Social bookmarking
Conservar e compartilhar o endereço de PC Seguro em seu site de social bookmarking
Conservar e compartilhar o endereço de Fórum PC Brasil em seu site de social bookmarking
Estatísticas
Temos 14807 usuários registradosO último membro registrado é Costa24
Os nossos membros postaram um total de 36045 mensagens em 3685 assuntos
Quem está conectado?
Há 15 usuários online :: 0 registrados, 0 invisíveis e 15 visitantes Nenhum
O recorde de usuários online foi de 301 em Ter 26 Out 2021, 15:28
Procurar
Top dos mais postadores
Power Max | ||||
joram | ||||
Wings [In Memoriam] | ||||
caedurodrigues | ||||
Amigo Brasileiro | ||||
luizvilarinho | ||||
Danii | ||||
Admin | ||||
Danilo Marsaro | ||||
Andreata |
Não consigo abrir algumas páginas da web!!
3 participantes
Página 1 de 2
Página 1 de 2 • 1, 2
Não consigo abrir algumas páginas da web!!
Olá, pessoal!
Comprei um notebook CCE(infelizmente) e estou passando por dificuldades.
Algumas páginas da web simplesmente não abrem. Ex: filmeshunter.com
Toda vez que tento abrir a página ele fica em branco. já tentei abri-lo n crhome, opera, ie e firefox, mas sem sucesso.
Colocarei uma lista do que ja tentei fazer pra resolver o problema.
- Já entrei em contato com o fornecedor de internet e está tudo certo com minha conexão, já que outras páginas eu abro normalmente;
- Já tentei abri-la através de proxy, mas ela abre a página completamente desorganizada
- Já exclui o meu antivirus; já o desativei, mas nada resolve
- já troquei o DNS automatico pelo da google
- Já destivei o firewall do meu computador, mas o prbema persiste
Não sei mais o que fazer, me ajudem. Não quero levar meu notebook para a assistencia, porque a ultima vez que fiz fiquei 2 meses sem ele.
Meu notebook é dual core, 2g de ram, intel, 500 de HD.
Obrigado!!
Comprei um notebook CCE(infelizmente) e estou passando por dificuldades.
Algumas páginas da web simplesmente não abrem. Ex: filmeshunter.com
Toda vez que tento abrir a página ele fica em branco. já tentei abri-lo n crhome, opera, ie e firefox, mas sem sucesso.
Colocarei uma lista do que ja tentei fazer pra resolver o problema.
- Já entrei em contato com o fornecedor de internet e está tudo certo com minha conexão, já que outras páginas eu abro normalmente;
- Já tentei abri-la através de proxy, mas ela abre a página completamente desorganizada
- Já exclui o meu antivirus; já o desativei, mas nada resolve
- já troquei o DNS automatico pelo da google
- Já destivei o firewall do meu computador, mas o prbema persiste
Não sei mais o que fazer, me ajudem. Não quero levar meu notebook para a assistencia, porque a ultima vez que fiz fiquei 2 meses sem ele.
Meu notebook é dual core, 2g de ram, intel, 500 de HD.
Obrigado!!
Diego-silveira- Iniciante
- Mensagens : 31
Reputação : 1
Data de inscrição : 08/05/2014
Re: Não consigo abrir algumas páginas da web!!
Olá Diego.
Faça o download do < [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] > < [Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]> ( ... de Nicolas Coolman )
Para instalá-lo e executá-lo corretamente siga as dicas deste artigo:
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
* Assim que ele concluir a sua verificação, copie todo o conteúdo do seu relatório ZHPDiag.txt e poste em sua próxima resposta.
Faça o download do < [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] > < [Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]> ( ... de Nicolas Coolman )
Para instalá-lo e executá-lo corretamente siga as dicas deste artigo:
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
* Assim que ele concluir a sua verificação, copie todo o conteúdo do seu relatório ZHPDiag.txt e poste em sua próxima resposta.
_________________
Caixa de Dicas = Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] = O melhor da internet você encontra aqui.
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] = Mensagens de fé e esperança para o seu coração
Power Max- Colaborador
- Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009
Re: Não consigo abrir algumas páginas da web!!
POde apagar meu outro tópico se for possível, eu estou passando pelos mesmos prolemas que o camarada ai de cima, dai acompanhho por aqui.
luccas_jf- Iniciante
- Mensagens : 29
Reputação : 2
Data de inscrição : 04/05/2014
Re: Não consigo abrir algumas páginas da web!!
Não tem como acompanhar o mesmo tópico, porque os scripts que vou passar para ele são baseados nos logs dele, o que varia de computador para computador.luccas_jf escreveu:POde apagar meu outro tópico se for possível, eu estou passando pelos mesmos prolemas que o camarada ai de cima, dai acompanhho por aqui.
_________________
Caixa de Dicas = Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] = O melhor da internet você encontra aqui.
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] = Mensagens de fé e esperança para o seu coração
Power Max- Colaborador
- Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009
(RESOLVIDO) Não consigo abrir algumas páginas da web!!
Olá Power Max.
Segue abaixo as informações geradas pelo meu pc.
~ Relatório do ZHPDiag v2014.5.8.57 - Nicolas Coolman (08/05/2014)
~ Iniciado por Diego (08/05/2014 14:25:16)
~ Endereço do Website : http://nicolascoolman.webs.com
~ Fóruns de suporte gratuito para desinfecção : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
~ Tradução pelo utilizador
~ Estatuto da versão :
~ Lista Branca : Ativado pelo programa
~ Elevação dos Privilégios : OK
~ Controle de Conta de Utilizador : Activate by user
---\\ Navegadores Internet
MSIE: Internet Explorer v11.0.9600.17105
MFIE: Mozilla Firefox 29.0
GCIE: Google Chrome v34.0.1847.131 (Defaut)
---\\ Informações sobre os produtos Windows
~ Langage: Portugais
Windows 8.1 Single Language, 64-bit (Build 9600)
Windows Server License Manager Script : OK
Software Protection Service (Protection logicielle) : OK
Windows Automatic Updates : OK
Windows Activation Technologies : OK
---\\ Softwares de proteçao do sistema
avast! Premier v9.0.2018
Windows Defender W8
---\\ Softwares d'optimização do sistema
---\\ Softwares de partilha do PeerToPeer (P2P)
---\\ Monitoramento dos softwares
Adobe Flash Player 13 Plugin
---\\ Informações sobre o sistema
~ Processor: Intel64 Family 6 Model 42 Stepping 7, GenuineIntel
~ Operating System: 64 Bits
Boot mode: Normal (Normal boot)
Total RAM: 1938 MB (20% free)
System Restore: Activé (Enable)
System drive C: has 421 GB (93%) free of 450 GB
---\\ Modo de conexão ao sistema
~ Computer Name: DIEGO
~ User Name: Diego
~ All Users Names: HomeGroupUser$, Diego, Convidado, Administrador,
~ Unselected Option: 045,061,O62,065,066,080,O82,089
Logged in as Administrator
---\\ As variáveis de ambiente
~ System Unit : C:\
~ %AppZHP% : C:\Users\Diego\AppData\Roaming\ZHP\
~ %AppData% : C:\Users\Diego\AppData\Roaming\
~ %Desktop% : C:\Users\Diego\Desktop\
~ %Favorites% : C:\Users\Diego\Favorites\
~ %LocalAppData% : C:\Users\Diego\AppData\Local\
~ %StartMenu% : C:\Users\Diego\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\
---\\ Enumeração das unidades dos discos
C: Hard drive, Flash drive, Thumb drive (Free 421 Go of 450 Go)
D: CD-ROM drive (Not Inserted)
---\\ Estado do Centro de Segurança do Windows
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: Modified =>Hijacker.Application
~ Security Center: 41 Legitimates Filtered in 00mn 00s
---\\ Pesquisa particular de ficheiros genéricos
[MD5.81394C91B7B5A7C799E249AE82491F13] - (.Microsoft Corporation - Windows Explorer.) (.01/05/2014 - 01:47:03.) -- C:\Windows\Explorer.exe [2373784]
[MD5.48CFA7BE561A7BE144C29BB912055016] - (.Microsoft Corporation - Aplicativo de Inicialização do Windows.) (.22/08/2013 - 06:58:29.) -- C:\Windows\System32\Wininit.exe [144384]
[MD5.65C36A29A131A3A5D64B29FAC4EF6DD6] - (.Microsoft Corporation - Internet Extensions para Win32.) (.18/03/2014 - 07:18:18.) -- C:\Windows\System32\wininet.dll [2262016]
[MD5.306EB21E5B480AE9065EA55AC8C35936] - (.Microsoft Corporation - Aplicativo de Logon do Windows.) (.18/03/2014 - 07:18:16.) -- C:\Windows\System32\Winlogon.exe [562176]
[MD5.AFCAB4DC692CCE37E283B00E2D7B438F] - (.Microsoft Corporation - Biblioteca de Licenciamento de Software.) (.18/03/2014 - 07:18:16.) -- C:\Windows\System32\sppcomapi.dll [447488]
[MD5.239268BAB58EAE9A3FF4E08334C00451] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.22/08/2013 - 10:25:35.) -- C:\Windows\system32\Drivers\AFD.sys [567296]
[MD5.74B14192CF79A72F7536B27CB8814FBD] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.22/08/2013 - 09:43:41.) -- C:\Windows\system32\Drivers\atapi.sys [26464]
[MD5.2FA6510E33F7DEFEC03658B74101A9B9] - (.Microsoft Corporation - CD-ROM File System Driver.) (.22/08/2013 - 08:40:15.) -- C:\Windows\system32\Drivers\Cdfs.sys [88576]
[MD5.C6796EA22B513E3457514D92DCDB1A3D] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.22/08/2013 - 05:46:35.) -- C:\Windows\system32\Drivers\Cdrom.sys [164352]
[MD5.A03F362C5557E238CBFA914689C77248] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.01/05/2014 - 01:47:02.) -- C:\Windows\system32\Drivers\DfsC.sys [134144]
[MD5.03909BDBFF0DCACCABF2B2D4ADEE44DC] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.22/08/2013 - 08:38:38.) -- C:\Windows\system32\Drivers\HDAudBus.sys [78336]
[MD5.84CFC5EFA97D0C965EDE1D56F116A541] - (.Microsoft Corporation - Driver de porta i8042.) (.22/08/2013 - 08:39:15.) -- C:\Windows\system32\Drivers\i8042prt.sys [107520]
[MD5.B7342B3C58E91107F6E946A93D9D4EFD] - (.Microsoft Corporation - IP Network Address Translator.) (.18/03/2014 - 07:18:19.) -- C:\Windows\system32\Drivers\IpNat.sys [142848]
[MD5.C997E6A37BA8915224B3FB5024A34F69] - (.Microsoft Corporation - Minirdr SMB do Windows NT.) (.01/05/2014 - 01:47:02.) -- C:\Windows\system32\Drivers\MRxSmb.sys [402944]
[MD5.0217532E19A748F0E5D569307363D5FD] - (.Microsoft Corporation - MBT Transport driver.) (.22/08/2013 - 08:37:02.) -- C:\Windows\system32\Drivers\netBT.sys [282624]
[MD5.1C80517BE6836A812F6A9B99B8321351] - (.Microsoft Corporation - Driver do Sistema de Arquivos NT.) (.01/05/2014 - 01:47:02.) -- C:\Windows\system32\Drivers\ntfs.sys [2013016]
[MD5.764B1121867B2D9B31C491668AC72B2B] - (.Microsoft Corporation - Driver de porta paralela.) (.22/08/2013 - 08:40:02.) -- C:\Windows\system32\Drivers\Parport.sys [94208]
[MD5.BBB6272B7F46C4640A8CDB8A70C3450F] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.22/08/2013 - 08:35:51.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [120832]
[MD5.680C1DAE268B6FB67FA21B389A8B79EF] - (.Microsoft Corporation - Redirecionador do Dispositivo RDP da Microsoft.) (.18/03/2014 - 06:44:42.) -- C:\Windows\system32\Drivers\rdpdr.sys [195584]
[MD5.FFF28F9F6823EB1756C60F1649560BBF] - (.Microsoft Corporation - TDI Translation Driver.) (.22/08/2013 - 10:25:35.) -- C:\Windows\system32\Drivers\tdx.sys [107520]
[MD5.3595FBDF25F8BA6256072D103937D7D6] - (.Microsoft Corporation - Driver de cópia de sombra de volume.) (.18/03/2014 - 07:17:55.) -- C:\Windows\system32\Drivers\volsnap.sys [311640]
~ Generic Processes: Scanned in 00mn 01s
---\\ Estatuto dos ficheiros ocultos (Oculto/Total)
~ Mes images (My Pictures) : 1/3
~ Mes musiques (My Musics) : 1/18
~ Mes Favoris (My Favorites) : 1/3
~ Mes Documents (My Documents) : 1/160
~ Mon Bureau (My Desktop) : 2/15
~ Menu demarrer (Programs) : 1/32
~ Hidden Files: Scanned in 00mn 01s
---\\ Processos lançados
[MD5.542459D16B416D054161007FC9B1246E] - (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [841032] [PID.3672]
[MD5.6B4B668D474D8283A4CD0954717E2A27] - (.No owner - JsDriver.) -- C:\Program Files (x86)\ShopperPro\JSDriver\1.35.1.155\jsdrv.exe [3318272] [PID.3256] =>PUP.ShopperPro
[MD5.3E364978E4C74D3BCEA29FB41743CB5A] - (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe [3873704] [PID.3520]
[MD5.E90080AF0E517E1FE6C97D98198C3986] - (.OEM - iBrightness.) -- C:\Program Files (x86)\OEM\iBrightness 1.0.1\iBrightness.exe [3549696] [PID.3516]
[MD5.DD6526D19F757DE752A1C4EC8E69C04B] - (.No owner - IPM.exe.) -- C:\Program Files (x86)\OEM\IPM 1.9.4\IPM.exe [2410496] [PID.3032]
[MD5.C0E392910782C2BB9A28C8538CC1E1A1] - (.Intel Corporation - IAStorIcon.) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [285240] [PID.1380]
[MD5.66B568EBC85BBD99FDD9745DF8515B0A] - (.iWebar - iWebar exe.) -- C:\program files (x86)\iwebar\iwebar-bg.exe [597872] [PID.2884] =>PUP.iWebar
[MD5.3EBF452B807F412EC0F19141ADA060E5] - (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\IEXPLORE.exe [811696] [PID.3940]
[MD5.26B2170BEC5EA59B297D07BBB894FBAB] - (.Microsoft Corporation - Relatório de Problemas do Windows.) -- C:\WINDOWS\SysWOW64\werfault.exe [410568] [PID.7036]
[MD5.646E0E18BAD458DC05C0FDA10DF9CE8A] - (.Intel Corporation - Intel Services Manager.) -- C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\ismagent.exe [648544] [PID.5632]
[MD5.E2E84E72995AC987A8549F4D5203230B] - (.BitTorrent Inc. - µTorrent.) -- C:\Users\Diego\AppData\Roaming\uTorrent\uTorrent.exe [1270352] [PID.17384] =>P2P.BitTorrent
[MD5.CCD09CA21C1946AF24834512BD9A6FCA] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [7873536] [PID.24544]
~ Processes Running: Scanned in 00mn 01s
---\\ Google Chrome, Arranque,Pesquisa,Extensões (G0,G1,G2)
C:\Users\Diego\AppData\Local\Google\Chrome\User Data\Default\Preferences
G2 - GCE: Preference [User Data\Default] [ahfgeienlihckogmohjhadlkjgocpleb] Loja v.0.2 (Activé)
G2 - GCE: Preference [User Data\Default] [cigiagpbkapepgklncnajbakkpkopmam] iWebar v.1.26.253, (Activé) =>PUP.iWebar
G2 - GCE: Preference [User Data\Default] [dfohdbmjdkfijghgklbickfnaepghgba] Sense v.1.26.51, (Activé)
G2 - GCE: Preference [User Data\Default] [dheljpcbhldkdiabdemaflamgfnbpnkd] Color Changer para o Facebook v.22.2 (Activé)
G2 - GCE: Preference [User Data\Default] [mfffpogegjflfpflabcdkioaeobkgjik] GaiaAuthExtension v.0.0.1, (Activé)
G2 - GCE: Preference [User Data\Default] [neajdppkdcdipfabeoofebfddakdcjhd] Google Network Speech v.1.0 (Activé)
G2 - GCE: Preference [User Data\Default] [nkeimhogjdpnpccoofpliimaahmaaome] Hangout Services v.1.0 (Activé)
G2 - GCE: Preference [User Data\Default] [pafkbggdmjlpgkdkcbjmhmfcdpncadgh] Google Now v.1.2.0.1 (Activé)
---\\ Pasta de extensão do Google Chrome
~ Google Lines Browser: 21 Legitimates Filtered in 00mn 09s
---\\ Mozilla Firefox, Plugins,Arranque,Pesquisa,Extensões (P2,M0,M1,M2,M3)
M2 - MFEP: prefs.js [Diego - 46mvu0k5.default\{746505DC-0E21-4667-97F8-72EA6BCF5EEF}] [] Shopper-Pro v1.0.0.4 (..)
~ Firefox Browser: 2 Legitimates Filtered in 00mn 00s
---\\ Internet Explorer, Gestão do Proxy (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=127.0.0.1:13911 =>Hijacker.Proxy
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s
---\\ Análise das linhas F0, F1, F2, F3 - Ficheiros ini, Carregamento Automático de programas
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys: Scanned in 00mn 00s
---\\ Redireção do ficheiro Hosts (01)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File: Scanned in 00mn 00s
~ Nombre de lignes (Lines number): 21
---\\ Browser Helper Objects do navegador (02)
O2 - BHO: CrossriderApp0035510 [64Bits] - {11111111-1111-1111-1111-110311551110} . (.iWebar - iWebar BHO.) -- C:\Program Files (x86)\iWebar\iWebar-bho.dll =>PUP.CrossRider
O2 - BHO: CrossriderApp0048292 [64Bits] - {11111111-1111-1111-1111-110411821192} . (.Object Browser - Sense BHO.) -- C:\Program Files (x86)\Sense\Sense-bho.dll =>PUP.CrossRider
O2 - BHO: ShopperProBHO [64Bits] - {A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C} . (.Goobzo Ltd. - ShopperPro Extension.) -- C:\ProgramData\ShopperPro\ShopperPro.dll =>PUP.ShopperPro
O2 - BHO: Lync Click to Call BHO [64Bits] - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} Chave orfã
O2 - BHO: (no name) [64Bits] - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} Chave orfã
~ BHO: 9 Legitimates Filtered in 00mn 00s
---\\ Aplicações iniciadas por registo & pastas (04)
O4 - HKLM\..\Run: [RTHDVCPL] . (.Realtek Semiconductor - Gerenciador de áudio HD Realtek.) -- C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
O4 - HKLM\..\Run: [IgfxTray] . (.Intel Corporation - igfxTray Module.) -- C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] . (.Intel Corporation - hkcmd Module.) -- C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] . (.Intel Corporation - persistence Module.) -- C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe (.not file.)
O4 - HKCU\..\Run: [KiesPreload] . (.Samsung - Kies.) -- C:\Program Files (x86)\Samsung\Kies\Kies.exe
O4 - HKCU\..\Run: [KiesAirMessage] C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe (.not file.)
O4 - HKCU\..\Run: [SPDriver] . (.No owner - JsDriver.) -- C:\Program Files (x86)\ShopperPro\JSDriver\1.35.1.155\jsdrv.exe =>PUP.ShopperPro
O4 - HKCU\..\Run: [GoogleChromeAutoLaunch_EE61CD3E1138C10841703F73164FC478] . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O4 - HKLM\..\Wow6432Node\Run: [IAStorIcon] . (.Intel Corporation - Delayed launcher.) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe
O4 - HKLM\..\Wow6432Node\Run: [KiesTrayAgent] . (.Samsung Electronics Co., Ltd. - Kies TrayAgent Application.) -- C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe =>.Samsung Electronics Co
O4 - HKLM\..\Wow6432Node\Run: [SPDriver] . (.No owner - JsDriver.) -- C:\Program Files (x86)\ShopperPro\JSDriver\1.35.1.155\jsdrv.exe =>PUP.ShopperPro
O4 - HKLM\..\Wow6432Node\Run: [AvastUI.exe] . (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
O4 - HKUS\S-1-5-21-1558113235-1093295934-644403203-1001\..\Run: [KiesPreload] . (.Samsung - Kies.) -- C:\Program Files (x86)\Samsung\Kies\Kies.exe
O4 - HKUS\S-1-5-21-1558113235-1093295934-644403203-1001\..\Run: [KiesAirMessage] C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe (.not file.)
O4 - HKUS\S-1-5-21-1558113235-1093295934-644403203-1001\..\Run: [SPDriver] . (.No owner - JsDriver.) -- C:\Program Files (x86)\ShopperPro\JSDriver\1.35.1.155\jsdrv.exe =>PUP.ShopperPro
O4 - HKUS\S-1-5-21-1558113235-1093295934-644403203-1001\..\Run: [GoogleChromeAutoLaunch_EE61CD3E1138C10841703F73164FC478] . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
~ Application: Scanned in 00mn 00s
---\\ Boutões da barra de ferramentas principal do Internet Explorer (09)
O9 - Extra button: Se&nd to OneNote [64Bits] - {2670000A-7350-4f3c-8081-5663EE0C6C49} . (.Microsoft Corporation - Microsoft OneNote Internet Explorer Add-in.) -- C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\ONBttnIE.dll =>.Microsoft Corporation
O9 - Extra button: Lync Click to Call [64Bits] - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -- C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\lync.exe (.not file.)
O9 - Extra button: OneNote Lin&ked Notes [64Bits] - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} . (.Microsoft Corporation - Microsoft OneNote Internet Explorer Add-in.) -- C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\ONBttnIELinkedNotes.dll =>.Microsoft Corporation
~ IE Extra Buttons: Scanned in 00mn 00s
---\\ Alteração Dominio/Clientes DNS (017)
O17 - HKLM\System\CCS\Services\Tcpip\..\{1C8DAE3F-A59E-4149-913F-3D5FC6209543}: NameServer = 8.8.8.8,8.8.4.4 =>.Google DNS Redirections
O17 - HKLM\System\CCS\Services\Tcpip\..\{1C8DAE3F-A59E-4149-913F-3D5FC6209543}: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{B13FEA21-6FB2-4C41-A3F4-91CF42CB23D8}: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{1C8DAE3F-A59E-4149-913F-3D5FC6209543}: NameServer = 8.8.8.8,8.8.4.4 =>.Google DNS Redirections
O17 - HKLM\System\CS1\Services\Tcpip\..\{1C8DAE3F-A59E-4149-913F-3D5FC6209543}: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{B13FEA21-6FB2-4C41-A3F4-91CF42CB23D8}: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
~ Domain: Scanned in 00mn 00s
---\\ Protocolo adicional (018)
O18 - Handler: wlpg [64Bits] - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (...) --
O18 - Filter: application/x-msdownload [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll =>.Microsoft Corporation
~ Protocole Additionnel: Scanned in 00mn 00s
---\\ Valor do Registo AppInit_DLLs e sub-chaves Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: igfxcui . (.Intel Corporation - igfxdev Module.) -- C:\Windows\System32\igfxdev.dll
~ Winlogon: Scanned in 00mn 00s
---\\ Lista dos serviços NT não Microsoft e não desativados (023)
O23 - Service: ViewPassword (ViewPassword) . (...) - C:\Program Files (x86)\ViewPassword-soft\ViewPasswordFIX161.exe =>PUP.ViewPassword
~ Services: 11 Legitimates Filtered in 00mn 11s
---\\ Tarefas planificadas automaticamente (039)
[MD5.E4F65ED9746881F1116AFA4C66132D75] [APT] [b758eec0-2d77-437d-8ac8-dcd399a3b7db-1] (.iWebar.) -- C:\Program Files (x86)\iWebar\iWebar-codedownloader.exe [481648] =>PUP.iWebar
[MD5.033918DE67B85C112BE7B6B58887BB10] [APT] [b758eec0-2d77-437d-8ac8-dcd399a3b7db-2] (.iWebar.) -- C:\Program Files (x86)\iWebar\b758eec0-2d77-437d-8ac8-dcd399a3b7db-2.exe [337776] =>PUP.iWebar
[MD5.62AEC32147FA84F7234ABEB005F2A7DE] [APT] [b758eec0-2d77-437d-8ac8-dcd399a3b7db-3] (.iWebar.) -- C:\Program Files (x86)\iWebar\b758eec0-2d77-437d-8ac8-dcd399a3b7db-3.exe [1865072] =>PUP.iWebar
[MD5.D92A0132E216EAD89016E9AD918E0930] [APT] [b758eec0-2d77-437d-8ac8-dcd399a3b7db-4] (.iWebar.) -- C:\Program Files (x86)\iWebar\b758eec0-2d77-437d-8ac8-dcd399a3b7db-4.exe [800624] =>PUP.iWebar
[MD5.025CBE6E79FEE0644535704F192793B6] [APT] [b758eec0-2d77-437d-8ac8-dcd399a3b7db-5] (.iWebar.) -- C:\Program Files (x86)\iWebar\b758eec0-2d77-437d-8ac8-dcd399a3b7db-5.exe [325488] =>PUP.iWebar
[MD5.15126CC37CC7CD3109DB5A1806AB49FC] [APT] [d4e590bb-8214-4c59-8429-13fb7d7180b5-2] (.Object Browser.) -- C:\Program Files (x86)\Sense\d4e590bb-8214-4c59-8429-13fb7d7180b5-2.exe [334336] =>PUP.ObjectBrowser
[MD5.17584A8742295940A60BD3F05831624C] [APT] [d4e590bb-8214-4c59-8429-13fb7d7180b5-3] (.Object Browser.) -- C:\Program Files (x86)\Sense\d4e590bb-8214-4c59-8429-13fb7d7180b5-3.exe [1861120] =>PUP.ObjectBrowser
[MD5.CF95FE16A28689582586F22E3E150C66] [APT] [d4e590bb-8214-4c59-8429-13fb7d7180b5-5] (.Object Browser.) -- C:\Program Files (x86)\Sense\d4e590bb-8214-4c59-8429-13fb7d7180b5-5.exe [278528] =>PUP.ObjectBrowser
[MD5.A8C22B4B1E9D15246BCC2779FC3A5D0B] [APT] [ShopperPro] (.Goobzo LTD.) -- C:\Program Files (x86)\ShopperPro\ShopperPro.exe [1100136] =>PUP.ShopperPro
[MD5.6B4B668D474D8283A4CD0954717E2A27] [APT] [SPDriver] (...) -- C:\Program Files (x86)\ShopperPro\JSDriver\1.35.1.155\jsdrv.exe [3318272] =>PUP.ShopperPro
O39 - APT: - (..) -- C:\Windows\System32\Tasks\Adobe Flash Player Updater [902]
O39 - APT: b758eec0-2d77-437d-8ac8-dcd399a3b7db-1 - (.iWebar.) -- C:\Windows\Tasks\b758eec0-2d77-437d-8ac8-dcd399a3b7db-1.job [1670] =>PUP.CrossRider
O39 - APT: b758eec0-2d77-437d-8ac8-dcd399a3b7db-1 - (.iWebar.) -- C:\Windows\System32\Tasks\b758eec0-2d77-437d-8ac8-dcd399a3b7db-1 [1670] =>PUP.CrossRider
O39 - APT: b758eec0-2d77-437d-8ac8-dcd399a3b7db-2 - (.iWebar.) -- C:\Windows\Tasks\b758eec0-2d77-437d-8ac8-dcd399a3b7db-2.job [1648] =>PUP.CrossRider
O39 - APT: b758eec0-2d77-437d-8ac8-dcd399a3b7db-2 - (.iWebar.) -- C:\Windows\System32\Tasks\b758eec0-2d77-437d-8ac8-dcd399a3b7db-2 [1648] =>PUP.CrossRider
O39 - APT: b758eec0-2d77-437d-8ac8-dcd399a3b7db-3 - (.iWebar.) -- C:\Windows\Tasks\b758eec0-2d77-437d-8ac8-dcd399a3b7db-3.job [3456] =>PUP.CrossRider
O39 - APT: b758eec0-2d77-437d-8ac8-dcd399a3b7db-3 - (.iWebar.) -- C:\Windows\System32\Tasks\b758eec0-2d77-437d-8ac8-dcd399a3b7db-3 [3456] =>PUP.CrossRider
O39 - APT: b758eec0-2d77-437d-8ac8-dcd399a3b7db-4 - (.iWebar.) -- C:\Windows\Tasks\b758eec0-2d77-437d-8ac8-dcd399a3b7db-4.job [2346] =>PUP.CrossRider
O39 - APT: b758eec0-2d77-437d-8ac8-dcd399a3b7db-4 - (.iWebar.) -- C:\Windows\System32\Tasks\b758eec0-2d77-437d-8ac8-dcd399a3b7db-4 [2346] =>PUP.CrossRider
O39 - APT: b758eec0-2d77-437d-8ac8-dcd399a3b7db-5 - (.iWebar.) -- C:\Windows\Tasks\b758eec0-2d77-437d-8ac8-dcd399a3b7db-5.job [1764] =>PUP.CrossRider
O39 - APT: b758eec0-2d77-437d-8ac8-dcd399a3b7db-5 - (.iWebar.) -- C:\Windows\System32\Tasks\b758eec0-2d77-437d-8ac8-dcd399a3b7db-5 [1764] =>PUP.CrossRider
O39 - APT: d4e590bb-8214-4c59-8429-13fb7d7180b5-2 - (.Object Browser.) -- C:\Windows\Tasks\d4e590bb-8214-4c59-8429-13fb7d7180b5-2.job [1630] =>PUP.CrossRider
O39 - APT: d4e590bb-8214-4c59-8429-13fb7d7180b5-2 - (.Object Browser.) -- C:\Windows\System32\Tasks\d4e590bb-8214-4c59-8429-13fb7d7180b5-2 [1630] =>PUP.CrossRider
O39 - APT: d4e590bb-8214-4c59-8429-13fb7d7180b5-3 - (.Object Browser.) -- C:\Windows\Tasks\d4e590bb-8214-4c59-8429-13fb7d7180b5-3.job [3450] =>PUP.CrossRider
O39 - APT: d4e590bb-8214-4c59-8429-13fb7d7180b5-3 - (.Object Browser.) -- C:\Windows\System32\Tasks\d4e590bb-8214-4c59-8429-13fb7d7180b5-3 [3450] =>PUP.CrossRider
O39 - APT: d4e590bb-8214-4c59-8429-13fb7d7180b5-5 - (.Object Browser.) -- C:\Windows\Tasks\d4e590bb-8214-4c59-8429-13fb7d7180b5-5.job [1750] =>PUP.CrossRider
O39 - APT: d4e590bb-8214-4c59-8429-13fb7d7180b5-5 - (.Object Browser.) -- C:\Windows\System32\Tasks\d4e590bb-8214-4c59-8429-13fb7d7180b5-5 [1750] =>PUP.CrossRider
O39 - APT: - (..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore [1074]
O39 - APT: - (..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA [1078]
O39 - APT: - (..) -- C:\Windows\Tasks\Synaptics TouchPad Enhancements.job [264]
O39 - APT: - (..) -- C:\Windows\Tasks\ViewPassword_wd.job [426] =>PUP.ViewPassword
~ Scheduled Task: 45 Legitimates Filtered in 00mn 14s
---\\ Software instalados (042)
O42 - Logiciel: Driver 1.3.1 - (.OEM.) [HKLM][64Bits] -- {BA56CD60-1D9F-4BE6-AC2F-B7C4A5437C35}
O42 - Logiciel: IPM 1.9.4 - (.OEM.) [HKLM][64Bits] -- {AADF4228-0772-4D43-92EB-B245E3A17B00}
O42 - Logiciel: KeeP 3D - v1.0 - (.KeeP Sofware.) [HKLM][64Bits] -- {D445A7B9-69A8-4860-95B9-BB957281D9A0}_is1
O42 - Logiciel: KeeP3D - (.UNKNOWN.) [HKLM][64Bits] -- KeeP3D
O42 - Logiciel: KeeP3D - (.UNKNOWN.) [HKLM][64Bits] -- {8AC46073-0856-7FD5-5411-AFDB47D963B0}
O42 - Logiciel: Sense - (.Object Browser.) [HKLM][64Bits] -- Sense =>PUP.ObjectBrowser
O42 - Logiciel: Shopper-Pro - (...) [HKLM][64Bits] -- ShopperPro =>PUP.ShopperPro
O42 - Logiciel: ViewPassword - (.ViewPassword-software.) [HKLM][64Bits] -- 5C09460A-58F6-BE4A-FC98-7291811E248D =>PUP.ViewPassword
O42 - Logiciel: iBrightness 1.0.1 - (.OEM.) [HKLM][64Bits] -- {B351A468-173F-43D8-B6E6-5A6E9A0125A8}
O42 - Logiciel: iWebar - (.iWebar.) [HKLM][64Bits] -- iWebar =>PUP.iWebar
~ Logic: 29 Legitimates Filtered in 00mn 01s
---\\ HKCU & HKLM Software Keys
[HKCU\Software\Goobzo] =>PUP.Goobzo
[HKCU\Software\InstalledBrowserExtensions] =>Adware.VidSaver
[HKCU\Software\ShopperPro] =>PUP.ShopperPro
[HKCU\Software\SoilAP]
[HKLM\Software\Iminent] =>Adware.IMBooster
[HKLM\Software\InstalledBrowserExtensions] =>Adware.VidSaver
[HKLM\Software\SoilIO]
[HKLM\Software\Wow6432Node\Goobzo] =>PUP.Goobzo
[HKLM\Software\Wow6432Node\Iminent] =>Adware.IMBooster
[HKLM\Software\Wow6432Node\InstalledBrowserExtensions] =>Adware.VidSaver
~ Key Software: 205 Legitimates Filtered in 00mn 01s
---\\ Conteúdo das pastas Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 04/05/2014 - 22:01:55 - [0] ----D C:\Program Files (x86)\IminentToolbar =>Adware.IMBooster
O43 - CFD: 04/05/2014 - 22:02:22 - [] ----D C:\Program Files (x86)\iWebar =>PUP.iWebar
O43 - CFD: 11/03/2013 - 14:13:20 - [] ----D C:\Program Files (x86)\KeeP3D
O43 - CFD: 07/05/2014 - 19:28:15 - [] ----D C:\Program Files (x86)\Sense
O43 - CFD: 07/05/2014 - 19:32:45 - [] ----D C:\Program Files (x86)\ShopperPro =>PUP.ShopperPro
O43 - CFD: 06/05/2014 - 12:48:50 - [] ----D C:\Program Files (x86)\ViewPassword-soft =>PUP.ViewPassword
O43 - CFD: 04/05/2014 - 22:01:25 - [] ----D C:\ProgramData\ShopperPro =>PUP.ShopperPro
O43 - CFD: 04/05/2014 - 22:01:32 - [] ----D C:\Users\Diego\AppData\Local\Installer
~ Program Folder: 118 Legitimates Filtered in 00mn 01s
---\\ Últimos ficheiros alterados ou criados no Windows e Sistema32 (044)
O44 - LFC:[MD5.F8BEF1E87A4DDE29E82CD7512DAABFA4] - 01/05/2014 - 01:33:06 ---A- . (...) -- C:\Windows\WindowsUpdate (1).log [1695946]
O44 - LFC:[MD5.12B0701B1CEC1A7BB0E4C71D97661E23] - 01/05/2014 - 01:47:02 ---A- . (...) -- C:\Windows\System32\ApnDatabase.xml [387210]
O44 - LFC:[MD5.5910E212539816BE85C7D033651124A9] - 01/05/2014 - 02:05:55 ---A- . (...) -- C:\Windows\DtcInstall.log [4893]
O44 - LFC:[MD5.89E472AFB28892082AFD2D3FD6DA2758] - 01/05/2014 - 02:12:24 ---A- . (...) -- C:\Windows\System32\emptyregdb.dat [22956]
O44 - LFC:[MD5.AE773905963646112E7C0DE64E51F08A] - 01/05/2014 - 02:12:44 ---A- . (...) -- C:\Windows\comsetup.log [6609]
O44 - LFC:[MD5.81DD33EC695AB90466031CF430CFA1BD] - 01/05/2014 - 02:12:45 ---A- . (...) -- C:\Windows\diagerr.xml [20958]
O44 - LFC:[MD5.81DD33EC695AB90466031CF430CFA1BD] - 01/05/2014 - 02:12:45 ---A- . (...) -- C:\Windows\diagwrn.xml [20958]
O44 - LFC:[MD5.D6528497A77519B74DE4C834D9213D77] - 07/05/2014 - 13:15:49 ---A- . (...) -- C:\Windows\System32\prfc0416.dat [159030]
O44 - LFC:[MD5.B8EF9FFA42CFC6C14F69D26AD3DAE758] - 07/05/2014 - 13:15:49 ---A- . (...) -- C:\Windows\System32\prfh0416.dat [775938]
O44 - LFC:[MD5.340B0467E98A8C92697D73034DB4BCB7] - 07/05/2014 - 19:11:05 ---A- . (...) -- C:\Windows\System32\Drivers\aswHwid.sys [29208]
O44 - LFC:[MD5.D9103AE68899692A7961361715403BCA] - 07/05/2014 - 19:22:32 ---A- . (.No owner - Setup/Uninstall.) -- C:\Windows\unins000.exe [1180099]
O44 - LFC:[MD5.6F2C7F5AD338FF640B3249039A5F7511] - 07/05/2014 - 19:23:44 ---A- . (...) -- C:\Windows\unins000.dat [1227]
~ Files: 178 Legitimates Filtered in 00mn 15s
---\\ Image File Execution Options (IFEO) (O50)
O50 - IFEO:Image File Execution Options - DatamngrCoordinator.exe - tasklist.exe =>PUP.Datamngr
~ IFEO: Scanned in 00mn 00s
---\\ Enumeração das chaves do registo PoliciesSystem (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
~ MWPS: 17 Legitimates Filtered in 00mn 00s
---\\ Enumeração das chaves do registo PoliciesExplorer (MWPE) (O56)
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktopChanges"=1
~ MWPE Keys: 3 Legitimates Filtered in 00mn 00s
---\\ Lista dos drivers do sistema (SDL) (O58)
O58 - SDL:07/05/2014 - 19:11:05 ---A- . (...) -- C:\Windows\System32\Drivers\aswHwid.sys [29208] =>.ALWIL Software
O58 - SDL:07/05/2014 - 19:11:05 ---A- . (...) -- C:\Windows\System32\Drivers\aswRvrt.sys [65776] =>.ALWIL Software
O58 - SDL:07/05/2014 - 19:11:06 ---A- . (...) -- C:\Windows\System32\Drivers\aswVmm.sys [208416] =>.ALWIL Software
O58 - SDL:12/08/2013 - 20:25:46 ---A- . (.Windows (R) Win 7 DDK provider - BCM Function 2 Device Driver.) -- C:\Windows\System32\Drivers\bcmfn2.sys [17624]
O58 - SDL:19/08/2010 - 16:59:12 ---A- . (...) -- C:\Windows\System32\Drivers\SoilIO.sys [17912]
O58 - SDL:03/12/2009 - 10:03:50 ---A- . (.Systems Internals - Windows NT Caps-lock Ctrl Swapper.) -- C:\Windows\System32\Drivers\soilkbc.sys [13816]
O58 - SDL:03/12/2009 - 10:04:16 ---A- . (.Systems Internals - Windows NT Caps-lock Ctrl Swapper.) -- C:\Windows\System32\Drivers\SoilMC.sys [13304]
O58 - SDL:11/04/2014 - 05:39:22 ---A- . (.DEVGURU Co., LTD.([Tens de ter uma conta e sessão iniciada para poderes visualizar este link] - SAMSUNG USB Composite Device Driver (MSS Ver.3).) -- C:\Windows\System32\Drivers\ssudbus.sys [110336]
O58 - SDL:11/04/2014 - 05:39:22 ---A- . (.DEVGURU Co., LTD.([Tens de ter uma conta e sessão iniciada para poderes visualizar este link] - SAMSUNG Android Modem Device Driver (MSS Ver.3).) -- C:\Windows\System32\Drivers\ssudmdm.sys [206080]
O58 - SDL:22/08/2013 - 09:43:32 ---A- . (.Promise Technology, Inc. - Promise SuperTrak EX Series Driver for Windows x64.) -- C:\Windows\System32\Drivers\stexstor.sys [31072]
~ Drivers: 56 Legitimates Filtered in 00mn 08s
---\\ Lista das ferramentas de remoção de vírus (LAT) (063)
O63 - Logiciel: ZHPDiag 2014 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =>.Nicolas Coolman
~ ADS: Scanned in 00mn 00s
---\\ Associações Shell Spawning (O67)
O67 - Shell Spawning: <.html>[HKCU\..\open\Command] (.Not Key.)
