/2014 14:23:13]
AdwCleaner[S0].txt - [1995 octets] - [16/07/2014 14:32:32]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [2055 octets] ##########
kipper
kipper
Iniciante
Iniciante

Mensagens : 48
Reputação : 1
Data de inscrição : 06/06/2014
Idade : 46

Ir para o topo Ir para baixo

pc lento para ligar ... Empty Re: pc lento para ligar ...

Mensagem por joram Qua 15 Out 2014, 16:35

Boa Tarde! kipper

> Baixe: < [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] >  < [Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem] > ( ... de Nicolas Coolman )
> Ou [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] << Link!
> Salve-o no disco local! ( C ou D )
> Desabilite seu antivírus e execute "ZHPDiag2.exe",para instalar a ferramenta.

[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]

> Execute o ícone do pergaminho. ( ZHPDiag )

[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]

> Clique "COMPLETA" e aguarde a conclusão!
> Clique OK e,ao concluir,poste o relatório! ( ZHPDiag.txt
> Ps: Como o log será extenso,envie-o à [Tens de ter uma conta e sessão iniciada para poderes visualizar este link].

> Ou acesse: < [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

> Ou acesse: < [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] >

> Ou anexe-o |[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]| << Link!

> Maiores informações: < |[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]| > << Hospedagem!

A+
joram
joram
Administrador
Administrador

Mensagens : 4160
Reputação : 471
Data de inscrição : 26/01/2014
Localização : Rio de Janeiro

Ir para o topo Ir para baixo

pc lento para ligar ... Empty Re: pc lento para ligar ...

Mensagem por kipper Qua 15 Out 2014, 17:20

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 15:34:19, on 15/10/2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16496)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Users\User\AppData\Roaming\Crazy.Frog.Racer\upd.exe
C:\Program Files (x86)\Sony\Sony Picture Utility\PMBCore\SPUVolumeWatcher.exe
C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMR\PowerDVD12DMREngine.exe
C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12Agent.exe
C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Tomb Raider - Legend\trl.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Users\User\Desktop\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = <-loopback>
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office15\URLREDIR.DLL
O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~2\MICROS~1\Office15\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [AdobeCS5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [PowerDVD12DMREngine] "C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMR\PowerDVD12DMREngine.exe"
O4 - HKLM\..\Run: [PowerDVD12Agent] "C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12Agent.exe"
O4 - HKLM\..\Run: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [uTorrent] "C:\Users\User\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [Crazy.Frog.Racer] C:\Users\User\AppData\Roaming\Crazy.Frog.Racer\upd.exe
O4 - HKCU\..\Run: [Facebook Update] "C:\Users\User\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
O4 - Startup: Ferramenta de Verificação de Mídia do PMB.lnk = C:\Program Files (x86)\Sony\Sony Picture Utility\PMBCore\SPUVolumeWatcher.exe
O4 - Startup: Novo(a) Documento do Microsoft Word (2).docx
O8 - Extra context menu item: &Enviar para o OneNote - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O8 - Extra context menu item: E&xportar para o Microsoft Excel - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O9 - Extra button: Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra button: Clique para Telefonar do Lync - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O9 - Extra 'Tools' menuitem: Clique para Telefonar do Lync - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O9 - Extra button: &Anotações Vinculadas do OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: &Anotações Vinculadas do OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O17 - HKLM\System\CCS\Services\Tcpip\..\{2AA5F584-48F4-4717-8706-73E96D441DA6}: NameServer = 8.8.8.8,8.8.4.4
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: ASUS Com Service (asComSvc) - Unknown owner - C:\Program Files (x86)\ASUS\AXSP\1.01.01\atkexComSvc.exe
O23 - Service: CLHNServiceForPowerDVD12 - CyberLink Corp. - C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMP\CLHNServer\CLHNServiceForPowerDVD12.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: CyberLink PowerDVD 12 Media Server Monitor Service - CyberLink - C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe
O23 - Service: CyberLink PowerDVD 12 Media Server Service - CyberLink - C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Serviço do Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Serviço do Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Protexis Licensing V2 x64 (PSI_SVC_2_x64) - arvato digital services llc - c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 11628 bytes
kipper
kipper
Iniciante
Iniciante

Mensagens : 48
Reputação : 1
Data de inscrição : 06/06/2014
Idade : 46

Ir para o topo Ir para baixo

pc lento para ligar ... Empty Re: pc lento para ligar ...

Mensagem por joram Qua 15 Out 2014, 17:36

Boa Tarde! kipper


> Vc postou o log do HijackThis e o pedido foi o ZHPDiag.txt.


A+

_________________
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] >> O que há de melhor,para desinfectar seu computador!
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] >> Não deixem de conhecer!
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] >> Tradição em informática!
joram
joram
Administrador
Administrador

Mensagens : 4160
Reputação : 471
Data de inscrição : 26/01/2014
Localização : Rio de Janeiro

Ir para o topo Ir para baixo

pc lento para ligar ... Empty Re: pc lento para ligar ...

Mensagem por kipper Qua 15 Out 2014, 18:26

não estou conseguindo postar pelos modo de envio,por isso vou mandar em duas partes
1° parte

~ Relatório do ZHPDiag v2014.8.28.125 - Nicolas Coolman (28/08/2014)
~ Iniciado por User (15/10/2014 17:05:13)
~ Endereço do Website : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
~ Endereço do Webforum : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
~ Tradução pelo utilizador
~ Estatuto da versão : Nova Versão disponivel
~ Lista Branca : Desativado pelo Utilizador
~ Elevação dos Privilégios : OK
~ Controle de Conta de Utilizador : Deactivate by user


---\\ Navegadores Internet
MSIE: Internet Explorer v9.0.8112.16421
MFIE: Mozilla Firefox 32.0.3 (Defaut)
GCIE: Google Chrome v37.0.2062.124

---\\ Informações sobre os produtos Windows
~ Langage: Portugais
Windows 7 Ultimate, 64-bit Service Pack 1 (Build 7601)
Windows Server License Manager Script : OK
Software Protection Service (Protection logicielle) : OK
Windows Automatic Updates : OK
Windows Activation Technologies : OK

---\\ Softwares de proteçao do sistema
Windows Defender W7 (Activate)

---\\ Softwares d'optimização do sistema

---\\ Softwares de partilha do PeerToPeer (P2P)

---\\ Monitoramento dos softwares
Adobe Flash Player 15 Plugin
Adobe Reader XI
Java 7 Update 55 (64-bit)

---\\ Informações sobre o sistema
~ Processor: Intel64 Family 6 Model 60 Stepping 3, GenuineIntel
~ Operating System: 64 Bits
Boot mode: Normal (Normal boot)
Total RAM: 3968 MB (58% free)
System Restore: Activé (Enable)
System drive C: has 21 GB (21%) free of 98 GB

---\\ Modo de conexão ao sistema
~ Computer Name: USER-PC
~ User Name: User
~ All Users Names: User, Convidado, Administrador,
~ Unselected Option: None
Logged in as Administrator

---\\ As variáveis de ambiente
~ System Unit : C:\
~ %AppZHP% : C:\Users\User\AppData\Roaming\ZHP\
~ %AppData% : C:\Users\User\AppData\Roaming\
~ %Desktop% : C:\Users\User\Desktop\
~ %Favorites% : C:\Users\User\Favorites\
~ %LocalAppData% : C:\Users\User\AppData\Local\
~ %StartMenu% : C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\

---\\ Enumeração das unidades dos discos
C: Hard drive, Flash drive, Thumb drive (Free 21 Go of 98 Go)
D: CD-ROM drive (Not Inserted)
E: Hard drive, Flash drive, Thumb drive (Free 57 Go of 176 Go)
F: Hard drive, Flash drive, Thumb drive (Free 58 Go of 192 Go)
G: CD-ROM drive (Free 0 Go of 4 Go)



---\\ Estado do Centro de Segurança do Windows
[HKLM\SOFTWARE\Microsoft\Security Center] UpdatesDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings] WarnOnHTTPSToHTTPRedirect: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
[HKLM\SYSTEM\CurrentControlSet\Services\COMSysApp] Type: OK
~ Security Center: 48 Scanned in 00mn 00s



---\\ Pesquisa particular de ficheiros genéricos
[MD5.AC4C51EB24AA95B77F705AB159189E24] - (.Microsoft Corporation - Windows Explorer.) (.21/11/2010 - 00:24:11.) -- C:\Windows\Explorer.exe [2872320]
[MD5.94355C28C1970635A31B3FE52EB7CEBA] - (.Microsoft Corporation - Aplicativo de Inicialização do Windows.) (.13/07/2009 - 22:39:52.) -- C:\Windows\System32\Wininit.exe [129024]
[MD5.5536F6E7B74DA37D3EDBB509DE9CE3F5] - (.Microsoft Corporation - Internet Extensions para Win32.) (.30/07/2013 - 16:18:34.) -- C:\Windows\System32\wininet.dll [1392128]
[MD5.1151B1BAA6F350B1DB6598E0FEA7C457] - (.Microsoft Corporation - Aplicativo de Logon do Windows.) (.21/11/2010 - 00:24:29.) -- C:\Windows\System32\Winlogon.exe [390656]
[MD5.067FA52BFB59A56110A12312EF9AF243] - (.Microsoft Corporation - Biblioteca de Licenciamento de Software.) (.21/11/2010 - 00:24:16.) -- C:\Windows\System32\sppcomapi.dll [232448]
[MD5.314C17917AC8523EC77A710215012A65] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.20/05/2014 - 22:03:44.) -- C:\Windows\system32\Drivers\AFD.sys [497152]
[MD5.02062C0B390B7729EDC9E69C680A6F3C] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.13/07/2009 - 22:52:21.) -- C:\Windows\system32\Drivers\atapi.sys [24128]
[MD5.B8BD2BB284668C84865658C77574381A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.13/07/2009 - 20:19:47.) -- C:\Windows\system32\Drivers\Cdfs.sys [92160]
[MD5.F036CE71586E93D94DAB220D7BDF4416] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.21/11/2010 - 00:23:47.) -- C:\Windows\system32\Drivers\Cdrom.sys [147456]
[MD5.9BB2EF44EAA163B29C4A4587887A0FE4] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.21/11/2010 - 00:24:32.) -- C:\Windows\system32\Drivers\DfsC.sys [102400]
[MD5.97BFED39B6B79EB12CDDBFEED51F56BB] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.21/11/2010 - 00:23:47.) -- C:\Windows\system32\Drivers\HDAudBus.sys [122368]
[MD5.FA55C73D4AFFA7EE23AC4BE53B4592D3] - (.Microsoft Corporation - Driver de porta i8042.) (.13/07/2009 - 20:19:57.) -- C:\Windows\system32\Drivers\i8042prt.sys [105472]
[MD5.AF9B39A7E7B6CAA203B3862582E9F2D0] - (.Microsoft Corporation - IP Network Address Translator.) (.13/07/2009 - 21:10:03.) -- C:\Windows\system32\Drivers\IpNat.sys [116224]
[MD5.FAF015B07E3A2874A790A39B7D2C579F] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.21/11/2010 - 00:24:03.) -- C:\Windows\system32\Drivers\MRxSmb.sys [158208]
[MD5.09594D1089C523423B32A4229263F068] - (.Microsoft Corporation - MBT Transport driver.) (.21/11/2010 - 00:23:51.) -- C:\Windows\system32\Drivers\netBT.sys [261632]
[MD5.05D78AA5CB5F3F5C31160BDB955D0B7C] - (.Microsoft Corporation - Driver do Sistema de Arquivos NT.) (.21/11/2010 - 00:23:55.) -- C:\Windows\system32\Drivers\ntfs.sys [1659776]
[MD5.0086431C29C35BE1DBC43F52CC273887] - (.Microsoft Corporation - Driver de porta paralela.) (.13/07/2009 - 21:00:41.) -- C:\Windows\system32\Drivers\Parport.sys [97280]
[MD5.471815800AE33E6F1C32FB1B97C490CA] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.21/11/2010 - 00:24:33.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [129536]
[MD5.1B6163C503398B23FF8B939C67747683] - (.Microsoft Corporation - Microsoft RDP Device redirector.) (.21/11/2010 - 00:25:07.) -- C:\Windows\system32\Drivers\rdpdr.sys [165888]
[MD5.548260A7B8654E024DC30BF8A7C5BAA4] - (.Microsoft Corporation - SMB Transport driver.) (.13/07/2009 - 21:09:09.) -- C:\Windows\system32\Drivers\smb.sys [93184]
[MD5.DDAD5A7AB24D8B65F8D724F5C20FD806] - (.Microsoft Corporation - TDI Translation Driver.) (.21/11/2010 - 00:24:32.) -- C:\Windows\system32\Drivers\tdx.sys [119296]
[MD5.DF8126BD41180351A093A3AD2FC8903B] - (.Microsoft Corporation - Driver de cópia de sombra de volume.) (.25/02/2011 - 03:25:38.) -- C:\Windows\system32\Drivers\volsnap.sys [296320]
~ Generic Processes: Scanned in 00mn 00s



---\\ Estatuto dos ficheiros ocultos (Oculto/Total)
~ Mes images (My Pictures) : 1/175
~ Mes Favoris (My Favorites) : 1/30
~ Mes Documents (My Documents) : 1/399
~ Mon Bureau (My Desktop) : 3/343
~ Menu demarrer (Programs) : 1/44
~ Hidden Files: Scanned in 00mn 00s



---\\ Processos lançados
[MD5.7E4AD8220AF0B281274F9785DD53E25C] - (.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe [18642024] [PID.2384]
[MD5.090CBF340EBC4DFBE1BA26F1B9BD115D] - (...) -- C:\Users\User\AppData\Roaming\Crazy.Frog.Racer\upd.exe [9728] [PID.2496]
[MD5.EBF6044FE9023046773D058E90A39671] - (.Sony Corporation - Media Check Tool.) -- C:\Program Files (x86)\Sony\Sony Picture Utility\PMBCore\SPUVolumeWatcher.exe [333088] [PID.2568]
[MD5.8651F84ECBE5687A6628F1062300608C] - (.CyberLink - DMREngine.) -- C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMR\PowerDVD12DMREngine.exe [501544] [PID.1724]
[MD5.F5789E8CCAC5E9093CF49E9BC91B1A8E] - (.CyberLink Corp. - PowerDVD 12.) -- C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12Agent.exe [371256] [PID.2380]
[MD5.094E4E76FB9AB960A73F841BC6733F42] - (.Intel Corporation - iusb3mon.) -- C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292848] [PID.2376]
[MD5.D658AB1B55127D18DCFBCAC8CAAEA522] - (.Hewlett-Packard - hpwuSchd Application.) -- C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe [49208] [PID.2816]
[MD5.308F2EE28005510DE616409148CF077B] - (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896] [PID.3024]
[MD5.FB104D17018B4CA9F0C1A9BED02D15FC] - (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe [275568] [PID.3648]
[MD5.5B133976BBFB28FFC5A721172208C23F] - (.Eidos Inc. - Lara Croft Tomb Raider: Legend.) -- C:\Program Files (x86)\Tomb Raider - Legend\trl.exe [31346688] [PID.3540]
[MD5.33BF80A2291C54DC7D7601CDEF63138E] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [8099328] [PID.3192]
[MD5.C5679E5186B2FC95BC76A8A9870D5456] - (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [64704] [PID.1428]
[MD5.1A7A2CAC3B5AFABD6636B25DFE33CBAD] - (...) -- C:\Program Files (x86)\ASUS\AXSP\1.01.01\atkexComSvc.exe [927232] [PID.1516]
[MD5.EA22BCA708B37B82ADEBC822A171B92E] - (.CyberLink - CyberLink Media Server Monitor Service.) -- C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe [75048] [PID.1912]
[MD5.3168D2F171A64590E7A11355CAE60A1E] - (.CyberLink - CyberLink Media Server Service.) -- C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe [296232] [PID.1952]
[MD5.C7BB95CF9631AA401E4ADED1648F6AF7] - (.ESET - ESET Service.) -- C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [974944] [PID.2028]
[MD5.397D14958D6C9C2B365469A857B2AC4E] - (.Google Inc. - Google Crash Handler.) -- C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler.exe [230792] [PID.1808]
[MD5.4C6406CF07D4EBB70C5774D55C6688FB] - (.CyberLink Corp. - CLHNServiceForPowerDVD12 Module.) -- C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMP\CLHNServer\CLHNServiceForPowerDVD12.exe [87336] [PID.3096]
[MD5.52069AEB42D3D0F97CBCA1085EBF55E6] - (.Intel Corporation - Intel(R) Dynamic Application Loader Host In.) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432] [PID.3848]
[MD5.3DE66F47365AA8CEB18B1EE272F4FEBA] - (.Intel Corporation - Intel(R) Local Management Service.) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [390616] [PID.1628]
~ Processes Running: Scanned in 00mn 00s



---\\ Google Chrome, Arranque,Pesquisa,Extensões (G0,G1,G2)
C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Preferences

---\\ Pasta de extensão do Google Chrome
~ Google Lines Browser: 0 Scanned in 00mn 02s



---\\ Mozilla Firefox, Plugins,Arranque,Pesquisa,Extensões (P2,M0,M1,M2,M3)
C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\02dwc90y.default-1399424852910\prefs.js
M2 - MFEP: Extension [User - 02dwc90y.default-1399424852910] {285ACFBB-8E53-4feb-90E6-F02A128927F3}
P2 - FPN:Firefox Plugin Navigator . (.Microsoft Corporation - The plugin allows you to have a better experience with Microsoft Lync.) -- C:\Program Files (x86)\Mozilla Firefox\Plugins\npMeetingJoinPluginOC.dll
P2 - FPN:Firefox Plugin Navigator . (.Adobe Systems Inc. - Adobe PDF Plug-In For Firefox and Netscape 11.0.9.) -- C:\Program Files (x86)\Mozilla Firefox\Plugins\nppdf32.dll
P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (...) -- C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll
P2 - FPN: [HKLM] [@java.com/DTPlugin,version=10.55.2] - (.Oracle Corporation - NPRuntime Script Plug-in Library for Java(TM) Deploy.) -- C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll
P2 - FPN: [HKLM] [@java.com/JavaPlugin,version=10.55.2] - (.Oracle Corporation - Next Generation Java Plug-in 10.55.2 for Mozilla browsers.) -- C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll
P2 - FPN: [HKLM] [@microsoft.com/SharePoint,version=14.0] - (.Microsoft Corporation - The plugin allows you to have a better experience with Microsoft Share.) -- C:\Program Files\Microsoft Office\Office15\NPSPWRAP.dll
P2 - FPN: [HKCU] [@lightspark.github.com/Lightspark;version=1] - (...) -- C:\Program Files (x86)\Lightspark 0.5.3-git\nplightsparkplugin.dll (.not file.)
P2 - FPN: [HKCU] [@Skype Limited.com/Facebook Video Calling Plugin] - (.Skype Limited - Facebook Video Calling Plugin.) -- C:\Users\User\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll
~ Firefox Browser: 11 Scanned in 00mn 00s



---\\ Internet Explorer, Arranque, Pesquisa, URLSearchHook( gancho de URL), Phishing (R0,R1,R3,R4)
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R0 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs,Tabs = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R3 - URLSearchHook: Microsoft Url Search Hook [64Bits] - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Navegador da Internet.) (9.00.8112.16421 (WIN7_IE9_RTM.110308-0330)) -- C:\Windows\SysWOW64\ieframe.dll
R4 - HKLM\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,EnabledV8 = 0
R4 - HKCU\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,Enabled = 2
R4 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\PhishingFilter,EnabledV8 = 0
~ IE Browser: 23 Scanned in 00mn 00s



---\\ Internet Explorer, Gestão do Proxy (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = <-loopback> =>Hijacker.Proxy
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s



---\\ Análise das linhas F0, F1, F2, F3 - Ficheiros ini, Carregamento Automático de programas
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys: Scanned in 00mn 00s



---\\ Redireção do ficheiro Hosts (01)
~ Le fichier hôte est sain (The hosts file is clean) (1)
~ Hosts File: Scanned in 00mn 00s



---\\ Browser Helper Objects do navegador (02)
O2 - BHO: Lync Click to Call BHO [64Bits] - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} . (.Microsoft Corporation - Microsoft Lync.) -- C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper [64Bits] - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} . (.Oracle Corporation - Java(TM) Platform SE binary.) -- C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: URLRedirectionBHO [64Bits] - {B4F3A835-0E21-4959-BA22-42B3008E02FF} . (.Microsoft Corporation - Microsoft Office Document Cache Handler.) -- C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.dll
O2 - BHO: Microsoft SkyDrive Pro Browser Helper [64Bits] - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} . (.Microsoft Corporation - Microsoft SkyDrive Pro Extensions.) -- C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.dll =>.Microsoft Corporation
O2 - BHO: Java(tm) Plug-In 2 SSV Helper [64Bits] - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Oracle Corporation - Java(TM) Platform SE binary.) -- C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
~ BHO: 9 Scanned in 00mn 00s



---\\ Outras conexões do utilizador (04)
O4 - GS\QuickLaunch [User]: µTorrent.lnk . (.BitTorrent Inc. - µTorrent.) -- C:\Users\User\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.BitTorrent
~ Global Startup: 1 Scanned in 00mn 02s



---\\ Aplicações iniciadas por registo & pastas (04)
O4 - HKLM\..\Run: [RTHDVCPL] . (.Realtek Semiconductor - Gerenciador de áudio HD Realtek.) -- C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
O4 - HKLM\..\Run: [AdobeAAMUpdater-1.0] . (.Adobe Systems Incorporated - Adobe Updater Startup Utility.) -- C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe =>.Adobe Systems Incorporated
O4 - HKLM\..\Run: [egui] . (.ESET - ESET GUI.) -- C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
O4 - HKLM\..\Run: [IgfxTray] . (.Intel Corporation - igfxTray Module.) -- C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] . (.Intel Corporation - hkcmd Module.) -- C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] . (.Intel Corporation - persistence Module.) -- C:\Windows\system32\igfxpers.exe
O4 - HKCU\..\Run: [Skype] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe =>.Skype Technologies S.A.
O4 - HKCU\..\Run: [uTorrent] . (.BitTorrent Inc. - µTorrent.) -- C:\Users\User\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.BitTorrent
O4 - HKCU\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets da Área de Trabalho do Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe
O4 - HKCU\..\Run: [DAEMON Tools Lite] . (.Disc Soft Ltd - DAEMON Tools Lite.) -- C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe =>.DT Soft Ltd
O4 - HKCU\..\Run: [Crazy.Frog.Racer] . (...) -- C:\Users\User\AppData\Roaming\Crazy.Frog.Racer\upd.exe
O4 - HKCU\..\Run: [Facebook Update] . (.Facebook Inc. - Facebook Installer.) -- C:\Users\User\AppData\Local\Facebook\Update\FacebookUpdate.exe
O4 - HKLM\..\Wow6432Node\Run: [AdobeCS5ServiceManager] . (.Adobe Systems Incorporated - Adobe CS5 Service Manager.) -- C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe
O4 - HKLM\..\Wow6432Node\Run: [SwitchBoard] . (.Adobe Systems Incorporated - SwitchBoard Server (32 bit).) -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Wow6432Node\Run: [PowerDVD12DMREngine] . (.CyberLink - DMREngine.) -- C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMR\PowerDVD12DMREngine.exe
O4 - HKLM\..\Wow6432Node\Run: [PowerDVD12Agent] . (.CyberLink Corp. - PowerDVD 12.) -- C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12Agent.exe
O4 - HKLM\..\Wow6432Node\Run: [USB3MON] . (.Intel Corporation - iusb3mon.) -- C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
O4 - HKLM\..\Wow6432Node\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe =>.Adobe Systems Incorporated
O4 - HKLM\..\Wow6432Node\Run: [HP Software Update] . (.Hewlett-Packard - hpwuSchd Application.) -- C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe =>.Hewlett-Packard Co
O4 - HKLM\..\Wow6432Node\Run: [SunJavaUpdateSched] . (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe =>.Oracle Corporation
O4 - HKUS\S-1-5-21-2123034537-1514316849-1306321605-1000\..\Run: [Skype] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe =>.Skype Technologies S.A.
O4 - HKUS\S-1-5-21-2123034537-1514316849-1306321605-1000\..\Run: [uTorrent] . (.BitTorrent Inc. - µTorrent.) -- C:\Users\User\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.BitTorrent
O4 - HKUS\S-1-5-21-2123034537-1514316849-1306321605-1000\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets da Área de Trabalho do Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe
O4 - HKUS\S-1-5-21-2123034537-1514316849-1306321605-1000\..\Run: [DAEMON Tools Lite] . (.Disc Soft Ltd - DAEMON Tools Lite.) -- C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe =>.DT Soft Ltd
O4 - HKUS\S-1-5-21-2123034537-1514316849-1306321605-1000\..\Run: [Crazy.Frog.Racer] . (...) -- C:\Users\User\AppData\Roaming\Crazy.Frog.Racer\upd.exe
O4 - HKUS\S-1-5-21-2123034537-1514316849-1306321605-1000\..\Run: [Facebook Update] . (.Facebook Inc. - Facebook Installer.) -- C:\Users\User\AppData\Local\Facebook\Update\FacebookUpdate.exe
~ Application: Scanned in 00mn 00s



---\\ Icones das opções IE invisiveis no painel das configurações (05)
O5 - control.ini: [HKLM\..\Control Panel] inetcpl.cpl=no
~ IE Control Panel: 1 Scanned in 00mn 00s



---\\ Boutões da barra de ferramentas principal do Internet Explorer (09)
O9 - Extra button: &Enviar para o OneNote [64Bits] - {2670000A-7350-4f3c-8081-5663EE0C6C49} -- C:\Program Files (x86)\MICROS~2\Office15\ONBttnIE.dll (.not file.)
O9 - Extra button: Clique para Telefonar do Lync [64Bits] - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} . (.Microsoft Corporation - Microsoft Lync.) -- C:\Program Files\Microsoft Office\Office15\lync.exe
O9 - Extra button: &Anotações Vinculadas do OneNote [64Bits] - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} -- C:\Program Files (x86)\MICROS~2\Office15\ONBTTN~1.dll (.not file.)
~ IE Extra Buttons: Scanned in 00mn 00s



---\\ Winsock hijacker (Layered Service Provider) (O10)
O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Network Location Awareness 2.) -- C:\Windows\system32\NLAapi.dll
O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - Provedor de Correção de Nomeação de Emails.) -- C:\Windows\system32\napinsp.dll
O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - PNRP Name Space Provider.) -- C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - PNRP Name Space Provider.) -- C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000005\Winsock LSP File . (.Microsoft Corporation - Provedor de serviços do Microsoft Windows Sockets 2.0.) -- C:\Windows\system32\mswsock.dll
O10 - WLSP:\000000000006\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\Windows\system32\winrnr.dll
~ Winsock: 6 Scanned in 00mn 00s



---\\ Alteração Dominio/Clientes DNS (017)
O17 - HKLM\System\CCS\Services\Tcpip\..\{2AA5F584-48F4-4717-8706-73E96D441DA6}: NameServer = 8.8.8.8,8.8.4.4 =>.Google DNS Redirections
O17 - HKLM\System\CCS\Services\Tcpip\..\{11B7EECE-C09C-45C9-B539-38BAF6C735CE}: DhcpNameServer = 192.168.0.254 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{2AA5F584-48F4-4717-8706-73E96D441DA6}: DhcpNameServer = 10.1.1.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{11B7EECE-C09C-45C9-B539-38BAF6C735CE}: DhcpDomain = hd.inf.br
O17 - HKLM\System\CS1\Services\Tcpip\..\{2AA5F584-48F4-4717-8706-73E96D441DA6}: NameServer = 8.8.8.8,8.8.4.4 =>.Google DNS Redirections
O17 - HKLM\System\CS1\Services\Tcpip\..\{11B7EECE-C09C-45C9-B539-38BAF6C735CE}: DhcpNameServer = 192.168.0.254 192.168.0.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{2AA5F584-48F4-4717-8706-73E96D441DA6}: DhcpNameServer = 10.1.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{11B7EECE-C09C-45C9-B539-38BAF6C735CE}: DhcpDomain = hd.inf.br
O17 - HKLM\System\CS2\Services\Tcpip\..\{2AA5F584-48F4-4717-8706-73E96D441DA6}: NameServer = 8.8.8.8,8.8.4.4 =>.Google DNS Redirections
O17 - HKLM\System\CS2\Services\Tcpip\..\{11B7EECE-C09C-45C9-B539-38BAF6C735CE}: DhcpNameServer = 192.168.0.254 192.168.0.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{2AA5F584-48F4-4717-8706-73E96D441DA6}: DhcpNameServer = 10.1.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{11B7EECE-C09C-45C9-B539-38BAF6C735CE}: DhcpDomain = hd.inf.br
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.1.1.1
~ Domain: Scanned in 00mn 00s



