Publicité
Publicité
Format du document : text/plain
Prévisualisation
~ ZHPDiag v2015.10.10.148 Por Nicolas Coolman (2015/10/10)
~ iniciado por Ricardo (Administrator) (2015/10/11 10:54:46)
~ Site: http://www.nicolascoolman.fr
~ Facebook: https://www.facebook.com/nicolascoolman1
~ Status da versão: Version OK
~ Modo: Scanner
~ Relatório: C:\Users\Ricardo\Desktop\ZHPDiag.txt
~ Relatório: C:\Users\Ricardo\AppData\Roaming\ZHP\ZHPDiag.txt
~ UAC: Activate
~ Inicialização do sistema: Normal (Normal boot)
Windows 10 Home, 64-bit (Build 10240)
---\\ Navegadores Internet (1) - 0s
MSIE: Internet Explorer v11.0.10240.16431
---\\ Informações sobre os produtos Windows (3) - 4s
~ Windows Server License Manager Script : OK
~ Licence Script File Génération : OK
Windows Automatic Updates : OK
---\\ Softwares de proteçao do sistema (2) - 15s
Kaspersky Total Security v15.0.2.396
Windows Defender (Deactivate)
---\\ Informações sobre o sistema (6) - 0s
~ Operating System: Intel64 Family 6 Model 23 Stepping 10, GenuineIntel
~ Operating System: 64-bit
~ Boot mode: Normal (Normal boot)
Total RAM: 4029.456 MB (45% free)
~ System Restore: Activé (Enable)
~ System drive C: has 79 GB free of 149 GB
---\\ Modo de conexão ao sistema (3) - 0s
~ Computer Name: RICARDO-NOTE
~ User Name: Ricardo
~ Logged in as Administrator
---\\ Enumeração das unidades dos discos (2) - 0s
~ Drive C: has 79 GB free of 149 GB (System)
~ Drive D: has 60 GB free of 155 GB
---\\ Estado do Centro de Segurança do Windows (7) - 0s
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
[HKLM\SYSTEM\CurrentControlSet\Services\COMSysApp] Type: OK
---\\ Pesquisa particular de ficheiros genéricos (24) - 3s
[MD5.F1CBCB7FA6F3B309639AA2D4EF74469C] - (.Microsoft Corporation - Windows Explorer.) () -- C:\WINDOWS\Explorer.exe [4532304] ©
[MD5.5DED2A3F11AE916C8F2724947E736261] - (.Microsoft Corporation - Processo de host do Windows (Rundll32).) () -- C:\WINDOWS\System32\rundll32.exe [59392] ©
[MD5.7718A2A9B2BFB2C8E2BAEB03310CA3FD] - (.Microsoft Corporation - Aplicativo de Inicialização do Windows.) () -- C:\WINDOWS\System32\Wininit.exe [290312] ©
[MD5.FE32B8423711B4B4378C0BA3C3560ED4] - (.Microsoft Corporation - Internet Extensions para Win32.) () -- C:\WINDOWS\System32\wininet.dll [2741760] ©
[MD5.84B1FE2E4615A89293F1FD4DE52EE26E] - (.Microsoft Corporation - Aplicativo de Logon do Windows.) () -- C:\WINDOWS\System32\Winlogon.exe [578560] ©
[MD5.ECB1943967424DFB96E03F6A098434EF] - (.Microsoft Corporation - Biblioteca de Licenciamento de Software.) () -- C:\WINDOWS\System32\sppcomapi.dll [430592] ©
[MD5.C287D0E32771E3222A444DC527A29477] - (.Microsoft Corporation - DLL da API de cliente DNS.) () -- C:\WINDOWS\System32\dnsapi.dll [680256] ©
[MD5.BB5BBD0E4D04047585E4ED0F07AA51E7] - (.Microsoft Corporation - DLL da API de cliente DNS.) () -- C:\WINDOWS\Syswow64\dnsapi.dll [534064] ©
[MD5.6C12C7E01A4F64E0AA9C88AF66955CC9] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) () -- C:\WINDOWS\System32\drivers\AFD.sys [577888] ©
[MD5.8921DF6060DB5C7700AA48CB12E9EA08] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) () -- C:\WINDOWS\System32\drivers\atapi.sys [28512] ©
[MD5.F2829DC6D292DCAC5029893BB2E9FEE3] - (.Microsoft Corporation - CD-ROM File System Driver.) () -- C:\WINDOWS\System32\drivers\Cdfs.sys [92672] ©
[MD5.CA160E02F35A61C6F5C681FB4669C519] - (.Microsoft Corporation - SCSI CD-ROM Driver.) () -- C:\WINDOWS\System32\drivers\Cdrom.sys [174080] ©
[MD5.25435407D97419627F4B10653433BF2B] - (.Microsoft Corporation - DFS Namespace Client Driver.) () -- C:\WINDOWS\System32\drivers\DfsC.sys [138240] ©
[MD5.C277A49F8A8295840DEBC9240B75A282] - (.Microsoft Corporation - High Definition Audio Bus Driver.) () -- C:\WINDOWS\System32\drivers\HDAudBus.sys [80896] ©
[MD5.D4CDEE4A62BDFFF6E8558A9552148EA7] - (.Microsoft Corporation - Driver de porta i8042.) () -- C:\WINDOWS\System32\drivers\i8042prt.sys [114688] ©
[MD5.5D3744E6FDEC1A6FB3FA9B1DD4AF0694] - (.Microsoft Corporation - IP Network Address Translator.) () -- C:\WINDOWS\System32\drivers\IpNat.sys [143360] ©
[MD5.1DF2C5FD2710A13B07E663A12F0E0EEA] - (.Microsoft Corporation - Minirdr SMB do Windows NT.) () -- C:\WINDOWS\System32\drivers\MRxSmb.sys [415232] ©
[MD5.F0D791348AD254360CC3C3E501CCB745] - (.Microsoft Corporation - MBT Transport driver.) () -- C:\WINDOWS\System32\drivers\netBT.sys [273408] ©
[MD5.466EC5659C02ED53DBD47DC1BC2B8086] - (.Microsoft Corporation - Driver do Sistema de Arquivos NT.) () -- C:\WINDOWS\System32\drivers\ntfs.sys [2116448] ©
[MD5.38F1AE32339731F6E5A7281AE8042545] - (.Microsoft Corporation - Driver de porta paralela.) () -- C:\WINDOWS\System32\drivers\Parport.sys [96768] ©
[MD5.CA60F6C03611AF1710BC903ED9F566FB] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) () -- C:\WINDOWS\System32\drivers\Rasl2tp.sys [104960] ©
[MD5.A32AED8C644734B283A7C9D08D76064D] - (.Microsoft Corporation - Redirecionador do Dispositivo RDP da Micros.) () -- C:\WINDOWS\System32\drivers\rdpdr.sys [176128] ©
[MD5.28E1E63A1AC65E17B3194238FA2CF3BF] - (.Microsoft Corporation - TDI Translation Driver.) () -- C:\WINDOWS\System32\drivers\tdx.sys [116576] ©
[MD5.823A237D871CD652C6BFD47BECB6810A] - (.Microsoft Corporation - Driver de cópia de sombra de volume.) () -- C:\WINDOWS\System32\drivers\volsnap.sys [378720] ©
---\\ Processos lançados (10) - 1s
[MD5.9C7C876ACB9B707ECD08BD434C46A4D3] - (.Kaspersky Lab ZAO - Kaspersky Anti-Virus.) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.2\avp.exe [194000] [PID.1952] ©
[MD5.70AF0E844C9A684236B96E582D2B2E61] - (.Kaspersky Lab ZAO - Kaspersky Anti-Virus.) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.2\avpui.exe [192768] [PID.3260] ©
[MD5.50075B1F5918C8F5E08A55E7658CCF09] - (.Alps Electric Co., Ltd. - Alps Pointing-device Driver.) -- C:\Program Files\Apoint\Apoint.exe [208384] [PID.2296] ©
[MD5.1AF9CB7C8158D38A6CC8D6834C2043E0] - (.Alps Electric Co., Ltd. - ApMsgFwd.) -- C:\Program Files\Apoint\ApMsgFwd.exe [66856] [PID.9104] ©
[MD5.9D9B61AF3DBDC1490CBC508C8380510B] - (.Alps Electric Co., Ltd. - Alps Pointing-device Driver for Windows NT/.) -- C:\Program Files\Apoint\ApntEx.exe [23552] [PID.6712] ©
[MD5.C2AA8CA8DD71C7311D0A2B5BEE661A3A] - (.ALPS - APVFB.) -- C:\Program Files\Apoint\Apvfb.exe [148992] [PID.3008] ©
[MD5.77C01F1850E55373280A1B865D824F58] - (.© 2015 Microsoft Corporation - Microsoft Bing Service.) -- C:\Users\Ricardo\AppData\Local\Microsoft\BingSvc\BingSvc.exe [144008] [PID.2220] ©
[MD5.C0FB6E2E3601EB3B92A1B1ABA790C8E5] - (.Copyright Microsoft Corporation - Microsoft Photos.) -- C:\Program Files\WindowsApps\Microsoft.Windows.Photos_15.1001.16470.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe [12288] [PID.1228] ©
[MD5.AEEEBFC8B3B0A46EDB4D887EAA25FC26] - (...) -- C:\Program Files\WindowsApps\Microsoft.XboxApp_9.9.28033.0_x64__8wekyb3d8bbwe\XboxApp.exe [12800] [PID.7832]
[MD5.1D45319619579DDA7DE8DE9BB1E3079E] - (.Nicolas Coolman - ZHPDiag.) -- C:\Users\Ricardo\Downloads\ZHPDiag3.exe [1943040] [PID.7724] ©
---\\ Mozilla Firefox, Plugins,Arranque,Pesquisa,Extensões (3) - 0s
P2 - FPN: [HKLM] [@kaspersky.com/content_blocker_663BE84DBCC949E88C7600F63CA7F098] - (.kaspersky.com.) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.2\FFExt\content_blocker@kaspersky.com ©
P2 - FPN: [HKLM] [@kaspersky.com/online_banking_08806E753BE44495B44E90AA2513BDC5] - (.kaspersky.com.) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.2\FFExt\online_banking@kaspersky.com ©
P2 - FPN: [HKLM] [@kaspersky.com/virtual_keyboard_07402848C2F6470194F131B0F3DE025E] - (.kaspersky.com.) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.2\FFExt\virtual_keyboard@kaspersky.com ©
---\\ Internet Explorer, Arranque, Pesquisa, Phishing (17) - 0s
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/
R0 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R3 - URLSearchHook: (no name) - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} Orphean =>.Microsoft Internet Explorer
R4 - HKLM\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,EnabledV9 = 1
R4 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\PhishingFilter,EnabledV9 = 1
---\\ Internet Explorer, Gestão do Proxy (4) - 0s
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
---\\ Análise das linhas, Carregamento Automático de programas (3) - 0s
F2 - REG:system.ini: UserInit=
F2 - REG:system.ini: Shell=C:\WINDOWS\explorer.exe (.Microsoft Corporation.) ©
F2 - REG:system.ini: VMApplet=
---\\ Redireção do ficheiro Hosts (1) - 0s
~ Le fichier hôte est sain (The hosts file is clean) (15520)
---\\ Browser Helper Objects do navegador (6) - 1s
O2 - BHO: Skype for Business Click to Call BHO [64Bits] - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} . (.Microsoft Corporation - Skype for Business.) -- C:\Program Files\Microsoft Office 15\root\office15\ochelper.dll ©
O2 - BHO: VirtualKeyboardBrowserHelperObject [64Bits] - {4A66AD60-A03D-4D01-86F0-5F0F7C0EF1AD} . (.Kaspersky Lab ZAO - Cumulative module contains VK, CB and OB pl.) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.2\IEExt\ie_plugin.dll ©
O2 - BHO: ContentBlockerBrowserHelperObject [64Bits] - {93BC2EA7-2F17-4729-948A-D2E03FFB2412} . (.Kaspersky Lab ZAO - Cumulative module contains VK, CB and OB pl.) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.2\IEExt\ie_plugin.dll ©
O2 - BHO: Safe Money Plugin [64Bits] - {AB379017-4C03-4E00-8EDF-E6D6AF7CCF82} . (.Kaspersky Lab ZAO - Cumulative module contains VK, CB and OB pl.) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.2\IEExt\ie_plugin.dll ©
O2 - BHO: SkypeIEPluginBHO [64Bits] - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} . (.Microsoft Corporation - Skype Click to Call IE Add-on.) -- C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll ©
O2 - BHO: Microsoft SkyDrive Pro Browser Helper [64Bits] - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} . (.Microsoft Corporation - Microsoft OneDrive for Business Extensions.) -- C:\Program Files\Microsoft Office 15\root\office15\grooveex.dll ©
---\\ Aplicações iniciadas por registo & pastas (18) - 1s
O4 - HKLM\..\Run: [Apoint] C:\Program Files (x86)\Apoint\Apoint.exe (.not file.)
