cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

~ Relat�rio do ZHPDiag v2013.9.1.2 - Nicolas Coolman (01/09/2013)
~ Iniciado por Servidor (02/09/2013 19:13:22)
~ Endere�o do Website : http://nicolascoolman.webs.com
~ Tradu��o pelo utilizador
~ Estatuto da vers�o : Vers�o atualizada.
~ Lista Branca : Ativado pelo programa
~ Eleva��o dos Privil�gios : OK
~ Controle de Conta de Utilizador : Not Found


---\\ Navegadores Internet
MSIE: Internet Explorer v8.0.6001.18702
GCIE: Google Chrome v29.0.1547.62 (Defaut)

---\\ Informa��es sobre os produtos Windows
~ Langage: Portugais
Windows XP Professional Service Pack 3 (Build 2600)
Windows Automatic Updates : OK
Windows Genuine Advantage : KO

---\\ Softwares de prote�ao do sistema
avast! Free Antivirus v8.0.1489.0

---\\ Softwares d'optimiza��o do sistema
CCleaner =>Piriform Ltd

---\\ Softwares de partilha do PeerToPeer (P2P)

---\\ Monitoramento dos softwares
Adobe Flash Player 11 ActiveX
Adobe Reader XI

---\\ Informa��es sobre o sistema
~ Processor: x86 Family 6 Model 42 Stepping 7, GenuineIntel
~ Operating System: 32 Bits
Boot mode: Normal (Normal boot)
Total RAM: 2986 MB (81% free)
System Restore: Activ� (Enable)
System drive C: has 57 GB (56%) free of 101 GB

---\\ Modo de conex�o ao sistema
~ Computer Name: SERVER
~ User Name: Servidor
~ All Users Names: SUPPORT_388945a0, Servidor, HelpAssistant, Convidado, Administrador,
~ Unselected Option: None
Logged in as Administrator

---\\ As vari�veis de ambiente
~ System Unit : C:\
~ %AppData% : C:\Documents and Settings\Servidor\Dados de aplicativos\
~ %Desktop% : C:\Documents and Settings\Servidor\Desktop\
~ %Favorites% : C:\Documents and Settings\Servidor\Favoritos\
~ %LocalAppData% : C:\Documents and Settings\Servidor\Configura��es locais\Dados de aplicativos\
~ %StartMenu% : C:\Documents and Settings\Servidor\Menu Iniciar\
~ %Windir% : C:\WINDOWS\
~ %System% : C:\WINDOWS\system32\

---\\ Enumera��o das unidades dos discos
C:\ Hard drive, Flash drive, Thumb drive (Free 57 Go of 101 Go)
D:\ Hard drive, Flash drive, Thumb drive (Free 235 Go of 272 Go)
E:\ CD-ROM drive (Not Inserted)



---\\ Estado do Centro de Seguran�a do Windows
~ Security Center: 33 Legitimates Filtered in 00mn 00s



---\\ Pesquisa particular de ficheiros gen�ricos
[MD5.064EC7FF5F58B928C3E119402977FA6D] - (.Microsoft Corporation - Windows Explorer.) (.13/04/2008 - 17:21:00.) -- C:\WINDOWS\Explorer.exe [1035776]
[MD5.0CE085CD2FC5735CBC8D25F7EDDD393A] - (.Microsoft Corporation - Internet Extensions for Win32.) (.25/07/2013 - 23:48:57.) -- C:\WINDOWS\system32\wininet.dll [920064]
[MD5.71D440F79B711627B12B567FB2EADB42] - (.Microsoft Corporation - Aplicativo de logon do Windows NT.) (.13/04/2008 - 17:21:24.) -- C:\WINDOWS\system32\Winlogon.exe [509952]
[MD5.1E44BC1E83D8FD2305F8D452DB109CF9] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.17/08/2011 - 10:49:54.) -- C:\WINDOWS\system32\Drivers\AFD.sys [138496]
[MD5.9F3A2F5AA6875C72BF062C712CFA2674] - (.Microsoft Corporation - IDE/ATAPI Port Driver.) (.13/04/2008 - 11:40:32.) -- C:\WINDOWS\system32\Drivers\atapi.sys [96512]
[MD5.C885B02847F5D2FD45A24E219ED93B32] - (.Microsoft Corporation - CD-ROM File System Driver.) (.13/04/2008 - 10:14:22.) -- C:\WINDOWS\system32\Drivers\Cdfs.sys [63744]
[MD5.1F4260CC5B42272D71F79E570A27A4FE] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.13/04/2008 - 09:40:48.) -- C:\WINDOWS\system32\Drivers\Cdrom.sys [62976]
[MD5.A8D31E836CCF2F51009CE7DFFECF6D51] - (.Microsoft Corporation - FIPS Crypto Driver.) (.13/04/2008 - 16:52:44.) -- C:\WINDOWS\system32\Drivers\Fips.sys [44672]
[MD5.573C7D0A32852B48F3058CFD8026F511] - (.Windows (R) Server 2003 DDK provider - High Definition Audio Bus Driver v1.0a.) (.13/04/2008 - 07:36:06.) -- C:\WINDOWS\system32\Drivers\HDAudBus.sys [144384]
[MD5.485BC6BEB778B5E9702E6AA3D384C0CB] - (.Microsoft Corporation - Driver de porta i8042.) (.13/04/2008 - 16:55:20.) -- C:\WINDOWS\system32\Drivers\i8042prt.sys [53504]
[MD5.083A052659F5310DD8B6A6CB05EDCF8E] - (.Microsoft Corporation - IMAPI Kernel Driver.) (.13/04/2008 - 09:41:00.) -- C:\WINDOWS\system32\Drivers\Imapi.sys [42112]
[MD5.CC748EA12C6EFFDE940EE98098BF96BB] - (.Microsoft Corporation - IP Network Address Translator.) (.13/04/2008 - 09:57:16.) -- C:\WINDOWS\system32\Drivers\IpNat.sys [152832]
[MD5.23C74D75E36E7158768DD63D92789A91] - (.Microsoft Corporation - IPSec Driver.) (.13/04/2008 - 10:19:44.) -- C:\WINDOWS\system32\Drivers\IPSec.sys [75264]
[MD5.7D304A5EB4344EBEEAB53A2FE3FFB9F0] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.15/07/2011 - 10:29:31.) -- C:\WINDOWS\system32\Drivers\MRxSmb.sys [456320]
[MD5.74B2B2F5BEA5E9A3DC021D685551BD3D] - (.Microsoft Corporation - MBT Transport driver.) (.13/04/2008 - 10:21:02.) -- C:\WINDOWS\system32\Drivers\netBT.sys [162816]
[MD5.78A08DD6A8D65E697C18E1DB01C5CDCA] - (.Microsoft Corporation - NT File System Driver.) (.13/04/2008 - 10:15:54.) -- C:\WINDOWS\system32\Drivers\ntfs.sys [574976]
[MD5.9BADEE6B698BF1AF36E25A1A64A89EAB] - (.Microsoft Corporation - Driver de porta paralela.) (.13/04/2008 - 17:34:10.) -- C:\WINDOWS\system32\Drivers\Parport.sys [80384]
[MD5.11B4A627BC9614B885C4969BFA5FF8A6] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.13/04/2008 - 10:19:44.) -- C:\WINDOWS\system32\Drivers\Rasl2tp.sys [51328]
[MD5.15CABD0F7C00C47C70124907916AF3F1] - (.Microsoft Corporation - Microsoft RDP Device redirector.) (.13/04/2008 - 11:32:52.) -- C:\WINDOWS\system32\Drivers\rdpdr.sys [196224]
[MD5.68D749B04BFBBD4D4D15CC5185AFA4DD] - (.Microsoft Corporation - Redbook Audio Filter Driver.) (.13/04/2008 - 15:53:18.) -- C:\WINDOWS\system32\Drivers\redbook.sys [58240]
[MD5.EB6B1E2C984D84470FF4FE7EF98CD44A] - (.Microsoft Corporation - Driver de c�pia de sombra de volume.) (.13/04/2008 - 16:53:02.) -- C:\WINDOWS\system32\Drivers\volsnap.sys [53248]
~ Generic Processes: Scanned in 00mn 00s



---\\ Estatuto dos ficheiros ocultos (Oculto/Total)
~ Mes images (My Pictures) : 2/8
~ Mes musiques (My Musics) : 1/2
~ Mes Videos (My Videos) : 2/4
~ Mes Favoris (My Favorites) : 1/10
~ Mes Documents (My Documents) : 1/1873
~ Mon Bureau (My Desktop) : 0/151
~ Menu demarrer (Programs) : 1/38
~ Hidden Files: Scanned in 00mn 00s



