http:// ou licença inspirada

Olá meu nome é Eros,
Estou com o seguinte problema e solicito ajuda para "curar" o meu PC.

A poucos instantes eu estava com o problema em todas as paginas que exigiam HTTP//WWW.... me retornava com mensagem de licença expirada e agora ao entrar no google crome ou internet explorer acessa esta pagina [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

Por favor, alguem pode me ajudar?

Agradeço em adiantado,

Eros

Boa Noite! Eros

> Baixe: < [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] > ( ... par Xplode )

> Ao acessar,clique em "Download Now".
>
> Salve-o no desktop!

< [Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem] >

> Clique direito em adwcleaner.exe,e escolha sua execução como administrador.

[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]

> Ps: Dê início ao scan,clicando em "Examinar".

< [Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem] >

> Ao concluir,clique "Limpar" >> Ok >> Ok >> Ok.
> Copie o log ou clique "Relatório".
> Poste: < C:\AdwCleaner\AdwCleaner[S0].txt >

A+

Olá Joram,
Posso fazer o download através de outro endereço? Esse que você enviou-me tem https no início e o gloogle corta a minha comunicação.

Grato,

Eros

Eros escreveu:Olá Joram,
Posso fazer o download através de outro endereço? Esse que você enviou-me tem https no início e o gloogle corta a minha comunicação.

Grato,

Eros

Boa Noite! Eros

< [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] >

> Baixe-o daqui!

A+

# AdwCleaner v3.310 - Relatório criado 04/01/2006 às 12:02:26
# Atualizado 12/09/2014 por Xplode
# Sistema Operacional : Microsoft Windows XP Service Pack 2 (32 bits)
# Usuário : Eros - CASA
# Executando de : C:\Documents and Settings\Eros\Meus documentos\Downloads\AdwCleaner.exe
# Opção : Limpar

***** [ Serviços ] *****

[#] Serviço Deletada : IePluginServices
[#] Serviço Deletada : WindowsMangerProtect

***** [ Arquivos / Pastas ] *****

Pasta Deletada : C:\Documents and Settings\All Users\Dados de aplicativos\IePluginServices
Pasta Deletada : C:\Documents and Settings\All Users\Dados de aplicativos\WindowsMangerProtect
Pasta Deletada : C:\Arquivos de programas\SupTab
Pasta Deletada : C:\Documents and Settings\Eros\Dados de aplicativos\webssearches
[!] Pasta Deletada : C:\Documents and Settings\Jéssica\Configurações locais\Dados de aplicativos\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck
[!] Pasta Deletada : C:\Documents and Settings\Nadja\Configurações locais\Dados de aplicativos\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck

***** [ Tarefas ] *****


***** [ Atalhos ] *****

Atalho Desinfectada : C:\Documents and Settings\Eros\Desktop\Internet Explorer.lnk
Atalho Desinfectada : C:\Documents and Settings\All Users\Menu Iniciar\Programas\Google Chrome\Google Chrome.lnk
Atalho Desinfectada : C:\Documents and Settings\Eros\Menu Iniciar\Programas\Internet Explorer.lnk

***** [ Registro ] *****

Chave Deletedo : HKLM\SOFTWARE\Google\Chrome\Extensions\eofcbnmajmjmplflapaojjnihcjkigck
Chave Deletedo : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\IePluginServices
Chave Deletedo : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WindowsMangerProtect
Chave Deletedo : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Dados Restaurada : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command
Dados Restaurada : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\chrome.exe\shell\open\command
Valor Deletedo : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List [C:\Arquivos de programas\HP\HP Officejet Pro 8600\Bin\DeviceSetup.exe]
Chave Deletedo : HKCU\Software\SupHpUISoft
Chave Deletedo : HKLM\SOFTWARE\SupDp
Chave Deletedo : HKLM\SOFTWARE\SupTab
Chave Deletedo : HKLM\SOFTWARE\supWindowsMangerProtect
Chave Deletedo : HKLM\SOFTWARE\supWPM
Chave Deletedo : HKLM\SOFTWARE\webssearchesSoftware
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\webssearches uninstall
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WindowsMangerProtect
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{90120000-00B2-0409-0000-0000000FF1CE}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{90120000-00B2-0409-0000-0000000FF1CE}

***** [ Navegadores ] *****

-\\ Internet Explorer v6.0.2900.2180

Configurações Restauradas : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Page_URL]
Configurações Restauradas : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]

-\\ Google Chrome v37.0.2062.120

[ Arquivo : C:\Documents and Settings\Eros\Configurações locais\Dados de aplicativos\Google\Chrome\User Data\Default\preferences ]


[ Arquivo : C:\Documents and Settings\Jéssica\Configurações locais\Dados de aplicativos\Google\Chrome\User Data\Default\preferences ]

Deletedo [Search Provider] : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Deletedo [Extension] : eofcbnmajmjmplflapaojjnihcjkigck

[ Arquivo : C:\Documents and Settings\Nadja\Configurações locais\Dados de aplicativos\Google\Chrome\User Data\Default\preferences ]

Deletedo [Search Provider] : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Deletedo [Search Provider] : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

*************************

AdwCleaner[R0].txt - [5253 octets] - [04/01/2006 11:59:59]
AdwCleaner[S0].txt - [4280 octets] - [04/01/2006 12:02:26]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [4340 octets] ##########

Boa Noite! Eros

# AdwCleaner v3.310 - Relatório criado 04/01/2006 às 12:02:26
----
----
> Ajuste a data de seu computador!
> Se o problema retornar,substitua a célula de energia ou bateria da bios,lá na Placa Mãe.
>
> Baixe: < [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] > ( ... by Smeenk )

> Ou aqui! < [Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem] [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] >

> Salve-o e descompacte-o para o desktop!

> Desabilite seu antivírus!
> Para Windows 7,execute zoek.exe como administrador.

chromelook;
iedefaults;
filesrcm;
webssearches;u
Istart;u  
Istart;a
Istart;z

> Copie e cole estas informações,que estão em vermelho,no campo da ferramenta.
> Clique "Run Script".

Zoek.exe is running now.
Do not start any browser windows, they will be closed automatically.
Please wait! This window will close when finished.
A logfile will open afterwards and can also be found on your systemdrive as zoek-results.log

> Surgirão estas informações,pedindo-lhe que aguarde o surgimento do relatório.
> Ps: Essas informações,podem permanecer estáticas na tela por 20 minutos ou mais.
>
> Aceite e/ou confirme o reboot!

zoek.hta failed by unknown error.
Restart computer, and try again.

> Ps: Ao obter algum erro,reinicie o PC e execute,novamente,a ferramenta.
> Poste o relatório,que estará em C:\zoek-results.txt <<

