Fórum PC Brasil
Gostaria de reagir a esta mensagem? Crie uma conta em poucos cliques ou inicie sessão para continuar.
Flux RSS


Yahoo! 
MSN 
AOL 
Netvibes 
Bloglines 


Social bookmarking

Social bookmarking reddit      

Conservar e compartilhar o endereço de PC Seguro em seu site de social bookmarking

Conservar e compartilhar o endereço de Fórum PC Brasil em seu site de social bookmarking

Estatísticas
Temos 14806 usuários registrados
O último membro registrado é King empero

Os nossos membros postaram um total de 36043 mensagens em 3684 assuntos
Últimos assuntos
» Possíveis vírus
por joram Sex 15 Mar 2024, 19:05

Quem está conectado?
15 usuários online :: 0 registrados, 0 invisíveis e 15 visitantes

Nenhum

O recorde de usuários online foi de 301 em Ter 26 Out 2021, 15:28
Procurar
 
 

Resultados por:
 


Rechercher Pesquisa avançada

março 2024
SegTerQuaQuiSexSábDom
    123
45678910
11121314151617
18192021222324
25262728293031

Calendário Calendário


Fotos Slides Movie nos pendrives e PC

3 participantes

Página 1 de 3 1, 2, 3  Seguinte

Ir para baixo

slides - Fotos Slides Movie nos pendrives e PC Empty Fotos Slides Movie nos pendrives e PC

Mensagem por pabloescobar Ter 29 Abr 2014, 10:37

Bom Dia
Estou com esse vírus ou Malware (Fotos Slides Movie) que marquei de vermelho no relatório, e não consigo retirar do meu PC nem Pen Drive.
Estou postando o relatório do PC para posteriormente colocar do pendrive.
Desde já agradeço a ajuda. 


Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 10:31:35, on 29/04/2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
C:\ProgramData\DatacardService\DCSHelper.exe
C:\Windows\SysWOW64\ACEngSvr.exe
C:\Windows\AsScrPro.exe
C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
C:\Users\Pablo\AppData\Roaming\VIVO INTERNET\ouc.exe
C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\AVG\AVG2014\avguirux.exe
C:\Users\Pablo\Downloads\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Trend Micro NSC BHO - {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - C:\Program Files\Trend Micro\AMSP\Module\20004\2.0.1313\6.8.1072\TmIEPlg32.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: TmBpIeBHO - {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\Program Files\Trend Micro\AMSP\Module\20002\7.0.1081\7.0.1081\TmBpIe32.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O2 - BHO: Microsoft Web Test Recorder 10.0 Helper - {DDA57003-0068-4ed2-9D32-4D1EC707D94D} - d:\PUC\Visual Studio\Common7\IDE\PrivateAssemblies\Microsoft.VisualStudio.QualityTools.RecorderBarBHO100.dll
O4 - HKLM\..\Run: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
O4 - HKLM\..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
O4 - HKLM\..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2014\avgui.exe" /TRAYONLY
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKCU\..\Run: [Yontoo Desktop] "C:\Users\Pablo\AppData\Roaming\Yontoo\YontooDesktop.exe"
O4 - HKCU\..\Run: [HW_OPENEYE_OUC_VIVO INTERNET] "C:\Program Files (x86)\VIVO INTERNET\UpdateDog\ouc.exe"
O4 - HKCU\..\Run: [Fotos Slides Movie] wscript.exe //B "C:\Users\Pablo\AppData\Local\Temp\Fotos Slides Movie.vbe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O8 - Extra context menu item: &Enviar para o OneNote - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O8 - Extra context menu item: E&xportar para o Microsoft Excel - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files (x86)\PokerStars\PokerStarsUpdate.exe
O9 - Extra button: &Anotações Vinculadas do OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: &Anotações Vinculadas do OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\Module\20002\7.0.1081\7.0.1081\TmBpIe32.dll
O18 - Protocol: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend Micro\AMSP\Module\20004\2.0.1313\6.8.1072\TmIEPlg32.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: AFBAgent - Unknown owner - C:\Windows\system32\FBAgent.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Trend Micro Solution Platform (Amsp) - Trend Micro Inc. - C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe
O23 - Service: ASLDR Service (ASLDRService) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
O23 - Service: ASUS InstantOn Service (ASUS InstantOn) - ASUS - C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnSrv.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
O23 - Service: Autodesk Content Service - Unknown owner - C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe
O23 - Service: Watchdog do AVG (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service 64 - Flexera Software, Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: HWDeviceService64.exe - Unknown owner - C:\ProgramData\DatacardService\HWDeviceService64.exe
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) ME Service - Unknown owner - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @C:\Program Files (x86)\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files (x86)\Nero\Update\NASvc.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Personalization Panel DWM controller (persdwmsrv) - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] - C:\Program Files (x86)\winaero.com\Personalization Panel DWM Controller\persdwmsrv.exe
O23 - Service: PriceMeterLiveUpdate Service (pricemeterliveUpdate) (pricemeterliveUpdate) - Unknown owner - C:\Program Files (x86)\PriceMeterLiveUpdate\Update\PriceMeterLiveUpdate.exe (file missing)
O23 - Service: PriceMeterLiveUpdate Service (pricemeterliveUpdatem) (pricemeterliveUpdatem) - Unknown owner - C:\Program Files (x86)\PriceMeterLiveUpdate\Update\PriceMeterLiveUpdate.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: TiMiniService - Trend Micro Inc. - C:\Program Files\Trend Micro\Titanium\TiMiniService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: Unsigned Themes (UnsignedThemes) - The Within Network, LLC - C:\Windows\UnsignedThemesSvc.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 13075 bytes
pabloescobar
pabloescobar
Membro
Membro

Mensagens : 68
Reputação : 0
Data de inscrição : 17/04/2014
Localização : Minas Gerais

Ir para o topo Ir para baixo

slides - Fotos Slides Movie nos pendrives e PC Empty Re: Fotos Slides Movie nos pendrives e PC

Mensagem por Power Max Ter 29 Abr 2014, 11:00

slides - Fotos Slides Movie nos pendrives e PC 648673379  Olá Pablo.

slides - Fotos Slides Movie nos pendrives e PC 772309  Faça o download do Usbfix [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] (ao acessar a página clique no botão representado nesta imagem (na parte inferior direita da página) para baixá-lo:
[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]

Utilize o USBFix conforme é mostrado nesta postagem:

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

Poste o log (relatório) do Usbfix que estará em C:\UsbFix.txt em sua próxima resposta.

_________________

Caixa de Dicas
= Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] = O melhor da internet você encontra aqui.

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] = Mensagens de fé e esperança para o seu coração
Power Max
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Ir para o topo Ir para baixo

slides - Fotos Slides Movie nos pendrives e PC Empty (RESOLVIDO) Vírus/Malware Fotos Slides Movie nos pendrives e PC

Mensagem por pabloescobar Ter 29 Abr 2014, 12:39

############################## | UsbFix V 7.169 | [Supressão]

Usuário: Pablo (Administrador) # PES
Atualizado em 31/03/2014 por El Desaparecido - Team SosVirus
Começou em 12:30:57 | 29/04/2014

Site : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Changelog : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Support : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Upload Malware : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Contato : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

PC: ASUSTeK COMPUTER INC. (K45A)
CPU: Intel(R) Core(TM) i5-3210M CPU @ 2.50GHz
RAM -> [Total : 8078 Mo| Free : 6312 Mo]
Bios: American Megatrends Inc.
Boot: Normal boot

OS: Microsoft Windows 7 Home Basic  (6.1.7601 64-Bit) Service Pack 1
WB: Windows Internet Explorer : 9.0.8112.16421
WB: Google Chrome : 34.0.1847.131

SC: Security Center [Enabled]
WU: Windows Update [(!) Disabled]
AV: AVG AntiVirus Free Edition 2014 [Enabled | Updated]
AV: Trend Micro Titanium Internet Security 2012 [(!) Disabled | Updated]
AS: Trend Micro Titanium Internet Security 2012 [(!) Disabled | Updated]
AS: Windows Defender [(!) Disabled | Updated]
AS: AVG AntiVirus Free Edition 2014 [Enabled | Updated]
FW: Windows FireWall [Enabled]

C:\ (%systemdrive%) -> Disco fixo # 300 Gb (211 Mb livre - 70%) [OS] # NTFS
D:\ -> Disco fixo # 373 Gb (365 Mb livre - 98%) [DATA] # NTFS
F:\ -> CD-ROM

################## | Processos Ativos |

c:\PROGRA~2\AVG\AVG2014\avgrsa.exe (ID: 608 |ParentID: 596)
C:\Program Files (x86)\AVG\AVG2014\avgcsrva.exe (ID: 644 |ParentID: 608)
C:\Windows\system32\csrss.exe (ID: 960 |ParentID: 948)
C:\Windows\system32\csrss.exe (ID: 356 |ParentID: 168)
C:\Windows\system32\wininit.exe (ID: 592 |ParentID: 948)
C:\Windows\system32\services.exe (ID: 572 |ParentID: 592)
C:\Windows\system32\lsass.exe (ID: 968 |ParentID: 592)
C:\Windows\system32\lsm.exe (ID: 996 |ParentID: 592)
C:\Windows\system32\winlogon.exe (ID: 1004 |ParentID: 168)
C:\Windows\system32\svchost.exe (ID: 1124 |ParentID: 572)
C:\Windows\system32\svchost.exe (ID: 1196 |ParentID: 572)
C:\Windows\System32\svchost.exe (ID: 1300 |ParentID: 572)
C:\Windows\System32\svchost.exe (ID: 1340 |ParentID: 572)
C:\Windows\system32\svchost.exe (ID: 1380 |ParentID: 572)
C:\Windows\UnsignedThemesSvc.exe (ID: 1412 |ParentID: 572)
C:\Windows\system32\svchost.exe (ID: 1512 |ParentID: 572)
C:\Windows\system32\svchost.exe (ID: 1600 |ParentID: 572)
C:\Windows\system32\WLANExt.exe (ID: 1720 |ParentID: 1340)
C:\Windows\SYSTEM32\WISPTIS.EXE (ID: 1728 |ParentID: 1340)
C:\Windows\system32\FBAgent.exe (ID: 1736 |ParentID: 572)
C:\Windows\system32\conhost.exe (ID: 1748 |ParentID: 960)
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe (ID: 1824 |ParentID: 572)
C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe (ID: 1900 |ParentID: 572)
C:\Windows\System32\spoolsv.exe (ID: 1964 |ParentID: 572)
C:\Windows\system32\svchost.exe (ID: 1992 |ParentID: 572)
C:\Windows\system32\svchost.exe (ID: 2016 |ParentID: 572)
C:\Windows\system32\taskeng.exe (ID: 936 |ParentID: 1380)
C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE (ID: 1568 |ParentID: 572)
C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnSrv.exe (ID: 1376 |ParentID: 572)
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe (ID: 2116 |ParentID: 1824)
C:\Windows\system32\taskhost.exe (ID: 2128 |ParentID: 572)
C:\Windows\SYSTEM32\WISPTIS.EXE (ID: 2232 |ParentID: 1340)
C:\Windows\system32\Dwm.exe (ID: 2284 |ParentID: 1340)
C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnWMI.exe (ID: 2344 |ParentID: 1376)
C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe (ID: 2372 |ParentID: 572)
C:\Windows\Explorer.EXE (ID: 2448 |ParentID: 2240)
C:\Windows\system32\taskeng.exe (ID: 2476 |ParentID: 1380)
C:\Program Files (x86)\ASUS\ASUS Virtual Touch\QuickGesture\x64\QuickGesture64.exe (ID: 2576 |ParentID: 2476)
C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe (ID: 2584 |ParentID: 2476)
C:\Program Files (x86)\ASUS\FaceLogon\sensorsrv.exe (ID: 2600 |ParentID: 2476)
C:\Program Files (x86)\ASUS\ASUS Virtual Touch\QuickGesture\x86\QuickGesture.exe (ID: 2616 |ParentID: 2476)
C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe (ID: 2648 |ParentID: 2476)
C:\Program Files\ASUS\P4G\BatteryLife.exe (ID: 2660 |ParentID: 2476)
C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe (ID: 2952 |ParentID: 572)
C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe (ID: 2972 |ParentID: 572)
C:\Program Files (x86)\ASUS\Splendid\ACMON.exe (ID: 2544 |ParentID: 1736)
C:\Program Files (x86)\AVG\AVG2014\avgnsa.exe (ID: 2816 |ParentID: 2972)
C:\Windows\AsScrPro.exe (ID: 2076 |ParentID: 1736)
C:\Program Files (x86)\AVG\AVG2014\avgemca.exe (ID: 2068 |ParentID: 2972)
C:\Windows\SysWOW64\ACEngSvr.exe (ID: 3116 |ParentID: 1124)
C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe (ID: 3188 |ParentID: 1736)
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (ID: 3260 |ParentID: 1736)
C:\ProgramData\DatacardService\HWDeviceService64.exe (ID: 3268 |ParentID: 572)
C:\Program Files\Intel\iCLS Client\HeciServer.exe (ID: 3296 |ParentID: 572)
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe (ID: 3336 |ParentID: 572)
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (ID: 3364 |ParentID: 572)
C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe (ID: 3396 |ParentID: 572)
C:\Windows\system32\runonce.exe (ID: 3616 |ParentID: 2448)
C:\ProgramData\DatacardService\DCSHelper.exe (ID: 3628 |ParentID: 3268)
C:\Windows\SysWOW64\runonce.exe (ID: 3640 |ParentID: 3616)
C:\Program Files (x86)\winaero.com\Personalization Panel DWM Controller\persdwmsrv.exe (ID: 3984 |ParentID: 572)
C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe (ID: 4072 |ParentID: 572)
C:\Windows\system32\svchost.exe (ID: 3124 |ParentID: 572)
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (ID: 3764 |ParentID: 572)
C:\Program Files (x86)\Yontoo\Y2Desktop.Updater.exe (ID: 1468 |ParentID: 572)
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe (ID: 3888 |ParentID: 3764)
C:\Windows\system32\wbem\wmiprvse.exe (ID: 4292 |ParentID: 1124)
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe (ID: 4900 |ParentID: 2116)
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe (ID: 4936 |ParentID: 2116)
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe (ID: 4944 |ParentID: 2116)
C:\Program Files\Trend Micro\Titanium\TiMiniService.exe (ID: 4492 |ParentID: 572)
C:\Windows\servicing\TrustedInstaller.exe (ID: 4104 |ParentID: 572)
C:\Program Files\Trend Micro\Titanium\TiResumeSrv.exe (ID: 4744 |ParentID: 4492)
C:\Windows\system32\conhost.exe (ID: 4828 |ParentID: 960)
C:\Windows\system32\svchost.exe (ID: 2752 |ParentID: 572)
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe (ID: 3856 |ParentID: 572)
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (ID: 4980 |ParentID: 572)
C:\Program Files (x86)\Nero\Update\NASvc.exe (ID: 3836 |ParentID: 572)
C:\Windows\system32\sppsvc.exe (ID: 3868 |ParentID: 572)
C:\Windows\system32\SearchIndexer.exe (ID: 2028 |ParentID: 572)
C:\Windows\system32\SearchProtocolHost.exe (ID: 4152 |ParentID: 2028)
C:\Windows\system32\SearchFilterHost.exe (ID: 4440 |ParentID: 2028)
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (ID: 2536 |ParentID: 572)
C:\Windows\system32\wbem\wmiprvse.exe (ID: 5004 |ParentID: 1124)

################## | Procura genérica |

Supprimido ! C:\Windows\Tasks\UpdaterEX.job

(!) Ficheiros temporários suprimido.

################## | Registro |

Supprimido ! HKU\S-1-5-21-1322692611-2876088620-685211800-1000\Software\.\.\.\.\Mountpoints2\G
Supprimido ! HKU\S-1-5-21-1322692611-2876088620-685211800-1000\Software\.\.\.\.\Mountpoints2\{2965f0fe-58e0-11e2-91f3-446d577c2617}
Supprimido ! HKU\S-1-5-21-1322692611-2876088620-685211800-1000\Software\.\.\.\.\Mountpoints2\{63820b1b-9755-11e3-b246-446d577c2617}
Supprimido ! HKU\S-1-5-21-1322692611-2876088620-685211800-1000\Software\.\.\.\.\Mountpoints2\{765e22ce-9658-11e3-a6e6-446d577c2617}
Supprimido ! HKU\S-1-5-21-1322692611-2876088620-685211800-1000\Software\.\.\.\.\Mountpoints2\{765e22df-9658-11e3-a6e6-446d577c2617}
Supprimido ! HKU\S-1-5-21-1322692611-2876088620-685211800-1000\Software\.\.\.\.\Mountpoints2\{efc77cc8-b9b8-11e3-b2da-446d577c2617}

################## | Regedit Run |

F2 - HKLM\..\Winlogon : [Shell] explorer.exe
F2 - [x64] HKLM\..\Winlogon : [Shell] explorer.exe
F2 - HKLM\..\Winlogon : [Userinit] userinit.exe
F2 - [x64] HKLM\..\Winlogon : [Userinit] C:\Windows\system32\userinit.exe,
04 - HKCU\..\Run : [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
04 - HKCU\..\Run : [Yontoo Desktop] "C:\Users\Pablo\AppData\Roaming\Yontoo\YontooDesktop.exe"
04 - HKCU\..\Run : [HW_OPENEYE_OUC_VIVO INTERNET] "C:\Program Files (x86)\VIVO INTERNET\UpdateDog\ouc.exe"
04 - HKCU\..\Run : [Fotos Slides Movie] wscript.exe //B "C:\Users\Pablo\AppData\Local\Temp\Fotos Slides Movie.vbe"
04 - HKCU\..\Run : [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
04 - HKLM\..\Run : [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
04 - HKLM\..\Run : [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
04 - HKLM\..\Run : [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
04 - HKLM\..\Run : [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
04 - HKLM\..\Run : [AVG_UI] "C:\Program Files (x86)\AVG\AVG2014\avgui.exe" /TRAYONLY
04 - [x64] HKLM\..\Run : [VizorHtmlDialog.exe] "C:\Program Files\Trend Micro\Titanium\UIFramework\VizorHtmlDialog.exe" "DEF" "EULA" "C:\Program Files\Trend Micro\Titanium\www\Installer.cmpt\resources\preinstall_01_welcome_trial.html" "DEF" "DEF" "DEF"
04 - [x64] HKLM\..\Run : [Trend Micro Client Framework] "C:\Program Files\Trend Micro\UniClient\UiFrmWrk\UIWatchDog.exe"
04 - [x64] HKLM\..\Run : [Trend Micro Titanium] "C:\Program Files\Trend Micro\Titanium\VizorShortCut.exe" -ReFlush "none" "none"
04 - [x64] HKLM\..\Run : [IgfxTray] C:\Windows\system32\igfxtray.exe
04 - [x64] HKLM\..\Run : [HotKeysCmds] C:\Windows\system32\hkcmd.exe
04 - [x64] HKLM\..\Run : [ETDCtrl] %ProgramFiles%\Elantech\ETDCtrl.exe
04 - HKU\S-1-5-19\..\Run : [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
04 - HKU\S-1-5-20\..\Run : [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
04 - HKU\S-1-5-21-1322692611-2876088620-685211800-1000\..\Run : [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
04 - HKU\S-1-5-21-1322692611-2876088620-685211800-1000\..\Run : [Yontoo Desktop] "C:\Users\Pablo\AppData\Roaming\Yontoo\YontooDesktop.exe"
04 - HKU\S-1-5-21-1322692611-2876088620-685211800-1000\..\Run : [HW_OPENEYE_OUC_VIVO INTERNET] "C:\Program Files (x86)\VIVO INTERNET\UpdateDog\ouc.exe"
04 - HKU\S-1-5-21-1322692611-2876088620-685211800-1000\..\Run : [Fotos Slides Movie] wscript.exe //B "C:\Users\Pablo\AppData\Local\Temp\Fotos Slides Movie.vbe"
04 - HKU\S-1-5-21-1322692611-2876088620-685211800-1000\..\Run : [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
04 - HKU\S-1-5-19\..\RunOnce : [mctadmin] C:\Windows\System32\mctadmin.exe
04 - HKU\S-1-5-20\..\RunOnce : [mctadmin] C:\Windows\System32\mctadmin.exe

################## | Listing |

[29/04/2014 - 10:22:53 | D] - C:\$AVG
[03/03/2014 - 15:35:22 | SHD] - C:\$Recycle.Bin
[09/03/2012 - 16:51:05 | D] - C:\AsusVibeData
[29/07/2009 - 02:09:16 | SHD] - C:\Boot
[13/07/2009 - 22:38:58 | RASH | 375 Ko] - C:\bootmgr
[29/07/2009 - 02:09:18 | RASH | 8 Ko] - C:\BOOTSECT.BAK
[14/07/2009 - 02:08:56 | SHD] - C:\Documents and Settings
[15/07/2012 - 05:37:37 | D] - C:\eSupport
[29/04/2014 - 12:26:30 | ASH | 6204148 Ko] - C:\hiberfil.sys
[15/07/2012 - 05:28:58 | D] - C:\Intel
[05/01/2013 - 23:13:57 | RHD] - C:\MSOCache
[24/03/2013 - 20:39:23 | D] - C:\opt
[29/04/2014 - 12:26:28 | ASH | 8272200 Ko] - C:\pagefile.sys
[02/04/2014 - 18:37:00 | D] - C:\PenClean
[14/07/2009 - 00:20:08 | D] - C:\PerfLogs
[24/04/2014 - 10:08:06 | D] - C:\Program Files
[29/04/2014 - 10:22:07 | D] - C:\Program Files (x86)
[29/04/2014 - 10:22:53 | HD] - C:\ProgramData
[29/07/2009 - 01:20:32 | SHD] - C:\Recovery
[16/03/2014 - 16:10:33 | D] - C:\SUPERDelete
[29/04/2014 - 11:37:41 | SHD] - C:\System Volume Information
[29/04/2014 - 12:20:15 | D] - C:\UsbFix
[29/04/2014 - 12:32:09 | A | 12 Ko | ED364BB00AA9614F2C27C2310CAA2C7B] - C:\UsbFix [Clean 2] PES.txt
[05/01/2013 - 11:34:05 | D] - C:\Users
[02/04/2014 - 18:38:19 | D] - C:\Windows
[10/07/2013 - 23:42:18 | D] - C:\WinloadPrivateDir
[24/04/2014 - 23:13:50 | D] - C:\xti
[03/03/2014 - 15:35:22 | SHD] - D:\$RECYCLE.BIN
[16/01/2013 - 18:43:03 | D] - D:\cadsimu
[26/04/2014 - 18:38:01 | D] - D:\Digitação
[27/04/2014 - 21:52:45 | D] - D:\PUC
[16/03/2014 - 17:00:01 | SHD] - D:\System Volume Information

################## | Vaccin |

D:\Autorun.inf -> Vacina criada por UsbFix (El Desaparecido)

################## | E.O.F | [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] |
pabloescobar
pabloescobar
Membro
Membro

Mensagens : 68
Reputação : 0
Data de inscrição : 17/04/2014
Localização : Minas Gerais

Ir para o topo Ir para baixo

slides - Fotos Slides Movie nos pendrives e PC Empty Re: Fotos Slides Movie nos pendrives e PC

Mensagem por Power Max Ter 29 Abr 2014, 12:41

slides - Fotos Slides Movie nos pendrives e PC 772309 Faça o download do [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

slides - Fotos Slides Movie nos pendrives e PC 772309 Instale-o e utilize-o seguindo as dicas deste tutorial:

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

Na sua próxima resposta poste o relatório do McShield Anti-Malware Tool que terá o nome MCShield-AllScans.txt, o qual estará na área de trabalho (Desktop) de seu PC.

_________________

Caixa de Dicas
= Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] = O melhor da internet você encontra aqui.

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] = Mensagens de fé e esperança para o seu coração
Power Max
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Ir para o topo Ir para baixo

slides - Fotos Slides Movie nos pendrives e PC Empty Re: Fotos Slides Movie nos pendrives e PC

Mensagem por pabloescobar Ter 29 Abr 2014, 12:48

>>> MCShield AllScans.txt <<<

-----------------------------




MCShield ::Anti-Malware Tool:: [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

>>> v 3.0.5.28 / DB: 2014.4.28.1 / Windows 7 <<<


29/04/2014 12:45:10 > Unidade C: - escaneamento iniciado (OS ~300 GB, NTFS HDD )...



=> A unidade está limpa.


29/04/2014 12:45:11 > Unidade D: - escaneamento iniciado (DATA ~373 GB, NTFS HDD )...



=> A unidade está limpa.
pabloescobar
pabloescobar
Membro
Membro

Mensagens : 68
Reputação : 0
Data de inscrição : 17/04/2014
Localização : Minas Gerais

Ir para o topo Ir para baixo

slides - Fotos Slides Movie nos pendrives e PC Empty Re: Fotos Slides Movie nos pendrives e PC

Mensagem por Power Max Ter 29 Abr 2014, 12:51

slides - Fotos Slides Movie nos pendrives e PC 772309 Faça o download do < [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] > < [Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]> ( ... de Nicolas Coolman )

Para instalá-lo e executá-lo corretamente siga as dicas deste artigo:

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

* Assim que ele concluir a sua verificação, copie todo o conteúdo do seu relatório ZHPDiag.txt e poste em sua próxima resposta.

_________________

Caixa de Dicas
= Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] = O melhor da internet você encontra aqui.

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] = Mensagens de fé e esperança para o seu coração
Power Max
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Ir para o topo Ir para baixo

slides - Fotos Slides Movie nos pendrives e PC Empty Re: Fotos Slides Movie nos pendrives e PC

Mensagem por pabloescobar Ter 29 Abr 2014, 13:00

~ Relatório do ZHPDiag v2014.4.28.48 - Nicolas Coolman  (28/04/2014)
~ Iniciado por Pablo (29/04/2014 12:55:00)
~ Endereço do Website :  http://nicolascoolman.webs.com
~ Fóruns de suporte gratuito para desinfecção : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
~ Tradução pelo utilizador
~ Estatuto da versão :
~  Lista Branca : Ativado pelo programa
~ Elevação dos Privilégios : OK
~ Controle de Conta de Utilizador : Activate by user


---\\ Navegadores Internet
MSIE: Internet Explorer v9.0.8112.16421
GCIE: Google Chrome v34.0.1847.131 (Defaut)

---\\ Informações sobre os produtos Windows
~ Langage: Portugais
Windows 7 Home Basic, 64-bit Service Pack 1 (Build 7601)
Windows Server License Manager Script : OK
Software Protection Service (Protection logicielle) : OK
Windows Automatic Updates : OK
Windows Activation Technologies : OK

---\\ Softwares de proteçao do sistema
AVG 2014 v14.0.3931
Trend Micro Titanium v5.00
SUPERAntiSpyware v5.6.1014
Windows Defender W7

---\\ Softwares d'optimização do sistema

---\\ Softwares de partilha do PeerToPeer (P2P)

---\\ Monitoramento dos softwares
Adobe Flash Player 10 Plugin
Adobe Reader X
Java 7 Update 51

---\\ Informações sobre o sistema
~ Processor: Intel64 Family 6 Model 58 Stepping 9, GenuineIntel
~ Operating System: 64 Bits
Boot mode: Normal (Normal boot)
Total RAM: 8078 MB (73% free)
System Restore: Activé (Enable)
System drive C: has 217 GB (72%) free of 300 GB

---\\ Modo de conexão ao sistema
~ Computer Name: PES
~ User Name: Pablo
~ All Users Names: Pablo, Convidado, Administrador,
~ Unselected Option: 045,061,O62,065,066,080,O82,089
Logged in as Administrator

---\\ As variáveis de ambiente
~ System Unit : C:\
~ %AppZHP% : C:\Users\Pablo\AppData\Roaming\ZHP\
~ %AppData% : C:\Users\Pablo\AppData\Roaming\
~ %Desktop% : C:\Users\Pablo\Desktop\
~ %Favorites% : C:\Users\Pablo\Favorites\
~ %LocalAppData% : C:\Users\Pablo\AppData\Local\
~ %StartMenu% : C:\Users\Pablo\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\

---\\ Enumeração das unidades dos discos
C: Hard drive, Flash drive, Thumb drive (Free 217 Go of 300 Go)
D: Hard drive, Flash drive, Thumb drive (Free 365 Go of 373 Go)
F: CD-ROM drive (Not Inserted)



---\\ Estado do Centro de Segurança do Windows
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime : Out Of Date
~ Security Center: 46 Legitimates Filtered in 00mn 00s