O4 - HKLM\..\Run: [IAAnotif] . (.Intel Corporation - Event Monitor User Notification Tool.) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe ©
O4 - HKLM\..\Run: [RtHDVCpl] . (.Realtek Semiconductor - Gerenciador de áudio HD Realtek.) -- C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe ©
O4 - HKLM\..\Run: [Skytel] C:\Program Files\Realtek\Audio\HDA\Skytel.exe (.not file.)
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe (.not file.)
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe (.not file.)
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe (.not file.)
O4 - HKCU\..\Run: [OneDrive] . (.Microsoft Corporation - Microsoft OneDrive.) -- C:\Users\Ricardo\AppData\Local\Microsoft\OneDrive\OneDrive.exe ©
O4 - HKCU\..\Run: [BingSvc] . (.© 2015 Microsoft Corporation - Microsoft Bing Service.) -- C:\Users\Ricardo\AppData\Local\Microsoft\BingSvc\BingSvc.exe ©
O4 - HKCU\..\RunOnce: [Uninstall C:\Users\Ricardo\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64] . (.Microsoft Corporation - Processador de comandos do Windows.) -- C:\Windows\System32\cmd.exe ©
O4 - HKLM\..\Wow6432Node\Run: [SmartWiHelper] . (.Sony Electronics Corporation - SmartWi Helper.) -- C:\Program Files (x86)\Sony\SmartWi Connection Utility\SmartWiHelper.exe
O4 - HKUS\.DEFAULT\..\Run: [SpybotPostWindows10UpgradeReInstall] . (.Safer-Networking Ltd. - Makes sure Spybot 2 is there on Windows 10..) -- C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe ©
O4 - HKUS\S-1-5-18\..\Run: [SpybotPostWindows10UpgradeReInstall] . (.Safer-Networking Ltd. - Makes sure Spybot 2 is there on Windows 10..) -- C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe ©
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] . (.Microsoft Corporation - Microsoft OneDrive Setup.) -- C:\Windows\SysWOW64\OneDriveSetup.exe ©
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] . (.Microsoft Corporation - Microsoft OneDrive Setup.) -- C:\Windows\SysWOW64\OneDriveSetup.exe ©
O4 - HKUS\S-1-5-21-1374575058-863926361-3928563230-1000\..\Run: [OneDrive] . (.Microsoft Corporation - Microsoft OneDrive.) -- C:\Users\Ricardo\AppData\Local\Microsoft\OneDrive\OneDrive.exe ©
O4 - HKUS\S-1-5-21-1374575058-863926361-3928563230-1000\..\Run: [BingSvc] . (.© 2015 Microsoft Corporation - Microsoft Bing Service.) -- C:\Users\Ricardo\AppData\Local\Microsoft\BingSvc\BingSvc.exe ©
O4 - HKUS\S-1-5-21-1374575058-863926361-3928563230-1000\..\RunOnce: [Uninstall C:\Users\Ricardo\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64] . (.Microsoft Corporation - Processador de comandos do Windows.) -- C:\Windows\System32\cmd.exe ©
---\\ Alteração Dominio/Clientes DNS (2) - 0s
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 201.55.232.81 201.55.232.76
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: DhcpNameServer = 201.55.232.81 201.55.232.76
---\\ Protocolo adicional (23) - 1s
O18 - Handler: about [64Bits] - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visualizador de HTML da Microsoft (R).) -- C:\Windows\SysWOW64\mshtml.dll ©
O18 - Handler: cdl [64Bits] - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} . (.Microsoft Corporation - Extensões OLE32 para Win32.) -- C:\Windows\SysWOW64\urlmon.dll ©
O18 - Handler: dvd [64Bits] - {12D51199-0DB5-46FE-A120-47A3D7D937CC} . (.Microsoft Corporation - Controle ActiveX para streaming de vídeo.) -- C:\Windows\SysWOW64\MSVidCtl.dll ©
O18 - Handler: file [64Bits] - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensões OLE32 para Win32.) -- C:\Windows\SysWOW64\urlmon.dll ©
O18 - Handler: ftp [64Bits] - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensões OLE32 para Win32.) -- C:\Windows\SysWOW64\urlmon.dll ©
O18 - Handler: http [64Bits] - {79eac9e2-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensões OLE32 para Win32.) -- C:\Windows\SysWOW64\urlmon.dll ©
O18 - Handler: https [64Bits] - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensões OLE32 para Win32.) -- C:\Windows\SysWOW64\urlmon.dll ©
O18 - Handler: its [64Bits] - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\SysWOW64\itss.dll ©
O18 - Handler: javascript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visualizador de HTML da Microsoft (R).) -- C:\Windows\SysWOW64\mshtml.dll ©
O18 - Handler: local [64Bits] - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensões OLE32 para Win32.) -- C:\Windows\SysWOW64\urlmon.dll ©
O18 - Handler: mailto [64Bits] - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visualizador de HTML da Microsoft (R).) -- C:\Windows\SysWOW64\mshtml.dll ©
O18 - Handler: mhtml [64Bits] - {05300401-BCBC-11d0-85E3-00C04FD85AB4} . (.Microsoft Corporation - Microsoft Internet Messaging API Resources.) -- C:\Windows\SysWOW64\inetcomm.dll ©
O18 - Handler: mk [64Bits] - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensões OLE32 para Win32.) -- C:\Windows\SysWOW64\urlmon.dll ©
O18 - Handler: ms-its [64Bits] - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\SysWOW64\itss.dll ©
O18 - Handler: osf [64Bits] - {D924BDC6-C83A-4BD5-90D0-095128A113D1} . (.Microsoft Corporation - Microsoft Office 2013 component.) -- C:\Program Files\Microsoft Office 15\root\office15\MSOSB.DLL ©
O18 - Handler: res [64Bits] - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visualizador de HTML da Microsoft (R).) -- C:\Windows\SysWOW64\mshtml.dll ©
O18 - Handler: skypec2c [64Bits] - {91774881-D725-4E58-B298-07617B9B86A8} . (.Microsoft Corporation - Skype Click to Call IE Add-on.) -- C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll ©
O18 - Handler: tbauth [64Bits] - {14654CA6-5711-491D-B89A-58E571679951} . (.Microsoft Corporation - TBAuth protocol handler.) -- C:\Windows\SysWOW64\tbauth.dll ©
O18 - Handler: tv [64Bits] - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} . (.Microsoft Corporation - Controle ActiveX para streaming de vídeo.) -- C:\Windows\SysWOW64\MSVidCtl.dll ©
O18 - Handler: vbscript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visualizador de HTML da Microsoft (R).) -- C:\Windows\SysWOW64\mshtml.dll ©
O18 - Filter: application/octet-stream [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\SysWOW64\mscoree.dll ©
O18 - Filter: application/x-complus [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\SysWOW64\mscoree.dll ©
O18 - Filter: application/x-msdownload [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\SysWOW64\mscoree.dll ©
---\\ Serviços NT não Microsoft e não desativados (2) - 1s
O23 - Service: Serviço do Kaspersky Anti-Virus 15.0.2 (AVP15.0.2) . (.Kaspersky Lab ZAO - Kaspersky Anti-Virus.) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.2\avp.exe ©
O23 - Service: McAfee Service Controller (mfemms) . (...) - C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe (.not file.)