A+

Bom dia Joram, sao 6h10 da manha aqui. 2006-03-02 12:00:00 C0BB7D1615E1ACBDC99757F6CEAF8CF0 55936 ----a-w- C:\WINDOWS\system32\drivers\nwlnkspx.sys
2006-03-02 12:00:00 C0162963D82FCFB3F1795263ECE1088A 188416 ----a-w- C:\WINDOWS\system32\drivers\acpi.sys
2006-03-02 12:00:00 BFFD9F120CC63BCBAA3D840F3EEF9F79 31616 ----a-w- C:\WINDOWS\system32\drivers\usbccgp.sys
2006-03-02 12:00:00 BBC957DC18C17CC027EB80B7C77F2AEA 29274 -c--a-w- C:\WINDOWS\system32\dllcache\ntdos412.sys
2006-03-02 12:00:00 BBC957DC18C17CC027EB80B7C77F2AEA 29274 ----a-w- C:\WINDOWS\system32\ntdos412.sys
2006-03-02 12:00:00 B78BE402C3F63DD55521F73876951CDD 574592 -c--a-w- C:\WINDOWS\system32\dllcache\ntfs.sys
2006-03-02 12:00:00 B78BE402C3F63DD55521F73876951CDD 574592 ----a-w- C:\WINDOWS\system32\drivers\ntfs.sys
2006-03-02 12:00:00 B5A8E215AC29D24D60B4D1250EF05ACE 134912 -c--a-w- C:\WINDOWS\system32\dllcache\ipnat.sys
2006-03-02 12:00:00 B5A8E215AC29D24D60B4D1250EF05ACE 134912 ----a-w- C:\WINDOWS\system32\drivers\ipnat.sys
2006-03-02 12:00:00 B305F3FAD35083837EF46A0BBCE2FC57 12416 -c--a-w- C:\WINDOWS\system32\dllcache\nwlnkflt.sys
2006-03-02 12:00:00 B305F3FAD35083837EF46A0BBCE2FC57 12416 ----a-w- C:\WINDOWS\system32\drivers\nwlnkflt.sys
2006-03-02 12:00:00 B2DE3452DE03674C6CEC68B8C8CE7C78 47564 --sha-r- C:\NTDETECT.COM
2006-03-02 12:00:00 AFF2E5045961BBC0A602BB6F95EB1345 209408 -c--a-w- C:\WINDOWS\system32\dllcache\update.sys
2006-03-02 12:00:00 AFF2E5045961BBC0A602BB6F95EB1345 209408 ----a-w- C:\WINDOWS\system32\drivers\update.sys
2006-03-02 12:00:00 AF9C19B3100FE010496B1A27181FBF72 49536 ----a-w- C:\WINDOWS\system32\drivers\cdrom.sys
2006-03-02 12:00:00 AF090265EC388BAB320F1FF7E7A7D5EA 12672 -c--a-w- C:\WINDOWS\system32\dllcache\usb8023.sys
2006-03-02 12:00:00 AF090265EC388BAB320F1FF7E7A7D5EA 12672 ----a-w- C:\WINDOWS\system32\drivers\usb8023.sys
2006-03-02 12:00:00 A73F5D6705B1D820C19B18782E176EFD 3328 -c--a-w- C:\WINDOWS\system32\dllcache\dxgthk.sys
2006-03-02 12:00:00 A73F5D6705B1D820C19B18782E176EFD 3328 ----a-w- C:\WINDOWS\system32\drivers\dxgthk.sys
2006-03-02 12:00:00 A41645B9470D99701E90715D443374BD 36224 -c--a-w- C:\WINDOWS\system32\dllcache\isapnp.sys
2006-03-02 12:00:00 A41645B9470D99701E90715D443374BD 36224 ----a-w- C:\WINDOWS\system32\drivers\isapnp.sys
2006-03-02 12:00:00 A2D868AEEFF612E70E213C451A70CAFB 15488 ----a-w- C:\WINDOWS\system32\drivers\serenum.sys
2006-03-02 12:00:00 A2A9CA0D1A9AC1FF54220AA0789FE5CF 14976 -c--a-w- C:\WINDOWS\system32\dllcache\tape.sys
2006-03-02 12:00:00 A2A9CA0D1A9AC1FF54220AA0789FE5CF 14976 ----a-w- C:\WINDOWS\system32\drivers\tape.sys
2006-03-02 12:00:00 A20DFEA59C999192738BDD11D0AFA25C 40192 ----a-w- C:\WINDOWS\system32\drivers\intelppm.sys
2006-03-02 12:00:00 9F4B36614A0FC234525BA224957DE55C 359040 -c--a-w- C:\WINDOWS\system32\dllcache\tcpip.sys
2006-03-02 12:00:00 9F4B36614A0FC234525BA224957DE55C 359040 ----a-w- C:\WINDOWS\system32\drivers\tcpip.sys
2006-03-02 12:00:00 98FAEB4A4DCF812BA1C6FCA4AA3E115C 51328 -c--a-w- C:\WINDOWS\system32\dllcache\rasl2tp.sys
2006-03-02 12:00:00 98FAEB4A4DCF812BA1C6FCA4AA3E115C 51328 ----a-w- C:\WINDOWS\system32\drivers\rasl2tp.sys
2006-03-02 12:00:00 984EF0B9788ABF89974CFED4BFBAACBC 34560 -c--a-w- C:\WINDOWS\system32\dllcache\wanarp.sys
2006-03-02 12:00:00 984EF0B9788ABF89974CFED4BFBAACBC 34560 ----a-w- C:\WINDOWS\system32\drivers\wanarp.sys
2006-03-02 12:00:00 940660B5661A29DFBAC26BB477F09301 14950 ----a-w- C:\WINDOWS\system32\kb16.com
2006-03-02 12:00:00 912150FE88E79AFEE0BB72216FAB2617 4896 -c--a-w- C:\WINDOWS\system32\dllcache\himem.sys
2006-03-02 12:00:00 912150FE88E79AFEE0BB72216FAB2617 4896 ----a-w- C:\WINDOWS\system32\himem.sys
2006-03-02 12:00:00 90A673FC8E12A79AFBED2576F6A7AAF9 13952 ----a-w- C:\WINDOWS\system32\drivers\cbidf2k.sys
2006-03-02 12:00:00 8F1864CD7684E0C96A8BABDA54585A3A 19456 ----a-w- C:\WINDOWS\system32\mode.com
2006-03-02 12:00:00 8EC0D923CD6128DE73DDA0DF082BB985 35072 -c--a-w- C:\WINDOWS\system32\dllcache\fips.sys
2006-03-02 12:00:00 8EC0D923CD6128DE73DDA0DF082BB985 35072 ----a-w- C:\WINDOWS\system32\drivers\fips.sys
2006-03-02 12:00:00 8A60EDD72B4EA5AEA8202DAF0E427925 20992 -c--a-w- C:\WINDOWS\system32\dllcache\vga.sys
2006-03-02 12:00:00 8A60EDD72B4EA5AEA8202DAF0E427925 20992 ----a-w- C:\WINDOWS\system32\drivers\vga.sys
2006-03-02 12:00:00 8842837C4D8311BF8E72BEE8CCC42217 35424 -c--a-w- C:\WINDOWS\system32\dllcache\ntio412.sys
2006-03-02 12:00:00 8842837C4D8311BF8E72BEE8CCC42217 35424 ----a-w- C:\WINDOWS\system32\ntio412.sys
2006-03-02 12:00:00 86BB7AF2533B342B8E274590AD2190FA 33984 -c--a-w- C:\WINDOWS\system32\dllcache\ntio.sys
2006-03-02 12:00:00 86BB7AF2533B342B8E274590AD2190FA 33984 ----a-w- C:\WINDOWS\system32\ntio.sys
2006-03-02 12:00:00 82035E0F41C2DD05AE41D27FE6CF7DE1 107904 -c--a-w- C:\WINDOWS\system32\dllcache\mup.sys
2006-03-02 12:00:00 82035E0F41C2DD05AE41D27FE6CF7DE1 107904 ----a-w- C:\WINDOWS\system32\drivers\mup.sys
2006-03-02 12:00:00 80D317BD1C3DBC5D4FE7B1678C60CADD 17792 -c--a-w- C:\WINDOWS\system32\dllcache\ptilink.sys
2006-03-02 12:00:00 80D317BD1C3DBC5D4FE7B1678C60CADD 17792 ----a-w- C:\WINDOWS\system32\drivers\ptilink.sys
2006-03-02 12:00:00 7FC1E330386610D5EB3E7C4C7893CA93 25088 ----a-w- C:\WINDOWS\system32\drivers\kbdclass.sys
2006-03-02 12:00:00 7CE8B277F3207EA82D7D22AD348BEFC6 30080 -c--a-w- C:\WINDOWS\system32\dllcache\rndismp.sys
2006-03-02 12:00:00 7CE8B277F3207EA82D7D22AD348BEFC6 30080 ----a-w- C:\WINDOWS\system32\drivers\rndismp.sys
2006-03-02 12:00:00 79EA3FCDA7067977625B3363A2657C80 88448 -c--a-w- C:\WINDOWS\system32\dllcache\nwlnkipx.sys
2006-03-02 12:00:00 79EA3FCDA7067977625B3363A2657C80 88448 ----a-w- C:\WINDOWS\system32\drivers\nwlnkipx.sys
2006-03-02 12:00:00 75F52FDB794DFC2EDF91531C986591CC 1153 ----a-w- C:\WINDOWS\system32\loadfix.com
2006-03-02 12:00:00 73C1E1F395918BC2C6DD67AF7591A3AD 2944 -c--a-w- C:\WINDOWS\system32\dllcache\null.sys
2006-03-02 12:00:00 73C1E1F395918BC2C6DD67AF7591A3AD 2944 ----a-w- C:\WINDOWS\system32\drivers\null.sys
2006-03-02 12:00:00 731F22BA402EE4B62748ADAF6363C182 32896 -c--a-w- C:\WINDOWS\system32\dllcache\ipfltdrv.sys
2006-03-02 12:00:00 731F22BA402EE4B62748ADAF6363C182 32896 ----a-w- C:\WINDOWS\system32\drivers\ipfltdrv.sys
2006-03-02 12:00:00 7306EEED8895454CBED4669BE9F79FAA 41472 -c--a-w- C:\WINDOWS\system32\dllcache\raspppoe.sys
2006-03-02 12:00:00 7306EEED8895454CBED4669BE9F79FAA 41472 ----a-w- C:\WINDOWS\system32\drivers\raspppoe.sys
2006-03-02 12:00:00 6F73F50162DEF60C84B725C18CD9140F 34560 -c--a-w- C:\WINDOWS\system32\dllcache\ntio404.sys
2006-03-02 12:00:00 6F73F50162DEF60C84B725C18CD9140F 34560 ----a-w- C:\WINDOWS\system32\ntio404.sys
2006-03-02 12:00:00 6B56CEB3C6F9D5CD7293DBD9FE23B311 34560 -c--a-w- C:\WINDOWS\system32\dllcache\ntio804.sys
2006-03-02 12:00:00 6B56CEB3C6F9D5CD7293DBD9FE23B311 34560 ----a-w- C:\WINDOWS\system32\ntio804.sys
2006-03-02 12:00:00 6ABE6E225ADB5A751622A9CC3BC19CE8 12032 -c--a-w- C:\WINDOWS\system32\dllcache\ws2ifsl.sys
2006-03-02 12:00:00 6ABE6E225ADB5A751622A9CC3BC19CE8 12032 ----a-w- C:\WINDOWS\system32\drivers\ws2ifsl.sys
2006-03-02 12:00:00 6891B74AB9A016064E82A419388D0601 18560 -c--a-w- C:\WINDOWS\system32\dllcache\tdi.sys
2006-03-02 12:00:00 6891B74AB9A016064E82A419388D0601 18560 ----a-w- C:\WINDOWS\system32\drivers\tdi.sys
2006-03-02 12:00:00 65653F3B4477F3C63E68A9659F85EE2E 42240 -c--a-w- C:\WINDOWS\system32\dllcache\mountmgr.sys
2006-03-02 12:00:00 65653F3B4477F3C63E68A9659F85EE2E 42240 ----a-w- C:\WINDOWS\system32\drivers\mountmgr.sys
2006-03-02 12:00:00 64537AA5C003A6AFEEE1DF819062D0D1 74752 -c--a-w- C:\WINDOWS\system32\dllcache\ipsec.sys
2006-03-02 12:00:00 64537AA5C003A6AFEEE1DF819062D0D1 74752 ----a-w- C:\WINDOWS\system32\drivers\ipsec.sys
2006-03-02 12:00:00 62E28FB2D275059532389C615C04E054 3456 ----a-w- C:\WINDOWS\system32\drivers\pciide.sys
2006-03-02 12:00:00 60CF8C7192B3614F240838DDBAA4A245 40320 -c--a-w- C:\WINDOWS\system32\dllcache\nmnt.sys
2006-03-02 12:00:00 60CF8C7192B3614F240838DDBAA4A245 40320 ----a-w- C:\WINDOWS\system32\drivers\nmnt.sys
2006-03-02 12:00:00 5FFF41CD5108E9051D255C37825AF697 24960 ----a-w- C:\WINDOWS\system32\drivers\hidparse.sys
2006-03-02 12:00:00 5CF4F931E446ACE13D8633BAE48DEC49 3788 -c--a-w- C:\WINDOWS\system32\dllcache\pubprn.vbs
2006-03-02 12:00:00 5CF4F931E446ACE13D8633BAE48DEC49 3788 ----a-w- C:\WINDOWS\system32\pubprn.vbs
2006-03-02 12:00:00 5AC495F4CB807B2B98AD2AD591E6D92E 138496 -c--a-w- C:\WINDOWS\system32\dllcache\afd.sys
2006-03-02 12:00:00 5AC495F4CB807B2B98AD2AD591E6D92E 138496 ----a-w- C:\WINDOWS\system32\drivers\afd.sys
2006-03-02 12:00:00 59FC3FB44D2669BC144FD87826BB571F 38016 -c--a-w- C:\WINDOWS\system32\dllcache\ndproxy.sys
2006-03-02 12:00:00 59FC3FB44D2669BC144FD87826BB571F 38016 ----a-w- C:\WINDOWS\system32\drivers\ndproxy.sys
2006-03-02 12:00:00 59CB1338AD3654417BEA49636457F65D 5376 ----a-w- C:\WINDOWS\system32\drivers\viaide.sys
2006-03-02 12:00:00 598A4E8249DCEE03C4426B1CF3917ABD 7040 -c--a-w- C:\WINDOWS\system32\dllcache\parvdm.sys
2006-03-02 12:00:00 598A4E8249DCEE03C4426B1CF3917ABD 7040 ----a-w- C:\WINDOWS\system32\drivers\parvdm.sys
2006-03-02 12:00:00 596EB39B50D6EBD9B734DC4AE0544693 4736 ----a-w- C:\WINDOWS\system32\drivers\usbd.sys
2006-03-02 12:00:00 586499FD312FFD7F78553F408E71682E 10240 ----a-w- C:\WINDOWS\system32\drivers\sffp_sd.sys
2006-03-02 12:00:00 582BCDD47CF4B68B5CB528F18E3CB808 42809 -c--a-w- C:\WINDOWS\system32\dllcache\key01.sys
2006-03-02 12:00:00 582BCDD47CF4B68B5CB528F18E3CB808 42809 ----a-w- C:\WINDOWS\system32\key01.sys
2006-03-02 12:00:00 56D34A67C05E94E16377C60609741FF8 63232 -c--a-w- C:\WINDOWS\system32\dllcache\nwlnknb.sys
2006-03-02 12:00:00 56D34A67C05E94E16377C60609741FF8 63232 ----a-w- C:\WINDOWS\system32\drivers\nwlnknb.sys
2006-03-02 12:00:00 561B3A4333CA2DBDBA28B5B956822519 19072 -c--a-w- C:\WINDOWS\system32\dllcache\msfs.sys
2006-03-02 12:00:00 561B3A4333CA2DBDBA28B5B956822519 19072 ----a-w- C:\WINDOWS\system32\drivers\msfs.sys
2006-03-02 12:00:00 558635D3AF1C7546D26067D5D9B6959E 182912 -c--a-w- C:\WINDOWS\system32\dllcache\ndis.sys
2006-03-02 12:00:00 558635D3AF1C7546D26067D5D9B6959E 182912 ----a-w- C:\WINDOWS\system32\drivers\ndis.sys
2006-03-02 12:00:00 520B91AB011456B940D9B05FC91108FF 25088 ----a-w- C:\WINDOWS\system32\drivers\pciidex.sys
2006-03-02 12:00:00 51188A72E3D31E2E8E066D5913466326 15872 ----a-w- C:\WINDOWS\system32\more.com
2006-03-02 12:00:00 4F601BCB8F64EA3AC0994F98FED03F8E 30848 -c--a-w- C:\WINDOWS\system32\dllcache\npfs.sys
2006-03-02 12:00:00 4F601BCB8F64EA3AC0994F98FED03F8E 30848 ----a-w- C:\WINDOWS\system32\drivers\npfs.sys
2006-03-02 12:00:00 4D58BB1AE8841AAFD8790AD7E1E3B8EA 223616 -c--a-w- C:\WINDOWS\system32\dllcache\tcpip6.sys
2006-03-02 12:00:00 4D58BB1AE8841AAFD8790AD7E1E3B8EA 223616 ----a-w- C:\WINDOWS\system32\drivers\tcpip6.sys
2006-03-02 12:00:00 4BB30DDC53EBC76895E38694580CDFE9 3456 ----a-w- C:\WINDOWS\system32\drivers\oprghdlr.sys
2006-03-02 12:00:00 4AE068242760A1FB6E1A44BF4E16AFA6 4224 -c--a-w- C:\WINDOWS\system32\dllcache\mnmdd.sys
2006-03-02 12:00:00 4AE068242760A1FB6E1A44BF4E16AFA6 4224 ----a-w- C:\WINDOWS\system32\drivers\mnmdd.sys
2006-03-02 12:00:00 4912D5B403614CE99C28420F75353332 4224 -c--a-w- C:\WINDOWS\system32\dllcache\rdpcdd.sys
2006-03-02 12:00:00 4912D5B403614CE99C28420F75353332 4224 ----a-w- C:\WINDOWS\system32\drivers\rdpcdd.sys
2006-03-02 12:00:00 48671F327553DCF1D27F6197F622A668 69120 -c--a-w- C:\WINDOWS\system32\dllcache\psched.sys
2006-03-02 12:00:00 48671F327553DCF1D27F6197F622A668 69120 ----a-w- C:\WINDOWS\system32\drivers\psched.sys
2006-03-02 12:00:00 47BACE737C6FCCAAFCF526C0564986CB 11264 ----a-w- C:\WINDOWS\system32\tree.com
2006-03-02 12:00:00 46EDCC8F2DB2F322C24F48785CB46366 181248 -c--a-w- C:\WINDOWS\system32\dllcache\mrxdav.sys
2006-03-02 12:00:00 46EDCC8F2DB2F322C24F48785CB46366 181248 ----a-w- C:\WINDOWS\system32\drivers\mrxdav.sys
2006-03-02 12:00:00 45C3722B3BD4C7AA411EAE97F2F050DB 14848 ----a-w- C:\WINDOWS\system32\drivers\kbdhid.sys
2006-03-02 12:00:00 4448006B6BC60E6C027932CFC38D6855 29056 -c--a-w- C:\WINDOWS\system32\dllcache\ip6fw.sys
2006-03-02 12:00:00 4448006B6BC60E6C027932CFC38D6855 29056 ----a-w- C:\WINDOWS\system32\drivers\ip6fw.sys
2006-03-02 12:00:00 3EE14D902A98C7CC46D9AA634C62CB52 26112 ----a-w- C:\WINDOWS\system32\graftabl.com
2006-03-02 12:00:00 3ECE4969490E53801D8AAEA12E22B8B5 25600 ----a-w- C:\WINDOWS\system32\format.com
2006-03-02 12:00:00 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A 7936 -c--a-w- C:\WINDOWS\system32\dllcache\fs_rec.sys
2006-03-02 12:00:00 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A 7936 ----a-w- C:\WINDOWS\system32\drivers\fs_rec.sys
2006-03-02 12:00:00 3CFFAEFFF23B0D208214A6D3061A5B1B 29146 -c--a-w- C:\WINDOWS\system32\dllcache\ntdos804.sys
2006-03-02 12:00:00 3CFFAEFFF23B0D208214A6D3061A5B1B 29146 ----a-w- C:\WINDOWS\system32\ntdos804.sys
2006-03-02 12:00:00 3BDBB5FE0C1A6597C5F74C827E825D35 19918 ----a-w- C:\WINDOWS\system32\graphics.com
2006-03-02 12:00:00 3A2ACA8FC1D7786902CA434998D7CEB4 34560 -c--a-w- C:\WINDOWS\system32\dllcache\netbios.sys
2006-03-02 12:00:00 3A2ACA8FC1D7786902CA434998D7CEB4 34560 ----a-w- C:\WINDOWS\system32\drivers\netbios.sys
2006-03-02 12:00:00 39A0A59180F19946374275745B21AEBA 31360 -c--a-w- C:\WINDOWS\system32\dllcache\atmepvc.sys
2006-03-02 12:00:00 39A0A59180F19946374275745B21AEBA 31360 ----a-w- C:\WINDOWS\system32\drivers\atmepvc.sys
2006-03-02 12:00:00 378055AB8DDA86228683C697C4E11685 36224 ----a-w- C:\WINDOWS\system32\drivers\hidclass.sys
2006-03-02 12:00:00 35E81B908AE4E97FC7BDF4607C516FF4 200064 -c--a-w- C:\WINDOWS\system32\dllcache\rmcast.sys
2006-03-02 12:00:00 35E81B908AE4E97FC7BDF4607C516FF4 200064 ----a-w- C:\WINDOWS\system32\drivers\RMCast.sys
2006-03-02 12:00:00 3334430C29DC338092F79C38EF7B4CD0 18688 -c--a-w- C:\WINDOWS\system32\dllcache\partmgr.sys
2006-03-02 12:00:00 3334430C29DC338092F79C38EF7B4CD0 18688 ----a-w- C:\WINDOWS\system32\drivers\partmgr.sys
2006-03-02 12:00:00 3117F595E9615E04F05A54FC15A03B20 143360 -c--a-w- C:\WINDOWS\system32\dllcache\fastfat.sys
2006-03-02 12:00:00 3117F595E9615E04F05A54FC15A03B20 143360 ----a-w- C:\WINDOWS\system32\drivers\fastfat.sys
2006-03-02 12:00:00 2F31B7F954BED437F2C75026C65CAF7B 4352 -c--a-w- C:\WINDOWS\system32\dllcache\wmilib.sys
2006-03-02 12:00:00 2F31B7F954BED437F2C75026C65CAF7B 4352 ----a-w- C:\WINDOWS\system32\drivers\wmilib.sys
2006-03-02 12:00:00 29D66245ADBA878FFF574CD66ABD2884 176512 -c--a-w- C:\WINDOWS\system32\dllcache\rdbss.sys
2006-03-02 12:00:00 29D66245ADBA878FFF574CD66ABD2884 176512 ----a-w- C:\WINDOWS\system32\drivers\rdbss.sys
2006-03-02 12:00:00 29A6D15F8D2F1D9A5C7E0EF594A0DCC4 153984 -c--a-w- C:\WINDOWS\system32\dllcache\dmio.sys
2006-03-02 12:00:00 29A6D15F8D2F1D9A5C7E0EF594A0DCC4 153984 ----a-w- C:\WINDOWS\system32\drivers\dmio.sys
2006-03-02 12:00:00 20CCDA6D41140456F4BD91C1B188812D 120064 ----a-w- C:\WINDOWS\system32\drivers\pcmcia.sys
2006-03-02 12:00:00 20B7E396720353E4117D64D9DCB926CA 336256 -c--a-w- C:\WINDOWS\system32\dllcache\srv.sys
2006-03-02 12:00:00 20B7E396720353E4117D64D9DCB926CA 336256 ----a-w- C:\WINDOWS\system32\drivers\srv.sys
2006-03-02 12:00:00 2034CA78F9C6E787B4B76D81AC888351 142976 ----a-w- C:\WINDOWS\system32\drivers\usbport.sys
2006-03-02 12:00:00 1FD607FC67F7F7C633C3DA65BFC53D18 451456 ----a-w- C:\WINDOWS\system32\drivers\mrxsmb.sys
2006-03-02 12:00:00 1DE6783B918F540149AA69943BDFEBA8 9600 ----a-w- C:\WINDOWS\system32\drivers\hidusb.sys
2006-03-02 12:00:00 1D9F1BEC651815741F088A8FB88E17EE 11136 ----a-w- C:\WINDOWS\system32\drivers\sffdisk.sys
2006-03-02 12:00:00 1CDBB1F8E2C075C89EBFCFCA3185ED8B 9216 ----a-w- C:\WINDOWS\system32\diskcomp.com
2006-03-02 12:00:00 1C5CC65AAC0783C344F16353E60B72AC 48384 -c--a-w- C:\WINDOWS\system32\dllcache\raspptp.sys
2006-03-02 12:00:00 1C5CC65AAC0783C344F16353E60B72AC 48384 ----a-w- C:\WINDOWS\system32\drivers\raspptp.sys
2006-03-02 12:00:00 19D4F0DAD3F393C13DE7F849ADE72EFE 27900 -c--a-w- C:\WINDOWS\system32\dllcache\ntdos.sys
2006-03-02 12:00:00 19D4F0DAD3F393C13DE7F849ADE72EFE 27900 ----a-w- C:\WINDOWS\system32\ntdos.sys
2006-03-02 12:00:00 15E993BA2F6946B2BFBBFCD30398621E 26624 ----a-w- C:\WINDOWS\system32\drivers\usbehci.sys
2006-03-02 12:00:00 159E42E7957425336586C1470B9AAAE0 18432 ----a-w- C:\WINDOWS\system32\win.com
2006-03-02 12:00:00 12F70256F140CD7D52C58C7048FDE657 66176 -c--a-w- C:\WINDOWS\system32\dllcache\udfs.sys
2006-03-02 12:00:00 12F70256F140CD7D52C58C7048FDE657 66176 ----a-w- C:\WINDOWS\system32\drivers\udfs.sys
2006-03-02 12:00:00 1282FC836C68383C82908EB10DED993B 52472 ----a-w- C:\WINDOWS\system32\command.com
2006-03-02 12:00:00 0FE9F16075C9ACB941C957B7C649176E 27097 -c--a-w- C:\WINDOWS\system32\dllcache\country.sys
2006-03-02 12:00:00 0FE9F16075C9ACB941C957B7C649176E 27097 ----a-w- C:\WINDOWS\system32\country.sys
2006-03-02 12:00:00 0FDD5E69C1FF3B58043D44F2CC743D45 35648 -c--a-w- C:\WINDOWS\system32\dllcache\ntio411.sys
2006-03-02 12:00:00 0FDD5E69C1FF3B58043D44F2CC743D45 35648 ----a-w- C:\WINDOWS\system32\ntio411.sys
2006-03-02 12:00:00 0DD1DE43115B93F4D85E889D7A86F548 20480 ----a-w- C:\WINDOWS\system32\drivers\flpydisk.sys
2006-03-02 12:00:00 0D13B6DF6E9E101013A7AFB0CE629FE0 11392 ----a-w- C:\WINDOWS\system32\drivers\sfloppy.sys
2006-03-02 12:00:00 0C80E410CD2F47134407EE7DD19CC86B 162816 -c--a-w- C:\WINDOWS\system32\dllcache\netbt.sys
2006-03-02 12:00:00 0C80E410CD2F47134407EE7DD19CC86B 162816 ----a-w- C:\WINDOWS\system32\drivers\netbt.sys
2006-03-02 12:00:00 0B90E255A9490166AB368CD55A529893 91776 -c--a-w- C:\WINDOWS\system32\dllcache\ndiswan.sys
2006-03-02 12:00:00 0B90E255A9490166AB368CD55A529893 91776 ----a-w- C:\WINDOWS\system32\drivers\ndiswan.sys
2006-03-02 12:00:00 08D43BBDACDF23F34D79E44ED35C1B4C 9600 -c--a-w- C:\WINDOWS\system32\dllcache\ndistapi.sys
2006-03-02 12:00:00 08D43BBDACDF23F34D79E44ED35C1B4C 9600 ----a-w- C:\WINDOWS\system32\drivers\ndistapi.sys
2006-03-02 12:00:00 03B945AC0481CD8BB161C3569D8ED1C3 29370 -c--a-w- C:\WINDOWS\system32\dllcache\ntdos411.sys
2006-03-02 12:00:00 03B945AC0481CD8BB161C3569D8ED1C3 29370 ----a-w- C:\WINDOWS\system32\ntdos411.sys
2006-03-02 12:00:00 02FC71B020EC8700EE8A46C58BC6F276 67584 ----a-w- C:\WINDOWS\system32\drivers\sdbus.sys
2006-03-02 12:00:00 02000ABF34AF4C218C35D257024807D6 14336 -c--a-w- C:\WINDOWS\system32\dllcache\asyncmac.sys
2006-03-02 12:00:00 02000ABF34AF4C218C35D257024807D6 14336 ----a-w- C:\WINDOWS\system32\drivers\asyncmac.sys
2006-03-02 12:00:00 017DAECF0ED3AA731313433601EC40FA 14592 -c--a-w- C:\WINDOWS\system32\dllcache\smclib.sys
2006-03-02 12:00:00 017DAECF0ED3AA731313433601EC40FA 14592 ----a-w- C:\WINDOWS\system32\drivers\smclib.sys
2006-03-02 12:00:00 01524CD237223B18ADBB48F70083F101 34432 -c--a-w- C:\WINDOWS\system32\dllcache\rawwan.sys
2006-03-02 12:00:00 01524CD237223B18ADBB48F70083F101 34432 ----a-w- C:\WINDOWS\system32\drivers\rawwan.sys
2006-03-02 12:00:00 0128E78FE835F074E469F03DB681CA9E 55936 -c--a-w- C:\WINDOWS\system32\dllcache\atmlane.sys
2006-03-02 12:00:00 0128E78FE835F074E469F03DB681CA9E 55936 ----a-w- C:\WINDOWS\system32\drivers\atmlane.sys
2006-03-02 12:00:00 00CA44E4534865F8A3B64F7C0984BFF0 36352 ----a-w- C:\WINDOWS\system32\drivers\disk.sys
2006-01-03 05:02:53 C5F2131C6C533988E5C77C98CB680582 2930887 ----a-w- C:\Documents and Settings\Eros\Configurações locais\Temporary Internet Files\Content.IE5\RJE9SHOA\2[1].zip
2006-01-03 05:02:42 68F84993A431B218510F928DD699464C 1669885 ----a-w- C:\Documents and Settings\Eros\Configurações locais\Temporary Internet Files\Content.IE5\OQ1T1GT2\1[1].zip
2006-01-01 03:56:35 4B58615D758368B3D7139E6E5CD613E0 188929 ----a-w- C:\Documents and Settings\Eros\Configurações locais\Temporary Internet Files\Content.IE5\RJE9SHOA\encfwdaps10217[1].zip

==== Chromium Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
gomekmidlodglbbmalcneegieacbdmki - C:\Arquivos de programas\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx[14/07/2014 19:00]

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome"
"Default_Page_URL"="http://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]
"(Default)"="http://search.msn.com/results.asp?q=%s"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
No DefaultScope Set For HKCU

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]
"(Default)"="http://search.msn.com/results.asp?q=%s"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}"

==== C:\zoek_backup content ======================

C:\zoek_backup (files=0 folders=0 0 bytes)

==== EOF on qua 04/01/2006 at 19:12:41,21 ======================

Bom Dia! Eros

> Ajustou o calendário? Pois estou vendo o ano de 2006.

< [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] >

> O relatório da ferramenta Zoek veio incompleto!
> Poste-o,novamente,hospedando-o em MyFile.tk.
> Cole aqui o link disponibilizado!

A+

Boa noite Joram,

Eu não tenho acesso ao MyFile.tk.
Como eu posso obter acesso a ele?
Tem algum problema em estar o calendário em 2006? Eu acho que a bateria que controla o calendário acabou. Eu acertei o relógio, porém, a cada vez que desligo o computador a hora muda.

Eros

Eros escreveu:Boa noite Joram,

Eu não tenho acesso ao MyFile.tk.
Como eu posso obter acesso a ele?
Tem algum problema em estar o calendário em 2006? Eu acho que a bateria que controla o calendário acabou. Eu acertei o relógio, porém, a cada vez que desligo o computador a hora muda.

Eros

Olá!

Trate de adquirir uma nova bateria,e ajustar o calendário/Relógio,para darmos prosseguimento.

A+

Olá Joram,

Acertei o relógio, e ele permaneceu.

aqui está o relatório do Zoek.

BR,

Eros


Zoek.exe v5.0.0.0 Updated 24-09-2014
Tool run by Eros on qui 25/09/2014 at 22:41:40,72.
Microsoft Windows XP Home Edition 5.1.2600 Service Pack 2 x86
Running in: Normal Mode Internet Access Detected
Launched: C:\Documents and Settings\Eros\Meus documentos\Zoek exe\zoek.exe [Scan all users] [Script inserted]

==== Older Logs ======================

C:\zoek-results2006-01-04-211241.log 469922 bytes
C:\zoek-results2014-09-25-225215.log 4710 bytes

==== Folders Found ======================


==== Files Found ======================


==== Registry Search Results for "Istart" ======================


[HKEY_USERS\S-1-5-21-484763869-2146948623-725345543-1004\Software\Adobe\Acrobat Reader\11.0\Security\cASPKI\cASPKI\cCustomCertPrefs\c312E322E3834302E3131343032312E310000\cAdobe_ChainBuilder\cAcceptablePolicyOIDs\c0]
"iStart"=dword:00000001

[HKEY_USERS\S-1-5-21-484763869-2146948623-725345543-1004\Software\Adobe\Acrobat Reader\11.0\Security\cASPKI\cASPKI\cCustomCertPrefs\c312E322E3834302E3131343032312E310000\cAdobe_ChainBuilder\cAcceptablePolicyOIDs\c1]
"iStart"=dword:00000002

[HKEY_USERS\S-1-5-21-484763869-2146948623-725345543-1004\Software\Adobe\Acrobat Reader\11.0\Security\cASPKI\cASPKI\cCustomCertPrefs\c312E322E3834302E3131343032312E312E312E310000\cAdobe_ChainBuilder\cAcceptablePolicyOIDs\c0]
"iStart"=dword:00000001

[HKEY_USERS\S-1-5-21-484763869-2146948623-725345543-1004\Software\Adobe\Acrobat Reader\11.0\Security\cASPKI\cASPKI\cCustomCertPrefs\c312E322E3834302E3131343032312E312E312E310000\cAdobe_ChainBuilder\cAcceptablePolicyOIDs\c1]
"iStart"=dword:00000002

[HKEY_USERS\S-1-5-21-484763869-2146948623-725345543-1004\Software\Adobe\Acrobat Reader\7.0\Security\cASPKI\cASPKI\cCustomCertPrefs\c312E322E3834302E3131343032312E310000\cAdobe_ChainBuilder\cAcceptablePolicyOIDs\c0]
"iStart"=dword:00000001

[HKEY_USERS\S-1-5-21-484763869-2146948623-725345543-1004\Software\Adobe\Acrobat Reader\7.0\Security\cASPKI\cASPKI\cCustomCertPrefs\c312E322E3834302E3131343032312E310000\cAdobe_ChainBuilder\cAcceptablePolicyOIDs\c1]
"iStart"=dword:00000002

[HKEY_USERS\S-1-5-21-484763869-2146948623-725345543-1004\Software\Adobe\Acrobat Reader\7.0\Security\cASPKI\cASPKI\cCustomCertPrefs\c312E322E3834302E3131343032312E312E312E310000\cAdobe_ChainBuilder\cAcceptablePolicyOIDs\c0]
"iStart"=dword:00000001

[HKEY_USERS\S-1-5-21-484763869-2146948623-725345543-1004\Software\Adobe\Acrobat Reader\7.0\Security\cASPKI\cASPKI\cCustomCertPrefs\c312E322E3834302E3131343032312E312E312E310000\cAdobe_ChainBuilder\cAcceptablePolicyOIDs\c1]
"iStart"=dword:00000002

==== Files Recently Created / Modified ======================

====== C:\WINDOWS ====
====== C:\DOCUME~1\Eros\CONFIG~1\Temp ====
====== Java Cache =====
====== C:\WINDOWS\system32 =====
====== C:\WINDOWS\system32\drivers =====
====== C:\WINDOWS\Tasks ======
====== C:\WINDOWS\Temp ======
======= C:\Arquivos de programas =====
======= C: =====
====== C:\Documents and Settings\Eros\Dados de aplicativos ======
====== C:\Documents and Settings\Eros ======

====== C: exe-files ==
2014-09-25 23:24:39 7CA4092A339EA30DE8FF06D3FF79D6ED 749648 ----a-w- C:\Arquivos de programas\Google\Update\Install\{06D7330C-7F32-40FC-B23A-F7015846219B}\37.0.2062.124_37.0.2062.120_chrome_updater.exe
2014-09-25 23:24:39 7CA4092A339EA30DE8FF06D3FF79D6ED 749648 ----a-w- C:\Arquivos de programas\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\37.0.2062.124\37.0.2062.124_37.0.2062.120_chrome_updater.exe
=== C: other files ==

==== Chromium Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
gomekmidlodglbbmalcneegieacbdmki - C:\Arquivos de programas\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx[14/07/2014 18:00]

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing  Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google  Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}"

==== C:\zoek_backup content ======================

C:\zoek_backup (files=0 folders=0 0 bytes)

==== EOF on qui 25/09/2014 at 22:46:25,25 ======================

Bom Dia! Eros

> Abra a ferramenta Zoek.

