cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

~ ZHPDiag v2015.8.31.131 Por Nicolas Coolman (2015/08/31)
~ iniciado por USUARIO (Administrator) (2015/08/31 17:52:56)
~ Site: http://www.nicolascoolman.fr
~ Facebook: https://www.facebook.com/nicolascoolman1
~ Status da versão: Version OK
~ Modo: Scanner
~ Relatório: C:\Documents and Settings\USUARIO\Desktop\ZHPDiag.txt
~ Relatório: C:\Documents and Settings\USUARIO\Dados de aplicativos\ZHP\ZHPDiag.txt
~ UAC: Deactivate
~ Inicialização do sistema: Normal (Normal boot)
Windows XP, 32-bit Service Pack 3 (Build 2600)

---\\ Navegadores Internet (2) - 0s
GCIE: Google Chrome v44.0.2403.157
MSIE: Internet Explorer v8.0.6001.18702

---\\ Informações sobre os produtos Windows (3) - 2s
Key Management Service client information : KO
Windows Automatic Updates : KO
Windows Genuine Advantage : KO

---\\ Softwares de proteçao do sistema (1) - 2s
Avast Free Antivirus v10.3.2225

---\\ Monitoramento dos softwares (2) - 2s
Adobe Flash Player 18 ActiveX
Adobe Reader XI

---\\ Informações sobre o sistema (6) - 0s
~ Operating System: x86 Family 15 Model 4 Stepping 9, GenuineIntel
~ Operating System: 32-bit
~ Boot mode: Normal (Normal boot)
Total RAM: 1015.088 MB (36% free)
~ System Restore: Activé (Enable)
~ System drive C: has 46 GB free of 76 GB

---\\ Modo de conexão ao sistema (3) - 0s
~ Computer Name: MICRO02
~ User Name: USUARIO
~ Logged in as Administrator

---\\ Enumeração das unidades dos discos (1) - 6s
~ Drive C: has 46 GB free of 76 GB (System)

---\\ Estado do Centro de Segurança do Windows (8) - 0s
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Intl: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] XMLLookup: OK
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
[HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] Load: OK
[HKLM\SYSTEM\CurrentControlSet\Services\COMSysApp] Type: OK

---\\ Pesquisa particular de ficheiros genéricos (22) - 1s
[MD5.064EC7FF5F58B928C3E119402977FA6D] - (.Microsoft Corporation - Windows Explorer.) () -- C:\WINDOWS.0\Explorer.exe [1035776] ©
[MD5.E715412E47D20EB0EBF77B65F9157343] - (.Microsoft Corporation - Executa uma DLL como um aplicativo.) () -- C:\WINDOWS.0\System32\rundll32.exe [33280] ©
[MD5.6CE32F7778061CCC5814D5E0F282D369] - (.Microsoft Corporation - Internet Extensions for Win32.) () -- C:\WINDOWS.0\System32\wininet.dll [914944] ©
[MD5.71D440F79B711627B12B567FB2EADB42] - (.Microsoft Corporation - Aplicativo de logon do Windows NT.) () -- C:\WINDOWS.0\System32\Winlogon.exe [509952] ©
[MD5.4D43E74F2A1239D53929B82600F1971C] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) () -- C:\WINDOWS.0\System32\drivers\AFD.sys [138496] ©
[MD5.9F3A2F5AA6875C72BF062C712CFA2674] - (.Microsoft Corporation - IDE/ATAPI Port Driver.) () -- C:\WINDOWS.0\System32\drivers\atapi.sys [96512] ©
[MD5.C885B02847F5D2FD45A24E219ED93B32] - (.Microsoft Corporation - CD-ROM File System Driver.) () -- C:\WINDOWS.0\System32\drivers\Cdfs.sys [63744] ©
[MD5.1F4260CC5B42272D71F79E570A27A4FE] - (.Microsoft Corporation - SCSI CD-ROM Driver.) () -- C:\WINDOWS.0\System32\drivers\Cdrom.sys [62976] ©
[MD5.A8D31E836CCF2F51009CE7DFFECF6D51] - (.Microsoft Corporation - FIPS Crypto Driver.) () -- C:\WINDOWS.0\System32\drivers\Fips.sys [44672] ©
[MD5.573C7D0A32852B48F3058CFD8026F511] - (.Windows (R) Server 2003 DDK provider - High Definition Audio Bus Driver v1.0a.) () -- C:\WINDOWS.0\System32\drivers\HDAudBus.sys [144384]
[MD5.485BC6BEB778B5E9702E6AA3D384C0CB] - (.Microsoft Corporation - Driver de porta i8042.) () -- C:\WINDOWS.0\System32\drivers\i8042prt.sys [53504] ©
[MD5.083A052659F5310DD8B6A6CB05EDCF8E] - (.Microsoft Corporation - IMAPI Kernel Driver.) () -- C:\WINDOWS.0\System32\drivers\Imapi.sys [42112] ©
[MD5.CC748EA12C6EFFDE940EE98098BF96BB] - (.Microsoft Corporation - IP Network Address Translator.) () -- C:\WINDOWS.0\System32\drivers\IpNat.sys [152832] ©
[MD5.23C74D75E36E7158768DD63D92789A91] - (.Microsoft Corporation - IPSec Driver.) () -- C:\WINDOWS.0\System32\drivers\IPSec.sys [75264] ©
[MD5.7170AB42B51954DEF2781A4D1CCE65F4] - (.Microsoft Corporation - Windows NT SMB Minirdr.) () -- C:\WINDOWS.0\System32\drivers\MRxSmb.sys [455936] ©
[MD5.74B2B2F5BEA5E9A3DC021D685551BD3D] - (.Microsoft Corporation - MBT Transport driver.) () -- C:\WINDOWS.0\System32\drivers\netBT.sys [162816] ©
[MD5.78A08DD6A8D65E697C18E1DB01C5CDCA] - (.Microsoft Corporation - NT File System Driver.) () -- C:\WINDOWS.0\System32\drivers\ntfs.sys [574976] ©
[MD5.9BADEE6B698BF1AF36E25A1A64A89EAB] - (.Microsoft Corporation - Driver de porta paralela.) () -- C:\WINDOWS.0\System32\drivers\Parport.sys [80384] ©
[MD5.11B4A627BC9614B885C4969BFA5FF8A6] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) () -- C:\WINDOWS.0\System32\drivers\Rasl2tp.sys [51328] ©
[MD5.15CABD0F7C00C47C70124907916AF3F1] - (.Microsoft Corporation - Microsoft RDP Device redirector.) () -- C:\WINDOWS.0\System32\drivers\rdpdr.sys [196224] ©
[MD5.68D749B04BFBBD4D4D15CC5185AFA4DD] - (.Microsoft Corporation - Redbook Audio Filter Driver.) () -- C:\WINDOWS.0\System32\drivers\redbook.sys [58240] ©
[MD5.EB6B1E2C984D84470FF4FE7EF98CD44A] - (.Microsoft Corporation - Driver de cópia de sombra de volume.) () -- C:\WINDOWS.0\System32\drivers\volsnap.sys [53248] ©