---\\ Software instalados (17) - 5s
O42 - Logiciel: Intel(R) Graphics Media Accelerator Driver - (.Intel Corporation.) [HKLM][64Bits] -- HDMI ©
O42 - Logiciel: Office 15 Click-to-Run Licensing Component - (.Microsoft Corporation.) [HKLM][64Bits] -- {90150000-008F-0000-1000-0000000FF1CE} ©
O42 - Logiciel: Intel® Matrix Storage Manager - (.Intel Corporation.) [HKLM][64Bits] -- {9068B2BE-D93A-4C0A-861C-5E35E2C0E09E} ©
O42 - Logiciel: Alps Pointing-device for VAIO - (.ALPS ELECTRIC CO., LTD..) [HKLM][64Bits] -- {9F72EF8B-AEC9-4CA5-B483-143980AFD6FD} ©
O42 - Logiciel: Battle.net - (.Blizzard Entertainment.) [HKLM][64Bits] -- Battle.net ©
O42 - Logiciel: Kaspersky Total Security - (.Kaspersky Lab.) [HKLM][64Bits] -- InstallWIX_{02FECEE0-16B2-43DB-BC3B-C844477FC142} ©
O42 - Logiciel: LG PC Suite - (.LG Electronics.) [HKLM][64Bits] -- LG PC Suite ©
O42 - Logiciel: World of Warcraft - (.Blizzard Entertainment.) [HKLM][64Bits] -- World of Warcraft ©
O42 - Logiciel: Kaspersky Total Security - (.Kaspersky Lab.) [HKLM][64Bits] -- {02FECEE0-16B2-43DB-BC3B-C844477FC142} ©
O42 - Logiciel: Atheros Client Installation Program - (.Atheros.) [HKLM][64Bits] -- {28006915-2739-4EBE-B5E8-49B25D32EB33} ©
O42 - Logiciel: LG United Mobile Drivers - (.LG Electronics.) [HKLM][64Bits] -- {4DE95ED9-0A29-4C4F-8463-35857CF9BA36} ©
O42 - Logiciel: Skype™ 7.8 - (.Skype Technologies S.A..) [HKLM][64Bits] -- {6A0549A9-1B96-498C-ACBC-3943001FEB19} ©
O42 - Logiciel: Skype Click to Call - (.Microsoft Corporation.) [HKLM][64Bits] -- {6D1221A9-17BF-4EC0-81F2-27D30EC30701} ©
O42 - Logiciel: Office 15 Click-to-Run Extensibility Component - (.Microsoft Corporation.) [HKLM][64Bits] -- {90150000-008C-0000-0000-0000000FF1CE} ©
O42 - Logiciel: Office 15 Click-to-Run Localization Component - (.Microsoft Corporation.) [HKLM][64Bits] -- {90150000-008C-0416-0000-0000000FF1CE} ©
O42 - Logiciel: SmartWi Connection Utility - (.Sony.) [HKLM][64Bits] -- {9B5F85CA-90D4-4AFC-BB37-32477FD0D2B9} ©
O42 - Logiciel: Realtek High Definition Audio Driver - (.Realtek Semiconductor Corp..) [HKLM][64Bits] -- {F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC} ©
---\\ Ponto de restauro do sistema (54) - 5s
HKLM\SOFTWARE\Wow6432Node\Atheros
HKLM\SOFTWARE\Wow6432Node\Blizzard Entertainment
HKLM\SOFTWARE\Wow6432Node\Google
HKLM\SOFTWARE\Wow6432Node\IM Providers
HKLM\SOFTWARE\Wow6432Node\InstallShield
HKLM\SOFTWARE\Wow6432Node\Intel
HKLM\SOFTWARE\Wow6432Node\KasperskyLab
HKLM\SOFTWARE\Wow6432Node\LG Electronics
HKLM\SOFTWARE\Wow6432Node\Macromedia
HKLM\SOFTWARE\Wow6432Node\McAfee
HKLM\SOFTWARE\Wow6432Node\McAfee.com
HKLM\SOFTWARE\Wow6432Node\McAfeeRiskScan
HKLM\SOFTWARE\Wow6432Node\Mozilla
HKLM\SOFTWARE\Wow6432Node\MozillaPlugins
HKLM\SOFTWARE\Wow6432Node\Nuance
HKLM\SOFTWARE\Wow6432Node\ODBC
HKLM\SOFTWARE\Wow6432Node\Realtek
HKLM\SOFTWARE\Wow6432Node\Realtek Semiconductor Corp.
HKLM\SOFTWARE\Wow6432Node\Safer Networking Limited
HKLM\SOFTWARE\Wow6432Node\Skype
HKLM\SOFTWARE\Wow6432Node\Sony
HKLM\SOFTWARE\Wow6432Node\Sony Corporation
HKLM\SOFTWARE\Wow6432Node\SRS Labs
HKLM\SOFTWARE\Wow6432Node\SuppHelpDir
HKLM\SOFTWARE\Wow6432Node\RegisteredApplications
HKCU\SOFTWARE\Alps
HKCU\SOFTWARE\AppDataLow
HKCU\SOFTWARE\ArcSoft
HKCU\SOFTWARE\AVAST Software
HKCU\SOFTWARE\Blizzard Entertainment
HKCU\SOFTWARE\ESET
HKCU\SOFTWARE\Google
HKCU\SOFTWARE\IM Providers
HKCU\SOFTWARE\Intel
HKCU\SOFTWARE\KasperskyLab
HKCU\SOFTWARE\LG Electronics
HKCU\SOFTWARE\Local AppWizard-Generated Applications
HKCU\SOFTWARE\LowRegistry
HKCU\SOFTWARE\Macromedia
HKCU\SOFTWARE\McAfeeInstaller
HKCU\SOFTWARE\Mine
HKCU\SOFTWARE\MozillaPlugins
HKCU\SOFTWARE\Netscape
HKCU\SOFTWARE\ODBC
HKCU\SOFTWARE\Realtek
HKCU\SOFTWARE\RegisteredApplications
HKCU\SOFTWARE\Safer Networking Limited
HKCU\SOFTWARE\Skype
HKCU\SOFTWARE\Sony
HKCU\SOFTWARE\Sony Corporation
HKCU\SOFTWARE\Trolltech
HKCU\SOFTWARE\Wow6432Node
HKCU\SOFTWARE\ZebHelpProcess Helper
HKCU\SOFTWARE\AppDataLow\Software
---\\ Conteúdo das pastas Programs (124) - 7s
O43 - CFD: 2015/08/14 22:32:20 - [] AD -- C:\Program Files (x86)\Atheros
O43 - CFD: 2015/10/11 10:40:33 - [] AD -- C:\Program Files (x86)\Battle.net
O43 - CFD: 2015/08/22 21:57:00 - [] D -- C:\Program Files (x86)\Common Files
O43 - CFD: 2015/08/20 22:48:43 - [] D -- C:\Program Files (x86)\Google
O43 - CFD: 2015/10/10 12:39:23 - [] HD -- C:\Program Files (x86)\InstallShield Installation Information
O43 - CFD: 2015/08/14 22:09:03 - [] D -- C:\Program Files (x86)\Intel
O43 - CFD: 2015/08/19 21:39:40 - [] D -- C:\Program Files (x86)\Internet Explorer
O43 - CFD: 2015/09/17 21:13:31 - [] D -- C:\Program Files (x86)\Kaspersky Lab
O43 - CFD: 2015/09/10 19:06:25 - [] D -- C:\Program Files (x86)\LG Electronics
O43 - CFD: 2015/08/20 23:19:06 - [] D -- C:\Program Files (x86)\Microsoft Office
O43 - CFD: 2015/08/20 23:27:53 - [] D -- C:\Program Files (x86)\Microsoft.NET
O43 - CFD: 2015/08/19 21:31:32 - [] D -- C:\Program Files (x86)\MSBuild
O43 - CFD: 2015/08/14 22:10:10 - [] D -- C:\Program Files (x86)\Realtek
O43 - CFD: 2015/08/19 21:31:32 - [] D -- C:\Program Files (x86)\Reference Assemblies
O43 - CFD: 2015/08/19 23:24:04 - [] RD -- C:\Program Files (x86)\Skype
O43 - CFD: 2015/08/14 22:11:50 - [] D -- C:\Program Files (x86)\Sony
O43 - CFD: 2015/10/08 21:50:58 - [] AD -- C:\Program Files (x86)\Spybot - Search & Destroy 2
O43 - CFD: 2015/08/14 22:10:34 - [0] HD -- C:\Program Files (x86)\Temp
O43 - CFD: 2009/07/14 01:57:06 - [0] HD -- C:\Program Files (x86)\Uninstall Information
O43 - CFD: 2015/08/20 21:33:35 - [] D -- C:\Program Files (x86)\Windows Defender
O43 - CFD: 2015/08/19 21:55:47 - [] D -- C:\Program Files (x86)\Windows Mail
O43 - CFD: 2015/08/20 21:33:35 - [] D -- C:\Program Files (x86)\Windows Media Player
O43 - CFD: 2015/07/10 08:04:26 - [] D -- C:\Program Files (x86)\Windows Multimedia Platform
O43 - CFD: 2015/07/10 08:04:22 - [] D -- C:\Program Files (x86)\Windows NT
O43 - CFD: 2015/08/20 21:33:35 - [] D -- C:\Program Files (x86)\Windows Photo Viewer
O43 - CFD: 2015/07/10 08:04:26 - [] D -- C:\Program Files (x86)\Windows Portable Devices
O43 - CFD: 2015/08/19 21:55:47 - [] SHD -- C:\Program Files (x86)\Windows Sidebar
O43 - CFD: 2015/07/10 08:04:22 - [] SD -- C:\Program Files (x86)\WindowsPowerShell
O43 - CFD: 2015/09/20 11:04:52 - [] AD -- C:\Program Files (x86)\World of Warcraft
O43 - CFD: 2015/07/10 08:04:26 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessibility
O43 - CFD: 2015/08/19 21:58:19 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
O43 - CFD: 2015/07/10 08:04:26 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools
O43 - CFD: 2015/08/19 21:58:19 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battle.net
O43 - CFD: 2009/07/14 01:57:12 - [0] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
O43 - CFD: 2015/08/19 21:58:19 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel® Matrix Storage Manager
O43 - CFD: 2015/09/17 21:14:42 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Total Security
O43 - CFD: 2015/09/10 19:07:19 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LG PC Suite
O43 - CFD: 2015/07/10 08:04:26 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance
O43 - CFD: 2015/10/08 21:58:26 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
O43 - CFD: 2015/08/19 23:18:03 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
O43 - CFD: 2015/08/19 21:58:19 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SmartWi Connection Utility
O43 - CFD: 2015/07/10 08:04:26 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StartUp
O43 - CFD: 2015/07/10 08:04:26 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools
O43 - CFD: 2015/07/10 13:48:51 - [0] RHD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tablet PC
O43 - CFD: 2015/08/19 21:58:19 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\World of Warcraft
O43 - CFD: 2015/07/10 09:21:38 - [0] SHD -- C:\ProgramData\Application Data