---\\ Protocolo adicional (018)
O18 - Handler: vbscript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visualizador de HTML da Microsoft (R).) -- C:\Windows\System32\mshtml.dll
O18 - Filter: text/xml [64Bits] - {807583E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.dll =>.Microsoft Corporation
~ Protocole Additionnel: Scanned in 00mn 00s



---\\ Valor do Registo AppInit_DLLs e sub-chaves Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: igfxcui . (.Intel Corporation - igfxdev Module.) -- C:\Windows\System32\igfxdev.dll
~ Winlogon: Scanned in 00mn 00s



---\\ Chave do Registo autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
~ SSODL: 1 Scanned in 00mn 00s



---\\ Lista dos serviços NT não Microsoft e não desativados (023)
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) . (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: ASUS Com Service (asComSvc) . (...) - C:\Program Files (x86)\ASUS\AXSP\1.01.01\atkexComSvc.exe
O23 - Service: CLHNServiceForPowerDVD12 (CLHNServiceForPowerDVD12) . (.CyberLink Corp. - CLHNServiceForPowerDVD12 Module.) - C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMP\CLHNServer\CLHNServiceForPowerDVD12.exe
O23 - Service: CyberLink PowerDVD 12 Media Server Monitor Service (CyberLink PowerDVD 12 Media Server Monitor Service) . (.CyberLink - CyberLink Media Server Monitor Service.) - C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe
O23 - Service: CyberLink PowerDVD 12 Media Server Service (CyberLink PowerDVD 12 Media Server Service) . (.CyberLink - CyberLink Media Server Service.) - C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe
O23 - Service: ESET Service (ekrn) . (.ESET - ESET Service.) - C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
O23 - Service: Serviço do Google Update (gupdate) (gupdate) . (.Google Inc. - Google Installer.) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) Capability Licensing Service Interface (Intel(R) Capability Licensing Service Interface) . (.Intel(R) Corporation - Intel(R) Capability Licensing Service Inter.) - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) . (.Intel Corporation - Intel(R) Dynamic Application Loader Host In.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: Intel(R) Management and Security Application Local Manageme (LMS) . (.Intel Corporation - Intel(R) Local Management Service.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Protexis Licensing V2 x64 (PSI_SVC_2_x64) . (.arvato digital services llc - PsiService PsiService.) - c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
O23 - Service: Skype Updater (SkypeUpdate) . (.Skype Technologies - Skype Updater Service.) - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: Power Control [2013/07/30 16:05:22] ({329F96B6-DF1E-4328-BFDA-39EA953C1312}) . (.CyberLink Corp. - No Comment.) - C:\Program Files (x86)\CyberLink\PowerDVD12\Common\NavFilter\000.fcl
~ Services: 13 Scanned in 00mn 02s



---\\ Enumeração Ativa do Ambiente de trabalho & Editor MHTML (024)
O24 - Default MHTML Editor: Last - .(...) - (.not file.)
~ Desktop Component: 4 Scanned in 00mn 00s



---\\ Listagem dos dados do BootExecute (Bex) (034)
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
~ BEX: 1 Scanned in 00mn 00s



---\\ Tarefas planificadas automaticamente (039)
[MD5.4ECFCAAE5CB380F58934F0DCF5F64E7F] [APT] [Adobe Flash Player Updater] (.Adobe Systems Incorporated.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [267440]
[MD5.5447AF432CDA61159ADDE218C468FFD9] [APT] [AdobeAAMUpdater-1.0-User-PC-User] (.Adobe Systems Incorporated.) -- C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500208]
[MD5.2A3FB4C98F139038E23330D2439DB8A4] [APT] [FacebookUpdateTaskUserS-1-5-21-2123034537-1514316849-1306321605-1000Core] (.Facebook Inc..) -- C:\Users\User\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096]
[MD5.2A3FB4C98F139038E23330D2439DB8A4] [APT] [FacebookUpdateTaskUserS-1-5-21-2123034537-1514316849-1306321605-1000UA] (.Facebook Inc..) -- C:\Users\User\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096]
[MD5.506708142BC63DABA64F2D3AD1DCD5BF] [APT] [GoogleUpdateTaskMachineCore] (.Google Inc..) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [116648]
[MD5.506708142BC63DABA64F2D3AD1DCD5BF] [APT] [GoogleUpdateTaskMachineUA] (.Google Inc..) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [116648]
[MD5.87E7AABE4F6A0DFD6105224E4D88C4D7] [APT] [HPCustParticipation HP Deskjet 1050 J410 series] (.Hewlett-Packard Co..) -- C:\Program Files\HP\HP Deskjet 1050 J410 series\Bin\HPCustPartic.exe [3794792]
[MD5.5AB8DB8F9CADBFBB3C132E8316FE337E] [APT] [{1C01D39C-FF48-4DC8-BC31-0AD1DDAE6804}] (.Google Inc..) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [852808]
[MD5.00000000000000000000000000000000] [APT] [{1CD7B7AB-A7DA-4BCE-B7DA-F6EADC09B6B6}] (...) -- C:\Users\User\AppData\Roaming\webssearches\UninstallManager.exe (.not file.) [0] =>Hijacker.WebsSearches
[MD5.00000000000000000000000000000000] [APT] [{22F79901-F5E0-4FC8-8321-D6C32A68CD08}] (...) -- C:\Windows\TEMP\NewPlayerSetup.exe (.not file.) [0] =>Adware.NewPlayer
[MD5.00000000000000000000000000000000] [APT] [{25820BAC-BB2E-4F9C-AF1A-11A7B6909FDF}] (...) -- F:\TORRENT\Catz 5\Manual\Acrobat Reader.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{323D5C00-E95B-4FA1-ADA4-0C9047D5C0E3}] (...) -- F:\TORRENT\Disney_Mickey\setup\DirectX\DXSETUP.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{370DCB86-C82A-4867-95D5-38AF2FF2E052}] (...) -- c:\Users\User\appdata\local\lollipop\lollipop.bat (.not file.) [0] =>Adware.Lollipop
[MD5.C155A13687144076286989EF078112C2] [APT] [{4452D369-D03D-444A-A15F-9B6B3E4E0971}] (.Nicolas Coolman.) -- C:\Program Files (x86)\ZHPDiag\ZHPFix\ZHPhep.exe [1917440]
[MD5.00000000000000000000000000000000] [APT] [{6A7BFD11-562A-4D3B-A663-BED6D7698402}] (...) -- G:\BlackOutSaigon_Setup.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{7F93592B-45AD-4CDB-BC02-8A3AA4F26612}] (...) -- C:\Users\User\Downloads\ZHPDiag2(1).exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{85A10420-D547-4A00-8E02-D7FFE30A205C}] (...) -- C:\Users\User\Downloads\ZHPDiag2.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{D19B375C-3F48-4EDC-8258-8ABD976ECD72}] (...) -- F:\TORRENT\Disney_Mickey\setup\setup.exe (.not file.) [0]
[MD5.1E6C4E29E54BB282921A76540837CF76] [APT] [{D5B18C28-40B9-4F9D-B759-6CADF0A43225}] (...) -- C:\Program Files (x86)\Rosso Rabbit in Trouble\RossoRabbitInTrouble.exe [802816]
[MD5.00000000000000000000000000000000] [APT] [{EADD96C5-4BC8-4519-9A9D-0A6325330156}] (...) -- F:\TORRENT\Catz 5\Setup.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{ED0DAA02-AA71-4320-9B33-F218931071EE}] (...) -- D:\brothers_in_arms_br%5Bwww.gamevicio.com.br%5D.exe (.not file.) [0]
O39 - APT: Adobe Flash Player Updater - (.Adobe Systems Incorporated.) -- C:\Windows\Tasks\Adobe Flash Player Updater.job [902]
O39 - APT: Adobe Flash Player Updater - (.Adobe Systems Incorporated.) -- C:\Windows\System32\Tasks\Adobe Flash Player Updater [902]
O39 - APT: FacebookUpdateTaskUserS-1-5-21-2123034537-1514316849-1306321605-1000Core - (.Facebook Inc..) -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2123034537-1514316849-1306321605-1000Core.job [902]
O39 - APT: FacebookUpdateTaskUserS-1-5-21-2123034537-1514316849-1306321605-1000Core - (.Facebook Inc..) -- C:\Windows\System32\Tasks\FacebookUpdateTaskUserS-1-5-21-2123034537-1514316849-1306321605-1000Core [902]
O39 - APT: FacebookUpdateTaskUserS-1-5-21-2123034537-1514316849-1306321605-1000UA - (.Facebook Inc..) -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2123034537-1514316849-1306321605-1000UA.job [924]
O39 - APT: FacebookUpdateTaskUserS-1-5-21-2123034537-1514316849-1306321605-1000UA - (.Facebook Inc..) -- C:\Windows\System32\Tasks\FacebookUpdateTaskUserS-1-5-21-2123034537-1514316849-1306321605-1000UA [924]
O39 - APT: GoogleUpdateTaskMachineCore - (.Google Inc..) -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job [1060]
O39 - APT: GoogleUpdateTaskMachineCore - (.Google Inc..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore [1060]
O39 - APT: GoogleUpdateTaskMachineUA - (.Google Inc..) -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job [1064]
O39 - APT: GoogleUpdateTaskMachineUA - (.Google Inc..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA [1064]
~ Scheduled Task: 27 Scanned in 00mn 02s



---\\ Componentes instalados (ActiveSetup Installed Components) (040)
O40 - ASIC: Microsoft Windows Media Player [64Bits] - >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Recursos do Windows Media Player.) -- C:\Windows\System32\wmploc.dll =>.Microsoft Corporation
O40 - ASIC: Internet Explorer [64Bits] - >{26923b43-4d38-484f-9b9e-de460746276c} . (.Microsoft Corporation - Utilitário de Inicialização por Usuário do Internet Explorer.) -- C:\Windows\System32\ie4uinit.exe
O40 - ASIC: Browser Customizations [64Bits] - >{60B49E34-C7CC-11D0-8953-00A0C90347FF} . (.Microsoft Corporation - Identidade visual IEAK.) -- C:\Windows\System32\iedkcs32.dll
O40 - ASIC: Microsoft Windows Media Player 12.0 [64Bits] - {22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Windows Media Player Extension.) -- C:\Windows\SysWOW64\wmpdxm.dll =>.Microsoft Corporation
O40 - ASIC: Themes Setup [64Bits] - {2C7339CF-2B09-4501-B3F3-F3508C9228ED} . (.Microsoft Corporation - API de tema do Windows.) -- C:\Windows\System32\themeui.dll
O40 - ASIC: Microsoft Windows [64Bits] - {44BBA840-CC51-11CF-AAFA-00AA00B6015C} . (.Microsoft Corporation - Windows Mail.) -- C:\Program Files (x86)\Windows Mail\WinMail.exe =>.Microsoft Corporation
O40 - ASIC: Browsing Enhancements [64Bits] - {630b1da0-b465-11d1-9948-00c04f98bbc9} . (.Microsoft Corporation - Extensão shell da pasta FTP do Microsoft Internet Explorer.) -- C:\Windows\System32\msieftp.dll
O40 - ASIC: Microsoft Windows Media Player [64Bits] - {6BF52A52-394A-11d3-B153-00C04F79FAA6} . (.Microsoft Corporation - Recursos do Windows Media Player.) -- C:\Windows\System32\wmploc.dll =>.Microsoft Corporation
O40 - ASIC: Windows Desktop Update [64Bits] - {89820200-ECBD-11cf-8B85-00AA005B4340} . (.Microsoft Corporation - DLL comum do Shell do Windows.) -- C:\Windows\System32\shell32.dll
O40 - ASIC: Web Platform Customizations [64Bits] - {89820200-ECBD-11cf-8B85-00AA005B4383} . (.Microsoft Corporation - Utilitário de Inicialização por Usuário do Internet Explorer.) -- C:\Windows\System32\ie4uinit.exe
O40 - ASIC: (no name) [64Bits] - {89B4C1CD-B018-4511-B0A1-5476DBF70820} . (.Microsoft Corporation - Microsoft .NET IE SECURITY REGISTRATION.) -- C:\Windows\system32\mscories.dll
~ Active Setup: 11 Scanned in 00mn 00s



---\\ Drivers lançados ao arranque do sistema (041)
O41 - Driver: C:\Windows\System32\drivers\afd.sys (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\Windows\system32\drivers\afd.sys
O41 - Driver: (AsIO) . (...) - C:\Windows\Syswow64\drivers\AsIO.sys
O41 - Driver: (badriver) . (. - .) - C:\Windows\System32\drivers\badriver.sys (.not file.)
O41 - Driver: (blbdrive) . (.Microsoft Corporation - BLB Drive Driver.) - C:\Windows\System32\DRIVERS\blbdrive.sys
O41 - Driver: (cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\Windows\System32\DRIVERS\cdrom.sys
O41 - Driver: C:\Windows\System32\cscsvc.dll (CSC) . (.Microsoft Corporation - Windows Client Side Caching Driver.) - C:\Windows\System32\drivers\csc.sys
O41 - Driver: C:\Windows\System32\drivers\dfsc.sys (DfsC) . (.Microsoft Corporation - DFS Namespace Client Driver.) - C:\Windows\System32\Drivers\dfsc.sys
O41 - Driver: C:\Windows\System32\drivers\discache.sys (discache) . (.Microsoft Corporation - System Indexer/Cache Driver.) - C:\Windows\System32\drivers\discache.sys
O41 - Driver: (dtsoftbus01) . (.Disc Soft Ltd - DAEMON Tools Virtual Bus Driver.) - C:\Windows\System32\DRIVERS\dtsoftbus01.sys
O41 - Driver: (ehdrv) . (.ESET - ESET Helper driver.) - C:\Windows\System32\DRIVERS\ehdrv.sys
O41 - Driver: (mssmbios) . (.Microsoft Corporation - System Management BIOS Driver.) - C:\Windows\System32\DRIVERS\mssmbios.sys
O41 - Driver: (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\Windows\System32\DRIVERS\netbios.sys
O41 - Driver: C:\Windows\System32\drivers\netbt.sys (NetBT) . (.Microsoft Corporation - MBT Transport driver.) - C:\Windows\System32\DRIVERS\netbt.sys
O41 - Driver: C:\Windows\System32\drivers\nsiproxy.sys (nsiproxy) . (.Microsoft Corporation - NSI Proxy.) - C:\Windows\System32\drivers\nsiproxy.sys
O41 - Driver: C:\Windows\System32\drivers\pacer.sys (Psched) . (.Microsoft Corporation - Agendador de pacotes de serviço.) - C:\Windows\System32\DRIVERS\pacer.sys
O41 - Driver: C:\Windows\System32\wkssvc.dll (rdbss) . (.Microsoft Corporation - Driver do Subsistema de Buffer da Unidade R.) - C:\Windows\System32\DRIVERS\rdbss.sys
O41 - Driver: C:\Windows\System32\DRIVERS\RDPCDD.sys (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\System32\DRIVERS\RDPCDD.sys
O41 - Driver: C:\Windows\System32\drivers\RDPENCDD.sys (RDPENCDD) . (.Microsoft Corporation - RDP Encoder Miniport.) - C:\Windows\System32\drivers\rdpencdd.sys
O41 - Driver: C:\Windows\System32\drivers\RdpRefMp.sys (RDPREFMP) . (.Microsoft Corporation - RDP Reflector Driver Miniport.) - C:\Windows\System32\drivers\rdprefmp.sys
O41 - Driver: (Serial) . (.Microsoft Corporation - Driver de dispositivo serial.) - C:\Windows\System32\DRIVERS\serial.sys
O41 - Driver: C:\Windows\System32\tcpipcfg.dll (tdx) . (.Microsoft Corporation - TDI Translation Driver.) - C:\Windows\System32\DRIVERS\tdx.sys
O41 - Driver: (TermDD) . (.Microsoft Corporation - Remote Desktop Server Driver.) - C:\Windows\System32\DRIVERS\termdd.sys
O41 - Driver: (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\Windows\system32\drivers\vga.sys
O41 - Driver: C:\Windows\System32\rascfg.dll (Wanarpv6) . (.Microsoft Corporation - MS Remote Access and Routing ARP Driver.) - C:\Windows\System32\DRIVERS\wanarp.sys
O41 - Driver: (WfpLwf) . (.Microsoft Corporation - WFP NDIS 6.20 Lightweight Filter Driver.) - C:\Windows\System32\DRIVERS\wfplwf.sys
O41 - Driver: C:\Windows\System32\drivers\ws2ifsl.sys (ws2ifsl) . (.Microsoft Corporation - Winsock2 IFS Layer.) - C:\Windows\system32\drivers\ws2ifsl.sys
~ Drivers: 78 Scanned in 00mn 00s



---\\ Software instalados (042)
O42 - Logiciel: Adobe AIR - (.Adobe Systems Inc..) [HKLM][64Bits] -- Adobe AIR
O42 - Logiciel: Adobe AIR - (.Adobe Systems Inc..) [HKLM][64Bits] -- {A2BCA9F1-566C-4805-97D1-7FDC93386723}
O42 - Logiciel: Adobe Creative Suite 5 Master Collection - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {1BBD8D70-721A-41AD-AC8F-7308A0C8FA92}
O42 - Logiciel: Adobe Flash Player 15 ActiveX - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- Adobe Flash Player ActiveX
O42 - Logiciel: Adobe Flash Player 15 Plugin - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- Adobe Flash Player Plugin
O42 - Logiciel: Adobe Media Player - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
O42 - Logiciel: Adobe Media Player - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {DE3A9DC5-9A5D-6485-9662-347162C7E4CA}
O42 - Logiciel: Adobe Reader XI (11.0.09) - Português - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {AC76BA86-7AD7-1046-7B44-AB0000000001}
O42 - Logiciel: Bible-Discovery 3.8.0 - (.Miklos Zsido.) [HKLM][64Bits] -- Bible-Discovery
O42 - Logiciel: Biblia Eletrônica 3.7.8 - (.RkSoft Softwares Ltda.) [HKLM][64Bits] -- Biblia Eletrônica_is1
O42 - Logiciel: Corel Graphics - Windows Shell Extension - (.Corel Corporation.) [HKLM][64Bits] -- _{EBDC2D0D-1E26-4EF2-BB48-C7E18F7800C6}
O42 - Logiciel: Corel Graphics - Windows Shell Extension - (.Corel Corporation.) [HKLM][64Bits] -- {EBDC2D0D-1E26-4EF2-BB48-C7E18F7800C6}
O42 - Logiciel: Corel Graphics - Windows Shell Extension 32 Bit - (.Corel Corporation.) [HKLM][64Bits] -- {79899C6B-E315-4A3F-8904-02DEAB8D660D}
O42 - Logiciel: CorelDRAW Graphics Suite X6 (64-Bit) - (.Corel Corporation.) [HKLM][64Bits] -- _{BDBFAC49-8877-472F-876B-75ADB7DBC955}
O42 - Logiciel: CorelDRAW Graphics Suite X6 - IPM - (.Corel Corporation.) [HKLM][64Bits] -- {B6DF7031-2843-44FD-9CAB-DECAB4257456}
O42 - Logiciel: CorelDRAW Graphics Suite X6 - Writing Tools (x64) - (. Corel Corporation.) [HKLM][64Bits] -- {DDE82E3D-20C4-48E1-AE1D-B1F10E42CA44}
O42 - Logiciel: CyberLink PowerDVD 12 - (.CyberLink Corp..) [HKLM][64Bits] -- InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}
O42 - Logiciel: CyberLink PowerDVD 12 - (.CyberLink Corp..) [HKLM][64Bits] -- {B46BEA36-0B71-4A4E-AE41-87241643FA0A}
O42 - Logiciel: DAEMON Tools Lite - (.Disc Soft Ltd.) [HKLM][64Bits] -- DAEMON Tools Lite =>.DT Soft Ltd
O42 - Logiciel: Estudo de melhoria do produto HP Deskjet 1050 J410 series - (.Hewlett-Packard Co..) [HKLM][64Bits] -- {635F1CD2-00BC-4613-AAA6-3DCD1986767C}
O42 - Logiciel: Facebook Video Calling 3.1.0.521 - (.Skype Limited.) [HKLM][64Bits] -- {2091F234-EB58-4B80-8C96-8EB78C808CF7}
O42 - Logiciel: FormatFactory 3.3.5.0 - (.Format Factory.) [HKLM][64Bits] -- FormatFactory
O42 - Logiciel: Google Chrome - (.Google Inc..) [HKLM][64Bits] -- Google Chrome
O42 - Logiciel: Google Earth - (.Google.) [HKLM][64Bits] -- {4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E} =>.Google Inc
O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM][64Bits] -- {A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
O42 - Logiciel: HP Deskjet 1050 J410 series Ajuda - (.Hewlett Packard.) [HKLM][64Bits] -- {5C90D8CF-F12A-41C6-9007-3B651A1F0D78}
O42 - Logiciel: HP Photo Creations - (.HP Photo Creations Powered by RocketLife.) [HKLM][64Bits] -- HP Photo Creations
O42 - Logiciel: HP Update - (.Hewlett-Packard.) [HKLM][64Bits] -- {B0069CFA-5BB9-4C03-B1C6-89CE290E5AFE}
O42 - Logiciel: Intel(R) Management Engine Components - (.Intel Corporation.) [HKLM][64Bits] -- {65153EA5-8B6E-43B6-857B-C6E4FC25798A}
O42 - Logiciel: Intel(R) Processor Graphics - (.Intel Corporation.) [HKLM][64Bits] -- {F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}
O42 - Logiciel: Intel(R) SDK for OpenCL - CPU Only Runtime Package - (.Intel Corporation.) [HKLM][64Bits] -- {FCB3772C-B7D0-4933-B1A9-3707EBACC573}
O42 - Logiciel: Intel(R) USB 3.0 eXtensible Host Controller Driver - (.Intel Corporation.) [HKLM][64Bits] -- {240C3DDD-C5E9-4029-9DF7-95650D040CF2}
O42 - Logiciel: Intel® Trusted Connect Service Client - (.Intel Corporation.) [HKLM][64Bits] -- {B5E06417-A4AC-4225-B36E-7E34C91616E7}
O42 - Logiciel: Java 7 Update 55 (64-bit) - (.Oracle.) [HKLM][64Bits] -- {26A24AE4-039D-4CA4-87B4-2F86417055FF}
O42 - Logiciel: Java 7 Update 67 - (.Oracle.) [HKLM][64Bits] -- {26A24AE4-039D-4CA4-87B4-2F03217067FF}
O42 - Logiciel: K-Lite Mega Codec Pack 9.9.5 - (...) [HKLM][64Bits] -- KLiteCodecPack_is1
O42 - Logiciel: Men of War: Assault Squad 2 - (...) [HKLM][64Bits] -- TWVub2ZXYXJBc3NhdWx0U3F1YWQy_is1
O42 - Logiciel: Microsoft Access MUI (Portuguese (Brazil)) 2013 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90150000-0015-0416-1000-0000000FF1CE}
O42 - Logiciel: Microsoft DCF MUI (Portuguese (Brazil)) 2013 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90150000-0090-0416-1000-0000000FF1CE}
O42 - Logiciel: Microsoft Excel MUI (Portuguese (Brazil)) 2013 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90150000-0016-0416-1000-0000000FF1CE}
O42 - Logiciel: Microsoft Groove MUI (Portuguese (Brazil)) 2013 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90150000-00BA-0416-1000-0000000FF1CE}
O42 - Logiciel: Microsoft InfoPath MUI (Portuguese (Brazil)) 2013 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90150000-0044-0416-1000-0000000FF1CE}
O42 - Logiciel: Microsoft Lync MUI (Portuguese (Brazil)) 2013 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90150000-012B-0416-1000-0000000FF1CE}
O42 - Logiciel: Microsoft OneNote MUI (Portuguese (Brazil)) 2013 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90150000-00A1-0416-1000-0000000FF1CE} =>.Microsoft Corporation
O42 - Logiciel: Microsoft Outlook MUI (Portuguese (Brazil)) 2013 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90150000-001A-0416-1000-0000000FF1CE}
O42 - Logiciel: Microsoft PowerPoint MUI (Portuguese (Brazil)) 2013 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90150000-0018-0416-1000-0000000FF1CE}
O42 - Logiciel: Microsoft Publisher MUI (Portuguese (Brazil)) 2013 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90150000-0019-0416-1000-0000000FF1CE}
O42 - Logiciel: Microsoft Silverlight - (.Microsoft Corporation.) [HKLM][64Bits] -- {89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
O42 - Logiciel: Microsoft Word MUI (Portuguese (Brazil)) 2013 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90150000-001B-0416-1000-0000000FF1CE}
O42 - Logiciel: Minha Biblia - (.Friendship Solutions:.) [HKLM][64Bits] -- {738C450E-378C-42E7-B8D2-A36EC068A1D3}
O42 - Logiciel: Mozilla Firefox 32.0.3 (x86 pt-BR) - (.Mozilla.) [HKLM][64Bits] -- Mozilla Firefox 32.0.3 (x86 pt-BR)
O42 - Logiciel: Mozilla Maintenance Service - (.Mozilla.) [HKLM][64Bits] -- MozillaMaintenanceService
O42 - Logiciel: Nero 12 - (.Nero AG.) [HKLM][64Bits] -- {560FC78C-A4B2-461D-9B47-820C1EEF87B8}
O42 - Logiciel: Nero Audio Pack 1 - (.Nero AG.) [HKLM][64Bits] -- {A7A0BF2E-31CC-49E3-9913-52C503EB969D}
O42 - Logiciel: Nero BackItUp Help (CHM) - (.Nero AG.) [HKLM][64Bits] -- {EF0D1292-8FC1-41BE-9740-DBC134F66415}
O42 - Logiciel: Nero Blu-ray Player - (.Nero AG.) [HKLM][64Bits] -- {A2FE691E-3F8E-4E30-AA7D-FF17AC77EA87}
O42 - Logiciel: Nero Blu-ray Player Help (CHM) - (.Nero AG.) [HKLM][64Bits] -- {5B79E730-D897-4B8F-A1AD-7BB2D1F22B96}
O42 - Logiciel: Nero Burning ROM - (.Nero AG.) [HKLM][64Bits] -- {5963F4B4-D138-47CD-ADEF-470E87E185BD}
O42 - Logiciel: Nero Burning ROM Help (CHM) - (.Nero AG.) [HKLM][64Bits] -- {2890E324-6F3B-4975-8B95-E7D6D80E0226}
O42 - Logiciel: Nero ControlCenter - (.Nero AG.) [HKLM][64Bits] -- {ABC88553-8770-4B97-B43E-5A90647A5B63}
O42 - Logiciel: Nero ControlCenter Help (CHM) - (.Nero AG.) [HKLM][64Bits] -- {C994C746-C6D0-4EBA-B09E-DF7B18381B69}
O42 - Logiciel: Nero Core Components - (.Nero AG.) [HKLM][64Bits] -- {BEBEE34D-84A2-4EDD-8BEA-96CC54371263}
O42 - Logiciel: Nero Disc Menus Basic - (.Nero AG.) [HKLM][64Bits] -- {E17BCB76-9924-4BD5-B6D6-50D3407B4E74}
O42 - Logiciel: Nero Effects Basic - (.Nero AG.) [HKLM][64Bits] -- {29F67D84-3A70-456E-806A-52301B02070B}
O42 - Logiciel: Nero Express - (.Nero AG.) [HKLM][64Bits] -- {848A7C68-0ADC-4193-8A89-2CEA78E56A0C}
O42 - Logiciel: Nero Express Help (CHM) - (.Nero AG.) [HKLM][64Bits] -- {0708FF30-78C0-47B0-81F0-C84604DC769C}
O42 - Logiciel: Nero Kwik Media - (.Nero AG.) [HKLM][64Bits] -- {052A1E34-A54B-458C-A4E3-24C3E054754A}
O42 - Logiciel: Nero Kwik Media Help (CHM) - (.Nero AG.) [HKLM][64Bits] -- {1F16820E-D0E7-4636-939E-45CBFEFB06E1}
O42 - Logiciel: Nero Kwik Themes Basic - (.Nero AG.) [HKLM][64Bits] -- {1B6F5E51-575E-4693-BCA2-7543570D076D}
O42 - Logiciel: Nero PiP Effects Basic - (.Nero AG.) [HKLM][64Bits] -- {ACE49D50-19CD-44A6-B192-46F985283B26}
O42 - Logiciel: Nero Recode - (.Nero AG.) [HKLM][64Bits] -- {1943C3BD-4462-4612-92C3-D36DD917C447}
O42 - Logiciel: Nero Recode Help (CHM) - (.Nero AG.) [HKLM][64Bits] -- {86847081-B387-4F49-AED1-C9B0A090D66C}
O42 - Logiciel: Nero RescueAgent - (.Nero AG.) [HKLM][64Bits] -- {B953732D-B623-4E84-B369-CFFF7B1AE06F}
O42 - Logiciel: Nero RescueAgent Help (CHM) - (.Nero AG.) [HKLM][64Bits] -- {0B311221-05A5-4766-8D03-7A6446794156}
O42 - Logiciel: Nero SharedVideoCodecs - (.Nero AG.) [HKLM][64Bits] -- {2432E589-6256-4513-B0BF-EFA8E325D5F0}
O42 - Logiciel: Nero Video - (.Nero AG.) [HKLM][64Bits] -- {83FCCFCD-46E3-43FB-A397-78BFD5A8980A}
O42 - Logiciel: Nero Video Help (CHM) - (.Nero AG.) [HKLM][64Bits] -- {B128179D-A5E1-43AC-9422-12A109ECD2A0}
O42 - Logiciel: PDF Settings CS5 - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {A78FE97A-C0C8-49CE-89D0-EDD524A17392}
O42 - Logiciel: Pro Evolution Soccer 2009 - (.KONAMI.) [HKLM][64Bits] -- {A8DB611A-D80E-450D-85F6-3ACDD164BE31}
O42 - Logiciel: Rambo The Video Game - (.Reef Entertainment.) [HKLM][64Bits] -- {48CB69A5-D098-4CA6-A58F-4255ED6DBE49}_is1
O42 - Logiciel: Realtek High Definition Audio Driver - (.Realtek Semiconductor Corp..) [HKLM][64Bits] -- {F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}
O42 - Logiciel: Rosso Rabbit in Trouble - (...) [HKLM][64Bits] -- Rosso Rabbit in Trouble_is1
O42 - Logiciel: Show do Cristão - (.Oltre Vita Informática Ltda.) [HKLM][64Bits] -- Show do Cristão_is1
O42 - Logiciel: Skype™ 6.3 - (.Skype Technologies S.A..) [HKLM][64Bits] -- {4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}
O42 - Logiciel: Software básico do dispositivo HP Deskjet 1050 J410 series - (.Hewlett-Packard Co..) [HKLM][64Bits] -- {06A5A3AF-AFA5-4278-868E-BFD494A9B08B}
O42 - Logiciel: Sony Picture Utility - (.Sony Corporation.) [HKLM][64Bits] -- {D5068583-D569-468B-9755-5FBF5848F46F}
O42 - Logiciel: Tomb Raider: Legend 1.0 - (...) [HKLM][64Bits] -- Tomb Raider: Legend
O42 - Logiciel: VLC media player 2.1.3 - (.VideoLAN.) [HKLM][64Bits] -- VLC media player =>.VideoLAN
O42 - Logiciel: Welcome App (Start-up experience) - (.Nero AG.) [HKLM][64Bits] -- {828175FA-7307-4DBF-95AD-9CEE086B6F45}
O42 - Logiciel: WinRAR 4.11 (64-bit) - (.win.rar GmbH.) [HKLM][64Bits] -- WinRAR archiver
O42 - Logiciel: Winamp - (.Nullsoft, Inc.) [HKLM][64Bits] -- Winamp
O42 - Logiciel: aTube Catcher - (.DsNET Corp.) [HKLM][64Bits] -- aTube Catcher
O42 - Logiciel: aTube Catcher versão 3.8 - (.DsNET Corp.) [HKLM][64Bits] -- {D43B360E-722D-421B-BC77-20B9E0F8B6CD}_is1
O42 - Logiciel: neroxml - (.Nero AG.) [HKLM][64Bits] -- {56C049BE-79E9-4502-BEA7-9754A3E60F9B}
O42 - Logiciel: µTorrent - (.BitTorrent Inc..) [HKCU][64Bits] -- uTorrent =>P2P.BitTorrent
~ Logic: 53 Scanned in 00mn 00s