---\\ Processos lançados (24) - 4s
[MD5.78CC42364F47A889CBC4E66E8BA4DB9D] - (.GAS Tecnologia - G-Buster Browser Defense - Service.) -- C:\Arquivos de programas\GbPlugin\gbpsv.exe [587576] [PID.1152]
[MD5.78CC42364F47A889CBC4E66E8BA4DB9D] - (.GAS Tecnologia - G-Buster Browser Defense - Service.) -- C:\Arquivos de programas\GbPlugin\gbpsv.exe [587576] [PID.1868]
[MD5.4956380A54B1C9E6BFDF3D80DACB9698] - (.AVAST Software - avast! Service.) -- C:\Arquivos de programas\AVAST Software\Avast\AvastSvc.exe [146600] [PID.1928] ©
[MD5.AB4177025353ED30A67F1B4D9806F6C0] - (.S3 Graphics, Inc. - .) -- C:\WINDOWS.0\system32\VTTimer.exe [94208] [PID.496] ©
[MD5.F66203AF9C159E2CBD54DF981654F499] - (.AVAST Software - avast! Antivirus.) -- C:\Arquivos de programas\AVAST Software\Avast\avastui.exe [6111824] [PID.1044] ©
[MD5.7F232F51427036F7AF6A6806257422EC] - (.Symantec Corporation - Tray Application.) -- C:\Arquivos de programas\Norton Ghost\Agent\VProTray.exe [2596712] [PID.1352] ©
[MD5.269757649A6F109B69CA14381E20FA11] - (.GAS Tecnologia LTDA - GAS Tecnologia - Core.) -- C:\Arquivos de programas\Diebold\Warsaw\core.exe [509752] [PID.1392]
[MD5.F916BA0DA28A4B4F7B1ADE76EB42F088] - (.Oracle Corporation - Java Update Scheduler.) -- C:\Arquivos de programas\Arquivos comuns\Java\Java Update\jusched.exe [597552] [PID.1512] ©
[MD5.A50878D4C50DA72EDCA919162624AA28] - (.Firebird Project - Firebird SQL Server.) -- C:\Arquivos de programas\Firebird\Firebird_2_5\bin\fbguard.exe [98304] [PID.1576] ©
[MD5.4AD196A3CFA4D546068E24477A720948] - (.Symantec Corporation - Service Module.) -- C:\Arquivos de programas\Norton Ghost\Agent\VProSvc.exe [4584288] [PID.388] ©
[MD5.427DD53FDC9D5270B8BE38CC84FC3901] - (.PostgreSQL Global Development Group - pg_ctl - starts/stops/restarts the PostgreS.) -- C:\UNICO\pg\bin\pg_ctl.exe [66048] [PID.808]
[MD5.269757649A6F109B69CA14381E20FA11] - (.GAS Tecnologia LTDA - GAS Tecnologia - Core.) -- C:\Arquivos de programas\Diebold\Warsaw\core.exe [509752] [PID.1216]
[MD5.EA8CE6F0D1E3D2E44E466288FA32ECF8] - (.PostgreSQL Global Development Group - PostgreSQL Server.) -- C:\UNICO\pg\bin\postgres.exe [4554752] [PID.1548]
[MD5.EA8CE6F0D1E3D2E44E466288FA32ECF8] - (.PostgreSQL Global Development Group - PostgreSQL Server.) -- C:\UNICO\pg\bin\postgres.exe [4554752] [PID.320]
[MD5.EA8CE6F0D1E3D2E44E466288FA32ECF8] - (.PostgreSQL Global Development Group - PostgreSQL Server.) -- C:\UNICO\pg\bin\postgres.exe [4554752] [PID.1632]
[MD5.EA8CE6F0D1E3D2E44E466288FA32ECF8] - (.PostgreSQL Global Development Group - PostgreSQL Server.) -- C:\UNICO\pg\bin\postgres.exe [4554752] [PID.1876]
[MD5.EA8CE6F0D1E3D2E44E466288FA32ECF8] - (.PostgreSQL Global Development Group - PostgreSQL Server.) -- C:\UNICO\pg\bin\postgres.exe [4554752] [PID.1696]
[MD5.7D22E48510A807062210E20E17AAB97D] - (.Firebird Project - Firebird SQL Server.) -- C:\Arquivos de programas\Firebird\Firebird_2_5\bin\fbserver.exe [3764224] [PID.1948] ©
[MD5.CDEF64BCA00C861C5F6F6907CFF75490] - (.LOGTEC SISTEMAS - SUPER CAIXA.) -- C:\Logtec\SuperCaixa\supercaixa.exe [30469120] [PID.3592]
[MD5.21FF886E6F679FC1EB352F231E846357] - (.Symantec - Symantec Snapshot Service.) -- C:\Arquivos de programas\Norton Ghost\Shared\Drivers\SymSnapService.exe [1964528] [PID.3760] ©
[MD5.92B2CC464136BA72FF7E57DF98993ACA] - (.Google Inc. - Google Chrome.) -- C:\Arquivos de programas\Google\Chrome\Application\chrome.exe [813896] [PID.2588] ©
[MD5.92B2CC464136BA72FF7E57DF98993ACA] - (.Google Inc. - Google Chrome.) -- C:\Arquivos de programas\Google\Chrome\Application\chrome.exe [813896] [PID.3208] ©
[MD5.FE4DD1A2E417A772052A142AEAFE5EDD] - (.Nicolas Coolman - ZHPDiag.) -- C:\Documents and Settings\USUARIO\Desktop\ZHPDiag3.exe [1915392] [PID.1596] ©
[MD5.368290D0A612D62DA6F3D798B1BB8FE7] - (.Adobe Systems Incorporated - Adobe® Flash® Player Update Service 18.0 r0.) -- C:\WINDOWS.0\system32\Macromed\Flash\FlashPlayerUpdateService.exe [269000] [PID.344] ©

---\\ Google Chrome, Arranque,Pesquisa,Extensões (10) - 0s
G2 - GCE: Preference [User Data\Default] [aapocclcgogkmnckokdopfmhonfmgoek] Google Chrome manifest =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [aohghmighlieiainnegkcijnfilokake] Google Chrome manifest =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [apdfllckaahabafndbhieahigkjlhalf] Google Chrome manifest =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [blpcfgokakmgnkcojhhkbfbldkacnbeo] Google Chrome manifest =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [coobgpohoikkiipiblmjeljniedjpjpf] Google Chrome manifest =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [felcaaldnbdncclmgdcncolpebgiejap] Google Chrome manifest =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [gomekmidlodglbbmalcneegieacbdmki] Avast Online Security
G2 - GCE: Preference [User Data\Default] [lccekmodgklaepjeofjdjpbminllajkg] Chrome Hotword Shared Module
G2 - GCE: Preference [User Data\Default] [nmmhkkegccagdldgiimedpiccmgmieda] Google Chrome manifest =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [pjkljhegncpnkpknbcohdijeoejaedia] Google Chrome manifest =>.Google Inc.

---\\ Internet Explorer, Arranque, Pesquisa, Phishing (11) - 0s
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs = res://ieframe.dll/tabswelcome.htm
R3 - URLSearchHook: (no name) - {D8278076-BC68-4484-9233-6E7F1628B56C} Orphean
R3 - URLSearchHook: (no name) - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} Orphean =>.Microsoft Internet Explorer

---\\ Internet Explorer, Gestão do Proxy (4) - 0s
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll

---\\ Análise das linhas, Carregamento Automático de programas (3) - 0s
F2 - REG:system.ini: UserInit=C:\WINDOWS.0\system32\userinit.exe (.Microsoft Corporation.)
F2 - REG:system.ini: Shell=C:\WINDOWS.0\explorer.exe (.Microsoft Corporation.)
F2 - REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL "sysdm.cpl"

---\\ Redireção do ficheiro Hosts (1) - 0s
~ Le fichier hôte est sain (The hosts file is clean) (18)

---\\ Browser Helper Objects do navegador (7) - 1s
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} . (.Adobe Systems Incorporated - Adobe PDF Helper for Internet Explorer.) -- C:\Arquivos de programas\Arquivos comuns\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll ©
O2 - BHO: Ask Toolbar BHO - {4F524A2D-5637-4300-76A7-7A786E7484D7} (Orphean) =>Toolbar.AsktBar
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} . (.Oracle Corporation - Java(TM) Platform SE binary.) -- C:\Arquivos de programas\Java\jre1.8.0_60\bin\ssv.dll ©
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} . (.AVAST Software - IE Webrep plugin.) -- C:\Arquivos de programas\AVAST Software\Avast\aswWebRepIE.dll ©
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} . (...) -- C:\ARQUIV~1\MICROS~2\Office14\URLREDIR.DLL (.not file.)
O2 - BHO: G-Buster Browser Defense - {C41A1C0E-EA6C-11D4-B1B8-444553540000} . (.Banco do Brasil - Gbieh Module.) -- C:\ARQUIVOS DE PROGRAMAS\GbPlugin\gbieh.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Oracle Corporation - Java(TM) Platform SE binary.) -- C:\Arquivos de programas\Java\jre1.8.0_60\bin\jp2ssv.dll ©

---\\ Barras do Internet Explorer (3) - 0s
O3 - Toolbar: 0xB1C218236549D4119B18009027A5CD4F - [HKCU]{2318C2B1-4965-11D4-9B18-009027A5CD4F} . (...) -- (.not file.)
O3 - Toolbar: 0x2D4A524F3756004376A77A786E7484D7 - [HKCU]{4F524A2D-5637-4300-76A7-7A786E7484D7} . (...) -- (.not file.)
O3 - Toolbar: (no name) - [HKLM]{4F524A2D-5637-4300-76A7-7A786E7484D7} (Orphean) (.not file.)

---\\ Aplicações iniciadas por registo & pastas (14) - 0s
O4 - HKLM\..\Run: [VTTimer] . (.S3 Graphics, Inc. - .) -- C:\WINDOWS.0\System32\VTTimer.exe ©
O4 - HKLM\..\Run: [AvastUI.exe] . (.AVAST Software - avast! Antivirus.) -- C:\Arquivos de programas\AVAST Software\Avast\avastui.exe ©
O4 - HKLM\..\Run: [KernelFaultCheck] C:\WINDOWS.0\system32\dumprep 0 -k (.not file.)
O4 - HKLM\..\Run: [Norton Ghost 15.0] . (.Symantec Corporation - Tray Application.) -- C:\Arquivos de programas\Norton Ghost\Agent\VProTray.exe ©
O4 - HKLM\..\Run: [Diebold - Warsaw] . (.GAS Tecnologia LTDA - GAS Tecnologia - Core.) -- C:\Arquivos de programas\Diebold\Warsaw\core.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] . (.Oracle Corporation - Java Update Scheduler.) -- C:\Arquivos de programas\Arquivos comuns\Java\Java Update\jusched.exe ©
O4 - HKCU\..\Run: [ctfmon.exe] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS.0\system32\ctfmon.exe ©
O4 - HKCU\..\Run: [JavaSystem] C:\ProgramData\gldsys\javarec86.cpl (.not file.)
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS.0\system32\ctfmon.exe ©
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS.0\system32\ctfmon.exe ©
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS.0\system32\ctfmon.exe ©
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS.0\system32\ctfmon.exe ©
O4 - HKUS\S-1-5-21-1547161642-602162358-842925246-1003\..\Run: [ctfmon.exe] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS.0\system32\ctfmon.exe ©
O4 - HKUS\S-1-5-21-1547161642-602162358-842925246-1003\..\Run: [JavaSystem] C:\ProgramData\gldsys\javarec86.cpl (.not file.)