~ FASS Keys: 11 Legitimates Filtered in 00mn 00s
---\\ Menu de inicialização Internet (068)
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
~ Keys: Scanned in 00mn 00s
---\\ Pesquisa de infeção nos navegadores da Internet (SBI) (069)
O69 - SBI: prefs.js [Diego - 46mvu0k5.default] user_pref("extensions.crossrider.bic", "145d97b32c5ffcdf2e09234ec7629af8"); =>PUP.CrossRider
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (Bing) - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
~ Keys: Scanned in 00mn 00s
---\\ Pesquisa adicional à raiz do sistema (radicular) (SPRF) (O84)
[MD5.8A9352796AA53724E44FE847905C97F3] [SPRF][04/05/2014] (.www.megacubo.net - Megacubo Setup.) -- C:\Users\Diego\Desktop\654-Megacubo_10.4.0.exe [5613128]
~ Files: 1 Legitimates Filtered in 00mn 00s
---\\ Lista das exceções do FireWall (FirewallRules) (O87)
O87 - FAEL: "{4DB48935-BF4F-49F7-908C-89E7FDB23FA3}" | In - None - P6 - TRUE | .(.BitTorrent Inc. - µTorrent.) -- C:\Users\Diego\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.BitTorrent
O87 - FAEL: "{D2AC5317-4A42-4F04-BC99-0D57968529C6}" | In - None - P17 - TRUE | .(.BitTorrent Inc. - µTorrent.) -- C:\Users\Diego\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.BitTorrent
~ Firewall: 2 Legitimates Filtered in 00mn 03s
---\\ Search Tracing Registry Key (O100)
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\Iminent_RASAPI32 =>Adware.IMBooster
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\Iminent_RASMANCS =>Adware.IMBooster
~ BTK: 18 Legitimates Filtered in 00mn 00s
---\\ Search CLSID Registry Key (O101)
[HKCR\CLSID\{11111111-1111-1111-1111-110311551110}] (iWebar) =>PUP.iWebar
[HKCR\CLSID\{22222222-2222-2222-2222-220322552210}] (CrossriderApp0035510.Sandbox) =>PUP.CrossRider
[HKCR\CLSID\{22222222-2222-2222-2222-220422822292}] (CrossriderApp0048292.Sandbox) =>PUP.CrossRider
~ BCK: 5193 Legitimates Filtered in 00mn 15s
---\\ Estado general dos serviços não Microsoft (EGS) (SR=Executados, SS=Parados)
SS - | Demand 30/04/2014 257712 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
SS - | Demand 29/01/2014 279000 | (cphs) . (.Intel Corporation.) - C:\Windows\SysWow64\IntelCpHeciSvc.exe
SS - | Auto 07/05/2014 116648 | (gupdate) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 07/05/2014 116648 | (gupdatem) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 22/04/2014 119408 | (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
SS - | Demand 22/08/2013 37768 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SR - | Auto 07/05/2014 50344 | (avast! Antivirus) . (.AVAST Software.) - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
SR - | Auto 07/05/2014 109048 | (avast! Firewall) . (.AVAST Software.) - C:\Program Files\AVAST Software\Avast\afwServ.exe
SR - | Auto 19/11/2012 14904 | (IAStorDataMgrSvc) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
SR - | Auto 13/09/2012 2466448 | (IconMan_R) . (.Realsil Microelectronics Inc..) - C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
SR - | Auto 27/07/2012 636952 | (Intel(R) Capability Licensing Service Interface) . (.Intel(R) Corporation.) - C:\Program Files\Intel\iCLS Client\HeciServer.exe
SR - | Auto 19/12/2012 129488 | (Intel(R) ME Service) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
SR - | Auto 19/12/2012 165328 | (jhi_service) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
SR - | Auto 19/12/2012 277456 | (LMS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
SR - | Auto 19/12/2012 364496 | (UNS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
SR - | Auto 04/05/2014 142336 | (ViewPassword) . (...) - C:\Program Files (x86)\ViewPassword-soft\ViewPasswordFIX161.exe =>PUP.ViewPassword
SR - | Demand 10/07/1658 0 | (WdNisSvc) . (...) - C:\Program Files (x86)\Windows Defender\NisSrv.exe
SR - | Demand 10/07/1658 0 | (WinDefend) . (...) - C:\Program Files (x86)\Windows Defender\MsMpEng.exe
SR - | Auto 10/07/1658 0 | (WMPNetworkSvc) . (...) - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe =>.Microsoft Corporation
~ Services: Scanned in 00mn 19s
---\\ Scâner Aditional (088)
Database Version : 13045 - (08/05/2014)
Clés trouvées (Keys found) : 142
Valeurs trouvées (Values found) : 2
Dossiers trouvés (Folders found) : 7
Fichiers trouvés (Files found) : 38
[HKLM\Software\Google\Chrome\Extensions\cigiagpbkapepgklncnajbakkpkopmam] =>PUP.iWebar^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110311551110}] =>PUP.CrossRider^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110411821192}] =>PUP.CrossRider^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C}] =>PUP.ShopperPro^
[HKLM\SYSTEM\CurrentControlSet\Services\ViewPassword] =>PUP.ViewPassword^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Sense] =>PUP.ObjectBrowser^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\ShopperPro] =>PUP.ShopperPro^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\5C09460A-58F6-BE4A-FC98-7291811E248D] =>PUP.ViewPassword^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\iWebar] =>PUP.iWebar^
[HKLM\Software\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}] =>Adware.IMBooster
[HKLM\Software\Wow6432Node\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}] =>Adware.IMBooster
[HKLM\Software\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}] =>Adware.IMBooster
[HKLM\Software\Wow6432Node\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}] =>Adware.IMBooster
[HKLM\Software\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}] =>Adware.IMBooster
[HKLM\Software\Wow6432Node\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}] =>Adware.IMBooster
[HKLM\Software\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}] =>Adware.IMBooster
[HKLM\Software\Wow6432Node\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}] =>Adware.IMBooster
[HKLM\Software\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}] =>PUP.RewardsArcade
[HKLM\Software\Classes\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994}] =>Toolbar.Agent
[HKLM\Software\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}] =>PUP.RewardsArcade
[HKLM\Software\Classes\TypeLib\{2BF2028E-3F3C-4C05-AB45-B2F1DCFE0759}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}] =>PUP.Whitesmoke
[HKLM\Software\Wow6432Node\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}] =>PUP.Whitesmoke
[HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68B81CCD-A80C-4060-8947-5AE69ED01199}] =>Adware.IMBooster
[HKLM\Software\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}] =>PUP.RewardsArcade
[HKLM\Software\Classes\TypeLib\{DB538320-D3C5-433C-BCA9-C4081A054FCF}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E6B969FB-6D33-48d2-9061-8BBD4899EB08}] =>Adware.IMBooster
[HKLM\Software\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}] =>PUP.RewardsArcade
[HKLM\Software\Iminent] =>Adware.IMBooster
[HKLM\Software\Wow6432Node\Iminent] =>Adware.IMBooster
[HKLM\Software\Wow6432Node\Microsoft\Tracing\Iminent_RASAPI32] =>Adware.Bandoo
[HKLM\Software\Wow6432Node\Microsoft\Tracing\Iminent_RASMANCS] =>Adware.Bandoo
[HKLM\Software\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}] =>PUP.Babylon
[HKLM\Software\Wow6432Node\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}] =>PUP.Babylon
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\SearchTheWebARP] =>Adware.IMBooster
[HKLM\Software\Classes\AppID\secman.DLL] =>PUP.Babylon
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\29799DE249E7DBC459FC6C8F07EB8375] =>PUP.Tarma
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0238BBE24EA3A70408B81E4BB89C15E5] =>PUP.Tarma
[HKCU\Software\AppDataLow\Software\Crossrider] =>PUP.CrossRider
[HKCU\Software\InstalledBrowserExtensions\] =>PUP.CrossRider
[HKCU\Software\InstalledBrowserExtensions] =>PUP.CrossRider
[HKLM\Software\InstalledBrowserExtensions] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\InstalledBrowserExtensions] =>PUP.CrossRider
[HKLM\Software\Classes\CrossriderApp0035510.BHO] =>PUP.CrossRider
[HKLM\Software\Classes\CrossriderApp0035510.BHO.1] =>PUP.CrossRider
[HKLM\Software\Classes\CrossriderApp0035510.Sandbox] =>PUP.CrossRider
[HKLM\Software\Classes\CrossriderApp0035510.Sandbox.1] =>PUP.CrossRider
[HKLM\Software\Classes\CrossriderApp0048292.BHO] =>PUP.CrossRider
[HKLM\Software\Classes\CrossriderApp0048292.BHO.1] =>PUP.CrossRider
[HKLM\Software\Classes\CrossriderApp0048292.Sandbox] =>PUP.CrossRider
[HKLM\Software\Classes\CrossriderApp0048292.Sandbox.1] =>PUP.CrossRider
[HKLM\Software\Classes\CLSID\{11111111-1111-1111-1111-110311551110}] =>PUP.CrossRider
[HKLM\Software\Classes\CLSID\{22222222-2222-2222-2222-220322552210}] =>PUP.CrossRider
[HKLM\Software\Classes\CLSID\{22222222-2222-2222-2222-220422822292}] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\Classes\CrossriderApp0035510.BHO] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\Classes\CrossriderApp0035510.BHO.1] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\Classes\CrossriderApp0035510.Sandbox] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\Classes\CrossriderApp0035510.Sandbox.1] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\Classes\CrossriderApp0048292.BHO] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\Classes\CrossriderApp0048292.BHO.1] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\Classes\CrossriderApp0048292.Sandbox] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\Classes\CrossriderApp0048292.Sandbox.1] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\Classes\CLSID\{11111111-1111-1111-1111-110311551110}] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\Classes\CLSID\{11111111-1111-1111-1111-110411821192}] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\Classes\CLSID\{22222222-2222-2222-2222-220322552210}] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\Classes\CLSID\{22222222-2222-2222-2222-220422822292}] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110311551110}] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110411821192}] =>PUP.CrossRider
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]:SPDriver =>PUP.ShopperPro^
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]:SPDriver =>PUP.ShopperPro^
C:\Users\Diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\cigiagpbkapepgklncnajbakkpkopmam =>PUP.iWebar^
C:\Program Files (x86)\IminentToolbar =>Adware.IMBooster^
C:\Program Files (x86)\iWebar =>PUP.iWebar^
C:\Program Files (x86)\ShopperPro =>PUP.ShopperPro^
C:\Program Files (x86)\ViewPassword-soft =>PUP.ViewPassword^
C:\ProgramData\ShopperPro =>PUP.ShopperPro^
C:\Users\Diego\AppData\Local\Installer =>Adware.InstallPedia
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: Modified =>Hijacker.Application^
C:\Program Files (x86)\ShopperPro\JSDriver\1.35.1.155\jsdrv.exe =>PUP.ShopperPro^
C:\program files (x86)\iwebar\iwebar-bg.exe =>PUP.iWebar^
C:\Users\Diego\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.BitTorrent^
C:\Program Files (x86)\iWebar\iWebar-codedownloader.exe =>PUP.iWebar^
C:\Program Files (x86)\iWebar\b758eec0-2d77-437d-8ac8-dcd399a3b7db-2.exe =>PUP.iWebar^
C:\Program Files (x86)\iWebar\b758eec0-2d77-437d-8ac8-dcd399a3b7db-3.exe =>PUP.iWebar^
C:\Program Files (x86)\iWebar\b758eec0-2d77-437d-8ac8-dcd399a3b7db-4.exe =>PUP.iWebar^
C:\Program Files (x86)\iWebar\b758eec0-2d77-437d-8ac8-dcd399a3b7db-5.exe =>PUP.iWebar^
C:\Program Files (x86)\Sense\d4e590bb-8214-4c59-8429-13fb7d7180b5-2.exe =>PUP.ObjectBrowser^
C:\Program Files (x86)\Sense\d4e590bb-8214-4c59-8429-13fb7d7180b5-3.exe =>PUP.ObjectBrowser^
C:\Program Files (x86)\Sense\d4e590bb-8214-4c59-8429-13fb7d7180b5-5.exe =>PUP.ObjectBrowser^
C:\Program Files (x86)\ShopperPro\ShopperPro.exe =>PUP.ShopperPro^
C:\Windows\Tasks\b758eec0-2d77-437d-8ac8-dcd399a3b7db-1.job =>PUP.CrossRider^
C:\Windows\System32\Tasks\b758eec0-2d77-437d-8ac8-dcd399a3b7db-1 =>PUP.CrossRider^
C:\Windows\Tasks\b758eec0-2d77-437d-8ac8-dcd399a3b7db-2.job =>PUP.CrossRider^
C:\Windows\System32\Tasks\b758eec0-2d77-437d-8ac8-dcd399a3b7db-2 =>PUP.CrossRider^
C:\Windows\Tasks\b758eec0-2d77-437d-8ac8-dcd399a3b7db-3.job =>PUP.CrossRider^
C:\Windows\System32\Tasks\b758eec0-2d77-437d-8ac8-dcd399a3b7db-3 =>PUP.CrossRider^
C:\Windows\Tasks\b758eec0-2d77-437d-8ac8-dcd399a3b7db-4.job =>PUP.CrossRider^
C:\Windows\System32\Tasks\b758eec0-2d77-437d-8ac8-dcd399a3b7db-4 =>PUP.CrossRider^
C:\Windows\Tasks\b758eec0-2d77-437d-8ac8-dcd399a3b7db-5.job =>PUP.CrossRider^
C:\Windows\System32\Tasks\b758eec0-2d77-437d-8ac8-dcd399a3b7db-5 =>PUP.CrossRider^
C:\Windows\Tasks\d4e590bb-8214-4c59-8429-13fb7d7180b5-2.job =>PUP.CrossRider^
C:\Windows\System32\Tasks\d4e590bb-8214-4c59-8429-13fb7d7180b5-2 =>PUP.CrossRider^
C:\Windows\Tasks\d4e590bb-8214-4c59-8429-13fb7d7180b5-3.job =>PUP.CrossRider^
C:\Windows\System32\Tasks\d4e590bb-8214-4c59-8429-13fb7d7180b5-3 =>PUP.CrossRider^
C:\Windows\Tasks\d4e590bb-8214-4c59-8429-13fb7d7180b5-5.job =>PUP.CrossRider^
C:\Windows\System32\Tasks\d4e590bb-8214-4c59-8429-13fb7d7180b5-5 =>PUP.CrossRider^
C:\Windows\Tasks\ViewPassword_wd.job =>PUP.ViewPassword^
[HKCU\Software\Goobzo] =>PUP.Goobzo^
[HKCU\Software\ShopperPro] =>PUP.ShopperPro^
[HKLM\Software\Wow6432Node\Goobzo] =>PUP.Goobzo^
[HKCR\CLSID\{11111111-1111-1111-1111-110311551110}] (iWebar) =>PUP.iWebar^
[HKCR\CLSID\{22222222-2222-2222-2222-220322552210}] (CrossriderApp0035510.Sandbox) =>PUP.CrossRider^
[HKCR\CLSID\{22222222-2222-2222-2222-220422822292}] (CrossriderApp0048292.Sandbox) =>PUP.CrossRider^
C:\Users\Diego\AppData\Local\Temp\2688.tmp =>Adware.IMBooster
~ Additionnel Scan: 180322 Items scanned in 01mn 03s
---\\ Sumário das deteções encontradas na sua estação
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>PUP.ShopperPro
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>Hijacker.Proxy
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>PUP.CrossRider
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>PUP.ViewPassword
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>Adware.VidSaver
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>Adware.IMBooster
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>PUP.Datamngr
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>PUP.RewardsArcade
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>PUP.Whitesmoke
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>Adware.Bandoo
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>PUP.Babylon
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>PUP.Tarma
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>Adware.InstallPedia
~ MSI: 13 link(s) detected in 00mn 00s
~ 735 Legitimates filtered by white list
End of the scan (673 lines in 03mn 00s)(0)
Segue abaixo as informações geradas pelo meu pc.
~ Relatório do ZHPDiag v2014.5.8.57 - Nicolas Coolman (08/05/2014)
~ Iniciado por Diego (08/05/2014 14:25:16)
~ Endereço do Website : http://nicolascoolman.webs.com
~ Fóruns de suporte gratuito para desinfecção : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
~ Tradução pelo utilizador
~ Estatuto da versão :
~ Lista Branca : Ativado pelo programa
~ Elevação dos Privilégios : OK
~ Controle de Conta de Utilizador : Activate by user
---\\ Navegadores Internet
MSIE: Internet Explorer v11.0.9600.17105
MFIE: Mozilla Firefox 29.0
GCIE: Google Chrome v34.0.1847.131 (Defaut)
---\\ Informações sobre os produtos Windows
~ Langage: Portugais
Windows 8.1 Single Language, 64-bit (Build 9600)
Windows Server License Manager Script : OK
Software Protection Service (Protection logicielle) : OK
Windows Automatic Updates : OK
Windows Activation Technologies : OK
---\\ Softwares de proteçao do sistema
avast! Premier v9.0.2018
Windows Defender W8
---\\ Softwares d'optimização do sistema
---\\ Softwares de partilha do PeerToPeer (P2P)
---\\ Monitoramento dos softwares
Adobe Flash Player 13 Plugin
---\\ Informações sobre o sistema
~ Processor: Intel64 Family 6 Model 42 Stepping 7, GenuineIntel
~ Operating System: 64 Bits
Boot mode: Normal (Normal boot)
Total RAM: 1938 MB (20% free)
System Restore: Activé (Enable)
System drive C: has 421 GB (93%) free of 450 GB
---\\ Modo de conexão ao sistema
~ Computer Name: DIEGO
~ User Name: Diego
~ All Users Names: HomeGroupUser$, Diego, Convidado, Administrador,
~ Unselected Option: 045,061,O62,065,066,080,O82,089
Logged in as Administrator
---\\ As variáveis de ambiente
~ System Unit : C:\
~ %AppZHP% : C:\Users\Diego\AppData\Roaming\ZHP\
~ %AppData% : C:\Users\Diego\AppData\Roaming\
~ %Desktop% : C:\Users\Diego\Desktop\
~ %Favorites% : C:\Users\Diego\Favorites\
~ %LocalAppData% : C:\Users\Diego\AppData\Local\
~ %StartMenu% : C:\Users\Diego\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\
---\\ Enumeração das unidades dos discos
C: Hard drive, Flash drive, Thumb drive (Free 421 Go of 450 Go)
D: CD-ROM drive (Not Inserted)
---\\ Estado do Centro de Segurança do Windows
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: Modified =>Hijacker.Application
~ Security Center: 41 Legitimates Filtered in 00mn 00s
---\\ Pesquisa particular de ficheiros genéricos
[MD5.81394C91B7B5A7C799E249AE82491F13] - (.Microsoft Corporation - Windows Explorer.) (.01/05/2014 - 01:47:03.) -- C:\Windows\Explorer.exe [2373784]
[MD5.48CFA7BE561A7BE144C29BB912055016] - (.Microsoft Corporation - Aplicativo de Inicialização do Windows.) (.22/08/2013 - 06:58:29.) -- C:\Windows\System32\Wininit.exe [144384]
[MD5.65C36A29A131A3A5D64B29FAC4EF6DD6] - (.Microsoft Corporation - Internet Extensions para Win32.) (.18/03/2014 - 07:18:18.) -- C:\Windows\System32\wininet.dll [2262016]
[MD5.306EB21E5B480AE9065EA55AC8C35936] - (.Microsoft Corporation - Aplicativo de Logon do Windows.) (.18/03/2014 - 07:18:16.) -- C:\Windows\System32\Winlogon.exe [562176]
[MD5.AFCAB4DC692CCE37E283B00E2D7B438F] - (.Microsoft Corporation - Biblioteca de Licenciamento de Software.) (.18/03/2014 - 07:18:16.) -- C:\Windows\System32\sppcomapi.dll [447488]
[MD5.239268BAB58EAE9A3FF4E08334C00451] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.22/08/2013 - 10:25:35.) -- C:\Windows\system32\Drivers\AFD.sys [567296]
[MD5.74B14192CF79A72F7536B27CB8814FBD] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.22/08/2013 - 09:43:41.) -- C:\Windows\system32\Drivers\atapi.sys [26464]
[MD5.2FA6510E33F7DEFEC03658B74101A9B9] - (.Microsoft Corporation - CD-ROM File System Driver.) (.22/08/2013 - 08:40:15.) -- C:\Windows\system32\Drivers\Cdfs.sys [88576]
[MD5.C6796EA22B513E3457514D92DCDB1A3D] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.22/08/2013 - 05:46:35.) -- C:\Windows\system32\Drivers\Cdrom.sys [164352]
[MD5.A03F362C5557E238CBFA914689C77248] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.01/05/2014 - 01:47:02.) -- C:\Windows\system32\Drivers\DfsC.sys [134144]
[MD5.03909BDBFF0DCACCABF2B2D4ADEE44DC] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.22/08/2013 - 08:38:38.) -- C:\Windows\system32\Drivers\HDAudBus.sys [78336]
[MD5.84CFC5EFA97D0C965EDE1D56F116A541] - (.Microsoft Corporation - Driver de porta i8042.) (.22/08/2013 - 08:39:15.) -- C:\Windows\system32\Drivers\i8042prt.sys [107520]
[MD5.B7342B3C58E91107F6E946A93D9D4EFD] - (.Microsoft Corporation - IP Network Address Translator.) (.18/03/2014 - 07:18:19.) -- C:\Windows\system32\Drivers\IpNat.sys [142848]
[MD5.C997E6A37BA8915224B3FB5024A34F69] - (.Microsoft Corporation - Minirdr SMB do Windows NT.) (.01/05/2014 - 01:47:02.) -- C:\Windows\system32\Drivers\MRxSmb.sys [402944]
[MD5.0217532E19A748F0E5D569307363D5FD] - (.Microsoft Corporation - MBT Transport driver.) (.22/08/2013 - 08:37:02.) -- C:\Windows\system32\Drivers\netBT.sys [282624]
[MD5.1C80517BE6836A812F6A9B99B8321351] - (.Microsoft Corporation - Driver do Sistema de Arquivos NT.) (.01/05/2014 - 01:47:02.) -- C:\Windows\system32\Drivers\ntfs.sys [2013016]
[MD5.764B1121867B2D9B31C491668AC72B2B] - (.Microsoft Corporation - Driver de porta paralela.) (.22/08/2013 - 08:40:02.) -- C:\Windows\system32\Drivers\Parport.sys [94208]
[MD5.BBB6272B7F46C4640A8CDB8A70C3450F] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.22/08/2013 - 08:35:51.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [120832]
[MD5.680C1DAE268B6FB67FA21B389A8B79EF] - (.Microsoft Corporation - Redirecionador do Dispositivo RDP da Microsoft.) (.18/03/2014 - 06:44:42.) -- C:\Windows\system32\Drivers\rdpdr.sys [195584]
[MD5.FFF28F9F6823EB1756C60F1649560BBF] - (.Microsoft Corporation - TDI Translation Driver.) (.22/08/2013 - 10:25:35.) -- C:\Windows\system32\Drivers\tdx.sys [107520]
[MD5.3595FBDF25F8BA6256072D103937D7D6] - (.Microsoft Corporation - Driver de cópia de sombra de volume.) (.18/03/2014 - 07:17:55.) -- C:\Windows\system32\Drivers\volsnap.sys [311640]
~ Generic Processes: Scanned in 00mn 01s
---\\ Estatuto dos ficheiros ocultos (Oculto/Total)
~ Mes images (My Pictures) : 1/3
~ Mes musiques (My Musics) : 1/18
~ Mes Favoris (My Favorites) : 1/3
~ Mes Documents (My Documents) : 1/160
~ Mon Bureau (My Desktop) : 2/15
~ Menu demarrer (Programs) : 1/32
~ Hidden Files: Scanned in 00mn 01s
---\\ Processos lançados
[MD5.542459D16B416D054161007FC9B1246E] - (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [841032] [PID.3672]
[MD5.6B4B668D474D8283A4CD0954717E2A27] - (.No owner - JsDriver.) -- C:\Program Files (x86)\ShopperPro\JSDriver\1.35.1.155\jsdrv.exe [3318272] [PID.3256] =>PUP.ShopperPro
[MD5.3E364978E4C74D3BCEA29FB41743CB5A] - (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe [3873704] [PID.3520]
[MD5.E90080AF0E517E1FE6C97D98198C3986] - (.OEM - iBrightness.) -- C:\Program Files (x86)\OEM\iBrightness 1.0.1\iBrightness.exe [3549696] [PID.3516]
[MD5.DD6526D19F757DE752A1C4EC8E69C04B] - (.No owner - IPM.exe.) -- C:\Program Files (x86)\OEM\IPM 1.9.4\IPM.exe [2410496] [PID.3032]
[MD5.C0E392910782C2BB9A28C8538CC1E1A1] - (.Intel Corporation - IAStorIcon.) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [285240] [PID.1380]
[MD5.66B568EBC85BBD99FDD9745DF8515B0A] - (.iWebar - iWebar exe.) -- C:\program files (x86)\iwebar\iwebar-bg.exe [597872] [PID.2884] =>PUP.iWebar
[MD5.3EBF452B807F412EC0F19141ADA060E5] - (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\IEXPLORE.exe [811696] [PID.3940]
[MD5.26B2170BEC5EA59B297D07BBB894FBAB] - (.Microsoft Corporation - Relatório de Problemas do Windows.) -- C:\WINDOWS\SysWOW64\werfault.exe [410568] [PID.7036]
[MD5.646E0E18BAD458DC05C0FDA10DF9CE8A] - (.Intel Corporation - Intel Services Manager.) -- C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\ismagent.exe [648544] [PID.5632]
[MD5.E2E84E72995AC987A8549F4D5203230B] - (.BitTorrent Inc. - µTorrent.) -- C:\Users\Diego\AppData\Roaming\uTorrent\uTorrent.exe [1270352] [PID.17384] =>P2P.BitTorrent
[MD5.CCD09CA21C1946AF24834512BD9A6FCA] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [7873536] [PID.24544]
~ Processes Running: Scanned in 00mn 01s
---\\ Google Chrome, Arranque,Pesquisa,Extensões (G0,G1,G2)
C:\Users\Diego\AppData\Local\Google\Chrome\User Data\Default\Preferences
G2 - GCE: Preference [User Data\Default] [ahfgeienlihckogmohjhadlkjgocpleb] Loja v.0.2 (Activé)
G2 - GCE: Preference [User Data\Default] [cigiagpbkapepgklncnajbakkpkopmam] iWebar v.1.26.253, (Activé) =>PUP.iWebar
G2 - GCE: Preference [User Data\Default] [dfohdbmjdkfijghgklbickfnaepghgba] Sense v.1.26.51, (Activé)
G2 - GCE: Preference [User Data\Default] [dheljpcbhldkdiabdemaflamgfnbpnkd] Color Changer para o Facebook v.22.2 (Activé)
G2 - GCE: Preference [User Data\Default] [mfffpogegjflfpflabcdkioaeobkgjik] GaiaAuthExtension v.0.0.1, (Activé)
G2 - GCE: Preference [User Data\Default] [neajdppkdcdipfabeoofebfddakdcjhd] Google Network Speech v.1.0 (Activé)
G2 - GCE: Preference [User Data\Default] [nkeimhogjdpnpccoofpliimaahmaaome] Hangout Services v.1.0 (Activé)
G2 - GCE: Preference [User Data\Default] [pafkbggdmjlpgkdkcbjmhmfcdpncadgh] Google Now v.1.2.0.1 (Activé)
---\\ Pasta de extensão do Google Chrome
~ Google Lines Browser: 21 Legitimates Filtered in 00mn 09s
---\\ Mozilla Firefox, Plugins,Arranque,Pesquisa,Extensões (P2,M0,M1,M2,M3)
M2 - MFEP: prefs.js [Diego - 46mvu0k5.default\{746505DC-0E21-4667-97F8-72EA6BCF5EEF}] [] Shopper-Pro v1.0.0.4 (..)
~ Firefox Browser: 2 Legitimates Filtered in 00mn 00s
---\\ Internet Explorer, Gestão do Proxy (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=127.0.0.1:13911 =>Hijacker.Proxy
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s
---\\ Análise das linhas F0, F1, F2, F3 - Ficheiros ini, Carregamento Automático de programas
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys: Scanned in 00mn 00s
---\\ Redireção do ficheiro Hosts (01)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File: Scanned in 00mn 00s
~ Nombre de lignes (Lines number): 21
---\\ Browser Helper Objects do navegador (02)
O2 - BHO: CrossriderApp0035510 [64Bits] - {11111111-1111-1111-1111-110311551110} . (.iWebar - iWebar BHO.) -- C:\Program Files (x86)\iWebar\iWebar-bho.dll =>PUP.CrossRider
O2 - BHO: CrossriderApp0048292 [64Bits] - {11111111-1111-1111-1111-110411821192} . (.Object Browser - Sense BHO.) -- C:\Program Files (x86)\Sense\Sense-bho.dll =>PUP.CrossRider
O2 - BHO: ShopperProBHO [64Bits] - {A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C} . (.Goobzo Ltd. - ShopperPro Extension.) -- C:\ProgramData\ShopperPro\ShopperPro.dll =>PUP.ShopperPro
O2 - BHO: Lync Click to Call BHO [64Bits] - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} Chave orfã
O2 - BHO: (no name) [64Bits] - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} Chave orfã
~ BHO: 9 Legitimates Filtered in 00mn 00s
---\\ Aplicações iniciadas por registo & pastas (04)
O4 - HKLM\..\Run: [RTHDVCPL] . (.Realtek Semiconductor - Gerenciador de áudio HD Realtek.) -- C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
O4 - HKLM\..\Run: [IgfxTray] . (.Intel Corporation - igfxTray Module.) -- C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] . (.Intel Corporation - hkcmd Module.) -- C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] . (.Intel Corporation - persistence Module.) -- C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe (.not file.)
O4 - HKCU\..\Run: [KiesPreload] . (.Samsung - Kies.) -- C:\Program Files (x86)\Samsung\Kies\Kies.exe
O4 - HKCU\..\Run: [KiesAirMessage] C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe (.not file.)
O4 - HKCU\..\Run: [SPDriver] . (.No owner - JsDriver.) -- C:\Program Files (x86)\ShopperPro\JSDriver\1.35.1.155\jsdrv.exe =>PUP.ShopperPro
O4 - HKCU\..\Run: [GoogleChromeAutoLaunch_EE61CD3E1138C10841703F73164FC478] . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O4 - HKLM\..\Wow6432Node\Run: [IAStorIcon] . (.Intel Corporation - Delayed launcher.) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe
O4 - HKLM\..\Wow6432Node\Run: [KiesTrayAgent] . (.Samsung Electronics Co., Ltd. - Kies TrayAgent Application.) -- C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe =>.Samsung Electronics Co
O4 - HKLM\..\Wow6432Node\Run: [SPDriver] . (.No owner - JsDriver.) -- C:\Program Files (x86)\ShopperPro\JSDriver\1.35.1.155\jsdrv.exe =>PUP.ShopperPro
O4 - HKLM\..\Wow6432Node\Run: [AvastUI.exe] . (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
O4 - HKUS\S-1-5-21-1558113235-1093295934-644403203-1001\..\Run: [KiesPreload] . (.Samsung - Kies.) -- C:\Program Files (x86)\Samsung\Kies\Kies.exe
O4 - HKUS\S-1-5-21-1558113235-1093295934-644403203-1001\..\Run: [KiesAirMessage] C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe (.not file.)
O4 - HKUS\S-1-5-21-1558113235-1093295934-644403203-1001\..\Run: [SPDriver] . (.No owner - JsDriver.) -- C:\Program Files (x86)\ShopperPro\JSDriver\1.35.1.155\jsdrv.exe =>PUP.ShopperPro
O4 - HKUS\S-1-5-21-1558113235-1093295934-644403203-1001\..\Run: [GoogleChromeAutoLaunch_EE61CD3E1138C10841703F73164FC478] . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
~ Application: Scanned in 00mn 00s
---\\ Boutões da barra de ferramentas principal do Internet Explorer (09)
O9 - Extra button: Se&nd to OneNote [64Bits] - {2670000A-7350-4f3c-8081-5663EE0C6C49} . (.Microsoft Corporation - Microsoft OneNote Internet Explorer Add-in.) -- C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\ONBttnIE.dll =>.Microsoft Corporation
O9 - Extra button: Lync Click to Call [64Bits] - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -- C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\lync.exe (.not file.)