O43 - CFD: 2015/08/25 21:21:11 - [] D -- C:\ProgramData\ArcSoft
O43 - CFD: 2015/08/14 22:32:38 - [] D -- C:\ProgramData\Atheros
O43 - CFD: 2015/08/23 20:36:17 - [] D -- C:\ProgramData\AVAST Software
O43 - CFD: 2015/08/14 23:28:33 - [] D -- C:\ProgramData\Battle.net
O43 - CFD: 2015/08/14 23:31:51 - [] D -- C:\ProgramData\Blizzard Entertainment
O43 - CFD: 2015/07/10 08:04:22 - [0] D -- C:\ProgramData\Comms
O43 - CFD: 2015/08/14 21:00:30 - [0] SHD -- C:\ProgramData\Dados de aplicativos
O43 - CFD: 2015/07/10 09:21:38 - [0] SHD -- C:\ProgramData\Desktop
O43 - CFD: 2015/08/14 21:00:30 - [0] SHD -- C:\ProgramData\Documentos
O43 - CFD: 2015/07/10 09:21:38 - [0] SHD -- C:\ProgramData\Documents
O43 - CFD: 2015/08/14 21:00:30 - [0] SHD -- C:\ProgramData\Favoritos
O43 - CFD: 2015/10/11 10:44:30 - [] D -- C:\ProgramData\Kaspersky Lab
O43 - CFD: 2015/08/22 22:00:38 - [] D -- C:\ProgramData\McAfee
O43 - CFD: 2015/08/14 21:00:30 - [0] SHD -- C:\ProgramData\Menu Iniciar
O43 - CFD: 2015/09/06 23:52:27 - [] SD -- C:\ProgramData\Microsoft
O43 - CFD: 2015/08/19 22:18:09 - [] D -- C:\ProgramData\Microsoft OneDrive
O43 - CFD: 2015/08/14 21:00:30 - [0] SHD -- C:\ProgramData\Modelos
O43 - CFD: 2015/09/25 13:23:57 - [] AD -- C:\ProgramData\regid.1991-06.com.microsoft
O43 - CFD: 2015/08/19 23:18:10 - [] D -- C:\ProgramData\Skype
O43 - CFD: 2015/07/10 08:04:22 - [0] D -- C:\ProgramData\SoftwareDistribution
O43 - CFD: 2015/08/14 22:43:00 - [] D -- C:\ProgramData\Sony Corporation
O43 - CFD: 2015/09/07 14:35:35 - [] D -- C:\ProgramData\Spybot - Search & Destroy
O43 - CFD: 2015/07/10 09:21:38 - [0] SHD -- C:\ProgramData\Start Menu
O43 - CFD: 2015/07/10 09:21:38 - [0] SHD -- C:\ProgramData\Templates
O43 - CFD: 2015/07/10 09:22:45 - [] D -- C:\ProgramData\USOPrivate
O43 - CFD: 2015/07/10 09:22:45 - [] D -- C:\ProgramData\USOShared
O43 - CFD: 2015/10/10 12:39:30 - [] D -- C:\Program Files (x86)\Common Files\ArcSoft
O43 - CFD: 2015/08/20 23:28:08 - [] AD -- C:\Program Files (x86)\Common Files\DESIGNER
O43 - CFD: 2015/08/14 22:10:06 - [] D -- C:\Program Files (x86)\Common Files\InstallShield
O43 - CFD: 2015/08/22 21:57:00 - [] D -- C:\Program Files (x86)\Common Files\McAfee
O43 - CFD: 2015/08/29 18:42:29 - [] AD -- C:\Program Files (x86)\Common Files\Microsoft Shared
O43 - CFD: 2015/07/10 08:04:26 - [] D -- C:\Program Files (x86)\Common Files\Services
O43 - CFD: 2015/08/19 23:18:01 - [] AD -- C:\Program Files (x86)\Common Files\Skype
O43 - CFD: 2015/08/19 21:55:47 - [] D -- C:\Program Files (x86)\Common Files\SpeechEngines
O43 - CFD: 2015/07/10 13:36:39 - [] D -- C:\Program Files (x86)\Common Files\System
O43 - CFD: 2015/08/16 06:48:37 - [] D -- C:\Users\Ricardo\AppData\Roaming\Adobe
O43 - CFD: 2015/08/14 22:24:41 - [] D -- C:\Users\Ricardo\AppData\Roaming\ArcSoft
O43 - CFD: 2015/08/15 16:10:16 - [] D -- C:\Users\Ricardo\AppData\Roaming\Battle.net
O43 - CFD: 2015/09/17 20:42:10 - [] D -- C:\Users\Ricardo\AppData\Roaming\ESET
O43 - CFD: 2015/08/14 21:01:02 - [] D -- C:\Users\Ricardo\AppData\Roaming\Identities
O43 - CFD: 2015/08/14 22:08:54 - [] D -- C:\Users\Ricardo\AppData\Roaming\InstallShield
O43 - CFD: 2015/09/10 19:26:12 - [] D -- C:\Users\Ricardo\AppData\Roaming\LG Electronics
O43 - CFD: 2015/08/19 22:43:56 - [] D -- C:\Users\Ricardo\AppData\Roaming\Macromedia
O43 - CFD: 2015/08/29 20:04:02 - [] SD -- C:\Users\Ricardo\AppData\Roaming\Microsoft
O43 - CFD: 2015/09/10 19:32:13 - [] D -- C:\Users\Ricardo\AppData\Roaming\ML
O43 - CFD: 2015/08/23 20:46:31 - [] D -- C:\Users\Ricardo\AppData\Roaming\Skype
O43 - CFD: 2015/10/11 10:55:16 - [] D -- C:\Users\Ricardo\AppData\Roaming\ZHP
O43 - CFD: 2015/08/14 21:13:30 - [] D -- C:\Users\Ricardo\AppData\Local\Apps
O43 - CFD: 2015/08/14 22:03:03 - [] D -- C:\Users\Ricardo\AppData\Local\ArcSoft
O43 - CFD: 2015/10/11 10:42:00 - [] D -- C:\Users\Ricardo\AppData\Local\Battle.net
O43 - CFD: 2015/08/14 23:32:17 - [] D -- C:\Users\Ricardo\AppData\Local\Blizzard Entertainment
O43 - CFD: 2015/08/19 23:01:03 - [] D -- C:\Users\Ricardo\AppData\Local\Comms
O43 - CFD: 2015/08/19 21:53:44 - [0] SHD -- C:\Users\Ricardo\AppData\Local\Dados de Aplicativos
O43 - CFD: 2015/10/10 19:26:06 - [] D -- C:\Users\Ricardo\AppData\Local\Diagnostics
O43 - CFD: 2015/09/19 16:17:14 - [0] D -- C:\Users\Ricardo\AppData\Local\ElevatedDiagnostics
O43 - CFD: 2015/08/20 22:48:15 - [] D -- C:\Users\Ricardo\AppData\Local\Google
O43 - CFD: 2015/08/16 22:40:12 - [] D -- C:\Users\Ricardo\AppData\Local\GWX
O43 - CFD: 2015/08/19 21:53:44 - [0] SHD -- C:\Users\Ricardo\AppData\Local\Histórico
O43 - CFD: 2015/09/10 19:07:17 - [] D -- C:\Users\Ricardo\AppData\Local\LG Electronics
O43 - CFD: 2015/10/10 19:25:53 - [] D -- C:\Users\Ricardo\AppData\Local\Microsoft
O43 - CFD: 2015/08/19 22:43:27 - [] D -- C:\Users\Ricardo\AppData\Local\MicrosoftEdge
O43 - CFD: 2015/08/19 22:28:36 - [0] D -- C:\Users\Ricardo\AppData\Local\NetworkTiles
O43 - CFD: 2015/10/10 17:59:12 - [] D -- C:\Users\Ricardo\AppData\Local\Packages
O43 - CFD: 2015/09/06 23:51:12 - [] D -- C:\Users\Ricardo\AppData\Local\Programs
O43 - CFD: 2015/08/19 22:15:45 - [] D -- C:\Users\Ricardo\AppData\Local\Publishers
O43 - CFD: 2015/08/19 23:18:24 - [] D -- C:\Users\Ricardo\AppData\Local\Skype
O43 - CFD: 2015/08/20 20:34:13 - [] D -- C:\Users\Ricardo\AppData\Local\speech
O43 - CFD: 2015/10/11 10:54:25 - [] AD -- C:\Users\Ricardo\AppData\Local\Temp
O43 - CFD: 2015/08/19 21:53:44 - [0] SHD -- C:\Users\Ricardo\AppData\Local\Temporary Internet Files
O43 - CFD: 2015/08/19 22:13:34 - [] D -- C:\Users\Ricardo\AppData\Local\TileDataLayer
O43 - CFD: 2015/08/20 23:17:06 - [] D -- C:\Users\Ricardo\AppData\Local\VirtualStore
O43 - CFD: 2015/07/10 08:04:26 - [] RD -- C:\Users\Ricardo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
O43 - CFD: 2015/08/19 22:13:35 - [] RD -- C:\Users\Ricardo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
O43 - CFD: 2015/08/27 18:03:39 - [] RD -- C:\Users\Ricardo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
O43 - CFD: 2015/07/10 08:04:26 - [] D -- C:\Users\Ricardo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
O43 - CFD: 2015/08/27 18:03:39 - [] RD -- C:\Users\Ricardo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
O43 - CFD: 2015/07/10 08:04:26 - [] RD -- C:\Users\Ricardo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
O43 - CFD: 2015/07/10 08:04:45 - [] RSD -- C:\Users\Ricardo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell
---\\ Softwares de proteçao do sistema (Supérfluo) (8) - 0s
O106 - SIOI: ErrorOverlayHandler Class [ OneDrive1] - {BBACC218-34EA-4666-9D7A-C78F2274A524}. (.Microsoft Corporation - Microsoft OneDrive Shell Extension.) -- C:\Users\Ricardo\AppData\Local\Microsoft\OneDrive\17.3.5951.0827\FileSyncShell.dll ©
O106 - SIOI: SharedOverlayHandler Class [ OneDrive2] - {5AB7172C-9C11-405C-8DD5-AF20F3606282}. (.Microsoft Corporation - Microsoft OneDrive Shell Extension.) -- C:\Users\Ricardo\AppData\Local\Microsoft\OneDrive\17.3.5951.0827\FileSyncShell.dll ©
O106 - SIOI: SharedSyncingOverlayHandler Class [ OneDrive3] - {A78ED123-AB77-406B-9962-2A5D9D2F7F30}. (.Microsoft Corporation - Microsoft OneDrive Shell Extension.) -- C:\Users\Ricardo\AppData\Local\Microsoft\OneDrive\17.3.5951.0827\FileSyncShell.dll ©
O106 - SIOI: UpToDateOverlayHandler Class [ OneDrive4] - {F241C880-6982-4CE5-8CF7-7085BA96DA5A}. (.Microsoft Corporation - Microsoft OneDrive Shell Extension.) -- C:\Users\Ricardo\AppData\Local\Microsoft\OneDrive\17.3.5951.0827\FileSyncShell.dll ©
O106 - SIOI: SyncingOverlayHandler Class [ OneDrive5] - {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}. (.Microsoft Corporation - Microsoft OneDrive Shell Extension.) -- C:\Users\Ricardo\AppData\Local\Microsoft\OneDrive\17.3.5951.0827\FileSyncShell.dll ©
O106 - SIOI: Microsoft SkyDrive Pro Icon Overlay 1 (ErrorConflict) [ SkyDrivePro1 (ErrorConflict)] - {8BA85C75-763B-4103-94EB-9470F12FE0F7}. (.Microsoft Corporation - Microsoft OneDrive for Business Extensions.) -- C:\Program Files\Microsoft Office 15\root\office15\grooveex.dll ©