---\\ Alteração Dominio/Clientes DNS (6) - 0s
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpDomain = domain.name
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: DhcpDomain = domain.name
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: DhcpDomain = domain.name

---\\ Protocolo adicional (30) - 1s
O18 - Handler: about - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\WINDOWS.0\system32\mshtml.dll ©
O18 - Handler: cdl - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS.0\system32\urlmon.dll ©
O18 - Handler: dvd - {12D51199-0DB5-46FE-A120-47A3D7D937CC} . (.Microsoft Corporation - Controle ActiveX para fluxo de vídeo.) -- C:\WINDOWS.0\system32\msvidctl.dll ©
O18 - Handler: file - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS.0\system32\urlmon.dll ©
O18 - Handler: ftp - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS.0\system32\urlmon.dll ©
O18 - Handler: gopher - {79eac9e4-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS.0\system32\urlmon.dll ©
O18 - Handler: http - {79eac9e2-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS.0\system32\urlmon.dll ©
O18 - Handler: https - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS.0\system32\urlmon.dll ©
O18 - Handler: its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\WINDOWS.0\system32\itss.dll ©
O18 - Handler: javascript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\WINDOWS.0\system32\mshtml.dll ©
O18 - Handler: local - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS.0\system32\urlmon.dll ©
O18 - Handler: mailto - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\WINDOWS.0\system32\mshtml.dll ©
O18 - Handler: mhtml - {05300401-BCBC-11d0-85E3-00C04FD85AB4} . (.Microsoft Corporation - Microsoft Internet Messaging API.) -- C:\WINDOWS.0\system32\inetcomm.dll ©
O18 - Handler: mk - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS.0\system32\urlmon.dll ©
O18 - Handler: ms-help - {314111c7-a502-11d2-bbca-00c04f8ec294} . (.Microsoft Corporation - Microsoft® Help Data Services Module.) -- C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Help\hxds.dll ©
O18 - Handler: ms-its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\WINDOWS.0\system32\itss.dll ©
O18 - Handler: res - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\WINDOWS.0\system32\mshtml.dll ©
O18 - Handler: sysimage - {76E67A63-06E9-11D2-A840-006008059382} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\WINDOWS.0\system32\mshtml.dll ©
O18 - Handler: tv - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} . (.Microsoft Corporation - Controle ActiveX para fluxo de vídeo.) -- C:\WINDOWS.0\system32\msvidctl.dll ©
O18 - Handler: vbscript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\WINDOWS.0\system32\mshtml.dll ©
O18 - Handler: wia - {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} . (.Microsoft Corporation - WIA Scripting Layer.) -- C:\WINDOWS.0\system32\wiascr.dll ©
O18 - Filter: application/octet-stream - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\WINDOWS.0\system32\mscoree.dll ©
O18 - Filter: application/x-complus - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\WINDOWS.0\system32\mscoree.dll ©
O18 - Filter: application/x-msdownload - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\WINDOWS.0\system32\mscoree.dll ©
O18 - Filter: Class Install Handler - {32B533BB-EDAE-11d0-BD5A-00AA00B92AF1} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS.0\system32\urlmon.dll ©
O18 - Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS.0\system32\urlmon.dll ©
O18 - Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS.0\system32\urlmon.dll ©
O18 - Filter: lzdhtml - {8f6b0360-b80d-11d0-a9b3-006097942311} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS.0\system32\urlmon.dll ©
O18 - Filter: text/webviewhtml - {733AC4CB-F1A4-11d0-B951-00A0C90312E1} . (.Microsoft Corporation - DLL comum do Shell do Windows.) -- C:\WINDOWS.0\system32\shell32.dll ©
O18 - Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\OFFICE14\MSOXMLMF.DLL ©

---\\ Serviços NT não Microsoft e não desativados (9) - 2s
O23 - Service: Avast Antivirus (avast! Antivirus) . (.AVAST Software - avast! Service.) - C:\Arquivos de programas\AVAST Software\Avast\AvastSvc.exe ©
O23 - Service: Firebird Guardian - DefaultInstance (FirebirdGuardianDefaultInstance) . (.Firebird Project - Firebird SQL Server.) - C:\Arquivos de programas\Firebird\Firebird_2_5\bin\fbguard.exe ©
O23 - Service: Gbp Service (GbpSv) . (.GAS Tecnologia - G-Buster Browser Defense - Service.) - C:\Arquivos de programas\GbPlugin\gbpsv.exe
O23 - Service: Serviço do Google Update (gupdate) (gupdate) . (.Google Inc. - Google Installer.) - C:\Arquivos de programas\Google\Update\GoogleUpdate.exe ©
O23 - Service: KMService (KMService) . (...) - C:\WINDOWS.0\system32\srvany.exe =>PUP.Optional.Office
O23 - Service: Norton Ghost (Norton Ghost) . (.Symantec Corporation - Service Module.) - C:\Arquivos de programas\Norton Ghost\Agent\VProSvc.exe ©
O23 - Service: (postgresql-8.4-Intelidata) . (.PostgreSQL Global Development Group - pg_ctl - starts/stops/restarts the PostgreS.) - C:\UNICO\pg\bin\pg_ctl.exe
O23 - Service: Warsaw Technology (Warsaw Technology) . (.GAS Tecnologia LTDA - GAS Tecnologia - Core.) - C:\Arquivos de programas\Diebold\Warsaw\core.exe
O23 - Service: VNC Server Version 4 (WinVNC4) . (.RealVNC Ltd. - VNC Server Free Edition for Win32.) - C:\Arquivos de programas\RealVNC\VNC4\winvnc4.exe ©

---\\ Software instalados (27) - 10s
O42 - Logiciel: UNIPAF 4.12.12 - (.Intelidata.) [HKLM] -- 8988-0436-8093-8847
O42 - Logiciel: Adobe Flash Player 18 ActiveX - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player ActiveX ©
O42 - Logiciel: Avast Free Antivirus - (.AVAST Software.) [HKLM] -- avast ©
O42 - Logiciel: CMS - (...) [HKLM] -- CMS
O42 - Logiciel: Firebird 2.5.1.26351 (Win32) - (.Firebird Project.) [HKLM] -- FBDBServer_2_5_is1 ©
O42 - Logiciel: Google Chrome - (.Google Inc..) [HKLM] -- Google Chrome ©
O42 - Logiciel: Windows Internet Explorer 8 - (.Microsoft Corporation.) [HKLM] -- ie8 ©
O42 - Logiciel: Atualização de Segurança para Windows XP (KB946648) - (.Microsoft Corporation.) [HKLM] -- KB946648 ©
O42 - Logiciel: LiveUpdate 3.2 (Symantec Corporation) - (.Symantec Corporation.) [HKLM] -- LiveUpdate ©
O42 - Logiciel: Microsoft Compression Client Pack 1.0 for Windows XP - (.Microsoft Corporation.) [HKLM] -- MSCompPackV1 ©
O42 - Logiciel: NetSurveillance - (...) [HKLM] -- NetSurveillance
O42 - Logiciel: VNC Free Edition 4.1.1 - (.RealVNC Ltd..) [HKLM] -- RealVNC_is1 ©
O42 - Logiciel: Microsoft Kernel-Mode Driver Framework Feature Pack 1.9 - (.Microsoft Corporation.) [HKLM] -- Wdf01009 ©
O42 - Logiciel: Windows Media Format 11 runtime - (...) [HKLM] -- Windows Media Format Runtime
O42 - Logiciel: Windows Media Player 11 - (...) [HKLM] -- Windows Media Player
O42 - Logiciel: WinRAR 4.20 (32-bit) - (.win.rar GmbH.) [HKLM] -- WinRAR archiver ©
O42 - Logiciel: Windows Media Format 11 runtime - (.Microsoft Corporation.) [HKLM] -- WMFDist11 ©
O42 - Logiciel: Windows Media Player 11 - (.Microsoft Corporation.) [HKLM] -- wmp11 ©
O42 - Logiciel: Microsoft User-Mode Driver Framework Feature Pack 1.0 - (.Microsoft Corporation.) [HKLM] -- Wudf01000 ©
O42 - Logiciel: Warsaw 1.8.0.10356 32 bits - (.GAS Tecnologia.) [HKLM] -- {20E60725-16C8-4FB9-8BC2-AF92C5F8D06D}_is1
O42 - Logiciel: Java 8 Update 60 - (.Oracle Corporation.) [HKLM] -- {26A24AE4-039D-4CA4-87B4-2F83218060F0} ©
O42 - Logiciel: HitLeap Viewer 2.8 - (.HitLeap Ltd..) [HKLM] -- {31B12C11-AE4E-479F-8D6D-242DC265368D}
O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM] -- {60EC980A-BDA2-4CB6-A427-B07A5498B4CA} ©
O42 - Logiciel: MSI to redistribute MS VS2005 CRT libraries - (.The Firebird Project.) [HKLM] -- {A8D93648-9F7F-407D-915C-62044644C3DA} ©
O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM] -- {A92DAB39-4E2C-4304-9AB6-BC44E68B55E2} ©
O42 - Logiciel: Adobe Reader XI (11.0.02) - (.Adobe Systems Incorporated.) [HKLM] -- {AC76BA86-7AD7-1033-7B44-AB0000000001} ©
O42 - Logiciel: Norton Ghost - (.Symantec Corporation.) [HKLM] -- {B0255743-165B-4BD5-8DA8-37DFB9930015} ©