---\\ HKCU & HKLM Software Keys
[HKCU\Software\Adobe]
[HKCU\Software\AppDataLow\Software\Freeven Pro 1.4] =>PUP.Freeven
[HKCU\Software\AppDataLow\Software\JavaSoft]
[HKCU\Software\AppDataLow\Software\Plus-HD-9.5v4] =>Adware.PlusHD
[HKCU\Software\AppDataLow\Software\WinToFlash Suggestor] =>Spyware.WinToFlash
[HKCU\Software\AppDataLow]
[HKCU\Software\Aspyr Media]
[HKCU\Software\Baidu Security]
[HKCU\Software\Baixaki]
[HKCU\Software\Baixou Agora]
[HKCU\Software\BitTorrent] =>P2P.BitTorrent
[HKCU\Software\Chromium]
[HKCU\Software\Classes]
[HKCU\Software\Clients]
[HKCU\Software\ContentExplorer] =>PUP.ContentExplorer
[HKCU\Software\Corel]
[HKCU\Software\Crystal Dynamics]
[HKCU\Software\Cyberlink]
[HKCU\Software\Digimarc]
[HKCU\Software\Disc Soft]
[HKCU\Software\DivXNetworks]
[HKCU\Software\ESET]
[HKCU\Software\Facebook]
[HKCU\Software\FreeTime]
[HKCU\Software\GNU]
[HKCU\Software\Gabest]
[HKCU\Software\GameSpy]
[HKCU\Software\Google]
[HKCU\Software\HP]
[HKCU\Software\Haali]
[HKCU\Software\IM Providers]
[HKCU\Software\Icaros]
[HKCU\Software\Infinite Monkeys]
[HKCU\Software\Intel]
[HKCU\Software\JavaSoft]
[HKCU\Software\Lake]
[HKCU\Software\Leadertech]
[HKCU\Software\Licenses]
[HKCU\Software\Ludeon Studios]
[HKCU\Software\MGB Informática]
[HKCU\Software\Macromedia]
[HKCU\Software\MediaInfo]
[HKCU\Software\Megacubo]
[HKCU\Software\Mercury Games]
[HKCU\Software\Mimimi Productions]
[HKCU\Software\MotionFactory]
[HKCU\Software\MozillaPlugins]
[HKCU\Software\Mozilla]
[HKCU\Software\Nero]
[HKCU\Software\Netscape]
[HKCU\Software\ODBC]
[HKCU\Software\Policies]
[HKCU\Software\Realtek]
[HKCU\Software\RkSoft]
[HKCU\Software\SkypeRS]
[HKCU\Software\Skype]
[HKCU\Software\SlimWare Utilities Inc]
[HKCU\Software\Sony Corporation]
[HKCU\Software\Sysinternals]
[HKCU\Software\Trolltech]
[HKCU\Software\Ubisoft]
[HKCU\Software\Unity]
[HKCU\Software\VB and VBA Program Settings]
[HKCU\Software\Valve]
[HKCU\Software\Visan]
[HKCU\Software\Wget]
[HKCU\Software\WinRAR SFX]
[HKCU\Software\WinRAR]
[HKCU\Software\Winamp]
[HKCU\Software\Wow6432Node]
[HKCU\Software\ej-technologies]
[HKCU\Software\kde.org]
[HKCU\Software\madshi]
[HKCU\Software\tutotest]
[HKLM\Software\ATI Technologies]
[HKLM\Software\Adobe]
[HKLM\Software\Baidu Security]
[HKLM\Software\Bitstream]
[HKLM\Software\CBSTEST]
[HKLM\Software\Classes]
[HKLM\Software\Clients]
[HKLM\Software\Corel]
[HKLM\Software\Cyberlink]
[HKLM\Software\DTS]
[HKLM\Software\Dolby]
[HKLM\Software\ESET]
[HKLM\Software\Google]
[HKLM\Software\HP]
[HKLM\Software\IM Providers]
[HKLM\Software\Imagineer Systems Ltd]
[HKLM\Software\Intel]
[HKLM\Software\JavaSoft]
[HKLM\Software\KONAMIPES6]
[HKLM\Software\Khronos]
[HKLM\Software\Knowles]
[HKLM\Software\Macromedia]
[HKLM\Software\MozillaPlugins]
[HKLM\Software\Mozilla]
[HKLM\Software\Nuance]
[HKLM\Software\ODBC]
[HKLM\Software\Policies]
[HKLM\Software\Protexis64]
[HKLM\Software\Realtek]
[HKLM\Software\RegisteredApplications]
[HKLM\Software\SRS Labs]
[HKLM\Software\SonicFocus]
[HKLM\Software\Sonic]
[HKLM\Software\Synthetic Aperture]
[HKLM\Software\Waves Audio]
[HKLM\Software\WinRAR]
[HKLM\Software\Wow6432Node\ASUS]
[HKLM\Software\Wow6432Node\Aardwork]
[HKLM\Software\Wow6432Node\Adobe]
[HKLM\Software\Wow6432Node\AdwCleaner]
[HKLM\Software\Wow6432Node\AviSynth]
[HKLM\Software\Wow6432Node\Baidu Security]
[HKLM\Software\Wow6432Node\Baidu_Drp_pos]
[HKLM\Software\Wow6432Node\C07ft5Y]
[HKLM\Software\Wow6432Node\CDDB]
[HKLM\Software\Wow6432Node\Chromium]
[HKLM\Software\Wow6432Node\Classes]
[HKLM\Software\Wow6432Node\Clients]
[HKLM\Software\Wow6432Node\ComodoGroup]
[HKLM\Software\Wow6432Node\Comodo]
[HKLM\Software\Wow6432Node\Corel]
[HKLM\Software\Wow6432Node\Crave]
[HKLM\Software\Wow6432Node\Crystal Dynamics]
[HKLM\Software\Wow6432Node\CyberLink]
[HKLM\Software\Wow6432Node\DT Soft]
[HKLM\Software\Wow6432Node\Disc Soft]
[HKLM\Software\Wow6432Node\ESET]
[HKLM\Software\Wow6432Node\Freemake]
[HKLM\Software\Wow6432Node\Freeven Pro 1.4] =>PUP.Freeven
[HKLM\Software\Wow6432Node\GNU]
[HKLM\Software\Wow6432Node\GameVicio]
[HKLM\Software\Wow6432Node\Google]
[HKLM\Software\Wow6432Node\HaaliMkx]
[HKLM\Software\Wow6432Node\Hewlett-Packard]
[HKLM\Software\Wow6432Node\HiDefMedia]
[HKLM\Software\Wow6432Node\IM Providers]
[HKLM\Software\Wow6432Node\Icaros]
[HKLM\Software\Wow6432Node\InstallShield]
[HKLM\Software\Wow6432Node\Intel]
[HKLM\Software\Wow6432Node\JavaSoft]
[HKLM\Software\Wow6432Node\JreMetrics]
[HKLM\Software\Wow6432Node\KLCodecPack]
[HKLM\Software\Wow6432Node\KONAMI]
[HKLM\Software\Wow6432Node\Khronos]
[HKLM\Software\Wow6432Node\LAV]
[HKLM\Software\Wow6432Node\Lake]
[HKLM\Software\Wow6432Node\Licenses]
[HKLM\Software\Wow6432Node\Macromedia]
[HKLM\Software\Wow6432Node\Megacubo]
[HKLM\Software\Wow6432Node\MozillaPlugins]
[HKLM\Software\Wow6432Node\Mozilla]
[HKLM\Software\Wow6432Node\Nero]
[HKLM\Software\Wow6432Node\Nuance]
[HKLM\Software\Wow6432Node\Nullsoft]
[HKLM\Software\Wow6432Node\ODBC]
[HKLM\Software\Wow6432Node\Plus-HD-9.5v4] =>Adware.PlusHD
[HKLM\Software\Wow6432Node\Policies]
[HKLM\Software\Wow6432Node\PowerPivot]
[HKLM\Software\Wow6432Node\Psygnosis]
[HKLM\Software\Wow6432Node\Quiknowledge]
[HKLM\Software\Wow6432Node\ROSSOgame]
[HKLM\Software\Wow6432Node\Realtek Semiconductor Corp.]
[HKLM\Software\Wow6432Node\Realtek]
[HKLM\Software\Wow6432Node\Reef Entertainment]
[HKLM\Software\Wow6432Node\RegisteredApplications]
[HKLM\Software\Wow6432Node\RkSoft]
[HKLM\Software\Wow6432Node\RocketLife]
[HKLM\Software\Wow6432Node\SiteFinder] =>Adware.ShoppingReport
[HKLM\Software\Wow6432Node\Skype]
[HKLM\Software\Wow6432Node\SlimWare Utilities Inc]
[HKLM\Software\Wow6432Node\Sony Corporation]
[HKLM\Software\Wow6432Node\Taronja]
[HKLM\Software\Wow6432Node\TrendMicro]
[HKLM\Software\Wow6432Node\VideoLAN]
[HKLM\Software\Wow6432Node\Visan]
[HKLM\Software\Wow6432Node\Volatile]
[HKLM\Software\Wow6432Node\mozilla.org]
[HKLM\Software\Wow6432Node]
[HKLM\Software\swearware]
~ Key Software: 334 Scanned in 00mn 00s
kipper
kipper
Iniciante
Iniciante

Mensagens : 48
Reputação : 1
Data de inscrição : 06/06/2014
Idade : 46

Ir para o topo Ir para baixo

pc lento para ligar ... Empty Re: pc lento para ligar ...

Mensagem por kipper Qua 15 Out 2014, 18:30

2° parte


---\\ Conteúdo das pastas Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 18/05/2014 - 18:44:45 - [] ----D C:\Program Files (x86)\Adobe
O43 - CFD: 30/07/2013 - 15:50:27 - [] ----D C:\Program Files (x86)\Adobe Media Player
O43 - CFD: 11/05/2014 - 16:42:12 - [] ----D C:\Program Files (x86)\Aspyr
O43 - CFD: 17/04/2014 - 10:24:17 - [] ----D C:\Program Files (x86)\ASUS
O43 - CFD: 07/10/2014 - 18:03:58 - [] ----D C:\Program Files (x86)\Bible-Discovery
O43 - CFD: 20/05/2014 - 18:04:33 - [] ----D C:\Program Files (x86)\Black Bean
O43 - CFD: 26/05/2014 - 17:40:55 - [] ----D C:\Program Files (x86)\CGN
O43 - CFD: 09/08/2014 - 09:52:53 - [] ----D C:\Program Files (x86)\Common Files
O43 - CFD: 13/10/2014 - 20:02:12 - [] ----D C:\Program Files (x86)\Connon Fodder 3
O43 - CFD: 30/07/2013 - 16:04:47 - [] ----D C:\Program Files (x86)\CyberLink
O43 - CFD: 09/05/2014 - 20:19:41 - [] ----D C:\Program Files (x86)\DAEMON Tools Lite =>.DT Soft Ltd
O43 - CFD: 24/06/2014 - 20:13:31 - [] ----D C:\Program Files (x86)\DsNET Corp
O43 - CFD: 17/06/2014 - 15:17:40 - [] ----D C:\Program Files (x86)\Foxy Games
O43 - CFD: 14/10/2014 - 17:30:31 - [0] ----D C:\Program Files (x86)\Freemake
O43 - CFD: 03/05/2014 - 18:44:15 - [] ----D C:\Program Files (x86)\FreeTime
O43 - CFD: 28/04/2014 - 21:49:53 - [] ----D C:\Program Files (x86)\Friendship
O43 - CFD: 29/09/2014 - 16:57:44 - [] ----D C:\Program Files (x86)\GameVicio
O43 - CFD: 07/09/2014 - 20:33:46 - [] ----D C:\Program Files (x86)\Google
O43 - CFD: 19/04/2014 - 22:33:12 - [] ----D C:\Program Files (x86)\HP
O43 - CFD: 19/04/2014 - 22:33:15 - [] ----D C:\Program Files (x86)\HP Photo Creations
O43 - CFD: 01/10/2014 - 17:57:17 - [] --H-D C:\Program Files (x86)\InstallShield Installation Information
O43 - CFD: 17/04/2014 - 10:28:09 - [] ----D C:\Program Files (x86)\Intel
O43 - CFD: 30/07/2013 - 16:24:13 - [] ----D C:\Program Files (x86)\Internet Explorer
O43 - CFD: 09/08/2014 - 09:52:40 - [] ----D C:\Program Files (x86)\Java
O43 - CFD: 30/07/2013 - 16:10:43 - [] ----D C:\Program Files (x86)\K-Lite Codec Pack
O43 - CFD: 28/06/2014 - 10:29:52 - [] ----D C:\Program Files (x86)\KONAMI
O43 - CFD: 08/07/2014 - 14:22:15 - [] ----D C:\Program Files (x86)\Men of War Assault Squad 2
O43 - CFD: 30/07/2013 - 15:02:25 - [] ----D C:\Program Files (x86)\Microsoft Analysis Services
O43 - CFD: 30/07/2013 - 15:02:18 - [] ----D C:\Program Files (x86)\Microsoft Office
O43 - CFD: 19/04/2014 - 22:33:29 - [] ----D C:\Program Files (x86)\Microsoft Silverlight
O43 - CFD: 30/07/2013 - 15:03:36 - [] ----D C:\Program Files (x86)\Microsoft SQL Server
O43 - CFD: 30/07/2013 - 15:03:36 - [] ----D C:\Program Files (x86)\Microsoft.NET
O43 - CFD: 17/09/2014 - 20:49:29 - [] ----D C:\Program Files (x86)\Movie Maker 2.6
O43 - CFD: 26/09/2014 - 07:36:37 - [] ----D C:\Program Files (x86)\Mozilla Firefox
O43 - CFD: 28/09/2014 - 16:47:15 - [] ----D C:\Program Files (x86)\Mozilla Maintenance Service
O43 - CFD: 14/07/2009 - 02:32:38 - [] ----D C:\Program Files (x86)\MSBuild
O43 - CFD: 30/07/2013 - 14:58:38 - [] ----D C:\Program Files (x86)\Nero
O43 - CFD: 13/05/2014 - 17:18:04 - [] ----D C:\Program Files (x86)\NovaLogic
O43 - CFD: 30/07/2013 - 14:33:24 - [] ----D C:\Program Files (x86)\Realtek
O43 - CFD: 21/07/2014 - 19:07:30 - [] ----D C:\Program Files (x86)\Reef Entertainment
O43 - CFD: 14/07/2009 - 02:32:38 - [] ----D C:\Program Files (x86)\Reference Assemblies
O43 - CFD: 21/05/2014 - 20:05:27 - [] ----D C:\Program Files (x86)\RkSoft
O43 - CFD: 13/05/2014 - 16:01:01 - [] ----D C:\Program Files (x86)\Rosso Rabbit in Trouble
O43 - CFD: 19/05/2014 - 19:56:18 - [] ----D C:\Program Files (x86)\Show do Cristão
O43 - CFD: 30/07/2013 - 16:10:19 - [] R---D C:\Program Files (x86)\Skype
O43 - CFD: 20/04/2014 - 16:59:59 - [] ----D C:\Program Files (x86)\Sony
O43 - CFD: 23/06/2014 - 19:27:47 - [] ----D C:\Program Files (x86)\SQUARE ENIX - Eidos Interactive
O43 - CFD: 21/04/2014 - 18:25:02 - [] ----D C:\Program Files (x86)\SupportInfo
O43 - CFD: 17/04/2014 - 10:49:34 - [0] --H-D C:\Program Files (x86)\Temp
O43 - CFD: 29/09/2014 - 16:57:44 - [] ----D C:\Program Files (x86)\Tomb Raider - Legend
O43 - CFD: 01/10/2014 - 17:38:57 - [] ----D C:\Program Files (x86)\Ubisoft
O43 - CFD: 14/07/2009 - 01:57:06 - [0] --H-D C:\Program Files (x86)\Uninstall Information
O43 - CFD: 17/07/2014 - 16:34:26 - [] ----D C:\Program Files (x86)\VideoLAN
O43 - CFD: 14/10/2014 - 19:43:50 - [0] ----D C:\Program Files (x86)\VS Revo Group
O43 - CFD: 13/09/2014 - 15:23:22 - [] ----D C:\Program Files (x86)\Winamp
O43 - CFD: 12/04/2011 - 10:40:11 - [] ----D C:\Program Files (x86)\Windows Defender
O43 - CFD: 12/04/2011 - 10:40:11 - [] ----D C:\Program Files (x86)\Windows Mail =>.Microsoft Corporation
O43 - CFD: 12/04/2011 - 10:40:11 - [] ----D C:\Program Files (x86)\Windows Media Player =>.Microsoft Corporation
O43 - CFD: 14/07/2009 - 02:32:38 - [] ----D C:\Program Files (x86)\Windows NT
O43 - CFD: 12/04/2011 - 10:40:11 - [] ----D C:\Program Files (x86)\Windows Photo Viewer
O43 - CFD: 21/11/2010 - 00:31:38 - [] ----D C:\Program Files (x86)\Windows Portable Devices
O43 - CFD: 12/04/2011 - 10:40:11 - [] ----D C:\Program Files (x86)\Windows Sidebar
O43 - CFD: 16/09/2014 - 14:11:17 - [] ----D C:\Program Files (x86)\Wolfenstein The New Order
O43 - CFD: 15/10/2014 - 16:54:55 - [] ----D C:\Program Files (x86)\ZHPDiag =>.Nicolas Coolman
O43 - CFD: 18/04/2014 - 10:46:25 - [] ----D C:\Program Files (x86)\Common Files\Adobe
O43 - CFD: 30/07/2013 - 15:49:15 - [] ----D C:\Program Files (x86)\Common Files\Adobe AIR
O43 - CFD: 20/05/2014 - 17:29:05 - [] ----D C:\Program Files (x86)\Common Files\InstallShield
O43 - CFD: 17/04/2014 - 10:19:00 - [] ----D C:\Program Files (x86)\Common Files\Intel
O43 - CFD: 09/08/2014 - 09:52:53 - [] ----D C:\Program Files (x86)\Common Files\Java
O43 - CFD: 09/05/2014 - 20:33:26 - [] ----D C:\Program Files (x86)\Common Files\microsoft shared
O43 - CFD: 30/07/2013 - 14:57:59 - [] ----D C:\Program Files (x86)\Common Files\Nero
O43 - CFD: 30/07/2013 - 14:32:01 - [] ----D C:\Program Files (x86)\Common Files\postureAgent
O43 - CFD: 13/09/2014 - 15:23:12 - [] ----D C:\Program Files (x86)\Common Files\PX Storage Engine
O43 - CFD: 14/07/2009 - 00:20:08 - [] ----D C:\Program Files (x86)\Common Files\Services
O43 - CFD: 30/07/2013 - 16:10:19 - [] ----D C:\Program Files (x86)\Common Files\Skype
O43 - CFD: 20/04/2014 - 16:59:56 - [] ----D C:\Program Files (x86)\Common Files\Sonic Shared
O43 - CFD: 14/07/2009 - 00:20:08 - [] ----D C:\Program Files (x86)\Common Files\SpeechEngines
O43 - CFD: 12/04/2011 - 10:40:11 - [] ----D C:\Program Files (x86)\Common Files\System
O43 - CFD: 10/05/2014 - 08:12:51 - [] ----D C:\ProgramData\Adobe
O43 - CFD: 14/07/2009 - 02:08:56 - [] -SH-D C:\ProgramData\Application Data
O43 - CFD: 25/04/2014 - 20:09:21 - [] ----D C:\ProgramData\Caphyon
O43 - CFD: 30/07/2013 - 15:39:57 - [] ----D C:\ProgramData\Corel
O43 - CFD: 03/10/2014 - 21:32:19 - [] ----D C:\ProgramData\CyberLink
O43 - CFD: 30/07/2013 - 13:51:10 - [] -SH-D C:\ProgramData\Dados de aplicativos
O43 - CFD: 09/05/2014 - 19:53:07 - [] ----D C:\ProgramData\DAEMON Tools Lite =>.DT Soft Ltd
O43 - CFD: 14/07/2009 - 02:08:56 - [] -SH-D C:\ProgramData\Desktop
O43 - CFD: 30/07/2013 - 13:51:10 - [] -SH-D C:\ProgramData\Documentos
O43 - CFD: 14/07/2009 - 02:08:56 - [] -SH-D C:\ProgramData\Documents
O43 - CFD: 30/07/2013 - 16:15:55 - [] ----D C:\ProgramData\ESET
O43 - CFD: 14/07/2009 - 02:08:56 - [] -SH-D C:\ProgramData\Favorites
O43 - CFD: 30/07/2013 - 13:51:10 - [] -SH-D C:\ProgramData\Favoritos
O43 - CFD: 19/04/2014 - 22:35:24 - [] ----D C:\ProgramData\HP
O43 - CFD: 19/04/2014 - 22:35:32 - [] ----D C:\ProgramData\HP Photo Creations
O43 - CFD: 30/07/2013 - 16:02:03 - [] ----D C:\ProgramData\install_clap
O43 - CFD: 30/07/2013 - 14:33:08 - [] ----D C:\ProgramData\Intel
O43 - CFD: 28/06/2014 - 10:33:33 - [] ----D C:\ProgramData\KONAMI
O43 - CFD: 30/07/2013 - 13:51:10 - [] -SH-D C:\ProgramData\Menu Iniciar
O43 - CFD: 19/04/2014 - 22:33:44 - [] -S--D C:\ProgramData\Microsoft
O43 - CFD: 25/04/2014 - 22:42:46 - [] ----D C:\ProgramData\Microsoft Help
O43 - CFD: 30/07/2013 - 13:51:10 - [] -SH-D C:\ProgramData\Modelos
O43 - CFD: 17/04/2014 - 16:52:16 - [] ----D C:\ProgramData\Mozilla
O43 - CFD: 30/07/2013 - 14:57:27 - [] ----D C:\ProgramData\Nero
O43 - CFD: 09/08/2014 - 09:53:05 - [0] ----D C:\ProgramData\Oracle
O43 - CFD: 30/07/2013 - 16:05:20 - [] ----D C:\ProgramData\PDVD
O43 - CFD: 30/07/2013 - 15:44:01 - [] ----D C:\ProgramData\Protexis64
O43 - CFD: 14/07/2014 - 21:25:12 - [] ----D C:\ProgramData\regid.1986-12.com.adobe
O43 - CFD: 30/07/2013 - 15:03:33 - [] ----D C:\ProgramData\regid.1991-06.com.microsoft
O43 - CFD: 16/06/2014 - 14:31:41 - [] ----D C:\ProgramData\reiza
O43 - CFD: 30/07/2013 - 16:10:21 - [] ----D C:\ProgramData\Skype
O43 - CFD: 14/07/2009 - 02:08:56 - [] -SH-D C:\ProgramData\Start Menu
O43 - CFD: 25/04/2014 - 19:30:01 - [] ----D C:\ProgramData\Steam
O43 - CFD: 30/07/2013 - 16:14:10 - [] ----D C:\ProgramData\Sun
O43 - CFD: 30/07/2013 - 16:04:24 - [] ----D C:\ProgramData\Temp
O43 - CFD: 14/07/2009 - 02:08:56 - [] -SH-D C:\ProgramData\Templates
O43 - CFD: 14/07/2014 - 21:36:24 - [] ----D C:\Users\User\AppData\Roaming\Adobe
O43 - CFD: 21/07/2014 - 14:56:53 - [] ----D C:\Users\User\AppData\Roaming\Adobe Mini Bridge CS5
O43 - CFD: 17/04/2014 - 23:44:28 - [] ----D C:\Users\User\AppData\Roaming\Baidu Security
O43 - CFD: 30/07/2013 - 15:44:40 - [] ----D C:\Users\User\AppData\Roaming\Corel
O43 - CFD: 09/05/2014 - 20:32:00 - [] ----D C:\Users\User\AppData\Roaming\Crazy.Frog.Racer
O43 - CFD: 03/10/2014 - 21:32:10 - [] ----D C:\Users\User\AppData\Roaming\CyberLink
O43 - CFD: 21/07/2014 - 19:06:45 - [] ----D C:\Users\User\AppData\Roaming\DAEMON Tools Lite =>.DT Soft Ltd
O43 - CFD: 30/07/2013 - 13:51:30 - [] ----D C:\Users\User\AppData\Roaming\Identities
O43 - CFD: 30/07/2013 - 14:31:44 - [] ----D C:\Users\User\AppData\Roaming\InstallShield
O43 - CFD: 25/04/2014 - 20:12:17 - [] ----D C:\Users\User\AppData\Roaming\LastEnd Entertainment
O43 - CFD: 13/05/2014 - 17:18:28 - [] ----D C:\Users\User\AppData\Roaming\Leadertech
O43 - CFD: 26/04/2014 - 12:16:16 - [] ----D C:\Users\User\AppData\Roaming\Legacy Games
O43 - CFD: 30/07/2013 - 15:45:44 - [] ----D C:\Users\User\AppData\Roaming\Macromedia
O43 - CFD: 12/04/2011 - 11:20:47 - [0] ----D C:\Users\User\AppData\Roaming\Media Center Programs
O43 - CFD: 26/07/2014 - 10:25:20 - [] ----D C:\Users\User\AppData\Roaming\Media Player Classic
O43 - CFD: 05/07/2014 - 21:22:30 - [] -S--D C:\Users\User\AppData\Roaming\Microsoft
O43 - CFD: 17/04/2014 - 17:13:07 - [] ----D C:\Users\User\AppData\Roaming\Mozilla
O43 - CFD: 17/04/2014 - 16:13:22 - [] ----D C:\Users\User\AppData\Roaming\Nero
O43 - CFD: 15/10/2014 - 07:17:43 - [] ----D C:\Users\User\AppData\Roaming\Skype
O43 - CFD: 20/04/2014 - 17:03:31 - [] ----D C:\Users\User\AppData\Roaming\Sony Corporation
O43 - CFD: 21/07/2014 - 14:56:53 - [] ----D C:\Users\User\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
O43 - CFD: 15/10/2014 - 16:12:59 - [] ----D C:\Users\User\AppData\Roaming\uTorrent =>P2P.µTorrent
O43 - CFD: 14/10/2014 - 21:38:00 - [] ----D C:\Users\User\AppData\Roaming\vlc
O43 - CFD: 13/09/2014 - 15:27:05 - [] ----D C:\Users\User\AppData\Roaming\Winamp
O43 - CFD: 30/07/2013 - 16:14:28 - [] ----D C:\Users\User\AppData\Roaming\WinRAR
O43 - CFD: 15/10/2014 - 17:05:30 - [] ----D C:\Users\User\AppData\Roaming\ZHP =>.Nicolas Coolman
O43 - CFD: 14/07/2014 - 21:46:37 - [] ----D C:\Users\User\AppData\Local\Adobe
O43 - CFD: 17/04/2014 - 15:22:32 - [] ----D C:\Users\User\AppData\Local\Apps
O43 - CFD: 18/04/2014 - 09:52:57 - [] ----D C:\Users\User\AppData\Local\com
O43 - CFD: 15/10/2014 - 16:00:45 - [] ----D C:\Users\User\AppData\Local\CrashDumps
O43 - CFD: 30/07/2013 - 16:05:14 - [] ----D C:\Users\User\AppData\Local\CyberLink
O43 - CFD: 30/07/2013 - 13:51:19 - [] -SH-D C:\Users\User\AppData\Local\Dados de aplicativos
O43 - CFD: 17/04/2014 - 15:22:51 - [0] ----D C:\Users\User\AppData\Local\Deployment
O43 - CFD: 09/06/2014 - 10:45:58 - [0] ----D C:\Users\User\AppData\Local\Diagnostics
O43 - CFD: 13/10/2014 - 10:59:42 - [0] ----D C:\Users\User\AppData\Local\ElevatedDiagnostics
O43 - CFD: 17/04/2014 - 16:18:23 - [] ----D C:\Users\User\AppData\Local\ESET
O43 - CFD: 28/07/2014 - 22:09:43 - [] ----D C:\Users\User\AppData\Local\Facebook
O43 - CFD: 07/09/2014 - 20:33:47 - [] ----D C:\Users\User\AppData\Local\Google
O43 - CFD: 30/07/2013 - 13:51:19 - [] -SH-D C:\Users\User\AppData\Local\Histórico
O43 - CFD: 19/04/2014 - 22:44:28 - [] ----D C:\Users\User\AppData\Local\HP
O43 - CFD: 16/05/2014 - 14:30:46 - [] ----D C:\Users\User\AppData\Local\Intel_Corporation
O43 - CFD: 17/04/2014 - 22:23:31 - [] ----D C:\Users\User\AppData\Local\Macromedia
O43 - CFD: 30/07/2013 - 16:05:21 - [] ----D C:\Users\User\AppData\Local\MediaServer
O43 - CFD: 03/10/2014 - 21:32:52 - [0] ----D C:\Users\User\AppData\Local\MediaShow
O43 - CFD: 09/10/2014 - 05:45:18 - [] ----D C:\Users\User\AppData\Local\Microsoft
O43 - CFD: 13/06/2014 - 22:22:14 - [] ----D C:\Users\User\AppData\Local\Microsoft Games
O43 - CFD: 30/07/2013 - 15:02:19 - [0] ----D C:\Users\User\AppData\Local\Microsoft Help
O43 - CFD: 30/07/2013 - 15:05:58 - [] ----D C:\Users\User\AppData\Local\Microsoft Toolkit
O43 - CFD: 17/04/2014 - 17:13:07 - [] ----D C:\Users\User\AppData\Local\Mozilla
O43 - CFD: 09/10/2014 - 05:57:11 - [] ----D C:\Users\User\AppData\Local\Nero
O43 - CFD: 09/10/2014 - 05:57:11 - [] ----D C:\Users\User\AppData\Local\Nero_AG
O43 - CFD: 30/07/2013 - 16:10:30 - [] ----D C:\Users\User\AppData\Local\Programs
O43 - CFD: 10/08/2014 - 17:23:05 - [] ----D C:\Users\User\AppData\Local\SlimWare Utilities Inc
O43 - CFD: 15/10/2014 - 16:57:41 - [] ----D C:\Users\User\AppData\Local\Temp
O43 - CFD: 30/07/2013 - 13:51:19 - [] -SH-D C:\Users\User\AppData\Local\Temporary Internet Files
O43 - CFD: 13/06/2014 - 16:34:37 - [] ----D C:\Users\User\AppData\Local\THQ
O43 - CFD: 20/05/2014 - 18:04:16 - [] ----D C:\Users\User\AppData\Local\VirtualStore
O43 - CFD: 14/10/2014 - 19:57:32 - [0] ----D C:\Users\User\AppData\Local\WMTools Downloaded Files
O43 - CFD: 14/07/2009 - 01:54:32 - [] R---D C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
O43 - CFD: 30/07/2013 - 13:51:43 - [] R---D C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
O43 - CFD: 10/09/2014 - 19:42:17 - [] ----D C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FormatFactory
O43 - CFD: 29/09/2014 - 16:28:16 - [] ----D C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
O43 - CFD: 29/09/2014 - 16:57:45 - [] ----D C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GameVicio
O43 - CFD: 14/07/2009 - 01:49:38 - [] R---D C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
O43 - CFD: 15/10/2014 - 16:07:58 - [] R---D C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
O43 - CFD: 20/05/2014 - 17:31:25 - [0] ----D C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Turtle Games
O43 - CFD: 30/07/2013 - 16:14:03 - [] ----D C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
~ Program Folder: 181 Scanned in 00mn 00s



