cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

~ Relatório do ZHPDiag v2014.12.27.179 - Nicolas Coolman (27/12/2014)
~ Iniciado por Suporte (19/03/2015 01:05:28)
~ Facebook : https://www.facebook.com/nicolascoolman1
~ Endereço do Webforum : http://forum.nicolascoolman.fr
~ Tradução pelo utilizador
~ Estatuto da versão : Nova Versão disponivel
~ Lista Branca : Ativado pelo programa
~ Elevação dos Privilégios : OK
~ Controle de Conta de Utilizador : Deactivate by user


---\\ Navegadores Internet
MSIE: Internet Explorer v11.0.9600.17501
MFIE: Mozilla Firefox 33.1.1
GCIE: Google Chrome v41.0.2272.89 (Defaut)

---\\ Informações sobre os produtos Windows
~ Langage: Portugais
Windows 7 Professional, 64-bit Service Pack 1 (Build 7601)
Windows Server License Manager Script : OK
Software Protection Service (Protection logicielle) : OK
Windows Automatic Updates : OK
Windows Activation Technologies : OK

---\\ Softwares de proteçao do sistema
avast! Free Antivirus v9.0.2021
Windows Defender W7 (Activate)

---\\ Softwares d'optimização do sistema
CCleaner v5.03

---\\ Softwares de partilha do PeerToPeer (P2P)

---\\ Monitoramento dos softwares
Adobe Reader XI MUI
Java 7 Update 67 (64-bit)

---\\ Informações sobre o sistema
~ Processor: Intel64 Family 6 Model 58 Stepping 9, GenuineIntel
~ Operating System: 64 Bits
Boot mode: Normal (Normal boot)
Total RAM: 3689 MB (55% free)
System Restore: Activé (Enable)
System drive C: has 389 GB (86%) free of 450 GB

---\\ Modo de conexão ao sistema
~ Computer Name: MAT-PREV-033
~ User Name: Suporte
~ All Users Names: Suporte, Convidado, ASPNET, Administrador,
~ Unselected Option: 045,061,O62,065,066,080,O82,089
Logged in as Administrator

---\\ As variáveis de ambiente
~ System Unit : C:\
~ %AppZHP% : C:\Users\teste\AppData\Roaming\ZHP\
~ %AppData% : C:\Users\teste\AppData\Roaming\
~ %Desktop% : C:\Users\teste\Desktop\
~ %Favorites% : C:\Users\teste\Favorites\
~ %LocalAppData% : C:\Users\teste\AppData\Local\
~ %StartMenu% : C:\Users\teste\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\

---\\ Enumeração das unidades dos discos
C: Hard drive, Flash drive, Thumb drive (Free 389 Go of 450 Go)
D: CD-ROM drive (Not Inserted)
E: CD-ROM drive (Not Inserted)
Q: Hard drive, Flash drive, Thumb drive (Free 5 Go of 15 Go)



---\\ Estado do Centro de Segurança do Windows
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: Modified
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowMyGames: Modified
~ Security Center: 49 Legitimates Filtered in 00mn 00s