O106 - SIOI: Microsoft SkyDrive Pro Icon Overlay 2 (SyncInProgress) [ SkyDrivePro2 (SyncInProgress)] - {CD55129A-B1A1-438E-A425-CEBC7DC684EE}. (.Microsoft Corporation - Microsoft OneDrive for Business Extensions.) -- C:\Program Files\Microsoft Office 15\root\office15\grooveex.dll ©
O106 - SIOI: Microsoft SkyDrive Pro Icon Overlay 3 (InSync) [ SkyDrivePro3 (InSync)] - {E768CD3B-BDDC-436D-9C13-E1B39CA257B1}. (.Microsoft Corporation - Microsoft OneDrive for Business Extensions.) -- C:\Program Files\Microsoft Office 15\root\office15\grooveex.dll ©
---\\ Lista dos drivers do sistema (65) - 14s
O58 - SDL:2015/07/10 07:59:38 A . (.LSI - LSI 3ware SCSI Storport Driver.) -- C:\WINDOWS\System32\drivers\3ware.sys [107360] ©
O58 - SDL:2015/07/10 07:59:38 A . (.PMC-Sierra - PMC-Sierra Storport Driver For SPC8x6G SAS.) -- C:\WINDOWS\System32\drivers\adp80xx.sys [1135456] ©
O58 - SDL:2015/07/10 07:59:38 A . (.Advanced Micro Devices - AHCI 1.3 Device Driver.) -- C:\WINDOWS\System32\drivers\amdsata.sys [83296] ©
O58 - SDL:2015/07/10 07:59:38 A . (.AMD Technologies Inc. - AMD Technology AHCI Compatible Controller D.) -- C:\WINDOWS\System32\drivers\amdsbs.sys [259424] ©
O58 - SDL:2015/07/10 07:59:38 A . (.Advanced Micro Devices - Storage Filter Driver.) -- C:\WINDOWS\System32\drivers\amdxata.sys [26976] ©
O58 - SDL:2009/09/10 11:47:42 A . (.Alps Electric Co., Ltd. - Alps Touch Pad Driver.) -- C:\WINDOWS\System32\drivers\Apfiltr.sys [250928] ©
O58 - SDL:2015/07/10 07:59:38 A . (.PMC-Sierra, Inc. - Adaptec SAS RAID WS03 Driver.) -- C:\WINDOWS\System32\drivers\arcsas.sys [131936] ©
O58 - SDL:2009/10/05 08:34:00 A . (.Atheros Communications, Inc. - Atheros Extensible Wireless LAN device driv.) -- C:\WINDOWS\System32\drivers\athrx.sys [1542656] ©
O58 - SDL:2015/07/10 07:59:38 A . (.Windows (R) Win 7 DDK provider - BCM Function 2 Device Driver.) -- C:\WINDOWS\System32\drivers\bcmfn2.sys [17624] ©
O58 - SDL:2015/07/10 07:59:38 A . (.Broadcom Corporation - Broadcom NetXtreme II GigE VBD.) -- C:\WINDOWS\System32\drivers\bxvbda.sys [531296] ©
O58 - SDL:2015/07/02 18:55:56 A . (.Kaspersky Lab UK Ltd - Cryptographic Module.) -- C:\WINDOWS\System32\drivers\cm_km_w.sys [247016] ©
O58 - SDL:2015/07/10 07:59:38 A . (.QLogic Corporation - QLogic 10 GigE VBD.) -- C:\WINDOWS\System32\drivers\evbda.sys [3436896] ©
O58 - SDL:2015/07/10 07:59:38 A . (.Hewlett-Packard Company - Smart Array SAS/SATA Controller Media Drive.) -- C:\WINDOWS\System32\drivers\HpSAMD.sys [64352] ©
O58 - SDL:2015/07/10 07:59:36 A . (.Intel Corporation - Intel(R) Serial IO GPIO Controller Driver.) -- C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys [38128] ©
O58 - SDL:2015/07/10 07:59:36 A . (.Intel Corporation - Intel(R) Serial IO I2C Controller Driver.) -- C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys [122608] ©
O58 - SDL:2009/06/04 18:54:36 A . (.Intel Corporation - Intel Matrix Storage Manager driver - x64.) -- C:\WINDOWS\System32\drivers\iaStor.sys [408600] ©
O58 - SDL:2015/07/10 07:59:38 A . (.Intel Corporation - Intel(R) Rapid Storage Technology driver (i.) -- C:\WINDOWS\System32\drivers\iaStorAV.sys [673120] ©
O58 - SDL:2015/07/10 07:59:38 A . (.Intel Corporation - Intel Matrix Storage Manager driver - x64.) -- C:\WINDOWS\System32\drivers\iaStorV.sys [412000] ©
O58 - SDL:2015/07/10 07:59:39 A . (.Mellanox - InfiniBand Fabric Bus Driver.) -- C:\WINDOWS\System32\drivers\ibbus.sys [424800] ©
O58 - SDL:2012/03/23 18:13:28 A . (.Intel Corporation - Intel Graphics Kernel Mode Driver.) -- C:\WINDOWS\System32\drivers\igdkmd64.sys [10627744] ©
O58 - SDL:2015/08/14 22:50:23 A . (.Intel(R) Corporation - Intel(R) High Definition Audio HDMI.) -- C:\WINDOWS\System32\drivers\IntcHdmi.sys [139264] ©
O58 - SDL:2015/07/02 18:55:56 A . (.Kaspersky Lab ZAO - Kaspersky Unified Driver.) -- C:\WINDOWS\System32\drivers\kl1.sys [478392] ©
O58 - SDL:2015/07/02 18:55:56 A . (.Kaspersky Lab ZAO - Virtual Disk fre_wnet_x64.) -- C:\WINDOWS\System32\drivers\kldisk.sys [64368] ©
O58 - SDL:2012/07/27 17:38:24 A . (.Kaspersky Lab - Klelam Mini-Filter [fre_win8_x64].) -- C:\WINDOWS\System32\drivers\klelam.sys [29616] ©
O58 - SDL:2015/07/02 18:55:56 A . (.Kaspersky Lab ZAO - Filter Core [fre_win8_x64].) -- C:\WINDOWS\System32\drivers\klflt.sys [159960] ©
O58 - SDL:2015/07/02 18:55:56 A . (.Kaspersky Lab ZAO - KLHK [fre_win8_x64].) -- C:\WINDOWS\System32\drivers\klhk.sys [226480] ©
O58 - SDL:2015/10/06 14:11:55 A . (.Kaspersky Lab ZAO - Klif Mini-Filter [fre_win8_x64].) -- C:\WINDOWS\System32\drivers\klif.sys [817848] ©
O58 - SDL:2015/07/02 18:55:56 A . (.Kaspersky Lab ZAO - Kaspersky Lab Intermediate Network Driver [.) -- C:\WINDOWS\System32\drivers\klim6.sys [39792] ©
O58 - SDL:2015/07/02 18:55:56 A . (.Kaspersky Lab ZAO - KLKBDFLT Keyboard Device Filter [fre_win8_x.) -- C:\WINDOWS\System32\drivers\klkbdflt.sys [40304] ©
O58 - SDL:2015/07/02 18:55:56 A . (.Kaspersky Lab ZAO - KLMOUFLT Mouse Device Filter [fre_win8_x64].) -- C:\WINDOWS\System32\drivers\klmouflt.sys [39792] ©
O58 - SDL:2015/07/02 18:55:58 A . (.Kaspersky Lab ZAO - KLPD [fre_wnet_x64].) -- C:\WINDOWS\System32\drivers\klpd.sys [24944] ©
O58 - SDL:2015/07/02 18:55:58 A . (.Kaspersky Lab ZAO - Network filtering component [fre_win8_x64].) -- C:\WINDOWS\System32\drivers\klwfp.sys [77680] ©
O58 - SDL:2015/07/02 18:55:58 A . (.Kaspersky Lab ZAO - Network filtering component.) -- C:\WINDOWS\System32\drivers\klwtp.sys [85360] ©
O58 - SDL:2015/10/06 14:11:57 A . (.Kaspersky Lab ZAO - KNEPS Power [fre_wnet_amd64].) -- C:\WINDOWS\System32\drivers\kneps.sys [190648] ©
O58 - SDL:2015/01/21 13:55:54 A . (.LG Electronics Inc. - LGE AndroidNet Driver.) -- C:\WINDOWS\System32\drivers\lgandnetbus64.sys [20992] ©
O58 - SDL:2015/01/26 09:22:42 A . (.LG Electronics Inc. - LGE AndroidNet Driver.) -- C:\WINDOWS\System32\drivers\lgandnetdiag64.sys [30720] ©
O58 - SDL:2015/01/26 09:23:56 A . (.LG Electronics Inc. - LGE AndroidNet Driver.) -- C:\WINDOWS\System32\drivers\lgandnetmodem64.sys [37376] ©
O58 - SDL:2015/07/10 07:59:38 A . (.LSI Corporation - LSI Fusion-MPT SAS Driver (StorPort).) -- C:\WINDOWS\System32\drivers\lsi_sas.sys [108896] ©
O58 - SDL:2015/07/10 07:59:38 A . (.LSI Corporation - LSI SAS Gen2 Driver (StorPort).) -- C:\WINDOWS\System32\drivers\lsi_sas2i.sys [104800] ©
O58 - SDL:2015/07/10 07:59:38 A . (.Avago Technologies - Avago SAS Gen3 Driver (StorPort).) -- C:\WINDOWS\System32\drivers\lsi_sas3i.sys [99168] ©
O58 - SDL:2015/07/10 07:59:38 A . (.LSI Corporation - LSI SSS PCIe/Flash Driver (StorPort).) -- C:\WINDOWS\System32\drivers\lsi_sss.sys [82784] ©
O58 - SDL:2015/07/10 07:59:39 A . (.Avago Technologies - MEGASAS RAID Controller Driver for Windows.) -- C:\WINDOWS\System32\drivers\megasas.sys [59744] ©
O58 - SDL:2015/07/10 07:59:39 A . (.LSI Corporation, Inc. - LSI MegaRAID Software RAID Driver.) -- C:\WINDOWS\System32\drivers\megasr.sys [575840] ©
O58 - SDL:2015/07/10 07:59:39 A . (.Mellanox - MLX4 Bus Driver.) -- C:\WINDOWS\System32\drivers\mlx4_bus.sys [705376] ©
O58 - SDL:2015/07/10 07:59:39 A . (.Marvell Semiconductor, Inc. - Marvell Flash Controller Driver.) -- C:\WINDOWS\System32\drivers\mvumis.sys [63840] ©
O58 - SDL:2015/07/10 07:59:39 A . (.Mellanox - NetworkDirect Support Filter Driver.) -- C:\WINDOWS\System32\drivers\ndfltr.sys [76128] ©
O58 - SDL:2015/07/10 07:59:39 A . (.NVIDIA Corporation - NVIDIA® nForce(TM) RAID Driver.) -- C:\WINDOWS\System32\drivers\nvraid.sys [150368] ©
O58 - SDL:2015/07/10 07:59:39 A . (.NVIDIA Corporation - NVIDIA® nForce(TM) Sata Performance Driver.) -- C:\WINDOWS\System32\drivers\nvstor.sys [166240] ©
O58 - SDL:2015/07/10 07:59:39 A . (.LSI Corporation - MEGASAS RAID Controller Driver for Windows.) -- C:\WINDOWS\System32\drivers\percsas2i.sys [58208] ©