---\\ Últimos ficheiros alterados ou criados no Windows e Sistema32 (044)
O44 - LFC:[MD5.BBF00B097976BB423FBD173A59777FBF] - 01/10/2014 - 17:25:31 ---A- . (...) -- C:\Windows\disney.ini [141]
O44 - LFC:[MD5.F697FB524B0C06C74A4020A39FFA592C] - 07/10/2014 - 19:31:13 ---A- . (...) -- C:\Windows\System32\FNTCACHE.DAT [5086312]
O44 - LFC:[MD5.D7CC6A05EEB2A6359D2F5E304BCE552C] - 14/10/2014 - 19:32:12 ---A- . (...) -- C:\Windows\System32\PerfStringBackup.INI [1634728]
O44 - LFC:[MD5.2121DA6320664200E75129661D30CE37] - 14/10/2014 - 19:32:12 ---A- . (...) -- C:\Windows\System32\perfc009.dat [121226]
O44 - LFC:[MD5.BE06F4E84D2D42ACCB157054104A149B] - 14/10/2014 - 19:32:12 ---A- . (...) -- C:\Windows\System32\perfh009.dat [654354]
O44 - LFC:[MD5.D093B10654144BC35FEAC5B36855193E] - 14/10/2014 - 19:32:12 ---A- . (...) -- C:\Windows\System32\prfc0416.dat [146512]
O44 - LFC:[MD5.60C34315A7845377AFDE4AB784071D8F] - 14/10/2014 - 19:32:12 ---A- . (...) -- C:\Windows\System32\prfh0416.dat [705786]
O44 - LFC:[MD5.076FCE62AE62594A185D71A389F7CAE9] - 15/10/2014 - 16:06:19 ---A- . (...) -- C:\Windows\WindowsUpdate.log [1265007]
O44 - LFC:[MD5.89B0FFBDF50ADC12C9820171A27E0F13] - 15/10/2014 - 16:06:53 ---A- . (...) -- C:\Windows\PFRO.log [28660]
O44 - LFC:[MD5.6DF4429B7E517E1C5AF7C6A6E8FC57C7] - 15/10/2014 - 16:06:59 -S-A- . (...) -- C:\Windows\bootstat.dat [67584]
O44 - LFC:[MD5.ADE7DE33C444BF7CE9935802CC568280] - 15/10/2014 - 16:07:00 ---A- . (...) -- C:\Windows\setupact.log [21670]
~ Files: 11 Scanned in 00mn 42s



---\\ Últimos arquivos criados no Windows Prefetcher (045)
O45 - LFCP:[MD5.D4353C5BBF23B8DEBF8472399B9BAB36] - 13/10/2014 - 21:15:24 ---A- - C:\Windows\Prefetch\UTORRENT.EXE-AE7008D6.pf =>P2P.µTorrent
~ Prefetcher: 1 Scanned in 00mn 00s



---\\ Negação do serviço (Local Security Authority) (048)
O48 - LSA:Local Security Authority Authentication Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\Windows\System32\msv1_0.dll
O48 - LSA:Local Security Authority Notification Packages . (.Microsoft Corporation - Mecanismo cliente do 'Editor de configuração de segurança Windows'.) -- C:\Windows\System32\scecli.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Pacote de Segurança Kerberos.) -- C:\Windows\System32\kerberos.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\Windows\System32\msv1_0.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - TLS / SSL Security Provider.) -- C:\Windows\System32\schannel.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Digest Access.) -- C:\Windows\System32\wdigest.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Web Service Security Package.) -- C:\Windows\System32\tspkg.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Pku2u Security Package.) -- C:\Windows\System32\pku2u.dll
~ LSA: 8 Scanned in 00mn 00s



---\\ Controlo do Modo de Segurança (CSB) (49)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sermouse.sys . (.Microsoft Corporation - Driver de porta de mouse serial.) -- C:\Windows\System32\Drivers\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\Windows\System32\Drivers\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vgasave.sys . (...) -- C:\Windows\System32\Drivers\vgasave.sys (.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\System32\Drivers\volmgr.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgrx.sys . (.Microsoft Corporation - Driver de Extensão do Gerenciador de Volumes.) -- C:\Windows\System32\Drivers\volmgrx.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ipnat.sys . (.Microsoft Corporation - IP Network Address Translator.) -- C:\Windows\System32\Drivers\ipnat.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\nsiproxy.sys . (.Microsoft Corporation - NSI Proxy.) -- C:\Windows\System32\Drivers\nsiproxy.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpencdd.sys . (.Microsoft Corporation - RDP Encoder Miniport.) -- C:\Windows\System32\Drivers\rdpencdd.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sermouse.sys . (.Microsoft Corporation - Driver de porta de mouse serial.) -- C:\Windows\System32\Drivers\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\Windows\System32\Drivers\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vgasave.sys . (...) -- C:\Windows\System32\Drivers\vgasave.sys (.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\System32\Drivers\volmgr.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgrx.sys . (.Microsoft Corporation - Driver de Extensão do Gerenciador de Volumes.) -- C:\Windows\System32\Drivers\volmgrx.sys
~ CSB: 13 Scanned in 00mn 00s



---\\ Pesquisa de infeções nos drivers (HKLM)(TDSD) (O52)
O52 - TDSD: \Drivers32\"msacm.l3acm"="C:\Windows\System32\l3codeca.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm
O52 - TDSD: \drivers.desc\"C:\Windows\System32\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm
~ TDSD: 2 Scanned in 00mn 00s



---\\ Enumeração das chaves do registo SecurityProviders (MCSP) (O54)
O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\Windows\System32\credssp.dll
O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\Windows\System32\credssp.dll
~ MSCP: 2 Scanned in 00mn 00s



---\\ Enumeração das chaves do registo PoliciesSystem (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorAdmin"=0
O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorUser"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableInstallerDetection"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableSecureUIAPaths"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableVirtualization"=1
O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=1
O55 - MWPS:[HKLM\...\Policies\System] - "ValidateAdminCodeSignatures"=0
O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"=0
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"=0
O55 - MWPS:[HKLM\...\Policies\System] - "scforceoption"=0
O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1
O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
O55 - MWPS:[HKLM\...\Policies\System] - "DisableRegistryTools"=0
~ MWPS: 17 Scanned in 00mn 00s



---\\ Enumeração das chaves do registo PoliciesExplorer (MWPE) (O56)
O56 - MWPE:[HKCU\...\policies\Explorer] - "NoDrives"=0
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoDrives"=0
~ MWPE Keys: 2 Scanned in 00mn 00s



---\\ Lista dos drivers do sistema (SDL) (O58)
O58 - SDL:13/07/2009 - 22:52:21 ---A- . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) -- C:\Windows\System32\Drivers\adp94xx.sys [491088]
O58 - SDL:13/07/2009 - 22:52:21 ---A- . (.Adaptec, Inc. - Adaptec Windows SATA Storport Driver.) -- C:\Windows\System32\Drivers\adpahci.sys [339536]
O58 - SDL:13/07/2009 - 22:52:21 ---A- . (.Adaptec, Inc. - Adaptec StorPort Ultra320 SCSI Driver (X64).) -- C:\Windows\System32\Drivers\adpu320.sys [182864]
O58 - SDL:13/07/2009 - 22:52:21 ---A- . (.Acer Laboratories Inc. - ALi mini IDE Driver.) -- C:\Windows\System32\Drivers\aliide.sys [15440]
O58 - SDL:21/11/2010 - 00:23:47 ---A- . (.Advanced Micro Devices - AHCI 1.2 Device Driver.) -- C:\Windows\System32\Drivers\amdsata.sys [107904]
O58 - SDL:13/07/2009 - 22:52:20 ---A- . (.AMD Technologies Inc. - AMD Technology AHCI Compatible Controller Driver for Windows -.) -- C:\Windows\System32\Drivers\amdsbs.sys [194128]
O58 - SDL:21/11/2010 - 00:23:47 ---A- . (.Advanced Micro Devices - Storage Filter Driver.) -- C:\Windows\System32\Drivers\amdxata.sys [27008]
O58 - SDL:13/07/2009 - 22:52:21 ---A- . (.Adaptec, Inc. - Adaptec RAID Storport Driver.) -- C:\Windows\System32\Drivers\arc.sys [87632]
O58 - SDL:13/07/2009 - 22:52:21 ---A- . (.Adaptec, Inc. - Adaptec SAS RAID WS03 Driver.) -- C:\Windows\System32\Drivers\arcsas.sys [97856]
O58 - SDL:10/06/2009 - 17:34:23 ---A- . (.Broadcom Corporation - Broadcom NetXtreme Gigabit Ethernet NDIS6.x Unified Driver..) -- C:\Windows\System32\Drivers\b57nd60a.sys [270848]
O58 - SDL:21/01/2014 - 11:14:40 ---A- . (.Baidu, Inc. - Baidu Antivirus Minifilter Driver.) -- C:\Windows\System32\Drivers\Bfilter.sys [52032]
O58 - SDL:21/01/2014 - 11:14:50 ---A- . (.Baidu, Inc. - Baidu FS Monitor Driver.) -- C:\Windows\System32\Drivers\Bfmon.sys [34624]
O58 - SDL:21/01/2014 - 07:01:36 ---A- . (.Baidu, Inc. - Baidu Antivirus Selfprotect Driver.) -- C:\Windows\System32\Drivers\Bprotect.sys [128992]
O58 - SDL:10/06/2009 - 17:41:06 ---A- . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver.) -- C:\Windows\System32\Drivers\BrFiltLo.sys [18432]
O58 - SDL:10/06/2009 - 17:41:06 ---A- . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver.) -- C:\Windows\System32\Drivers\BrFiltUp.sys [8704]
O58 - SDL:13/07/2009 - 22:19:07 ---A- . (.Brother Industries Ltd. - Brother Serial I/F Driver (WDM).) -- C:\Windows\System32\Drivers\BrSerId.sys [286720]
O58 - SDL:10/06/2009 - 17:41:10 ---A- . (.Brother Industries Ltd. - Brother Serial driver (WDM version).) -- C:\Windows\System32\Drivers\BrSerWdm.sys [47104]
O58 - SDL:10/06/2009 - 17:41:10 ---A- . (.Brother Industries Ltd. - Brother USB MDM Driver.) -- C:\Windows\System32\Drivers\BrUsbMdm.sys [14976]
O58 - SDL:10/06/2009 - 17:41:10 ---A- . (.Brother Industries Ltd. - Brother USB Serial Driver.) -- C:\Windows\System32\Drivers\BrUsbSer.sys [14720]
O58 - SDL:10/06/2009 - 17:34:28 ---A- . (.Broadcom Corporation - Broadcom NetXtreme II GigE VBD.) -- C:\Windows\System32\Drivers\bxvbda.sys [468480]
O58 - SDL:13/07/2009 - 22:52:31 ---A- . (.CMD Technology, Inc. - CMD PCI IDE Bus Driver.) -- C:\Windows\System32\Drivers\cmdide.sys [17488]
O58 - SDL:09/05/2014 - 20:19:41 ---A- . (.Disc Soft Ltd - DAEMON Tools Virtual Bus Driver.) -- C:\Windows\System32\Drivers\dtsoftbus01.sys [283064]
O58 - SDL:09/08/2011 - 14:24:52 ---A- . (.ESET - Amon monitor.) -- C:\Windows\System32\Drivers\eamonm.sys [202576]
O58 - SDL:04/08/2011 - 09:20:38 ---A- . (.ESET - ESET Helper driver.) -- C:\Windows\System32\Drivers\ehdrv.sys [146432]
O58 - SDL:13/07/2009 - 22:47:48 ---A- . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\System32\Drivers\elxstor.sys [530496]
O58 - SDL:04/08/2011 - 09:20:38 ---A- . (.ESET - ESET Personal Firewall driver.) -- C:\Windows\System32\Drivers\epfwwfpr.sys [137144]
O58 - SDL:10/06/2009 - 17:34:33 ---A- . (.Broadcom Corporation - Broadcom NetXtreme II 10 GigE VBD.) -- C:\Windows\System32\Drivers\evbda.sys [3286016]
O58 - SDL:10/06/2009 - 17:31:59 ---A- . (.Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for eHome.) -- C:\Windows\System32\Drivers\hcw85cir.sys [31232]
O58 - SDL:02/07/2012 - 10:16:02 ---A- . (.Intel Corporation - Intel(R) Management Engine Interface.) -- C:\Windows\System32\Drivers\HECIx64.sys [62784]
O58 - SDL:21/11/2010 - 00:23:47 ---A- . (.Hewlett-Packard Company - Smart Array SAS/SATA Controller Media Driver.) -- C:\Windows\System32\Drivers\HpSAMD.sys [78720]
O58 - SDL:21/11/2010 - 00:23:47 ---A- . (.Intel Corporation - Intel Matrix Storage Manager driver - x64.) -- C:\Windows\System32\Drivers\iaStorV.sys [410496]
O58 - SDL:22/01/2014 - 14:51:26 ---A- . (.Intel Corporation - Intel Graphics Kernel Mode Driver.) -- C:\Windows\System32\Drivers\igdkmd64.sys [4221440]
O58 - SDL:13/07/2009 - 22:48:04 ---A- . (.Intel Corp./ICP vortex GmbH - Intel/ICP Raid Storport Driver.) -- C:\Windows\System32\Drivers\iirsp.sys [44112]
O58 - SDL:09/02/2012 - 05:24:16 ---A- . (.No owner - ISCT and IFFS Driver.) -- C:\Windows\System32\Drivers\ISCTD64.sys [44992]
O58 - SDL:26/04/2013 - 10:24:58 ---A- . (.Intel Corporation - Intel(R) USB 3.0 Host Controller Switch Driver.) -- C:\Windows\System32\Drivers\iusb3hcs.sys [20464]
O58 - SDL:26/04/2013 - 10:24:56 ---A- . (.Intel Corporation - Intel(R) USB 3.0 Hub Driver.) -- C:\Windows\System32\Drivers\iusb3hub.sys [368112]
O58 - SDL:26/04/2013 - 10:24:56 ---A- . (.Intel Corporation - Intel(R) USB 3.0 eXtensible Host Controller Driver.) -- C:\Windows\System32\Drivers\iusb3xhc.sys [786416]
O58 - SDL:13/07/2009 - 22:48:04 ---A- . (.LSI Corporation - LSI Fusion-MPT FC Driver (StorPort).) -- C:\Windows\System32\Drivers\lsi_fc.sys [114752]
O58 - SDL:13/07/2009 - 22:48:04 ---A- . (.LSI Corporation - LSI Fusion-MPT SAS Driver (StorPort).) -- C:\Windows\System32\Drivers\lsi_sas.sys [106560]
O58 - SDL:13/07/2009 - 22:48:04 ---A- . (.LSI Corporation - LSI SAS Gen2 Driver (StorPort).) -- C:\Windows\System32\Drivers\lsi_sas2.sys [65600]
O58 - SDL:13/07/2009 - 22:48:04 ---A- . (.LSI Corporation - LSI Fusion-MPT SCSI Driver (StorPort).) -- C:\Windows\System32\Drivers\lsi_scsi.sys [115776]
O58 - SDL:13/07/2009 - 22:48:04 ---A- . (.LSI Corporation - MEGASAS RAID Controller Driver for Windows 7\Server 2008 R2 for.) -- C:\Windows\System32\Drivers\megasas.sys [35392]
O58 - SDL:13/07/2009 - 22:48:04 ---A- . (.LSI Corporation, Inc. - LSI MegaRAID Software RAID Driver.) -- C:\Windows\System32\Drivers\MegaSR.sys [284736]
O58 - SDL:13/07/2009 - 22:48:26 ---A- . (.IBM Corporation - IBM ServeRAID Controller Driver.) -- C:\Windows\System32\Drivers\nfrd960.sys [51264]
O58 - SDL:21/11/2010 - 00:23:47 ---A- . (.NVIDIA Corporation - NVIDIA® nForce(TM) RAID Driver.) -- C:\Windows\System32\Drivers\nvraid.sys [148352]
O58 - SDL:21/11/2010 - 00:23:47 ---A- . (.NVIDIA Corporation - NVIDIA® nForce(TM) Sata Performance Driver.) -- C:\Windows\System32\Drivers\nvstor.sys [166272]
O58 - SDL:04/03/2011 - 16:44:12 ----- . (.Sonic Solutions - Px Engine Device Driver for 64-bit Windows.) -- C:\Windows\System32\Drivers\PxHlpa64.sys [55856]
O58 - SDL:13/07/2009 - 22:45:46 ---A- . (.QLogic Corporation - QLogic Fibre Channel Stor Miniport Driver.) -- C:\Windows\System32\Drivers\ql2300.sys [1524816]
O58 - SDL:13/07/2009 - 22:45:45 ---A- . (.QLogic Corporation - QLogic iSCSI Storport Miniport Driver.) -- C:\Windows\System32\Drivers\ql40xx.sys [128592]
O58 - SDL:29/12/2010 - 03:45:54 ---A- . (.Realtek - Realtek 8136/8168/8169 NDIS 6.20 64-bit Driver.) -- C:\Windows\System32\Drivers\Rt64win7.sys [412776]
O58 - SDL:23/05/2012 - 10:53:16 ---A- . (.Realtek Semiconductor Corporation - Realtek 10/100/1000 X64 Driver.) -- C:\Windows\System32\Drivers\Rtenic64.sys [438928]
O58 - SDL:22/10/2013 - 09:38:24 ---A- . (.Realtek Semiconductor Corp. - Realtek(r) High Definition Audio Function Driver.) -- C:\Windows\System32\Drivers\RTKVHD64.sys [3692632]
O58 - SDL:10/06/2009 - 17:37:19 ---A- . (.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) -- C:\Windows\System32\Drivers\secdrv.sys [23040]
O58 - SDL:13/07/2009 - 22:45:45 ---A- . (.Silicon Integrated Systems Corp. - SiS RAID Stor Miniport Driver.) -- C:\Windows\System32\Drivers\sisraid2.sys [43584]
O58 - SDL:13/07/2009 - 22:45:46 ---A- . (.Silicon Integrated Systems - SiS AHCI Stor-Miniport Driver.) -- C:\Windows\System32\Drivers\sisraid4.sys [80464]
O58 - SDL:09/05/2014 - 19:19:10 ---A- . (.Duplex Secure Ltd. - SCSI Pass Through Direct Host.) -- C:\Windows\System32\Drivers\sptd.sys [386680]
O58 - SDL:13/07/2009 - 22:45:55 ---A- . (.Promise Technology - Promise SuperTrak EX Series Driver for Windows.) -- C:\Windows\System32\Drivers\stexstor.sys [24656]
O58 - SDL:11/08/2014 - 17:29:17 ---A- . (...) -- C:\Windows\System32\Drivers\SWDUMon.sys [16152]
O58 - SDL:16/09/2013 - 12:17:42 ---A- . (.Intel Corporation - Intel(R) Management Engine Interface.) -- C:\Windows\System32\Drivers\TeeDriverx64.sys [99288]
O58 - SDL:13/07/2009 - 22:45:55 ---A- . (.VIA Technologies, Inc. - VIA Generic PCI IDE Bus Driver.) -- C:\Windows\System32\Drivers\viaide.sys [17488]
O58 - SDL:13/07/2009 - 22:45:55 ---A- . (.VIA Technologies Inc.,Ltd - VIA RAID DRIVER FOR AMD-X86-64.) -- C:\Windows\System32\Drivers\vsmraid.sys [161872]
O58 - SDL:22/08/2012 - 02:54:10 ---A- . (...) -- C:\Windows\SysWOW64\drivers\AsIO.sys [15232]
~ Drivers: 62 Scanned in 00mn 14s