---\\ HKCU & HKLM Software Keys (55) - 10s
HKLM\SOFTWARE\Adobe
HKLM\SOFTWARE\AskPartnerNetwork =>Toolbar.AskBar
HKLM\SOFTWARE\AVAST Software
HKLM\SOFTWARE\Bahamut
HKLM\SOFTWARE\C07ft5Y
HKLM\SOFTWARE\Dropbox
HKLM\SOFTWARE\ej-technologies
HKLM\SOFTWARE\EPSON
HKLM\SOFTWARE\Firebird Project
HKLM\SOFTWARE\GEAR Software
HKLM\SOFTWARE\Gemplus
HKLM\SOFTWARE\Google
HKLM\SOFTWARE\JavaSoft
HKLM\SOFTWARE\JreMetrics
HKLM\SOFTWARE\jumpshot.com
HKLM\SOFTWARE\Macromedia
HKLM\SOFTWARE\Mozilla
HKLM\SOFTWARE\MozillaPlugins
HKLM\SOFTWARE\ODBC
HKLM\SOFTWARE\Program Groups
HKLM\SOFTWARE\Realtek
HKLM\SOFTWARE\RealVNC
HKLM\SOFTWARE\RegisteredApplications
HKLM\SOFTWARE\S3
HKLM\SOFTWARE\Schlumberger
HKLM\SOFTWARE\Secure
HKLM\SOFTWARE\Software
HKLM\SOFTWARE\Symantec
HKLM\SOFTWARE\TeamViewer
HKLM\SOFTWARE\Troy software
HKLM\SOFTWARE\Windows 3.1 Migration Status
HKLM\SOFTWARE\WinRAR
HKCU\SOFTWARE\Adobe
HKCU\SOFTWARE\AskPartnerNetwork =>Toolbar.AskBar
HKCU\SOFTWARE\AutoHelpDesk
HKCU\SOFTWARE\Avance
HKCU\SOFTWARE\Avast Software
HKCU\SOFTWARE\ej-technologies
HKCU\SOFTWARE\Epson
HKCU\SOFTWARE\GbPlugin
HKCU\SOFTWARE\Google
HKCU\SOFTWARE\HitLeap
HKCU\SOFTWARE\HK Software
HKCU\SOFTWARE\Intel
HKCU\SOFTWARE\JavaSoft
HKCU\SOFTWARE\Local AppWizard-Generated Applications
HKCU\SOFTWARE\Macromedia
HKCU\SOFTWARE\MozillaPlugins
HKCU\SOFTWARE\Netscape
HKCU\SOFTWARE\ODBC
HKCU\SOFTWARE\S3
HKCU\SOFTWARE\TeamViewer
HKCU\SOFTWARE\WinRAR
HKCU\SOFTWARE\WinRAR SFX
HKCU\SOFTWARE\ZebHelpProcess Helper

