pc lento e demora pra entra na net

por kipper Dom 18 Jan 2015, 14:06

Meu pc demora para ligar e net lenta.

por **caedurodrigues** Dom 18 Jan 2015, 14:55

Boa tarde kipper,

Baixe: <[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] ><[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]> ( ...Nicolas Coolman)
Salve-o no Disco local (C ou D).
Desabilite seu antivírus, e execute ZHPDiag.exe para instalar.

[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
Execute o ícone do pergaminho!

[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
Clique na opção "COMPLETA" e aguarde a conclusão.
Clique OK e,ao concluir, poste o relatório! ( ZHPDiag.txt )
Obs: O relatório por ser extenso deve ser postado em um desses sites:
Acesse: <[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]>
Ou acesse:<[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]>
Ou anexe-o <[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]> << Link
Maiores informações:<[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]> << Hospedagem !

Um grande abraço. pc lento e demora pra entra na net 648673379

por kipper Qua 21 Jan 2015, 17:54

~ Relatório do ZHPDiag v2015.1.18.7 - Nicolas Coolman (18/01/2015)
~ Iniciado por User (21/01/2015 17:35:14)
~ Facebook : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
~ Endereço do Webforum : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
~ Tradução pelo utilizador
~ Estatuto da versão : Versão atualizada.
~ Lista Branca : Desativado pelo Utilizador
~ Elevação dos Privilégios : OK
~ Controle de Conta de Utilizador : Deactivate by user

---\\ Navegadores Internet
MSIE: Internet Explorer v9.0.8112.16421
MFIE: Mozilla Firefox 35.0 (Defaut)
GCIE: Google Chrome v39.0.2171.99

---\\ Informações sobre os produtos Windows
~ Langage: Portugais
Windows 7 Ultimate, 64-bit Service Pack 1 (Build 7601)
Windows Server License Manager Script : OK
Software Protection Service (Protection logicielle) : OK
Windows Automatic Updates : OK
Windows Activation Technologies : OK

---\\ Softwares de proteçao do sistema
Malwarebytes Anti-Malware versão 2.0.3.1025
Windows Defender W7 (Activate)

---\\ Softwares d'optimização do sistema
CCleaner v4.11

---\\ Softwares de partilha do PeerToPeer (P2P)

---\\ Monitoramento dos softwares
Adobe Flash Player 16 NPAPI
Adobe Reader XI

---\\ Informações sobre o sistema
~ Processor: Intel64 Family 6 Model 60 Stepping 3, GenuineIntel
~ Operating System: 64 Bits
Boot mode: Normal (Normal boot)
Total RAM: 3968 MB (59% free)
System Restore: Activé (Enable)
System drive C: has 11 GB (11%) free of 98 GB

---\\ Modo de conexão ao sistema
~ Computer Name: USER-PC
~ User Name: User
~ All Users Names: User, Convidado, Administrador,
~ Unselected Option: None
Logged in as Administrator

---\\ As variáveis de ambiente
~ System Unit : C:\
~ %AppZHP% : C:\Users\User\AppData\Roaming\ZHP\
~ %AppData% : C:\Users\User\AppData\Roaming\
~ %Desktop% : C:\Users\User\Desktop\
~ %Favorites% : C:\Users\User\Favorites\
~ %LocalAppData% : C:\Users\User\AppData\Local\
~ %StartMenu% : C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\

---\\ Enumeração das unidades dos discos
C: Hard drive, Flash drive, Thumb drive (Free 11 Go of 98 Go)
D: CD-ROM drive (Not Inserted)
E: Hard drive, Flash drive, Thumb drive (Free 41 Go of 176 Go)
F: Hard drive, Flash drive, Thumb drive (Free 40 Go of 192 Go)
G: CD-ROM drive (Free 0 Go of 6 Go)

---\\ Estado do Centro de Segurança do Windows
[HKLM\SOFTWARE\Microsoft\Security Center] UpdatesDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings] WarnOnHTTPSToHTTPRedirect: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
[HKLM\SYSTEM\CurrentControlSet\Services\COMSysApp] Type: OK
~ Security Center: 48 Scanned in 00mn 00s

---\\ Pesquisa particular de ficheiros genéricos
[MD5.AC4C51EB24AA95B77F705AB159189E24] - (.Microsoft Corporation - Windows Explorer.) (.21/11/2010 - 00:24:11.) -- C:\Windows\Explorer.exe [2872320]
[MD5.94355C28C1970635A31B3FE52EB7CEBA] - (.Microsoft Corporation - Aplicativo de Inicialização do Windows.) (.13/07/2009 - 22:39:52.) -- C:\Windows\System32\Wininit.exe [129024]
[MD5.5536F6E7B74DA37D3EDBB509DE9CE3F5] - (.Microsoft Corporation - Internet Extensions para Win32.) (.30/07/2013 - 16:18:34.) -- C:\Windows\System32\wininet.dll [1392128]
[MD5.1151B1BAA6F350B1DB6598E0FEA7C457] - (.Microsoft Corporation - Aplicativo de Logon do Windows.) (.21/11/2010 - 00:24:29.) -- C:\Windows\System32\Winlogon.exe [390656]
[MD5.067FA52BFB59A56110A12312EF9AF243] - (.Microsoft Corporation - Biblioteca de Licenciamento de Software.) (.21/11/2010 - 00:24:16.) -- C:\Windows\System32\sppcomapi.dll [232448]
[MD5.314C17917AC8523EC77A710215012A65] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.20/05/2014 - 22:03:44.) -- C:\Windows\system32\Drivers\AFD.sys [497152]
[MD5.02062C0B390B7729EDC9E69C680A6F3C] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.13/07/2009 - 22:52:21.) -- C:\Windows\system32\Drivers\atapi.sys [24128]
[MD5.B8BD2BB284668C84865658C77574381A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.13/07/2009 - 20:19:47.) -- C:\Windows\system32\Drivers\Cdfs.sys [92160]
[MD5.F036CE71586E93D94DAB220D7BDF4416] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.21/11/2010 - 00:23:47.) -- C:\Windows\system32\Drivers\Cdrom.sys [147456]
[MD5.9BB2EF44EAA163B29C4A4587887A0FE4] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.21/11/2010 - 00:24:32.) -- C:\Windows\system32\Drivers\DfsC.sys [102400]
[MD5.97BFED39B6B79EB12CDDBFEED51F56BB] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.21/11/2010 - 00:23:47.) -- C:\Windows\system32\Drivers\HDAudBus.sys [122368]
[MD5.FA55C73D4AFFA7EE23AC4BE53B4592D3] - (.Microsoft Corporation - Driver de porta i8042.) (.13/07/2009 - 20:19:57.) -- C:\Windows\system32\Drivers\i8042prt.sys [105472]
[MD5.AF9B39A7E7B6CAA203B3862582E9F2D0] - (.Microsoft Corporation - IP Network Address Translator.) (.13/07/2009 - 21:10:03.) -- C:\Windows\system32\Drivers\IpNat.sys [116224]
[MD5.FAF015B07E3A2874A790A39B7D2C579F] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.21/11/2010 - 00:24:03.) -- C:\Windows\system32\Drivers\MRxSmb.sys [158208]
[MD5.09594D1089C523423B32A4229263F068] - (.Microsoft Corporation - MBT Transport driver.) (.21/11/2010 - 00:23:51.) -- C:\Windows\system32\Drivers\netBT.sys [261632]
[MD5.05D78AA5CB5F3F5C31160BDB955D0B7C] - (.Microsoft Corporation - Driver do Sistema de Arquivos NT.) (.21/11/2010 - 00:23:55.) -- C:\Windows\system32\Drivers\ntfs.sys [1659776]
[MD5.0086431C29C35BE1DBC43F52CC273887] - (.Microsoft Corporation - Driver de porta paralela.) (.13/07/2009 - 21:00:41.) -- C:\Windows\system32\Drivers\Parport.sys [97280]
[MD5.471815800AE33E6F1C32FB1B97C490CA] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.21/11/2010 - 00:24:33.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [129536]
[MD5.1B6163C503398B23FF8B939C67747683] - (.Microsoft Corporation - Microsoft RDP Device redirector.) (.21/11/2010 - 00:25:07.) -- C:\Windows\system32\Drivers\rdpdr.sys [165888]
[MD5.548260A7B8654E024DC30BF8A7C5BAA4] - (.Microsoft Corporation - SMB Transport driver.) (.13/07/2009 - 21:09:09.) -- C:\Windows\system32\Drivers\smb.sys [93184]
[MD5.DDAD5A7AB24D8B65F8D724F5C20FD806] - (.Microsoft Corporation - TDI Translation Driver.) (.21/11/2010 - 00:24:32.) -- C:\Windows\system32\Drivers\tdx.sys [119296]
[MD5.DF8126BD41180351A093A3AD2FC8903B] - (.Microsoft Corporation - Driver de cópia de sombra de volume.) (.25/02/2011 - 03:25:38.) -- C:\Windows\system32\Drivers\volsnap.sys [296320]
~ Generic Processes: Scanned in 00mn 00s

---\\ Estatuto dos ficheiros ocultos (Oculto/Total)
~ Mes images (My Pictures) : 1/211
~ Mes Favoris (My Favorites) : 1/30
~ Mes Documents (My Documents) : 1/83
~ Mon Bureau (My Desktop) : 3/428
~ Menu demarrer (Programs) : 1/39
~ Hidden Files: Scanned in 00mn 02s

---\\ Processos lançados
[MD5.FA18A83CD2D176C72692F149C549E247] - (.BitTorrent Inc. - µTorrent.) -- C:\Users\User\AppData\Roaming\uTorrent\uTorrent.exe [1374032] [PID.2728] =>P2P.BitTorrent
[MD5.EBF6044FE9023046773D058E90A39671] - (.Sony Corporation - Media Check Tool.) -- C:\Program Files (x86)\Sony\Sony Picture Utility\PMBCore\SPUVolumeWatcher.exe [333088] [PID.2784]
[MD5.8651F84ECBE5687A6628F1062300608C] - (.CyberLink - DMREngine.) -- C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMR\PowerDVD12DMREngine.exe [501544] [PID.2856]
[MD5.F5789E8CCAC5E9093CF49E9BC91B1A8E] - (.CyberLink Corp. - PowerDVD 12.) -- C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12Agent.exe [371256] [PID.2864]
[MD5.094E4E76FB9AB960A73F841BC6733F42] - (.Intel Corporation - iusb3mon.) -- C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292848] [PID.2880]
[MD5.D658AB1B55127D18DCFBCAC8CAAEA522] - (.Hewlett-Packard - hpwuSchd Application.) -- C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe [49208] [PID.2888]
[MD5.BDE5DB8850297A5F7A585918BF39EB99] - (.No owner - smmain.) -- C:\Program Files (x86)\SM95\smmain.exe [3655680] [PID.2988]
[MD5.2F00189590608D58ED5AF50BB1FC2B4C] - (.TI Software - TiMonitor.) -- C:\Program Files (x86)\WinTM\tis\TiMonitor.exe [1682944] [PID.3020]
[MD5.22A5AB0A62CFE32AA790C007E5BBBA63] - (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe [338032] [PID.1404]
[MD5.58F52FBF326EC6E98564F6A8F1AB604F] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [8155648] [PID.4224]
[MD5.FC5B75CA6A1DA31EDD4F8D53F5540B98] - (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [81088] [PID.1736]
[MD5.1A7A2CAC3B5AFABD6636B25DFE33CBAD] - (...) -- C:\Program Files (x86)\ASUS\AXSP\1.01.01\atkexComSvc.exe [927232] [PID.1772]
[MD5.CB8C1CC4F46FBAC78150754D77460C73] - (.Google Inc. - Google Crash Handler.) -- C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleCrashHandler.exe [230792] [PID.1828]
[MD5.EA22BCA708B37B82ADEBC822A171B92E] - (.CyberLink - CyberLink Media Server Monitor Service.) -- C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe [75048] [PID.1928]
[MD5.3168D2F171A64590E7A11355CAE60A1E] - (.CyberLink - CyberLink Media Server Service.) -- C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe [296232] [PID.1972]
[MD5.C7BB95CF9631AA401E4ADED1648F6AF7] - (.ESET - ESET Service.) -- C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [974944] [PID.1124]
[MD5.4C6406CF07D4EBB70C5774D55C6688FB] - (.CyberLink Corp. - CLHNServiceForPowerDVD12 Module.) -- C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMP\CLHNServer\CLHNServiceForPowerDVD12.exe [87336] [PID.2576]
[MD5.52069AEB42D3D0F97CBCA1085EBF55E6] - (.Intel Corporation - Intel(R) Dynamic Application Loader Host In.) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432] [PID.4044]
[MD5.3DE66F47365AA8CEB18B1EE272F4FEBA] - (.Intel Corporation - Intel(R) Local Management Service.) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [390616] [PID.3432]
~ Processes Running: Scanned in 00mn 00s

---\\ Google Chrome, Arranque,Pesquisa,Extensões (G0,G1,G2)
C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Preferences

---\\ Pasta de extensão do Google Chrome
~ Google Lines Browser: 0 Scanned in 00mn 03s

---\\ Mozilla Firefox, Plugins,Arranque,Pesquisa,Extensões (P2,M0,M1,M2,M3)
C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\02dwc90y.default-1399424852910\prefs.js
M3 - MFPP: Plugins - [User] -- C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\02dwc90y.default-1399424852910\searchplugins\ask-search.xml
M0 - MFSP: prefs.js [User - 02dwc90y.default-1399424852910] [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
P2 - FPN:Firefox Plugin Navigator . (.Microsoft Corporation - The plugin allows you to have a better experience with Microsoft Lync.) -- C:\Program Files (x86)\Mozilla Firefox\Plugins\npMeetingJoinPluginOC.dll
P2 - FPN:Firefox Plugin Navigator . (.Adobe Systems Inc. - Adobe PDF Plug-In For Firefox and Netscape 11.0.10.) -- C:\Program Files (x86)\Mozilla Firefox\Plugins\nppdf32.dll
P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (...) -- C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_257.dll
P2 - FPN: [HKLM] [@Microsoft.com/NpCtrl,version=1.0] - (. Microsoft Corporation - 5.1.30514.0.) -- C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll
P2 - FPN: [HKLM] [@microsoft.com/SharePoint,version=14.0] - (.Microsoft Corporation - The plugin allows you to have a better experience with Microsoft Share.) -- C:\Program Files\Microsoft Office\Office15\NPSPWRAP.dll
P2 - FPN: [HKCU] [@lightspark.github.com/Lightspark;version=1] - (...) -- C:\Program Files (x86)\Lightspark 0.5.3-git\nplightsparkplugin.dll (.not file.)
P2 - FPN: [HKCU] [@Skype Limited.com/Facebook Video Calling Plugin] - (.Skype Limited - Facebook Video Calling Plugin.) -- C:\Users\User\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll
P2 - FPN: [HKCU] [@unity3d.com/UnityPlayer,version=1.0] - (.Unity Technologies ApS - Unity Player 4.6.1f1.) -- C:\Users\User\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll
P2 - FPN: [HKCU] [ubisoft.com/uplaypc] - (...) -- C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll (.not file.)
~ Firefox Browser: 13 Scanned in 00mn 00s

---\\ Internet Explorer, Arranque, Pesquisa, URLSearchHook( gancho de URL), Phishing (R0,R1,R3,R4)
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R0 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs,Tabs = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R3 - URLSearchHook: Microsoft Url Search Hook [64Bits] - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Navegador da Internet.) (9.00.8112.16421 (WIN7_IE9_RTM.110308-0330)) -- C:\Windows\SysWOW64\ieframe.dll
R4 - HKLM\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,EnabledV8 = 0
R4 - HKCU\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,Enabled = 2
R4 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\PhishingFilter,EnabledV8 = 0
~ IE Browser: 24 Scanned in 00mn 00s

---\\ Internet Explorer, Gestão do Proxy (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s

---\\ Análise das linhas F0, F1, F2, F3 - Ficheiros ini, Carregamento Automático de programas
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys: Scanned in 00mn 00s

---\\ Redireção do ficheiro Hosts (01)
~ Le fichier hôte est sain (The hosts file is clean) (0)
~ Hosts File: Scanned in 00mn 00s

---\\ Browser Helper Objects do navegador (02)
O2 - BHO: Lync Click to Call BHO [64Bits] - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} . (.Microsoft Corporation - Microsoft Lync.) -- C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper [64Bits] - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} . (.Oracle Corporation - Java(TM) Platform SE binary.) -- C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll
O2 - BHO: URLRedirectionBHO [64Bits] - {B4F3A835-0E21-4959-BA22-42B3008E02FF} . (.Microsoft Corporation - Microsoft Office Document Cache Handler.) -- C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.dll
O2 - BHO: Microsoft SkyDrive Pro Browser Helper [64Bits] - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} . (.Microsoft Corporation - Microsoft SkyDrive Pro Extensions.) -- C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.dll =>.Microsoft Corporation
O2 - BHO: Java(tm) Plug-In 2 SSV Helper [64Bits] - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Oracle Corporation - Java(TM) Platform SE binary.) -- C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll
~ BHO: 8 Scanned in 00mn 00s

---\\ Outras conexões do utilizador (04)
O4 - GS\QuickLaunch [User]: µTorrent.lnk . (.BitTorrent Inc. - µTorrent.) -- C:\Users\User\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.BitTorrent
~ Global Startup: 1 Scanned in 00mn 02s

---\\ Aplicações iniciadas por registo & pastas (04)
O4 - HKLM\..\Run: [RTHDVCPL] . (.Realtek Semiconductor - Gerenciador de áudio HD Realtek.) -- C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
O4 - HKLM\..\Run: [AdobeAAMUpdater-1.0] . (.Adobe Systems Incorporated - Adobe Updater Startup Utility.) -- C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe =>.Adobe Systems Incorporated
O4 - HKLM\..\Run: [egui] . (.ESET - ESET GUI.) -- C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
O4 - HKLM\..\Run: [IgfxTray] . (.Intel Corporation - igfxTray Module.) -- C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] . (.Intel Corporation - hkcmd Module.) -- C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] . (.Intel Corporation - persistence Module.) -- C:\Windows\system32\igfxpers.exe
O4 - HKCU\..\Run: [Skype] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe =>.Skype Technologies S.A.
O4 - HKCU\..\Run: [uTorrent] . (.BitTorrent Inc. - µTorrent.) -- C:\Users\User\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.BitTorrent
O4 - HKCU\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets da Área de Trabalho do Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe
O4 - HKCU\..\Run: [DAEMON Tools Lite] . (.Disc Soft Ltd - DAEMON Tools Lite.) -- C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe =>.DT Soft Ltd
O4 - HKLM\..\Wow6432Node\Run: [AdobeCS5ServiceManager] . (.Adobe Systems Incorporated - Adobe CS5 Service Manager.) -- C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe
O4 - HKLM\..\Wow6432Node\Run: [SwitchBoard] . (.Adobe Systems Incorporated - SwitchBoard Server (32 bit).) -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Wow6432Node\Run: [PowerDVD12DMREngine] . (.CyberLink - DMREngine.) -- C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMR\PowerDVD12DMREngine.exe
O4 - HKLM\..\Wow6432Node\Run: [PowerDVD12Agent] . (.CyberLink Corp. - PowerDVD 12.) -- C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12Agent.exe
O4 - HKLM\..\Wow6432Node\Run: [USB3MON] . (.Intel Corporation - iusb3mon.) -- C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
O4 - HKLM\..\Wow6432Node\Run: [HP Software Update] . (.Hewlett-Packard - hpwuSchd Application.) -- C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe =>.Hewlett-Packard Co
O4 - HKLM\..\Wow6432Node\Run: [ASM] . (.No owner - smmain.) -- C:\Program Files (x86)\SM95\smmain.exe
O4 - HKLM\..\Wow6432Node\Run: [SAPP] . (.No owner - sapp.) -- C:\Program Files (x86)\SAPP\sapp.exe
O4 - HKLM\..\Wow6432Node\Run: [Tim] . (.TI Software - TiMonitor.) -- C:\Program Files (x86)\WinTM\tis\TiMonitor.exe
O4 - HKUS\S-1-5-21-2123034537-1514316849-1306321605-1000\..\Run: [Skype] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe =>.Skype Technologies S.A.
O4 - HKUS\S-1-5-21-2123034537-1514316849-1306321605-1000\..\Run: [uTorrent] . (.BitTorrent Inc. - µTorrent.) -- C:\Users\User\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.BitTorrent
O4 - HKUS\S-1-5-21-2123034537-1514316849-1306321605-1000\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets da Área de Trabalho do Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe
O4 - HKUS\S-1-5-21-2123034537-1514316849-1306321605-1000\..\Run: [DAEMON Tools Lite] . (.Disc Soft Ltd - DAEMON Tools Lite.) -- C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe =>.DT Soft Ltd
~ Application: Scanned in 00mn 00s

---\\ Icones das opções IE invisiveis no painel das configurações (05)
O5 - control.ini: [HKLM\..\Control Panel] inetcpl.cpl=no
~ IE Control Panel: 1 Scanned in 00mn 00s

---\\ Boutões da barra de ferramentas principal do Internet Explorer (09)
O9 - Extra button: &Enviar para o OneNote [64Bits] - {2670000A-7350-4f3c-8081-5663EE0C6C49} -- C:\Program Files (x86)\MICROS~2\Office15\ONBttnIE.dll (.not file.)
O9 - Extra button: Clique para Telefonar do Lync [64Bits] - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} . (.Microsoft Corporation - Microsoft Lync.) -- C:\Program Files\Microsoft Office\Office15\lync.exe
O9 - Extra button: &Anotações Vinculadas do OneNote [64Bits] - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} -- C:\Program Files (x86)\MICROS~2\Office15\ONBTTN~1.dll (.not file.)
~ IE Extra Buttons: Scanned in 00mn 00s

---\\ Winsock hijacker (Layered Service Provider) (O10)
O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Network Location Awareness 2.) -- C:\Windows\system32\NLAapi.dll
O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - Provedor de Correção de Nomeação de Emails.) -- C:\Windows\system32\napinsp.dll
O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - PNRP Name Space Provider.) -- C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - PNRP Name Space Provider.) -- C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000005\Winsock LSP File . (.Microsoft Corporation - Provedor de serviços do Microsoft Windows Sockets 2.0.) -- C:\Windows\system32\mswsock.dll
O10 - WLSP:\000000000006\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\Windows\system32\winrnr.dll
~ Winsock: 6 Scanned in 00mn 00s

---\\ Alteração Dominio/Clientes DNS (017)
O17 - HKLM\System\CCS\Services\Tcpip\..\{2AA5F584-48F4-4717-8706-73E96D441DA6}: NameServer = 8.8.8.8,8.8.4.4 =>.Google DNS Redirections
O17 - HKLM\System\CCS\Services\Tcpip\..\{11B7EECE-C09C-45C9-B539-38BAF6C735CE}: DhcpNameServer = 192.168.0.254 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{2AA5F584-48F4-4717-8706-73E96D441DA6}: DhcpNameServer = 10.1.1.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{11B7EECE-C09C-45C9-B539-38BAF6C735CE}: DhcpDomain = hd.inf.br
O17 - HKLM\System\CS1\Services\Tcpip\..\{2AA5F584-48F4-4717-8706-73E96D441DA6}: NameServer = 8.8.8.8,8.8.4.4 =>.Google DNS Redirections
O17 - HKLM\System\CS1\Services\Tcpip\..\{11B7EECE-C09C-45C9-B539-38BAF6C735CE}: DhcpNameServer = 192.168.0.254 192.168.0.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{2AA5F584-48F4-4717-8706-73E96D441DA6}: DhcpNameServer = 10.1.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{11B7EECE-C09C-45C9-B539-38BAF6C735CE}: DhcpDomain = hd.inf.br
O17 - HKLM\System\CS2\Services\Tcpip\..\{2AA5F584-48F4-4717-8706-73E96D441DA6}: NameServer = 8.8.8.8,8.8.4.4 =>.Google DNS Redirections
O17 - HKLM\System\CS2\Services\Tcpip\..\{11B7EECE-C09C-45C9-B539-38BAF6C735CE}: DhcpNameServer = 192.168.0.254 192.168.0.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{2AA5F584-48F4-4717-8706-73E96D441DA6}: DhcpNameServer = 10.1.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{11B7EECE-C09C-45C9-B539-38BAF6C735CE}: DhcpDomain = hd.inf.br
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.1.1.1
~ Domain: Scanned in 00mn 00s

---\\ Protocolo adicional (018)
O18 - Handler: vbscript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visualizador de HTML da Microsoft (R).) -- C:\Windows\System32\mshtml.dll
O18 - Filter: text/xml [64Bits] - {807583E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.dll =>.Microsoft Corporation
~ Protocole Additionnel: Scanned in 00mn 00s