---\\ Últimos ficheiros alterados ou criados (Utilizador) (061)
O61 - LFC: 11/10/2014 - 17:06:49 ---A- . (...) -- C:\Users\User\Documents\KONAMI\Pro Evolution Soccer 2009\save\PES2009_ML01.bin [3740872]
O61 - LFC: 11/10/2014 - 17:06:49 ---A- . (...) -- C:\Users\User\Documents\KONAMI\Pro Evolution Soccer 2009\save\PES2009_OPTION01.bin [45640]
O61 - LFC: 12/10/2014 - 17:06:42 ---A- . (.SQLite Development Team.) -- C:\Users\User\AppData\Local\Temp\sqlite3.dll [787968]
O61 - LFC: 14/10/2014 - 17:06:49 ---A- . (.Ellora Assets Corporation.) -- C:\Users\User\Downloads\FreemakeVideoConverterSetup.exe [1270256]
O61 - LFC: 15/10/2014 - 17:06:48 ---A- . (...) -- C:\Users\User\Desktop\PC LENTO\2° AdwCleaner.exe [1976320]
O61 - LFC: 15/10/2014 - 17:06:48 ---A- . (.Nicolas Coolman.) -- C:\Users\User\Desktop\PC LENTO\3° ZHPDiag2.exe [6860008] =>.Nicolas Coolman
O61 - LFC: 15/10/2014 - 17:06:48 ---A- . (.Trend Micro Inc..) -- C:\Users\User\Desktop\PC LENTO\1° HijackThis.exe [388608]
~ 885 Fichiers temporaires (Temporary files)
~ 91 Fichiers cookies (Cookies files)
~ Files: 7 Scanned in 00mn 11s



---\\ Lista das ferramentas de remoção de vírus (LAT) (063)
O63 - Logiciel: ZHPDiag 2014 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =>.Nicolas Coolman
~ ADS: Scanned in 00mn 00s



---\\ Lista dos serviços Legacy du registo (064)
O64 - Services: CurCS - 22/08/2012 - C:\Windows\Syswow64\drivers\AsIO.sys (AsIO) .(...) - LEGACY_ASIO
O64 - Services: CurCS - 09/08/2011 - C:\Windows\System32\DRIVERS\eamonm.sys (eamonm) .(.ESET - Amon monitor.) - LEGACY_EAMONM
O64 - Services: CurCS - 04/08/2011 - C:\Windows\System32\DRIVERS\ehdrv.sys (ehdrv) .(.ESET - ESET Helper driver.) - LEGACY_EHDRV
O64 - Services: CurCS - 04/08/2011 - C:\Windows\System32\DRIVERS\epfwwfpr.sys (epfwwfpr) .(.ESET - ESET Personal Firewall driver.) - LEGACY_EPFWWFPR
O64 - Services: CurCS - 27/10/2011 - C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMP\CLHNServer\ntk_PowerDVD12_64.sys (ntk_PowerDVD12) .(.Cyberlink Corp. - NTIPPKernel Driver.) - LEGACY_NTK_POWERDVD12
O64 - Services: CurCS - 10/06/2009 - C:\Windows\System32\Drivers\secdrv.sys (secdrv) .(.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) - LEGACY_SECDRV
O64 - Services: CurCS - 09/05/2014 - C:\Windows\system32\Drivers\sptd.sys (sptd) .(.Duplex Secure Ltd. - SCSI Pass Through Direct Host.) - LEGACY_SPTD
O64 - Services: CurCS - 11/01/2012 - C:\Program Files (x86)\CyberLink\PowerDVD12\Common\NavFilter\000.fcl ({329F96B6-DF1E-4328-BFDA-39EA953C1312}) .(.CyberLink Corp. - No Comment.) - LEGACY_{329F96B6-DF1E-4328-BFDA-39EA953C1312}
~ Legacy: 83 Scanned in 00mn 00s



---\\ Associações Shell Spawning (O67)
O67 - Shell Spawning: <.bat> <batfile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.cpl> <cplfile>[HKLM\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe =>.Microsoft Corporation
O67 - Shell Spawning: <.cmd> <cmdfile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.com> <ComFile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.evt> <evtfile>[HKLM\..\open\Command] (.Microsoft Corporation - Iniciador do snap-in de 'Visualizar eventos'.) -- C:\Windows\System32\eventvwr.exe
O67 - Shell Spawning: <.exe> <exefile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.html> <htmlfile>[HKLM\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O67 - Shell Spawning: <.js> <JSFile>[HKLM\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\WScript.exe
O67 - Shell Spawning: <.reg> <regfile>[HKLM\..\open\Command] (.Microsoft Corporation - Editor do Registro.) -- C:\Windows\regedit.exe
O67 - Shell Spawning: <.scr> <scrfile>[HKLM\..\open\Command] (...) -- "%1" /S
O67 - Shell Spawning: <.html> <FirefoxHTML>[HKCU\..\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
~ FASS Keys: 11 Scanned in 00mn 00s



---\\ Menu de inicialização Internet (068)
O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
O68 - StartMenuInternet: <Google Chrome> <Google Chrome>[HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
~ Keys: Scanned in 00mn 00s



---\\ Pesquisa de infeção nos navegadores da Internet (SBI) (069)
O69 - SBI: SearchScopes [HKCU] {012E1000-F331-11DB-8314-0800200C9A66} - (Google) - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (Bing) - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O69 - SBI: SearchScopes [HKCR] {afdbddaa-5d3f-42ee-b79c-185a7020515b} [DefaultScope] - (Web Search) - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>PUP.CertifiedToolbar
~ Keys: Scanned in 00mn 00s



---\\ Listagem dos serviços iniciados pelo Svchost (SSS) (O83)
O83 - Search Svchost Services: AeLookupSvc (AeLookupSvc) . (.Microsoft Corporation - Serviço de Experiência com Aplicativo.) -- C:\Windows\System32\aelupsvc.dll [72192]
O83 - Search Svchost Services: CertPropSvc (CertPropSvc) . (.Microsoft Corporation - Serviço de Propagação de Certificado de Cartão Inteligente da Microsof.) -- C:\Windows\System32\certprop.dll [80384]
O83 - Search Svchost Services: SCPolicySvc (SCPolicySvc) . (.Microsoft Corporation - Serviço de Propagação de Certificado de Cartão Inteligente da Microsof.) -- C:\Windows\System32\certprop.dll [80384]
O83 - Search Svchost Services: lanmanserver (lanmanserver) . (.Microsoft Corporation - DLL de Serviço do Servidor.) -- C:\Windows\System32\srvsvc.dll [236032]
O83 - Search Svchost Services: gpsvc (gpsvc) . (.Microsoft Corporation - Cliente da Diretiva de Grupo.) -- C:\Windows\System32\gpsvc.dll [777728]
O83 - Search Svchost Services: IKEEXT (IKEEXT) . (.Microsoft Corporation - Extensão IKE.) -- C:\Windows\System32\ikeext.dll [853504]
O83 - Search Svchost Services: AudioSrv (AudioSrv) . (.Microsoft Corporation - Serviço de Áudio do Windows.) -- C:\Windows\System32\Audiosrv.dll [679424]
O83 - Search Svchost Services: Rasauto (Rasauto) . (.Microsoft Corporation - Gerenciador de Discagem Automática de Acesso Remoto.) -- C:\Windows\System32\rasauto.dll [99328]
O83 - Search Svchost Services: Rasman (Rasman) . (.Microsoft Corporation - Gerenciador de conexão de acesso remoto.) -- C:\Windows\System32\rasmans.dll [344064]
O83 - Search Svchost Services: Remoteaccess (Remoteaccess) . (.Microsoft Corporation - Gerenciador de Interface Dinâmica.) -- C:\Windows\System32\mprdim.dll [97792]
O83 - Search Svchost Services: SENS (SENS) . (.Microsoft Corporation - Serviço de Notificação de Eventos do Sistema (SENS).) -- C:\Windows\System32\sens.dll [64512]
O83 - Search Svchost Services: Sharedaccess (Sharedaccess) . (.Microsoft Corporation - Componentes do Microsoft NAT Helper.) -- C:\Windows\System32\ipnathlp.dll [359424]
O83 - Search Svchost Services: Tapisrv (Tapisrv) . (.Microsoft Corporation - Servidor de telefonia do Microsoft(R) Windows(TM).) -- C:\Windows\System32\tapisrv.dll [316928]
O83 - Search Svchost Services: TermService (TermService) . (.Microsoft Corporation - Gerenciador de Conexões Remotas do Servidor Host da Sessão da Área de.) -- C:\Windows\System32\termsrv.dll [680960]
O83 - Search Svchost Services: wuauserv (wuauserv) . (.Microsoft Corporation - Windows Update Agent.) -- C:\Windows\System32\wuaueng.dll [2420736]
O83 - Search Svchost Services: BITS (BITS) . (.Microsoft Corporation - Serviço de transferência inteligente de plano de fundo.) -- C:\Windows\System32\qmgr.dll [849920]
O83 - Search Svchost Services: ShellHWDetection (ShellHWDetection) . (.Microsoft Corporation - DLL de serviços do Shell do Windows.) -- C:\Windows\System32\shsvcs.dll [370688]
O83 - Search Svchost Services: iphlpsvc (iphlpsvc) . (.Microsoft Corporation - Serviço que oferece conectividade IPv6 em uma rede IPv4..) -- C:\Windows\System32\iphlpsvc.dll [569344]
O83 - Search Svchost Services: seclogon (seclogon) . (.Microsoft Corporation - DLL de serviço de logon secundário.) -- C:\Windows\system32\seclogon.dll [30720]
O83 - Search Svchost Services: AppInfo (AppInfo) . (.Microsoft Corporation - Serviço de Informações de Aplicativos.) -- C:\Windows\System32\appinfo.dll [70656]
O83 - Search Svchost Services: msiscsi (msiscsi) . (.Microsoft Corporation - Serviço de Descoberta iSCSI.) -- C:\Windows\System32\iscsiexe.dll [156672]
O83 - Search Svchost Services: MMCSS (MMCSS) . (.Microsoft Corporation - Serviço Agendador de Classes de Multimídia.) -- C:\Windows\System32\mmcss.dll [67584]
O83 - Search Svchost Services: winmgmt (winmgmt) . (.Microsoft Corporation - WMI.) -- C:\Windows\System32\wbem\WMIsvc.dll [242688]
O83 - Search Svchost Services: SessionEnv (SessionEnv) . (.Microsoft Corporation - Serviço de Configuração da Área de Trabalho Remota.) -- C:\Windows\System32\sessenv.dll [121856]
O83 - Search Svchost Services: browser (browser) . (.Microsoft Corporation - DLL de Serviço Pesquisador de Computadores.) -- C:\Windows\System32\browser.dll [136192]
O83 - Search Svchost Services: EapHost (EapHost) . (.Microsoft Corporation - Serviço Microsoft EAPHost.) -- C:\Windows\System32\eapsvc.dll [111104]
O83 - Search Svchost Services: schedule (schedule) . (.Microsoft Corporation - Serviço Agendador de Tarefas.) -- C:\Windows\System32\schedsvc.dll [1110016]
O83 - Search Svchost Services: hkmsvc (hkmsvc) . (.Microsoft Corporation - Serviço de Gerenciamento de Chaves.) -- C:\Windows\System32\kmsvc.dll [90624]
O83 - Search Svchost Services: wercplsupport (wercplsupport) . (.Microsoft Corporation - Relatórios de Problemas e Soluções.) -- C:\Windows\System32\wercplsupport.dll [84480]
O83 - Search Svchost Services: ProfSvc (ProfSvc) . (.Microsoft Corporation - ProfSvc.) -- C:\Windows\System32\profsvc.dll [209920]
O83 - Search Svchost Services: Themes (Themes) . (.Microsoft Corporation - DLL do Serviço de Tema do Shell do Windows.) -- C:\Windows\System32\themeservice.dll [44544]
O83 - Search Svchost Services: BDESVC (BDESVC) . (.Microsoft Corporation - Serviço BDE.) -- C:\Windows\System32\bdesvc.dll [100864]
O83 - Search Svchost Services: AppMgmt (AppMgmt) . (.Microsoft Corporation - Serviço de instalação do software.) -- C:\Windows\System32\appmgmts.dll [193536]
~ Services: 33 Scanned in 00mn 00s



---\\ Lista das exceções do FireWall (FirewallRules) (O87)
O87 - FAEL: "{696A3883-7A61-4043-9E56-151A164AE90C}" | In - None - P6 - TRUE | .(.BitTorrent Inc. - µTorrent.) -- C:\Users\User\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.BitTorrent
O87 - FAEL: "{2AEBD62D-9BB2-4E41-A257-1D05A6D7E9B2}" | In - None - P17 - TRUE | .(.BitTorrent Inc. - µTorrent.) -- C:\Users\User\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.BitTorrent
~ Firewall: 2 Scanned in 00mn 01s



---\\ Search Tracing Registry Key (O100)
HKLM\SOFTWARE\Microsoft\Tracing\ContentExplorer_RASAPI32 =>PUP.ContentExplorer
HKLM\SOFTWARE\Microsoft\Tracing\ContentExplorer_RASMANCS =>PUP.ContentExplorer
HKLM\SOFTWARE\Microsoft\Tracing\NewPlayerUpdater_RASAPI32 =>Adware.NewPlayer
HKLM\SOFTWARE\Microsoft\Tracing\NewPlayerUpdater_RASMANCS =>Adware.NewPlayer
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\582-uTorrent_RASAPI32 =>P2P.µTorrent
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\582-uTorrent_RASMANCS =>P2P.µTorrent
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\BrowseMark_Setup_RASAPI32 =>PUP.BrowseMark
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\BrowseMark_Setup_RASMANCS =>PUP.BrowseMark
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\freeSoftToday_widget_RASAPI32 =>Adware.FreeSoftToday
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\freeSoftToday_widget_RASMANCS =>Adware.FreeSoftToday
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\Freeven Pro 1_RASAPI32 =>PUP.Freeven
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\Freeven Pro 1_RASMANCS =>PUP.Freeven
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\HQPro-1-novainstaller_RASAPI32 =>PUP.CrossRider
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\HQPro-1-novainstaller_RASMANCS =>PUP.CrossRider
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\LollipopInstaller_RASAPI32 =>Adware.Lollipop
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\LollipopInstaller_RASMANCS =>Adware.Lollipop
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\mediaplayerplus-bg_RASAPI32 =>PUP.CrossRider
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\mediaplayerplus-bg_RASMANCS =>PUP.CrossRider
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\MediaPlayerplus-codedownloader_RASAPI32 =>PUP.CrossRider
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\MediaPlayerplus-codedownloader_RASMANCS =>PUP.CrossRider
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\NewPlayerChecker_RASAPI32 =>Adware.NewPlayer
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\NewPlayerChecker_RASMANCS =>Adware.NewPlayer
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\package_mobogenie_installer_multilang_RASAPI32 =>PUP.Mobogenie
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\package_mobogenie_installer_multilang_RASMANCS =>PUP.Mobogenie
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\uTorrent_RASAPI32 =>P2P.µTorrent
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\uTorrent_RASMANCS =>P2P.µTorrent
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\WinToFlash_RASAPI32 =>Spyware.WinToFlash
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\WinToFlash_RASMANCS =>Spyware.WinToFlash
~ BTK: 439 Scanned in 00mn 00s



---\\ Estado general dos serviços não Microsoft (EGS) (SR=Executados, SS=Parados)
SS - | Demand 24/09/2014 267440 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
SS - | Demand 29/01/2014 279024 | (cphs) . (.Intel Corporation.) - C:\Windows\SysWow64\IntelCpHeciSvc.exe
SS - | Auto 17/04/2014 116648 | (gupdate) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 17/04/2014 116648 | (gupdatem) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 27/08/2013 828376 | (Intel(R) Capability Licensing Service TCP IP Interface) . (.Intel(R) Corporation.) - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
SS - | Demand 26/09/2014 114288 | (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
SS - | Auto 28/02/2013 161384 | (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files (x86)\Skype\Updater\Updater.exe
SS - | Demand 19/02/2010 517096 | (SwitchBoard) . (.Adobe Systems Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
SR - | Auto 12/09/2014 64704 | (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
SR - | Auto 29/10/2012 927232 | (asComSvc) . (...) - C:\Program Files (x86)\ASUS\AXSP\1.01.01\atkexComSvc.exe
SR - | Auto 12/01/2012 87336 | (CLHNServiceForPowerDVD12) . (.CyberLink Corp..) - C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMP\CLHNServer\CLHNServiceForPowerDVD12.exe
SR - | Auto 12/01/2012 75048 | (CyberLink PowerDVD 12 Media Server Monitor Service) . (.CyberLink.) - C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe
SR - | Auto 12/01/2012 296232 | (CyberLink PowerDVD 12 Media Server Service) . (.CyberLink.) - C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe
SR - | Auto 22/09/2011 974944 | (ekrn) . (.ESET.) - C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
SR - | Auto 27/08/2013 747520 | (Intel(R) Capability Licensing Service Interface) . (.Intel(R) Corporation.) - C:\Program Files\Intel\iCLS Client\HeciServer.exe
SR - | Auto 16/09/2013 169432 | (jhi_service) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
SR - | Auto 16/09/2013 390616 | (LMS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
SR - | Auto 30/11/2010 336824 | (PSI_SVC_2_x64) . (.arvato digital services llc.) - c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
SR - | Auto 13/07/2009 27136 | C:\Program Files (x86)\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SR - | Demand 10/07/1658 0 | (WMPNetworkSvc) . (...) - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe =>.Microsoft Corporation
SR - | Auto 13/07/2009 27136 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SR - | Auto 11/01/2012 146928 | ({329F96B6-DF1E-4328-BFDA-39EA953C1312}) . (.CyberLink Corp..) - C:\Program Files (x86)\CyberLink\PowerDVD12\Common\NavFilter\000.fcl
~ Services: Scanned in 00mn 06s



---\\ Pesquisa de infeção no Registo Mestre de Inicialização (MBR) (080)
Run by User at 15/10/2014 17:08:27
~ OS 64 not supported by MBR tool
~ MBR: 0 Scanned in 00mn 00s



---\\ Pesquisa de infeção no Registo Mestre de Inicialização (MBRCheck) (080)
Written by ad13, [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Run by User at 15/10/2014 17:08:29
********* Dump file Name *********
C:\PhysicalDisk0_MBR.bin
~ MBR: Scanned in 00mn 02s



---\\ Lista dos emuladores de CD/DVD (MBR Hook)
O58 - SDL:09/05/2014 - 19:19:10 ---A- . (.Duplex Secure Ltd. - SCSI Pass Through Direct Host.) -- C:\Windows\System32\Drivers\sptd.sys [386680]
O42 - Logiciel: DAEMON Tools Lite - (.Disc Soft Ltd.) [HKLM][64Bits] -- DAEMON Tools Lite =>.DT Soft Ltd
~ Emulateurs: Scanned in 00mn 02s



---\\ Scâner Aditional (088)
Database Version : 13026 - (28/08/2014)
Clés trouvées (Keys found) : 3
Valeurs trouvées (Values found) : 2
Dossiers trouvés (Folders found) : 1
Fichiers trouvés (Files found) : 7

[HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\uTorrent] =>P2P.BitTorrent^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{635F1CD2-00BC-4613-AAA6-3DCD1986767C}] =>Worm.Vispat
[HKCU\Software\AppDataLow\Software\WinToFlash Suggestor] =>Spyware.WinToFlash
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]:uTorrent =>P2P.BitTorrent^
C:\Users\User\AppData\Roaming\uTorrent =>P2P.µTorrent^
[HKCU\Software\AppDataLow\Software\Freeven Pro 1.4] =>PUP.Freeven^
[HKCU\Software\AppDataLow\Software\Plus-HD-9.5v4] =>Adware.PlusHD^
[HKCU\Software\BitTorrent] =>P2P.BitTorrent^
[HKCU\Software\ContentExplorer] =>PUP.ContentExplorer^
[HKLM\Software\Wow6432Node\Freeven Pro 1.4] =>PUP.Freeven^
[HKLM\Software\Wow6432Node\Plus-HD-9.5v4] =>Adware.PlusHD^
[HKLM\Software\Wow6432Node\SiteFinder] =>Adware.ShoppingReport^
~ Additionnel Scan: 302012 Items scanned in 00mn 11s



---\\ Informações complémentaires do módulos
~ [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>.Internet Explorer, Gestão do Proxy (R5)
~ [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>.Browser Helper Objects do navegador (02)
~ [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>.Aplicações iniciadas por registo & pastas (04)
~ AMI: 3 Scanned in 00mn 00s



---\\ Sumário das deteções encontradas na sua estação
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>Hijacker.Proxy
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>Hijacker.WebsSearches
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>Adware.Lollipop
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>Adware.PlusHD
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>Spyware.WinToFlash
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>PUP.ContentExplorer
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>Adware.ShoppingReport
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>PUP.CertifiedToolbar
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>PUP.BrowseMark
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>Adware.FreeSoftToday
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>PUP.CrossRider
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>PUP.Mobogenie
~ MSI: 12 link(s) detected in 00mn 00s



---\\ Alert Messages
WARNING : Hijacker Proxy found, Clean with ZHPCleaner Tool

End of the scan (1327 lines in 03mn 28s)(0)
kipper
kipper
Iniciante
Iniciante

Mensagens : 48
Reputação : 1
Data de inscrição : 06/06/2014
Idade : 46

Ir para o topo Ir para baixo

pc lento para ligar ... Empty Re: pc lento para ligar ...

Mensagem por joram Qua 15 Out 2014, 19:13

Boa Noite! kipper

> Execute este script na ferramenta ZHPFix.
> Selecione e copie estas informações que estão em vermelho,para o Bloco de Notas.
> Com o Bloco de Notas aberto,faça: ctrl+a >> ctrl+c ( Selecionar e Copiar )
> À seguir,minimize o Bloco de Notas.

Script ZHPFix
FirewallRaz
EmptyPrefetch
EmptyCLSID
ShortcutFix
EmptyTemp
EmptyFlash
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = <-loopback>
[MD5.00000000000000000000000000000000] [APT] [{1CD7B7AB-A7DA-4BCE-B7DA-F6EADC09B6B6}] (...) -- C:\Users\User\AppData\Roaming\webssearches\UninstallManager.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{22F79901-F5E0-4FC8-8321-D6C32A68CD08}] (...) -- C:\Windows\TEMP\NewPlayerSetup.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{370DCB86-C82A-4867-95D5-38AF2FF2E052}] (...) -- c:\Users\User\appdata\local\lollipop\lollipop.bat (.not file.) [0]
[MD5.2A3FB4C98F139038E23330D2439DB8A4] [APT] [FacebookUpdateTaskUserS-1-5-21-2123034537-1514316849-1306321605-1000Core] (.Facebook Inc..) -- C:\Users\User\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096]
[MD5.2A3FB4C98F139038E23330D2439DB8A4] [APT] [FacebookUpdateTaskUserS-1-5-21-2123034537-1514316849-1306321605-1000UA] (.Facebook Inc..) -- C:\Users\User\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096]
[MD5.00000000000000000000000000000000] [APT] [{25820BAC-BB2E-4F9C-AF1A-11A7B6909FDF}] (...) -- F:\TORRENT\Catz 5\Manual\Acrobat Reader.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{323D5C00-E95B-4FA1-ADA4-0C9047D5C0E3}] (...) -- F:\TORRENT\Disney_Mickey\setup\DirectX\DXSETUP.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{6A7BFD11-562A-4D3B-A663-BED6D7698402}] (...) -- G:\BlackOutSaigon_Setup.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{EADD96C5-4BC8-4519-9A9D-0A6325330156}] (...) -- F:\TORRENT\Catz 5\Setup.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{ED0DAA02-AA71-4320-9B33-F218931071EE}] (...) -- D:\brothers_in_arms_br%5Bwww.gamevicio.com.br%5D.exe (.not file.) [0]
O39 - APT: FacebookUpdateTaskUserS-1-5-21-2123034537-1514316849-1306321605-1000Core - (.Facebook Inc..) -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2123034537-1514316849-1306321605-1000Core.job [902]
O39 - APT: FacebookUpdateTaskUserS-1-5-21-2123034537-1514316849-1306321605-1000Core - (.Facebook Inc..) -- C:\Windows\System32\Tasks\FacebookUpdateTaskUserS-1-5-21-2123034537-1514316849-1306321605-1000Core [902]
O39 - APT: FacebookUpdateTaskUserS-1-5-21-2123034537-1514316849-1306321605-1000UA - (.Facebook Inc..) -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2123034537-1514316849-1306321605-1000UA.job [924]
O39 - APT: FacebookUpdateTaskUserS-1-5-21-2123034537-1514316849-1306321605-1000UA - (.Facebook Inc..) -- C:\Windows\System32\Tasks\FacebookUpdateTaskUserS-1-5-21-2123034537-1514316849-1306321605-1000UA [924]
O41 - Driver: (badriver) . (. - .) - C:\Windows\System32\drivers\badriver.sys (.not file.)
O61 - LFC: 12/10/2014 - 17:06:42 ---A- . (.SQLite Development Team.) -- C:\Users\User\AppData\Local\Temp\sqlite3.dll [787968]
O69 - SBI: SearchScopes [HKCR] {afdbddaa-5d3f-42ee-b79c-185a7020515b} [DefaultScope] - (Web Search) - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
[HKCU\Software\AppDataLow\Software\Freeven Pro 1.4]
[HKCU\Software\AppDataLow\Software\Plus-HD-9.5v4]
[HKCU\Software\AppDataLow\Software\WinToFlash Suggestor]
[HKCU\Software\ContentExplorer]
[HKLM\Software\Wow6432Node\Freeven Pro 1.4]
[HKLM\Software\Wow6432Node\Plus-HD-9.5v4]
[HKLM\Software\Wow6432Node\SiteFinder]
HKLM\SOFTWARE\Microsoft\Tracing\ContentExplorer_RASAPI32
HKLM\SOFTWARE\Microsoft\Tracing\ContentExplorer_RASMANCS
HKLM\SOFTWARE\Microsoft\Tracing\NewPlayerUpdater_RASAPI32
HKLM\SOFTWARE\Microsoft\Tracing\NewPlayerUpdater_RASMANCS
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\BrowseMark_Setup_RASAPI32
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\BrowseMark_Setup_RASMANCS
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\freeSoftToday_widget_RASAPI32
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\freeSoftToday_widget_RASMANCS
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\Freeven Pro 1_RASAPI32
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\Freeven Pro 1_RASMANCS
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\HQPro-1-novainstaller_RASAPI32
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\HQPro-1-novainstaller_RASMANCS
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\LollipopInstaller_RASAPI32
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\LollipopInstaller_RASMANCS
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\mediaplayerplus-bg_RASAPI32
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\mediaplayerplus-bg_RASMANCS
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\MediaPlayerplus-codedownloader_RASAPI32
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\MediaPlayerplus-codedownloader_RASMANCS
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\NewPlayerChecker_RASAPI32
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\NewPlayerChecker_RASMANCS
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\package_mobogenie_installer_multilang_RASAPI32
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\package_mobogenie_installer_multilang_RASMANCS
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\WinToFlash_RASAPI32
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\WinToFlash_RASMANCS
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{635F1CD2-00BC-4613-AAA6-3DCD1986767C}]
C:\Users\User\AppData\Local\com
ServiceStop:badriver


> Abra a ferramenta ZHPFix. < [Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem] >
> Clique IMPORTAÇÃO >> OK.
> Ps: Ao clicar "OK",verifique se o campo está limpo para que receba,somente,as informações do script.
> Clique "GO".
> Poste o relatório!

A+
joram
joram
Administrador
Administrador

Mensagens : 4160
Reputação : 471
Data de inscrição : 26/01/2014
Localização : Rio de Janeiro

Ir para o topo Ir para baixo

pc lento para ligar ... Empty Re: pc lento para ligar ...