O58 - SDL:2015/07/10 07:59:39 A . (.Avago Technologies - MEGASAS RAID Controller Driver for Windows.) -- C:\WINDOWS\System32\drivers\percsas3i.sys [58720] ©
O58 - SDL:2015/06/24 22:57:00 A . (.Realtek Semiconductor Corp. - Realtek(r) High Definition Audio Function D.) -- C:\WINDOWS\System32\drivers\RTKVHD64.sys [4504320] ©
O58 - SDL:2007/08/03 05:35:54 A . (.Sony Corporation - Sony Firmware Extension Parser driver.) -- C:\WINDOWS\System32\drivers\SFEP.sys [11392] ©
O58 - SDL:2015/07/10 07:59:39 A . (.Silicon Integrated Systems Corp. - SiS RAID Stor Miniport Driver.) -- C:\WINDOWS\System32\drivers\sisraid2.sys [44896] ©
O58 - SDL:2015/07/10 07:59:39 A . (.Silicon Integrated Systems - SiS AHCI Stor-Miniport Driver.) -- C:\WINDOWS\System32\drivers\sisraid4.sys [81760] ©
O58 - SDL:2015/07/10 07:59:39 A . (.Promise Technology, Inc. - Promise SuperTrak EX Series Driver for Wind.) -- C:\WINDOWS\System32\drivers\stexstor.sys [31072] ©
O58 - SDL:2015/07/10 07:59:48 A . (...) -- C:\WINDOWS\System32\drivers\Udecx.sys [44032]
O58 - SDL:2015/07/10 07:59:39 A . (.VIA Technologies Inc.,Ltd - VIA RAID DRIVER FOR AMD-X86-64.) -- C:\WINDOWS\System32\drivers\vsmraid.sys [166752] ©
O58 - SDL:2015/07/10 07:59:39 A . (.Conexant Systems, Inc. - HSF_HWAZL WDM driver.) -- C:\WINDOWS\System32\drivers\VSTAZL6.SYS [292864] ©
O58 - SDL:2015/07/10 07:59:39 A . (.Conexant Systems, Inc. - HSF_CNXT driver.) -- C:\WINDOWS\System32\drivers\VSTCNXT6.SYS [740864] ©
O58 - SDL:2015/07/10 07:59:39 A . (.Conexant Systems, Inc. - HSF_DP driver.) -- C:\WINDOWS\System32\drivers\VSTDPV6.SYS [1485312] ©
O58 - SDL:2015/07/10 07:59:39 A . (.VIA Corporation - VIA StorX RAID Controller Driver.) -- C:\WINDOWS\System32\drivers\VSTXRAID.SYS [305504] ©
O58 - SDL:2015/07/10 07:59:39 A . (.Mellanox - Kernel WinMad.) -- C:\WINDOWS\System32\drivers\winmad.sys [26976] ©
O58 - SDL:2015/07/10 07:59:39 A . (.Mellanox - Kernel WinVerbs.) -- C:\WINDOWS\System32\drivers\winverbs.sys [59232] ©
O58 - SDL:2015/07/10 07:59:39 A . (.Marvell - NDIS6.30 Miniport Driver for Marvell Yukon.) -- C:\WINDOWS\System32\drivers\yk63x64.sys [295216] ©
O58 - SDL:2009/10/05 08:34:00 A . (.Atheros Communications, Inc. - Atheros Extensible Wireless LAN device driv.) -- C:\WINDOWS\System32\athrx.sys [1542656] ©
---\\ Últimos ficheiros alterados ou criados (Utilizador) (6) - 32s
O61 - LFC: 2015/10/06 17:23:30 A . (..) -- C:\Users\Ricardo\AppData\Roaming\Microsoft\UProof\CMAdj.1046.bin [246]
O61 - LFC: 2015/10/11 08:35:14 A . (..) -- C:\Users\Ricardo\AppData\Local\Packages\Microsoft.XboxApp_8wekyb3d8bbwe\LocalState\GameDVR\KnownGameList.bin [38492]
O61 - LFC: 2015/10/07 19:50:42 A . (..) -- C:\Users\Ricardo\AppData\Local\Packages\Microsoft.WindowsFeedback_cw5n1h2txyewy\AC\Microsoft\CLR_v4.0\NativeImages\feedbackapp.helper\64e439fe869e407acfead97d0dc16d90\feedbackapp.helper.ni.dll [54784]
O61 - LFC: 2015/10/11 10:13:18 A . (..) -- C:\Users\Ricardo\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\MicrosoftEdge\UrlBlock\urlblock_635801599368000959.bin [36476]
O61 - LFC: 2015/10/08 18:24:21 A . (..) -- C:\Users\Ricardo\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\CQMAA33W\beacon[1].dll [0]
O61 - LFC: 2015/10/10 19:23:02 A . (..) -- C:\Users\Ricardo\AppData\Local\Microsoft\Internet Explorer\UrlBlock\urlblock_635801092301585820.bin [34844]
---\\ Associações Shell Spawning (10) - 1s
O67 - Shell Spawning: <.bat>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.cpl>[HKLM\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe ©
O67 - Shell Spawning: <.cmd>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.com>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.evt>[HKLM\..\open\Command] (.Microsoft Corporation - Iniciador do snap-in de 'Visualizar eventos.) -- C:\Windows\System32\eventvwr.exe ©
O67 - Shell Spawning: <.exe>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.html>[HKLM\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe ©
O67 - Shell Spawning: <.js>[HKLM\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\wscript.exe ©
O67 - Shell Spawning: <.reg>[HKLM\..\open\Command] (.Microsoft Corporation - Editor do Registro.) -- C:\Windows\regedit.exe ©
O67 - Shell Spawning: <.scr>[HKLM\..\open\Command] (...) -- "%1" /S
---\\ Menu de inicialização Internet (4) - 0s
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe ©
O68 - StartMenuInternet: [HKLM\..\InstallInfo\ShowIconsCommand] (.Microsoft Corporation - Utilitário de Inicialização por Usuário do.) -- C:\Windows\System32\ie4uinit.exe ©
O68 - StartMenuInternet: [HKLM\..\InstallInfo\ReinstallCommand] (.Microsoft Corporation - Utilitário de Inicialização por Usuário do.) -- C:\Windows\System32\ie4uinit.exe ©
O68 - StartMenuInternet: [HKLM\..\InstallInfo\HideIconsCommand] (.Microsoft Corporation - Utilitário de Inicialização por Usuário do.) -- C:\Windows\System32\ie4uinit.exe ©
---\\ Pesquisa de infeção nos navegadores da Internet (1) - 0s
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} [DefaultScope] - (Bing) - http://www.bing.com/
---\\ Listagem dos serviços iniciados pelo Svchost (41) - 2s
O83 - Search Svchost Services: CertPropSvc (CertPropSvc) . (.Microsoft Corporation - Serviço de Propagação de Certificado de Car.) -- C:\WINDOWS\System32\certprop.dll [192000] ©
O83 - Search Svchost Services: SCPolicySvc (SCPolicySvc) . (.Microsoft Corporation - Serviço de Propagação de Certificado de Car.) -- C:\WINDOWS\System32\certprop.dll [192000] ©
O83 - Search Svchost Services: lanmanserver (lanmanserver) . (.Microsoft Corporation - DLL de Serviço do Servidor.) -- C:\WINDOWS\system32\srvsvc.dll [283136] ©
O83 - Search Svchost Services: gpsvc (gpsvc) . (.Microsoft Corporation - Cliente da Política de Grupo.) -- C:\WINDOWS\System32\gpsvc.dll [1335296] ©
O83 - Search Svchost Services: IKEEXT (IKEEXT) . (.Microsoft Corporation - Extensão IKE.) -- C:\WINDOWS\System32\ikeext.dll [954368] ©
O83 - Search Svchost Services: iphlpsvc (iphlpsvc) . (.Microsoft Corporation - Serviço que oferece conectividade IPv6 em u.) -- C:\WINDOWS\System32\iphlpsvc.dll [954880] ©
O83 - Search Svchost Services: seclogon (seclogon) . (.Microsoft Corporation - DLL de serviço de logon secundário.) -- C:\WINDOWS\system32\seclogon.dll [31232] ©
O83 - Search Svchost Services: AppInfo (AppInfo) . (.Microsoft Corporation - Serviço de Informações de Aplicativos.) -- C:\WINDOWS\System32\appinfo.dll [93696] ©
O83 - Search Svchost Services: msiscsi (msiscsi) . (.Microsoft Corporation - Serviço de Descoberta iSCSI.) -- C:\WINDOWS\system32\iscsiexe.dll [151040] ©
O83 - Search Svchost Services: EapHost (EapHost) . (.Microsoft Corporation - Serviço Microsoft EAPHost.) -- C:\WINDOWS\System32\eapsvc.dll [106496] ©
O83 - Search Svchost Services: schedule (schedule) . (.Microsoft Corporation - Serviço Agendador de Tarefas.) -- C:\WINDOWS\system32\schedsvc.dll [1008640] ©
O83 - Search Svchost Services: winmgmt (winmgmt) . (.Microsoft Corporation - WMI.) -- C:\WINDOWS\system32\wbem\WMIsvc.dll [226304] ©
O83 - Search Svchost Services: browser (browser) . (.Microsoft Corporation - DLL de Serviço Pesquisador de Computadores.) -- C:\WINDOWS\System32\browser.dll [133120] ©
O83 - Search Svchost Services: ProfSvc (ProfSvc) . (.Microsoft Corporation - ProfSvc.) -- C:\WINDOWS\system32\profsvc.dll [324608] ©
O83 - Search Svchost Services: SessionEnv (SessionEnv) . (.Microsoft Corporation - Serviço de Configuração da Área de Trabalho.) -- C:\Windows\System32\SessEnv.dll [371200] ©
O83 - Search Svchost Services: wercplsupport (wercplsupport) . (.Microsoft Corporation - Relatórios de Problemas e Soluções.) -- C:\WINDOWS\System32\wercplsupport.dll [95744] ©
O83 - Search Svchost Services: wlidsvc (wlidsvc) . (.Microsoft Corporation - Serviço Conta da Microsoft®.) -- C:\WINDOWS\system32\wlidsvc.dll [2093056] ©
O83 - Search Svchost Services: DcpSvc (DcpSvc) . (.Microsoft Corporation - dcpsvc Task.) -- C:\WINDOWS\system32\dcpsvc.dll [196096] ©