---\\ Valor do Registo AppInit_DLLs e sub-chaves Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: igfxcui . (.Intel Corporation - igfxdev Module.) -- C:\Windows\System32\igfxdev.dll
~ Winlogon: Scanned in 00mn 00s

---\\ Chave do Registo autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
~ SSODL: 1 Scanned in 00mn 00s

---\\ Lista dos serviços NT não Microsoft e não desativados (023)
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) . (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: ASUS Com Service (asComSvc) . (...) - C:\Program Files (x86)\ASUS\AXSP\1.01.01\atkexComSvc.exe
O23 - Service: CLHNServiceForPowerDVD12 (CLHNServiceForPowerDVD12) . (.CyberLink Corp. - CLHNServiceForPowerDVD12 Module.) - C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMP\CLHNServer\CLHNServiceForPowerDVD12.exe
O23 - Service: CyberLink PowerDVD 12 Media Server Monitor Service (CyberLink PowerDVD 12 Media Server Monitor Service) . (.CyberLink - CyberLink Media Server Monitor Service.) - C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe
O23 - Service: CyberLink PowerDVD 12 Media Server Service (CyberLink PowerDVD 12 Media Server Service) . (.CyberLink - CyberLink Media Server Service.) - C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe
O23 - Service: ESET Service (ekrn) . (.ESET - ESET Service.) - C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
O23 - Service: Serviço do Google Update (gupdate) (gupdate) . (.Google Inc. - Google Installer.) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) Capability Licensing Service Interface (Intel(R) Capability Licensing Service Interface) . (.Intel(R) Corporation - Intel(R) Capability Licensing Service Inter.) - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) . (.Intel Corporation - Intel(R) Dynamic Application Loader Host In.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: Intel(R) Management and Security Application Local Manageme (LMS) . (.Intel Corporation - Intel(R) Local Management Service.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Protexis Licensing V2 x64 (PSI_SVC_2_x64) . (.arvato digital services llc - PsiService PsiService.) - c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
O23 - Service: Skype Updater (SkypeUpdate) . (.Skype Technologies - Skype Updater Service.) - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: Power Control [2013/07/30 16:05:22] ({329F96B6-DF1E-4328-BFDA-39EA953C1312}) . (.CyberLink Corp. - No Comment.) - C:\Program Files (x86)\CyberLink\PowerDVD12\Common\NavFilter\000.fcl
~ Services: 13 Scanned in 00mn 02s

---\\ Enumeração Ativa do Ambiente de trabalho & Editor MHTML (024)
O24 - Default MHTML Editor: Last - .(...) - (.not file.)
~ Desktop Component: 4 Scanned in 00mn 00s

---\\ Listagem dos dados do BootExecute (Bex) (034)
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
~ BEX: 1 Scanned in 00mn 00s

---\\ Tarefas planificadas automaticamente (039)
[MD5.3E04F1E482357B1FC8B088197C3D9FF8] [APT] [Adobe Acrobat Update Task] (.Adobe Systems Incorporated.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152]
[MD5.CB1719E3EA00A0C114A8AD2655F43754] [APT] [Adobe Flash Player Updater] (.Adobe Systems Incorporated.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [267440]
[MD5.04505C46F9CB7D8F8769B566EDC42282] [APT] [CCleanerSkipUAC] (.Piriform Ltd.) -- C:\Program Files\CCleaner\CCleaner.exe [4505368]
[MD5.506708142BC63DABA64F2D3AD1DCD5BF] [APT] [GoogleUpdateTaskMachineCore] (.Google Inc..) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [116648]
[MD5.506708142BC63DABA64F2D3AD1DCD5BF] [APT] [GoogleUpdateTaskMachineUA] (.Google Inc..) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [116648]
[MD5.87E7AABE4F6A0DFD6105224E4D88C4D7] [APT] [HPCustParticipation HP Deskjet 1050 J410 series] (.Hewlett-Packard Co..) -- C:\Program Files\HP\HP Deskjet 1050 J410 series\Bin\HPCustPartic.exe [3794792]
[MD5.2CA0461A5730F6FC3F90FA3833C645C9] [APT] [{1C01D39C-FF48-4DC8-BC31-0AD1DDAE6804}] (.Google Inc..) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [856904]
[MD5.C155A13687144076286989EF078112C2] [APT] [{4452D369-D03D-444A-A15F-9B6B3E4E0971}] (.Nicolas Coolman.) -- C:\Program Files (x86)\ZHPDiag\ZHPFix\ZHPhep.exe [1917440]
[MD5.2B1785D99119EF764C8BF54AE776B5FC] [APT] [{7F93592B-45AD-4CDB-BC02-8A3AA4F26612}] (.Nicolas Coolman.) -- C:\Users\User\Downloads\ZHPDiag2(1).exe [6865579]
[MD5.00000000000000000000000000000000] [APT] [{85A10420-D547-4A00-8E02-D7FFE30A205C}] (...) -- C:\Users\User\Downloads\ZHPDiag2.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{D19B375C-3F48-4EDC-8258-8ABD976ECD72}] (...) -- F:\TORRENT\Disney_Mickey\setup\setup.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{D5B18C28-40B9-4F9D-B759-6CADF0A43225}] (...) -- C:\Program Files (x86)\Rosso Rabbit in Trouble\RossoRabbitInTrouble.exe (.not file.) [0]
O39 - APT: Adobe Flash Player Updater - (.Adobe Systems Incorporated.) -- C:\Windows\Tasks\Adobe Flash Player Updater.job [902]
O39 - APT: Adobe Flash Player Updater - (.Adobe Systems Incorporated.) -- C:\Windows\System32\Tasks\Adobe Flash Player Updater [902]
O39 - APT: GoogleUpdateTaskMachineCore - (.Google Inc..) -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job [1066]
O39 - APT: GoogleUpdateTaskMachineCore - (.Google Inc..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore [1066]
O39 - APT: GoogleUpdateTaskMachineUA - (.Google Inc..) -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job [1070]
O39 - APT: GoogleUpdateTaskMachineUA - (.Google Inc..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA [1070]
~ Scheduled Task: 16 Scanned in 00mn 04s

---\\ Componentes instalados (ActiveSetup Installed Components) (040)
O40 - ASIC: Microsoft Windows Media Player [64Bits] - >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Recursos do Windows Media Player.) -- C:\Windows\System32\wmploc.dll =>.Microsoft Corporation
O40 - ASIC: Internet Explorer [64Bits] - >{26923b43-4d38-484f-9b9e-de460746276c} . (.Microsoft Corporation - Utilitário de Inicialização por Usuário do Internet Explorer.) -- C:\Windows\System32\ie4uinit.exe
O40 - ASIC: Browser Customizations [64Bits] - >{60B49E34-C7CC-11D0-8953-00A0C90347FF} . (.Microsoft Corporation - Identidade visual IEAK.) -- C:\Windows\System32\iedkcs32.dll
O40 - ASIC: Microsoft Windows Media Player 12.0 [64Bits] - {22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Windows Media Player Extension.) -- C:\Windows\SysWOW64\wmpdxm.dll =>.Microsoft Corporation
O40 - ASIC: Themes Setup [64Bits] - {2C7339CF-2B09-4501-B3F3-F3508C9228ED} . (.Microsoft Corporation - API de tema do Windows.) -- C:\Windows\System32\themeui.dll
O40 - ASIC: Microsoft Windows [64Bits] - {44BBA840-CC51-11CF-AAFA-00AA00B6015C} . (.Microsoft Corporation - Windows Mail.) -- C:\Program Files (x86)\Windows Mail\WinMail.exe =>.Microsoft Corporation
O40 - ASIC: Browsing Enhancements [64Bits] - {630b1da0-b465-11d1-9948-00c04f98bbc9} . (.Microsoft Corporation - Extensão shell da pasta FTP do Microsoft Internet Explorer.) -- C:\Windows\System32\msieftp.dll
O40 - ASIC: Microsoft Windows Media Player [64Bits] - {6BF52A52-394A-11d3-B153-00C04F79FAA6} . (.Microsoft Corporation - Recursos do Windows Media Player.) -- C:\Windows\System32\wmploc.dll =>.Microsoft Corporation
O40 - ASIC: Windows Desktop Update [64Bits] - {89820200-ECBD-11cf-8B85-00AA005B4340} . (.Microsoft Corporation - DLL comum do Shell do Windows.) -- C:\Windows\System32\shell32.dll
O40 - ASIC: Web Platform Customizations [64Bits] - {89820200-ECBD-11cf-8B85-00AA005B4383} . (.Microsoft Corporation - Utilitário de Inicialização por Usuário do Internet Explorer.) -- C:\Windows\System32\ie4uinit.exe
O40 - ASIC: (no name) [64Bits] - {89B4C1CD-B018-4511-B0A1-5476DBF70820} . (.Microsoft Corporation - Microsoft .NET IE SECURITY REGISTRATION.) -- C:\Windows\system32\mscories.dll
~ Active Setup: 11 Scanned in 00mn 00s

---\\ Drivers lançados ao arranque do sistema (041)
O41 - Driver: C:\Windows\System32\drivers\afd.sys (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\Windows\system32\drivers\afd.sys
O41 - Driver: (AsIO) . (...) - C:\Windows\Syswow64\drivers\AsIO.sys
O41 - Driver: (blbdrive) . (.Microsoft Corporation - BLB Drive Driver.) - C:\Windows\System32\DRIVERS\blbdrive.sys
O41 - Driver: (cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\Windows\System32\DRIVERS\cdrom.sys
O41 - Driver: C:\Windows\System32\cscsvc.dll (CSC) . (.Microsoft Corporation - Windows Client Side Caching Driver.) - C:\Windows\System32\drivers\csc.sys
O41 - Driver: C:\Windows\System32\drivers\dfsc.sys (DfsC) . (.Microsoft Corporation - DFS Namespace Client Driver.) - C:\Windows\System32\Drivers\dfsc.sys
O41 - Driver: C:\Windows\System32\drivers\discache.sys (discache) . (.Microsoft Corporation - System Indexer/Cache Driver.) - C:\Windows\System32\drivers\discache.sys
O41 - Driver: (dtsoftbus01) . (.Disc Soft Ltd - DAEMON Tools Virtual Bus Driver.) - C:\Windows\System32\DRIVERS\dtsoftbus01.sys
O41 - Driver: (ehdrv) . (.ESET - ESET Helper driver.) - C:\Windows\System32\DRIVERS\ehdrv.sys
O41 - Driver: (mssmbios) . (.Microsoft Corporation - System Management BIOS Driver.) - C:\Windows\System32\DRIVERS\mssmbios.sys
O41 - Driver: (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\Windows\System32\DRIVERS\netbios.sys
O41 - Driver: C:\Windows\System32\drivers\netbt.sys (NetBT) . (.Microsoft Corporation - MBT Transport driver.) - C:\Windows\System32\DRIVERS\netbt.sys
O41 - Driver: C:\Windows\System32\drivers\nsiproxy.sys (nsiproxy) . (.Microsoft Corporation - NSI Proxy.) - C:\Windows\System32\drivers\nsiproxy.sys
O41 - Driver: C:\Windows\System32\drivers\pacer.sys (Psched) . (.Microsoft Corporation - Agendador de pacotes de serviço.) - C:\Windows\System32\DRIVERS\pacer.sys
O41 - Driver: C:\Windows\System32\wkssvc.dll (rdbss) . (.Microsoft Corporation - Driver do Subsistema de Buffer da Unidade R.) - C:\Windows\System32\DRIVERS\rdbss.sys
O41 - Driver: C:\Windows\System32\DRIVERS\RDPCDD.sys (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\System32\DRIVERS\RDPCDD.sys
O41 - Driver: C:\Windows\System32\drivers\RDPENCDD.sys (RDPENCDD) . (.Microsoft Corporation - RDP Encoder Miniport.) - C:\Windows\System32\drivers\rdpencdd.sys
O41 - Driver: C:\Windows\System32\drivers\RdpRefMp.sys (RDPREFMP) . (.Microsoft Corporation - RDP Reflector Driver Miniport.) - C:\Windows\System32\drivers\rdprefmp.sys
O41 - Driver: (Serial) . (.Microsoft Corporation - Driver de dispositivo serial.) - C:\Windows\System32\DRIVERS\serial.sys
O41 - Driver: C:\Windows\System32\tcpipcfg.dll (tdx) . (.Microsoft Corporation - TDI Translation Driver.) - C:\Windows\System32\DRIVERS\tdx.sys
O41 - Driver: (TermDD) . (.Microsoft Corporation - Remote Desktop Server Driver.) - C:\Windows\System32\DRIVERS\termdd.sys
O41 - Driver: (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\Windows\system32\drivers\vga.sys
O41 - Driver: C:\Windows\System32\rascfg.dll (Wanarpv6) . (.Microsoft Corporation - MS Remote Access and Routing ARP Driver.) - C:\Windows\System32\DRIVERS\wanarp.sys
O41 - Driver: (WfpLwf) . (.Microsoft Corporation - WFP NDIS 6.20 Lightweight Filter Driver.) - C:\Windows\System32\DRIVERS\wfplwf.sys
O41 - Driver: C:\Windows\System32\drivers\ws2ifsl.sys (ws2ifsl) . (.Microsoft Corporation - Winsock2 IFS Layer.) - C:\Windows\system32\drivers\ws2ifsl.sys
~ Drivers: 75 Scanned in 00mn 00s

---\\ Software instalados (042)
O42 - Logiciel: Adobe AIR - (.Adobe Systems Inc..) [HKLM][64Bits] -- Adobe AIR
O42 - Logiciel: Adobe AIR - (.Adobe Systems Inc..) [HKLM][64Bits] -- {A2BCA9F1-566C-4805-97D1-7FDC93386723}
O42 - Logiciel: Adobe Creative Suite 5 Master Collection - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {1BBD8D70-721A-41AD-AC8F-7308A0C8FA92}
O42 - Logiciel: Adobe Flash Player 16 ActiveX - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- Adobe Flash Player ActiveX
O42 - Logiciel: Adobe Flash Player 16 NPAPI - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- Adobe Flash Player NPAPI
O42 - Logiciel: Adobe Media Player - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
O42 - Logiciel: Adobe Media Player - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {DE3A9DC5-9A5D-6485-9662-347162C7E4CA}
O42 - Logiciel: Adobe Reader XI (11.0.10) - Português - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {AC76BA86-7AD7-1046-7B44-AB0000000001}
O42 - Logiciel: Adobe Refresh Manager - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {AC76BA86-0804-1033-1959-001802114130}
O42 - Logiciel: CCleaner - (.Piriform.) [HKLM][64Bits] -- CCleaner
O42 - Logiciel: Corel Graphics - Windows Shell Extension - (.Corel Corporation.) [HKLM][64Bits] -- _{EBDC2D0D-1E26-4EF2-BB48-C7E18F7800C6}
O42 - Logiciel: Corel Graphics - Windows Shell Extension - (.Corel Corporation.) [HKLM][64Bits] -- {EBDC2D0D-1E26-4EF2-BB48-C7E18F7800C6}
O42 - Logiciel: Corel Graphics - Windows Shell Extension 32 Bit - (.Corel Corporation.) [HKLM][64Bits] -- {79899C6B-E315-4A3F-8904-02DEAB8D660D}
O42 - Logiciel: CorelDRAW Graphics Suite X6 (64-Bit) - (.Corel Corporation.) [HKLM][64Bits] -- _{BDBFAC49-8877-472F-876B-75ADB7DBC955}
O42 - Logiciel: CorelDRAW Graphics Suite X6 - IPM - (.Corel Corporation.) [HKLM][64Bits] -- {B6DF7031-2843-44FD-9CAB-DECAB4257456}
O42 - Logiciel: CorelDRAW Graphics Suite X6 - Writing Tools (x64) - (. Corel Corporation.) [HKLM][64Bits] -- {DDE82E3D-20C4-48E1-AE1D-B1F10E42CA44}
O42 - Logiciel: CyberLink PowerDVD 12 - (.CyberLink Corp..) [HKLM][64Bits] -- InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}
O42 - Logiciel: CyberLink PowerDVD 12 - (.CyberLink Corp..) [HKLM][64Bits] -- {B46BEA36-0B71-4A4E-AE41-87241643FA0A}
O42 - Logiciel: DAEMON Tools Lite - (.Disc Soft Ltd.) [HKLM][64Bits] -- DAEMON Tools Lite =>.DT Soft Ltd
O42 - Logiciel: Facebook Video Calling 3.1.0.521 - (.Skype Limited.) [HKLM][64Bits] -- {2091F234-EB58-4B80-8C96-8EB78C808CF7}
O42 - Logiciel: Flockers - (.Team17 Digital Ltd.) [HKLM][64Bits] -- Flockers_is1
O42 - Logiciel: FormatFactory 3.5.0.0 - (.Format Factory.) [HKLM][64Bits] -- FormatFactory
O42 - Logiciel: Google Chrome - (.Google Inc..) [HKLM][64Bits] -- Google Chrome
O42 - Logiciel: Google Earth - (.Google.) [HKLM][64Bits] -- {4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E} =>.Google Inc
O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM][64Bits] -- {A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
O42 - Logiciel: HP Deskjet 1050 J410 series Ajuda - (.Hewlett Packard.) [HKLM][64Bits] -- {5C90D8CF-F12A-41C6-9007-3B651A1F0D78}
O42 - Logiciel: HP Photo Creations - (.HP Photo Creations Powered by RocketLife.) [HKLM][64Bits] -- HP Photo Creations
O42 - Logiciel: HP Update - (.Hewlett-Packard.) [HKLM][64Bits] -- {B0069CFA-5BB9-4C03-B1C6-89CE290E5AFE}
O42 - Logiciel: Intel(R) Management Engine Components - (.Intel Corporation.) [HKLM][64Bits] -- {65153EA5-8B6E-43B6-857B-C6E4FC25798A}
O42 - Logiciel: Intel(R) Processor Graphics - (.Intel Corporation.) [HKLM][64Bits] -- {F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}
O42 - Logiciel: Intel(R) SDK for OpenCL - CPU Only Runtime Package - (.Intel Corporation.) [HKLM][64Bits] -- {FCB3772C-B7D0-4933-B1A9-3707EBACC573}
O42 - Logiciel: Intel(R) USB 3.0 eXtensible Host Controller Driver - (.Intel Corporation.) [HKLM][64Bits] -- {240C3DDD-C5E9-4029-9DF7-95650D040CF2}
O42 - Logiciel: Intel® Trusted Connect Service Client - (.Intel Corporation.) [HKLM][64Bits] -- {B5E06417-A4AC-4225-B36E-7E34C91616E7}
O42 - Logiciel: Java 7 Update 71 - (.Oracle.) [HKLM][64Bits] -- {26A24AE4-039D-4CA4-87B4-2F03217071FF}
O42 - Logiciel: Java 8 Update 25 - (.Oracle Corporation.) [HKLM][64Bits] -- {26A24AE4-039D-4CA4-87B4-2F83218025F0}
O42 - Logiciel: K-Lite Mega Codec Pack 9.9.5 - (...) [HKLM][64Bits] -- KLiteCodecPack_is1
O42 - Logiciel: Malwarebytes Anti-Malware versão 2.0.3.1025 - (.Malwarebytes Corporation.) [HKLM][64Bits] -- Malwarebytes Anti-Malware_is1
O42 - Logiciel: Microsoft Access MUI (Portuguese (Brazil)) 2013 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90150000-0015-0416-1000-0000000FF1CE}
O42 - Logiciel: Microsoft DCF MUI (Portuguese (Brazil)) 2013 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90150000-0090-0416-1000-0000000FF1CE}
O42 - Logiciel: Microsoft Excel MUI (Portuguese (Brazil)) 2013 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90150000-0016-0416-1000-0000000FF1CE}
O42 - Logiciel: Microsoft Groove MUI (Portuguese (Brazil)) 2013 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90150000-00BA-0416-1000-0000000FF1CE}
O42 - Logiciel: Microsoft InfoPath MUI (Portuguese (Brazil)) 2013 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90150000-0044-0416-1000-0000000FF1CE}
O42 - Logiciel: Microsoft Lync MUI (Portuguese (Brazil)) 2013 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90150000-012B-0416-1000-0000000FF1CE}
O42 - Logiciel: Microsoft OneNote MUI (Portuguese (Brazil)) 2013 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90150000-00A1-0416-1000-0000000FF1CE} =>.Microsoft Corporation
O42 - Logiciel: Microsoft Outlook MUI (Portuguese (Brazil)) 2013 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90150000-001A-0416-1000-0000000FF1CE}
O42 - Logiciel: Microsoft PowerPoint MUI (Portuguese (Brazil)) 2013 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90150000-0018-0416-1000-0000000FF1CE}
O42 - Logiciel: Microsoft Publisher MUI (Portuguese (Brazil)) 2013 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90150000-0019-0416-1000-0000000FF1CE}
O42 - Logiciel: Microsoft Silverlight - (.Microsoft Corporation.) [HKLM][64Bits] -- {89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
O42 - Logiciel: Microsoft Word MUI (Portuguese (Brazil)) 2013 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90150000-001B-0416-1000-0000000FF1CE}
O42 - Logiciel: Minha Biblia - (.Friendship Solutions:.) [HKLM][64Bits] -- {738C450E-378C-42E7-B8D2-A36EC068A1D3}
O42 - Logiciel: Mozilla Firefox 35.0 (x86 pt-BR) - (.Mozilla.) [HKLM][64Bits] -- Mozilla Firefox 35.0 (x86 pt-BR)
O42 - Logiciel: Mozilla Maintenance Service - (.Mozilla.) [HKLM][64Bits] -- MozillaMaintenanceService
O42 - Logiciel: Nero 12 - (.Nero AG.) [HKLM][64Bits] -- {560FC78C-A4B2-461D-9B47-820C1EEF87B8}
O42 - Logiciel: Nero Audio Pack 1 - (.Nero AG.) [HKLM][64Bits] -- {A7A0BF2E-31CC-49E3-9913-52C503EB969D}
O42 - Logiciel: Nero BackItUp Help (CHM) - (.Nero AG.) [HKLM][64Bits] -- {EF0D1292-8FC1-41BE-9740-DBC134F66415}
O42 - Logiciel: Nero Blu-ray Player - (.Nero AG.) [HKLM][64Bits] -- {A2FE691E-3F8E-4E30-AA7D-FF17AC77EA87}
O42 - Logiciel: Nero Blu-ray Player Help (CHM) - (.Nero AG.) [HKLM][64Bits] -- {5B79E730-D897-4B8F-A1AD-7BB2D1F22B96}
O42 - Logiciel: Nero Burning ROM - (.Nero AG.) [HKLM][64Bits] -- {5963F4B4-D138-47CD-ADEF-470E87E185BD}
O42 - Logiciel: Nero Burning ROM Help (CHM) - (.Nero AG.) [HKLM][64Bits] -- {2890E324-6F3B-4975-8B95-E7D6D80E0226}
O42 - Logiciel: Nero ControlCenter - (.Nero AG.) [HKLM][64Bits] -- {ABC88553-8770-4B97-B43E-5A90647A5B63}
O42 - Logiciel: Nero ControlCenter Help (CHM) - (.Nero AG.) [HKLM][64Bits] -- {C994C746-C6D0-4EBA-B09E-DF7B18381B69}
O42 - Logiciel: Nero Core Components - (.Nero AG.) [HKLM][64Bits] -- {BEBEE34D-84A2-4EDD-8BEA-96CC54371263}
O42 - Logiciel: Nero Disc Menus Basic - (.Nero AG.) [HKLM][64Bits] -- {E17BCB76-9924-4BD5-B6D6-50D3407B4E74}
O42 - Logiciel: Nero Effects Basic - (.Nero AG.) [HKLM][64Bits] -- {29F67D84-3A70-456E-806A-52301B02070B}
O42 - Logiciel: Nero Express - (.Nero AG.) [HKLM][64Bits] -- {848A7C68-0ADC-4193-8A89-2CEA78E56A0C}
O42 - Logiciel: Nero Express Help (CHM) - (.Nero AG.) [HKLM][64Bits] -- {0708FF30-78C0-47B0-81F0-C84604DC769C}
O42 - Logiciel: Nero Kwik Media - (.Nero AG.) [HKLM][64Bits] -- {052A1E34-A54B-458C-A4E3-24C3E054754A}
O42 - Logiciel: Nero Kwik Media Help (CHM) - (.Nero AG.) [HKLM][64Bits] -- {1F16820E-D0E7-4636-939E-45CBFEFB06E1}
O42 - Logiciel: Nero Kwik Themes Basic - (.Nero AG.) [HKLM][64Bits] -- {1B6F5E51-575E-4693-BCA2-7543570D076D}
O42 - Logiciel: Nero PiP Effects Basic - (.Nero AG.) [HKLM][64Bits] -- {ACE49D50-19CD-44A6-B192-46F985283B26}
O42 - Logiciel: Nero Recode - (.Nero AG.) [HKLM][64Bits] -- {1943C3BD-4462-4612-92C3-D36DD917C447}
O42 - Logiciel: Nero Recode Help (CHM) - (.Nero AG.) [HKLM][64Bits] -- {86847081-B387-4F49-AED1-C9B0A090D66C}
O42 - Logiciel: Nero RescueAgent - (.Nero AG.) [HKLM][64Bits] -- {B953732D-B623-4E84-B369-CFFF7B1AE06F}
O42 - Logiciel: Nero RescueAgent Help (CHM) - (.Nero AG.) [HKLM][64Bits] -- {0B311221-05A5-4766-8D03-7A6446794156}
O42 - Logiciel: Nero SharedVideoCodecs - (.Nero AG.) [HKLM][64Bits] -- {2432E589-6256-4513-B0BF-EFA8E325D5F0}
O42 - Logiciel: Nero Video - (.Nero AG.) [HKLM][64Bits] -- {83FCCFCD-46E3-43FB-A397-78BFD5A8980A}
O42 - Logiciel: Nero Video Help (CHM) - (.Nero AG.) [HKLM][64Bits] -- {B128179D-A5E1-43AC-9422-12A109ECD2A0}
O42 - Logiciel: PDF Settings CS5 - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {A78FE97A-C0C8-49CE-89D0-EDD524A17392}
O42 - Logiciel: PegaJogo 3.0 - (.PegaJogo.com.) [HKLM][64Bits] -- {14FAA5DD-A6B2-4A7B-8960-4A30DC8D9D35}_is1
O42 - Logiciel: Pro Evolution Soccer 2009 - (.KONAMI.) [HKLM][64Bits] -- {A8DB611A-D80E-450D-85F6-3ACDD164BE31}
O42 - Logiciel: Rambo The Video Game - (.Reef Entertainment.) [HKLM][64Bits] -- {48CB69A5-D098-4CA6-A58F-4255ED6DBE49}_is1
O42 - Logiciel: Realtek High Definition Audio Driver - (.Realtek Semiconductor Corp..) [HKLM][64Bits] -- {F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}
O42 - Logiciel: Show do Cristão - (.Oltre Vita Informática Ltda.) [HKLM][64Bits] -- Show do Cristão_is1
O42 - Logiciel: Skype™ 6.3 - (.Skype Technologies S.A..) [HKLM][64Bits] -- {4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}
O42 - Logiciel: Software básico do dispositivo HP Deskjet 1050 J410 series - (.Hewlett-Packard Co..) [HKLM][64Bits] -- {06A5A3AF-AFA5-4278-868E-BFD494A9B08B}
O42 - Logiciel: Sony Picture Utility - (.Sony Corporation.) [HKLM][64Bits] -- {D5068583-D569-468B-9755-5FBF5848F46F}
O42 - Logiciel: TI Monitor - (.TI Software.) [HKLM][64Bits] -- TI Monitor 3.0.1
O42 - Logiciel: TI Monitor - (.TI Software.) [HKLM][64Bits] -- {3B41E104-3A49-46DD-B517-F60279BF567B}
O42 - Logiciel: Unity Web Player - (.Unity Technologies ApS.) [HKCU][64Bits] -- UnityWebPlayer
O42 - Logiciel: VLC media player - (.VideoLAN.) [HKLM][64Bits] -- VLC media player =>.VideoLAN
O42 - Logiciel: Welcome App (Start-up experience) - (.Nero AG.) [HKLM][64Bits] -- {828175FA-7307-4DBF-95AD-9CEE086B6F45}
O42 - Logiciel: WinRAR 4.11 (64-bit) - (.win.rar GmbH.) [HKLM][64Bits] -- WinRAR archiver
O42 - Logiciel: Winamp - (.Nullsoft, Inc.) [HKLM][64Bits] -- Winamp
O42 - Logiciel: aTube Catcher - (.DsNET Corp.) [HKLM][64Bits] -- aTube Catcher
O42 - Logiciel: aTube Catcher versão 3.8 - (.DsNET Corp.) [HKLM][64Bits] -- {D43B360E-722D-421B-BC77-20B9E0F8B6CD}_is1
O42 - Logiciel: neroxml - (.Nero AG.) [HKLM][64Bits] -- {56C049BE-79E9-4502-BEA7-9754A3E60F9B}
O42 - Logiciel: µTorrent - (.BitTorrent Inc..) [HKCU][64Bits] -- uTorrent =>P2P.BitTorrent
~ Logic: 53 Scanned in 00mn 00s