---\\ Processos lan�ados au arranque du sistema
[MD5.28D6701C710AD7BA3CB95E75F8F1A9AA] - (.AVAST Software - avast! Service.) -- C:\Arquivos de programas\AVAST Software\Avast\AvastSvc.exe [46808] [PID.852]
[MD5.C5052FB77AA42ED440F9F6B4E37145A9] - (.Nero AG - Nero BackItUp.) -- C:\Arquivos de programas\Nero\Nero8\Nero BackItUp\NBService.exe [869672] [PID.588]
[MD5.BE43E378CC1AAF264475C40863952700] - (.Baidu Inc. - Baidu PC Faster Service.) -- C:\Arquivos de programas\Baidu Security\PC App Store\3.4.0.16\PCAppStoreSvc.exe [578472] [PID.1784]
[MD5.801E66C9E49EBAD59FADFE7C33B23F51] - (.Baidu Inc. - Baidu PC Faster Service.) -- C:\Arquivos de programas\Baidu Security\PC Faster\3.7.0.0\PCFasterSvc.exe [621552] [PID.1812]
[MD5.D53118C165AE5D188632B6CDEEE82A1B] - (.TeamViewer GmbH - TeamViewer 8.) -- C:\Arquivos de programas\TeamViewer\Version8\TeamViewer_Service.exe [4308320] [PID.1992]
[MD5.74149BCF0307BB76D68C0F8912DF731C] - (.Nero AG - Nero Home.) -- C:\Arquivos de programas\Arquivos comuns\Nero\Lib\NMIndexingService.exe [447784] [PID.1576]
[MD5.ABD683E1D80805B7B4C5997ED47DFDB8] - (.TeamViewer GmbH - TeamViewer 8.) -- C:\Arquivos de programas\TeamViewer\Version8\TeamViewer.exe [11737952] [PID.3164]
[MD5.5B1E6BD8C8F4377F12F634B31C17D463] - (.TeamViewer GmbH - TeamViewer 8.) -- C:\Arquivos de programas\TeamViewer\Version8\tv_w32.exe [195936] [PID.3712]
[MD5.275A5AFE52C7440946B89215913446F5] - (.Microsoft Corporation - Windows� installer.) -- C:\WINDOWS\system32\msiexec.exe [78848] [PID.2168]
[MD5.47CBC47BD984326F06E6C3EAB04A06EE] - (.Intel Corporation - igfxTray Module.) -- C:\WINDOWS\system32\igfxtray.exe [143128] [PID.3256]
[MD5.B8CE215FD3F73CEEAD7A19B37A058D38] - (.Intel Corporation - hkcmd Module.) -- C:\WINDOWS\system32\hkcmd.exe [181528] [PID.3232]
[MD5.1D37102F4AFEE1DE5236712F0766D6A3] - (.Intel Corporation - persistence Module.) -- C:\WINDOWS\system32\igfxpers.exe [169752] [PID.3704]
[MD5.589B158ADFBAD142AE6EDDC31B632D1D] - (.Realtek Semiconductor Corp. - Realtek HD Audio Control Panel.) -- C:\WINDOWS\RTHDCPL.exe [20065384] [PID.3500]
[MD5.3F11B20D12D89365D7721BDC860CE5F0] - (.AVAST Software - avast! Antivirus.) -- C:\Arquivos de programas\AVAST Software\Avast\avastUI.exe [4858968] [PID.3252]
[MD5.0CE5B7372D0947889CB2FD394D869011] - (.Nero AG - Nero Home.) -- C:\Arquivos de programas\Arquivos comuns\Nero\Lib\NMIndexStoreSvr.exe [1688872] [PID.1388]
[MD5.EFF5E5CCA31672BD00AF87D170590AFB] - (.Microsoft Corporation - Windows Messenger.) -- C:\Arquivos de programas\Messenger\msmsgs.exe [1695232] [PID.1468]
[MD5.D87ACAED61E417BBA546CED5E7E36D9C] - (.Microsoft Corporation - .NET Runtime Optimization Service.) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [69632] [PID.3048]
[MD5.2E0B0A051FFAA86E358465BB0880D453] - (.Microsoft Corporation - Windows Update.) -- C:\WINDOWS\system32\wuauclt.exe [53784] [PID.2140]
[MD5.68825D489DE0DC71FF3A62D6452684BA] - (.Nicolas Coolman - ZHPDiag.) -- C:\Arquivos de programas\ZHPDiag\ZHPDiag.exe [7860224] [PID.3908]
[MD5.6D2018AEE93285F2A8BEF55D722187A3] - (.Microsoft Corporation - Application Layer Gateway Service.) -- C:\WINDOWS\System32\alg.exe [44544] [PID.2480]
~ Processes Running: Scanned in 00mn 01s



---\\ Internet Explorer, Gest�o do Proxy (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 192.168.1.22:3128
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s



---\\ An�lise das linhas F0, F1, F2, F3 - Ficheiros ini, Carregamento Autom�tico de programas
F2 - REG:system.ini: USERINIT=C:\WINDOWS\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\WINDOWS\explorer.exe
F2 - REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL "sysdm.cpl"
~ Keys: Scanned in 00mn 00s



---\\ Redire��o do ficheiro Hosts (01)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File: Scanned in 00mn 00s
~ Nombre de lignes (Lines number): 19



---\\ Barras do Internet Explorer (03))
O3 - Toolbar: Google Toolbar - [HKLM]{2318C2B1-4965-11d4-9B18-009027A5CD4F} . (.Google Inc. - Google Toolbar.) -- C:\Arquivos de programas\Google\Google Toolbar\GoogleToolbar_32.dll =>Toolbar.Google
O3 - Toolbar: avast! Online Security - [HKLM]{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} . (.AVAST Software - IE Webrep plugin.) -- C:\Arquivos de programas\AVAST Software\Avast\aswWebRepIE.dll
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{2318C2B1-4965-11D4-9B18-009027A5CD4F} Chave orf�
~ Toolbar: Scanned in 00mn 00s



---\\ Aplica��es iniciadas por registo & pastas (04)
O4 - HKLM\..\Run: [IgfxTray] . (.Intel Corporation - igfxTray Module.) -- C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] . (.Intel Corporation - hkcmd Module.) -- C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] . (.Intel Corporation - persistence Module.) -- C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [RTHDCPL] . (.Realtek Semiconductor Corp. - Realtek HD Audio Control Panel.) -- C:\WINDOWS\RTHDCPL.exe
O4 - HKLM\..\Run: [avast] . (.AVAST Software - avast! Antivirus.) -- C:\Arquivos de programas\AVAST Software\Avast\avastUI.exe
O4 - HKLM\..\Run: [NBKeyScan] . (.Nero AG - Nero BackItUp.) -- C:\Arquivos de programas\Nero\Nero8\Nero BackItUp\NBKeyScan.exe
O4 - HKLM\..\Run: [Baidu PC Faster 3.7.0.0] . (.Baidu Inc. - Baidu PC Faster.) -- C:\Arquivos de programas\Baidu Security\PC Faster\3.7.0.0\PCFaster.exe
O4 - HKLM\..\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Arquivos de programas\Arquivos comuns\Adobe\ARM\1.0\AdobeARM.exe
O4 - HKCU\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] . (.Nero AG - Nero Home.) -- C:\Arquivos de programas\Arquivos comuns\Nero\Lib\NMIndexStoreSvr.exe
O4 - HKCU\..\Run: [swg] . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Arquivos de programas\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [MSMSGS] . (.Microsoft Corporation - Windows Messenger.) -- C:\Arquivos de programas\Messenger\msmsgs.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\CTFMON.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\CTFMON.exe
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\CTFMON.exe
O4 - HKUS\S-1-5-18\..\RunOnce: [nltide_2] Chave orf�
O4 - HKUS\S-1-5-19\..\RunOnce: [nltide_2] Chave orf�
O4 - HKUS\S-1-5-20\..\RunOnce: [nltide_2] Chave orf�
O4 - HKUS\S-1-5-21-1004336348-1972579041-682003330-1003\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-21-1004336348-1972579041-682003330-1003\..\Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] . (.Nero AG - Nero Home.) -- C:\Arquivos de programas\Arquivos comuns\Nero\Lib\NMIndexStoreSvr.exe
O4 - HKUS\S-1-5-21-1004336348-1972579041-682003330-1003\..\Run: [swg] . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Arquivos de programas\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKUS\S-1-5-21-1004336348-1972579041-682003330-1003\..\Run: [MSMSGS] . (.Microsoft Corporation - Windows Messenger.) -- C:\Arquivos de programas\Messenger\msmsgs.exe
~ Application: Scanned in 00mn 00s



---\\ Outras conex�es do utilizador (04)
O4 - GS\Desktop: Adobe Reader XI.lnk . (.Adobe Systems Incorporated - Adobe Reader.) -- C:\Arquivos de programas\Adobe\Reader 11.0\Reader\AcroRd32.exe
O4 - GS\Desktop: aTube Catcher.lnk . (.DsNET - aTube Catcher to download and convert video.) -- C:\Arquivos de programas\DsNET Corp\aTube Catcher 2.0\yct.exe
O4 - GS\Desktop: avast! Free Antivirus.lnk . (.AVAST Software - avast! Antivirus.) -- C:\Arquivos de programas\AVAST Software\Avast\AvastUI.exe
O4 - GS\Desktop: EASEUS Partition Master 9.1.0 Home Edition.lnk . (.EASEUS - EASEUS Partition Master Loader Application.) -- C:\Arquivos de programas\EASEUS\EASEUS Partition Master 9.1.0 Home Edition\bin\epm0.exe
O4 - GS\Desktop: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Arquivos de programas\Google\Chrome\Application\chrome.exe
O4 - GS\Desktop: Nero StartSmart.lnk . (.Nero AG - Nero StartSmart 8 Application.) -- C:\Arquivos de programas\Nero\Nero8\Nero StartSmart\NeroStartSmart.exe
O4 - GS\Desktop: Oracle VM VirtualBox.lnk . (.Oracle Corporation - Oracle VM VirtualBox Manager.) -- C:\Arquivos de programas\Oracle\VirtualBox\VirtualBox.exe
O4 - GS\Desktop: PDFCreator.lnk . (.- - PDFCreator.) -- C:\Arquivos de programas\PDFCreator\PDFCreator.exe
O4 - GS\Desktop: Skype.lnk . (...) -- C:\WINDOWS\Installer\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}\SkypeIcon.exe
O4 - GS\Desktop: TeamViewer 8.lnk . (.TeamViewer GmbH - TeamViewer 8.) -- C:\Arquivos de programas\TeamViewer\Version8\TeamViewer.exe
O4 - GS\Desktop: uTorrent Acceleration Tool.lnk . (.P2pAccelerators LLC. - uTorrent Acceleration Tool.) -- C:\Arquivos de programas\uTorrent Acceleration Tool\uTorrent Acceleration Tool.exe =>P2P.�Torrent
O4 - GS\Desktop: ZHPDiag.lnk . (.Nicolas Coolman - ZHPDiag Setup.) -- C:\Arquivos de programas\ZHPDiag\ZHPhep.exe
O4 - GS\Desktop: ZHPFix.lnk . (.Nicolas Coolman - ZHPDiag Setup.) -- C:\Arquivos de programas\ZHPDiag\ZHPFix\ZHPhep.exe
O4 - GS\Desktop: CCleaner.lnk . (.Piriform Ltd - CCleaner.) -- C:\Arquivos de programas\CCleaner\CCleaner.exe =>Piriform Ltd
O4 - GS\Desktop: Cheat Engine.lnk . (...) -- C:\Arquivos de programas\Cheat Engine 6.2\Cheat Engine.exe
O4 - GS\Desktop: Format Factory.lnk . (.Free Time - FormatFactory.) -- C:\Arquivos de programas\FreeTime\FormatFactory\FormatFactory.exe
O4 - GS\Desktop: �Torrent.lnk . (.BitTorrent Inc. - �Torrent.) -- C:\Documents and Settings\Servidor\Dados de aplicativos\uTorrent\uTorrent.exe =>P2P.BitTorrent
~ Global Startup: Scanned in 00mn 00s