Mensagem por kipper Qui 16 Out 2014, 14:47

Rapport de ZHPFix 2014.8.3.6 par Nicolas Coolman, Update du 03/08/2014
Fichier d'export Registre :
Run by User at 16/10/2014 14:45:49
High Elevated Privileges : OK
Windows Vista Ultimate Edition, 64-bit (Build 6000)

Reciclagem vazia (00mn 04s)
Prefetcher vazio
Reparação de atalhos do navegador

========== Estado dos serviços ==========
badriver Parado

========== Chaves do Registo ==========
ELIMINÉ Driver Key: badriver
ELIMINÉ: SearchScopes :{afdbddaa-5d3f-42ee-b79c-185a7020515b}
ELIMINÉ: HKCU\Software\AppDataLow\Software\Freeven Pro 1.4
ELIMINÉ: HKCU\Software\AppDataLow\Software\Plus-HD-9.5v4
ELIMINÉ: HKCU\Software\AppDataLow\Software\WinToFlash Suggestor
ELIMINÉ: HKCU\Software\ContentExplorer
ELIMINÉ: HKLM\Software\Wow6432Node\Freeven Pro 1.4
ELIMINÉ: HKLM\Software\Wow6432Node\Plus-HD-9.5v4
ELIMINÉ: HKLM\Software\Wow6432Node\SiteFinder
ELIMINÉ:* HKLM\SOFTWARE\Microsoft\Tracing\ContentExplorer_RASAPI32
ELIMINÉ:* HKLM\SOFTWARE\Microsoft\Tracing\ContentExplorer_RASMANCS
ELIMINÉ:* HKLM\SOFTWARE\Microsoft\Tracing\NewPlayerUpdater_RASAPI32
ELIMINÉ:* HKLM\SOFTWARE\Microsoft\Tracing\NewPlayerUpdater_RASMANCS
ELIMINÉ: HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\BrowseMark_Setup_RASAPI32
ELIMINÉ: HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\BrowseMark_Setup_RASMANCS
ELIMINÉ: HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\freeSoftToday_widget_RASAPI32
ELIMINÉ: HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\freeSoftToday_widget_RASMANCS
ELIMINÉ: HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\Freeven Pro 1_RASAPI32
ELIMINÉ: HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\Freeven Pro 1_RASMANCS
ELIMINÉ: HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\HQPro-1-novainstaller_RASAPI32
ELIMINÉ: HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\HQPro-1-novainstaller_RASMANCS
ELIMINÉ: HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\LollipopInstaller_RASAPI32
ELIMINÉ: HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\LollipopInstaller_RASMANCS
ELIMINÉ: HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\mediaplayerplus-bg_RASAPI32
ELIMINÉ: HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\mediaplayerplus-bg_RASMANCS
ELIMINÉ: HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\MediaPlayerplus-codedownloader_RASAPI32
ELIMINÉ: HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\MediaPlayerplus-codedownloader_RASMANCS
ELIMINÉ: HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\NewPlayerChecker_RASAPI32
ELIMINÉ: HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\NewPlayerChecker_RASMANCS
ELIMINÉ: HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\package_mobogenie_installer_multilang_RASAPI32
ELIMINÉ: HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\package_mobogenie_installer_multilang_RASMANCS
ELIMINÉ: HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\WinToFlash_RASAPI32
ELIMINÉ: HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\WinToFlash_RASMANCS
ELIMINÉ:* HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{635F1CD2-00BC-4613-AAA6-3DCD1986767C}

========== Valores do Registo ==========
Ausente Valor Perfil Padrão: FirewallRaz :
Ausente Valor Perfil Domínio FirewallRaz :
ELIMINÉ: FirewallRaz (Private) : TCP Query User{8FE98CF3-2BDC-4461-9161-6D2DE2EE7786}C:\program files (x86)\black_box\saints row 2\sr2_pc.exe
ELIMINÉ: FirewallRaz (Private) : UDP Query User{9F1B5C13-0E50-4DD5-BF5B-036A501A3434}C:\program files (x86)\black_box\saints row 2\sr2_pc.exe
ELIMINÉ: FirewallRaz (Private) : TCP Query User{EFC75D2F-21C4-4D01-BEE8-AF497C235E32}C:\program files (x86)\connon fodder 3\cf3.exe
ELIMINÉ: FirewallRaz (Private) : UDP Query User{E71BFD88-A691-4DEE-A0FF-56BEBA21582C}C:\program files (x86)\connon fodder 3\cf3.exe
ELIMINÉ: FirewallRaz (Private) : {6A6B7A36-BDFE-4E49-A226-A2F397EC025B}
ELIMINÉ: FirewallRaz (Private) : {DCDC0482-DE9F-4B77-A919-055E505441FA}
ELIMINÉ: FirewallRaz (Private) : {4F3C69B0-F793-4BC7-9643-BE0BC3889327}
ELIMINÉ: FirewallRaz (Private) : {F384EFE1-E587-4734-AF36-D955ECECAB0D}
ELIMINÉ: FirewallRaz (Private) : {D61C6F56-99A2-4BB7-BCE8-9284843872AC}
ELIMINÉ: FirewallRaz (Private) : {FCA345DF-2429-458D-B3C1-8EE9A107D1C6}

========== Elementos dos dados do Registo ==========
ELIMINÉ: R1 Search Page = <-loopback>

========== Pastas ==========
Nenhuma pasta CLSID local utilizador vazia
ELIMINÉ Temporários windows (179)
ELIMINÉ Flash Cookies (0)
ELIMINÉ: c:\users\user\appdata\local\com

========== Ficheiros ==========
ELIMINÉ Temporários windows (888) (468.309.813 octets)
ELIMINÉ Flash Cookies (0) (0 octets)

========== Tarefa planificada ==========
ELIMINÉ: {1CD7B7AB-A7DA-4BCE-B7DA-F6EADC09B6B6}
ELIMINÉ: {22F79901-F5E0-4FC8-8321-D6C32A68CD08}
ELIMINÉ: {370DCB86-C82A-4867-95D5-38AF2FF2E052}
ELIMINÉ: FacebookUpdateTaskUserS-1-5-21-2123034537-1514316849-1306321605-1000Core
ELIMINÉ: FacebookUpdateTaskUserS-1-5-21-2123034537-1514316849-1306321605-1000UA
ELIMINÉ: {25820BAC-BB2E-4F9C-AF1A-11A7B6909FDF}
ELIMINÉ: {323D5C00-E95B-4FA1-ADA4-0C9047D5C0E3}
ELIMINÉ: {6A7BFD11-562A-4D3B-A663-BED6D7698402}
ELIMINÉ: {EADD96C5-4BC8-4519-9A9D-0A6325330156}
ELIMINÉ: {ED0DAA02-AA71-4320-9B33-F218931071EE}


========== Recapitulativo ==========
34 : Chaves do Registo
12 : Valores do Registo
1 : Elementos dos dados do Registo
4 : Pastas
2 : Ficheiros
1 : Estado dos serviços
10 : Tarefa planificada


End of clean in 00mn 20s

========== Caminho do ficheiro do relatório ==========
C:\Users\User\AppData\Roaming\ZHP\ZHPFix[R1].txt - 16/10/2014 14:45:53 [5354]
kipper
kipper
Iniciante
Iniciante

Mensagens : 48
Reputação : 1
Data de inscrição : 06/06/2014
Idade : 46

Ir para o topo Ir para baixo

pc lento para ligar ... Empty Re: pc lento para ligar ...

Mensagem por joram Qui 16 Out 2014, 15:14

Boa Tarde! kipper

> Baixe: < [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] >

> Baixe: < [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] > ( ... by Farbar )

> Ou aqui...

< [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

> Ou aqui,para sistemas 64bit!
> Salve-o no desktop! (Área de trabalho ...)
> Execute a ferramenta! Clique "Yes" >> "Scan".

[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]

> Antes de clicar "Scan",verifique se as caixinhas em "Whitelist" estão assinaladas.
> Em "Optional Scan",deixe marcada a checkbox "Addition.txt".
> Ps: Será gerado,também,o relatório "Addition.txt" que estará disponibilizado na execução da ferramenta.
> Poste o relatório! (FRST.txt + Addition.txt)

A+
joram
joram
Administrador
Administrador

Mensagens : 4160
Reputação : 471
Data de inscrição : 26/01/2014
Localização : Rio de Janeiro

Ir para o topo Ir para baixo

pc lento para ligar ... Empty Re: pc lento para ligar ...

Mensagem por kipper Qui 16 Out 2014, 15:49

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 16-10-2014
Ran by User (administrator) on USER-PC on 16-10-2014 15:48:05
Running from C:\Users\User\Desktop\PC LENTO
Loaded Profile: User (Available profiles: User)
Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: Português (Brasil)
Internet Explorer Version 9
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

() C:\Program Files (x86)\ASUS\AXSP\1.01.01\atkexComSvc.exe
(CyberLink) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe
(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
() C:\Users\User\AppData\Roaming\Crazy.Frog.Racer\upd.exe
(arvato digital services llc) C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
(Sony Corporation) C:\Program Files (x86)\Sony\Sony Picture Utility\PMBCore\SPUVolumeWatcher.exe
(CyberLink) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMR\PowerDVD12DMREngine.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12Agent.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler64.exe
(CyberLink) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMP\CLHNServer\CLHNServiceForPowerDVD12.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Eidos Inc.) C:\Program Files (x86)\Tomb Raider - Legend\trl.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Farbar) C:\Users\User\Desktop\PC LENTO\4° FRST64.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7203032 2013-10-22] (Realtek Semiconductor)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500208 2010-03-06] (Adobe Systems Incorporated)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [4035152 2013-07-30] (ESET)
HKLM-x32\...\Run: [AdobeCS5ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [402432 2010-07-22] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [PowerDVD12DMREngine] => C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMR\PowerDVD12DMREngine.exe [501544 2012-01-01] (CyberLink)
HKLM-x32\...\Run: [PowerDVD12Agent] => C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12Agent.exe [371256 2012-01-12] (CyberLink Corp.)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292848 2013-04-26] (Intel Corporation)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [49208 2010-06-09] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-07-25] (Oracle Corporation)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-2123034537-1514316849-1306321605-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [18642024 2013-02-28] (Skype Technologies S.A.)
HKU\S-1-5-21-2123034537-1514316849-1306321605-1000\...\Run: [uTorrent] => C:\Users\User\AppData\Roaming\uTorrent\uTorrent.exe [1266520 2014-04-25] (BitTorrent Inc.)
HKU\S-1-5-21-2123034537-1514316849-1306321605-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd)
HKU\S-1-5-21-2123034537-1514316849-1306321605-1000\...\Run: [Crazy.Frog.Racer] => C:\Users\User\AppData\Roaming\Crazy.Frog.Racer\upd.exe [9728 2012-03-16] ()
HKU\S-1-5-21-2123034537-1514316849-1306321605-1000\...\Run: [Facebook Update] => C:\Users\User\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2014-07-28] (Facebook Inc.)
Startup: C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Ferramenta de Verificação de Mídia do PMB.lnk
ShortcutTarget: Ferramenta de Verificação de Mídia do PMB.lnk -> C:\Program Files (x86)\Sony\Sony Picture Utility\PMBCore\SPUVolumeWatcher.exe (Sony Corporation)
Startup: C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Novo(a) Documento do Microsoft Word (2).docx ()

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xE5DFAB4966C5CF01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = pt-BR
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKCU - {012E1000-F331-11DB-8314-0800200C9A66} URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 10.1.1.1
Tcpip\..\Interfaces\{2AA5F584-48F4-4717-8706-73E96D441DA6}: [NameServer] 8.8.8.8,8.8.4.4

FireFox:
========
FF ProfilePath: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\02dwc90y.default-1399424852910
FF DefaultSearchUrl: [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
FF SearchEngineOrder.1: Google
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll ()
FF Plugin: @java.com/DTPlugin,version=10.55.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.55.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @Nero.com/KM -> C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL (Nero AG)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @lightspark.github.com/Lightspark;version=1 -> C:\Program Files (x86)\Lightspark 0.5.3-git\nplightsparkplugin.dll No File
FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\User\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\buscape.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\mercadolivre.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-br.xml
FF Extension: WinToFlash Suggestor - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\02dwc90y.default-1399424852910\Extensions\{285ACFBB-8E53-4feb-90E6-F02A128927F3}.xpi [2012-05-25]
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird
FF Extension: ESET Smart Security Extension - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2013-07-30]

Chrome:
=======
CHR HomePage: Default -> [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}{google:searchVersion}{google:sessionToken}sugkey={google:suggestAPIKeyParameter}
CHR Profile: C:\Users\User\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-06-11]
CHR Extension: (Google Drive) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-06-11]
CHR Extension: (YouTube) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-06-11]
CHR Extension: (Pesquisa do Google) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-06-11]
CHR Extension: (Google Wallet) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-04-18]
CHR Extension: (Gmail) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-06-11]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.01.01\atkexComSvc.exe [927232 2012-10-29] ()
R2 CLHNServiceForPowerDVD12; C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMP\CLHNServer\CLHNServiceForPowerDVD12.exe [87336 2012-01-12] (CyberLink Corp.)
R2 CyberLink PowerDVD 12 Media Server Monitor Service; C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe [75048 2012-01-12] (CyberLink)
R2 CyberLink PowerDVD 12 Media Server Service; C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe [296232 2012-01-12] (CyberLink)
R2 ekrn; C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [974944 2011-09-22] (ESET)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-16] (Intel Corporation)
R2 PSI_SVC_2_x64; c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [336824 2010-11-30] (arvato digital services llc)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2012-08-22] ()
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-05-09] (Disc Soft Ltd)
R2 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [202576 2011-08-09] (ESET)
R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [146432 2011-08-04] (ESET)
R2 epfwwfpr; C:\Windows\System32\DRIVERS\epfwwfpr.sys [137144 2011-08-04] (ESET)
S3 ISCT; C:\Windows\System32\DRIVERS\ISCTD64.sys [44992 2012-02-09] ()
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [99288 2013-09-16] (Intel Corporation)
R2 ntk_PowerDVD12; C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMP\CLHNServer\ntk_PowerDVD12_64.sys [82928 2011-10-27] (Cyberlink Corp.)
R3 RTLE8023x64; C:\Windows\System32\DRIVERS\Rtenic64.sys [438928 2012-05-23] (Realtek Semiconductor Corporation )
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [386680 2014-05-09] (Duplex Secure Ltd.)
S3 SWDUMon; C:\Windows\System32\DRIVERS\SWDUMon.sys [16152 2014-08-11] ()
R2 {329F96B6-DF1E-4328-BFDA-39EA953C1312}; C:\Program Files (x86)\CyberLink\PowerDVD12\Common\NavFilter\000.fcl [146928 2012-01-11] (CyberLink Corp.)
U3 atco04qi; C:\Windows\System32\Drivers\atco04qi.sys [0 ] (Advanced Micro Devices)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
S3 ZTEusbmdm6k; system32\DRIVERS\ZTEusbmdm6k.sys [X]
S3 ZTEusbnmea; system32\DRIVERS\ZTEusbnmea.sys [X]
S3 ZTEusbser6k; system32\DRIVERS\ZTEusbser6k.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-10-16 14:45 - 2014-10-16 14:45 - 00005433 _____ () C:\Users\User\Desktop\ZHPFixReport.txt
2014-10-16 14:44 - 2014-10-16 14:58 - 00005270 _____ () C:\Users\User\Desktop\Novo Documento de Texto.txt
2014-10-15 20:36 - 2014-10-15 20:36 - 00672768 _____ () C:\Users\User\Desktop\jump gospel.MSWMM
2014-10-15 20:15 - 2014-10-15 20:17 - 183849873 _____ () C:\Users\User\Desktop\jump gospel.wmv
2014-10-15 17:08 - 2014-10-15 17:08 - 00000512 _____ () C:\PhysicalDisk0_MBR.bin
2014-10-15 16:54 - 2014-10-16 14:45 - 00000000 ____D () C:\Users\User\AppData\Roaming\ZHP
2014-10-15 16:54 - 2014-10-15 16:54 - 00001991 _____ () C:\Users\User\Desktop\ZHPFix.lnk
2014-10-15 16:54 - 2014-10-15 16:54 - 00001864 _____ () C:\Users\User\Desktop\ZHPDiag.lnk
2014-10-15 16:54 - 2014-10-15 16:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZHP
2014-10-15 16:54 - 2014-10-15 16:54 - 00000000 ____D () C:\Program Files (x86)\ZHPDiag
2014-10-15 15:36 - 2014-10-16 15:48 - 00000000 ____D () C:\Users\User\Desktop\PC LENTO
2014-10-15 15:34 - 2014-10-15 15:34 - 00011630 _____ () C:\Users\User\Desktop\hijackthis.log
2014-10-14 20:16 - 2014-10-14 20:18 - 340884116 _____ () C:\Users\User\Desktop\O pior erro que você pode cometer no amor[3].avi
2014-10-14 17:30 - 2014-10-14 17:30 - 00000000 ____D () C:\Program Files (x86)\Freemake
2014-10-14 17:25 - 2014-10-14 17:25 - 01270256 _____ (Ellora Assets Corporation ) C:\Users\User\Downloads\FreemakeVideoConverterSetup.exe
2014-10-10 16:10 - 2014-10-13 15:13 - 00000000 ____D () C:\Users\User\Desktop\fotos
2014-10-09 20:07 - 2014-03-21 16:15 - 00044979 _____ () C:\Users\User\Downloads\[kickass.to]the.100.s01e01.720p.hdtv.x264.2hd.eztv.torrent
2014-10-09 05:57 - 2014-10-09 05:57 - 00000000 ____D () C:\Users\User\AppData\Local\Nero_AG
2014-10-09 05:56 - 2014-10-09 05:57 - 00000000 ____D () C:\Users\User\AppData\Local\Nero
2014-10-07 18:07 - 2013-05-08 17:19 - 00000127 _____ () C:\Users\User\Downloads\Encontre mais filmes em torrent aqui..url
2014-10-07 18:05 - 2014-10-07 18:06 - 00000000 _____ () C:\Users\User\downloadtemp.temp
2014-10-07 18:04 - 2014-10-07 18:04 - 00000338 _____ () C:\Windows\SysWOW64\jv_hist.log
2014-10-07 18:04 - 2014-10-07 18:04 - 00000338 _____ () C:\Users\User\.db_image_log
2014-10-07 18:04 - 2014-10-07 18:04 - 00000338 _____ () C:\Users\Todos os Usuários\directm.log
2014-10-07 18:04 - 2014-10-07 18:04 - 00000338 _____ () C:\ProgramData\directm.log
2014-10-07 18:03 - 2014-10-13 19:46 - 00000000 ____D () C:\Users\User\BibleDiscovery
2014-10-07 18:03 - 2014-10-07 18:03 - 00000000 ____D () C:\Users\User\.BibleDiscovery
2014-10-07 18:03 - 2014-10-07 18:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bible-Discovery
2014-10-07 18:03 - 2014-10-07 18:03 - 00000000 ____D () C:\Program Files (x86)\Bible-Discovery
2014-10-06 21:59 - 2014-10-06 21:59 - 00000000 _____ () C:\Users\User\Downloads\List_o_de_Filmes_de_Todos_os_G_neros_em_Torrent_Filmes_TorrentSetup-IfL0WtsOd.exe
2014-10-06 10:28 - 2014-10-06 10:28 - 00041512 _____ () C:\Users\User\Downloads\Folha Pagamento(1).zip
2014-10-03 21:32 - 2014-10-03 21:32 - 00000000 ____D () C:\Users\User\AppData\Local\MediaShow
2014-10-03 17:25 - 2014-10-03 17:25 - 00022889 _____ () C:\Users\User\Downloads\THE100-S01E02-720p.rar
2014-10-03 17:23 - 2014-10-03 17:23 - 00061711 _____ () C:\Users\User\Downloads\THE100-S01E01-720p.rar
2014-10-03 17:13 - 2014-10-03 17:13 - 00349561 _____ () C:\Users\User\Downloads\Supernatural-DUB-S08-.rar
2014-10-03 17:13 - 2014-10-03 17:13 - 00131007 _____ () C:\Users\User\Downloads\SUPERNATURAL.09E01-720p.rar
2014-09-29 16:35 - 2014-09-29 16:36 - 00000000 ____D () C:\Users\User\Documents\Tomb Raider - Legend
2014-09-29 16:13 - 2014-09-29 16:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Eidos
2014-09-29 16:05 - 2014-09-29 16:57 - 00000000 ____D () C:\Program Files (x86)\Tomb Raider - Legend
2014-09-26 13:05 - 2014-09-26 13:05 - 00000000 __SHD () C:\found.002
2014-09-26 07:36 - 2014-09-26 07:36 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-09-24 14:03 - 2014-09-24 14:03 - 00000000 __SHD () C:\found.001
2014-09-24 10:11 - 2014-09-24 10:11 - 00000000 __SHD () C:\found.000
2014-09-17 20:44 - 2014-09-17 20:48 - 07362048 _____ () C:\Users\User\Downloads\MM26_BR.msi
2014-09-17 15:29 - 2014-09-24 09:02 - 00003490 _____ () C:\Windows\System32\Tasks\AutoKMS
2014-09-16 14:06 - 2013-07-30 12:04 - 00001003 ____N () C:\Users\User\Downloads\README.txt

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-10-16 15:48 - 2014-07-16 14:41 - 00000000 ____D () C:\FRST
2014-10-16 15:46 - 2014-04-17 15:22 - 00001064 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-10-16 15:45 - 2014-04-17 16:28 - 00000000 ____D () C:\Users\User\AppData\Roaming\uTorrent
2014-10-16 15:30 - 2014-04-17 11:39 - 00000902 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-10-16 14:58 - 2013-07-30 16:10 - 00000000 ____D () C:\Users\User\AppData\Roaming\Skype
2014-10-16 14:46 - 2009-07-14 01:45 - 00026352 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-10-16 14:46 - 2009-07-14 01:45 - 00026352 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-10-16 14:32 - 2014-04-17 15:22 - 00001060 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-10-16 14:31 - 2014-07-10 07:34 - 00021838 _____ () C:\Windows\setupact.log
2014-10-16 14:31 - 2009-07-14 02:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-10-16 12:38 - 2014-06-23 23:08 - 01275689 _____ () C:\Windows\WindowsUpdate.log
2014-10-16 07:32 - 2014-04-25 20:14 - 00003934 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{6DF43704-786C-4865-866E-97611BE0333B}
2014-10-15 21:54 - 2014-09-02 20:00 - 00009216 _____ () C:\Users\User\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-10-15 20:42 - 2014-04-18 11:40 - 00000000 ____D () C:\Users\User\AppData\Roaming\vlc
2014-10-15 20:36 - 2014-09-08 19:02 - 00000000 ____D () C:\Users\User\AppData\Local\WMTools Downloaded Files
2014-10-15 16:06 - 2014-07-16 14:34 - 00028660 _____ () C:\Windows\PFRO.log
2014-10-15 16:06 - 2014-06-05 21:42 - 00000000 ____D () C:\AdwCleaner
2014-10-15 16:00 - 2014-07-16 14:54 - 00000000 ____D () C:\Users\User\AppData\Local\CrashDumps
2014-10-14 19:43 - 2014-04-29 18:20 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-10-14 19:41 - 2014-05-22 21:32 - 00000000 ____D () C:\Users\User\Downloads\torrent's
2014-10-14 19:32 - 2011-04-12 10:40 - 00705786 _____ () C:\Windows\system32\prfh0416.dat
2014-10-14 19:32 - 2011-04-12 10:40 - 00146512 _____ () C:\Windows\system32\prfc0416.dat
2014-10-14 19:32 - 2009-07-14 02:13 - 01634728 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-10-13 20:02 - 2014-06-30 20:20 - 00000000 ____D () C:\Program Files (x86)\Connon Fodder 3
2014-10-07 21:08 - 2014-06-02 21:04 - 00013143 _____ () C:\Users\User\Desktop\CONTAS.xlsx
2014-10-07 19:31 - 2009-07-14 01:45 - 05086312 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-10-07 18:09 - 2013-07-30 15:05 - 00140240 _____ () C:\Users\User\AppData\Local\GDIPFONTCACHEV1.DAT
2014-10-06 20:34 - 2009-07-14 00:20 - 00000000 ____D () C:\Windows\LiveKernelReports
2014-10-03 21:32 - 2013-07-30 16:05 - 00000000 ____D () C:\Users\User\AppData\Roaming\CyberLink
2014-10-03 21:32 - 2013-07-30 16:05 - 00000000 ____D () C:\Users\Todos os Usuários\CyberLink
2014-10-03 21:32 - 2013-07-30 16:05 - 00000000 ____D () C:\ProgramData\CyberLink
2014-10-01 17:57 - 2013-07-30 14:31 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-10-01 17:39 - 2014-05-02 14:14 - 00000000 ____D () C:\Users\User\Documents\My Games
2014-10-01 17:38 - 2014-05-27 16:44 - 00000000 ____D () C:\Program Files (x86)\Ubisoft
2014-10-01 17:25 - 2014-05-09 14:04 - 00000141 _____ () C:\Windows\disney.ini
2014-09-29 16:57 - 2014-08-14 14:43 - 00000000 ____D () C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GameVicio
2014-09-29 16:57 - 2014-08-14 14:43 - 00000000 ____D () C:\Program Files (x86)\GameVicio
2014-09-29 16:28 - 2014-05-09 21:41 - 00000000 ____D () C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2014-09-29 16:04 - 2014-07-21 19:15 - 00035751 _____ () C:\Windows\DirectX.log
2014-09-28 16:47 - 2014-06-11 23:02 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-09-24 11:35 - 2014-04-17 11:39 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-09-24 11:35 - 2014-04-17 11:39 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-09-24 11:35 - 2014-04-17 11:39 - 00003840 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-09-19 07:13 - 2009-07-14 02:08 - 00032608 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-09-17 20:49 - 2014-09-08 18:51 - 00002507 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Movie Maker 2.6.lnk
2014-09-17 20:49 - 2014-09-08 18:51 - 00000000 ____D () C:\Program Files (x86)\Movie Maker 2.6
2014-09-17 08:35 - 2014-04-18 10:46 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-09-16 14:11 - 2014-09-15 16:23 - 00000000 ____D () C:\Program Files (x86)\Wolfenstein The New Order

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-10-06 22:28

==================== End Of Log ============================
kipper
kipper
Iniciante
Iniciante

Mensagens : 48
Reputação : 1
Data de inscrição : 06/06/2014
Idade : 46

Ir para o topo Ir para baixo

pc lento para ligar ... Empty Re: pc lento para ligar ...