[HKEY_USERS\S-1-5-21-484763869-2146948623-725345543-1004\Software\Adobe\Acrobat Reader\11.0\Security\cASPKI\cASPKI\cCustomCertPrefs\c312E322E3834302E3131343032312E310000\cAdobe_ChainBuilder\cAcceptablePolicyOIDs\c0];r
"iStart"=-;r
[HKEY_USERS\S-1-5-21-484763869-2146948623-725345543-1004\Software\Adobe\Acrobat Reader\11.0\Security\cASPKI\cASPKI\cCustomCertPrefs\c312E322E3834302E3131343032312E310000\cAdobe_ChainBuilder\cAcceptablePolicyOIDs\c1];r
"iStart"=-;r
[HKEY_USERS\S-1-5-21-484763869-2146948623-725345543-1004\Software\Adobe\Acrobat Reader\11.0\Security\cASPKI\cASPKI\cCustomCertPrefs\c312E322E3834302E3131343032312E312E312E310000\cAdobe_ChainBuilder\cAcceptablePolicyOIDs\c0];r
"iStart"=-;r
[HKEY_USERS\S-1-5-21-484763869-2146948623-725345543-1004\Software\Adobe\Acrobat Reader\11.0\Security\cASPKI\cASPKI\cCustomCertPrefs\c312E322E3834302E3131343032312E312E312E310000\cAdobe_ChainBuilder\cAcceptablePolicyOIDs\c1];r
"iStart"=-;r
[HKEY_USERS\S-1-5-21-484763869-2146948623-725345543-1004\Software\Adobe\Acrobat Reader\7.0\Security\cASPKI\cASPKI\cCustomCertPrefs\c312E322E3834302E3131343032312E310000\cAdobe_ChainBuilder\cAcceptablePolicyOIDs\c0];r
"iStart"=-;r
[HKEY_USERS\S-1-5-21-484763869-2146948623-725345543-1004\Software\Adobe\Acrobat Reader\7.0\Security\cASPKI\cASPKI\cCustomCertPrefs\c312E322E3834302E3131343032312E310000\cAdobe_ChainBuilder\cAcceptablePolicyOIDs\c1];r
"iStart"=-;r
[HKEY_USERS\S-1-5-21-484763869-2146948623-725345543-1004\Software\Adobe\Acrobat Reader\7.0\Security\cASPKI\cASPKI\cCustomCertPrefs\c312E322E3834302E3131343032312E312E312E310000\cAdobe_ChainBuilder\cAcceptablePolicyOIDs\c0];r
"iStart"=-;r
[HKEY_USERS\S-1-5-21-484763869-2146948623-725345543-1004\Software\Adobe\Acrobat Reader\7.0\Security\cASPKI\cASPKI\cCustomCertPrefs\c312E322E3834302E3131343032312E312E312E310000\cAdobe_ChainBuilder\cAcceptablePolicyOIDs\c1];r
"iStart"=-;r

> Copie e cole estas informações,que estão em vermelho,no campo da ferramenta.
> Clique "Run Script".
> Aguarde a conclusão e poste o relatório!

A+

Bom dia Joram,

Aqui esta o novo relatório do Zoek conforme você me solicitou.

Obrigado,

Eros

Zoek.exe v5.0.0.0 Updated 26-09-2014
Tool run by Eros on sex 26/09/2014 at  6:23:24,35.
Microsoft Windows XP Home Edition 5.1.2600 Service Pack 2 x86
Running in: Normal Mode Internet Access Detected
Launched: C:\Documents and Settings\Eros\Meus documentos\Downloads\zoek.exe [Scan all users] [Script inserted]

==== Older Logs ======================

C:\zoek-results2006-01-04-211241.log 469922 bytes
C:\zoek-results2014-09-25-225215.log 4710 bytes
C:\zoek-results2014-09-26-014625.log 4991 bytes

==== Registry Fix Code ======================

Windows Registry Editor Version 5.00

[HKEY_USERS\S-1-5-21-484763869-2146948623-725345543-1004\Software\Adobe\Acrobat Reader\11.0\Security\cASPKI\cASPKI\cCustomCertPrefs\c312E322E3834302E3131343032312E310000\cAdobe_ChainBuilder\cAcceptablePolicyOIDs\c0]
"iStart"=-
[HKEY_USERS\S-1-5-21-484763869-2146948623-725345543-1004\Software\Adobe\Acrobat Reader\11.0\Security\cASPKI\cASPKI\cCustomCertPrefs\c312E322E3834302E3131343032312E310000\cAdobe_ChainBuilder\cAcceptablePolicyOIDs\c1]
"iStart"=-
[HKEY_USERS\S-1-5-21-484763869-2146948623-725345543-1004\Software\Adobe\Acrobat Reader\11.0\Security\cASPKI\cASPKI\cCustomCertPrefs\c312E322E3834302E3131343032312E312E312E310000\cAdobe_ChainBuilder\cAcceptablePolicyOIDs\c0]
"iStart"=-
[HKEY_USERS\S-1-5-21-484763869-2146948623-725345543-1004\Software\Adobe\Acrobat Reader\11.0\Security\cASPKI\cASPKI\cCustomCertPrefs\c312E322E3834302E3131343032312E312E312E310000\cAdobe_ChainBuilder\cAcceptablePolicyOIDs\c1]
"iStart"=-
[HKEY_USERS\S-1-5-21-484763869-2146948623-725345543-1004\Software\Adobe\Acrobat Reader\7.0\Security\cASPKI\cASPKI\cCustomCertPrefs\c312E322E3834302E3131343032312E310000\cAdobe_ChainBuilder\cAcceptablePolicyOIDs\c0]
"iStart"=-
[HKEY_USERS\S-1-5-21-484763869-2146948623-725345543-1004\Software\Adobe\Acrobat Reader\7.0\Security\cASPKI\cASPKI\cCustomCertPrefs\c312E322E3834302E3131343032312E310000\cAdobe_ChainBuilder\cAcceptablePolicyOIDs\c1]
"iStart"=-
[HKEY_USERS\S-1-5-21-484763869-2146948623-725345543-1004\Software\Adobe\Acrobat Reader\7.0\Security\cASPKI\cASPKI\cCustomCertPrefs\c312E322E3834302E3131343032312E312E312E310000\cAdobe_ChainBuilder\cAcceptablePolicyOIDs\c0]
"iStart"=-
[HKEY_USERS\S-1-5-21-484763869-2146948623-725345543-1004\Software\Adobe\Acrobat Reader\7.0\Security\cASPKI\cASPKI\cCustomCertPrefs\c312E322E3834302E3131343032312E312E312E310000\cAdobe_ChainBuilder\cAcceptablePolicyOIDs\c1]
"iStart"=-

==== C:\zoek_backup content ======================

C:\zoek_backup (files=0 folders=0 0 bytes)

==== EOF on sex 26/09/2014 at  6:25:41,79 ======================

Bom Dia! Eros

Informações ao Registro:

> Copie estas entradas,que estão no spoiler,para o Bloco de Notas.
>
> Não esqueça de copiar o título,junto com as informações: Windows Registry Editor Version 5.00
>
> Salve este Bloco de Notas ao desktop,com o nome: IST.reg
> Mas... antes de salvar,coloque o Bloco para Tipo: "Todos os arquivos"
> Será criado um arquivo de Informações ao Registro do Windows.
> Vá ao desktop e o abra com o Editor do registro.
> Basta dar clique direito nesse arquivo e escolher: "Abrir com" >> "Editor do registro"
> Confirme e reinicie o computador!
> Informe se,ainda,ocorre algum problema.

A+

Olá Joram,

Deu tudo certo, meu pc está ótimo.

Muito obrigado pelo seu suporte. Você foi muito atencioso comigo, embora eu seja um "Zero a esquerda" em conhecer computadores, você me prestou um serviço enorme, foi simples no teu linguajar técnico e não perdeu tempo em me dar as dicas corretamente.

Muito obrigado e Deus te abençoe muito em todas as áreas da tua vida, visto que você se importa com as pessoas mesmo sem as conhecer.

Muito obrigado de coração,

Eros

Bom Dia! Eros

> Seu Tópico foi desarquivado!
> O que ocorre?

A+

Olá Joram,

Não consigo entrar no google ou no meu e-mail particular, ou seja tudo o que tem HTTP aparece uma barra vermelha sobre o HTTP e um aviso de que tem alguém comigo tentanto acessá-la. (esta pagina não é particular) por favor veja isso quando tento entrar no MSN outlook:
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Sua conexão não é particular
Invasores podem estar tentando roubar suas informações de [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] (por exemplo, senhas, mensagens ou cartões de crédito).

agradeço em adiantado,

Eros

Boa Tarde! Eros

< [Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem] >

> Poste o log do HijackThis,segundo a [Tens de ter uma conta e sessão iniciada para poderes visualizar este link].

A+

Paginas com http, aparecem com estas letras cortadas e não consigo acesso.


Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 08:53:06, on 4/10/2014
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Arquivos de programas\AVAST Software\Avast\AvastSvc.exe
C:\Arquivos de programas\AVAST Software\Avast\afwServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Arquivos de programas\Vtune\TBPanel.exe
C:\Arquivos de programas\AVAST Software\Avast\AvastUI.exe
C:\Arquivos de programas\Microsoft IntelliPoint\ipoint.exe
C:\Arquivos de programas\Hp\HP Software Update\HPWuSchd2.exe
C:\Arquivos de programas\Arquivos comuns\Java\Java Update\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\RunDll32.exe
C:\Arquivos de programas\Java\jre7\bin\jqs.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\wbem\unsecapp.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\Arquivos de programas\Google\Chrome\Application\chrome.exe
C:\Arquivos de programas\Google\Chrome\Application\chrome.exe
C:\Arquivos de programas\Google\Chrome\Application\chrome.exe
C:\Arquivos de programas\Google\Chrome\Application\chrome.exe
C:\Arquivos de programas\Google\Chrome\Application\chrome.exe
C:\Arquivos de programas\Microsoft Office\Office12\WINWORD.EXE
C:\Documents and Settings\Eros\Desktop\FSCapture.exe
C:\Arquivos de programas\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Eros\Meus documentos\Downloads\HijackThis (3).exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = &http://home.microsoft.com/intl/br/access/allinone.asp
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = &http://home.microsoft.com/intl/br/access/allinone.asp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = &http://home.microsoft.com/intl/br/access/allinone.asp
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Arquivos de programas\Java\jre1.8.0_20\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Arquivos de programas\Java\jre1.8.0_20\bin\jp2ssv.dll
O4 - HKLM\..\Run: [Gainward] C:\Arquivos de programas\Vtune\TBPanel.exe /A
O4 - HKLM\..\Run: [JMB36X Configure] C:\WINDOWS\system32\JMRaidTool.exe boot
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Arquivos de programas\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [IntelliPoint] "C:\Arquivos de programas\Microsoft IntelliPoint\ipoint.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [HP Software Update] C:\Arquivos de programas\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Arquivos de programas\Arquivos comuns\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Monitorar alertas de tinta - HP Officejet Pro 8600.lnk = ?
O8 - Extra context menu item: E&xportar para o Microsoft Excel - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O9 - Extra button: Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\ARQUIV~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\ARQUIV~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\ARQUIV~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe
O14 - IERESET.INF: SEARCH_PAGE_URL=&http://home.microsoft.com/intl/br/access/allinone.asp
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O22 - SharedTaskScheduler: Pré-carregador Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Daemon de cache de categorias de componente - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: avast! Antivirus - AVAST Software - C:\Arquivos de programas\AVAST Software\Avast\AvastSvc.exe
O23 - Service: avast! Firewall - AVAST Software - C:\Arquivos de programas\AVAST Software\Avast\afwServ.exe
O23 - Service: Serviço do Google Update (gupdate) (gupdate) - Google Inc. - C:\Arquivos de programas\Google\Update\GoogleUpdate.exe
O23 - Service: Serviço do Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Arquivos de programas\Google\Update\GoogleUpdate.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle Corporation - C:\Arquivos de programas\Java\jre7\bin\jqs.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

--
End of file - 6200 bytes

Boa Noite! Eros

> Baixe: < [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] >  < [Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem] > ( ... de Nicolas Coolman )
> Ou [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] << Link!
> Salve-o no disco local! ( C ou D )
> Desabilite seu antivírus e execute "ZHPDiag2.exe",para instalar a ferramenta.

[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]

> Execute o ícone do pergaminho. ( ZHPDiag )

[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]

> Clique "COMPLETA" e aguarde a conclusão!
> Clique OK e,ao concluir,poste o relatório! ( ZHPDiag.txt )
> Ps: Como o log será extenso,envie-o à [Tens de ter uma conta e sessão iniciada para poderes visualizar este link].

> Ou acesse: < [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] >

> Ou acesse: < [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] >

> Ou anexe-o |[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]| << Link!

> Maiores informações: < |[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]| > << Hospedagem!

A+

1ºs 50% do ZHP Diag2

~ Relatório do ZHPDiag v2014.8.28.125 - Nicolas Coolman (28/8/2014)
~ Iniciado por Eros (5/10/2014 03:28:54)
~ Endereço do Website : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
~ Endereço do Webforum : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
~ Tradução pelo utilizador
~ Estatuto da versão : Nova Versão disponivel
~ Lista Branca : Desativado pelo Utilizador
~ Elevação dos Privilégios : OK
~ Controle de Conta de Utilizador : Not Found


---\\ Navegadores Internet
MSIE: Internet Explorer v6.0.2900.2180
GCIE: Google Chrome v37.0.2062.124 (Defaut)

---\\ Informações sobre os produtos Windows
~ Langage: Portugais
Microsoft Windows XP, 32-bit Service Pack 2 (Build 2600)
Windows Automatic Updates : OK
Windows Genuine Advantage : KO

---\\ Softwares de proteçao do sistema
avast! Internet Security v9.0.2021

---\\ Softwares d'optimização do sistema
CCleaner v4.14

---\\ Softwares de partilha do PeerToPeer (P2P)

---\\ Monitoramento dos softwares
Adobe Reader XI
Java 7 Update 65

---\\ Informações sobre o sistema
~ Processor: x86 Family 6 Model 15 Stepping 2, GenuineIntel
~ Operating System: 32 Bits
Boot mode: Normal (Normal boot)
Total RAM: 2046 MB (65% free)
System Restore: Activé (Enable)
System drive C: has 92 GB (78%) free of 117 GB

---\\ Modo de conexão ao sistema
~ Computer Name: CASA
~ User Name: Eros
~ All Users Names: SUPPORT_388945a0, Nadja, Jéssica, HelpAssistant, Eros, Convidado, Administrador,
~ Unselected Option: None
Logged in as Administrator

---\\ As variáveis de ambiente
~ System Unit : C:\
~ %AppZHP% : C:\Documents and Settings\Eros\Dados de aplicativos\ZHP\
~ %AppData% : C:\Documents and Settings\Eros\Dados de aplicativos\
~ %Desktop% : C:\Documents and Settings\Eros\Desktop\
~ %Favorites% : C:\Documents and Settings\Eros\Favoritos\
~ %LocalAppData% : C:\Documents and Settings\Eros\Configurações locais\Dados de aplicativos\
~ %StartMenu% : C:\Documents and Settings\Eros\Menu Iniciar\
~ %Windir% : C:\WINDOWS\
~ %System% : C:\WINDOWS\system32\

---\\ Enumeração das unidades dos discos
A: Floppy drive, Flash card reader, USB Key (Not Inserted)
C: Hard drive, Flash drive, Thumb drive (Free 92 Go of 117 Go)
D: Hard drive, Flash drive, Thumb drive (Free 111 Go of 116 Go)
E: CD-ROM drive (Not Inserted)



---\\ Estado do Centro de Segurança do Windows
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Intl: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] XMLLookup: OK
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
[HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] Load: OK
[HKLM\SYSTEM\CurrentControlSet\Services\COMSysApp] Type: OK
~ Security Center: 40 Scanned in 00mn 00s



---\\ Pesquisa particular de ficheiros genéricos
[MD5.FA61A19050AE14BEC1A26DE82390DD65] - (.Microsoft Corporation - Windows Explorer.) (.2/3/2006 - 09:00:00.) -- C:\WINDOWS\Explorer.exe [1034240]
[MD5.398A619CE60090303042D1F8CC68F712] - (.Microsoft Corporation - Internet Extensions para Win32.) (.2/3/2006 - 09:00:00.) -- C:\WINDOWS\system32\wininet.dll [658432]
[MD5.6F7BDE7A1126DEBF0CC359A54953EFC1] - (.Microsoft Corporation - Aplicativo de logon do Windows NT.) (.2/3/2006 - 09:00:00.) -- C:\WINDOWS\system32\Winlogon.exe [504320]
[MD5.5AC495F4CB807B2B98AD2AD591E6D92E] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.2/3/2006 - 09:00:00.) -- C:\WINDOWS\system32\Drivers\AFD.sys [138496]
[MD5.CDFE4411A69C224BD1D11B2DA92DAC51] - (.Microsoft Corporation - IDE/ATAPI Port Driver.) (.2/3/2006 - 09:00:00.) -- C:\WINDOWS\system32\Drivers\atapi.sys [95360]
[MD5.CD7D5152DF32B47F4E36F710B35AAE02] - (.Microsoft Corporation - CD-ROM File System Driver.) (.2/3/2006 - 09:00:00.) -- C:\WINDOWS\system32\Drivers\Cdfs.sys [63744]
[MD5.AF9C19B3100FE010496B1A27181FBF72] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.2/3/2006 - 09:00:00.) -- C:\WINDOWS\system32\Drivers\Cdrom.sys [49536]
[MD5.8EC0D923CD6128DE73DDA0DF082BB985] - (.Microsoft Corporation - FIPS Crypto Driver.) (.2/3/2006 - 09:00:00.) -- C:\WINDOWS\system32\Drivers\Fips.sys [35072]
[MD5.CBC3DEF409549672B915FB9403D63F74] - (.Windows (R) Server 2003 DDK provider - High Definition Audio Bus Driver v1.0a.) (.27/10/2004 - 15:21:36.) -- C:\WINDOWS\system32\Drivers\HDAudBus.sys [138240]
[MD5.FCAD1D4A4724B6FA6F05A5DB7F89443C] - (.Microsoft Corporation - Driver de porta i8042.) (.2/3/2006 - 09:00:00.) -- C:\WINDOWS\system32\Drivers\i8042prt.sys [53760]
[MD5.F8AA320C6A0409C0380E5D8A99D76EC6] - (.Microsoft Corporation - IMAPI Kernel Driver.) (.2/3/2006 - 09:00:00.) -- C:\WINDOWS\system32\Drivers\Imapi.sys [41856]
[MD5.B5A8E215AC29D24D60B4D1250EF05ACE] - (.Microsoft Corporation - IP Network Address Translator.) (.2/3/2006 - 09:00:00.) -- C:\WINDOWS\system32\Drivers\IpNat.sys [134912]
[MD5.64537AA5C003A6AFEEE1DF819062D0D1] - (.Microsoft Corporation - IPSec Driver.) (.2/3/2006 - 09:00:00.) -- C:\WINDOWS\system32\Drivers\IPSec.sys [74752]
[MD5.1FD607FC67F7F7C633C3DA65BFC53D18] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.2/3/2006 - 09:00:00.) -- C:\WINDOWS\system32\Drivers\MRxSmb.sys [451456]
[MD5.0C80E410CD2F47134407EE7DD19CC86B] - (.Microsoft Corporation - MBT Transport driver.) (.2/3/2006 - 09:00:00.) -- C:\WINDOWS\system32\Drivers\netBT.sys [162816]
[MD5.B78BE402C3F63DD55521F73876951CDD] - (.Microsoft Corporation - NT File System Driver.) (.2/3/2006 - 09:00:00.) -- C:\WINDOWS\system32\Drivers\ntfs.sys [574592]
[MD5.8B225D87CBE08A5CB090BBF9F7DE1D30] - (.Microsoft Corporation - Driver de porta paralela.) (.2/3/2006 - 09:00:00.) -- C:\WINDOWS\system32\Drivers\Parport.sys [80384]
[MD5.98FAEB4A4DCF812BA1C6FCA4AA3E115C] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.2/3/2006 - 09:00:00.) -- C:\WINDOWS\system32\Drivers\Rasl2tp.sys [51328]
[MD5.A2CAE2C60BC37E0751EF9DDA7CEAF4AD] - (.Microsoft Corporation - Microsoft RDP Device redirector.) (.3/8/2004 - 23:01:16.) -- C:\WINDOWS\system32\Drivers\rdpdr.sys [196864]
[MD5.DDD1A19CD2EDA2D6AE5AB61BAAEB4278] - (.Microsoft Corporation - Redbook Audio Filter Driver.) (.3/8/2004 - 21:36:32.) -- C:\WINDOWS\system32\Drivers\redbook.sys [57984]
[MD5.EB2F82AAEADCC9BAAC66CBA4D714E338] - (.Microsoft Corporation - Driver de cópia de sombra de volume.) (.2/3/2006 - 09:00:00.) -- C:\WINDOWS\system32\Drivers\volsnap.sys [53248]
~ Generic Processes: Scanned in 00mn 00s