---\\ Bout�es da barra de ferramentas principal do Internet Explorer (09)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} . (...) -- C:\Arquivos de programas\Microsoft Office\Office12\REFBARH.ICO
O9 - Extra button: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} -- Chave orf�
O9 - Extra button: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} . (.Microsoft Corporation - Windows Messenger.) -- C:\Arquivos de programas\Messenger\msmsgs.exe
~ IE Extra Buttons: Scanned in 00mn 00s



---\\ Piratagem da Op��o " Redefinir Configura��es da Web " (014)
O14 - IERESET.INF: SEARCH_PAGE_URL=SEARCH_PAGE_URL="&http://home.microsoft.com/intl/br/access/allinone.asp"
O14 - IERESET.INF: SAFESITE_VALUE=SAFESITE_VALUE="search.msn.com.br"
~ IE Param�tres WEB: Scanned in 00mn 00s



---\\ Objets ActiveX (Downloaded Program Files)(O16)
O16 - DPF: {021AFC0F-30F4-474D-9903-CE42D9539B17} ((no name)) - http://zoete.zapto.org:8080/dvr_ocx.cab
O16 - DPF: {56BF4498-FD28-46C4-9000-3A644D6EE0E7} ((no name)) - http://phvidros.zapto.org:8080/DVRClient.exe
O16 - DPF: {9EF2BA47-C6A7-470D-9DD9-4323B0CB8353} ((no name)) - http://mercadinhocaico.zapto.org:8080/WebClient.exe
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} ((no name)) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {D639FA00-CB11-4F67-82F2-C0A87EAECDF3} ((no name)) - http://sidtrabalhadores.zapto.org:8080/IVSWeb.cab
~ Objets ActiveX: Scanned in 00mn 00s



---\\ Altera��o Dominio/Clientes DNS (017)
O17 - HKLM\System\CCS\Services\Tcpip\..\{991D5C4F-ADCB-47C8-AA6E-BCECE19C43E3}: DhcpNameServer = 187.123.79.52 187.123.79.56 192.168.1.254
O17 - HKLM\System\CS1\Services\Tcpip\..\{991D5C4F-ADCB-47C8-AA6E-BCECE19C43E3}: DhcpNameServer = 187.123.79.52 187.123.79.56 192.168.1.254
O17 - HKLM\System\CS2\Services\Tcpip\..\{991D5C4F-ADCB-47C8-AA6E-BCECE19C43E3}: DhcpNameServer = 187.123.79.52 187.123.79.56 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 187.123.79.52 187.123.79.56 192.168.1.254
~ Domain: Scanned in 00mn 00s



---\\ Protocolo adicional (018)
O18 - Handler: wia - {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} . (.Microsoft Corporation - WIA Scripting Layer.) -- C:\WINDOWS\system32\wiascr.dll
O18 - Filter: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\OFFICE12\MSOXMLMF.dll
~ Protocole Additionnel: Scanned in 00mn 00s



---\\ Valor do Registo AppInit_DLLs e sub-chaves Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: crypt32chain . (.Microsoft Corporation - Crypto API32.) -- C:\WINDOWS\system32\crypt32.dll
O20 - Winlogon Notify: cryptnet . (.Microsoft Corporation - Crypto Network Related API.) -- C:\WINDOWS\system32\cryptnet.dll
O20 - Winlogon Notify: cscdll . (.Microsoft Corporation - Agente de rede off-line.) -- C:\WINDOWS\system32\cscdll.dll
O20 - Winlogon Notify: dimsntfy . (.Microsoft Corporation - DIMS Notification Handler.) -- C:\WINDOWS\system32\dimsntfy.dll
O20 - Winlogon Notify: igfxcui . (.Intel Corporation - igfxdev Module.) -- C:\WINDOWS\system32\igfxdev.dll
O20 - Winlogon Notify: ScCertProp . (.Microsoft Corporation - DLL comum para receber notifica��es do Winl.) -- C:\WINDOWS\system32\wlnotify.dll
O20 - Winlogon Notify: Schedule . (.Microsoft Corporation - DLL comum para receber notifica��es do Winl.) -- C:\WINDOWS\system32\wlnotify.dll
O20 - Winlogon Notify: sclgntfy . (.Microsoft Corporation - DLL de notifica��o do servi�o de logon secu.) -- C:\WINDOWS\system32\sclgntfy.dll
O20 - Winlogon Notify: SensLogn . (.Microsoft Corporation - DLL comum para receber notifica��es do Winl.) -- C:\WINDOWS\system32\WlNotify.dll
O20 - Winlogon Notify: termsrv . (.Microsoft Corporation - DLL comum para receber notifica��es do Winl.) -- C:\WINDOWS\system32\wlnotify.dll
O20 - Winlogon Notify: wlballoon . (.Microsoft Corporation - DLL comum para receber notifica��es do Winl.) -- C:\WINDOWS\system32\wlnotify.dll
~ Winlogon: Scanned in 00mn 00s



---\\ Chave do Registo autorun SharedTaskScheduler (STS) (O22)
O22 - SharedTaskScheduler: Pr�-carregador Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} . (.Microsoft Corporation - Biblioteca da interface de usu�rio do naveg.) -- C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Pr�-carregador Browseui - {8C7461EF-2B13-11d2-BE35-3078302C2030} . (.Microsoft Corporation - Biblioteca da interface de usu�rio do naveg.) -- C:\WINDOWS\system32\browseui.dll
~ STS/SSO: Scanned in 00mn 00s



---\\ Lista dos servi�os NT n�o Microsoft e n�o desativados (023)
O23 - Service: Baidu PC App Store Service 3.4.0.16 (PCAppStoreSvc_{PCAppStore_3.4.0.16}) . (.Baidu Inc. - Baidu PC Faster Service.) - C:\Arquivos de programas\Baidu Security\PC App Store\3.4.0.16\PCAppStoreSvc.exe
O23 - Service: Baidu PC Faster Service 3.7.0.0 (PCFasterSvc_{PCFaster_3.7.0.0}) . (.Baidu Inc. - Baidu PC Faster Service.) - C:\Arquivos de programas\Baidu Security\PC Faster\3.7.0.0\PCFasterSvc.exe
O23 - Service: TeamViewer 8 (TeamViewer8) . (.TeamViewer GmbH - TeamViewer 8.) - C:\Arquivos de programas\TeamViewer\Version8\TeamViewer_Service.exe
~ Services: 7 Legitimates Filtered in 00mn 02s



---\\ Enumera��o Ativa do Ambiente de trabalho & Editor MHTML (024)
O24 - Desktop Component 0: Minha p�gina inicial atual - file:About:Home
O24 - Desktop General: BackupWallPaper - .(...) - C:\Documents and Settings\Servidor\Configura��es locais\Dados de aplicativos\Microsoft\Wallpaper1.bmp
O24 - Desktop General: WallPaper - .(...) - C:\Documents and Settings\Servidor\Configura��es locais\Dados de aplicativos\Microsoft\Wallpaper1.bmp
~ Desktop Component: 4 Legitimates Filtered in 00mn 00s



---\\ Drivers lan�ados ao arranque do sistema (041)
O41 - Driver: (BprotectEx) . (.Baidu, Inc. - Baidu Antivirus Minifilter Driver.) - C:\WINDOWS\system32\drivers\BprotectEx.sys
~ Drivers: 69 Legitimates Filtered in 00mn 00s



---\\ Software instalados (042)
O42 - Logiciel: Baidu PC Faster - (.Baidu, Inc..) [HKLM] -- Baidu PC Faster 3.7.0.0
O42 - Logiciel: Client - (...) [HKLM] -- Client
O42 - Logiciel: PC App Store - (.Baidu, Inc..) [HKLM] -- PC App Store 3.4.0.16
O42 - Logiciel: WebClient - (...) [HKLM] -- WebClient
~ Logic: 197 Legitimates Filtered in 00mn 00s



---\\ HKCU & HKLM Software Keys
[HKCU\Software\Baidu Security]
[HKCU\Software\Photec]
[HKCU\Software\TVT]
[HKCU\Software\dvr_hd]
[HKCU\Software\superdownloads.com.br]
[HKLM\Software\Baidu Security]
~ Key Software: 139 Legitimates Filtered in 00mn 00s