O9 - Extra button: OneNote Lin&ked Notes [64Bits] - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} . (.Microsoft Corporation - Microsoft OneNote Internet Explorer Add-in.) -- C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\ONBttnIELinkedNotes.dll =>.Microsoft Corporation
~ IE Extra Buttons: Scanned in 00mn 00s
---\\ Alteração Dominio/Clientes DNS (017)
O17 - HKLM\System\CCS\Services\Tcpip\..\{1C8DAE3F-A59E-4149-913F-3D5FC6209543}: NameServer = 8.8.8.8,8.8.4.4 =>.Google DNS Redirections
O17 - HKLM\System\CCS\Services\Tcpip\..\{1C8DAE3F-A59E-4149-913F-3D5FC6209543}: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{B13FEA21-6FB2-4C41-A3F4-91CF42CB23D8}: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{1C8DAE3F-A59E-4149-913F-3D5FC6209543}: NameServer = 8.8.8.8,8.8.4.4 =>.Google DNS Redirections
O17 - HKLM\System\CS1\Services\Tcpip\..\{1C8DAE3F-A59E-4149-913F-3D5FC6209543}: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{B13FEA21-6FB2-4C41-A3F4-91CF42CB23D8}: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
~ Domain: Scanned in 00mn 00s
---\\ Protocolo adicional (018)
O18 - Handler: wlpg [64Bits] - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (...) --
O18 - Filter: application/x-msdownload [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll =>.Microsoft Corporation
~ Protocole Additionnel: Scanned in 00mn 00s
---\\ Valor do Registo AppInit_DLLs e sub-chaves Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: igfxcui . (.Intel Corporation - igfxdev Module.) -- C:\Windows\System32\igfxdev.dll
~ Winlogon: Scanned in 00mn 00s
---\\ Lista dos serviços NT não Microsoft e não desativados (023)
O23 - Service: ViewPassword (ViewPassword) . (...) - C:\Program Files (x86)\ViewPassword-soft\ViewPasswordFIX161.exe =>PUP.ViewPassword
~ Services: 11 Legitimates Filtered in 00mn 11s
---\\ Tarefas planificadas automaticamente (039)
[MD5.E4F65ED9746881F1116AFA4C66132D75] [APT] [b758eec0-2d77-437d-8ac8-dcd399a3b7db-1] (.iWebar.) -- C:\Program Files (x86)\iWebar\iWebar-codedownloader.exe [481648] =>PUP.iWebar
[MD5.033918DE67B85C112BE7B6B58887BB10] [APT] [b758eec0-2d77-437d-8ac8-dcd399a3b7db-2] (.iWebar.) -- C:\Program Files (x86)\iWebar\b758eec0-2d77-437d-8ac8-dcd399a3b7db-2.exe [337776] =>PUP.iWebar
[MD5.62AEC32147FA84F7234ABEB005F2A7DE] [APT] [b758eec0-2d77-437d-8ac8-dcd399a3b7db-3] (.iWebar.) -- C:\Program Files (x86)\iWebar\b758eec0-2d77-437d-8ac8-dcd399a3b7db-3.exe [1865072] =>PUP.iWebar
[MD5.D92A0132E216EAD89016E9AD918E0930] [APT] [b758eec0-2d77-437d-8ac8-dcd399a3b7db-4] (.iWebar.) -- C:\Program Files (x86)\iWebar\b758eec0-2d77-437d-8ac8-dcd399a3b7db-4.exe [800624] =>PUP.iWebar
[MD5.025CBE6E79FEE0644535704F192793B6] [APT] [b758eec0-2d77-437d-8ac8-dcd399a3b7db-5] (.iWebar.) -- C:\Program Files (x86)\iWebar\b758eec0-2d77-437d-8ac8-dcd399a3b7db-5.exe [325488] =>PUP.iWebar
[MD5.15126CC37CC7CD3109DB5A1806AB49FC] [APT] [d4e590bb-8214-4c59-8429-13fb7d7180b5-2] (.Object Browser.) -- C:\Program Files (x86)\Sense\d4e590bb-8214-4c59-8429-13fb7d7180b5-2.exe [334336] =>PUP.ObjectBrowser
[MD5.17584A8742295940A60BD3F05831624C] [APT] [d4e590bb-8214-4c59-8429-13fb7d7180b5-3] (.Object Browser.) -- C:\Program Files (x86)\Sense\d4e590bb-8214-4c59-8429-13fb7d7180b5-3.exe [1861120] =>PUP.ObjectBrowser
[MD5.CF95FE16A28689582586F22E3E150C66] [APT] [d4e590bb-8214-4c59-8429-13fb7d7180b5-5] (.Object Browser.) -- C:\Program Files (x86)\Sense\d4e590bb-8214-4c59-8429-13fb7d7180b5-5.exe [278528] =>PUP.ObjectBrowser
[MD5.A8C22B4B1E9D15246BCC2779FC3A5D0B] [APT] [ShopperPro] (.Goobzo LTD.) -- C:\Program Files (x86)\ShopperPro\ShopperPro.exe [1100136] =>PUP.ShopperPro
[MD5.6B4B668D474D8283A4CD0954717E2A27] [APT] [SPDriver] (...) -- C:\Program Files (x86)\ShopperPro\JSDriver\1.35.1.155\jsdrv.exe [3318272] =>PUP.ShopperPro
O39 - APT: - (..) -- C:\Windows\System32\Tasks\Adobe Flash Player Updater [902]
O39 - APT: b758eec0-2d77-437d-8ac8-dcd399a3b7db-1 - (.iWebar.) -- C:\Windows\Tasks\b758eec0-2d77-437d-8ac8-dcd399a3b7db-1.job [1670] =>PUP.CrossRider
O39 - APT: b758eec0-2d77-437d-8ac8-dcd399a3b7db-1 - (.iWebar.) -- C:\Windows\System32\Tasks\b758eec0-2d77-437d-8ac8-dcd399a3b7db-1 [1670] =>PUP.CrossRider
O39 - APT: b758eec0-2d77-437d-8ac8-dcd399a3b7db-2 - (.iWebar.) -- C:\Windows\Tasks\b758eec0-2d77-437d-8ac8-dcd399a3b7db-2.job [1648] =>PUP.CrossRider
O39 - APT: b758eec0-2d77-437d-8ac8-dcd399a3b7db-2 - (.iWebar.) -- C:\Windows\System32\Tasks\b758eec0-2d77-437d-8ac8-dcd399a3b7db-2 [1648] =>PUP.CrossRider
O39 - APT: b758eec0-2d77-437d-8ac8-dcd399a3b7db-3 - (.iWebar.) -- C:\Windows\Tasks\b758eec0-2d77-437d-8ac8-dcd399a3b7db-3.job [3456] =>PUP.CrossRider
O39 - APT: b758eec0-2d77-437d-8ac8-dcd399a3b7db-3 - (.iWebar.) -- C:\Windows\System32\Tasks\b758eec0-2d77-437d-8ac8-dcd399a3b7db-3 [3456] =>PUP.CrossRider
O39 - APT: b758eec0-2d77-437d-8ac8-dcd399a3b7db-4 - (.iWebar.) -- C:\Windows\Tasks\b758eec0-2d77-437d-8ac8-dcd399a3b7db-4.job [2346] =>PUP.CrossRider
O39 - APT: b758eec0-2d77-437d-8ac8-dcd399a3b7db-4 - (.iWebar.) -- C:\Windows\System32\Tasks\b758eec0-2d77-437d-8ac8-dcd399a3b7db-4 [2346] =>PUP.CrossRider
O39 - APT: b758eec0-2d77-437d-8ac8-dcd399a3b7db-5 - (.iWebar.) -- C:\Windows\Tasks\b758eec0-2d77-437d-8ac8-dcd399a3b7db-5.job [1764] =>PUP.CrossRider
O39 - APT: b758eec0-2d77-437d-8ac8-dcd399a3b7db-5 - (.iWebar.) -- C:\Windows\System32\Tasks\b758eec0-2d77-437d-8ac8-dcd399a3b7db-5 [1764] =>PUP.CrossRider
O39 - APT: d4e590bb-8214-4c59-8429-13fb7d7180b5-2 - (.Object Browser.) -- C:\Windows\Tasks\d4e590bb-8214-4c59-8429-13fb7d7180b5-2.job [1630] =>PUP.CrossRider
O39 - APT: d4e590bb-8214-4c59-8429-13fb7d7180b5-2 - (.Object Browser.) -- C:\Windows\System32\Tasks\d4e590bb-8214-4c59-8429-13fb7d7180b5-2 [1630] =>PUP.CrossRider
O39 - APT: d4e590bb-8214-4c59-8429-13fb7d7180b5-3 - (.Object Browser.) -- C:\Windows\Tasks\d4e590bb-8214-4c59-8429-13fb7d7180b5-3.job [3450] =>PUP.CrossRider
O39 - APT: d4e590bb-8214-4c59-8429-13fb7d7180b5-3 - (.Object Browser.) -- C:\Windows\System32\Tasks\d4e590bb-8214-4c59-8429-13fb7d7180b5-3 [3450] =>PUP.CrossRider
O39 - APT: d4e590bb-8214-4c59-8429-13fb7d7180b5-5 - (.Object Browser.) -- C:\Windows\Tasks\d4e590bb-8214-4c59-8429-13fb7d7180b5-5.job [1750] =>PUP.CrossRider
O39 - APT: d4e590bb-8214-4c59-8429-13fb7d7180b5-5 - (.Object Browser.) -- C:\Windows\System32\Tasks\d4e590bb-8214-4c59-8429-13fb7d7180b5-5 [1750] =>PUP.CrossRider
O39 - APT: - (..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore [1074]
O39 - APT: - (..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA [1078]
O39 - APT: - (..) -- C:\Windows\Tasks\Synaptics TouchPad Enhancements.job [264]
O39 - APT: - (..) -- C:\Windows\Tasks\ViewPassword_wd.job [426] =>PUP.ViewPassword
~ Scheduled Task: 45 Legitimates Filtered in 00mn 14s
---\\ Software instalados (042)
O42 - Logiciel: Driver 1.3.1 - (.OEM.) [HKLM][64Bits] -- {BA56CD60-1D9F-4BE6-AC2F-B7C4A5437C35}
O42 - Logiciel: IPM 1.9.4 - (.OEM.) [HKLM][64Bits] -- {AADF4228-0772-4D43-92EB-B245E3A17B00}
O42 - Logiciel: KeeP 3D - v1.0 - (.KeeP Sofware.) [HKLM][64Bits] -- {D445A7B9-69A8-4860-95B9-BB957281D9A0}_is1
O42 - Logiciel: KeeP3D - (.UNKNOWN.) [HKLM][64Bits] -- KeeP3D
O42 - Logiciel: KeeP3D - (.UNKNOWN.) [HKLM][64Bits] -- {8AC46073-0856-7FD5-5411-AFDB47D963B0}
O42 - Logiciel: Sense - (.Object Browser.) [HKLM][64Bits] -- Sense =>PUP.ObjectBrowser
O42 - Logiciel: Shopper-Pro - (...) [HKLM][64Bits] -- ShopperPro =>PUP.ShopperPro
O42 - Logiciel: ViewPassword - (.ViewPassword-software.) [HKLM][64Bits] -- 5C09460A-58F6-BE4A-FC98-7291811E248D =>PUP.ViewPassword
O42 - Logiciel: iBrightness 1.0.1 - (.OEM.) [HKLM][64Bits] -- {B351A468-173F-43D8-B6E6-5A6E9A0125A8}
O42 - Logiciel: iWebar - (.iWebar.) [HKLM][64Bits] -- iWebar =>PUP.iWebar
~ Logic: 29 Legitimates Filtered in 00mn 01s
---\\ HKCU & HKLM Software Keys
[HKCU\Software\Goobzo] =>PUP.Goobzo
[HKCU\Software\InstalledBrowserExtensions] =>Adware.VidSaver
[HKCU\Software\ShopperPro] =>PUP.ShopperPro
[HKCU\Software\SoilAP]
[HKLM\Software\Iminent] =>Adware.IMBooster
[HKLM\Software\InstalledBrowserExtensions] =>Adware.VidSaver
[HKLM\Software\SoilIO]
[HKLM\Software\Wow6432Node\Goobzo] =>PUP.Goobzo
[HKLM\Software\Wow6432Node\Iminent] =>Adware.IMBooster
[HKLM\Software\Wow6432Node\InstalledBrowserExtensions] =>Adware.VidSaver
~ Key Software: 205 Legitimates Filtered in 00mn 01s
---\\ Conteúdo das pastas Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 04/05/2014 - 22:01:55 - [0] ----D C:\Program Files (x86)\IminentToolbar =>Adware.IMBooster
O43 - CFD: 04/05/2014 - 22:02:22 - [] ----D C:\Program Files (x86)\iWebar =>PUP.iWebar
O43 - CFD: 11/03/2013 - 14:13:20 - [] ----D C:\Program Files (x86)\KeeP3D
O43 - CFD: 07/05/2014 - 19:28:15 - [] ----D C:\Program Files (x86)\Sense
O43 - CFD: 07/05/2014 - 19:32:45 - [] ----D C:\Program Files (x86)\ShopperPro =>PUP.ShopperPro
O43 - CFD: 06/05/2014 - 12:48:50 - [] ----D C:\Program Files (x86)\ViewPassword-soft =>PUP.ViewPassword
O43 - CFD: 04/05/2014 - 22:01:25 - [] ----D C:\ProgramData\ShopperPro =>PUP.ShopperPro
O43 - CFD: 04/05/2014 - 22:01:32 - [] ----D C:\Users\Diego\AppData\Local\Installer
~ Program Folder: 118 Legitimates Filtered in 00mn 01s
---\\ Últimos ficheiros alterados ou criados no Windows e Sistema32 (044)
O44 - LFC:[MD5.F8BEF1E87A4DDE29E82CD7512DAABFA4] - 01/05/2014 - 01:33:06 ---A- . (...) -- C:\Windows\WindowsUpdate (1).log [1695946]
O44 - LFC:[MD5.12B0701B1CEC1A7BB0E4C71D97661E23] - 01/05/2014 - 01:47:02 ---A- . (...) -- C:\Windows\System32\ApnDatabase.xml [387210]
O44 - LFC:[MD5.5910E212539816BE85C7D033651124A9] - 01/05/2014 - 02:05:55 ---A- . (...) -- C:\Windows\DtcInstall.log [4893]
O44 - LFC:[MD5.89E472AFB28892082AFD2D3FD6DA2758] - 01/05/2014 - 02:12:24 ---A- . (...) -- C:\Windows\System32\emptyregdb.dat [22956]
O44 - LFC:[MD5.AE773905963646112E7C0DE64E51F08A] - 01/05/2014 - 02:12:44 ---A- . (...) -- C:\Windows\comsetup.log [6609]
O44 - LFC:[MD5.81DD33EC695AB90466031CF430CFA1BD] - 01/05/2014 - 02:12:45 ---A- . (...) -- C:\Windows\diagerr.xml [20958]
O44 - LFC:[MD5.81DD33EC695AB90466031CF430CFA1BD] - 01/05/2014 - 02:12:45 ---A- . (...) -- C:\Windows\diagwrn.xml [20958]
O44 - LFC:[MD5.D6528497A77519B74DE4C834D9213D77] - 07/05/2014 - 13:15:49 ---A- . (...) -- C:\Windows\System32\prfc0416.dat [159030]
O44 - LFC:[MD5.B8EF9FFA42CFC6C14F69D26AD3DAE758] - 07/05/2014 - 13:15:49 ---A- . (...) -- C:\Windows\System32\prfh0416.dat [775938]
O44 - LFC:[MD5.340B0467E98A8C92697D73034DB4BCB7] - 07/05/2014 - 19:11:05 ---A- . (...) -- C:\Windows\System32\Drivers\aswHwid.sys [29208]
O44 - LFC:[MD5.D9103AE68899692A7961361715403BCA] - 07/05/2014 - 19:22:32 ---A- . (.No owner - Setup/Uninstall.) -- C:\Windows\unins000.exe [1180099]
O44 - LFC:[MD5.6F2C7F5AD338FF640B3249039A5F7511] - 07/05/2014 - 19:23:44 ---A- . (...) -- C:\Windows\unins000.dat [1227]
~ Files: 178 Legitimates Filtered in 00mn 15s
---\\ Image File Execution Options (IFEO) (O50)
O50 - IFEO:Image File Execution Options - DatamngrCoordinator.exe - tasklist.exe =>PUP.Datamngr
~ IFEO: Scanned in 00mn 00s
---\\ Enumeração das chaves do registo PoliciesSystem (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
~ MWPS: 17 Legitimates Filtered in 00mn 00s
---\\ Enumeração das chaves do registo PoliciesExplorer (MWPE) (O56)
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktopChanges"=1
~ MWPE Keys: 3 Legitimates Filtered in 00mn 00s
---\\ Lista dos drivers do sistema (SDL) (O58)
O58 - SDL:07/05/2014 - 19:11:05 ---A- . (...) -- C:\Windows\System32\Drivers\aswHwid.sys [29208] =>.ALWIL Software
O58 - SDL:07/05/2014 - 19:11:05 ---A- . (...) -- C:\Windows\System32\Drivers\aswRvrt.sys [65776] =>.ALWIL Software
O58 - SDL:07/05/2014 - 19:11:06 ---A- . (...) -- C:\Windows\System32\Drivers\aswVmm.sys [208416] =>.ALWIL Software
O58 - SDL:12/08/2013 - 20:25:46 ---A- . (.Windows (R) Win 7 DDK provider - BCM Function 2 Device Driver.) -- C:\Windows\System32\Drivers\bcmfn2.sys [17624]
O58 - SDL:19/08/2010 - 16:59:12 ---A- . (...) -- C:\Windows\System32\Drivers\SoilIO.sys [17912]
O58 - SDL:03/12/2009 - 10:03:50 ---A- . (.Systems Internals - Windows NT Caps-lock Ctrl Swapper.) -- C:\Windows\System32\Drivers\soilkbc.sys [13816]
O58 - SDL:03/12/2009 - 10:04:16 ---A- . (.Systems Internals - Windows NT Caps-lock Ctrl Swapper.) -- C:\Windows\System32\Drivers\SoilMC.sys [13304]
O58 - SDL:11/04/2014 - 05:39:22 ---A- . (.DEVGURU Co., LTD.([Tens de ter uma conta e sessão iniciada para poderes visualizar este link] - SAMSUNG USB Composite Device Driver (MSS Ver.3).) -- C:\Windows\System32\Drivers\ssudbus.sys [110336]
O58 - SDL:11/04/2014 - 05:39:22 ---A- . (.DEVGURU Co., LTD.([Tens de ter uma conta e sessão iniciada para poderes visualizar este link] - SAMSUNG Android Modem Device Driver (MSS Ver.3).) -- C:\Windows\System32\Drivers\ssudmdm.sys [206080]
O58 - SDL:22/08/2013 - 09:43:32 ---A- . (.Promise Technology, Inc. - Promise SuperTrak EX Series Driver for Windows x64.) -- C:\Windows\System32\Drivers\stexstor.sys [31072]
~ Drivers: 56 Legitimates Filtered in 00mn 08s
---\\ Lista das ferramentas de remoção de vírus (LAT) (063)
O63 - Logiciel: ZHPDiag 2014 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =>.Nicolas Coolman
~ ADS: Scanned in 00mn 00s
---\\ Associações Shell Spawning (O67)
O67 - Shell Spawning: <.html>
~ FASS Keys: 11 Legitimates Filtered in 00mn 00s
---\\ Menu de inicialização Internet (068)
O68 - StartMenuInternet:
O68 - StartMenuInternet:
O68 - StartMenuInternet:
~ Keys: Scanned in 00mn 00s
---\\ Pesquisa de infeção nos navegadores da Internet (SBI) (069)
O69 - SBI: prefs.js [Diego - 46mvu0k5.default] user_pref("extensions.crossrider.bic", "145d97b32c5ffcdf2e09234ec7629af8"); =>PUP.CrossRider
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (Bing) - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
~ Keys: Scanned in 00mn 00s
---\\ Pesquisa adicional à raiz do sistema (radicular) (SPRF) (O84)
[MD5.8A9352796AA53724E44FE847905C97F3] [SPRF][04/05/2014] (.www.megacubo.net - Megacubo Setup.) -- C:\Users\Diego\Desktop\654-Megacubo_10.4.0.exe [5613128]
~ Files: 1 Legitimates Filtered in 00mn 00s
---\\ Lista das exceções do FireWall (FirewallRules) (O87)
O87 - FAEL: "{4DB48935-BF4F-49F7-908C-89E7FDB23FA3}" | In - None - P6 - TRUE | .(.BitTorrent Inc. - µTorrent.) -- C:\Users\Diego\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.BitTorrent
O87 - FAEL: "{D2AC5317-4A42-4F04-BC99-0D57968529C6}" | In - None - P17 - TRUE | .(.BitTorrent Inc. - µTorrent.) -- C:\Users\Diego\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.BitTorrent
~ Firewall: 2 Legitimates Filtered in 00mn 03s
---\\ Search Tracing Registry Key (O100)
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\Iminent_RASAPI32 =>Adware.IMBooster
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\Iminent_RASMANCS =>Adware.IMBooster
~ BTK: 18 Legitimates Filtered in 00mn 00s
---\\ Search CLSID Registry Key (O101)
[HKCR\CLSID\{11111111-1111-1111-1111-110311551110}] (iWebar) =>PUP.iWebar
[HKCR\CLSID\{22222222-2222-2222-2222-220322552210}] (CrossriderApp0035510.Sandbox) =>PUP.CrossRider
[HKCR\CLSID\{22222222-2222-2222-2222-220422822292}] (CrossriderApp0048292.Sandbox) =>PUP.CrossRider
~ BCK: 5193 Legitimates Filtered in 00mn 15s
---\\ Estado general dos serviços não Microsoft (EGS) (SR=Executados, SS=Parados)
SS - | Demand 30/04/2014 257712 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
SS - | Demand 29/01/2014 279000 | (cphs) . (.Intel Corporation.) - C:\Windows\SysWow64\IntelCpHeciSvc.exe
SS - | Auto 07/05/2014 116648 | (gupdate) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 07/05/2014 116648 | (gupdatem) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 22/04/2014 119408 | (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
SS - | Demand 22/08/2013 37768 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SR - | Auto 07/05/2014 50344 | (avast! Antivirus) . (.AVAST Software.) - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
SR - | Auto 07/05/2014 109048 | (avast! Firewall) . (.AVAST Software.) - C:\Program Files\AVAST Software\Avast\afwServ.exe
SR - | Auto 19/11/2012 14904 | (IAStorDataMgrSvc) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
SR - | Auto 13/09/2012 2466448 | (IconMan_R) . (.Realsil Microelectronics Inc..) - C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
SR - | Auto 27/07/2012 636952 | (Intel(R) Capability Licensing Service Interface) . (.Intel(R) Corporation.) - C:\Program Files\Intel\iCLS Client\HeciServer.exe
SR - | Auto 19/12/2012 129488 | (Intel(R) ME Service) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
SR - | Auto 19/12/2012 165328 | (jhi_service) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
SR - | Auto 19/12/2012 277456 | (LMS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
SR - | Auto 19/12/2012 364496 | (UNS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
SR - | Auto 04/05/2014 142336 | (ViewPassword) . (...) - C:\Program Files (x86)\ViewPassword-soft\ViewPasswordFIX161.exe =>PUP.ViewPassword
SR - | Demand 10/07/1658 0 | (WdNisSvc) . (...) - C:\Program Files (x86)\Windows Defender\NisSrv.exe
SR - | Demand 10/07/1658 0 | (WinDefend) . (...) - C:\Program Files (x86)\Windows Defender\MsMpEng.exe
SR - | Auto 10/07/1658 0 | (WMPNetworkSvc) . (...) - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe =>.Microsoft Corporation
~ Services: Scanned in 00mn 19s
---\\ Scâner Aditional (088)
Database Version : 13045 - (08/05/2014)
Clés trouvées (Keys found) : 142
Valeurs trouvées (Values found) : 2
Dossiers trouvés (Folders found) : 7
Fichiers trouvés (Files found) : 38
[HKLM\Software\Google\Chrome\Extensions\cigiagpbkapepgklncnajbakkpkopmam] =>PUP.iWebar^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110311551110}] =>PUP.CrossRider^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110411821192}] =>PUP.CrossRider^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C}] =>PUP.ShopperPro^
[HKLM\SYSTEM\CurrentControlSet\Services\ViewPassword] =>PUP.ViewPassword^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Sense] =>PUP.ObjectBrowser^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\ShopperPro] =>PUP.ShopperPro^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\5C09460A-58F6-BE4A-FC98-7291811E248D] =>PUP.ViewPassword^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\iWebar] =>PUP.iWebar^
[HKLM\Software\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}] =>Adware.IMBooster
[HKLM\Software\Wow6432Node\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}] =>Adware.IMBooster
[HKLM\Software\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}] =>Adware.IMBooster
[HKLM\Software\Wow6432Node\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}] =>Adware.IMBooster
[HKLM\Software\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}] =>Adware.IMBooster
[HKLM\Software\Wow6432Node\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}] =>Adware.IMBooster
[HKLM\Software\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}] =>Adware.IMBooster
[HKLM\Software\Wow6432Node\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}] =>Adware.IMBooster
[HKLM\Software\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}] =>PUP.RewardsArcade
[HKLM\Software\Classes\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994}] =>Toolbar.Agent
[HKLM\Software\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}] =>PUP.RewardsArcade
[HKLM\Software\Classes\TypeLib\{2BF2028E-3F3C-4C05-AB45-B2F1DCFE0759}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}] =>PUP.Whitesmoke
[HKLM\Software\Wow6432Node\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}] =>PUP.Whitesmoke
[HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68B81CCD-A80C-4060-8947-5AE69ED01199}] =>Adware.IMBooster
[HKLM\Software\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}] =>PUP.RewardsArcade
[HKLM\Software\Classes\TypeLib\{DB538320-D3C5-433C-BCA9-C4081A054FCF}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E6B969FB-6D33-48d2-9061-8BBD4899EB08}] =>Adware.IMBooster
[HKLM\Software\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}] =>PUP.RewardsArcade
[HKLM\Software\Iminent] =>Adware.IMBooster
[HKLM\Software\Wow6432Node\Iminent] =>Adware.IMBooster
[HKLM\Software\Wow6432Node\Microsoft\Tracing\Iminent_RASAPI32] =>Adware.Bandoo
[HKLM\Software\Wow6432Node\Microsoft\Tracing\Iminent_RASMANCS] =>Adware.Bandoo
[HKLM\Software\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}] =>PUP.Babylon
[HKLM\Software\Wow6432Node\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}] =>PUP.Babylon
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\SearchTheWebARP] =>Adware.IMBooster
[HKLM\Software\Classes\AppID\secman.DLL] =>PUP.Babylon
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\29799DE249E7DBC459FC6C8F07EB8375] =>PUP.Tarma
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0238BBE24EA3A70408B81E4BB89C15E5] =>PUP.Tarma
[HKCU\Software\AppDataLow\Software\Crossrider] =>PUP.CrossRider
[HKCU\Software\InstalledBrowserExtensions\] =>PUP.CrossRider
[HKCU\Software\InstalledBrowserExtensions] =>PUP.CrossRider
[HKLM\Software\InstalledBrowserExtensions] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\InstalledBrowserExtensions] =>PUP.CrossRider
[HKLM\Software\Classes\CrossriderApp0035510.BHO] =>PUP.CrossRider
[HKLM\Software\Classes\CrossriderApp0035510.BHO.1] =>PUP.CrossRider
[HKLM\Software\Classes\CrossriderApp0035510.Sandbox] =>PUP.CrossRider
[HKLM\Software\Classes\CrossriderApp0035510.Sandbox.1] =>PUP.CrossRider
[HKLM\Software\Classes\CrossriderApp0048292.BHO] =>PUP.CrossRider
[HKLM\Software\Classes\CrossriderApp0048292.BHO.1] =>PUP.CrossRider
[HKLM\Software\Classes\CrossriderApp0048292.Sandbox] =>PUP.CrossRider
[HKLM\Software\Classes\CrossriderApp0048292.Sandbox.1] =>PUP.CrossRider
[HKLM\Software\Classes\CLSID\{11111111-1111-1111-1111-110311551110}] =>PUP.CrossRider
[HKLM\Software\Classes\CLSID\{22222222-2222-2222-2222-220322552210}] =>PUP.CrossRider
[HKLM\Software\Classes\CLSID\{22222222-2222-2222-2222-220422822292}] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\Classes\CrossriderApp0035510.BHO] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\Classes\CrossriderApp0035510.BHO.1] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\Classes\CrossriderApp0035510.Sandbox] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\Classes\CrossriderApp0035510.Sandbox.1] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\Classes\CrossriderApp0048292.BHO] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\Classes\CrossriderApp0048292.BHO.1] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\Classes\CrossriderApp0048292.Sandbox] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\Classes\CrossriderApp0048292.Sandbox.1] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\Classes\CLSID\{11111111-1111-1111-1111-110311551110}] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\Classes\CLSID\{11111111-1111-1111-1111-110411821192}] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\Classes\CLSID\{22222222-2222-2222-2222-220322552210}] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\Classes\CLSID\{22222222-2222-2222-2222-220422822292}] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110311551110}] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110411821192}] =>PUP.CrossRider
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]:SPDriver =>PUP.ShopperPro^
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]:SPDriver =>PUP.ShopperPro^
C:\Users\Diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\cigiagpbkapepgklncnajbakkpkopmam =>PUP.iWebar^
C:\Program Files (x86)\IminentToolbar =>Adware.IMBooster^
C:\Program Files (x86)\iWebar =>PUP.iWebar^
C:\Program Files (x86)\ShopperPro =>PUP.ShopperPro^
C:\Program Files (x86)\ViewPassword-soft =>PUP.ViewPassword^
C:\ProgramData\ShopperPro =>PUP.ShopperPro^
C:\Users\Diego\AppData\Local\Installer =>Adware.InstallPedia
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: Modified =>Hijacker.Application^
C:\Program Files (x86)\ShopperPro\JSDriver\1.35.1.155\jsdrv.exe =>PUP.ShopperPro^
C:\program files (x86)\iwebar\iwebar-bg.exe =>PUP.iWebar^
C:\Users\Diego\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.BitTorrent^
C:\Program Files (x86)\iWebar\iWebar-codedownloader.exe =>PUP.iWebar^
C:\Program Files (x86)\iWebar\b758eec0-2d77-437d-8ac8-dcd399a3b7db-2.exe =>PUP.iWebar^
C:\Program Files (x86)\iWebar\b758eec0-2d77-437d-8ac8-dcd399a3b7db-3.exe =>PUP.iWebar^
C:\Program Files (x86)\iWebar\b758eec0-2d77-437d-8ac8-dcd399a3b7db-4.exe =>PUP.iWebar^
C:\Program Files (x86)\iWebar\b758eec0-2d77-437d-8ac8-dcd399a3b7db-5.exe =>PUP.iWebar^
C:\Program Files (x86)\Sense\d4e590bb-8214-4c59-8429-13fb7d7180b5-2.exe =>PUP.ObjectBrowser^
C:\Program Files (x86)\Sense\d4e590bb-8214-4c59-8429-13fb7d7180b5-3.exe =>PUP.ObjectBrowser^
C:\Program Files (x86)\Sense\d4e590bb-8214-4c59-8429-13fb7d7180b5-5.exe =>PUP.ObjectBrowser^
C:\Program Files (x86)\ShopperPro\ShopperPro.exe =>PUP.ShopperPro^
C:\Windows\Tasks\b758eec0-2d77-437d-8ac8-dcd399a3b7db-1.job =>PUP.CrossRider^
C:\Windows\System32\Tasks\b758eec0-2d77-437d-8ac8-dcd399a3b7db-1 =>PUP.CrossRider^
C:\Windows\Tasks\b758eec0-2d77-437d-8ac8-dcd399a3b7db-2.job =>PUP.CrossRider^
C:\Windows\System32\Tasks\b758eec0-2d77-437d-8ac8-dcd399a3b7db-2 =>PUP.CrossRider^
C:\Windows\Tasks\b758eec0-2d77-437d-8ac8-dcd399a3b7db-3.job =>PUP.CrossRider^
C:\Windows\System32\Tasks\b758eec0-2d77-437d-8ac8-dcd399a3b7db-3 =>PUP.CrossRider^
C:\Windows\Tasks\b758eec0-2d77-437d-8ac8-dcd399a3b7db-4.job =>PUP.CrossRider^
C:\Windows\System32\Tasks\b758eec0-2d77-437d-8ac8-dcd399a3b7db-4 =>PUP.CrossRider^
C:\Windows\Tasks\b758eec0-2d77-437d-8ac8-dcd399a3b7db-5.job =>PUP.CrossRider^
C:\Windows\System32\Tasks\b758eec0-2d77-437d-8ac8-dcd399a3b7db-5 =>PUP.CrossRider^
C:\Windows\Tasks\d4e590bb-8214-4c59-8429-13fb7d7180b5-2.job =>PUP.CrossRider^
C:\Windows\System32\Tasks\d4e590bb-8214-4c59-8429-13fb7d7180b5-2 =>PUP.CrossRider^
C:\Windows\Tasks\d4e590bb-8214-4c59-8429-13fb7d7180b5-3.job =>PUP.CrossRider^
C:\Windows\System32\Tasks\d4e590bb-8214-4c59-8429-13fb7d7180b5-3 =>PUP.CrossRider^
C:\Windows\Tasks\d4e590bb-8214-4c59-8429-13fb7d7180b5-5.job =>PUP.CrossRider^
C:\Windows\System32\Tasks\d4e590bb-8214-4c59-8429-13fb7d7180b5-5 =>PUP.CrossRider^
C:\Windows\Tasks\ViewPassword_wd.job =>PUP.ViewPassword^
[HKCU\Software\Goobzo] =>PUP.Goobzo^
[HKCU\Software\ShopperPro] =>PUP.ShopperPro^
[HKLM\Software\Wow6432Node\Goobzo] =>PUP.Goobzo^
[HKCR\CLSID\{11111111-1111-1111-1111-110311551110}] (iWebar) =>PUP.iWebar^
[HKCR\CLSID\{22222222-2222-2222-2222-220322552210}] (CrossriderApp0035510.Sandbox) =>PUP.CrossRider^
[HKCR\CLSID\{22222222-2222-2222-2222-220422822292}] (CrossriderApp0048292.Sandbox) =>PUP.CrossRider^
C:\Users\Diego\AppData\Local\Temp\2688.tmp =>Adware.IMBooster
~ Additionnel Scan: 180322 Items scanned in 01mn 03s
---\\ Sumário das deteções encontradas na sua estação
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>PUP.ShopperPro
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>Hijacker.Proxy
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>PUP.CrossRider
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>PUP.ViewPassword
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>Adware.VidSaver
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>Adware.IMBooster
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>PUP.Datamngr
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>PUP.RewardsArcade
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>PUP.Whitesmoke
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>Adware.Bandoo
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>PUP.Babylon
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>PUP.Tarma
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>Adware.InstallPedia
~ MSI: 13 link(s) detected in 00mn 00s
~ 735 Legitimates filtered by white list
End of the scan (673 lines in 03mn 00s)(0)
Diego-silveira- Iniciante
- Mensagens : 31
Reputação : 1
Data de inscrição : 08/05/2014
Re: Não consigo abrir algumas páginas da web!!
O computador está bem infectado.
Baixe o programa Adwcleaner clicando no link abaixo e depois clique no botão Download Now @BleepingComputer:
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Para executar corretamente o AdwCleaner é só seguir as dicas deste tutorial:
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
* Na sua próxima resposta poste o log (relatório) do Adwcleaner que estará em C:\AdwCleaner\AdwCleaner[S0].txt
Ficamos na espera.
Baixe o programa Adwcleaner clicando no link abaixo e depois clique no botão Download Now @BleepingComputer:
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Para executar corretamente o AdwCleaner é só seguir as dicas deste tutorial:
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
* Na sua próxima resposta poste o log (relatório) do Adwcleaner que estará em C:\AdwCleaner\AdwCleaner[S0].txt
Ficamos na espera.
_________________
Caixa de Dicas = Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] = O melhor da internet você encontra aqui.
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] = Mensagens de fé e esperança para o seu coração
Power Max- Colaborador
- Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009
(RESOLVIDO) Não consigo abrir algumas páginas da web!!
Power max, o meu antivirus deveria fazer essa função do Adwcleaner? se sim, procurarei outro antivirus!
# AdwCleaner v3.207 - Relatório criado 08/05/2014 às 15:19:16
# Atualizado 05/05/2014 por Xplode
# Sistema Operacional : Windows 8.1 Single Language (64 bits)
# Usuário : Diego - DIEGO
# Executando de : C:\Users\Diego\Downloads\AdwCleaner.exe
# Opção : Limpar
***** [ Serviços ] *****
Serviço Deletada : ViewPassword
***** [ Arquivos / Pastas ] *****
Pasta Deletada : C:\ProgramData\ShopperPro
Pasta Deletada : C:\Program Files (x86)\IminentToolbar
Pasta Deletada : C:\Program Files (x86)\iWebar
Pasta Deletada : C:\Program Files (x86)\Sense
Pasta Deletada : C:\Program Files (x86)\ShopperPro
Pasta Deletada : C:\Program Files (x86)\ViewPassword-soft
Pasta Deletada : C:\Users\Diego\AppData\LocalLow\iWebar
Pasta Deletada : C:\Users\Diego\AppData\LocalLow\Sense
Pasta Deletada : C:\Users\Public\Documents\Goobzo
Pasta Deletada : C:\Users\Public\Documents\ShopperPro
Pasta Deletada : C:\Users\Diego\AppData\Roaming\Mozilla\Firefox\Profiles\46mvu0k5.default\Extensions\{746505DC-0E21-4667-97F8-72EA6BCF5EEF}
Pasta Deletada : C:\Users\Diego\AppData\Roaming\Mozilla\Firefox\Profiles\46mvu0k5.default\Extensions\2eb528f3-950d-48a3-be4b-5d7de6c8331e@a41e199b-6ca4-4d23-ab87-73f2d1973314.com
Arquivo Deletada : C:\WINDOWS\System32\Tasks\ShopperPro
Arquivo Deletada : C:\WINDOWS\System32\Tasks\SPDriver
Arquivo Deletada : C:\WINDOWS\Tasks\ViewPassword_wd.job
Arquivo Deletada : C:\WINDOWS\Tasks\b758eec0-2d77-437d-8ac8-dcd399a3b7db-1.job
Arquivo Deletada : C:\WINDOWS\System32\Tasks\b758eec0-2d77-437d-8ac8-dcd399a3b7db-1
Arquivo Deletada : C:\WINDOWS\Tasks\b758eec0-2d77-437d-8ac8-dcd399a3b7db-2.job
Arquivo Deletada : C:\WINDOWS\System32\Tasks\b758eec0-2d77-437d-8ac8-dcd399a3b7db-2
Arquivo Deletada : C:\WINDOWS\Tasks\b758eec0-2d77-437d-8ac8-dcd399a3b7db-3.job
Arquivo Deletada : C:\WINDOWS\System32\Tasks\b758eec0-2d77-437d-8ac8-dcd399a3b7db-3
Arquivo Deletada : C:\WINDOWS\Tasks\b758eec0-2d77-437d-8ac8-dcd399a3b7db-4.job
Arquivo Deletada : C:\WINDOWS\System32\Tasks\b758eec0-2d77-437d-8ac8-dcd399a3b7db-4
Arquivo Deletada : C:\WINDOWS\Tasks\b758eec0-2d77-437d-8ac8-dcd399a3b7db-5.job
Arquivo Deletada : C:\WINDOWS\System32\Tasks\b758eec0-2d77-437d-8ac8-dcd399a3b7db-5
Arquivo Deletada : C:\WINDOWS\Tasks\d4e590bb-8214-4c59-8429-13fb7d7180b5-2.job
Arquivo Deletada : C:\WINDOWS\System32\Tasks\d4e590bb-8214-4c59-8429-13fb7d7180b5-2
Arquivo Deletada : C:\WINDOWS\Tasks\d4e590bb-8214-4c59-8429-13fb7d7180b5-3.job
Arquivo Deletada : C:\WINDOWS\System32\Tasks\d4e590bb-8214-4c59-8429-13fb7d7180b5-3
Arquivo Deletada : C:\WINDOWS\Tasks\d4e590bb-8214-4c59-8429-13fb7d7180b5-5.job
Arquivo Deletada : C:\WINDOWS\System32\Tasks\d4e590bb-8214-4c59-8429-13fb7d7180b5-5
***** [ Atalhos ] *****
***** [ Registro ] *****
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\secman.DLL
Chave Deletedo : HKLM\SOFTWARE\Classes\secman.OutlookSecurityManager
Chave Deletedo : HKLM\SOFTWARE\Classes\secman.OutlookSecurityManager.1
Chave Deletedo : HKLM\SOFTWARE\Classes\ShopperPro.ShopperProBHO
Chave Deletedo : HKLM\SOFTWARE\Classes\ShopperPro.ShopperProBHO.1
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\Iminent_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\Iminent_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Classes\CrossriderApp0035510.BHO
Chave Deletedo : HKLM\SOFTWARE\Classes\CrossriderApp0035510.BHO.1
Chave Deletedo : HKLM\SOFTWARE\Classes\CrossriderApp0035510.Sandbox
Chave Deletedo : HKLM\SOFTWARE\Classes\CrossriderApp0035510.Sandbox.1
Chave Deletedo : HKLM\SOFTWARE\Classes\CrossriderApp0048292.BHO
Chave Deletedo : HKLM\SOFTWARE\Classes\CrossriderApp0048292.BHO.1
Chave Deletedo : HKLM\SOFTWARE\Classes\CrossriderApp0048292.Sandbox
Chave Deletedo : HKLM\SOFTWARE\Classes\CrossriderApp0048292.Sandbox.1
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{02054E11-5113-4BE3-8153-AA8DFB5D3761}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{11111111-1111-1111-1111-110311551110}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{11111111-1111-1111-1111-110411821192}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220322552210}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220422822292}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550355555510}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550455825592}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660366556610}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660466826692}
Chave Deletedo : HKLM\SOFTWARE\Classes\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994}
Chave Deletedo : HKLM\SOFTWARE\Classes\TypeLib\{2BF2028E-3F3C-4C05-AB45-B2F1DCFE0759}
Chave Deletedo : HKLM\SOFTWARE\Classes\TypeLib\{DB538320-D3C5-433C-BCA9-C4081A054FCF}
Chave Deletedo : HKLM\SOFTWARE\Classes\TypeLib\{44444444-4444-4444-4444-440344554410}
Chave Deletedo : HKLM\SOFTWARE\Classes\TypeLib\{44444444-4444-4444-4444-440444824492}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110311551110}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110411821192}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{11111111-1111-1111-1111-110311551110}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{11111111-1111-1111-1111-110411821192}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68B81CCD-A80C-4060-8947-5AE69ED01199}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E6B969FB-6D33-48D2-9061-8BBD4899EB08}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\CLSID\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\CLSID\{11111111-1111-1111-1111-110311551110}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220322552210}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220422822292}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550355555510}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550455825592}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660366556610}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660466826692}
Chave Deletedo : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C}
Chave Deletedo : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110311551110}
Chave Deletedo : HKCU\Software\Goobzo
Chave Deletedo : HKCU\Software\installedbrowserextensions
Chave Deletedo : HKCU\Software\AppDataLow\Software\Crossrider
Chave Deletedo : HKCU\Software\AppDataLow\Software\ViewPassword
Chave Deletedo : HKLM\Software\Goobzo
Chave Deletedo : HKLM\Software\Iminent
Chave Deletedo : HKLM\Software\installedbrowserextensions
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchTheWebARP
Chave Deletedo : [x64] HKLM\SOFTWARE\Iminent
Chave Deletedo : [x64] HKLM\SOFTWARE\installedbrowserextensions
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\DatamngrCoordinator.exe
***** [ Navegadores ] *****
-\\ Internet Explorer v11.0.9600.17037
-\\ Mozilla Firefox v29.0 (pt-BR)
[ Arquivo : C:\Users\Diego\AppData\Roaming\Mozilla\Firefox\Profiles\46mvu0k5.default\prefs.js ]
Linha deletada : user_pref("extensions.a2eb528f3950d48a3be4b5d7de6c8331ea41e199b6ca44d23ab8773f2d1973314com35510.35510.internaldb.Resources_meta.value", "%7B%22handlebars.js%22%3A%7B%22id%22%3A183015%2C%22ver%22%3A2%2[...]
Linha deletada : user_pref("extensions.crossrider.bic", "145d97b32c5ffcdf2e09234ec7629af8");
-\\ Google Chrome v34.0.1847.131
[ Arquivo : C:\Users\Diego\AppData\Local\Google\Chrome\User Data\Default\preferences ]
Deletedo [Startup_urls] : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
*************************
AdwCleaner[R0].txt - [19127 octets] - [08/05/2014 15:17:12]
AdwCleaner[S0].txt - [17262 octets] - [08/05/2014 15:19:16]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [17323 octets] ##########
Desde já agradeço!
# AdwCleaner v3.207 - Relatório criado 08/05/2014 às 15:19:16
# Atualizado 05/05/2014 por Xplode
# Sistema Operacional : Windows 8.1 Single Language (64 bits)
# Usuário : Diego - DIEGO
# Executando de : C:\Users\Diego\Downloads\AdwCleaner.exe
# Opção : Limpar
***** [ Serviços ] *****
Serviço Deletada : ViewPassword
***** [ Arquivos / Pastas ] *****
Pasta Deletada : C:\ProgramData\ShopperPro
Pasta Deletada : C:\Program Files (x86)\IminentToolbar
Pasta Deletada : C:\Program Files (x86)\iWebar
Pasta Deletada : C:\Program Files (x86)\Sense
Pasta Deletada : C:\Program Files (x86)\ShopperPro
Pasta Deletada : C:\Program Files (x86)\ViewPassword-soft
Pasta Deletada : C:\Users\Diego\AppData\LocalLow\iWebar
Pasta Deletada : C:\Users\Diego\AppData\LocalLow\Sense
Pasta Deletada : C:\Users\Public\Documents\Goobzo
Pasta Deletada : C:\Users\Public\Documents\ShopperPro
Pasta Deletada : C:\Users\Diego\AppData\Roaming\Mozilla\Firefox\Profiles\46mvu0k5.default\Extensions\{746505DC-0E21-4667-97F8-72EA6BCF5EEF}
Pasta Deletada : C:\Users\Diego\AppData\Roaming\Mozilla\Firefox\Profiles\46mvu0k5.default\Extensions\2eb528f3-950d-48a3-be4b-5d7de6c8331e@a41e199b-6ca4-4d23-ab87-73f2d1973314.com
Arquivo Deletada : C:\WINDOWS\System32\Tasks\ShopperPro
Arquivo Deletada : C:\WINDOWS\System32\Tasks\SPDriver
Arquivo Deletada : C:\WINDOWS\Tasks\ViewPassword_wd.job
Arquivo Deletada : C:\WINDOWS\Tasks\b758eec0-2d77-437d-8ac8-dcd399a3b7db-1.job
Arquivo Deletada : C:\WINDOWS\System32\Tasks\b758eec0-2d77-437d-8ac8-dcd399a3b7db-1
Arquivo Deletada : C:\WINDOWS\Tasks\b758eec0-2d77-437d-8ac8-dcd399a3b7db-2.job
Arquivo Deletada : C:\WINDOWS\System32\Tasks\b758eec0-2d77-437d-8ac8-dcd399a3b7db-2
Arquivo Deletada : C:\WINDOWS\Tasks\b758eec0-2d77-437d-8ac8-dcd399a3b7db-3.job
Arquivo Deletada : C:\WINDOWS\System32\Tasks\b758eec0-2d77-437d-8ac8-dcd399a3b7db-3
Arquivo Deletada : C:\WINDOWS\Tasks\b758eec0-2d77-437d-8ac8-dcd399a3b7db-4.job
Arquivo Deletada : C:\WINDOWS\System32\Tasks\b758eec0-2d77-437d-8ac8-dcd399a3b7db-4
Arquivo Deletada : C:\WINDOWS\Tasks\b758eec0-2d77-437d-8ac8-dcd399a3b7db-5.job
Arquivo Deletada : C:\WINDOWS\System32\Tasks\b758eec0-2d77-437d-8ac8-dcd399a3b7db-5
Arquivo Deletada : C:\WINDOWS\Tasks\d4e590bb-8214-4c59-8429-13fb7d7180b5-2.job
Arquivo Deletada : C:\WINDOWS\System32\Tasks\d4e590bb-8214-4c59-8429-13fb7d7180b5-2
Arquivo Deletada : C:\WINDOWS\Tasks\d4e590bb-8214-4c59-8429-13fb7d7180b5-3.job
Arquivo Deletada : C:\WINDOWS\System32\Tasks\d4e590bb-8214-4c59-8429-13fb7d7180b5-3
Arquivo Deletada : C:\WINDOWS\Tasks\d4e590bb-8214-4c59-8429-13fb7d7180b5-5.job
Arquivo Deletada : C:\WINDOWS\System32\Tasks\d4e590bb-8214-4c59-8429-13fb7d7180b5-5
***** [ Atalhos ] *****
***** [ Registro ] *****
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\secman.DLL
Chave Deletedo : HKLM\SOFTWARE\Classes\secman.OutlookSecurityManager
Chave Deletedo : HKLM\SOFTWARE\Classes\secman.OutlookSecurityManager.1
Chave Deletedo : HKLM\SOFTWARE\Classes\ShopperPro.ShopperProBHO
Chave Deletedo : HKLM\SOFTWARE\Classes\ShopperPro.ShopperProBHO.1
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\Iminent_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\Iminent_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Classes\CrossriderApp0035510.BHO
Chave Deletedo : HKLM\SOFTWARE\Classes\CrossriderApp0035510.BHO.1
Chave Deletedo : HKLM\SOFTWARE\Classes\CrossriderApp0035510.Sandbox
Chave Deletedo : HKLM\SOFTWARE\Classes\CrossriderApp0035510.Sandbox.1
Chave Deletedo : HKLM\SOFTWARE\Classes\CrossriderApp0048292.BHO
Chave Deletedo : HKLM\SOFTWARE\Classes\CrossriderApp0048292.BHO.1
Chave Deletedo : HKLM\SOFTWARE\Classes\CrossriderApp0048292.Sandbox
Chave Deletedo : HKLM\SOFTWARE\Classes\CrossriderApp0048292.Sandbox.1
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{02054E11-5113-4BE3-8153-AA8DFB5D3761}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{11111111-1111-1111-1111-110311551110}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{11111111-1111-1111-1111-110411821192}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220322552210}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220422822292}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550355555510}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550455825592}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660366556610}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660466826692}
Chave Deletedo : HKLM\SOFTWARE\Classes\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994}
Chave Deletedo : HKLM\SOFTWARE\Classes\TypeLib\{2BF2028E-3F3C-4C05-AB45-B2F1DCFE0759}
Chave Deletedo : HKLM\SOFTWARE\Classes\TypeLib\{DB538320-D3C5-433C-BCA9-C4081A054FCF}
Chave Deletedo : HKLM\SOFTWARE\Classes\TypeLib\{44444444-4444-4444-4444-440344554410}
Chave Deletedo : HKLM\SOFTWARE\Classes\TypeLib\{44444444-4444-4444-4444-440444824492}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110311551110}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110411821192}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{11111111-1111-1111-1111-110311551110}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{11111111-1111-1111-1111-110411821192}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68B81CCD-A80C-4060-8947-5AE69ED01199}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E6B969FB-6D33-48D2-9061-8BBD4899EB08}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\CLSID\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\CLSID\{11111111-1111-1111-1111-110311551110}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220322552210}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220422822292}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550355555510}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550455825592}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660366556610}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660466826692}
Chave Deletedo : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C}
Chave Deletedo : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110311551110}
Chave Deletedo : HKCU\Software\Goobzo
Chave Deletedo : HKCU\Software\installedbrowserextensions
Chave Deletedo : HKCU\Software\AppDataLow\Software\Crossrider
Chave Deletedo : HKCU\Software\AppDataLow\Software\ViewPassword
Chave Deletedo : HKLM\Software\Goobzo
Chave Deletedo : HKLM\Software\Iminent
Chave Deletedo : HKLM\Software\installedbrowserextensions
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchTheWebARP
Chave Deletedo : [x64] HKLM\SOFTWARE\Iminent
Chave Deletedo : [x64] HKLM\SOFTWARE\installedbrowserextensions
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\DatamngrCoordinator.exe
***** [ Navegadores ] *****
-\\ Internet Explorer v11.0.9600.17037
-\\ Mozilla Firefox v29.0 (pt-BR)
[ Arquivo : C:\Users\Diego\AppData\Roaming\Mozilla\Firefox\Profiles\46mvu0k5.default\prefs.js ]
Linha deletada : user_pref("extensions.a2eb528f3950d48a3be4b5d7de6c8331ea41e199b6ca44d23ab8773f2d1973314com35510.35510.internaldb.Resources_meta.value", "%7B%22handlebars.js%22%3A%7B%22id%22%3A183015%2C%22ver%22%3A2%2[...]
Linha deletada : user_pref("extensions.crossrider.bic", "145d97b32c5ffcdf2e09234ec7629af8");
-\\ Google Chrome v34.0.1847.131
[ Arquivo : C:\Users\Diego\AppData\Local\Google\Chrome\User Data\Default\preferences ]
Deletedo [Startup_urls] : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
*************************
AdwCleaner[R0].txt - [19127 octets] - [08/05/2014 15:17:12]
AdwCleaner[S0].txt - [17262 octets] - [08/05/2014 15:19:16]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [17323 octets] ##########
Desde já agradeço!