---\\ Estatuto dos ficheiros ocultos (Oculto/Total)
~ Mes images (My Pictures) : 1/7
~ Mes musiques (My Musics) : 1/534
~ Mes Videos (My Videos) : 0/0
~ Mes Favoris (My Favorites) : 1/8
~ Mes Documents (My Documents) : 1/679
~ Mon Bureau (My Desktop) : 2/76
~ Menu demarrer (Programs) : 1/36
~ Hidden Files: Scanned in 00mn 00s



---\\ Processos lançados
[MD5.73F5C13B431915BAE35254B4E95DFB71] - (.AVAST Software - avast! Service.) -- C:\Arquivos de programas\AVAST Software\Avast\AvastSvc.exe [50344] [PID.1724]
[MD5.D386D51B1839E208EF7CCFBFA964638E] - (.AVAST Software - avast! firewall service.) -- C:\Arquivos de programas\AVAST Software\Avast\afwServ.exe [106488] [PID.1868]
[MD5.28FECC2B93132BD283226E61C4011171] - (.No owner - Vtune : Display Control Panel.) -- C:\Arquivos de programas\Vtune\TBPanel.exe [2162688] [PID.640]
[MD5.26B558B2D31C7425B455B00E562EAD93] - (.AVAST Software - avast! Antivirus.) -- C:\Arquivos de programas\AVAST Software\Avast\AvastUI.exe [4085896] [PID.660]
[MD5.697E07302EC965393ABC85AD5C2C8D53] - (.Microsoft Corporation - IPoint.exe.) -- C:\Arquivos de programas\Microsoft IntelliPoint\ipoint.exe [1797008] [PID.672]
[MD5.34D296AFC913E302953C70463EF09A48] - (.Hewlett-Packard - hpwuSchd Application.) -- C:\Arquivos de programas\Hp\HP Software Update\HPWuSchd2.exe [96056] [PID.696]
[MD5.4E534A59198D80FFC824F7FFE58D6658] - (.Oracle Corporation - Java Update Scheduler.) -- C:\Arquivos de programas\Arquivos comuns\Java\Java Update\jusched.exe [507776] [PID.704]
[MD5.730EAD05B1FC178629F437F8A1D76E27] - (...) -- ystem32\RunDll32.exe [0] [PID.724]
[MD5.A980296E1EC9921356F0D8AD06A6EF9C] - (.Oracle Corporation - Java Quick Starter Service.) -- C:\Arquivos de programas\Java\jre7\bin\jqs.exe [182696] [PID.1228]
[MD5.357CDE6C24EB15888E810C6D2787C238] - (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 169.0.) -- C:\WINDOWS\system32\nvsvc32.exe [155716] [PID.1352]
[MD5.379C7AC3EBCB636ECDB704E188A96A13] - (.Microsoft Corporation - Application Layer Gateway Service.) -- C:\WINDOWS\System32\alg.exe [44544] [PID.2672]
[MD5.D87ACAED61E417BBA546CED5E7E36D9C] - (.Microsoft Corporation - .NET Runtime Optimization Service.) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [69632] [PID.2144]
[MD5.27E82BBBDFA547F64916A94AE7AA0CDB] - (.Samsung - AutoBackup.) -- C:\Arquivos de programas\Samsung\PC Auto Backup\AutoBackup.exe [836096] [PID.1444]
[MD5.66887CCA6BB95BFF71C6B8120EAF04AA] - (.Samsung - WiselinkPro.) -- C:\Arquivos de programas\Samsung\PC Auto Backup\WiselinkPro.exe [7274561] [PID.2780]
[MD5.7D4375BA86B3BB9E8311260088D56E7D] - (...) -- C:\Arquivos de programas\Samsung\PC Auto Backup\http_ss_win_pro.exe [520295] [PID.3376]
[MD5.5AB8DB8F9CADBFBB3C132E8316FE337E] - (.Google Inc. - Google Chrome.) -- C:\Arquivos de programas\Google\Chrome\Application\chrome.exe [852808] [PID.2504]
[MD5.33BF80A2291C54DC7D7601CDEF63138E] - (.Nicolas Coolman - ZHPDiag.) -- C:\Arquivos de programas\ZHPDiag\ZHPDiag.exe [8099328] [PID.1328]
~ Processes Running: Scanned in 00mn 00s



---\\ Mozilla Firefox, Plugins,Arranque,Pesquisa,Extensões (P2,M0,M1,M2,M3)
P2 - FPN: [HKLM] [@java.com/DTPlugin,version=11.20.2] - (.Oracle Corporation - NPRuntime Script Plug-in Library for Java(TM) Deploy.) -- C:\Arquivos de programas\Java\jre1.8.0_20\bin\dtplugin\npDeployJava1.dll
P2 - FPN: [HKLM] [@java.com/JavaPlugin,version=11.20.2] - (.Oracle Corporation - Next Generation Java Plug-in 11.20.2 for Mozilla browsers.) -- C:\Arquivos de programas\Java\jre1.8.0_20\bin\plugin2\npjp2.dll
P2 - FPN: [HKLM] [@Microsoft.com/NpCtrl,version=1.0] - (. Microsoft Corporation - 5.1.20513.0.) -- C:\Arquivos de programas\Microsoft Silverlight\5.1.20513.0\npctrl.dll
P2 - FPN: [HKLM] [@tools.google.com/Google Update;version=3] - (.Google Inc. - Google Update.) -- C:\Arquivos de programas\Google\Update\1.3.24.15\npGoogleUpdate3.dll
P2 - FPN: [HKLM] [@tools.google.com/Google Update;version=9] - (.Google Inc. - Google Update.) -- C:\Arquivos de programas\Google\Update\1.3.24.15\npGoogleUpdate3.dll
P2 - FPN: [HKLM] [Adobe Reader] - (.Adobe Systems Inc. - Adobe PDF Plug-In For Firefox and Netscape 11.0.8.) -- C:\Arquivos de programas\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
~ Firefox Browser: 6 Scanned in 00mn 00s



---\\ Internet Explorer, Arranque, Pesquisa, URLSearchHook( gancho de URL), Phishing (R0,R1,R3,R4)
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = &http://home.microsoft.com
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = &http://home.microsoft.com
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = &http://home.microsoft.com
R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Adobe Systems Inc. - Adobe PDF Plug-In For Firefox and Netscape 11.0.8.) (No version) -- (.not file.)
~ IE Browser: 9 Scanned in 00mn 00s



---\\ Internet Explorer, Gestão do Proxy (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s



---\\ Análise das linhas F0, F1, F2, F3 - Ficheiros ini, Carregamento Automático de programas
F2 - REG:system.ini: USERINIT=C:\WINDOWS\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\WINDOWS\explorer.exe
F2 - REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL "sysdm.cpl"
~ Keys: Scanned in 00mn 00s



---\\ Redireção do ficheiro Hosts (01)
~ Le fichier hôte est sain (The hosts file is clean) (19)
~ Hosts File: Scanned in 00mn 00s



---\\ Browser Helper Objects do navegador (02)
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} . (.Oracle Corporation - Java(TM) Platform SE binary.) -- C:\Arquivos de programas\Java\jre1.8.0_20\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Oracle Corporation - Java(TM) Platform SE binary.) -- C:\Arquivos de programas\Java\jre1.8.0_20\bin\jp2ssv.dll
~ BHO: 4 Scanned in 00mn 00s



---\\ Barras do Internet Explorer (03))
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{01E04581-4EEE-11D0-BFE9-00AA005B4383} Chave orfã
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{0E5CBF21-D15F-11D0-8301-00AA005B4383} Chave orfã
~ Toolbar: Scanned in 00mn 00s



---\\ Aplicações iniciadas por registo & pastas (04)
O4 - HKLM\..\Run: [Gainward] . (.No owner - Vtune : Display Control Panel.) -- C:\Arquivos de programas\Vtune\TBPanel.exe
O4 - HKLM\..\Run: [JMB36X Configure] . (.JMicron Technology Corp. - JMB36X RAID Configurer.) -- C:\WINDOWS\system32\JMRaidTool.exe
O4 - HKLM\..\Run: [AvastUI.exe] . (.AVAST Software - avast! Antivirus.) -- C:\Arquivos de programas\AVAST Software\Avast\AvastUI.exe
O4 - HKLM\..\Run: [IntelliPoint] . (.Microsoft Corporation - IPoint.exe.) -- C:\Arquivos de programas\Microsoft IntelliPoint\ipoint.exe
O4 - HKLM\..\Run: [NvCplDaemon] . (.NVIDIA Corporation - NVIDIA Display Properties Extension.) -- C:\WINDOWS\system32\NvCpl.dll =>.NVIDIA Corporation
O4 - HKLM\..\Run: [HP Software Update] . (.Hewlett-Packard - hpwuSchd Application.) -- C:\Arquivos de programas\Hp\HP Software Update\HPWuSchd2.exe =>.Hewlett-Packard Co
O4 - HKLM\..\Run: [SunJavaUpdateSched] . (.Oracle Corporation - Java Update Scheduler.) -- C:\Arquivos de programas\Arquivos comuns\Java\Java Update\jusched.exe =>.Oracle Corporation
O4 - HKCU\..\Run: [ctfmon.exe] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\CTFMON.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\CTFMON.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\CTFMON.exe
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\CTFMON.exe
O4 - HKUS\S-1-5-21-484763869-2146948623-725345543-1004\..\Run: [ctfmon.exe] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe
~ Application: Scanned in 00mn 00s



---\\ Boutões da barra de ferramentas principal do Internet Explorer (09)
O9 - Extra button: &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} . (.Microsoft Corporation - Microsoft Office OneNote Internet Explorer Add-in.) -- C:\ARQUIV~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} . (...) -- C:\Arquivos de programas\Microsoft Office\Office12\REFBARH.ICO
O9 - Extra button: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} . (.Microsoft Corporation - Windows Messenger.) -- C:\Arquivos de programas\Messenger\msmsgs.exe
~ IE Extra Buttons: Scanned in 00mn 00s



---\\ Winsock hijacker (Layered Service Provider) (O10)
O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Fornecedor de serviços do Microsoft Windows Sockets 2.0.) -- C:\WINDOWS\system32\mswsock.dll
O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\WINDOWS\system32\winrnr.dll
O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fornecedor de serviços do Microsoft Windows Sockets 2.0.) -- C:\WINDOWS\system32\mswsock.dll
~ Winsock: 3 Scanned in 00mn 00s



---\\ Piratagem da Opção " Redefinir Configurações da Web " (014)
O14 - IERESET.INF: SEARCH_PAGE_URL=SEARCH_PAGE_URL="&http://home.microsoft.com/intl/br/access/allinone.asp"
O14 - IERESET.INF: SAFESITE_VALUE=SAFESITE_VALUE="search.msn.com.br"
~ IE Paramètres WEB: Scanned in 00mn 00s



---\\ Objets ActiveX (Downloaded Program Files)(O16)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} ((no name)) - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} ((no name)) - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
~ Objets ActiveX: Scanned in 00mn 00s



---\\ Alteração Dominio/Clientes DNS (017)
O17 - HKLM\System\CCS\Services\Tcpip\..\{041B56BC-AF66-44DC-8BC0-601192A2936E}: DhcpNameServer = 189.4.0.152 189.4.0.157
O17 - HKLM\System\CS1\Services\Tcpip\..\{041B56BC-AF66-44DC-8BC0-601192A2936E}: DhcpNameServer = 189.4.0.152 189.4.0.157
O17 - HKLM\System\CS3\Services\Tcpip\..\{041B56BC-AF66-44DC-8BC0-601192A2936E}: DhcpNameServer = 189.4.0.152 189.4.0.157
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 189.4.0.152 189.4.0.157
~ Domain: Scanned in 00mn 00s



---\\ Protocolo adicional (018)
O18 - Handler: wia - {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} . (.Microsoft Corporation - WIA Scripting Layer.) -- C:\WINDOWS\system32\wiascr.dll
O18 - Filter: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\OFFICE12\MSOXMLMF.dll =>.Microsoft Corporation
~ Protocole Additionnel: Scanned in 00mn 00s



---\\ Valor do Registo AppInit_DLLs e sub-chaves Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: crypt32chain . (.Microsoft Corporation - Crypto API32.) -- C:\WINDOWS\system32\crypt32.dll
O20 - Winlogon Notify: cryptnet . (.Microsoft Corporation - Crypto Network Related API.) -- C:\WINDOWS\system32\cryptnet.dll
O20 - Winlogon Notify: cscdll . (.Microsoft Corporation - Agente de rede off-line.) -- C:\WINDOWS\system32\cscdll.dll
O20 - Winlogon Notify: ScCertProp . (.Microsoft Corporation - DLL comum para receber notificações do Winl.) -- C:\WINDOWS\system32\wlnotify.dll
O20 - Winlogon Notify: Schedule . (.Microsoft Corporation - DLL comum para receber notificações do Winl.) -- C:\WINDOWS\system32\wlnotify.dll
O20 - Winlogon Notify: sclgntfy . (.Microsoft Corporation - DLL de notificação do serviço de logon secu.) -- C:\WINDOWS\system32\sclgntfy.dll
O20 - Winlogon Notify: SensLogn . (.Microsoft Corporation - DLL comum para receber notificações do Winl.) -- C:\WINDOWS\system32\WlNotify.dll
O20 - Winlogon Notify: termsrv . (.Microsoft Corporation - DLL comum para receber notificações do Winl.) -- C:\WINDOWS\system32\wlnotify.dll
O20 - Winlogon Notify: wlballoon . (.Microsoft Corporation - DLL comum para receber notificações do Winl.) -- C:\WINDOWS\system32\wlnotify.dll
~ Winlogon: Scanned in 00mn 00s



---\\ Chave do Registo autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21)
O21 - SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} . (.Microsoft Corporation - DLL comum do Shell do Windows.) -- C:\WINDOWS\system32\SHELL32.dll
O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} . (.Microsoft Corporation - DLL comum do Shell do Windows.) -- C:\WINDOWS\system32\SHELL32.dll
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} . (.Microsoft Corporation - Monitor de sites da Web.) -- C:\WINDOWS\system32\webcheck.dll
O21 - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} . (.Microsoft Corporation - Objeto de serviço do shell de Systray.) -- C:\WINDOWS\system32\stobject.dll
~ SSODL: 4 Scanned in 00mn 00s



---\\ Chave do Registo autorun SharedTaskScheduler (STS) (O22)
O22 - SharedTaskScheduler: Pré-carregador Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} . (.Microsoft Corporation - Biblioteca da interface de usuário do naveg.) -- C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Pré-carregador Browseui - {8C7461EF-2B13-11d2-BE35-3078302C2030} . (.Microsoft Corporation - Biblioteca da interface de usuário do naveg.) -- C:\WINDOWS\system32\browseui.dll
~ STS/SSO: Scanned in 00mn 00s



---\\ Lista dos serviços NT não Microsoft e não desativados (023)
O23 - Service: avast! Antivirus (avast! Antivirus) . (.AVAST Software - avast! Service.) - C:\Arquivos de programas\AVAST Software\Avast\AvastSvc.exe
O23 - Service: avast! Firewall (avast! Firewall) . (.AVAST Software - avast! firewall service.) - C:\Arquivos de programas\AVAST Software\Avast\afwServ.exe
O23 - Service: Serviço do Google Update (gupdate) (gupdate) . (.Google Inc. - Google Installer.) - C:\Arquivos de programas\Google\Update\GoogleUpdate.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) . (.Oracle Corporation - Java Quick Starter Service.) - C:\Arquivos de programas\Java\jre7\bin\jqs.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) . (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 169.0.) - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: SAMSUNG WiselinkPro Service (WiselinkPro) . (.Samsung - WiselinkPro.) - C:\Arquivos de programas\Samsung\PC Auto Backup\WiselinkPro.exe
~ Services: 6 Scanned in 00mn 02s



---\\ Enumeração Ativa do Ambiente de trabalho & Editor MHTML (024)
O24 - Desktop Component 0: Minha página inicial atual - file:About:Home
O24 - Default MHTML Editor: Last - .(.Microsoft Corporation - Microsoft Office Word.) - C:\Arquivos de programas\Microsoft Office\Office12\WINWORD.exe
O24 - Desktop General: BackupWallPaper - .(...) - C:\WINDOWS\web\wallpaper\Alegria.bmp
O24 - Desktop General: WallPaper - .(...) - C:\WINDOWS\web\wallpaper\Alegria.bmp
~ Desktop Component: 4 Scanned in 00mn 00s



---\\ Listagem dos dados do BootExecute (Bex) (034)
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
~ BEX: 1 Scanned in 00mn 00s



---\\ Tarefas planificadas automaticamente (039)
O39 - APT: - (..) -- C:\WINDOWS\Tasks\avast! Emergency Update.job [380]
O39 - APT: - (..) -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job [1064]
O39 - APT: - (..) -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job [1068]
O39 - APT: - (..) -- C:\WINDOWS\Tasks\Microsoft_Hardware_Launch_IPoint_exe.job [320]
O39 - APT: - (..) -- C:\WINDOWS\Tasks\Microsoft_Hardware_Launch_rundll32_exe.job [294]
~ Scheduled Task: 5 Scanned in 00mn 00s



---\\ Componentes instalados (ActiveSetup Installed Components) (040)
O40 - ASIC: Windows Media Player - >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Utilitário de Instalação do Microsoft Windows Media Player.) -- C:\WINDOWS\inf\unregmp2.exe =>.Microsoft Corporation
O40 - ASIC: Internet Explorer - >{26923b43-4d38-484f-9b9e-de460746276c} . (.Microsoft Corporation - Windows NT User Data Migration Tool.) -- C:\WINDOWS\system32\shmgrate.exe
O40 - ASIC: Outlook Express - >{881dd1c5-3dcf-431b-b061-f3f88e8be88a} . (.Microsoft Corporation - Windows NT User Data Migration Tool.) -- C:\WINDOWS\system32\shmgrate.exe =>.Microsoft Corporation
O40 - ASIC: Microsoft NetShow Player - {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} . (.Microsoft Corporation - Windows Media 6.4 Player Shim.) -- C:\WINDOWS\system32\wmpdxm.dll
O40 - ASIC: Microsoft Windows Media Player 6.4 - {22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Windows Media 6.4 Player Shim.) -- C:\WINDOWS\system32\wmpdxm.dll =>.Microsoft Corporation
O40 - ASIC: DirectAnimation - {283807B5-2C60-11D0-A31D-00AA00B92C03} . (.Microsoft Corporation - Mídia DirectX -- DirectAnimation.) -- C:\WINDOWS\system32\danim.dll
O40 - ASIC: Themes Setup - {2C7339CF-2B09-4501-B3F3-F3508C9228ED} . (.Microsoft Corporation - API de tema do Windows.) -- C:\WINDOWS\system32\themeui.dll
O40 - ASIC: Microsoft Outlook Express 6 - {44BBA840-CC51-11CF-AAFA-00AA00B6015C} . (.Microsoft Corporation - Biblioteca de instalação do Outlook Express.) -- C:\Arquivos de programas\Outlook Express\setup50.exe =>.Microsoft Corporation
O40 - ASIC: NetMeeting 3.01 - {44BBA842-CC51-11CF-AAFA-00AA00B6015B} . (...) -- C:\WINDOWS\INF\msnetmtg.inf
O40 - ASIC: Windows Messenger 4.7 - {5945c046-1e7d-11d1-bc44-00c04fd912be} . (...) -- C:\WINDOWS\INF\msmsgs.inf
O40 - ASIC: Recursos de navegação - {630b1da0-b465-11d1-9948-00c04f98bbc9} . (.Microsoft Corporation - Extensão shell da pasta FTP do Microsoft Internet Explorer.) -- C:\WINDOWS\system32\msieftp.dll
O40 - ASIC: Microsoft Windows Media Player - {6BF52A52-394A-11d3-B153-00C04F79FAA6} . (...) -- C:\WINDOWS\INF\wmp.inf =>.Microsoft Corporation
O40 - ASIC: Catálogo de endereços 6 - {7790769C-0471-11d2-AF11-00C04FA35D02} . (.Microsoft Corporation - Biblioteca de instalação do Outlook Express.) -- C:\Arquivos de programas\Outlook Express\setup50.exe =>.Microsoft Corporation
O40 - ASIC: Atualização da área de trabalho do Windows - {89820200-ECBD-11cf-8B85-00AA005B4340} . (.Microsoft Corporation - DLL comum do Shell do Windows.) -- C:\WINDOWS\system32\shell32.dll
O40 - ASIC: Internet Explorer 6 - {89820200-ECBD-11cf-8B85-00AA005B4383} . (.Microsoft Corporation - Utilitário de instalação por usuário do Internet Explorer 5.) -- C:\WINDOWS\system32\ie4uinit.exe
O40 - ASIC: (no name) - {89B4C1CD-B018-4511-B0A1-5476DBF70820} . (.Microsoft Corporation - Microsoft .NET IE SECURITY REGISTRATION.) -- C:\WINDOWS\system32\mscories.dll
O40 - ASIC: Google Chrome - {8A69D345-D564-463c-AFF1-A69D9E530F96} . (.Google Inc. - Google Chrome Installer.) -- C:\Arquivos de programas\Google\Chrome\Application\37.0.2062.124\Installer\chrmstp.exe
O40 - ASIC: Macromedia Shockwave Flash - {D27CDB6E-AE6D-11cf-96B8-444553540000} . (.Macromedia, Inc. - Flash Player 4.0 r7.) -- C:\WINDOWS\system32\MACROMED\FLASH\SWFLASH.OCX
O40 - ASIC: Installed Component - S-1-5-21-484763869-2146948623-725345543-1004 - >{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS -- Not Hexadécimal CLSID
~ Active Setup: 19 Scanned in 00mn 00s