---\\ Conte�do das pastas Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 27/08/2013 - 16:11:05 - [164,118] ----D C:\Arquivos de programas\Baidu Security
O43 - CFD: 26/08/2013 - 18:37:39 - [0,159] ----D C:\Arquivos de programas\Client
O43 - CFD: 15/08/2013 - 18:47:52 - [0,614] ----D C:\Arquivos de programas\NetSurveillance
O43 - CFD: 30/07/2013 - 23:04:31 - [0,001] ----D C:\Arquivos de programas\Servi�os on-line
O43 - CFD: 29/08/2013 - 21:30:09 - [0,857] ----D C:\Arquivos de programas\ShowMyPCService
O43 - CFD: 01/09/2013 - 17:12:53 - [0,008] ----D C:\Arquivos de programas\Arquivos comuns\Servi�os
O43 - CFD: 12/08/2013 - 18:30:36 - [0] ----D C:\Documents and Settings\All Users\Dados de aplicativos\APN
O43 - CFD: 27/08/2013 - 16:10:57 - [0,000] ----D C:\Documents and Settings\All Users\Dados de aplicativos\Baidu
O43 - CFD: 28/08/2013 - 07:52:52 - [38,921] ----D C:\Documents and Settings\All Users\Dados de aplicativos\Baidu Security
O43 - CFD: 27/08/2013 - 16:11:04 - [9,797] ----D C:\Documents and Settings\Servidor\Dados de aplicativos\Baidu Security
O43 - CFD: 04/08/2013 - 11:10:36 - [0,005] ----D C:\Documents and Settings\Servidor\Configura��es locais\Dados de aplicativos\3CX VoIP Phone
O43 - CFD: 30/07/2013 - 23:12:03 - [0,015] R---D C:\Documents and Settings\Servidor\Menu Iniciar\Programas\Acess�rios
O43 - CFD: 27/08/2013 - 16:11:10 - [0,002] ----D C:\Documents and Settings\Servidor\Menu Iniciar\Programas\Baidu PC App Store
O43 - CFD: 01/09/2013 - 17:31:18 - [0,003] ----D C:\Documents and Settings\Servidor\Menu Iniciar\Programas\Baidu PC Faster
O43 - CFD: 26/08/2013 - 18:37:36 - [0,003] ----D C:\Documents and Settings\Servidor\Menu Iniciar\Programas\Client
O43 - CFD: 30/07/2013 - 19:58:54 - [0,000] R---D C:\Documents and Settings\Servidor\Menu Iniciar\Programas\Inicializar
~ Program Folder: 105 Legitimates Filtered in 00mn 09s



---\\ �ltimos ficheiros alterados ou criados no Windows e Sistema32 (044)
O44 - LFC:[MD5.AB01966CF42DB6656218514EE4FA06F6] - 02/09/2013 - 18:57:48 ---A- . (...) -- C:\WINDOWS\wiaservc.log [48]
O44 - LFC:[MD5.39A056D14E2BF78E4A2BA0BA4BAB46CA] - 02/09/2013 - 18:57:47 ---A- . (...) -- C:\WINDOWS\wiadebug.log [159]
O44 - LFC:[MD5.7CE7AF4095DB47D78C5B1868095721F9] - 02/09/2013 - 18:45:48 ---A- . (.Baidu, Inc. - Baidu Antivirus Hook Base.) -- C:\WINDOWS\system32\Drivers\Bhbase.sys [68352]
O44 - LFC:[MD5.F8FC552CAAE9E911FAFFF3FF084487CD] - 02/09/2013 - 18:35:43 ---A- . (...) -- C:\WINDOWS\ntbtlog.txt [209058]
O44 - LFC:[MD5.F0B189DBCAC1A23C67A4C3A95980BAD9] - 01/09/2013 - 23:38:50 ---A- . (...) -- C:\WINDOWS\updspapi.log [5622]
O44 - LFC:[MD5.C0EC0815A5484DAC55A5142833C16162] - 31/08/2013 - 23:28:44 ---A- . (...) -- C:\WINDOWS\spupdsvc.log [183]
O44 - LFC:[MD5.9171191B655B3153DBF3A1FE8C536902] - 01/09/2013 - 16:56:37 ---A- . (...) -- C:\WINDOWS\DUMP544a.tmp [90112]
O44 - LFC:[MD5.24DF36476AD5B182A77E87220BCE4A8A] - 01/09/2013 - 16:55:47 ---A- . (...) -- C:\WINDOWS\DUMP2da7.tmp [90112]
O44 - LFC:[MD5.D7841751E1A346A7B91729069FBF759C] - 01/09/2013 - 16:54:41 ---A- . (...) -- C:\WINDOWS\DUMP2d5a.tmp [90112]
O44 - LFC:[MD5.B0B3B0EC70740E119A17C32F06FAA90E] - 01/09/2013 - 16:53:37 ---A- . (...) -- C:\WINDOWS\DUMP2bd2.tmp [90112]
O44 - LFC:[MD5.2E5ABB2ABAB6EE7B19005C6A1B35BAB5] - 01/09/2013 - 16:52:33 ---A- . (...) -- C:\WINDOWS\DUMP2d97.tmp [90112]
O44 - LFC:[MD5.77E2D7457821FABFFE71D518F16C3ECB] - 01/09/2013 - 16:51:27 ---A- . (...) -- C:\WINDOWS\DUMP2d59.tmp [90112]
O44 - LFC:[MD5.CB20B78AC1BBC38F36520BCF5161D938] - 01/09/2013 - 16:50:22 ---A- . (...) -- C:\WINDOWS\DUMP3076.tmp [90112]
O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 28/08/2013 - 17:41:23 ---A- . (...) -- C:\WINDOWS\Sti_Trace.log [0]
O44 - LFC:[MD5.FD22E93055EBA5D0120E13A97C822CF2] - 28/08/2013 - 07:53:06 ---A- . (.Baidu, Inc. - Baidu Antivirus Minifilter Driver.) -- C:\WINDOWS\system32\Drivers\BprotectEx.sys [94016]
O44 - LFC:[MD5.C7BC96C3711C0D269DA26D1F0ECEC547] - 26/08/2013 - 22:54:37 ---A- . (...) -- C:\WINDOWS\NeroDigital.ini [69]
O44 - LFC:[MD5.4492448DA2DD26BEF7F206EB750B1022] - 26/08/2013 - 18:37:35 ---A- . (...) -- C:\WINDOWS\system32\Mp4Decoder.dll [49152]
O44 - LFC:[MD5.9B4FD5A944F1428FA167A55BDCCE59D0] - 26/08/2013 - 18:37:35 ---A- . (...) -- C:\WINDOWS\system32\UdpSock.dll [28672]
O44 - LFC:[MD5.5D067EA04BBD03892FE37D8BCF24F76D] - 26/08/2013 - 18:37:35 ---A- . (...) -- C:\WINDOWS\system32\xvid.ax [77824]
O44 - LFC:[MD5.4D2B7DE0AE13A5B1ABE2DCC703D8CBEF] - 26/08/2013 - 18:37:35 ---A- . (...) -- C:\WINDOWS\system32\xvidcore.dll [774144]
O44 - LFC:[MD5.1FCE2A9B80D7B5A575DA956DEF38D17D] - 26/08/2013 - 18:37:35 ---A- . (...) -- C:\WINDOWS\system32\xvidvfw.dll [180224]
O44 - LFC:[MD5.989CA13847CB6D2499D1F87842D74DEC] - 26/08/2013 - 18:37:35 ---A- . (.Hb's individual work - TalkDll DLL.) -- C:\WINDOWS\system32\TalkDll.dll [61440]
O44 - LFC:[MD5.8A32B505221206D35DD709D5B886837B] - 26/08/2013 - 18:37:35 ---A- . (.No owner - DrawDll DLL.) -- C:\WINDOWS\system32\DrawDll.dll [28672]
O44 - LFC:[MD5.7D3995B3DB525E8E858EF459F5B24E91] - 26/08/2013 - 18:37:35 ---A- . (.Photec............ - DivX Video for Windows Codec.) -- C:\WINDOWS\system32\svmp4.dll [565248]
O44 - LFC:[MD5.57B191952B89103E8518217A0280DA5F] - 26/08/2013 - 18:37:35 ---A- . (.my corp - inetocx ActiveX Control Module.) -- C:\WINDOWS\system32\inetocx.ocx [49152]
O44 - LFC:[MD5.0629D2A8CF6856190742C9249C22F68E] - 26/08/2013 - 18:37:35 ---A- . (.photec - No Comment.) -- C:\WINDOWS\system32\DVRClient.ocx [290816]
O44 - LFC:[MD5.EE86268E59E4B38961E7C40D16BE5BB4] - 24/08/2013 - 10:10:49 ---A- . (.Soeperman Enterprises Ltd. - HijackThis.) -- C:\HijackThis.exe [218112]
~ Files: 62 Legitimates Filtered in 00mn 15s



---\\ Image File Execution Options (IFEO) (O50)
O50 - IFEO:Image File Execution Options - Your Image File Name Here without a path - ntsd -d
~ IFEO: Scanned in 00mn 00s



---\\ Enumera��o das chaves do registo PoliciesExplorer (MWPE) (O56)
O56 - MWPE:[HKCU\...\policies\Explorer] - "NoLowDiskSpaceChecks"=1
~ MWPE Keys: 3 Legitimates Filtered in 00mn 00s



---\\ Lista dos drivers do sistema (SDL) (O58)
O58 - SDL:[MD5.B680134BA1813B78B47FDD1DFF223CA5] - 09/05/2013 - 05:59:10 ---A- . (...) -- C:\WINDOWS\system32\Drivers\aswRvrt.sys [49376]
O58 - SDL:[MD5.C1E76718BAB6BCA0D18E5670F074F821] - 28/10/2001 - 13:06:08 ---A- . (...) -- C:\WINDOWS\system32\ansi.sys [9032]
~ Drivers: 7 Legitimates Filtered in 00mn 00s