---\\ HKCU & HKLM Software Keys
[HKCU\Software\Adobe]
[HKCU\Software\AppDataLow\Software\JavaSoft]
[HKCU\Software\AppDataLow\Software\Unity]
[HKCU\Software\AppDataLow]
[HKCU\Software\Aspyr Media]
[HKCU\Software\Baidu Security]
[HKCU\Software\Baixaki]
[HKCU\Software\Baixou Agora]
[HKCU\Software\BitTorrent] =>P2P.BitTorrent
[HKCU\Software\Chromium]
[HKCU\Software\Classes]
[HKCU\Software\Clients]
[HKCU\Software\Corel]
[HKCU\Software\Crystal Dynamics]
[HKCU\Software\Cyberlink]
[HKCU\Software\Digimarc]
[HKCU\Software\Disc Soft]
[HKCU\Software\DivXNetworks]
[HKCU\Software\EMU]
[HKCU\Software\ESET]
[HKCU\Software\EmailsCFG]
[HKCU\Software\FLT]
[HKCU\Software\Facebook]
[HKCU\Software\FreeTime]
[HKCU\Software\GNU]
[HKCU\Software\GOG.com]
[HKCU\Software\Gabest]
[HKCU\Software\GameSpy]
[HKCU\Software\Google]
[HKCU\Software\HP]
[HKCU\Software\Haali]
[HKCU\Software\IM Providers]
[HKCU\Software\Icaros]
[HKCU\Software\Infinite Monkeys]
[HKCU\Software\Intel]
[HKCU\Software\JavaSoft]
[HKCU\Software\Lake]
[HKCU\Software\Leadertech]
[HKCU\Software\Licenses]
[HKCU\Software\Ludeon Studios]
[HKCU\Software\MGB Informática]
[HKCU\Software\Macromedia]
[HKCU\Software\MeatStrength]
[HKCU\Software\MediaInfo]
[HKCU\Software\Megacubo]
[HKCU\Software\Mercury Games]
[HKCU\Software\Mimimi Productions]
[HKCU\Software\MotionFactory]
[HKCU\Software\MozillaPlugins]
[HKCU\Software\Mozilla]
[HKCU\Software\Nero]
[HKCU\Software\Netscape]
[HKCU\Software\ODBC]
[HKCU\Software\Piriform]
[HKCU\Software\Policies]
[HKCU\Software\PopCap]
[HKCU\Software\Positivo]
[HKCU\Software\Realtek]
[HKCU\Software\RkSoft]
[HKCU\Software\SkypeRS]
[HKCU\Software\Skype]
[HKCU\Software\SlimWare Utilities Inc]
[HKCU\Software\Sony Corporation]
[HKCU\Software\Sysinternals]
[HKCU\Software\Trolltech]
[HKCU\Software\Ubisoft]
[HKCU\Software\Unity]
[HKCU\Software\VB and VBA Program Settings]
[HKCU\Software\Valve]
[HKCU\Software\Visan]
[HKCU\Software\Wget]
[HKCU\Software\WinRAR SFX]
[HKCU\Software\WinRAR]
[HKCU\Software\Winamp]
[HKCU\Software\Wow6432Node]
[HKCU\Software\ej-technologies]
[HKCU\Software\kde.org]
[HKCU\Software\madshi]
[HKCU\Software\tutotest]
[HKLM\Software\ATI Technologies]
[HKLM\Software\Adobe]
[HKLM\Software\Baidu Security]
[HKLM\Software\Bitstream]
[HKLM\Software\CBSTEST]
[HKLM\Software\Classes]
[HKLM\Software\Clients]
[HKLM\Software\Corel]
[HKLM\Software\Cyberlink]
[HKLM\Software\DTS]
[HKLM\Software\Dolby]
[HKLM\Software\ESET]
[HKLM\Software\Google]
[HKLM\Software\HP]
[HKLM\Software\IM Providers]
[HKLM\Software\Imagineer Systems Ltd]
[HKLM\Software\Intel]
[HKLM\Software\KONAMIPES6]
[HKLM\Software\Khronos]
[HKLM\Software\Knowles]
[HKLM\Software\Macromedia]
[HKLM\Software\MozillaPlugins]
[HKLM\Software\Mozilla]
[HKLM\Software\Nuance]
[HKLM\Software\ODBC]
[HKLM\Software\Piriform]
[HKLM\Software\Policies]
[HKLM\Software\Protexis64]
[HKLM\Software\Realtek]
[HKLM\Software\RegisteredApplications]
[HKLM\Software\SRS Labs]
[HKLM\Software\SonicFocus]
[HKLM\Software\Sonic]
[HKLM\Software\Synthetic Aperture]
[HKLM\Software\Waves Audio]
[HKLM\Software\WinRAR]
[HKLM\Software\Wow6432Node\ASUS]
[HKLM\Software\Wow6432Node\Aardwork]
[HKLM\Software\Wow6432Node\Adobe]
[HKLM\Software\Wow6432Node\AviSynth]
[HKLM\Software\Wow6432Node\Baidu Security]
[HKLM\Software\Wow6432Node\Baidu_Drp_pos]
[HKLM\Software\Wow6432Node\C07ft5Y]
[HKLM\Software\Wow6432Node\CDDB]
[HKLM\Software\Wow6432Node\Caphyon]
[HKLM\Software\Wow6432Node\Chromium]
[HKLM\Software\Wow6432Node\Classes]
[HKLM\Software\Wow6432Node\Clients]
[HKLM\Software\Wow6432Node\ComodoGroup]
[HKLM\Software\Wow6432Node\Comodo]
[HKLM\Software\Wow6432Node\Corel]
[HKLM\Software\Wow6432Node\Crave]
[HKLM\Software\Wow6432Node\CyberLink]
[HKLM\Software\Wow6432Node\DT Soft]
[HKLM\Software\Wow6432Node\Disc Soft]
[HKLM\Software\Wow6432Node\ESET]
[HKLM\Software\Wow6432Node\EmailsCFG]
[HKLM\Software\Wow6432Node\Freemake]
[HKLM\Software\Wow6432Node\GNU]
[HKLM\Software\Wow6432Node\GOG.com]
[HKLM\Software\Wow6432Node\GameVicio]
[HKLM\Software\Wow6432Node\Google]
[HKLM\Software\Wow6432Node\HaaliMkx]
[HKLM\Software\Wow6432Node\Hewlett-Packard]
[HKLM\Software\Wow6432Node\HiDefMedia]
[HKLM\Software\Wow6432Node\IM Providers]
[HKLM\Software\Wow6432Node\Icaros]
[HKLM\Software\Wow6432Node\InstallShield]
[HKLM\Software\Wow6432Node\Intel]
[HKLM\Software\Wow6432Node\JavaSoft]
[HKLM\Software\Wow6432Node\JreMetrics]
[HKLM\Software\Wow6432Node\KLCodecPack]
[HKLM\Software\Wow6432Node\KONAMI]
[HKLM\Software\Wow6432Node\Khronos]
[HKLM\Software\Wow6432Node\LAV]
[HKLM\Software\Wow6432Node\Lake]
[HKLM\Software\Wow6432Node\Licenses]
[HKLM\Software\Wow6432Node\Macromedia]
[HKLM\Software\Wow6432Node\Malwarebytes' Anti-Malware]
[HKLM\Software\Wow6432Node\MeatStrength]
[HKLM\Software\Wow6432Node\Megacubo]
[HKLM\Software\Wow6432Node\MozillaPlugins]
[HKLM\Software\Wow6432Node\Mozilla]
[HKLM\Software\Wow6432Node\Nero]
[HKLM\Software\Wow6432Node\Nuance]
[HKLM\Software\Wow6432Node\Nullsoft]
[HKLM\Software\Wow6432Node\ODBC]
[HKLM\Software\Wow6432Node\Policies]
[HKLM\Software\Wow6432Node\PowerPivot]
[HKLM\Software\Wow6432Node\Psygnosis]
[HKLM\Software\Wow6432Node\Realtek Semiconductor Corp.]
[HKLM\Software\Wow6432Node\Realtek]
[HKLM\Software\Wow6432Node\Reef Entertainment]
[HKLM\Software\Wow6432Node\RegisteredApplications]
[HKLM\Software\Wow6432Node\RkSoft]
[HKLM\Software\Wow6432Node\RocketLife]
[HKLM\Software\Wow6432Node\SCS Software]
[HKLM\Software\Wow6432Node\Skype]
[HKLM\Software\Wow6432Node\SlimWare Utilities Inc]
[HKLM\Software\Wow6432Node\Sony Corporation]
[HKLM\Software\Wow6432Node\Taronja]
[HKLM\Software\Wow6432Node\TrendMicro]
[HKLM\Software\Wow6432Node\VideoLAN]
[HKLM\Software\Wow6432Node\Visan]
[HKLM\Software\Wow6432Node\Volatile]
[HKLM\Software\Wow6432Node\baidu]
[HKLM\Software\Wow6432Node\mozilla.org]
[HKLM\Software\Wow6432Node]
[HKLM\Software\swearware]
~ Key Software: 341 Scanned in 00mn 00s