---\\ Drivers lançados ao arranque do sistema (041)
O41 - Driver: (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\WINDOWS\system32\drivers\afd.sys
O41 - Driver: (aswKbd) . (.AVAST Software - avast! Keyboard Filter Driver.) - C:\WINDOWS\system32\drivers\aswKbd.sys
O41 - Driver: (aswRdr) . (.AVAST Software - avast! TDI Redirect Driver.) - C:\WINDOWS\system32\drivers\aswRdr.sys
O41 - Driver: (aswSnx) . (.AVAST Software - avast! Virtualization Driver.) - C:\WINDOWS\system32\drivers\aswSnx.sys
O41 - Driver: (aswSP) . (.AVAST Software - avast! self protection module.) - C:\WINDOWS\system32\drivers\aswSP.sys
O41 - Driver: (aswTdi) . (.AVAST Software - avast! TDI Filter Driver.) - C:\WINDOWS\system32\drivers\aswTdi.sys
O41 - Driver: (Cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\WINDOWS\system32\DRIVERS\cdrom.sys
O41 - Driver: (Imapi) . (.Microsoft Corporation - IMAPI Kernel Driver.) - C:\WINDOWS\system32\DRIVERS\imapi.sys
O41 - Driver: (intelppm) . (.Microsoft Corporation - Driver de dispositivo de processador.) - C:\WINDOWS\system32\DRIVERS\intelppm.sys
O41 - Driver: (IPSec) . (.Microsoft Corporation - IPSec Driver.) - C:\WINDOWS\system32\DRIVERS\ipsec.sys
O41 - Driver: (Kbdclass) . (.Microsoft Corporation - Driver de classe teclado.) - C:\WINDOWS\system32\DRIVERS\kbdclass.sys
O41 - Driver: (kbdhid) . (.Microsoft Corporation - HID Mouse Filter Driver.) - C:\WINDOWS\system32\DRIVERS\kbdhid.sys
O41 - Driver: (Mouclass) . (.Microsoft Corporation - Driver de classe modem.) - C:\WINDOWS\system32\DRIVERS\mouclass.sys
O41 - Driver: (MRxSmb) . (.Microsoft Corporation - Windows NT SMB Minirdr.) - C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
O41 - Driver: (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\WINDOWS\system32\DRIVERS\netbios.sys
O41 - Driver: (NetBT) . (.Microsoft Corporation - MBT Transport driver.) - C:\WINDOWS\system32\DRIVERS\netbt.sys
O41 - Driver: (RasAcd) . (.Microsoft Corporation - RAS Automatic Connection Driver.) - C:\WINDOWS\system32\DRIVERS\rasacd.sys
O41 - Driver: (Rdbss) . (.Microsoft Corporation - Redirected Drive Buffering SubSystem Driver.) - C:\WINDOWS\system32\DRIVERS\rdbss.sys
O41 - Driver: (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
O41 - Driver: (redbook) . (.Microsoft Corporation - Redbook Audio Filter Driver.) - C:\WINDOWS\system32\DRIVERS\redbook.sys
O41 - Driver: (Serial) . (.Microsoft Corporation - Driver de dispositivo serial.) - C:\WINDOWS\system32\DRIVERS\serial.sys
O41 - Driver: (Tcpip) . (.Microsoft Corporation - TCP/IP Protocol Driver.) - C:\WINDOWS\system32\DRIVERS\tcpip.sys
O41 - Driver: (TermDD) . (.Microsoft Corporation - Terminal Server Driver.) - C:\WINDOWS\system32\DRIVERS\termdd.sys
O41 - Driver: Controlador de vídeo VGA. (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\WINDOWS\system32\drivers\vga.sys
~ Drivers: 72 Scanned in 00mn 00s



---\\ Software instalados (042)
O42 - Logiciel: 7-Zip 9.22beta - (...) [HKLM] -- 7-Zip
O42 - Logiciel: Adobe Reader XI (11.0.08) - Português - (.Adobe Systems Incorporated.) [HKLM] -- {AC76BA86-7AD7-1046-7B44-AB0000000001}
O42 - Logiciel: Atualização para Windows XP (KB911164) - (.Microsoft Corporation.) [HKLM] -- KB911164
O42 - Logiciel: BOL MA 3.00 11.00 - (...) [HKLM] -- OnlineBible
O42 - Logiciel: CCleaner - (.Piriform.) [HKLM] -- CCleaner
O42 - Logiciel: Dropbox - (.Dropbox, Inc..) [HKCU] -- Dropbox
O42 - Logiciel: EES - Engineering Equation Solver - (.F-Chart Software.) [HKLM] -- EES - Engineering Equation Solver
O42 - Logiciel: Enciclopédia Barsa CD - (...) [HKLM] -- BarsaCD
O42 - Logiciel: Google Chrome - (.Google Inc..) [HKLM] -- Google Chrome
O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM] -- {A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
O42 - Logiciel: HP FWUpdateEDO2 - (.Hewlett-Packard.) [HKLM] -- {415FA9AD-DA10-4ABE-97B6-5051D4795C90}
O42 - Logiciel: HP Officejet Pro 8600 Ajuda - (.Hewlett Packard.) [HKLM] -- {B6F5C6D8-C443-4B55-932F-AE11B5743FC4} =>.Hewlett-Packard Co
O42 - Logiciel: HP Update - (.Hewlett-Packard.) [HKLM] -- {912D30CF-F39E-4B31-AD9A-123C6B794EE2}
O42 - Logiciel: HPDiagnosticAlert - (.Microsoft.) [HKLM] -- {846B5DED-DC8C-4E1A-B5B4-9F5B39A0CACE}
O42 - Logiciel: High Definition Audio Driver Package - KB888111 - (.Microsoft Corporation.) [HKLM] -- KB888111WXPSP2
O42 - Logiciel: I.R.I.S. OCR - (.HP.) [HKLM] -- {CA6BCA2F-EDEB-408F-850B-31404BE16A61}
O42 - Logiciel: IRPF2013 - Declaração de Ajuste Anual, Final de Espólio e Saída Definitiva - (.Receita Federal do Brasil.) [HKLM] -- IRPF2013
O42 - Logiciel: JMB36X Raid Configurer - (.JMICRON Technology Corp..) [HKLM] -- {3A1B5D40-41E9-43FA-8C7B-A8667F5586EF}
O42 - Logiciel: Java 7 Update 65 - (.Oracle.) [HKLM] -- {26A24AE4-039D-4CA4-87B4-2F03217065FF}
O42 - Logiciel: Java 8 Update 20 - (.Oracle Corporation.) [HKLM] -- {26A24AE4-039D-4CA4-87B4-2F83218020F0}
O42 - Logiciel: MSXML 6.0 Parser (KB933579) - (.Microsoft Corporation.) [HKLM] -- {0A869A65-8C94-4F7C-A5C7-972D3C8CED9E}
O42 - Logiciel: Microsoft Kernel-Mode Driver Framework Feature Pack 1.9 - (.Microsoft Corporation.) [HKLM] -- Wdf01009
O42 - Logiciel: Microsoft Silverlight - (.Microsoft Corporation.) [HKLM] -- {89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
O42 - Logiciel: NVIDIA Drivers - (...) [HKLM] -- NVIDIA Drivers
O42 - Logiciel: PC Auto Backup - (.Samsung Electronics Co,. Ltd..) [HKLM] -- InstallShield_{662548BC-3506-4843-B7AA-F44D352F76A8}
O42 - Logiciel: PC Auto Backup - (.Samsung Electronics Co,. Ltd..) [HKLM] -- {662548BC-3506-4843-B7AA-F44D352F76A8}
O42 - Logiciel: Receitanet - (.Serpro - Serviço Federal de Processamento de Dados.) [HKLM] -- ECC16E3C-16D1-4DC2-9D8A-6AC06B3005A5
O42 - Logiciel: Revo Uninstaller 1.94 - (.VS Revo Group.) [HKLM] -- Revo Uninstaller
O42 - Logiciel: Revo Uninstaller Packages - (...) [HKCU] -- Revo Uninstaller Packages
O42 - Logiciel: Samsung i-Launcher 1.0.1.54 - (.Samsung Electronics Co., Ltd..) [HKLM] -- Samsung i-Launcher
O42 - Logiciel: Software básico do dispositivo HP Officejet Pro 8600 - (.Hewlett-Packard Co..) [HKLM] -- {2E9D1D6F-E857-406D-8137-0D85440B60F9} =>.Hewlett-Packard Co
O42 - Logiciel: SoundMAX - (.Analog Devices.) [HKLM] -- {F0A37341-D692-11D4-A984-009027EC0A9C}
O42 - Logiciel: VIA Platform Device Manager - (.VIA Technologies, Inc..) [HKLM] -- InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}
O42 - Logiciel: VIA Rhine-Family Fast Ethernet Adapter - (...) [HKLM] -- VN_VUIns_Rhine_VIA
O42 - Logiciel: Vtune 5.9 - (...) [HKLM] -- Vtune_is1
O42 - Logiciel: Windows Installer 3.1 (KB893803) - (.Microsoft Corporation.) [HKLM] -- KB893803v2
O42 - Logiciel: avast! Internet Security v9.0.2021 - (.AVAST Software.) [HKLM] -- Avast
~ Logic: 52 Scanned in 00mn 00s



---\\ HKCU & HKLM Software Keys
[HKCU\Software\ASUS]
[HKCU\Software\AVAST Software]
[HKCU\Software\Adobe]
[HKCU\Software\Analog Devices]
[HKCU\Software\AppDataLow]
[HKCU\Software\Classes]
[HKCU\Software\Clients]
[HKCU\Software\Google]
[HKCU\Software\HP]
[HKCU\Software\Hewlett-Packard]
[HKCU\Software\I.R.I.S.]
[HKCU\Software\Intel]
[HKCU\Software\Iris]
[HKCU\Software\JEDI-VCL]
[HKCU\Software\JavaSoft]
[HKCU\Software\Local AppWizard-Generated Applications]
[HKCU\Software\MozillaPlugins]
[HKCU\Software\Mozilla]
[HKCU\Software\NVIDIA Corporation]
[HKCU\Software\Netscape]
[HKCU\Software\ODBC]
[HKCU\Software\Piriform]
[HKCU\Software\Policies]
[HKCU\Software\Samsung]
[HKCU\Software\TeamViewer]
[HKCU\Software\VSRevoGroup]
[HKLM\Software\ASUS]
[HKLM\Software\AVAST Software]
[HKLM\Software\Adobe]
[HKLM\Software\AdwCleaner]
[HKLM\Software\Analog Devices]
[HKLM\Software\Andrea Electronics]
[HKLM\Software\C07ft5Y]
[HKLM\Software\Cie Argentina]
[HKLM\Software\Classes]
[HKLM\Software\Clients]
[HKLM\Software\Dropbox]
[HKLM\Software\Filseclab]
[HKLM\Software\GAINWARD]
[HKLM\Software\Gemplus]
[HKLM\Software\Google]
[HKLM\Software\HP]
[HKLM\Software\Hewlett-Packard]
[HKLM\Software\I.R.I.S.]
[HKLM\Software\InstallShield]
[HKLM\Software\InstalledOptions]
[HKLM\Software\JMICRON Technology Corp.]
[HKLM\Software\JavaSoft]
[HKLM\Software\JreMetrics]
[HKLM\Software\MozillaPlugins]
[HKLM\Software\Mozilla]
[HKLM\Software\NVIDIA Corporation]
[HKLM\Software\ODBC]
[HKLM\Software\Piriform]
[HKLM\Software\Policies]
[HKLM\Software\Program Groups]
[HKLM\Software\RegisteredApplications]
[HKLM\Software\Schlumberger]
[HKLM\Software\Secure]
[HKLM\Software\Sensaura]
[HKLM\Software\Staccato]
[HKLM\Software\TeamViewer]
[HKLM\Software\TrendMicro]
[HKLM\Software\VIA Technologies, Inc]
[HKLM\Software\VN_VUIns]
[HKLM\Software\Windows 3.1 Migration Status]
[HKLM\Software\jumpshot.com]
[HKLM\Software\mozilla.org]
~ Key Software: 161 Scanned in 00mn 00s

51% a 100% de ZHP Diag2

---\\ Conteúdo das pastas Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 1/12/2013 - 23:53:10 - [] ----D C:\Arquivos de programas\7-Zip
O43 - CFD: 20/1/2014 - 21:20:12 - [] ----D C:\Arquivos de programas\Adobe
O43 - CFD: 24/6/2013 - 19:14:20 - [] ----D C:\Arquivos de programas\Analog Devices
O43 - CFD: 26/8/2014 - 20:03:05 - [] ----D C:\Arquivos de programas\Arquivos comuns
O43 - CFD: 3/1/2014 - 12:09:50 - [] ----D C:\Arquivos de programas\AVAST Software
O43 - CFD: 3/7/2013 - 16:44:04 - [] ----D C:\Arquivos de programas\Barsa CD
O43 - CFD: 15/7/2013 - 18:51:01 - [] ----D C:\Arquivos de programas\Bible
O43 - CFD: 24/6/2014 - 20:42:55 - [] ----D C:\Arquivos de programas\CCleaner
O43 - CFD: 24/6/2013 - 18:31:24 - [0] ----D C:\Arquivos de programas\ComPlus Applications
O43 - CFD: 27/5/2014 - 20:02:01 - [] ----D C:\Arquivos de programas\Dropbox
O43 - CFD: 8/6/2014 - 21:14:14 - [] ----D C:\Arquivos de programas\Google
O43 - CFD: 24/6/2013 - 19:22:00 - [] ----D C:\Arquivos de programas\HP
O43 - CFD: 23/4/2014 - 05:04:01 - [] --H-D C:\Arquivos de programas\InstallJammer Registry
O43 - CFD: 5/10/2014 - 03:13:37 - [] --H-D C:\Arquivos de programas\InstallShield Installation Information
O43 - CFD: 24/6/2013 - 21:16:51 - [] ----D C:\Arquivos de programas\Internet Explorer
O43 - CFD: 26/8/2014 - 20:01:46 - [] ----D C:\Arquivos de programas\Java
O43 - CFD: 25/9/2013 - 21:49:18 - [] ----D C:\Arquivos de programas\Longman
O43 - CFD: 24/6/2013 - 21:16:51 - [] ----D C:\Arquivos de programas\Messenger
O43 - CFD: 24/6/2013 - 18:34:47 - [] ----D C:\Arquivos de programas\microsoft frontpage
O43 - CFD: 18/6/2014 - 20:35:41 - [] ----D C:\Arquivos de programas\Microsoft IntelliPoint
O43 - CFD: 3/7/2013 - 16:43:47 - [] ----D C:\Arquivos de programas\Microsoft Office
O43 - CFD: 21/8/2013 - 20:16:16 - [] ----D C:\Arquivos de programas\Microsoft Silverlight
O43 - CFD: 3/7/2013 - 16:43:47 - [] ----D C:\Arquivos de programas\Microsoft Visual Studio
O43 - CFD: 24/6/2013 - 18:49:59 - [] ----D C:\Arquivos de programas\Microsoft Works
O43 - CFD: 24/6/2013 - 18:32:05 - [] ----D C:\Arquivos de programas\Movie Maker
O43 - CFD: 8/6/2014 - 20:38:05 - [] ----D C:\Arquivos de programas\Mozilla Firefox
O43 - CFD: 10/8/2014 - 21:11:09 - [] ----D C:\Arquivos de programas\MSECache
O43 - CFD: 24/6/2013 - 18:30:47 - [] ----D C:\Arquivos de programas\MSN Gaming Zone
O43 - CFD: 21/8/2013 - 20:07:47 - [] ----D C:\Arquivos de programas\MSXML 6.0
O43 - CFD: 24/6/2013 - 18:32:22 - [] ----D C:\Arquivos de programas\NetMeeting
O43 - CFD: 24/6/2013 - 18:32:17 - [] ----D C:\Arquivos de programas\Outlook Express =>.Microsoft Corporation
O43 - CFD: 5/10/2014 - 03:13:36 - [] ----D C:\Arquivos de programas\Samsung
O43 - CFD: 24/6/2013 - 18:33:14 - [] ----D C:\Arquivos de programas\Serviços on-line
O43 - CFD: 24/6/2013 - 18:40:03 - [0] --H-D C:\Arquivos de programas\Uninstall Information
O43 - CFD: 24/6/2013 - 19:12:44 - [] ----D C:\Arquivos de programas\VIA
O43 - CFD: 12/5/2014 - 23:22:49 - [] ----D C:\Arquivos de programas\VS Revo Group
O43 - CFD: 24/6/2013 - 18:52:26 - [] ----D C:\Arquivos de programas\Vtune
O43 - CFD: 24/6/2013 - 18:34:26 - [] ----D C:\Arquivos de programas\Windows Media Player =>.Microsoft Corporation
O43 - CFD: 24/6/2013 - 18:30:35 - [] ----D C:\Arquivos de programas\Windows NT
O43 - CFD: 24/6/2013 - 18:33:17 - [0] --H-D C:\Arquivos de programas\WindowsUpdate
O43 - CFD: 24/6/2013 - 18:34:47 - [] ----D C:\Arquivos de programas\xerox
O43 - CFD: 5/10/2014 - 03:24:48 - [] ----D C:\Arquivos de programas\ZHPDiag =>.Nicolas Coolman
O43 - CFD: 20/1/2014 - 21:20:23 - [] ----D C:\Arquivos de programas\Arquivos comuns\Adobe
O43 - CFD: 24/6/2013 - 18:49:51 - [] ----D C:\Arquivos de programas\Arquivos comuns\DESIGNER
O43 - CFD: 24/6/2013 - 19:12:34 - [] ----D C:\Arquivos de programas\Arquivos comuns\InstallShield
O43 - CFD: 26/8/2014 - 20:03:05 - [] ----D C:\Arquivos de programas\Arquivos comuns\Java
O43 - CFD: 24/6/2013 - 18:49:58 - [] ----D C:\Arquivos de programas\Arquivos comuns\Microsoft Shared
O43 - CFD: 24/6/2013 - 18:32:16 - [] ----D C:\Arquivos de programas\Arquivos comuns\MSSoap
O43 - CFD: 24/6/2013 - 15:18:42 - [] ----D C:\Arquivos de programas\Arquivos comuns\ODBC
O43 - CFD: 24/6/2013 - 18:32:21 - [] ----D C:\Arquivos de programas\Arquivos comuns\Serviços
O43 - CFD: 24/6/2013 - 15:18:39 - [] ----D C:\Arquivos de programas\Arquivos comuns\SpeechEngines
O43 - CFD: 24/6/2013 - 18:31:46 - [] ----D C:\Arquivos de programas\Arquivos comuns\System
O43 - CFD: 20/1/2014 - 21:21:40 - [] ----D C:\Documents and Settings\All Users\Dados de aplicativos\Adobe
O43 - CFD: 3/1/2014 - 12:09:32 - [] ----D C:\Documents and Settings\All Users\Dados de aplicativos\AVAST Software
O43 - CFD: 24/6/2013 - 19:21:08 - [] ----D C:\Documents and Settings\All Users\Dados de aplicativos\HP
O43 - CFD: 21/8/2013 - 20:16:22 - [] -S--D C:\Documents and Settings\All Users\Dados de aplicativos\Microsoft
O43 - CFD: 7/5/2014 - 22:23:02 - [] ----D C:\Documents and Settings\All Users\Dados de aplicativos\Microsoft Help
O43 - CFD: 13/4/2014 - 10:13:22 - [] ----D C:\Documents and Settings\All Users\Dados de aplicativos\Mozilla
O43 - CFD: 29/12/2013 - 13:58:06 - [0] ----D C:\Documents and Settings\All Users\Dados de aplicativos\nView_Profiles
O43 - CFD: 26/8/2014 - 20:02:00 - [] ----D C:\Documents and Settings\All Users\Dados de aplicativos\Oracle
O43 - CFD: 13/4/2014 - 09:14:28 - [] ----D C:\Documents and Settings\All Users\Dados de aplicativos\Sun
O43 - CFD: 5/3/2014 - 18:40:20 - [] ----D C:\Documents and Settings\Eros\Dados de aplicativos\Adobe
O43 - CFD: 9/7/2013 - 23:25:31 - [0] ----D C:\Documents and Settings\Eros\Dados de aplicativos\AdobeUM
O43 - CFD: 3/1/2014 - 12:10:35 - [] ----D C:\Documents and Settings\Eros\Dados de aplicativos\AVAST Software
O43 - CFD: 27/5/2014 - 20:02:30 - [] ----D C:\Documents and Settings\Eros\Dados de aplicativos\Dropbox
O43 - CFD: 27/5/2014 - 20:02:29 - [] ----D C:\Documents and Settings\Eros\Dados de aplicativos\DropboxMaster
O43 - CFD: 5/8/2013 - 20:20:06 - [] ----D C:\Documents and Settings\Eros\Dados de aplicativos\FastStone
O43 - CFD: 26/8/2014 - 21:16:03 - [] ----D C:\Documents and Settings\Eros\Dados de aplicativos\HpUpdate
O43 - CFD: 24/6/2013 - 18:40:04 - [] ----D C:\Documents and Settings\Eros\Dados de aplicativos\Identities
O43 - CFD: 5/10/2014 - 03:12:20 - [0] ----D C:\Documents and Settings\Eros\Dados de aplicativos\iLauncher
O43 - CFD: 5/10/2014 - 03:06:55 - [] ----D C:\Documents and Settings\Eros\Dados de aplicativos\iLinker
O43 - CFD: 25/9/2013 - 21:53:43 - [] ----D C:\Documents and Settings\Eros\Dados de aplicativos\Macromedia
O43 - CFD: 5/3/2014 - 18:40:20 - [] -S--D C:\Documents and Settings\Eros\Dados de aplicativos\Microsoft
O43 - CFD: 26/8/2014 - 20:03:02 - [] ----D C:\Documents and Settings\Eros\Dados de aplicativos\Oracle
O43 - CFD: 3/4/2014 - 03:56:57 - [0] ----D C:\Documents and Settings\Eros\Dados de aplicativos\Samsung Multimedia Viewer
O43 - CFD: 1/9/2013 - 08:42:39 - [] ----D C:\Documents and Settings\Eros\Dados de aplicativos\Sun
O43 - CFD: 28/9/2014 - 08:17:46 - [] ----D C:\Documents and Settings\Eros\Dados de aplicativos\TeamViewer
O43 - CFD: 5/10/2014 - 03:29:01 - [] ----D C:\Documents and Settings\Eros\Dados de aplicativos\ZHP =>.Nicolas Coolman
O43 - CFD: 9/7/2013 - 23:11:42 - [] ----D C:\Documents and Settings\Eros\Configurações locais\Dados de aplicativos\Adobe
O43 - CFD: 24/6/2013 - 19:19:44 - [] ----D C:\Documents and Settings\Eros\Configurações locais\Dados de aplicativos\Google
O43 - CFD: 24/6/2013 - 19:20:06 - [] ----D C:\Documents and Settings\Eros\Configurações locais\Dados de aplicativos\HP
O43 - CFD: 2/9/2013 - 22:38:14 - [] ----D C:\Documents and Settings\Eros\Configurações locais\Dados de aplicativos\Identities
O43 - CFD: 28/2/2014 - 21:00:44 - [] ----D C:\Documents and Settings\Eros\Configurações locais\Dados de aplicativos\Microsoft
O43 - CFD: 24/6/2013 - 18:48:22 - [0] ----D C:\Documents and Settings\Eros\Configurações locais\Dados de aplicativos\Microsoft Help
O43 - CFD: 13/4/2014 - 10:23:13 - [] ----D C:\Documents and Settings\Eros\Configurações locais\Dados de aplicativos\Mozilla
O43 - CFD: 13/4/2014 - 10:05:10 - [] ----D C:\Documents and Settings\Eros\Configurações locais\Dados de aplicativos\Sun
O43 - CFD: 27/5/2014 - 21:17:09 - [] ----D C:\Documents and Settings\Eros\Configurações locais\Dados de aplicativos\Temp
O43 - CFD: 24/6/2013 - 18:40:06 - [] R---D C:\Documents and Settings\Eros\Menu Iniciar\Programas\Acessórios
O43 - CFD: 27/5/2014 - 20:01:32 - [] ----D C:\Documents and Settings\Eros\Menu Iniciar\Programas\Dropbox
O43 - CFD: 21/6/2014 - 10:37:41 - [] R---D C:\Documents and Settings\Eros\Menu Iniciar\Programas\Inicializar
O43 - CFD: 25/9/2013 - 21:53:21 - [] ----D C:\Documents and Settings\Eros\Menu Iniciar\Programas\Longman
O43 - CFD: 23/4/2014 - 05:03:58 - [] ----D C:\Documents and Settings\Eros\Menu Iniciar\Programas\Programas RFB2013
O43 - CFD: 12/5/2014 - 23:22:57 - [] ----D C:\Documents and Settings\Eros\Menu Iniciar\Programas\Revo Uninstaller
~ Program Folder: 93 Scanned in 00mn 00s