Diego-silveira- Iniciante
- Mensagens : 31
Reputação : 1
Data de inscrição : 08/05/2014
Re: Não consigo abrir algumas páginas da web!!
Praticamente nenhum antivirus consegue remover os adwares completamente, sempre é necessário o uso de programas específicos.
______________________________________________________________
Desative temporariamente seu antivírus para evitar conflitos.
* Acesse este link abaixo e clique no primeiro botão da esquerda que é o botão Download Zoek.exe:
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Para executá-lo corretamente siga as dicas deste tutorial:
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
* Assim que ele concluir a limpeza dos problemas acesse o log (relatório) do Zoek que estará em C:\zoek-results.txt e copie todo seu conteúdo e poste em sua próxima resposta.
______________________________________________________________
Desative temporariamente seu antivírus para evitar conflitos.
* Acesse este link abaixo e clique no primeiro botão da esquerda que é o botão Download Zoek.exe:
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Para executá-lo corretamente siga as dicas deste tutorial:
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
* Assim que ele concluir a limpeza dos problemas acesse o log (relatório) do Zoek que estará em C:\zoek-results.txt e copie todo seu conteúdo e poste em sua próxima resposta.
_________________
Caixa de Dicas = Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] = O melhor da internet você encontra aqui.
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] = Mensagens de fé e esperança para o seu coração
Power Max- Colaborador
- Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009
(RESOLVIDO) Não consigo abrir algumas páginas da web!!
segue abaixo, Poxer max.
Zoek.exe v5.0.0.0 Updated 14-April-2014
Tool run by Diego on 08/05/2014 at 15:35:09,26.
Microsoft Windows 8.1 Single Language 6.3.9600 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Diego\Downloads\zoek.exe [Scan all users] [Script inserted]
==== System Restore Info ======================
08/05/2014 15:40:23 Zoek.exe System Restore Point Created Succesfully.
==== Reset Hosts File ======================
# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host
127.0.0.1 localhost
==== Deleting CLSID Registry Keys ======================
==== Deleting CLSID Registry Values ======================
==== Deleting Services ======================
==== FireFox Fix ======================
Deleted from C:\Users\Diego\AppData\Roaming\Mozilla\Firefox\Profiles\46mvu0k5.default\prefs.js:
Added to C:\Users\Diego\AppData\Roaming\Mozilla\Firefox\Profiles\46mvu0k5.default\prefs.js:
user_pref("browser.startup.homepage", "http://www.google.com");
user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.newtab.url", "http://www.google.com/");
user_pref("browser.search.defaultengine", "Google");
user_pref("browser.search.defaultenginename", "Google");
user_pref("browser.search.selectedEngine", "Google");
user_pref("browser.search.order.1", "Google");
user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.search.suggest.enabled", true);
user_pref("browser.search.useDBForOrder", true);
ProfilePath: C:\Users\Diego\AppData\Roaming\Mozilla\Firefox\Profiles\46mvu0k5.default
user.js not found
---- Lines a2eb528f3950d48a3be4b5d7de6c8331ea41e199b6ca44d23ab8773f2d1973314com35510 removed from prefs.js ----
user_pref("extensions.a2eb528f3950d48a3be4b5d7de6c8331ea41e199b6ca44d23ab8773f2d1973314com35510.35510.a2eb528f3950d48a3be4b5d7de6c8331ea41e199b6ca44d2
user_pref("extensions.a2eb528f3950d48a3be4b5d7de6c8331ea41e199b6ca44d23ab8773f2d1973314com35510.35510.a2eb528f3950d48a3be4b5d7de6c8331ea41e199b6ca44d2
user_pref("extensions.a2eb528f3950d48a3be4b5d7de6c8331ea41e199b6ca44d23ab8773f2d1973314com35510.35510.active", true);
user_pref("extensions.a2eb528f3950d48a3be4b5d7de6c8331ea41e199b6ca44d23ab8773f2d1973314com35510.35510.addressbar", "NA");
user_pref("extensions.a2eb528f3950d48a3be4b5d7de6c8331ea41e199b6ca44d23ab8773f2d1973314com35510.35510.addressbarenhanced", "");
user_pref("extensions.a2eb528f3950d48a3be4b5d7de6c8331ea41e199b6ca44d23ab8773f2d1973314com35510.35510.asyncdb.was_copied", "true");
user_pref("extensions.a2eb528f3950d48a3be4b5d7de6c8331ea41e199b6ca44d23ab8773f2d1973314com35510.35510.asyncdb_dbWasSet", true);
user_pref("extensions.a2eb528f3950d48a3be4b5d7de6c8331ea41e199b6ca44d23ab8773f2d1973314com35510.35510.asyncdb_dbWasSet_FF25_FIX", true);
user_pref("extensions.a2eb528f3950d48a3be4b5d7de6c8331ea41e199b6ca44d23ab8773f2d1973314com35510.35510.asyncinternaldb.was_copied", "true");
user_pref("extensions.a2eb528f3950d48a3be4b5d7de6c8331ea41e199b6ca44d23ab8773f2d1973314com35510.35510.asyncinternaldb_dbWasSet", true);
user_pref("extensions.a2eb528f3950d48a3be4b5d7de6c8331ea41e199b6ca44d23ab8773f2d1973314com35510.35510.asyncinternaldb_dbWasSet_FF25_FIX", true);
user_pref("extensions.a2eb528f3950d48a3be4b5d7de6c8331ea41e199b6ca44d23ab8773f2d1973314com35510.35510.backgroundver", 1);
user_pref("extensions.a2eb528f3950d48a3be4b5d7de6c8331ea41e199b6ca44d23ab8773f2d1973314com35510.35510.certdomaininstaller", "");
user_pref("extensions.a2eb528f3950d48a3be4b5d7de6c8331ea41e199b6ca44d23ab8773f2d1973314com35510.35510.changeprevious", false);
user_pref("extensions.a2eb528f3950d48a3be4b5d7de6c8331ea41e199b6ca44d23ab8773f2d1973314com35510.35510.cookie.InstallationTime.expiration", "Fri Feb 01
user_pref("extensions.a2eb528f3950d48a3be4b5d7de6c8331ea41e199b6ca44d23ab8773f2d1973314com35510.35510.cookie.InstallationTime.value", "%221399251704%2
user_pref("extensions.a2eb528f3950d48a3be4b5d7de6c8331ea41e199b6ca44d23ab8773f2d1973314com35510.35510.cookie.InstallerParams.expiration", "Fri Feb 01
user_pref("extensions.a2eb528f3950d48a3be4b5d7de6c8331ea41e199b6ca44d23ab8773f2d1973314com35510.35510.cookie.InstallerParams.value", "%7B%22source_id%
user_pref("extensions.a2eb528f3950d48a3be4b5d7de6c8331ea41e199b6ca44d23ab8773f2d1973314com35510.35510.cookie.jw_token.expiration", "Fri Feb 01 2030 00
user_pref("extensions.a2eb528f3950d48a3be4b5d7de6c8331ea41e199b6ca44d23ab8773f2d1973314com35510.35510.cookie.jw_token.value", "%22efcde765-5504-7fad-8
user_pref("extensions.a2eb528f3950d48a3be4b5d7de6c8331ea41e199b6ca44d23ab8773f2d1973314com35510.35510.cookie.uc.expiration", "Wed May 21 2014 22:46:20
user_pref("extensions.a2eb528f3950d48a3be4b5d7de6c8331ea41e199b6ca44d23ab8773f2d1973314com35510.35510.cookie.uc.value", "%22%5C%22BR%5C%22%22");
user_pref("extensions.a2eb528f3950d48a3be4b5d7de6c8331ea41e199b6ca44d23ab8773f2d1973314com35510.35510.description", "iWebar");
user_pref("extensions.a2eb528f3950d48a3be4b5d7de6c8331ea41e199b6ca44d23ab8773f2d1973314com35510.35510.domain", "");
user_pref("extensions.a2eb528f3950d48a3be4b5d7de6c8331ea41e199b6ca44d23ab8773f2d1973314com35510.35510.enablesearch", false);
user_pref("extensions.a2eb528f3950d48a3be4b5d7de6c8331ea41e199b6ca44d23ab8773f2d1973314com35510.35510.homepage", "");
user_pref("extensions.a2eb528f3950d48a3be4b5d7de6c8331ea41e199b6ca44d23ab8773f2d1973314com35510.35510.iframe", false);
user_pref("extensions.a2eb528f3950d48a3be4b5d7de6c8331ea41e199b6ca44d23ab8773f2d1973314com35510.35510.InstallationThankYouPage", false);
user_pref("extensions.a2eb528f3950d48a3be4b5d7de6c8331ea41e199b6ca44d23ab8773f2d1973314com35510.35510.InstallationTime", 1399251704);
user_pref("extensions.a2eb528f3950d48a3be4b5d7de6c8331ea41e199b6ca44d23ab8773f2d1973314com35510.35510.internaldb.__defualt_browser__.expiration", "Fri
user_pref("extensions.a2eb528f3950d48a3be4b5d7de6c8331ea41e199b6ca44d23ab8773f2d1973314com35510.35510.internaldb.__defualt_browser__.value", "%22ff%22
user_pref("extensions.a2eb528f3950d48a3be4b5d7de6c8331ea41e199b6ca44d23ab8773f2d1973314com35510.35510.internaldb.installer.expiration", "Fri Feb 01 20
user_pref("extensions.a2eb528f3950d48a3be4b5d7de6c8331ea41e199b6ca44d23ab8773f2d1973314com35510.35510.internaldb.installer.value", "%7B%22InstallerIde
user_pref("extensions.a2eb528f3950d48a3be4b5d7de6c8331ea41e199b6ca44d23ab8773f2d1973314com35510.35510.internaldb.InstallerIdentifiers.expiration", "Fr
user_pref("extensions.a2eb528f3950d48a3be4b5d7de6c8331ea41e199b6ca44d23ab8773f2d1973314com35510.35510.internaldb.InstallerIdentifiers.value", "%7B%22i
user_pref("extensions.a2eb528f3950d48a3be4b5d7de6c8331ea41e199b6ca44d23ab8773f2d1973314com35510.35510.internaldb.InstallerParams.expiration", "Fri Feb
user_pref("extensions.a2eb528f3950d48a3be4b5d7de6c8331ea41e199b6ca44d23ab8773f2d1973314com35510.35510.internaldb.InstallerParams.value", "%7B%22source
user_pref("extensions.a2eb528f3950d48a3be4b5d7de6c8331ea41e199b6ca44d23ab8773f2d1973314com35510.35510.internaldb.InstallerParamsCache.expiration", "Fr
user_pref("extensions.a2eb528f3950d48a3be4b5d7de6c8331ea41e199b6ca44d23ab8773f2d1973314com35510.35510.internaldb.InstallerParamsCache.value", "%7B%22s
user_pref("extensions.a2eb528f3950d48a3be4b5d7de6c8331ea41e199b6ca44d23ab8773f2d1973314com35510.35510.internaldb.InstallerUserIdentifiersCache.expirat
user_pref("extensions.a2eb528f3950d48a3be4b5d7de6c8331ea41e199b6ca44d23ab8773f2d1973314com35510.35510.internaldb.InstallerUserIdentifiersCache.value",
user_pref("extensions.a2eb528f3950d48a3be4b5d7de6c8331ea41e199b6ca44d23ab8773f2d1973314com35510.35510.internaldb.monetization_plugin_bundledUrls.expir
user_pref("extensions.a2eb528f3950d48a3be4b5d7de6c8331ea41e199b6ca44d23ab8773f2d1973314com35510.35510.internaldb.monetization_plugin_bundledUrls.value
user_pref("extensions.a2eb528f3950d48a3be4b5d7de6c8331ea41e199b6ca44d23ab8773f2d1973314com35510.35510.internaldb.monetization_plugin_bundledWithHash.e
user_pref("extensions.a2eb528f3950d48a3be4b5d7de6c8331ea41e199b6ca44d23ab8773f2d1973314com35510.35510.internaldb.monetization_plugin_bundledWithHash.v
user_pref("extensions.a2eb528f3950d48a3be4b5d7de6c8331ea41e199b6ca44d23ab8773f2d1973314com35510.35510.internaldb.monetization_plugin_notBundledArr_.ex
user_pref("extensions.a2eb528f3950d48a3be4b5d7de6c8331ea41e199b6ca44d23ab8773f2d1973314com35510.35510.internaldb.monetization_plugin_notBundledArr_.va
user_pref("extensions.a2eb528f3950d48a3be4b5d7de6c8331ea41e199b6ca44d23ab8773f2d1973314com35510.35510.internaldb.Resources_appVer.expiration", "Fri Fe
user_pref("extensions.a2eb528f3950d48a3be4b5d7de6c8331ea41e199b6ca44d23ab8773f2d1973314com35510.35510.internaldb.Resources_appVer.value", "261");
user_pref("extensions.a2eb528f3950d48a3be4b5d7de6c8331ea41e199b6ca44d23ab8773f2d1973314com35510.35510.internaldb.Resources_lastVersion.expiration", "F
user_pref("extensions.a2eb528f3950d48a3be4b5d7de6c8331ea41e199b6ca44d23ab8773f2d1973314com35510.35510.internaldb.Resources_lastVersion.value", "25");
user_pref("extensions.a2eb528f3950d48a3be4b5d7de6c8331ea41e199b6ca44d23ab8773f2d1973314com35510.35510.internaldb.Resources_meta.expiration", "Fri Feb
user_pref("extensions.a2eb528f3950d48a3be4b5d7de6c8331ea41e199b6ca44d23ab8773f2d1973314com35510.35510.internaldb.Resources_nextCheck.expiration", "Thu
user_pref("extensions.a2eb528f3950d48a3be4b5d7de6c8331ea41e199b6ca44d23ab8773f2d1973314com35510.35510.internaldb.Resources_nextCheck.value", "true");
user_pref("extensions.a2eb528f3950d48a3be4b5d7de6c8331ea41e199b6ca44d23ab8773f2d1973314com35510.35510.internaldb.Resources_queue.expiration", "Fri Feb
user_pref("extensions.a2eb528f3950d48a3be4b5d7de6c8331ea41e199b6ca44d23ab8773f2d1973314com35510.35510.internaldb.Resources_queue.value", "%7B%7D");
user_pref("extensions.a2eb528f3950d48a3be4b5d7de6c8331ea41e199b6ca44d23ab8773f2d1973314com35510.35510.internaldb.Resources_resource_183015.expiration"
user_pref("extensions.a2eb528f3950d48a3be4b5d7de6c8331ea41e199b6ca44d23ab8773f2d1973314com35510.35510.internaldb.Resources_resource_196378.expiration"
user_pref("extensions.a2eb528f3950d48a3be4b5d7de6c8331ea41e199b6ca44d23ab8773f2d1973314com35510.35510.internaldb.Resources_resource_353989.expiration"
user_pref("extensions.a2eb528f3950d48a3be4b5d7de6c8331ea41e199b6ca44d23ab8773f2d1973314com35510.35510.internaldb.Resources_resource_353990.expiration"
user_pref("extensions.a2eb528f3950d48a3be4b5d7de6c8331ea41e199b6ca44d23ab8773f2d1973314com35510.35510.internaldb.Resources_resource_353991.expiration"
user_pref("extensions.a2eb528f3950d48a3be4b5d7de6c8331ea41e199b6ca44d23ab8773f2d1973314com35510.35510.internaldb.Resources_resource_376579.expiration"
user_pref("extensions.a2eb528f3950d48a3be4b5d7de6c8331ea41e199b6ca44d23ab8773f2d1973314com35510.35510.internaldb.Resources_resource_376579.value", "%2
user_pref("extensions.a2eb528f3950d48a3be4b5d7de6c8331ea41e199b6ca44d23ab8773f2d1973314com35510.35510.internaldb.Resources_resource_483924.expiration"
user_pref("extensions.a2eb528f3950d48a3be4b5d7de6c8331ea41e199b6ca44d23ab8773f2d1973314com35510.35510.internaldb.Resources_resource_483925.expiration"
user_pref("extensions.a2eb528f3950d48a3be4b5d7de6c8331ea41e199b6ca44d23ab8773f2d1973314com35510.35510.internaldb.Resources_resource_534129.expiration"
user_pref("extensions.a2eb528f3950d48a3be4b5d7de6c8331ea41e199b6ca44d23ab8773f2d1973314com35510.35510.lastDailyReport", "1399551456311");
user_pref("extensions.a2eb528f3950d48a3be4b5d7de6c8331ea41e199b6ca44d23ab8773f2d1973314com35510.35510.lastUpdate", "1399551455324");
user_pref("extensions.a2eb528f3950d48a3be4b5d7de6c8331ea41e199b6ca44d23ab8773f2d1973314com35510.35510.manifesturl", "");
user_pref("extensions.a2eb528f3950d48a3be4b5d7de6c8331ea41e199b6ca44d23ab8773f2d1973314com35510.35510.name", "iWebar");
user_pref("extensions.a2eb528f3950d48a3be4b5d7de6c8331ea41e199b6ca44d23ab8773f2d1973314com35510.35510.newtab", "");
user_pref("extensions.a2eb528f3950d48a3be4b5d7de6c8331ea41e199b6ca44d23ab8773f2d1973314com35510.35510.opensearch", "");
user_pref("extensions.a2eb528f3950d48a3be4b5d7de6c8331ea41e199b6ca44d23ab8773f2d1973314com35510.35510.pluginsurl", "http://js.clientdemostack.com/plug
user_pref("extensions.a2eb528f3950d48a3be4b5d7de6c8331ea41e199b6ca44d23ab8773f2d1973314com35510.35510.pluginsversion", 127);
user_pref("extensions.a2eb528f3950d48a3be4b5d7de6c8331ea41e199b6ca44d23ab8773f2d1973314com35510.35510.publisher", "iWebar");
user_pref("extensions.a2eb528f3950d48a3be4b5d7de6c8331ea41e199b6ca44d23ab8773f2d1973314com35510.35510.searchstatus", 0);
user_pref("extensions.a2eb528f3950d48a3be4b5d7de6c8331ea41e199b6ca44d23ab8773f2d1973314com35510.35510.setnewtab", false);
user_pref("extensions.a2eb528f3950d48a3be4b5d7de6c8331ea41e199b6ca44d23ab8773f2d1973314com35510.35510.thankyou", "");
user_pref("extensions.a2eb528f3950d48a3be4b5d7de6c8331ea41e199b6ca44d23ab8773f2d1973314com35510.35510.updateinterval", 360);
user_pref("extensions.a2eb528f3950d48a3be4b5d7de6c8331ea41e199b6ca44d23ab8773f2d1973314com35510.35510.ver", 261);
user_pref("extensions.a2eb528f3950d48a3be4b5d7de6c8331ea41e199b6ca44d23ab8773f2d1973314com35510.apps", "35510");
user_pref("extensions.a2eb528f3950d48a3be4b5d7de6c8331ea41e199b6ca44d23ab8773f2d1973314com35510.bic", "145d97b32c5ffcdf2e09234ec7629af8");
user_pref("extensions.a2eb528f3950d48a3be4b5d7de6c8331ea41e199b6ca44d23ab8773f2d1973314com35510.cid", 35510);
user_pref("extensions.a2eb528f3950d48a3be4b5d7de6c8331ea41e199b6ca44d23ab8773f2d1973314com35510.FilesValidatorDueTime", "1399551513293");
user_pref("extensions.a2eb528f3950d48a3be4b5d7de6c8331ea41e199b6ca44d23ab8773f2d1973314com35510.firstrun", false);
user_pref("extensions.a2eb528f3950d48a3be4b5d7de6c8331ea41e199b6ca44d23ab8773f2d1973314com35510.hadappinstalled", true);
user_pref("extensions.a2eb528f3950d48a3be4b5d7de6c8331ea41e199b6ca44d23ab8773f2d1973314com35510.installationdate", 1399513101);
user_pref("extensions.a2eb528f3950d48a3be4b5d7de6c8331ea41e199b6ca44d23ab8773f2d1973314com35510.modetype", "production");
user_pref("extensions.a2eb528f3950d48a3be4b5d7de6c8331ea41e199b6ca44d23ab8773f2d1973314com35510.reportInstall", true);
user_pref("extensions.a2eb528f3950d48a3be4b5d7de6c8331ea41e199b6ca44d23ab8773f2d1973314com35510.statsDailyCounter", 2);
---- FireFox user.js and prefs.js backups ----
prefs_052014_1559_.backup
==== Deleting Files \ Folders ======================
C:\PROGRA~2\MyFree Codec deleted
C:\PROGRA~3\DRV10.tmp deleted
C:\PROGRA~3\E1010.tmp deleted
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MyFree Codec deleted
C:\WINDOWS\Syswow64\InstallUtil.InstallLog deleted
==== Firefox Extensions Registry ======================
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"wrc@avast.com"="C:\Program Files\AVAST Software\Avast\WebRep\FF" [07/05/2014 19:11]
[HKEY_CURRENT_USER\Software\Mozilla\Firefox\Extensions]
"{86596F81-93F1-E8E0-5B21-F5D6C47647F2}"="C:\Program Files (x86)\ViewPassword-soft\161.xpi" []
==== Firefox Extensions ======================
ProfilePath: C:\Users\Diego\AppData\Roaming\Mozilla\Firefox\Profiles\46mvu0k5.default
- avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF
AppDir: C:\Program Files (x86)\Mozilla Firefox
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
==== Firefox Plugins ======================
Profilepath: C:\Users\Diego\AppData\Roaming\Mozilla\Firefox\Profiles\46mvu0k5.default
18CF51689186AEB9D1D149AEB0E92D03 - C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL - Microsoft Office 2013
9FD6A1990289B9290563CA069CB74EF9 - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_206.dll - Shockwave Flash
==== Chrome Look ======================
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
gomekmidlodglbbmalcneegieacbdmki - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx[07/05/2014 19:10]
Google Docs - Diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake
YouTube - Diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
iWebar - Diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\cigiagpbkapepgklncnajbakkpkopmam
Google Search - Diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
Sense - Diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfohdbmjdkfijghgklbickfnaepghgba
avast Online Security - Diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki
Google Wallet - Diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
Gmail - Diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia
==== Chrome Fix ======================
C:\Users\Diego\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_utorrent.inspsearch.com_0.localstorage deleted successfully
C:\Users\Diego\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_utorrent.inspsearch.com_0.localstorage-journal deleted successfully
C:\Users\Diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\cigiagpbkapepgklncnajbakkpkopmam deleted successfully
C:\Users\Diego\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_cigiagpbkapepgklncnajbakkpkopmam_0.localstorage deleted successfully
C:\Users\Diego\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_cigiagpbkapepgklncnajbakkpkopmam_0.localstorage-journal deleted successfully
C:\Users\Diego\AppData\Local\Google\Chrome\User Data\Default\databases\chrome-extension_cigiagpbkapepgklncnajbakkpkopmam_0 deleted successfully
C:\Users\Diego\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\cigiagpbkapepgklncnajbakkpkopmam deleted successfully
C:\Users\Diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfohdbmjdkfijghgklbickfnaepghgba deleted successfully
C:\Users\Diego\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_dfohdbmjdkfijghgklbickfnaepghgba_0.localstorage deleted successfully
C:\Users\Diego\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_dfohdbmjdkfijghgklbickfnaepghgba_0.localstorage-journal deleted successfully
C:\Users\Diego\AppData\Local\Google\Chrome\User Data\Default\databases\chrome-extension_dfohdbmjdkfijghgklbickfnaepghgba_0 deleted successfully
C:\Users\Diego\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\dfohdbmjdkfijghgklbickfnaepghgba deleted successfully
==== Set IE to Default ======================
Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://oem.msn.com"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
No DefaultScope Set For HKCU
New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://oem.msn.com"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"
==== All HKCU SearchScopes ======================
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE11SR"
{19B2DD3D-4489-4A2A-A41F-660816336FBA} Unknown Url="Not_Found"
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}"
==== Reset Google Chrome ======================
C:\Users\Diego\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\Diego\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
==== Deleting CLSID Registry Keys ======================
HKEY_USERS\S-1-5-21-1558113235-1093295934-644403203-1001\Software\Microsoft\Internet Explorer\SearchScopes\{19B2DD3D-4489-4A2A-A41F-660816336FBA} deleted successfully
==== Deleting CLSID Registry Values ======================
HKEY_USERS\S-1-5-21-1558113235-1093295934-644403203-1001\Software\Mozilla\Firefox\Extensions\{86596F81-93F1-E8E0-5B21-F5D6C47647F2} deleted successfully
==== shortcuts on Users Desktops ======================
C:\Users\Diego\Desktop\GameRanger.lnk - C:\Users\Diego\AppData\Roaming\GameRanger\GameRanger\GameRanger.exe
C:\Users\Diego\Desktop\ZHPDiag.lnk - C:\Program Files (x86)\ZHPDiag\ZHPhep.exe
C:\Users\Diego\Desktop\ZHPFix.lnk - C:\Program Files (x86)\ZHPDiag\ZHPFix\ZHPhep.exe
C:\Users\Diego\Desktop\Age of Mythology\Age of Mythology - The Titans Expansion.lnk - C:\Program Files (x86)\Microsoft Games\Age of Mythology\aomx.exe
C:\Users\Diego\Desktop\Age of Mythology\Age of Mythology.lnk - C:\Program Files (x86)\Microsoft Games\Age of Mythology\aom.exe
==== shortcuts on All Users Desktop ======================
C:\Users\Public\Desktop\avast Premier.lnk -
C:\Users\Public\Desktop\avast SafeZone.lnk -
C:\Users\Public\Desktop\KeeP 3D.lnk - C:\Program Files (x86)\KeeP3D\KeeP3D.exe
C:\Users\Public\Desktop\Mozilla Firefox.lnk - C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Users\Public\Desktop\Samsung Kies (Lite).lnk - C:\Program Files (x86)\Samsung\Kies\KiesAgent.exe /lite
C:\Users\Public\Desktop\Samsung Kies.lnk - C:\Program Files (x86)\Samsung\Kies\KiesAgent.exe
C:\Users\Public\Desktop\VLC media player.lnk - C:\Program Files (x86)\VideoLAN\VLC\vlc.exe
==== shortcuts in Users Start Menu ======================
C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk - C:\Users\Diego\Documents
C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk - C:\Users\Diego\Pictures
C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk - C:\Users\Diego\Documents
C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk - C:\Users\Diego\Pictures
C:\Users\Diego\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk -
C:\Users\Diego\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AdwCleaner.lnk - C:\Users\Diego\Downloads\AdwCleaner.exe
C:\Users\Diego\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk - C:\Users\Diego\Documents
C:\Users\Diego\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GameRanger.lnk - C:\Users\Diego\AppData\Roaming\GameRanger\GameRanger\GameRanger.exe
C:\Users\Diego\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Users\Diego\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk - C:\Users\Diego\Pictures
C:\Users\Diego\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SkyDrive.lnk - C:\Users\Diego\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
C:\Users\Diego\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\GameRanger.lnk - C:\Users\Diego\AppData\Roaming\GameRanger\GameRanger\GameRanger.exe /autostart
C:\Users\Diego\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\Ajuda do WinRAR.lnk - C:\Program Files (x86)\WinRAR\WinRAR.chm
C:\Users\Diego\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\Manual do Console RAR.lnk - C:\Program Files (x86)\WinRAR\Rar.txt
C:\Users\Diego\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\O que há de novo na última versão.lnk -
C:\Users\Diego\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\WinRAR.lnk - C:\Program Files (x86)\WinRAR\WinRAR.exe
C:\Users\USURIO~1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk - C:\Users\Diego\Documents
C:\Users\USURIO~1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk - C:\Users\Diego\Pictures
==== shortcuts in All Users Start Menu ======================
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk - C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk - C:\Program Files (x86)\Windows Media Player\wmplayer.exe /prefetch:1
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Age of Mythology\Age of Mythology - Modo ventana.lnk - C:\Program Files (x86)\Microsoft Games\Age of Mythology\aom.exe xres=800 bpp=16 +window
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Age of Mythology\Age of Mythology - The Titans Expansion - Modo ventana.lnk - C:\Program Files (x86)\Microsoft Games\Age of Mythology\aomx.exe xres=800 bpp=16 +window
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Age of Mythology\Age of Mythology - The Titans Expansion.lnk - C:\Program Files (x86)\Microsoft Games\Age of Mythology\aomx.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Age of Mythology\Age of Mythology.lnk - C:\Program Files (x86)\Microsoft Games\Age of Mythology\aom.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Age of Mythology\Diagnostico\AOM - Sin sonido.lnk - C:\Program Files (x86)\Microsoft Games\Age of Mythology\aom.exe +nosound
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Age of Mythology\Diagnostico\AOM - The Titans Expansion - Sin sonido.lnk - C:\Program Files (x86)\Microsoft Games\Age of Mythology\aomx.exe +nosound
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Age of Mythology\Diagnostico\AOM - The Titans Expansion - Video a prueba de fallos.lnk - C:\Program Files (x86)\Microsoft Games\Age of Mythology\aomx.exe xres=640 +noSound +noIntroCinematics bpp=16 +window +lowend +terrainHalfDensity +lowPoly -waterbump skipMipMapLevels=1 graphicDetail=2
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Age of Mythology\Diagnostico\AOM - Video a prueba de fallos.lnk - C:\Program Files (x86)\Microsoft Games\Age of Mythology\aom.exe xres=640 +noSound +noIntroCinematics bpp=16 +window +lowend +terrainHalfDensity +lowPoly -waterbump skipMipMapLevels=1 graphicDetail=2
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast\avast Premier.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast\avast SafeZone.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Megacubo\Desinstalar.lnk - C:\Program Files (x86)\Megacubo\unins000.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Megacubo\Megacubo.lnk - C:\Program Files (x86)\Megacubo\megacubo.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Megacubo\MiniTuner.lnk - C:\Program Files (x86)\Megacubo\megacubo.exe -load:tuner
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Megacubo\Sleepr.lnk - C:\Program Files (x86)\Megacubo\megacubo.exe -load:sleepr
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Access 2013.lnk - C:\Program Files (x86)\Microsoft Office 15\root\office15\msaccess.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Enviar para o OneNote 2013.lnk - C:\Program Files (x86)\Microsoft Office 15\root\office15\onenotem.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Excel 2013.lnk - C:\Program Files (x86)\Microsoft Office 15\root\office15\excel.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\OneNote 2013.lnk - C:\Program Files (x86)\Microsoft Office 15\root\office15\onenote.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Outlook 2013.lnk - C:\Program Files (x86)\Microsoft Office 15\root\office15\outlook.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\PowerPoint 2013.lnk - C:\Program Files (x86)\Microsoft Office 15\root\office15\powerpnt.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Publisher 2013.lnk - C:\Program Files (x86)\Microsoft Office 15\root\office15\mspub.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Word 2013.lnk - C:\Program Files (x86)\Microsoft Office 15\root\office15\winword.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Ferramentas do Office 2013\Office 2013 Upload Center.lnk - C:\Program Files (x86)\Microsoft Office 15\root\office15\MSOUC.EXE
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Ferramentas do Office 2013\Preferências de Idioma do Office 2013.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung\Kies\Samsung Kies (Lite).lnk - C:\Program Files (x86)\Samsung\Kies\KiesAgent.exe /lite
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung\Kies\Samsung Kies.lnk - C:\Program Files (x86)\Samsung\Kies\KiesAgent.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung\Kies\Uninstall Kies.lnk - C:\Program Files (x86)\InstallShield Installation Information\{758C8301-2696-4855-AF45-534B1200980A}\setup.exe /removeonly
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StartUp\Megacubo.lnk - C:\Program Files (x86)\Megacubo\megacubo.exe -load:update -type:startup
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\Documentation.lnk - C:\Program Files (x86)\VideoLAN\VLC\Documentation.url
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\Release Notes.lnk - C:\Program Files (x86)\VideoLAN\VLC\NEWS.txt
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\VideoLAN Website.lnk - C:\Program Files (x86)\VideoLAN\VLC\VideoLAN Website.url
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\VLC media player - reset preferences and cache files.lnk - C:\Program Files (x86)\VideoLAN\VLC\vlc.exe --reset-config --reset-plugins-cache [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\VLC media player skinned.lnk - C:\Program Files (x86)\VideoLAN\VLC\vlc.exe -Iskins
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\VLC media player.lnk - C:\Program Files (x86)\VideoLAN\VLC\vlc.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\Ajuda do WinRAR.lnk - C:\Program Files (x86)\WinRAR\WinRAR.chm
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\Manual do Console RAR.lnk - C:\Program Files (x86)\WinRAR\Rar.txt
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\O que há de novo na última versão.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\WinRAR.lnk - C:\Program Files (x86)\WinRAR\WinRAR.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZHP\ZHPDiag.lnk - C:\Program Files (x86)\ZHPDiag\ZHPhep.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZHP\ZHPFix.lnk - C:\Program Files (x86)\ZHPDiag\ZHPFix\ZHPhep.exe
==== shortcuts in Quick Launch ======================
C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\Diego\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\GameRanger.lnk - C:\Users\Diego\AppData\Roaming\GameRanger\GameRanger\GameRanger.exe
C:\Users\Diego\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\Diego\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Users\Diego\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Megacubo.lnk - C:\Program Files (x86)\Megacubo\megacubo.exe
C:\Users\Diego\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Samsung Kies (Lite).lnk - C:\Program Files (x86)\Samsung\Kies\KiesAgent.exe /lite
C:\Users\Diego\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Samsung Kies.lnk - C:\Program Files (x86)\Samsung\Kies\KiesAgent.exe
C:\Users\Diego\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\Diego\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\Diego\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Control Panel.lnk -
C:\Users\Diego\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\File Explorer.lnk -
C:\Users\Diego\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\Diego\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Users\USURIO~1\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\USURIO~1\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
==== Reset IE Proxy ======================
Value(s) before fix:
"ProxyEnable"=dword:00000000
Value(s) after fix:
"ProxyEnable"=dword:00000000
==== Deleting Registry Keys ======================
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\ShopperPro deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\5C09460A-58F6-BE4A-FC98-7291811E248D deleted successfully
==== Empty IE Cache ======================
C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Diego\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\Diego\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5 emptied successfully
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
==== Empty FireFox Cache ======================
C:\Users\Diego\AppData\Local\Mozilla\Firefox\Profiles\46mvu0k5.default\Cache emptied successfully
==== Empty Chrome Cache ======================
C:\Users\Diego\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
==== Empty All Flash Cache ======================
Flash Cache Emptied Successfully
==== Empty All Java Cache ======================
No Java Cache Found
==== C:\zoek_backup content ======================
C:\zoek_backup (files=205 folders=32 25756801 bytes)
==== Empty Temp Folders ======================
C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\Diego\AppData\Local\Temp will be emptied at reboot
C:\Users\USURIO~1\AppData\Local\Temp emptied successfully
C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\WINDOWS\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\WINDOWS\Temp will be emptied at reboot
==== After Reboot ======================
==== Empty Temp Folders ======================
C:\WINDOWS\Temp successfully emptied
C:\Users\Diego\AppData\Local\Temp successfully emptied
==== Empty Recycle Bin ======================
C:\$RECYCLE.BIN successfully emptied
==== EOF on 08/05/2014 at 16:07:13,40 ======================
Zoek.exe v5.0.0.0 Updated 14-April-2014
Tool run by Diego on 08/05/2014 at 15:35:09,26.
Microsoft Windows 8.1 Single Language 6.3.9600 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Diego\Downloads\zoek.exe [Scan all users] [Script inserted]
==== System Restore Info ======================
08/05/2014 15:40:23 Zoek.exe System Restore Point Created Succesfully.