---\\ Pesquisa particular de ficheiros genéricos
[MD5.332FEAB1435662FC6C672E25BEB37BE3] - (.Microsoft Corporation - Windows Explorer.) (.09/03/2012 - 15:26:38.) -- C:\Windows\Explorer.exe [2871808]
[MD5.94355C28C1970635A31B3FE52EB7CEBA] - (.Microsoft Corporation - Aplicativo de Inicialização do Windows.) (.13/07/2009 - 22:39:52.) -- C:\Windows\System32\Wininit.exe [129024]
[MD5.69151E566295E5A977FE71FFAFD3B3F8] - (.Microsoft Corporation - Internet Extensions para Win32.) (.09/03/2012 - 15:52:05.) -- C:\Windows\System32\wininet.dll [1390080]
[MD5.1151B1BAA6F350B1DB6598E0FEA7C457] - (.Microsoft Corporation - Aplicativo de Logon do Windows.) (.20/11/2010 - 10:25:32.) -- C:\Windows\System32\Winlogon.exe [390656]
[MD5.067FA52BFB59A56110A12312EF9AF243] - (.Microsoft Corporation - Biblioteca de Licenciamento de Software.) (.20/11/2010 - 10:27:28.) -- C:\Windows\System32\sppcomapi.dll [232448]
[MD5.D5B031C308A409A0A576BFF4CF083D30] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.09/03/2012 - 15:33:57.) -- C:\Windows\system32\Drivers\AFD.sys [499200]
[MD5.02062C0B390B7729EDC9E69C680A6F3C] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.13/07/2009 - 22:52:21.) -- C:\Windows\system32\Drivers\atapi.sys [24128]
[MD5.B8BD2BB284668C84865658C77574381A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.13/07/2009 - 20:19:47.) -- C:\Windows\system32\Drivers\Cdfs.sys [92160]
[MD5.F036CE71586E93D94DAB220D7BDF4416] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.20/11/2010 - 06:19:22.) -- C:\Windows\system32\Drivers\Cdrom.sys [147456]
[MD5.9BB2EF44EAA163B29C4A4587887A0FE4] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.20/11/2010 - 06:26:34.) -- C:\Windows\system32\Drivers\DfsC.sys [102400]
[MD5.97BFED39B6B79EB12CDDBFEED51F56BB] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.20/11/2010 - 07:43:44.) -- C:\Windows\system32\Drivers\HDAudBus.sys [122368]
[MD5.FA55C73D4AFFA7EE23AC4BE53B4592D3] - (.Microsoft Corporation - Driver de porta i8042.) (.13/07/2009 - 20:19:57.) -- C:\Windows\system32\Drivers\i8042prt.sys [105472]
[MD5.AF9B39A7E7B6CAA203B3862582E9F2D0] - (.Microsoft Corporation - IP Network Address Translator.) (.13/07/2009 - 21:10:03.) -- C:\Windows\system32\Drivers\IpNat.sys [116224]
[MD5.A5D9106A73DC88564C825D317CAC68AC] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.09/03/2012 - 15:32:09.) -- C:\Windows\system32\Drivers\MRxSmb.sys [158208]
[MD5.09594D1089C523423B32A4229263F068] - (.Microsoft Corporation - MBT Transport driver.) (.20/11/2010 - 06:23:22.) -- C:\Windows\system32\Drivers\netBT.sys [261632]
[MD5.A2F74975097F52A00745F9637451FDD8] - (.Microsoft Corporation - Driver do Sistema de Arquivos NT.) (.09/03/2012 - 15:27:31.) -- C:\Windows\system32\Drivers\ntfs.sys [1659776]
[MD5.0086431C29C35BE1DBC43F52CC273887] - (.Microsoft Corporation - Driver de porta paralela.) (.13/07/2009 - 21:00:41.) -- C:\Windows\system32\Drivers\Parport.sys [97280]
[MD5.471815800AE33E6F1C32FB1B97C490CA] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.20/11/2010 - 07:52:36.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [129536]
[MD5.548260A7B8654E024DC30BF8A7C5BAA4] - (.Microsoft Corporation - SMB Transport driver.) (.13/07/2009 - 21:09:09.) -- C:\Windows\system32\Drivers\smb.sys [93184]
[MD5.DDAD5A7AB24D8B65F8D724F5C20FD806] - (.Microsoft Corporation - TDI Translation Driver.) (.20/11/2010 - 06:21:58.) -- C:\Windows\system32\Drivers\tdx.sys [119296]
[MD5.DF8126BD41180351A093A3AD2FC8903B] - (.Microsoft Corporation - Driver de cópia de sombra de volume.) (.09/03/2012 - 15:11:02.) -- C:\Windows\system32\Drivers\volsnap.sys [296320]
~ Generic Processes:  Scanned in 00mn 00s



---\\ Estatuto dos ficheiros ocultos (Oculto/Total)
~ Mes images (My Pictures) : 1/248
~ Mes musiques (My Musics) : 1/281
~ Mes Videos (My Videos) : 1/77
~ Mes Favoris (My Favorites) : 1/8
~ Mes Documents (My Documents) : 3/1806
~ Mon Bureau (My Desktop) : 1/363
~ Menu demarrer (Programs) : 1/39
~ Hidden Files:  Scanned in 00mn 02s



---\\ Processos lançados
[MD5.A3626C6D3F2DC95497F3F61842D7FD89] - (.ASUS - ASLDR Service.) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe   [80512] [PID.1824]
[MD5.DBC598E47E7A382E60E2A4745D41FEF9] - (.ASUS - GFNEXSrv.) -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe   [96896] [PID.1900]
[MD5.6A122B4F0E5293CACFA8A5F2CBA9B356] - (.ASUS - ASUS InstantOn Program.) -- C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnSrv.exe   [277120] [PID.1376]
[MD5.20DDC9CED8BC8390138F3187E0FF7411] - (.ASUSTek Computer Inc. - HControl.) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe   [174720] [PID.2116]
[MD5.3CF87D0243C7D37FAA1A79C013FD3FB5] - (.ASUS - ASUS InstantOn Program.) -- C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnWMI.exe   [309888] [PID.2344]
[MD5.1992C2A1867D95AA3A0802539358D162] - (.No owner - Service.) -- C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe   [18656] [PID.2372]
[MD5.792C8CDADE8C92629752E56A03F0FF1C] - (.AVG Technologies CZ, s.r.o. - AVG Identity Protection Service.) -- C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe   [3645456] [PID.2952]
[MD5.DBAEB3D23C653018629A76E53260E122] - (.AVG Technologies CZ, s.r.o. - AVG Watchdog Service.) -- C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe   [291912] [PID.2972]
[MD5.896AA2F1D79662B17D5DBBE588E24E30] - (...) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe   [128280] [PID.3336]
[MD5.3C6630473DD42FFC57D9F5564F533127] - (.Intel Corporation - Intel(R) Dynamic Application Loader Host In.) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe   [161560] [PID.3364]
[MD5.24FB8DB6D1D55E2C5D0A53DFE48E6AF8] - (.Microsoft - Y2Desktop.Updater.) -- C:\Program Files (x86)\Yontoo\Y2Desktop.Updater.exe   [23552] [PID.1468]  =>Adware.Yontoo
[MD5.149126216A694E6BA84E92ECA77AAE3B] - (.ASUS - ATKOSD.) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe   [2488888] [PID.4900]
[MD5.AA11E1368EEB237DD100BAC6AFFE1C57] - (.ASUS - KBFiltr.) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe   [113208] [PID.4936]
[MD5.4A7C441D99D86704D194E7678873B95D] - (.ASUS - WDC.) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe   [174648] [PID.4944]
[MD5.2B23FAA39D8F949ED5EEE03ECA50BCD5] - (.Intel Corporation - Local Manageability Service.) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe   [277784] [PID.4980]
[MD5.9D1CCE440552500DED3A62F9D779CDB4] - (.Nero AG - NeroUpdate.) -- C:\Program Files (x86)\Nero\Update\NASvc.exe   [503080] [PID.3836]
[MD5.3C5405EF78576E8E4D791EB18F6856A8] - (.Intel Corporation - User Notification Service.) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe   [363800] [PID.2536]
[MD5.542459D16B416D054161007FC9B1246E] - (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe   [841032] [PID.4640]
[MD5.E5703839EE9DD7FACE721CF56E3F9963] - (.MyCity - MCShield Real-Time Monitor.) -- C:\Program Files (x86)\MCShield\MCShieldRTM.exe   [650816] [PID.2392]
[MD5.1780A53FCE5975B94604775CD9460F22] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe   [7865344] [PID.3636]
~ Processes Running:  Scanned in 00mn 00s



---\\ Google Chrome, Arranque,Pesquisa,Extensões (G0,G1,G2)
C:\Users\Pablo\AppData\Local\Google\Chrome\User Data\Default\Preferences
G0 - GCSP: Preference [User Data\Default][HomePage] [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
G2 - GCE: Preference [User Data\Default] [aaaajfocmnnhjaajccaelhippajhaeod] Ask Toolbar v.32.10, (Désactivé)  =>Toolbar.Ask
G2 - GCE: Preference [User Data\Default] [igdhbblpcellaljokkpfhcjlagemhgjl] Iminent v.6.19.4.1, (Désactivé)  =>Adware.IMBooster
G2 - GCE: Preference [User Data\Default] [neajdppkdcdipfabeoofebfddakdcjhd] Google Network Speech v.1.0 (Activé)
G2 - GCE: Preference [User Data\Default] [niapdbllcanepiiimjjndipklodoedlc] Yontoo v.1.0.3 (Désactivé)  =>Adware.Yontoo
G2 - GCE: Preference [User Data\Default] [nkeimhogjdpnpccoofpliimaahmaaome] Hangout Services v.1.0 (Activé)

---\\ Pasta de extensão do Google Chrome
~ Google Lines Browser: 19 Legitimates Filtered in 00mn 07s



---\\ Internet Explorer, Gestão do Proxy (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management:  Scanned in 00mn 00s



---\\ Análise das linhas F0, F1, F2, F3 - Ficheiros ini, Carregamento Automático de programas
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys:  Scanned in 00mn 00s



---\\ Redireção do ficheiro Hosts (01)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File:  Scanned in 00mn 00s
~ Nombre de lignes (Lines number): 21



---\\ Outras conexões do utilizador (04)
O4 - GS\QuickLaunch [Pablo]: BitTorrent.lnk . (.BitTorrent Inc. - BitTorrent.)  -- C:\Users\Pablo\AppData\Roaming\BitTorrent\BitTorrent.exe   =>P2P.BitTorrent
~ Global Startup: 1 Legitimates Filtered in 00mn 02s



---\\ Aplicações iniciadas por registo & pastas (04)
O4 - HKLM\..\Run: [VizorHtmlDialog.exe] . (.Trend Micro Inc. - Trend Titanium.) -- C:\Program Files\Trend Micro\Titanium\UIFramework\VizorHtmlDialog.exe
O4 - HKLM\..\Run: [Trend Micro Client Framework] . (.Trend Micro Inc. - Trend Micro Client Session Agent Monitor.) -- C:\Program Files\Trend Micro\UniClient\UiFrmWrk\UIWatchDog.exe
O4 - HKLM\..\Run: [Trend Micro Titanium] . (.Trend Micro Inc. - VizorShortCut Dynamic Link Library.) -- C:\Program Files\Trend Micro\Titanium\VizorShortCut.exe
O4 - HKLM\..\Run: [IgfxTray] . (.Intel Corporation - igfxTray Module.) -- C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] . (.Intel Corporation - hkcmd Module.) -- C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [ETDCtrl] C:\Program Files (x86)\Elantech\ETDCtrl.exe (.not file.)
O4 - HKCU\..\Run: [SUPERAntiSpyware] . (.SUPERAntiSpyware - SUPERAntiSpyware Application.) -- C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKCU\..\Run: [Yontoo Desktop] C:\Users\Pablo\AppData\Roaming\Yontoo\YontooDesktop.exe (.not file.)   =>Adware.Yontoo
O4 - HKCU\..\Run: [HW_OPENEYE_OUC_VIVO INTERNET] . (.Huawei Technologies Co., Ltd. - Online Update Clinet.) -- C:\Program Files (x86)\VIVO INTERNET\UpdateDog\ouc.exe
O4 - HKCU\..\Run: [Fotos Slides Movie] . (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\wscript.exe
O4 - HKCU\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets da Área de Trabalho do Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe
O4 - HKCU\..\Run: [MCShield Monitor] . (.MyCity - MCShield Real-Time Monitor.) -- C:\Program Files (x86)\MCShield\mcshieldrtm.exe
O4 - HKLM\..\Wow6432Node\Run: [USB3MON] . (.Intel Corporation - Intel(R) USB 3.0 Monitor.) -- C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
O4 - HKLM\..\Wow6432Node\Run: [ATKOSD2] . (.ASUSTek Computer Inc. - ATKOSD2.) -- C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
O4 - HKLM\..\Wow6432Node\Run: [HControlUser] . (.ASUS - HControlUser.) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
O4 - HKLM\..\Wow6432Node\Run: [SunJavaUpdateSched] . (.Oracle Corporation - Java Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe   =>.Oracle Corporation
O4 - HKLM\..\Wow6432Node\Run: [AVG_UI] . (.AVG Technologies CZ, s.r.o. - AVG User Interface.) -- C:\Program Files (x86)\AVG\AVG2014\avgui.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets da Área de Trabalho do Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets da Área de Trabalho do Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe   =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe   =>.Microsoft Corporation
O4 - HKUS\S-1-5-21-1322692611-2876088620-685211800-1000\..\Run: [SUPERAntiSpyware] . (.SUPERAntiSpyware - SUPERAntiSpyware Application.) -- C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKUS\S-1-5-21-1322692611-2876088620-685211800-1000\..\Run: [Yontoo Desktop] C:\Users\Pablo\AppData\Roaming\Yontoo\YontooDesktop.exe (.not file.)   =>Adware.Yontoo
O4 - HKUS\S-1-5-21-1322692611-2876088620-685211800-1000\..\Run: [HW_OPENEYE_OUC_VIVO INTERNET] . (.Huawei Technologies Co., Ltd. - Online Update Clinet.) -- C:\Program Files (x86)\VIVO INTERNET\UpdateDog\ouc.exe
O4 - HKUS\S-1-5-21-1322692611-2876088620-685211800-1000\..\Run: [Fotos Slides Movie] . (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\wscript.exe
O4 - HKUS\S-1-5-21-1322692611-2876088620-685211800-1000\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets da Área de Trabalho do Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe
O4 - HKUS\S-1-5-21-1322692611-2876088620-685211800-1000\..\Run: [MCShield Monitor] . (.MyCity - MCShield Real-Time Monitor.) -- C:\Program Files (x86)\MCShield\mcshieldrtm.exe
~ Application:  Scanned in 00mn 00s



---\\ Boutões da barra de ferramentas principal do Internet Explorer (09)
O9 - Extra button: &Enviar para o OneNote [64Bits] - {2670000A-7350-4f3c-8081-5663EE0C6C49} -- C:\Program Files (x86)\MICROS~2\Office14\ONBttnIE.dll (.not file.)
O9 - Extra button: &Anotações Vinculadas do OneNote [64Bits] - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} -- C:\Program Files (x86)\MICROS~2\Office14\ONBTTN~1.dll (.not file.)
~ IE Extra Buttons:  Scanned in 00mn 00s



---\\ Alteração Dominio/Clientes DNS (017)
O17 - HKLM\System\CCS\Services\Tcpip\..\{1500AF52-0759-421E-8B3F-BCDA4B7D2A17}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{BB63EC2B-D5C3-46F0-9309-F0A53548DD06}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{1500AF52-0759-421E-8B3F-BCDA4B7D2A17}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{BB63EC2B-D5C3-46F0-9309-F0A53548DD06}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{1500AF52-0759-421E-8B3F-BCDA4B7D2A17}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{BB63EC2B-D5C3-46F0-9309-F0A53548DD06}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
~ Domain:  Scanned in 00mn 00s



---\\ Protocolo adicional (018)
O18 - Handler: wlpg [64Bits] - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (...) --
O18 - Filter: text/xml [64Bits] - {807573E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.dll  =>.Microsoft Corporation
~ Protocole Additionnel:  Scanned in 00mn 00s



---\\ Valor do Registo AppInit_DLLs e sub-chaves Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: igfxcui . (.Intel Corporation - igfxdev Module.) -- C:\Windows\System32\igfxdev.dll
~ Winlogon:  Scanned in 00mn 00s



---\\ Lista dos serviços NT não Microsoft e não desativados (023)
O23 - Service: HWDeviceService64.exe (HWDeviceService64.exe) . (.No owner - DCSHOST.) - C:\ProgramData\DatacardService\HWDeviceService64.exe
O23 - Service: Personalization Panel DWM controller (persdwmsrv) . (.http://winaero.com/ - persdwmsrv.) - C:\Program Files (x86)\winaero.com\Personalization Panel DWM Controller\persdwmsrv.exe
O23 - Service: PriceMeterLiveUpdate Service (pricemeterliveUpdate) (pricemeterliveUpdate) . (...) - C:\Program Files (x86)\PriceMeterLiveUpdate\Update\PriceMeterLiveUpdate.exe (.not file.)  =>PUP.PriceMeter
~ Services: 19 Legitimates Filtered in 00mn 08s



---\\ Tarefas planificadas automaticamente (039)
[MD5.00000000000000000000000000000000] [APT] [BonanzaDealsLiveUpdateTaskMachineCore] (...) -- C:\Program Files (x86)\BonanzaDealsLive\Update\BonanzaDealsLive.exe (.not file.)   [0]  =>Adware.BonanzaDeals
[MD5.00000000000000000000000000000000] [APT] [BonanzaDealsLiveUpdateTaskMachineUA] (...) -- C:\Program Files (x86)\BonanzaDealsLive\Update\BonanzaDealsLive.exe (.not file.)   [0]  =>Adware.BonanzaDeals
[MD5.00000000000000000000000000000000] [APT] [Dealply] (...) -- C:\Users\Pablo\AppData\Roaming\Dealply\UPDATE~1\UPDATE~1.exe (.not file.)   [0]  =>PUP.DealPly
[MD5.82A44E0CFE6F6228F1BF3FCC8217B611] [APT] [FreeFixer background scan] (.Kephyr.) -- C:\Program Files\FreeFixer\freefixer.exe   [4148736]
[MD5.731D5021CC80657598F954A9007AFD94] [APT] [PriceMeterUpdater] (...) -- C:\Users\Pablo\AppData\Roaming\PRICEM~1\UPDATE~1\UPDATE~1.exe   [110592]  =>PUP.PriceMeter
[MD5.5F6F4EE3FAA18EF7E386864CEDF6DC06] [APT] [UpdaterEX] (...) -- C:\Users\Pablo\AppData\Roaming\UPDATE~1\UPDATE~1\UPDATE~1.exe   [110080]  =>PUP.Dealply
[MD5.00000000000000000000000000000000] [APT] [{04389DD9-FE32-440C-8C5D-71B68966DBD3}] (...) -- C:\Users\Pablo\Downloads\WL_560_10.exe (.not file.)   [0]
[MD5.00000000000000000000000000000000] [APT] [{81F83576-E56E-4936-BBEE-B220BA37C884}] (...) -- C:\Program Files (x86)\Positivo\Miniaurelio\aurelio.exe (.not file.)   [0]
[MD5.00000000000000000000000000000000] [APT] [{BF8695F3-1E2C-453C-AC87-1BF14BE03EDA}] (...) -- C:\Program Files (x86)\Positivo\Miniaurelio\aurelio.exe (.not file.)   [0]
O39 - APT:  - (..) -- C:\Windows\System32\Tasks\Adobe Flash Player Updater   [902]
O39 - APT: BonanzaDealsLiveUpdateTaskMachineCore - (...) -- C:\Windows\Tasks\BonanzaDealsLiveUpdateTaskMachineCore.job   [920]  =>Adware.BonanzaDeals
O39 - APT: BonanzaDealsLiveUpdateTaskMachineCore - (...) -- C:\Windows\System32\Tasks\BonanzaDealsLiveUpdateTaskMachineCore   [920]  =>Adware.BonanzaDeals
O39 - APT: BonanzaDealsLiveUpdateTaskMachineUA - (...) -- C:\Windows\Tasks\BonanzaDealsLiveUpdateTaskMachineUA.job   [924]  =>Adware.BonanzaDeals
O39 - APT: BonanzaDealsLiveUpdateTaskMachineUA - (...) -- C:\Windows\System32\Tasks\BonanzaDealsLiveUpdateTaskMachineUA   [924]  =>Adware.BonanzaDeals
O39 - APT: Dealply - (...) -- C:\Windows\Tasks\Dealply.job   [290]  =>PUP.DealPly
O39 - APT: Dealply - (...) -- C:\Windows\System32\Tasks\Dealply   [290]  =>PUP.DealPly
O39 - APT: FreeFixer background scan - (.Kephyr.) -- C:\Windows\Tasks\FreeFixer background scan.job   [308]
O39 - APT: FreeFixer background scan - (.Kephyr.) -- C:\Windows\System32\Tasks\FreeFixer background scan   [308]
O39 - APT:  - (..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore   [1078]
O39 - APT:  - (..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA   [1082]
O39 - APT:  - (..) -- C:\Windows\System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon   [828]
O39 - APT: APT:  - (..) -- C:\Windows\System32\System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon   [828] - (..) -- C:\Windows\System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d   [830]
O39 - APT: PriceMeterUpdater - (...) -- C:\Windows\Tasks\PriceMeterUpdater.job   [292]  =>PUP.PriceMeter
O39 - APT: PriceMeterUpdater - (...) -- C:\Windows\System32\Tasks\PriceMeterUpdater   [292]  =>PUP.PriceMeter
~ Scheduled Task: 38 Legitimates Filtered in 00mn 04s



---\\ Software instalados (042)
O42 - Logiciel: CADe Simu 1.0 - (.Juan Luiz Villanueva Montoto.) [HKLM][64Bits] -- {0DB78696-CA47-4750-8458-D566A65D4F64}_is1
O42 - Logiciel: CCE+SABER - v1.0 - (.CCE+SABER.) [HKLM][64Bits] -- {D445A7B9-69A8-4860-95B9-BB957281D9A0}_is1
O42 - Logiciel: Extended Update - (...) [HKCU][64Bits] -- UpdaterEX  =>PUP.Dealply
O42 - Logiciel: FreeFixer - (.Kephyr.) [HKLM][64Bits] -- FreeFixer1.09
O42 - Logiciel: Klavaro-1.9.7 - (...) [HKLM][64Bits] -- Klavaro_is1
O42 - Logiciel: MCShield ::Anti-Malware Tool:: - (.MyCity.) [HKLM][64Bits] -- MCShield
O42 - Logiciel: PokerStars - (.PokerStars.) [HKLM][64Bits] -- PokerStars
O42 - Logiciel: Update for PriceMeter - (.Update for PriceMeter.) [HKCU][64Bits] -- PriceMeterUpdater  =>PUP.PriceMeter
O42 - Logiciel: Yontoo 2.052 - (.Yontoo LLC.) [HKLM][64Bits] -- {889DF117-14D1-44EE-9F31-C5FB5D47F68B}  =>Adware.Yontoo
~ Logic: 35 Legitimates Filtered in 00mn 01s



---\\ HKCU & HKLM Software Keys
[HKCU\Software\APN PIP]
[HKCU\Software\Authorsoft]
[HKCU\Software\Baidu Security]  =>Adware.BDSearch
[HKCU\Software\InstallCore]  =>Adware.InstallCore
[HKCU\Software\MCShield]
[HKCU\Software\PriceMeter]  =>PUP.PriceMeter
[HKCU\Software\StartSearch]  =>PUP.StartSearch
[HKLM\Software\Baidu Security]  =>Adware.BDSearch
[HKLM\Software\Tarma Installer]  =>PUP.Tarma
[HKLM\Software\Wow6432Node\Baidu Security]  =>Adware.BDSearch
[HKLM\Software\Wow6432Node\Baidu_Drp_pos]  =>Adware.BDSearch
[HKLM\Software\Wow6432Node\BonanzaDealsLive]  =>Adware.BonanzaDeals
[HKLM\Software\Wow6432Node\DealPlyLive]  =>PUP.DealPly
[HKLM\Software\Wow6432Node\Iminent]  =>Adware.IMBooster
[HKLM\Software\Wow6432Node\PIP]
[HKLM\Software\Wow6432Node\baidu]  =>Adware.BDSearch
~ Key Software: 370 Legitimates Filtered in 00mn 01s



---\\ Conteúdo das pastas Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 03/03/2014 - 12:12:23 - [] ----D C:\Program Files (x86)\Baidu Security  =>Adware.BDSearch
O43 - CFD: 16/03/2014 - 19:31:44 - [] ----D C:\Program Files (x86)\BonanzaDeals  =>Adware.BonanzaDeals
O43 - CFD: 16/03/2014 - 19:36:13 - [] ----D C:\Program Files (x86)\BonanzaDealsLive  =>Adware.BonanzaDeals
O43 - CFD: 07/01/2013 - 12:51:10 - [] ----D C:\Program Files (x86)\Claro
O43 - CFD: 16/03/2014 - 19:32:26 - [] ----D C:\Program Files (x86)\DealPly  =>PUP.DealPly
O43 - CFD: 16/03/2014 - 20:09:41 - [] ----D C:\Program Files (x86)\DealPlyLive  =>PUP.DealPly
O43 - CFD: 30/05/2013 - 09:13:15 - [] ----D C:\Program Files (x86)\Iminent  =>Adware.IMBooster
O43 - CFD: 29/04/2014 - 12:44:51 - [] ----D C:\Program Files (x86)\MCShield
O43 - CFD: 21/10/2013 - 11:24:45 - [] ----D C:\Program Files (x86)\PokerStars
O43 - CFD: 15/02/2014 - 15:38:00 - [] ----D C:\Program Files (x86)\VIVO INTERNET
O43 - CFD: 31/05/2013 - 19:41:47 - [] ----D C:\Program Files (x86)\Yontoo  =>Adware.Yontoo
O43 - CFD: 03/03/2014 - 12:12:27 - [] ----D C:\ProgramData\Baidu  =>Adware.BDSearch
O43 - CFD: 20/03/2014 - 11:41:23 - [] ----D C:\ProgramData\Baidu Security  =>Adware.BDSearch
O43 - CFD: 29/04/2014 - 12:45:11 - [] ----D C:\ProgramData\MCShield
O43 - CFD: 29/04/2013 - 20:17:18 - [] ----D C:\ProgramData\Tarma Installer  =>PUP.Tarma
O43 - CFD: 16/03/2014 - 16:56:00 - [] ----D C:\Users\Pablo\AppData\Roaming\FreeFixer
O43 - CFD: 26/04/2014 - 19:10:13 - [] ----D C:\Users\Pablo\AppData\Roaming\klavaro
O43 - CFD: 27/03/2014 - 00:25:03 - [] ----D C:\Users\Pablo\AppData\Roaming\PriceMeterUpdater  =>PUP.PriceMeter
O43 - CFD: 17/10/2013 - 03:52:06 - [] ----D C:\Users\Pablo\AppData\Roaming\UpdaterEX  =>PUP.Dealply
O43 - CFD: 03/03/2014 - 12:48:51 - [] ----D C:\Users\Pablo\AppData\Roaming\VIVO INTERNET
O43 - CFD: 03/03/2014 - 00:39:10 - [] ----D C:\Users\Pablo\AppData\Roaming\Yontoo  =>Adware.Yontoo
O43 - CFD: 24/03/2013 - 20:56:42 - [] ----D C:\Users\Pablo\AppData\Roaming\[ManufacturerNonTM]
O43 - CFD: 30/05/2013 - 09:18:12 - [] ----D C:\Users\Pablo\AppData\Local\APN
O43 - CFD: 16/03/2014 - 18:55:37 - [] ----D C:\Users\Pablo\AppData\Local\FreeFixer
O43 - CFD: 23/10/2013 - 21:36:25 - [] ----D C:\Users\Pablo\AppData\Local\PokerStars
O43 - CFD: 29/04/2014 - 12:14:12 - [] ----D C:\Users\Pablo\AppData\Local\PriceMeter  =>PUP.PriceMeter
O43 - CFD: 21/10/2013 - 11:24:38 - [] ----D C:\Users\Pablo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PokerStars
O43 - CFD: 27/03/2014 - 00:25:03 - [] ----D C:\Users\Pablo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PriceMeter  =>PUP.PriceMeter
~ 129 Dossier CLSID vide (CLSID Empty Folder)
~ Program Folder: 338 Legitimates Filtered in 00mn 04s



---\\ Últimos ficheiros alterados ou criados no Windows e Sistema32 (044)
O44 - LFC:[MD5.D75D9BDDDDBC8C5CBF986E4FFD9A3C67] - 29/04/2014 - 10:23:48 ---A- . (...) -- C:\Windows\System32\prfc0416.dat   [175484]
O44 - LFC:[MD5.54A3EF63482D9CB17919E4D1AB7A4EEC] - 29/04/2014 - 10:23:48 ---A- . (...) -- C:\Windows\System32\prfh0416.dat   [781268]
O44 - LFC:[MD5.19CEB9C426F9E488B290BA76F81296DC] - 29/04/2014 - 12:27:13 ---A- . (...) -- C:\Windows\System32\AutoRunFilter.ini   [2356]
O44 - LFC:[MD5.62414DB98CD0382581EF07AB7831B247] - 29/04/2014 - 12:27:22 ---A- . (...) -- C:\Windows\System32\ServiceFilter.ini   [1827]
O44 - LFC:[MD5.17C7AD2CEBE81AA8DFCB8B2435DD392F] - 29/04/2014 - 12:32:09 ---A- . (...) -- C:\UsbFix [Clean 2] PES.txt   [13385]
~ Files: 17 Legitimates Filtered in 00mn 08s



---\\ Operações e funções ao arranque do Windows Explorer (046)
O46 - SEH:ShellExecuteHooks - Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL
O46 - SEH:ShellExecuteHooks - Groove GFS Stub Execution Hook [64Bits] - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL
~ ShellExecuteHooks:  Scanned in 00mn 00s



---\\ Chave do registo Shell MountPoints2 (MPKS) (O51)
O51 - MPSK:{2965f145-58e0-11e2-91f3-446d577c2617}\AutoRun\command. (...) -- E:\AutoRun.exe (.not file.)
~ Keys:  Scanned in 00mn 00s



---\\ Enumeração das chaves do registo PoliciesSystem (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=0
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
~ MWPS: 16 Legitimates Filtered in 00mn 00s



---\\ Enumeração das chaves do registo PoliciesExplorer (MWPE) (O56)
O56 - MWPE:[HKCU\...\policies\Explorer] - "NoLowDiskSpaceChecks"=1
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktopChanges"=1
~ MWPE Keys: 4 Legitimates Filtered in 00mn 00s