por kipper Qua 21 Jan 2015, 17:54

---\\ Conteúdo das pastas Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 18/05/2014 - 19:44:45 - [] ----D C:\Program Files (x86)\Adobe
O43 - CFD: 30/07/2013 - 16:50:27 - [] ----D C:\Program Files (x86)\Adobe Media Player
O43 - CFD: 17/04/2014 - 11:24:17 - [] ----D C:\Program Files (x86)\ASUS
O43 - CFD: 24/12/2014 - 22:25:51 - [] ----D C:\Program Files (x86)\Bible-Discovery
O43 - CFD: 20/05/2014 - 19:04:33 - [] ----D C:\Program Files (x86)\Black Bean
O43 - CFD: 26/05/2014 - 18:40:55 - [] ----D C:\Program Files (x86)\CGN
O43 - CFD: 31/10/2014 - 05:13:36 - [] ----D C:\Program Files (x86)\Common Files
O43 - CFD: 13/10/2014 - 21:02:12 - [] ----D C:\Program Files (x86)\Connon Fodder 3
O43 - CFD: 30/07/2013 - 17:04:47 - [] ----D C:\Program Files (x86)\CyberLink
O43 - CFD: 09/05/2014 - 21:19:41 - [] ----D C:\Program Files (x86)\DAEMON Tools Lite =>.DT Soft Ltd
O43 - CFD: 24/06/2014 - 21:13:31 - [] ----D C:\Program Files (x86)\DsNET Corp
O43 - CFD: 21/01/2015 - 15:40:26 - [] ----D C:\Program Files (x86)\Flockers
O43 - CFD: 17/06/2014 - 16:17:40 - [] ----D C:\Program Files (x86)\Foxy Games
O43 - CFD: 14/10/2014 - 18:30:31 - [0] ----D C:\Program Files (x86)\Freemake
O43 - CFD: 03/05/2014 - 19:44:15 - [] ----D C:\Program Files (x86)\FreeTime
O43 - CFD: 28/04/2014 - 22:49:53 - [] ----D C:\Program Files (x86)\Friendship
O43 - CFD: 24/12/2014 - 22:22:29 - [] ----D C:\Program Files (x86)\GameVicio
O43 - CFD: 07/09/2014 - 21:33:46 - [] ----D C:\Program Files (x86)\Google
O43 - CFD: 19/04/2014 - 23:33:12 - [] ----D C:\Program Files (x86)\HP
O43 - CFD: 19/04/2014 - 23:33:15 - [] ----D C:\Program Files (x86)\HP Photo Creations
O43 - CFD: 08/01/2015 - 16:37:26 - [] --H-D C:\Program Files (x86)\InstallShield Installation Information
O43 - CFD: 17/04/2014 - 11:28:09 - [] ----D C:\Program Files (x86)\Intel
O43 - CFD: 30/07/2013 - 17:24:13 - [] ----D C:\Program Files (x86)\Internet Explorer
O43 - CFD: 28/11/2014 - 16:15:59 - [0] ----D C:\Program Files (x86)\Jack Keane 2 - The Fire Within
O43 - CFD: 31/10/2014 - 18:26:53 - [] ----D C:\Program Files (x86)\Java
O43 - CFD: 30/07/2013 - 17:10:43 - [] ----D C:\Program Files (x86)\K-Lite Codec Pack
O43 - CFD: 28/06/2014 - 11:29:52 - [] ----D C:\Program Files (x86)\KONAMI
O43 - CFD: 17/10/2014 - 19:56:42 - [] ----D C:\Program Files (x86)\Malwarebytes Anti-Malware
O43 - CFD: 30/07/2013 - 16:02:25 - [] ----D C:\Program Files (x86)\Microsoft Analysis Services
O43 - CFD: 30/07/2013 - 16:02:18 - [] ----D C:\Program Files (x86)\Microsoft Office
O43 - CFD: 28/11/2014 - 14:20:57 - [] ----D C:\Program Files (x86)\Microsoft Silverlight
O43 - CFD: 30/07/2013 - 16:03:36 - [] ----D C:\Program Files (x86)\Microsoft SQL Server
O43 - CFD: 30/07/2013 - 16:03:36 - [] ----D C:\Program Files (x86)\Microsoft.NET
O43 - CFD: 17/09/2014 - 21:49:29 - [] ----D C:\Program Files (x86)\Movie Maker 2.6
O43 - CFD: 17/01/2015 - 12:47:05 - [] ----D C:\Program Files (x86)\Mozilla Firefox
O43 - CFD: 18/01/2015 - 01:37:41 - [] ----D C:\Program Files (x86)\Mozilla Firefox.bak
O43 - CFD: 18/01/2015 - 01:56:52 - [] ----D C:\Program Files (x86)\Mozilla Maintenance Service
O43 - CFD: 14/07/2009 - 03:32:38 - [] ----D C:\Program Files (x86)\MSBuild
O43 - CFD: 30/07/2013 - 15:58:38 - [] ----D C:\Program Files (x86)\Nero
O43 - CFD: 13/05/2014 - 18:18:04 - [] ----D C:\Program Files (x86)\NovaLogic
O43 - CFD: 09/12/2014 - 19:03:21 - [] ----D C:\Program Files (x86)\PegaJogo
O43 - CFD: 07/12/2014 - 20:52:21 - [] ----D C:\Program Files (x86)\Positivo
O43 - CFD: 30/07/2013 - 15:33:24 - [] ----D C:\Program Files (x86)\Realtek
O43 - CFD: 21/07/2014 - 20:07:30 - [] ----D C:\Program Files (x86)\Reef Entertainment
O43 - CFD: 14/07/2009 - 03:32:38 - [] ----D C:\Program Files (x86)\Reference Assemblies
O43 - CFD: 21/05/2014 - 21:05:27 - [] ----D C:\Program Files (x86)\RkSoft
O43 - CFD: 19/01/2015 - 21:21:01 - [] -SH-D C:\Program Files (x86)\SAPP
O43 - CFD: 19/05/2014 - 20:56:18 - [] ----D C:\Program Files (x86)\Show do Cristão
O43 - CFD: 30/07/2013 - 17:10:19 - [] R---D C:\Program Files (x86)\Skype
O43 - CFD: 21/01/2015 - 17:35:13 - [] -SH-D C:\Program Files (x86)\SM95
O43 - CFD: 20/04/2014 - 17:59:59 - [] ----D C:\Program Files (x86)\Sony
O43 - CFD: 23/06/2014 - 20:27:47 - [] ----D C:\Program Files (x86)\SQUARE ENIX - Eidos Interactive
O43 - CFD: 21/04/2014 - 19:25:02 - [] ----D C:\Program Files (x86)\SupportInfo
O43 - CFD: 17/04/2014 - 11:49:34 - [0] --H-D C:\Program Files (x86)\Temp
O43 - CFD: 25/10/2014 - 12:11:59 - [] ----D C:\Program Files (x86)\Tomb Raider - Legend
O43 - CFD: 08/01/2015 - 16:37:31 - [] ----D C:\Program Files (x86)\Ubisoft
O43 - CFD: 14/07/2009 - 02:57:06 - [0] --H-D C:\Program Files (x86)\Uninstall Information
O43 - CFD: 17/07/2014 - 17:34:26 - [] ----D C:\Program Files (x86)\VideoLAN
O43 - CFD: 14/10/2014 - 20:43:50 - [0] ----D C:\Program Files (x86)\VS Revo Group
O43 - CFD: 13/09/2014 - 16:23:22 - [] ----D C:\Program Files (x86)\Winamp
O43 - CFD: 12/04/2011 - 11:40:11 - [] ----D C:\Program Files (x86)\Windows Defender
O43 - CFD: 12/04/2011 - 11:40:11 - [] ----D C:\Program Files (x86)\Windows Mail =>.Microsoft Corporation
O43 - CFD: 12/04/2011 - 11:40:11 - [] ----D C:\Program Files (x86)\Windows Media Player =>.Microsoft Corporation
O43 - CFD: 14/07/2009 - 03:32:38 - [] ----D C:\Program Files (x86)\Windows NT
O43 - CFD: 12/04/2011 - 11:40:11 - [] ----D C:\Program Files (x86)\Windows Photo Viewer
O43 - CFD: 21/11/2010 - 01:31:38 - [] ----D C:\Program Files (x86)\Windows Portable Devices
O43 - CFD: 12/04/2011 - 11:40:11 - [] ----D C:\Program Files (x86)\Windows Sidebar
O43 - CFD: 02/12/2014 - 14:28:03 - [] ----D C:\Program Files (x86)\WinTM
O43 - CFD: 16/09/2014 - 15:11:17 - [] ----D C:\Program Files (x86)\Wolfenstein The New Order
O43 - CFD: 21/01/2015 - 17:34:36 - [] ----D C:\Program Files (x86)\ZHPDiag =>.Nicolas Coolman
O43 - CFD: 18/04/2014 - 11:46:25 - [] ----D C:\Program Files (x86)\Common Files\Adobe
O43 - CFD: 30/07/2013 - 16:49:15 - [] ----D C:\Program Files (x86)\Common Files\Adobe AIR
O43 - CFD: 20/05/2014 - 18:29:05 - [] ----D C:\Program Files (x86)\Common Files\InstallShield
O43 - CFD: 17/04/2014 - 11:19:00 - [] ----D C:\Program Files (x86)\Common Files\Intel
O43 - CFD: 31/10/2014 - 05:13:36 - [] ----D C:\Program Files (x86)\Common Files\Java
O43 - CFD: 09/05/2014 - 21:33:26 - [] ----D C:\Program Files (x86)\Common Files\microsoft shared
O43 - CFD: 30/07/2013 - 15:57:59 - [] ----D C:\Program Files (x86)\Common Files\Nero
O43 - CFD: 30/07/2013 - 15:32:01 - [] ----D C:\Program Files (x86)\Common Files\postureAgent
O43 - CFD: 13/09/2014 - 16:23:12 - [] ----D C:\Program Files (x86)\Common Files\PX Storage Engine
O43 - CFD: 14/07/2009 - 01:20:08 - [] ----D C:\Program Files (x86)\Common Files\Services
O43 - CFD: 30/07/2013 - 17:10:19 - [] ----D C:\Program Files (x86)\Common Files\Skype
O43 - CFD: 20/04/2014 - 17:59:56 - [] ----D C:\Program Files (x86)\Common Files\Sonic Shared
O43 - CFD: 14/07/2009 - 01:20:08 - [] ----D C:\Program Files (x86)\Common Files\SpeechEngines
O43 - CFD: 12/04/2011 - 11:40:11 - [] ----D C:\Program Files (x86)\Common Files\System
O43 - CFD: 10/05/2014 - 09:12:51 - [] ----D C:\ProgramData\Adobe
O43 - CFD: 31/10/2014 - 05:15:41 - [] ----D C:\ProgramData\APN
O43 - CFD: 14/07/2009 - 03:08:56 - [] -SH-D C:\ProgramData\Application Data
O43 - CFD: 18/10/2014 - 14:36:28 - [] ----D C:\ProgramData\baidu
O43 - CFD: 17/10/2014 - 20:02:20 - [] ----D C:\ProgramData\Baidu Antivirus
O43 - CFD: 25/10/2014 - 06:46:34 - [0] ----D C:\ProgramData\Baidu Security
O43 - CFD: 25/04/2014 - 21:09:21 - [] ----D C:\ProgramData\Caphyon
O43 - CFD: 30/07/2013 - 16:39:57 - [] ----D C:\ProgramData\Corel
O43 - CFD: 03/10/2014 - 22:32:19 - [] ----D C:\ProgramData\CyberLink
O43 - CFD: 30/07/2013 - 14:51:10 - [] -SH-D C:\ProgramData\Dados de aplicativos
O43 - CFD: 09/05/2014 - 20:53:07 - [] ----D C:\ProgramData\DAEMON Tools Lite =>.DT Soft Ltd
O43 - CFD: 14/07/2009 - 03:08:56 - [] -SH-D C:\ProgramData\Desktop
O43 - CFD: 30/07/2013 - 14:51:10 - [] -SH-D C:\ProgramData\Documentos
O43 - CFD: 14/07/2009 - 03:08:56 - [] -SH-D C:\ProgramData\Documents
O43 - CFD: 30/07/2013 - 17:15:55 - [] ----D C:\ProgramData\ESET
O43 - CFD: 14/07/2009 - 03:08:56 - [] -SH-D C:\ProgramData\Favorites
O43 - CFD: 30/07/2013 - 14:51:10 - [] -SH-D C:\ProgramData\Favoritos
O43 - CFD: 19/04/2014 - 23:35:24 - [] ----D C:\ProgramData\HP
O43 - CFD: 19/04/2014 - 23:35:32 - [] ----D C:\ProgramData\HP Photo Creations
O43 - CFD: 30/07/2013 - 17:02:03 - [] ----D C:\ProgramData\install_clap
O43 - CFD: 30/07/2013 - 15:33:08 - [] ----D C:\ProgramData\Intel
O43 - CFD: 28/06/2014 - 11:33:33 - [] ----D C:\ProgramData\KONAMI
O43 - CFD: 17/10/2014 - 19:56:41 - [] ----D C:\ProgramData\Malwarebytes
O43 - CFD: 30/07/2013 - 14:51:10 - [] -SH-D C:\ProgramData\Menu Iniciar
O43 - CFD: 19/04/2014 - 23:33:44 - [] -S--D C:\ProgramData\Microsoft
O43 - CFD: 03/12/2014 - 21:26:13 - [] ----D C:\ProgramData\Microsoft Help
O43 - CFD: 30/07/2013 - 14:51:10 - [] -SH-D C:\ProgramData\Modelos
O43 - CFD: 17/04/2014 - 17:52:16 - [] ----D C:\ProgramData\Mozilla
O43 - CFD: 30/07/2013 - 15:57:27 - [] ----D C:\ProgramData\Nero
O43 - CFD: 31/10/2014 - 05:13:15 - [] ----D C:\ProgramData\Oracle
O43 - CFD: 21/01/2015 - 15:41:28 - [] ----D C:\ProgramData\Package Cache
O43 - CFD: 30/07/2013 - 17:05:20 - [] ----D C:\ProgramData\PDVD
O43 - CFD: 31/12/2014 - 17:38:24 - [] ----D C:\ProgramData\PopCap Games
O43 - CFD: 30/07/2013 - 16:44:01 - [] ----D C:\ProgramData\Protexis64
O43 - CFD: 14/07/2014 - 22:25:12 - [] ----D C:\ProgramData\regid.1986-12.com.adobe
O43 - CFD: 30/07/2013 - 16:03:33 - [] ----D C:\ProgramData\regid.1991-06.com.microsoft
O43 - CFD: 16/06/2014 - 15:31:41 - [] ----D C:\ProgramData\reiza
O43 - CFD: 30/07/2013 - 17:10:21 - [] ----D C:\ProgramData\Skype
O43 - CFD: 14/07/2009 - 03:08:56 - [] -SH-D C:\ProgramData\Start Menu
O43 - CFD: 25/04/2014 - 20:30:01 - [] ----D C:\ProgramData\Steam
O43 - CFD: 30/07/2013 - 17:14:10 - [] ----D C:\ProgramData\Sun
O43 - CFD: 30/07/2013 - 17:04:24 - [] ----D C:\ProgramData\Temp
O43 - CFD: 14/07/2009 - 03:08:56 - [] -SH-D C:\ProgramData\Templates
O43 - CFD: 30/07/2013 - 14:48:58 - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
O43 - CFD: 30/07/2013 - 14:49:04 - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools
O43 - CFD: 30/07/2013 - 16:50:27 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe
O43 - CFD: 30/07/2013 - 16:53:51 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Master Collection CS5
O43 - CFD: 30/12/2014 - 14:04:50 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\aTube Catcher
O43 - CFD: 22/12/2014 - 20:29:37 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
O43 - CFD: 16/06/2014 - 18:39:16 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Classic Gaming Network
O43 - CFD: 30/07/2013 - 16:40:02 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CorelDRAW Graphics Suite X6 (64-Bit)
O43 - CFD: 30/07/2013 - 17:05:13 - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDVD 12
O43 - CFD: 09/05/2014 - 20:25:56 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite =>.DT Soft Ltd
O43 - CFD: 30/07/2013 - 17:15:56 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
O43 - CFD: 21/01/2015 - 15:40:27 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Flockers
O43 - CFD: 08/01/2015 - 16:37:22 - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
O43 - CFD: 17/04/2014 - 16:42:57 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
O43 - CFD: 07/09/2014 - 21:33:49 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth =>.Google Inc
O43 - CFD: 19/04/2014 - 23:33:15 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
O43 - CFD: 31/10/2014 - 05:13:21 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
O43 - CFD: 30/07/2013 - 17:10:44 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack
O43 - CFD: 14/07/2009 - 02:57:09 - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance
O43 - CFD: 17/10/2014 - 19:56:42 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
O43 - CFD: 25/04/2014 - 23:42:41 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
O43 - CFD: 28/11/2014 - 14:21:02 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
O43 - CFD: 30/07/2013 - 15:58:01 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero
O43 - CFD: 09/12/2014 - 19:03:20 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PegaJogo
O43 - CFD: 21/07/2014 - 20:14:00 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rambo The Video Game
O43 - CFD: 19/05/2014 - 20:56:18 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Show do Cristão
O43 - CFD: 30/07/2013 - 17:10:19 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
O43 - CFD: 20/04/2014 - 18:01:51 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony Picture Utility
O43 - CFD: 22/05/2014 - 18:19:55 - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
O43 - CFD: 12/04/2011 - 12:20:47 - [0] R-H-D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tablet PC
O43 - CFD: 09/05/2014 - 21:32:52 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Turtle Games
O43 - CFD: 17/07/2014 - 17:34:35 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
O43 - CFD: 13/09/2014 - 16:23:16 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Winamp
O43 - CFD: 30/07/2013 - 17:14:03 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
O43 - CFD: 21/01/2015 - 17:34:37 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZHP =>.Nicolas Coolman
O43 - CFD: 06/11/2014 - 09:31:39 - [] ----D C:\Users\User\AppData\Roaming\Adobe
O43 - CFD: 21/07/2014 - 15:56:53 - [] ----D C:\Users\User\AppData\Roaming\Adobe Mini Bridge CS5
O43 - CFD: 17/10/2014 - 21:05:14 - [] ----D C:\Users\User\AppData\Roaming\Baidu
O43 - CFD: 16/10/2014 - 21:02:01 - [0] ----D C:\Users\User\AppData\Roaming\Baidu Security
O43 - CFD: 30/07/2013 - 16:44:40 - [] ----D C:\Users\User\AppData\Roaming\Corel
O43 - CFD: 09/05/2014 - 21:32:00 - [] ----D C:\Users\User\AppData\Roaming\Crazy.Frog.Racer
O43 - CFD: 03/10/2014 - 22:32:10 - [] ----D C:\Users\User\AppData\Roaming\CyberLink
O43 - CFD: 06/01/2015 - 09:04:55 - [] ----D C:\Users\User\AppData\Roaming\DAEMON Tools Lite =>.DT Soft Ltd
O43 - CFD: 30/07/2013 - 14:51:30 - [] ----D C:\Users\User\AppData\Roaming\Identities
O43 - CFD: 30/07/2013 - 15:31:44 - [] ----D C:\Users\User\AppData\Roaming\InstallShield
O43 - CFD: 25/04/2014 - 21:12:17 - [] ----D C:\Users\User\AppData\Roaming\LastEnd Entertainment
O43 - CFD: 13/05/2014 - 18:18:28 - [] ----D C:\Users\User\AppData\Roaming\Leadertech
O43 - CFD: 26/04/2014 - 13:16:16 - [] ----D C:\Users\User\AppData\Roaming\Legacy Games
O43 - CFD: 30/07/2013 - 16:45:44 - [] ----D C:\Users\User\AppData\Roaming\Macromedia
O43 - CFD: 12/04/2011 - 12:20:47 - [0] ----D C:\Users\User\AppData\Roaming\Media Center Programs
O43 - CFD: 06/01/2015 - 22:34:32 - [] ----D C:\Users\User\AppData\Roaming\Media Player Classic
O43 - CFD: 25/11/2014 - 18:28:47 - [] -S--D C:\Users\User\AppData\Roaming\Microsoft
O43 - CFD: 17/04/2014 - 18:13:07 - [] ----D C:\Users\User\AppData\Roaming\Mozilla
O43 - CFD: 17/04/2014 - 17:13:22 - [] ----D C:\Users\User\AppData\Roaming\Nero
O43 - CFD: 21/01/2015 - 17:20:16 - [] ----D C:\Users\User\AppData\Roaming\Skype
O43 - CFD: 20/04/2014 - 18:03:31 - [] ----D C:\Users\User\AppData\Roaming\Sony Corporation
O43 - CFD: 21/07/2014 - 15:56:53 - [] ----D C:\Users\User\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
O43 - CFD: 15/12/2014 - 19:44:43 - [] ----D C:\Users\User\AppData\Roaming\Unity
O43 - CFD: 21/01/2015 - 17:33:40 - [] ----D C:\Users\User\AppData\Roaming\uTorrent =>P2P.µTorrent
O43 - CFD: 18/01/2015 - 15:50:22 - [] ----D C:\Users\User\AppData\Roaming\vlc
O43 - CFD: 22/12/2014 - 20:33:16 - [] ----D C:\Users\User\AppData\Roaming\Winamp
O43 - CFD: 30/07/2013 - 17:14:28 - [] ----D C:\Users\User\AppData\Roaming\WinRAR
O43 - CFD: 21/01/2015 - 17:35:31 - [] ----D C:\Users\User\AppData\Roaming\ZHP =>.Nicolas Coolman
O43 - CFD: 14/07/2014 - 22:46:37 - [] ----D C:\Users\User\AppData\Local\Adobe
O43 - CFD: 17/04/2014 - 16:22:32 - [] ----D C:\Users\User\AppData\Local\Apps
O43 - CFD: 21/01/2015 - 17:34:21 - [] ----D C:\Users\User\AppData\Local\CrashDumps
O43 - CFD: 30/07/2013 - 17:05:14 - [] ----D C:\Users\User\AppData\Local\CyberLink
O43 - CFD: 30/07/2013 - 14:51:19 - [] -SH-D C:\Users\User\AppData\Local\Dados de aplicativos
O43 - CFD: 17/04/2014 - 16:22:51 - [0] ----D C:\Users\User\AppData\Local\Deployment
O43 - CFD: 09/06/2014 - 11:45:58 - [0] ----D C:\Users\User\AppData\Local\Diagnostics
O43 - CFD: 21/12/2014 - 02:49:24 - [0] ----D C:\Users\User\AppData\Local\ElevatedDiagnostics
O43 - CFD: 21/01/2015 - 15:44:12 - [] ----D C:\Users\User\AppData\Local\EMU
O43 - CFD: 17/04/2014 - 17:18:23 - [] ----D C:\Users\User\AppData\Local\ESET
O43 - CFD: 28/07/2014 - 23:09:43 - [] ----D C:\Users\User\AppData\Local\Facebook
O43 - CFD: 07/09/2014 - 21:33:47 - [] ----D C:\Users\User\AppData\Local\Google
O43 - CFD: 30/07/2013 - 14:51:19 - [] -SH-D C:\Users\User\AppData\Local\Histórico
O43 - CFD: 19/04/2014 - 23:44:28 - [] ----D C:\Users\User\AppData\Local\HP
O43 - CFD: 16/05/2014 - 15:30:46 - [] ----D C:\Users\User\AppData\Local\Intel_Corporation
O43 - CFD: 17/04/2014 - 23:23:31 - [] ----D C:\Users\User\AppData\Local\Macromedia
O43 - CFD: 30/07/2013 - 17:05:21 - [] ----D C:\Users\User\AppData\Local\MediaServer
O43 - CFD: 03/10/2014 - 22:32:52 - [0] ----D C:\Users\User\AppData\Local\MediaShow
O43 - CFD: 09/10/2014 - 06:45:18 - [] ----D C:\Users\User\AppData\Local\Microsoft
O43 - CFD: 13/06/2014 - 23:22:14 - [] ----D C:\Users\User\AppData\Local\Microsoft Games
O43 - CFD: 30/07/2013 - 16:02:19 - [0] ----D C:\Users\User\AppData\Local\Microsoft Help
O43 - CFD: 30/07/2013 - 16:05:58 - [] ----D C:\Users\User\AppData\Local\Microsoft Toolkit
O43 - CFD: 17/04/2014 - 18:13:07 - [] ----D C:\Users\User\AppData\Local\Mozilla
O43 - CFD: 09/10/2014 - 06:57:11 - [] ----D C:\Users\User\AppData\Local\Nero
O43 - CFD: 09/10/2014 - 06:57:11 - [] ----D C:\Users\User\AppData\Local\Nero_AG
O43 - CFD: 30/07/2013 - 17:10:30 - [] ----D C:\Users\User\AppData\Local\Programs
O43 - CFD: 10/08/2014 - 18:23:05 - [] ----D C:\Users\User\AppData\Local\SlimWare Utilities Inc
O43 - CFD: 21/01/2015 - 17:34:23 - [] ----D C:\Users\User\AppData\Local\Temp
O43 - CFD: 30/07/2013 - 14:51:19 - [] -SH-D C:\Users\User\AppData\Local\Temporary Internet Files
O43 - CFD: 13/06/2014 - 17:34:37 - [] ----D C:\Users\User\AppData\Local\THQ
O43 - CFD: 03/01/2015 - 12:47:22 - [0] ----D C:\Users\User\AppData\Local\Ubisoft Game Launcher
O43 - CFD: 15/12/2014 - 19:34:14 - [] ----D C:\Users\User\AppData\Local\Unity
O43 - CFD: 20/05/2014 - 19:04:16 - [] ----D C:\Users\User\AppData\Local\VirtualStore
O43 - CFD: 16/10/2014 - 20:12:35 - [0] ----D C:\Users\User\AppData\Local\WMTools Downloaded Files
O43 - CFD: 14/07/2009 - 02:54:32 - [] R---D C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
O43 - CFD: 30/07/2013 - 14:51:43 - [] R---D C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
O43 - CFD: 03/01/2015 - 11:25:55 - [] ----D C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FormatFactory
O43 - CFD: 06/01/2015 - 09:07:42 - [] ----D C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
O43 - CFD: 24/12/2014 - 22:22:29 - [] ----D C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GameVicio
O43 - CFD: 14/07/2009 - 02:49:38 - [] R---D C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
O43 - CFD: 11/01/2015 - 12:39:17 - [] R---D C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
O43 - CFD: 20/05/2014 - 18:31:25 - [0] ----D C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Turtle Games
O43 - CFD: 30/07/2013 - 17:14:03 - [] ----D C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
~ Program Folder: 233 Scanned in 00mn 01s

---\\ Últimos ficheiros alterados ou criados no Windows e Sistema32 (044)
O44 - LFC:[MD5.54064CF50C394EBB0F3A2076D8AA25B4] - 18/01/2015 - 00:56:52 ---A- . (...) -- C:\Windows\PFRO.log [686]
O44 - LFC:[MD5.6E73DD74A42B0AB9D0BC6B6FCB794403] - 21/01/2015 - 14:43:18 ---A- . (...) -- C:\Windows\DirectX.log [18435]
O44 - LFC:[MD5.46EB8049B82E60D028BFCA278CF79731] - 21/01/2015 - 15:18:59 ---A- . (...) -- C:\Windows\WindowsUpdate.log [1482091]
O44 - LFC:[MD5.22986455F95980D4DB7C9B154E14D14B] - 21/01/2015 - 16:15:26 -S-A- . (...) -- C:\Windows\bootstat.dat [67584]
O44 - LFC:[MD5.D8D8664B157A7C3F2DFF0765DE74316A] - 21/01/2015 - 16:15:35 ---A- . (...) -- C:\Windows\setupact.log [3360]
O44 - LFC:[MD5.D7CC6A05EEB2A6359D2F5E304BCE552C] - 21/01/2015 - 16:22:08 ---A- . (...) -- C:\Windows\System32\PerfStringBackup.INI [1634728]
O44 - LFC:[MD5.2121DA6320664200E75129661D30CE37] - 21/01/2015 - 16:22:08 ---A- . (...) -- C:\Windows\System32\perfc009.dat [121226]
O44 - LFC:[MD5.BE06F4E84D2D42ACCB157054104A149B] - 21/01/2015 - 16:22:08 ---A- . (...) -- C:\Windows\System32\perfh009.dat [654354]
O44 - LFC:[MD5.D093B10654144BC35FEAC5B36855193E] - 21/01/2015 - 16:22:08 ---A- . (...) -- C:\Windows\System32\prfc0416.dat [146512]
O44 - LFC:[MD5.60C34315A7845377AFDE4AB784071D8F] - 21/01/2015 - 16:22:08 ---A- . (...) -- C:\Windows\System32\prfh0416.dat [705786]
~ Files: 10 Scanned in 00mn 01s

---\\ Últimos arquivos criados no Windows Prefetcher (045)
O45 - LFCP:[MD5.12EF5A852EECF33A92EC922F31B6E3F2] - 21/01/2015 - 14:37:36 ---A- - C:\Windows\Prefetch\UTORRENT.EXE-AE7008D6.pf =>P2P.µTorrent
~ Prefetcher: 1 Scanned in 00mn 00s

---\\ Negação do serviço (Local Security Authority) (048)
O48 - LSA:Local Security Authority Authentication Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\Windows\System32\msv1_0.dll
O48 - LSA:Local Security Authority Notification Packages . (.Microsoft Corporation - Mecanismo cliente do 'Editor de configuração de segurança Windows'.) -- C:\Windows\System32\scecli.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Pacote de Segurança Kerberos.) -- C:\Windows\System32\kerberos.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\Windows\System32\msv1_0.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - TLS / SSL Security Provider.) -- C:\Windows\System32\schannel.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Digest Access.) -- C:\Windows\System32\wdigest.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Web Service Security Package.) -- C:\Windows\System32\tspkg.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Pku2u Security Package.) -- C:\Windows\System32\pku2u.dll
~ LSA: 8 Scanned in 00mn 00s

---\\ Controlo do Modo de Segurança (CSB) (49)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sermouse.sys . (.Microsoft Corporation - Driver de porta de mouse serial.) -- C:\Windows\System32\Drivers\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\Windows\System32\Drivers\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vgasave.sys . (...) -- C:\Windows\System32\Drivers\vgasave.sys (.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\System32\Drivers\volmgr.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgrx.sys . (.Microsoft Corporation - Driver de Extensão do Gerenciador de Volumes.) -- C:\Windows\System32\Drivers\volmgrx.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ipnat.sys . (.Microsoft Corporation - IP Network Address Translator.) -- C:\Windows\System32\Drivers\ipnat.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\nsiproxy.sys . (.Microsoft Corporation - NSI Proxy.) -- C:\Windows\System32\Drivers\nsiproxy.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpencdd.sys . (.Microsoft Corporation - RDP Encoder Miniport.) -- C:\Windows\System32\Drivers\rdpencdd.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sermouse.sys . (.Microsoft Corporation - Driver de porta de mouse serial.) -- C:\Windows\System32\Drivers\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\Windows\System32\Drivers\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vgasave.sys . (...) -- C:\Windows\System32\Drivers\vgasave.sys (.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\System32\Drivers\volmgr.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgrx.sys . (.Microsoft Corporation - Driver de Extensão do Gerenciador de Volumes.) -- C:\Windows\System32\Drivers\volmgrx.sys
~ CSB: 13 Scanned in 00mn 00s

---\\ Pesquisa de infeções nos drivers (HKLM)(TDSD) (O52)
O52 - TDSD: \Drivers32\"msacm.l3acm"="C:\Windows\System32\l3codeca.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm
O52 - TDSD: \drivers.desc\"C:\Windows\System32\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm
~ TDSD: 2 Scanned in 00mn 00s

---\\ Enumeração das chaves do registo SecurityProviders (MCSP) (O54)
O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\Windows\System32\credssp.dll
O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\Windows\System32\credssp.dll
~ MSCP: 2 Scanned in 00mn 00s

---\\ Enumeração das chaves do registo PoliciesSystem (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorAdmin"=0
O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorUser"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableInstallerDetection"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableSecureUIAPaths"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableVirtualization"=1
O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=1
O55 - MWPS:[HKLM\...\Policies\System] - "ValidateAdminCodeSignatures"=0
O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"=0
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"=0
O55 - MWPS:[HKLM\...\Policies\System] - "scforceoption"=0
O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1
O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
O55 - MWPS:[HKLM\...\Policies\System] - "DisableRegistryTools"=0
~ MWPS: 17 Scanned in 00mn 00s

---\\ Enumeração das chaves do registo PoliciesExplorer (MWPE) (O56)
O56 - MWPE:[HKCU\...\policies\Explorer] - "NoDrives"=0
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoDrives"=0
~ MWPE Keys: 2 Scanned in 00mn 00s