==== Reset Hosts File ======================
# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host
127.0.0.1 localhost
==== Deleting CLSID Registry Keys ======================
==== Deleting CLSID Registry Values ======================
==== Deleting Services ======================
==== FireFox Fix ======================
Deleted from C:\Users\Diego\AppData\Roaming\Mozilla\Firefox\Profiles\46mvu0k5.default\prefs.js:
Added to C:\Users\Diego\AppData\Roaming\Mozilla\Firefox\Profiles\46mvu0k5.default\prefs.js:
user_pref("browser.startup.homepage", "http://www.google.com");
user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.newtab.url", "http://www.google.com/");
user_pref("browser.search.defaultengine", "Google");
user_pref("browser.search.defaultenginename", "Google");
user_pref("browser.search.selectedEngine", "Google");
user_pref("browser.search.order.1", "Google");
user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.search.suggest.enabled", true);
user_pref("browser.search.useDBForOrder", true);
ProfilePath: C:\Users\Diego\AppData\Roaming\Mozilla\Firefox\Profiles\46mvu0k5.default
user.js not found
---- Lines a2eb528f3950d48a3be4b5d7de6c8331ea41e199b6ca44d23ab8773f2d1973314com35510 removed from prefs.js ----
user_pref("extensions.a2eb528f3950d48a3be4b5d7de6c8331ea41e199b6ca44d23ab8773f2d1973314com35510.35510.a2eb528f3950d48a3be4b5d7de6c8331ea41e199b6ca44d2
user_pref("extensions.a2eb528f3950d48a3be4b5d7de6c8331ea41e199b6ca44d23ab8773f2d1973314com35510.35510.a2eb528f3950d48a3be4b5d7de6c8331ea41e199b6ca44d2
user_pref("extensions.a2eb528f3950d48a3be4b5d7de6c8331ea41e199b6ca44d23ab8773f2d1973314com35510.35510.active", true);
user_pref("extensions.a2eb528f3950d48a3be4b5d7de6c8331ea41e199b6ca44d23ab8773f2d1973314com35510.35510.addressbar", "NA");
user_pref("extensions.a2eb528f3950d48a3be4b5d7de6c8331ea41e199b6ca44d23ab8773f2d1973314com35510.35510.addressbarenhanced", "");
user_pref("extensions.a2eb528f3950d48a3be4b5d7de6c8331ea41e199b6ca44d23ab8773f2d1973314com35510.35510.asyncdb.was_copied", "true");
user_pref("extensions.a2eb528f3950d48a3be4b5d7de6c8331ea41e199b6ca44d23ab8773f2d1973314com35510.35510.asyncdb_dbWasSet", true);
user_pref("extensions.a2eb528f3950d48a3be4b5d7de6c8331ea41e199b6ca44d23ab8773f2d1973314com35510.35510.asyncdb_dbWasSet_FF25_FIX", true);
user_pref("extensions.a2eb528f3950d48a3be4b5d7de6c8331ea41e199b6ca44d23ab8773f2d1973314com35510.35510.asyncinternaldb.was_copied", "true");
user_pref("extensions.a2eb528f3950d48a3be4b5d7de6c8331ea41e199b6ca44d23ab8773f2d1973314com35510.35510.asyncinternaldb_dbWasSet", true);
user_pref("extensions.a2eb528f3950d48a3be4b5d7de6c8331ea41e199b6ca44d23ab8773f2d1973314com35510.35510.asyncinternaldb_dbWasSet_FF25_FIX", true);
user_pref("extensions.a2eb528f3950d48a3be4b5d7de6c8331ea41e199b6ca44d23ab8773f2d1973314com35510.35510.backgroundver", 1);
user_pref("extensions.a2eb528f3950d48a3be4b5d7de6c8331ea41e199b6ca44d23ab8773f2d1973314com35510.35510.certdomaininstaller", "");
user_pref("extensions.a2eb528f3950d48a3be4b5d7de6c8331ea41e199b6ca44d23ab8773f2d1973314com35510.35510.changeprevious", false);
user_pref("extensions.a2eb528f3950d48a3be4b5d7de6c8331ea41e199b6ca44d23ab8773f2d1973314com35510.35510.cookie.InstallationTime.expiration", "Fri Feb 01
user_pref("extensions.a2eb528f3950d48a3be4b5d7de6c8331ea41e199b6ca44d23ab8773f2d1973314com35510.35510.cookie.InstallationTime.value", "%221399251704%2
user_pref("extensions.a2eb528f3950d48a3be4b5d7de6c8331ea41e199b6ca44d23ab8773f2d1973314com35510.35510.cookie.InstallerParams.expiration", "Fri Feb 01
user_pref("extensions.a2eb528f3950d48a3be4b5d7de6c8331ea41e199b6ca44d23ab8773f2d1973314com35510.35510.cookie.InstallerParams.value", "%7B%22source_id%
user_pref("extensions.a2eb528f3950d48a3be4b5d7de6c8331ea41e199b6ca44d23ab8773f2d1973314com35510.35510.cookie.jw_token.expiration", "Fri Feb 01 2030 00
user_pref("extensions.a2eb528f3950d48a3be4b5d7de6c8331ea41e199b6ca44d23ab8773f2d1973314com35510.35510.cookie.jw_token.value", "%22efcde765-5504-7fad-8
user_pref("extensions.a2eb528f3950d48a3be4b5d7de6c8331ea41e199b6ca44d23ab8773f2d1973314com35510.35510.cookie.uc.expiration", "Wed May 21 2014 22:46:20
user_pref("extensions.a2eb528f3950d48a3be4b5d7de6c8331ea41e199b6ca44d23ab8773f2d1973314com35510.35510.cookie.uc.value", "%22%5C%22BR%5C%22%22");
user_pref("extensions.a2eb528f3950d48a3be4b5d7de6c8331ea41e199b6ca44d23ab8773f2d1973314com35510.35510.description", "iWebar");
user_pref("extensions.a2eb528f3950d48a3be4b5d7de6c8331ea41e199b6ca44d23ab8773f2d1973314com35510.35510.domain", "");
user_pref("extensions.a2eb528f3950d48a3be4b5d7de6c8331ea41e199b6ca44d23ab8773f2d1973314com35510.35510.enablesearch", false);
user_pref("extensions.a2eb528f3950d48a3be4b5d7de6c8331ea41e199b6ca44d23ab8773f2d1973314com35510.35510.homepage", "");
user_pref("extensions.a2eb528f3950d48a3be4b5d7de6c8331ea41e199b6ca44d23ab8773f2d1973314com35510.35510.iframe", false);
user_pref("extensions.a2eb528f3950d48a3be4b5d7de6c8331ea41e199b6ca44d23ab8773f2d1973314com35510.35510.InstallationThankYouPage", false);
user_pref("extensions.a2eb528f3950d48a3be4b5d7de6c8331ea41e199b6ca44d23ab8773f2d1973314com35510.35510.InstallationTime", 1399251704);
user_pref("extensions.a2eb528f3950d48a3be4b5d7de6c8331ea41e199b6ca44d23ab8773f2d1973314com35510.35510.internaldb.__defualt_browser__.expiration", "Fri
user_pref("extensions.a2eb528f3950d48a3be4b5d7de6c8331ea41e199b6ca44d23ab8773f2d1973314com35510.35510.internaldb.__defualt_browser__.value", "%22ff%22
user_pref("extensions.a2eb528f3950d48a3be4b5d7de6c8331ea41e199b6ca44d23ab8773f2d1973314com35510.35510.internaldb.installer.expiration", "Fri Feb 01 20
user_pref("extensions.a2eb528f3950d48a3be4b5d7de6c8331ea41e199b6ca44d23ab8773f2d1973314com35510.35510.internaldb.installer.value", "%7B%22InstallerIde
user_pref("extensions.a2eb528f3950d48a3be4b5d7de6c8331ea41e199b6ca44d23ab8773f2d1973314com35510.35510.internaldb.InstallerIdentifiers.expiration", "Fr
user_pref("extensions.a2eb528f3950d48a3be4b5d7de6c8331ea41e199b6ca44d23ab8773f2d1973314com35510.35510.internaldb.InstallerIdentifiers.value", "%7B%22i
user_pref("extensions.a2eb528f3950d48a3be4b5d7de6c8331ea41e199b6ca44d23ab8773f2d1973314com35510.35510.internaldb.InstallerParams.expiration", "Fri Feb
user_pref("extensions.a2eb528f3950d48a3be4b5d7de6c8331ea41e199b6ca44d23ab8773f2d1973314com35510.35510.internaldb.InstallerParams.value", "%7B%22source
user_pref("extensions.a2eb528f3950d48a3be4b5d7de6c8331ea41e199b6ca44d23ab8773f2d1973314com35510.35510.internaldb.InstallerParamsCache.expiration", "Fr
user_pref("extensions.a2eb528f3950d48a3be4b5d7de6c8331ea41e199b6ca44d23ab8773f2d1973314com35510.35510.internaldb.InstallerParamsCache.value", "%7B%22s
user_pref("extensions.a2eb528f3950d48a3be4b5d7de6c8331ea41e199b6ca44d23ab8773f2d1973314com35510.35510.internaldb.InstallerUserIdentifiersCache.expirat
user_pref("extensions.a2eb528f3950d48a3be4b5d7de6c8331ea41e199b6ca44d23ab8773f2d1973314com35510.35510.internaldb.InstallerUserIdentifiersCache.value",
user_pref("extensions.a2eb528f3950d48a3be4b5d7de6c8331ea41e199b6ca44d23ab8773f2d1973314com35510.35510.internaldb.monetization_plugin_bundledUrls.expir
user_pref("extensions.a2eb528f3950d48a3be4b5d7de6c8331ea41e199b6ca44d23ab8773f2d1973314com35510.35510.internaldb.monetization_plugin_bundledUrls.value
user_pref("extensions.a2eb528f3950d48a3be4b5d7de6c8331ea41e199b6ca44d23ab8773f2d1973314com35510.35510.internaldb.monetization_plugin_bundledWithHash.e
user_pref("extensions.a2eb528f3950d48a3be4b5d7de6c8331ea41e199b6ca44d23ab8773f2d1973314com35510.35510.internaldb.monetization_plugin_bundledWithHash.v
user_pref("extensions.a2eb528f3950d48a3be4b5d7de6c8331ea41e199b6ca44d23ab8773f2d1973314com35510.35510.internaldb.monetization_plugin_notBundledArr_.ex
user_pref("extensions.a2eb528f3950d48a3be4b5d7de6c8331ea41e199b6ca44d23ab8773f2d1973314com35510.35510.internaldb.monetization_plugin_notBundledArr_.va
user_pref("extensions.a2eb528f3950d48a3be4b5d7de6c8331ea41e199b6ca44d23ab8773f2d1973314com35510.35510.internaldb.Resources_appVer.expiration", "Fri Fe
user_pref("extensions.a2eb528f3950d48a3be4b5d7de6c8331ea41e199b6ca44d23ab8773f2d1973314com35510.35510.internaldb.Resources_appVer.value", "261");
user_pref("extensions.a2eb528f3950d48a3be4b5d7de6c8331ea41e199b6ca44d23ab8773f2d1973314com35510.35510.internaldb.Resources_lastVersion.expiration", "F
user_pref("extensions.a2eb528f3950d48a3be4b5d7de6c8331ea41e199b6ca44d23ab8773f2d1973314com35510.35510.internaldb.Resources_lastVersion.value", "25");
user_pref("extensions.a2eb528f3950d48a3be4b5d7de6c8331ea41e199b6ca44d23ab8773f2d1973314com35510.35510.internaldb.Resources_meta.expiration", "Fri Feb
user_pref("extensions.a2eb528f3950d48a3be4b5d7de6c8331ea41e199b6ca44d23ab8773f2d1973314com35510.35510.internaldb.Resources_nextCheck.expiration", "Thu
user_pref("extensions.a2eb528f3950d48a3be4b5d7de6c8331ea41e199b6ca44d23ab8773f2d1973314com35510.35510.internaldb.Resources_nextCheck.value", "true");
user_pref("extensions.a2eb528f3950d48a3be4b5d7de6c8331ea41e199b6ca44d23ab8773f2d1973314com35510.35510.internaldb.Resources_queue.expiration", "Fri Feb
user_pref("extensions.a2eb528f3950d48a3be4b5d7de6c8331ea41e199b6ca44d23ab8773f2d1973314com35510.35510.internaldb.Resources_queue.value", "%7B%7D");
user_pref("extensions.a2eb528f3950d48a3be4b5d7de6c8331ea41e199b6ca44d23ab8773f2d1973314com35510.35510.internaldb.Resources_resource_183015.expiration"
user_pref("extensions.a2eb528f3950d48a3be4b5d7de6c8331ea41e199b6ca44d23ab8773f2d1973314com35510.35510.internaldb.Resources_resource_196378.expiration"
user_pref("extensions.a2eb528f3950d48a3be4b5d7de6c8331ea41e199b6ca44d23ab8773f2d1973314com35510.35510.internaldb.Resources_resource_353989.expiration"
user_pref("extensions.a2eb528f3950d48a3be4b5d7de6c8331ea41e199b6ca44d23ab8773f2d1973314com35510.35510.internaldb.Resources_resource_353990.expiration"
user_pref("extensions.a2eb528f3950d48a3be4b5d7de6c8331ea41e199b6ca44d23ab8773f2d1973314com35510.35510.internaldb.Resources_resource_353991.expiration"
user_pref("extensions.a2eb528f3950d48a3be4b5d7de6c8331ea41e199b6ca44d23ab8773f2d1973314com35510.35510.internaldb.Resources_resource_376579.expiration"
user_pref("extensions.a2eb528f3950d48a3be4b5d7de6c8331ea41e199b6ca44d23ab8773f2d1973314com35510.35510.internaldb.Resources_resource_376579.value", "%2
user_pref("extensions.a2eb528f3950d48a3be4b5d7de6c8331ea41e199b6ca44d23ab8773f2d1973314com35510.35510.internaldb.Resources_resource_483924.expiration"
user_pref("extensions.a2eb528f3950d48a3be4b5d7de6c8331ea41e199b6ca44d23ab8773f2d1973314com35510.35510.internaldb.Resources_resource_483925.expiration"
user_pref("extensions.a2eb528f3950d48a3be4b5d7de6c8331ea41e199b6ca44d23ab8773f2d1973314com35510.35510.internaldb.Resources_resource_534129.expiration"
user_pref("extensions.a2eb528f3950d48a3be4b5d7de6c8331ea41e199b6ca44d23ab8773f2d1973314com35510.35510.lastDailyReport", "1399551456311");
user_pref("extensions.a2eb528f3950d48a3be4b5d7de6c8331ea41e199b6ca44d23ab8773f2d1973314com35510.35510.lastUpdate", "1399551455324");
user_pref("extensions.a2eb528f3950d48a3be4b5d7de6c8331ea41e199b6ca44d23ab8773f2d1973314com35510.35510.manifesturl", "");
user_pref("extensions.a2eb528f3950d48a3be4b5d7de6c8331ea41e199b6ca44d23ab8773f2d1973314com35510.35510.name", "iWebar");
user_pref("extensions.a2eb528f3950d48a3be4b5d7de6c8331ea41e199b6ca44d23ab8773f2d1973314com35510.35510.newtab", "");
user_pref("extensions.a2eb528f3950d48a3be4b5d7de6c8331ea41e199b6ca44d23ab8773f2d1973314com35510.35510.opensearch", "");
user_pref("extensions.a2eb528f3950d48a3be4b5d7de6c8331ea41e199b6ca44d23ab8773f2d1973314com35510.35510.pluginsurl", "http://js.clientdemostack.com/plug
user_pref("extensions.a2eb528f3950d48a3be4b5d7de6c8331ea41e199b6ca44d23ab8773f2d1973314com35510.35510.pluginsversion", 127);
user_pref("extensions.a2eb528f3950d48a3be4b5d7de6c8331ea41e199b6ca44d23ab8773f2d1973314com35510.35510.publisher", "iWebar");
user_pref("extensions.a2eb528f3950d48a3be4b5d7de6c8331ea41e199b6ca44d23ab8773f2d1973314com35510.35510.searchstatus", 0);
user_pref("extensions.a2eb528f3950d48a3be4b5d7de6c8331ea41e199b6ca44d23ab8773f2d1973314com35510.35510.setnewtab", false);
user_pref("extensions.a2eb528f3950d48a3be4b5d7de6c8331ea41e199b6ca44d23ab8773f2d1973314com35510.35510.thankyou", "");
user_pref("extensions.a2eb528f3950d48a3be4b5d7de6c8331ea41e199b6ca44d23ab8773f2d1973314com35510.35510.updateinterval", 360);
user_pref("extensions.a2eb528f3950d48a3be4b5d7de6c8331ea41e199b6ca44d23ab8773f2d1973314com35510.35510.ver", 261);
user_pref("extensions.a2eb528f3950d48a3be4b5d7de6c8331ea41e199b6ca44d23ab8773f2d1973314com35510.apps", "35510");
user_pref("extensions.a2eb528f3950d48a3be4b5d7de6c8331ea41e199b6ca44d23ab8773f2d1973314com35510.bic", "145d97b32c5ffcdf2e09234ec7629af8");
user_pref("extensions.a2eb528f3950d48a3be4b5d7de6c8331ea41e199b6ca44d23ab8773f2d1973314com35510.cid", 35510);
user_pref("extensions.a2eb528f3950d48a3be4b5d7de6c8331ea41e199b6ca44d23ab8773f2d1973314com35510.FilesValidatorDueTime", "1399551513293");
user_pref("extensions.a2eb528f3950d48a3be4b5d7de6c8331ea41e199b6ca44d23ab8773f2d1973314com35510.firstrun", false);
user_pref("extensions.a2eb528f3950d48a3be4b5d7de6c8331ea41e199b6ca44d23ab8773f2d1973314com35510.hadappinstalled", true);
user_pref("extensions.a2eb528f3950d48a3be4b5d7de6c8331ea41e199b6ca44d23ab8773f2d1973314com35510.installationdate", 1399513101);
user_pref("extensions.a2eb528f3950d48a3be4b5d7de6c8331ea41e199b6ca44d23ab8773f2d1973314com35510.modetype", "production");
user_pref("extensions.a2eb528f3950d48a3be4b5d7de6c8331ea41e199b6ca44d23ab8773f2d1973314com35510.reportInstall", true);
user_pref("extensions.a2eb528f3950d48a3be4b5d7de6c8331ea41e199b6ca44d23ab8773f2d1973314com35510.statsDailyCounter", 2);
---- FireFox user.js and prefs.js backups ----
prefs_052014_1559_.backup
==== Deleting Files \ Folders ======================
C:\PROGRA~2\MyFree Codec deleted
C:\PROGRA~3\DRV10.tmp deleted
C:\PROGRA~3\E1010.tmp deleted
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MyFree Codec deleted
C:\WINDOWS\Syswow64\InstallUtil.InstallLog deleted
==== Firefox Extensions Registry ======================
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"wrc@avast.com"="C:\Program Files\AVAST Software\Avast\WebRep\FF" [07/05/2014 19:11]
[HKEY_CURRENT_USER\Software\Mozilla\Firefox\Extensions]
"{86596F81-93F1-E8E0-5B21-F5D6C47647F2}"="C:\Program Files (x86)\ViewPassword-soft\161.xpi" []
==== Firefox Extensions ======================
ProfilePath: C:\Users\Diego\AppData\Roaming\Mozilla\Firefox\Profiles\46mvu0k5.default
- avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF
AppDir: C:\Program Files (x86)\Mozilla Firefox
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
==== Firefox Plugins ======================
Profilepath: C:\Users\Diego\AppData\Roaming\Mozilla\Firefox\Profiles\46mvu0k5.default
18CF51689186AEB9D1D149AEB0E92D03 - C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL - Microsoft Office 2013
9FD6A1990289B9290563CA069CB74EF9 - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_206.dll - Shockwave Flash
==== Chrome Look ======================
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
gomekmidlodglbbmalcneegieacbdmki - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx[07/05/2014 19:10]
Google Docs - Diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake
YouTube - Diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
iWebar - Diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\cigiagpbkapepgklncnajbakkpkopmam
Google Search - Diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
Sense - Diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfohdbmjdkfijghgklbickfnaepghgba
avast Online Security - Diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki
Google Wallet - Diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
Gmail - Diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia
==== Chrome Fix ======================
C:\Users\Diego\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_utorrent.inspsearch.com_0.localstorage deleted successfully
C:\Users\Diego\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_utorrent.inspsearch.com_0.localstorage-journal deleted successfully
C:\Users\Diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\cigiagpbkapepgklncnajbakkpkopmam deleted successfully
C:\Users\Diego\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_cigiagpbkapepgklncnajbakkpkopmam_0.localstorage deleted successfully
C:\Users\Diego\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_cigiagpbkapepgklncnajbakkpkopmam_0.localstorage-journal deleted successfully
C:\Users\Diego\AppData\Local\Google\Chrome\User Data\Default\databases\chrome-extension_cigiagpbkapepgklncnajbakkpkopmam_0 deleted successfully
C:\Users\Diego\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\cigiagpbkapepgklncnajbakkpkopmam deleted successfully
C:\Users\Diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfohdbmjdkfijghgklbickfnaepghgba deleted successfully
C:\Users\Diego\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_dfohdbmjdkfijghgklbickfnaepghgba_0.localstorage deleted successfully
C:\Users\Diego\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_dfohdbmjdkfijghgklbickfnaepghgba_0.localstorage-journal deleted successfully
C:\Users\Diego\AppData\Local\Google\Chrome\User Data\Default\databases\chrome-extension_dfohdbmjdkfijghgklbickfnaepghgba_0 deleted successfully
C:\Users\Diego\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\dfohdbmjdkfijghgklbickfnaepghgba deleted successfully
==== Set IE to Default ======================
Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://oem.msn.com"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
No DefaultScope Set For HKCU
New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://oem.msn.com"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"
==== All HKCU SearchScopes ======================
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE11SR"
{19B2DD3D-4489-4A2A-A41F-660816336FBA} Unknown Url="Not_Found"
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}"
==== Reset Google Chrome ======================
C:\Users\Diego\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\Diego\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
==== Deleting CLSID Registry Keys ======================
HKEY_USERS\S-1-5-21-1558113235-1093295934-644403203-1001\Software\Microsoft\Internet Explorer\SearchScopes\{19B2DD3D-4489-4A2A-A41F-660816336FBA} deleted successfully
==== Deleting CLSID Registry Values ======================
HKEY_USERS\S-1-5-21-1558113235-1093295934-644403203-1001\Software\Mozilla\Firefox\Extensions\{86596F81-93F1-E8E0-5B21-F5D6C47647F2} deleted successfully
==== shortcuts on Users Desktops ======================
C:\Users\Diego\Desktop\GameRanger.lnk - C:\Users\Diego\AppData\Roaming\GameRanger\GameRanger\GameRanger.exe
C:\Users\Diego\Desktop\ZHPDiag.lnk - C:\Program Files (x86)\ZHPDiag\ZHPhep.exe
C:\Users\Diego\Desktop\ZHPFix.lnk - C:\Program Files (x86)\ZHPDiag\ZHPFix\ZHPhep.exe
C:\Users\Diego\Desktop\Age of Mythology\Age of Mythology - The Titans Expansion.lnk - C:\Program Files (x86)\Microsoft Games\Age of Mythology\aomx.exe
C:\Users\Diego\Desktop\Age of Mythology\Age of Mythology.lnk - C:\Program Files (x86)\Microsoft Games\Age of Mythology\aom.exe
==== shortcuts on All Users Desktop ======================
C:\Users\Public\Desktop\avast Premier.lnk -
C:\Users\Public\Desktop\avast SafeZone.lnk -
C:\Users\Public\Desktop\KeeP 3D.lnk - C:\Program Files (x86)\KeeP3D\KeeP3D.exe
C:\Users\Public\Desktop\Mozilla Firefox.lnk - C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Users\Public\Desktop\Samsung Kies (Lite).lnk - C:\Program Files (x86)\Samsung\Kies\KiesAgent.exe /lite
C:\Users\Public\Desktop\Samsung Kies.lnk - C:\Program Files (x86)\Samsung\Kies\KiesAgent.exe
C:\Users\Public\Desktop\VLC media player.lnk - C:\Program Files (x86)\VideoLAN\VLC\vlc.exe
==== shortcuts in Users Start Menu ======================
C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk - C:\Users\Diego\Documents
C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk - C:\Users\Diego\Pictures
C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk - C:\Users\Diego\Documents
C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk - C:\Users\Diego\Pictures
C:\Users\Diego\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk -
C:\Users\Diego\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AdwCleaner.lnk - C:\Users\Diego\Downloads\AdwCleaner.exe
C:\Users\Diego\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk - C:\Users\Diego\Documents
C:\Users\Diego\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GameRanger.lnk - C:\Users\Diego\AppData\Roaming\GameRanger\GameRanger\GameRanger.exe
C:\Users\Diego\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Users\Diego\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk - C:\Users\Diego\Pictures
C:\Users\Diego\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SkyDrive.lnk - C:\Users\Diego\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
C:\Users\Diego\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\GameRanger.lnk - C:\Users\Diego\AppData\Roaming\GameRanger\GameRanger\GameRanger.exe /autostart
C:\Users\Diego\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\Ajuda do WinRAR.lnk - C:\Program Files (x86)\WinRAR\WinRAR.chm
C:\Users\Diego\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\Manual do Console RAR.lnk - C:\Program Files (x86)\WinRAR\Rar.txt
C:\Users\Diego\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\O que há de novo na última versão.lnk -
C:\Users\Diego\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\WinRAR.lnk - C:\Program Files (x86)\WinRAR\WinRAR.exe
C:\Users\USURIO~1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk - C:\Users\Diego\Documents
C:\Users\USURIO~1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk - C:\Users\Diego\Pictures
==== shortcuts in All Users Start Menu ======================
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk - C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk - C:\Program Files (x86)\Windows Media Player\wmplayer.exe /prefetch:1
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Age of Mythology\Age of Mythology - Modo ventana.lnk - C:\Program Files (x86)\Microsoft Games\Age of Mythology\aom.exe xres=800 bpp=16 +window
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Age of Mythology\Age of Mythology - The Titans Expansion - Modo ventana.lnk - C:\Program Files (x86)\Microsoft Games\Age of Mythology\aomx.exe xres=800 bpp=16 +window
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Age of Mythology\Age of Mythology - The Titans Expansion.lnk - C:\Program Files (x86)\Microsoft Games\Age of Mythology\aomx.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Age of Mythology\Age of Mythology.lnk - C:\Program Files (x86)\Microsoft Games\Age of Mythology\aom.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Age of Mythology\Diagnostico\AOM - Sin sonido.lnk - C:\Program Files (x86)\Microsoft Games\Age of Mythology\aom.exe +nosound
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Age of Mythology\Diagnostico\AOM - The Titans Expansion - Sin sonido.lnk - C:\Program Files (x86)\Microsoft Games\Age of Mythology\aomx.exe +nosound
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Age of Mythology\Diagnostico\AOM - The Titans Expansion - Video a prueba de fallos.lnk - C:\Program Files (x86)\Microsoft Games\Age of Mythology\aomx.exe xres=640 +noSound +noIntroCinematics bpp=16 +window +lowend +terrainHalfDensity +lowPoly -waterbump skipMipMapLevels=1 graphicDetail=2
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Age of Mythology\Diagnostico\AOM - Video a prueba de fallos.lnk - C:\Program Files (x86)\Microsoft Games\Age of Mythology\aom.exe xres=640 +noSound +noIntroCinematics bpp=16 +window +lowend +terrainHalfDensity +lowPoly -waterbump skipMipMapLevels=1 graphicDetail=2
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast\avast Premier.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast\avast SafeZone.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Megacubo\Desinstalar.lnk - C:\Program Files (x86)\Megacubo\unins000.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Megacubo\Megacubo.lnk - C:\Program Files (x86)\Megacubo\megacubo.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Megacubo\MiniTuner.lnk - C:\Program Files (x86)\Megacubo\megacubo.exe -load:tuner
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Megacubo\Sleepr.lnk - C:\Program Files (x86)\Megacubo\megacubo.exe -load:sleepr
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Access 2013.lnk - C:\Program Files (x86)\Microsoft Office 15\root\office15\msaccess.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Enviar para o OneNote 2013.lnk - C:\Program Files (x86)\Microsoft Office 15\root\office15\onenotem.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Excel 2013.lnk - C:\Program Files (x86)\Microsoft Office 15\root\office15\excel.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\OneNote 2013.lnk - C:\Program Files (x86)\Microsoft Office 15\root\office15\onenote.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Outlook 2013.lnk - C:\Program Files (x86)\Microsoft Office 15\root\office15\outlook.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\PowerPoint 2013.lnk - C:\Program Files (x86)\Microsoft Office 15\root\office15\powerpnt.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Publisher 2013.lnk - C:\Program Files (x86)\Microsoft Office 15\root\office15\mspub.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Word 2013.lnk - C:\Program Files (x86)\Microsoft Office 15\root\office15\winword.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Ferramentas do Office 2013\Office 2013 Upload Center.lnk - C:\Program Files (x86)\Microsoft Office 15\root\office15\MSOUC.EXE
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Ferramentas do Office 2013\Preferências de Idioma do Office 2013.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung\Kies\Samsung Kies (Lite).lnk - C:\Program Files (x86)\Samsung\Kies\KiesAgent.exe /lite
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung\Kies\Samsung Kies.lnk - C:\Program Files (x86)\Samsung\Kies\KiesAgent.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung\Kies\Uninstall Kies.lnk - C:\Program Files (x86)\InstallShield Installation Information\{758C8301-2696-4855-AF45-534B1200980A}\setup.exe /removeonly
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StartUp\Megacubo.lnk - C:\Program Files (x86)\Megacubo\megacubo.exe -load:update -type:startup
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\Documentation.lnk - C:\Program Files (x86)\VideoLAN\VLC\Documentation.url
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\Release Notes.lnk - C:\Program Files (x86)\VideoLAN\VLC\NEWS.txt
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\VideoLAN Website.lnk - C:\Program Files (x86)\VideoLAN\VLC\VideoLAN Website.url
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\VLC media player - reset preferences and cache files.lnk - C:\Program Files (x86)\VideoLAN\VLC\vlc.exe --reset-config --reset-plugins-cache [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\VLC media player skinned.lnk - C:\Program Files (x86)\VideoLAN\VLC\vlc.exe -Iskins
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\VLC media player.lnk - C:\Program Files (x86)\VideoLAN\VLC\vlc.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\Ajuda do WinRAR.lnk - C:\Program Files (x86)\WinRAR\WinRAR.chm
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\Manual do Console RAR.lnk - C:\Program Files (x86)\WinRAR\Rar.txt
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\O que há de novo na última versão.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\WinRAR.lnk - C:\Program Files (x86)\WinRAR\WinRAR.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZHP\ZHPDiag.lnk - C:\Program Files (x86)\ZHPDiag\ZHPhep.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZHP\ZHPFix.lnk - C:\Program Files (x86)\ZHPDiag\ZHPFix\ZHPhep.exe
==== shortcuts in Quick Launch ======================
C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\Diego\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\GameRanger.lnk - C:\Users\Diego\AppData\Roaming\GameRanger\GameRanger\GameRanger.exe
C:\Users\Diego\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\Diego\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Users\Diego\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Megacubo.lnk - C:\Program Files (x86)\Megacubo\megacubo.exe
C:\Users\Diego\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Samsung Kies (Lite).lnk - C:\Program Files (x86)\Samsung\Kies\KiesAgent.exe /lite
C:\Users\Diego\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Samsung Kies.lnk - C:\Program Files (x86)\Samsung\Kies\KiesAgent.exe
C:\Users\Diego\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\Diego\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\Diego\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Control Panel.lnk -
C:\Users\Diego\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\File Explorer.lnk -
C:\Users\Diego\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\Diego\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Users\USURIO~1\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\USURIO~1\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
==== Reset IE Proxy ======================
Value(s) before fix:
"ProxyEnable"=dword:00000000
Value(s) after fix:
"ProxyEnable"=dword:00000000
==== Deleting Registry Keys ======================
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\ShopperPro deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\5C09460A-58F6-BE4A-FC98-7291811E248D deleted successfully
==== Empty IE Cache ======================
C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Diego\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\Diego\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5 emptied successfully
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
==== Empty FireFox Cache ======================
C:\Users\Diego\AppData\Local\Mozilla\Firefox\Profiles\46mvu0k5.default\Cache emptied successfully
==== Empty Chrome Cache ======================
C:\Users\Diego\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
==== Empty All Flash Cache ======================
Flash Cache Emptied Successfully
==== Empty All Java Cache ======================
No Java Cache Found
==== C:\zoek_backup content ======================
C:\zoek_backup (files=205 folders=32 25756801 bytes)
==== Empty Temp Folders ======================
C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\Diego\AppData\Local\Temp will be emptied at reboot
C:\Users\USURIO~1\AppData\Local\Temp emptied successfully
C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\WINDOWS\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\WINDOWS\Temp will be emptied at reboot
==== After Reboot ======================
==== Empty Temp Folders ======================
C:\WINDOWS\Temp successfully emptied
C:\Users\Diego\AppData\Local\Temp successfully emptied
==== Empty Recycle Bin ======================
C:\$RECYCLE.BIN successfully emptied
==== EOF on 08/05/2014 at 16:07:13,40 ======================
Diego-silveira- Iniciante
- Mensagens : 31
Reputação : 1
Data de inscrição : 08/05/2014
Re: Não consigo abrir algumas páginas da web!!
Baixe o programa Junkware Removal Tool no link abaixo:
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Para executar corretamente o programa acima é só seguir as dicas deste tutorial:
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
* Na sua próxima resposta poste o log (relatório) do Junkware Removal Tool que estará salvo em sua área de trabalho com o nome de JRT.txt
Ficamos na espera.
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Para executar corretamente o programa acima é só seguir as dicas deste tutorial:
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
* Na sua próxima resposta poste o log (relatório) do Junkware Removal Tool que estará salvo em sua área de trabalho com o nome de JRT.txt
Ficamos na espera.
_________________
Caixa de Dicas = Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] = O melhor da internet você encontra aqui.
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] = Mensagens de fé e esperança para o seu coração
Power Max- Colaborador
- Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009
(RESOLVIDO) Não consigo abrir algumas páginas da web!!
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 8.1 Single Language x64
Ran by Diego on 08/05/2014 at 16:22:51,07
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
~~~ Registry Keys
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Myfree Codec
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Myfree Codec
~~~ Files
~~~ Folders
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 08/05/2014 at 16:36:28,69
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 8.1 Single Language x64
Ran by Diego on 08/05/2014 at 16:22:51,07
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
~~~ Registry Keys
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Myfree Codec
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Myfree Codec
~~~ Files
~~~ Folders
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 08/05/2014 at 16:36:28,69
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Diego-silveira- Iniciante
- Mensagens : 31
Reputação : 1
Data de inscrição : 08/05/2014
Re: Não consigo abrir algumas páginas da web!!
Faça o download do Malwarebytes em um destes links abaixo:
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Para instalá-lo e executá-lo corretamente siga, por gentileza, as dicas desta postagem:
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Na sua próxima resposta poste este log (relatório) do Malwarebytes.
Ficamos no aguardo.
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Para instalá-lo e executá-lo corretamente siga, por gentileza, as dicas desta postagem:
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Na sua próxima resposta poste este log (relatório) do Malwarebytes.
Ficamos no aguardo.
_________________
Caixa de Dicas = Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] = O melhor da internet você encontra aqui.
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] = Mensagens de fé e esperança para o seu coração
Power Max- Colaborador
- Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009
(RESOLVIDO) Não consigo abrir algumas páginas da web!!
Malwarebytes Anti-Malware
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Data de Verificação: 08/05/2014
Hora da Verificação: 18:04:05
Logfile: tttt.txt
Administrador: Sim
Versão: 2.00.1.1004
Malware Database: v2014.05.08.09
Rootkit Database: v2014.03.27.01
Licença: Grátis
Proteção de Malware: Desabilitado
Proteção de Site Malicioso: Desabilitado
Chameleon: Desabilitado
OS: Windows 8.1
CPU: x64
Sistema de Arquivo: NTFS
Usuário: Diego
Tipo da Verificação: Verificação Personalizada
Resultado: Completado
Arquivos Verificados: 382419
Tempo Decorrido: 1 hr, 17 min, 28 seg
Memória: Enabled
Inicialização: Enabled
Filesystem: Enabled
Arquivos: Enabled
Rootkits: Desabilitado
Shuriken: Enabled
PUP: Enabled
PUM: Enabled
Processos: 0
(No malicious items detected)
Módulos: 0
(No malicious items detected)
Chaves de Registro: 7
PUP.Optional.iWebar.A, HKLM\SOFTWARE\WOW6432NODE\iWebar, Quarantined, [12e7e36b304b5ed89ae29b153ac9b14f],
PUP.Optional.Sense.A, HKLM\SOFTWARE\WOW6432NODE\SENSE\Firefox, Quarantined, [36c378d6a1dac96d39cda2ed020041bf],
PUP.Optional.Sense.A, HKLM\SOFTWARE\WOW6432NODE\SENSE\IE, Quarantined, [59a0242a0e6d1620b453a8e76c963fc1],
PUP.Optional.ObjectBrowser.A, HKLM\SOFTWARE\WOW6432NODE\SENSE\INSTALLER, Quarantined, [3bbe46084b30b58148456b1b37cbb64a],
PUP.Optional.iWebar.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\iWebar, Quarantined, [9a5f4608aecd68ce2a91ee9f39c922de],
PUP.Optional.YouTubeAccelerator.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\GOOBZO\YouTube Accelerator, Quarantined, [7f7a06482f4cc17553c1506ed42f1ee2],
PUP.Optional.iWebar.A, HKU\S-1-5-21-1558113235-1093295934-644403203-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\iWebar, Quarantined, [1cdd8ec0dd9ec6703b80f796f60c35cb],
Valores de Registro: 1
PUP.Optional.ObjectBrowser.A, HKLM\SOFTWARE\WOW6432NODE\SENSE\INSTALLER|BundledIe, 1, Quarantined, [3bbe46084b30b58148456b1b37cbb64a]
Dados do Registro: 0
(No malicious items detected)
Pastas: 0
(No malicious items detected)
Arquivos: 26
PUP.Optional.iWebar.A, C:\AdwCleaner\Quarantine\C\Program Files (x86)\iWebar\b758eec0-2d77-437d-8ac8-dcd399a3b7db-2.exe.vir, Quarantined, [0dec103e3e3d39fd9cd14ed2f20fc937],
PUP.Optional.iWebar.A, C:\AdwCleaner\Quarantine\C\Program Files (x86)\iWebar\b758eec0-2d77-437d-8ac8-dcd399a3b7db-3.exe.vir, Quarantined, [ca2fbb93e992c6706c0143ddbc458a76],
PUP.Optional.iWebar.A, C:\AdwCleaner\Quarantine\C\Program Files (x86)\iWebar\b758eec0-2d77-437d-8ac8-dcd399a3b7db-4.exe.vir, Quarantined, [de1bfe500279dd59e984839dcd3448b8],
PUP.Optional.iWebar.A, C:\AdwCleaner\Quarantine\C\Program Files (x86)\iWebar\b758eec0-2d77-437d-8ac8-dcd399a3b7db-5.exe.vir, Quarantined, [3fbaba94403ba591ff6eef318d74d52b],
PUP.Optional.iWebar.A, C:\AdwCleaner\Quarantine\C\Program Files (x86)\iWebar\iWebar-bg.exe.vir, Quarantined, [c138e6686714b87eb1bc44dc738ecc34],
PUP.Optional.iWebar.A, C:\AdwCleaner\Quarantine\C\Program Files (x86)\iWebar\iWebar-bho.dll.vir, Quarantined, [a851430b04772f074528bf61b34e27d9],
PUP.Optional.iWebar.A, C:\AdwCleaner\Quarantine\C\Program Files (x86)\iWebar\iWebar-bho64.dll.vir, Quarantined, [d22796b815668da970fd819f5fa237c9],
PUP.Optional.iWebar.A, C:\AdwCleaner\Quarantine\C\Program Files (x86)\iWebar\iWebar-buttonutil.exe.vir, Quarantined, [1adf6de1bfbc999d066729f7b44d12ee],
PUP.Optional.iWebar.A, C:\AdwCleaner\Quarantine\C\Program Files (x86)\iWebar\iWebar-buttonutil64.exe.vir, Quarantined, [906966e8e893bd79f578dd439d6409f7],
PUP.Optional.iWebar.A, C:\AdwCleaner\Quarantine\C\Program Files (x86)\iWebar\iWebar-codedownloader.exe.vir, Quarantined, [54a591bd5b20ef4776f7a37d16eb768a],
PUP.Optional.crossRider.A, C:\AdwCleaner\Quarantine\C\Program Files (x86)\iWebar\utils.exe.vir, Quarantined, [d722aba385f692a429c24cf3dc247090],
PUP.Optional.Sense.A, C:\AdwCleaner\Quarantine\C\Program Files (x86)\Sense\d4e590bb-8214-4c59-8429-13fb7d7180b5-2.exe.vir, Quarantined, [2ccd2826116af145c28bb495946d6f91],
PUP.Optional.Sense.A, C:\AdwCleaner\Quarantine\C\Program Files (x86)\Sense\d4e590bb-8214-4c59-8429-13fb7d7180b5-3.exe.vir, Quarantined, [6a8ffb539fdc8ea8272682c757aa12ee],
PUP.Optional.Sense.A, C:\AdwCleaner\Quarantine\C\Program Files (x86)\Sense\d4e590bb-8214-4c59-8429-13fb7d7180b5-5.exe.vir, Quarantined, [c831e767bfbc87af72db7ecb649d36ca],
PUP.Optional.Sense.A, C:\AdwCleaner\Quarantine\C\Program Files (x86)\Sense\Sense-bg.exe.vir, Quarantined, [a1580747fe7d191d4ffeb396ce33f60a],
PUP.Optional.Sense.A, C:\AdwCleaner\Quarantine\C\Program Files (x86)\Sense\Sense-bho.dll.vir, Quarantined, [0decfa54146790a693bab990719017e9],
PUP.Optional.Sense.A, C:\AdwCleaner\Quarantine\C\Program Files (x86)\Sense\Sense-buttonutil.exe.vir, Quarantined, [52a7004ecead47efcb82d27768997090],
PUP.Optional.ShopperPro.A, C:\AdwCleaner\Quarantine\C\Program Files (x86)\ShopperPro\ShopperPro.dll.vir, Quarantined, [9663f9556f0c1521d8e15eea19e8f50b],
PUP.Optional.ShopperPro.A, C:\AdwCleaner\Quarantine\C\Program Files (x86)\ShopperPro\ShopperPro64.dll.vir, Quarantined, [bc3d6ce2a0db5adc5465d177c1406e92],
PUP.Optional.ShopperPro.A, C:\AdwCleaner\Quarantine\C\ProgramData\ShopperPro\ShopperPro.dll.vir, Quarantined, [d920d47ae497bd796d4c71d72fd2fc04],
PUP.Optional.ShopperPro.A, C:\AdwCleaner\Quarantine\C\ProgramData\ShopperPro\ShopperPro64.dll.vir, Quarantined, [19e0aaa4186351e511a8fe4a6a978977],
Trojan.Agent.CK, C:\Users\Diego\Downloads\Crack.exe, Quarantined, [8178ada1f4878caa886739f639c79868],
PUP.Optional.Firseria, C:\Users\Diego\Downloads\Megacubo.exe, Quarantined, [a356dc720972171fa7b297e0a75af60a],
Trojan.Agent.CK, C:\Users\Diego\Downloads\Avast_2014-v9-Crak Premier.rar, Quarantined, [01f8c18d6e0d37ff975888a7ce32c13f],
PUP.Optional.BundleInstaller.A, C:\Users\Diego\Downloads\Setup (1).exe, Quarantined, [b34656f848330e28333142d5e12335cb],
PUP.Optional.InstallCore, C:\Users\Diego\Downloads\utorrent-341-build-30888-32-bits.exe, Quarantined, [9b5ecc82f982c47267102e0626de768a],
Physical Sectors: 0
(No malicious items detected)
(end)
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Data de Verificação: 08/05/2014
Hora da Verificação: 18:04:05
Logfile: tttt.txt
Administrador: Sim
Versão: 2.00.1.1004
Malware Database: v2014.05.08.09
Rootkit Database: v2014.03.27.01
Licença: Grátis
Proteção de Malware: Desabilitado
Proteção de Site Malicioso: Desabilitado
Chameleon: Desabilitado
OS: Windows 8.1
CPU: x64
Sistema de Arquivo: NTFS
Usuário: Diego
Tipo da Verificação: Verificação Personalizada
Resultado: Completado
Arquivos Verificados: 382419
Tempo Decorrido: 1 hr, 17 min, 28 seg
Memória: Enabled
Inicialização: Enabled
Filesystem: Enabled
Arquivos: Enabled
Rootkits: Desabilitado
Shuriken: Enabled
PUP: Enabled
PUM: Enabled
Processos: 0
(No malicious items detected)
Módulos: 0
(No malicious items detected)
Chaves de Registro: 7
PUP.Optional.iWebar.A, HKLM\SOFTWARE\WOW6432NODE\iWebar, Quarantined, [12e7e36b304b5ed89ae29b153ac9b14f],
PUP.Optional.Sense.A, HKLM\SOFTWARE\WOW6432NODE\SENSE\Firefox, Quarantined, [36c378d6a1dac96d39cda2ed020041bf],
PUP.Optional.Sense.A, HKLM\SOFTWARE\WOW6432NODE\SENSE\IE, Quarantined, [59a0242a0e6d1620b453a8e76c963fc1],
PUP.Optional.ObjectBrowser.A, HKLM\SOFTWARE\WOW6432NODE\SENSE\INSTALLER, Quarantined, [3bbe46084b30b58148456b1b37cbb64a],
PUP.Optional.iWebar.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\iWebar, Quarantined, [9a5f4608aecd68ce2a91ee9f39c922de],
PUP.Optional.YouTubeAccelerator.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\GOOBZO\YouTube Accelerator, Quarantined, [7f7a06482f4cc17553c1506ed42f1ee2],
PUP.Optional.iWebar.A, HKU\S-1-5-21-1558113235-1093295934-644403203-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\iWebar, Quarantined, [1cdd8ec0dd9ec6703b80f796f60c35cb],
Valores de Registro: 1
PUP.Optional.ObjectBrowser.A, HKLM\SOFTWARE\WOW6432NODE\SENSE\INSTALLER|BundledIe, 1, Quarantined, [3bbe46084b30b58148456b1b37cbb64a]
Dados do Registro: 0
(No malicious items detected)
Pastas: 0
(No malicious items detected)
Arquivos: 26
PUP.Optional.iWebar.A, C:\AdwCleaner\Quarantine\C\Program Files (x86)\iWebar\b758eec0-2d77-437d-8ac8-dcd399a3b7db-2.exe.vir, Quarantined, [0dec103e3e3d39fd9cd14ed2f20fc937],
PUP.Optional.iWebar.A, C:\AdwCleaner\Quarantine\C\Program Files (x86)\iWebar\b758eec0-2d77-437d-8ac8-dcd399a3b7db-3.exe.vir, Quarantined, [ca2fbb93e992c6706c0143ddbc458a76],
PUP.Optional.iWebar.A, C:\AdwCleaner\Quarantine\C\Program Files (x86)\iWebar\b758eec0-2d77-437d-8ac8-dcd399a3b7db-4.exe.vir, Quarantined, [de1bfe500279dd59e984839dcd3448b8],
PUP.Optional.iWebar.A, C:\AdwCleaner\Quarantine\C\Program Files (x86)\iWebar\b758eec0-2d77-437d-8ac8-dcd399a3b7db-5.exe.vir, Quarantined, [3fbaba94403ba591ff6eef318d74d52b],
PUP.Optional.iWebar.A, C:\AdwCleaner\Quarantine\C\Program Files (x86)\iWebar\iWebar-bg.exe.vir, Quarantined, [c138e6686714b87eb1bc44dc738ecc34],
PUP.Optional.iWebar.A, C:\AdwCleaner\Quarantine\C\Program Files (x86)\iWebar\iWebar-bho.dll.vir, Quarantined, [a851430b04772f074528bf61b34e27d9],
PUP.Optional.iWebar.A, C:\AdwCleaner\Quarantine\C\Program Files (x86)\iWebar\iWebar-bho64.dll.vir, Quarantined, [d22796b815668da970fd819f5fa237c9],
PUP.Optional.iWebar.A, C:\AdwCleaner\Quarantine\C\Program Files (x86)\iWebar\iWebar-buttonutil.exe.vir, Quarantined, [1adf6de1bfbc999d066729f7b44d12ee],
PUP.Optional.iWebar.A, C:\AdwCleaner\Quarantine\C\Program Files (x86)\iWebar\iWebar-buttonutil64.exe.vir, Quarantined, [906966e8e893bd79f578dd439d6409f7],
PUP.Optional.iWebar.A, C:\AdwCleaner\Quarantine\C\Program Files (x86)\iWebar\iWebar-codedownloader.exe.vir, Quarantined, [54a591bd5b20ef4776f7a37d16eb768a],
PUP.Optional.crossRider.A, C:\AdwCleaner\Quarantine\C\Program Files (x86)\iWebar\utils.exe.vir, Quarantined, [d722aba385f692a429c24cf3dc247090],
PUP.Optional.Sense.A, C:\AdwCleaner\Quarantine\C\Program Files (x86)\Sense\d4e590bb-8214-4c59-8429-13fb7d7180b5-2.exe.vir, Quarantined, [2ccd2826116af145c28bb495946d6f91],
PUP.Optional.Sense.A, C:\AdwCleaner\Quarantine\C\Program Files (x86)\Sense\d4e590bb-8214-4c59-8429-13fb7d7180b5-3.exe.vir, Quarantined, [6a8ffb539fdc8ea8272682c757aa12ee],
PUP.Optional.Sense.A, C:\AdwCleaner\Quarantine\C\Program Files (x86)\Sense\d4e590bb-8214-4c59-8429-13fb7d7180b5-5.exe.vir, Quarantined, [c831e767bfbc87af72db7ecb649d36ca],
PUP.Optional.Sense.A, C:\AdwCleaner\Quarantine\C\Program Files (x86)\Sense\Sense-bg.exe.vir, Quarantined, [a1580747fe7d191d4ffeb396ce33f60a],
PUP.Optional.Sense.A, C:\AdwCleaner\Quarantine\C\Program Files (x86)\Sense\Sense-bho.dll.vir, Quarantined, [0decfa54146790a693bab990719017e9],
PUP.Optional.Sense.A, C:\AdwCleaner\Quarantine\C\Program Files (x86)\Sense\Sense-buttonutil.exe.vir, Quarantined, [52a7004ecead47efcb82d27768997090],
PUP.Optional.ShopperPro.A, C:\AdwCleaner\Quarantine\C\Program Files (x86)\ShopperPro\ShopperPro.dll.vir, Quarantined, [9663f9556f0c1521d8e15eea19e8f50b],
PUP.Optional.ShopperPro.A, C:\AdwCleaner\Quarantine\C\Program Files (x86)\ShopperPro\ShopperPro64.dll.vir, Quarantined, [bc3d6ce2a0db5adc5465d177c1406e92],
PUP.Optional.ShopperPro.A, C:\AdwCleaner\Quarantine\C\ProgramData\ShopperPro\ShopperPro.dll.vir, Quarantined, [d920d47ae497bd796d4c71d72fd2fc04],
PUP.Optional.ShopperPro.A, C:\AdwCleaner\Quarantine\C\ProgramData\ShopperPro\ShopperPro64.dll.vir, Quarantined, [19e0aaa4186351e511a8fe4a6a978977],
Trojan.Agent.CK, C:\Users\Diego\Downloads\Crack.exe, Quarantined, [8178ada1f4878caa886739f639c79868],
PUP.Optional.Firseria, C:\Users\Diego\Downloads\Megacubo.exe, Quarantined, [a356dc720972171fa7b297e0a75af60a],
Trojan.Agent.CK, C:\Users\Diego\Downloads\Avast_2014-v9-Crak Premier.rar, Quarantined, [01f8c18d6e0d37ff975888a7ce32c13f],
PUP.Optional.BundleInstaller.A, C:\Users\Diego\Downloads\Setup (1).exe, Quarantined, [b34656f848330e28333142d5e12335cb],
PUP.Optional.InstallCore, C:\Users\Diego\Downloads\utorrent-341-build-30888-32-bits.exe, Quarantined, [9b5ecc82f982c47267102e0626de768a],
Physical Sectors: 0
(No malicious items detected)
(end)
Diego-silveira- Iniciante
- Mensagens : 31
Reputação : 1
Data de inscrição : 08/05/2014
Re: Não consigo abrir algumas páginas da web!!