---\\ Lista dos drivers do sistema (SDL) (O58)
O58 - SDL:11/04/2012 - 19:49:00 ---A- . (.Windows (R) Win 7 DDK provider - ASUS Virtual Bus.) -- C:\Windows\System32\Drivers\AsusVBus.sys   [35968]
O58 - SDL:11/04/2012 - 19:48:58 ---A- . (.Windows (R) Win 7 DDK provider - ASUS HID mini driver for Virtual Touch Device.) -- C:\Windows\System32\Drivers\AsusVTouch.sys   [16512]
O58 - SDL:21/01/2014 - 11:14:40 ---A- . (.Baidu, Inc. - Baidu Antivirus Minifilter Driver.) -- C:\Windows\System32\Drivers\Bfilter.sys   [52032]
O58 - SDL:21/01/2014 - 11:14:50 ---A- . (.Baidu, Inc. - Baidu FS Monitor Driver.) -- C:\Windows\System32\Drivers\Bfmon.sys   [34624]  =>Adware.BDSearch
O58 - SDL:21/01/2014 - 07:01:36 ---A- . (.Baidu, Inc. - Baidu Antivirus Selfprotect Driver.) -- C:\Windows\System32\Drivers\Bprotect.sys   [128992]
O58 - SDL:13/07/2009 - 22:47:48 ---A- . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\System32\Drivers\elxstor.sys   [530496]
O58 - SDL:19/02/2012 - 15:16:24 ---A- . (.ELAN Microelectronics Corp. - ETD Kernel Center.) -- C:\Windows\System32\Drivers\ETD.sys   [200488]
O58 - SDL:08/10/2010 - 15:59:40 ---A- . (.Huawei Tech. Co., Ltd. - HUAWEI USB Smart Card Driver.) -- C:\Windows\System32\Drivers\ewdcsc.sys   [32768]
O58 - SDL:10/06/2009 - 17:31:59 ---A- . (.Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for eHome.) -- C:\Windows\System32\Drivers\hcw85cir.sys   [31232]
O58 - SDL:20/07/2009 - 06:29:40 ---A- . (.No owner - Keyboard Filter Driver.) -- C:\Windows\System32\Drivers\kbfiltr.sys   [15416]
O58 - SDL:06/08/2010 - 06:43:20 ---A- . (.DiBcom SA - DiBcom AVSTREAM BDA driver.) -- C:\Windows\System32\Drivers\mod7700.sys   [1001472]
O58 - SDL:13/07/2009 - 22:45:55 ---A- . (.Promise Technology - Promise  SuperTrak EX Series Driver for Windows.) -- C:\Windows\System32\Drivers\stexstor.sys   [24656]
O58 - SDL:13/07/2009 - 00:09:20 ---A- . (...) -- C:\Windows\System32\Drivers\uxpatch.sys   [30568]
~ Drivers: 91 Legitimates Filtered in 00mn 06s



---\\ Lista das ferramentas de remoção de vírus (LAT) (063)
O63 - Logiciel: UsbFix - (.El Desaparecido - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] [HKLM] -- Usbfix
O63 - Logiciel: ZHPDiag 2014 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1  =>.Nicolas Coolman
~ ADS:  Scanned in 00mn 00s



---\\ Associações Shell Spawning (O67)
O67 - Shell Spawning: <.html> <ChromeHTML>[HKCU\..\open\Command] (.Not Key.)
~ FASS Keys: 12 Legitimates Filtered in 00mn 00s



---\\ Menu de inicialização Internet (068)
O68 - StartMenuInternet: <Google Chrome> <Google Chrome>[HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
~ Keys:  Scanned in 00mn 00s



---\\ Pesquisa adicional à raiz do sistema (radicular) (SPRF) (O84)
[MD5.8DDB84FB5FD7958654F23ECE6EA14D0F] [SPRF][15/01/2014] (.Baidu, Inc. - Baidu Antivirus FileSplitUpLoad Library.) -- C:\ProgramData\FileSplitUpLoad.dll   [167784]
[MD5.0D3B680986310AE5540578C0E481C6A0] [SPRF][06/10/2010] (...) -- C:\ProgramData\FullRemove.exe   [131984]
[MD5.84B72873ADECCEDA4E044FE08A831041] [SPRF][16/03/2014] (...) -- C:\ProgramData\ntuser.dat   [262144]
[MD5.B0EB78EB2BE8B03D5B9C485AB9318B70] [SPRF][17/02/2013] (...) -- C:\Users\Pablo\AppData\Roaming\room_v3.dat   [45270]
[MD5.A99C974ACF7FBBE34B01FD412E81604C] [SPRF][29/04/2014] (...) -- C:\Users\Pablo\AppData\Roaming\sp_data.sys   [380]
~ Files: 6 Legitimates Filtered in 00mn 00s



---\\ Lista das exceções do FireWall (FirewallRules) (O87)
O87 - FAEL: "{99E9D4AC-76D8-41A1-88CC-44147B27CF66}" | In - None - P6 - TRUE | .(.BitTorrent Inc. - BitTorrent.) -- C:\Users\Pablo\AppData\Roaming\BitTorrent\BitTorrent.exe  =>P2P.BitTorrent
O87 - FAEL: "{8A2A6E00-8457-474A-B1A5-BFF72DDE6730}" | In - None - P17 - TRUE | .(.BitTorrent Inc. - BitTorrent.) -- C:\Users\Pablo\AppData\Roaming\BitTorrent\BitTorrent.exe  =>P2P.BitTorrent
~ Firewall: 2 Legitimates Filtered in 00mn 01s



---\\ Search Tracing Registry Key (O100)
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\AdvancedSystemProtector_RASAPI32  =>PUP.AdvancedSystemProtector
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\AdvancedSystemProtector_RASMANCS  =>PUP.AdvancedSystemProtector
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\BingBar_RASAPI32  =>Toolbar.Bing
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\BingBar_RASMANCS  =>Toolbar.Bing
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\BitTorrent_RASAPI32  =>P2P.BitTorrent
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\BitTorrent_RASMANCS  =>P2P.BitTorrent
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\IminentSetup_RASAPI32  =>Adware.IMBooster
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\IminentSetup_RASMANCS  =>Adware.IMBooster
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\Iminent_RASAPI32  =>Adware.IMBooster
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\Iminent_RASMANCS  =>Adware.IMBooster
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\Mobogenie_RASAPI32  =>PUP.Mobogenie
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\Mobogenie_RASMANCS  =>PUP.Mobogenie
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\pricemeterd_RASAPI32  =>PUP.PriceMeter
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\pricemeterd_RASMANCS  =>PUP.PriceMeter
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\PrivitizeVPN_1_RASAPI32  =>Hijacker.PrivitizeVPN
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\PrivitizeVPN_1_RASMANCS  =>Hijacker.PrivitizeVPN
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\yontoo-C4-0A14_RASAPI32  =>Adware.Yontoo
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\yontoo-C4-0A14_RASMANCS  =>Adware.Yontoo
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\YontooDesktop_RASAPI32  =>Adware.Yontoo
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\YontooDesktop_RASMANCS  =>Adware.Yontoo
~ BTK: 344 Legitimates Filtered in 00mn 00s



---\\ Estado general dos serviços não Microsoft (EGS) (SR=Executados, SS=Parados)
SS - | Demand 18/12/2013 65432 |  (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
SS - | Demand 27/05/2013 256904 |  (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
SS - | Demand 02/08/2011 275912 |  (Amsp) . (.Trend Micro Inc..) - C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe
SS - | Demand 06/03/2012 276248 |  (cphs) . (.Intel Corporation.) - C:\Windows\SysWow64\IntelCpHeciSvc.exe
SS - | Demand 17/08/2013 1431888 |  (FLEXnet Licensing Service 64) . (.Flexera Software, Inc..) - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
SS - | Auto 09/03/2012 136176 |  (gupdate) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 09/03/2012 136176 |  (gupdatem) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Auto 10/07/1658 0 |  (pricemeterliveUpdate) . (...) - C:\Program Files (x86)\PriceMeterLiveUpdate\Update\PriceMeterLiveUpdate.exe  =>PUP.PriceMeter
SS - | Demand 10/07/1658 0 |  (pricemeterliveUpdatem) . (...) - C:\Program Files (x86)\PriceMeterLiveUpdate\Update\PriceMeterLiveUpdate.exe  =>PUP.PriceMeter
SS - | Auto 01/03/2013 161384 |  (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files (x86)\Skype\Updater\Updater.exe
SS - | Demand 13/07/2009 27136 | C:\Program Files (x86)\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SS - | Demand 10/07/1658 0 |  (WMPNetworkSvc) . (...) - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe  =>.Microsoft Corporation
SS - | Disabled 13/07/2009 27136 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SR - | Auto 11/07/2012 140672 |  (!SASCORE) . (.SUPERAntiSpyware.com.) - C:\Program Files\SUPERAntiSpyware\SASCORE64.exe
SR - | Auto 03/03/2011 379520 |  (AFBAgent) . (.ASUSTeK Computer Inc..) - C:\Windows\system32\FBAgent.exe
SR - | Auto 21/11/2011 80512 |  (ASLDRService) . (.ASUS.) - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
SR - | Auto 13/04/2012 277120 |  (ASUS InstantOn) . (.ASUS.) - C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnSrv.exe
SR - | Auto 21/11/2011 96896 |  (ATKGFNEXSrv) . (.ASUS.) - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
SR - | Auto 02/02/2011 18656 |  (Autodesk Content Service) . (...) - C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe
SR - | Auto 18/04/2014 3645456 |  (AVGIDSAgent) . (.AVG Technologies CZ, s.r.o..) - C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe
SR - | Auto 27/03/2014 291912 |  (avgwd) . (.AVG Technologies CZ, s.r.o..) - C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe
SR - | Auto 16/11/2010 339456 |  (HWDeviceService64.exe) . (...) - C:\ProgramData\DatacardService\HWDeviceService64.exe
SR - | Auto 03/02/2012 628448 |  (Intel(R) Capability Licensing Service Interface) . (.Intel(R) Corporation.) - C:\Program Files\Intel\iCLS Client\HeciServer.exe
SR - | Auto 21/02/2012 128280 |  (Intel(R) ME Service) . (...) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
SR - | Auto 21/02/2012 161560 |  (jhi_service) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
SR - | Auto 28/02/2012 277784 |  (LMS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
SR - | Auto 04/05/2010 503080 |  (NAUpdate) . (.Nero AG.) - C:\Program Files (x86)\Nero\Update\NASvc.exe
SR - | Auto 07/04/2012 8192 |  (persdwmsrv) . (.http://winaero.com/.) - C:\Program Files (x86)\winaero.com\Personalization Panel DWM Controller\persdwmsrv.exe
SR - | Demand 02/08/2011 247072 |  (TiMiniService) . (.Trend Micro Inc..) - C:\Program Files\Trend Micro\Titanium\TiMiniService.exe
SR - | Auto 28/02/2012 363800 |  (UNS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
SR - | Auto 13/07/2009 24168 |  (UnsignedThemes) . (.The Within Network, LLC.) - C:\Windows\UnsignedThemesSvc.exe
SR - | Auto 16/04/2013 23552 |  (Yontoo Desktop Updater) . (.Microsoft.) - C:\Program Files (x86)\Yontoo\Y2Desktop.Updater.exe  =>Adware.Yontoo
~ Services:  Scanned in 00mn 11s



---\\ Scâner Aditional (088)
Database Version : 13045 - (28/04/2014)
Clés trouvées (Keys found) : 127
Valeurs trouvées (Values found) : 2
Dossiers trouvés  (Folders found) : 19
Fichiers trouvés  (Files found) : 19

[HKLM\Software\Google\Chrome\Extensions\aaaajfocmnnhjaajccaelhippajhaeod]   =>Toolbar.Ask^
[HKLM\Software\Google\Chrome\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl]   =>Adware.IMBooster^
[HKLM\Software\Google\Chrome\Extensions\niapdbllcanepiiimjjndipklodoedlc]   =>Adware.Yontoo^
[HKLM\SYSTEM\CurrentControlSet\Services\pricemeterliveUpdate) (pricemeterliveUpdate]   =>PUP.PriceMeter^
[HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\UpdaterEX]   =>PUP.Dealply^
[HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\PriceMeterUpdater]   =>PUP.PriceMeter^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}]   =>Adware.Yontoo^
[HKLM\Software\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}]   =>Adware.IMBooster
[HKLM\Software\Wow6432Node\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}]   =>Adware.IMBooster
[HKLM\Software\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}]   =>Adware.IMBooster
[HKLM\Software\Wow6432Node\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}]   =>Adware.IMBooster
[HKLM\Software\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}]   =>Adware.IMBooster
[HKLM\Software\Wow6432Node\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}]   =>Adware.IMBooster
[HKLM\Software\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}]   =>Adware.IMBooster
[HKLM\Software\Wow6432Node\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}]   =>Adware.IMBooster
[HKLM\Software\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}]   =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}]   =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}]   =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}]   =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}]   =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}]   =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}]   =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}]   =>PUP.RewardsArcade
[HKLM\Software\Classes\TypeLib\{2BF2028E-3F3C-4C05-AB45-B2F1DCFE0759}]   =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}]   =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}]   =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}]   =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}]   =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}]   =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}]   =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}]   =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}]   =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}]   =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}]   =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}]   =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}]   =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}]   =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}]   =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}]   =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}]   =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68B81CCD-A80C-4060-8947-5AE69ED01199}]   =>Adware.IMBooster
[HKLM\Software\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}]   =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}]   =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}]   =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}]   =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}]   =>Toolbar.Ask
[HKLM\Software\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}]   =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}]   =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}]   =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}]   =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}]   =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}]   =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}]   =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}]   =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}]   =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}]   =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}]   =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}]   =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}]   =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}]   =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}]   =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}]   =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}]   =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}]   =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}]   =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}]   =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}]   =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}]   =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}]   =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}]   =>PUP.RewardsArcade
[HKLM\Software\Classes\AppID\{CFDAFE39-20CE-451D-BD45-A37452F39CF0}]   =>Adware.Yontoo
[HKLM\Software\Wow6432Node\Classes\AppID\{CFDAFE39-20CE-451D-BD45-A37452F39CF0}]   =>Adware.Yontoo
[HKLM\Software\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}]   =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}]   =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}]   =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}]   =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}]   =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}]   =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}]   =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}]   =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}]   =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}]   =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}]   =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}]   =>PUP.RewardsArcade
[HKLM\Software\Classes\TypeLib\{DB538320-D3C5-433C-BCA9-C4081A054FCF}]   =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}]   =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}]   =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}]   =>Adware.Yontoo
[HKLM\Software\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}]   =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}]   =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E6B969FB-6D33-48d2-9061-8BBD4899EB08}]   =>Adware.IMBooster
[HKLM\Software\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}]   =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}]   =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}]   =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}]   =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}]   =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}]   =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}]   =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}]   =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}]   =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}]   =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Microsoft\Tracing\BingBar_RASMANCS]   =>Toolbar.Bing
[HKCU\Software\APN PIP]   =>Toolbar.Ask
[HKLM\Software\Wow6432Node\Iminent]   =>Adware.IMBooster
[HKLM\Software\Wow6432Node\PIP]   =>Toolbar.Ask
[HKCU\Software\StartSearch]   =>Hijacker.Agent
[HKLM\Software\Tarma Installer]   =>PUP.Tarma
[HKLM\Software\Wow6432Node\Microsoft\Tracing\Iminent_RASAPI32]   =>Adware.Bandoo
[HKLM\Software\Wow6432Node\Microsoft\Tracing\Iminent_RASMANCS]   =>Adware.Bandoo
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\claro]   =>PUP.ClaroSearch
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\SearchTheWebARP]   =>Adware.IMBooster
[HKLM\Software\Classes\Prod.cap]   =>PUP.Babylon
[HKLM\Software\Wow6432Node\Microsoft\Tracing\BingBar_RASAPI32]   =>Toolbar.Bing
[HKCU\Software\InstallCore]   =>Adware.InstallCore
[HKLM\SYSTEM\CurrentControlSet\Services\Yontoo Desktop Updater]   =>Adware.Yontoo
[HKLM\Software\Wow6432Node\Microsoft\Tracing\apnstub_RASAPI32]   =>Toolbar.Ask
[HKLM\Software\Wow6432Node\Microsoft\Tracing\apnstub_RASMANCS]   =>Toolbar.Ask
[HKLM\Software\Wow6432Node\Microsoft\Tracing\askpartnercobrandingtool_rasapi32]   =>Toolbar.Ask
[HKLM\Software\Wow6432Node\Microsoft\Tracing\askpartnercobrandingtool_rasmancs]   =>Toolbar.Ask
[HKLM\Software\Wow6432Node\Microsoft\Tracing\Mobogenie_RASAPI32]   =>PUP.Mobogenie
[HKLM\Software\Wow6432Node\Microsoft\Tracing\Mobogenie_RASMANCS]   =>PUP.Mobogenie
[HKLM\Software\Classes\YontooIEClient.Api]   =>Adware.Yontoo
[HKLM\Software\Classes\YontooIEClient.Api.1]   =>Adware.Yontoo
[HKLM\Software\Classes\AppID\YontooIEClient.DLL]   =>Adware.Yontoo
[HKLM\Software\Wow6432Node\Classes\YontooIEClient.Api]   =>Adware.Yontoo
[HKLM\Software\Wow6432Node\Classes\YontooIEClient.Api.1]   =>Adware.Yontoo
[HKLM\Software\Wow6432Node\Classes\AppID\YontooIEClient.DLL]   =>Adware.Yontoo
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]:Yontoo Desktop   =>Adware.Yontoo^
C:\Users\Pablo\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaajfocmnnhjaajccaelhippajhaeod   =>Toolbar.Ask^
C:\Users\Pablo\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl   =>Adware.IMBooster^
C:\Users\Pablo\AppData\Local\Google\Chrome\User Data\Default\Extensions\niapdbllcanepiiimjjndipklodoedlc   =>Adware.Yontoo^
C:\Program Files (x86)\Baidu Security   =>Adware.BDSearch^
C:\Program Files (x86)\BonanzaDeals   =>Adware.BonanzaDeals^
C:\Program Files (x86)\BonanzaDealsLive   =>Adware.BonanzaDeals^
C:\Program Files (x86)\DealPly   =>PUP.DealPly^
C:\Program Files (x86)\DealPlyLive   =>PUP.DealPly^
C:\Program Files (x86)\Iminent   =>Adware.IMBooster^
C:\Program Files (x86)\Yontoo   =>Adware.Yontoo^
C:\ProgramData\Baidu   =>Adware.BDSearch^
C:\ProgramData\Baidu Security   =>Adware.BDSearch^
C:\ProgramData\Tarma Installer   =>PUP.Tarma^
C:\Users\Pablo\AppData\Roaming\PriceMeterUpdater   =>PUP.PriceMeter^
C:\Users\Pablo\AppData\Roaming\UpdaterEX   =>PUP.Dealply^
C:\Users\Pablo\AppData\Roaming\Yontoo   =>Adware.Yontoo^
C:\Users\Pablo\AppData\Local\PriceMeter   =>PUP.PriceMeter^
C:\Users\Pablo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PriceMeter   =>PUP.PriceMeter^
C:\Users\Pablo\AppData\Local\Temp\AskSearch   =>Toolbar.AskBarDis
C:\Program Files (x86)\Yontoo\Y2Desktop.Updater.exe   =>Adware.Yontoo^
C:\Users\Pablo\AppData\Roaming\PRICEM~1\UPDATE~1\UPDATE~1.exe   =>PUP.PriceMeter^
C:\Users\Pablo\AppData\Roaming\UPDATE~1\UPDATE~1\UPDATE~1.exe   =>PUP.Dealply^
C:\Windows\Tasks\BonanzaDealsLiveUpdateTaskMachineCore.job   =>Adware.BonanzaDeals^
C:\Windows\System32\Tasks\BonanzaDealsLiveUpdateTaskMachineCore   =>Adware.BonanzaDeals^
C:\Windows\Tasks\BonanzaDealsLiveUpdateTaskMachineUA.job   =>Adware.BonanzaDeals^
C:\Windows\System32\Tasks\BonanzaDealsLiveUpdateTaskMachineUA   =>Adware.BonanzaDeals^
C:\Windows\Tasks\Dealply.job   =>PUP.DealPly^
C:\Windows\System32\Tasks\Dealply   =>PUP.DealPly^
C:\Windows\Tasks\PriceMeterUpdater.job   =>PUP.PriceMeter^
C:\Windows\System32\Tasks\PriceMeterUpdater   =>PUP.PriceMeter^
[HKCU\Software\Baidu Security]   =>Adware.BDSearch^
[HKCU\Software\PriceMeter]   =>PUP.PriceMeter^
[HKLM\Software\Baidu Security]   =>Adware.BDSearch^
[HKLM\Software\Wow6432Node\Baidu Security]   =>Adware.BDSearch^
[HKLM\Software\Wow6432Node\Baidu_Drp_pos]   =>Adware.BDSearch^
[HKLM\Software\Wow6432Node\BonanzaDealsLive]   =>Adware.BonanzaDeals^
[HKLM\Software\Wow6432Node\DealPlyLive]   =>PUP.DealPly^
[HKLM\Software\Wow6432Node\baidu]   =>Adware.BDSearch^
~ Additionnel Scan: 429089 Items scanned in 00mn 54s



---\\ Sumário das deteções encontradas na sua estação
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]  =>Adware.Yontoo
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]  =>Toolbar.Ask
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]  =>Adware.IMBooster
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]  =>PUP.PriceMeter
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]  =>Adware.BonanzaDeals
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]  =>PUP.DealPly
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]  =>Adware.BDSearch
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]  =>Adware.InstallCore
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]  =>PUP.StartSearch
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]  =>PUP.Tarma
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]  =>PUP.AdvancedSystemProtector
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]  =>PUP.Mobogenie
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]  =>Hijacker.PrivitizeVPN
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]   =>PUP.RewardsArcade
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]  =>Adware.Bandoo
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]  =>PUP.ClaroSearch
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]  =>PUP.Babylon
~ MSI: 17 link(s) detected in 00mn 00s



~ 1070 Legitimates filtered by white list
End of the scan (711 lines in 02mn 27s)(0)
pabloescobar
pabloescobar
Membro
Membro

Mensagens : 68
Reputação : 0
Data de inscrição : 17/04/2014
Localização : Minas Gerais

Ir para o topo Ir para baixo

slides - Fotos Slides Movie nos pendrives e PC Empty Re: Fotos Slides Movie nos pendrives e PC

Mensagem por Power Max Ter 29 Abr 2014, 13:01

slides - Fotos Slides Movie nos pendrives e PC 772309 Baixe o programa Adwcleaner clicando no link abaixo e depois clique no botão Download Now @BleepingComputer:
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

Para executar corretamente o AdwCleaner é só seguir as dicas deste tutorial:

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

* Na sua próxima resposta poste o log (relatório) do Adwcleaner que estará em C:\AdwCleaner\AdwCleaner[S0].txt

Ficamos na espera.

_________________

Caixa de Dicas
= Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] = O melhor da internet você encontra aqui.

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] = Mensagens de fé e esperança para o seu coração
Power Max
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Ir para o topo Ir para baixo

slides - Fotos Slides Movie nos pendrives e PC Empty Re: Fotos Slides Movie nos pendrives e PC

Mensagem por pabloescobar Ter 29 Abr 2014, 13:09

# AdwCleaner v3.205 - Relatório criado 29/04/2014 às 13:05:10
# Atualizado 28/04/2014 por Xplode
# Sistema Operacional : Windows 7 Home Basic Service Pack 1 (64 bits)
# Usuário : Pablo - PES
# Executando de : C:\Users\Pablo\Downloads\AdwCleaner.exe
# Opção : Limpar

***** [ Serviços ] *****

[#] Serviço Deletada : pricemeterliveUpdate
[#] Serviço Deletada : pricemeterliveUpdatem
[#] Serviço Deletada : Yontoo Desktop Updater

***** [ Arquivos / Pastas ] *****

Pasta Deletada : C:\Program Files (x86)\BonanzaDeals
Pasta Deletada : C:\Program Files (x86)\BonanzaDealsLive
Pasta Deletada : C:\Program Files (x86)\Claro
Pasta Deletada : C:\Program Files (x86)\DealPly
Pasta Deletada : C:\Program Files (x86)\DealPlyLive
Pasta Deletada : C:\Program Files (x86)\Iminent
Pasta Deletada : C:\Program Files (x86)\PriceMeterLiveUpdate
Pasta Deletada : C:\Program Files (x86)\Yontoo
Pasta Deletada : C:\Users\Pablo\.android
Pasta Deletada : C:\Users\Pablo\AppData\Local\apn
Pasta Deletada : C:\Users\Pablo\AppData\Local\PriceMeter
Pasta Deletada : C:\Users\Pablo\AppData\Local\PriceMeterLiveUpdate
Pasta Deletada : C:\Users\Pablo\AppData\Local\Temp\apn
Pasta Deletada : C:\Users\Pablo\AppData\Local\Temp\AskSearch
Pasta Deletada : C:\Users\Pablo\AppData\Roaming\PriceMeterUpdater
Pasta Deletada : C:\Users\Pablo\AppData\Roaming\Systweak
Pasta Deletada : C:\Users\Pablo\AppData\Roaming\UpdaterEX
Pasta Deletada : C:\Users\Pablo\AppData\Roaming\Yontoo
Pasta Deletada : C:\Users\Pablo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PriceMeter
Arquivo Deletada : C:\Windows\System32\roboot64.exe
Arquivo Deletada : C:\Users\Pablo\daemonprocess.txt
Arquivo Deletada : C:\Windows\Tasks\BonanzaDealsLiveUpdateTaskMachineCore.job
Arquivo Deletada : C:\Windows\System32\Tasks\BonanzaDealsLiveUpdateTaskMachineCore
Arquivo Deletada : C:\Windows\Tasks\BonanzaDealsLiveUpdateTaskMachineUA.job
Arquivo Deletada : C:\Windows\System32\Tasks\BonanzaDealsLiveUpdateTaskMachineUA
Arquivo Deletada : C:\Windows\Tasks\Dealply.job
Arquivo Deletada : C:\Windows\System32\Tasks\Dealply
Arquivo Deletada : C:\Windows\Tasks\PriceMeterUpdater.job
Arquivo Deletada : C:\Windows\System32\Tasks\PriceMeterUpdater
Arquivo Deletada : C:\Windows\System32\Tasks\UpdaterEX