---\\ Pesquisa particular de ficheiros genéricos
[MD5.332FEAB1435662FC6C672E25BEB37BE3] - (.Microsoft Corporation - Windows Explorer.) (.11/02/2013 - 15:40:18.) -- C:\Windows\Explorer.exe [2871808]
[MD5.94355C28C1970635A31B3FE52EB7CEBA] - (.Microsoft Corporation - Aplicativo de Inicialização do Windows.) (.13/07/2009 - 22:39:52.) -- C:\Windows\System32\Wininit.exe [129024]
[MD5.4AF089160FE082E5EA5C4AA72782DCA2] - (.Microsoft Corporation - Internet Extensions para Win32.) (.25/12/2014 - 18:18:49.) -- C:\Windows\System32\wininet.dll [2358272]
[MD5.8CEBD9D0A0A879CDE9F36F4383B7CAEA] - (.Microsoft Corporation - Aplicativo de Logon do Windows.) (.16/07/2014 - 23:07:24.) -- C:\Windows\System32\Winlogon.exe [455168]
[MD5.067FA52BFB59A56110A12312EF9AF243] - (.Microsoft Corporation - Biblioteca de Licenciamento de Software.) (.21/11/2010 - 00:24:16.) -- C:\Windows\System32\sppcomapi.dll [232448]
[MD5.FA886682CFC5D36718D3E436AACF10B9] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.30/05/2014 - 03:45:52.) -- C:\Windows\system32\Drivers\AFD.sys [497152]
[MD5.02062C0B390B7729EDC9E69C680A6F3C] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.13/07/2009 - 22:52:21.) -- C:\Windows\system32\Drivers\atapi.sys [24128]
[MD5.B8BD2BB284668C84865658C77574381A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.13/07/2009 - 20:19:47.) -- C:\Windows\system32\Drivers\Cdfs.sys [92160]
[MD5.F036CE71586E93D94DAB220D7BDF4416] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.21/11/2010 - 00:23:47.) -- C:\Windows\system32\Drivers\Cdrom.sys [147456]
[MD5.CF1F6326AC44C42F4615D4BD53188AC5] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.06/01/2015 - 22:48:10.) -- C:\Windows\system32\Drivers\DfsC.sys [105984]
[MD5.97BFED39B6B79EB12CDDBFEED51F56BB] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.21/11/2010 - 00:23:47.) -- C:\Windows\system32\Drivers\HDAudBus.sys [122368]
[MD5.FA55C73D4AFFA7EE23AC4BE53B4592D3] - (.Microsoft Corporation - Driver de porta i8042.) (.13/07/2009 - 20:19:57.) -- C:\Windows\system32\Drivers\i8042prt.sys [105472]
[MD5.AF9B39A7E7B6CAA203B3862582E9F2D0] - (.Microsoft Corporation - IP Network Address Translator.) (.13/07/2009 - 21:10:03.) -- C:\Windows\system32\Drivers\IpNat.sys [116224]
[MD5.211FB7D41E50BCBFEFC3512290E0339E] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.06/01/2015 - 22:49:32.) -- C:\Windows\system32\Drivers\MRxSmb.sys [159232]
[MD5.09594D1089C523423B32A4229263F068] - (.Microsoft Corporation - MBT Transport driver.) (.21/11/2010 - 00:23:51.) -- C:\Windows\system32\Drivers\netBT.sys [261632]
[MD5.1A29A59A4C5BA6F8C85062A613B7E2B2] - (.Microsoft Corporation - Driver do Sistema de Arquivos NT.) (.23/01/2014 - 23:37:55.) -- C:\Windows\system32\Drivers\ntfs.sys [1684928]
[MD5.0086431C29C35BE1DBC43F52CC273887] - (.Microsoft Corporation - Driver de porta paralela.) (.13/07/2009 - 21:00:41.) -- C:\Windows\system32\Drivers\Parport.sys [97280]
[MD5.471815800AE33E6F1C32FB1B97C490CA] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.21/11/2010 - 00:24:33.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [129536]
[MD5.1B6163C503398B23FF8B939C67747683] - (.Microsoft Corporation - Microsoft RDP Device redirector.) (.21/11/2010 - 00:25:07.) -- C:\Windows\system32\Drivers\rdpdr.sys [165888]
[MD5.548260A7B8654E024DC30BF8A7C5BAA4] - (.Microsoft Corporation - SMB Transport driver.) (.13/07/2009 - 21:09:09.) -- C:\Windows\system32\Drivers\smb.sys [93184]
[MD5.70988118145F5F10EF24720B97F35F65] - (.Microsoft Corporation - TDI Translation Driver.) (.10/11/2014 - 22:46:26.) -- C:\Windows\system32\Drivers\tdx.sys [119296]
[MD5.0D08D2F3B3FF84E433346669B5E0F639] - (.Microsoft Corporation - Driver de cópia de sombra de volume.) (.21/11/2010 - 00:23:47.) -- C:\Windows\system32\Drivers\volsnap.sys [295808]
~ Generic Processes: Scanned in 00mn 00s



---\\ Estatuto dos ficheiros ocultos (Oculto/Total)
~ Mes Favoris (My Favorites) : 1/19
~ Mes Documents (My Documents) : 2/6
~ Mon Bureau (My Desktop) : 1/154
~ Menu demarrer (Programs) : 1/30
~ Hidden Files: Scanned in 00mn 00s



---\\ Processos lançados
[MD5.6BA8D86746935498D64CB5CF6286F2EB] - (.Intel Corporation - Intel(R) USB 3.0 Monitor.) -- C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291608] [PID.2668]
[MD5.2FD7F9AB25F83D7D8CFF8BC84D6AA4CD] - (.Vimicro - VM331 StiMnt.) -- C:\Program Files (x86)\USB Camera\VM331STI.exe [548864] [PID.2520]
[MD5.26B558B2D31C7425B455B00E562EAD93] - (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe [4085896] [PID.356]
[MD5.14D6542607ACD4B2D1DDB1A36E0D8813] - (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [271744] [PID.3060]
[MD5.935CD218C06721994ED48349361467F9] - (.GAS Tecnologia - G-Buster Browser Defense - Service.) -- C:\Program Files (x86)\GbPlugin\gbpsv.exe [555320] [PID.4052]
[MD5.9201E92771F3D536DA4A53FDCC4B976B] - (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [809288] [PID.4224]
[MD5.E47AC731D42B2452D4C0BF096DF3DD6E] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [8145408] [PID.4060]
[MD5.B1EA9681502EE57F87DB71D726288A5B] - (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [65192] [PID.852]
[MD5.FB166D86AFCBD9A9BFD342DC2564F5DF] - (...) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [128280] [PID.1352]
[MD5.B443D3D1B6F21C2B424E49491B65C488] - (.Intel Corporation - Intel(R) Dynamic Application Loader Host In.) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [163608] [PID.1572]
[MD5.A134F76B0940CFD6F4963D52349B79AD] - (...) -- C:\Users\teste\AppData\Roaming\AE369A81-1426724208-11CB-B9CD-CFF9A71F413E\jnsr7E72.tmp [114688] [PID.1556]
[MD5.4ACFC5853A3F0C6C2F54E537C23EE90F] - (.TeamViewer GmbH - TeamViewer 9.) -- C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe [4799760] [PID.1772]
[MD5.1222BB41616077DFC572F18CDFFF5CE3] - (.UltraVNC - VNC server for win32.) -- C:\Program Files (x86)\UltraVNC\winvnc.exe [2035448] [PID.2128]
[MD5.7B785B3FB942714D230DFE1D711F08FA] - (...) -- C:\Users\teste\AppData\Roaming\AE369A81-1426724208-11CB-B9CD-CFF9A71F413E\nsh1B28.tmpfs [223232] [PID.2228]
[MD5.83FF82FE209E7997067B375DAD6CF23D] - (.Intel Corporation - Intel(R) Integrated Clock Controller Servic.) -- C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [169752] [PID.3740]
[MD5.9BE23DF9B1FC56F58DD0F28CC187E713] - (.Intel Corporation - Local Manageability Service.) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [277784] [PID.3840]
[MD5.30FF46EABCA1BB18E4F357492A8F7FC9] - (.Intel Corporation - User Notification Service.) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [363800] [PID.4820]
~ Processes Running: Scanned in 00mn 00s