Abra novamente o ( ZHPDiag )
[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
|- Clique "SEARCH" ou "PESQUISAR" e aguarde a conclusão.
[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
|- Clique OK e, ao concluir, poste o relatório ZHPDiag.txt
[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
|- Clique "SEARCH" ou "PESQUISAR" e aguarde a conclusão.
[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
|- Clique OK e, ao concluir, poste o relatório ZHPDiag.txt
[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
_________________
Caixa de Dicas = Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] = O melhor da internet você encontra aqui.
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] = Mensagens de fé e esperança para o seu coração
Power Max- Colaborador
- Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009
(RESOLVIDO) Não consigo abrir algumas páginas da web!!
~ Relatório do ZHPDiag v2014.5.8.57 - Nicolas Coolman (08/05/2014)
~ Iniciado por Diego (08/05/2014 18:13:49)
~ Endereço do Website : http://nicolascoolman.webs.com
~ Fóruns de suporte gratuito para desinfecção : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
~ Tradução pelo utilizador
~ Estatuto da versão :
~ Lista Branca : Ativado pelo programa
~ Elevação dos Privilégios : OK
~ Controle de Conta de Utilizador : Deactivate by program
---\\ Navegadores Internet
MSIE: Internet Explorer v11.0.9600.17105
MFIE: Mozilla Firefox 29.0
GCIE: Google Chrome v34.0.1847.131 (Defaut)
---\\ Informações sobre os produtos Windows
~ Langage: Portugais
Windows 8.1 Single Language, 64-bit (Build 9600)
Windows Server License Manager Script : OK
Software Protection Service (Protection logicielle) : OK
Windows Automatic Updates : OK
Windows Activation Technologies : OK
---\\ Softwares de proteçao do sistema
avast! Premier v9.0.2018
Malwarebytes Anti-Malware versão 2.0.1.1004
Windows Defender W8
---\\ Softwares d'optimização do sistema
---\\ Softwares de partilha do PeerToPeer (P2P)
---\\ Monitoramento dos softwares
Adobe Flash Player 13 Plugin
---\\ Informações sobre o sistema
~ Processor: Intel64 Family 6 Model 42 Stepping 7, GenuineIntel
~ Operating System: 64 Bits
Boot mode: Normal (Normal boot)
Total RAM: 1938 MB (33% free)
System Restore: Activé (Enable)
System drive C: has 421 GB (93%) free of 450 GB
---\\ Modo de conexão ao sistema
~ Computer Name: DIEGO
~ User Name: Diego
~ All Users Names: HomeGroupUser$, Diego, Convidado, Administrador,
~ Unselected Option: 045,061,O62,065,066,080,O82,089
Logged in as Administrator
---\\ As variáveis de ambiente
~ System Unit : C:\
~ %AppZHP% : C:\Users\Diego\AppData\Roaming\ZHP\
~ %AppData% : C:\Users\Diego\AppData\Roaming\
~ %Desktop% : C:\Users\Diego\Desktop\
~ %Favorites% : C:\Users\Diego\Favorites\
~ %LocalAppData% : C:\Users\Diego\AppData\Local\
~ %StartMenu% : C:\Users\Diego\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\
---\\ Enumeração das unidades dos discos
C: Hard drive, Flash drive, Thumb drive (Free 421 Go of 450 Go)
D: CD-ROM drive (Not Inserted)
---\\ Estado do Centro de Segurança do Windows
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: Modified =>Hijacker.Application
~ Security Center: 44 Legitimates Filtered in 00mn 00s
---\\ Pesquisa particular de ficheiros genéricos
[MD5.81394C91B7B5A7C799E249AE82491F13] - (.Microsoft Corporation - Windows Explorer.) (.01/05/2014 - 01:47:03.) -- C:\Windows\Explorer.exe [2373784]
[MD5.48CFA7BE561A7BE144C29BB912055016] - (.Microsoft Corporation - Aplicativo de Inicialização do Windows.) (.22/08/2013 - 06:58:29.) -- C:\Windows\System32\Wininit.exe [144384]
[MD5.65C36A29A131A3A5D64B29FAC4EF6DD6] - (.Microsoft Corporation - Internet Extensions para Win32.) (.18/03/2014 - 07:18:18.) -- C:\Windows\System32\wininet.dll [2262016]
[MD5.306EB21E5B480AE9065EA55AC8C35936] - (.Microsoft Corporation - Aplicativo de Logon do Windows.) (.18/03/2014 - 07:18:16.) -- C:\Windows\System32\Winlogon.exe [562176]
[MD5.AFCAB4DC692CCE37E283B00E2D7B438F] - (.Microsoft Corporation - Biblioteca de Licenciamento de Software.) (.18/03/2014 - 07:18:16.) -- C:\Windows\System32\sppcomapi.dll [447488]
[MD5.239268BAB58EAE9A3FF4E08334C00451] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.22/08/2013 - 10:25:35.) -- C:\Windows\system32\Drivers\AFD.sys [567296]
[MD5.74B14192CF79A72F7536B27CB8814FBD] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.22/08/2013 - 09:43:41.) -- C:\Windows\system32\Drivers\atapi.sys [26464]
[MD5.2FA6510E33F7DEFEC03658B74101A9B9] - (.Microsoft Corporation - CD-ROM File System Driver.) (.22/08/2013 - 08:40:15.) -- C:\Windows\system32\Drivers\Cdfs.sys [88576]
[MD5.C6796EA22B513E3457514D92DCDB1A3D] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.22/08/2013 - 05:46:35.) -- C:\Windows\system32\Drivers\Cdrom.sys [164352]
[MD5.A03F362C5557E238CBFA914689C77248] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.01/05/2014 - 01:47:02.) -- C:\Windows\system32\Drivers\DfsC.sys [134144]
[MD5.03909BDBFF0DCACCABF2B2D4ADEE44DC] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.22/08/2013 - 08:38:38.) -- C:\Windows\system32\Drivers\HDAudBus.sys [78336]
[MD5.84CFC5EFA97D0C965EDE1D56F116A541] - (.Microsoft Corporation - Driver de porta i8042.) (.22/08/2013 - 08:39:15.) -- C:\Windows\system32\Drivers\i8042prt.sys [107520]
[MD5.B7342B3C58E91107F6E946A93D9D4EFD] - (.Microsoft Corporation - IP Network Address Translator.) (.18/03/2014 - 07:18:19.) -- C:\Windows\system32\Drivers\IpNat.sys [142848]
[MD5.C997E6A37BA8915224B3FB5024A34F69] - (.Microsoft Corporation - Minirdr SMB do Windows NT.) (.01/05/2014 - 01:47:02.) -- C:\Windows\system32\Drivers\MRxSmb.sys [402944]
[MD5.0217532E19A748F0E5D569307363D5FD] - (.Microsoft Corporation - MBT Transport driver.) (.22/08/2013 - 08:37:02.) -- C:\Windows\system32\Drivers\netBT.sys [282624]
[MD5.1C80517BE6836A812F6A9B99B8321351] - (.Microsoft Corporation - Driver do Sistema de Arquivos NT.) (.01/05/2014 - 01:47:02.) -- C:\Windows\system32\Drivers\ntfs.sys [2013016]
[MD5.764B1121867B2D9B31C491668AC72B2B] - (.Microsoft Corporation - Driver de porta paralela.) (.22/08/2013 - 08:40:02.) -- C:\Windows\system32\Drivers\Parport.sys [94208]
[MD5.BBB6272B7F46C4640A8CDB8A70C3450F] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.22/08/2013 - 08:35:51.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [120832]
[MD5.680C1DAE268B6FB67FA21B389A8B79EF] - (.Microsoft Corporation - Redirecionador do Dispositivo RDP da Microsoft.) (.18/03/2014 - 06:44:42.) -- C:\Windows\system32\Drivers\rdpdr.sys [195584]
[MD5.FFF28F9F6823EB1756C60F1649560BBF] - (.Microsoft Corporation - TDI Translation Driver.) (.22/08/2013 - 10:25:35.) -- C:\Windows\system32\Drivers\tdx.sys [107520]
[MD5.3595FBDF25F8BA6256072D103937D7D6] - (.Microsoft Corporation - Driver de cópia de sombra de volume.) (.18/03/2014 - 07:17:55.) -- C:\Windows\system32\Drivers\volsnap.sys [311640]
~ Generic Processes: Scanned in 00mn 00s
---\\ Estatuto dos ficheiros ocultos (Oculto/Total)
~ Mes images (My Pictures) : 1/3
~ Mes musiques (My Musics) : 1/18
~ Mes Favoris (My Favorites) : 1/3
~ Mes Documents (My Documents) : 1/160
~ Mon Bureau (My Desktop) : 2/17
~ Menu demarrer (Programs) : 1/33
~ Hidden Files: Scanned in 00mn 01s
---\\ Processos lançados
[MD5.3E364978E4C74D3BCEA29FB41743CB5A] - (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe [3873704] [PID.2600]
[MD5.E90080AF0E517E1FE6C97D98198C3986] - (.OEM - iBrightness.) -- C:\Program Files (x86)\OEM\iBrightness 1.0.1\iBrightness.exe [3549696] [PID.2456]
[MD5.DD6526D19F757DE752A1C4EC8E69C04B] - (.No owner - IPM.exe.) -- C:\Program Files (x86)\OEM\IPM 1.9.4\IPM.exe [2410496] [PID.4364]
[MD5.C0E392910782C2BB9A28C8538CC1E1A1] - (.Intel Corporation - IAStorIcon.) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [285240] [PID.1036]
[MD5.542459D16B416D054161007FC9B1246E] - (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [841032] [PID.1020]
[MD5.CCD09CA21C1946AF24834512BD9A6FCA] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [7873536] [PID.1204]
~ Processes Running: Scanned in 00mn 00s
---\\ Google Chrome, Arranque,Pesquisa,Extensões (G0,G1,G2)
C:\Users\Diego\AppData\Local\Google\Chrome\User Data\Default\Preferences
G2 - GCE: Preference [User Data\Default] [ahfgeienlihckogmohjhadlkjgocpleb] Loja v.0.2 (Activé)
G2 - GCE: Preference [User Data\Default] [neajdppkdcdipfabeoofebfddakdcjhd] Google Network Speech v.1.0 (Activé)
G2 - GCE: Preference [User Data\Default] [nkeimhogjdpnpccoofpliimaahmaaome] Hangout Services v.1.0 (Activé)
G2 - GCE: Preference [User Data\Default] [pafkbggdmjlpgkdkcbjmhmfcdpncadgh] Google Now v.1.2.0.1 (Activé)
---\\ Pasta de extensão do Google Chrome
~ Google Lines Browser: 17 Legitimates Filtered in 00mn 02s
---\\ Internet Explorer, Gestão do Proxy (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s
---\\ Análise das linhas F0, F1, F2, F3 - Ficheiros ini, Carregamento Automático de programas
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys: Scanned in 00mn 00s
---\\ Redireção do ficheiro Hosts (01)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File: Scanned in 00mn 00s
~ Nombre de lignes (Lines number): 19
---\\ Aplicações iniciadas por registo & pastas (04)
O4 - HKLM\..\Run: [RTHDVCPL] . (.Realtek Semiconductor - Gerenciador de áudio HD Realtek.) -- C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
O4 - HKLM\..\Run: [IgfxTray] . (.Intel Corporation - igfxTray Module.) -- C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] . (.Intel Corporation - hkcmd Module.) -- C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] . (.Intel Corporation - persistence Module.) -- C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe (.not file.)
O4 - HKCU\..\Run: [KiesPreload] . (.Samsung - Kies.) -- C:\Program Files (x86)\Samsung\Kies\Kies.exe
O4 - HKCU\..\Run: [KiesAirMessage] C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe (.not file.)
O4 - HKCU\..\Run: [SPDriver] C:\Program Files (x86)\ShopperPro\JSDriver\1.35.1.155\jsdrv.exe (.not file.) =>PUP.ShopperPro
O4 - HKCU\..\Run: [GoogleChromeAutoLaunch_EE61CD3E1138C10841703F73164FC478] . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O4 - HKLM\..\Wow6432Node\Run: [IAStorIcon] . (.Intel Corporation - Delayed launcher.) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe
O4 - HKLM\..\Wow6432Node\Run: [KiesTrayAgent] . (.Samsung Electronics Co., Ltd. - Kies TrayAgent Application.) -- C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe =>.Samsung Electronics Co
O4 - HKLM\..\Wow6432Node\Run: [SPDriver] C:\Program Files (x86)\ShopperPro\JSDriver\1.35.1.155\jsdrv.exe (.not file.) =>PUP.ShopperPro
O4 - HKLM\..\Wow6432Node\Run: [AvastUI.exe] . (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
O4 - HKUS\S-1-5-21-1558113235-1093295934-644403203-1001\..\Run: [KiesPreload] . (.Samsung - Kies.) -- C:\Program Files (x86)\Samsung\Kies\Kies.exe
O4 - HKUS\S-1-5-21-1558113235-1093295934-644403203-1001\..\Run: [KiesAirMessage] C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe (.not file.)
O4 - HKUS\S-1-5-21-1558113235-1093295934-644403203-1001\..\Run: [SPDriver] C:\Program Files (x86)\ShopperPro\JSDriver\1.35.1.155\jsdrv.exe (.not file.) =>PUP.ShopperPro
O4 - HKUS\S-1-5-21-1558113235-1093295934-644403203-1001\..\Run: [GoogleChromeAutoLaunch_EE61CD3E1138C10841703F73164FC478] . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
~ Application: Scanned in 00mn 00s
---\\ Boutões da barra de ferramentas principal do Internet Explorer (09)
O9 - Extra button: Se&nd to OneNote [64Bits] - {2670000A-7350-4f3c-8081-5663EE0C6C49} . (.Microsoft Corporation - Microsoft OneNote Internet Explorer Add-in.) -- C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\ONBttnIE.dll =>.Microsoft Corporation
O9 - Extra button: Lync Click to Call [64Bits] - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -- C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\lync.exe (.not file.)
O9 - Extra button: OneNote Lin&ked Notes [64Bits] - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} . (.Microsoft Corporation - Microsoft OneNote Internet Explorer Add-in.) -- C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\ONBttnIELinkedNotes.dll =>.Microsoft Corporation
~ IE Extra Buttons: Scanned in 00mn 00s
---\\ Alteração Dominio/Clientes DNS (017)
O17 - HKLM\System\CCS\Services\Tcpip\..\{1C8DAE3F-A59E-4149-913F-3D5FC6209543}: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{B13FEA21-6FB2-4C41-A3F4-91CF42CB23D8}: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{1C8DAE3F-A59E-4149-913F-3D5FC6209543}: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{B13FEA21-6FB2-4C41-A3F4-91CF42CB23D8}: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
~ Domain: Scanned in 00mn 00s
---\\ Protocolo adicional (018)
O18 - Handler: wlpg [64Bits] - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (...) --
O18 - Filter: application/x-msdownload [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll =>.Microsoft Corporation
~ Protocole Additionnel: Scanned in 00mn 00s
---\\ Valor do Registo AppInit_DLLs e sub-chaves Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: igfxcui . (.Intel Corporation - igfxdev Module.) -- C:\Windows\System32\igfxdev.dll
~ Winlogon: Scanned in 00mn 00s
---\\ Tarefas planificadas automaticamente (039)
O39 - APT: - (..) -- C:\Windows\System32\Tasks\Adobe Flash Player Updater [902]
O39 - APT: - (..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore [1074]
O39 - APT: - (..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA [1078]
O39 - APT: - (..) -- C:\Windows\Tasks\Synaptics TouchPad Enhancements.job [264]
~ Scheduled Task: 15 Legitimates Filtered in 00mn 11s
---\\ Software instalados (042)
O42 - Logiciel: Driver 1.3.1 - (.OEM.) [HKLM][64Bits] -- {BA56CD60-1D9F-4BE6-AC2F-B7C4A5437C35}
O42 - Logiciel: IPM 1.9.4 - (.OEM.) [HKLM][64Bits] -- {AADF4228-0772-4D43-92EB-B245E3A17B00}
O42 - Logiciel: KeeP 3D - v1.0 - (.KeeP Sofware.) [HKLM][64Bits] -- {D445A7B9-69A8-4860-95B9-BB957281D9A0}_is1
O42 - Logiciel: KeeP3D - (.UNKNOWN.) [HKLM][64Bits] -- KeeP3D
O42 - Logiciel: KeeP3D - (.UNKNOWN.) [HKLM][64Bits] -- {8AC46073-0856-7FD5-5411-AFDB47D963B0}
O42 - Logiciel: Sense - (.Object Browser.) [HKLM][64Bits] -- Sense =>PUP.ObjectBrowser
O42 - Logiciel: iBrightness 1.0.1 - (.OEM.) [HKLM][64Bits] -- {B351A468-173F-43D8-B6E6-5A6E9A0125A8}
O42 - Logiciel: iWebar - (.iWebar.) [HKLM][64Bits] -- iWebar =>PUP.iWebar
~ Logic: 27 Legitimates Filtered in 00mn 00s
---\\ HKCU & HKLM Software Keys
[HKCU\Software\ShopperPro] =>PUP.ShopperPro
[HKCU\Software\SoilAP]
[HKLM\Software\SoilIO]
[HKLM\Software\Wow6432Node\ShopperPro] =>PUP.ShopperPro
~ Key Software: 191 Legitimates Filtered in 00mn 01s
---\\ Conteúdo das pastas Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 11/03/2013 - 14:13:20 - [] ----D C:\Program Files (x86)\KeeP3D
O43 - CFD: 04/05/2014 - 22:01:32 - [] ----D C:\Users\Diego\AppData\Local\Installer
~ Program Folder: 113 Legitimates Filtered in 00mn 00s
---\\ Últimos ficheiros alterados ou criados no Windows e Sistema32 (044)
O44 - LFC:[MD5.F8BEF1E87A4DDE29E82CD7512DAABFA4] - 01/05/2014 - 01:33:06 ---A- . (...) -- C:\Windows\WindowsUpdate (1).log [1695946]
O44 - LFC:[MD5.12B0701B1CEC1A7BB0E4C71D97661E23] - 01/05/2014 - 01:47:02 ---A- . (...) -- C:\Windows\System32\ApnDatabase.xml [387210]
O44 - LFC:[MD5.5910E212539816BE85C7D033651124A9] - 01/05/2014 - 02:05:55 ---A- . (...) -- C:\Windows\DtcInstall.log [4893]
O44 - LFC:[MD5.89E472AFB28892082AFD2D3FD6DA2758] - 01/05/2014 - 02:12:24 ---A- . (...) -- C:\Windows\System32\emptyregdb.dat [22956]
O44 - LFC:[MD5.AE773905963646112E7C0DE64E51F08A] - 01/05/2014 - 02:12:44 ---A- . (...) -- C:\Windows\comsetup.log [6609]
O44 - LFC:[MD5.81DD33EC695AB90466031CF430CFA1BD] - 01/05/2014 - 02:12:45 ---A- . (...) -- C:\Windows\diagerr.xml [20958]
O44 - LFC:[MD5.81DD33EC695AB90466031CF430CFA1BD] - 01/05/2014 - 02:12:45 ---A- . (...) -- C:\Windows\diagwrn.xml [20958]
O44 - LFC:[MD5.D6528497A77519B74DE4C834D9213D77] - 07/05/2014 - 13:15:49 ---A- . (...) -- C:\Windows\System32\prfc0416.dat [159030]
O44 - LFC:[MD5.B8EF9FFA42CFC6C14F69D26AD3DAE758] - 07/05/2014 - 13:15:49 ---A- . (...) -- C:\Windows\System32\prfh0416.dat [775938]
O44 - LFC:[MD5.340B0467E98A8C92697D73034DB4BCB7] - 07/05/2014 - 19:11:05 ---A- . (...) -- C:\Windows\System32\Drivers\aswHwid.sys [29208]
O44 - LFC:[MD5.D9103AE68899692A7961361715403BCA] - 07/05/2014 - 19:22:32 ---A- . (.No owner - Setup/Uninstall.) -- C:\Windows\unins000.exe [1180099]
O44 - LFC:[MD5.6F2C7F5AD338FF640B3249039A5F7511] - 07/05/2014 - 19:23:44 ---A- . (...) -- C:\Windows\unins000.dat [1227]
O44 - LFC:[MD5.CC7AA7B42CF418FC3D926913490048F8] - 08/05/2014 - 15:34:35 ---A- . (...) -- C:\Windows\zoek-delete.exe [24064]
O44 - LFC:[MD5.F0460BDB70FA302BE2A563782788F7A7] - 08/05/2014 - 16:07:13 ---A- . (...) -- C:\zoek-results.log [36602]
~ Files: 185 Legitimates Filtered in 00mn 09s
---\\ Enumeração das chaves do registo PoliciesSystem (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
~ MWPS: 19 Legitimates Filtered in 00mn 00s
---\\ Enumeração das chaves do registo PoliciesExplorer (MWPE) (O56)
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktopChanges"=1
~ MWPE Keys: 3 Legitimates Filtered in 00mn 00s
---\\ Lista dos drivers do sistema (SDL) (O58)
O58 - SDL:07/05/2014 - 19:11:05 ---A- . (...) -- C:\Windows\System32\Drivers\aswHwid.sys [29208] =>.ALWIL Software
O58 - SDL:07/05/2014 - 19:11:05 ---A- . (...) -- C:\Windows\System32\Drivers\aswRvrt.sys [65776] =>.ALWIL Software
O58 - SDL:07/05/2014 - 19:11:06 ---A- . (...) -- C:\Windows\System32\Drivers\aswVmm.sys [208416] =>.ALWIL Software
O58 - SDL:12/08/2013 - 20:25:46 ---A- . (.Windows (R) Win 7 DDK provider - BCM Function 2 Device Driver.) -- C:\Windows\System32\Drivers\bcmfn2.sys [17624]
O58 - SDL:19/08/2010 - 16:59:12 ---A- . (...) -- C:\Windows\System32\Drivers\SoilIO.sys [17912]
O58 - SDL:03/12/2009 - 10:03:50 ---A- . (.Systems Internals - Windows NT Caps-lock Ctrl Swapper.) -- C:\Windows\System32\Drivers\soilkbc.sys [13816]
O58 - SDL:03/12/2009 - 10:04:16 ---A- . (.Systems Internals - Windows NT Caps-lock Ctrl Swapper.) -- C:\Windows\System32\Drivers\SoilMC.sys [13304]
O58 - SDL:11/04/2014 - 05:39:22 ---A- . (.DEVGURU Co., LTD.([Tens de ter uma conta e sessão iniciada para poderes visualizar este link] - SAMSUNG USB Composite Device Driver (MSS Ver.3).) -- C:\Windows\System32\Drivers\ssudbus.sys [110336]
O58 - SDL:11/04/2014 - 05:39:22 ---A- . (.DEVGURU Co., LTD.([Tens de ter uma conta e sessão iniciada para poderes visualizar este link] - SAMSUNG Android Modem Device Driver (MSS Ver.3).) -- C:\Windows\System32\Drivers\ssudmdm.sys [206080]
O58 - SDL:22/08/2013 - 09:43:32 ---A- . (.Promise Technology, Inc. - Promise SuperTrak EX Series Driver for Windows x64.) -- C:\Windows\System32\Drivers\stexstor.sys [31072]
~ Drivers: 61 Legitimates Filtered in 00mn 06s
---\\ Lista das ferramentas de remoção de vírus (LAT) (063)
O63 - Logiciel: ZHPDiag 2014 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =>.Nicolas Coolman
~ ADS: Scanned in 00mn 00s
---\\ Associações Shell Spawning (O67)
O67 - Shell Spawning: <.html>[HKCU\..\open\Command] (.Not Key.)
~ FASS Keys: 11 Legitimates Filtered in 00mn 00s
---\\ Menu de inicialização Internet (068)
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
~ Keys: Scanned in 00mn 00s
---\\ Pesquisa de infeção nos navegadores da Internet (SBI) (069)
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (Bing) - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O69 - SBI: SearchScopes [HKCU] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} [DefaultScope] - (Google) - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
~ Keys: Scanned in 00mn 00s
---\\ Pesquisa adicional à raiz do sistema (radicular) (SPRF) (O84)
[MD5.8A9352796AA53724E44FE847905C97F3] [SPRF][04/05/2014] (.www.megacubo.net - Megacubo Setup.) -- C:\Users\Diego\Desktop\654-Megacubo_10.4.0.exe [5613128]
~ Files: 1 Legitimates Filtered in 00mn 00s
---\\ Lista das exceções do FireWall (FirewallRules) (O87)
O87 - FAEL: "{4DB48935-BF4F-49F7-908C-89E7FDB23FA3}" | In - None - P6 - TRUE | .(.BitTorrent Inc. - µTorrent.) -- C:\Users\Diego\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.BitTorrent
O87 - FAEL: "{D2AC5317-4A42-4F04-BC99-0D57968529C6}" | In - None - P17 - TRUE | .(.BitTorrent Inc. - µTorrent.) -- C:\Users\Diego\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.BitTorrent
~ Firewall: 2 Legitimates Filtered in 00mn 02s
---\\ Estado general dos serviços não Microsoft (EGS) (SR=Executados, SS=Parados)
SS - | Demand 30/04/2014 257712 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
SS - | Demand 29/01/2014 279000 | (cphs) . (.Intel Corporation.) - C:\Windows\SysWow64\IntelCpHeciSvc.exe
SS - | Auto 07/05/2014 116648 | (gupdate) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 07/05/2014 116648 | (gupdatem) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 22/04/2014 119408 | (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
SS - | Demand 22/08/2013 37768 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SR - | Auto 07/05/2014 50344 | (avast! Antivirus) . (.AVAST Software.) - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
SR - | Auto 07/05/2014 109048 | (avast! Firewall) . (.AVAST Software.) - C:\Program Files\AVAST Software\Avast\afwServ.exe
SR - | Auto 19/11/2012 14904 | (IAStorDataMgrSvc) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
SR - | Auto 13/09/2012 2466448 | (IconMan_R) . (.Realsil Microelectronics Inc..) - C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
SR - | Auto 27/07/2012 636952 | (Intel(R) Capability Licensing Service Interface) . (.Intel(R) Corporation.) - C:\Program Files\Intel\iCLS Client\HeciServer.exe
SR - | Auto 19/12/2012 129488 | (Intel(R) ME Service) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
SR - | Auto 19/12/2012 165328 | (jhi_service) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
SR - | Auto 19/12/2012 277456 | (LMS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
SR - | Auto 19/12/2012 364496 | (UNS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
SR - | Demand 10/07/1658 0 | (WdNisSvc) . (...) - C:\Program Files (x86)\Windows Defender\NisSrv.exe
SR - | Demand 10/07/1658 0 | (WinDefend) . (...) - C:\Program Files (x86)\Windows Defender\MsMpEng.exe
SR - | Auto 10/07/1658 0 | (WMPNetworkSvc) . (...) - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe =>.Microsoft Corporation
~ Services: Scanned in 00mn 15s
---\\ Scâner Aditional (088)
Database Version : 13045 - (08/05/2014)
Clés trouvées (Keys found) : 4
Valeurs trouvées (Values found) : 2
Dossiers trouvés (Folders found) : 1
Fichiers trouvés (Files found) : 3
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Sense] =>PUP.ObjectBrowser^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\iWebar] =>PUP.iWebar^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\29799DE249E7DBC459FC6C8F07EB8375] =>PUP.Tarma
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0238BBE24EA3A70408B81E4BB89C15E5] =>PUP.Tarma
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]:SPDriver =>PUP.ShopperPro^
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]:SPDriver =>PUP.ShopperPro^
C:\Users\Diego\AppData\Local\Installer =>Adware.InstallPedia
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: Modified =>Hijacker.Application^
[HKCU\Software\ShopperPro] =>PUP.ShopperPro^
[HKLM\Software\Wow6432Node\ShopperPro] =>PUP.ShopperPro^
~ Additionnel Scan: 176919 Items scanned in 00mn 53s
---\\ Sumário das deteções encontradas na sua estação
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>PUP.ShopperPro
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>PUP.Tarma
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>Adware.InstallPedia
~ MSI: 3 link(s) detected in 00mn 00s
~ 693 Legitimates filtered by white list
End of the scan (391 lines in 02mn 15s)(0)
~ Iniciado por Diego (08/05/2014 18:13:49)
~ Endereço do Website : http://nicolascoolman.webs.com
~ Fóruns de suporte gratuito para desinfecção : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
~ Tradução pelo utilizador
~ Estatuto da versão :
~ Lista Branca : Ativado pelo programa
~ Elevação dos Privilégios : OK
~ Controle de Conta de Utilizador : Deactivate by program
---\\ Navegadores Internet
MSIE: Internet Explorer v11.0.9600.17105
MFIE: Mozilla Firefox 29.0
GCIE: Google Chrome v34.0.1847.131 (Defaut)
---\\ Informações sobre os produtos Windows
~ Langage: Portugais
Windows 8.1 Single Language, 64-bit (Build 9600)
Windows Server License Manager Script : OK
Software Protection Service (Protection logicielle) : OK
Windows Automatic Updates : OK
Windows Activation Technologies : OK
---\\ Softwares de proteçao do sistema
avast! Premier v9.0.2018
Malwarebytes Anti-Malware versão 2.0.1.1004
Windows Defender W8
---\\ Softwares d'optimização do sistema
---\\ Softwares de partilha do PeerToPeer (P2P)
---\\ Monitoramento dos softwares
Adobe Flash Player 13 Plugin
---\\ Informações sobre o sistema
~ Processor: Intel64 Family 6 Model 42 Stepping 7, GenuineIntel
~ Operating System: 64 Bits
Boot mode: Normal (Normal boot)
Total RAM: 1938 MB (33% free)
System Restore: Activé (Enable)
System drive C: has 421 GB (93%) free of 450 GB
---\\ Modo de conexão ao sistema
~ Computer Name: DIEGO
~ User Name: Diego
~ All Users Names: HomeGroupUser$, Diego, Convidado, Administrador,
~ Unselected Option: 045,061,O62,065,066,080,O82,089
Logged in as Administrator
---\\ As variáveis de ambiente
~ System Unit : C:\
~ %AppZHP% : C:\Users\Diego\AppData\Roaming\ZHP\
~ %AppData% : C:\Users\Diego\AppData\Roaming\
~ %Desktop% : C:\Users\Diego\Desktop\
~ %Favorites% : C:\Users\Diego\Favorites\
~ %LocalAppData% : C:\Users\Diego\AppData\Local\
~ %StartMenu% : C:\Users\Diego\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\
---\\ Enumeração das unidades dos discos
C: Hard drive, Flash drive, Thumb drive (Free 421 Go of 450 Go)
D: CD-ROM drive (Not Inserted)
---\\ Estado do Centro de Segurança do Windows
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: Modified =>Hijacker.Application
~ Security Center: 44 Legitimates Filtered in 00mn 00s
---\\ Pesquisa particular de ficheiros genéricos
[MD5.81394C91B7B5A7C799E249AE82491F13] - (.Microsoft Corporation - Windows Explorer.) (.01/05/2014 - 01:47:03.) -- C:\Windows\Explorer.exe [2373784]
[MD5.48CFA7BE561A7BE144C29BB912055016] - (.Microsoft Corporation - Aplicativo de Inicialização do Windows.) (.22/08/2013 - 06:58:29.) -- C:\Windows\System32\Wininit.exe [144384]
[MD5.65C36A29A131A3A5D64B29FAC4EF6DD6] - (.Microsoft Corporation - Internet Extensions para Win32.) (.18/03/2014 - 07:18:18.) -- C:\Windows\System32\wininet.dll [2262016]
[MD5.306EB21E5B480AE9065EA55AC8C35936] - (.Microsoft Corporation - Aplicativo de Logon do Windows.) (.18/03/2014 - 07:18:16.) -- C:\Windows\System32\Winlogon.exe [562176]
[MD5.AFCAB4DC692CCE37E283B00E2D7B438F] - (.Microsoft Corporation - Biblioteca de Licenciamento de Software.) (.18/03/2014 - 07:18:16.) -- C:\Windows\System32\sppcomapi.dll [447488]
[MD5.239268BAB58EAE9A3FF4E08334C00451] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.22/08/2013 - 10:25:35.) -- C:\Windows\system32\Drivers\AFD.sys [567296]
[MD5.74B14192CF79A72F7536B27CB8814FBD] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.22/08/2013 - 09:43:41.) -- C:\Windows\system32\Drivers\atapi.sys [26464]
[MD5.2FA6510E33F7DEFEC03658B74101A9B9] - (.Microsoft Corporation - CD-ROM File System Driver.) (.22/08/2013 - 08:40:15.) -- C:\Windows\system32\Drivers\Cdfs.sys [88576]
[MD5.C6796EA22B513E3457514D92DCDB1A3D] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.22/08/2013 - 05:46:35.) -- C:\Windows\system32\Drivers\Cdrom.sys [164352]
[MD5.A03F362C5557E238CBFA914689C77248] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.01/05/2014 - 01:47:02.) -- C:\Windows\system32\Drivers\DfsC.sys [134144]
[MD5.03909BDBFF0DCACCABF2B2D4ADEE44DC] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.22/08/2013 - 08:38:38.) -- C:\Windows\system32\Drivers\HDAudBus.sys [78336]
[MD5.84CFC5EFA97D0C965EDE1D56F116A541] - (.Microsoft Corporation - Driver de porta i8042.) (.22/08/2013 - 08:39:15.) -- C:\Windows\system32\Drivers\i8042prt.sys [107520]
[MD5.B7342B3C58E91107F6E946A93D9D4EFD] - (.Microsoft Corporation - IP Network Address Translator.) (.18/03/2014 - 07:18:19.) -- C:\Windows\system32\Drivers\IpNat.sys [142848]
[MD5.C997E6A37BA8915224B3FB5024A34F69] - (.Microsoft Corporation - Minirdr SMB do Windows NT.) (.01/05/2014 - 01:47:02.) -- C:\Windows\system32\Drivers\MRxSmb.sys [402944]
[MD5.0217532E19A748F0E5D569307363D5FD] - (.Microsoft Corporation - MBT Transport driver.) (.22/08/2013 - 08:37:02.) -- C:\Windows\system32\Drivers\netBT.sys [282624]
[MD5.1C80517BE6836A812F6A9B99B8321351] - (.Microsoft Corporation - Driver do Sistema de Arquivos NT.) (.01/05/2014 - 01:47:02.) -- C:\Windows\system32\Drivers\ntfs.sys [2013016]
[MD5.764B1121867B2D9B31C491668AC72B2B] - (.Microsoft Corporation - Driver de porta paralela.) (.22/08/2013 - 08:40:02.) -- C:\Windows\system32\Drivers\Parport.sys [94208]
[MD5.BBB6272B7F46C4640A8CDB8A70C3450F] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.22/08/2013 - 08:35:51.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [120832]
[MD5.680C1DAE268B6FB67FA21B389A8B79EF] - (.Microsoft Corporation - Redirecionador do Dispositivo RDP da Microsoft.) (.18/03/2014 - 06:44:42.) -- C:\Windows\system32\Drivers\rdpdr.sys [195584]
[MD5.FFF28F9F6823EB1756C60F1649560BBF] - (.Microsoft Corporation - TDI Translation Driver.) (.22/08/2013 - 10:25:35.) -- C:\Windows\system32\Drivers\tdx.sys [107520]
[MD5.3595FBDF25F8BA6256072D103937D7D6] - (.Microsoft Corporation - Driver de cópia de sombra de volume.) (.18/03/2014 - 07:17:55.) -- C:\Windows\system32\Drivers\volsnap.sys [311640]
~ Generic Processes: Scanned in 00mn 00s
---\\ Estatuto dos ficheiros ocultos (Oculto/Total)
~ Mes images (My Pictures) : 1/3
~ Mes musiques (My Musics) : 1/18
~ Mes Favoris (My Favorites) : 1/3
~ Mes Documents (My Documents) : 1/160
~ Mon Bureau (My Desktop) : 2/17
~ Menu demarrer (Programs) : 1/33
~ Hidden Files: Scanned in 00mn 01s
---\\ Processos lançados
[MD5.3E364978E4C74D3BCEA29FB41743CB5A] - (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe [3873704] [PID.2600]
[MD5.E90080AF0E517E1FE6C97D98198C3986] - (.OEM - iBrightness.) -- C:\Program Files (x86)\OEM\iBrightness 1.0.1\iBrightness.exe [3549696] [PID.2456]
[MD5.DD6526D19F757DE752A1C4EC8E69C04B] - (.No owner - IPM.exe.) -- C:\Program Files (x86)\OEM\IPM 1.9.4\IPM.exe [2410496] [PID.4364]
[MD5.C0E392910782C2BB9A28C8538CC1E1A1] - (.Intel Corporation - IAStorIcon.) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [285240] [PID.1036]
[MD5.542459D16B416D054161007FC9B1246E] - (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [841032] [PID.1020]
[MD5.CCD09CA21C1946AF24834512BD9A6FCA] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [7873536] [PID.1204]
~ Processes Running: Scanned in 00mn 00s
---\\ Google Chrome, Arranque,Pesquisa,Extensões (G0,G1,G2)
C:\Users\Diego\AppData\Local\Google\Chrome\User Data\Default\Preferences
G2 - GCE: Preference [User Data\Default] [ahfgeienlihckogmohjhadlkjgocpleb] Loja v.0.2 (Activé)
G2 - GCE: Preference [User Data\Default] [neajdppkdcdipfabeoofebfddakdcjhd] Google Network Speech v.1.0 (Activé)
G2 - GCE: Preference [User Data\Default] [nkeimhogjdpnpccoofpliimaahmaaome] Hangout Services v.1.0 (Activé)
G2 - GCE: Preference [User Data\Default] [pafkbggdmjlpgkdkcbjmhmfcdpncadgh] Google Now v.1.2.0.1 (Activé)
---\\ Pasta de extensão do Google Chrome
~ Google Lines Browser: 17 Legitimates Filtered in 00mn 02s
---\\ Internet Explorer, Gestão do Proxy (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s
---\\ Análise das linhas F0, F1, F2, F3 - Ficheiros ini, Carregamento Automático de programas
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys: Scanned in 00mn 00s
---\\ Redireção do ficheiro Hosts (01)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File: Scanned in 00mn 00s
~ Nombre de lignes (Lines number): 19
---\\ Aplicações iniciadas por registo & pastas (04)
O4 - HKLM\..\Run: [RTHDVCPL] . (.Realtek Semiconductor - Gerenciador de áudio HD Realtek.) -- C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
O4 - HKLM\..\Run: [IgfxTray] . (.Intel Corporation - igfxTray Module.) -- C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] . (.Intel Corporation - hkcmd Module.) -- C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] . (.Intel Corporation - persistence Module.) -- C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe (.not file.)