---\\ �ltimos ficheiros alterados ou criados (Utilizador) (061)
O61 - LFC: 01/09/2013 - 00:21:09 ---A- . (...) -- C:\Documents and Settings\Servidor\Configura��es locais\Dados de aplicativos\Google\Toolbar\metrics_74476246832.xml [7886]
O61 - LFC: 01/09/2013 - 00:22:07 ---A- . (...) -- C:\Documents and Settings\Servidor\Configura��es locais\Dados de aplicativos\Google\Toolbar\metrics_74682715770.xml [6518]
O61 - LFC: 01/09/2013 - 00:34:01 ---A- . (...) -- C:\Documents and Settings\Servidor\Configura��es locais\Dados de aplicativos\Google\Toolbar\metrics_77238627390.xml [7795]
O61 - LFC: 01/09/2013 - 00:34:05 ---A- . (...) -- C:\Documents and Settings\Servidor\Configura��es locais\Dados de aplicativos\Google\Toolbar\metrics_77253153967.xml [7849]
O61 - LFC: 01/09/2013 - 00:43:27 -SHA- . (...) -- C:\Documents and Settings\Servidor\PrivacIE\index.dat [212992]
O61 - LFC: 01/09/2013 - 00:43:31 ---A- . (...) -- C:\Documents and Settings\Servidor\Dados de aplicativos\Google\Local Search History\google%2Eweb.w [14]
O61 - LFC: 01/09/2013 - 00:44:32 ---A- . (...) -- C:\Documents and Settings\Servidor\Configura��es locais\Dados de aplicativos\Google\Toolbar DNS data\data [2720]
O61 - LFC: 01/09/2013 - 00:51:55 ---A- . (...) -- C:\Documents and Settings\Servidor\Configura��es locais\Dados de aplicativos\Google\Toolbar\metrics_81082469258.xml [11517]
O61 - LFC: 01/09/2013 - 00:51:55 ---A- . (...) -- C:\Documents and Settings\Servidor\Configura��es locais\Dados de aplicativos\Google\Toolbar\metrics_81083211201.xml [7759]
O61 - LFC: 01/09/2013 - 16:18:55 ---A- . (...) -- C:\Documents and Settings\Servidor\Configura��es locais\Temp\Quarantine.exe [344507]
O61 - LFC: 01/09/2013 - 17:45:24 ---A- . (...) -- C:\Documents and Settings\Servidor\Recent\Carta 1 de Cristo.lnk [1157]
O61 - LFC: 01/09/2013 - 17:45:24 ---A- . (...) -- C:\Documents and Settings\Servidor\Recent\Todas as Cartas de Cristo (Completa).lnk [763]
O61 - LFC: 01/09/2013 - 18:01:56 ---A- . (...) -- C:\Documents and Settings\Servidor\Configura��es locais\Temp\is701137889\1581630_stp.EXE [1618440]
O61 - LFC: 01/09/2013 - 18:01:56 ---A- . (...) -- C:\Documents and Settings\Servidor\Configura��es locais\Temp\is701137889\1581630_stp.EXE.part [35]
O61 - LFC: 01/09/2013 - 18:03:19 ---A- . (...) -- C:\Documents and Settings\Servidor\Configura��es locais\Temp\dd_dotnetfx20error.txt [2]
O61 - LFC: 01/09/2013 - 18:03:24 ---A- . (...) -- C:\Documents and Settings\Servidor\Configura��es locais\Temp\dd_depcheck_NETFX20_EXP_35.txt [26184]
O61 - LFC: 01/09/2013 - 18:03:33 ---A- . (...) -- C:\Documents and Settings\Servidor\Configura��es locais\Temp\dd_clwireg.txt [2107]
O61 - LFC: 01/09/2013 - 18:04:40 ---A- . (...) -- C:\Documents and Settings\Servidor\Configura��es locais\Temp\dd_NET_Framework20_Setup0645.txt [8183446]
O61 - LFC: 01/09/2013 - 18:04:53 ---A- . (...) -- C:\Documents and Settings\Servidor\Configura��es locais\Temp\dd_dotnetfx20install.txt [113740]
O61 - LFC: 01/09/2013 - 18:04:53 ---A- . (...) -- C:\Documents and Settings\Servidor\Configura��es locais\Temp\uxeventlog.txt [9346]
O61 - LFC: 01/09/2013 - 18:04:53 ---A- . (...) -- C:\Documents and Settings\Servidor\Configura��es locais\Temp\~nsu.tmp\Au_.exe [56964]
O61 - LFC: 01/09/2013 - 20:52:31 ---A- . (...) -- C:\Documents and Settings\Servidor\Configura��es locais\Temp\jrt\get.bat [16063]
O61 - LFC: 01/09/2013 - 20:52:49 ---A- . (...) -- C:\Documents and Settings\Servidor\Configura��es locais\Temp\jrt\JRT.bat [10261]
O61 - LFC: 01/09/2013 - 20:52:58 ---A- . (...) -- C:\Documents and Settings\Servidor\Configura��es locais\Temp\jrt\currentmd5.txt [13]
O61 - LFC: 01/09/2013 - 20:53:12 ---A- . (...) -- C:\Documents and Settings\Servidor\Configura��es locais\Temp\jrt\WOW6432NODE.dat [415]
O61 - LFC: 01/09/2013 - 21:15:43 ---A- . (...) -- C:\Documents and Settings\Servidor\Configura��es locais\Temp\jrt\ask.bat [29648]
O61 - LFC: 01/09/2013 - 21:16:15 ---A- . (...) -- C:\Documents and Settings\Servidor\Configura��es locais\Temp\jrt\runvalues.bat [8398]
O61 - LFC: 01/09/2013 - 21:16:36 ---A- . (...) -- C:\Documents and Settings\Servidor\Configura��es locais\Temp\jrt\badvalues.cfg [4327]
O61 - LFC: 01/09/2013 - 21:16:54 ---A- . (...) -- C:\Documents and Settings\Servidor\Configura��es locais\Temp\jrt\services.dat [2578]
O61 - LFC: 01/09/2013 - 21:17:09 ---A- . (...) -- C:\Documents and Settings\Servidor\Configura��es locais\Temp\jrt\REGhkcu_and_hklm_software.cfg [2771]
O61 - LFC: 01/09/2013 - 21:17:48 ---A- . (...) -- C:\Documents and Settings\Servidor\Configura��es locais\Temp\jrt\UNINSTALL.dat [13731]
O61 - LFC: 01/09/2013 - 21:18:05 ---A- . (...) -- C:\Documents and Settings\Servidor\Configura��es locais\Temp\jrt\BHO_name.dat [949]
O61 - LFC: 01/09/2013 - 21:18:22 ---A- . (...) -- C:\Documents and Settings\Servidor\Configura��es locais\Temp\jrt\CHR_extensions.cfg [5778]
O61 - LFC: 01/09/2013 - 21:18:40 ---A- . (...) -- C:\Documents and Settings\Servidor\Configura��es locais\Temp\jrt\TYPELIB_clsid.dat [2798]
O61 - LFC: 01/09/2013 - 21:18:54 ---A- . (...) -- C:\Documents and Settings\Servidor\Configura��es locais\Temp\jrt\INTERFACE_clsid.dat [4998]
O61 - LFC: 01/09/2013 - 21:19:13 ---A- . (...) -- C:\Documents and Settings\Servidor\Configura��es locais\Temp\jrt\CLSID_clsid.dat [10358]
O61 - LFC: 01/09/2013 - 21:19:29 ---A- . (...) -- C:\Documents and Settings\Servidor\Configura��es locais\Temp\jrt\badFOLDERS.cfg [16242]
O61 - LFC: 01/09/2013 - 21:20:59 ---A- . (...) -- C:\Documents and Settings\Servidor\Configura��es locais\Temp\jrt\appinit64_null.reg [144]
O61 - LFC: 01/09/2013 - 21:52:01 ---A- . (...) -- C:\Documents and Settings\Servidor\Configura��es locais\Temp\jrt\serviceseventlog.cfg [28]
O61 - LFC: 01/09/2013 - 21:55:44 ---A- . (...) -- C:\Documents and Settings\Servidor\Configura��es locais\Temp\jrt\REGISTRYUSERSID.cfg [59]
O61 - LFC: 01/09/2013 - 21:58:06 ---A- . (...) -- C:\Documents and Settings\Servidor\Configura��es locais\Temp\jrt\misc.bat [144096]
O61 - LFC: 01/09/2013 - 22:05:19 ---A- . (...) -- C:\Documents and Settings\Servidor\Configura��es locais\Temp\jrt\newmd5.txt [13]
O61 - LFC: 01/09/2013 - 23:07:40 ---A- . (...) -- C:\Documents and Settings\Servidor\Configura��es locais\Dados de aplicativos\Google\Chrome\User Data\Default\Local Storage\https_secure.shared.live.com_0.localstorage [100352]
O61 - LFC: 01/09/2013 - 23:07:40 ---A- . (...) -- C:\Documents and Settings\Servidor\Configura��es locais\Dados de aplicativos\Google\Chrome\User Data\Default\Local Storage\https_secure.shared.live.com_0.localstorage-journal [16384]
O61 - LFC: 01/09/2013 - 23:31:09 ---A- . (...) -- C:\Documents and Settings\Servidor\Configura��es locais\Dados de aplicativos\Google\Chrome\User Data\Default\Local Storage\http_www.youtube.com_0.localstorage [51200]
O61 - LFC: 01/09/2013 - 23:31:09 ---A- . (...) -- C:\Documents and Settings\Servidor\Configura��es locais\Dados de aplicativos\Google\Chrome\User Data\Default\Local Storage\http_www.youtube.com_0.localstorage-journal [16384]
O61 - LFC: 02/09/2013 - 14:13:13 ---A- . (...) -- C:\Documents and Settings\Servidor\Configura��es locais\Dados de aplicativos\Google\Chrome\User Data\Default\Top Sites [450560]
O61 - LFC: 02/09/2013 - 14:13:13 ---A- . (...) -- C:\Documents and Settings\Servidor\Configura��es locais\Dados de aplicativos\Google\Chrome\User Data\Default\Top Sites-journal [16384]
O61 - LFC: 02/09/2013 - 14:26:18 ---A- . (...) -- C:\Documents and Settings\Servidor\Configura��es locais\Dados de aplicativos\Google\Chrome\User Data\Default\Extension State(2)\CURRENT [16]
O61 - LFC: 02/09/2013 - 14:26:18 ---A- . (...) -- C:\Documents and Settings\Servidor\Configura��es locais\Dados de aplicativos\Google\Chrome\User Data\Default\Extension State(2)\LOCK [0]
O61 - LFC: 02/09/2013 - 14:26:18 ---A- . (...) -- C:\Documents and Settings\Servidor\Configura��es locais\Dados de aplicativos\Google\Chrome\User Data\Default\Extension State(2)\MANIFEST-000002 [50]
O61 - LFC: 02/09/2013 - 14:26:25 ---A- . (...) -- C:\Documents and Settings\Servidor\Configura��es locais\Dados de aplicativos\Google\Chrome\User Data\Default\Extension State(2)\LOG [47]
O61 - LFC: 02/09/2013 - 18:43:18 -SHA- . (...) -- C:\Documents and Settings\Servidor\Dados de aplicativos\Microsoft\Credentials\S-1-5-21-1004336348-1972579041-682003330-1003\Credentials [900]
O61 - LFC: 02/09/2013 - 18:46:35 ---A- . (...) -- C:\Documents and Settings\Servidor\Configura��es locais\Dados de aplicativos\Google\Chrome\User Data\Default\Session Storage\LOCK [0]
O61 - LFC: 02/09/2013 - 18:50:19 -SHA- . (...) -- C:\Documents and Settings\Servidor\IECompatCache\index.dat [65536]
O61 - LFC: 02/09/2013 - 18:53:05 ---A- . (...) -- C:\Documents and Settings\Servidor\Recent\dvr.lnk [375]
O61 - LFC: 02/09/2013 - 18:53:48 ---A- . (...) -- C:\Documents and Settings\Servidor\Dados de aplicativos\Baidu Security\PC App Store\3.4.0.16\soft_info_syncnizing.db3 [5136384]
O61 - LFC: 02/09/2013 - 18:54:39 ---A- . (...) -- C:\Documents and Settings\Servidor\Configura��es locais\Dados de aplicativos\Google\Chrome\User Data\Default\Web Data [98304]
O61 - LFC: 02/09/2013 - 18:54:39 ---A- . (...) -- C:\Documents and Settings\Servidor\Configura��es locais\Dados de aplicativos\Google\Chrome\User Data\Default\Web Data-journal [16384]
O61 - LFC: 02/09/2013 - 18:54:44 ---A- . (...) -- C:\Documents and Settings\Servidor\Configura��es locais\Dados de aplicativos\Google\Chrome\User Data\Default\Login Data [16384]
O61 - LFC: 02/09/2013 - 18:54:44 ---A- . (...) -- C:\Documents and Settings\Servidor\Configura��es locais\Dados de aplicativos\Google\Chrome\User Data\Default\Login Data-journal [8736]
O61 - LFC: 02/09/2013 - 18:56:09 ---A- . (...) -- C:\Documents and Settings\Servidor\Recent\desinstalar ie.lnk [442]
O61 - LFC: 02/09/2013 - 18:56:13 ---A- . (...) -- C:\Documents and Settings\Servidor\Configura��es locais\Dados de aplicativos\Google\Chrome\User Data\Default\GPUCache\data_0 [45056]
O61 - LFC: 02/09/2013 - 18:56:13 ---A- . (...) -- C:\Documents and Settings\Servidor\Configura��es locais\Dados de aplicativos\Google\Chrome\User Data\Default\GPUCache\data_1 [270336]
O61 - LFC: 02/09/2013 - 18:58:18 ---A- . (...) -- C:\Documents and Settings\Servidor\Recent\processo estranho.lnk [459]
O61 - LFC: 02/09/2013 - 19:01:15 ---A- . (...) -- C:\Documents and Settings\Servidor\Configura��es locais\Dados de aplicativos\Google\Chrome\User Data\Default\Shortcuts [45056]
O61 - LFC: 02/09/2013 - 19:01:15 ---A- . (...) -- C:\Documents and Settings\Servidor\Configura��es locais\Dados de aplicativos\Google\Chrome\User Data\Default\Shortcuts-journal [16384]
O61 - LFC: 02/09/2013 - 19:02:08 ---A- . (...) -- C:\Documents and Settings\Servidor\Configura��es locais\Dados de aplicativos\Google\Chrome\User Data\Safe Browsing Download [709736]
O61 - LFC: 02/09/2013 - 19:02:09 ---A- . (...) -- C:\Documents and Settings\Servidor\Configura��es locais\Dados de aplicativos\Google\Chrome\User Data\Safe Browsing Bloom [10281408]
O61 - LFC: 02/09/2013 - 19:02:10 ---A- . (...) -- C:\Documents and Settings\Servidor\Configura��es locais\Dados de aplicativos\Google\Chrome\User Data\Safe Browsing Bloom Prefix Set [1966038]
O61 - LFC: 02/09/2013 - 19:02:10 ---A- . (...) -- C:\Documents and Settings\Servidor\Configura��es locais\Dados de aplicativos\Google\Chrome\User Data\Safe Browsing Csd Whitelist [135236]
O61 - LFC: 02/09/2013 - 19:02:10 ---A- . (...) -- C:\Documents and Settings\Servidor\Configura��es locais\Dados de aplicativos\Google\Chrome\User Data\Safe Browsing Download Whitelist [19680]