---\\ Mozilla Firefox, Plugins,Arranque,Pesquisa,Extensões (P2,M0,M1,M2,M3)
C:\Users\teste\AppData\Roaming\Mozilla\Firefox\Profiles\8g3n91ly.default\prefs.js
M2 - MFEP: RegExtension {87F8774F-B485-47E2-A755-A40A8A5E886D} . (...) -- C:\Users\teste\AppData\Local\GAS Tecnologia\GBBD\cef\xpi (.not file.)
~ Firefox Browser: 7 Legitimates Filtered in 00mn 00s



---\\ Internet Explorer, Arranque, Pesquisa, URLSearchHook( gancho de URL), Phishing (R0,R1,R3,R4)
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.mystartsearch.com =>PUP.StartSearch
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.mystartsearch.com =>PUP.StartSearch
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.mystartsearch.com =>PUP.StartSearch
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.mystartsearch.com =>PUP.StartSearch
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs,Tabs = about:newtab
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://www.mystartsearch.com =>PUP.StartSearch
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.mystartsearch.com =>PUP.StartSearch
~ IE Browser: 20 Legitimates Filtered in 00mn 00s



---\\ Internet Explorer, Gestão do Proxy (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s



---\\ Análise das linhas F0, F1, F2, F3 - Ficheiros ini, Carregamento Automático de programas
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys: Scanned in 00mn 00s



---\\ Redireção do ficheiro Hosts (01)
~ Le fichier hôte est sain (The hosts file is clean) (21)
~ Hosts File: Scanned in 00mn 00s



---\\ Browser Helper Objects do navegador (02)
O2 - BHO: G-Buster Browser Defense CEF [64Bits] - {C41A1C0E-EA6C-11D4-B1B8-444553540003} . (.Caixa Economica Federal - Gbieh Module.) -- C:\Program Files (x86)\GbPlugin\gbiehcef.dll
~ BHO: 14 Legitimates Filtered in 00mn 00s



---\\ Barras do Internet Explorer (03))
O3 - Toolbar: (no name) - [HKLM]{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} Chave orfã
~ Toolbar: Scanned in 00mn 00s



---\\ Outras conexões do utilizador (04)
O4 - GS\Desktop [Public]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe http://www.mystartsearch.com =>PUP.StartSearch
O4 - GS\Program [Public]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe http://www.mystartsearch.com =>PUP.StartSearch
~ Global Startup: 2 Legitimates Filtered in 00mn 00s