---\\ Últimos ficheiros alterados ou criados no Windows e Sistema32 (044)
O44 - LFC:[MD5.7D517BBF4016399EAD021F3BA46DD91E] - 25/9/2014 - 19:50:24 ---A- . (...) -- C:\zoek-results2006-01-04-211241.log [469922]
O44 - LFC:[MD5.089F64C0A3B2D723E034D023D26A5A34] - 25/9/2014 - 19:52:15 ---A- . (...) -- C:\zoek-results2014-09-25-225215.log [4710]
O44 - LFC:[MD5.4F15ED8CA5036280930B4D5BC75BF089] - 25/9/2014 - 22:46:25 ---A- . (...) -- C:\zoek-results2014-09-26-014625.log [4991]
O44 - LFC:[MD5.09C6C3A8474BDC5DF0D151FCCDA966B0] - 26/9/2014 - 06:25:41 ---A- . (...) -- C:\zoek-results2014-09-26-092541.log [2646]
O44 - LFC:[MD5.970A764AF004C071F5AC3F2ACA030677] - 26/9/2014 - 06:36:03 ---A- . (...) -- C:\zoek-results.log [2699]
O44 - LFC:[MD5.411302BF48B1C88DD80D9A6660B3560C] - 4/10/2014 - 09:21:39 ---A- . (...) -- C:\WINDOWS\SchedLgU.Txt [32510]
O44 - LFC:[MD5.2FA58527DEC18DCE8D85013203271124] - 5/10/2014 - 02:59:25 ---A- . (...) -- C:\WINDOWS\system32\wpa.dbl [13646]
O44 - LFC:[MD5.6A2CB42966136854F4464516FBB4AE72] - 5/10/2014 - 03:01:36 -S-A- . (...) -- C:\WINDOWS\bootstat.dat [2048]
O44 - LFC:[MD5.EA652520725B8C9CEC83914B94CBB369] - 5/10/2014 - 03:01:49 ---A- . (...) -- C:\WINDOWS\wiadebug.log [159]
O44 - LFC:[MD5.BBFE268D2DD53BF599BB12267467D141] - 5/10/2014 - 03:01:50 ---A- . (...) -- C:\WINDOWS\wiaservc.log [49]
O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 5/10/2014 - 03:01:53 ---A- . (...) -- C:\WINDOWS\0.log [0]
O44 - LFC:[MD5.A7814AD2221BBC741F69FFB9259959A3] - 5/10/2014 - 03:08:04 ---A- . (...) -- C:\WINDOWS\WindowsUpdate.log [425478]
O44 - LFC:[MD5.4F78A410EABCFD9364C8B3607F4C7C5A] - 5/10/2014 - 03:08:34 ---A- . (...) -- C:\WINDOWS\system32\PerfStringBackup.INI [865986]
O44 - LFC:[MD5.D13A474FBE723EEFFF46213CD845BD4D] - 5/10/2014 - 03:08:34 ---A- . (...) -- C:\WINDOWS\system32\perfc009.dat [59668]
O44 - LFC:[MD5.A7A63643FC36BA185512D93597585116] - 5/10/2014 - 03:08:34 ---A- . (...) -- C:\WINDOWS\system32\perfc016.dat [72684]
O44 - LFC:[MD5.E2D29FE3FDEC14167DEA968BE80EA794] - 5/10/2014 - 03:08:34 ---A- . (...) -- C:\WINDOWS\system32\perfh009.dat [397196]
O44 - LFC:[MD5.43C83EF64B8D93F1868003A1470288C1] - 5/10/2014 - 03:08:34 ---A- . (...) -- C:\WINDOWS\system32\perfh016.dat [438376]
O44 - LFC:[MD5.B11473A1905DAC44C597132F3133B054] - 5/10/2014 - 03:26:40 ---A- . (...) -- C:\WINDOWS\DFC.INI [558]
~ Files: 19 Scanned in 00mn 01s



---\\ Operações e funções ao arranque do Windows Explorer (046)
O46 - SEH:ShellExecuteHooks - URL Exec Hook - {AEB6717E-7E19-11d0-97EE-00C04FD91972} - shell32.dll
~ ShellExecuteHooks: Scanned in 00mn 00s



---\\ Exportar a chave da aplicação autorizada (047)
O47 - AAKE:Key Export SP - "%windir%\system32\sessmgr.exe" [Enabled] .(.Microsoft Corporation.) -- C:\WINDOWS\system32\sessmgr.exe
O47 - AAKE:Key Export SP - "C:\Arquivos de programas\Microsoft Office\Office12\ONENOTE.EXE" [Enabled] .(.Microsoft Corporation.) -- C:\Arquivos de programas\Microsoft Office\Office12\ONENOTE.exe
O47 - AAKE:Key Export SP - "C:\Arquivos de programas\HP\HP Officejet Pro 8600\Bin\HPNetworkCommunicator.exe" [Enabled] .(.Hewlett-Packard Co..) -- C:\Arquivos de programas\HP\HP Officejet Pro 8600\Bin\HPNetworkCommunicator.exe =>.Hewlett-Packard Co
O47 - AAKE:Key Export SP - "C:\Arquivos de programas\Java\jre7\bin\javaw.exe" [Enabled] .(.Oracle Corporation.) -- C:\Arquivos de programas\Java\jre7\bin\javaw.exe
O47 - AAKE:Key Export SP - "C:\Documents and Settings\Eros\Dados de aplicativos\Dropbox\bin\Dropbox.exe" [Enabled] .(.Dropbox, Inc..) -- C:\Documents and Settings\Eros\Dados de aplicativos\Dropbox\bin\Dropbox.exe
O47 - AAKE:Key Export SP - "C:\Documents and Settings\Nadja\Dados de aplicativos\Dropbox\bin\Dropbox.exe" [Enabled] .(.Dropbox, Inc..) -- C:\Documents and Settings\Nadja\Dados de aplicativos\Dropbox\bin\Dropbox.exe
O47 - AAKE:Key Export SP - "C:\Arquivos de programas\Google\Chrome\Application\chrome.exe" [Enabled] .(.Google Inc..) -- C:\Arquivos de programas\Google\Chrome\Application\chrome.exe
O47 - AAKE:Key Export SP - "C:\Arquivos de programas\Samsung\PC Auto Backup\WiselinkPro.exe" [Enabled] .(.Samsung.) -- C:\Arquivos de programas\Samsung\PC Auto Backup\WiselinkPro.exe
O47 - AAKE:Key Export SP - "C:\Arquivos de programas\Samsung\PC Auto Backup\http_ss_win_pro.exe" [Enabled] .(.No owner.) -- C:\Arquivos de programas\Samsung\PC Auto Backup\http_ss_win_pro.exe
O47 - AAKE:Key Export DP - "%windir%\system32\sessmgr.exe" [Enabled] .(.Microsoft Corporation.) -- C:\WINDOWS\system32\sessmgr.exe
~ Keys Export: 10 Scanned in 00mn 00s



---\\ Negação do serviço (Local Security Authority) (048)
O48 - LSA:Local Security Authority Authentication Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\WINDOWS\system32\msv1_0.dll
O48 - LSA:Local Security Authority Notification Packages . (.Microsoft Corporation - Mecanismo cliente do 'Editor de configuração de segurança Windows'.) -- C:\WINDOWS\system32\scecli.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Kerberos Security Package.) -- C:\WINDOWS\system32\kerberos.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\WINDOWS\system32\msv1_0.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - TLS / SSL Security Provider.) -- C:\WINDOWS\system32\schannel.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Digest Access.) -- C:\WINDOWS\system32\wdigest.dll
~ LSA: 6 Scanned in 00mn 00s



---\\ Controlo do Modo de Segurança (CSB) (49)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\dmboot.sys . (.Microsoft Corp., Veritas Software - NT Disk Manager Startup Driver.) -- C:\WINDOWS\system32\Drivers\dmboot.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\dmio.sys . (.Microsoft Corp., Veritas Software - NT Disk Manager I/O Driver.) -- C:\WINDOWS\system32\Drivers\dmio.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\dmload.sys . (.Microsoft Corp., Veritas Software. - NT Disk Manager Startup Driver.) -- C:\WINDOWS\system32\Drivers\dmload.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sermouse.sys . (...) -- C:\WINDOWS\system32\Drivers\sermouse.sys (.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sr.sys . (.Microsoft Corporation - Driver de filtro do sistema de arquivos da restauração do sistema.) -- C:\WINDOWS\system32\Drivers\sr.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\WINDOWS\system32\Drivers\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vgasave.sys . (...) -- C:\WINDOWS\system32\Drivers\vgasave.sys (.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\Wdf01000.sys . (.Microsoft Corporation - Kernel Mode Driver Framework Runtime.) -- C:\WINDOWS\system32\Drivers\Wdf01000.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\dmboot.sys . (.Microsoft Corp., Veritas Software - NT Disk Manager Startup Driver.) -- C:\WINDOWS\system32\Drivers\dmboot.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\dmio.sys . (.Microsoft Corp., Veritas Software - NT Disk Manager I/O Driver.) -- C:\WINDOWS\system32\Drivers\dmio.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\dmload.sys . (.Microsoft Corp., Veritas Software. - NT Disk Manager Startup Driver.) -- C:\WINDOWS\system32\Drivers\dmload.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ip6fw.sys . (.Microsoft Corporation - IPv6 Windows Firewall Driver.) -- C:\WINDOWS\system32\Drivers\ip6fw.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ipnat.sys . (.Microsoft Corporation - IP Network Address Translator.) -- C:\WINDOWS\system32\Drivers\ipnat.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpcdd.sys . (.Microsoft Corporation - RDP Miniport.) -- C:\WINDOWS\system32\Drivers\rdpcdd.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpdd.sys . (...) -- C:\WINDOWS\system32\Drivers\rdpdd.sys (.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpwd.sys . (.Microsoft Corporation - RDP Terminal Stack Driver (US/Canada Only, Not for Export).) -- C:\WINDOWS\system32\Drivers\rdpwd.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sermouse.sys . (...) -- C:\WINDOWS\system32\Drivers\sermouse.sys (.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sr.sys . (.Microsoft Corporation - Driver de filtro do sistema de arquivos da restauração do sistema.) -- C:\WINDOWS\system32\Drivers\sr.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\tdpipe.sys . (.Microsoft Corporation - Named Pipe Transport Driver.) -- C:\WINDOWS\system32\Drivers\tdpipe.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\tdtcp.sys . (.Microsoft Corporation - TCP Transport Driver.) -- C:\WINDOWS\system32\Drivers\tdtcp.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\WINDOWS\system32\Drivers\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vgasave.sys . (...) -- C:\WINDOWS\system32\Drivers\vgasave.sys (.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\Wdf01000.sys . (.Microsoft Corporation - Kernel Mode Driver Framework Runtime.) -- C:\WINDOWS\system32\Drivers\Wdf01000.sys
~ CSB: 23 Scanned in 00mn 00s



---\\ Image File Execution Options (IFEO) (O50)
O50 - IFEO:Image File Execution Options - Your Image File Name Here without a path - ntsd -d
~ IFEO: Scanned in 00mn 00s



---\\ Chave do registo Shell MountPoints2 (MPKS) (O51)
O51 - MPSK:{61ae5d0d-100a-11e3-8aba-000000000010}\AutoRun\command. (...) -- F:\urDrive.exe (.not file.)
O51 - MPSK:{b1e6dc8e-bafc-11e3-8c96-000000000010}\AutoRun\command. (...) -- F:\iLinker.exe (.not file.)
~ Keys: Scanned in 00mn 00s



---\\ Pesquisa de infeções nos drivers (HKLM)(TDSD) (O52)
O52 - TDSD: \Drivers32\"msacm.trspch"="tssoft32.acm" . (.DSP GROUP, INC. - Codec de áudio DSP Group TrueSpeech(TM) para MSACM V3.50.) -- C:\WINDOWS\system32\tssoft32.acm
O52 - TDSD: \Drivers32\"vidc.cvid"="iccvid.dll" . (.Radius Inc. - Cinepak® Codec.) -- C:\WINDOWS\system32\iccvid.dll
O52 - TDSD: \Drivers32\"vidc.iv31"="ir32_32.dll" . (...) -- C:\WINDOWS\system32\ir32_32.dll
O52 - TDSD: \Drivers32\"vidc.iv32"="ir32_32.dll" . (...) -- C:\WINDOWS\system32\ir32_32.dll
O52 - TDSD: \Drivers32\"vidc.iv41"="ir41_32.ax" . (.Intel Corporation - Intel Indeo® Video 4.5.) -- C:\WINDOWS\system32\ir41_32.ax
O52 - TDSD: \Drivers32\"msacm.sl_anet"="sl_anet.acm" . (.Sipro Lab Telecom Inc. - Audio codec for MS ACM.) -- C:\WINDOWS\system32\sl_anet.acm
O52 - TDSD: \Drivers32\"msacm.iac2"="C:\WINDOWS\system32\iac25_32.ax" . (.Intel Corporation - Indeo® audio software.) -- C:\WINDOWS\system32\iac25_32.ax
O52 - TDSD: \Drivers32\"vidc.iv50"="ir50_32.dll" . (.Intel Corporation - Intel Indeo® video 5.10.) -- C:\WINDOWS\system32\ir50_32.dll
O52 - TDSD: \Drivers32\"msacm.l3acm"="C:\WINDOWS\system32\l3codeca.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\WINDOWS\system32\l3codeca.acm
O52 - TDSD: \drivers.desc\"sl_anet.acm"="Sipro Lab Telecom Audio Codec" . (.Sipro Lab Telecom Inc. - Audio codec for MS ACM.) -- C:\WINDOWS\system32\sl_anet.acm
O52 - TDSD: \drivers.desc\"C:\WINDOWS\system32\iac25_32.ax"="Indeo® audio software" . (.Intel Corporation - Indeo® audio software.) -- C:\WINDOWS\system32\iac25_32.ax
O52 - TDSD: \drivers.desc\"C:\WINDOWS\system32\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\WINDOWS\system32\l3codeca.acm
~ TDSD: 12 Scanned in 00mn 00s



---\\ Enumeração das chaves do registo SecurityProviders (MCSP) (O54)
O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - Cliente DPA para plataformas de 32 bits.) -- C:\WINDOWS\system32\msapsspc.dll
O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - TLS / SSL Security Provider.) -- C:\WINDOWS\system32\schannel.dll
O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - Digest SSPI Authentication Package.) -- C:\WINDOWS\system32\digest.dll
O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - Cliente DPA para plataformas de 32 bits.) -- C:\WINDOWS\system32\msapsspc.dll
O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - TLS / SSL Security Provider.) -- C:\WINDOWS\system32\schannel.dll
O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - Digest SSPI Authentication Package.) -- C:\WINDOWS\system32\digest.dll
~ MSCP: 6 Scanned in 00mn 00s



---\\ Enumeração das chaves do registo PoliciesSystem (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"=0
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"=0
O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1
O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1
O55 - MWPS:[HKCU\...\Policies\System] - "DisableRegistryTools"=0
O55 - MWPS:[HKCU\...\Policies\System] - "DisableTaskMgr"=0
~ MWPS: 7 Scanned in 00mn 00s



---\\ Enumeração das chaves do registo PoliciesExplorer (MWPE) (O56)
O56 - MWPE:[HKCU\...\policies\Explorer] - "NoDriveTypeAutoRun"=145
O56 - MWPE:[HKCU\...\policies\Explorer] - "NoInstrumentation"=1
~ MWPE Keys: 2 Scanned in 00mn 00s