---\\ Conteúdo das pastas Programs (107) - 12s
O43 - CFD: 2013/08/08 23:18:05 - [] D -- C:\Arquivos de programas\Adobe
O43 - CFD: 2015/08/25 18:19:30 - [] D -- C:\Arquivos de programas\Arquivos comuns
O43 - CFD: 2015/08/06 09:48:57 - [] D -- C:\Arquivos de programas\AskPartnerNetwork =>Toolbar.AskBar
O43 - CFD: 2013/08/08 23:06:26 - [] D -- C:\Arquivos de programas\AVAST Software
O43 - CFD: 2013/11/14 17:23:08 - [] D -- C:\Arquivos de programas\CMS
O43 - CFD: 2013/08/08 17:52:52 - [0] D -- C:\Arquivos de programas\ComPlus Applications
O43 - CFD: 2015/08/25 18:07:41 - [] D -- C:\Arquivos de programas\Diebold
O43 - CFD: 2014/08/27 13:10:13 - [] D -- C:\Arquivos de programas\Firebird
O43 - CFD: 2015/08/25 18:07:41 - [] HD -- C:\Arquivos de programas\GAS Tecnologia
O43 - CFD: 2015/08/30 10:39:04 - [] AD -- C:\Arquivos de programas\GbPlugin
O43 - CFD: 2015/08/08 18:35:16 - [] D -- C:\Arquivos de programas\Google
O43 - CFD: 2015/08/31 10:17:53 - [] D -- C:\Arquivos de programas\HitLeap
O43 - CFD: 2013/08/20 15:52:58 - [] HD -- C:\Arquivos de programas\InstallShield Installation Information
O43 - CFD: 2013/08/08 19:47:19 - [] D -- C:\Arquivos de programas\Internet Explorer
O43 - CFD: 2015/08/25 18:16:39 - [] D -- C:\Arquivos de programas\Java
O43 - CFD: 2014/11/18 07:49:57 - [] D -- C:\Arquivos de programas\Messenger
O43 - CFD: 2013/08/08 23:08:59 - [] D -- C:\Arquivos de programas\Microsoft Analysis Services
O43 - CFD: 2013/08/08 18:02:05 - [] D -- C:\Arquivos de programas\microsoft frontpage
O43 - CFD: 2013/08/08 23:12:48 - [] D -- C:\Arquivos de programas\Microsoft Office
O43 - CFD: 2013/08/08 23:12:47 - [] D -- C:\Arquivos de programas\Microsoft.NET
O43 - CFD: 2013/08/08 17:55:19 - [] D -- C:\Arquivos de programas\Movie Maker
O43 - CFD: 2013/08/08 17:52:14 - [] D -- C:\Arquivos de programas\MSN Gaming Zone
O43 - CFD: 2013/08/08 17:56:05 - [] D -- C:\Arquivos de programas\NetMeeting
O43 - CFD: 2013/11/14 16:42:30 - [] D -- C:\Arquivos de programas\NetSurveillance
O43 - CFD: 2015/08/08 10:55:15 - [] D -- C:\Arquivos de programas\Norton Ghost
O43 - CFD: 2013/08/08 17:55:54 - [] D -- C:\Arquivos de programas\Outlook Express
O43 - CFD: 2014/08/27 13:09:27 - [] D -- C:\Arquivos de programas\RealVNC
O43 - CFD: 2013/08/08 22:32:52 - [] D -- C:\Arquivos de programas\S3
O43 - CFD: 2013/08/08 17:57:19 - [] D -- C:\Arquivos de programas\Serviços on-line
O43 - CFD: 2015/08/08 10:57:43 - [] D -- C:\Arquivos de programas\Symantec
O43 - CFD: 2013/08/08 19:41:55 - [0] HD -- C:\Arquivos de programas\Uninstall Information
O43 - CFD: 2013/08/08 17:59:19 - [] D -- C:\Arquivos de programas\Windows Media Connect 2
O43 - CFD: 2013/08/08 17:59:42 - [] D -- C:\Arquivos de programas\Windows Media Player
O43 - CFD: 2013/08/08 17:51:54 - [] D -- C:\Arquivos de programas\Windows NT
O43 - CFD: 2013/08/08 17:57:23 - [0] HD -- C:\Arquivos de programas\WindowsUpdate
O43 - CFD: 2013/08/08 23:16:35 - [] D -- C:\Arquivos de programas\WinRAR
O43 - CFD: 2013/08/08 18:02:05 - [] D -- C:\Arquivos de programas\xerox
O43 - CFD: 2013/08/08 17:53:37 - [] RD -- C:\Documents and Settings\All Users\Menu Iniciar\Programas\Acessórios
O43 - CFD: 2013/08/08 17:58:59 - [] RD -- C:\Documents and Settings\All Users\Menu Iniciar\Programas\Ferramentas administrativas
O43 - CFD: 2014/08/27 13:10:19 - [] D -- C:\Documents and Settings\All Users\Menu Iniciar\Programas\Firebird 2.5 (Win32)
O43 - CFD: 2015/08/08 18:35:48 - [] D -- C:\Documents and Settings\All Users\Menu Iniciar\Programas\Google Chrome
O43 - CFD: 2014/08/27 14:13:34 - [] RD -- C:\Documents and Settings\All Users\Menu Iniciar\Programas\Inicializar
O43 - CFD: 2015/08/25 18:20:47 - [] D -- C:\Documents and Settings\All Users\Menu Iniciar\Programas\Java
O43 - CFD: 2013/08/08 17:53:04 - [] RD -- C:\Documents and Settings\All Users\Menu Iniciar\Programas\Jogos
O43 - CFD: 2014/08/27 13:12:38 - [] D -- C:\Documents and Settings\All Users\Menu Iniciar\Programas\Logtec Sistemas
O43 - CFD: 2013/08/08 23:14:16 - [] D -- C:\Documents and Settings\All Users\Menu Iniciar\Programas\Microsoft Office
O43 - CFD: 2015/08/08 10:57:09 - [] D -- C:\Documents and Settings\All Users\Menu Iniciar\Programas\Norton Ghost
O43 - CFD: 2014/08/27 13:09:28 - [] D -- C:\Documents and Settings\All Users\Menu Iniciar\Programas\RealVNC
O43 - CFD: 2014/05/14 18:35:36 - [] D -- C:\Documents and Settings\All Users\Menu Iniciar\Programas\UNICO
O43 - CFD: 2013/08/08 23:16:35 - [] D -- C:\Documents and Settings\All Users\Menu Iniciar\Programas\WinRAR
O43 - CFD: 2013/09/07 18:09:31 - [] D -- C:\Documents and Settings\All Users\Dados de aplicativos\Adobe
O43 - CFD: 2013/08/09 15:56:57 - [] D -- C:\Documents and Settings\All Users\Dados de aplicativos\APN =>Toolbar.Ask
O43 - CFD: 2014/02/05 10:28:02 - [] D -- C:\Documents and Settings\All Users\Dados de aplicativos\AskPartnerNetwork =>Toolbar.YahooPartner
O43 - CFD: 2013/10/21 10:57:14 - [] D -- C:\Documents and Settings\All Users\Dados de aplicativos\AVAST Software
O43 - CFD: 2015/08/31 09:08:47 - [] D -- C:\Documents and Settings\All Users\Dados de aplicativos\firebird
O43 - CFD: 2014/12/19 15:19:24 - [] D -- C:\Documents and Settings\All Users\Dados de aplicativos\GAS Tecnologia
O43 - CFD: 2015/08/28 07:08:56 - [] D -- C:\Documents and Settings\All Users\Dados de aplicativos\GbPlugin
O43 - CFD: 2013/11/14 16:36:03 - [] SD -- C:\Documents and Settings\All Users\Dados de aplicativos\Microsoft
O43 - CFD: 2013/08/08 23:16:22 - [] D -- C:\Documents and Settings\All Users\Dados de aplicativos\Microsoft Help
O43 - CFD: 2015/08/25 18:21:50 - [] D -- C:\Documents and Settings\All Users\Dados de aplicativos\Oracle
O43 - CFD: 2015/03/25 07:39:37 - [] D -- C:\Documents and Settings\All Users\Dados de aplicativos\Package Cache
O43 - CFD: 2013/08/09 15:54:50 - [] D -- C:\Documents and Settings\All Users\Dados de aplicativos\Sun
O43 - CFD: 2015/08/08 11:19:22 - [] D -- C:\Documents and Settings\All Users\Dados de aplicativos\Symantec
O43 - CFD: 2015/08/08 10:54:58 - [] D -- C:\Documents and Settings\All Users\Dados de aplicativos\{1C6FDDD8-FC9E-4C12-9FA5-1AAD377097B3}
O43 - CFD: 2013/08/08 23:19:20 - [] D -- C:\Arquivos de programas\Arquivos comuns\Adobe
O43 - CFD: 2013/08/08 23:13:04 - [] D -- C:\Arquivos de programas\Arquivos comuns\DESIGNER
O43 - CFD: 2013/08/08 21:14:32 - [] D -- C:\Arquivos de programas\Arquivos comuns\InstallShield
O43 - CFD: 2015/08/25 18:19:30 - [] D -- C:\Arquivos de programas\Arquivos comuns\Java
O43 - CFD: 2013/08/08 23:13:54 - [] D -- C:\Arquivos de programas\Arquivos comuns\Microsoft Shared
O43 - CFD: 2013/08/08 17:55:47 - [] D -- C:\Arquivos de programas\Arquivos comuns\MSSoap
O43 - CFD: 2013/08/08 14:44:59 - [] D -- C:\Arquivos de programas\Arquivos comuns\ODBC
O43 - CFD: 2013/08/08 17:56:00 - [] D -- C:\Arquivos de programas\Arquivos comuns\Serviços
O43 - CFD: 2013/08/08 14:44:51 - [] D -- C:\Arquivos de programas\Arquivos comuns\SpeechEngines
O43 - CFD: 2015/08/08 10:57:43 - [] D -- C:\Arquivos de programas\Arquivos comuns\Symantec Shared
O43 - CFD: 2013/08/08 17:54:03 - [] D -- C:\Arquivos de programas\Arquivos comuns\System
O43 - CFD: 2013/08/08 23:24:24 - [] D -- C:\Documents and Settings\USUARIO\Dados de aplicativos\Adobe
O43 - CFD: 2013/10/22 07:06:20 - [] D -- C:\Documents and Settings\USUARIO\Dados de aplicativos\AVAST Software
O43 - CFD: 2013/08/08 19:57:15 - [] D -- C:\Documents and Settings\USUARIO\Dados de aplicativos\Easeware
O43 - CFD: 2014/03/15 14:55:15 - [] D -- C:\Documents and Settings\USUARIO\Dados de aplicativos\Google
O43 - CFD: 2014/08/27 13:17:06 - [] D -- C:\Documents and Settings\USUARIO\Dados de aplicativos\HK-Software
O43 - CFD: 2013/08/08 19:41:58 - [] D -- C:\Documents and Settings\USUARIO\Dados de aplicativos\Identities
O43 - CFD: 2013/08/23 17:52:01 - [] D -- C:\Documents and Settings\USUARIO\Dados de aplicativos\Macromedia
O43 - CFD: 2015/08/31 10:18:07 - [] SD -- C:\Documents and Settings\USUARIO\Dados de aplicativos\Microsoft
O43 - CFD: 2015/08/25 18:14:34 - [] D -- C:\Documents and Settings\USUARIO\Dados de aplicativos\Oracle
O43 - CFD: 2014/08/27 09:49:44 - [] D -- C:\Documents and Settings\USUARIO\Dados de aplicativos\rmi
O43 - CFD: 2013/08/08 23:10:05 - [] D -- C:\Documents and Settings\USUARIO\Dados de aplicativos\Sun
O43 - CFD: 2015/08/28 15:36:22 - [] D -- C:\Documents and Settings\USUARIO\Dados de aplicativos\Symantec
O43 - CFD: 2014/09/04 08:55:21 - [] D -- C:\Documents and Settings\USUARIO\Dados de aplicativos\TeamViewer
O43 - CFD: 2013/08/09 10:32:19 - [] D -- C:\Documents and Settings\USUARIO\Dados de aplicativos\WinRAR
O43 - CFD: 2015/08/31 17:53:19 - [] D -- C:\Documents and Settings\USUARIO\Dados de aplicativos\ZHP
O43 - CFD: 2013/08/08 23:24:24 - [] D -- C:\Documents and Settings\USUARIO\Configurações locais\Dados de aplicativos\Adobe
O43 - CFD: 2014/02/08 14:00:56 - [] D -- C:\Documents and Settings\USUARIO\Configurações locais\Dados de aplicativos\AskPartnerNetwork =>Toolbar.AskBar
O43 - CFD: 2015/08/08 18:33:58 - [0] D -- C:\Documents and Settings\USUARIO\Configurações locais\Dados de aplicativos\Deployment
O43 - CFD: 2015/08/08 18:36:05 - [] D -- C:\Documents and Settings\USUARIO\Configurações locais\Dados de aplicativos\Google
O43 - CFD: 2013/08/21 18:31:07 - [] D -- C:\Documents and Settings\USUARIO\Configurações locais\Dados de aplicativos\Identities
O43 - CFD: 2013/11/26 09:31:40 - [] D -- C:\Documents and Settings\USUARIO\Configurações locais\Dados de aplicativos\Microsoft
O43 - CFD: 2013/08/08 23:08:52 - [0] D -- C:\Documents and Settings\USUARIO\Configurações locais\Dados de aplicativos\Microsoft Help
O43 - CFD: 2013/08/09 15:55:54 - [] D -- C:\Documents and Settings\USUARIO\Configurações locais\Dados de aplicativos\Sun
O43 - CFD: 2015/08/08 11:05:53 - [] D -- C:\Documents and Settings\USUARIO\Configurações locais\Dados de aplicativos\Symantec_Corporation
O43 - CFD: 2014/10/16 09:08:27 - [] D -- C:\Documents and Settings\USUARIO\Configurações locais\Dados de aplicativos\Temp
O43 - CFD: 2013/08/08 19:42:09 - [] RD -- C:\Documents and Settings\USUARIO\Menu Iniciar\Programas\Acessórios
O43 - CFD: 2013/11/14 17:22:53 - [] D -- C:\Documents and Settings\USUARIO\Menu Iniciar\Programas\CMS
O43 - CFD: 2015/08/06 09:54:46 - [] D -- C:\Documents and Settings\USUARIO\Menu Iniciar\Programas\Epson
O43 - CFD: 2014/08/27 15:47:31 - [] RD -- C:\Documents and Settings\USUARIO\Menu Iniciar\Programas\Inicializar
O43 - CFD: 2013/11/14 17:22:29 - [] D -- C:\Documents and Settings\USUARIO\Menu Iniciar\Programas\NetSurveillance
O43 - CFD: 2013/08/09 15:57:14 - [] D -- C:\Documents and Settings\USUARIO\Menu Iniciar\Programas\Webnex
O43 - CFD: 2013/08/08 23:16:35 - [] D -- C:\Documents and Settings\USUARIO\Menu Iniciar\Programas\WinRAR

---\\ Enumeração das chaves StartupReg (3) - 0s
O53 - SMSR:HKLM\...\startupreg\Adobe ARM [Key] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Arquivos de programas\Arquivos comuns\Adobe\ARM\1.0\AdobeARM.exe ©
O53 - SMSR:HKLM\...\startupreg\ApnTBMon [Key] . (...) -- C:\Arquivos de programas\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe (.not file.) =>Toolbar.AskBar
O53 - SMSR:HKLM\...\startupreg\MSMSGS [Key] . (...) -- C:\Arquivos de programas\Messenger\msmsgs.exe (.not file.)