---\\ Aplicações iniciadas por registo & pastas (04)
O4 - HKLM\..\Run: [AmIcoSinglun64] . (.Alcor Micro Corp. - Single LUN Icon Utility for VID 058F PID 63.) -- C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
O4 - HKLM\..\Run: [RTHDVCPL] . (.Realtek Semiconductor - Gerenciador de áudio HD Realtek.) -- C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
O4 - HKLM\..\Run: [IgfxTray] . (.Intel Corporation - igfxTray Module.) -- C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] . (.Intel Corporation - hkcmd Module.) -- C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] . (.Intel Corporation - persistence Module.) -- C:\Windows\system32\igfxpers.exe
O4 - HKCU\..\Run: [DAEMON Tools Lite] . (.Disc Soft Ltd - DAEMON Tools Lite.) -- C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe =>.DT Soft Ltd
O4 - HKCU\..\Run: [CCleaner Monitoring] . (.Piriform Ltd - CCleaner.) -- C:\Program Files\CCleaner\CCleaner64.exe =>.Piriform Ltd
O4 - HKLM\..\Wow6432Node\Run: [USB3MON] . (.Intel Corporation - Intel(R) USB 3.0 Monitor.) -- C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
O4 - HKLM\..\Wow6432Node\Run: [331BigDog] . (.Vimicro - VM331 StiMnt.) -- C:\Program Files (x86)\USB Camera\VM331STI.exe
O4 - HKLM\..\Wow6432Node\Run: [Lenovo Registration] . (.Lenovo, Inc. - Lenovo Registration.) -- C:\Program Files (x86)\Lenovo Registration\LenovoReg.exe
O4 - HKLM\..\Wow6432Node\Run: [IMSS] . (.Intel Corporation - PIcon startup utility.) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe
O4 - HKLM\..\Wow6432Node\Run: [AvastUI.exe] . (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
O4 - HKLM\..\Wow6432Node\Run: [SunJavaUpdateSched] . (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe =>.Oracle Corporation
O4 - HKLM\..\Wow6432Node\Run: [gmsd_br_326] Chave orfã
O4 - HKLM\..\Wow6432Node\Run: [gmsd_br_329] Chave orfã
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets da Área de Trabalho do Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets da Área de Trabalho do Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-21-3512214515-48110081-3210559807-1000\..\Run: [DAEMON Tools Lite] . (.Disc Soft Ltd - DAEMON Tools Lite.) -- C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe =>.DT Soft Ltd
O4 - HKUS\S-1-5-21-3512214515-48110081-3210559807-1000\..\Run: [CCleaner Monitoring] . (.Piriform Ltd - CCleaner.) -- C:\Program Files\CCleaner\CCleaner64.exe =>.Piriform Ltd
~ Application: Scanned in 00mn 00s



---\\ Boutões da barra de ferramentas principal do Internet Explorer (09)
O9 - Extra button: Lync Click to Call [64Bits] - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} . (.Microsoft Corporation - Microsoft Lync.) -- C:\Program Files\Microsoft Office\Office15\lync.exe
~ IE Extra Buttons: Scanned in 00mn 00s



---\\ Site na zona confiavél do Internet Explorer (05)
O15 - Trusted Zone: [HKCU\...\Domains\www] http.caixa.gov.br
~ IE Zone Confiance: Scanned in 00mn 00s



---\\ Alteração Dominio/Clientes DNS (017)
O17 - HKLM\System\CCS\Services\Tcpip\..\{9F0D894B-D37C-45A0-BB82-A01E4474963C}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{B923A09B-9A2C-4E74-B7CA-22BBC4284E9B}: DhcpNameServer = 201.17.128.105 201.17.128.111 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{9F0D894B-D37C-45A0-BB82-A01E4474963C}: DhcpDomain = domain.name
O17 - HKLM\System\CS1\Services\Tcpip\..\{9F0D894B-D37C-45A0-BB82-A01E4474963C}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{B923A09B-9A2C-4E74-B7CA-22BBC4284E9B}: DhcpNameServer = 201.17.128.105 201.17.128.111 192.168.0.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{9F0D894B-D37C-45A0-BB82-A01E4474963C}: DhcpDomain = domain.name
O17 - HKLM\System\CS2\Services\Tcpip\..\{9F0D894B-D37C-45A0-BB82-A01E4474963C}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{B923A09B-9A2C-4E74-B7CA-22BBC4284E9B}: DhcpNameServer = 201.17.128.105 201.17.128.111 192.168.0.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{9F0D894B-D37C-45A0-BB82-A01E4474963C}: DhcpDomain = domain.name
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = SUPERNOSSO.INTRA
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 201.17.128.105 201.17.128.111 192.168.0.1
~ Domain: Scanned in 00mn 00s



---\\ Protocolo adicional (018)
O18 - Handler: vbscript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visualizador de HTML da Microsoft (R).) -- C:\Windows\System32\mshtml.dll
O18 - Filter: text/xml [64Bits] - {807583E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.dll =>.Microsoft Corporation
~ Protocole Additionnel: Scanned in 00mn 00s



---\\ Valor do Registo AppInit_DLLs e sub-chaves Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: igfxcui . (.Intel Corporation - igfxdev Module.) -- C:\Windows\System32\igfxdev.dll
~ Winlogon: Scanned in 00mn 00s



---\\ Lista dos serviços NT não Microsoft e não desativados (023)
O23 - Service: Gbp Service (GbpSv) . (.GAS Tecnologia - G-Buster Browser Defense - Service.) - C:\Program Files (x86)\GbPlugin\gbpsv.exe
O23 - Service: Narration Indicator Lights (neqocino) . (...) - C:\Users\teste\AppData\Roaming\AE369A81-1426724208-11CB-B9CD-CFF9A71F413E\jnsr7E72.tmp
O23 - Service: UltraVNC (UltraVNC) . (.UltraVNC - VNC server for win32.) - C:\Program Files (x86)\UltraVNC\winvnc.exe
O23 - Service: Shortcut Expire (vopyfovi) . (...) - C:\Users\teste\AppData\Roaming\AE369A81-1426724208-11CB-B9CD-CFF9A71F413E\nsh1B28.tmpfs
~ Services: 15 Legitimates Filtered in 00mn 04s