O83 - Search Svchost Services: NcaSvc (NcaSvc) . (.Microsoft Corporation - Serviço Assistente de Conectividade de Rede.) -- C:\WINDOWS\System32\ncasvc.dll [167424] ©
O83 - Search Svchost Services: NetSetupSvc (NetSetupSvc) . (.Microsoft Corporation - Serviço de Configuração de Rede.) -- C:\WINDOWS\System32\NetSetupSvc.dll [187392] ©
O83 - Search Svchost Services: Rasauto (Rasauto) . (.Microsoft Corporation - Gerenciador de Discagem Automática de Acess.) -- C:\WINDOWS\System32\rasauto.dll [106496] ©
O83 - Search Svchost Services: Rasman (Rasman) . (.Microsoft Corporation - Gerenciador de conexão de acesso remoto.) -- C:\WINDOWS\System32\rasmans.dll [679936] ©
O83 - Search Svchost Services: Remoteaccess (Remoteaccess) . (.Microsoft Corporation - Gerenciador de Interface Dinâmica.) -- C:\Windows\System32\mprdim.dll [497152] ©
O83 - Search Svchost Services: SENS (SENS) . (.Microsoft Corporation - Serviço de Notificação de Eventos do Sistem.) -- C:\WINDOWS\System32\sens.dll [72192] ©
O83 - Search Svchost Services: Sharedaccess (Sharedaccess) . (.Microsoft Corporation - Componentes do Microsoft NAT Helper.) -- C:\WINDOWS\System32\ipnathlp.dll [452608] ©
O83 - Search Svchost Services: Tapisrv (Tapisrv) . (.Microsoft Corporation - Servidor de telefonia do Microsoft® Windows.) -- C:\Windows\System32\tapisrv.dll [311808] ©
O83 - Search Svchost Services: wuauserv (wuauserv) . (.Microsoft Corporation - Windows Update Agent.) -- C:\WINDOWS\system32\wuaueng.dll [2235904] ©
O83 - Search Svchost Services: BITS (BITS) . (.Microsoft Corporation - Serviço de transferência inteligente de tel.) -- C:\WINDOWS\System32\qmgr.dll [1168896] ©
O83 - Search Svchost Services: ShellHWDetection (ShellHWDetection) . (.Microsoft Corporation - DLL de serviços do Shell do Windows.) -- C:\Windows\System32\shsvcs.dll [593920] ©
O83 - Search Svchost Services: dmwappushservice (dmwappushservice) . (.Microsoft Corporation - dmwappushsvc.) -- C:\WINDOWS\system32\dmwappushsvc.dll [63488] ©
O83 - Search Svchost Services: XblGameSave (XblGameSave) . (.Microsoft Corporation - Xbox Live Game Save Service.) -- C:\WINDOWS\System32\XblGameSave.dll [1149440] ©
O83 - Search Svchost Services: XboxNetApiSvc (XboxNetApiSvc) . (.Microsoft Corporation - Xbox Live Networking Service.) -- C:\WINDOWS\system32\XboxNetApiSvc.dll [1019392] ©
O83 - Search Svchost Services: UsoSvc (UsoSvc) . (.Microsoft Corporation - Atualizar Sessão do Orchestrator Core.) -- C:\WINDOWS\system32\usocore.dll [343040] ©
O83 - Search Svchost Services: UserManager (UserManager) . (.Microsoft Corporation - UserMgr.) -- C:\WINDOWS\System32\usermgr.dll [717312] ©
O83 - Search Svchost Services: lfsvc (lfsvc) . (.Microsoft Corporation - Serviço de Geolocalização.) -- C:\Windows\System32\lfsvc.dll [27136] ©
O83 - Search Svchost Services: DmEnrollmentSvc (DmEnrollmentSvc) . (.Microsoft Corporation - DLL do Serviço de Gerenciamento do Windows.) -- C:\Windows\System32\Windows.Internal.Management.dll [267776] ©
O83 - Search Svchost Services: XblAuthManager (XblAuthManager) . (.Microsoft Corporation - Xbox Live Auth Manager.) -- C:\WINDOWS\System32\XblAuthManager.dll [918016] ©
O83 - Search Svchost Services: RetailDemo (RetailDemo) . (.Microsoft Corporation - RDXService.) -- C:\WINDOWS\system32\RDXService.dll [996352] ©
O83 - Search Svchost Services: BDESVC (BDESVC) . (.Microsoft Corporation - Serviço BDE.) -- C:\WINDOWS\System32\bdesvc.dll [359936] ©
O83 - Search Svchost Services: DsmSvc (DsmSvc) . (.Microsoft Corporation - Gerenciador de Instalação de Dispositivo.) -- C:\WINDOWS\System32\DeviceSetupManager.dll [237568] ©
O83 - Search Svchost Services: Themes (Themes) . (.Microsoft Corporation - DLL do Serviço de Tema do Shell do Windows.) -- C:\WINDOWS\system32\themeservice.dll [58368] ©
---\\ Serviços não Microsoft (SR=Executados, SS=Parados) (4) - 47s
SR - Auto [2015/07/02 18:55:58] [ 194000] Serviço do Kaspersky Anti-Virus 15.0.2 (AVP15.0.2) . (.Kaspersky Lab ZAO.) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.2\avp.exe ©
SS - Disabled [2009/06/04 19:03:06] [ 354840] Intel(R) Matrix Storage Event Monitor (IAANTMON) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe ©
SS - Disabled [2015/07/09 13:14:04] [ 327296] Skype Updater (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files (x86)\Skype\Updater\Updater.exe ©
---\\ Scâner Aditional (1) - 0s
~ Nenhum ítem malicioso o desnecessários foi encontrado.
---\\ Informações complémentaires do módulos (1) - 0s
~ Nenhum ítem malicioso o desnecessários foi encontrado.
~ End of the scan, 12939 items in 222 seconds (505)(0)()
~ iniciado por Ricardo (Administrator) (2015/10/11 10:54:46)
~ Site: http://www.nicolascoolman.fr
~ Facebook: https://www.facebook.com/nicolascoolman1
~ Status da versão: Version OK
~ Modo: Scanner
~ Relatório: C:\Users\Ricardo\Desktop\ZHPDiag.txt
~ Relatório: C:\Users\Ricardo\AppData\Roaming\ZHP\ZHPDiag.txt
~ UAC: Activate
~ Inicialização do sistema: Normal (Normal boot)
Windows 10 Home, 64-bit (Build 10240)
---\\ Navegadores Internet (1) - 0s
MSIE: Internet Explorer v11.0.10240.16431
---\\ Informações sobre os produtos Windows (3) - 4s
~ Windows Server License Manager Script : OK
~ Licence Script File Génération : OK
Windows Automatic Updates : OK
---\\ Softwares de proteçao do sistema (2) - 15s
Kaspersky Total Security v15.0.2.396
Windows Defender (Deactivate)
---\\ Informações sobre o sistema (6) - 0s
~ Operating System: Intel64 Family 6 Model 23 Stepping 10, GenuineIntel
~ Operating System: 64-bit
~ Boot mode: Normal (Normal boot)
Total RAM: 4029.456 MB (45% free)
~ System Restore: Activé (Enable)
~ System drive C: has 79 GB free of 149 GB
---\\ Modo de conexão ao sistema (3) - 0s
~ Computer Name: RICARDO-NOTE
~ User Name: Ricardo
~ Logged in as Administrator
---\\ Enumeração das unidades dos discos (2) - 0s
~ Drive C: has 79 GB free of 149 GB (System)
~ Drive D: has 60 GB free of 155 GB
---\\ Estado do Centro de Segurança do Windows (7) - 0s
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
[HKLM\SYSTEM\CurrentControlSet\Services\COMSysApp] Type: OK
---\\ Pesquisa particular de ficheiros genéricos (24) - 3s
[MD5.F1CBCB7FA6F3B309639AA2D4EF74469C] - (.Microsoft Corporation - Windows Explorer.) () -- C:\WINDOWS\Explorer.exe [4532304] ©
[MD5.5DED2A3F11AE916C8F2724947E736261] - (.Microsoft Corporation - Processo de host do Windows (Rundll32).) () -- C:\WINDOWS\System32\rundll32.exe [59392] ©
[MD5.7718A2A9B2BFB2C8E2BAEB03310CA3FD] - (.Microsoft Corporation - Aplicativo de Inicialização do Windows.) () -- C:\WINDOWS\System32\Wininit.exe [290312] ©
[MD5.FE32B8423711B4B4378C0BA3C3560ED4] - (.Microsoft Corporation - Internet Extensions para Win32.) () -- C:\WINDOWS\System32\wininet.dll [2741760] ©
[MD5.84B1FE2E4615A89293F1FD4DE52EE26E] - (.Microsoft Corporation - Aplicativo de Logon do Windows.) () -- C:\WINDOWS\System32\Winlogon.exe [578560] ©
[MD5.ECB1943967424DFB96E03F6A098434EF] - (.Microsoft Corporation - Biblioteca de Licenciamento de Software.) () -- C:\WINDOWS\System32\sppcomapi.dll [430592] ©
[MD5.C287D0E32771E3222A444DC527A29477] - (.Microsoft Corporation - DLL da API de cliente DNS.) () -- C:\WINDOWS\System32\dnsapi.dll [680256] ©
[MD5.BB5BBD0E4D04047585E4ED0F07AA51E7] - (.Microsoft Corporation - DLL da API de cliente DNS.) () -- C:\WINDOWS\Syswow64\dnsapi.dll [534064] ©
[MD5.6C12C7E01A4F64E0AA9C88AF66955CC9] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) () -- C:\WINDOWS\System32\drivers\AFD.sys [577888] ©
[MD5.8921DF6060DB5C7700AA48CB12E9EA08] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) () -- C:\WINDOWS\System32\drivers\atapi.sys [28512] ©
[MD5.F2829DC6D292DCAC5029893BB2E9FEE3] - (.Microsoft Corporation - CD-ROM File System Driver.) () -- C:\WINDOWS\System32\drivers\Cdfs.sys [92672] ©
[MD5.CA160E02F35A61C6F5C681FB4669C519] - (.Microsoft Corporation - SCSI CD-ROM Driver.) () -- C:\WINDOWS\System32\drivers\Cdrom.sys [174080] ©