***** [ Atalhos ] *****


***** [ Registro ] *****

Chave Deletedo : HKLM\SOFTWARE\Google\Chrome\Extensions\niapdbllcanepiiimjjndipklodoedlc
Valor Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [Yontoo Desktop]
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\YontooIEClient.DLL
Chave Deletedo : HKLM\SOFTWARE\Classes\PriceMeterLiveUpdate.OneClickCtrl.9
Chave Deletedo : HKLM\SOFTWARE\Classes\PriceMeterLiveUpdate.OneClickProcessLauncherMachine
Chave Deletedo : HKLM\SOFTWARE\Classes\PriceMeterLiveUpdate.OneClickProcessLauncherMachine.1.0
Chave Deletedo : HKLM\SOFTWARE\Classes\PriceMeterLiveUpdate.Update3WebControl.3
Chave Deletedo : HKLM\SOFTWARE\Classes\PriceMeterLiveUpdateUpdate.CoCreateAsync
Chave Deletedo : HKLM\SOFTWARE\Classes\PriceMeterLiveUpdateUpdate.CoCreateAsync.1.0
Chave Deletedo : HKLM\SOFTWARE\Classes\PriceMeterLiveUpdateUpdate.CoreClass
Chave Deletedo : HKLM\SOFTWARE\Classes\PriceMeterLiveUpdateUpdate.CoreClass.1
Chave Deletedo : HKLM\SOFTWARE\Classes\PriceMeterLiveUpdateUpdate.CoreMachineClass
Chave Deletedo : HKLM\SOFTWARE\Classes\PriceMeterLiveUpdateUpdate.CoreMachineClass.1
Chave Deletedo : HKLM\SOFTWARE\Classes\PriceMeterLiveUpdateUpdate.CredentialDialogMachine
Chave Deletedo : HKLM\SOFTWARE\Classes\PriceMeterLiveUpdateUpdate.CredentialDialogMachine.1.0
Chave Deletedo : HKLM\SOFTWARE\Classes\PriceMeterLiveUpdateUpdate.OnDemandCOMClassMachine
Chave Deletedo : HKLM\SOFTWARE\Classes\PriceMeterLiveUpdateUpdate.OnDemandCOMClassMachine.1.0
Chave Deletedo : HKLM\SOFTWARE\Classes\PriceMeterLiveUpdateUpdate.OnDemandCOMClassMachineFallback
Chave Deletedo : HKLM\SOFTWARE\Classes\PriceMeterLiveUpdateUpdate.OnDemandCOMClassMachineFallback.1.0
Chave Deletedo : HKLM\SOFTWARE\Classes\PriceMeterLiveUpdateUpdate.OnDemandCOMClassSvc
Chave Deletedo : HKLM\SOFTWARE\Classes\PriceMeterLiveUpdateUpdate.OnDemandCOMClassSvc.1.0
Chave Deletedo : HKLM\SOFTWARE\Classes\PriceMeterLiveUpdateUpdate.ProcessLauncher
Chave Deletedo : HKLM\SOFTWARE\Classes\PriceMeterLiveUpdateUpdate.ProcessLauncher.1.0
Chave Deletedo : HKLM\SOFTWARE\Classes\PriceMeterLiveUpdateUpdate.Update3COMClassService
Chave Deletedo : HKLM\SOFTWARE\Classes\PriceMeterLiveUpdateUpdate.Update3COMClassService.1.0
Chave Deletedo : HKLM\SOFTWARE\Classes\PriceMeterLiveUpdateUpdate.Update3WebMachine
Chave Deletedo : HKLM\SOFTWARE\Classes\PriceMeterLiveUpdateUpdate.Update3WebMachine.1.0
Chave Deletedo : HKLM\SOFTWARE\Classes\PriceMeterLiveUpdateUpdate.Update3WebMachineFallback
Chave Deletedo : HKLM\SOFTWARE\Classes\PriceMeterLiveUpdateUpdate.Update3WebMachineFallback.1.0
Chave Deletedo : HKLM\SOFTWARE\Classes\PriceMeterLiveUpdateUpdate.Update3WebSvc
Chave Deletedo : HKLM\SOFTWARE\Classes\PriceMeterLiveUpdateUpdate.Update3WebSvc.1.0
Chave Deletedo : HKLM\SOFTWARE\Classes\Prod.cap
Chave Deletedo : HKLM\SOFTWARE\Classes\YontooIEClient.Api
Chave Deletedo : HKLM\SOFTWARE\Classes\YontooIEClient.Api.1
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\AdvancedSystemProtector_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\AdvancedSystemProtector_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\ApnSetup_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\ApnSetup_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_rasapi32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_rasmancs
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\AskSLib_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\AskSLib_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\BingBar_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\DEALPL~1_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\DEALPL~1_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\Iminent_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\Iminent_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\IminentSetup_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\IminentSetup_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\Mobogenie_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\Mobogenie_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\privitizevpn_1_rasapi32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\privitizevpn_1_rasmancs
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\systweakasp_rasapi32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\systweakasp_rasmancs
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\UpdateTask_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\UpdateTask_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\MozillaPlugins\@tools.updatepm.com/PriceMeterLiveUpdate Update;version=3
Chave Deletedo : HKLM\SOFTWARE\MozillaPlugins\@tools.updatepm.com/PriceMeterLiveUpdate Update;version=9
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\{CFDAFE39-20CE-451D-BD45-A37452F39CF0}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{02054E11-5113-4BE3-8153-AA8DFB5D3761}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{118E1BF6-6279-432F-A285-373A77B90C7A}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{14CEEA2F-3D21-46ED-A7D2-89056C520E5E}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{1CC8D970-F626-4F19-815F-890032BB6606}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{33BAF587-9647-4281-A34F-F4830CDC1B9F}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{5B5E5D0E-7C83-4A32-ADD2-E5F488DD6783}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{6802463D-636F-41FE-9924-4CAD56906590}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{6E993643-8FBC-44FE-BC85-D318495C4D96}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{806785D0-375F-4C2C-92E3-B8EE65D28E83}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{80FABB17-63AF-4655-9F07-B6509EE37AF2}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{944661E7-67B9-4DF7-BFF2-05388C166D34}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{99066096-8989-4612-841F-621A01D54AD7}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{9EA8702C-EEDB-4731-BE68-E9A167DD3597}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{A7CF66EF-4F0D-46B1-AF71-A500378D6C34}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{B71934E5-6B93-448D-9D32-CBAA5150C5D8}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{CA5D945F-E738-4D0B-A0B5-25AC51C64659}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{D34F391D-4CB7-467F-A543-F583857C63B0}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{E970727E-0508-4BEB-8B72-BBA9D0D047C7}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{EBF1F869-D2F0-4D31-A877-386C853A9C3D}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{F3CF4912-CF0A-451B-AF3B-C4F216C715E4}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{F7698761-4ABA-45C2-A5BB-D2163922C725}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{F904AC50-215C-42AB-A532-77E9FDBA9B19}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{FE9271F2-6EFD-44B0-A826-84C829536E93}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}
Chave Deletedo : HKLM\SOFTWARE\Classes\TypeLib\{2BF2028E-3F3C-4C05-AB45-B2F1DCFE0759}
Chave Deletedo : HKLM\SOFTWARE\Classes\TypeLib\{DB538320-D3C5-433C-BCA9-C4081A054FCF}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{318A227B-5E9F-45BD-8999-7F8F10CA4CF5}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{318A227B-5E9F-45BD-8999-7F8F10CA4CF5}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{33BAF587-9647-4281-A34F-F4830CDC1B9F}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68B81CCD-A80C-4060-8947-5AE69ED01199}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E6B969FB-6D33-48D2-9061-8BBD4899EB08}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\CLSID\{318A227B-5E9F-45BD-8999-7F8F10CA4CF5}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}
Chave Deletedo : HKCU\Software\APN PIP
Chave Deletedo : HKCU\Software\Headlight
Chave Deletedo : HKCU\Software\InstallCore
Chave Deletedo : HKCU\Software\StartSearch
Chave Deletedo : HKCU\Software\systweak
Chave Deletedo : HKCU\Software\UpdaterEX
Chave Deletedo : HKLM\Software\BonanzaDealsLive
Chave Deletedo : HKLM\Software\DealPlyLive
Chave Deletedo : HKLM\Software\Iminent
Chave Deletedo : HKLM\Software\PIP
Chave Deletedo : HKLM\Software\systweak
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Price Metar
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\UpdaterEX
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\claro
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchTheWebARP
Chave Deletedo : [x64] HKLM\SOFTWARE\Tarma Installer
Chave Deletedo : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}

***** [ Navegadores ] *****

-\\ Internet Explorer v9.0.8112.16421


-\\ Google Chrome v34.0.1847.131

[ Arquivo : C:\Users\Pablo\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Deletedo [Search Provider] : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Deletedo [Extension] : igdhbblpcellaljokkpfhcjlagemhgjl
Deletedo [Extension] : niapdbllcanepiiimjjndipklodoedlc

*************************

AdwCleaner[R0].txt - [21026 octets] - [29/04/2014 13:04:18]
AdwCleaner[S0].txt - [20058 octets] - [29/04/2014 13:05:10]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [20119 octets] ##########
pabloescobar
pabloescobar
Membro
Membro

Mensagens : 68
Reputação : 0
Data de inscrição : 17/04/2014
Localização : Minas Gerais

Ir para o topo Ir para baixo

slides - Fotos Slides Movie nos pendrives e PC Empty Re: Fotos Slides Movie nos pendrives e PC

Mensagem por Power Max Ter 29 Abr 2014, 13:10

slides - Fotos Slides Movie nos pendrives e PC 772309 Faça o download do Malwarebytes em um destes links abaixo:
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

Para instalá-lo e executá-lo corretamente siga, por gentileza, as dicas desta postagem:

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

Na sua próxima resposta poste este log (relatório) do Malwarebytes.

Ficamos no aguardo.

_________________

Caixa de Dicas
= Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] = O melhor da internet você encontra aqui.

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] = Mensagens de fé e esperança para o seu coração
Power Max
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Ir para o topo Ir para baixo

slides - Fotos Slides Movie nos pendrives e PC Empty Re: Fotos Slides Movie nos pendrives e PC

Mensagem por pabloescobar Ter 29 Abr 2014, 16:31

Malwarebytes Anti-Malware
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

Data de Verificação: 29/04/2014
Hora da Verificação: 16:30:33
Logfile: aaa.txt
Administrador: Sim

Versão: 2.00.1.1004
Malware Database: v2014.04.29.03
Rootkit Database: v2014.03.27.01
Licença: Grátis
Proteção de Malware: Desabilitado
Proteção de Site Malicioso: Desabilitado
Chameleon: Desabilitado

OS: Windows 7 Service Pack 1
CPU: x64
Sistema de Arquivo: NTFS
Usuário: Pablo

Tipo da Verificação: Verificação Personalizada
Resultado: Completado
Arquivos Verificados: 473125
Tempo Decorrido: 3 hr, 15 min, 40 seg

Memória: Enabled
Inicialização: Enabled
Filesystem: Enabled
Arquivos: Enabled
Rootkits: Desabilitado
Shuriken: Enabled
PUP: Enabled
PUM: Enabled

Processos: 0
(No malicious items detected)

Módulos: 0
(No malicious items detected)

Chaves de Registro: 0
(No malicious items detected)

Valores de Registro: 0
(No malicious items detected)

Dados do Registro: 0
(No malicious items detected)

Pastas: 0
(No malicious items detected)

Arquivos: 0
(No malicious items detected)

Physical Sectors: 0
(No malicious items detected)


(end)
pabloescobar
pabloescobar
Membro
Membro

Mensagens : 68
Reputação : 0
Data de inscrição : 17/04/2014
Localização : Minas Gerais

Ir para o topo Ir para baixo

slides - Fotos Slides Movie nos pendrives e PC Empty Re: Fotos Slides Movie nos pendrives e PC

Mensagem por Power Max Ter 29 Abr 2014, 16:35

slides - Fotos Slides Movie nos pendrives e PC 772309 Desative temporariamente seu antivírus para evitar conflitos.

* Acesse este link abaixo e clique no primeiro botão da esquerda que é o botão Download Zoek.exe:
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

Para executá-lo corretamente siga as dicas deste tutorial:

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

* Assim que ele concluir a limpeza dos problemas acesse o log (relatório) do Zoek que estará em C:\zoek-results.txt e copie todo seu conteúdo e poste em sua próxima resposta.

_________________

Caixa de Dicas
= Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] = O melhor da internet você encontra aqui.

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] = Mensagens de fé e esperança para o seu coração
Power Max
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Ir para o topo Ir para baixo

slides - Fotos Slides Movie nos pendrives e PC Empty Re: Fotos Slides Movie nos pendrives e PC

Mensagem por pabloescobar Ter 29 Abr 2014, 22:56

Zoek.exe v5.0.0.0 Updated 14-April-2014
Tool run by Pablo on 29/04/2014 at 22:29:05,30.
Microsoft Windows 7 Home Basic  6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Pablo\Downloads\zoek.exe [Scan all users] [Script inserted]

==== System Restore Info ======================

29/04/2014 22:31:50 Zoek.exe System Restore Point Created Succesfully.

==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
#      102.54.94.97     rhino.acme.com          # source server
#       38.25.63.10     x.acme.com              # x client host

# localhost name resolution is handle within DNS itself.
127.0.0.1       localhost
::1             localhost

==== Deleting CLSID Registry Keys ======================


==== Deleting CLSID Registry Values ======================


==== Deleting Services ======================


==== Deleting Files \ Folders ======================

C:\PROGRA~2\COMMON~1\Wondershare deleted
C:\Users\Pablo\AppData\Roaming\GetRightToGo deleted
C:\PROGRA~3\FileSplitUpLoad.dll deleted
C:\PROGRA~3\Allmyapps deleted
C:\PROGRA~3\Baidu deleted
C:\PROGRA~3\Tarma Installer deleted
C:\Users\Pablo\AppData\Local\Wondershare deleted
C:\Users\Pablo\AppData\Local\cache deleted
C:\Windows\Syswow64\InstallUtil.InstallLog deleted

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"{22C7F6C6-8D67-4534-92B5-529A0EC09405}"="C:\Program Files\Trend Micro\AMSP\module\20004\FxExt\firefoxextension" [09/03/2012 16:53]

==== Chrome Look ======================

Google Drive - Pablo\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf
YouTube - Pablo\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
Google Search - Pablo\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
Google Wallet - Pablo\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
Gmail - Pablo\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia

==== Chrome Fix ======================

C:\Users\Pablo\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.similarsitesearch.com_0.localstorage deleted successfully
C:\Users\Pablo\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.similarsitesearch.com_0.localstorage-journal deleted successfully

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=9&ar=msnhome"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
No DefaultScope Set For HKCU

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=9&ar=msnhome"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing  Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google  Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}"

==== Reset Google Chrome ======================

C:\Users\Pablo\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\Pablo\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully

==== shortcuts on Users Desktops ======================

C:\Users\Pablo\Desktop\Notepad++.lnk - C:\Program Files (x86)\Notepad++\notepad++.exe
C:\Users\Pablo\Desktop\PUC.lnk - D:\PUC
C:\Users\Pablo\Desktop\UsbFix.lnk - C:\UsbFix\UsbFix.exe
C:\Users\Pablo\Desktop\ZHPDiag.lnk - C:\Program Files (x86)\ZHPDiag\ZHPhep.exe
C:\Users\Pablo\Desktop\ZHPFix.lnk - C:\Program Files (x86)\ZHPDiag\ZHPFix\ZHPhep.exe
C:\Users\Pablo\Desktop\Programas\Adobe Digital Editions 3.0.lnk - C:\Program Files (x86)\Adobe\Adobe Digital Editions 3.0\DigitalEditions.exe
C:\Users\Pablo\Desktop\Programas\Adobe Reader X.lnk - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AcroRd32.exe
C:\Users\Pablo\Desktop\Programas\ASUS  Vibe Fun Center.lnk - C:\Program Files (x86)\ASUS\AsusVibe\AsusVibeLauncher.exe
C:\Users\Pablo\Desktop\Programas\ASUS Instant Connect Installer.lnk - C:\Windows\Installer\{89ECB85A-D933-4CEA-9116-5CBC9C2ED95B}\_6674EC67E9921BF5B03A07.exe
C:\Users\Pablo\Desktop\Programas\ASUS WebStorage.lnk - C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.108.222\AsusWSPanel.exe
C:\Users\Pablo\Desktop\Programas\aTube Catcher.lnk - C:\Program Files (x86)\DsNET Corp\aTube Catcher 2.0\yct.exe
C:\Users\Pablo\Desktop\Programas\AutoCAD 2012 - English.lnk - C:\Program Files (x86)\Autodesk\AutoCAD 2012 - English\acad.exe
C:\Users\Pablo\Desktop\Programas\Avira Control Center.lnk - C:\Program Files (x86)\Avira\AntiVir Desktop\avcenter.exe
C:\Users\Pablo\Desktop\Programas\BitTorrent.lnk - C:\Users\Pablo\AppData\Roaming\BitTorrent\BitTorrent.exe
C:\Users\Pablo\Desktop\Programas\CADe_SIMU.lnk - D:\cadsimu\CADe Simu\CADe_SIMU.exe
C:\Users\Pablo\Desktop\Programas\CCE+SABER.lnk - C:\opt\CCE+SABER\bin\nircmd.exe exec hide C:\opt\CCE+SABER\CCE+SABER.cmd
C:\Users\Pablo\Desktop\Programas\Claro.lnk - C:\Program Files (x86)\Claro\Claro.exe
C:\Users\Pablo\Desktop\Programas\CPUID HWMonitor.lnk - C:\Program Files\CPUID\HWMonitor\HWMonitor.exe
C:\Users\Pablo\Desktop\Programas\DreamScene Seven.lnk - C:\Program Files (x86)\DreamScene Seven\dreamsceneseven.exe
C:\Users\Pablo\Desktop\Programas\eManual.Lnk - C:\eSupport\Manual\eManual.exe
C:\Users\Pablo\Desktop\Programas\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\Pablo\Desktop\Programas\Google Docs.lnk - C:\Program Files (x86)\Google\Drive\googledrivesync.exe --new_document
C:\Users\Pablo\Desktop\Programas\Google Sheets.lnk - C:\Program Files (x86)\Google\Drive\googledrivesync.exe --new_spreadsheet
C:\Users\Pablo\Desktop\Programas\Google Slides.lnk - C:\Program Files (x86)\Google\Drive\googledrivesync.exe --new_presentation
C:\Users\Pablo\Desktop\Programas\Inventor Fusion 2012.lnk - C:\Program Files (x86)\Autodesk\Inventor Fusion 2012\Inventor Fusion.exe
C:\Users\Pablo\Desktop\Programas\Kantoo English.lnk -  
C:\Users\Pablo\Desktop\Programas\Miniaurélio.lnk -  
C:\Users\Pablo\Desktop\Programas\MP3 Downloader.lnk - C:\Program Files (x86)\DsNET Corp\aTube Catcher 2.0\yct.exe  /MP3DOWNLOADER
C:\Users\Pablo\Desktop\Programas\Nero BurnLite 10.lnk - C:\Windows\Installer\{AB627AF2-9C7E-4DBD-816B-3B2646B81E89}\ScStartSmartDeskto_3AF47A4E14DF4546B1449D27245505A0.exe
C:\Users\Pablo\Desktop\Programas\PhotoScape.lnk - C:\Program Files (x86)\PhotoScape\PhotoScape.exe
C:\Users\Pablo\Desktop\Programas\PokerStars.lnk - C:\Program Files (x86)\PokerStars\PokerStarsUpdate.exe
C:\Users\Pablo\Desktop\Programas\Skype.lnk - C:\Windows\Installer\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}\SkypeIcon.exe
C:\Users\Pablo\Desktop\Programas\SUPERAntiSpyware Free Edition.lnk - C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Users\Pablo\Desktop\Programas\USB Disk Storage Format Tool.lnk - C:\Program Files\USB Disk Storage Format Tool\USBFormatTool.exe
C:\Users\Pablo\Desktop\Programas\Video Search.lnk - C:\Program Files (x86)\DsNET Corp\aTube Catcher 2.0\yct.exe  /VIDEOSEARCH
C:\Users\Pablo\Desktop\Programas\VIVO INTERNET.lnk - C:\Program Files (x86)\VIVO INTERNET\VIVO INTERNET.exe
C:\Users\Pablo\Desktop\Programas\VLC media player.lnk - C:\Program Files (x86)\VideoLAN\VLC\vlc.exe
C:\Users\Pablo\Desktop\Programas\ASUS\Backup & Restore\AI Recovery Burner.lnk - C:\ProgramData\ChangeFolderView\aiRecovery.ico
C:\Users\Pablo\Desktop\Programas\ASUS\Entertainment\Game Park Console.lnk - C:\ProgramData\Asus\Game Park Console\GameConsole.exe
C:\Users\Pablo\Desktop\Programas\ASUS\Entertainment\LifeFrame.lnk - C:\Program Files (x86)\ASUS\ASUS LifeFrame3\LifeFrame.exe
C:\Users\Pablo\Desktop\Programas\ASUS\Multimedia\ASUSDVD.lnk - C:\Program Files (x86)\CyberLink\PowerDVD10\PDVDLaunchPolicy.exe
C:\Users\Pablo\Desktop\Programas\ASUS\Multimedia\CyberLink Media Suite.lnk - C:\Program Files (x86)\CyberLink\Media Suite\PS.exe
C:\Users\Pablo\Desktop\Programas\ASUS\System tool\e-Driver.lnk - C:\eSupport\eDriver\InstAll.exe
C:\Users\Pablo\Desktop\Programas\ASUS\System tool\Scene Switch.lnk - C:\ProgramData\ChangeFolderView\sceneswitch.ico
C:\Users\Pablo\Desktop\Programas\ASUS\System tool\Splendid Utility.Lnk - C:\Program Files (x86)\ASUS\Splendid\Backbone.exe
C:\Users\Pablo\Desktop\Programas\ASUS\Word processor\Adobe Reader X.lnk - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AcroRd32.exe

==== shortcuts on All Users Desktop ======================

C:\Users\Public\Desktop\AVG 2014.lnk - C:\Program Files (x86)\AVG\AVG2014\avgui.exe
C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe

==== shortcuts in Users Start Menu ======================

C:\Users\Pablo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Unlocker\README.lnk - C:\Program Files\Unlocker\README.TXT
C:\Users\Pablo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Unlocker\Start Unlocker.lnk - C:\Program Files\Unlocker\Unlocker.exe
C:\Users\Pablo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Unlocker\Uninstall.lnk - C:\Program Files\Unlocker\uninst.exe
C:\Users\Pablo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Unlocker\Website.lnk - C:\Program Files\Unlocker\Unlocker.url

==== shortcuts in All Users Start Menu ======================

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Digital Editions 3.0.lnk - C:\Program Files (x86)\Adobe\Adobe Digital Editions 3.0\DigitalEditions.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe\Adobe Digital Editions 3.0\Adobe Digital Editions 3.0.lnk - C:\Program Files (x86)\Adobe\Adobe Digital Editions 3.0\DigitalEditions.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe\Adobe Digital Editions 3.0\Help.lnk -  
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe\Adobe Digital Editions 3.0\Home Page.lnk -  
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe\Adobe Digital Editions 3.0\Uninstall.lnk - C:\Program Files (x86)\Adobe\Adobe Digital Editions 3.0\uninstall.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG\AVG 2014.lnk - C:\Program Files (x86)\AVG\AVG2014\avgui.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive\Google Docs.lnk - C:\Program Files (x86)\Google\Drive\googledrivesync.exe --new_document
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive\Google Drive.lnk - C:\Program Files (x86)\Google\Drive\googledrivesync.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive\Google Sheets.lnk - C:\Program Files (x86)\Google\Drive\googledrivesync.exe --new_spreadsheet
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive\Google Slides.lnk - C:\Program Files (x86)\Google\Drive\googledrivesync.exe --new_presentation
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Configurar Java.lnk - C:\Program Files (x86)\Java\jre8\bin\javacpl.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Obter Ajuda.lnk -  
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Sobre o Java.lnk - C:\Program Files (x86)\Java\jre8\bin\javacpl.exe -tab about
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Verificar Atualizações.lnk -  
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Visite Java.com.lnk -  
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java Development Kit\Documentação de Referência.lnk -  
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java Development Kit\Java Mission Control.lnk - C:\Program Files (x86)\Java\jdk1.8.0_05\bin\jmc.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Klavaro\Klavaro-1.9.7.lnk - D:\Digitação\Klavaro-1.9.7\bin\klavaro.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Klavaro\Remove-1.9.7.lnk - D:\Digitação\Klavaro-1.9.7\unins000.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware\Desinstalar Malwarebytes Anti-Malware.lnk - C:\Program Files (x86)\Malwarebytes Anti-Malware\unins000.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware\Malwarebytes Anti-Malware.lnk - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware\Tools\Malwarebytes Anti-Malware Chameleon.lnk - C:\Program Files (x86)\Malwarebytes Anti-Malware\Chameleon\Windows\chameleon.chm
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MCShield\MCShield Control Center.lnk - C:\Program Files (x86)\MCShield\MCShieldCC.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MCShield\MCShield Real-Time Monitor.lnk - C:\Program Files (x86)\MCShield\MCShieldRTM.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MCShield\Logs\All scans.lnk - C:\ProgramData\MCShield\AllScans.txt
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MCShield\Logs\Last scan.lnk - C:\ProgramData\MCShield\LastScan.txt
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MCShield\Logs\Summary.lnk - C:\ProgramData\MCShield\Summary.txt
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MCShield\Tools\MCShield Translator.lnk - C:\Program Files (x86)\MCShield\Tools\Translator.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MCShield\Uninstall\Uninstall MCShield.lnk - C:\Program Files (x86)\MCShield\MCS-Uninstall.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++\Notepad++.lnk - C:\Program Files (x86)\Notepad++\notepad++.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZHP\ZHPDiag.lnk - C:\Program Files (x86)\ZHPDiag\ZHPhep.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZHP\ZHPFix.lnk - C:\Program Files (x86)\ZHPDiag\ZHPFix\ZHPhep.exe

==== shortcuts in Quick Launch ======================

C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -  
C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -  
C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -  
C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -  
C:\Users\Pablo\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Adobe Digital Editions 3.0.lnk - C:\Program Files (x86)\Adobe\Adobe Digital Editions 3.0\DigitalEditions.exe
C:\Users\Pablo\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\BitTorrent.lnk - C:\Users\Pablo\AppData\Roaming\BitTorrent\BitTorrent.exe
C:\Users\Pablo\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\Pablo\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Users\Pablo\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\PhotoScape.lnk - C:\Program Files (x86)\PhotoScape\PhotoScape.exe
C:\Users\Pablo\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -  
C:\Users\Pablo\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -  
C:\Users\Pablo\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\25bb2cdfb96af2d6\PokerStars.lnk - C:\Program Files (x86)\PokerStars\PokerStarsUpdate.exe
C:\Users\Pablo\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\Pablo\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Microsoft Visual Studio 2010.lnk - D:\PUC\Visual Studio\Common7\IDE\devenv.exe
C:\Users\Pablo\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Explorer.lnk - C:\Windows\explorer.exe

==== Reset IE Proxy ======================

Value(s) before fix:
"ProxyEnable"=dword:00000000

Value(s) after fix:
"ProxyEnable"=dword:00000000

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Pablo\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Users\Pablo\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Pablo\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Pablo\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot

==== Empty FireFox Cache ======================

No FireFox Profiles found

==== Empty Chrome Cache ======================

C:\Users\Pablo\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=189 folders=51 9004233 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\Pablo\AppData\Local\Temp will be emptied at reboot
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot
pabloescobar
pabloescobar
Membro
Membro

Mensagens : 68
Reputação : 0
Data de inscrição : 17/04/2014
Localização : Minas Gerais

Ir para o topo Ir para baixo

slides - Fotos Slides Movie nos pendrives e PC Empty Re: Fotos Slides Movie nos pendrives e PC

Mensagem por Power Max Ter 29 Abr 2014, 22:59

slides - Fotos Slides Movie nos pendrives e PC 772309 Baixe o programa Junkware Removal Tool no link abaixo:
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

Para executar corretamente o programa acima é só seguir as dicas deste tutorial:

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

* Na sua próxima resposta poste o log (relatório) do Junkware Removal Tool que estará salvo em sua área de trabalho com o nome de JRT.txt

Ficamos na espera.

_________________

Caixa de Dicas
= Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] = O melhor da internet você encontra aqui.

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] = Mensagens de fé e esperança para o seu coração
Power Max
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Ir para o topo Ir para baixo

slides - Fotos Slides Movie nos pendrives e PC Empty Fotos Slides Movie nos pendrives e PC

Mensagem por pabloescobar Qua 30 Abr 2014, 10:16

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 7 Home Basic x64
Ran by Pablo on 30/04/2014 at 10:03:47,15
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\baidu
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\pricemeterd_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\pricemeterd_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\APNSetup1_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\APNSetup1_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\APN_ATU3__RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\APN_ATU3__RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\pricemeterd_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\pricemeterd_RASMANCS



~~~ Files



~~~ Folders

Successfully deleted: [Folder] "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\claro"



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 30/04/2014 at 10:14:50,53
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
pabloescobar
pabloescobar
Membro
Membro

Mensagens : 68
Reputação : 0
Data de inscrição : 17/04/2014
Localização : Minas Gerais

Ir para o topo Ir para baixo

slides - Fotos Slides Movie nos pendrives e PC Empty Re: Fotos Slides Movie nos pendrives e PC

Mensagem por Power Max Qua 30 Abr 2014, 10:30

slides - Fotos Slides Movie nos pendrives e PC 772309 Abra novamente o ( ZHPDiag )

[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]

|- Clique "SEARCH" ou "PESQUISAR" e aguarde a conclusão.

[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]

|- Clique OK e, ao concluir, poste o relatório ZHPDiag.txt

_________________

Caixa de Dicas
= Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] = O melhor da internet você encontra aqui.