---\\ Tarefas planificadas automaticamente (039)
[MD5.00000000000000000000000000000000] [APT] [C5D78CEA-DFB9-4338-A29A-B9A7501D1AB2] (...) -- C:\ProgramData\PC Faster\5.1.0.0\2853448333.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [Run_Bobby_Browser] (...) -- C:\Users\Suporte\AppData\Local\BoBrowser\Application\bobrowser.exe (.not file.) [0] =>PUP.BoBrowser
[MD5.00000000000000000000000000000000] [APT] [{2CD82BF1-1757-4F62-B18F-BBE7D911AB61}] (...) -- C:\Users\Suporte\Downloads\MuGame_Instalador.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{B6E596E0-405D-45A0-8BB2-727C3664CC44}] (...) -- C:\Users\Suporte\AppData\Roaming\mystartsearch\UninstallManager.exe (.not file.) [0] =>PUP.StartSearch
O39 - APT: C5D78CEA-DFB9-4338-A29A-B9A7501D1AB2 - (...) -- C:\Windows\Tasks\C5D78CEA-DFB9-4338-A29A-B9A7501D1AB2.job [540]
O39 - APT: C5D78CEA-DFB9-4338-A29A-B9A7501D1AB2 - (...) -- C:\Windows\System32\Tasks\C5D78CEA-DFB9-4338-A29A-B9A7501D1AB2 [540]
O39 - APT: - (..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore [1066]
O39 - APT: - (..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA [1070]
O39 - APT: - (..) -- C:\Windows\System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon [830]
O39 - APT: APT: - (..) -- C:\Windows\System32\System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon [830] - (..) -- C:\Windows\System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d [832]
~ Scheduled Task: 20 Legitimates Filtered in 00mn 04s



---\\ Drivers lançados ao arranque do sistema (041)
O41 - Driver: (cashnbackdrv) . (. - .) - C:\Windows\System32\drivers\cashnbackdrv.sys (.not file.)
O41 - Driver: (mosfilterdrv) . (.NetFilterSDK.com - NetFilter SDK TDI Hook Driver (WPP).) - C:\Windows\System32\drivers\mosfilterdrv.sys
O41 - Driver: (pofilterdrv) . (.NetFilterSDK.com - NetFilter SDK TDI Hook Driver (WPP).) - C:\Windows\System32\drivers\pofilterdrv.sys
~ Drivers: 84 Legitimates Filtered in 00mn 00s



---\\ Software instalados (042)
O42 - Logiciel: Appload 1.49 - (.Opticon Sensors Europe B.V..) [HKLM][64Bits] -- Appload
O42 - Logiciel: BoBrowser - (.BoBrowser.) [HKCU][64Bits] -- BoBrowser =>PUP.BoBrowser
O42 - Logiciel: NetO32 2.08 - (.Opticon Sensors Europe B.V..) [HKLM][64Bits] -- NetO32
O42 - Logiciel: Opticon USB Drivers Installer - (...) [HKLM][64Bits] -- Opticon USB Installer
O42 - Logiciel: RmvEchoVNC(32Bits) - (.SupernossoTI.) [HKLM][64Bits] -- {5EBB921C-3F1D-42EF-9D6D-08B1B69C92B8}
O42 - Logiciel: RmvEchoVNC(64Bits) - (.SupernossoTI.) [HKLM][64Bits] -- {F3DA81C3-A1F5-452B-93E1-59A6A09335F7}
O42 - Logiciel: RmvEchoVNC(x86)64Bits - (.SupernossoTI.) [HKLM][64Bits] -- {045EE8C2-D6B4-49DD-82BD-26B09741964D}
O42 - Logiciel: pdfFactory Pro - (.FinePrint Software, LLC.) [HKLM][64Bits] -- pdfFactory Pro
~ Logic: 42 Legitimates Filtered in 00mn 00s



---\\ HKCU & HKLM Software Keys
[HKCU\Software\AnyProtect] =>PUP.AnyProtect
[HKCU\Software\Baidu Security]
[HKCU\Software\CONSINCO]
[HKLM\Software\Wow6432Node\Baidu Security]
[HKLM\Software\Wow6432Node\Baidu_Drp_pos]
[HKLM\Software\Wow6432Node\Clara]
[HKLM\Software\Wow6432Node\Consinco]
[HKLM\Software\Wow6432Node\Search Vortex]
[HKLM\Software\Wow6432Node\SupDp] =>PUP.SupTab
[HKLM\Software\Wow6432Node\Tutorials] =>PUP.AgenceExclusive
[HKLM\Software\Wow6432Node\baidu]
[HKLM\Software\Wow6432Node\supTab] =>PUP.SupTab
~ Key Software: 273 Legitimates Filtered in 00mn 00s