---\\ Lista dos drivers do sistema (SDL) (O58)
O58 - SDL:13/07/2009 - 22:52:21 ---A- . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) -- C:\Windows\System32\Drivers\adp94xx.sys [491088]
O58 - SDL:13/07/2009 - 22:52:21 ---A- . (.Adaptec, Inc. - Adaptec Windows SATA Storport Driver.) -- C:\Windows\System32\Drivers\adpahci.sys [339536]
O58 - SDL:13/07/2009 - 22:52:21 ---A- . (.Adaptec, Inc. - Adaptec StorPort Ultra320 SCSI Driver (X64).) -- C:\Windows\System32\Drivers\adpu320.sys [182864]
O58 - SDL:13/07/2009 - 22:52:21 ---A- . (.Acer Laboratories Inc. - ALi mini IDE Driver.) -- C:\Windows\System32\Drivers\aliide.sys [15440]
O58 - SDL:21/11/2010 - 00:23:47 ---A- . (.Advanced Micro Devices - AHCI 1.2 Device Driver.) -- C:\Windows\System32\Drivers\amdsata.sys [107904]
O58 - SDL:13/07/2009 - 22:52:20 ---A- . (.AMD Technologies Inc. - AMD Technology AHCI Compatible Controller Driver for Windows -.) -- C:\Windows\System32\Drivers\amdsbs.sys [194128]
O58 - SDL:21/11/2010 - 00:23:47 ---A- . (.Advanced Micro Devices - Storage Filter Driver.) -- C:\Windows\System32\Drivers\amdxata.sys [27008]
O58 - SDL:13/07/2009 - 22:52:21 ---A- . (.Adaptec, Inc. - Adaptec RAID Storport Driver.) -- C:\Windows\System32\Drivers\arc.sys [87632]
O58 - SDL:13/07/2009 - 22:52:21 ---A- . (.Adaptec, Inc. - Adaptec SAS RAID WS03 Driver.) -- C:\Windows\System32\Drivers\arcsas.sys [97856]
O58 - SDL:10/06/2009 - 17:34:23 ---A- . (.Broadcom Corporation - Broadcom NetXtreme Gigabit Ethernet NDIS6.x Unified Driver..) -- C:\Windows\System32\Drivers\b57nd60a.sys [270848]
O58 - SDL:10/06/2009 - 17:41:06 ---A- . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver.) -- C:\Windows\System32\Drivers\BrFiltLo.sys [18432]
O58 - SDL:10/06/2009 - 17:41:06 ---A- . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver.) -- C:\Windows\System32\Drivers\BrFiltUp.sys [8704]
O58 - SDL:13/07/2009 - 22:19:07 ---A- . (.Brother Industries Ltd. - Brother Serial I/F Driver (WDM).) -- C:\Windows\System32\Drivers\BrSerId.sys [286720]
O58 - SDL:10/06/2009 - 17:41:10 ---A- . (.Brother Industries Ltd. - Brother Serial driver (WDM version).) -- C:\Windows\System32\Drivers\BrSerWdm.sys [47104]
O58 - SDL:10/06/2009 - 17:41:10 ---A- . (.Brother Industries Ltd. - Brother USB MDM Driver.) -- C:\Windows\System32\Drivers\BrUsbMdm.sys [14976]
O58 - SDL:10/06/2009 - 17:41:10 ---A- . (.Brother Industries Ltd. - Brother USB Serial Driver.) -- C:\Windows\System32\Drivers\BrUsbSer.sys [14720]
O58 - SDL:10/06/2009 - 17:34:28 ---A- . (.Broadcom Corporation - Broadcom NetXtreme II GigE VBD.) -- C:\Windows\System32\Drivers\bxvbda.sys [468480]
O58 - SDL:13/07/2009 - 22:52:31 ---A- . (.CMD Technology, Inc. - CMD PCI IDE Bus Driver.) -- C:\Windows\System32\Drivers\cmdide.sys [17488]
O58 - SDL:09/05/2014 - 20:19:41 ---A- . (.Disc Soft Ltd - DAEMON Tools Virtual Bus Driver.) -- C:\Windows\System32\Drivers\dtsoftbus01.sys [283064]
O58 - SDL:09/08/2011 - 14:24:52 ---A- . (.ESET - Amon monitor.) -- C:\Windows\System32\Drivers\eamonm.sys [202576]
O58 - SDL:04/08/2011 - 09:20:38 ---A- . (.ESET - ESET Helper driver.) -- C:\Windows\System32\Drivers\ehdrv.sys [146432]
O58 - SDL:13/07/2009 - 22:47:48 ---A- . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\System32\Drivers\elxstor.sys [530496]
O58 - SDL:04/08/2011 - 09:20:38 ---A- . (.ESET - ESET Personal Firewall driver.) -- C:\Windows\System32\Drivers\epfwwfpr.sys [137144]
O58 - SDL:10/06/2009 - 17:34:33 ---A- . (.Broadcom Corporation - Broadcom NetXtreme II 10 GigE VBD.) -- C:\Windows\System32\Drivers\evbda.sys [3286016]
O58 - SDL:10/06/2009 - 17:31:59 ---A- . (.Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for eHome.) -- C:\Windows\System32\Drivers\hcw85cir.sys [31232]
O58 - SDL:02/07/2012 - 10:16:02 ---A- . (.Intel Corporation - Intel(R) Management Engine Interface.) -- C:\Windows\System32\Drivers\HECIx64.sys [62784]
O58 - SDL:21/11/2010 - 00:23:47 ---A- . (.Hewlett-Packard Company - Smart Array SAS/SATA Controller Media Driver.) -- C:\Windows\System32\Drivers\HpSAMD.sys [78720]
O58 - SDL:21/11/2010 - 00:23:47 ---A- . (.Intel Corporation - Intel Matrix Storage Manager driver - x64.) -- C:\Windows\System32\Drivers\iaStorV.sys [410496]
O58 - SDL:22/01/2014 - 14:51:26 ---A- . (.Intel Corporation - Intel Graphics Kernel Mode Driver.) -- C:\Windows\System32\Drivers\igdkmd64.sys [4221440]
O58 - SDL:13/07/2009 - 22:48:04 ---A- . (.Intel Corp./ICP vortex GmbH - Intel/ICP Raid Storport Driver.) -- C:\Windows\System32\Drivers\iirsp.sys [44112]
O58 - SDL:09/02/2012 - 05:24:16 ---A- . (.No owner - ISCT and IFFS Driver.) -- C:\Windows\System32\Drivers\ISCTD64.sys [44992]
O58 - SDL:26/04/2013 - 10:24:58 ---A- . (.Intel Corporation - Intel(R) USB 3.0 Host Controller Switch Driver.) -- C:\Windows\System32\Drivers\iusb3hcs.sys [20464]
O58 - SDL:26/04/2013 - 10:24:56 ---A- . (.Intel Corporation - Intel(R) USB 3.0 Hub Driver.) -- C:\Windows\System32\Drivers\iusb3hub.sys [368112]
O58 - SDL:26/04/2013 - 10:24:56 ---A- . (.Intel Corporation - Intel(R) USB 3.0 eXtensible Host Controller Driver.) -- C:\Windows\System32\Drivers\iusb3xhc.sys [786416]
O58 - SDL:13/07/2009 - 22:48:04 ---A- . (.LSI Corporation - LSI Fusion-MPT FC Driver (StorPort).) -- C:\Windows\System32\Drivers\lsi_fc.sys [114752]
O58 - SDL:13/07/2009 - 22:48:04 ---A- . (.LSI Corporation - LSI Fusion-MPT SAS Driver (StorPort).) -- C:\Windows\System32\Drivers\lsi_sas.sys [106560]
O58 - SDL:13/07/2009 - 22:48:04 ---A- . (.LSI Corporation - LSI SAS Gen2 Driver (StorPort).) -- C:\Windows\System32\Drivers\lsi_sas2.sys [65600]
O58 - SDL:13/07/2009 - 22:48:04 ---A- . (.LSI Corporation - LSI Fusion-MPT SCSI Driver (StorPort).) -- C:\Windows\System32\Drivers\lsi_scsi.sys [115776]
O58 - SDL:01/10/2014 - 11:11:12 ---A- . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Windows\System32\Drivers\mbam.sys [25816]
O58 - SDL:01/10/2014 - 11:11:16 ---A- . (.Malwarebytes Corporation - Malwarebytes Chameleon Protection Driver.) -- C:\Windows\System32\Drivers\mbamchameleon.sys [93400]
O58 - SDL:22/12/2014 - 18:14:44 ---A- . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Windows\System32\Drivers\MBAMSwissArmy.sys [129752]
O58 - SDL:13/07/2009 - 22:48:04 ---A- . (.LSI Corporation - MEGASAS RAID Controller Driver for Windows 7\Server 2008 R2 for.) -- C:\Windows\System32\Drivers\megasas.sys [35392]
O58 - SDL:13/07/2009 - 22:48:04 ---A- . (.LSI Corporation, Inc. - LSI MegaRAID Software RAID Driver.) -- C:\Windows\System32\Drivers\MegaSR.sys [284736]
O58 - SDL:01/10/2014 - 11:11:26 ---A- . (.Malwarebytes Corporation - Malwarebytes Web Access Control.) -- C:\Windows\System32\Drivers\mwac.sys [63704]
O58 - SDL:13/07/2009 - 22:48:26 ---A- . (.IBM Corporation - IBM ServeRAID Controller Driver.) -- C:\Windows\System32\Drivers\nfrd960.sys [51264]
O58 - SDL:21/11/2010 - 00:23:47 ---A- . (.NVIDIA Corporation - NVIDIA® nForce(TM) RAID Driver.) -- C:\Windows\System32\Drivers\nvraid.sys [148352]
O58 - SDL:21/11/2010 - 00:23:47 ---A- . (.NVIDIA Corporation - NVIDIA® nForce(TM) Sata Performance Driver.) -- C:\Windows\System32\Drivers\nvstor.sys [166272]
O58 - SDL:04/03/2011 - 16:44:12 ----- . (.Sonic Solutions - Px Engine Device Driver for 64-bit Windows.) -- C:\Windows\System32\Drivers\PxHlpa64.sys [55856]
O58 - SDL:13/07/2009 - 22:45:46 ---A- . (.QLogic Corporation - QLogic Fibre Channel Stor Miniport Driver.) -- C:\Windows\System32\Drivers\ql2300.sys [1524816]
O58 - SDL:13/07/2009 - 22:45:45 ---A- . (.QLogic Corporation - QLogic iSCSI Storport Miniport Driver.) -- C:\Windows\System32\Drivers\ql40xx.sys [128592]
O58 - SDL:29/12/2010 - 03:45:54 ---A- . (.Realtek - Realtek 8136/8168/8169 NDIS 6.20 64-bit Driver.) -- C:\Windows\System32\Drivers\Rt64win7.sys [412776]
O58 - SDL:23/05/2012 - 10:53:16 ---A- . (.Realtek Semiconductor Corporation - Realtek 10/100/1000 X64 Driver.) -- C:\Windows\System32\Drivers\Rtenic64.sys [438928]
O58 - SDL:22/10/2013 - 09:38:24 ---A- . (.Realtek Semiconductor Corp. - Realtek(r) High Definition Audio Function Driver.) -- C:\Windows\System32\Drivers\RTKVHD64.sys [3692632]
O58 - SDL:10/06/2009 - 17:37:19 ---A- . (.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) -- C:\Windows\System32\Drivers\secdrv.sys [23040]
O58 - SDL:13/07/2009 - 22:45:45 ---A- . (.Silicon Integrated Systems Corp. - SiS RAID Stor Miniport Driver.) -- C:\Windows\System32\Drivers\sisraid2.sys [43584]
O58 - SDL:13/07/2009 - 22:45:46 ---A- . (.Silicon Integrated Systems - SiS AHCI Stor-Miniport Driver.) -- C:\Windows\System32\Drivers\sisraid4.sys [80464]
O58 - SDL:09/05/2014 - 19:19:10 ---A- . (.Duplex Secure Ltd. - SCSI Pass Through Direct Host.) -- C:\Windows\System32\Drivers\sptd.sys [386680]
O58 - SDL:13/07/2009 - 22:45:55 ---A- . (.Promise Technology - Promise SuperTrak EX Series Driver for Windows.) -- C:\Windows\System32\Drivers\stexstor.sys [24656]
O58 - SDL:11/08/2014 - 17:29:17 ---A- . (...) -- C:\Windows\System32\Drivers\SWDUMon.sys [16152]
O58 - SDL:16/09/2013 - 12:17:42 ---A- . (.Intel Corporation - Intel(R) Management Engine Interface.) -- C:\Windows\System32\Drivers\TeeDriverx64.sys [99288]
O58 - SDL:13/07/2009 - 22:45:55 ---A- . (.VIA Technologies, Inc. - VIA Generic PCI IDE Bus Driver.) -- C:\Windows\System32\Drivers\viaide.sys [17488]
O58 - SDL:13/07/2009 - 22:45:55 ---A- . (.VIA Technologies Inc.,Ltd - VIA RAID DRIVER FOR AMD-X86-64.) -- C:\Windows\System32\Drivers\vsmraid.sys [161872]
O58 - SDL:22/08/2012 - 02:54:10 ---A- . (...) -- C:\Windows\SysWOW64\drivers\AsIO.sys [15232]
~ Drivers: 63 Scanned in 00mn 11s

---\\ Últimos ficheiros alterados ou criados (Utilizador) (061)
O61 - LFC: 16/01/2015 - 17:36:05 ---A- . (...) -- C:\Users\User\Documents\KONAMI\Pro Evolution Soccer 2009\save\PES2009_ML03.bin [3740872]
O61 - LFC: 16/01/2015 - 17:36:05 ---A- . (.BitTorrent Inc..) -- C:\Users\User\AppData\Roaming\uTorrent\uTorrent.exe [1374032] =>P2P.BitTorrent
O61 - LFC: 16/01/2015 - 17:36:05 ---A- . (.BitTorrent Inc..) -- C:\Users\User\AppData\Roaming\uTorrent\updates\3.4.2_37754.exe [1374032] =>P2P.BitTorrent
O61 - LFC: 19/01/2015 - 17:36:05 ---A- . (...) -- C:\Users\User\Documents\KONAMI\Pro Evolution Soccer 2009\save\PES2009_ML01.bin [3740872]
O61 - LFC: 21/01/2015 - 17:36:05 ---A- . (...) -- C:\Users\User\Documents\KONAMI\Pro Evolution Soccer 2009\save\PES2009_OPTION01.bin [45640]
O61 - LFC: 21/01/2015 - 17:36:05 ---A- . (.Nicolas Coolman.) -- C:\Users\User\Downloads\ZHPDiag2(1).exe [6865579] =>.Nicolas Coolman
~ 28 Fichiers temporaires (Temporary files)
~ 176 Fichiers cookies (Cookies files)
~ Files: 6 Scanned in 00mn 12s

---\\ Lista das ferramentas de remoção de vírus (LAT) (063)
O63 - Logiciel: ZHPDiag 2015 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =>.Nicolas Coolman
~ ADS: Scanned in 00mn 00s

---\\ Lista dos serviços Legacy du registo (064)
O64 - Services: CurCS - 22/08/2012 - C:\Windows\Syswow64\drivers\AsIO.sys (AsIO) .(...) - LEGACY_ASIO
O64 - Services: CurCS - 09/08/2011 - C:\Windows\System32\DRIVERS\eamonm.sys (eamonm) .(.ESET - Amon monitor.) - LEGACY_EAMONM
O64 - Services: CurCS - 04/08/2011 - C:\Windows\System32\DRIVERS\ehdrv.sys (ehdrv) .(.ESET - ESET Helper driver.) - LEGACY_EHDRV
O64 - Services: CurCS - 04/08/2011 - C:\Windows\System32\DRIVERS\epfwwfpr.sys (epfwwfpr) .(.ESET - ESET Personal Firewall driver.) - LEGACY_EPFWWFPR
O64 - Services: CurCS - 27/10/2011 - C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMP\CLHNServer\ntk_PowerDVD12_64.sys (ntk_PowerDVD12) .(.Cyberlink Corp. - NTIPPKernel Driver.) - LEGACY_NTK_POWERDVD12
O64 - Services: CurCS - 10/06/2009 - C:\Windows\System32\Drivers\secdrv.sys (secdrv) .(.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) - LEGACY_SECDRV
O64 - Services: CurCS - 09/05/2014 - C:\Windows\system32\Drivers\sptd.sys (sptd) .(.Duplex Secure Ltd. - SCSI Pass Through Direct Host.) - LEGACY_SPTD
O64 - Services: CurCS - 11/01/2012 - C:\Program Files (x86)\CyberLink\PowerDVD12\Common\NavFilter\000.fcl ({329F96B6-DF1E-4328-BFDA-39EA953C1312}) .(.CyberLink Corp. - No Comment.) - LEGACY_{329F96B6-DF1E-4328-BFDA-39EA953C1312}
~ Legacy: 85 Scanned in 00mn 00s

---\\ Associações Shell Spawning (O67)
O67 - Shell Spawning: <.bat> <batfile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.cpl> <cplfile>[HKLM\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe =>.Microsoft Corporation
O67 - Shell Spawning: <.cmd> <cmdfile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.com> <ComFile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.evt> <evtfile>[HKLM\..\open\Command] (.Microsoft Corporation - Iniciador do snap-in de 'Visualizar eventos'.) -- C:\Windows\System32\eventvwr.exe
O67 - Shell Spawning: <.exe> <exefile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.html> <htmlfile>[HKLM\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O67 - Shell Spawning: <.js> <JSFile>[HKLM\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\WScript.exe
O67 - Shell Spawning: <.reg> <regfile>[HKLM\..\open\Command] (.Microsoft Corporation - Editor do Registro.) -- C:\Windows\regedit.exe
O67 - Shell Spawning: <.scr> <scrfile>[HKLM\..\open\Command] (...) -- "%1" /S
O67 - Shell Spawning: <.html> <FirefoxHTML>[HKCU\..\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
~ FASS Keys: 11 Scanned in 00mn 00s

---\\ Menu de inicialização Internet (068)
O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
O68 - StartMenuInternet: <Google Chrome> <Google Chrome>[HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\program files (x86)\Internet Explorer\iexplore.exe
~ Keys: Scanned in 00mn 00s

---\\ Pesquisa de infeção nos navegadores da Internet (SBI) (069)
O69 - SBI: SearchScopes [HKCU] {515B43BD-FDC0-4254-9A5C-48D24C4261F7} [DefaultScope] - (Ask Search) - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O69 - SBI: SearchScopes [HKCU] {67C334C0-408D-4E6D-B5A7-0ADD6AFFA252} - (Google) - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
~ Keys: Scanned in 00mn 00s

---\\ Listagem dos serviços iniciados pelo Svchost (SSS) (O83)
O83 - Search Svchost Services: AeLookupSvc (AeLookupSvc) . (.Microsoft Corporation - Serviço de Experiência com Aplicativo.) -- C:\Windows\System32\aelupsvc.dll [72192]
O83 - Search Svchost Services: CertPropSvc (CertPropSvc) . (.Microsoft Corporation - Serviço de Propagação de Certificado de Cartão Inteligente da Microsof.) -- C:\Windows\System32\certprop.dll [80384]
O83 - Search Svchost Services: SCPolicySvc (SCPolicySvc) . (.Microsoft Corporation - Serviço de Propagação de Certificado de Cartão Inteligente da Microsof.) -- C:\Windows\System32\certprop.dll [80384]
O83 - Search Svchost Services: lanmanserver (lanmanserver) . (.Microsoft Corporation - DLL de Serviço do Servidor.) -- C:\Windows\System32\srvsvc.dll [236032]
O83 - Search Svchost Services: gpsvc (gpsvc) . (.Microsoft Corporation - Cliente da Diretiva de Grupo.) -- C:\Windows\System32\gpsvc.dll [777728]
O83 - Search Svchost Services: IKEEXT (IKEEXT) . (.Microsoft Corporation - Extensão IKE.) -- C:\Windows\System32\ikeext.dll [853504]
O83 - Search Svchost Services: AudioSrv (AudioSrv) . (.Microsoft Corporation - Serviço de Áudio do Windows.) -- C:\Windows\System32\Audiosrv.dll [679424]
O83 - Search Svchost Services: Rasauto (Rasauto) . (.Microsoft Corporation - Gerenciador de Discagem Automática de Acesso Remoto.) -- C:\Windows\System32\rasauto.dll [99328]
O83 - Search Svchost Services: Rasman (Rasman) . (.Microsoft Corporation - Gerenciador de conexão de acesso remoto.) -- C:\Windows\System32\rasmans.dll [344064]
O83 - Search Svchost Services: Remoteaccess (Remoteaccess) . (.Microsoft Corporation - Gerenciador de Interface Dinâmica.) -- C:\Windows\System32\mprdim.dll [97792]
O83 - Search Svchost Services: SENS (SENS) . (.Microsoft Corporation - Serviço de Notificação de Eventos do Sistema (SENS).) -- C:\Windows\System32\sens.dll [64512]
O83 - Search Svchost Services: Sharedaccess (Sharedaccess) . (.Microsoft Corporation - Componentes do Microsoft NAT Helper.) -- C:\Windows\System32\ipnathlp.dll [359424]
O83 - Search Svchost Services: Tapisrv (Tapisrv) . (.Microsoft Corporation - Servidor de telefonia do Microsoft(R) Windows(TM).) -- C:\Windows\System32\tapisrv.dll [316928]
O83 - Search Svchost Services: TermService (TermService) . (.Microsoft Corporation - Gerenciador de Conexões Remotas do Servidor Host da Sessão da Área de.) -- C:\Windows\System32\termsrv.dll [680960]
O83 - Search Svchost Services: wuauserv (wuauserv) . (.Microsoft Corporation - Windows Update Agent.) -- C:\Windows\System32\wuaueng.dll [2420736]
O83 - Search Svchost Services: BITS (BITS) . (.Microsoft Corporation - Serviço de transferência inteligente de plano de fundo.) -- C:\Windows\System32\qmgr.dll [849920]
O83 - Search Svchost Services: ShellHWDetection (ShellHWDetection) . (.Microsoft Corporation - DLL de serviços do Shell do Windows.) -- C:\Windows\System32\shsvcs.dll [370688]
O83 - Search Svchost Services: iphlpsvc (iphlpsvc) . (.Microsoft Corporation - Serviço que oferece conectividade IPv6 em uma rede IPv4..) -- C:\Windows\System32\iphlpsvc.dll [569344]
O83 - Search Svchost Services: seclogon (seclogon) . (.Microsoft Corporation - DLL de serviço de logon secundário.) -- C:\Windows\system32\seclogon.dll [30720]
O83 - Search Svchost Services: AppInfo (AppInfo) . (.Microsoft Corporation - Serviço de Informações de Aplicativos.) -- C:\Windows\System32\appinfo.dll [70656]
O83 - Search Svchost Services: msiscsi (msiscsi) . (.Microsoft Corporation - Serviço de Descoberta iSCSI.) -- C:\Windows\System32\iscsiexe.dll [156672]
O83 - Search Svchost Services: MMCSS (MMCSS) . (.Microsoft Corporation - Serviço Agendador de Classes de Multimídia.) -- C:\Windows\System32\mmcss.dll [67584]
O83 - Search Svchost Services: winmgmt (winmgmt) . (.Microsoft Corporation - WMI.) -- C:\Windows\System32\wbem\WMIsvc.dll [242688]
O83 - Search Svchost Services: SessionEnv (SessionEnv) . (.Microsoft Corporation - Serviço de Configuração da Área de Trabalho Remota.) -- C:\Windows\System32\sessenv.dll [121856]
O83 - Search Svchost Services: browser (browser) . (.Microsoft Corporation - DLL de Serviço Pesquisador de Computadores.) -- C:\Windows\System32\browser.dll [136192]
O83 - Search Svchost Services: EapHost (EapHost) . (.Microsoft Corporation - Serviço Microsoft EAPHost.) -- C:\Windows\System32\eapsvc.dll [111104]
O83 - Search Svchost Services: schedule (schedule) . (.Microsoft Corporation - Serviço Agendador de Tarefas.) -- C:\Windows\System32\schedsvc.dll [1110016]
O83 - Search Svchost Services: hkmsvc (hkmsvc) . (.Microsoft Corporation - Serviço de Gerenciamento de Chaves.) -- C:\Windows\System32\kmsvc.dll [90624]
O83 - Search Svchost Services: wercplsupport (wercplsupport) . (.Microsoft Corporation - Relatórios de Problemas e Soluções.) -- C:\Windows\System32\wercplsupport.dll [84480]
O83 - Search Svchost Services: ProfSvc (ProfSvc) . (.Microsoft Corporation - ProfSvc.) -- C:\Windows\System32\profsvc.dll [209920]
O83 - Search Svchost Services: Themes (Themes) . (.Microsoft Corporation - DLL do Serviço de Tema do Shell do Windows.) -- C:\Windows\System32\themeservice.dll [44544]
O83 - Search Svchost Services: BDESVC (BDESVC) . (.Microsoft Corporation - Serviço BDE.) -- C:\Windows\System32\bdesvc.dll [100864]
O83 - Search Svchost Services: AppMgmt (AppMgmt) . (.Microsoft Corporation - Serviço de instalação do software.) -- C:\Windows\System32\appmgmts.dll [193536]
~ Services: 33 Scanned in 00mn 00s

---\\ Lista das exceções do FireWall (FirewallRules) (O87)
O87 - FAEL: "{696A3883-7A61-4043-9E56-151A164AE90C}" | In - None - P6 - TRUE | .(.BitTorrent Inc. - µTorrent.) -- C:\Users\User\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.BitTorrent
O87 - FAEL: "{2AEBD62D-9BB2-4E41-A257-1D05A6D7E9B2}" | In - None - P17 - TRUE | .(.BitTorrent Inc. - µTorrent.) -- C:\Users\User\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.BitTorrent
~ Firewall: 2 Scanned in 00mn 01s

---\\ Search Tracing Registry Key (O100)
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\582-uTorrent_RASAPI32 =>P2P.µTorrent
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\582-uTorrent_RASMANCS =>P2P.µTorrent
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\uTorrent_RASAPI32 =>P2P.µTorrent
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\uTorrent_RASMANCS =>P2P.µTorrent
~ BTK: 459 Scanned in 00mn 00s