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] = Mensagens de fé e esperança para o seu coração
Power Max
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Ir para o topo Ir para baixo

slides - Fotos Slides Movie nos pendrives e PC Empty Fotos Slides Movie nos pendrives e PC

Mensagem por pabloescobar Qua 30 Abr 2014, 10:46

~ Relatório do ZHPDiag v2014.4.28.48 - Nicolas Coolman  (28/04/2014)
~ Iniciado por Pablo (30/04/2014 10:43:59)
~ Endereço do Website :  http://nicolascoolman.webs.com
~ Fóruns de suporte gratuito para desinfecção : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
~ Tradução pelo utilizador
~ Estatuto da versão :
~  Lista Branca : Ativado pelo programa
~ Elevação dos Privilégios : OK
~ Controle de Conta de Utilizador : Deactivate by program


---\\ Navegadores Internet
MSIE: Internet Explorer v9.0.8112.16421
GCIE: Google Chrome v34.0.1847.131 (Defaut)

---\\ Informações sobre os produtos Windows
~ Langage: Portugais
Windows 7 Home Basic, 64-bit Service Pack 1 (Build 7601)
Windows Server License Manager Script : OK
Software Protection Service (Protection logicielle) : OK
Windows Automatic Updates : OK
Windows Activation Technologies : OK

---\\ Softwares de proteçao do sistema
AVG 2014 v14.0.3931
Malwarebytes Anti-Malware versão 2.0.1.1004
Trend Micro Titanium v5.00
SUPERAntiSpyware v5.6.1014
Windows Defender W7

---\\ Softwares d'optimização do sistema

---\\ Softwares de partilha do PeerToPeer (P2P)

---\\ Monitoramento dos softwares
Adobe Flash Player 10 Plugin
Adobe Reader X
Java 7 Update 51

---\\ Informações sobre o sistema
~ Processor: Intel64 Family 6 Model 58 Stepping 9, GenuineIntel
~ Operating System: 64 Bits
Boot mode: Normal (Normal boot)
Total RAM: 8078 MB (76% free)
System Restore: Activé (Enable)
System drive C: has 217 GB (72%) free of 300 GB

---\\ Modo de conexão ao sistema
~ Computer Name: PES
~ User Name: Pablo
~ All Users Names: Pablo, Convidado, Administrador,
~ Unselected Option: 045,061,O62,065,066,080,O82,089
Logged in as Administrator

---\\ As variáveis de ambiente
~ System Unit : C:\
~ %AppZHP% : C:\Users\Pablo\AppData\Roaming\ZHP\
~ %AppData% : C:\Users\Pablo\AppData\Roaming\
~ %Desktop% : C:\Users\Pablo\Desktop\
~ %Favorites% : C:\Users\Pablo\Favorites\
~ %LocalAppData% : C:\Users\Pablo\AppData\Local\
~ %StartMenu% : C:\Users\Pablo\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\

---\\ Enumeração das unidades dos discos
C: Hard drive, Flash drive, Thumb drive (Free 217 Go of 300 Go)
D: Hard drive, Flash drive, Thumb drive (Free 365 Go of 373 Go)
F: CD-ROM drive (Not Inserted)



---\\ Estado do Centro de Segurança do Windows
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime : Out Of Date
~ Security Center: 49 Legitimates Filtered in 00mn 00s



---\\ Pesquisa particular de ficheiros genéricos
[MD5.332FEAB1435662FC6C672E25BEB37BE3] - (.Microsoft Corporation - Windows Explorer.) (.09/03/2012 - 15:26:38.) -- C:\Windows\Explorer.exe [2871808]
[MD5.94355C28C1970635A31B3FE52EB7CEBA] - (.Microsoft Corporation - Aplicativo de Inicialização do Windows.) (.13/07/2009 - 22:39:52.) -- C:\Windows\System32\Wininit.exe [129024]
[MD5.69151E566295E5A977FE71FFAFD3B3F8] - (.Microsoft Corporation - Internet Extensions para Win32.) (.09/03/2012 - 15:52:05.) -- C:\Windows\System32\wininet.dll [1390080]
[MD5.1151B1BAA6F350B1DB6598E0FEA7C457] - (.Microsoft Corporation - Aplicativo de Logon do Windows.) (.20/11/2010 - 10:25:32.) -- C:\Windows\System32\Winlogon.exe [390656]
[MD5.067FA52BFB59A56110A12312EF9AF243] - (.Microsoft Corporation - Biblioteca de Licenciamento de Software.) (.20/11/2010 - 10:27:28.) -- C:\Windows\System32\sppcomapi.dll [232448]
[MD5.D5B031C308A409A0A576BFF4CF083D30] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.09/03/2012 - 15:33:57.) -- C:\Windows\system32\Drivers\AFD.sys [499200]
[MD5.02062C0B390B7729EDC9E69C680A6F3C] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.13/07/2009 - 22:52:21.) -- C:\Windows\system32\Drivers\atapi.sys [24128]
[MD5.B8BD2BB284668C84865658C77574381A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.13/07/2009 - 20:19:47.) -- C:\Windows\system32\Drivers\Cdfs.sys [92160]
[MD5.F036CE71586E93D94DAB220D7BDF4416] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.20/11/2010 - 06:19:22.) -- C:\Windows\system32\Drivers\Cdrom.sys [147456]
[MD5.9BB2EF44EAA163B29C4A4587887A0FE4] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.20/11/2010 - 06:26:34.) -- C:\Windows\system32\Drivers\DfsC.sys [102400]
[MD5.97BFED39B6B79EB12CDDBFEED51F56BB] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.20/11/2010 - 07:43:44.) -- C:\Windows\system32\Drivers\HDAudBus.sys [122368]
[MD5.FA55C73D4AFFA7EE23AC4BE53B4592D3] - (.Microsoft Corporation - Driver de porta i8042.) (.13/07/2009 - 20:19:57.) -- C:\Windows\system32\Drivers\i8042prt.sys [105472]
[MD5.AF9B39A7E7B6CAA203B3862582E9F2D0] - (.Microsoft Corporation - IP Network Address Translator.) (.13/07/2009 - 21:10:03.) -- C:\Windows\system32\Drivers\IpNat.sys [116224]
[MD5.A5D9106A73DC88564C825D317CAC68AC] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.09/03/2012 - 15:32:09.) -- C:\Windows\system32\Drivers\MRxSmb.sys [158208]
[MD5.09594D1089C523423B32A4229263F068] - (.Microsoft Corporation - MBT Transport driver.) (.20/11/2010 - 06:23:22.) -- C:\Windows\system32\Drivers\netBT.sys [261632]
[MD5.A2F74975097F52A00745F9637451FDD8] - (.Microsoft Corporation - Driver do Sistema de Arquivos NT.) (.09/03/2012 - 15:27:31.) -- C:\Windows\system32\Drivers\ntfs.sys [1659776]
[MD5.0086431C29C35BE1DBC43F52CC273887] - (.Microsoft Corporation - Driver de porta paralela.) (.13/07/2009 - 21:00:41.) -- C:\Windows\system32\Drivers\Parport.sys [97280]
[MD5.471815800AE33E6F1C32FB1B97C490CA] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.20/11/2010 - 07:52:36.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [129536]
[MD5.548260A7B8654E024DC30BF8A7C5BAA4] - (.Microsoft Corporation - SMB Transport driver.) (.13/07/2009 - 21:09:09.) -- C:\Windows\system32\Drivers\smb.sys [93184]
[MD5.DDAD5A7AB24D8B65F8D724F5C20FD806] - (.Microsoft Corporation - TDI Translation Driver.) (.20/11/2010 - 06:21:58.) -- C:\Windows\system32\Drivers\tdx.sys [119296]
[MD5.DF8126BD41180351A093A3AD2FC8903B] - (.Microsoft Corporation - Driver de cópia de sombra de volume.) (.09/03/2012 - 15:11:02.) -- C:\Windows\system32\Drivers\volsnap.sys [296320]
~ Generic Processes:  Scanned in 00mn 00s



---\\ Estatuto dos ficheiros ocultos (Oculto/Total)
~ Mes images (My Pictures) : 1/248
~ Mes musiques (My Musics) : 1/281
~ Mes Videos (My Videos) : 1/77
~ Mes Favoris (My Favorites) : 1/8
~ Mes Documents (My Documents) : 3/1853
~ Mon Bureau (My Desktop) : 1/381
~ Menu demarrer (Programs) : 1/36
~ Hidden Files:  Scanned in 00mn 08s



---\\ Processos lançados
[MD5.06602AAC468BFACD8E5344DB0AE3DDD3] - (.Huawei Technologies Co., Ltd. - DataCardMonitor MFC Application.) -- C:\ProgramData\DatacardService\DCSHelper.exe   [230912] [PID.2780]
[MD5.ED759B7FD51466447CC31CBE79B99050] - (.ASUSTek Computer Inc. - ASUS USB Charger Plus.) -- C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe   [1121448] [PID.3000]
[MD5.6B3BA5BB455D7A4FD16B697B8F73858F] - (.ASUSTek Computer Inc. - ASUS FaceLogon Application.) -- C:\Program Files (x86)\ASUS\FaceLogon\sensorsrv.exe   [473728] [PID.3012]
[MD5.5AC92ABC3A201B79A73B1011B078EAE0] - (.ASUSTeK Computer Inc. - ASUS Quick Gesture Exe.) -- C:\Program Files (x86)\ASUS\ASUS Virtual Touch\QuickGesture\x86\QuickGesture.exe   [17872] [PID.1384]
[MD5.D9AB754613208112B840C75B6762B909] - (.ASUSTek Computer Inc. - ATKOSD2.) -- C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe   [322176] [PID.2220]
[MD5.64A7C84C0A8C79B22033F92D43919062] - (.ASUS - ACMON.) -- C:\Program Files (x86)\ASUS\Splendid\ACMON.exe   [102568] [PID.2992]
[MD5.98CADC34741738CFC24F5CDFDAA408FA] - (.ASUSTeK - ACEngSvr Module.) -- C:\Windows\SysWOW64\ACEngSvr.exe   [162456] [PID.3360]
[MD5.37DEB76A2CF005841C4E45DE2B94D84F] - (.ASUS - AsScrPro.) -- C:\Windows\AsScrPro.exe   [3058304] [PID.3368]
[MD5.35048D8E8A0BF7A797CD5757ACD7EED0] - (.CyberLink - CyberLink MediaLibray Service.) -- C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe   [107816] [PID.3396]
[MD5.98B31CBC09D671DADEB7C92AEF1CBE29] - (.Huawei Technologies Co., Ltd. - Online Update Clinet.) -- C:\Users\Pablo\AppData\Roaming\VIVO INTERNET\ouc.exe   [110592] [PID.5168]
[MD5.E5703839EE9DD7FACE721CF56E3F9963] - (.MyCity - MCShield Real-Time Monitor.) -- C:\Program Files (x86)\MCShield\MCShieldRTM.exe   [650816] [PID.5272]
[MD5.4D1DA8CE5E364D22B4FF00F163194514] - (.Intel Corporation - Intel(R) USB 3.0 Monitor.) -- C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe   [291608] [PID.5372]
[MD5.5AEBF6FA9805C9101220AA4FB4FA17E7] - (.ASUS - HControlUser.) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe   [105016] [PID.5404]
[MD5.F505FED2BE73AD26D2941A0CBCEF2DB5] - (.Oracle Corporation - Java Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe   [224128] [PID.5412]
[MD5.5FA7D3322DA8E6A6D92B49130E48A0D7] - (.AVG Technologies CZ, s.r.o. - AVG User Interface.) -- C:\Program Files (x86)\AVG\AVG2014\avgui.exe   [5180432] [PID.5420]
[MD5.542459D16B416D054161007FC9B1246E] - (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe   [841032] [PID.3324]
[MD5.1780A53FCE5975B94604775CD9460F22] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe   [7865344] [PID.5128]
[MD5.A3626C6D3F2DC95497F3F61842D7FD89] - (.ASUS - ASLDR Service.) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe   [80512] [PID.1788]
[MD5.DBC598E47E7A382E60E2A4745D41FEF9] - (.ASUS - GFNEXSrv.) -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe   [96896] [PID.1856]
[MD5.6A122B4F0E5293CACFA8A5F2CBA9B356] - (.ASUS - ASUS InstantOn Program.) -- C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnSrv.exe   [277120] [PID.2060]
[MD5.1992C2A1867D95AA3A0802539358D162] - (.No owner - Service.) -- C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe   [18656] [PID.2088]
[MD5.DBAEB3D23C653018629A76E53260E122] - (.AVG Technologies CZ, s.r.o. - AVG Watchdog Service.) -- C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe   [291912] [PID.2212]
[MD5.20DDC9CED8BC8390138F3187E0FF7411] - (.ASUSTek Computer Inc. - HControl.) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe   [174720] [PID.2404]
[MD5.3CF87D0243C7D37FAA1A79C013FD3FB5] - (.ASUS - ASUS InstantOn Program.) -- C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnWMI.exe   [309888] [PID.2412]
[MD5.896AA2F1D79662B17D5DBBE588E24E30] - (...) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe   [128280] [PID.2624]
[MD5.3C6630473DD42FFC57D9F5564F533127] - (.Intel Corporation - Intel(R) Dynamic Application Loader Host In.) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe   [161560] [PID.2648]
[MD5.149126216A694E6BA84E92ECA77AAE3B] - (.ASUS - ATKOSD.) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe   [2488888] [PID.4832]
[MD5.AA11E1368EEB237DD100BAC6AFFE1C57] - (.ASUS - KBFiltr.) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe   [113208] [PID.4868]
[MD5.4A7C441D99D86704D194E7678873B95D] - (.ASUS - WDC.) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe   [174648] [PID.4884]
[MD5.2B23FAA39D8F949ED5EEE03ECA50BCD5] - (.Intel Corporation - Local Manageability Service.) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe   [277784] [PID.5520]
[MD5.9D1CCE440552500DED3A62F9D779CDB4] - (.Nero AG - NeroUpdate.) -- C:\Program Files (x86)\Nero\Update\NASvc.exe   [503080] [PID.4084]
[MD5.3C5405EF78576E8E4D791EB18F6856A8] - (.Intel Corporation - User Notification Service.) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe   [363800] [PID.2520]
~ Processes Running:  Scanned in 00mn 01s



---\\ Google Chrome, Arranque,Pesquisa,Extensões (G0,G1,G2)
C:\Users\Pablo\AppData\Local\Google\Chrome\User Data\Default\Preferences
G2 - GCE: Preference [User Data\Default] [ahfgeienlihckogmohjhadlkjgocpleb] Loja v.0.2 (Activé)
G2 - GCE: Preference [User Data\Default] [neajdppkdcdipfabeoofebfddakdcjhd] Google Network Speech v.1.0 (Activé)
G2 - GCE: Preference [User Data\Default] [nkeimhogjdpnpccoofpliimaahmaaome] Hangout Services v.1.0 (Activé)

---\\ Pasta de extensão do Google Chrome
~ Google Lines Browser: 15 Legitimates Filtered in 00mn 01s



---\\ Internet Explorer, Gestão do Proxy (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management:  Scanned in 00mn 00s



---\\ Análise das linhas F0, F1, F2, F3 - Ficheiros ini, Carregamento Automático de programas
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys:  Scanned in 00mn 00s



---\\ Redireção do ficheiro Hosts (01)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File:  Scanned in 00mn 00s
~ Nombre de lignes (Lines number): 21



---\\ Outras conexões do utilizador (04)
O4 - GS\QuickLaunch [Pablo]: BitTorrent.lnk . (.BitTorrent Inc. - BitTorrent.)  -- C:\Users\Pablo\AppData\Roaming\BitTorrent\BitTorrent.exe   =>P2P.BitTorrent
~ Global Startup: 1 Legitimates Filtered in 00mn 01s



---\\ Aplicações iniciadas por registo & pastas (04)
O4 - HKLM\..\Run: [VizorHtmlDialog.exe] . (.Trend Micro Inc. - Trend Titanium.) -- C:\Program Files\Trend Micro\Titanium\UIFramework\VizorHtmlDialog.exe
O4 - HKLM\..\Run: [Trend Micro Client Framework] . (.Trend Micro Inc. - Trend Micro Client Session Agent Monitor.) -- C:\Program Files\Trend Micro\UniClient\UiFrmWrk\UIWatchDog.exe
O4 - HKLM\..\Run: [Trend Micro Titanium] . (.Trend Micro Inc. - VizorShortCut Dynamic Link Library.) -- C:\Program Files\Trend Micro\Titanium\VizorShortCut.exe
O4 - HKLM\..\Run: [IgfxTray] . (.Intel Corporation - igfxTray Module.) -- C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] . (.Intel Corporation - hkcmd Module.) -- C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [ETDCtrl] C:\Program Files (x86)\Elantech\ETDCtrl.exe (.not file.)
O4 - HKCU\..\Run: [SUPERAntiSpyware] . (.SUPERAntiSpyware - SUPERAntiSpyware Application.) -- C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKCU\..\Run: [HW_OPENEYE_OUC_VIVO INTERNET] . (.Huawei Technologies Co., Ltd. - Online Update Clinet.) -- C:\Program Files (x86)\VIVO INTERNET\UpdateDog\ouc.exe
O4 - HKCU\..\Run: [Fotos Slides Movie] . (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\wscript.exe
O4 - HKCU\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets da Área de Trabalho do Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe
O4 - HKCU\..\Run: [MCShield Monitor] . (.MyCity - MCShield Real-Time Monitor.) -- C:\Program Files (x86)\MCShield\mcshieldrtm.exe
O4 - HKLM\..\Wow6432Node\Run: [USB3MON] . (.Intel Corporation - Intel(R) USB 3.0 Monitor.) -- C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
O4 - HKLM\..\Wow6432Node\Run: [ATKOSD2] . (.ASUSTek Computer Inc. - ATKOSD2.) -- C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
O4 - HKLM\..\Wow6432Node\Run: [HControlUser] . (.ASUS - HControlUser.) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
O4 - HKLM\..\Wow6432Node\Run: [SunJavaUpdateSched] . (.Oracle Corporation - Java Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe   =>.Oracle Corporation
O4 - HKLM\..\Wow6432Node\Run: [AVG_UI] . (.AVG Technologies CZ, s.r.o. - AVG User Interface.) -- C:\Program Files (x86)\AVG\AVG2014\avgui.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets da Área de Trabalho do Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets da Área de Trabalho do Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe   =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe   =>.Microsoft Corporation
O4 - HKUS\S-1-5-21-1322692611-2876088620-685211800-1000\..\Run: [SUPERAntiSpyware] . (.SUPERAntiSpyware - SUPERAntiSpyware Application.) -- C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKUS\S-1-5-21-1322692611-2876088620-685211800-1000\..\Run: [HW_OPENEYE_OUC_VIVO INTERNET] . (.Huawei Technologies Co., Ltd. - Online Update Clinet.) -- C:\Program Files (x86)\VIVO INTERNET\UpdateDog\ouc.exe
O4 - HKUS\S-1-5-21-1322692611-2876088620-685211800-1000\..\Run: [Fotos Slides Movie] . (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\wscript.exe
O4 - HKUS\S-1-5-21-1322692611-2876088620-685211800-1000\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets da Área de Trabalho do Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe
O4 - HKUS\S-1-5-21-1322692611-2876088620-685211800-1000\..\Run: [MCShield Monitor] . (.MyCity - MCShield Real-Time Monitor.) -- C:\Program Files (x86)\MCShield\mcshieldrtm.exe
~ Application:  Scanned in 00mn 00s



---\\ Boutões da barra de ferramentas principal do Internet Explorer (09)
O9 - Extra button: &Enviar para o OneNote [64Bits] - {2670000A-7350-4f3c-8081-5663EE0C6C49} -- C:\Program Files (x86)\MICROS~2\Office14\ONBttnIE.dll (.not file.)
O9 - Extra button: &Anotações Vinculadas do OneNote [64Bits] - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} -- C:\Program Files (x86)\MICROS~2\Office14\ONBTTN~1.dll (.not file.)
~ IE Extra Buttons:  Scanned in 00mn 00s



---\\ Alteração Dominio/Clientes DNS (017)
O17 - HKLM\System\CCS\Services\Tcpip\..\{1500AF52-0759-421E-8B3F-BCDA4B7D2A17}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{BB63EC2B-D5C3-46F0-9309-F0A53548DD06}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{1500AF52-0759-421E-8B3F-BCDA4B7D2A17}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{BB63EC2B-D5C3-46F0-9309-F0A53548DD06}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{1500AF52-0759-421E-8B3F-BCDA4B7D2A17}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{BB63EC2B-D5C3-46F0-9309-F0A53548DD06}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
~ Domain:  Scanned in 00mn 00s



---\\ Protocolo adicional (018)
O18 - Handler: wlpg [64Bits] - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (...) --
O18 - Filter: text/xml [64Bits] - {807573E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.dll  =>.Microsoft Corporation
~ Protocole Additionnel:  Scanned in 00mn 00s



---\\ Valor do Registo AppInit_DLLs e sub-chaves Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: igfxcui . (.Intel Corporation - igfxdev Module.) -- C:\Windows\System32\igfxdev.dll
~ Winlogon:  Scanned in 00mn 00s



---\\ Lista dos serviços NT não Microsoft e não desativados (023)
O23 - Service: HWDeviceService64.exe (HWDeviceService64.exe) . (.No owner - DCSHOST.) - C:\ProgramData\DatacardService\HWDeviceService64.exe
O23 - Service: Personalization Panel DWM controller (persdwmsrv) . (.http://winaero.com/ - persdwmsrv.) - C:\Program Files (x86)\winaero.com\Personalization Panel DWM Controller\persdwmsrv.exe
~ Services: 19 Legitimates Filtered in 00mn 08s



---\\ Tarefas planificadas automaticamente (039)
[MD5.82A44E0CFE6F6228F1BF3FCC8217B611] [APT] [FreeFixer background scan] (.Kephyr.) -- C:\Program Files\FreeFixer\freefixer.exe   [4148736]
[MD5.00000000000000000000000000000000] [APT] [{04389DD9-FE32-440C-8C5D-71B68966DBD3}] (...) -- C:\Users\Pablo\Downloads\WL_560_10.exe (.not file.)   [0]
[MD5.00000000000000000000000000000000] [APT] [{81F83576-E56E-4936-BBEE-B220BA37C884}] (...) -- C:\Program Files (x86)\Positivo\Miniaurelio\aurelio.exe (.not file.)   [0]
[MD5.00000000000000000000000000000000] [APT] [{BF8695F3-1E2C-453C-AC87-1BF14BE03EDA}] (...) -- C:\Program Files (x86)\Positivo\Miniaurelio\aurelio.exe (.not file.)   [0]
O39 - APT:  - (..) -- C:\Windows\System32\Tasks\Adobe Flash Player Updater   [902]
O39 - APT: FreeFixer background scan - (.Kephyr.) -- C:\Windows\Tasks\FreeFixer background scan.job   [308]
O39 - APT: FreeFixer background scan - (.Kephyr.) -- C:\Windows\System32\Tasks\FreeFixer background scan   [308]
O39 - APT:  - (..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore   [1078]
O39 - APT:  - (..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA   [1082]
O39 - APT:  - (..) -- C:\Windows\System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon   [828]
O39 - APT: APT:  - (..) -- C:\Windows\System32\System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon   [828] - (..) -- C:\Windows\System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d   [830]
~ Scheduled Task: 28 Legitimates Filtered in 00mn 04s



---\\ Software instalados (042)
O42 - Logiciel: CADe Simu 1.0 - (.Juan Luiz Villanueva Montoto.) [HKLM][64Bits] -- {0DB78696-CA47-4750-8458-D566A65D4F64}_is1
O42 - Logiciel: CCE+SABER - v1.0 - (.CCE+SABER.) [HKLM][64Bits] -- {D445A7B9-69A8-4860-95B9-BB957281D9A0}_is1
O42 - Logiciel: FreeFixer - (.Kephyr.) [HKLM][64Bits] -- FreeFixer1.09
O42 - Logiciel: Klavaro-1.9.7 - (...) [HKLM][64Bits] -- Klavaro_is1
O42 - Logiciel: MCShield ::Anti-Malware Tool:: - (.MyCity.) [HKLM][64Bits] -- MCShield
O42 - Logiciel: PokerStars - (.PokerStars.) [HKLM][64Bits] -- PokerStars
O42 - Logiciel: Update for PriceMeter - (.Update for PriceMeter.) [HKCU][64Bits] -- PriceMeterUpdater  =>PUP.PriceMeter
~ Logic: 32 Legitimates Filtered in 00mn 01s



---\\ HKCU & HKLM Software Keys
[HKCU\Software\Authorsoft]
[HKCU\Software\Baidu Security]  =>Adware.BDSearch
[HKCU\Software\MCShield]
[HKLM\Software\Baidu Security]  =>Adware.BDSearch
[HKLM\Software\Wow6432Node\Baidu Security]  =>Adware.BDSearch
[HKLM\Software\Wow6432Node\Baidu_Drp_pos]  =>Adware.BDSearch
~ Key Software: 351 Legitimates Filtered in 00mn 01s



---\\ Conteúdo das pastas Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 03/03/2014 - 12:12:23 - [] ----D C:\Program Files (x86)\Baidu Security  =>Adware.BDSearch
O43 - CFD: 29/04/2014 - 12:44:51 - [] ----D C:\Program Files (x86)\MCShield
O43 - CFD: 21/10/2013 - 11:24:45 - [] ----D C:\Program Files (x86)\PokerStars
O43 - CFD: 15/02/2014 - 15:38:00 - [] ----D C:\Program Files (x86)\VIVO INTERNET
O43 - CFD: 20/03/2014 - 11:41:23 - [] ----D C:\ProgramData\Baidu Security  =>Adware.BDSearch
O43 - CFD: 30/04/2014 - 09:45:10 - [] ----D C:\ProgramData\MCShield
O43 - CFD: 16/03/2014 - 16:56:00 - [] ----D C:\Users\Pablo\AppData\Roaming\FreeFixer
O43 - CFD: 26/04/2014 - 19:10:13 - [] ----D C:\Users\Pablo\AppData\Roaming\klavaro
O43 - CFD: 03/03/2014 - 12:48:51 - [] ----D C:\Users\Pablo\AppData\Roaming\VIVO INTERNET
O43 - CFD: 24/03/2013 - 20:56:42 - [] ----D C:\Users\Pablo\AppData\Roaming\[ManufacturerNonTM]
O43 - CFD: 16/03/2014 - 18:55:37 - [] ----D C:\Users\Pablo\AppData\Local\FreeFixer
O43 - CFD: 23/10/2013 - 21:36:25 - [] ----D C:\Users\Pablo\AppData\Local\PokerStars
O43 - CFD: 21/10/2013 - 11:24:38 - [] ----D C:\Users\Pablo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PokerStars
~ Program Folder: 186 Legitimates Filtered in 00mn 00s



---\\ Últimos ficheiros alterados ou criados no Windows e Sistema32 (044)
O44 - LFC:[MD5.D75D9BDDDDBC8C5CBF986E4FFD9A3C67] - 29/04/2014 - 10:23:48 ---A- . (...) -- C:\Windows\System32\prfc0416.dat   [175484]
O44 - LFC:[MD5.54A3EF63482D9CB17919E4D1AB7A4EEC] - 29/04/2014 - 10:23:48 ---A- . (...) -- C:\Windows\System32\prfh0416.dat   [781268]
O44 - LFC:[MD5.62414DB98CD0382581EF07AB7831B247] - 29/04/2014 - 12:27:22 ---A- . (...) -- C:\Windows\System32\ServiceFilter.ini   [1827]
O44 - LFC:[MD5.17C7AD2CEBE81AA8DFCB8B2435DD392F] - 29/04/2014 - 12:32:09 ---A- . (...) -- C:\UsbFix [Clean 2] PES.txt   [13385]
O44 - LFC:[MD5.F68DE94F61A5EB69655E933945DFC3F0] - 29/04/2014 - 13:06:52 ---A- . (...) -- C:\Windows\System32\AutoRunFilter.ini   [2390]
O44 - LFC:[MD5.408038730726E97372C8CBB13B8C753B] - 29/04/2014 - 22:54:09 ---A- . (...) -- C:\files.log   [97]
O44 - LFC:[MD5.DE56BF311A5219BDF8F66836A4A320E1] - 29/04/2014 - 22:54:21 ---A- . (...) -- C:\folders.log   [70]
O44 - LFC:[MD5.FF219CB8EC166C8738192F934FB0728D] - 29/04/2014 - 22:54:22 ---A- . (...) -- C:\runcheck.txt   [3247]
O44 - LFC:[MD5.7BDB831E6E06701BA9DB82E5D552B4B7] - 29/04/2014 - 22:54:22 ---A- . (...) -- C:\zoek-results.log   [19376]
~ Files: 25 Legitimates Filtered in 00mn 12s



---\\ Operações e funções ao arranque do Windows Explorer (046)
O46 - SEH:ShellExecuteHooks - Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL
O46 - SEH:ShellExecuteHooks - Groove GFS Stub Execution Hook [64Bits] - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL
~ ShellExecuteHooks:  Scanned in 00mn 00s



---\\ Chave do registo Shell MountPoints2 (MPKS) (O51)
O51 - MPSK:{2965f145-58e0-11e2-91f3-446d577c2617}\AutoRun\command. (...) -- E:\AutoRun.exe (.not file.)
~ Keys:  Scanned in 00mn 00s



---\\ Enumeração das chaves do registo PoliciesSystem (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=0
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
~ MWPS: 18 Legitimates Filtered in 00mn 00s



---\\ Enumeração das chaves do registo PoliciesExplorer (MWPE) (O56)
O56 - MWPE:[HKCU\...\policies\Explorer] - "NoLowDiskSpaceChecks"=1
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktopChanges"=1
~ MWPE Keys: 4 Legitimates Filtered in 00mn 00s



---\\ Lista dos drivers do sistema (SDL) (O58)
O58 - SDL:11/04/2012 - 19:49:00 ---A- . (.Windows (R) Win 7 DDK provider - ASUS Virtual Bus.) -- C:\Windows\System32\Drivers\AsusVBus.sys   [35968]
O58 - SDL:11/04/2012 - 19:48:58 ---A- . (.Windows (R) Win 7 DDK provider - ASUS HID mini driver for Virtual Touch Device.) -- C:\Windows\System32\Drivers\AsusVTouch.sys   [16512]
O58 - SDL:21/01/2014 - 11:14:40 ---A- . (.Baidu, Inc. - Baidu Antivirus Minifilter Driver.) -- C:\Windows\System32\Drivers\Bfilter.sys   [52032]
O58 - SDL:21/01/2014 - 11:14:50 ---A- . (.Baidu, Inc. - Baidu FS Monitor Driver.) -- C:\Windows\System32\Drivers\Bfmon.sys   [34624]  =>Adware.BDSearch
O58 - SDL:21/01/2014 - 07:01:36 ---A- . (.Baidu, Inc. - Baidu Antivirus Selfprotect Driver.) -- C:\Windows\System32\Drivers\Bprotect.sys   [128992]
O58 - SDL:13/07/2009 - 22:47:48 ---A- . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\System32\Drivers\elxstor.sys   [530496]
O58 - SDL:19/02/2012 - 15:16:24 ---A- . (.ELAN Microelectronics Corp. - ETD Kernel Center.) -- C:\Windows\System32\Drivers\ETD.sys   [200488]
O58 - SDL:08/10/2010 - 15:59:40 ---A- . (.Huawei Tech. Co., Ltd. - HUAWEI USB Smart Card Driver.) -- C:\Windows\System32\Drivers\ewdcsc.sys   [32768]
O58 - SDL:10/06/2009 - 17:31:59 ---A- . (.Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for eHome.) -- C:\Windows\System32\Drivers\hcw85cir.sys   [31232]
O58 - SDL:20/07/2009 - 06:29:40 ---A- . (.No owner - Keyboard Filter Driver.) -- C:\Windows\System32\Drivers\kbfiltr.sys   [15416]
O58 - SDL:06/08/2010 - 06:43:20 ---A- . (.DiBcom SA - DiBcom AVSTREAM BDA driver.) -- C:\Windows\System32\Drivers\mod7700.sys   [1001472]
O58 - SDL:13/07/2009 - 22:45:55 ---A- . (.Promise Technology - Promise  SuperTrak EX Series Driver for Windows.) -- C:\Windows\System32\Drivers\stexstor.sys   [24656]
O58 - SDL:13/07/2009 - 00:09:20 ---A- . (...) -- C:\Windows\System32\Drivers\uxpatch.sys   [30568]
~ Drivers: 95 Legitimates Filtered in 00mn 03s



---\\ Lista das ferramentas de remoção de vírus (LAT) (063)
O63 - Logiciel: UsbFix - (.El Desaparecido - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] [HKLM] -- Usbfix
O63 - Logiciel: ZHPDiag 2014 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1  =>.Nicolas Coolman
~ ADS:  Scanned in 00mn 00s



---\\ Associações Shell Spawning (O67)
O67 - Shell Spawning: <.html> <ChromeHTML>[HKCU\..\open\Command] (.Not Key.)
~ FASS Keys: 12 Legitimates Filtered in 00mn 00s



---\\ Menu de inicialização Internet (068)
O68 - StartMenuInternet: <Google Chrome> <Google Chrome>[HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
~ Keys:  Scanned in 00mn 00s



---\\ Pesquisa de infeção nos navegadores da Internet (SBI) (069)
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (Bing) - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O69 - SBI: SearchScopes [HKCU] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} [DefaultScope] - (Google) - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
~ Keys:  Scanned in 00mn 00s