---\\ Conteúdo das pastas Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 23/01/2015 - 15:47:34 - [] ----D C:\Program Files (x86)\Appload
O43 - CFD: 18/03/2015 - 21:14:23 - [] ----D C:\Program Files (x86)\Baidu Security
O43 - CFD: 20/08/2014 - 13:51:08 - [] ----D C:\Program Files (x86)\EchoVNC
O43 - CFD: 23/01/2015 - 14:40:26 - [] ----D C:\Program Files (x86)\Opticon
O43 - CFD: 17/03/2015 - 19:38:32 - [0] ----D C:\Program Files (x86)\RBM
O43 - CFD: 07/03/2015 - 18:24:13 - [] ----D C:\ProgramData\13484584179069839479
O43 - CFD: 20/08/2014 - 17:43:08 - [] ----D C:\ProgramData\boost_interprocess
O43 - CFD: 07/03/2015 - 18:23:41 - [] ----D C:\ProgramData\iajhiiiokbagonfjnkjgboeemmppnblj
O43 - CFD: 18/03/2015 - 22:52:53 - [0] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\4DO
O43 - CFD: 23/01/2015 - 14:40:02 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Appload
O43 - CFD: 23/01/2015 - 14:40:30 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NetO32
O43 - CFD: 11/02/2013 - 15:28:06 - [0] R-H-D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tablet PC
O43 - CFD: 18/03/2015 - 21:17:29 - [] ----D C:\Users\teste\AppData\Roaming\AE369A81-1426724208-11CB-B9CD-CFF9A71F413E
O43 - CFD: 18/03/2015 - 22:04:17 - [] -SH-D C:\Users\teste\AppData\Roaming\AnyProtectEx =>PUP.AnyProtect
O43 - CFD: 14/08/2014 - 13:39:16 - [] ----D C:\Users\teste\AppData\Roaming\PwrMgr
O43 - CFD: 18/03/2015 - 22:42:47 - [] ----D C:\Users\teste\AppData\Local\AE369A81-1426713645-11CB-B9CD-CFF9A71F413E
O43 - CFD: 14/01/2015 - 21:37:15 - [] -SH-D C:\Users\teste\AppData\Local\EmieBrowserModeList
O43 - CFD: 23/01/2015 - 14:40:00 - [0] ----D C:\Users\teste\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Appload
O43 - CFD: 20/08/2014 - 12:47:04 - [] ----D C:\Users\teste\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\pdfFactory Pro
~ Program Folder: 176 Legitimates Filtered in 00mn 00s



---\\ Últimos ficheiros alterados ou criados no Windows e Sistema32 (044)
O44 - LFC:[MD5.643A679CFCFEE965115B46F38AE874B6] - 08/03/2015 - 08:45:14 ---A- . (...) -- C:\Windows\System32\prfc0416.dat [152888]
O44 - LFC:[MD5.2CC4459D460D369004BA49F429A4D965] - 08/03/2015 - 08:45:14 ---A- . (...) -- C:\Windows\System32\prfh0416.dat [715502]
O44 - LFC:[MD5.6A23CA3C85D46DFB6335FAD11CCCBC95] - 15/03/2015 - 17:22:43 ---A- . (...) -- C:\.rnd [1024]
O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 17/03/2015 - 19:38:31 ---A- . (...) -- C:\END [0]
O44 - LFC:[MD5.308C0E4635937A45F96C41AC2C8490F1] - 19/03/2015 - 00:51:16 ---A- . (...) -- C:\IFRToolLog.txt [1251567]
~ Files: 198 Legitimates Filtered in 00mn 05s



---\\ Chave do registo Shell MountPoints2 (MPSK) (O51)
O51 - MPSK:{8a594a4e-f787-11e3-92c0-806e6f6e6963}\AutoRun\command. (...) -- D:\DriverPackSolution.exe (.not file.)
O51 - MPSK:{a22fcec6-f785-11e3-a963-806e6f6e6963}\AutoRun\command. (.Lenovo Group Limited - Lenovo Factory Backup Partition Information.) -- Q:\LenovoQDrive.exe
~ Keys: Scanned in 00mn 00s



---\\ Enumeração das chaves do registo PoliciesSystem (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=0
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
~ MWPS: 18 Legitimates Filtered in 00mn 00s



---\\ Enumeração das chaves do registo PoliciesExplorer (MWPE) (O56)
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktopChanges"=1
~ MWPE Keys: 4 Legitimates Filtered in 00mn 00s