---\\ Estado general dos serviços não Microsoft (EGS) (SR=Executados, SS=Parados)
SS - | Demand 14/01/2015 267440 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
SS - | Demand 29/01/2014 279024 | (cphs) . (.Intel Corporation.) - C:\Windows\SysWow64\IntelCpHeciSvc.exe
SS - | Auto 17/04/2014 116648 | (gupdate) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 17/04/2014 116648 | (gupdatem) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 27/08/2013 828376 | (Intel(R) Capability Licensing Service TCP IP Interface) . (.Intel(R) Corporation.) - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
SS - | Demand 17/01/2015 114800 | (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
SS - | Auto 28/02/2013 161384 | (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files (x86)\Skype\Updater\Updater.exe
SS - | Demand 19/02/2010 517096 | (SwitchBoard) . (.Adobe Systems Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
SR - | Auto 19/12/2014 81088 | (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
SR - | Auto 29/10/2012 927232 | (asComSvc) . (...) - C:\Program Files (x86)\ASUS\AXSP\1.01.01\atkexComSvc.exe
SR - | Auto 12/01/2012 87336 | (CLHNServiceForPowerDVD12) . (.CyberLink Corp..) - C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMP\CLHNServer\CLHNServiceForPowerDVD12.exe
SR - | Auto 12/01/2012 75048 | (CyberLink PowerDVD 12 Media Server Monitor Service) . (.CyberLink.) - C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe
SR - | Auto 12/01/2012 296232 | (CyberLink PowerDVD 12 Media Server Service) . (.CyberLink.) - C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe
SR - | Auto 22/09/2011 974944 | (ekrn) . (.ESET.) - C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
SR - | Auto 27/08/2013 747520 | (Intel(R) Capability Licensing Service Interface) . (.Intel(R) Corporation.) - C:\Program Files\Intel\iCLS Client\HeciServer.exe
SR - | Auto 16/09/2013 169432 | (jhi_service) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
SR - | Auto 16/09/2013 390616 | (LMS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
SR - | Auto 30/11/2010 336824 | (PSI_SVC_2_x64) . (.arvato digital services llc.) - c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
SR - | Auto 13/07/2009 27136 | C:\Program Files (x86)\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SR - | Demand 10/07/1658 0 | (WMPNetworkSvc) . (...) - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe =>.Microsoft Corporation
SR - | Auto 13/07/2009 27136 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SR - | Auto 11/01/2012 146928 | ({329F96B6-DF1E-4328-BFDA-39EA953C1312}) . (.CyberLink Corp..) - C:\Program Files (x86)\CyberLink\PowerDVD12\Common\NavFilter\000.fcl
~ Services: Scanned in 00mn 06s

---\\ Pesquisa de infeção no Registo Mestre de Inicialização (MBR) (080)
Run by User at 21/01/2015 17:38:37
~ OS 64 not supported by MBR tool
~ MBR: 0 Scanned in 00mn 00s

---\\ Pesquisa de infeção no Registo Mestre de Inicialização (MBRCheck) (080)
Written by ad13, [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Run by User at 21/01/2015 17:38:39
********* Dump file Name *********
C:\PhysicalDisk0_MBR.bin
~ MBR: Scanned in 00mn 02s

---\\ Lista dos emuladores de CD/DVD (MBR Hook)
O58 - SDL:09/05/2014 - 19:19:10 ---A- . (.Duplex Secure Ltd. - SCSI Pass Through Direct Host.) -- C:\Windows\System32\Drivers\sptd.sys [386680]
O42 - Logiciel: DAEMON Tools Lite - (.Disc Soft Ltd.) [HKLM][64Bits] -- DAEMON Tools Lite =>.DT Soft Ltd
~ Emulateurs: Scanned in 00mn 02s

---\\ Scâner Aditional (088)
Database Version : 13008 - (18/01/2015)
Clés trouvées (Keys found) : 1
Valeurs trouvées (Values found) : 2
Dossiers trouvés (Folders found) : 1
Fichiers trouvés (Files found) : 2

[HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\uTorrent] =>P2P.BitTorrent^
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]:uTorrent =>P2P.BitTorrent^
C:\Users\User\AppData\Roaming\uTorrent =>P2P.µTorrent^
C:\Users\User\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.BitTorrent^
[HKCU\Software\BitTorrent] =>P2P.BitTorrent^
~ Additionnel Scan: 417687 Items scanned in 00mn 11s

---\\ Informações complémentaires do módulos
~ [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>.Internet Explorer, Gestão do Proxy (R5)
~ [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>.Browser Helper Objects do navegador (02)
~ [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>.Aplicações iniciadas por registo & pastas (04)
~ AMI: 3 Scanned in 00mn 00s

End of the scan (1319 lines in 03mn 38s)(0)

por **caedurodrigues** Qua 21 Jan 2015, 23:09

Boa noite kipper,

Execute este script na ferramenta ZHPFix.
Copie estas informações que estão em vermelho para o Bloco de notas.
Com o Bloco de notas aberto, faça: ctrl+a >> ctrl+c.
À seguir, minimize o Bloco de notas.

Script ZHPFix
FirewallRaz
EmptyPrefetch
EmptyTemp
EmptyFlash
Hiddenfix
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
[HKCU\Software\Baidu Security]
[HKCU\Software\Baixaki]
[HKLM\Software\Baidu Security]
[HKLM\Software\Wow6432Node\Baidu Security]
[HKLM\Software\Wow6432Node\Baidu_Drp_pos]
[HKLM\Software\Wow6432Node\baidu]
O43 - CFD: 18/10/2014 - 14:36:28 - [] ----D C:\ProgramData\baidu
O43 - CFD: 17/10/2014 - 20:02:20 - [] ----D C:\ProgramData\Baidu Antivirus
O43 - CFD: 25/10/2014 - 06:46:34 - [0] ----D C:\ProgramData\Baidu Security
O43 - CFD: 17/10/2014 - 21:05:14 - [] ----D C:\Users\User\AppData\Roaming\Baidu
O43 - CFD: 16/10/2014 - 21:02:01 - [0] ----D C:\Users\User\AppData\Roaming\Baidu Security
O69 - SBI: SearchScopes [HKCU] {515B43BD-FDC0-4254-9A5C-48D24C4261F7} [DefaultScope] - (Ask Search) - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Proxyfix
sysrestore
Abra a ferramenta ZHPFix. <[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]>
Clique em IMPORTAÇÃO > OK
Clique "GO".
Poste o Relatório!

Um grande abraço.

[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
< Peço aos visitantes que não utilizem este script em outros computadores,sob risco de danos irreparáveis aos mesmos! >

por kipper Qui 22 Jan 2015, 19:56

Rapport de ZHPFix 2015.1.15.1 par Nicolas Coolman, Update du 15/01/2015
Fichier d'export Registre :
Run by User at 22/01/2015 19:47:26
High Elevated Privileges : OK
Windows Vista Ultimate Edition, 64-bit (Build 6000)

Reciclagem vazia (08mn 03s)
Prefetcher vazio

========== Chaves do Registo ==========
ELIMINÉ: HKCU\Software\Baidu Security
ELIMINÉ: HKCU\Software\Baixaki
ELIMINÉ:* HKLM\Software\Baidu Security
ELIMINÉ: HKLM\Software\Wow6432Node\Baidu_Drp_pos
ELIMINÉ: HKLM\Software\Wow6432Node\baidu
ELIMINÉ: SearchScopes :{515B43BD-FDC0-4254-9A5C-48D24C4261F7}

========== Valores do Registo ==========
Ausente Valor Perfil Padrão: FirewallRaz :
Ausente Valor Perfil Domínio FirewallRaz :
ELIMINÉ: FirewallRaz (Private) : {3C93F5A2-F753-4E92-B3A0-BFB5B518517C}
ELIMINÉ: FirewallRaz (Private) : {07FFC9C9-BD28-4EA2-917A-5B03F90B54BB}
ELIMINÉ: FirewallRaz (Private) : {5D5E1F58-CD2D-4BDA-B6B2-93FE607ED827}
ELIMINÉ: FirewallRaz (Private) : {C4084789-9FB3-4991-B039-4E3D7E56652C}
ProxyFix : Configuração proxy removida com sucesso
ELIMINÉ ProxyServer Value
ELIMINÉ ProxyEnable Value
ELIMINÉ EnableHttp1_1 Value
ELIMINÉ ProxyHttp1.1 Value
ELIMINÉ ProxyOverride Value

========== Elementos dos dados do Registo ==========
ELIMINÉ: R0 - Main,Start Page = KCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page

========== Pastas ==========
ELIMINÉ Temporários windows (49)
ELIMINÉ Flash Cookies (0)
ELIMINÉ: C:\ProgramData\baidu
ELIMINÉ: C:\ProgramData\Baidu Antivirus
ELIMINÉ: C:\ProgramData\Baidu Security
ELIMINÉ: C:\Users\User\AppData\Roaming\Baidu
ELIMINÉ: C:\Users\User\AppData\Roaming\Baidu Security

========== Ficheiros ==========
ELIMINÉ Temporários windows (30) (4.559.637 octets)
ELIMINÉ Flash Cookies (0) (0 octets)

========== Pastas/Ficheiros ocultos restaurados ==========
Mes images (My Pictures) : 1 restaurados com sucesso
Ma musique (My Music) : 1 restaurados com sucesso
Ma Video (My Video) : 1 restaurados com sucesso
Mes Favoris (My Favorites) : 3 restaurados com sucesso
Mes Documents (My Documents) : 6 restaurados com sucesso
Mon Bureau (My Desktop) : 30 restaurados com sucesso
Menu demarrer (Programs) : 10 restaurados com sucesso
Dossier utilisateur (AppData) : 38 restaurados com sucesso
Programmes (Program Files) : 30 restaurados com sucesso

========== Restauração Sistema ==========
Ponto de restauro do sistema criado com sucesso

========== Recapitulativo ==========
6 : Chaves do Registo
12 : Valores do Registo
1 : Elementos dos dados do Registo
7 : Pastas
2 : Ficheiros
120 : Pastas/Ficheiros ocultos restaurados
1 : Restauração Sistema

End of clean in 09mn 32s

========== Caminho do ficheiro do relatório ==========
C:\Users\User\AppData\Roaming\ZHP\ZHPFix[R1].txt - 22/01/2015 19:55:29 [2747]

por kipper Qui 22 Jan 2015, 19:56

Rapport de ZHPFix 2015.1.15.1 par Nicolas Coolman, Update du 15/01/2015
Fichier d'export Registre :
Run by User at 22/01/2015 19:47:26
High Elevated Privileges : OK
Windows Vista Ultimate Edition, 64-bit (Build 6000)

Reciclagem vazia (08mn 03s)
Prefetcher vazio

========== Chaves do Registo ==========
ELIMINÉ: HKCU\Software\Baidu Security
ELIMINÉ: HKCU\Software\Baixaki
ELIMINÉ:* HKLM\Software\Baidu Security
ELIMINÉ: HKLM\Software\Wow6432Node\Baidu_Drp_pos
ELIMINÉ: HKLM\Software\Wow6432Node\baidu
ELIMINÉ: SearchScopes :{515B43BD-FDC0-4254-9A5C-48D24C4261F7}

========== Valores do Registo ==========
Ausente Valor Perfil Padrão: FirewallRaz :
Ausente Valor Perfil Domínio FirewallRaz :
ELIMINÉ: FirewallRaz (Private) : {3C93F5A2-F753-4E92-B3A0-BFB5B518517C}
ELIMINÉ: FirewallRaz (Private) : {07FFC9C9-BD28-4EA2-917A-5B03F90B54BB}
ELIMINÉ: FirewallRaz (Private) : {5D5E1F58-CD2D-4BDA-B6B2-93FE607ED827}
ELIMINÉ: FirewallRaz (Private) : {C4084789-9FB3-4991-B039-4E3D7E56652C}
ProxyFix : Configuração proxy removida com sucesso
ELIMINÉ ProxyServer Value
ELIMINÉ ProxyEnable Value
ELIMINÉ EnableHttp1_1 Value
ELIMINÉ ProxyHttp1.1 Value
ELIMINÉ ProxyOverride Value

por kipper Qui 22 Jan 2015, 19:57

========== Elementos dos dados do Registo ==========
ELIMINÉ: R0 - Main,Start Page = KCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page

========== Pastas ==========
ELIMINÉ Temporários windows (49)
ELIMINÉ Flash Cookies (0)
ELIMINÉ: C:\ProgramData\baidu
ELIMINÉ: C:\ProgramData\Baidu Antivirus
ELIMINÉ: C:\ProgramData\Baidu Security
ELIMINÉ: C:\Users\User\AppData\Roaming\Baidu
ELIMINÉ: C:\Users\User\AppData\Roaming\Baidu Security

========== Ficheiros ==========
ELIMINÉ Temporários windows (30) (4.559.637 octets)
ELIMINÉ Flash Cookies (0) (0 octets)

========== Pastas/Ficheiros ocultos restaurados ==========
Mes images (My Pictures) : 1 restaurados com sucesso
Ma musique (My Music) : 1 restaurados com sucesso
Ma Video (My Video) : 1 restaurados com sucesso
Mes Favoris (My Favorites) : 3 restaurados com sucesso
Mes Documents (My Documents) : 6 restaurados com sucesso
Mon Bureau (My Desktop) : 30 restaurados com sucesso
Menu demarrer (Programs) : 10 restaurados com sucesso
Dossier utilisateur (AppData) : 38 restaurados com sucesso
Programmes (Program Files) : 30 restaurados com sucesso

========== Restauração Sistema ==========
Ponto de restauro do sistema criado com sucesso

========== Recapitulativo ==========
6 : Chaves do Registo
12 : Valores do Registo
1 : Elementos dos dados do Registo
7 : Pastas
2 : Ficheiros
120 : Pastas/Ficheiros ocultos restaurados
1 : Restauração Sistema

End of clean in 09mn 32s

========== Caminho do ficheiro do relatório ==========
C:\Users\User\AppData\Roaming\ZHP\ZHPFix[R1].txt - 22/01/2015 19:55:29 [2747]

por **caedurodrigues** Qui 22 Jan 2015, 22:47

Boa kipper,

Baixe:<[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem][Tens de ter uma conta e sessão iniciada para poderes visualizar este link]><(...by Smeenk)>
Salve na sua área de trabalho!
Execute o arquivo Zoek.exe.
Usuários do Windows Vista ou Windows 7 clique com o direito sobre o arquivo Zoek.exe, depois clique em
[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
Selecione as linhas em vermelho, clique com o direito sobre a seleção e escolha a opção copiar!

autoclean;
quickscan;
emptyalltemp;
emptyfolderscheck;delete
ipconfig /flushdns;b
Clique com o direito em qualquer parte branca do Zoek e escolha a opção colar.
Clique Run Script!
Aguarde o scan. Ao final abrirá o bloco de notas com o relatório.
Uma cópia também será salva no seu disco local com o nome zoek-results.txt.
Anexe o zoek-results.txt na sua próxima resposta.

Um grande abraço. pc lento e demora pra entra na net 648673379

por kipper Sex 23 Jan 2015, 20:48

Zoek.exe v5.0.0.0 Updated 18-01-2015
Tool run by User on 23/01/2015 at 20:30:52,63.
Microsoft Windows 7 Ultimate 6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\User\Downloads\zoek.exe [Scan all users] [Script inserted]

===== Runcheck 20:31:48,43 =====

--- Create Environment Variables 20:31:49,32
--- Create System Restore Point 20:31:54,31
--- Checking Input 20:32:14,17
--- AU AppData Check 20:32:18,39
--- Remove From Windows Installer 20:32:22,34
--- Empty Folders Check 20:33:31,06
--- Registry HKLM Software Check 20:33:31,07
--- Quick Launch Shortcut Check 20:33:40,73
--- IE Startpage Check 20:33:45,29
--- Program Files DB Check 20:33:59,59
--- C:\Users\Default\AppData\Roaming DB Check 20:34:31,68
--- C:\Users\Default User\AppData\Roaming DB Check 20:34:31,68
--- C:\Users\User\AppData\Roaming DB Check 20:34:31,68
--- C:\Users\USURIO~1\AppData\Roaming DB Check 20:34:31,68
--- C:\Windows\SysNative\config\systemprofile\AppData\Roaming DB Check 20:34:31,68
--- C:\Windows\sysWoW64\config\systemprofile\AppData\Roaming DB Check 20:34:31,68
--- C:\Windows\serviceprofiles\networkservice\AppData\Roaming DB Check 20:34:31,68
--- C:\Windows\serviceprofiles\Localservice\AppData\Roaming DB Check 20:34:31,68
--- C:\Users\User DB Check 20:36:12,85
--- C:\PROGRA~3 DB Check 20:36:24,83
--- C:\Users\Default\AppData\Local DB Check 20:36:28,20
--- C:\Users\Default User\AppData\Local DB Check 20:36:28,20
--- C:\Users\Public\AppData\Local DB Check 20:36:28,20
--- C:\Users\User\AppData\Local DB Check 20:36:28,20
--- C:\Users\USURIO~1\AppData\Local DB Check 20:36:28,20
--- C:\Windows\SysNative\config\systemprofile\AppData\Local DB Check 20:36:28,20
--- C:\Windows\sysWoW64\config\systemprofile\AppData\Local DB Check 20:36:28,20
--- C:\Windows\serviceprofiles\networkservice\AppData\Local DB Check 20:36:28,20
--- C:\Windows\serviceprofiles\Localservice\AppData\Local DB Check 20:36:28,20
--- C:\ProgramData\Microsoft\Windows\Start Menu\Programs DB Check 20:37:46,64
--- C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs DB Check 20:37:53,14
--- Tasks DB Check 20:37:57,55
--- Downloads DB Check 20:38:00,26
--- C:\Users\User\AppData\LocalLow DB Check 20:38:03,60
--- C:\Windows\SysNative\config\systemprofile\AppData\LocalLow DB Check 20:38:03,60
--- C:\Windows\sysWoW64\config\systemprofile\AppData\LocalLow DB Check 20:38:03,60
--- C:\Windows\serviceprofiles\networkservice\AppData\LocalLow DB Check 20:38:03,60
--- C:\Windows\serviceprofiles\Localservice\AppData\LocalLow DB Check 20:38:03,60
--- Tasks2 DB Check 20:38:40,40
--- Documents DB Check 20:38:58,71
--- C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\02dwc90y.default-1399424852910 DB Check 20:39:03,55
--- C:\Users\Public\Desktop DB Check 20:39:05,24
--- C:\Users\User\Desktop DB Check 20:39:08,05
--- Services DB Check 20:39:13,83
--- FF prefs.js DB Check 20:39:29,45
--- Del by CLSID 20:39:58,27

por **caedurodrigues** Sex 23 Jan 2015, 23:38

Boa noite kipper, este não é o relatório da Zoek. Poste por favor o relatório. Um grande abraço.

por kipper Qui 29 Jan 2015, 16:56

Zoek.exe v5.0.0.0 Updated 27-01-2015
Tool run by User on 29/01/2015 at 16:30:35,67.
Microsoft Windows 7 Ultimate 6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\User\Desktop\zoek(1).exe [Scan all users] [Quick Scan] [Auto Clean]

==== Older Logs ======================

C:\zoek-results2015-01-23-224329.log 42536 bytes

==== Deleting CLSID Registry Keys ======================

==== Deleting CLSID Registry Values ======================

==== Deleting Services ======================

==== Deleting Files \ Folders ======================

C:\Users\User\AppData\Roaming\WB.CFG deleted
C:\PROGRA~3\APN deleted
C:\PROGRA~3\Package Cache deleted
C:\windows\SysNative\GroupPolicy\Machine deleted
C:\windows\SysNative\GroupPolicy\User deleted
C:\Windows\Syswow64\GroupPolicy\gpt.ini deleted
C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\02dwc90y.default-1399424852910\searchplugins\ask-search.xml deleted

==== Files Recently Created / Modified ======================

====== C:\Windows ====
====== C:\Users\User\AppData\Local\Temp ====
====== Java Cache =====
2015-01-26 17:39:24 18689B31D0FBD00057E3E320FBA81971 449 ----a-w- C:\Users\User\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\18\7c431bd2-29656eee798524ea04111a39cfa63807ff20d7a7fded018c520cc6c348d91ed6-6.0.lap
2015-01-26 17:40:02 B5C2F72EEC79FA31A17466067D6C1418 34428 ----a-w- C:\Users\User\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\37\7e8bd8e5-5d1b849b
2015-01-26 17:41:15 821C794CCB3B356FB76FF36BE0630E5D 142 ----a-w- C:\Users\User\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\4\27c8fdc4-f9ec3a861e5ed3205414b1aa6280c130b2c7371d0f2f2f9a274d1a2360f11f59-6.0.lap
2015-01-26 17:41:27 9663CCFBBF8B41C16DE8FECD44F8B0DD 106361 ----a-w- C:\Users\User\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\43\194a216b-3abd2ea5
====== C:\Windows\SysWOW64 =====
====== C:\Windows\SysWOW64\drivers =====
====== C:\Windows\Sysnative =====
====== C:\Windows\Sysnative\drivers =====
====== C:\Windows\Tasks ======
====== C:\Windows\Temp ======
======= C:\Program Files =====
======= C:\PROGRA~2 =====
2015-01-22 18:29:58 -------- d-----w- C:\PROGRA~2\COMMON~1\Java
2015-01-21 19:34:33 -------- d-----w- C:\PROGRA~2\ZHPDiag
2015-01-21 17:35:44 -------- d-----w- C:\PROGRA~2\Flockers
======= C: =====
2015-01-21 19:38:37 F7631AFF40BBF27966552B41CDAE092F 512 ----a-w- C:\PhysicalDisk0_MBR.bin
====== C:\Users\User\AppData\Roaming ======
2015-01-21 17:44:12 -------- d-----w- C:\Users\User\AppData\Local\EMU
2015-01-03 13:25:55 -------- d-----w- C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FormatFactory
====== C:\Users\User ======
2015-01-22 18:28:19 6713E17AFCB3A28191A747DC8C475721 639912 ----a-w- C:\Users\User\Downloads\jxpiinstall(1).exe
2015-01-21 19:34:36 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZHP
2015-01-21 19:25:07 2B1785D99119EF764C8BF54AE776B5FC 6865579 ----a-w- C:\Users\User\Downloads\ZHPDiag2(1).exe
2015-01-21 17:40:26 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Flockers
2014-12-31 19:37:45 -------- d-----w- C:\Users\TODOSO~1\PopCap Games
2014-12-31 19:37:45 -------- d-----w- C:\ProgramData\PopCap Games

====== C: exe-files ==
2015-01-29 18:34:40 !HASH: COULD NOT OPEN FILE !!!!! 3007800 ---h--w- C:\Users\Todos os Usuários\PopCap Games\PlantsVsZombies\popcapgame1.exe
2015-01-29 18:34:40 !HASH: COULD NOT OPEN FILE !!!!! 3007800 ---h--w- C:\ProgramData\PopCap Games\PlantsVsZombies\popcapgame1.exe
2015-01-27 18:07:20 220A0B7B557EFEF7C399CDC1E9DBDA2D 875088 ----a-w- C:\Program Files (x86)\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\40.0.2214.93\40.0.2214.93_40.0.2214.91_chrome_updater.exe
2015-01-22 21:47:11 8C67372F7A06D02F68C412391C4FC955 26813336 ----a-w- C:\Users\User\AppData\Roaming\ZHP\Quarantine\Baidu Antivirus.DIR\2827166681.exe
=== C: other files ==

==== Startup Registry Enabled ======================

[HKEY_USERS\S-1-5-21-2123034537-1514316849-1306321605-1000\Software\Microsoft\Windows\CurrentVersion\Run]
"Skype"="C:\Program Files (x86)\Skype\Phone\Skype.exe /minimized /regrun"
"uTorrent"="C:\Users\User\AppData\Roaming\uTorrent\uTorrent.exe /MINIMIZED"
"Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe /autoRun"
"DAEMON Tools Lite"="C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe -autorun"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AdobeCS5ServiceManager"="C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe -launchedbylogin"
"SwitchBoard"="C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe"
"PowerDVD12DMREngine"="C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMR\PowerDVD12DMREngine.exe"
"PowerDVD12Agent"="C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12Agent.exe"
"USB3MON"="C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
"HP Software Update"="C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe"
"ASM"="C:\Program Files (x86)\SM95\smmain.exe"
"SAPP"="C:\Program Files (x86)\SAPP\sapp.exe"
"Tim"="C:\Program Files (x86)\WinTM\tis\TiMonitor.exe"
"SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Skype"="C:\Program Files (x86)\Skype\Phone\Skype.exe /minimized /regrun"
"uTorrent"="C:\Users\User\AppData\Roaming\uTorrent\uTorrent.exe /MINIMIZED"
"Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe /autoRun"
"DAEMON Tools Lite"="C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe -autorun"

==== Startup Registry Enabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"="C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe -s"
"AdobeAAMUpdater-1.0"="C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
"egui"="C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe /hide /waitservice"
"IgfxTray"="C:\Windows\system32\igfxtray.exe"
"HotKeysCmds"="C:\Windows\system32\hkcmd.exe"
"Persistence"="C:\Windows\system32\igfxpers.exe"

==== Startup Folders ======================

2014-08-25 22:50:26 157983 ----a-w- C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Novo(a) Documento do Microsoft Word (2).docx
2014-11-19 11:02:33 162 ------w- C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\~$vo(a) Documento do Microsoft Word (2).docx

==== Task Scheduler Jobs ======================

C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [24/01/2015 19:30]
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [17/04/2014 16:22]
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [17/04/2014 16:22]