---\\ Pesquisa adicional à raiz do sistema (radicular) (SPRF) (O84)
[MD5.0D3B680986310AE5540578C0E481C6A0] [SPRF][06/10/2010] (...) -- C:\ProgramData\FullRemove.exe   [131984]
[MD5.84B72873ADECCEDA4E044FE08A831041] [SPRF][16/03/2014] (...) -- C:\ProgramData\ntuser.dat   [262144]
[MD5.B0EB78EB2BE8B03D5B9C485AB9318B70] [SPRF][17/02/2013] (...) -- C:\Users\Pablo\AppData\Roaming\room_v3.dat   [45270]
[MD5.A99C974ACF7FBBE34B01FD412E81604C] [SPRF][30/04/2014] (...) -- C:\Users\Pablo\AppData\Roaming\sp_data.sys   [380]
~ Files: 5 Legitimates Filtered in 00mn 00s



---\\ Lista das exceções do FireWall (FirewallRules) (O87)
O87 - FAEL: "{99E9D4AC-76D8-41A1-88CC-44147B27CF66}" | In - None - P6 - TRUE | .(.BitTorrent Inc. - BitTorrent.) -- C:\Users\Pablo\AppData\Roaming\BitTorrent\BitTorrent.exe  =>P2P.BitTorrent
O87 - FAEL: "{8A2A6E00-8457-474A-B1A5-BFF72DDE6730}" | In - None - P17 - TRUE | .(.BitTorrent Inc. - BitTorrent.) -- C:\Users\Pablo\AppData\Roaming\BitTorrent\BitTorrent.exe  =>P2P.BitTorrent
~ Firewall: 2 Legitimates Filtered in 00mn 01s



---\\ Search Tracing Registry Key (O100)
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\BingBar_RASAPI32  =>Toolbar.Bing
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\BitTorrent_RASAPI32  =>P2P.BitTorrent
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\BitTorrent_RASMANCS  =>P2P.BitTorrent
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\yontoo-C4-0A14_RASAPI32  =>Adware.Yontoo
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\yontoo-C4-0A14_RASMANCS  =>Adware.Yontoo
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\YontooDesktop_RASAPI32  =>Adware.Yontoo
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\YontooDesktop_RASMANCS  =>Adware.Yontoo
~ BTK: 313 Legitimates Filtered in 00mn 00s



---\\ Estado general dos serviços não Microsoft (EGS) (SR=Executados, SS=Parados)
SS - | Demand 18/12/2013 65432 |  (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
SS - | Demand 27/05/2013 256904 |  (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
SS - | Demand 02/08/2011 275912 |  (Amsp) . (.Trend Micro Inc..) - C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe
SS - | Auto 18/04/2014 3645456 |  (AVGIDSAgent) . (.AVG Technologies CZ, s.r.o..) - C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe
SS - | Demand 06/03/2012 276248 |  (cphs) . (.Intel Corporation.) - C:\Windows\SysWow64\IntelCpHeciSvc.exe
SS - | Demand 17/08/2013 1431888 |  (FLEXnet Licensing Service 64) . (.Flexera Software, Inc..) - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
SS - | Auto 09/03/2012 136176 |  (gupdate) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 09/03/2012 136176 |  (gupdatem) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Auto 01/03/2013 161384 |  (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files (x86)\Skype\Updater\Updater.exe
SS - | Demand 13/07/2009 27136 | C:\Program Files (x86)\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SS - | Demand 10/07/1658 0 |  (WMPNetworkSvc) . (...) - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe  =>.Microsoft Corporation
SS - | Disabled 13/07/2009 27136 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SR - | Auto 11/07/2012 140672 |  (!SASCORE) . (.SUPERAntiSpyware.com.) - C:\Program Files\SUPERAntiSpyware\SASCORE64.exe
SR - | Auto 03/03/2011 379520 |  (AFBAgent) . (.ASUSTeK Computer Inc..) - C:\Windows\system32\FBAgent.exe
SR - | Auto 21/11/2011 80512 |  (ASLDRService) . (.ASUS.) - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
SR - | Auto 13/04/2012 277120 |  (ASUS InstantOn) . (.ASUS.) - C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnSrv.exe
SR - | Auto 21/11/2011 96896 |  (ATKGFNEXSrv) . (.ASUS.) - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
SR - | Auto 02/02/2011 18656 |  (Autodesk Content Service) . (...) - C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe
SR - | Auto 27/03/2014 291912 |  (avgwd) . (.AVG Technologies CZ, s.r.o..) - C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe
SR - | Auto 16/11/2010 339456 |  (HWDeviceService64.exe) . (...) - C:\ProgramData\DatacardService\HWDeviceService64.exe
SR - | Auto 03/02/2012 628448 |  (Intel(R) Capability Licensing Service Interface) . (.Intel(R) Corporation.) - C:\Program Files\Intel\iCLS Client\HeciServer.exe
SR - | Auto 21/02/2012 128280 |  (Intel(R) ME Service) . (...) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
SR - | Auto 21/02/2012 161560 |  (jhi_service) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
SR - | Auto 28/02/2012 277784 |  (LMS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
SR - | Auto 04/05/2010 503080 |  (NAUpdate) . (.Nero AG.) - C:\Program Files (x86)\Nero\Update\NASvc.exe
SR - | Auto 07/04/2012 8192 |  (persdwmsrv) . (.http://winaero.com/.) - C:\Program Files (x86)\winaero.com\Personalization Panel DWM Controller\persdwmsrv.exe
SR - | Demand 02/08/2011 247072 |  (TiMiniService) . (.Trend Micro Inc..) - C:\Program Files\Trend Micro\Titanium\TiMiniService.exe
SR - | Auto 28/02/2012 363800 |  (UNS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
SR - | Auto 13/07/2009 24168 |  (UnsignedThemes) . (.The Within Network, LLC.) - C:\Windows\UnsignedThemesSvc.exe
~ Services:  Scanned in 00mn 10s



---\\ Scâner Aditional (088)
Database Version : 13045 - (28/04/2014)
Clés trouvées (Keys found) : 2
Valeurs trouvées (Values found) : 1
Dossiers trouvés  (Folders found) : 2
Fichiers trouvés  (Files found) : 4

[HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\PriceMeterUpdater]   =>PUP.PriceMeter^
[HKLM\Software\Wow6432Node\Microsoft\Tracing\BingBar_RASAPI32]   =>Toolbar.Bing
C:\Program Files (x86)\Baidu Security   =>Adware.BDSearch^
C:\ProgramData\Baidu Security   =>Adware.BDSearch^
[HKCU\Software\Baidu Security]   =>Adware.BDSearch^
[HKLM\Software\Baidu Security]   =>Adware.BDSearch^
[HKLM\Software\Wow6432Node\Baidu Security]   =>Adware.BDSearch^
[HKLM\Software\Wow6432Node\Baidu_Drp_pos]   =>Adware.BDSearch^
~ Additionnel Scan: 415948 Items scanned in 00mn 48s



---\\ Sumário das deteções encontradas na sua estação
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]  =>PUP.PriceMeter
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]  =>Adware.BDSearch
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]  =>Adware.Yontoo
~ MSI: 3 link(s) detected in 00mn 00s



~ 905 Legitimates filtered by white list
End of the scan (499 lines in 02mn 11s)(0)
pabloescobar
pabloescobar
Membro
Membro

Mensagens : 68
Reputação : 0
Data de inscrição : 17/04/2014
Localização : Minas Gerais

Ir para o topo Ir para baixo

slides - Fotos Slides Movie nos pendrives e PC Empty Re: Fotos Slides Movie nos pendrives e PC

Mensagem por Power Max Qua 30 Abr 2014, 13:28

slides - Fotos Slides Movie nos pendrives e PC 772309  Selecione e copie todo o texto destacado em vermelho que te passei.
_____________________________________________________________________________________________________________

slides - Fotos Slides Movie nos pendrives e PC 772309  Vá no menu: Iniciar > Todos os programas > ZHP > Clique com o botão direito do mouse sobre o Zhpfix e escolha a opção de Executar como administrador > Clique em Importação > Clique no botão GO > Clique em Oui > Caso queira que os arquivos da lixeira sejam excluídos clique em Oui novamente > Um relatório aparecerá no bloco de notas.

Copie este relatório e poste em sua próxima resposta.


Última edição por Power Max em Qui 01 maio 2014, 09:46, editado 1 vez(es)

_________________

Caixa de Dicas
= Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] = O melhor da internet você encontra aqui.

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] = Mensagens de fé e esperança para o seu coração
Power Max
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Ir para o topo Ir para baixo

slides - Fotos Slides Movie nos pendrives e PC Empty Fotos Slides Movie nos pendrives e PC

Mensagem por pabloescobar Qua 30 Abr 2014, 23:09

Rapport de ZHPFix 2014.4.13.3 par Nicolas Coolman, Update du 13/04/2014
Fichier d'export Registre :
Run by Pablo at 30/04/2014 23:08:34
High Elevated Privileges : OK
Windows Vista Home Basic Edition, 64-bit  (Build 6000)

Reciclagem vazia (Cancelado pelo utilizador)
Reparação de atalhos do navegador

========== Chaves do Registo ==========
ELIMINÉ: HKCU\Software\Baidu Security
ELIMINÉ:* HKLM\Software\Baidu Security
ELIMINÉ: HKLM\Software\Wow6432Node\Baidu_Drp_pos
ELIMINÉ CLSID MPSK: {2965f145-58e0-11e2-91f3-446d577c2617}
ELIMINÉ: SearchScopes :{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
ELIMINÉ: HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\yontoo-C4-0A14_RASAPI32
ELIMINÉ: HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\yontoo-C4-0A14_RASMANCS
ELIMINÉ: HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\YontooDesktop_RASAPI32
ELIMINÉ: HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\YontooDesktop_RASMANCS
ELIMINÉ: HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\PriceMeterUpdater

========== Valores do Registo ==========
ELIMINÉ RunValue: Fotos Slides Movie
ProxyFix : Configuração proxy removida com sucesso
ELIMINÉ ProxyServer Value
ELIMINÉ ProxyEnable Value
ELIMINÉ EnableHttp1_1 Value
ELIMINÉ ProxyHttp1.1 Value
ELIMINÉ ProxyOverride Value

========== Pastas ==========
Nenhuma pasta CLSID local utilizador vazia

========== Ficheiros ==========
ELIMINA REINICIAR: c:\windows\system32\wscript.exe
ELIMINA REINICIAR: c:\windows\system32\drivers\bfilter.sys
ELIMINA REINICIAR: c:\windows\system32\drivers\bfmon.sys
ELIMINA REINICIAR: c:\windows\system32\drivers\bprotect.sys
ELIMINÉ Temporários windows (143) (7.294.178 octets)
ELIMINÉ Flash Cookies (0) (0 octets)

========== Tarefa planificada ==========
ELIMINÉ: {04389DD9-FE32-440C-8C5D-71B68966DBD3}
ELIMINÉ: {81F83576-E56E-4936-BBEE-B220BA37C884}
ELIMINÉ: {BF8695F3-1E2C-453C-AC87-1BF14BE03EDA}

========== Restauração Sistema ==========
Ponto de restauro do sistema criado com sucesso


========== Recapitulativo ==========
10 : Chaves do Registo
7 : Valores do Registo
1 : Pastas
6 : Ficheiros
3 : Tarefa planificada
1 : Restauração Sistema


End of clean in 01mn 28s

========== Caminho do ficheiro do relatório ==========
C:\Users\Pablo\AppData\Roaming\ZHP\ZHPFix[R1].txt - 30/04/2014 23:09:08 [2247]
pabloescobar
pabloescobar
Membro
Membro

Mensagens : 68
Reputação : 0
Data de inscrição : 17/04/2014
Localização : Minas Gerais

Ir para o topo Ir para baixo

slides - Fotos Slides Movie nos pendrives e PC Empty Re: Fotos Slides Movie nos pendrives e PC

Mensagem por Power Max Qua 30 Abr 2014, 23:13

slides - Fotos Slides Movie nos pendrives e PC 772309 Abra o ( ZHPDiag )

[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]

|- Clique "SEARCH" ou "PESQUISAR" e aguarde a conclusão.

[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]

|- Clique OK e, ao concluir, poste o relatório ZHPDiag.txt

[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]

_________________

Caixa de Dicas
= Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] = O melhor da internet você encontra aqui.

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] = Mensagens de fé e esperança para o seu coração
Power Max
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Ir para o topo Ir para baixo

slides - Fotos Slides Movie nos pendrives e PC Empty Fotos Slides Movie nos pendrives e PC

Mensagem por pabloescobar Qua 30 Abr 2014, 23:24

~ Relatório do ZHPDiag v2014.4.28.48 - Nicolas Coolman  (28/04/2014)
~ Iniciado por Pablo (30/04/2014 23:21:11)
~ Endereço do Website :  http://nicolascoolman.webs.com
~ Fóruns de suporte gratuito para desinfecção : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
~ Tradução pelo utilizador
~ Estatuto da versão :
~  Lista Branca : Ativado pelo programa
~ Elevação dos Privilégios : OK
~ Controle de Conta de Utilizador : Deactivate by program


---\\ Navegadores Internet
MSIE: Internet Explorer v9.0.8112.16421
GCIE: Google Chrome v34.0.1847.131 (Defaut)

---\\ Informações sobre os produtos Windows
~ Langage: Portugais
Windows 7 Home Basic, 64-bit Service Pack 1 (Build 7601)
Windows Server License Manager Script : OK
Software Protection Service (Protection logicielle) : OK
Windows Automatic Updates : OK
Windows Activation Technologies : OK

---\\ Softwares de proteçao do sistema
AVG 2014 v14.0.3931
Malwarebytes Anti-Malware versão 2.0.1.1004
Trend Micro Titanium v5.00
SUPERAntiSpyware v5.6.1014
Windows Defender W7

---\\ Softwares d'optimização do sistema

---\\ Softwares de partilha do PeerToPeer (P2P)

---\\ Monitoramento dos softwares
Adobe Flash Player 10 Plugin
Adobe Reader X
Java 7 Update 51

---\\ Informações sobre o sistema
~ Processor: Intel64 Family 6 Model 58 Stepping 9, GenuineIntel
~ Operating System: 64 Bits
Boot mode: Normal (Normal boot)
Total RAM: 8078 MB (72% free)
System Restore: Activé (Enable)
System drive C: has 207 GB (68%) free of 300 GB

---\\ Modo de conexão ao sistema
~ Computer Name: PES
~ User Name: Pablo
~ All Users Names: Pablo, Convidado, Administrador,
~ Unselected Option: 045,061,O62,065,066,080,O82,089
Logged in as Administrator

---\\ As variáveis de ambiente
~ System Unit : C:\
~ %AppZHP% : C:\Users\Pablo\AppData\Roaming\ZHP\
~ %AppData% : C:\Users\Pablo\AppData\Roaming\
~ %Desktop% : C:\Users\Pablo\Desktop\
~ %Favorites% : C:\Users\Pablo\Favorites\
~ %LocalAppData% : C:\Users\Pablo\AppData\Local\
~ %StartMenu% : C:\Users\Pablo\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\

---\\ Enumeração das unidades dos discos
C: Hard drive, Flash drive, Thumb drive (Free 207 Go of 300 Go)
D: Hard drive, Flash drive, Thumb drive (Free 365 Go of 373 Go)
F: CD-ROM drive (Not Inserted)



---\\ Estado do Centro de Segurança do Windows
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime : Out Of Date
~ Security Center: 49 Legitimates Filtered in 00mn 00s



---\\ Pesquisa particular de ficheiros genéricos
[MD5.332FEAB1435662FC6C672E25BEB37BE3] - (.Microsoft Corporation - Windows Explorer.) (.09/03/2012 - 15:26:38.) -- C:\Windows\Explorer.exe [2871808]
[MD5.94355C28C1970635A31B3FE52EB7CEBA] - (.Microsoft Corporation - Aplicativo de Inicialização do Windows.) (.13/07/2009 - 22:39:52.) -- C:\Windows\System32\Wininit.exe [129024]
[MD5.69151E566295E5A977FE71FFAFD3B3F8] - (.Microsoft Corporation - Internet Extensions para Win32.) (.09/03/2012 - 15:52:05.) -- C:\Windows\System32\wininet.dll [1390080]
[MD5.1151B1BAA6F350B1DB6598E0FEA7C457] - (.Microsoft Corporation - Aplicativo de Logon do Windows.) (.20/11/2010 - 10:25:32.) -- C:\Windows\System32\Winlogon.exe [390656]
[MD5.067FA52BFB59A56110A12312EF9AF243] - (.Microsoft Corporation - Biblioteca de Licenciamento de Software.) (.20/11/2010 - 10:27:28.) -- C:\Windows\System32\sppcomapi.dll [232448]
[MD5.D5B031C308A409A0A576BFF4CF083D30] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.09/03/2012 - 15:33:57.) -- C:\Windows\system32\Drivers\AFD.sys [499200]
[MD5.02062C0B390B7729EDC9E69C680A6F3C] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.13/07/2009 - 22:52:21.) -- C:\Windows\system32\Drivers\atapi.sys [24128]
[MD5.B8BD2BB284668C84865658C77574381A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.13/07/2009 - 20:19:47.) -- C:\Windows\system32\Drivers\Cdfs.sys [92160]
[MD5.F036CE71586E93D94DAB220D7BDF4416] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.20/11/2010 - 06:19:22.) -- C:\Windows\system32\Drivers\Cdrom.sys [147456]
[MD5.9BB2EF44EAA163B29C4A4587887A0FE4] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.20/11/2010 - 06:26:34.) -- C:\Windows\system32\Drivers\DfsC.sys [102400]
[MD5.97BFED39B6B79EB12CDDBFEED51F56BB] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.20/11/2010 - 07:43:44.) -- C:\Windows\system32\Drivers\HDAudBus.sys [122368]
[MD5.FA55C73D4AFFA7EE23AC4BE53B4592D3] - (.Microsoft Corporation - Driver de porta i8042.) (.13/07/2009 - 20:19:57.) -- C:\Windows\system32\Drivers\i8042prt.sys [105472]
[MD5.AF9B39A7E7B6CAA203B3862582E9F2D0] - (.Microsoft Corporation - IP Network Address Translator.) (.13/07/2009 - 21:10:03.) -- C:\Windows\system32\Drivers\IpNat.sys [116224]
[MD5.A5D9106A73DC88564C825D317CAC68AC] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.09/03/2012 - 15:32:09.) -- C:\Windows\system32\Drivers\MRxSmb.sys [158208]
[MD5.09594D1089C523423B32A4229263F068] - (.Microsoft Corporation - MBT Transport driver.) (.20/11/2010 - 06:23:22.) -- C:\Windows\system32\Drivers\netBT.sys [261632]
[MD5.A2F74975097F52A00745F9637451FDD8] - (.Microsoft Corporation - Driver do Sistema de Arquivos NT.) (.09/03/2012 - 15:27:31.) -- C:\Windows\system32\Drivers\ntfs.sys [1659776]
[MD5.0086431C29C35BE1DBC43F52CC273887] - (.Microsoft Corporation - Driver de porta paralela.) (.13/07/2009 - 21:00:41.) -- C:\Windows\system32\Drivers\Parport.sys [97280]
[MD5.471815800AE33E6F1C32FB1B97C490CA] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.20/11/2010 - 07:52:36.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [129536]
[MD5.548260A7B8654E024DC30BF8A7C5BAA4] - (.Microsoft Corporation - SMB Transport driver.) (.13/07/2009 - 21:09:09.) -- C:\Windows\system32\Drivers\smb.sys [93184]
[MD5.DDAD5A7AB24D8B65F8D724F5C20FD806] - (.Microsoft Corporation - TDI Translation Driver.) (.20/11/2010 - 06:21:58.) -- C:\Windows\system32\Drivers\tdx.sys [119296]
[MD5.DF8126BD41180351A093A3AD2FC8903B] - (.Microsoft Corporation - Driver de cópia de sombra de volume.) (.09/03/2012 - 15:11:02.) -- C:\Windows\system32\Drivers\volsnap.sys [296320]
~ Generic Processes:  Scanned in 00mn 00s



---\\ Estatuto dos ficheiros ocultos (Oculto/Total)
~ Mes images (My Pictures) : 1/248
~ Mes musiques (My Musics) : 1/281
~ Mes Videos (My Videos) : 1/77
~ Mes Favoris (My Favorites) : 1/8
~ Mes Documents (My Documents) : 3/1853
~ Mon Bureau (My Desktop) : 1/383
~ Menu demarrer (Programs) : 1/36
~ Hidden Files:  Scanned in 00mn 07s



---\\ Processos lançados
[MD5.06602AAC468BFACD8E5344DB0AE3DDD3] - (.Huawei Technologies Co., Ltd. - DataCardMonitor MFC Application.) -- C:\ProgramData\DatacardService\DCSHelper.exe   [230912] [PID.2864]
[MD5.ED759B7FD51466447CC31CBE79B99050] - (.ASUSTek Computer Inc. - ASUS USB Charger Plus.) -- C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe   [1121448] [PID.3368]
[MD5.6B3BA5BB455D7A4FD16B697B8F73858F] - (.ASUSTek Computer Inc. - ASUS FaceLogon Application.) -- C:\Program Files (x86)\ASUS\FaceLogon\sensorsrv.exe   [473728] [PID.3376]
[MD5.5AC92ABC3A201B79A73B1011B078EAE0] - (.ASUSTeK Computer Inc. - ASUS Quick Gesture Exe.) -- C:\Program Files (x86)\ASUS\ASUS Virtual Touch\QuickGesture\x86\QuickGesture.exe   [17872] [PID.3384]
[MD5.D9AB754613208112B840C75B6762B909] - (.ASUSTek Computer Inc. - ATKOSD2.) -- C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe   [322176] [PID.3508]
[MD5.64A7C84C0A8C79B22033F92D43919062] - (.ASUS - ACMON.) -- C:\Program Files (x86)\ASUS\Splendid\ACMON.exe   [102568] [PID.3544]
[MD5.98CADC34741738CFC24F5CDFDAA408FA] - (.ASUSTeK - ACEngSvr Module.) -- C:\Windows\SysWOW64\ACEngSvr.exe   [162456] [PID.3612]
[MD5.37DEB76A2CF005841C4E45DE2B94D84F] - (.ASUS - AsScrPro.) -- C:\Windows\AsScrPro.exe   [3058304] [PID.3964]
[MD5.35048D8E8A0BF7A797CD5757ACD7EED0] - (.CyberLink - CyberLink MediaLibray Service.) -- C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe   [107816] [PID.3320]
[MD5.E5703839EE9DD7FACE721CF56E3F9963] - (.MyCity - MCShield Real-Time Monitor.) -- C:\Program Files (x86)\MCShield\MCShieldRTM.exe   [650816] [PID.4816]
[MD5.98B31CBC09D671DADEB7C92AEF1CBE29] - (.Huawei Technologies Co., Ltd. - Online Update Clinet.) -- C:\Users\Pablo\AppData\Roaming\VIVO INTERNET\ouc.exe   [110592] [PID.4828]
[MD5.4D1DA8CE5E364D22B4FF00F163194514] - (.Intel Corporation - Intel(R) USB 3.0 Monitor.) -- C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe   [291608] [PID.5052]
[MD5.5AEBF6FA9805C9101220AA4FB4FA17E7] - (.ASUS - HControlUser.) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe   [105016] [PID.4140]
[MD5.F505FED2BE73AD26D2941A0CBCEF2DB5] - (.Oracle Corporation - Java Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe   [224128] [PID.3704]
[MD5.5FA7D3322DA8E6A6D92B49130E48A0D7] - (.AVG Technologies CZ, s.r.o. - AVG User Interface.) -- C:\Program Files (x86)\AVG\AVG2014\avgui.exe   [5180432] [PID.4324]
[MD5.542459D16B416D054161007FC9B1246E] - (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe   [841032] [PID.1856]
[MD5.1780A53FCE5975B94604775CD9460F22] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe   [7865344] [PID.5372]
[MD5.A3626C6D3F2DC95497F3F61842D7FD89] - (.ASUS - ASLDR Service.) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe   [80512] [PID.1764]
[MD5.DBC598E47E7A382E60E2A4745D41FEF9] - (.ASUS - GFNEXSrv.) -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe   [96896] [PID.1844]
[MD5.6A122B4F0E5293CACFA8A5F2CBA9B356] - (.ASUS - ASUS InstantOn Program.) -- C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnSrv.exe   [277120] [PID.2056]
[MD5.1992C2A1867D95AA3A0802539358D162] - (.No owner - Service.) -- C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe   [18656] [PID.2080]
[MD5.DBAEB3D23C653018629A76E53260E122] - (.AVG Technologies CZ, s.r.o. - AVG Watchdog Service.) -- C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe   [291912] [PID.2228]
[MD5.896AA2F1D79662B17D5DBBE588E24E30] - (...) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe   [128280] [PID.2356]
[MD5.3C6630473DD42FFC57D9F5564F533127] - (.Intel Corporation - Intel(R) Dynamic Application Loader Host In.) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe   [161560] [PID.2380]
[MD5.20DDC9CED8BC8390138F3187E0FF7411] - (.ASUSTek Computer Inc. - HControl.) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe   [174720] [PID.3108]
[MD5.3CF87D0243C7D37FAA1A79C013FD3FB5] - (.ASUS - ASUS InstantOn Program.) -- C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnWMI.exe   [309888] [PID.3116]
[MD5.149126216A694E6BA84E92ECA77AAE3B] - (.ASUS - ATKOSD.) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe   [2488888] [PID.4404]
[MD5.AA11E1368EEB237DD100BAC6AFFE1C57] - (.ASUS - KBFiltr.) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe   [113208] [PID.4480]
[MD5.4A7C441D99D86704D194E7678873B95D] - (.ASUS - WDC.) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe   [174648] [PID.4472]
[MD5.2B23FAA39D8F949ED5EEE03ECA50BCD5] - (.Intel Corporation - Local Manageability Service.) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe   [277784] [PID.6960]
[MD5.9D1CCE440552500DED3A62F9D779CDB4] - (.Nero AG - NeroUpdate.) -- C:\Program Files (x86)\Nero\Update\NASvc.exe   [503080] [PID.7072]
[MD5.3C5405EF78576E8E4D791EB18F6856A8] - (.Intel Corporation - User Notification Service.) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe   [363800] [PID.3876]
~ Processes Running:  Scanned in 00mn 00s



---\\ Google Chrome, Arranque,Pesquisa,Extensões (G0,G1,G2)
C:\Users\Pablo\AppData\Local\Google\Chrome\User Data\Default\Preferences
G2 - GCE: Preference [User Data\Default] [ahfgeienlihckogmohjhadlkjgocpleb] Loja v.0.2 (Activé)
G2 - GCE: Preference [User Data\Default] [neajdppkdcdipfabeoofebfddakdcjhd] Google Network Speech v.1.0 (Activé)
G2 - GCE: Preference [User Data\Default] [nkeimhogjdpnpccoofpliimaahmaaome] Hangout Services v.1.0 (Activé)

---\\ Pasta de extensão do Google Chrome
~ Google Lines Browser: 14 Legitimates Filtered in 00mn 04s



---\\ Internet Explorer, Gestão do Proxy (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management:  Scanned in 00mn 00s



---\\ Análise das linhas F0, F1, F2, F3 - Ficheiros ini, Carregamento Automático de programas
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys:  Scanned in 00mn 00s



---\\ Redireção do ficheiro Hosts (01)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File:  Scanned in 00mn 00s
~ Nombre de lignes (Lines number): 21



---\\ Outras conexões do utilizador (04)
O4 - GS\QuickLaunch [Pablo]: BitTorrent.lnk . (.BitTorrent Inc. - BitTorrent.)  -- C:\Users\Pablo\AppData\Roaming\BitTorrent\BitTorrent.exe   =>P2P.BitTorrent
~ Global Startup: 1 Legitimates Filtered in 00mn 01s



---\\ Aplicações iniciadas por registo & pastas (04)
O4 - HKLM\..\Run: [VizorHtmlDialog.exe] . (.Trend Micro Inc. - Trend Titanium.) -- C:\Program Files\Trend Micro\Titanium\UIFramework\VizorHtmlDialog.exe
O4 - HKLM\..\Run: [Trend Micro Client Framework] . (.Trend Micro Inc. - Trend Micro Client Session Agent Monitor.) -- C:\Program Files\Trend Micro\UniClient\UiFrmWrk\UIWatchDog.exe
O4 - HKLM\..\Run: [Trend Micro Titanium] . (.Trend Micro Inc. - VizorShortCut Dynamic Link Library.) -- C:\Program Files\Trend Micro\Titanium\VizorShortCut.exe
O4 - HKLM\..\Run: [IgfxTray] . (.Intel Corporation - igfxTray Module.) -- C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] . (.Intel Corporation - hkcmd Module.) -- C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [ETDCtrl] C:\Program Files (x86)\Elantech\ETDCtrl.exe (.not file.)
O4 - HKCU\..\Run: [SUPERAntiSpyware] . (.SUPERAntiSpyware - SUPERAntiSpyware Application.) -- C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKCU\..\Run: [HW_OPENEYE_OUC_VIVO INTERNET] . (.Huawei Technologies Co., Ltd. - Online Update Clinet.) -- C:\Program Files (x86)\VIVO INTERNET\UpdateDog\ouc.exe
O4 - HKCU\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets da Área de Trabalho do Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe
O4 - HKCU\..\Run: [MCShield Monitor] . (.MyCity - MCShield Real-Time Monitor.) -- C:\Program Files (x86)\MCShield\mcshieldrtm.exe
O4 - HKLM\..\Wow6432Node\Run: [USB3MON] . (.Intel Corporation - Intel(R) USB 3.0 Monitor.) -- C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
O4 - HKLM\..\Wow6432Node\Run: [ATKOSD2] . (.ASUSTek Computer Inc. - ATKOSD2.) -- C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
O4 - HKLM\..\Wow6432Node\Run: [HControlUser] . (.ASUS - HControlUser.) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
O4 - HKLM\..\Wow6432Node\Run: [SunJavaUpdateSched] . (.Oracle Corporation - Java Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe   =>.Oracle Corporation
O4 - HKLM\..\Wow6432Node\Run: [AVG_UI] . (.AVG Technologies CZ, s.r.o. - AVG User Interface.) -- C:\Program Files (x86)\AVG\AVG2014\avgui.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets da Área de Trabalho do Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets da Área de Trabalho do Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe   =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe   =>.Microsoft Corporation
O4 - HKUS\S-1-5-21-1322692611-2876088620-685211800-1000\..\Run: [SUPERAntiSpyware] . (.SUPERAntiSpyware - SUPERAntiSpyware Application.) -- C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKUS\S-1-5-21-1322692611-2876088620-685211800-1000\..\Run: [HW_OPENEYE_OUC_VIVO INTERNET] . (.Huawei Technologies Co., Ltd. - Online Update Clinet.) -- C:\Program Files (x86)\VIVO INTERNET\UpdateDog\ouc.exe
O4 - HKUS\S-1-5-21-1322692611-2876088620-685211800-1000\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets da Área de Trabalho do Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe
O4 - HKUS\S-1-5-21-1322692611-2876088620-685211800-1000\..\Run: [MCShield Monitor] . (.MyCity - MCShield Real-Time Monitor.) -- C:\Program Files (x86)\MCShield\mcshieldrtm.exe
~ Application:  Scanned in 00mn 00s