---\\ Lista dos drivers do sistema (SDL) (O58)
O58 - SDL:04/10/2014 - 22:54:55 ---A- . (...) -- C:\Windows\System32\Drivers\aswHwid.sys [29208] =>.ALWIL Software
O58 - SDL:04/10/2014 - 22:54:55 ---A- . (...) -- C:\Windows\System32\Drivers\aswRvrt.sys [65776] =>.ALWIL Software
O58 - SDL:04/10/2014 - 22:54:55 ---A- . (...) -- C:\Windows\System32\Drivers\aswVmm.sys [224896] =>.ALWIL Software
O58 - SDL:13/07/2009 - 22:47:48 ---A- . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\System32\Drivers\elxstor.sys [530496]
O58 - SDL:10/06/2009 - 17:31:59 ---A- . (.Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for eHome.) -- C:\Windows\System32\Drivers\hcw85cir.sys [31232]
O58 - SDL:02/10/2014 - 23:29:32 ---A- . (.NetFilterSDK.com - NetFilter SDK TDI Hook Driver (WPP).) -- C:\Windows\System32\Drivers\mosfilterdrv.sys [60728]
O58 - SDL:29/08/2014 - 10:13:06 ---A- . (.NetFilterSDK.com - NetFilter SDK TDI Hook Driver (WPP).) -- C:\Windows\System32\Drivers\pofilterdrv.sys [60736]
O58 - SDL:20/09/2012 - 01:35:36 ---A- . (.DEVGURU Co., LTD.(www.devguru.co.kr) - SAMSUNG USB Composite Device Driver (MSS Ver.3).) -- C:\Windows\System32\Drivers\ssudbus.sys [102368]
O58 - SDL:20/09/2012 - 01:35:36 ---A- . (.DEVGURU Co., LTD.(www.devguru.co.kr) - SAMSUNG Android Modem Device Driver (MSS Ver.3).) -- C:\Windows\System32\Drivers\ssudmdm.sys [203104]
O58 - SDL:13/07/2009 - 22:45:55 ---A- . (.Promise Technology - Promise SuperTrak EX Series Driver for Windows.) -- C:\Windows\System32\Drivers\stexstor.sys [24656]
~ Drivers: 77 Legitimates Filtered in 00mn 01s



---\\ Lista das ferramentas de remoção de vírus (LAT) (063)
O63 - Logiciel: ZHPDiag 2014 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =>.Nicolas Coolman
~ ADS: Scanned in 00mn 00s



---\\ Lista dos serviços Legacy du registo (064)
O64 - Services: CurCS - 04/10/2014 - C:\Windows\system32\drivers\aswHwid.sys (aswHwid) .(...) - LEGACY_ASWHWID
O64 - Services: CurCS - 02/10/2014 - C:\Windows\System32\drivers\mosfilterdrv.sys (mosfilterdrv) .(.NetFilterSDK.com - NetFilter SDK TDI Hook Driver (WPP).) - LEGACY_MOSFILTERDRV
O64 - Services: CurCS - 29/08/2014 - C:\Windows\System32\drivers\pofilterdrv.sys (pofilterdrv) .(.NetFilterSDK.com - NetFilter SDK TDI Hook Driver (WPP).) - LEGACY_POFILTERDRV
~ Legacy: 106 Legitimates Filtered in 00mn 00s



---\\ Associações Shell Spawning (O67)
O67 - Shell Spawning: <.html> [HKCU\..\open\Command] (.Not Key.)
~ FASS Keys: 11 Legitimates Filtered in 00mn 00s



---\\ Menu de inicialização Internet (068)
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (...) -- C:\Users\teste\AppData\Local\BoBrowser\Application\bobrowser.exe (.not file.) =>PUP.BoBrowser
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (...) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe" http://www.mystartsearch.com =>PUP.StartSearch
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (...) -- C:\Program Files\Internet Explorer\iexplore.exe http://www.mystartsearch.com =>PUP.StartSearch
~ Keys: Scanned in 00mn 00s



---\\ Pesquisa de infeção nos navegadores da Internet (SBI) (069)
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (Bing) - http://www.bing.com
~ Keys: Scanned in 00mn 00s



---\\ Search Tracing Registry Key (O100)
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\PennyBeeW_RASAPI32 =>PUP.PaybyAds
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\PennyBeeW_RASMANCS =>PUP.PaybyAds
~ BTK: 68 Legitimates Filtered in 00mn 00s