---\\ Lista dos drivers do sistema (45) - 6s
O58 - SDL:2015/08/01 08:57:27 A . (.AVAST Software - avast! HWID.) -- C:\WINDOWS.0\System32\drivers\aswHwid.sys [24016] ©
O58 - SDL:2015/08/01 08:57:27 A . (.AVAST Software - avast! File System Minifilter for Windows 2.) -- C:\WINDOWS.0\System32\drivers\aswMonFlt.sys [76000] ©
O58 - SDL:2015/08/01 08:57:27 A . (.AVAST Software - avast! TDI Redirect Driver.) -- C:\WINDOWS.0\System32\drivers\aswRdr.sys [55200] ©
O58 - SDL:2015/08/01 08:57:27 A . (.AVAST Software - avast! Revert.) -- C:\WINDOWS.0\System32\drivers\aswRvrt.sys [49776] ©
O58 - SDL:2015/08/01 08:57:12 A . (.AVAST Software - avast! Virtualization Driver.) -- C:\WINDOWS.0\System32\drivers\aswSnx.sys [788784] ©
O58 - SDL:2015/08/01 08:57:27 A . (.AVAST Software - avast! self protection module.) -- C:\WINDOWS.0\System32\drivers\aswSP.sys [433264] ©
O58 - SDL:2015/08/01 08:57:27 A . (.AVAST Software - avast! Stream Filter.) -- C:\WINDOWS.0\System32\drivers\aswStmXP.sys [161472] ©
O58 - SDL:2015/08/01 08:57:27 A . (.AVAST Software - avast! TDI Filter Driver.) -- C:\WINDOWS.0\System32\drivers\aswTdi.sys [57888] ©
O58 - SDL:2015/08/01 08:57:27 A . (.AVAST Software - avast! VM Monitor.) -- C:\WINDOWS.0\System32\drivers\aswVmm.sys [208664] ©
O58 - SDL:2009/03/21 21:55:14 A . (.RAVISENT Technologies Inc. - CineMaster C 1.2 WDM Main Driver.) -- C:\WINDOWS.0\System32\drivers\cinemst2.sys [262528] ©
O58 - SDL:2009/03/21 21:55:14 A . (.Compaq Computer Corporation - Compaq PA-1 Player Driver.) -- C:\WINDOWS.0\System32\drivers\cpqdap01.sys [11776] ©
O58 - SDL:2008/04/14 14:30:00 A . (.Microsoft Corp., Veritas Software - NT Disk Manager Startup Driver.) -- C:\WINDOWS.0\System32\drivers\dmboot.sys [800000] ©
O58 - SDL:2008/04/14 14:30:00 A . (.Microsoft Corp., Veritas Software - NT Disk Manager I/O Driver.) -- C:\WINDOWS.0\System32\drivers\dmio.sys [153984] ©
O58 - SDL:2008/04/14 14:30:00 A . (.Microsoft Corp., Veritas Software. - NT Disk Manager Startup Driver.) -- C:\WINDOWS.0\System32\drivers\dmload.sys [5888] ©
O58 - SDL:2001/08/18 00:43:08 A . (.VIA Technologies, Inc. - NDIS 5.0 miniport driver.) -- C:\WINDOWS.0\System32\drivers\fetnd5.sys [27165] ©
O58 - SDL:2015/08/26 14:35:32 A . (.GAS Tecnologia - GbPlugin Device Driver.) -- C:\WINDOWS.0\System32\drivers\gbpkm.sys [49496]
O58 - SDL:2014/12/19 15:22:36 A . (.GAS Tecnologia - GAS Tecnologia - IM Helper Driver.) -- C:\WINDOWS.0\System32\drivers\gbpndisrdn.sys [31448]
O58 - SDL:2009/05/18 14:17:00 A . (.GEAR Software Inc. - CD DVD Filter.) -- C:\WINDOWS.0\System32\drivers\GEARAspiWDM.sys [26600] ©
O58 - SDL:2009/09/21 20:26:10 A . (.Symantec Corporation - Symantec Corporation Generic Mount.) -- C:\WINDOWS.0\System32\drivers\GenericMount.sys [46192] ©
O58 - SDL:2008/04/14 14:30:00 A . (.Windows (R) Server 2003 DDK provider - High Definition Audio Bus Driver v1.0a.) -- C:\WINDOWS.0\System32\drivers\hdaudbus.sys [144384]
O58 - SDL:2009/03/21 21:55:14 A . (.S3/Diamond Multimedia Systems - NikeDrv Usb Driver.) -- C:\WINDOWS.0\System32\drivers\nikedrv.sys [12032] ©
O58 - SDL:2008/04/14 14:30:00 A . (.Parallel Technologies, Inc. - Parallel Technologies DirectParallel IO Lib.) -- C:\WINDOWS.0\System32\drivers\ptilink.sys [17792] ©
O58 - SDL:2009/03/21 21:55:14 A . (.S3/Diamond Multimedia Systems - Rio8Drv.sys Usb Driver.) -- C:\WINDOWS.0\System32\drivers\rio8drv.sys [12032] ©
O58 - SDL:2009/03/21 21:55:14 A . (.S3/Diamond Multimedia Systems - RioDrv Usb Driver.) -- C:\WINDOWS.0\System32\drivers\riodrv.sys [12032] ©
O58 - SDL:2008/04/14 14:30:00 A . (.Macrovision Corporation, Macrovision Europe Limited, - Macrovision SECURITY Driver.) -- C:\WINDOWS.0\System32\drivers\secdrv.sys [20480] ©
O58 - SDL:2009/09/21 20:20:42 A . (.StorageCraft - StorageCraft Volume Snap-Shot.) -- C:\WINDOWS.0\System32\drivers\symsnap.sys [138592] ©
O58 - SDL:2009/03/21 21:55:14 A . (.Toshiba Corporation - WDM Toshiba Tecra Video Capture Driver.) -- C:\WINDOWS.0\System32\drivers\tsbvcap.sys [21376] ©
O58 - SDL:2009/03/21 21:55:14 A . (.RAVISENT Technologies Inc. - CineMaster C WDM DVD Minidriver.) -- C:\WINDOWS.0\System32\drivers\vdmindvd.sys [58112] ©
O58 - SDL:2009/09/21 20:40:14 A . (.Symantec Corporation - VProEventMonitor.Sys - Event Monitoring dri.) -- C:\WINDOWS.0\System32\drivers\vproeventmonitor.sys [15096] ©
O58 - SDL:2009/11/10 12:14:58 A . (.Copyright (C) VIA/S3 Graphics Co, Ltd. - VIA/S3G Miniport Driver.) -- C:\WINDOWS.0\System32\drivers\vtmini.sys [296960]
O58 - SDL:2008/04/14 14:30:00 A . (...) -- C:\WINDOWS.0\System32\ansi.sys [9032]
O58 - SDL:2008/04/14 14:30:00 A . (...) -- C:\WINDOWS.0\System32\country.sys [27097]
O58 - SDL:2008/04/14 14:30:00 A . (...) -- C:\WINDOWS.0\System32\himem.sys [4896]
O58 - SDL:2008/04/14 14:30:00 A . (...) -- C:\WINDOWS.0\System32\key01.sys [42809]
O58 - SDL:2008/04/14 14:30:00 A . (...) -- C:\WINDOWS.0\System32\keyboard.sys [42537]
O58 - SDL:2008/04/14 14:30:00 A . (...) -- C:\WINDOWS.0\System32\ntdos.sys [27900]
O58 - SDL:2008/04/14 14:30:00 A . (...) -- C:\WINDOWS.0\System32\ntdos404.sys [29146]
O58 - SDL:2008/04/14 14:30:00 A . (...) -- C:\WINDOWS.0\System32\ntdos411.sys [29370]
O58 - SDL:2008/04/14 14:30:00 A . (...) -- C:\WINDOWS.0\System32\ntdos412.sys [29274]
O58 - SDL:2008/04/14 14:30:00 A . (...) -- C:\WINDOWS.0\System32\ntdos804.sys [29146]
O58 - SDL:2008/04/14 14:30:00 A . (...) -- C:\WINDOWS.0\System32\ntio.sys [33984]
O58 - SDL:2008/04/14 14:30:00 A . (...) -- C:\WINDOWS.0\System32\ntio404.sys [34560]
O58 - SDL:2008/04/14 14:30:00 A . (...) -- C:\WINDOWS.0\System32\ntio411.sys [35648]
O58 - SDL:2008/04/14 14:30:00 A . (...) -- C:\WINDOWS.0\System32\ntio412.sys [35424]
O58 - SDL:2008/04/14 14:30:00 A . (...) -- C:\WINDOWS.0\System32\ntio804.sys [34560]