---\\ Boutões da barra de ferramentas principal do Internet Explorer (09)
O9 - Extra button: &Enviar para o OneNote [64Bits] - {2670000A-7350-4f3c-8081-5663EE0C6C49} -- C:\Program Files (x86)\MICROS~2\Office14\ONBttnIE.dll (.not file.)
O9 - Extra button: &Anotações Vinculadas do OneNote [64Bits] - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} -- C:\Program Files (x86)\MICROS~2\Office14\ONBTTN~1.dll (.not file.)
~ IE Extra Buttons:  Scanned in 00mn 00s



---\\ Alteração Dominio/Clientes DNS (017)
O17 - HKLM\System\CCS\Services\Tcpip\..\{1500AF52-0759-421E-8B3F-BCDA4B7D2A17}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{BB63EC2B-D5C3-46F0-9309-F0A53548DD06}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{1500AF52-0759-421E-8B3F-BCDA4B7D2A17}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{BB63EC2B-D5C3-46F0-9309-F0A53548DD06}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{1500AF52-0759-421E-8B3F-BCDA4B7D2A17}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{BB63EC2B-D5C3-46F0-9309-F0A53548DD06}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
~ Domain:  Scanned in 00mn 00s



---\\ Protocolo adicional (018)
O18 - Handler: wlpg [64Bits] - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (...) --
O18 - Filter: text/xml [64Bits] - {807573E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.dll  =>.Microsoft Corporation
~ Protocole Additionnel:  Scanned in 00mn 00s



---\\ Valor do Registo AppInit_DLLs e sub-chaves Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: igfxcui . (.Intel Corporation - igfxdev Module.) -- C:\Windows\System32\igfxdev.dll
~ Winlogon:  Scanned in 00mn 00s



---\\ Lista dos serviços NT não Microsoft e não desativados (023)
O23 - Service: HWDeviceService64.exe (HWDeviceService64.exe) . (.No owner - DCSHOST.) - C:\ProgramData\DatacardService\HWDeviceService64.exe
O23 - Service: Personalization Panel DWM controller (persdwmsrv) . (.http://winaero.com/ - persdwmsrv.) - C:\Program Files (x86)\winaero.com\Personalization Panel DWM Controller\persdwmsrv.exe
~ Services: 19 Legitimates Filtered in 00mn 07s



---\\ Tarefas planificadas automaticamente (039)
[MD5.82A44E0CFE6F6228F1BF3FCC8217B611] [APT] [FreeFixer background scan] (.Kephyr.) -- C:\Program Files\FreeFixer\freefixer.exe   [4148736]
O39 - APT:  - (..) -- C:\Windows\System32\Tasks\Adobe Flash Player Updater   [902]
O39 - APT: FreeFixer background scan - (.Kephyr.) -- C:\Windows\Tasks\FreeFixer background scan.job   [308]
O39 - APT: FreeFixer background scan - (.Kephyr.) -- C:\Windows\System32\Tasks\FreeFixer background scan   [308]
O39 - APT:  - (..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore   [1078]
O39 - APT:  - (..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA   [1082]
O39 - APT:  - (..) -- C:\Windows\System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon   [828]
O39 - APT: APT:  - (..) -- C:\Windows\System32\System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon   [828] - (..) -- C:\Windows\System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d   [830]
~ Scheduled Task: 25 Legitimates Filtered in 00mn 02s



---\\ Software instalados (042)
O42 - Logiciel: CADe Simu 1.0 - (.Juan Luiz Villanueva Montoto.) [HKLM][64Bits] -- {0DB78696-CA47-4750-8458-D566A65D4F64}_is1
O42 - Logiciel: CCE+SABER - v1.0 - (.CCE+SABER.) [HKLM][64Bits] -- {D445A7B9-69A8-4860-95B9-BB957281D9A0}_is1
O42 - Logiciel: FreeFixer - (.Kephyr.) [HKLM][64Bits] -- FreeFixer1.09
O42 - Logiciel: Klavaro-1.9.7 - (...) [HKLM][64Bits] -- Klavaro_is1
O42 - Logiciel: MCShield ::Anti-Malware Tool:: - (.MyCity.) [HKLM][64Bits] -- MCShield
O42 - Logiciel: PokerStars - (.PokerStars.) [HKLM][64Bits] -- PokerStars
~ Logic: 31 Legitimates Filtered in 00mn 01s



---\\ HKCU & HKLM Software Keys
[HKCU\Software\Authorsoft]
[HKCU\Software\MCShield]
[HKCU\Software\PriceMeterUpdater]  =>PUP.PriceMeter
~ Key Software: 350 Legitimates Filtered in 00mn 01s



---\\ Conteúdo das pastas Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 29/04/2014 - 12:44:51 - [] ----D C:\Program Files (x86)\MCShield
O43 - CFD: 21/10/2013 - 11:24:45 - [] ----D C:\Program Files (x86)\PokerStars
O43 - CFD: 15/02/2014 - 15:38:00 - [] ----D C:\Program Files (x86)\VIVO INTERNET
O43 - CFD: 30/04/2014 - 22:50:09 - [] ----D C:\ProgramData\MCShield
O43 - CFD: 16/03/2014 - 16:56:00 - [] ----D C:\Users\Pablo\AppData\Roaming\FreeFixer
O43 - CFD: 26/04/2014 - 19:10:13 - [] ----D C:\Users\Pablo\AppData\Roaming\klavaro
O43 - CFD: 03/03/2014 - 12:48:51 - [] ----D C:\Users\Pablo\AppData\Roaming\VIVO INTERNET
O43 - CFD: 24/03/2013 - 20:56:42 - [] ----D C:\Users\Pablo\AppData\Roaming\[ManufacturerNonTM]
O43 - CFD: 16/03/2014 - 18:55:37 - [] ----D C:\Users\Pablo\AppData\Local\FreeFixer
O43 - CFD: 23/10/2013 - 21:36:25 - [] ----D C:\Users\Pablo\AppData\Local\PokerStars
O43 - CFD: 21/10/2013 - 11:24:38 - [] ----D C:\Users\Pablo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PokerStars
~ Program Folder: 186 Legitimates Filtered in 00mn 00s



---\\ Últimos ficheiros alterados ou criados no Windows e Sistema32 (044)
O44 - LFC:[MD5.62414DB98CD0382581EF07AB7831B247] - 29/04/2014 - 12:27:22 ---A- . (...) -- C:\Windows\System32\ServiceFilter.ini   [1827]
O44 - LFC:[MD5.17C7AD2CEBE81AA8DFCB8B2435DD392F] - 29/04/2014 - 12:32:09 ---A- . (...) -- C:\UsbFix [Clean 2] PES.txt   [13385]
O44 - LFC:[MD5.408038730726E97372C8CBB13B8C753B] - 29/04/2014 - 22:54:09 ---A- . (...) -- C:\files.log   [97]
O44 - LFC:[MD5.DE56BF311A5219BDF8F66836A4A320E1] - 29/04/2014 - 22:54:21 ---A- . (...) -- C:\folders.log   [70]
O44 - LFC:[MD5.FF219CB8EC166C8738192F934FB0728D] - 29/04/2014 - 22:54:22 ---A- . (...) -- C:\runcheck.txt   [3247]
O44 - LFC:[MD5.7BDB831E6E06701BA9DB82E5D552B4B7] - 29/04/2014 - 22:54:22 ---A- . (...) -- C:\zoek-results.log   [19376]
O44 - LFC:[MD5.D75D9BDDDDBC8C5CBF986E4FFD9A3C67] - 30/04/2014 - 15:22:58 ---A- . (...) -- C:\Windows\System32\prfc0416.dat   [175484]
O44 - LFC:[MD5.54A3EF63482D9CB17919E4D1AB7A4EEC] - 30/04/2014 - 15:22:58 ---A- . (...) -- C:\Windows\System32\prfh0416.dat   [781268]
O44 - LFC:[MD5.1E586E5B87C5FC00806A57419437CC0A] - 30/04/2014 - 22:49:40 ---A- . (...) -- C:\Windows\System32\AutoRunFilter.ini   [2452]
~ Files: 25 Legitimates Filtered in 00mn 02s



---\\ Operações e funções ao arranque do Windows Explorer (046)
O46 - SEH:ShellExecuteHooks - Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL
O46 - SEH:ShellExecuteHooks - Groove GFS Stub Execution Hook [64Bits] - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL
~ ShellExecuteHooks:  Scanned in 00mn 00s



---\\ Enumeração das chaves do registo PoliciesSystem (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=0
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
~ MWPS: 18 Legitimates Filtered in 00mn 00s



---\\ Enumeração das chaves do registo PoliciesExplorer (MWPE) (O56)
O56 - MWPE:[HKCU\...\policies\Explorer] - "NoLowDiskSpaceChecks"=1
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktopChanges"=1
~ MWPE Keys: 4 Legitimates Filtered in 00mn 00s



---\\ Lista dos drivers do sistema (SDL) (O58)
O58 - SDL:11/04/2012 - 19:49:00 ---A- . (.Windows (R) Win 7 DDK provider - ASUS Virtual Bus.) -- C:\Windows\System32\Drivers\AsusVBus.sys   [35968]
O58 - SDL:11/04/2012 - 19:48:58 ---A- . (.Windows (R) Win 7 DDK provider - ASUS HID mini driver for Virtual Touch Device.) -- C:\Windows\System32\Drivers\AsusVTouch.sys   [16512]
O58 - SDL:21/01/2014 - 11:14:40 ---A- . (.Baidu, Inc. - Baidu Antivirus Minifilter Driver.) -- C:\Windows\System32\Drivers\Bfilter.sys   [52032]
O58 - SDL:21/01/2014 - 11:14:50 ---A- . (.Baidu, Inc. - Baidu FS Monitor Driver.) -- C:\Windows\System32\Drivers\Bfmon.sys   [34624]  =>Adware.BDSearch
O58 - SDL:21/01/2014 - 07:01:36 ---A- . (.Baidu, Inc. - Baidu Antivirus Selfprotect Driver.) -- C:\Windows\System32\Drivers\Bprotect.sys   [128992]
O58 - SDL:13/07/2009 - 22:47:48 ---A- . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\System32\Drivers\elxstor.sys   [530496]
O58 - SDL:19/02/2012 - 15:16:24 ---A- . (.ELAN Microelectronics Corp. - ETD Kernel Center.) -- C:\Windows\System32\Drivers\ETD.sys   [200488]
O58 - SDL:08/10/2010 - 15:59:40 ---A- . (.Huawei Tech. Co., Ltd. - HUAWEI USB Smart Card Driver.) -- C:\Windows\System32\Drivers\ewdcsc.sys   [32768]
O58 - SDL:10/06/2009 - 17:31:59 ---A- . (.Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for eHome.) -- C:\Windows\System32\Drivers\hcw85cir.sys   [31232]
O58 - SDL:20/07/2009 - 06:29:40 ---A- . (.No owner - Keyboard Filter Driver.) -- C:\Windows\System32\Drivers\kbfiltr.sys   [15416]
O58 - SDL:06/08/2010 - 06:43:20 ---A- . (.DiBcom SA - DiBcom AVSTREAM BDA driver.) -- C:\Windows\System32\Drivers\mod7700.sys   [1001472]
O58 - SDL:13/07/2009 - 22:45:55 ---A- . (.Promise Technology - Promise  SuperTrak EX Series Driver for Windows.) -- C:\Windows\System32\Drivers\stexstor.sys   [24656]
O58 - SDL:13/07/2009 - 00:09:20 ---A- . (...) -- C:\Windows\System32\Drivers\uxpatch.sys   [30568]
~ Drivers: 95 Legitimates Filtered in 00mn 03s



---\\ Lista das ferramentas de remoção de vírus (LAT) (063)
O63 - Logiciel: UsbFix - (.El Desaparecido - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] [HKLM] -- Usbfix
O63 - Logiciel: ZHPDiag 2014 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1  =>.Nicolas Coolman
~ ADS:  Scanned in 00mn 00s



---\\ Associações Shell Spawning (O67)
O67 - Shell Spawning: <.html> <ChromeHTML>[HKCU\..\open\Command] (.Not Key.)
~ FASS Keys: 12 Legitimates Filtered in 00mn 00s



---\\ Menu de inicialização Internet (068)
O68 - StartMenuInternet: <Google Chrome> <Google Chrome>[HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
~ Keys:  Scanned in 00mn 00s



---\\ Pesquisa de infeção nos navegadores da Internet (SBI) (069)
O69 - SBI: SearchScopes [HKCU] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} [DefaultScope] - (Google) - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
~ Keys:  Scanned in 00mn 00s



---\\ Pesquisa adicional à raiz do sistema (radicular) (SPRF) (O84)
[MD5.0D3B680986310AE5540578C0E481C6A0] [SPRF][06/10/2010] (...) -- C:\ProgramData\FullRemove.exe   [131984]
[MD5.84B72873ADECCEDA4E044FE08A831041] [SPRF][16/03/2014] (...) -- C:\ProgramData\ntuser.dat   [262144]
[MD5.B0EB78EB2BE8B03D5B9C485AB9318B70] [SPRF][17/02/2013] (...) -- C:\Users\Pablo\AppData\Roaming\room_v3.dat   [45270]
[MD5.A99C974ACF7FBBE34B01FD412E81604C] [SPRF][30/04/2014] (...) -- C:\Users\Pablo\AppData\Roaming\sp_data.sys   [380]
~ Files: 5 Legitimates Filtered in 00mn 00s



---\\ Lista das exceções do FireWall (FirewallRules) (O87)
O87 - FAEL: "{99E9D4AC-76D8-41A1-88CC-44147B27CF66}" | In - None - P6 - TRUE | .(.BitTorrent Inc. - BitTorrent.) -- C:\Users\Pablo\AppData\Roaming\BitTorrent\BitTorrent.exe  =>P2P.BitTorrent
O87 - FAEL: "{8A2A6E00-8457-474A-B1A5-BFF72DDE6730}" | In - None - P17 - TRUE | .(.BitTorrent Inc. - BitTorrent.) -- C:\Users\Pablo\AppData\Roaming\BitTorrent\BitTorrent.exe  =>P2P.BitTorrent
~ Firewall: 2 Legitimates Filtered in 00mn 01s



---\\ Search Tracing Registry Key (O100)
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\avg-secure-search-installer_RASAPI32  =>Toolbar.AVGSearch
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\avg-secure-search-installer_RASMANCS  =>Toolbar.AVGSearch
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\AVG-Secure-Search-Update_0214d_RASAPI32  =>Toolbar.AVGSearch
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\AVG-Secure-Search-Update_0214d_RASMANCS  =>Toolbar.AVGSearch
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\AVG-Secure-Search-Update_RASAPI32  =>Toolbar.AVGSearch
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\AVG-Secure-Search-Update_RASMANCS  =>Toolbar.AVGSearch
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\BingBar_RASAPI32  =>Toolbar.Bing
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\BitTorrent_RASAPI32  =>P2P.BitTorrent
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\BitTorrent_RASMANCS  =>P2P.BitTorrent
~ BTK: 323 Legitimates Filtered in 00mn 00s



---\\ Estado general dos serviços não Microsoft (EGS) (SR=Executados, SS=Parados)
SS - | Demand 18/12/2013 65432 |  (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
SS - | Demand 27/05/2013 256904 |  (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
SS - | Demand 02/08/2011 275912 |  (Amsp) . (.Trend Micro Inc..) - C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe
SS - | Auto 18/04/2014 3645456 |  (AVGIDSAgent) . (.AVG Technologies CZ, s.r.o..) - C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe
SS - | Demand 06/03/2012 276248 |  (cphs) . (.Intel Corporation.) - C:\Windows\SysWow64\IntelCpHeciSvc.exe
SS - | Demand 17/08/2013 1431888 |  (FLEXnet Licensing Service 64) . (.Flexera Software, Inc..) - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
SS - | Auto 09/03/2012 136176 |  (gupdate) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 09/03/2012 136176 |  (gupdatem) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Auto 01/03/2013 161384 |  (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files (x86)\Skype\Updater\Updater.exe
SS - | Demand 08/02/2014 569024 |  (Steam Client Service) . (.Valve Corporation.) - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
SS - | Demand 13/07/2009 27136 | C:\Program Files (x86)\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SS - | Demand 10/07/1658 0 |  (WMPNetworkSvc) . (...) - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe  =>.Microsoft Corporation
SS - | Disabled 13/07/2009 27136 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SR - | Auto 11/07/2012 140672 |  (!SASCORE) . (.SUPERAntiSpyware.com.) - C:\Program Files\SUPERAntiSpyware\SASCORE64.exe
SR - | Auto 03/03/2011 379520 |  (AFBAgent) . (.ASUSTeK Computer Inc..) - C:\Windows\system32\FBAgent.exe
SR - | Auto 21/11/2011 80512 |  (ASLDRService) . (.ASUS.) - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
SR - | Auto 13/04/2012 277120 |  (ASUS InstantOn) . (.ASUS.) - C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnSrv.exe
SR - | Auto 21/11/2011 96896 |  (ATKGFNEXSrv) . (.ASUS.) - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
SR - | Auto 02/02/2011 18656 |  (Autodesk Content Service) . (...) - C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe
SR - | Auto 27/03/2014 291912 |  (avgwd) . (.AVG Technologies CZ, s.r.o..) - C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe
SR - | Auto 16/11/2010 339456 |  (HWDeviceService64.exe) . (...) - C:\ProgramData\DatacardService\HWDeviceService64.exe
SR - | Auto 03/02/2012 628448 |  (Intel(R) Capability Licensing Service Interface) . (.Intel(R) Corporation.) - C:\Program Files\Intel\iCLS Client\HeciServer.exe
SR - | Auto 21/02/2012 128280 |  (Intel(R) ME Service) . (...) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
SR - | Auto 21/02/2012 161560 |  (jhi_service) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
SR - | Auto 28/02/2012 277784 |  (LMS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
SR - | Auto 04/05/2010 503080 |  (NAUpdate) . (.Nero AG.) - C:\Program Files (x86)\Nero\Update\NASvc.exe
SR - | Auto 07/04/2012 8192 |  (persdwmsrv) . (.http://winaero.com/.) - C:\Program Files (x86)\winaero.com\Personalization Panel DWM Controller\persdwmsrv.exe
SR - | Demand 02/08/2011 247072 |  (TiMiniService) . (.Trend Micro Inc..) - C:\Program Files\Trend Micro\Titanium\TiMiniService.exe
SR - | Auto 28/02/2012 363800 |  (UNS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
SR - | Auto 13/07/2009 24168 |  (UnsignedThemes) . (.The Within Network, LLC.) - C:\Windows\UnsignedThemesSvc.exe
~ Services:  Scanned in 00mn 11s



---\\ Scâner Aditional (088)
Database Version : 13045 - (28/04/2014)
Clés trouvées (Keys found) : 1
Valeurs trouvées (Values found) : 1
Dossiers trouvés  (Folders found) : 1
Fichiers trouvés  (Files found) : 1

[HKLM\Software\Wow6432Node\Microsoft\Tracing\BingBar_RASAPI32]   =>Toolbar.Bing
C:\ProgramData\AVG Security Toolbar   =>Toolbar.AVGSearch
[HKCU\Software\PriceMeterUpdater]   =>PUP.PriceMeter^
~ Additionnel Scan: 420966 Items scanned in 00mn 53s



---\\ Sumário das deteções encontradas na sua estação
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]  =>PUP.PriceMeter
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]  =>Adware.BDSearch
~ MSI: 2 link(s) detected in 00mn 00s



~ 900 Legitimates filtered by white list
End of the scan (478 lines in 02mn 06s)(0)
pabloescobar
pabloescobar
Membro
Membro

Mensagens : 68
Reputação : 0
Data de inscrição : 17/04/2014
Localização : Minas Gerais

Ir para o topo Ir para baixo

slides - Fotos Slides Movie nos pendrives e PC Empty Re: Fotos Slides Movie nos pendrives e PC

Mensagem por Power Max Qua 30 Abr 2014, 23:36

slides - Fotos Slides Movie nos pendrives e PC 772309  Selecione e copie todo o texto destacado em vermelho que te passei.
_____________________________________________________________________________________________________________

slides - Fotos Slides Movie nos pendrives e PC 772309  Vá no menu: Iniciar > Todos os programas > ZHP > Clique com o botão direito do mouse sobre o Zhpfix e escolha a opção de Executar como administrador > Clique em Importação > Clique no botão GO > Clique em Oui > Caso queira que os arquivos da lixeira sejam excluídos clique em Oui novamente > Um relatório aparecerá no bloco de notas.

Copie este relatório e poste em sua próxima resposta.


Última edição por Power Max em Qui 01 maio 2014, 09:46, editado 1 vez(es)

_________________

Caixa de Dicas
= Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] = O melhor da internet você encontra aqui.

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] = Mensagens de fé e esperança para o seu coração
Power Max
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Ir para o topo Ir para baixo

slides - Fotos Slides Movie nos pendrives e PC Empty Fotos Slides Movie nos pendrives e PC

Mensagem por pabloescobar Qua 30 Abr 2014, 23:39

Rapport de ZHPFix 2014.4.13.3 par Nicolas Coolman, Update du 13/04/2014
Fichier d'export Registre :
Run by Pablo at 30/04/2014 23:38:42
High Elevated Privileges : OK
Windows 7 Home Basic Edition, 64-bit Service Pack 1 (Build 7601)

Reciclagem vazia (00mn 23s)
Reparação de atalhos do navegador

========== Chaves do Registo ==========
ELIMINÉ: HKCU\Software\PriceMeterUpdater

========== Pastas ==========
Nenhuma pasta CLSID local utilizador vazia

========== Ficheiros ==========
ELIMINA REINICIAR: c:\windows\system32\drivers\bfilter.sys
ELIMINA REINICIAR: c:\windows\system32\drivers\bfmon.sys
ELIMINA REINICIAR: c:\windows\system32\drivers\bprotect.sys
ELIMINÉ Temporários windows (2) (474 octets)
ELIMINÉ Flash Cookies (0) (0 octets)

========== Restauração Sistema ==========
Ponto de restauro do sistema criado com sucesso


========== Recapitulativo ==========
1 : Chaves do Registo
1 : Pastas
5 : Ficheiros
1 : Restauração Sistema


End of clean in 00mn 44s

========== Caminho do ficheiro do relatório ==========
C:\Users\Pablo\AppData\Roaming\ZHP\ZHPFix[R1].txt - 30/04/2014 23:09:08 [2327]
C:\Users\Pablo\AppData\Roaming\ZHP\ZHPFix[R2].txt - 30/04/2014 23:39:06 [1141]
pabloescobar
pabloescobar
Membro
Membro

Mensagens : 68
Reputação : 0
Data de inscrição : 17/04/2014
Localização : Minas Gerais

Ir para o topo Ir para baixo

slides - Fotos Slides Movie nos pendrives e PC Empty Re: Fotos Slides Movie nos pendrives e PC

Mensagem por Power Max Qua 30 Abr 2014, 23:42

Reinicie o PC para que a limpeza do ZHP seja concluída.

slides - Fotos Slides Movie nos pendrives e PC 772309 Depois de reiniciar, baixe o [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] e salve-o no Desktop (Área de Trabalho)

Obs: Ao acessar o link acima, clique no botão Download Now 64-Bit Version

Execute o Farbar seguindo as dicas deste tutorial:

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

*Serão criados dois relatórios no Desktop: FRST.txt e Addition.txt

Poste estes dois relatórios em sua próxima resposta. (Obs: se não couber em uma só resposta, pode dividi-la em mais postagens).

_________________

Caixa de Dicas
= Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] = O melhor da internet você encontra aqui.

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] = Mensagens de fé e esperança para o seu coração
Power Max
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Ir para o topo Ir para baixo

slides - Fotos Slides Movie nos pendrives e PC Empty Fotos Slides Movie nos pendrives e PC

Mensagem por pabloescobar Qua 30 Abr 2014, 23:54

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 01-05-2014
Ran by Pablo at 2014-04-30 23:51:40
Running from C:\Users\Pablo\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: AVG AntiVirus Free Edition 2014 (Enabled - Up to date) {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
AV: Trend Micro Titanium Internet Security 2012 (Disabled - Up to date) {7193B549-236F-55EE-9AEC-F65279E59A92}
AS: Trend Micro Titanium Internet Security 2012 (Disabled - Up to date) {CAF254AD-0555-5A60-A05C-CD200262D02F}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG AntiVirus Free Edition 2014 (Enabled - Up to date) {B5F5C120-2089-702E-0001-553BB0D5A664}