O61 - LFC: 02/09/2013 - 19:02:10 ---A- . (...) -- C:\Documents and Settings\Servidor\Configura��es locais\Dados de aplicativos\Google\Chrome\User Data\Safe Browsing Extension Blacklist [6232]
O61 - LFC: 02/09/2013 - 19:04:53 ---A- . (...) -- C:\Documents and Settings\Servidor\Configura��es locais\Dados de aplicativos\Google\Chrome\User Data\Default\History Index 2013-08 [16965632]
O61 - LFC: 02/09/2013 - 19:04:53 ---A- . (...) -- C:\Documents and Settings\Servidor\Configura��es locais\Dados de aplicativos\Google\Chrome\User Data\Default\History Index 2013-08-journal [16384]
O61 - LFC: 02/09/2013 - 19:05:58 ---A- . (...) -- C:\Documents and Settings\Servidor\Configura��es locais\Dados de aplicativos\Google\Chrome\User Data\Default\TransportSecurity [1591]
O61 - LFC: 02/09/2013 - 19:06:35 ---A- . (...) -- C:\Documents and Settings\Servidor\Configura��es locais\Dados de aplicativos\Google\Chrome\User Data\Certificate Revocation Lists [258441]
O61 - LFC: 02/09/2013 - 19:06:35 ---A- . (...) -- C:\Documents and Settings\Servidor\Configura��es locais\Temp\CRX_75DAF8CB7768\crl-set [1706]
O61 - LFC: 02/09/2013 - 19:06:35 ---A- . (...) -- C:\Documents and Settings\Servidor\Configura��es locais\Temp\CRX_75DAF8CB7768\manifest.fingerprint [12]
O61 - LFC: 02/09/2013 - 19:06:35 ---A- . (...) -- C:\Documents and Settings\Servidor\Configura��es locais\Temp\CRX_75DAF8CB7768\manifest.json [34]
O61 - LFC: 02/09/2013 - 19:06:55 ---A- . (...) -- C:\Documents and Settings\Servidor\Configura��es locais\Dados de aplicativos\Google\Chrome\User Data\Default\Extension Rules\LOG.old [148]
O61 - LFC: 02/09/2013 - 19:06:55 ---A- . (...) -- C:\Documents and Settings\Servidor\Configura��es locais\Dados de aplicativos\Google\Chrome\User Data\Default\Network Action Predictor [128000]
O61 - LFC: 02/09/2013 - 19:06:55 ---A- . (...) -- C:\Documents and Settings\Servidor\Configura��es locais\Dados de aplicativos\Google\Chrome\User Data\Default\Network Action Predictor-journal [16384]
O61 - LFC: 02/09/2013 - 19:06:57 ---A- . (...) -- C:\Documents and Settings\Servidor\Configura��es locais\Dados de aplicativos\Google\Chrome\User Data\Default\Session Storage\LOG.old [263]
O61 - LFC: 02/09/2013 - 19:07:04 ---A- . (...) -- C:\Documents and Settings\Servidor\Configura��es locais\Dados de aplicativos\Google\Chrome\User Data\Default\Local Storage\http_www.baixaki.com.br_0.localstorage [3072]
O61 - LFC: 02/09/2013 - 19:07:04 ---A- . (...) -- C:\Documents and Settings\Servidor\Configura��es locais\Dados de aplicativos\Google\Chrome\User Data\Default\Local Storage\http_www.baixaki.com.br_0.localstorage-journal [3608]
O61 - LFC: 02/09/2013 - 19:07:14 ---A- . (...) -- C:\Documents and Settings\Servidor\Configura��es locais\Dados de aplicativos\Google\Chrome\User Data\Default\Last Session [58204]
O61 - LFC: 02/09/2013 - 19:07:14 ---A- . (...) -- C:\Documents and Settings\Servidor\Configura��es locais\Dados de aplicativos\Google\Chrome\User Data\Default\Last Tabs [50971]
O61 - LFC: 02/09/2013 - 19:07:37 ---A- . (...) -- C:\Documents and Settings\Servidor\Configura��es locais\Dados de aplicativos\Google\Chrome\User Data\Default\Extension Rules\CURRENT [16]
O61 - LFC: 02/09/2013 - 19:07:37 ---A- . (...) -- C:\Documents and Settings\Servidor\Configura��es locais\Dados de aplicativos\Google\Chrome\User Data\Default\Extension Rules\LOG [148]
O61 - LFC: 02/09/2013 - 19:07:38 ---A- . (...) -- C:\Documents and Settings\Servidor\Configura��es locais\Dados de aplicativos\Google\Chrome\User Data\Default\Session Storage\CURRENT [16]
O61 - LFC: 02/09/2013 - 19:07:38 ---A- . (...) -- C:\Documents and Settings\Servidor\Configura��es locais\Dados de aplicativos\Google\Chrome\User Data\Default\Session Storage\MANIFEST-000013 [309]
O61 - LFC: 02/09/2013 - 19:07:38 -SHA- . (...) -- C:\Documents and Settings\Servidor\IETldCache\index.dat [262144]
O61 - LFC: 02/09/2013 - 19:07:40 ---A- . (...) -- C:\Documents and Settings\Servidor\Configura��es locais\Dados de aplicativos\Google\Chrome\User Data\Default\Local Storage\https_plus.google.com_0.localstorage [3072]
O61 - LFC: 02/09/2013 - 19:07:40 ---A- . (...) -- C:\Documents and Settings\Servidor\Configura��es locais\Dados de aplicativos\Google\Chrome\User Data\Default\Local Storage\https_plus.google.com_0.localstorage-journal [3608]
O61 - LFC: 02/09/2013 - 19:07:44 ---A- . (...) -- C:\Documents and Settings\Servidor\Configura��es locais\Dados de aplicativos\Google\Chrome\User Data\Default\Session Storage\LOG [719]
O61 - LFC: 02/09/2013 - 19:07:47 ---A- . (...) -- C:\Documents and Settings\Servidor\Configura��es locais\Dados de aplicativos\Google\Chrome\User Data\Default\Managed Mode Settings [8]
O61 - LFC: 02/09/2013 - 19:08:27 ---A- . (...) -- C:\Documents and Settings\Servidor\Configura��es locais\Dados de aplicativos\Google\Chrome\User Data\Default\Favicons [849920]
O61 - LFC: 02/09/2013 - 19:08:27 ---A- . (...) -- C:\Documents and Settings\Servidor\Configura��es locais\Dados de aplicativos\Google\Chrome\User Data\Default\Favicons-journal [16384]
O61 - LFC: 02/09/2013 - 19:08:27 ---A- . (...) -- C:\Documents and Settings\Servidor\Configura��es locais\Dados de aplicativos\Google\Chrome\User Data\Default\History Index 2013-09 [2404352]
O61 - LFC: 02/09/2013 - 19:08:27 ---A- . (...) -- C:\Documents and Settings\Servidor\Configura��es locais\Dados de aplicativos\Google\Chrome\User Data\Default\History Index 2013-09-journal [16384]
O61 - LFC: 02/09/2013 - 19:08:38 ---A- . (...) -- C:\Documents and Settings\Servidor\Configura��es locais\Dados de aplicativos\Google\Chrome\User Data\Default\Cookies [730112]
O61 - LFC: 02/09/2013 - 19:08:38 ---A- . (...) -- C:\Documents and Settings\Servidor\Configura��es locais\Dados de aplicativos\Google\Chrome\User Data\Default\Cookies-journal [16384]
O61 - LFC: 02/09/2013 - 19:08:38 ---A- . (...) -- C:\Documents and Settings\Servidor\Configura��es locais\Dados de aplicativos\Google\Chrome\User Data\Default\Current Session [41710]
O61 - LFC: 02/09/2013 - 19:08:38 ---A- . (...) -- C:\Documents and Settings\Servidor\Configura��es locais\Dados de aplicativos\Google\Chrome\User Data\Default\Current Tabs [20556]
O61 - LFC: 02/09/2013 - 19:08:38 ---A- . (...) -- C:\Documents and Settings\Servidor\Configura��es locais\Dados de aplicativos\Google\Chrome\User Data\Default\History [1331200]
O61 - LFC: 02/09/2013 - 19:08:38 ---A- . (...) -- C:\Documents and Settings\Servidor\Configura��es locais\Dados de aplicativos\Google\Chrome\User Data\Default\History Provider Cache [300737]
O61 - LFC: 02/09/2013 - 19:08:38 ---A- . (...) -- C:\Documents and Settings\Servidor\Configura��es locais\Dados de aplicativos\Google\Chrome\User Data\Default\History-journal [16384]
O61 - LFC: 02/09/2013 - 19:08:38 ---A- . (...) -- C:\Documents and Settings\Servidor\Configura��es locais\Dados de aplicativos\Google\Chrome\User Data\Default\Preferences [154884]
O61 - LFC: 02/09/2013 - 19:08:38 ---A- . (...) -- C:\Documents and Settings\Servidor\Configura��es locais\Dados de aplicativos\Google\Chrome\User Data\Default\Visited Links [131072]
O61 - LFC: 02/09/2013 - 19:08:38 ---A- . (...) -- C:\Documents and Settings\Servidor\Configura��es locais\Dados de aplicativos\Google\Chrome\User Data\Local State [41456]
O61 - LFC: 02/09/2013 - 19:08:38 ---A- . (...) -- C:\Documents and Settings\Servidor\Configura��es locais\Dados de aplicativos\Google\Chrome\User Data\Safe Browsing Cookies [6144]
O61 - LFC: 02/09/2013 - 19:08:38 ---A- . (...) -- C:\Documents and Settings\Servidor\Configura��es locais\Dados de aplicativos\Google\Chrome\User Data\Safe Browsing Cookies-journal [4640]
O61 - LFC: 02/09/2013 - 19:08:38 ---A- . (...) -- C:\Documents and Settings\Servidor\Configura��es locais\Dados de aplicativos\Google\Chrome\User Data\chrome_shutdown_ms.txt [4]
O61 - LFC: 02/09/2013 - 19:12:32 ---A- . (...) -- C:\Documents and Settings\Servidor\Configura��es locais\Temp\JRT.txt [1181]
O61 - LFC: 02/09/2013 - 19:12:32 ---A- . (...) -- C:\Documents and Settings\Servidor\Configura��es locais\Temp\jrt\temp\null.txt [0]
O61 - LFC: 30/08/2013 - 19:49:47 ---A- . (...) -- C:\Documents and Settings\Servidor\Configura��es locais\Dados de aplicativos\Google\Chrome\User Data\Default\GPUCache\data_2 [1056768]
O61 - LFC: 30/08/2013 - 20:15:48 ---A- . (...) -- C:\Documents and Settings\Servidor\Configura��es locais\Dados de aplicativos\Google\Toolbar\metrics_19489152376.xml [7955]
O61 - LFC: 30/08/2013 - 23:00:30 ---A- . (...) -- C:\Documents and Settings\Servidor\Configura��es locais\Dados de aplicativos\Google\Toolbar\metrics_54682432448.xml [5596]
O61 - LFC: 30/08/2013 - 23:44:10 ---A- . (...) -- C:\Documents and Settings\Servidor\Configura��es locais\Temp\jrt\FFprefs.dat [3595]
O61 - LFC: 31/08/2013 - 00:34:07 ---A- . (...) -- C:\Documents and Settings\Servidor\Configura��es locais\Temp\jrt\badFOLDERSstart.cfg [848]
O61 - LFC: 31/08/2013 - 00:36:00 ---A- . (...) -- C:\Documents and Settings\Servidor\Configura��es locais\Temp\jrt\REGhkcu_software_appdatalow.cfg [2195]
O61 - LFC: 31/08/2013 - 00:36:39 ---A- . (...) -- C:\Documents and Settings\Servidor\Configura��es locais\Temp\jrt\APPID_clsid.dat [1518]
O61 - LFC: 31/08/2013 - 00:37:38 ---A- . (...) -- C:\Documents and Settings\Servidor\Configura��es locais\Temp\jrt\APPPATHS.dat [67]
O61 - LFC: 31/08/2013 - 00:46:04 ---A- . (...) -- C:\Documents and Settings\Servidor\Configura��es locais\Dados de aplicativos\Google\Chrome\User Data\Default\Local Storage\http_animalog.com.br_0.localstorage [3072]
O61 - LFC: 31/08/2013 - 00:46:04 ---A- . (...) -- C:\Documents and Settings\Servidor\Configura��es locais\Dados de aplicativos\Google\Chrome\User Data\Default\Local Storage\http_animalog.com.br_0.localstorage-journal [3608]
O61 - LFC: 31/08/2013 - 00:46:18 ---A- . (...) -- C:\Documents and Settings\Servidor\Configura��es locais\Dados de aplicativos\Google\Chrome\User Data\Default\Local Storage\http_teste.animalog.com.br_0.localstorage [3072]
O61 - LFC: 31/08/2013 - 00:46:18 ---A- . (...) -- C:\Documents and Settings\Servidor\Configura��es locais\Dados de aplicativos\Google\Chrome\User Data\Default\Local Storage\http_teste.animalog.com.br_0.localstorage-journal [3608]
O61 - LFC: 31/08/2013 - 00:49:07 ---A- . (...) -- C:\Documents and Settings\Servidor\Configura��es locais\Temp\jrt\FFXPI.dat [818]
O61 - LFC: 31/08/2013 - 00:49:23 ---A- . (...) -- C:\Documents and Settings\Servidor\Configura��es locais\Temp\jrt\FFXML.dat [1470]
O61 - LFC: 31/08/2013 - 01:19:27 ---A- . (...) -- C:\Documents and Settings\Servidor\Configura��es locais\Temp\jrt\BHO_clsid.dat [28598]
O61 - LFC: 31/08/2013 - 01:19:56 ---A- . (...) -- C:\Documents and Settings\Servidor\Configura��es locais\Temp\jrt\FFextensions.dat [9501]
O61 - LFC: 31/08/2013 - 19:13:00 ---A- . (...) -- C:\Documents and Settings\Servidor\Configura��es locais\Dados de aplicativos\Google\Toolbar Cache\7.5.4413.1752\pt-BR\translate_element.js.content [2389]
O61 - LFC: 31/08/2013 - 19:13:34 ---A- . (...) -- C:\Documents and Settings\Servidor\Configura��es locais\Dados de aplicativos\Google\Toolbar\metrics_8433543363.xml [7772]
O61 - LFC: 31/08/2013 - 23:15:51 ---A- . (...) -- C:\Documents and Settings\Servidor\Configura��es locais\Dados de aplicativos\Google\Chrome\User Data\Default\Local Storage\http_pt.wikipedia.org_0.localstorage [3072]
O61 - LFC: 31/08/2013 - 23:15:51 ---A- . (...) -- C:\Documents and Settings\Servidor\Configura��es locais\Dados de aplicativos\Google\Chrome\User Data\Default\Local Storage\http_pt.wikipedia.org_0.localstorage-journal [3608]
~ 19 Fichiers cookies (Cookies files)
~ Files: 223 Legitimates Filtered in 00mn 44s