Mensagem por kipper Qui 16 Out 2014, 15:51

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 16-10-2014
Ran by User at 2014-10-16 15:48:32
Running from C:\Users\User\Desktop\PC LENTO
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: ESET NOD32 Antivírus 5.0 (Enabled - Up to date) {77DEAFED-8149-104B-25A1-21771CA47CD1}
AS: ESET NOD32 Antivírus 5.0 (Enabled - Up to date) {CCBF4E09-A773-1FC5-1F11-1A056723366C}
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKCU\...\uTorrent) (Version: 3.4.1.31139 - BitTorrent Inc.)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.5.3.9120 - Adobe Systems Inc.)
Adobe AIR (x32 Version: 1.5.3.9120 - Adobe Systems Inc.) Hidden
Adobe Creative Suite 5 Master Collection (HKLM-x32\...\{1BBD8D70-721A-41AD-AC8F-7308A0C8FA92}) (Version: 5.0 - Adobe Systems Incorporated)
Adobe Flash Player 15 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 15.0.0.167 - Adobe Systems Incorporated)
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.152 - Adobe Systems Incorporated)
Adobe Media Player (HKLM-x32\...\com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.8 - Adobe Systems Incorporated)
Adobe Media Player (x32 Version: 1.8 - Adobe Systems Incorporated) Hidden
Adobe Reader XI (11.0.09) - Português (HKLM-x32\...\{AC76BA86-7AD7-1046-7B44-AB0000000001}) (Version: 11.0.09 - Adobe Systems Incorporated)
aTube Catcher (HKLM-x32\...\aTube Catcher) (Version: 3.8.7971 - DsNET Corp)
aTube Catcher versão 3.8 (HKLM-x32\...\{D43B360E-722D-421B-BC77-20B9E0F8B6CD}_is1) (Version: 3.8 - DsNET Corp)
Bible-Discovery 3.8.0 (HKLM-x32\...\Bible-Discovery) (Version: 3.8.0 - Miklos Zsido)
Biblia Eletrônica 3.7.8 (HKLM-x32\...\Biblia Eletrônica_is1) (Version: - RkSoft Softwares Ltda)
Corel Graphics - Windows Shell Extension (HKLM\...\_{EBDC2D0D-1E26-4EF2-BB48-C7E18F7800C6}) (Version: 16.0.0.707 - Corel Corporation)
Corel Graphics - Windows Shell Extension (Version: 16.0.707 - Corel Corporation) Hidden
Corel Graphics - Windows Shell Extension 32 Bit (Version: 16.0.707 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - BR (x64) (Version: 16.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - Capture (x64) (Version: 16.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - Common (x64) (Version: 16.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - Connect (x64) (Version: 16.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - Custom Data (x64) (Version: 16.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - Draw (x64) (Version: 16.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - Filters (x64) (Version: 16.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - FontNav (x64) (Version: 16.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - IPM (Version: 16.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - PHOTO-PAINT (x64) (Version: 16.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - Photozoom Plugin (x64) (Version: 16.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - Redist (x64) (Version: 16.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - Setup Files (x64) (Version: 16.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - VBA (x64) (Version: 16.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - VideoBrowser (x64) (Version: 16.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - VSTA (x64) (Version: 16.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - Writing Tools (x64) (Version: 16.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 (64-Bit) (HKLM\...\_{BDBFAC49-8877-472F-876B-75ADB7DBC955}) (Version: 16.0.0.707 - Corel Corporation)
CorelDRAW Graphics Suite X6 (x64) (Version: 16.0 - Corel Corporation) Hidden
CyberLink PowerDVD 12 (HKLM-x32\...\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.1312.54 - CyberLink Corp.)
CyberLink PowerDVD 12 (x32 Version: 12.0.1312.54 - CyberLink Corp.) Hidden
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.49.1.0356 - Disc Soft Ltd)
ESET NOD32 Antivirus (HKLM\...\{679CC4FF-FC7B-48DF-A346-684AD1A2B48E}) (Version: 5.0.95.0 - ESET, spol. s r. o.)
Facebook Video Calling 3.1.0.521 (HKLM-x32\...\{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version: 3.1.521 - Skype Limited)
FormatFactory 3.3.5.0 (HKLM-x32\...\FormatFactory) (Version: 3.3.5.0 - Format Factory)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 37.0.2062.124 - Google Inc.)
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
HP Deskjet 1050 J410 series Ajuda (HKLM-x32\...\{5C90D8CF-F12A-41C6-9007-3B651A1F0D78}) (Version: 140.0.66.66 - Hewlett Packard)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.3781 - HP Photo Creations Powered by RocketLife)
HP Update (HKLM-x32\...\{B0069CFA-5BB9-4C03-B1C6-89CE290E5AFE}) (Version: 5.002.006.003 - Hewlett-Packard)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.15.1730 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3412 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 2.5.0.19 - Intel Corporation)
Intel®️ Trusted Connect Service Client (Version: 1.31.8.1 - Intel Corporation) Hidden
Java 7 Update 55 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417055FF}) (Version: 7.0.550 - Oracle)
Java 7 Update 67 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217067FF}) (Version: 7.0.670 - Oracle)
Java Auto Updater (x32 Version: 2.1.67.1 - Oracle, Inc.) Hidden
K-Lite Mega Codec Pack 9.9.5 (HKLM-x32\...\KLiteCodecPack_is1) (Version: 9.9.5 - )
Men of War: Assault Squad 2 (HKLM-x32\...\TWVub2ZXYXJBc3NhdWx0U3F1YWQy_is1) (Version: 1 - )
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Client Profile PTB Language Pack (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft Access MUI (Portuguese (Brazil)) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft DCF MUI (Portuguese (Brazil)) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Excel MUI (Portuguese (Brazil)) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Groove MUI (Portuguese (Brazil)) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft InfoPath MUI (Portuguese (Brazil)) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Lync MUI (Portuguese (Brazil)) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office 32-bit Components 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office OSM MUI (Portuguese (Brazil)) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office OSM UX MUI (Portuguese (Brazil)) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4420.1017 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Proofing (Portuguese (Brazil)) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2013 - English (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2013 - Español (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Shared 32-bit MUI (Portuguese (Brazil)) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (Portuguese (Brazil)) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft OneNote MUI (Portuguese (Brazil)) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Outlook MUI (Portuguese (Brazil)) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft PowerPoint MUI (Portuguese (Brazil)) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Publisher MUI (Portuguese (Brazil)) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM-x32\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 4.0.50401.0 - Microsoft Corporation)
Microsoft Visual Basic for Applications 7.1 (x64) (Version: 7.1.00.00 - Microsoft Corporation) Hidden
Microsoft Visual Basic for Applications 7.1 (x64) English (Version: 7.1.0.0 - Microsoft Corporation) Hidden
Microsoft Visual Basic for Applications 7.1 (x64) Portuguese (Brazil) (Version: 7.1.0.0 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2.0 Runtime (HKLM-x32\...\{299C0434-4F4E-341F-A916-4E07AEB35E79}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Word MUI (Portuguese (Brazil)) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft_VC80_ATL_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_ATL_x86_x64 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_CRT_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_CRT_x86_x64 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFC_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFC_x86_x64 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFCLOC_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFCLOC_x86_x64 (Version: 80.50727.4053 - Adobe) Hidden
Microsoft_VC90_ATL_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_ATL_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_CRT_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_CRT_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFC_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFC_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
Minha Biblia (HKLM-x32\...\{738C450E-378C-42E7-B8D2-A36EC068A1D3}) (Version: 1.03.0000 - Friendship Solutions:)
Mozilla Firefox 32.0.3 (x86 pt-BR) (HKLM-x32\...\Mozilla Firefox 32.0.3 (x86 pt-BR)) (Version: 32.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 32.0.1 - Mozilla)
Nero 12 (HKLM-x32\...\{560FC78C-A4B2-461D-9B47-820C1EEF87B8}) (Version: 12.0.02000 - Nero AG)
Nero Audio Pack 1 (x32 Version: 11.0.11500.110.0 - Nero AG) Hidden
Nero BackItUp Help (CHM) (x32 Version: 12.0.3000 - Nero AG) Hidden
Nero Blu-ray Player (x32 Version: 12.0.14300 - Nero AG) Hidden
Nero Blu-ray Player Help (CHM) (x32 Version: 12.0.4000 - Nero AG) Hidden
Nero Burning ROM (x32 Version: 12.0.20000 - Nero AG) Hidden
Nero Burning ROM Help (CHM) (x32 Version: 12.0.3000 - Nero AG) Hidden
Nero ControlCenter (x32 Version: 11.0.15200 - Nero AG) Hidden
Nero ControlCenter Help (CHM) (x32 Version: 12.0.5000 - Nero AG) Hidden
Nero Core Components (x32 Version: 11.0.18100 - Nero AG) Hidden
Nero Disc Menus Basic (x32 Version: 12.0.11500 - Nero AG) Hidden
Nero Effects Basic (x32 Version: 12.0.11500 - Nero AG) Hidden
Nero Express (x32 Version: 12.0.20000 - Nero AG) Hidden
Nero Express Help (CHM) (x32 Version: 12.0.5000 - Nero AG) Hidden
Nero Kwik Media (x32 Version: 1.18.18200 - Nero AG) Hidden
Nero Kwik Media Help (CHM) (x32 Version: 12.0.4000 - Nero AG) Hidden
Nero Kwik Themes Basic (x32 Version: 12.0.11500 - Nero AG) Hidden
Nero PiP Effects Basic (x32 Version: 12.0.11500 - Nero AG) Hidden
Nero Recode (x32 Version: 12.0.24000 - Nero AG) Hidden
Nero Recode Help (CHM) (x32 Version: 12.0.4000 - Nero AG) Hidden
Nero RescueAgent (x32 Version: 12.0.9000 - Nero AG) Hidden
Nero RescueAgent Help (CHM) (x32 Version: 12.0.3000 - Nero AG) Hidden
Nero SharedVideoCodecs (x32 Version: 1.0.12100.2.0 - Nero AG) Hidden
Nero Video (x32 Version: 12.0.3000 - Nero AG) Hidden
Nero Video Help (CHM) (x32 Version: 12.0.4000 - Nero AG) Hidden
neroxml (x32 Version: 1.0.0 - Nero AG) Hidden
Pacote de Idiomas do Microsoft .NET Framework 4 Client Profile - Português (Brasil) (HKLM\...\Microsoft .NET Framework 4 Client Profile PTB Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
PDF Settings CS5 (x32 Version: 10.0 - Adobe Systems Incorporated) Hidden
Prerequisite installer (x32 Version: 12.0.0002 - Nero AG) Hidden
Primo (x32 Version: 1.00.0000 - Your Company Name) Hidden
Pro Evolution Soccer 2009 (HKLM-x32\...\{A8DB611A-D80E-450D-85F6-3ACDD164BE31}) (Version: 1.00.0000 - KONAMI)
Rambo The Video Game (HKLM-x32\...\{48CB69A5-D098-4CA6-A58F-4255ED6DBE49}_is1) (Version: - Reef Entertainment)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7071 - Realtek Semiconductor Corp.)
Revisores de Texto do Microsoft Office 2013 – Português do Brasil (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Rosso Rabbit in Trouble (HKLM-x32\...\Rosso Rabbit in Trouble_is1) (Version: - )
Runtime (x32 Version: 1.00.0000 - Your Company Name) Hidden
Show do Cristão (HKLM-x32\...\Show do Cristão_is1) (Version: - Oltre Vita Informática Ltda)
Skype™️ 6.3 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.3.105 - Skype Technologies S.A.)
Software básico do dispositivo HP Deskjet 1050 J410 series (HKLM\...\{06A5A3AF-AFA5-4278-868E-BFD494A9B08B}) (Version: 22.50.231.0 - Hewlett-Packard Co.)
Sony Picture Utility (HKLM-x32\...\{D5068583-D569-468B-9755-5FBF5848F46F}) (Version: 4.2.01.15030 - Sony Corporation)
Tomb Raider: Legend 1.0 (HKLM-x32\...\Tomb Raider: Legend) (Version: - )
VLC media player 2.1.3 (HKLM-x32\...\VLC media player) (Version: 2.1.3 - VideoLAN)
Welcome App (Start-up experience) (x32 Version: 12.0.14000 - Nero AG) Hidden
Winamp (HKLM-x32\...\Winamp) (Version: 5.666 - Nullsoft, Inc)
Windows Movie Maker 2.6 (HKLM-x32\...\{B3DAF54F-DB25-4586-9EF1-96D24BB14088}) (Version: 2.6.4037.0 - Microsoft Corporation)
WinRAR 4.11 (64-bit) (HKLM\...\WinRAR archiver) (Version: 4.11.0 - win.rar GmbH)
ZHPDiag 2014 (HKLM-x32\...\ZHPDiag_is1) (Version: 2014 - Nicolas Coolman)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)


==================== Restore Points =========================

03-10-2014 14:37:25 Ponto de Verificação Agendado
10-10-2014 17:56:28 Ponto de Verificação Agendado
13-10-2014 22:45:09 Removed MTX MotoTrax

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-13 23:34 - 2014-06-25 17:44 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {08DE8D45-EB5F-45B9-A11D-E5293AF39F97} - System32\Tasks\AutoKMS
Task: {1E2A1A86-8E76-4D56-8987-7E2745EB660C} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation)
Task: {2F26519F-9262-4555-954D-00D12590C617} - System32\Tasks\{D5B18C28-40B9-4F9D-B759-6CADF0A43225} => C:\Program Files (x86)\Rosso Rabbit in Trouble\RossoRabbitInTrouble.exe [2004-09-14] ()
Task: {4F8479B2-4B26-4343-8989-9E1A87DD90EB} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2012-10-01] (Microsoft Corporation)
Task: {53812C6A-557A-41C6-9321-A14BEA7C723A} - System32\Tasks\HPCustParticipation HP Deskjet 1050 J410 series => C:\Program Files\HP\HP Deskjet 1050 J410 series\Bin\HPCustPartic.exe [2010-11-16] (Hewlett-Packard Co.)
Task: {8658DF18-DEB8-4E79-ACDF-8622AE27A1DB} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-04-17] (Google Inc.)
Task: {A0934E19-C840-4AB7-A767-7C8D67A31E15} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-04-17] (Google Inc.)
Task: {AEEDA4BC-A1ED-406F-91C1-13B0C8C082B4} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-09-24] (Adobe Systems Incorporated)
Task: {CA9DB52F-6282-4479-BD53-84A6339DE959} - System32\Tasks\{1C01D39C-FF48-4DC8-BC31-0AD1DDAE6804} => Chrome.exe
Task: {D33F1C7D-7A4E-49C1-B6C4-B34E768B155D} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation)
Task: {FA7E56F6-D1C7-460C-9314-1D3E7032A6B2} - System32\Tasks\AdobeAAMUpdater-1.0-User-PC-User => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2010-03-06] (Adobe Systems Incorporated)
Task: {FE93D411-9549-4D9C-9968-1C9EB527112F} - System32\Tasks\Games\UpdateCheck_S-1-5-21-2123034537-1514316849-1306321605-1000
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2014-04-17 10:24 - 2012-10-29 15:48 - 00927232 _____ () C:\Program Files (x86)\ASUS\AXSP\1.01.01\atkexComSvc.exe
2013-07-30 16:14 - 2012-02-17 20:55 - 00193536 _____ () C:\Program Files\WinRAR\rarext.dll
2014-05-09 20:32 - 2012-03-16 12:27 - 00009728 _____ () C:\Users\User\AppData\Roaming\Crazy.Frog.Racer\upd.exe
2014-04-17 10:24 - 2014-10-16 14:31 - 00026112 _____ () C:\Program Files (x86)\ASUS\AXSP\1.01.01\PEbiosinterface32.dll
2014-04-17 10:24 - 2012-05-08 00:04 - 00104448 _____ () C:\Program Files (x86)\ASUS\AXSP\1.01.01\ATKEX.dll
2013-07-30 16:04 - 2012-01-01 23:21 - 00374056 _____ () C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMR\CLNetMediaDMA.dll
2013-07-30 16:04 - 2011-08-23 23:39 - 00081920 _____ () C:\Program Files (x86)\CyberLink\PowerDVD12\Common\koan\_ctypes.pyd
2013-07-30 16:04 - 2011-08-23 23:39 - 00053248 _____ () C:\Program Files (x86)\CyberLink\PowerDVD12\Common\Koan\_socket.pyd
2013-07-30 16:04 - 2011-08-23 23:39 - 00655360 _____ () C:\Program Files (x86)\CyberLink\PowerDVD12\Common\Koan\_ssl.pyd
2013-07-30 16:04 - 2012-01-12 09:55 - 00075048 _____ () C:\Program Files (x86)\CyberLink\PowerDVD12\subsys\DLNA\DMS\_PyDMSCtrl.pyd
2013-07-30 16:05 - 2012-01-09 00:48 - 00541683 _____ () C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\sqlite3.dll
2014-04-17 10:28 - 2013-09-16 12:17 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2014-09-29 16:13 - 2014-09-29 16:13 - 00350720 _____ () C:\Program Files (x86)\Tomb Raider - Legend\binkw32.dll
2014-09-26 07:36 - 2014-09-26 07:36 - 03715184 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)


========================= Accounts: ==========================

Administrador (S-1-5-21-2123034537-1514316849-1306321605-500 - Administrator - Disabled)
Convidado (S-1-5-21-2123034537-1514316849-1306321605-501 - Limited - Disabled)
User (S-1-5-21-2123034537-1514316849-1306321605-1000 - Administrator - Enabled) => C:\Users\User

==================== Faulty Device Manager Devices =============

Name: badriver
Description: badriver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: badriver
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: Teredo Tunneling Pseudo-Interface
Description: Adaptador de Túnel Teredo da Microsoft
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (10/16/2014 02:43:03 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: O programa ZHPDiag.exe versão 2014.8.28.125 parou de interagir com o Windows e foi fechado. Para ver se há mais informações disponíveis sobre o problema, verifique o histórico de problemas no painel de controle da Central de Ações.

ID de Processo: 1348

Hora de Início: 01cfe9684fe5b2fc

Hora de Término: 0

Caminho do Aplicativo: C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe

Id do Relatório: dbad609b-555b-11e4-b06e-e03f49173750

Error: (10/16/2014 02:33:21 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/16/2014 10:49:01 AM) (Source: Google Update) (EventID: 20) (User: User-PC)
Description: Network Request Error.
Error: 0x80072ee7. Http status code: 0.
Url=https://www.facebook.com/omaha/update.php
Trying config: source=FireFox, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=auto, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=FireFox, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee2. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=auto, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned

Error: (10/16/2014 07:42:55 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/16/2014 07:30:43 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/15/2014 10:12:52 PM) (Source: Google Update) (EventID: 20) (User: User-PC)
Description: Network Request Error.
Error: 0x80072ee7. Http status code: 0.
Url=https://www.facebook.com/omaha/update.php
Trying config: source=FireFox, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=auto, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=FireFox, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=auto, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned

Error: (10/15/2014 07:12:52 PM) (Source: Google Update) (EventID: 20) (User: User-PC)
Description: Network Request Error.
Error: 0x80072ee7. Http status code: 0.
Url=https://www.facebook.com/omaha/update.php
Trying config: source=FireFox, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=auto, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=FireFox, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=auto, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned

Error: (10/15/2014 04:08:42 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/15/2014 04:00:36 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome de aplicativo com falha: egui.exe, versão: 5.0.94.0, carimbo de hora: 0x4e7b012d
Nome do módulo de falhas: MSVCR80.dll, versão: 8.0.50727.4940, carimbo de hora: 0x4ca2b4dd
Código de exceção: 0xc000000d
Deslocamento com falha: 0x000000000001e090
Identificação do processo com falha: 0x804
Hora de início do aplicativo com falha: 0xegui.exe0
Caminho do aplicativo com falha: egui.exe1
FCaminho do módulo de falhas: egui.exe2
Identificação do Relatório: egui.exe3

Error: (10/15/2014 02:54:29 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


System errors:
=============
Error: (10/16/2014 02:32:34 PM) (Source: DCOM) (EventID: 10016) (User: AUTORIDADE NT)
Description: padrão-computadorLocalAtivação{BC50CF2A-E12C-4F18-90CE-714CC8600CEE}{BC50CF2A-E12C-4F18-90CE-714CC8600CEE}AUTORIDADE NTSERVIÇO LOCALS-1-5-19LocalHost (Usando LRPC)

Error: (10/16/2014 02:32:28 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Falha ao carregar o(s) seguinte(s) driver(s) de início do sistema ou de inicialização:
badriver

Error: (10/16/2014 09:58:33 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: O serviço CyberLink PowerDVD 12 Media Server Service foi encerrado inesperadamente. Isso aconteceu 2 vez(es).

Error: (10/16/2014 08:57:49 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: O serviço CyberLink PowerDVD 12 Media Server Service foi encerrado inesperadamente. Isso aconteceu 1 vez(es).

Error: (10/16/2014 07:41:48 AM) (Source: DCOM) (EventID: 10016) (User: AUTORIDADE NT)
Description: padrão-computadorLocalAtivação{BC50CF2A-E12C-4F18-90CE-714CC8600CEE}{BC50CF2A-E12C-4F18-90CE-714CC8600CEE}AUTORIDADE NTSERVIÇO LOCALS-1-5-19LocalHost (Usando LRPC)

Error: (10/16/2014 07:41:43 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Falha ao carregar o(s) seguinte(s) driver(s) de início do sistema ou de inicialização:
badriver

Error: (10/16/2014 07:29:37 AM) (Source: DCOM) (EventID: 10016) (User: AUTORIDADE NT)
Description: padrão-computadorLocalAtivação{BC50CF2A-E12C-4F18-90CE-714CC8600CEE}{BC50CF2A-E12C-4F18-90CE-714CC8600CEE}AUTORIDADE NTSERVIÇO LOCALS-1-5-19LocalHost (Usando LRPC)

Error: (10/16/2014 07:29:30 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Falha ao carregar o(s) seguinte(s) driver(s) de início do sistema ou de inicialização:
badriver

Error: (10/15/2014 04:07:39 PM) (Source: DCOM) (EventID: 10016) (User: AUTORIDADE NT)
Description: padrão-computadorLocalAtivação{BC50CF2A-E12C-4F18-90CE-714CC8600CEE}{BC50CF2A-E12C-4F18-90CE-714CC8600CEE}AUTORIDADE NTSERVIÇO LOCALS-1-5-19LocalHost (Usando LRPC)

Error: (10/15/2014 04:07:38 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Falha ao carregar o(s) seguinte(s) driver(s) de início do sistema ou de inicialização:
badriver


Microsoft Office Sessions:
=========================
Error: (10/16/2014 02:43:03 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: ZHPDiag.exe2014.8.28.125134801cfe9684fe5b2fc0C:\Program Files (x86)\ZHPDiag\ZHPDiag.exedbad609b-555b-11e4-b06e-e03f49173750

Error: (10/16/2014 02:33:21 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/16/2014 10:49:01 AM) (Source: Google Update) (EventID: 20) (User: User-PC)
Description: Network Request Error.
Error: 0x80072ee7. Http status code: 0.
Url=https://www.facebook.com/omaha/update.php
Trying config: source=FireFox, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=auto, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=FireFox, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee2. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=auto, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned

Error: (10/16/2014 07:42:55 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/16/2014 07:30:43 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/15/2014 10:12:52 PM) (Source: Google Update) (EventID: 20) (User: User-PC)
Description: Network Request Error.
Error: 0x80072ee7. Http status code: 0.
Url=https://www.facebook.com/omaha/update.php
Trying config: source=FireFox, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=auto, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=FireFox, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=auto, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned

Error: (10/15/2014 07:12:52 PM) (Source: Google Update) (EventID: 20) (User: User-PC)
Description: Network Request Error.
Error: 0x80072ee7. Http status code: 0.
Url=https://www.facebook.com/omaha/update.php
Trying config: source=FireFox, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=auto, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=FireFox, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=auto, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned

Error: (10/15/2014 04:08:42 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/15/2014 04:00:36 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: egui.exe5.0.94.04e7b012dMSVCR80.dll8.0.50727.49404ca2b4ddc000000d000000000001e09080401cfe8a0d89e07a3C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exeC:\Windows\WinSxS\amd64_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4940_none_88df89932faf0bf6\MSVCR80.dll8b4bc755-549d-11e4-8a61-e03f49173750

Error: (10/15/2014 02:54:29 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


CodeIntegrity Errors:
===================================
Date: 2014-06-25 17:44:18.117
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2014-06-25 17:44:18.117
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2014-04-17 10:36:25.800
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\RTKVHD64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2014-04-17 10:36:25.784
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\RTKVHD64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2014-04-17 10:31:12.748
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\RTKVHD64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2014-04-17 10:31:12.732
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\RTKVHD64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2014-04-17 10:21:50.878
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\RTKVHD64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2014-04-17 10:21:50.862
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\RTKVHD64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2014-04-17 09:58:37.544
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\RTKVHD64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2014-04-17 09:58:36.780
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\RTKVHD64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.


==================== Memory info ===========================

Processor: Intel(R) Core(TM) i3-4130 CPU @ 3.40GHz
Percentage of memory in use: 41%
Total physical RAM: 3968.45 MB
Available physical RAM: 2331.42 MB
Total Pagefile: 7935.09 MB
Available Pagefile: 6080.95 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:97.66 GB) (Free:22.31 GB) NTFS
Drive e: (Novo volume) (Fixed) (Total:175.78 GB) (Free:59.53 GB) NTFS
Drive f: (Novo volume) (Fixed) (Total:192.22 GB) (Free:68.93 GB) NTFS
Drive g: (TombRaiderLegend) (CDROM) (Total:4.31 GB) (Free:0 GB) CDFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or Cool (Size: 465.8 GB) (Disk ID: 56684485)
Partition 1: (Active) - (Size=102 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=97.7 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=175.8 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=192.2 GB) - (Type=OF Extended)

==================== End Of Log ============================
kipper
kipper
Iniciante
Iniciante

Mensagens : 48
Reputação : 1
Data de inscrição : 06/06/2014
Idade : 46

Ir para o topo Ir para baixo

pc lento para ligar ... Empty Re: pc lento para ligar ...

Mensagem por joram Qui 16 Out 2014, 17:21

Boa Tarde! kipper

> Copie estas informações que estão em vermelho,para o Bloco de Notas.
> Salve-a com o nome fixlist.txt
> Salve-a no desktop! ( Área de trabalho ... ) >> C:\Users\User\Desktop\PC LENTO <<

start
() C:\Users\User\AppData\Roaming\Crazy.Frog.Racer\upd.exe
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [] => [X]
HKU\S-1-5-21-2123034537-1514316849-1306321605-1000\...\Run: [Crazy.Frog.Racer] => C:\Users\User\AppData\Roaming\Crazy.Frog.Racer\upd.exe [9728 2012-03-16] ()
HKU\S-1-5-21-2123034537-1514316849-1306321605-1000\...\Run: [Facebook Update] => C:\Users\User\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2014-07-28] (Facebook Inc.)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
2014-10-16 14:45 - 2014-10-16 14:45 - 00005433 _____ () C:\Users\User\Desktop\ZHPFixReport.txt
2014-10-15 17:08 - 2014-10-15 17:08 - 00000512 _____ () C:\PhysicalDisk0_MBR.bin
2014-10-15 16:54 - 2014-10-16 14:45 - 00000000 ____D () C:\Users\User\AppData\Roaming\ZHP
2014-10-15 16:54 - 2014-10-15 16:54 - 00001991 _____ () C:\Users\User\Desktop\ZHPFix.lnk
2014-10-15 16:54 - 2014-10-15 16:54 - 00001864 _____ () C:\Users\User\Desktop\ZHPDiag.lnk
2014-10-15 16:54 - 2014-10-15 16:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZHP
2014-10-15 16:54 - 2014-10-15 16:54 - 00000000 ____D () C:\Program Files (x86)\ZHPDiag
2014-10-15 15:34 - 2014-10-15 15:34 - 00011630 _____ () C:\Users\User\Desktop\hijackthis.log
2014-09-26 13:05 - 2014-09-26 13:05 - 00000000 __SHD () C:\found.002
2014-09-24 14:03 - 2014-09-24 14:03 - 00000000 __SHD () C:\found.001
2014-09-24 10:11 - 2014-09-24 10:11 - 00000000 __SHD () C:\found.000
2014-09-17 15:29 - 2014-09-24 09:02 - 00003490 _____ () C:\Windows\System32\Tasks\AutoKMS
2014-10-15 16:06 - 2014-06-05 21:42 - 00000000 ____D () C:\AdwCleaner
Task: {08DE8D45-EB5F-45B9-A11D-E5293AF39F97} - System32\Tasks\AutoKMS
Task: {FA7E56F6-D1C7-460C-9314-1D3E7032A6B2} - System32\Tasks\AdobeAAMUpdater-1.0-User-PC-User => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2010-03-06] (Adobe Systems Incorporated)
Task: {FE93D411-9549-4D9C-9968-1C9EB527112F} - System32\Tasks\Games\UpdateCheck_S-1-5-21-2123034537-1514316849-1306321605-1000
end


> Execute FRST/FRST64 >> Clique "Fix". << Aguarde!
> Poste o relatório! (Fixlog.txt)

A+
joram
joram
Administrador
Administrador

Mensagens : 4160
Reputação : 471
Data de inscrição : 26/01/2014
Localização : Rio de Janeiro

Ir para o topo Ir para baixo

pc lento para ligar ... Empty Re: pc lento para ligar ...