O4 - HKCU\..\Run: [KiesPreload] . (.Samsung - Kies.) -- C:\Program Files (x86)\Samsung\Kies\Kies.exe
O4 - HKCU\..\Run: [KiesAirMessage] C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe (.not file.)
O4 - HKCU\..\Run: [SPDriver] C:\Program Files (x86)\ShopperPro\JSDriver\1.35.1.155\jsdrv.exe (.not file.) =>PUP.ShopperPro
O4 - HKCU\..\Run: [GoogleChromeAutoLaunch_EE61CD3E1138C10841703F73164FC478] . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O4 - HKLM\..\Wow6432Node\Run: [IAStorIcon] . (.Intel Corporation - Delayed launcher.) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe
O4 - HKLM\..\Wow6432Node\Run: [KiesTrayAgent] . (.Samsung Electronics Co., Ltd. - Kies TrayAgent Application.) -- C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe =>.Samsung Electronics Co
O4 - HKLM\..\Wow6432Node\Run: [SPDriver] C:\Program Files (x86)\ShopperPro\JSDriver\1.35.1.155\jsdrv.exe (.not file.) =>PUP.ShopperPro
O4 - HKLM\..\Wow6432Node\Run: [AvastUI.exe] . (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
O4 - HKUS\S-1-5-21-1558113235-1093295934-644403203-1001\..\Run: [KiesPreload] . (.Samsung - Kies.) -- C:\Program Files (x86)\Samsung\Kies\Kies.exe
O4 - HKUS\S-1-5-21-1558113235-1093295934-644403203-1001\..\Run: [KiesAirMessage] C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe (.not file.)
O4 - HKUS\S-1-5-21-1558113235-1093295934-644403203-1001\..\Run: [SPDriver] C:\Program Files (x86)\ShopperPro\JSDriver\1.35.1.155\jsdrv.exe (.not file.) =>PUP.ShopperPro
O4 - HKUS\S-1-5-21-1558113235-1093295934-644403203-1001\..\Run: [GoogleChromeAutoLaunch_EE61CD3E1138C10841703F73164FC478] . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
~ Application: Scanned in 00mn 00s
---\\ Boutões da barra de ferramentas principal do Internet Explorer (09)
O9 - Extra button: Se&nd to OneNote [64Bits] - {2670000A-7350-4f3c-8081-5663EE0C6C49} . (.Microsoft Corporation - Microsoft OneNote Internet Explorer Add-in.) -- C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\ONBttnIE.dll =>.Microsoft Corporation
O9 - Extra button: Lync Click to Call [64Bits] - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -- C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\lync.exe (.not file.)
O9 - Extra button: OneNote Lin&ked Notes [64Bits] - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} . (.Microsoft Corporation - Microsoft OneNote Internet Explorer Add-in.) -- C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\ONBttnIELinkedNotes.dll =>.Microsoft Corporation
~ IE Extra Buttons: Scanned in 00mn 00s
---\\ Alteração Dominio/Clientes DNS (017)
O17 - HKLM\System\CCS\Services\Tcpip\..\{1C8DAE3F-A59E-4149-913F-3D5FC6209543}: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{B13FEA21-6FB2-4C41-A3F4-91CF42CB23D8}: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{1C8DAE3F-A59E-4149-913F-3D5FC6209543}: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{B13FEA21-6FB2-4C41-A3F4-91CF42CB23D8}: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
~ Domain: Scanned in 00mn 00s
---\\ Protocolo adicional (018)
O18 - Handler: wlpg [64Bits] - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (...) --
O18 - Filter: application/x-msdownload [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll =>.Microsoft Corporation
~ Protocole Additionnel: Scanned in 00mn 00s
---\\ Valor do Registo AppInit_DLLs e sub-chaves Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: igfxcui . (.Intel Corporation - igfxdev Module.) -- C:\Windows\System32\igfxdev.dll
~ Winlogon: Scanned in 00mn 00s
---\\ Tarefas planificadas automaticamente (039)
O39 - APT: - (..) -- C:\Windows\System32\Tasks\Adobe Flash Player Updater [902]
O39 - APT: - (..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore [1074]
O39 - APT: - (..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA [1078]
O39 - APT: - (..) -- C:\Windows\Tasks\Synaptics TouchPad Enhancements.job [264]
~ Scheduled Task: 15 Legitimates Filtered in 00mn 11s
---\\ Software instalados (042)
O42 - Logiciel: Driver 1.3.1 - (.OEM.) [HKLM][64Bits] -- {BA56CD60-1D9F-4BE6-AC2F-B7C4A5437C35}
O42 - Logiciel: IPM 1.9.4 - (.OEM.) [HKLM][64Bits] -- {AADF4228-0772-4D43-92EB-B245E3A17B00}
O42 - Logiciel: KeeP 3D - v1.0 - (.KeeP Sofware.) [HKLM][64Bits] -- {D445A7B9-69A8-4860-95B9-BB957281D9A0}_is1
O42 - Logiciel: KeeP3D - (.UNKNOWN.) [HKLM][64Bits] -- KeeP3D
O42 - Logiciel: KeeP3D - (.UNKNOWN.) [HKLM][64Bits] -- {8AC46073-0856-7FD5-5411-AFDB47D963B0}
O42 - Logiciel: Sense - (.Object Browser.) [HKLM][64Bits] -- Sense =>PUP.ObjectBrowser
O42 - Logiciel: iBrightness 1.0.1 - (.OEM.) [HKLM][64Bits] -- {B351A468-173F-43D8-B6E6-5A6E9A0125A8}
O42 - Logiciel: iWebar - (.iWebar.) [HKLM][64Bits] -- iWebar =>PUP.iWebar
~ Logic: 27 Legitimates Filtered in 00mn 00s
---\\ HKCU & HKLM Software Keys
[HKCU\Software\ShopperPro] =>PUP.ShopperPro
[HKCU\Software\SoilAP]
[HKLM\Software\SoilIO]
[HKLM\Software\Wow6432Node\ShopperPro] =>PUP.ShopperPro
~ Key Software: 191 Legitimates Filtered in 00mn 01s
---\\ Conteúdo das pastas Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 11/03/2013 - 14:13:20 - [] ----D C:\Program Files (x86)\KeeP3D
O43 - CFD: 04/05/2014 - 22:01:32 - [] ----D C:\Users\Diego\AppData\Local\Installer
~ Program Folder: 113 Legitimates Filtered in 00mn 00s
---\\ Últimos ficheiros alterados ou criados no Windows e Sistema32 (044)
O44 - LFC:[MD5.F8BEF1E87A4DDE29E82CD7512DAABFA4] - 01/05/2014 - 01:33:06 ---A- . (...) -- C:\Windows\WindowsUpdate (1).log [1695946]
O44 - LFC:[MD5.12B0701B1CEC1A7BB0E4C71D97661E23] - 01/05/2014 - 01:47:02 ---A- . (...) -- C:\Windows\System32\ApnDatabase.xml [387210]
O44 - LFC:[MD5.5910E212539816BE85C7D033651124A9] - 01/05/2014 - 02:05:55 ---A- . (...) -- C:\Windows\DtcInstall.log [4893]
O44 - LFC:[MD5.89E472AFB28892082AFD2D3FD6DA2758] - 01/05/2014 - 02:12:24 ---A- . (...) -- C:\Windows\System32\emptyregdb.dat [22956]
O44 - LFC:[MD5.AE773905963646112E7C0DE64E51F08A] - 01/05/2014 - 02:12:44 ---A- . (...) -- C:\Windows\comsetup.log [6609]
O44 - LFC:[MD5.81DD33EC695AB90466031CF430CFA1BD] - 01/05/2014 - 02:12:45 ---A- . (...) -- C:\Windows\diagerr.xml [20958]
O44 - LFC:[MD5.81DD33EC695AB90466031CF430CFA1BD] - 01/05/2014 - 02:12:45 ---A- . (...) -- C:\Windows\diagwrn.xml [20958]
O44 - LFC:[MD5.D6528497A77519B74DE4C834D9213D77] - 07/05/2014 - 13:15:49 ---A- . (...) -- C:\Windows\System32\prfc0416.dat [159030]
O44 - LFC:[MD5.B8EF9FFA42CFC6C14F69D26AD3DAE758] - 07/05/2014 - 13:15:49 ---A- . (...) -- C:\Windows\System32\prfh0416.dat [775938]
O44 - LFC:[MD5.340B0467E98A8C92697D73034DB4BCB7] - 07/05/2014 - 19:11:05 ---A- . (...) -- C:\Windows\System32\Drivers\aswHwid.sys [29208]
O44 - LFC:[MD5.D9103AE68899692A7961361715403BCA] - 07/05/2014 - 19:22:32 ---A- . (.No owner - Setup/Uninstall.) -- C:\Windows\unins000.exe [1180099]
O44 - LFC:[MD5.6F2C7F5AD338FF640B3249039A5F7511] - 07/05/2014 - 19:23:44 ---A- . (...) -- C:\Windows\unins000.dat [1227]
O44 - LFC:[MD5.CC7AA7B42CF418FC3D926913490048F8] - 08/05/2014 - 15:34:35 ---A- . (...) -- C:\Windows\zoek-delete.exe [24064]
O44 - LFC:[MD5.F0460BDB70FA302BE2A563782788F7A7] - 08/05/2014 - 16:07:13 ---A- . (...) -- C:\zoek-results.log [36602]
~ Files: 185 Legitimates Filtered in 00mn 09s
---\\ Enumeração das chaves do registo PoliciesSystem (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
~ MWPS: 19 Legitimates Filtered in 00mn 00s
---\\ Enumeração das chaves do registo PoliciesExplorer (MWPE) (O56)
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktopChanges"=1
~ MWPE Keys: 3 Legitimates Filtered in 00mn 00s
---\\ Lista dos drivers do sistema (SDL) (O58)
O58 - SDL:07/05/2014 - 19:11:05 ---A- . (...) -- C:\Windows\System32\Drivers\aswHwid.sys [29208] =>.ALWIL Software
O58 - SDL:07/05/2014 - 19:11:05 ---A- . (...) -- C:\Windows\System32\Drivers\aswRvrt.sys [65776] =>.ALWIL Software
O58 - SDL:07/05/2014 - 19:11:06 ---A- . (...) -- C:\Windows\System32\Drivers\aswVmm.sys [208416] =>.ALWIL Software
O58 - SDL:12/08/2013 - 20:25:46 ---A- . (.Windows (R) Win 7 DDK provider - BCM Function 2 Device Driver.) -- C:\Windows\System32\Drivers\bcmfn2.sys [17624]
O58 - SDL:19/08/2010 - 16:59:12 ---A- . (...) -- C:\Windows\System32\Drivers\SoilIO.sys [17912]
O58 - SDL:03/12/2009 - 10:03:50 ---A- . (.Systems Internals - Windows NT Caps-lock Ctrl Swapper.) -- C:\Windows\System32\Drivers\soilkbc.sys [13816]
O58 - SDL:03/12/2009 - 10:04:16 ---A- . (.Systems Internals - Windows NT Caps-lock Ctrl Swapper.) -- C:\Windows\System32\Drivers\SoilMC.sys [13304]
O58 - SDL:11/04/2014 - 05:39:22 ---A- . (.DEVGURU Co., LTD.([Tens de ter uma conta e sessão iniciada para poderes visualizar este link] - SAMSUNG USB Composite Device Driver (MSS Ver.3).) -- C:\Windows\System32\Drivers\ssudbus.sys [110336]
O58 - SDL:11/04/2014 - 05:39:22 ---A- . (.DEVGURU Co., LTD.([Tens de ter uma conta e sessão iniciada para poderes visualizar este link] - SAMSUNG Android Modem Device Driver (MSS Ver.3).) -- C:\Windows\System32\Drivers\ssudmdm.sys [206080]
O58 - SDL:22/08/2013 - 09:43:32 ---A- . (.Promise Technology, Inc. - Promise SuperTrak EX Series Driver for Windows x64.) -- C:\Windows\System32\Drivers\stexstor.sys [31072]
~ Drivers: 61 Legitimates Filtered in 00mn 06s
---\\ Lista das ferramentas de remoção de vírus (LAT) (063)
O63 - Logiciel: ZHPDiag 2014 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =>.Nicolas Coolman
~ ADS: Scanned in 00mn 00s
---\\ Associações Shell Spawning (O67)
O67 - Shell Spawning: <.html>
~ FASS Keys: 11 Legitimates Filtered in 00mn 00s
---\\ Menu de inicialização Internet (068)
O68 - StartMenuInternet:
O68 - StartMenuInternet:
O68 - StartMenuInternet:
~ Keys: Scanned in 00mn 00s
---\\ Pesquisa de infeção nos navegadores da Internet (SBI) (069)
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (Bing) - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O69 - SBI: SearchScopes [HKCU] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} [DefaultScope] - (Google) - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
~ Keys: Scanned in 00mn 00s
---\\ Pesquisa adicional à raiz do sistema (radicular) (SPRF) (O84)
[MD5.8A9352796AA53724E44FE847905C97F3] [SPRF][04/05/2014] (.www.megacubo.net - Megacubo Setup.) -- C:\Users\Diego\Desktop\654-Megacubo_10.4.0.exe [5613128]
~ Files: 1 Legitimates Filtered in 00mn 00s
---\\ Lista das exceções do FireWall (FirewallRules) (O87)
O87 - FAEL: "{4DB48935-BF4F-49F7-908C-89E7FDB23FA3}" | In - None - P6 - TRUE | .(.BitTorrent Inc. - µTorrent.) -- C:\Users\Diego\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.BitTorrent
O87 - FAEL: "{D2AC5317-4A42-4F04-BC99-0D57968529C6}" | In - None - P17 - TRUE | .(.BitTorrent Inc. - µTorrent.) -- C:\Users\Diego\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.BitTorrent
~ Firewall: 2 Legitimates Filtered in 00mn 02s
---\\ Estado general dos serviços não Microsoft (EGS) (SR=Executados, SS=Parados)
SS - | Demand 30/04/2014 257712 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
SS - | Demand 29/01/2014 279000 | (cphs) . (.Intel Corporation.) - C:\Windows\SysWow64\IntelCpHeciSvc.exe
SS - | Auto 07/05/2014 116648 | (gupdate) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 07/05/2014 116648 | (gupdatem) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 22/04/2014 119408 | (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
SS - | Demand 22/08/2013 37768 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SR - | Auto 07/05/2014 50344 | (avast! Antivirus) . (.AVAST Software.) - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
SR - | Auto 07/05/2014 109048 | (avast! Firewall) . (.AVAST Software.) - C:\Program Files\AVAST Software\Avast\afwServ.exe
SR - | Auto 19/11/2012 14904 | (IAStorDataMgrSvc) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
SR - | Auto 13/09/2012 2466448 | (IconMan_R) . (.Realsil Microelectronics Inc..) - C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
SR - | Auto 27/07/2012 636952 | (Intel(R) Capability Licensing Service Interface) . (.Intel(R) Corporation.) - C:\Program Files\Intel\iCLS Client\HeciServer.exe
SR - | Auto 19/12/2012 129488 | (Intel(R) ME Service) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
SR - | Auto 19/12/2012 165328 | (jhi_service) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
SR - | Auto 19/12/2012 277456 | (LMS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
SR - | Auto 19/12/2012 364496 | (UNS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
SR - | Demand 10/07/1658 0 | (WdNisSvc) . (...) - C:\Program Files (x86)\Windows Defender\NisSrv.exe
SR - | Demand 10/07/1658 0 | (WinDefend) . (...) - C:\Program Files (x86)\Windows Defender\MsMpEng.exe
SR - | Auto 10/07/1658 0 | (WMPNetworkSvc) . (...) - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe =>.Microsoft Corporation
~ Services: Scanned in 00mn 15s
---\\ Scâner Aditional (088)
Database Version : 13045 - (08/05/2014)
Clés trouvées (Keys found) : 4
Valeurs trouvées (Values found) : 2
Dossiers trouvés (Folders found) : 1
Fichiers trouvés (Files found) : 3
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Sense] =>PUP.ObjectBrowser^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\iWebar] =>PUP.iWebar^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\29799DE249E7DBC459FC6C8F07EB8375] =>PUP.Tarma
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0238BBE24EA3A70408B81E4BB89C15E5] =>PUP.Tarma
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]:SPDriver =>PUP.ShopperPro^
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]:SPDriver =>PUP.ShopperPro^
C:\Users\Diego\AppData\Local\Installer =>Adware.InstallPedia
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: Modified =>Hijacker.Application^
[HKCU\Software\ShopperPro] =>PUP.ShopperPro^
[HKLM\Software\Wow6432Node\ShopperPro] =>PUP.ShopperPro^
~ Additionnel Scan: 176919 Items scanned in 00mn 53s
---\\ Sumário das deteções encontradas na sua estação
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>PUP.ShopperPro
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>PUP.Tarma
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>Adware.InstallPedia
~ MSI: 3 link(s) detected in 00mn 00s
~ 693 Legitimates filtered by white list
End of the scan (391 lines in 02mn 15s)(0)
Diego-silveira- Iniciante
- Mensagens : 31
Reputação : 1
Data de inscrição : 08/05/2014
Re: Não consigo abrir algumas páginas da web!!
Selecione e copie todo o texto destacado em vermelho que te passei.
_____________________________________________________________________________________________________________
Vá no menu: Iniciar > Todos os programas > ZHP > Clique com o botão direito do mouse sobre o Zhpfix e escolha a opção de Executar como administrador > Clique em Importação > Clique no botão GO > Clique em Oui > Caso queira que os arquivos da lixeira sejam excluídos clique em Oui novamente > Um relatório aparecerá no bloco de notas.
Copie este relatório e poste em sua próxima resposta.
_____________________________________________________________________________________________________________
Vá no menu: Iniciar > Todos os programas > ZHP > Clique com o botão direito do mouse sobre o Zhpfix e escolha a opção de Executar como administrador > Clique em Importação > Clique no botão GO > Clique em Oui > Caso queira que os arquivos da lixeira sejam excluídos clique em Oui novamente > Um relatório aparecerá no bloco de notas.
Copie este relatório e poste em sua próxima resposta.
Última edição por Power Max em Qui 08 maio 2014, 19:37, editado 1 vez(es)
_________________
Caixa de Dicas = Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] = O melhor da internet você encontra aqui.
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] = Mensagens de fé e esperança para o seu coração
Power Max- Colaborador
- Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009
(RESOLVIDO) Não consigo abrir algumas páginas da web!!
Rapport de ZHPFix 2014.4.13.3 par Nicolas Coolman, Update du 13/04/2014
Fichier d'export Registre :
Run by Diego at 08/05/2014 19:07:40
High Elevated Privileges : OK
Windows 8 Home Premium Edition, 64-bit Service Pack 1 (9600)
Reciclagem vazia (00mn 03s)
Reparação de atalhos do navegador
========== Softwares ==========
AUSENTE Uninstall Process: c:\program files (x86)\sense\uninstall.exe
AUSENTE Uninstall Process: c:\program files (x86)\iwebar\uninstall.exe
========== Chaves do Registo ==========
ELIMINÉ Logiciel Key: [HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Sense]
ELIMINÉ Logiciel Key: [HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\iWebar]
ELIMINÉ: HKCU\Software\ShopperPro
ELIMINÉ: HKLM\Software\Wow6432Node\ShopperPro
ELIMINÉ:* HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\29799DE249E7DBC459FC6C8F07EB8375
ELIMINÉ:* HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0238BBE24EA3A70408B81E4BB89C15E5
========== Valores do Registo ==========
ELIMINÉ RunValue: SPDriver
ProxyFix : Configuração proxy removida com sucesso
ELIMINÉ ProxyServer Value
ELIMINÉ ProxyEnable Value
ELIMINÉ EnableHttp1_1 Value
ELIMINÉ ProxyHttp1.1 Value
ELIMINÉ ProxyOverride Value
========== Elementos dos dados do Registo ==========
ELIMINÉ Explorer Association Data Application: [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
========== Pastas ==========
Nenhuma pasta CLSID local utilizador vazia
========== Ficheiros ==========
ELIMINÉ Temporários windows (0) (0 octets)
ELIMINÉ Flash Cookies (0) (0 octets)
========== Restauração Sistema ==========
Ponto de restauro do sistema criado com sucesso
========== Recapitulativo ==========
6 : Chaves do Registo
7 : Valores do Registo
1 : Elementos dos dados do Registo
1 : Pastas
2 : Ficheiros
2 : Softwares
1 : Restauração Sistema
End of clean in 00mn 11s
========== Caminho do ficheiro do relatório ==========
C:\Users\Diego\AppData\Roaming\ZHP\ZHPFix[R1].txt - 08/05/2014 19:07:43 [2117]
Fichier d'export Registre :
Run by Diego at 08/05/2014 19:07:40
High Elevated Privileges : OK
Windows 8 Home Premium Edition, 64-bit Service Pack 1 (9600)
Reciclagem vazia (00mn 03s)
Reparação de atalhos do navegador
========== Softwares ==========
AUSENTE Uninstall Process: c:\program files (x86)\sense\uninstall.exe
AUSENTE Uninstall Process: c:\program files (x86)\iwebar\uninstall.exe
========== Chaves do Registo ==========
ELIMINÉ Logiciel Key: [HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Sense]
ELIMINÉ Logiciel Key: [HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\iWebar]
ELIMINÉ: HKCU\Software\ShopperPro
ELIMINÉ: HKLM\Software\Wow6432Node\ShopperPro
ELIMINÉ:* HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\29799DE249E7DBC459FC6C8F07EB8375
ELIMINÉ:* HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0238BBE24EA3A70408B81E4BB89C15E5
========== Valores do Registo ==========
ELIMINÉ RunValue: SPDriver
ProxyFix : Configuração proxy removida com sucesso
ELIMINÉ ProxyServer Value
ELIMINÉ ProxyEnable Value
ELIMINÉ EnableHttp1_1 Value
ELIMINÉ ProxyHttp1.1 Value
ELIMINÉ ProxyOverride Value
========== Elementos dos dados do Registo ==========
ELIMINÉ Explorer Association Data Application: [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
========== Pastas ==========
Nenhuma pasta CLSID local utilizador vazia
========== Ficheiros ==========
ELIMINÉ Temporários windows (0) (0 octets)
ELIMINÉ Flash Cookies (0) (0 octets)
========== Restauração Sistema ==========
Ponto de restauro do sistema criado com sucesso
========== Recapitulativo ==========
6 : Chaves do Registo
7 : Valores do Registo
1 : Elementos dos dados do Registo
1 : Pastas
2 : Ficheiros
2 : Softwares
1 : Restauração Sistema
End of clean in 00mn 11s
========== Caminho do ficheiro do relatório ==========
C:\Users\Diego\AppData\Roaming\ZHP\ZHPFix[R1].txt - 08/05/2014 19:07:43 [2117]
Diego-silveira- Iniciante
- Mensagens : 31
Reputação : 1
Data de inscrição : 08/05/2014
Re: Não consigo abrir algumas páginas da web!!
Abra novamente o ( ZHPDiag )
[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
|- Clique "SEARCH" ou "PESQUISAR" e aguarde a conclusão.
[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
|- Clique OK e, ao concluir, poste o relatório ZHPDiag.txt
[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
|- Clique "SEARCH" ou "PESQUISAR" e aguarde a conclusão.
[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
|- Clique OK e, ao concluir, poste o relatório ZHPDiag.txt
[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
_________________
Caixa de Dicas = Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] = O melhor da internet você encontra aqui.
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] = Mensagens de fé e esperança para o seu coração
Power Max- Colaborador
- Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009
(RESOLVIDO) Não consigo abrir algumas páginas da web!!
~ Relatório do ZHPDiag v2014.5.8.57 - Nicolas Coolman (08/05/2014)
~ Iniciado por Diego (08/05/2014 19:16:15)
~ Endereço do Website : http://nicolascoolman.webs.com
~ Fóruns de suporte gratuito para desinfecção : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
~ Tradução pelo utilizador
~ Estatuto da versão :
~ Lista Branca : Ativado pelo programa
~ Elevação dos Privilégios : OK
~ Controle de Conta de Utilizador : Deactivate by program
---\\ Navegadores Internet
MSIE: Internet Explorer v11.0.9600.17105
MFIE: Mozilla Firefox 29.0
GCIE: Google Chrome v34.0.1847.131 (Defaut)
---\\ Informações sobre os produtos Windows
~ Langage: Portugais
Windows 8.1 Single Language, 64-bit (Build 9600)
Windows Server License Manager Script : OK
Software Protection Service (Protection logicielle) : OK
Windows Automatic Updates : OK
Windows Activation Technologies : OK
---\\ Softwares de proteçao do sistema
avast! Premier v9.0.2018
Malwarebytes Anti-Malware versão 2.0.1.1004
Windows Defender W8
---\\ Softwares d'optimização do sistema
---\\ Softwares de partilha do PeerToPeer (P2P)
---\\ Monitoramento dos softwares
Adobe Flash Player 13 Plugin
---\\ Informações sobre o sistema
~ Processor: Intel64 Family 6 Model 42 Stepping 7, GenuineIntel
~ Operating System: 64 Bits
Boot mode: Normal (Normal boot)
Total RAM: 1938 MB (39% free)
System Restore: Activé (Enable)
System drive C: has 419 GB (93%) free of 450 GB
---\\ Modo de conexão ao sistema
~ Computer Name: DIEGO
~ User Name: Diego
~ All Users Names: HomeGroupUser$, Diego, Convidado, Administrador,
~ Unselected Option: 045,061,O62,065,066,080,O82,089
Logged in as Administrator
---\\ As variáveis de ambiente
~ System Unit : C:\
~ %AppZHP% : C:\Users\Diego\AppData\Roaming\ZHP\
~ %AppData% : C:\Users\Diego\AppData\Roaming\
~ %Desktop% : C:\Users\Diego\Desktop\
~ %Favorites% : C:\Users\Diego\Favorites\
~ %LocalAppData% : C:\Users\Diego\AppData\Local\
~ %StartMenu% : C:\Users\Diego\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\
---\\ Enumeração das unidades dos discos
C: Hard drive, Flash drive, Thumb drive (Free 419 Go of 450 Go)
D: CD-ROM drive (Not Inserted)
---\\ Estado do Centro de Segurança do Windows
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
~ Security Center: 44 Legitimates Filtered in 00mn 00s
---\\ Pesquisa particular de ficheiros genéricos
[MD5.81394C91B7B5A7C799E249AE82491F13] - (.Microsoft Corporation - Windows Explorer.) (.01/05/2014 - 01:47:03.) -- C:\Windows\Explorer.exe [2373784]
[MD5.48CFA7BE561A7BE144C29BB912055016] - (.Microsoft Corporation - Aplicativo de Inicialização do Windows.) (.22/08/2013 - 06:58:29.) -- C:\Windows\System32\Wininit.exe [144384]
[MD5.65C36A29A131A3A5D64B29FAC4EF6DD6] - (.Microsoft Corporation - Internet Extensions para Win32.) (.18/03/2014 - 07:18:18.) -- C:\Windows\System32\wininet.dll [2262016]
[MD5.306EB21E5B480AE9065EA55AC8C35936] - (.Microsoft Corporation - Aplicativo de Logon do Windows.) (.18/03/2014 - 07:18:16.) -- C:\Windows\System32\Winlogon.exe [562176]
[MD5.AFCAB4DC692CCE37E283B00E2D7B438F] - (.Microsoft Corporation - Biblioteca de Licenciamento de Software.) (.18/03/2014 - 07:18:16.) -- C:\Windows\System32\sppcomapi.dll [447488]
[MD5.239268BAB58EAE9A3FF4E08334C00451] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.22/08/2013 - 10:25:35.) -- C:\Windows\system32\Drivers\AFD.sys [567296]
[MD5.74B14192CF79A72F7536B27CB8814FBD] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.22/08/2013 - 09:43:41.) -- C:\Windows\system32\Drivers\atapi.sys [26464]
[MD5.2FA6510E33F7DEFEC03658B74101A9B9] - (.Microsoft Corporation - CD-ROM File System Driver.) (.22/08/2013 - 08:40:15.) -- C:\Windows\system32\Drivers\Cdfs.sys [88576]
[MD5.C6796EA22B513E3457514D92DCDB1A3D] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.22/08/2013 - 05:46:35.) -- C:\Windows\system32\Drivers\Cdrom.sys [164352]
[MD5.A03F362C5557E238CBFA914689C77248] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.01/05/2014 - 01:47:02.) -- C:\Windows\system32\Drivers\DfsC.sys [134144]
[MD5.03909BDBFF0DCACCABF2B2D4ADEE44DC] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.22/08/2013 - 08:38:38.) -- C:\Windows\system32\Drivers\HDAudBus.sys [78336]
[MD5.84CFC5EFA97D0C965EDE1D56F116A541] - (.Microsoft Corporation - Driver de porta i8042.) (.22/08/2013 - 08:39:15.) -- C:\Windows\system32\Drivers\i8042prt.sys [107520]
[MD5.B7342B3C58E91107F6E946A93D9D4EFD] - (.Microsoft Corporation - IP Network Address Translator.) (.18/03/2014 - 07:18:19.) -- C:\Windows\system32\Drivers\IpNat.sys [142848]
[MD5.C997E6A37BA8915224B3FB5024A34F69] - (.Microsoft Corporation - Minirdr SMB do Windows NT.) (.01/05/2014 - 01:47:02.) -- C:\Windows\system32\Drivers\MRxSmb.sys [402944]
[MD5.0217532E19A748F0E5D569307363D5FD] - (.Microsoft Corporation - MBT Transport driver.) (.22/08/2013 - 08:37:02.) -- C:\Windows\system32\Drivers\netBT.sys [282624]
[MD5.1C80517BE6836A812F6A9B99B8321351] - (.Microsoft Corporation - Driver do Sistema de Arquivos NT.) (.01/05/2014 - 01:47:02.) -- C:\Windows\system32\Drivers\ntfs.sys [2013016]
[MD5.764B1121867B2D9B31C491668AC72B2B] - (.Microsoft Corporation - Driver de porta paralela.) (.22/08/2013 - 08:40:02.) -- C:\Windows\system32\Drivers\Parport.sys [94208]
[MD5.BBB6272B7F46C4640A8CDB8A70C3450F] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.22/08/2013 - 08:35:51.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [120832]
[MD5.680C1DAE268B6FB67FA21B389A8B79EF] - (.Microsoft Corporation - Redirecionador do Dispositivo RDP da Microsoft.) (.18/03/2014 - 06:44:42.) -- C:\Windows\system32\Drivers\rdpdr.sys [195584]
[MD5.FFF28F9F6823EB1756C60F1649560BBF] - (.Microsoft Corporation - TDI Translation Driver.) (.22/08/2013 - 10:25:35.) -- C:\Windows\system32\Drivers\tdx.sys [107520]
[MD5.3595FBDF25F8BA6256072D103937D7D6] - (.Microsoft Corporation - Driver de cópia de sombra de volume.) (.18/03/2014 - 07:17:55.) -- C:\Windows\system32\Drivers\volsnap.sys [311640]
~ Generic Processes: Scanned in 00mn 00s
---\\ Estatuto dos ficheiros ocultos (Oculto/Total)
~ Mes images (My Pictures) : 1/3
~ Mes musiques (My Musics) : 1/18
~ Mes Favoris (My Favorites) : 1/3
~ Mes Documents (My Documents) : 1/160
~ Mon Bureau (My Desktop) : 2/16
~ Menu demarrer (Programs) : 1/33
~ Hidden Files: Scanned in 00mn 00s
---\\ Processos lançados
[MD5.3E364978E4C74D3BCEA29FB41743CB5A] - (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe [3873704] [PID.2600]
[MD5.E90080AF0E517E1FE6C97D98198C3986] - (.OEM - iBrightness.) -- C:\Program Files (x86)\OEM\iBrightness 1.0.1\iBrightness.exe [3549696] [PID.2456]
[MD5.DD6526D19F757DE752A1C4EC8E69C04B] - (.No owner - IPM.exe.) -- C:\Program Files (x86)\OEM\IPM 1.9.4\IPM.exe [2410496] [PID.4364]
[MD5.C0E392910782C2BB9A28C8538CC1E1A1] - (.Intel Corporation - IAStorIcon.) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [285240] [PID.1036]
[MD5.E2E84E72995AC987A8549F4D5203230B] - (.BitTorrent Inc. - µTorrent.) -- C:\Users\Diego\AppData\Roaming\uTorrent\uTorrent.exe [1270352] [PID.3360] =>P2P.BitTorrent
[MD5.542459D16B416D054161007FC9B1246E] - (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [841032] [PID.2192]
[MD5.CCD09CA21C1946AF24834512BD9A6FCA] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [7873536] [PID.3964]
~ Processes Running: Scanned in 00mn 01s
---\\ Google Chrome, Arranque,Pesquisa,Extensões (G0,G1,G2)
C:\Users\Diego\AppData\Local\Google\Chrome\User Data\Default\Preferences
G2 - GCE: Preference [User Data\Default] [ahfgeienlihckogmohjhadlkjgocpleb] Loja v.0.2 (Activé)
G2 - GCE: Preference [User Data\Default] [neajdppkdcdipfabeoofebfddakdcjhd] Google Network Speech v.1.0 (Activé)
G2 - GCE: Preference [User Data\Default] [nkeimhogjdpnpccoofpliimaahmaaome] Hangout Services v.1.0 (Activé)
G2 - GCE: Preference [User Data\Default] [pafkbggdmjlpgkdkcbjmhmfcdpncadgh] Google Now v.1.2.0.1 (Activé)
---\\ Pasta de extensão do Google Chrome
~ Google Lines Browser: 17 Legitimates Filtered in 00mn 03s
---\\ Internet Explorer, Gestão do Proxy (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s
---\\ Análise das linhas F0, F1, F2, F3 - Ficheiros ini, Carregamento Automático de programas
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys: Scanned in 00mn 00s
---\\ Redireção do ficheiro Hosts (01)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File: Scanned in 00mn 00s
~ Nombre de lignes (Lines number): 19
---\\ Aplicações iniciadas por registo & pastas (04)
O4 - HKLM\..\Run: [RTHDVCPL] . (.Realtek Semiconductor - Gerenciador de áudio HD Realtek.) -- C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
O4 - HKLM\..\Run: [IgfxTray] . (.Intel Corporation - igfxTray Module.) -- C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] . (.Intel Corporation - hkcmd Module.) -- C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] . (.Intel Corporation - persistence Module.) -- C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe (.not file.)
O4 - HKCU\..\Run: [KiesPreload] . (.Samsung - Kies.) -- C:\Program Files (x86)\Samsung\Kies\Kies.exe
O4 - HKCU\..\Run: [KiesAirMessage] C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe (.not file.)
O4 - HKCU\..\Run: [GoogleChromeAutoLaunch_EE61CD3E1138C10841703F73164FC478] . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O4 - HKLM\..\Wow6432Node\Run: [IAStorIcon] . (.Intel Corporation - Delayed launcher.) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe
O4 - HKLM\..\Wow6432Node\Run: [KiesTrayAgent] . (.Samsung Electronics Co., Ltd. - Kies TrayAgent Application.) -- C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe =>.Samsung Electronics Co
O4 - HKLM\..\Wow6432Node\Run: [AvastUI.exe] . (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
O4 - HKUS\S-1-5-21-1558113235-1093295934-644403203-1001\..\Run: [KiesPreload] . (.Samsung - Kies.) -- C:\Program Files (x86)\Samsung\Kies\Kies.exe
O4 - HKUS\S-1-5-21-1558113235-1093295934-644403203-1001\..\Run: [KiesAirMessage] C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe (.not file.)
O4 - HKUS\S-1-5-21-1558113235-1093295934-644403203-1001\..\Run: [GoogleChromeAutoLaunch_EE61CD3E1138C10841703F73164FC478] . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
~ Application: Scanned in 00mn 00s
---\\ Boutões da barra de ferramentas principal do Internet Explorer (09)
O9 - Extra button: Se&nd to OneNote [64Bits] - {2670000A-7350-4f3c-8081-5663EE0C6C49} . (.Microsoft Corporation - Microsoft OneNote Internet Explorer Add-in.) -- C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\ONBttnIE.dll =>.Microsoft Corporation
O9 - Extra button: Lync Click to Call [64Bits] - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -- C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\lync.exe (.not file.)
O9 - Extra button: OneNote Lin&ked Notes [64Bits] - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} . (.Microsoft Corporation - Microsoft OneNote Internet Explorer Add-in.) -- C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\ONBttnIELinkedNotes.dll =>.Microsoft Corporation
~ IE Extra Buttons: Scanned in 00mn 00s
---\\ Alteração Dominio/Clientes DNS (017)
O17 - HKLM\System\CCS\Services\Tcpip\..\{1C8DAE3F-A59E-4149-913F-3D5FC6209543}: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{B13FEA21-6FB2-4C41-A3F4-91CF42CB23D8}: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{1C8DAE3F-A59E-4149-913F-3D5FC6209543}: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{B13FEA21-6FB2-4C41-A3F4-91CF42CB23D8}: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
~ Domain: Scanned in 00mn 00s
---\\ Protocolo adicional (018)
O18 - Handler: wlpg [64Bits] - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (...) --
O18 - Filter: application/x-msdownload [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll =>.Microsoft Corporation
~ Protocole Additionnel: Scanned in 00mn 00s
---\\ Valor do Registo AppInit_DLLs e sub-chaves Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: igfxcui . (.Intel Corporation - igfxdev Module.) -- C:\Windows\System32\igfxdev.dll
~ Winlogon: Scanned in 00mn 00s
---\\ Tarefas planificadas automaticamente (039)
O39 - APT: - (..) -- C:\Windows\System32\Tasks\Adobe Flash Player Updater [902]
O39 - APT: - (..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore [1074]
O39 - APT: - (..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA [1078]
O39 - APT: - (..) -- C:\Windows\Tasks\Synaptics TouchPad Enhancements.job [264]
~ Scheduled Task: 15 Legitimates Filtered in 00mn 12s
---\\ Software instalados (042)
O42 - Logiciel: Driver 1.3.1 - (.OEM.) [HKLM][64Bits] -- {BA56CD60-1D9F-4BE6-AC2F-B7C4A5437C35}
O42 - Logiciel: IPM 1.9.4 - (.OEM.) [HKLM][64Bits] -- {AADF4228-0772-4D43-92EB-B245E3A17B00}
O42 - Logiciel: KeeP 3D - v1.0 - (.KeeP Sofware.) [HKLM][64Bits] -- {D445A7B9-69A8-4860-95B9-BB957281D9A0}_is1
O42 - Logiciel: KeeP3D - (.UNKNOWN.) [HKLM][64Bits] -- KeeP3D
O42 - Logiciel: KeeP3D - (.UNKNOWN.) [HKLM][64Bits] -- {8AC46073-0856-7FD5-5411-AFDB47D963B0}
O42 - Logiciel: iBrightness 1.0.1 - (.OEM.) [HKLM][64Bits] -- {B351A468-173F-43D8-B6E6-5A6E9A0125A8}
~ Logic: 25 Legitimates Filtered in 00mn 01s
---\\ HKCU & HKLM Software Keys
[HKCU\Software\SoilAP]
[HKLM\Software\SoilIO]
[HKLM\Software\Wow6432Node\Sense]
~ Key Software: 199 Legitimates Filtered in 00mn 01s
---\\ Conteúdo das pastas Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 11/03/2013 - 14:13:20 - [] ----D C:\Program Files (x86)\KeeP3D
~ Program Folder: 113 Legitimates Filtered in 00mn 00s
---\\ Últimos ficheiros alterados ou criados no Windows e Sistema32 (044)
O44 - LFC:[MD5.F8BEF1E87A4DDE29E82CD7512DAABFA4] - 01/05/2014 - 01:33:06 ---A- . (...) -- C:\Windows\WindowsUpdate (1).log [1695946]
O44 - LFC:[MD5.12B0701B1CEC1A7BB0E4C71D97661E23] - 01/05/2014 - 01:47:02 ---A- . (...) -- C:\Windows\System32\ApnDatabase.xml [387210]
O44 - LFC:[MD5.5910E212539816BE85C7D033651124A9] - 01/05/2014 - 02:05:55 ---A- . (...) -- C:\Windows\DtcInstall.log [4893]
O44 - LFC:[MD5.89E472AFB28892082AFD2D3FD6DA2758] - 01/05/2014 - 02:12:24 ---A- . (...) -- C:\Windows\System32\emptyregdb.dat [22956]
O44 - LFC:[MD5.AE773905963646112E7C0DE64E51F08A] - 01/05/2014 - 02:12:44 ---A- . (...) -- C:\Windows\comsetup.log [6609]
O44 - LFC:[MD5.81DD33EC695AB90466031CF430CFA1BD] - 01/05/2014 - 02:12:45 ---A- . (...) -- C:\Windows\diagerr.xml [20958]
O44 - LFC:[MD5.81DD33EC695AB90466031CF430CFA1BD] - 01/05/2014 - 02:12:45 ---A- . (...) -- C:\Windows\diagwrn.xml [20958]
O44 - LFC:[MD5.D6528497A77519B74DE4C834D9213D77] - 07/05/2014 - 13:15:49 ---A- . (...) -- C:\Windows\System32\prfc0416.dat [159030]
O44 - LFC:[MD5.B8EF9FFA42CFC6C14F69D26AD3DAE758] - 07/05/2014 - 13:15:49 ---A- . (...) -- C:\Windows\System32\prfh0416.dat [775938]
O44 - LFC:[MD5.340B0467E98A8C92697D73034DB4BCB7] - 07/05/2014 - 19:11:05 ---A- . (...) -- C:\Windows\System32\Drivers\aswHwid.sys [29208]
O44 - LFC:[MD5.D9103AE68899692A7961361715403BCA] - 07/05/2014 - 19:22:32 ---A- . (.No owner - Setup/Uninstall.) -- C:\Windows\unins000.exe [1180099]
O44 - LFC:[MD5.6F2C7F5AD338FF640B3249039A5F7511] - 07/05/2014 - 19:23:44 ---A- . (...) -- C:\Windows\unins000.dat [1227]
O44 - LFC:[MD5.CC7AA7B42CF418FC3D926913490048F8] - 08/05/2014 - 15:34:35 ---A- . (...) -- C:\Windows\zoek-delete.exe [24064]
O44 - LFC:[MD5.F0460BDB70FA302BE2A563782788F7A7] - 08/05/2014 - 16:07:13 ---A- . (...) -- C:\zoek-results.log [36602]
O44 - LFC:[MD5.DDD11D768F92694D43F15CB90E553C09] - 08/05/2014 - 19:02:22 ---A- . (...) -- C:\Windows\System32\unrar64.dll [257624]
O44 - LFC:[MD5.EEC93106C344DDB63AA25DF39AD32E91] - 08/05/2014 - 19:02:25 ---A- . (...) -- C:\Windows\System32\xvidcore.dll [703488]
O44 - LFC:[MD5.660FDD9552EEDE77ADE9502F391CE310] - 08/05/2014 - 19:02:25 ---A- . (...) -- C:\Windows\System32\xvidvfw.dll [258560]
O44 - LFC:[MD5.7476F68F36F7C3B333D0F9B38C9DDB8E] - 08/05/2014 - 19:02:25 ---A- . (.x264vfw project - x264vfw - H.264/MPEG-4 AVC codec.) -- C:\Windows\System32\x264vfw64.dll [3554304]
O44 - LFC:[MD5.EE6407670B4CA47CCC9AF5ED41A19150] - 08/05/2014 - 19:02:26 ---A- . (.No owner - Lagarith.) -- C:\Windows\System32\lagarith.dll [148992]
~ Files: 191 Legitimates Filtered in 00mn 16s
---\\ Pesquisa de infeções nos drivers (HKLM)(TDSD) (O52)
O52 - TDSD: \Drivers32\"VIDC.X264"="x264vfw64.dll" . (.x264vfw project - x264vfw - H.264/MPEG-4 AVC codec.) -- C:\Windows\System32\x264vfw64.dll
~ TDSD: 10 Legitimates Filtered in 00mn 00s
---\\ Enumeração das chaves do registo PoliciesSystem (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
~ MWPS: 19 Legitimates Filtered in 00mn 00s
---\\ Enumeração das chaves do registo PoliciesExplorer (MWPE) (O56)
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktopChanges"=1
~ MWPE Keys: 3 Legitimates Filtered in 00mn 00s
---\\ Lista dos drivers do sistema (SDL) (O58)
O58 - SDL:07/05/2014 - 19:11:05 ---A- . (...) -- C:\Windows\System32\Drivers\aswHwid.sys [29208] =>.ALWIL Software
O58 - SDL:07/05/2014 - 19:11:05 ---A- . (...) -- C:\Windows\System32\Drivers\aswRvrt.sys [65776] =>.ALWIL Software
O58 - SDL:07/05/2014 - 19:11:06 ---A- . (...) -- C:\Windows\System32\Drivers\aswVmm.sys [208416] =>.ALWIL Software
O58 - SDL:12/08/2013 - 20:25:46 ---A- . (.Windows (R) Win 7 DDK provider - BCM Function 2 Device Driver.) -- C:\Windows\System32\Drivers\bcmfn2.sys [17624]
O58 - SDL:19/08/2010 - 16:59:12 ---A- . (...) -- C:\Windows\System32\Drivers\SoilIO.sys [17912]
O58 - SDL:03/12/2009 - 10:03:50 ---A- . (.Systems Internals - Windows NT Caps-lock Ctrl Swapper.) -- C:\Windows\System32\Drivers\soilkbc.sys [13816]
O58 - SDL:03/12/2009 - 10:04:16 ---A- . (.Systems Internals - Windows NT Caps-lock Ctrl Swapper.) -- C:\Windows\System32\Drivers\SoilMC.sys [13304]
O58 - SDL:11/04/2014 - 05:39:22 ---A- . (.DEVGURU Co., LTD.([Tens de ter uma conta e sessão iniciada para poderes visualizar este link] - SAMSUNG USB Composite Device Driver (MSS Ver.3).) -- C:\Windows\System32\Drivers\ssudbus.sys [110336]
O58 - SDL:11/04/2014 - 05:39:22 ---A- . (.DEVGURU Co., LTD.([Tens de ter uma conta e sessão iniciada para poderes visualizar este link] - SAMSUNG Android Modem Device Driver (MSS Ver.3).) -- C:\Windows\System32\Drivers\ssudmdm.sys [206080]
O58 - SDL:22/08/2013 - 09:43:32 ---A- . (.Promise Technology, Inc. - Promise SuperTrak EX Series Driver for Windows x64.) -- C:\Windows\System32\Drivers\stexstor.sys [31072]
~ Drivers: 61 Legitimates Filtered in 00mn 08s
---\\ Lista das ferramentas de remoção de vírus (LAT) (063)
O63 - Logiciel: ZHPDiag 2014 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =>.Nicolas Coolman
~ ADS: Scanned in 00mn 00s
---\\ Associações Shell Spawning (O67)
O67 - Shell Spawning: <.html>[HKCU\..\open\Command] (.Not Key.)