---\\ Lista das ferramentas de remo��o de v�rus (LAT) (063)
O63 - Logiciel: SEAF By C_XX - (.C_XX.) [HKLM] -- SEAF
O63 - Logiciel: ZHPDiag 2013 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1
~ ADS: Scanned in 00mn 00s



---\\ Lista dos servi�os Legacy du registo (064)
O64 - Services: CurCS - 02/09/2013 - C:\WINDOWS\system32\drivers\Bhbase.sys (Bhbase) .(.Baidu, Inc. - Baidu Antivirus Hook Base.) - LEGACY_BHBASE
O64 - Services: CurCS - 08/08/2013 - C:\WINDOWS\system32\drivers\BprotectEx.sys (BprotectEx) .(.Baidu, Inc. - Baidu Antivirus Minifilter Driver.) - LEGACY_BPROTECTEX
O64 - Services: CurCS - 03/07/2013 - C:\Arquivos de programas\Baidu Security\PC App Store\3.4.0.16\PCAppStoreSvc.exe (PCAppStoreSvc_{PCAppStore_3.4.0.16}) .(.Baidu Inc. - Baidu PC Faster Service.) - LEGACY_PCAPPSTORESVC_{PCAPPSTORE_3.4.0.16}
O64 - Services: CurCS - 16/08/2013 - C:\Arquivos de programas\Baidu Security\PC Faster\3.7.0.0\PCFasterSvc.exe (PCFasterSvc_{PCFaster_3.7.0.0}) .(.Baidu Inc. - Baidu PC Faster Service.) - LEGACY_PCFASTERSVC_{PCFASTER_3.7.0.0}
~ Legacy: 120 Legitimates Filtered in 00mn 00s