Mensagem por kipper Qui 16 Out 2014, 18:43

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 16-10-2014
Ran by User at 2014-10-16 18:42:12 Run:1
Running from C:\Users\User\Desktop\PC LENTO
Loaded Profile: User (Available profiles: User)
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
start
() C:\Users\User\AppData\Roaming\Crazy.Frog.Racer\upd.exe
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [] => [X]
HKU\S-1-5-21-2123034537-1514316849-1306321605-1000\...\Run: [Crazy.Frog.Racer] => C:\Users\User\AppData\Roaming\Crazy.Frog.Racer\upd.exe [9728 2012-03-16] ()
HKU\S-1-5-21-2123034537-1514316849-1306321605-1000\...\Run: [Facebook Update] => C:\Users\User\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2014-07-28] (Facebook Inc.)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
2014-10-16 14:45 - 2014-10-16 14:45 - 00005433 _____ () C:\Users\User\Desktop\ZHPFixReport.txt
2014-10-15 17:08 - 2014-10-15 17:08 - 00000512 _____ () C:\PhysicalDisk0_MBR.bin
2014-10-15 16:54 - 2014-10-16 14:45 - 00000000 ____D () C:\Users\User\AppData\Roaming\ZHP
2014-10-15 16:54 - 2014-10-15 16:54 - 00001991 _____ () C:\Users\User\Desktop\ZHPFix.lnk
2014-10-15 16:54 - 2014-10-15 16:54 - 00001864 _____ () C:\Users\User\Desktop\ZHPDiag.lnk
2014-10-15 16:54 - 2014-10-15 16:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZHP
2014-10-15 16:54 - 2014-10-15 16:54 - 00000000 ____D () C:\Program Files (x86)\ZHPDiag
2014-10-15 15:34 - 2014-10-15 15:34 - 00011630 _____ () C:\Users\User\Desktop\hijackthis.log
2014-09-26 13:05 - 2014-09-26 13:05 - 00000000 __SHD () C:\found.002
2014-09-24 14:03 - 2014-09-24 14:03 - 00000000 __SHD () C:\found.001
2014-09-24 10:11 - 2014-09-24 10:11 - 00000000 __SHD () C:\found.000
2014-09-17 15:29 - 2014-09-24 09:02 - 00003490 _____ () C:\Windows\System32\Tasks\AutoKMS
2014-10-15 16:06 - 2014-06-05 21:42 - 00000000 ____D () C:\AdwCleaner
Task: {08DE8D45-EB5F-45B9-A11D-E5293AF39F97} - System32\Tasks\AutoKMS
Task: {FA7E56F6-D1C7-460C-9314-1D3E7032A6B2} - System32\Tasks\AdobeAAMUpdater-1.0-User-PC-User => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2010-03-06] (Adobe Systems Incorporated)
Task: {FE93D411-9549-4D9C-9968-1C9EB527112F} - System32\Tasks\Games\UpdateCheck_S-1-5-21-2123034537-1514316849-1306321605-1000
end
*****************

[2156] C:\Users\User\AppData\Roaming\Crazy.Frog.Racer\upd.exe => Process closed successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\Adobe ARM => value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ => value deleted successfully.
HKU\S-1-5-21-2123034537-1514316849-1306321605-1000\Software\Microsoft\Windows\CurrentVersion\Run\\Crazy.Frog.Racer => value deleted successfully.
HKU\S-1-5-21-2123034537-1514316849-1306321605-1000\Software\Microsoft\Windows\CurrentVersion\Run\\Facebook Update => value deleted successfully.
catchme => Service deleted successfully.
C:\Users\User\Desktop\ZHPFixReport.txt => Moved successfully.
C:\PhysicalDisk0_MBR.bin => Moved successfully.
C:\Users\User\AppData\Roaming\ZHP => Moved successfully.
C:\Users\User\Desktop\ZHPFix.lnk => Moved successfully.
C:\Users\User\Desktop\ZHPDiag.lnk => Moved successfully.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZHP => Moved successfully.
C:\Program Files (x86)\ZHPDiag => Moved successfully.
C:\Users\User\Desktop\hijackthis.log => Moved successfully.
C:\found.002 => Moved successfully.
C:\found.001 => Moved successfully.
C:\found.000 => Moved successfully.
C:\Windows\System32\Tasks\AutoKMS => Moved successfully.
C:\AdwCleaner => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{08DE8D45-EB5F-45B9-A11D-E5293AF39F97}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{08DE8D45-EB5F-45B9-A11D-E5293AF39F97}" => Key deleted successfully.
C:\Windows\System32\Tasks\AutoKMS not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AutoKMS" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{FA7E56F6-D1C7-460C-9314-1D3E7032A6B2}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FA7E56F6-D1C7-460C-9314-1D3E7032A6B2}" => Key deleted successfully.
C:\Windows\System32\Tasks\AdobeAAMUpdater-1.0-User-PC-User => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AdobeAAMUpdater-1.0-User-PC-User" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{FE93D411-9549-4D9C-9968-1C9EB527112F}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FE93D411-9549-4D9C-9968-1C9EB527112F}" => Key deleted successfully.
C:\Windows\System32\Tasks\Games\UpdateCheck_S-1-5-21-2123034537-1514316849-1306321605-1000 => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Games\UpdateCheck_S-1-5-21-2123034537-1514316849-1306321605-1000" => Key deleted successfully.

==== End of Fixlog ====
kipper
kipper
Iniciante
Iniciante

Mensagens : 48
Reputação : 1
Data de inscrição : 06/06/2014
Idade : 46

Ir para o topo Ir para baixo

pc lento para ligar ... Empty Re: pc lento para ligar ...

Mensagem por joram Qui 16 Out 2014, 19:22

Bom Noite! kipper

> Baixe: < [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] > ( ... de Xplode )

[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]

> Estando na página,clique em Download Now
> Salve-a em um local conveniente! ( desktop! )
> Feche aplicativos que estejam abertos.

[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]

> Remover ferramentas de desinfecção
> Criar backup do registro
> Limpar pontos da restauração do sistema

> Com estas caixinhas marcadas,clique Executar!
> Reinicie o computador!
>
> Baixe: < [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] > ( ... by techsupportall.com )
> Salve-a no desktop!

[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]

> Execute o arquivo Adware-Removal-Tool-v3.9.1.exe <<

[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]

> Dê início a verificação,clicando em Scan.

[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]

> Ao concluir seu prescan,clique OK.
> Ps: Cada guia irá mostrar o que será removido!

[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]

> Clique "Next" >> Aguarde!

< Computador >> Windows (C:) >> Program Files >> Adware-Removal-Tool >> Reports >> Repair_Logs_2014_10_dia_h_min_seg.txt <<

> Poste o relatório! 

Abs!
joram
joram
Administrador
Administrador

Mensagens : 4160
Reputação : 471
Data de inscrição : 26/01/2014
Localização : Rio de Janeiro

Ir para o topo Ir para baixo

pc lento para ligar ... Empty Re: pc lento para ligar ...

Mensagem por kipper Qui 16 Out 2014, 20:24

Fiz conforme a tua inscrição,quando chego no final deu erro, uma msn assim: "ocorreu uma execução não tratada no aplicativo... o sistema não pode encontrar o arquivo especificado." e no < Computador >> Windows (C:) >> Program Files >> Adware-Removal-Tool >> Reports esta vazio.
kipper
kipper
Iniciante
Iniciante

Mensagens : 48
Reputação : 1
Data de inscrição : 06/06/2014
Idade : 46

Ir para o topo Ir para baixo

pc lento para ligar ... Empty Re: pc lento para ligar ...

Mensagem por joram Qui 16 Out 2014, 20:37

kipper escreveu:Fiz conforme a tua inscrição,quando chego no final deu erro, uma msn assim: "ocorreu uma execução não tratada no aplicativo... o sistema não pode encontrar o arquivo especificado." e no < Computador >> Windows (C:) >> Program Files >> Adware-Removal-Tool >> Reports esta vazio.
Boa Noite! kipper

> Verifique se ZHPCleaner roda sem problemas!

> Baixe: < [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] > ( ... de Nicolas Coolman )

> Estando na página,clique [Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
> Salve-a no desktop!
> Execute-a e ao abrir,clique "J'accept/I Agree".

[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]

> Para correções mais abrangentes,marque todas as opções disponíveis.
> Clique Réparer.
> Clique Rapport.
> Poste o relatório!

A+
joram
joram
Administrador
Administrador

Mensagens : 4160
Reputação : 471
Data de inscrição : 26/01/2014
Localização : Rio de Janeiro

Ir para o topo Ir para baixo

pc lento para ligar ... Empty Re: pc lento para ligar ...

Mensagem por kipper Sex 17 Out 2014, 15:11

~ ZHPCleaner v2014.10.16.185 by Nicolas Coolman (16/10/2014)
~ Run by User (Administrator) (17/10/2014 15:05:44)
~ WebSite : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
~ Forum : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
~ State version : No network file
~ Type : Scan
~ Report : C:\Users\User\Desktop\ZHPCleaner.txt
~ Quarantine : C:\Users\User\AppData\Roaming\ZHP\ZHPCleaner_Quarantine.txt
~ UAC : Deactivate
~ Windows 7, 64-bit Service Pack 1 (Build 7601)


---\\ Services (0)


---\\ Browser Internet (3)
FOUND IE Params: Start Page ( about:newtab )
FOUND IE Params: Start Page ( about:newtab )
FOUND IE Params: Tabs ( [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] )


---\\ Hosts file (0)


---\\ Explorer ( Files, Folders) (0)


---\\ Registry ( Keys, Values, Datas) (6)
FOUND: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\GreenerWeb_is_RASAPI32 (PUP.GreenerWeb)
FOUND: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\GreenerWeb_is_RASMANCS (PUP.GreenerWeb)
FOUND: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\GreenerWeb_RASAPI32 (PUP.GreenerWeb)
FOUND: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\GreenerWeb_RASMANCS (PUP.GreenerWeb)
FOUND: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\GreenerWeb_Setup_RASAPI32 (PUP.GreenerWeb)
FOUND: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\GreenerWeb_Setup_RASMANCS (PUP.GreenerWeb)



---\\ Result of repair
~ Any repair made
~ No browser found (Opera Software)


End of clean at 15:07:03
===================
ZHPCleaner-17102014-15_07_03.txt
kipper
kipper
Iniciante
Iniciante

Mensagens : 48
Reputação : 1
Data de inscrição : 06/06/2014
Idade : 46

Ir para o topo Ir para baixo

pc lento para ligar ... Empty Re: pc lento para ligar ...

Mensagem por joram Sex 17 Out 2014, 15:17

Boa Tarde! kipper

> Baixe: < [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] >

> Acesse este Tutorial!

< [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] >

> Obtenha informações de instalação,atualização e configuração do MBAM.
> Escolha o "Tipo da Verificação": Verificação Personalizada
> Ao concluir,envie suas detecções para a Quarentena.

> Leia no Tutorial: "Como acessar o Log (relatório) do Malwarebytes:"

> Poste o relatório!

A+
joram
joram
Administrador
Administrador

Mensagens : 4160
Reputação : 471
Data de inscrição : 26/01/2014
Localização : Rio de Janeiro

Ir para o topo Ir para baixo

pc lento para ligar ... Empty Re: pc lento para ligar ...

Mensagem por kipper Sex 17 Out 2014, 20:07

Malwarebytes Anti-Malware
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

Data da Verificação: 17/10/2014
Hora da Verificação: 18:59:43
Arquivo de Log: log.txt
Administrador: Sim

Versão: 2.00.3.1025
Base de Dados de Malware: v2014.09.19.05
Base de Dados de Rootkit: v2014.09.18.01
Licença: Grátis
Proteção de Malware: Desabilitado
Proteção de Site Malicioso: Desabilitado
Auto-Proteção: Desabilitado

SO: Windows 7 Service Pack 1
Processador: x64
Sistema de Arquivos: NTFS
Usuário: User

Tipo da Verificação: Verificação Personalizada
Resultado: Terminado
Objetos Verificados: 469453
Tempo Decorrido: 59 min, 33 seg

Memória: Habilitado
Inicialização: Habilitado
Sistema de Arquivos: Habilitado
Arquivos Compactados: Habilitado
Rootkits: Desabilitado
Heurística: Habilitado
PUP: Habilitado
PUM: Habilitado

Processos: 1
PUP.Optional.MultiInstall.A, C:\Users\User\Desktop\Malwarebytes-Anti-Malware_203.exe, 1072, , [423fd21dafccdd597d089e8546ba5fa1]

Módulos: 0
(Nenhum item malicioso detectado)

Chaves de Registro: 4
PUP.Optional.Quiknowledge.A, HKLM\SOFTWARE\WOW6432NODE\QUIKNOWLEDGE, , [cab7d11eeb901b1b6e6972bd14efd927],
PUP.Optional.Feven.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\Freeven Pro 1.4, , [8cf541ae5e1d40f6b9addf3a10f3c838],
PUP.Optional.MediaPlayerplus.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\MediaPlayerplus, , [bec3658a710add59b1b49497867d58a8],
PUP.Optional.PlusHD.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\Plus-HD-9.5v4, , [10718d627506989ed6f5051d3bc8fb05],

Valores de Registro: 2
PUP.Optional.Quiknowledge.A, HKLM\SOFTWARE\WOW6432NODE\QUIKNOWLEDGE|ie-ver, 9.0.8112.16421, , [cab7d11eeb901b1b6e6972bd14efd927]
PUP.Optional.QuickStart.A, HKU\S-1-5-21-2123034537-1514316849-1306321605-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MOZILLA\EXTENDS|appid, [Tens de ter uma conta e sessão iniciada para poderes visualizar este link], , [fd8442ad6a116acc41c9a473e41f9c64]

Dados de Registro: 1
PUP.Optional.SimplyTech.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\ABOUTURLS|newtab, %appdata%\SimplyTech\home\home.htm, Bom: ([Tens de ter uma conta e sessão iniciada para poderes visualizar este link] Ruim: (%appdata%\SimplyTech\home\home.htm),,[3150737cbdbe78be15da6892bd47e020]

Pastas: 4
PUP.Optional.CrossRider.A, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\databases\chrome-extension_majjphhgppkndjjkmhhnbgafooenebhd_0, , [631e797672099a9c37b2ad2fcd351ee2],
PUP.Optional.CrossRider.A, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\databases\chrome-extension_olnkgiapbjhdboldbhkagdodklkphaip_0, , [fb86806fb1ca53e37675c4181ae8ed13],
PUP.Optional.CrossRider.A, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\majjphhgppkndjjkmhhnbgafooenebhd, , [f88947a8b3c8290d5b9ab52735cd0cf4],
PUP.Optional.CrossRider.A, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\olnkgiapbjhdboldbhkagdodklkphaip, , [dba6d41b463563d3787ffae2ed15867a],

Arquivos: 25
PUP.Optional.MultiInstall.A, C:\Users\User\Desktop\Malwarebytes-Anti-Malware_203.exe, , [423fd21dafccdd597d089e8546ba5fa1],
PUP.Optional.AdPeak.A, C:\temp\InstallFilter64.msi, , [790858973d3ef640d3d557e66d93f010],
PUP.Optional.OpenCandy, C:\Users\User\Downloads\FreemakeVideoConverterSetup.exe, , [c3be836c077473c378ccd8466998cd33],
PUP.Optional.CrossRider.A, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_majjphhgppkndjjkmhhnbgafooenebhd_0.localstorage, , [f9883fb0700b9e98013b7ab122e142be],
PUP.Optional.CrossRider.A, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_olnkgiapbjhdboldbhkagdodklkphaip_0.localstorage, , [dda44ba40a7144f273caf239659e2cd4],
PUP.Optional.CrossRider.A, C:\Windows\Tasks\70F5A76A-66BD-4ff4-B489-4CA4C4216210.job, , [ef927c73790252e45ecd01719b695da3],
PUP.Optional.CrossRider.A, C:\Windows\System32\Tasks\70F5A76A-66BD-4ff4-B489-4CA4C4216210, , [245d48a797e4e155a983086aec186b95],
PUP.Optional.CrossRider.A, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\databases\chrome-extension_majjphhgppkndjjkmhhnbgafooenebhd_0\2, , [631e797672099a9c37b2ad2fcd351ee2],
PUP.Optional.CrossRider.A, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\databases\chrome-extension_olnkgiapbjhdboldbhkagdodklkphaip_0\3, , [fb86806fb1ca53e37675c4181ae8ed13],
PUP.Optional.CrossRider.A, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\majjphhgppkndjjkmhhnbgafooenebhd\000032.ldb, , [f88947a8b3c8290d5b9ab52735cd0cf4],
PUP.Optional.CrossRider.A, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\majjphhgppkndjjkmhhnbgafooenebhd\000035.log, , [f88947a8b3c8290d5b9ab52735cd0cf4],
PUP.Optional.CrossRider.A, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\majjphhgppkndjjkmhhnbgafooenebhd\CURRENT, , [f88947a8b3c8290d5b9ab52735cd0cf4],
PUP.Optional.CrossRider.A, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\majjphhgppkndjjkmhhnbgafooenebhd\LOCK, , [f88947a8b3c8290d5b9ab52735cd0cf4],
PUP.Optional.CrossRider.A, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\majjphhgppkndjjkmhhnbgafooenebhd\LOG, , [f88947a8b3c8290d5b9ab52735cd0cf4],
PUP.Optional.CrossRider.A, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\majjphhgppkndjjkmhhnbgafooenebhd\LOG.old, , [f88947a8b3c8290d5b9ab52735cd0cf4],
PUP.Optional.CrossRider.A, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\majjphhgppkndjjkmhhnbgafooenebhd\MANIFEST-000033, , [f88947a8b3c8290d5b9ab52735cd0cf4],
PUP.Optional.CrossRider.A, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\olnkgiapbjhdboldbhkagdodklkphaip\000021.ldb, , [dba6d41b463563d3787ffae2ed15867a],
PUP.Optional.CrossRider.A, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\olnkgiapbjhdboldbhkagdodklkphaip\000023.ldb, , [dba6d41b463563d3787ffae2ed15867a],
PUP.Optional.CrossRider.A, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\olnkgiapbjhdboldbhkagdodklkphaip\000026.ldb, , [dba6d41b463563d3787ffae2ed15867a],
PUP.Optional.CrossRider.A, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\olnkgiapbjhdboldbhkagdodklkphaip\000030.log, , [dba6d41b463563d3787ffae2ed15867a],
PUP.Optional.CrossRider.A, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\olnkgiapbjhdboldbhkagdodklkphaip\CURRENT, , [dba6d41b463563d3787ffae2ed15867a],
PUP.Optional.CrossRider.A, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\olnkgiapbjhdboldbhkagdodklkphaip\LOCK, , [dba6d41b463563d3787ffae2ed15867a],
PUP.Optional.CrossRider.A, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\olnkgiapbjhdboldbhkagdodklkphaip\LOG, , [dba6d41b463563d3787ffae2ed15867a],
PUP.Optional.CrossRider.A, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\olnkgiapbjhdboldbhkagdodklkphaip\LOG.old, , [dba6d41b463563d3787ffae2ed15867a],
PUP.Optional.CrossRider.A, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\olnkgiapbjhdboldbhkagdodklkphaip\MANIFEST-000028, , [dba6d41b463563d3787ffae2ed15867a],

Setores Físicos: 0
(Nenhum item malicioso detectado)


(end)
kipper
kipper
Iniciante
Iniciante

Mensagens : 48
Reputação : 1
Data de inscrição : 06/06/2014
Idade : 46

Ir para o topo Ir para baixo

pc lento para ligar ... Empty Re: pc lento para ligar ...

Mensagem por joram Sex 17 Out 2014, 20:14

Boa Noite! kipper

> Não configurou o Malwarebytes a remover suas detecções?
> Faça novo scan,mas configure o Malwarebytes a deletar o que encontrar.

A+
joram
joram
Administrador
Administrador

Mensagens : 4160
Reputação : 471
Data de inscrição : 26/01/2014
Localização : Rio de Janeiro

Ir para o topo Ir para baixo

pc lento para ligar ... Empty Re: pc lento para ligar ...

Mensagem por kipper Seg 20 Out 2014, 15:16

Malwarebytes Anti-Malware
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

Data da Verificação: 18/10/2014
Hora da Verificação: 11:26:26
Arquivo de Log: log.txt
Administrador: Sim

Versão: 2.00.3.1025
Base de Dados de Malware: v2014.10.17.09
Base de Dados de Rootkit: v2014.10.17.01
Licença: Grátis
Proteção de Malware: Desabilitado
Proteção de Site Malicioso: Desabilitado
Auto-Proteção: Desabilitado

SO: Windows 7 Service Pack 1
Processador: x64
Sistema de Arquivos: NTFS
Usuário: User

Tipo da Verificação: Verificação Personalizada
Resultado: Terminado
Objetos Verificados: 474409
Tempo Decorrido: 1 hr, 8 min, 4 seg

Memória: Habilitado
Inicialização: Habilitado
Sistema de Arquivos: Habilitado
Arquivos Compactados: Habilitado
Rootkits: Desabilitado
Heurística: Habilitado
PUP: Habilitado
PUM: Habilitado

Processos: 0
(Nenhum item malicioso detectado)

Módulos: 0
(Nenhum item malicioso detectado)

Chaves de Registro: 4
PUP.Optional.Quiknowledge.A, HKLM\SOFTWARE\WOW6432NODE\QUIKNOWLEDGE, Quarentena, [389539dc2458be78f7d782c649ba7d83],
PUP.Optional.Feven.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\Freeven Pro 1.4, Quarentena, [e0ed1cf9cfadd264501ede54ad56c040],
PUP.Optional.MediaPlayerplus.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\MediaPlayerplus, Quarentena, [636ad73eaece171f213de36149bad828],
PUP.Optional.PlusHD.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\Plus-HD-9.5v4, Quarentena, [ebe2b95ceb91c76fb80c9c9ff40f867a],

Valores de Registro: 2
PUP.Optional.Quiknowledge.A, HKLM\SOFTWARE\WOW6432NODE\QUIKNOWLEDGE|ie-ver, 9.0.8112.16421, Quarentena, [389539dc2458be78f7d782c649ba7d83]
PUP.Optional.QuickStart.A, HKU\S-1-5-21-2123034537-1514316849-1306321605-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MOZILLA\EXTENDS|appid, [Tens de ter uma conta e sessão iniciada para poderes visualizar este link], Quarentena, [438a5bba95e781b5a66c4fe11ee5b848]

Dados de Registro: 1
PUP.Optional.SimplyTech.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\ABOUTURLS|newtab, %appdata%\SimplyTech\home\home.htm, Bom: ([Tens de ter uma conta e sessão iniciada para poderes visualizar este link] Ruim: (%appdata%\SimplyTech\home\home.htm),Substituído,[2ca1a4716616a78f9644c454e2230cf4]

Pastas: 4
PUP.Optional.CrossRider.A, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\databases\chrome-extension_majjphhgppkndjjkmhhnbgafooenebhd_0, Quarentena, [2f9e3cd90d6fd95d9c736e85976bb14f],
PUP.Optional.CrossRider.A, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\databases\chrome-extension_olnkgiapbjhdboldbhkagdodklkphaip_0, Quarentena, [1ab3c84d4b317cbae928579cef1320e0],
PUP.Optional.CrossRider.A, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\majjphhgppkndjjkmhhnbgafooenebhd, Quarentena, [5d70a0755626ad8937e4db18ad55ed13],
PUP.Optional.CrossRider.A, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\olnkgiapbjhdboldbhkagdodklkphaip, Quarentena, [89443ed74e2e9d998895a74cef1357a9],

Arquivos: 22
PUP.Optional.Solimba, C:\$RECYCLE.BIN\S-1-5-21-2123034537-1514316849-1306321605-1000\$R16O9EP.exe, Quarentena, [4d8069ac4a32b680b02101cfcf32a858],
PUP.Optional.AdPeak.A, C:\temp\InstallFilter64.msi, Quarentena, [fdd0ef26235914225453ad905ea2a060],
PUP.Optional.OpenCandy, C:\Users\User\Downloads\FreemakeVideoConverterSetup.exe, Quarentena, [cd00a96cde9ed06686d81a0804fd33cd],
PUP.Optional.CrossRider.A, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_majjphhgppkndjjkmhhnbgafooenebhd_0.localstorage, Quarentena, [3e8f060fd4a8300661d42e168d76a759],
PUP.Optional.CrossRider.A, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_olnkgiapbjhdboldbhkagdodklkphaip_0.localstorage, Quarentena, [c8056ca9403c2610b97d83c110f324dc],
PUP.Optional.CrossRider.A, C:\Windows\System32\Tasks\060184C3-9766-46a0-B258-F4518A0B2633, Quarentena, [6a638e873d3fd95d9e2dc0ca3ec69967],
PUP.Optional.CrossRider.A, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\databases\chrome-extension_majjphhgppkndjjkmhhnbgafooenebhd_0\2, Quarentena, [2f9e3cd90d6fd95d9c736e85976bb14f],
PUP.Optional.CrossRider.A, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\databases\chrome-extension_olnkgiapbjhdboldbhkagdodklkphaip_0\3, Quarentena, [1ab3c84d4b317cbae928579cef1320e0],
PUP.Optional.CrossRider.A, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\majjphhgppkndjjkmhhnbgafooenebhd\000032.ldb, Quarentena, [5d70a0755626ad8937e4db18ad55ed13],
PUP.Optional.CrossRider.A, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\majjphhgppkndjjkmhhnbgafooenebhd\000035.log, Quarentena, [5d70a0755626ad8937e4db18ad55ed13],
PUP.Optional.CrossRider.A, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\majjphhgppkndjjkmhhnbgafooenebhd\CURRENT, Quarentena, [5d70a0755626ad8937e4db18ad55ed13],
PUP.Optional.CrossRider.A, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\majjphhgppkndjjkmhhnbgafooenebhd\LOG, Quarentena, [5d70a0755626ad8937e4db18ad55ed13],
PUP.Optional.CrossRider.A, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\majjphhgppkndjjkmhhnbgafooenebhd\LOG.old, Quarentena, [5d70a0755626ad8937e4db18ad55ed13],
PUP.Optional.CrossRider.A, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\majjphhgppkndjjkmhhnbgafooenebhd\MANIFEST-000033, Quarentena, [5d70a0755626ad8937e4db18ad55ed13],
PUP.Optional.CrossRider.A, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\olnkgiapbjhdboldbhkagdodklkphaip\000021.ldb, Quarentena, [89443ed74e2e9d998895a74cef1357a9],
PUP.Optional.CrossRider.A, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\olnkgiapbjhdboldbhkagdodklkphaip\000023.ldb, Quarentena, [89443ed74e2e9d998895a74cef1357a9],
PUP.Optional.CrossRider.A, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\olnkgiapbjhdboldbhkagdodklkphaip\000026.ldb, Quarentena, [89443ed74e2e9d998895a74cef1357a9],
PUP.Optional.CrossRider.A, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\olnkgiapbjhdboldbhkagdodklkphaip\000030.log, Quarentena, [89443ed74e2e9d998895a74cef1357a9],
PUP.Optional.CrossRider.A, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\olnkgiapbjhdboldbhkagdodklkphaip\CURRENT, Quarentena, [89443ed74e2e9d998895a74cef1357a9],
PUP.Optional.CrossRider.A, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\olnkgiapbjhdboldbhkagdodklkphaip\LOG, Quarentena, [89443ed74e2e9d998895a74cef1357a9],
PUP.Optional.CrossRider.A, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\olnkgiapbjhdboldbhkagdodklkphaip\LOG.old, Quarentena, [89443ed74e2e9d998895a74cef1357a9],
PUP.Optional.CrossRider.A, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\olnkgiapbjhdboldbhkagdodklkphaip\MANIFEST-000028, Quarentena, [89443ed74e2e9d998895a74cef1357a9],

Setores Físicos: 0
(Nenhum item malicioso detectado)


(end)
kipper
kipper
Iniciante
Iniciante

Mensagens : 48
Reputação : 1
Data de inscrição : 06/06/2014
Idade : 46

Ir para o topo Ir para baixo

pc lento para ligar ... Empty Re: pc lento para ligar ...

Mensagem por Conteúdo patrocinado


Conteúdo patrocinado


Ir para o topo Ir para baixo

Página 1 de 2 1, 2  Seguinte

Ir para o topo

- Tópicos semelhantes

 
Permissões neste sub-fórum
Não podes responder a tópicos