---\\ Últimos ficheiros alterados ou criados (Utilizador) (8) - 13s
O61 - LFC: 2015/08/25 18:06:24 A . (.Banco do Brasil SA.) -- C:\Documents and Settings\USUARIO\Meus documentos\Downloads\DiagnosticoBB (7).exe [2612608]
O61 - LFC: 2015/08/31 10:18:07 RA . (..) -- C:\Documents and Settings\USUARIO\Dados de aplicativos\Microsoft\Installer\{31B12C11-AE4E-479F-8D6D-242DC265368D}\favicon.exe [318]
O61 - LFC: 2015/08/31 10:18:07 RA . (..) -- C:\Documents and Settings\USUARIO\Dados de aplicativos\Microsoft\Installer\{31B12C11-AE4E-479F-8D6D-242DC265368D}\HitLeap_Viewer.exe [1470]
O61 - LFC: 2015/08/25 18:03:44 A . (.TODO: .) -- C:\Documents and Settings\USUARIO\Configurações locais\Temp\HYD33F.tmp.1440509615\HTA\3rdparty\OCComSDK.dll [195056]
O61 - LFC: 2015/08/25 18:03:45 A . (.OpenCandy, Inc..) -- C:\Documents and Settings\USUARIO\Configurações locais\Temp\HYD33F.tmp.1440509615\HTA\3rdparty\OCSetupHlp.dll [856048]
O61 - LFC: 2015/08/25 18:03:20 A . (.TODO: .) -- C:\Documents and Settings\USUARIO\Configurações locais\Temp\HYD33D.tmp.1440509590\HTA\3rdparty\OCComSDK.dll [195056]
O61 - LFC: 2015/08/25 18:03:20 A . (.OpenCandy, Inc..) -- C:\Documents and Settings\USUARIO\Configurações locais\Temp\HYD33D.tmp.1440509590\HTA\3rdparty\OCSetupHlp.dll [856048]
O61 - LFC: 2015/08/31 17:18:56 A . (..) -- C:\Documents and Settings\USUARIO\Configurações locais\Dados de aplicativos\Google\Chrome\User Data\ev_hashes_whitelist.bin [1113849]

---\\ Associações Shell Spawning (9) - 0s
O67 - Shell Spawning: <.bat> [HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.cpl> [HKLM\..\cplopen\Command] (.Microsoft Corporation - DLL comum do Shell do Windows.) -- C:\WINDOWS.0\system32\shell32.dll ©
O67 - Shell Spawning: <.cmd> [HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.com> [HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.exe> [HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.html> [HKLM\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Arquivos de programas\Internet Explorer\iexplore.exe ©
O67 - Shell Spawning: <.js> [HKLM\..\open\Command] (.Microsoft Corporation - Microsoft (R) Windows Based Script Host.) -- C:\WINDOWS.0\system32\wscript.exe ©
O67 - Shell Spawning: <.reg> [HKLM\..\open\Command] (.Microsoft Corporation - Editor do Registro.) -- C:\WINDOWS.0\regedit.exe ©
O67 - Shell Spawning: <.scr> [HKLM\..\open\Command] (...) -- "%1" /S

---\\ Menu de inicialização Internet (9) - 0s
O68 - StartMenuInternet: <>[HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Arquivos de programas\Google\Chrome\Application\chrome.exe ©
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Arquivos de programas\Google\Chrome\Application\chrome.exe ©
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Arquivos de programas\Internet Explorer\iexplore.exe ©
O68 - StartMenuInternet: [HKLM\..\InstallInfo\ShowIconsCommand] (.Google Inc. - Google Chrome.) -- C:\Arquivos de programas\Google\Chrome\Application\chrome.exe ©
O68 - StartMenuInternet: [HKLM\..\InstallInfo\ShowIconsCommand] (.Microsoft Corporation - IE Per-User Initialization Utility.) -- C:\WINDOWS.0\system32\ie4uinit.exe ©
O68 - StartMenuInternet: [HKLM\..\InstallInfo\ReinstallCommand] (.Google Inc. - Google Chrome.) -- C:\Arquivos de programas\Google\Chrome\Application\chrome.exe ©
O68 - StartMenuInternet: [HKLM\..\InstallInfo\ReinstallCommand] (.Microsoft Corporation - IE Per-User Initialization Utility.) -- C:\WINDOWS.0\system32\ie4uinit.exe ©
O68 - StartMenuInternet: [HKLM\..\InstallInfo\HideIconsCommand] (.Google Inc. - Google Chrome.) -- C:\Arquivos de programas\Google\Chrome\Application\chrome.exe ©
O68 - StartMenuInternet: [HKLM\..\InstallInfo\HideIconsCommand] (.Microsoft Corporation - IE Per-User Initialization Utility.) -- C:\WINDOWS.0\system32\ie4uinit.exe ©

---\\ Pesquisa de infeção nos navegadores da Internet (3) - 1s
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} [DefaultScope] - (Bing) - http://www.bing.com/
O69 - SBI: SearchScopes [HKCU] {1866726C-D34A-4058-9238-218DFFB25C78} - (Google) - http://www.google.com/
O69 - SBI: SearchScopes [HKCU] {CEDCA291-9081-4ADB-9477-BB2D2339EA71} - (Ask Search) - http://www.search.ask.com/ =>Toolbar.Ask

---\\ Listagem dos serviços iniciados pelo Svchost (40) - 2s
O83 - Search Svchost Services: AppMgmt (AppMgmt) . (.Microsoft Corporation - Serviço de instalação do software.) -- C:\WINDOWS.0\system32\appmgmts.dll [172032] ©
O83 - Search Svchost Services: AudioSrv (AudioSrv) . (.Microsoft Corporation - Windows Audio Service.) -- C:\WINDOWS.0\system32\audiosrv.dll [42496] ©
O83 - Search Svchost Services: Browser (Browser) . (.Microsoft Corporation - Computer Browser Service DLL.) -- C:\WINDOWS.0\system32\browser.dll [77824] ©
O83 - Search Svchost Services: CryptSvc (CryptSvc) . (.Microsoft Corporation - Cryptographic Services.) -- C:\WINDOWS.0\system32\cryptsvc.dll [62464] ©
O83 - Search Svchost Services: DMServer (DMServer) . (.Microsoft Corp. - Dll do serviço do Gerenciador de discos lóg.) -- C:\WINDOWS.0\system32\dmserver.dll [23552] ©
O83 - Search Svchost Services: DHCP (DHCP) . (.Microsoft Corporation - Serviço do Cliente DHCP.) -- C:\WINDOWS.0\system32\dhcpcsvc.dll [126976] ©
O83 - Search Svchost Services: ERSvc (ERSvc) . (.Microsoft Corporation - Windows Error Reporting Service.) -- C:\WINDOWS.0\system32\ersvc.dll [23040] ©
O83 - Search Svchost Services: EventSystem (EventSystem) . (.Microsoft Corporation - .) -- C:\WINDOWS.0\system32\es.dll [253952] ©
O83 - Search Svchost Services: FastUserSwitchingCompatibility (FastUserSwitchingCompatibility) . (.Microsoft Corporation - DLL de serviços do Shell do Windows.) -- C:\WINDOWS.0\system32\shsvcs.dll [135168] ©
O83 - Search Svchost Services: HidServ (HidServ) . (.Microsoft Corporation - HID Audio Service.) -- C:\WINDOWS.0\system32\hidserv.dll [21504] ©
O83 - Search Svchost Services: LanmanServer (LanmanServer) . (.Microsoft Corporation - Server Service DLL.) -- C:\WINDOWS.0\system32\srvsvc.dll [96768] ©
O83 - Search Svchost Services: LanmanWorkstation (LanmanWorkstation) . (.Microsoft Corporation - Workstation Service DLL.) -- C:\WINDOWS.0\system32\wkssvc.dll [132096] ©
O83 - Search Svchost Services: Messenger (Messenger) . (.Microsoft Corporation - NT Messenger Service.) -- C:\WINDOWS.0\system32\msgsvc.dll [33792] ©
O83 - Search Svchost Services: Netman (Netman) . (.Microsoft Corporation - Gerenciador de conexões de rede.) -- C:\WINDOWS.0\system32\netman.dll [198144] ©
O83 - Search Svchost Services: Nla (Nla) . (.Microsoft Corporation - Fornecedor de serviços do Microsoft Windows.) -- C:\WINDOWS.0\system32\mswsock.dll [247808] ©
O83 - Search Svchost Services: Ntmssvc (Ntmssvc) . (.Microsoft Corporation - Gerenciador de armazenamento removível.) -- C:\WINDOWS.0\system32\ntmssvc.dll [437248] ©
O83 - Search Svchost Services: Rasauto (Rasauto) . (.Microsoft Corporation - Remote Access AutoDial Manager.) -- C:\WINDOWS.0\system32\rasauto.dll [88576] ©
O83 - Search Svchost Services: Rasman (Rasman) . (.Microsoft Corporation - Remote Access Connection Manager.) -- C:\WINDOWS.0\system32\rasmans.dll [186368] ©
O83 - Search Svchost Services: Remoteaccess (Remoteaccess) . (.Microsoft Corporation - Dynamic Interface Manager.) -- C:\WINDOWS.0\system32\mprdim.dll [53248] ©
O83 - Search Svchost Services: Schedule (Schedule) . (.Microsoft Corporation - Mecanismo do 'Agendador de tarefas'.) -- C:\WINDOWS.0\system32\schedsvc.dll [193536] ©
O83 - Search Svchost Services: Seclogon (Seclogon) . (.Microsoft Corporation - DLL de serviço de logon secundário.) -- C:\WINDOWS.0\system32\seclogon.dll [18944] ©
O83 - Search Svchost Services: SENS (SENS) . (.Microsoft Corporation - System Event Notification Service (SENS).) -- C:\WINDOWS.0\system32\sens.dll [39424] ©
O83 - Search Svchost Services: Sharedaccess (Sharedaccess) . (.Microsoft Corporation - Componentes do Microsoft NAT Helper.) -- C:\WINDOWS.0\system32\ipnathlp.dll [331264] ©
O83 - Search Svchost Services: SRService (SRService) . (.Microsoft Corporation - Serviço de restauração do sistema.) -- C:\WINDOWS.0\system32\srsvc.dll [171520] ©
O83 - Search Svchost Services: Tapisrv (Tapisrv) . (.Microsoft Corporation - Servidor de telefonia do Microsoft(R) Windo.) -- C:\WINDOWS.0\system32\tapisrv.dll [249856] ©
O83 - Search Svchost Services: Themes (Themes) . (.Microsoft Corporation - DLL de serviços do Shell do Windows.) -- C:\WINDOWS.0\system32\shsvcs.dll [135168] ©
O83 - Search Svchost Services: TrkWks (TrkWks) . (.Microsoft Corporation - Distributed Link Tracking Client.) -- C:\WINDOWS.0\system32\trkwks.dll [90112] ©
O83 - Search Svchost Services: W32Time (W32Time) . (.Microsoft Corporation - Windows Time Service.) -- C:\WINDOWS.0\system32\w32time.dll [176128] ©
O83 - Search Svchost Services: WZCSVC (WZCSVC) . (.Microsoft Corporation - Serviço de configuração zero sem fio.) -- C:\WINDOWS.0\system32\wzcsvc.dll [483840] ©
O83 - Search Svchost Services: Wmi (Wmi) . (.Microsoft Corporation - API de base do Windows 32 avançada.) -- C:\WINDOWS.0\system32\advapi32.dll [683520] ©
O83 - Search Svchost Services: winmgmt (winmgmt) . (.Microsoft Corporation - WMI.) -- C:\WINDOWS.0\system32\wbem\wmisvc.dll [145408] ©
O83 - Search Svchost Services: wscsvc (wscsvc) . (.Microsoft Corporation - Windows Security Center Service.) -- C:\WINDOWS.0\system32\wscsvc.dll [80896] ©
O83 - Search Svchost Services: xmlprov (xmlprov) . (.Microsoft Corporation - Network Provisioning Service.) -- C:\WINDOWS.0\system32\xmlprov.dll [129024] ©
O83 - Search Svchost Services: napagent (napagent) . (.Microsoft Corporation - Tempo de Execução de Serviço de Agente de Q.) -- C:\WINDOWS.0\system32\qagentrt.dll [292864] ©
O83 - Search Svchost Services: hkmsvc (hkmsvc) . (.Microsoft Corporation - Serviço de Gerenciamento de Chaves.) -- C:\WINDOWS.0\system32\kmsvc.dll [61440] ©
O83 - Search Svchost Services: BITS (BITS) . (.Microsoft Corporation - Serviço de transferência inteligente de pla.) -- C:\WINDOWS.0\system32\qmgr.dll [409088] ©
O83 - Search Svchost Services: wuauserv (wuauserv) . (.Microsoft Corporation - Windows Update AutoUpdate Service.) -- C:\WINDOWS.0\system32\wuauserv.dll [6656] ©
O83 - Search Svchost Services: ShellHWDetection (ShellHWDetection) . (.Microsoft Corporation - DLL de serviços do Shell do Windows.) -- C:\WINDOWS.0\system32\shsvcs.dll [135168] ©
O83 - Search Svchost Services: helpsvc (helpsvc) . (.Microsoft Corporation - Microsoft PCHealth Service Holder.) -- C:\WINDOWS.0\pchealth\helpctr\binaries\pchsvc.dll [38400] ©
O83 - Search Svchost Services: WmdmPmSN (WmdmPmSN) . (.Microsoft Corporation - Microsoft Media Device Service Provider.) -- C:\WINDOWS.0\system32\mspmsnsv.dll [27136] ©