==================== Installed Programs ======================

Adobe Digital Editions 3.0 (HKLM-x32\...\Adobe Digital Editions 3.0) (Version: 3.0 - Adobe Systems Incorporated)
Adobe Flash Player 10 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 10.0.32.18 - Adobe Systems Incorporated)
Adobe Flash Player 11 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 11.7.700.202 - Adobe Systems Incorporated)
Adobe Reader X (10.1.9) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.1.9 - Adobe Systems Incorporated)
ASUS AI Recovery (HKLM-x32\...\{D39F0676-163E-4595-A917-E28F99BBD4D2}) (Version: 1.0.24 - ASUS)
ASUS FaceLogon (HKLM-x32\...\{64452561-169F-4A36-A2FF-B5E118EC65F5}) (Version: 1.0.0014 - ASUS)
ASUS Instant Connect (HKLM-x32\...\{89ECB85A-D933-4CEA-9116-5CBC9C2ED95B}) (Version: 1.2.2 - ASUS)
ASUS K45_K75_K95_Screensaver (HKLM-x32\...\ASUS K45_K75_K95_Screensaver) (Version: 1.0.0001 - ASUS)
ASUS LifeFrame3 (HKLM-x32\...\{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}) (Version: 3.1.1 - ASUS)
ASUS Live Update (HKLM-x32\...\{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}) (Version: 3.1.7 - ASUS)
ASUS Power4Gear Hybrid (HKLM\...\{9B6239BF-4E85-4590-8D72-51E30DB1A9AA}) (Version: 1.2.1 - ASUS)
ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 1.02.0041 - ASUS)
ASUS USB Charger Plus (HKLM-x32\...\{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}) (Version: 2.0.9 - ASUS)
ASUS Virtual Camera (HKLM-x32\...\{EC8BD21F-0CA0-4BBF-97D9-4A52B30041A1}) (Version: 1.0.25 - ASUS)
ASUS Virtual Touch (HKLM-x32\...\{938CFBD4-0652-49E5-BB8B-153948865941}) (Version: 1.0.11 - ASUS)
ASUS WebStorage (HKLM-x32\...\ASUS WebStorage) (Version: 3.0.108.222 - eCareme Technologies, Inc.)
ASUSDVD (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.3622.52 - CyberLink Corp.)
ASUSDVD (x32 Version: 10.0.3622.52 - CyberLink Corp.) Hidden
AsusVibe2.0 (HKLM-x32\...\Asus Vibe2.0) (Version: 2.0.9.157 - ASUSTEK)
ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0016 - ASUS)
aTube Catcher (HKLM-x32\...\aTube Catcher) (Version: 2.9.4272 - DsNET Corp)
AutoCAD 2012 - English (HKLM\...\AutoCAD 2012 - English) (Version: 18.2.51.0 - Autodesk)
AutoCAD 2012 - English (Version: 18.2.51.0 - Autodesk) Hidden
AutoCAD 2012 Language Pack - English (Version: 18.2.51.0 - Autodesk) Hidden
Autodesk Content Service (HKLM-x32\...\{086F9A69-CD39-4893-A9FB-D3A0634CE3F7}) (Version: 2.0.90 - Autodesk)
Autodesk Inventor Fusion 2012 (HKLM\...\Autodesk Inventor Fusion 2012) (Version: 1.0.0.79 - Autodesk, Inc.)
Autodesk Inventor Fusion 2012 (Version: 1.0.0.79 - Autodesk, Inc.) Hidden
Autodesk Inventor Fusion 2012 Language Pack (Version: 1.0.0.79 - Autodesk, Inc.) Hidden
Autodesk Inventor Fusion plug-in for AutoCAD 2012 (HKLM\...\Autodesk Inventor Fusion plug-in for AutoCAD 2012) (Version: 0.0.1.138 - Autodesk)
Autodesk Inventor Fusion plug-in for AutoCAD 2012 (Version: 0.0.1.138 - Autodesk) Hidden
Autodesk Inventor Fusion plug-in language pack for AutoCAD 2012 (Version: 0.0.1.138 - Autodesk) Hidden
Autodesk Material Library 2012 (HKLM-x32\...\{8F0837C2-EE09-4903-88F3-1976FE7FFF4E}) (Version: 2.5.0.8 - Autodesk)
Autodesk Material Library Base Resolution Image Library 2012 (HKLM-x32\...\{65420DC9-306E-4371-905F-F4DC3B418E52}) (Version: 2.5.0.8 - Autodesk)
AVG 2014 (HKLM\...\AVG) (Version: 2014.0.4577 - AVG Technologies)
AVG 2014 (Version: 14.0.3931 - AVG Technologies) Hidden
AVG 2014 (Version: 14.0.4577 - AVG Technologies) Hidden
BitTorrent (HKLM-x32\...\BitTorrent) (Version: 7.8.0.29676 - BitTorrent Inc.)
CADe Simu 1.0 (HKLM-x32\...\{0DB78696-CA47-4750-8458-D566A65D4F64}_is1) (Version:  - Juan Luiz Villanueva Montoto)
CCE+SABER - v1.0 (HKLM-x32\...\{D445A7B9-69A8-4860-95B9-BB957281D9A0}_is1) (Version:  - CCE+SABER)
Control ActiveX de Windows Live Mesh para conexiones remotas (HKLM-x32\...\{04668DF2-D32F-4555-9C7E-35523DCD6544}) (Version: 15.4.5722.2 - Microsoft Corporation)
Controle ActiveX do Windows Live Mesh para Conexões Remotas (HKLM-x32\...\{39B3184E-0BFB-40FA-ADDC-E7E2D535CDA9}) (Version: 15.4.5722.2 - Microsoft Corporation)
Contrôle ActiveX Windows Live Mesh pour connexions à distance (HKLM-x32\...\{55D003F4-9599-44BF-BA9E-95D060730DD3}) (Version: 15.4.5722.2 - Microsoft Corporation)
CPUID HWMonitor 1.22 (HKLM\...\CPUID HWMonitor_is1) (Version:  - )
Crystal Reports for Visual Studio (x32 Version: 12.51.0.240 - SAP) Hidden
CyberLink LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.3624 - CyberLink Corp.)
CyberLink LabelPrint (x32 Version: 2.5.3624 - CyberLink Corp.) Hidden
CyberLink Media Suite (HKLM-x32\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 8.0.2926 - CyberLink Corp.)
CyberLink Media Suite (x32 Version: 8.0.2926 - CyberLink Corp.) Hidden
CyberLink Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 7.0.0.1126 - CyberLink Corp.)
CyberLink Power2Go (x32 Version: 7.0.0.1126 - CyberLink Corp.) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Doro 1.75 (HKLM-x32\...\Doro_is1) (Version:  - CompSoft)
Dota 2 (HKLM-x32\...\Steam App 570) (Version:  - Valve)
Dotfuscator Software Services - Community Edition (HKLM-x32\...\{41B31ABE-5A6E-498A-8F28-3BA3B8779A41}) (Version: 5.0.2300.0 - PreEmptive Solutions)
Dream Day First Home (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113832110}) (Version:  - Oberon Media)
DreamScene Seven version 1.6 (HKLM-x32\...\{2367FAB6-057A-4973-875F-F57F7BBBA363}_is1) (Version: 1.6 - DREAMSCENESEVEN.COM)
ETDWare PS/2-X64 10.5.9.0 (HKLM\...\Elantech) (Version: 10.5.9.0 - ELAN Microelectronic Corp.)
FARO LS 1.1.406.58 (HKLM-x32\...\{951B0F30-9F1A-4BF6-B3DA-99EB0E917B1C}) (Version: 4.6.58.2 - FARO Scanner Production)
Fast Boot (HKLM\...\{13F4A7F3-EABC-4261-AF6B-1317777F0755}) (Version: 1.0.10 - ASUS)
FreeFixer (HKLM-x32\...\FreeFixer1.09) (Version: 1.09 - Kephyr)
Galería fotográfica de Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie de photos Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 34.0.1847.131 - Google Inc.)
Google Drive (HKLM-x32\...\{84B981C8-D6E4-473F-8062-63F14F44183E}) (Version: 1.15.6464.228 - Google, Inc.)
Google Update Helper (x32 Version: 1.3.23.9 - Google Inc.) Hidden
InstantOn for NB (HKLM-x32\...\{749F674B-2674-47E8-879C-5626A06B2A91}) (Version: 2.3.1 - ASUS)
Intel(R) Manageability Engine Firmware Recovery Agent (HKLM-x32\...\{A6C48A9F-694A-4234-B3AA-62590B668927}) (Version: 1.0.0.35342 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.0.3.1427 - Intel Corporation)
Intel(R) OpenCL CPU Runtime (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version:  - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2669 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.4.220 - Intel Corporation)
Intel® Trusted Connect Service Client (HKLM\...\{09536BA1-E498-4CC3-B834-D884A67D7E34}) (Version: 1.23.605.1 - Intel Corporation)
Java 7 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217021FF}) (Version: 7.0.510 - Oracle)
Java 8 Update 5 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418005FF}) (Version: 8.0.50 - Oracle Corporation)
Java Auto Updater (x32 Version: 2.8.05.13 - Oracle, Inc.) Hidden
Java SE Development Kit 8 Update 5 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180050}) (Version: 8.0.50 - Oracle Corporation)
Java(TM) 6 Update 20 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216020FF}) (Version: 6.0.200 - Sun Microsystems, Inc.)
Java(TM) SE Development Kit 6 Update 20 (HKLM-x32\...\{32A3A4F4-B792-11D6-A78A-00B0D0160200}) (Version: 1.6.0.200 - Sun Microsystems, Inc.)
JavaFX(TM) 1.3 SDK (HKLM-x32\...\{5aa47dba-b584-4d47-a626-76e53f010300}) (Version: 1.3.0 - Sun Microsystems, Inc.)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Klavaro-1.9.7 (HKLM-x32\...\Klavaro_is1) (Version:  - )
K-Lite Codec Pack 4.8.0 (Full) (HKLM-x32\...\KLiteCodecPack_is1) (Version: 4.8.0 - )
Malwarebytes Anti-Malware versão 2.0.1.1004 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.1.1004 - Malwarebytes Corporation)
MCShield ::Anti-Malware Tool:: (HKLM-x32\...\MCShield) (Version: 3.0.5.28 - MyCity)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Client Profile PTB Language Pack (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Extended PTB Language Pack (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Multi-Targeting Pack (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (x32 Version: 12.0.6012.5000 - Microsoft Corporation) Hidden
Microsoft ASP.NET MVC 2 - Visual Studio 2010 Tools (HKLM-x32\...\{40416836-56CC-4C0E-A6AF-5C34BADCE483}) (Version: 2.0.50217.0 - Microsoft Corporation)
Microsoft ASP.NET MVC 2 (HKLM-x32\...\{1803A630-3C38-4D2B-9B9A-0CB37243539C}) (Version: 2.0.50217.0 - Microsoft Corporation)
Microsoft Help Viewer 1.0 (HKLM\...\Microsoft Help Viewer 1.0) (Version: 1.0.30319 - Microsoft Corporation)
Microsoft Help Viewer 1.0 (Version: 1.0.30319 - Microsoft Corporation) Hidden
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Access MUI (Portuguese (Brazil)) 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (Portuguese (Brazil)) 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Groove MUI (Portuguese (Brazil)) 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (Portuguese (Brazil)) 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (Portuguese (Brazil)) 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (Portuguese (Brazil)) 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (Portuguese (Brazil)) 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Portuguese (Brazil)) 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (Portuguese (Brazil)) 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (Portuguese (Brazil)) 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (Portuguese (Brazil)) 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (Portuguese (Brazil)) 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (Portuguese (Brazil)) 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM-x32\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 4.1.10329.0 - Microsoft Corporation)
Microsoft Silverlight 3 SDK (HKLM-x32\...\{2012098D-EEE9-4769-8DD3-B038050854D4}) (Version: 3.0.40818.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server 2008 (64-bit) (HKLM\...\Microsoft SQL Server 10 Release) (Version:  - Microsoft Corporation)
Microsoft SQL Server 2008 (64-bit) (Version:  - Microsoft Corporation) Hidden
Microsoft SQL Server 2008 Browser (HKLM-x32\...\{C688457E-03FD-4941-923B-A27F4D42A7DD}) (Version: 10.1.2531.0 - Microsoft Corporation)
Microsoft SQL Server 2008 Common Files (Version: 10.0.1600.22 - Microsoft Corporation) Hidden
Microsoft SQL Server 2008 Common Files (Version: 10.1.2531.0 - Microsoft Corporation) Hidden
Microsoft SQL Server 2008 Database Engine Services (Version: 10.1.2531.0 - Microsoft Corporation) Hidden
Microsoft SQL Server 2008 Database Engine Shared (Version: 10.1.2531.0 - Microsoft Corporation) Hidden
Microsoft SQL Server 2008 Native Client (HKLM\...\{BBDE8A3D-64A2-43A6-95F3-C27B87DF7AC1}) (Version: 10.1.2531.0 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Data-Tier Application Framework (HKLM-x32\...\{0DDCEC37-369C-484B-B16D-B4413FD42FB9}) (Version: 10.50.1447.4 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Data-Tier Application Project (HKLM-x32\...\{E5AE9031-79A5-4627-9641-BEFA82819B08}) (Version: 10.50.1447.4 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Management Objects (HKLM-x32\...\{4E968D9C-21A7-4915-B698-F7AEB913541D}) (Version: 10.50.1447.4 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Management Objects (x64) (HKLM\...\{DA67488A-2689-4F10-B90F-D2F6977509D6}) (Version: 10.50.1447.4 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Transact-SQL Language Service (HKLM-x32\...\{78C3657E-742C-40B1-9F53-E5A921D40F17}) (Version: 10.50.1447.4 - Microsoft Corporation)
Microsoft SQL Server 2008 RsFx Driver (Version: 10.1.2531.0 - Microsoft Corporation) Hidden
Microsoft SQL Server 2008 Setup Support Files  (HKLM\...\{B40EE88B-400A-4266-A17B-E3DE64E94431}) (Version: 10.1.2731.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 ENU (HKLM-x32\...\{3A9FC03D-C685-4831-94CF-4EDFD3749497}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 x64 ENU (HKLM\...\{D4AD39AD-091E-4D33-BB2B-59F6FCB8ADC3}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Database Publishing Wizard 1.4 (HKLM-x32\...\{ACE28263-76A4-4BF5-B6F4-8BD719595969}) (Version: 10.1.2512.8 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (HKLM-x32\...\{2A2F3AE8-246A-4252-BB26-1BEB45627074}) (Version: 10.50.1447.4 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (x64) (HKLM\...\{4A8CE6D7-4D52-43B9-970B-03FC75FAD667}) (Version: 10.50.1447.4 - Microsoft Corporation)
Microsoft SQL Server VSS Writer (HKLM\...\{0826F9E4-787E-481D-83E0-BC6A57B056D5}) (Version: 10.1.2531.0 - Microsoft Corporation)
Microsoft Sync Framework Runtime v1.0 SP1 (x64) (HKLM\...\{8438EC02-B8A9-462D-AC72-1B521349C001}) (Version: 1.0.3010.0 - Microsoft Corporation)
Microsoft Sync Framework SDK v1.0 SP1 (HKLM-x32\...\{0E3DFC64-CC49-4BE2-8C9C-58EF129675DB}) (Version: 1.0.3010.0 - Microsoft Corporation)
Microsoft Sync Framework Services v1.0 SP1 (x64) (HKLM\...\{034106B5-54B7-467F-B477-5B7DBB492624}) (Version: 1.0.3010.0 - Microsoft Corporation)
Microsoft Sync Services for ADO.NET v2.0 SP1 (x64) (HKLM\...\{1D1CEEF8-3741-45BD-8E77-963E1DEBDDD3}) (Version: 2.0.3010.0 - Microsoft Corporation)
Microsoft Team Foundation Server 2010 Object Model - ENU (HKLM\...\Microsoft Team Foundation Server 2010 Object Model - ENU) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Team Foundation Server 2010 Object Model - ENU (Version: 10.0.30319 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Designtime - 10.0.30319 (HKLM\...\{F5079164-1DB9-3BDA-853B-F78AF67CE071}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Runtime - 10.0.30319 (HKLM\...\{94D70749-4281-39AC-AD90-B56A0E0A402E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Runtime - 10.0.30319 (HKLM-x32\...\{6A86554B-8928-30E4-A53C-D7337689134D}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual F# 2.0 Runtime (HKLM-x32\...\{729A3000-BC8A-3B74-BA5D-5068FE12D70C}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools (HKLM-x32\...\{14DD7530-CCD2-3798-B37D-3839ED6A441C}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual Studio 2010 IntelliTrace Collection (x64) (HKLM\...\{88BAE373-00F4-3E33-828F-96E89E5E0CB9}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual Studio 2010 Office Developer Tools (x64) (Version: 10.0.30319 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010 Performance Collection Tools - ENU (Version: 10.0.30319 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010 SharePoint Developer Tools (x32 Version: 10.0.30319 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (Version: 10.0.30319 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010 Ultimate - ENU (HKLM-x32\...\Microsoft Visual Studio 2010 Ultimate - ENU) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual Studio 2010 Ultimate - ENU (x32 Version: 10.0.30319 - Microsoft Corporation) Hidden
Microsoft Visual Studio Macro Tools (HKLM-x32\...\Microsoft Visual Studio Macro Tools) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual Studio Macro Tools (x32 Version: 9.0.30729 - Microsoft Corporation) Hidden
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
Nero BurnLite 10 (HKLM-x32\...\{842BEE12-CCCB-43F4-ABAF-CBA6DFE2583D}) (Version: 10.0.10500 - Nero AG)
Nero BurnLite 10 (HKLM-x32\...\{AB627AF2-9C7E-4DBD-816B-3B2646B81E89}) (Version: 10.0.10100.1.100 - Nero AG)
Nero Control Center 10 (x32 Version: 10.0.13100.3.1 - Nero AG) Hidden
Nero ControlCenter 10 Help (CHM) (x32 Version: 1.0.10700 - Nero AG) Hidden
Nero Core Components 10 (x32 Version: 2.0.15100.0.1 - Nero AG) Hidden
Nero Update (HKLM-x32\...\{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}) (Version: 1.0.0018 - Nero AG)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.5.5 - Notepad++ Team)
Pacote de Idiomas do Microsoft .NET Framework 4 Client Profile - Português (Brasil) (HKLM\...\Microsoft .NET Framework 4 Client Profile PTB Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Pacote de Idiomas do Microsoft .NET Framework 4 Extended - Português (Brasil) (HKLM\...\Microsoft .NET Framework 4 Extended PTB Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Personalization Panel (HKLM-x32\...\Personalization Panel) (Version: 2.5 - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Personalization Panel DWM Controller  (HKLM-x32\...\{3925EB7E-77A2-4F6B-8B97-3C083667D4AA}) (Version: 2.5 - winaero.com)
PhotoScape (HKLM-x32\...\PhotoScape) (Version:  - )
PokerStars (HKLM-x32\...\PokerStars) (Version:  - PokerStars)
Qualcomm Atheros WiFi Driver Installation (HKLM-x32\...\{7D916FA5-DAE9-4A25-B089-655C70EAF607}) (Version: 9.2 - Qualcomm Atheros)
Real Alternative 2.0.2 (HKLM-x32\...\RealAlt_is1) (Version: 2.0.2 - )
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.49.927.2011 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6537 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7601.30130 - Realtek Semiconductor Corp.)
SceneSwitch (HKLM-x32\...\{5172E572-C175-4F80-A6D5-5CB45826AD61}) (Version: 1.0.12 - ASUS)
Service Pack 1 for SQL Server 2008 (KB968369) (64-bit) (HKLM\...\KB968369) (Version: 10.1.2531.0 - Microsoft Corporation)
Skype™ 6.3 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.3.105 - Skype Technologies S.A.)
Sql Server Customer Experience Improvement Program (Version: 10.1.2531.0 - Microsoft Corporation) Hidden
Steam (HKLM-x32\...\Steam) (Version:  - Valve Corporation)
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 5.6.1014 - SUPERAntiSpyware.com)
Trend Micro Titanium (Version: 5.00 - Trend Micro Inc.) Hidden
Trend Micro Titanium Internet Security 2012 (HKLM\...\{ABBD4BA8-6703-40D2-AB1E-5BB1F7DB49A4}) (Version: 5.0 - Trend Micro Inc.)
Turbo Fiesta (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-115320460}) (Version:  - Oberon Media)
Unlocker 1.9.2 (HKLM\...\Unlocker) (Version: 1.9.2 - Cedrick Collomb)
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{48E1B6C2-7299-4F3F-AA63-42F0ACE55AA4}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2598242) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0416-0000-0000000FF1CE}_Office14.PROPLUS_{ACBCC818-8E67-43A8-B877-A821A3C6FAD2}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2598242) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0C0A-0000-0000000FF1CE}_Office14.PROPLUS_{C633216E-FF30-45B6-B2AB-21922A9353EF}) (Version:  - Microsoft)
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{BC6DFBFD-16DD-47E1-A7EF-2C062930FA4F}) (Version:  - Microsoft)
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition (HKLM-x32\...\{90140000-001A-0416-0000-0000000FF1CE}_Office14.PROPLUS_{B95699E7-EEEB-45EC-865F-37E3E746BFB4}) (Version:  - Microsoft)
USB Disk Storage Format Tool 5.0 (HKLM\...\USB Disk Storage Format Tool_is1) (Version:  - Authorsoft Corporation)
UsbFix (HKLM-x32\...\Usbfix) (Version: 7.169 - El Desaparecido - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
UxStyle Core Beta (HKLM\...\{8E363055-15E5-4D8A-9C69-A0A9DE9A3337}) (Version: 0.2.1.1 - The Within Network, LLC)
Uzak Bağlantılar İçin Windows Live Mesh ActiveX Denetimi (HKLM-x32\...\{241E7104-937A-4366-AD57-8FDDDB003939}) (Version: 15.4.5722.2 - Microsoft Corporation)
Visual Studio 2010 Prerequisites - English (HKLM\...\{662014D2-0450-37ED-ABAE-157C88127BEB}) (Version: 10.0.30319 - Microsoft Corporation)
Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 ENU (HKLM-x32\...\{112C23F2-C036-4D40-BED4-0CB47BF5555C}) (Version: 4.0.8080.0 - Microsoft Corporation)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VIVO INTERNET (HKLM-x32\...\VIVO INTERNET) (Version: 16.002.10.02.149 - Huawei Technologies Co.,Ltd)
VLC media player 2.0.3 (HKLM-x32\...\VLC media player) (Version: 2.0.3 - VideoLAN)
Web Deployment Tool (HKLM\...\{0F37D969-1260-419E-B308-EF7D29ABDE20}) (Version: 1.1.0618 - Microsoft Corporation)
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Family Safety (Version: 15.4.3538.0513 - Microsoft Corporation) Hidden
Windows Live Fotoğraf Galerisi (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Galeria de Fotos (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3538.0513 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Messenger (x32 Version: 15.4.3538.0513 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Temel Parçalar (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live 影像中心 (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live 照片库 (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live 程式集 (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3538.0513 - Microsoft Corporation)
Windows Live 程式集 (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live 软件包 (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 2.41.0 - ASUS)
WinRAR 5.00 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.00.0 - win.rar GmbH)
Wireless Console 3 (HKLM-x32\...\{19EA33FB-B34E-40EA-8B8A-61743AEB795A}) (Version: 3.0.27 - ASUS)
ZHPDiag 2014 (HKLM-x32\...\ZHPDiag_is1) (Version: 2014 - Nicolas Coolman)
بريد Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
عنصر تحكم ActiveX الخاص بـ Windows Live Mesh للاتصالات البعيدة (HKLM-x32\...\{E18B30AA-6E2D-480C-B918-AF61009F4010}) (Version: 15.4.5722.2 - Microsoft Corporation)
معرض صور Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
用于远程连接的 Windows Live Mesh ActiveX 控件(简体中文) (HKLM-x32\...\{F992409C-9D10-4AE2-BAEB-B5409AD3785E}) (Version: 15.4.5722.2 - Microsoft Corporation)
適用遠端連線的 Windows Live Mesh ActiveX 控制項 (HKLM-x32\...\{622DE1BE-9EDE-49D3-B349-29D64760342A}) (Version: 15.4.5722.2 - Microsoft Corporation)

==================== Restore Points  =========================

16-03-2014 19:47:45 System Speedup dom, mar 16, 14  16:47
22-04-2014 00:06:51 Removido Miniaurélio
22-04-2014 00:08:59 Instalado Miniaurélio
22-04-2014 00:12:45 Removido Miniaurélio
23-04-2014 19:23:16 Instalado Miniaurélio
23-04-2014 19:33:19 Instalado Miniaurélio
23-04-2014 19:35:03 Instalado Miniaurélio
24-04-2014 13:07:38 Installed Java SE Development Kit 8 Update 5 (64-bit)
24-04-2014 13:08:41 Installed Java 8 Update 5 (64-bit)
29-04-2014 13:21:31 Installed AVG 2014
29-04-2014 13:22:15 Installed AVG 2014
30-04-2014 01:31:10 zoek.exe restore point
01-05-2014 02:07:50 ZHPFix Restore System Point
01-05-2014 02:28:11 DirectX instalado
01-05-2014 02:38:22 ZHPFix Restore System Point

==================== Hosts content: ==========================

2009-07-13 23:34 - 2014-04-29 22:32 - 00000840 ____A C:\Windows\system32\Drivers\etc\hosts

127.0.0.1       localhost
::1             localhost

==================== Scheduled Tasks (whitelisted) =============

Task: {13EAA3D6-B6D1-4741-99B9-B46D1F4CAFBB} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2011-11-25] (Intel Corporation)
Task: {1A4727EE-C5BE-4217-BDA8-8755A8D4CBC1} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-03-09] (Google Inc.)
Task: {1BBA12FB-CFA0-48CB-99DF-6833EF4F81DC} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-05-27] (Adobe Systems Incorporated)
Task: {591C57AA-B47D-4C67-AF29-063CCB38C4E5} - \Dealply No Task File <==== ATTENTION
Task: {59E217C6-6B6C-4A3B-8DEA-F61828659463} - System32\Tasks\ASUS USB Charger Plus => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [2012-02-29] (ASUSTek Computer Inc.)
Task: {5A28B5D8-C0D0-4149-85D1-D8155CD2FB71} - System32\Tasks\ASUS SmartLogon Console Sensor => C:\Program Files (x86)\ASUS\FaceLogon\sensorsrv.exe [2012-02-16] (ASUSTek Computer Inc.)
Task: {773D25A7-7978-46A1-9129-77DE74C7D9F6} - \BonanzaDealsLiveUpdateTaskMachineCore No Task File <==== ATTENTION
Task: {8A86C588-AE5C-404D-AC03-C58A45218A01} - System32\Tasks\FreeFixer background scan => C:\Program Files\FreeFixer\freefixer.exe [2014-02-10] (Kephyr)
Task: {8EE4D2EA-6E90-4DCD-9579-A3EFC26D252D} - System32\Tasks\ASUS Quick Gesture => C:\Program Files (x86)\ASUS\ASUS Virtual Touch\QuickGesture\x86\QuickGesture.exe [2012-04-11] (ASUSTeK Computer Inc.)
Task: {9E6B67EE-8824-4B73-97E3-7ECB6BB96A91} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-03-09] (Google Inc.)
Task: {A150A4FB-B2E8-48A0-816A-006975F62E9D} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2011-11-25] (Intel Corporation)
Task: {CBED470D-091D-447C-8896-28E6A51DD282} - System32\Tasks\ASUS Quick Gesture (x64) => C:\Program Files (x86)\ASUS\ASUS Virtual Touch\QuickGesture\x64\QuickGesture64.exe [2012-04-11] (ASUSTeK Computer Inc.)
Task: {D16156F6-C3E9-4871-B6C2-A343F3826D29} - System32\Tasks\AIRecoveryRemind => C:\Program Files (x86)\ASUS\AI Recovery\AIRecoveryRemind.exe [2012-03-09] (ASUSTek Computer Inc.)
Task: {D28A817F-8C86-41AB-B787-9DC1BADA39E8} - System32\Tasks\ATKOSD2 => C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [2012-02-16] (ASUSTek Computer Inc.)
Task: {D3713E6C-D460-4325-92F6-8B57A567FA73} - System32\Tasks\ASUS P4G => C:\Program Files\ASUS\P4G\BatteryLife.exe [2012-02-15] (ASUS)
Task: {D46E4E4E-7F39-4962-A980-1A11E2364A4E} - \BonanzaDealsLiveUpdateTaskMachineUA No Task File <==== ATTENTION
Task: {E8575106-6719-4984-8BDD-2F542C3DED9E} - \PriceMeterUpdater No Task File <==== ATTENTION
Task: {F15C8F2C-024F-42F8-B052-FA31FB382A91} - \UpdaterEX No Task File <==== ATTENTION
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\FreeFixer background scan.job => C:\Program Files\FreeFixer\freefixer.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe
Task: C:\Windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe

==================== Loaded Modules (whitelisted) =============

2013-01-05 23:22 - 2012-05-02 20:26 - 00460800 _____ () C:\Program Files (x86)\DoroPDFWriter\Doro.dll
2010-01-30 01:40 - 2010-01-30 01:40 - 04254560 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2011-02-02 14:08 - 2011-02-02 14:08 - 00018656 _____ () C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe
2010-07-14 20:11 - 2010-07-14 20:11 - 00031360 _____ () C:\Program Files\ASUS\P4G\DevMng.dll
2010-11-16 10:38 - 2010-11-16 10:38 - 00339456 _____ () C:\ProgramData\DatacardService\HWDeviceService64.exe
2012-07-15 05:32 - 2012-02-21 01:29 - 00128280 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
2012-03-09 16:52 - 2011-08-02 17:45 - 00047104 _____ () C:\Program Files\Trend Micro\AMSP\boost_thread-vc80-mt-1_36.dll
2012-03-09 16:52 - 2011-08-02 17:45 - 00042496 _____ () C:\Program Files\Trend Micro\AMSP\boost_date_time-vc80-mt-1_36.dll
2012-02-21 18:49 - 2012-02-21 18:49 - 00009216 _____ () C:\Program Files (x86)\ASUS\Splendid\GLCDdll.dll
2010-08-20 13:57 - 2010-08-20 13:57 - 00619816 _____ () C:\Program Files (x86)\CyberLink\Power2Go\CLMediaLibrary.dll
2010-08-20 13:57 - 2010-08-20 13:57 - 00013096 _____ () C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dll
2014-04-28 23:11 - 2014-04-23 21:33 - 00065352 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.131\chrome_elf.dll
2010-01-30 01:41 - 2010-01-30 01:41 - 04254560 _____ () C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2014-04-28 23:11 - 2014-04-23 21:33 - 00674632 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.131\libglesv2.dll
2014-04-28 23:11 - 2014-04-23 21:33 - 00093000 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.131\libegl.dll
2014-04-28 23:11 - 2014-04-23 21:33 - 04081480 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.131\pdf.dll
2014-04-28 23:11 - 2014-04-23 21:33 - 00390472 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.131\ppGoogleNaClPluginChrome.dll
2014-04-28 23:11 - 2014-04-23 21:33 - 01647432 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.131\ffmpegsumo.dll
2012-07-15 05:31 - 2012-02-21 01:09 - 01198872 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
2014-04-28 23:11 - 2014-04-23 21:33 - 13692232 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.131\PepperFlash\pepflashplayer.dll

==================== Alternate Data Streams (whitelisted) =========


==================== Safe Mode (whitelisted) ===================


==================== Disabled items from MSCONFIG ==============

MSCONFIG\startupreg: ACMON => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
MSCONFIG\startupreg: ASUS Screen Saver Protector => C:\Windows\AsScrPro.exe
MSCONFIG\startupreg: CLMLServer => "C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe"
MSCONFIG\startupreg: RTHDVCPL => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s

==================== Faulty Device Manager Devices =============

Name: avast! Firewall NDIS Filter Miniport
Description: avast! Firewall NDIS Filter Miniport
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: ALWIL Software
Service: aswNdis
Problem: : Windows cannot start this hardware device because its configuration information (in the registry) is incomplete or damaged. (Code 19)
Resolution: A registry problem was detected.
This can occur when more than one service is defined for a device, if there is a failure opening the service subkey, or if the driver name cannot be obtained from the service subkey. Try these options:
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Click "Uninstall", and then click "Scan for hardware changes" to load a usable driver.


==================== Event log errors: =========================

Application errors:
==================

System errors:
=============
Error: (04/30/2014 11:25:29 PM) (Source: Service Control Manager) (User: )
Description: Não foi possível iniciar o serviço Steam Client Service devido ao seguinte erro:
%%1053

Error: (04/30/2014 11:25:29 PM) (Source: Service Control Manager) (User: )
Description: Tempo limite esgotado (30000 milissegundos) ao aguardar a conexão do serviço Steam Client Service.

Error: (04/30/2014 11:16:57 AM) (Source: DCOM) (User: )
Description: {995C996E-D918-4A8C-A302-45719A6F4EA7}


Microsoft Office Sessions:
=========================

==================== Memory info ===========================

Percentage of memory in use: 27%
Total physical RAM: 8078.32 MB
Available physical RAM: 5828.96 MB
Total Pagefile: 16154.84 MB
Available Pagefile: 13526.98 MB
Total Virtual: 8192 MB
Available Virtual: 8191.81 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:300.41 GB) (Free:206.65 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (DATA) (Fixed) (Total:372.9 GB) (Free:365.2 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 699 GB) (Disk ID: B8584238)

Partition: GPT Partition Type.

==================== End Of Log ============================
pabloescobar
pabloescobar
Membro
Membro

Mensagens : 68
Reputação : 0
Data de inscrição : 17/04/2014
Localização : Minas Gerais

Ir para o topo Ir para baixo

slides - Fotos Slides Movie nos pendrives e PC Empty Re: Fotos Slides Movie nos pendrives e PC

Mensagem por Conteúdo patrocinado


Conteúdo patrocinado


Ir para o topo Ir para baixo

Página 1 de 3 1, 2, 3  Seguinte

Ir para o topo

- Tópicos semelhantes

 
Permissões neste sub-fórum
Não podes responder a tópicos