---\\ Associa��es Shell Spawning (O67)
O67 - Shell Spawning: <.html> [HKCU\..\open\Command] (.Not Key.)
~ FASS Keys: 17 Legitimates Filtered in 00mn 00s



---\\ Menu de inicializa��o Internet (068)
O68 - StartMenuInternet: <>[HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Arquivos de programas\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Arquivos de programas\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Arquivos de programas\Internet Explorer\iexplore.exe
~ Keys: Scanned in 00mn 00s



---\\ Pesquisa de infe��o nos navegadores da Internet (SBI) (069)
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (Bing) - http://www.bing.com
~ Keys: Scanned in 00mn 00s



---\\ Pesquisa adicional � raiz do sistema (radicular) (SPRF) (O84)
[MD5.42D07B5183F6AF725A0B6ABD36FE03FA] [SPRF][31/07/2013] (.UltraVnc - UltraVnc Self-Extract Setup.) -- C:\Documents and Settings\Servidor\Desktop\CsSuporte.exe [304272]
[MD5.1A14242EB1E14069DDDFAAA3BCC45149] [SPRF][02/09/2013] (...) -- C:\Documents and Settings\Servidor\Desktop\delfix.exe [706916]
[MD5.A3CCFD0AA0B17FD23AA9FD0D84B86C05] [SPRF][31/07/2013] (.Simon Tatham - SSH, Telnet and Rlogin client.) -- C:\Documents and Settings\Servidor\Desktop\putty.exe [483328]
[MD5.95A960B7C3C05CB9BBF0EDD80086F770] [SPRF][17/08/2013] (.C_XX - SEAF.) -- C:\Documents and Settings\Servidor\Desktop\seaf.exe [498868]
[MD5.80F416494095A76BAD9C6AFEA45E0F03] [SPRF][29/08/2013] (...) -- C:\Documents and Settings\Servidor\Desktop\ShowMyPC3150.exe [2304608]
[MD5.ED8734E721C733E5135EF9E784D81111] [SPRF][04/08/2013] (.UltraVNC - VNCViewer.) -- C:\Documents and Settings\Servidor\Desktop\vncviewer.exe [1280248]
[MD5.B51B1C0C2A32338F0A5A0EA278083AD8] [SPRF][17/08/2013] (...) -- C:\Documents and Settings\Servidor\Desktop\zoek.exe [1276904]
~ Files: 10 Legitimates Filtered in 00mn 00s



---\\ Estado general dos servi�os n�o Microsoft (EGS) (SR=Executados, SS=Parados)
SS - | Demand 26/08/2013 257416 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
SR - | Auto 09/05/2013 46808 | (avast! Antivirus) . (.AVAST Software.) - C:\Arquivos de programas\AVAST Software\Avast\AvastSvc.exe
SS - | Demand 13/04/2008 225280 | (dmadmin) . (.Microsoft Corp., Veritas Software.) - C:\WINDOWS\system32\dmadmin.exe
SS - | Auto 30/07/2013 116648 | (gupdate) . (.Google Inc..) - C:\Arquivos de programas\Google\Update\GoogleUpdate.exe
SS - | Demand 30/07/2013 116648 | (gupdatem) . (.Google Inc..) - C:\Arquivos de programas\Google\Update\GoogleUpdate.exe
SS - | Demand 30/07/2013 194032 | (gusvc) . (.Google.) - C:\Arquivos de programas\Google\Common\Google Updater\GoogleUpdaterService.exe
SR - | Auto 03/12/2007 869672 | (Nero BackItUp Scheduler 3) . (.Nero AG.) - C:\Arquivos de programas\Nero\Nero8\Nero BackItUp\NBService.exe
SR - | Demand 13/12/2007 447784 | (NMIndexingService) . (.Nero AG.) - C:\Arquivos de programas\Arquivos comuns\Nero\Lib\NMIndexingService.exe
SR - | Auto 03/07/2013 578472 | (PCAppStoreSvc_{PCAppStore_3.4.0.16}) . (.Baidu Inc..) - C:\Arquivos de programas\Baidu Security\PC App Store\3.4.0.16\PCAppStoreSvc.exe
SR - | Auto 16/08/2013 621552 | (PCFasterSvc_{PCFaster_3.7.0.0}) . (.Baidu Inc..) - C:\Arquivos de programas\Baidu Security\PC Faster\3.7.0.0\PCFasterSvc.exe
SS - | Auto 25/07/2013 162672 | (SkypeUpdate) . (.Skype Technologies.) - C:\Arquivos de programas\Skype\Updater\Updater.exe
SR - | Auto 07/08/2013 4308320 | (TeamViewer8) . (.TeamViewer GmbH.) - C:\Arquivos de programas\TeamViewer\Version8\TeamViewer_Service.exe
~ Services: Scanned in 00mn 05s



---\\ Pesquisa de infe��o no Registo Mestre de Inicializa��o (MBR) (080)
Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, http://www.gmer.net
Run by Servidor at 02/09/2013 19:15:07

device: opened successfully
user: MBR read successfully

Disk trace:
called modules: ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll atapi.sys pciide.sys
1 ntkrnlpa!IofCallDriver[0x804EF200] >> \Device\Harddisk0\DR0[0x8A234AB8]
kernel: MBR read successfully
user & kernel MBR OK
~ MBR: 13 Legitimates Filtered in 00mn 02s



---\\ Pesquisa de infe��o no Registo Mestre de Inicializa��o (MBRCheck) (080)
Written by ad13, http://ad13.geekstog
Run by Servidor at 02/09/2013 19:15:09

********* Dump file Name *********
C:\PhysicalDisk0_MBR.bin
~ MBR: Scanned in 00mn 04s



---\\ Sc�ner Aditional (088)
Database Version : v2.12874 - (01/09/2013)
Cl�s trouv�es (Keys found) : 1
Valeurs trouv�es (Values found) : 1
Dossiers trouv�s (Folders found) : 1
Fichiers trouv�s (Files found) : 1

[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Baidu PC Faster 3.7.0.0] =>Adware.BDSearch
[HKLM\Software\Microsoft\Internet Explorer\Toolbar]:{2318C2B1-4965-11d4-9B18-009027A5CD4F} =>Toolbar.Google^
C:\Documents and Settings\All Users\Dados de aplicativos\Baidu =>Adware.BDSearch
C:\Arquivos de programas\Google\Google Toolbar\GoogleToolbar_32.dll =>Toolbar.Google^
~ Additionnel Scan: 150710 Items scanned in 00mn 10s



---\\ Sum�rio das dete��es encontradas na sua esta��o
~ http://nicolascoolman.webs.com/apps/blog/show/32384220-toolbar-google =>Toolbar.Google
~ http://nicolascoolman.webs.com/apps/blog/show/28158343-adware-bdsearch =>Adware.BDSearch
~ MSI: 2 link(s) detected in 00mn 10s



~ 1030 Legitimates filtered by white list
End of the scan (648 lines in 01mn 57s)(0)

Publicité


Signaler le contenu de ce document

Publicité