---\\ Lista dos drivers do sistema (SDL) (O58)
O58 - SDL:5/10/2005 - 14:21:10 R--A- . (.Analog Devices, Inc. - High Definition Audio Function Driver(Release Candidate 1).) -- C:\WINDOWS\system32\Drivers\ADIHdAud.sys [141312]
O58 - SDL:4/3/2005 - 17:53:00 R--A- . (.Andrea Electronics Corporation - Andrea Audio Noise Cancellation Driver.) -- C:\WINDOWS\system32\Drivers\aeaudio.sys [127872]
O58 - SDL:3/8/2004 - 23:07:44 ----- . (.Advanced Micro Devices, Inc. - AMD Win2000 AGP Filter.) -- C:\WINDOWS\system32\Drivers\amdagp.sys [43008]
O58 - SDL:12/8/2004 - 23:56:20 R--A- . (.No owner - ATK0110 ACPI Utility.) -- C:\WINDOWS\system32\Drivers\ASACPI.sys [5810]
O58 - SDL:27/4/2004 - 12:26:48 ---A- . (...) -- C:\WINDOWS\system32\Drivers\ASUSHWIO.SYS [5824]
O58 - SDL:14/7/2014 - 18:00:37 ---A- . (...) -- C:\WINDOWS\system32\Drivers\aswHwid.sys [24184] =>.ALWIL Software
O58 - SDL:14/7/2014 - 18:00:29 ---A- . (.AVAST Software - avast! Keyboard Filter Driver.) -- C:\WINDOWS\system32\Drivers\aswKbd.sys [26136]
O58 - SDL:14/7/2014 - 18:00:37 ---A- . (.AVAST Software - avast! File System Minifilter for Windows 2003/Vista.) -- C:\WINDOWS\system32\Drivers\aswmonflt.sys [67824]
O58 - SDL:27/5/2014 - 19:44:56 ---A- . (.ALWIL Software - avast! Filtering NDIS driver.) -- C:\WINDOWS\system32\Drivers\aswNdis.sys [12112]
O58 - SDL:14/7/2014 - 18:00:26 ---A- . (.AVAST Software - avast! Filtering NDIS driver.) -- C:\WINDOWS\system32\Drivers\aswNdis2.sys [252872]
O58 - SDL:14/7/2014 - 18:00:37 ---A- . (.AVAST Software - avast! TDI Redirect Driver.) -- C:\WINDOWS\system32\Drivers\aswrdr.sys [55112]
O58 - SDL:14/7/2014 - 18:00:38 ---A- . (...) -- C:\WINDOWS\system32\Drivers\aswRvrt.sys [49944] =>.ALWIL Software
O58 - SDL:14/7/2014 - 18:00:38 ---A- . (.AVAST Software - avast! Virtualization Driver.) -- C:\WINDOWS\system32\Drivers\aswsnx.sys [779536]
O58 - SDL:14/7/2014 - 18:01:01 ---A- . (.AVAST Software - avast! self protection module.) -- C:\WINDOWS\system32\Drivers\aswsp.sys [414520]
O58 - SDL:14/7/2014 - 18:00:38 ---A- . (.AVAST Software - avast! TDI Filter Driver.) -- C:\WINDOWS\system32\Drivers\aswTdi.sys [57800]
O58 - SDL:14/7/2014 - 18:00:38 ---A- . (...) -- C:\WINDOWS\system32\Drivers\aswVmm.sys [192352] =>.ALWIL Software
O58 - SDL:3/8/2004 - 22:29:30 ----- . (.ATI Technologies Inc. - ATI WDM BT829 MiniDriver (A).) -- C:\WINDOWS\system32\Drivers\ati1btxx.sys [56623]
O58 - SDL:3/8/2004 - 22:29:30 ----- . (.ATI Technologies Inc. - ATI Specialized MVD VBI Codec.) -- C:\WINDOWS\system32\Drivers\ati1mdxx.sys [11615]
O58 - SDL:3/8/2004 - 22:29:30 ----- . (.ATI Technologies Inc. - ATI Specialized PCD VBI Codec.) -- C:\WINDOWS\system32\Drivers\ati1pdxx.sys [12047]
O58 - SDL:3/8/2004 - 22:29:32 ----- . (.ATI Technologies Inc. - ATI Rage Theater Audio WDM Minidriver.) -- C:\WINDOWS\system32\Drivers\ati1raxx.sys [30671]
O58 - SDL:3/8/2004 - 22:29:32 ----- . (.ATI Technologies Inc. - ATI WDM Rage Theater MiniDriver.) -- C:\WINDOWS\system32\Drivers\ati1rvxx.sys [63663]
O58 - SDL:3/8/2004 - 22:29:32 ----- . (.ATI Technologies Inc. - ATI WDM TV Sound MiniDriver.) -- C:\WINDOWS\system32\Drivers\ati1snxx.sys [26367]
O58 - SDL:3/8/2004 - 22:29:32 ----- . (.ATI Technologies Inc. - ATI WDM Teletext Decoder.) -- C:\WINDOWS\system32\Drivers\ati1ttxx.sys [21343]
O58 - SDL:3/8/2004 - 22:29:32 ----- . (.ATI Technologies Inc. - ATI WDM TVTuner MiniDriver.) -- C:\WINDOWS\system32\Drivers\ati1tuxx.sys [36463]
O58 - SDL:3/8/2004 - 22:29:32 ----- . (.ATI Technologies Inc. - ATI WDM CrossBar MiniDriver.) -- C:\WINDOWS\system32\Drivers\ati1xbxx.sys [29455]
O58 - SDL:3/8/2004 - 22:29:32 ----- . (.ATI Technologies Inc. - ATI WDM TVAUDIO_CrossBar MiniDriver.) -- C:\WINDOWS\system32\Drivers\ati1xsxx.sys [34735]
O58 - SDL:4/8/2004 - 00:36:02 ----- . (.ATI Technologies Inc. - ATI RAGE 128 Miniport Driver.) -- C:\WINDOWS\system32\Drivers\ati2mtaa.sys [327040]
O58 - SDL:4/8/2004 - 00:36:02 ----- . (.ATI Technologies Inc. - ATI RAGE 128 Miniport Driver.) -- C:\WINDOWS\system32\Drivers\ati2mtag.sys [701440]
O58 - SDL:3/8/2004 - 22:29:28 ----- . (.ATI Technologies Inc. - ATI WDM BT829 MiniDriver (A).) -- C:\WINDOWS\system32\Drivers\atinbtxx.sys [57856]
O58 - SDL:3/8/2004 - 22:29:30 ----- . (.ATI Technologies Inc. - ATI Specialized MVD VBI Codec RT2.) -- C:\WINDOWS\system32\Drivers\atinmdxx.sys [13824]
O58 - SDL:3/8/2004 - 22:29:30 ----- . (.ATI Technologies Inc. - ATI Specialized PCD VBI Codec RT2.) -- C:\WINDOWS\system32\Drivers\atinpdxx.sys [14336]
O58 - SDL:3/8/2004 - 22:29:30 ----- . (.ATI Technologies Inc. - ATI Rage Theater Audio WDM Minidriver.) -- C:\WINDOWS\system32\Drivers\atinraxx.sys [52224]
O58 - SDL:3/8/2004 - 22:29:32 ----- . (.ATI Technologies Inc. - ATI WDM Rage Theater MiniDriver RT2.) -- C:\WINDOWS\system32\Drivers\atinrvxx.sys [104960]
O58 - SDL:3/8/2004 - 22:29:32 ----- . (.ATI Technologies Inc. - ATI WDM TV Sound MiniDriver.) -- C:\WINDOWS\system32\Drivers\atinsnxx.sys [28672]
O58 - SDL:3/8/2004 - 22:29:32 ----- . (.ATI Technologies Inc. - ATI WDM Teletext Decoder.) -- C:\WINDOWS\system32\Drivers\atinttxx.sys [13824]
O58 - SDL:3/8/2004 - 22:29:32 ----- . (.ATI Technologies Inc. - ATI WDM TVTuner MiniDriver.) -- C:\WINDOWS\system32\Drivers\atintuxx.sys [73216]
O58 - SDL:3/8/2004 - 22:29:32 ----- . (.ATI Technologies Inc. - ATI WDM CrossBar MiniDriver.) -- C:\WINDOWS\system32\Drivers\atinxbxx.sys [31744]
O58 - SDL:3/8/2004 - 22:29:32 ----- . (.ATI Technologies Inc. - ATI WDM TVAUDIO_CrossBar MiniDriver RT2.) -- C:\WINDOWS\system32\Drivers\atinxsxx.sys [63488]
O58 - SDL:2/3/2006 - 09:00:00 ---A- . (.RAVISENT Technologies Inc. - CineMaster C 1.2 WDM Main Driver.) -- C:\WINDOWS\system32\Drivers\cinemst2.sys [262528]
O58 - SDL:2/3/2006 - 09:00:00 ---A- . (.Compaq Computer Corporation - Compaq PA-1 Player Driver.) -- C:\WINDOWS\system32\Drivers\cpqdap01.sys [11776]
O58 - SDL:2/3/2006 - 09:00:00 ---A- . (.Microsoft Corp., Veritas Software - NT Disk Manager Startup Driver.) -- C:\WINDOWS\system32\Drivers\dmboot.sys [800000]
O58 - SDL:2/3/2006 - 09:00:00 ---A- . (.Microsoft Corp., Veritas Software - NT Disk Manager I/O Driver.) -- C:\WINDOWS\system32\Drivers\dmio.sys [153984]
O58 - SDL:2/3/2006 - 09:00:00 ---A- . (.Microsoft Corp., Veritas Software. - NT Disk Manager Startup Driver.) -- C:\WINDOWS\system32\Drivers\dmload.sys [5888]
O58 - SDL:17/8/2001 - 17:13:08 ---A- . (.VIA Technologies, Inc. - NDIS 5.0 miniport driver.) -- C:\WINDOWS\system32\Drivers\fetnd5.sys [27165]
O58 - SDL:17/10/2005 - 19:48:14 ---A- . (.VIA Technologies, Inc. - NDIS 5.0 miniport driver.) -- C:\WINDOWS\system32\Drivers\fetnd5bv.sys [42496]
O58 - SDL:27/10/2004 - 15:21:36 ----- . (.Windows (R) Server 2003 DDK provider - High Definition Audio Bus Driver v1.0a.) -- C:\WINDOWS\system32\Drivers\Hdaudbus.sys [138240]
O58 - SDL:27/10/2004 - 15:21:30 ----- . (.Windows (R) Server 2003 DDK provider - High Definition Audio Function Driver v1.0a.) -- C:\WINDOWS\system32\Drivers\Hdaudio.sys [145920]
O58 - SDL:3/8/2004 - 22:41:48 ----- . (.Conexant Systems, Inc. - HSF_HWB2 WDM driver.) -- C:\WINDOWS\system32\Drivers\hsfbs2s2.sys [220032]
O58 - SDL:3/8/2004 - 22:41:50 ----- . (.Conexant Systems, Inc. - HSF_CNXT driver.) -- C:\WINDOWS\system32\Drivers\hsfcxts2.sys [685056]
O58 - SDL:3/8/2004 - 22:41:56 ----- . (.Conexant Systems, Inc. - HSF_DP driver.) -- C:\WINDOWS\system32\Drivers\hsfdpsp2.sys [1041536]
O58 - SDL:7/2/2006 - 08:52:58 R--A- . (.JMicron - SCSI Port upper filter driver.) -- C:\WINDOWS\system32\Drivers\JGOGO.sys [6912]
O58 - SDL:20/7/2006 - 10:39:24 R--A- . (.JMicron Technology Corp. - JMicron JR036X RAID Driver.) -- C:\WINDOWS\system32\Drivers\jraid.sys [41728]
O58 - SDL:3/8/2004 - 22:41:56 ----- . (.Conexant - Diagnostic Interface DRIVER.) -- C:\WINDOWS\system32\Drivers\mdmxsdk.sys [11868]
O58 - SDL:3/8/2004 - 22:41:40 ----- . (.Smart Link - No Comment.) -- C:\WINDOWS\system32\Drivers\mtlmnt5.sys [126686]
O58 - SDL:3/8/2004 - 22:41:38 ----- . (.Smart Link - No Comment.) -- C:\WINDOWS\system32\Drivers\mtlstrm.sys [1309184]
O58 - SDL:3/8/2004 - 22:29:38 ----- . (.Matrox Graphics Inc. - Matrox Parhelia Miniport Driver.) -- C:\WINDOWS\system32\Drivers\mtxparhm.sys [452736]
O58 - SDL:2/3/2006 - 09:00:00 ---A- . (.S3/Diamond Multimedia Systems - NikeDrv Usb Driver.) -- C:\WINDOWS\system32\Drivers\nikedrv.sys [12032]
O58 - SDL:3/8/2004 - 22:41:40 ----- . (.Smart Link - No Comment.) -- C:\WINDOWS\system32\Drivers\ntmtlfax.sys [180360]
O58 - SDL:28/11/2007 - 05:02:10 ---A- . (.NVIDIA Corporation - NVIDIA Compatible Windows 2000 Miniport Driver, Version 169.06.) -- C:\WINDOWS\system32\Drivers\nv4_mini.sys [7429088]
O58 - SDL:2/3/2006 - 09:00:00 ---A- . (.Parallel Technologies, Inc. - Parallel Technologies DirectParallel IO Library.) -- C:\WINDOWS\system32\Drivers\ptilink.sys [17792]
O58 - SDL:3/8/2004 - 22:41:40 ----- . (.Smart Link - No Comment.) -- C:\WINDOWS\system32\Drivers\recagent.sys [13776]
O58 - SDL:2/3/2006 - 09:00:00 ---A- . (.S3/Diamond Multimedia Systems - Rio8Drv.sys Usb Driver.) -- C:\WINDOWS\system32\Drivers\rio8drv.sys [12032]
O58 - SDL:2/3/2006 - 09:00:00 ---A- . (.S3/Diamond Multimedia Systems - RioDrv Usb Driver.) -- C:\WINDOWS\system32\Drivers\riodrv.sys [12032]
O58 - SDL:3/8/2004 - 22:29:52 ----- . (.S3 Graphics, Inc. - S3 ProSavage(DDR) & Twister Miniport Driver.) -- C:\WINDOWS\system32\Drivers\s3gnbm.sys [166912]
O58 - SDL:2/3/2006 - 09:00:00 ---A- . (...) -- C:\WINDOWS\system32\Drivers\secdrv.sys [27440]
O58 - SDL:11/8/2005 - 10:49:28 R--A- . (.Sensaura - Sensaura WDM 3D Audio Driver.) -- C:\WINDOWS\system32\Drivers\senfilt.sys [393088]
O58 - SDL:3/8/2004 - 23:07:44 ----- . (.Silicon Integrated Systems Corporation - SiS NT AGP Filter.) -- C:\WINDOWS\system32\Drivers\sisagp.sys [41088]
O58 - SDL:3/8/2004 - 22:41:42 ----- . (.Smart Link - No Comment.) -- C:\WINDOWS\system32\Drivers\slnt7554.sys [129535]
O58 - SDL:3/8/2004 - 22:41:44 ----- . (.Smart Link - No Comment.) -- C:\WINDOWS\system32\Drivers\slntamr.sys [404990]
O58 - SDL:3/8/2004 - 22:41:46 ----- . (.Smart Link - No Comment.) -- C:\WINDOWS\system32\Drivers\slnthal.sys [95424]
O58 - SDL:3/8/2004 - 22:41:46 ----- . (.Smart Link - No Comment.) -- C:\WINDOWS\system32\Drivers\slwdmsup.sys [13240]
O58 - SDL:16/3/2007 - 10:11:38 ---A- . (.Windows (R) 2000 DDK provider - Display Control Program.) -- C:\WINDOWS\system32\Drivers\TBPanel.sys [12256]
O58 - SDL:2/3/2006 - 09:00:00 ---A- . (.Toshiba Corporation - WDM Toshiba Tecra Video Capture Driver.) -- C:\WINDOWS\system32\Drivers\tsbvcap.sys [21376]
O58 - SDL:2/3/2006 - 09:00:00 ---A- . (.RAVISENT Technologies Inc. - CineMaster C WDM DVD Minidriver.) -- C:\WINDOWS\system32\Drivers\vdmindvd.sys [58112]
O58 - SDL:23/2/2006 - 00:38:32 R--A- . (.VIA Technologies, Inc. - VIA Generic PCI IDE Bus Driver.) -- C:\WINDOWS\system32\Drivers\videX32.sys [9728]
O58 - SDL:3/8/2004 - 22:29:40 ----- . (.Intel(R) Corporation - Digital Display Minidriver for Intel(R) Graphics Driver.) -- C:\WINDOWS\system32\Drivers\wadv07nt.sys [11807]
O58 - SDL:3/8/2004 - 22:29:40 ----- . (.Intel(R) Corporation - Digital Display Minidriver for Intel(R) Graphics Driver.) -- C:\WINDOWS\system32\Drivers\wadv08nt.sys [11295]
O58 - SDL:3/8/2004 - 22:29:42 ----- . (.Intel(R) Corporation - Digital Display Minidriver for Intel(R) Graphics Driver.) -- C:\WINDOWS\system32\Drivers\wadv09nt.sys [11871]
O58 - SDL:3/8/2004 - 22:29:42 ----- . (.Intel(R) Corporation - Digital Display Minidriver for Intel(R) Graphics Driver.) -- C:\WINDOWS\system32\Drivers\wadv11nt.sys [11935]
O58 - SDL:3/8/2004 - 22:29:46 ----- . (.Intel(R) Corporation - Digital Display Minidriver for Intel(R) Graphics Driver.) -- C:\WINDOWS\system32\Drivers\watv06nt.sys [22271]
O58 - SDL:3/8/2004 - 22:29:46 ----- . (.Intel(R) Corporation - Digital Display Minidriver for Intel(R) Graphics Driver.) -- C:\WINDOWS\system32\Drivers\watv10nt.sys [25471]
O58 - SDL:23/2/2006 - 00:39:06 R--A- . (.VIA Technologies,Inc - ATA/ATAPI devices hot-plug monitor.) -- C:\WINDOWS\system32\Drivers\xfilt.sys [11264]
O58 - SDL:2/3/2006 - 09:00:00 ---A- . (...) -- C:\WINDOWS\system32\ansi.sys [9032]
O58 - SDL:2/3/2006 - 09:00:00 ---A- . (...) -- C:\WINDOWS\system32\country.sys [27097]
O58 - SDL:2/3/2006 - 09:00:00 ---A- . (...) -- C:\WINDOWS\system32\himem.sys [4896]
O58 - SDL:2/3/2006 - 09:00:00 ---A- . (...) -- C:\WINDOWS\system32\key01.sys [42809]
O58 - SDL:2/3/2006 - 09:00:00 ---A- . (...) -- C:\WINDOWS\system32\keyboard.sys [42537]
O58 - SDL:2/3/2006 - 09:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntdos.sys [27900]
O58 - SDL:2/3/2006 - 09:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntdos404.sys [29146]
O58 - SDL:2/3/2006 - 09:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntdos411.sys [29370]
O58 - SDL:2/3/2006 - 09:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntdos412.sys [29274]
O58 - SDL:2/3/2006 - 09:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntdos804.sys [29146]
O58 - SDL:2/3/2006 - 09:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntio.sys [33984]
O58 - SDL:2/3/2006 - 09:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntio404.sys [34560]
O58 - SDL:2/3/2006 - 09:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntio411.sys [35648]
O58 - SDL:2/3/2006 - 09:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntio412.sys [35424]
O58 - SDL:2/3/2006 - 09:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntio804.sys [34560]
~ Drivers: 97 Scanned in 00mn 01s



---\\ Últimos ficheiros alterados ou criados (Utilizador) (061)
O61 - LFC: 28/9/2014 - 03:29:11 ---A- . (.TeamViewer.) -- C:\Documents and Settings\Eros\Meus documentos\Downloads\TeamViewerQS_pt.exe [4971592]
O61 - LFC: 5/10/2014 - 03:29:11 ---A- . (.Nicolas Coolman.) -- C:\Documents and Settings\Eros\Meus documentos\Downloads\ZHPDiag2 (1).exe [6860552] =>.Nicolas Coolman
O61 - LFC: 5/10/2014 - 03:29:11 ---A- . (.Nicolas Coolman.) -- C:\Documents and Settings\Eros\Meus documentos\Downloads\ZHPDiag2.exe [6860008] =>.Nicolas Coolman
O61 - LFC: 5/10/2014 - 03:29:11 ---A- . (.Samsung Electronics Co,. Ltd..) -- C:\Documents and Settings\Eros\Dados de aplicativos\iLinker\PC_Auto_Backup.exe [33598057]
~ 88 Fichiers cookies (Cookies files)
~ Files: 4 Scanned in 00mn 00s



---\\ Lista das ferramentas de remoção de vírus (LAT) (063)
O63 - Logiciel: ZHPDiag 2014 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =>.Nicolas Coolman
~ ADS: Scanned in 00mn 00s



---\\ Lista dos serviços Legacy du registo (064)
O64 - Services: CurCS - 14/7/2014 - C:\WINDOWS\system32\drivers\aswHwid.sys (aswHwid) .(...) - LEGACY_ASWHWID
O64 - Services: CurCS - 14/7/2014 - C:\WINDOWS\system32\drivers\aswMonFlt.sys (aswMonFlt) .(.AVAST Software - avast! File System Minifilter for Windows 2.) - LEGACY_ASWMONFLT
O64 - Services: CurCS - 14/7/2014 - C:\WINDOWS\system32\Drivers\aswNdis2.sys (aswNdis2) .(.AVAST Software - avast! Filtering NDIS driver.) - LEGACY_ASWNDIS2
O64 - Services: CurCS - 14/7/2014 - C:\WINDOWS\system32\drivers\aswRdr.sys (aswRdr) .(.AVAST Software - avast! TDI Redirect Driver.) - LEGACY_ASWRDR
O64 - Services: CurCS - 14/7/2014 - C:\WINDOWS\system32\Drivers\aswRvrt.sys (aswRvrt) .(...) - LEGACY_ASWRVRT
O64 - Services: CurCS - 14/7/2014 - C:\WINDOWS\system32\drivers\aswSnx.sys (aswSnx) .(.AVAST Software - avast! Virtualization Driver.) - LEGACY_ASWSNX
O64 - Services: CurCS - 14/7/2014 - C:\WINDOWS\system32\drivers\aswSP.sys (aswSP) .(.AVAST Software - avast! self protection module.) - LEGACY_ASWSP
O64 - Services: CurCS - 14/7/2014 - C:\WINDOWS\system32\drivers\aswTdi.sys (aswTdi) .(.AVAST Software - avast! TDI Filter Driver.) - LEGACY_ASWTDI
O64 - Services: CurCS - 14/7/2014 - C:\WINDOWS\system32\Drivers\aswVmm.sys (aswVmm) .(...) - LEGACY_ASWVMM
O64 - Services: CurCS - 14/7/2014 - C:\Arquivos de programas\AVAST Software\Avast\AvastSvc.exe (avast! Antivirus) .(.AVAST Software - avast! Service.) - LEGACY_AVAST!_ANTIVIRUS
O64 - Services: CurCS - 14/7/2014 - C:\Arquivos de programas\AVAST Software\Avast\afwServ.exe (avast! Firewall) .(.AVAST Software - avast! firewall service.) - LEGACY_AVAST!_FIREWALL
O64 - Services: CurCS - 2/8/2014 - C:\Arquivos de programas\Java\jre7\bin\jqs.exe (JavaQuickStarterService) .(.Oracle Corporation - Java Quick Starter Service.) - LEGACY_JAVAQUICKSTARTERSERVICE
O64 - Services: CurCS - 28/11/2007 - C:\WINDOWS\system32\nvsvc32.exe (NVSvc) .(.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 169.0.) - LEGACY_NVSVC
O64 - Services: CurCS - 18/2/2013 - C:\Arquivos de programas\Samsung\PC Auto Backup\WiselinkPro.exe (WiselinkPro) .(.Samsung - WiselinkPro.) - LEGACY_WISELINKPRO
~ Legacy: 119 Scanned in 00mn 00s