~ FASS Keys: 11 Legitimates Filtered in 00mn 00s
---\\ Menu de inicialização Internet (068)
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
~ Keys: Scanned in 00mn 00s
---\\ Pesquisa de infeção nos navegadores da Internet (SBI) (069)
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (Bing) - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O69 - SBI: SearchScopes [HKCU] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} [DefaultScope] - (Google) - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
~ Keys: Scanned in 00mn 00s
---\\ Pesquisa adicional à raiz do sistema (radicular) (SPRF) (O84)
[MD5.8A9352796AA53724E44FE847905C97F3] [SPRF][04/05/2014] (.www.megacubo.net - Megacubo Setup.) -- C:\Users\Diego\Desktop\654-Megacubo_10.4.0.exe [5613128]
~ Files: 1 Legitimates Filtered in 00mn 00s
---\\ Lista das exceções do FireWall (FirewallRules) (O87)
O87 - FAEL: "{4DB48935-BF4F-49F7-908C-89E7FDB23FA3}" | In - None - P6 - TRUE | .(.BitTorrent Inc. - µTorrent.) -- C:\Users\Diego\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.BitTorrent
O87 - FAEL: "{D2AC5317-4A42-4F04-BC99-0D57968529C6}" | In - None - P17 - TRUE | .(.BitTorrent Inc. - µTorrent.) -- C:\Users\Diego\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.BitTorrent
~ Firewall: 2 Legitimates Filtered in 00mn 03s
---\\ Estado general dos serviços não Microsoft (EGS) (SR=Executados, SS=Parados)
SS - | Demand 30/04/2014 257712 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
SS - | Demand 29/01/2014 279000 | (cphs) . (.Intel Corporation.) - C:\Windows\SysWow64\IntelCpHeciSvc.exe
SS - | Auto 07/05/2014 116648 | (gupdate) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 07/05/2014 116648 | (gupdatem) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 22/04/2014 119408 | (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
SS - | Demand 22/08/2013 37768 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SR - | Auto 07/05/2014 50344 | (avast! Antivirus) . (.AVAST Software.) - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
SR - | Auto 07/05/2014 109048 | (avast! Firewall) . (.AVAST Software.) - C:\Program Files\AVAST Software\Avast\afwServ.exe
SR - | Auto 19/11/2012 14904 | (IAStorDataMgrSvc) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
SR - | Auto 13/09/2012 2466448 | (IconMan_R) . (.Realsil Microelectronics Inc..) - C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
SR - | Auto 27/07/2012 636952 | (Intel(R) Capability Licensing Service Interface) . (.Intel(R) Corporation.) - C:\Program Files\Intel\iCLS Client\HeciServer.exe
SR - | Auto 19/12/2012 129488 | (Intel(R) ME Service) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
SR - | Auto 19/12/2012 165328 | (jhi_service) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
SR - | Auto 19/12/2012 277456 | (LMS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
SR - | Auto 19/12/2012 364496 | (UNS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
SR - | Demand 10/07/1658 0 | (WdNisSvc) . (...) - C:\Program Files (x86)\Windows Defender\NisSrv.exe
SR - | Demand 10/07/1658 0 | (WinDefend) . (...) - C:\Program Files (x86)\Windows Defender\MsMpEng.exe
SR - | Auto 10/07/1658 0 | (WMPNetworkSvc) . (...) - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe =>.Microsoft Corporation
~ Services: Scanned in 00mn 17s
---\\ Scâner Aditional (088)
Database Version : 13045 - (08/05/2014)
Clés trouvées (Keys found) : 0
Valeurs trouvées (Values found) : 0
Dossiers trouvés (Folders found) : 0
Fichiers trouvés (Files found) : 1
C:\Users\Diego\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.BitTorrent^
~ Additionnel Scan: 177952 Items scanned in 00mn 58s
---\\ Sumário das deteções encontradas na sua estação
~ MSI: 0 link(s) detected in 00mn 00s
~ 716 Legitimates filtered by white list
End of the scan (383 lines in 02mn 42s)(0)
~ Iniciado por Diego (08/05/2014 19:16:15)
~ Endereço do Website : http://nicolascoolman.webs.com
~ Fóruns de suporte gratuito para desinfecção : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
~ Tradução pelo utilizador
~ Estatuto da versão :
~ Lista Branca : Ativado pelo programa
~ Elevação dos Privilégios : OK
~ Controle de Conta de Utilizador : Deactivate by program
---\\ Navegadores Internet
MSIE: Internet Explorer v11.0.9600.17105
MFIE: Mozilla Firefox 29.0
GCIE: Google Chrome v34.0.1847.131 (Defaut)
---\\ Informações sobre os produtos Windows
~ Langage: Portugais
Windows 8.1 Single Language, 64-bit (Build 9600)
Windows Server License Manager Script : OK
Software Protection Service (Protection logicielle) : OK
Windows Automatic Updates : OK
Windows Activation Technologies : OK
---\\ Softwares de proteçao do sistema
avast! Premier v9.0.2018
Malwarebytes Anti-Malware versão 2.0.1.1004
Windows Defender W8
---\\ Softwares d'optimização do sistema
---\\ Softwares de partilha do PeerToPeer (P2P)
---\\ Monitoramento dos softwares
Adobe Flash Player 13 Plugin
---\\ Informações sobre o sistema
~ Processor: Intel64 Family 6 Model 42 Stepping 7, GenuineIntel
~ Operating System: 64 Bits
Boot mode: Normal (Normal boot)
Total RAM: 1938 MB (39% free)
System Restore: Activé (Enable)
System drive C: has 419 GB (93%) free of 450 GB
---\\ Modo de conexão ao sistema
~ Computer Name: DIEGO
~ User Name: Diego
~ All Users Names: HomeGroupUser$, Diego, Convidado, Administrador,
~ Unselected Option: 045,061,O62,065,066,080,O82,089
Logged in as Administrator
---\\ As variáveis de ambiente
~ System Unit : C:\
~ %AppZHP% : C:\Users\Diego\AppData\Roaming\ZHP\
~ %AppData% : C:\Users\Diego\AppData\Roaming\
~ %Desktop% : C:\Users\Diego\Desktop\
~ %Favorites% : C:\Users\Diego\Favorites\
~ %LocalAppData% : C:\Users\Diego\AppData\Local\
~ %StartMenu% : C:\Users\Diego\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\
---\\ Enumeração das unidades dos discos
C: Hard drive, Flash drive, Thumb drive (Free 419 Go of 450 Go)
D: CD-ROM drive (Not Inserted)
---\\ Estado do Centro de Segurança do Windows
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
~ Security Center: 44 Legitimates Filtered in 00mn 00s
---\\ Pesquisa particular de ficheiros genéricos
[MD5.81394C91B7B5A7C799E249AE82491F13] - (.Microsoft Corporation - Windows Explorer.) (.01/05/2014 - 01:47:03.) -- C:\Windows\Explorer.exe [2373784]
[MD5.48CFA7BE561A7BE144C29BB912055016] - (.Microsoft Corporation - Aplicativo de Inicialização do Windows.) (.22/08/2013 - 06:58:29.) -- C:\Windows\System32\Wininit.exe [144384]
[MD5.65C36A29A131A3A5D64B29FAC4EF6DD6] - (.Microsoft Corporation - Internet Extensions para Win32.) (.18/03/2014 - 07:18:18.) -- C:\Windows\System32\wininet.dll [2262016]
[MD5.306EB21E5B480AE9065EA55AC8C35936] - (.Microsoft Corporation - Aplicativo de Logon do Windows.) (.18/03/2014 - 07:18:16.) -- C:\Windows\System32\Winlogon.exe [562176]
[MD5.AFCAB4DC692CCE37E283B00E2D7B438F] - (.Microsoft Corporation - Biblioteca de Licenciamento de Software.) (.18/03/2014 - 07:18:16.) -- C:\Windows\System32\sppcomapi.dll [447488]
[MD5.239268BAB58EAE9A3FF4E08334C00451] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.22/08/2013 - 10:25:35.) -- C:\Windows\system32\Drivers\AFD.sys [567296]
[MD5.74B14192CF79A72F7536B27CB8814FBD] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.22/08/2013 - 09:43:41.) -- C:\Windows\system32\Drivers\atapi.sys [26464]
[MD5.2FA6510E33F7DEFEC03658B74101A9B9] - (.Microsoft Corporation - CD-ROM File System Driver.) (.22/08/2013 - 08:40:15.) -- C:\Windows\system32\Drivers\Cdfs.sys [88576]
[MD5.C6796EA22B513E3457514D92DCDB1A3D] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.22/08/2013 - 05:46:35.) -- C:\Windows\system32\Drivers\Cdrom.sys [164352]
[MD5.A03F362C5557E238CBFA914689C77248] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.01/05/2014 - 01:47:02.) -- C:\Windows\system32\Drivers\DfsC.sys [134144]
[MD5.03909BDBFF0DCACCABF2B2D4ADEE44DC] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.22/08/2013 - 08:38:38.) -- C:\Windows\system32\Drivers\HDAudBus.sys [78336]
[MD5.84CFC5EFA97D0C965EDE1D56F116A541] - (.Microsoft Corporation - Driver de porta i8042.) (.22/08/2013 - 08:39:15.) -- C:\Windows\system32\Drivers\i8042prt.sys [107520]
[MD5.B7342B3C58E91107F6E946A93D9D4EFD] - (.Microsoft Corporation - IP Network Address Translator.) (.18/03/2014 - 07:18:19.) -- C:\Windows\system32\Drivers\IpNat.sys [142848]
[MD5.C997E6A37BA8915224B3FB5024A34F69] - (.Microsoft Corporation - Minirdr SMB do Windows NT.) (.01/05/2014 - 01:47:02.) -- C:\Windows\system32\Drivers\MRxSmb.sys [402944]
[MD5.0217532E19A748F0E5D569307363D5FD] - (.Microsoft Corporation - MBT Transport driver.) (.22/08/2013 - 08:37:02.) -- C:\Windows\system32\Drivers\netBT.sys [282624]
[MD5.1C80517BE6836A812F6A9B99B8321351] - (.Microsoft Corporation - Driver do Sistema de Arquivos NT.) (.01/05/2014 - 01:47:02.) -- C:\Windows\system32\Drivers\ntfs.sys [2013016]
[MD5.764B1121867B2D9B31C491668AC72B2B] - (.Microsoft Corporation - Driver de porta paralela.) (.22/08/2013 - 08:40:02.) -- C:\Windows\system32\Drivers\Parport.sys [94208]
[MD5.BBB6272B7F46C4640A8CDB8A70C3450F] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.22/08/2013 - 08:35:51.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [120832]
[MD5.680C1DAE268B6FB67FA21B389A8B79EF] - (.Microsoft Corporation - Redirecionador do Dispositivo RDP da Microsoft.) (.18/03/2014 - 06:44:42.) -- C:\Windows\system32\Drivers\rdpdr.sys [195584]
[MD5.FFF28F9F6823EB1756C60F1649560BBF] - (.Microsoft Corporation - TDI Translation Driver.) (.22/08/2013 - 10:25:35.) -- C:\Windows\system32\Drivers\tdx.sys [107520]
[MD5.3595FBDF25F8BA6256072D103937D7D6] - (.Microsoft Corporation - Driver de cópia de sombra de volume.) (.18/03/2014 - 07:17:55.) -- C:\Windows\system32\Drivers\volsnap.sys [311640]
~ Generic Processes: Scanned in 00mn 00s
---\\ Estatuto dos ficheiros ocultos (Oculto/Total)
~ Mes images (My Pictures) : 1/3
~ Mes musiques (My Musics) : 1/18
~ Mes Favoris (My Favorites) : 1/3
~ Mes Documents (My Documents) : 1/160
~ Mon Bureau (My Desktop) : 2/16
~ Menu demarrer (Programs) : 1/33
~ Hidden Files: Scanned in 00mn 00s
---\\ Processos lançados
[MD5.3E364978E4C74D3BCEA29FB41743CB5A] - (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe [3873704] [PID.2600]
[MD5.E90080AF0E517E1FE6C97D98198C3986] - (.OEM - iBrightness.) -- C:\Program Files (x86)\OEM\iBrightness 1.0.1\iBrightness.exe [3549696] [PID.2456]
[MD5.DD6526D19F757DE752A1C4EC8E69C04B] - (.No owner - IPM.exe.) -- C:\Program Files (x86)\OEM\IPM 1.9.4\IPM.exe [2410496] [PID.4364]
[MD5.C0E392910782C2BB9A28C8538CC1E1A1] - (.Intel Corporation - IAStorIcon.) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [285240] [PID.1036]
[MD5.E2E84E72995AC987A8549F4D5203230B] - (.BitTorrent Inc. - µTorrent.) -- C:\Users\Diego\AppData\Roaming\uTorrent\uTorrent.exe [1270352] [PID.3360] =>P2P.BitTorrent
[MD5.542459D16B416D054161007FC9B1246E] - (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [841032] [PID.2192]
[MD5.CCD09CA21C1946AF24834512BD9A6FCA] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [7873536] [PID.3964]
~ Processes Running: Scanned in 00mn 01s
---\\ Google Chrome, Arranque,Pesquisa,Extensões (G0,G1,G2)
C:\Users\Diego\AppData\Local\Google\Chrome\User Data\Default\Preferences
G2 - GCE: Preference [User Data\Default] [ahfgeienlihckogmohjhadlkjgocpleb] Loja v.0.2 (Activé)
G2 - GCE: Preference [User Data\Default] [neajdppkdcdipfabeoofebfddakdcjhd] Google Network Speech v.1.0 (Activé)
G2 - GCE: Preference [User Data\Default] [nkeimhogjdpnpccoofpliimaahmaaome] Hangout Services v.1.0 (Activé)
G2 - GCE: Preference [User Data\Default] [pafkbggdmjlpgkdkcbjmhmfcdpncadgh] Google Now v.1.2.0.1 (Activé)
---\\ Pasta de extensão do Google Chrome
~ Google Lines Browser: 17 Legitimates Filtered in 00mn 03s
---\\ Internet Explorer, Gestão do Proxy (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s
---\\ Análise das linhas F0, F1, F2, F3 - Ficheiros ini, Carregamento Automático de programas
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys: Scanned in 00mn 00s
---\\ Redireção do ficheiro Hosts (01)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File: Scanned in 00mn 00s
~ Nombre de lignes (Lines number): 19
---\\ Aplicações iniciadas por registo & pastas (04)
O4 - HKLM\..\Run: [RTHDVCPL] . (.Realtek Semiconductor - Gerenciador de áudio HD Realtek.) -- C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
O4 - HKLM\..\Run: [IgfxTray] . (.Intel Corporation - igfxTray Module.) -- C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] . (.Intel Corporation - hkcmd Module.) -- C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] . (.Intel Corporation - persistence Module.) -- C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe (.not file.)
O4 - HKCU\..\Run: [KiesPreload] . (.Samsung - Kies.) -- C:\Program Files (x86)\Samsung\Kies\Kies.exe
O4 - HKCU\..\Run: [KiesAirMessage] C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe (.not file.)
O4 - HKCU\..\Run: [GoogleChromeAutoLaunch_EE61CD3E1138C10841703F73164FC478] . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O4 - HKLM\..\Wow6432Node\Run: [IAStorIcon] . (.Intel Corporation - Delayed launcher.) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe
O4 - HKLM\..\Wow6432Node\Run: [KiesTrayAgent] . (.Samsung Electronics Co., Ltd. - Kies TrayAgent Application.) -- C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe =>.Samsung Electronics Co
O4 - HKLM\..\Wow6432Node\Run: [AvastUI.exe] . (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
O4 - HKUS\S-1-5-21-1558113235-1093295934-644403203-1001\..\Run: [KiesPreload] . (.Samsung - Kies.) -- C:\Program Files (x86)\Samsung\Kies\Kies.exe
O4 - HKUS\S-1-5-21-1558113235-1093295934-644403203-1001\..\Run: [KiesAirMessage] C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe (.not file.)
O4 - HKUS\S-1-5-21-1558113235-1093295934-644403203-1001\..\Run: [GoogleChromeAutoLaunch_EE61CD3E1138C10841703F73164FC478] . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
~ Application: Scanned in 00mn 00s
---\\ Boutões da barra de ferramentas principal do Internet Explorer (09)
O9 - Extra button: Se&nd to OneNote [64Bits] - {2670000A-7350-4f3c-8081-5663EE0C6C49} . (.Microsoft Corporation - Microsoft OneNote Internet Explorer Add-in.) -- C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\ONBttnIE.dll =>.Microsoft Corporation
O9 - Extra button: Lync Click to Call [64Bits] - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -- C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\lync.exe (.not file.)
O9 - Extra button: OneNote Lin&ked Notes [64Bits] - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} . (.Microsoft Corporation - Microsoft OneNote Internet Explorer Add-in.) -- C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\ONBttnIELinkedNotes.dll =>.Microsoft Corporation
~ IE Extra Buttons: Scanned in 00mn 00s
---\\ Alteração Dominio/Clientes DNS (017)
O17 - HKLM\System\CCS\Services\Tcpip\..\{1C8DAE3F-A59E-4149-913F-3D5FC6209543}: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{B13FEA21-6FB2-4C41-A3F4-91CF42CB23D8}: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{1C8DAE3F-A59E-4149-913F-3D5FC6209543}: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{B13FEA21-6FB2-4C41-A3F4-91CF42CB23D8}: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
~ Domain: Scanned in 00mn 00s
---\\ Protocolo adicional (018)
O18 - Handler: wlpg [64Bits] - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (...) --
O18 - Filter: application/x-msdownload [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll =>.Microsoft Corporation
~ Protocole Additionnel: Scanned in 00mn 00s
---\\ Valor do Registo AppInit_DLLs e sub-chaves Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: igfxcui . (.Intel Corporation - igfxdev Module.) -- C:\Windows\System32\igfxdev.dll
~ Winlogon: Scanned in 00mn 00s
---\\ Tarefas planificadas automaticamente (039)
O39 - APT: - (..) -- C:\Windows\System32\Tasks\Adobe Flash Player Updater [902]
O39 - APT: - (..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore [1074]
O39 - APT: - (..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA [1078]
O39 - APT: - (..) -- C:\Windows\Tasks\Synaptics TouchPad Enhancements.job [264]
~ Scheduled Task: 15 Legitimates Filtered in 00mn 12s
---\\ Software instalados (042)
O42 - Logiciel: Driver 1.3.1 - (.OEM.) [HKLM][64Bits] -- {BA56CD60-1D9F-4BE6-AC2F-B7C4A5437C35}
O42 - Logiciel: IPM 1.9.4 - (.OEM.) [HKLM][64Bits] -- {AADF4228-0772-4D43-92EB-B245E3A17B00}
O42 - Logiciel: KeeP 3D - v1.0 - (.KeeP Sofware.) [HKLM][64Bits] -- {D445A7B9-69A8-4860-95B9-BB957281D9A0}_is1
O42 - Logiciel: KeeP3D - (.UNKNOWN.) [HKLM][64Bits] -- KeeP3D
O42 - Logiciel: KeeP3D - (.UNKNOWN.) [HKLM][64Bits] -- {8AC46073-0856-7FD5-5411-AFDB47D963B0}
O42 - Logiciel: iBrightness 1.0.1 - (.OEM.) [HKLM][64Bits] -- {B351A468-173F-43D8-B6E6-5A6E9A0125A8}
~ Logic: 25 Legitimates Filtered in 00mn 01s
---\\ HKCU & HKLM Software Keys
[HKCU\Software\SoilAP]
[HKLM\Software\SoilIO]
[HKLM\Software\Wow6432Node\Sense]
~ Key Software: 199 Legitimates Filtered in 00mn 01s
---\\ Conteúdo das pastas Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 11/03/2013 - 14:13:20 - [] ----D C:\Program Files (x86)\KeeP3D
~ Program Folder: 113 Legitimates Filtered in 00mn 00s
---\\ Últimos ficheiros alterados ou criados no Windows e Sistema32 (044)
O44 - LFC:[MD5.F8BEF1E87A4DDE29E82CD7512DAABFA4] - 01/05/2014 - 01:33:06 ---A- . (...) -- C:\Windows\WindowsUpdate (1).log [1695946]
O44 - LFC:[MD5.12B0701B1CEC1A7BB0E4C71D97661E23] - 01/05/2014 - 01:47:02 ---A- . (...) -- C:\Windows\System32\ApnDatabase.xml [387210]
O44 - LFC:[MD5.5910E212539816BE85C7D033651124A9] - 01/05/2014 - 02:05:55 ---A- . (...) -- C:\Windows\DtcInstall.log [4893]
O44 - LFC:[MD5.89E472AFB28892082AFD2D3FD6DA2758] - 01/05/2014 - 02:12:24 ---A- . (...) -- C:\Windows\System32\emptyregdb.dat [22956]
O44 - LFC:[MD5.AE773905963646112E7C0DE64E51F08A] - 01/05/2014 - 02:12:44 ---A- . (...) -- C:\Windows\comsetup.log [6609]
O44 - LFC:[MD5.81DD33EC695AB90466031CF430CFA1BD] - 01/05/2014 - 02:12:45 ---A- . (...) -- C:\Windows\diagerr.xml [20958]
O44 - LFC:[MD5.81DD33EC695AB90466031CF430CFA1BD] - 01/05/2014 - 02:12:45 ---A- . (...) -- C:\Windows\diagwrn.xml [20958]
O44 - LFC:[MD5.D6528497A77519B74DE4C834D9213D77] - 07/05/2014 - 13:15:49 ---A- . (...) -- C:\Windows\System32\prfc0416.dat [159030]
O44 - LFC:[MD5.B8EF9FFA42CFC6C14F69D26AD3DAE758] - 07/05/2014 - 13:15:49 ---A- . (...) -- C:\Windows\System32\prfh0416.dat [775938]
O44 - LFC:[MD5.340B0467E98A8C92697D73034DB4BCB7] - 07/05/2014 - 19:11:05 ---A- . (...) -- C:\Windows\System32\Drivers\aswHwid.sys [29208]
O44 - LFC:[MD5.D9103AE68899692A7961361715403BCA] - 07/05/2014 - 19:22:32 ---A- . (.No owner - Setup/Uninstall.) -- C:\Windows\unins000.exe [1180099]
O44 - LFC:[MD5.6F2C7F5AD338FF640B3249039A5F7511] - 07/05/2014 - 19:23:44 ---A- . (...) -- C:\Windows\unins000.dat [1227]
O44 - LFC:[MD5.CC7AA7B42CF418FC3D926913490048F8] - 08/05/2014 - 15:34:35 ---A- . (...) -- C:\Windows\zoek-delete.exe [24064]
O44 - LFC:[MD5.F0460BDB70FA302BE2A563782788F7A7] - 08/05/2014 - 16:07:13 ---A- . (...) -- C:\zoek-results.log [36602]
O44 - LFC:[MD5.DDD11D768F92694D43F15CB90E553C09] - 08/05/2014 - 19:02:22 ---A- . (...) -- C:\Windows\System32\unrar64.dll [257624]
O44 - LFC:[MD5.EEC93106C344DDB63AA25DF39AD32E91] - 08/05/2014 - 19:02:25 ---A- . (...) -- C:\Windows\System32\xvidcore.dll [703488]
O44 - LFC:[MD5.660FDD9552EEDE77ADE9502F391CE310] - 08/05/2014 - 19:02:25 ---A- . (...) -- C:\Windows\System32\xvidvfw.dll [258560]
O44 - LFC:[MD5.7476F68F36F7C3B333D0F9B38C9DDB8E] - 08/05/2014 - 19:02:25 ---A- . (.x264vfw project - x264vfw - H.264/MPEG-4 AVC codec.) -- C:\Windows\System32\x264vfw64.dll [3554304]
O44 - LFC:[MD5.EE6407670B4CA47CCC9AF5ED41A19150] - 08/05/2014 - 19:02:26 ---A- . (.No owner - Lagarith.) -- C:\Windows\System32\lagarith.dll [148992]
~ Files: 191 Legitimates Filtered in 00mn 16s
---\\ Pesquisa de infeções nos drivers (HKLM)(TDSD) (O52)
O52 - TDSD: \Drivers32\"VIDC.X264"="x264vfw64.dll" . (.x264vfw project - x264vfw - H.264/MPEG-4 AVC codec.) -- C:\Windows\System32\x264vfw64.dll
~ TDSD: 10 Legitimates Filtered in 00mn 00s
---\\ Enumeração das chaves do registo PoliciesSystem (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
~ MWPS: 19 Legitimates Filtered in 00mn 00s
---\\ Enumeração das chaves do registo PoliciesExplorer (MWPE) (O56)
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktopChanges"=1
~ MWPE Keys: 3 Legitimates Filtered in 00mn 00s
---\\ Lista dos drivers do sistema (SDL) (O58)
O58 - SDL:07/05/2014 - 19:11:05 ---A- . (...) -- C:\Windows\System32\Drivers\aswHwid.sys [29208] =>.ALWIL Software
O58 - SDL:07/05/2014 - 19:11:05 ---A- . (...) -- C:\Windows\System32\Drivers\aswRvrt.sys [65776] =>.ALWIL Software
O58 - SDL:07/05/2014 - 19:11:06 ---A- . (...) -- C:\Windows\System32\Drivers\aswVmm.sys [208416] =>.ALWIL Software
O58 - SDL:12/08/2013 - 20:25:46 ---A- . (.Windows (R) Win 7 DDK provider - BCM Function 2 Device Driver.) -- C:\Windows\System32\Drivers\bcmfn2.sys [17624]
O58 - SDL:19/08/2010 - 16:59:12 ---A- . (...) -- C:\Windows\System32\Drivers\SoilIO.sys [17912]
O58 - SDL:03/12/2009 - 10:03:50 ---A- . (.Systems Internals - Windows NT Caps-lock Ctrl Swapper.) -- C:\Windows\System32\Drivers\soilkbc.sys [13816]
O58 - SDL:03/12/2009 - 10:04:16 ---A- . (.Systems Internals - Windows NT Caps-lock Ctrl Swapper.) -- C:\Windows\System32\Drivers\SoilMC.sys [13304]
O58 - SDL:11/04/2014 - 05:39:22 ---A- . (.DEVGURU Co., LTD.([Tens de ter uma conta e sessão iniciada para poderes visualizar este link] - SAMSUNG USB Composite Device Driver (MSS Ver.3).) -- C:\Windows\System32\Drivers\ssudbus.sys [110336]
O58 - SDL:11/04/2014 - 05:39:22 ---A- . (.DEVGURU Co., LTD.([Tens de ter uma conta e sessão iniciada para poderes visualizar este link] - SAMSUNG Android Modem Device Driver (MSS Ver.3).) -- C:\Windows\System32\Drivers\ssudmdm.sys [206080]
O58 - SDL:22/08/2013 - 09:43:32 ---A- . (.Promise Technology, Inc. - Promise SuperTrak EX Series Driver for Windows x64.) -- C:\Windows\System32\Drivers\stexstor.sys [31072]
~ Drivers: 61 Legitimates Filtered in 00mn 08s
---\\ Lista das ferramentas de remoção de vírus (LAT) (063)
O63 - Logiciel: ZHPDiag 2014 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =>.Nicolas Coolman
~ ADS: Scanned in 00mn 00s
---\\ Associações Shell Spawning (O67)
O67 - Shell Spawning: <.html>
~ FASS Keys: 11 Legitimates Filtered in 00mn 00s
---\\ Menu de inicialização Internet (068)
O68 - StartMenuInternet:
O68 - StartMenuInternet:
O68 - StartMenuInternet:
~ Keys: Scanned in 00mn 00s
---\\ Pesquisa de infeção nos navegadores da Internet (SBI) (069)
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (Bing) - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O69 - SBI: SearchScopes [HKCU] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} [DefaultScope] - (Google) - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
~ Keys: Scanned in 00mn 00s
---\\ Pesquisa adicional à raiz do sistema (radicular) (SPRF) (O84)
[MD5.8A9352796AA53724E44FE847905C97F3] [SPRF][04/05/2014] (.www.megacubo.net - Megacubo Setup.) -- C:\Users\Diego\Desktop\654-Megacubo_10.4.0.exe [5613128]
~ Files: 1 Legitimates Filtered in 00mn 00s
---\\ Lista das exceções do FireWall (FirewallRules) (O87)
O87 - FAEL: "{4DB48935-BF4F-49F7-908C-89E7FDB23FA3}" | In - None - P6 - TRUE | .(.BitTorrent Inc. - µTorrent.) -- C:\Users\Diego\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.BitTorrent
O87 - FAEL: "{D2AC5317-4A42-4F04-BC99-0D57968529C6}" | In - None - P17 - TRUE | .(.BitTorrent Inc. - µTorrent.) -- C:\Users\Diego\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.BitTorrent
~ Firewall: 2 Legitimates Filtered in 00mn 03s
---\\ Estado general dos serviços não Microsoft (EGS) (SR=Executados, SS=Parados)
SS - | Demand 30/04/2014 257712 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
SS - | Demand 29/01/2014 279000 | (cphs) . (.Intel Corporation.) - C:\Windows\SysWow64\IntelCpHeciSvc.exe
SS - | Auto 07/05/2014 116648 | (gupdate) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 07/05/2014 116648 | (gupdatem) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 22/04/2014 119408 | (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
SS - | Demand 22/08/2013 37768 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SR - | Auto 07/05/2014 50344 | (avast! Antivirus) . (.AVAST Software.) - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
SR - | Auto 07/05/2014 109048 | (avast! Firewall) . (.AVAST Software.) - C:\Program Files\AVAST Software\Avast\afwServ.exe
SR - | Auto 19/11/2012 14904 | (IAStorDataMgrSvc) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
SR - | Auto 13/09/2012 2466448 | (IconMan_R) . (.Realsil Microelectronics Inc..) - C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
SR - | Auto 27/07/2012 636952 | (Intel(R) Capability Licensing Service Interface) . (.Intel(R) Corporation.) - C:\Program Files\Intel\iCLS Client\HeciServer.exe
SR - | Auto 19/12/2012 129488 | (Intel(R) ME Service) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
SR - | Auto 19/12/2012 165328 | (jhi_service) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
SR - | Auto 19/12/2012 277456 | (LMS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
SR - | Auto 19/12/2012 364496 | (UNS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
SR - | Demand 10/07/1658 0 | (WdNisSvc) . (...) - C:\Program Files (x86)\Windows Defender\NisSrv.exe
SR - | Demand 10/07/1658 0 | (WinDefend) . (...) - C:\Program Files (x86)\Windows Defender\MsMpEng.exe
SR - | Auto 10/07/1658 0 | (WMPNetworkSvc) . (...) - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe =>.Microsoft Corporation
~ Services: Scanned in 00mn 17s
---\\ Scâner Aditional (088)
Database Version : 13045 - (08/05/2014)
Clés trouvées (Keys found) : 0
Valeurs trouvées (Values found) : 0
Dossiers trouvés (Folders found) : 0
Fichiers trouvés (Files found) : 1
C:\Users\Diego\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.BitTorrent^
~ Additionnel Scan: 177952 Items scanned in 00mn 58s
---\\ Sumário das deteções encontradas na sua estação
~ MSI: 0 link(s) detected in 00mn 00s
~ 716 Legitimates filtered by white list
End of the scan (383 lines in 02mn 42s)(0)
Diego-silveira- Iniciante
- Mensagens : 31
Reputação : 1
Data de inscrição : 08/05/2014
Re: Não consigo abrir algumas páginas da web!!
Selecione e copie todo o texto destacado em vermelho que te passei.
_____________________________________________________________________________________________________________
Vá no menu: Iniciar > Todos os programas > ZHP > Clique com o botão direito do mouse sobre o Zhpfix e escolha a opção de Executar como administrador > Clique em Importação > Clique no botão GO > Clique em Oui > Caso queira que os arquivos da lixeira sejam excluídos clique em Oui novamente > Um relatório aparecerá no bloco de notas.
Copie este relatório e poste em sua próxima resposta.
_____________________________________________________________________________________________________________
Vá no menu: Iniciar > Todos os programas > ZHP > Clique com o botão direito do mouse sobre o Zhpfix e escolha a opção de Executar como administrador > Clique em Importação > Clique no botão GO > Clique em Oui > Caso queira que os arquivos da lixeira sejam excluídos clique em Oui novamente > Um relatório aparecerá no bloco de notas.
Copie este relatório e poste em sua próxima resposta.
Última edição por Power Max em Qui 08 maio 2014, 19:38, editado 1 vez(es)
_________________
Caixa de Dicas = Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] = O melhor da internet você encontra aqui.
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] = Mensagens de fé e esperança para o seu coração
Power Max- Colaborador
- Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009
(RESOLVIDO) Não consigo abrir algumas páginas da web!!
Rapport de ZHPFix 2014.4.13.3 par Nicolas Coolman, Update du 13/04/2014
Fichier d'export Registre :
Run by Diego at 08/05/2014 19:33:49
High Elevated Privileges : OK
Windows 8 Home Premium Edition, 64-bit Service Pack 1 (9600)
Reciclagem vazia (00mn 01s)
========== Chaves do Registo ==========
ELIMINÉ: HKLM\Software\Wow6432Node\Sense
========== Pastas ==========
Nenhuma pasta CLSID local utilizador vazia
========== Ficheiros ==========
ELIMINÉ Temporários windows (0) (0 octets)
ELIMINÉ Flash Cookies (0) (0 octets)
========== Recapitulativo ==========
1 : Chaves do Registo
1 : Pastas
2 : Ficheiros
Fichier d'export Registre :
Run by Diego at 08/05/2014 19:33:49
High Elevated Privileges : OK
Windows 8 Home Premium Edition, 64-bit Service Pack 1 (9600)
Reciclagem vazia (00mn 01s)
========== Chaves do Registo ==========
ELIMINÉ: HKLM\Software\Wow6432Node\Sense
========== Pastas ==========
Nenhuma pasta CLSID local utilizador vazia
========== Ficheiros ==========
ELIMINÉ Temporários windows (0) (0 octets)
ELIMINÉ Flash Cookies (0) (0 octets)
========== Recapitulativo ==========
1 : Chaves do Registo
1 : Pastas
2 : Ficheiros
Diego-silveira- Iniciante
- Mensagens : 31
Reputação : 1
Data de inscrição : 08/05/2014
Re: Não consigo abrir algumas páginas da web!!
Como está o PC depois destes procedimentos?
_________________
Caixa de Dicas = Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] = O melhor da internet você encontra aqui.
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] = Mensagens de fé e esperança para o seu coração
Power Max- Colaborador
- Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009
(RESOLVIDO) Não consigo abrir algumas páginas da web!!
Power max, meu problema foi resolvido.
Toda e qualquer página está sendo aberta corretamente e de maneira até mais rápida.
Gostaria de agradecer pela atenciosidade e apoio pela velocidade pela qual me respondeu.
Sua ajuda foi, sem dúvidas, completamente satisfatória.
Mais uma vez obrigado. Meus parabéns!!
Se de alguma forma eu puder ajudar, caso queira, compartilharei o fórum nas redes sociais. vai ser uma satisfação imensa.
Muito obrigado mesmo.
Toda e qualquer página está sendo aberta corretamente e de maneira até mais rápida.
Gostaria de agradecer pela atenciosidade e apoio pela velocidade pela qual me respondeu.
Sua ajuda foi, sem dúvidas, completamente satisfatória.
Mais uma vez obrigado. Meus parabéns!!
Se de alguma forma eu puder ajudar, caso queira, compartilharei o fórum nas redes sociais. vai ser uma satisfação imensa.
Muito obrigado mesmo.
Diego-silveira- Iniciante
- Mensagens : 31
Reputação : 1
Data de inscrição : 08/05/2014
Re: Não consigo abrir algumas páginas da web!!
Se você puder nos ajudar compartilhando o fórum agradecemos muito mesmo.Se de alguma forma eu puder ajudar, caso queira, compartilharei o fórum nas redes sociais. vai ser uma satisfação imensa.
__________________________________________________________________________________________________________
Fico feliz que o problema tenha sido resolvido.
Só para finalizar siga estes tutoriais abaixo, por gentileza:
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
_______________________________________________________________________________________________________________________
Para remover os programas usados na limpeza deste PC e criar um novo ponto de restauração seguro e sem problemas, utilize o DelFix seguindo as dicas [Tens de ter uma conta e sessão iniciada para poderes visualizar este link].
_______________________________________________________________________________________________________________________
Foi um prazer ajudar. Conte sempre conosco!
_________________
Caixa de Dicas = Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] = O melhor da internet você encontra aqui.
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] = Mensagens de fé e esperança para o seu coração
Power Max- Colaborador
- Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009
(RESOLVIDO) Não consigo abrir algumas páginas da web!!
Ok. vou fazer os procedimentos.
Tenho uma Fanpage no facebook com pouco mais de 7 mil inscritos. Compartilharei o fórum lá. Não é grande coisa, mas pode ajudar
Valeeeu!
Tenho uma Fanpage no facebook com pouco mais de 7 mil inscritos. Compartilharei o fórum lá. Não é grande coisa, mas pode ajudar
Valeeeu!
Diego-silveira- Iniciante
- Mensagens : 31
Reputação : 1
Data de inscrição : 08/05/2014
Página 1 de 2 • 1, 2
Página 1 de 2
Permissões neste sub-fórum
Não podes responder a tópicos
|
|