---\\ Listagem dos códigos dos software (1) - 1s
O90 - PUC: "D2A425F473650034677A7A857BC0F010" . (.Ask Toolbar.) -- C:\WINDOWS.0\Installer\{4F524A2D-5637-4300-76A7-A758B70C0F01}\ToolbarIcon.exe =>Toolbar.AsktBar

---\\ Serviços não Microsoft (SR=Executados, SS=Parados) (16) - 31s

SS - Demand [2015/08/12 11:54:03] [ 269000] Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\WINDOWS.0\system32\Macromed\Flash\FlashPlayerUpdateService.exe ©
SR - Auto [2015/08/01 08:57:20] [ 146600] Avast Antivirus (avast! Antivirus) . (.AVAST Software.) - C:\Arquivos de programas\AVAST Software\Avast\AvastSvc.exe ©
SR - Auto [2011/10/03 08:30:32] [ 98304] Firebird Guardian - DefaultInstance (FirebirdGuardianDefaultInstance) . (.Firebird Project.) - C:\Arquivos de programas\Firebird\Firebird_2_5\bin\fbguard.exe ©
SR - Demand [2011/10/03 08:30:20] [ 3764224] Firebird Server - DefaultInstance (FirebirdServerDefaultInstance) . (.Firebird Project.) - C:\Arquivos de programas\Firebird\Firebird_2_5\bin\fbserver.exe ©
SR - Auto [2015/08/12 18:25:54] [ 587576] Gbp Service (GbpSv) . (.GAS Tecnologia.) - C:\Arquivos de programas\GbPlugin\gbpsv.exe
SS - Demand [2009/09/21 20:25:34] [ 1571336] GenericMount Helper Service (GenericMount Helper Service) . (.Symantec.) - C:\Arquivos de programas\Norton Ghost\Shared\Drivers\GenericMountHelper.exe ©
SS - Auto [2015/08/08 18:34:07] [ 144200] Serviço do Google Update (gupdate) (gupdate) . (.Google Inc..) - C:\Arquivos de programas\Google\Update\GoogleUpdate.exe ©
SS - Demand [2015/08/08 18:34:07] [ 144200] Serviço do Google Update (gupdatem) (gupdatem) . (.Google Inc..) - C:\Arquivos de programas\Google\Update\GoogleUpdate.exe ©
SS - Auto [2013/08/08 23:09:12] [ 8192] KMService (KMService) . (...) - C:\WINDOWS.0\system32\srvany.exe =>PUP.Optional.Office
SS - Demand [2007/09/12 18:27:24] [ 2999664] LiveUpdate (LiveUpdate) . (.Symantec Corporation.) - C:\Arquivos de programas\Symantec\LiveUpdate\LuComServer_3_2.EXE ©
SR - Auto [2009/10/01 21:32:04] [ 4584288] Norton Ghost (Norton Ghost) . (.Symantec Corporation.) - C:\Arquivos de programas\Norton Ghost\Agent\VProSvc.exe ©
SR - Auto [2012/08/16 07:25:48] [ 66048] (postgresql-8.4-Intelidata) . (.PostgreSQL Global Development Group.) - C:\UNICO\pg\bin\pg_ctl.exe
SR - Demand [2009/09/21 20:19:20] [ 1964528] SymSnapService (SymSnapService) . (.Symantec.) - C:\Arquivos de programas\Norton Ghost\Shared\Drivers\SymSnapService.exe ©
SR - Auto [2015/06/19 15:43:34] [ 509752] Warsaw Technology (Warsaw Technology) . (.GAS Tecnologia LTDA.) - C:\Arquivos de programas\Diebold\Warsaw\core.exe
SS - Auto [2005/03/11 14:40:26] [ 455632] VNC Server Version 4 (WinVNC4) . (.RealVNC Ltd..) - C:\Arquivos de programas\RealVNC\VNC4\winvnc4.exe ©

---\\ Scâner Aditional (12) - 0s
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4F524A2D-5637-4300-76A7-7A786E7484D7} =>Toolbar.AsktBar
HKLM\SYSTEM\CurrentControlSet\Services\KMService =>PUP.Optional.Office
C:\WINDOWS.0\system32\srvany.exe =>PUP.Optional.Office
HKLM\SOFTWARE\AskPartnerNetwork =>Toolbar.AskBar
HKCU\SOFTWARE\AskPartnerNetwork =>Toolbar.AskBar
C:\Arquivos de programas\AskPartnerNetwork =>Toolbar.AskBar
C:\Documents and Settings\All Users\Dados de aplicativos\APN =>Toolbar.Ask
C:\Documents and Settings\All Users\Dados de aplicativos\AskPartnerNetwork =>Toolbar.YahooPartner
C:\Documents and Settings\USUARIO\Configurações locais\Dados de aplicativos\AskPartnerNetwork =>Toolbar.AskBar
C:\WINDOWS.0\Installer\{4F524A2D-5637-4300-76A7-A758B70C0F01}\ToolbarIcon.exe =>Toolbar.AsktBar
HKLM\Software\Classes\Installer\Products\D2A425F473650034677A7A857BC0F010 =>Toolbar.AsktBar
HKLM\Software\Classes\Installer\Features\D2A425F473650034677A7A857BC0F010 =>Toolbar.AsktBar

---\\ Resumo dos elementos encontrados na sua estação de trabalho (5) - 0s
http://www.nicolascoolman.fr/blog =>Toolbar.AsktBar
http://www.nicolascoolman.fr/hijacker-office/ =>PUP.Optional.Office
http://www.nicolascoolman.fr/blog =>Toolbar.AskBar
http://www.nicolascoolman.fr/toolbar-ask/ =>Toolbar.Ask
http://www.nicolascoolman.fr/blog =>Toolbar.YahooPartner

~ End of the scan, 13198 items in 122 seconds (545)(0)()

Publicité


Signaler le contenu de ce document

Publicité