---\\ Estado general dos serviços não Microsoft (EGS) (SR=Executados, SS=Parados)
SS - | Auto 04/10/2014 50344 | (avast! Antivirus) . (.AVAST Software.) - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
SS - | Disabled 10/07/1658 0 | (ClaraUpdater) . (...) - C:\Program Files (x86)\Common Files\ClaraUpdater\ClaraUpdater.exe =>Adware.SupTab
SS - | Demand 27/08/2013 279024 | (cphs) . (.Intel Corporation.) - C:\Windows\SysWow64\IntelCpHeciSvc.exe
SS - | Auto 18/03/2015 107848 | (gupdate) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 18/03/2015 107848 | (gupdatem) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 13/11/2014 114288 | (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
SR - | Auto 23/09/2012 65192 | (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
SR - | Auto 03/11/2014 555320 | (GbpSv) . (.GAS Tecnologia.) - C:\Program Files (x86)\GbPlugin\gbpsv.exe
SR - | Auto 06/12/2012 60272 | (IBMPMSVC) . (.Lenovo..) - C:\Windows\System32\ibmpmsvc.exe
SR - | Demand 24/04/2012 169752 | (ICCS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
SR - | Auto 02/02/2012 628448 | (Intel(R) Capability Licensing Service Interface) . (.Intel(R) Corporation.) - C:\Program Files\Intel\iCLS Client\HeciServer.exe
SR - | Auto 06/03/2012 128280 | (Intel(R) ME Service) . (...) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
SR - | Auto 06/03/2012 163608 | (jhi_service) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
SR - | Auto 06/03/2012 277784 | (LMS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
SR - | Auto 18/03/2015 114688 | (neqocino) . (...) - C:\Users\teste\AppData\Roaming\AE369A81-1426724208-11CB-B9CD-CFF9A71F413E\jnsr7E72.tmp
SR - | Auto 12/09/2014 4799760 | (TeamViewer9) . (.TeamViewer GmbH.) - C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
SR - | Auto 29/04/2013 2035448 | (UltraVNC) . (.UltraVNC.) - C:\Program Files (x86)\UltraVNC\winvnc.exe
SR - | Auto 06/03/2012 363800 | (UNS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
SR - | Auto 05/08/2013 898640 | (VMUSBArbService) . (.VMware, Inc..) - C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe
SR - | Auto 18/03/2015 223232 | (vopyfovi) . (...) - C:\Users\teste\AppData\Roaming\AE369A81-1426724208-11CB-B9CD-CFF9A71F413E\nsh1B28.tmpfs
SR - | Auto 13/07/2009 27136 | C:\Program Files (x86)\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SR - | Demand 10/07/1658 0 | (WMPNetworkSvc) . (...) - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe =>.Microsoft Corporation
SR - | Auto 13/07/2009 27136 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
~ Services: Scanned in 00mn 09s



---\\ Scâner Aditional (088)
Database Version : 13026 - (27/12/2014)
Clés trouvées (Keys found) : 8
Valeurs trouvées (Values found) : 2
Dossiers trouvés (Folders found) : 1
Fichiers trouvés (Files found) : 3

[HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\BoBrowser] =>PUP.BoBrowser^
[HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}] =>PUP.V9Software
[HKLM\Software\Wow6432Node\Tutorials] =>Spyware.AgenceExclusive
[HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\IMBoosterARP] =>Adware.IMBooster
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\IMBoosterARP] =>Adware.IMBooster
[HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\SearchProtect] =>Toolbar.Conduit
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\SearchProtect] =>Toolbar.Conduit
[HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\IminentToolbar] =>Adware.IMBooster
C:\Users\teste\AppData\Roaming\AnyProtectEx =>PUP.AnyProtect^
[HKCU\Software\AnyProtect] =>PUP.AnyProtect^
[HKLM\Software\Wow6432Node\SupDp] =>PUP.SupTab^
[HKLM\Software\Wow6432Node\supTab] =>PUP.SupTab^
~ Additionnel Scan: 248560 Items scanned in 00mn 25s



---\\ Informações complémentaires do módulos
~ http://nicolascoolman.fr/r5-internet-explorer-proxy-management-iepm/ =>.Internet Explorer, Gestão do Proxy (R5)
~ http://nicolascoolman.fr/o2-browser-helper-objects-de-navigateur/ =>.Browser Helper Objects do navegador (02)
~ http://nicolascoolman.fr/o3-internet-explorer-toolbars/ =>.Barras do Internet Explorer (03))
~ http://nicolascoolman.fr/o4-applications-demarrees-par-le-registre/ =>.Aplicações iniciadas por registo & pastas (04)
~ http://nicolascoolman.fr/o51-mountpoints2-shell-key-mpsk/ =>.Chave do registo Shell MountPoints2 (MPSK) (O51)
~ AMI: 5 Legitimates Filtered in 00mn 00s



---\\ Sumário das deteções encontradas na sua estação
http://nicolascoolman.fr/pup-startsearch =>PUP.StartSearch
http://www.nicolascoolman.fr/blog/ =>PUP.BoBrowser
http://nicolascoolman.fr/pup-anyprotect =>PUP.AnyProtect
http://nicolascoolman.fr/pup-suptab =>PUP.SupTab
http://nicolascoolman.fr/spyware-agenceexclusive =>PUP.AgenceExclusive
http://nicolascoolman.fr/pup-paybyads =>PUP.PaybyAds
http://www.nicolascoolman.fr/blog/ =>Adware.SupTab
http://nicolascoolman.fr/pup-v9software =>PUP.V9Software
http://www.nicolascoolman.fr/blog/ =>Spyware.AgenceExclusive
http://nicolascoolman.fr/adware-imbooster =>Adware.IMBooster
http://nicolascoolman.fr/toolbar-conduit =>Toolbar.Conduit
~ MSI: 11 link(s) detected in 00mn 00s



~ 995 Legitimates filtered by white list
End of the scan (519 lines in 01mn 12s)(0)

Publicité


Signaler le contenu de ce document

Publicité