==== Other Scheduled Tasks ======================

"C:\Windows\SysNative\tasks\Adobe Acrobat Update Task" [C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe]
"C:\Windows\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe]
"C:\Windows\SysNative\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"]
"C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
"C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
"C:\Windows\SysNative\tasks\HPCustParticipation HP Deskjet 1050 J410 series" ["C:\Program Files\HP\HP Deskjet 1050 J410 series\Bin\HPCustPartic.exe"]
"C:\Windows\SysNative\tasks\User_Feed_Synchronization-{6DF43704-786C-4865-866E-97611BE0333B}" [C:\Windows\system32\msfeedssync.exe]
"C:\Windows\SysNative\tasks\{1C01D39C-FF48-4DC8-BC31-0AD1DDAE6804}" [C:\Program Files (x86)\Google\Chrome\Application\chrome.exe]
"C:\Windows\SysNative\tasks\{D5B18C28-40B9-4F9D-B759-6CADF0A43225}" [C:\Program Files (x86)\Rosso Rabbit in Trouble\RossoRabbitInTrouble.exe]
"C:\Windows\SysNative\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc]

==== Firefox Start and Search pages ======================

ProfilePath: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\02dwc90y.default-1399424852910
user_pref("browser.startup.homepage", "https://www.google.com.br");

==== Firefox Extensions ======================

AppDir: C:\Program Files (x86)\Mozilla Firefox
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

==== Firefox Plugins ======================

Profilepath: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\02dwc90y.default-1399424852910
0FC325593893749364EC4A733E7D9100 - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_296.dll - Shockwave Flash
5950D438CD3DDF2DD50D9FA4E07A6C1C - C:\Users\User\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll - Unity Player
3CD19649B2C3023D65E67C056457A2BC - C:\Users\User\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll - Facebook Video Calling Plugin

==== Chromium Look ======================

Google Chrome Version: 40.0.2214.93 (Up to date, latest Stable version: 40.0.2214.93)

Google Docs - User\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake
Google Drive - User\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf
YouTube - User\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
Google Search - User\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
Google Wallet - User\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
Gmail - User\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://google.com"
"Search Page"="http://www.google.com"
"Search Bar"="http://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"
"Search Page"="http://www.google.com"
"Search Bar"="http://www.google.com"
"Start Page Redirect Cache"="http://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"
"Search Page"="http://www.google.com"
"Search Bar"="http://www.google.com"
"Start Page Redirect Cache"="http://www.google.com"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="http://google.com"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="http://google.com"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search]
"Start Page"="http://google.com"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Search]
"Start Page"="http://google.com"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search]
"Start Page"="http://google.com"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{515B43BD-FDC0-4254-9A5C-48D24C4261F7}"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{515B43BD-FDC0-4254-9A5C-48D24C4261F7}] not found

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Start Page"="http://google.com"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Page Redirect Cache"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Page Redirect Cache"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="res://ieframe.dll/tabswelcome.htm"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="res://ieframe.dll/tabswelcome.htm"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search]
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Search]
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search]
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"
{67C334C0-408D-4E6D-B5A7-0ADD6AFFA252} Google Url="http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?}"

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\Software\wow6432node\Policies\Google deleted successfully

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\User\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\7GACC3QM will be deleted at reboot
C:\Users\User\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot

==== Empty FireFox Cache ======================

C:\Users\User\AppData\Local\Mozilla\Firefox\Profiles\02dwc90y.default-1399424852910\cache2 emptied successfully

==== Empty Chrome Cache ======================

C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=16 folders=19 14104439 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\temp emptied successfully
C:\Users\Default User\AppData\Local\temp emptied successfully
C:\Users\Public\AppData\Local\temp emptied successfully
C:\Users\User\AppData\Local\Temp will be emptied at reboot
C:\Users\USURIO~1\AppData\Local\temp emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\User\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\Users\User\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not found
"C:\Users\User\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\7GACC3QM" not found

==== EOF on 29/01/2015 at 16:54:05,62 ======================

por **caedurodrigues** Qui 29 Jan 2015, 21:48

Boa noite kipper,

Baixe:<[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]> <(...by Farbar)>
Ou aqui:<[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]>
Salve-a na Área de trabalho !
Execute a ferramenta ! Clique "Yes" >> "Scan".

[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
Verifique se as caixinhas em "Whitelist" estão assinaladas.
Em "Optional Scan",deixe marcada a checkbox "Addition.txt".
Será gerado o relatório! (FRST.txt)
Ps: Será gerado,também,o relatório "Addition.txt" que estará disponibilizado na 1ª execução da ferramenta.
Acesse: <[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]>
Ou acesse:<[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]>
Ou anexe-o <[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]> << Link
Maiores informações:<[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]> << Hospedagem !

Um grande abraço. pc lento e demora pra entra na net 648673379

por kipper Sáb 31 Jan 2015, 12:49

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 31-01-2015
Ran by User at 2015-01-31 12:46:34
Running from C:\Users\User\Desktop
Boot Mode: Normal
==========================================================

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: ESET NOD32 Antivírus 5.0 (Enabled - Up to date) {77DEAFED-8149-104B-25A1-21771CA47CD1}
AS: ESET NOD32 Antivírus 5.0 (Enabled - Up to date) {CCBF4E09-A773-1FC5-1F11-1A056723366C}
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-2123034537-1514316849-1306321605-1000\...\uTorrent) (Version: 3.4.2.37754 - BitTorrent Inc.)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.5.3.9120 - Adobe Systems Inc.)
Adobe Creative Suite 5 Master Collection (HKLM-x32\...\{1BBD8D70-721A-41AD-AC8F-7308A0C8FA92}) (Version: 5.0 - Adobe Systems Incorporated)
Adobe Flash Player 16 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 16.0.0.296 - Adobe Systems Incorporated)
Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.296 - Adobe Systems Incorporated)
Adobe Media Player (HKLM-x32\...\com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.8 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.10) - Português (HKLM-x32\...\{AC76BA86-7AD7-1046-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
aTube Catcher (HKLM-x32\...\aTube Catcher) (Version: 3.8.7971 - DsNET Corp)
aTube Catcher versão 3.8 (HKLM-x32\...\{D43B360E-722D-421B-BC77-20B9E0F8B6CD}_is1) (Version: 3.8 - DsNET Corp)
CCleaner (HKLM\...\CCleaner) (Version: 4.11 - Piriform)
Corel Graphics - Windows Shell Extension (HKLM\...\_{EBDC2D0D-1E26-4EF2-BB48-C7E18F7800C6}) (Version: 16.0.0.707 - Corel Corporation)
Corel Graphics - Windows Shell Extension (Version: 16.0.707 - Corel Corporation) Hidden
Corel Graphics - Windows Shell Extension 32 Bit (Version: 16.0.707 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - BR (x64) (Version: 16.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - Capture (x64) (Version: 16.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - Common (x64) (Version: 16.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - Connect (x64) (Version: 16.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - Custom Data (x64) (Version: 16.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - Draw (x64) (Version: 16.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - Filters (x64) (Version: 16.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - FontNav (x64) (Version: 16.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - IPM (Version: 16.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - PHOTO-PAINT (x64) (Version: 16.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - Photozoom Plugin (x64) (Version: 16.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - Redist (x64) (Version: 16.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - Setup Files (x64) (Version: 16.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - VBA (x64) (Version: 16.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - VideoBrowser (x64) (Version: 16.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - VSTA (x64) (Version: 16.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - Writing Tools (x64) (Version: 16.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 (64-Bit) (HKLM\...\_{BDBFAC49-8877-472F-876B-75ADB7DBC955}) (Version: 16.0.0.707 - Corel Corporation)
CorelDRAW Graphics Suite X6 (x64) (Version: 16.0 - Corel Corporation) Hidden
CyberLink PowerDVD 12 (HKLM-x32\...\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.1312.54 - CyberLink Corp.)
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.49.1.0356 - Disc Soft Ltd)
ESET NOD32 Antivirus (HKLM\...\{679CC4FF-FC7B-48DF-A346-684AD1A2B48E}) (Version: 5.0.95.0 - ESET, spol. s r. o.)
Facebook Video Calling 3.1.0.521 (HKLM-x32\...\{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version: 3.1.521 - Skype Limited)
Flockers (HKLM-x32\...\Flockers_is1) (Version: - Team17 Digital Ltd)
FormatFactory 3.5.0.0 (HKLM-x32\...\FormatFactory) (Version: 3.5.0.0 - Format Factory)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 40.0.2214.93 - Google Inc.)
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
HP Deskjet 1050 J410 series Ajuda (HKLM-x32\...\{5C90D8CF-F12A-41C6-9007-3B651A1F0D78}) (Version: 140.0.66.66 - Hewlett Packard)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.3781 - HP Photo Creations Powered by RocketLife)
HP Update (HKLM-x32\...\{B0069CFA-5BB9-4C03-B1C6-89CE290E5AFE}) (Version: 5.002.006.003 - Hewlett-Packard)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.15.1730 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3412 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 2.5.0.19 - Intel Corporation)
Java 7 Update 71 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217071FF}) (Version: 7.0.710 - Oracle)
Java 8 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218025F0}) (Version: 8.0.250 - Oracle Corporation)
Java 8 Update 31 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation)
K-Lite Mega Codec Pack 9.9.5 (HKLM-x32\...\KLiteCodecPack_is1) (Version: 9.9.5 - )
Malwarebytes Anti-Malware versão 2.0.3.1025 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.3.1025 - Malwarebytes Corporation)
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4420.1017 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2.0 Runtime (HKLM-x32\...\{299C0434-4F4E-341F-A916-4E07AEB35E79}) (Version: 9.0.30729 - Microsoft Corporation)
Minha Biblia (HKLM-x32\...\{738C450E-378C-42E7-B8D2-A36EC068A1D3}) (Version: 1.03.0000 - Friendship Solutions:)
Mozilla Firefox 35.0.1 (x86 pt-BR) (HKLM-x32\...\Mozilla Firefox 35.0.1 (x86 pt-BR)) (Version: 35.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 32.0.1 - Mozilla)
Nero 12 (HKLM-x32\...\{560FC78C-A4B2-461D-9B47-820C1EEF87B8}) (Version: 12.0.02000 - Nero AG)
Pacote de Idiomas do Microsoft .NET Framework 4 Client Profile - Português (Brasil) (HKLM\...\Microsoft .NET Framework 4 Client Profile PTB Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
PDF Settings CS5 (x32 Version: 10.0 - Adobe Systems Incorporated) Hidden
PegaJogo 3.0 (HKLM-x32\...\{14FAA5DD-A6B2-4A7B-8960-4A30DC8D9D35}_is1) (Version: - PegaJogo.com)
Prerequisite installer (x32 Version: 12.0.0002 - Nero AG) Hidden
Primo (x32 Version: 1.00.0000 - Your Company Name) Hidden
Pro Evolution Soccer 2009 (HKLM-x32\...\{A8DB611A-D80E-450D-85F6-3ACDD164BE31}) (Version: 1.00.0000 - KONAMI)
Rambo The Video Game (HKLM-x32\...\{48CB69A5-D098-4CA6-A58F-4255ED6DBE49}_is1) (Version: - Reef Entertainment)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7071 - Realtek Semiconductor Corp.)
Revisores de Texto do Microsoft Office 2013 – Português do Brasil (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Runtime (x32 Version: 1.00.0000 - Your Company Name) Hidden
Show do Cristão (HKLM-x32\...\Show do Cristão_is1) (Version: - Oltre Vita Informática Ltda)
Skype

6.3 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.3.105 - Skype Technologies S.A.)
Software básico do dispositivo HP Deskjet 1050 J410 series (HKLM\...\{06A5A3AF-AFA5-4278-868E-BFD494A9B08B}) (Version: 22.50.231.0 - Hewlett-Packard Co.)
Sony Picture Utility (HKLM-x32\...\{D5068583-D569-468B-9755-5FBF5848F46F}) (Version: 4.2.01.15030 - Sony Corporation)
Unity Web Player (HKU\S-1-5-21-2123034537-1514316849-1306321605-1000\...\UnityWebPlayer) (Version: 4.6.1f1 - Unity Technologies ApS)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.1.5 - VideoLAN)
Welcome App (Start-up experience) (x32 Version: 12.0.14000 - Nero AG) Hidden
Winamp (HKLM-x32\...\Winamp) (Version: 5.666 - Nullsoft, Inc)
Windows Movie Maker 2.6 (HKLM-x32\...\{B3DAF54F-DB25-4586-9EF1-96D24BB14088}) (Version: 2.6.4037.0 - Microsoft Corporation)
WinRAR 4.11 (64-bit) (HKLM\...\WinRAR archiver) (Version: 4.11.0 - win.rar GmbH)
ZHPDiag 2015 (HKLM-x32\...\ZHPDiag_is1) (Version: 2015 - Nicolas Coolman)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

==================== Restore Points =========================

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {0C7401FE-8897-41C1-9146-C072BD7269B5} - System32\Tasks\{7F93592B-45AD-4CDB-BC02-8A3AA4F26612} => pcalua.exe -a C:\Users\User\Downloads\ZHPDiag2(1).exe -d C:\Users\User\Downloads
Task: {1E2A1A86-8E76-4D56-8987-7E2745EB660C} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation)
Task: {2F26519F-9262-4555-954D-00D12590C617} - System32\Tasks\{D5B18C28-40B9-4F9D-B759-6CADF0A43225} => C:\Program Files (x86)\Rosso Rabbit in Trouble\RossoRabbitInTrouble.exe
Task: {4F8479B2-4B26-4343-8989-9E1A87DD90EB} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2012-10-01] (Microsoft Corporation)
Task: {53812C6A-557A-41C6-9321-A14BEA7C723A} - System32\Tasks\HPCustParticipation HP Deskjet 1050 J410 series => C:\Program Files\HP\HP Deskjet 1050 J410 series\Bin\HPCustPartic.exe [2010-11-16] (Hewlett-Packard Co.)
Task: {8583E526-C901-4D15-B04D-131766E16547} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {8658DF18-DEB8-4E79-ACDF-8622AE27A1DB} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-04-17] (Google Inc.)
Task: {A0934E19-C840-4AB7-A767-7C8D67A31E15} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-04-17] (Google Inc.)
Task: {A8B8AF7C-3BCE-49B1-B376-2D9E3443B3CC} - System32\Tasks\{D19B375C-3F48-4EDC-8258-8ABD976ECD72} => pcalua.exe -a F:\TORRENT\Disney_Mickey\setup\setup.exe -d F:\TORRENT\Disney_Mickey\setup
Task: {AEEDA4BC-A1ED-406F-91C1-13B0C8C082B4} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-01-24] (Adobe Systems Incorporated)
Task: {BF59364D-8BEB-47EC-8E86-09209589B244} - System32\Tasks\{4452D369-D03D-444A-A15F-9B6B3E4E0971} => pcalua.exe -a "C:\Program Files (x86)\ZHPDiag\ZHPFix\ZHPhep.exe" -d "C:\Program Files (x86)\ZHPDiag\ZHPFix"
Task: {CA9DB52F-6282-4479-BD53-84A6339DE959} - System32\Tasks\{1C01D39C-FF48-4DC8-BC31-0AD1DDAE6804} => Chrome.exe
Task: {D33F1C7D-7A4E-49C1-B6C4-B34E768B155D} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation)
Task: {DDBAD5BE-1A1C-4FD2-AA35-3125C9E8BDBD} - System32\Tasks\{8DD405A6-E38E-4E13-A8D5-530B76CDED45} => pcalua.exe -a C:\Windows\system32\pcwrun.exe -c "C:\Program Files (x86)\Rosso Rabbit in Trouble\RossoRabbitInTrouble.exe"
Task: {E58F4D81-B017-4877-AE68-9ABAD5721FE0} - System32\Tasks\Games\UpdateCheck_S-1-5-21-2123034537-1514316849-1306321605-1000
Task: {E95F1CDB-793C-434E-837E-7C6CEDB53BE5} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-02-20] (Piriform Ltd)
Task: {E9EB2626-EEF7-4D20-8C55-4744984F4D49} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
Task: {F36B5CB8-9AB3-4A4C-8E61-14EA36713FC6} - System32\Tasks\{85A10420-D547-4A00-8E02-D7FFE30A205C} => pcalua.exe -a C:\Users\User\Downloads\ZHPDiag2.exe -d C:\Users\User\Downloads
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2013-07-30 17:14 - 2012-02-17 21:55 - 00193536 _____ () C:\Program Files\WinRAR\rarext.dll
2014-04-17 11:24 - 2012-10-29 16:48 - 00927232 _____ () C:\Program Files (x86)\ASUS\AXSP\1.01.01\atkexComSvc.exe
2014-12-02 14:24 - 2014-11-28 15:36 - 03781632 _____ () C:\Program Files (x86)\SAPP\sapp.exe
2014-04-17 11:24 - 2015-01-31 08:35 - 00026112 _____ () C:\Program Files (x86)\ASUS\AXSP\1.01.01\PEbiosinterface32.dll
2014-04-17 11:24 - 2012-05-08 01:04 - 00104448 _____ () C:\Program Files (x86)\ASUS\AXSP\1.01.01\ATKEX.dll
2013-07-30 17:04 - 2012-01-02 00:21 - 00374056 _____ () C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMR\CLNetMediaDMA.dll
2013-07-30 17:04 - 2011-08-24 00:39 - 00081920 _____ () C:\Program Files (x86)\CyberLink\PowerDVD12\Common\koan\_ctypes.pyd
2013-07-30 17:04 - 2011-08-24 00:39 - 00053248 _____ () C:\Program Files (x86)\CyberLink\PowerDVD12\Common\Koan\_socket.pyd
2013-07-30 17:04 - 2011-08-24 00:39 - 00655360 _____ () C:\Program Files (x86)\CyberLink\PowerDVD12\Common\Koan\_ssl.pyd
2013-07-30 17:04 - 2012-01-12 10:55 - 00075048 _____ () C:\Program Files (x86)\CyberLink\PowerDVD12\subsys\DLNA\DMS\_PyDMSCtrl.pyd
2014-12-02 14:24 - 2013-10-08 14:41 - 00019968 _____ () C:\Program Files (x86)\SAPP\UIControls.dll
2013-07-30 17:05 - 2012-01-09 01:48 - 00541683 _____ () C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\sqlite3.dll
2014-04-17 11:28 - 2013-09-16 13:17 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2015-01-26 15:00 - 2015-01-26 15:00 - 03925104 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)

==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

========================= Accounts: ==========================

Administrador (S-1-5-21-2123034537-1514316849-1306321605-500 - Administrator - Disabled)
Convidado (S-1-5-21-2123034537-1514316849-1306321605-501 - Limited - Disabled)
User (S-1-5-21-2123034537-1514316849-1306321605-1000 - Administrator - Enabled) => C:\Users\User

==================== Faulty Device Manager Devices =============

Name: Teredo Tunneling Pseudo-Interface
Description: Adaptador de Túnel Teredo da Microsoft
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

==================== Event log errors: =========================

Application errors:
==================
Error: (01/31/2015 08:37:17 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/31/2015 08:28:52 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/31/2015 07:33:04 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/31/2015 04:58:42 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/31/2015 04:49:36 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/30/2015 10:08:13 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/30/2015 00:31:01 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/30/2015 09:21:16 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/30/2015 04:48:40 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/29/2015 09:12:25 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome de aplicativo com falha: googleearth.exe, versão: 7.1.2.2041, carimbo de hora: 0x525310f1
Nome do módulo de falhas: ntdll.dll, versão: 6.1.7601.18247, carimbo de hora: 0x521ea8e7
Código de exceção: 0xc0000374
Deslocamento com falha: 0x000ce753
Identificação do processo com falha: 0xea0
Hora de início do aplicativo com falha: 0xgoogleearth.exe0
Caminho do aplicativo com falha: googleearth.exe1
FCaminho do módulo de falhas: googleearth.exe2
Identificação do Relatório: googleearth.exe3

System errors:
=============
Error: (01/31/2015 00:43:37 PM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: AUTORIDADE NT)
Description: Ocorreu um erro ao tentar ler o arquivo de hosts locais.

Error: (01/31/2015 00:39:10 PM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: AUTORIDADE NT)
Description: Ocorreu um erro ao tentar ler o arquivo de hosts locais.

Error: (01/31/2015 00:34:14 PM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: AUTORIDADE NT)
Description: Ocorreu um erro ao tentar ler o arquivo de hosts locais.

Error: (01/31/2015 00:34:11 PM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: AUTORIDADE NT)
Description: Ocorreu um erro ao tentar ler o arquivo de hosts locais.

Error: (01/31/2015 00:25:03 PM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: AUTORIDADE NT)
Description: Ocorreu um erro ao tentar ler o arquivo de hosts locais.

Error: (01/31/2015 00:22:33 PM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: AUTORIDADE NT)
Description: Ocorreu um erro ao tentar ler o arquivo de hosts locais.

Error: (01/31/2015 00:16:28 PM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: AUTORIDADE NT)
Description: Ocorreu um erro ao tentar ler o arquivo de hosts locais.

Error: (01/31/2015 00:11:53 PM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: AUTORIDADE NT)
Description: Ocorreu um erro ao tentar ler o arquivo de hosts locais.

Error: (01/31/2015 00:07:34 PM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: AUTORIDADE NT)
Description: Ocorreu um erro ao tentar ler o arquivo de hosts locais.

Error: (01/31/2015 00:02:32 PM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: AUTORIDADE NT)
Description: Ocorreu um erro ao tentar ler o arquivo de hosts locais.