---\\ Associações Shell Spawning (O67)
O67 - Shell Spawning: <.bat> <batfile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.cpl> <cplfile>[HKLM\..\cplopen\Command] (.Microsoft Corporation - DLL comum do Shell do Windows.) -- C:\WINDOWS\system32\shell32.dll
O67 - Shell Spawning: <.cmd> <cmdfile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.com> <comfile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.exe> <exefile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.html> <htmlfile>[HKLM\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Arquivos de programas\Internet Explorer\iexplore.exe
O67 - Shell Spawning: <.js> <JSFile>[HKLM\..\open\Command] (.Microsoft Corporation - Microsoft (r) Windows Based Script Host.) -- C:\WINDOWS\system32\WScript.exe
O67 - Shell Spawning: <.reg> <regfile>[HKLM\..\open\Command] (.Microsoft Corporation - Editor do Registro.) -- C:\WINDOWS\regedit.exe
O67 - Shell Spawning: <.scr> <scrfile>[HKLM\..\open\Command] (...) -- "%1" /S
O67 - Shell Spawning: <.html> <ChromeHTML>[HKCU\..\open\Command] (.Not Key.)
~ FASS Keys: 10 Scanned in 00mn 00s



---\\ Menu de inicialização Internet (068)
O68 - StartMenuInternet: <chrome.exe> <>[HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Arquivos de programas\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: <Google Chrome> <Google Chrome>[HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Arquivos de programas\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Arquivos de programas\Internet Explorer\iexplore.exe
~ Keys: Scanned in 00mn 00s



---\\ Pesquisa de infeção nos navegadores da Internet (SBI) (069)
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} [DefaultScope] - (Bing) - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O69 - SBI: SearchScopes [HKCU] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} - (Google) - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
~ Keys: Scanned in 00mn 00s



---\\ Listagem dos serviços iniciados pelo Svchost (SSS) (O83)
O83 - Search Svchost Services: AppMgmt (AppMgmt) . (...) -- C:\WINDOWS\system32\appmgmts.dll [0]
O83 - Search Svchost Services: AudioSrv (AudioSrv) . (.Microsoft Corporation - Windows Audio Service.) -- C:\WINDOWS\system32\audiosrv.dll [42496]
O83 - Search Svchost Services: Browser (Browser) . (.Microsoft Corporation - Computer Browser Service DLL.) -- C:\WINDOWS\system32\browser.dll [77312]
O83 - Search Svchost Services: CryptSvc (CryptSvc) . (.Microsoft Corporation - Cryptographic Services.) -- C:\WINDOWS\system32\cryptsvc.dll [60416]
O83 - Search Svchost Services: DMServer (DMServer) . (.Microsoft Corp. - Dll do serviço do Gerenciador de discos lógicos.) -- C:\WINDOWS\system32\dmserver.dll [23552]
O83 - Search Svchost Services: DHCP (DHCP) . (.Microsoft Corporation - Serviço do Cliente DHCP.) -- C:\WINDOWS\system32\dhcpcsvc.dll [111104]
O83 - Search Svchost Services: ERSvc (ERSvc) . (.Microsoft Corporation - Windows Error Reporting Service.) -- C:\WINDOWS\system32\ersvc.dll [23040]
O83 - Search Svchost Services: EventSystem (EventSystem) . (.Microsoft Corporation - No Comment.) -- C:\WINDOWS\system32\es.dll [243200]
O83 - Search Svchost Services: FastUserSwitchingCompatibility (FastUserSwitchingCompatibility) . (.Microsoft Corporation - DLL de serviços do Shell do Windows.) -- C:\WINDOWS\system32\shsvcs.dll [134656]
O83 - Search Svchost Services: HidServ (HidServ) . (.Microsoft Corporation - HID Audio Service.) -- C:\WINDOWS\system32\hidserv.dll [21504]
O83 - Search Svchost Services: LanmanServer (LanmanServer) . (.Microsoft Corporation - Server Service DLL.) -- C:\WINDOWS\system32\srvsvc.dll [96768]
O83 - Search Svchost Services: LanmanWorkstation (LanmanWorkstation) . (.Microsoft Corporation - Workstation Service DLL.) -- C:\WINDOWS\system32\wkssvc.dll [132096]
O83 - Search Svchost Services: Messenger (Messenger) . (.Microsoft Corporation - NT Messenger Service.) -- C:\WINDOWS\system32\msgsvc.dll [33792]
O83 - Search Svchost Services: Netman (Netman) . (.Microsoft Corporation - Gerenciador de conexões de rede.) -- C:\WINDOWS\system32\netman.dll [198144]
O83 - Search Svchost Services: Nla (Nla) . (.Microsoft Corporation - Fornecedor de serviços do Microsoft Windows Sockets 2.0.) -- C:\WINDOWS\system32\mswsock.dll [247808]
O83 - Search Svchost Services: Ntmssvc (Ntmssvc) . (.Microsoft Corporation - Gerenciador de armazenamento removível.) -- C:\WINDOWS\system32\ntmssvc.dll [437248]
O83 - Search Svchost Services: Rasauto (Rasauto) . (.Microsoft Corporation - Remote Access AutoDial Manager.) -- C:\WINDOWS\system32\rasauto.dll [89088]
O83 - Search Svchost Services: Rasman (Rasman) . (.Microsoft Corporation - Remote Access Connection Manager.) -- C:\WINDOWS\system32\rasmans.dll [174080]
O83 - Search Svchost Services: Remoteaccess (Remoteaccess) . (.Microsoft Corporation - Dynamic Interface Manager.) -- C:\WINDOWS\system32\mprdim.dll [49152]
O83 - Search Svchost Services: Schedule (Schedule) . (.Microsoft Corporation - Mecanismo do 'Agendador de tarefas'.) -- C:\WINDOWS\system32\schedsvc.dll [192000]
O83 - Search Svchost Services: Seclogon (Seclogon) . (.Microsoft Corporation - DLL de serviço de logon secundário.) -- C:\WINDOWS\system32\seclogon.dll [18944]
O83 - Search Svchost Services: SENS (SENS) . (.Microsoft Corporation - System Event Notification Service (SENS).) -- C:\WINDOWS\system32\sens.dll [38912]
O83 - Search Svchost Services: Sharedaccess (Sharedaccess) . (.Microsoft Corporation - Componentes do Microsoft NAT Helper.) -- C:\WINDOWS\system32\ipnathlp.dll [331264]
O83 - Search Svchost Services: SRService (SRService) . (.Microsoft Corporation - Serviço de restauração do sistema.) -- C:\WINDOWS\system32\srsvc.dll [171008]
O83 - Search Svchost Services: Tapisrv (Tapisrv) . (.Microsoft Corporation - Servidor de telefonia do Microsoft(R) Windows(TM).) -- C:\WINDOWS\system32\tapisrv.dll [246272]
O83 - Search Svchost Services: Themes (Themes) . (.Microsoft Corporation - DLL de serviços do Shell do Windows.) -- C:\WINDOWS\system32\shsvcs.dll [134656]
O83 - Search Svchost Services: TrkWks (TrkWks) . (.Microsoft Corporation - Distributed Link Tracking Client.) -- C:\WINDOWS\system32\trkwks.dll [90624]
O83 - Search Svchost Services: W32Time (W32Time) . (.Microsoft Corporation - Windows Time Service.) -- C:\WINDOWS\system32\w32time.dll [175616]
O83 - Search Svchost Services: WZCSVC (WZCSVC) . (.Microsoft Corporation - Serviço de configuração zero sem fio.) -- C:\WINDOWS\system32\wzcsvc.dll [359936]
O83 - Search Svchost Services: winmgmt (winmgmt) . (.Microsoft Corporation - WMI.) -- C:\WINDOWS\system32\wbem\WMIsvc.dll [145408]
O83 - Search Svchost Services: wscsvc (wscsvc) . (.Microsoft Corporation - Windows Security Center Service.) -- C:\WINDOWS\system32\wscsvc.dll [81408]
O83 - Search Svchost Services: xmlprov (xmlprov) . (.Microsoft Corporation - Network Provisioning Service.) -- C:\WINDOWS\system32\xmlprov.dll [129536]
O83 - Search Svchost Services: BITS (BITS) . (.Microsoft Corporation - Serviço de transferência inteligente de plano de fundo.) -- C:\WINDOWS\system32\qmgr.dll [382464]
O83 - Search Svchost Services: wuauserv (wuauserv) . (.Microsoft Corporation - Windows Update AutoUpdate Service.) -- C:\WINDOWS\system32\wuauserv.dll [6656]
O83 - Search Svchost Services: ShellHWDetection (ShellHWDetection) . (.Microsoft Corporation - DLL de serviços do Shell do Windows.) -- C:\WINDOWS\system32\shsvcs.dll [134656]
O83 - Search Svchost Services: helpsvc (helpsvc) . (.Microsoft Corporation - Microsoft PCHealth Service Holder.) -- C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll [38912]
O83 - Search Svchost Services: WmdmPmSN (WmdmPmSN) . (.Microsoft Corporation - Provedor de Serviços do Dispositivo de Mídia Microsoft.) -- C:\WINDOWS\system32\mspmsnsv.dll [52736]
~ Services: 37 Scanned in 00mn 00s



---\\ Pesquisa adicional à raiz do sistema (radicular) (SPRF) (O84)
[MD5.333A79F1A3964AF2A17AB2C88AF677DE] [SPRF][13/4/2014] (.No owner - Uninstall Receitanet 1.04.) -- C:\Documents and Settings\Eros\Desktop\Desinstalador.exe [1605083]
[MD5.BDB0B87D300B3AEB98797FF0A3C54924] [SPRF][9/11/2010] (...) -- C:\Documents and Settings\Eros\Desktop\FSCapture.exe [1111552]
[MD5.D63D5EDEA67CEE708D00B6E8E3720F67] [SPRF][27/9/2014] (...) -- C:\Documents and Settings\Eros\Desktop\IST.reg [1914]
[MD5.64BAEC464B396B66A353D8FC2F42A4E3] [SPRF][31/7/2011] (.RaProducts.org - System Purification Tool.) -- C:\Documents and Settings\Eros\Desktop\PureRa.exe [76565]
[MD5.E3C43F58C5299EB2F2C0617A9F205946] [SPRF][10/5/2013] (...) -- C:\Documents and Settings\Eros\Desktop\receitanet.dat [42]
[MD5.7EEBD2FC5E927CDA3ACC1CFEA699D8FE] [SPRF][10/5/2013] (...) -- C:\Documents and Settings\Eros\Desktop\receitanet.exe [452096]
~ Files: 6 Scanned in 00mn 00s



---\\ Listagem dos dados da chave NameSpace (MNS) (O92)
O92 - MNS: Web Folders - {BDEADF00-C265-11D0-BCED-00A0C90AB50F}
~ MNS: 1 Scanned in 00mn 00s



---\\ Estado general dos serviços não Microsoft (EGS) (SR=Executados, SS=Parados)
SS - | Demand 2/3/2006 225280 | (dmadmin) . (.Microsoft Corp., Veritas Software.) - C:\WINDOWS\system32\dmadmin.exe
SS - | Auto 8/6/2014 116648 | (gupdate) . (.Google Inc..) - C:\Arquivos de programas\Google\Update\GoogleUpdate.exe
SS - | Demand 8/6/2014 116648 | (gupdatem) . (.Google Inc..) - C:\Arquivos de programas\Google\Update\GoogleUpdate.exe
SR - | Auto 14/7/2014 50344 | (avast! Antivirus) . (.AVAST Software.) - C:\Arquivos de programas\AVAST Software\Avast\AvastSvc.exe
SR - | Auto 14/7/2014 106488 | (avast! Firewall) . (.AVAST Software.) - C:\Arquivos de programas\AVAST Software\Avast\afwServ.exe
SR - | Auto 2/8/2014 182696 | (JavaQuickStarterService) . (.Oracle Corporation.) - C:\Arquivos de programas\Java\jre7\bin\jqs.exe
SR - | Auto 28/11/2007 155716 | (NVSvc) . (.NVIDIA Corporation.) - C:\WINDOWS\system32\nvsvc32.exe
SR - | Auto 18/2/2013 7274561 | (WiselinkPro) . (.Samsung.) - C:\Arquivos de programas\Samsung\PC Auto Backup\WiselinkPro.exe
~ Services: Scanned in 00mn 07s



---\\ Pesquisa de infeção no Registo Mestre de Inicialização (MBR) (080)
Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Run by Eros at 5/10/2014 03:29:34
device: opened successfully
user: MBR read successfully
Disk trace:
called modules: ntkrnlpa.exe CLASSPNP.SYS disk.sys xfilt.sys ACPI.sys hal.dll atapi.sys videX32.sys PCIIDEX.SYS
C:\WINDOWS\system32\drivers\xfilt.sys VIA Technologies,Inc VIA filter driver
C:\WINDOWS\system32\drivers\videX32.sys VIA Technologies, Inc. VIA PCI IDE MINI Driver
1 ntkrnlpa!IofCallDriver[0x804EEEB8] >> \Device\Harddisk0\DR0[0x89D98AB8]
3 CLASSPNP[0xBA8F905B] >> ntkrnlpa!IofCallDriver[0x804EEEB8] >> [0x89DF71D8]
5 xfilt[0xBAB41026] >> ntkrnlpa!IofCallDriver[0x804EEEB8] >> \Device\0000006c[0x89D432F8]
7 ACPI[0xBA77F620] >> ntkrnlpa!IofCallDriver[0x804EEEB8] >> \Device\Ide\IdeDeviceP0T0L0-3[0x89DF5D98]
kernel: MBR read successfully
user & kernel MBR OK
~ MBR: 16 Scanned in 00mn 02s



---\\ Pesquisa de infeção no Registo Mestre de Inicialização (MBRCheck) (080)
Written by ad13, [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Run by Eros at 5/10/2014 03:29:36
********* Dump file Name *********
C:\PhysicalDisk0_MBR.bin
~ MBR: Scanned in 00mn 04s



---\\ Scâner Aditional (088)
Database Version : 13026 - (28/8/2014)
Clés trouvées (Keys found) : 0
Valeurs trouvées (Values found) : 0
Dossiers trouvés (Folders found) : 0
Fichiers trouvés (Files found) : 0

~ Additionnel Scan: 134960 Items scanned in 00mn 17s



---\\ Informações complémentaires do módulos
~ [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>.Internet Explorer, Gestão do Proxy (R5)
~ [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>.Browser Helper Objects do navegador (02)
~ [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>.Barras do Internet Explorer (03))
~ [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>.Aplicações iniciadas por registo & pastas (04)
~ [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>.Image File Execution Options (IFEO) (O50)
~ [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>.Chave do registo Shell MountPoints2 (MPKS) (O51)
~ AMI: 6 Scanned in 00mn 00s



End of the scan (1029 lines in 01mn 01s)(0)

Boa Tarde! Eros

-----
-----
MSIE: Internet Explorer v6.0.2900.2180
Microsoft Windows XP, 32-bit Service Pack 2 (Build 2600)
Java 7 Update 65
-----
Windows Genuine Advantage : KO <<    
-----
-----
> Muitos softwares desatualizados!
> O Windows XP não é original e,ainda,com o SP2.
> Nestas condições,seu antivírus até atrapalha!
> Substituiu a bateria que mantém a ROM,sem problemas?
>
> Execute este script na ferramenta ZHPFix.
> Selecione e copie estas informações que estão em vermelho,para o Bloco de Notas.
> Com o Bloco de Notas aberto,faça: ctrl+a >> ctrl+c ( Selecionar e Copiar )
> À seguir,minimize o Bloco de Notas.

Script ZHPFix
Emptytemp
EmptyCLSID
FirewallRaz
[MD5.730EAD05B1FC178629F437F8A1D76E27] - (...) -- ystem32\RunDll32.exe [0] [PID.724]
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{01E04581-4EEE-11D0-BFE9-00AA005B4383} Chave orfã
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{0E5CBF21-D15F-11D0-8301-00AA005B4383} Chave orfã
O39 - APT: - (..) -- C:\WINDOWS\Tasks\Microsoft_Hardware_Launch_IPoint_exe.job [320]
O39 - APT: - (..) -- C:\WINDOWS\Tasks\Microsoft_Hardware_Launch_rundll32_exe.job [294]
O44 - LFC:[MD5.7D517BBF4016399EAD021F3BA46DD91E] - 25/9/2014 - 19:50:24 ---A- . (...) -- C:\zoek-results2006-01-04-211241.log [469922]
O44 - LFC:[MD5.089F64C0A3B2D723E034D023D26A5A34] - 25/9/2014 - 19:52:15 ---A- . (...) -- C:\zoek-results2014-09-25-225215.log [4710]
O44 - LFC:[MD5.4F15ED8CA5036280930B4D5BC75BF089] - 25/9/2014 - 22:46:25 ---A- . (...) -- C:\zoek-results2014-09-26-014625.log [4991]
O44 - LFC:[MD5.09C6C3A8474BDC5DF0D151FCCDA966B0] - 26/9/2014 - 06:25:41 ---A- . (...) -- C:\zoek-results2014-09-26-092541.log [2646]
O44 - LFC:[MD5.970A764AF004C071F5AC3F2ACA030677] - 26/9/2014 - 06:36:03 ---A- . (...) -- C:\zoek-results.log [2699]
O51 - MPSK:{61ae5d0d-100a-11e3-8aba-000000000010}\AutoRun\command. (...) -- F:\urDrive.exe (.not file.)
sysrestore

> Abra a ferramenta ZHPFix. < [Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem] >
> Clique IMPORTAÇÃO >> OK.
> Ps: Ao clicar "OK",verifique se o campo está limpo para que receba,somente,as informações do script.
> Clique "GO".
> Poste o relatório!

A+

Rapport de ZHPFix 2014.8.3.6 par Nicolas Coolman, Update du 03/08/2014
Fichier d'export Registre :
Run by Eros at 5/10/2014 10:46:45
High Elevated Privileges : OK
Windows XP Home Edition Service Pack 2 (Build 2600)

Reciclagem vazia (00mn 03s)

========== Chaves do Registo ==========
ELIMINÉ: [HKLM\SOFTWARE\Classes\CLSID\{01E04581-4EEE-11D0-BFE9-00AA005B4383}]
ELIMINÉ: [HKLM\SOFTWARE\Classes\CLSID\{0E5CBF21-D15F-11D0-8301-00AA005B4383}]
ELIMINÉ CLSID MPSK: {61ae5d0d-100a-11e3-8aba-000000000010}

========== Valores do Registo ==========
Nenhum valor presente na chave de exceções do registo (FirewallRaz)
ELIMINÉ: Toolbar: {01E04581-4EEE-11D0-BFE9-00AA005B4383}
ELIMINÉ: Toolbar: {0E5CBF21-D15F-11D0-8301-00AA005B4383}

========== Pastas ==========
Nenhuma pasta CLSID local utilizador vazia

========== Ficheiros ==========
ELIMINÉ Temporários windows (38) (22.161.714 octets)
ELIMINÉ: c:\windows\tasks\microsoft_hardware_launch_ipoint_exe.job
ELIMINÉ: c:\windows\tasks\microsoft_hardware_launch_rundll32_exe.job
ELIMINÉ: c:\zoek-results2006-01-04-211241.log
ELIMINÉ: c:\zoek-results2014-09-25-225215.log
ELIMINÉ: c:\zoek-results2014-09-26-014625.log
ELIMINÉ: c:\zoek-results2014-09-26-092541.log
ELIMINÉ: c:\zoek-results.log

========== Restauração Sistema ==========
Ponto de restauro do sistema criado com sucesso


========== Recapitulativo ==========
3 : Chaves do Registo
3 : Valores do Registo
1 : Pastas
8 : Ficheiros
1 : Restauração Sistema


End of clean in 00mn 07s

========== Caminho do ficheiro do relatório ==========
C:\Documents and Settings\Eros\Dados de aplicativos\ZHP\ZHPFix[R1].txt - 5/10/2014 10:46:48 [1586]

Boa Noite! Eros

> Vc substituiu a bateria da Placa Mãe?

A+