Microsoft Office Sessions:
=========================
Error: (01/31/2015 08:37:17 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/31/2015 08:28:52 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/31/2015 07:33:04 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/31/2015 04:58:42 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/31/2015 04:49:36 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/30/2015 10:08:13 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/30/2015 00:31:01 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/30/2015 09:21:16 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/30/2015 04:48:40 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/29/2015 09:12:25 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: googleearth.exe7.1.2.2041525310f1ntdll.dll6.1.7601.18247521ea8e7c0000374000ce753ea001d03c114767fc5aC:\Program Files (x86)\Google\Google Earth\client\googleearth.exeC:\Windows\SysWOW64\ntdll.dll48e132fb-a80c-11e4-8887-e03f49173750

CodeIntegrity Errors:
===================================
Date: 2014-06-25 17:44:18.117
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2014-06-25 17:44:18.117
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2014-04-17 10:36:25.800
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\RTKVHD64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2014-04-17 10:36:25.784
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\RTKVHD64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2014-04-17 10:31:12.748
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\RTKVHD64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2014-04-17 10:31:12.732
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\RTKVHD64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2014-04-17 10:21:50.878
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\RTKVHD64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2014-04-17 10:21:50.862
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\RTKVHD64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2014-04-17 09:58:37.544
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\RTKVHD64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2014-04-17 09:58:36.780
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\RTKVHD64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

==================== Memory info ===========================

Processor: Intel(R) Core(TM) i3-4130 CPU @ 3.40GHz
Percentage of memory in use: 44%
Total physical RAM: 3968.45 MB
Available physical RAM: 2215.52 MB
Total Pagefile: 7935.09 MB
Available Pagefile: 5957.44 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:97.66 GB) (Free:11.99 GB) NTFS
Drive e: (Novo volume) (Fixed) (Total:175.78 GB) (Free:40.96 GB) NTFS
Drive f: (Novo volume) (Fixed) (Total:192.22 GB) (Free:33.25 GB) NTFS
Drive g: (Flockers) (CDROM) (Total:6.41 GB) (Free:0 GB) UDF

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or Cool

(Size: 465.8 GB) (Disk ID: 56684485)
Partition 1: (Active) - (Size=102 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=97.7 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=175.8 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=192.2 GB) - (Type=OF Extended)

==================== End Of Log ============================

por kipper Sáb 31 Jan 2015, 12:50

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 31-01-2015
Ran by User (administrator) on USER-PC on 31-01-2015 12:45:57
Running from C:\Users\User\Desktop
Loaded Profiles: User (Available profiles: User)
Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: Português (Brasil)
Internet Explorer Version 9 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

() C:\Program Files (x86)\ASUS\AXSP\1.01.01\atkexComSvc.exe
(CyberLink) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe
(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(arvato digital services llc) C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleCrashHandler64.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Sony Corporation) C:\Program Files (x86)\Sony\Sony Picture Utility\PMBCore\SPUVolumeWatcher.exe
(CyberLink) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMR\PowerDVD12DMREngine.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12Agent.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
() C:\Program Files (x86)\SAPP\sapp.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(CyberLink) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMP\CLHNServer\CLHNServiceForPowerDVD12.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(BitTorrent Inc.) C:\Users\User\AppData\Roaming\uTorrent\uTorrent.exe

==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7203032 2013-10-22] (Realtek Semiconductor)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500208 2010-03-06] (Adobe Systems Incorporated)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [4035152 2013-07-30] (ESET)
HKLM-x32\...\Run: [AdobeCS5ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [402432 2010-07-22] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [PowerDVD12DMREngine] => C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMR\PowerDVD12DMREngine.exe [501544 2012-01-02] (CyberLink)
HKLM-x32\...\Run: [PowerDVD12Agent] => C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12Agent.exe [371256 2012-01-12] (CyberLink Corp.)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292848 2013-04-26] (Intel Corporation)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [49208 2010-06-09] (Hewlett-Packard)
HKLM-x32\...\Run: [ASM] => C:\Program Files (x86)\SM95\smmain.exe [3655680 2014-10-16] ()
HKLM-x32\...\Run: [SAPP] => C:\Program Files (x86)\SAPP\sapp.exe [3781632 2014-11-28] ()
HKLM-x32\...\Run: [Tim] => C:\Program Files (x86)\WinTM\tis\TiMonitor.exe
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [508800 2014-12-17] (Oracle Corporation)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-2123034537-1514316849-1306321605-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [18642024 2013-02-28] (Skype Technologies S.A.)
HKU\S-1-5-21-2123034537-1514316849-1306321605-1000\...\Run: [uTorrent] => C:\Users\User\AppData\Roaming\uTorrent\uTorrent.exe [1374032 2015-01-16] (BitTorrent Inc.)
HKU\S-1-5-21-2123034537-1514316849-1306321605-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd)
Startup: C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Ferramenta de Verificação de Mídia do PMB.lnk
ShortcutTarget: Ferramenta de Verificação de Mídia do PMB.lnk -> C:\Program Files (x86)\Sony\Sony Picture Utility\PMBCore\SPUVolumeWatcher.exe (Sony Corporation)
Startup: C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Novo(a) Documento do Microsoft Word (2).docx ()
Startup: C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\~$vo(a) Documento do Microsoft Word (2).docx ()

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-2123034537-1514316849-1306321605-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
SearchScopes: HKU\S-1-5-21-2123034537-1514316849-1306321605-1000 -> DefaultScope {012E1000-F331-11DB-8314-0800200C9A66} URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
SearchScopes: HKU\S-1-5-21-2123034537-1514316849-1306321605-1000 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll (Oracle Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll (Oracle Corporation)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Hosts: Hosts file not detected in the default directory
Tcpip\Parameters: [DhcpNameServer] 10.1.1.1
Tcpip\..\Interfaces\{2AA5F584-48F4-4717-8706-73E96D441DA6}: [NameServer] 8.8.8.8,8.8.4.4

FireFox:
========
FF ProfilePath: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\02dwc90y.default-1399424852910
FF Homepage: [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_296.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_296.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @Nero.com/KM -> C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL (Nero AG)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2123034537-1514316849-1306321605-1000: @lightspark.github.com/Lightspark;version=1 -> C:\Program Files (x86)\Lightspark 0.5.3-git\nplightsparkplugin.dll No File
FF Plugin HKU\S-1-5-21-2123034537-1514316849-1306321605-1000: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\User\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF Plugin HKU\S-1-5-21-2123034537-1514316849-1306321605-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\User\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-2123034537-1514316849-1306321605-1000: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll No File
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\buscape.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\mercadolivre.xml
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird
FF Extension: ESET Smart Security Extension - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2013-07-30]

Chrome:
=======
CHR HomePage: Default -> [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}{google:searchVersion}{google:sessionToken}{google:prefetchQuery}sugkey={google:suggestAPIKeyParameter}
CHR Profile: C:\Users\User\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-06-11]
CHR Extension: (Google Drive) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-06-11]
CHR Extension: (YouTube) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-06-11]
CHR Extension: (Pesquisa do Google) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-06-11]
CHR Extension: (Google Wallet) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-04-18]
CHR Extension: (Gmail) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-06-11]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.01.01\atkexComSvc.exe [927232 2012-10-29] ()
R2 CLHNServiceForPowerDVD12; C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMP\CLHNServer\CLHNServiceForPowerDVD12.exe [87336 2012-01-12] (CyberLink Corp.)
R2 CyberLink PowerDVD 12 Media Server Monitor Service; C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe [75048 2012-01-12] (CyberLink)
R2 CyberLink PowerDVD 12 Media Server Service; C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe [296232 2012-01-12] (CyberLink)
R2 ekrn; C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [974944 2011-09-22] (ESET)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-16] (Intel Corporation)
R2 PSI_SVC_2_x64; c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [336824 2010-11-30] (arvato digital services llc)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-13] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2012-08-22] ()
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-05-09] (Disc Soft Ltd)
R2 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [202576 2011-08-09] (ESET)
R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [146432 2011-08-04] (ESET)
R2 epfwwfpr; C:\Windows\System32\DRIVERS\epfwwfpr.sys [137144 2011-08-04] (ESET)
S3 ISCT; C:\Windows\System32\DRIVERS\ISCTD64.sys [44992 2012-02-09] ()
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [99288 2013-09-16] (Intel Corporation)
R2 ntk_PowerDVD12; C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMP\CLHNServer\ntk_PowerDVD12_64.sys [82928 2011-10-27] (Cyberlink Corp.)
R3 RTLE8023x64; C:\Windows\System32\DRIVERS\Rtenic64.sys [438928 2012-05-23] (Realtek Semiconductor Corporation )
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [386680 2014-05-09] (Duplex Secure Ltd.)
S3 SWDUMon; C:\Windows\System32\DRIVERS\SWDUMon.sys [16152 2014-08-11] ()
R2 {329F96B6-DF1E-4328-BFDA-39EA953C1312}; C:\Program Files (x86)\CyberLink\PowerDVD12\Common\NavFilter\000.fcl [146928 2012-01-11] (CyberLink Corp.)
U3 ahjqdxv4; C:\Windows\System32\Drivers\ahjqdxv4.sys [0 ] (Advanced Micro Devices) <==== ATTENTION (zero size file/folder)
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
S3 ZTEusbmdm6k; system32\DRIVERS\ZTEusbmdm6k.sys [X]
S3 ZTEusbnmea; system32\DRIVERS\ZTEusbnmea.sys [X]
S3 ZTEusbser6k; system32\DRIVERS\ZTEusbser6k.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)

==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-31 12:45 - 2015-01-31 12:46 - 00017876 _____ () C:\Users\User\Desktop\FRST.txt
2015-01-31 12:44 - 2015-01-31 12:45 - 00000000 ____D () C:\FRST
2015-01-31 12:41 - 2015-01-31 12:42 - 02130944 _____ (Farbar) C:\Users\User\Desktop\FRST64.exe
2015-01-29 17:15 - 2014-12-23 08:02 - 00021514 _____ () C:\Users\User\Downloads\Dragoes.A.Evolucao.dos.Pilotos.de.Dragao.XViD.Dublado.torrent
2015-01-29 16:53 - 2015-01-29 16:53 - 00000554 _____ () C:\Windows\PFRO.log
2015-01-29 16:47 - 2015-01-29 16:28 - 00024064 _____ () C:\Windows\zoek-delete.exe
2015-01-29 16:33 - 2015-01-23 20:43 - 00042536 _____ () C:\zoek-results2015-01-23-224329.log
2015-01-29 16:27 - 2015-01-29 16:28 - 01295360 _____ () C:\Users\User\Desktop\zoek(1).exe
2015-01-27 19:37 - 2014-09-17 11:43 - 00000119 _____ () C:\Users\User\Downloads\Visite - Filmes e Torrents.url
2015-01-26 20:21 - 2015-01-30 22:28 - 00000000 ____D () C:\Users\User\Desktop\muller
2015-01-26 15:00 - 2015-01-26 15:00 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-01-25 19:33 - 2015-01-31 08:35 - 00001008 _____ () C:\Windows\setupact.log
2015-01-25 19:33 - 2015-01-25 19:33 - 00000000 _____ () C:\Windows\setuperr.log
2015-01-23 20:31 - 2015-01-29 16:54 - 00016750 _____ () C:\zoek-results.log
2015-01-23 20:28 - 2015-01-29 16:41 - 00000000 ____D () C:\zoek_backup
2015-01-23 20:27 - 2015-01-23 20:28 - 01295360 _____ () C:\Users\User\Downloads\zoek.exe
2015-01-22 19:46 - 2015-01-22 19:46 - 00000000 ____D () C:\Windows\SysWOW64\Quarantine
2015-01-22 16:28 - 2015-01-22 16:28 - 00639912 _____ (Oracle Corporation) C:\Users\User\Downloads\jxpiinstall(1).exe
2015-01-21 17:56 - 2015-01-25 06:18 - 00000000 ____D () C:\Users\User\Desktop\limpeza
2015-01-21 17:38 - 2015-01-21 17:38 - 00000512 _____ () C:\PhysicalDisk0_MBR.bin
2015-01-21 17:34 - 2015-01-21 17:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZHP
2015-01-21 17:34 - 2015-01-21 17:34 - 00000000 ____D () C:\Program Files (x86)\ZHPDiag
2015-01-21 17:25 - 2015-01-21 17:26 - 06865579 _____ (Nicolas Coolman ) C:\Users\User\Downloads\ZHPDiag2(1).exe
2015-01-21 15:44 - 2015-01-21 15:44 - 00000000 ____D () C:\Users\User\AppData\Local\EMU
2015-01-21 15:40 - 2015-01-21 15:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Flockers
2015-01-21 15:35 - 2015-01-21 15:40 - 00000000 ____D () C:\Program Files (x86)\Flockers
2015-01-20 18:40 - 2015-01-20 18:40 - 00475187 _____ () C:\Users\User\Downloads\video-1421695827.mp4.mp4
2015-01-20 18:38 - 2015-01-20 18:38 - 00908301 _____ () C:\Users\User\Downloads\video-1421695853.mp4.mp4
2015-01-17 14:32 - 2014-09-27 02:52 - 00001453 _____ () C:\Users\User\Downloads\Importante.txt
2015-01-16 20:31 - 2015-01-16 20:31 - 00029114 _____ () C:\Users\User\Downloads\Company.Of.Heroes.O.Filme.DVDRip.Dual.Audio.rar
2015-01-16 20:27 - 2015-01-16 20:27 - 00020769 _____ () C:\Users\User\Downloads\O.Cavaleiro.Solitario.2013.BDRip.XviD.Dual.Audio-YKS.rar
2015-01-16 20:23 - 2015-01-16 20:23 - 00023918 _____ () C:\Users\User\Downloads\Dragoes.A.Evolucao.dos.Pilotos.de.Dragao.XViD.Dublado.rar
2015-01-06 09:07 - 2015-01-08 16:38 - 00000000 ____D () C:\Users\User\Documents\SpellForce
2015-01-03 11:25 - 2015-01-03 11:25 - 00001202 _____ () C:\Users\User\Desktop\Format Factory.lnk
2015-01-03 11:25 - 2015-01-03 11:25 - 00000000 ____D () C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FormatFactory

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-31 12:46 - 2014-12-02 14:24 - 00000000 ____D () C:\Program Files (x86)\SAPP
2015-01-31 12:46 - 2014-04-17 17:28 - 00000000 ____D () C:\Users\User\AppData\Roaming\uTorrent
2015-01-31 12:30 - 2014-04-17 12:39 - 00000902 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-01-31 12:02 - 2014-04-17 16:22 - 00001070 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-01-31 08:48 - 2013-07-30 17:10 - 00000000 ____D () C:\Users\User\AppData\Roaming\Skype
2015-01-31 08:43 - 2009-07-14 02:45 - 00026352 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-01-31 08:43 - 2009-07-14 02:45 - 00026352 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-01-31 08:40 - 2011-04-12 11:40 - 00705786 _____ () C:\Windows\system32\prfh0416.dat
2015-01-31 08:40 - 2011-04-12 11:40 - 00146512 _____ () C:\Windows\system32\prfc0416.dat
2015-01-31 08:40 - 2009-07-14 03:13 - 01634728 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-01-31 08:35 - 2014-04-17 16:22 - 00001066 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-01-31 08:35 - 2009-07-14 03:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-01-31 08:34 - 2014-10-23 20:10 - 00000000 ____D () C:\Program Files (x86)\SM95
2015-01-31 08:34 - 2014-06-24 00:08 - 01596865 _____ () C:\Windows\WindowsUpdate.log
2015-01-31 08:23 - 2014-11-25 18:28 - 00000000 ____D () C:\Users\User\Documents\Arquivos do Outlook
2015-01-30 22:10 - 2014-04-25 21:14 - 00003934 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{6DF43704-786C-4865-866E-97611BE0333B}
2015-01-29 17:18 - 2014-05-22 22:32 - 00000000 ____D () C:\Users\User\Downloads\torrent's
2015-01-29 16:41 - 2009-07-14 01:20 - 00000000 ___HD () C:\Windows\system32\GroupPolicy
2015-01-29 16:41 - 2009-07-14 01:20 - 00000000 ____D () C:\Windows\SysWOW64\GroupPolicy
2015-01-28 05:12 - 2014-07-26 11:25 - 00000000 ____D () C:\Users\User\AppData\Roaming\Media Player Classic
2015-01-26 18:33 - 2014-06-12 00:02 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-01-26 18:33 - 2009-07-14 03:08 - 00032608 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2015-01-26 08:07 - 2014-07-16 15:54 - 00000000 ____D () C:\Users\User\AppData\Local\CrashDumps
2015-01-25 06:31 - 2014-05-09 20:25 - 00000000 ____D () C:\Users\User\AppData\Roaming\DAEMON Tools Lite
2015-01-24 19:30 - 2014-04-17 12:39 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-01-24 19:30 - 2014-04-17 12:39 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-01-24 19:30 - 2014-04-17 12:39 - 00003840 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-01-23 07:06 - 2014-10-17 16:05 - 00000000 ____D () C:\Users\User\AppData\Roaming\ZHP
2015-01-22 16:30 - 2014-07-17 13:14 - 00000000 ____D () C:\Users\Todos os Usuários\Oracle
2015-01-22 16:30 - 2014-07-17 13:14 - 00000000 ____D () C:\ProgramData\Oracle
2015-01-22 16:29 - 2014-10-23 21:48 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2015-01-22 16:29 - 2014-10-23 21:48 - 00000000 ____D () C:\Program Files (x86)\Java
2015-01-18 15:50 - 2014-04-18 12:40 - 00000000 ____D () C:\Users\User\AppData\Roaming\vlc
2015-01-10 18:23 - 2014-06-02 22:04 - 00013693 _____ () C:\Users\User\Desktop\CONTAS.xlsx
2015-01-08 16:37 - 2014-05-27 17:44 - 00000000 ____D () C:\Program Files (x86)\Ubisoft
2015-01-08 16:37 - 2013-07-30 15:31 - 00000000 ____D () C:\Program Files (x86)\InstallShield Installation Information
2015-01-08 16:37 - 2009-07-14 03:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-01-06 09:07 - 2014-05-09 22:41 - 00000000 ____D () C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2015-01-06 04:13 - 2014-12-22 20:29 - 00000000 ____D () C:\Program Files\CCleaner

==================== Files in the root of some directories =======

2014-09-02 21:00 - 2014-11-15 12:13 - 0011776 _____ () C:\Users\User\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-04-29 17:09 - 2014-04-29 17:09 - 0000017 _____ () C:\Users\User\AppData\Local\resmon.resmoncfg
2014-06-30 22:41 - 2014-06-30 22:43 - 2354432 _____ () C:\Users\User\AppData\Local\User1.zip
2014-06-16 22:16 - 2014-06-16 22:16 - 0000561 _____ () C:\Users\User\AppData\Local\ZHPFixReport.txt
2014-10-07 19:04 - 2014-10-07 19:04 - 0000338 _____ () C:\ProgramData\directm.log
2014-04-17 11:49 - 2014-04-17 11:49 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2015-01-24 09:00

==================== End Of Log ============================

por **caedurodrigues** Sáb 31 Jan 2015, 14:20

Boa tarde kipper, como está o PC ?

Copie estas informações que estão em vermelho,para o Bloco de Notas.
Salve-a com o nome fixlist.txt
Salve-a no mesmo local em que se encontra a FRST

start
CloseProcesses:
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-2123034537-1514316849-1306321605-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
SearchScopes: HKU\S-1-5-21-2123034537-1514316849-1306321605-1000 -> DefaultScope {012E1000-F331-11DB-8314-0800200C9A66} URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
SearchScopes: HKU\S-1-5-21-2123034537-1514316849-1306321605-1000 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
FF Plugin HKU\S-1-5-21-2123034537-1514316849-1306321605-1000: @lightspark.github.com/Lightspark;version=1 -> C:\Program Files (x86)\Lightspark 0.5.3-git\nplightsparkplugin.dll No File
FF Plugin HKU\S-1-5-21-2123034537-1514316849-1306321605-1000: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll No File
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\buscape.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\mercadolivre.xml
CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}{google:searchVersion}{google:sessionToken}{google:prefetchQuery}sugkey={google:suggestAPIKeyParameter}
U3 ahjqdxv4; C:\Windows\System32\Drivers\ahjqdxv4.sys [0 ] (Advanced Micro Devices) <==== ATTENTION (zero size file/folder)
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
S3 ZTEusbmdm6k; system32\DRIVERS\ZTEusbmdm6k.sys [X]
S3 ZTEusbnmea; system32\DRIVERS\ZTEusbnmea.sys [X]
S3 ZTEusbser6k; system32\DRIVERS\ZTEusbser6k.sys [X]
2015-01-29 16:53 - 2015-01-29 16:53 - 00000554 _____ () C:\Windows\PFRO.log
2015-01-29 16:47 - 2015-01-29 16:28 - 00024064 _____ () C:\Windows\zoek-delete.exe
2015-01-29 16:33 - 2015-01-23 20:43 - 00042536 _____ () C:\zoek-results2015-01-23-224329.log
2015-01-29 16:27 - 2015-01-29 16:28 - 01295360 _____ () C:\Users\User\Desktop\zoek(1).exe
2015-01-25 19:33 - 2015-01-31 08:35 - 00001008 _____ () C:\Windows\setupact.log
2015-01-25 19:33 - 2015-01-25 19:33 - 00000000 _____ () C:\Windows\setuperr.log
2015-01-23 20:31 - 2015-01-29 16:54 - 00016750 _____ () C:\zoek-results.log
2015-01-23 20:28 - 2015-01-29 16:41 - 00000000 ____D () C:\zoek_backup
2015-01-23 20:27 - 2015-01-23 20:28 - 01295360 _____ () C:\Users\User\Downloads\zoek.exe
2015-01-21 17:38 - 2015-01-21 17:38 - 00000512 _____ () C:\PhysicalDisk0_MBR.bin
2015-01-21 17:34 - 2015-01-21 17:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZHP
2015-01-21 17:34 - 2015-01-21 17:34 - 00000000 ____D () C:\Program Files (x86)\ZHPDiag
2015-01-21 17:25 - 2015-01-21 17:26 - 06865579 _____ (Nicolas Coolman ) C:\Users\User\Downloads\ZHPDiag2(1).exe
2014-06-16 22:16 - 2014-06-16 22:16 - 0000561 _____ () C:\Users\User\AppData\Local\ZHPFixReport.txt
HOSTS:
CMD: bitsadmin /reset /allusers
CMD: ipconfig /flushdns
emptytemp:
end
Execute FRST/FRST64 >> Clique "Fix". << Aguarde!
Poste o relatório! (Fixlog.txt)

Um grande abraço. pc lento e demora pra entra na net 648673379

[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
< Peço aos visitantes que não utilizem este script em outros computadores,sob risco de danos irreparáveis aos mesmos! >

por kipper Dom 01 Fev 2015, 09:05

o pc ja ta melhor!

Processes closed successfully.
"HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer" => Key deleted successfully.
"HKU\S-1-5-21-2123034537-1514316849-1306321605-1000\SOFTWARE\Policies\Microsoft\Internet Explorer" => Key deleted successfully.
HKU\S-1-5-21-2123034537-1514316849-1306321605-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
"HKU\S-1-5-21-2123034537-1514316849-1306321605-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66}" => Key deleted successfully.
HKCR\CLSID\{012E1000-F331-11DB-8314-0800200C9A66} => Key not found.
"HKU\S-1-5-21-2123034537-1514316849-1306321605-1000\Software\MozillaPlugins\@lightspark.github.com/Lightspark;version=1" => Key deleted successfully.
C:\Program Files (x86)\Lightspark 0.5.3-git\nplightsparkplugin.dll not found.
"HKU\S-1-5-21-2123034537-1514316849-1306321605-1000\Software\MozillaPlugins\ubisoft.com/uplaypc" => Key deleted successfully.
C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll not found.
C:\Program Files (x86)\mozilla firefox\browser\searchplugins\buscape.xml => Moved successfully.
C:\Program Files (x86)\mozilla firefox\browser\searchplugins\mercadolivre.xml => Moved successfully.
Chrome DefaultSuggestURL deleted successfully.
ahjqdxv4 => Service not found.
VGPU => Service deleted successfully.
ZTEusbmdm6k => Service deleted successfully.
ZTEusbnmea => Service deleted successfully.
ZTEusbser6k => Service deleted successfully.
C:\Windows\PFRO.log => Moved successfully.
C:\Windows\zoek-delete.exe => Moved successfully.
C:\zoek-results2015-01-23-224329.log => Moved successfully.
"C:\Users\User\Desktop\zoek(1).exe" => File/Directory not found.
C:\Windows\setupact.log => Moved successfully.
C:\Windows\setuperr.log => Moved successfully.
C:\zoek-results.log => Moved successfully.
C:\zoek_backup => Moved successfully.
C:\Users\User\Downloads\zoek.exe => Moved successfully.
C:\PhysicalDisk0_MBR.bin => Moved successfully.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZHP => Moved successfully.
C:\Program Files (x86)\ZHPDiag => Moved successfully.
C:\Users\User\Downloads\ZHPDiag2(1).exe => Moved successfully.
C:\Users\User\AppData\Local\ZHPFixReport.txt => Moved successfully.
Hosts was reset successfully.

========= bitsadmin /reset /allusers =========

BITSADMIN version 3.0 [ 7.5.7601 ]
BITS administration utility.
(C) Copyright 2000-2006 Microsoft Corp.

BITSAdmin is deprecated and is not guaranteed to be available in future versions of Windows.
Administrative tools for the BITS service are now provided by BITS PowerShell cmdlets.

{42F36E29-BC68-427C-AF2A-539329230F46} canceled.
1 out of 1 jobs canceled.

========= End of CMD: =========

========= ipconfig /flushdns =========

Configura��o de IP do Windows

Libera��o do Cache do DNS Resolver bem-sucedida.

========= End of CMD: =========

EmptyTemp: => Removed 622 MB temporary data.

The system needed a reboot.

==== End of Fixlog 08:51:32 ====

por **caedurodrigues** Dom 01 Fev 2015, 13:47

Boa tarde kipper, Ainda há algum problema com o PC ? Caso não, siga os passos abaixo para encerrar o tópico.

pc lento e demora pra entra na net 772309

Agora vamos remover as ferramentas utilizadas na desinfecção.

Baixe: <[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]> (...par Xplode)
Salve-a na sua área de trabalho.
Dê dois cliques no delfix.exe para executá-lo.
Usuários do Windows Vista ou Windows 7,clique com o direito do mouse sobre o arquivo delfix.exe,depois clique em: [Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
Marque as caixinhas, de acordo com a imagem.
Clique no botão Executar.
Reinicie o computador!
Tudo OK ?

Um grande abraço.

por **joram** Sex 06 Fev 2015, 19:12

Caso Resolvido

Necessitando nova verificação para este computador,basta abrir "Novo Tópico" e relatar o problema.

por Conteúdo patrocinado

pc lento e demora pra entra na net

pc lento e demora pra entra na net

Re: pc lento e demora pra entra na net

Re: pc lento e demora pra entra na net

Re: pc lento e demora pra entra na net

Re: pc lento e demora pra entra na net

Re: pc lento e demora pra entra na net

Re: pc lento e demora pra entra na net

Re: pc lento e demora pra entra na net

Re: pc lento e demora pra entra na net

Re: pc lento e demora pra entra na net

Re: pc lento e demora pra entra na net

Re: pc lento e demora pra entra na net

Re: pc lento e demora pra entra na net

Re: pc lento e demora pra entra na net

Re: pc lento e demora pra entra na net

Re: pc lento e demora pra entra na net

Re: pc lento e demora pra entra na net

Re: pc lento e demora pra entra na net

Re: pc lento e demora pra entra na net

Re: pc lento e demora pra entra na net

Seg	Ter	Qua	Qui	Sex	Sáb	Dom
		1	2	3	4	5
6	7	8	9	10	11	12
13	14	15	16	17	18	19
20	21	22	23	24	25	26
27	28	29	30	31