[MD5.25435407D97419627F4B10653433BF2B] - (.Microsoft Corporation - DFS Namespace Client Driver.) () -- C:\WINDOWS\System32\drivers\DfsC.sys [138240] ©
[MD5.C277A49F8A8295840DEBC9240B75A282] - (.Microsoft Corporation - High Definition Audio Bus Driver.) () -- C:\WINDOWS\System32\drivers\HDAudBus.sys [80896] ©
[MD5.D4CDEE4A62BDFFF6E8558A9552148EA7] - (.Microsoft Corporation - Driver de porta i8042.) () -- C:\WINDOWS\System32\drivers\i8042prt.sys [114688] ©
[MD5.5D3744E6FDEC1A6FB3FA9B1DD4AF0694] - (.Microsoft Corporation - IP Network Address Translator.) () -- C:\WINDOWS\System32\drivers\IpNat.sys [143360] ©
[MD5.1DF2C5FD2710A13B07E663A12F0E0EEA] - (.Microsoft Corporation - Minirdr SMB do Windows NT.) () -- C:\WINDOWS\System32\drivers\MRxSmb.sys [415232] ©
[MD5.F0D791348AD254360CC3C3E501CCB745] - (.Microsoft Corporation - MBT Transport driver.) () -- C:\WINDOWS\System32\drivers\netBT.sys [273408] ©
[MD5.466EC5659C02ED53DBD47DC1BC2B8086] - (.Microsoft Corporation - Driver do Sistema de Arquivos NT.) () -- C:\WINDOWS\System32\drivers\ntfs.sys [2116448] ©
[MD5.38F1AE32339731F6E5A7281AE8042545] - (.Microsoft Corporation - Driver de porta paralela.) () -- C:\WINDOWS\System32\drivers\Parport.sys [96768] ©
[MD5.CA60F6C03611AF1710BC903ED9F566FB] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) () -- C:\WINDOWS\System32\drivers\Rasl2tp.sys [104960] ©
[MD5.A32AED8C644734B283A7C9D08D76064D] - (.Microsoft Corporation - Redirecionador do Dispositivo RDP da Micros.) () -- C:\WINDOWS\System32\drivers\rdpdr.sys [176128] ©
[MD5.28E1E63A1AC65E17B3194238FA2CF3BF] - (.Microsoft Corporation - TDI Translation Driver.) () -- C:\WINDOWS\System32\drivers\tdx.sys [116576] ©
[MD5.823A237D871CD652C6BFD47BECB6810A] - (.Microsoft Corporation - Driver de cópia de sombra de volume.) () -- C:\WINDOWS\System32\drivers\volsnap.sys [378720] ©
---\\ Processos lançados (10) - 1s
[MD5.9C7C876ACB9B707ECD08BD434C46A4D3] - (.Kaspersky Lab ZAO - Kaspersky Anti-Virus.) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.2\avp.exe [194000] [PID.1952] ©
[MD5.70AF0E844C9A684236B96E582D2B2E61] - (.Kaspersky Lab ZAO - Kaspersky Anti-Virus.) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.2\avpui.exe [192768] [PID.3260] ©
[MD5.50075B1F5918C8F5E08A55E7658CCF09] - (.Alps Electric Co., Ltd. - Alps Pointing-device Driver.) -- C:\Program Files\Apoint\Apoint.exe [208384] [PID.2296] ©
[MD5.1AF9CB7C8158D38A6CC8D6834C2043E0] - (.Alps Electric Co., Ltd. - ApMsgFwd.) -- C:\Program Files\Apoint\ApMsgFwd.exe [66856] [PID.9104] ©
[MD5.9D9B61AF3DBDC1490CBC508C8380510B] - (.Alps Electric Co., Ltd. - Alps Pointing-device Driver for Windows NT/.) -- C:\Program Files\Apoint\ApntEx.exe [23552] [PID.6712] ©
[MD5.C2AA8CA8DD71C7311D0A2B5BEE661A3A] - (.ALPS - APVFB.) -- C:\Program Files\Apoint\Apvfb.exe [148992] [PID.3008] ©
[MD5.77C01F1850E55373280A1B865D824F58] - (.© 2015 Microsoft Corporation - Microsoft Bing Service.) -- C:\Users\Ricardo\AppData\Local\Microsoft\BingSvc\BingSvc.exe [144008] [PID.2220] ©
[MD5.C0FB6E2E3601EB3B92A1B1ABA790C8E5] - (.Copyright Microsoft Corporation - Microsoft Photos.) -- C:\Program Files\WindowsApps\Microsoft.Windows.Photos_15.1001.16470.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe [12288] [PID.1228] ©
[MD5.AEEEBFC8B3B0A46EDB4D887EAA25FC26] - (...) -- C:\Program Files\WindowsApps\Microsoft.XboxApp_9.9.28033.0_x64__8wekyb3d8bbwe\XboxApp.exe [12800] [PID.7832]
[MD5.1D45319619579DDA7DE8DE9BB1E3079E] - (.Nicolas Coolman - ZHPDiag.) -- C:\Users\Ricardo\Downloads\ZHPDiag3.exe [1943040] [PID.7724] ©
---\\ Mozilla Firefox, Plugins,Arranque,Pesquisa,Extensões (3) - 0s
P2 - FPN: [HKLM] [@kaspersky.com/content_blocker_663BE84DBCC949E88C7600F63CA7F098] - (.kaspersky.com.) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.2\FFExt\content_blocker@kaspersky.com ©
P2 - FPN: [HKLM] [@kaspersky.com/online_banking_08806E753BE44495B44E90AA2513BDC5] - (.kaspersky.com.) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.2\FFExt\online_banking@kaspersky.com ©
P2 - FPN: [HKLM] [@kaspersky.com/virtual_keyboard_07402848C2F6470194F131B0F3DE025E] - (.kaspersky.com.) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.2\FFExt\virtual_keyboard@kaspersky.com ©
---\\ Internet Explorer, Arranque, Pesquisa, Phishing (17) - 0s
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/
R0 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R3 - URLSearchHook: (no name) - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} Orphean =>.Microsoft Internet Explorer
R4 - HKLM\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,EnabledV9 = 1
R4 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\PhishingFilter,EnabledV9 = 1
---\\ Internet Explorer, Gestão do Proxy (4) - 0s
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
---\\ Análise das linhas, Carregamento Automático de programas (3) - 0s
F2 - REG:system.ini: UserInit=
F2 - REG:system.ini: Shell=C:\WINDOWS\explorer.exe (.Microsoft Corporation.) ©
F2 - REG:system.ini: VMApplet=
---\\ Redireção do ficheiro Hosts (1) - 0s
~ Le fichier hôte est sain (The hosts file is clean) (15520)
---\\ Browser Helper Objects do navegador (6) - 1s
O2 - BHO: Skype for Business Click to Call BHO [64Bits] - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} . (.Microsoft Corporation - Skype for Business.) -- C:\Program Files\Microsoft Office 15\root\office15\ochelper.dll ©
O2 - BHO: VirtualKeyboardBrowserHelperObject [64Bits] - {4A66AD60-A03D-4D01-86F0-5F0F7C0EF1AD} . (.Kaspersky Lab ZAO - Cumulative module contains VK, CB and OB pl.) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.2\IEExt\ie_plugin.dll ©
O2 - BHO: ContentBlockerBrowserHelperObject [64Bits] - {93BC2EA7-2F17-4729-948A-D2E03FFB2412} . (.Kaspersky Lab ZAO - Cumulative module contains VK, CB and OB pl.) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.2\IEExt\ie_plugin.dll ©
O2 - BHO: Safe Money Plugin [64Bits] - {AB379017-4C03-4E00-8EDF-E6D6AF7CCF82} . (.Kaspersky Lab ZAO - Cumulative module contains VK, CB and OB pl.) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.2\IEExt\ie_plugin.dll ©
O2 - BHO: SkypeIEPluginBHO [64Bits] - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} . (.Microsoft Corporation - Skype Click to Call IE Add-on.) -- C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll ©
O2 - BHO: Microsoft SkyDrive Pro Browser Helper [64Bits] - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} . (.Microsoft Corporation - Microsoft OneDrive for Business Extensions.) -- C:\Program Files\Microsoft Office 15\root\office15\grooveex.dll ©
---\\ Aplicações iniciadas por registo & pastas (18) - 1s
O4 - HKLM\..\Run: [Apoint] C:\Program Files (x86)\Apoint\Apoint.exe (.not file.)
O4 - HKLM\..\Run: [IAAnotif] . (.Intel Corporation - Event Monitor User Notification Tool.) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe ©
O4 - HKLM\..\Run: [RtHDVCpl] . (.Realtek Semiconductor - Gerenciador de áudio HD Realtek.) -- C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe ©
O4 - HKLM\..\Run: [Skytel] C:\Program Files\Realtek\Audio\HDA\Skytel.exe (.not file.)
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe (.not file.)
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe (.not file.)
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe (.not file.)
O4 - HKCU\..\Run: [OneDrive] . (.Microsoft Corporation - Microsoft OneDrive.) -- C:\Users\Ricardo\AppData\Local\Microsoft\OneDrive\OneDrive.exe ©
O4 - HKCU\..\Run: [BingSvc] . (.© 2015 Microsoft Corporation - Microsoft Bing Service.) -- C:\Users\Ricardo\AppData\Local\Microsoft\BingSvc\BingSvc.exe ©
O4 - HKCU\..\RunOnce: [Uninstall C:\Users\Ricardo\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64] . (.Microsoft Corporation - Processador de comandos do Windows.) -- C:\Windows\System32\cmd.exe ©
O4 - HKLM\..\Wow6432Node\Run: [SmartWiHelper] . (.Sony Electronics Corporation - SmartWi Helper.) -- C:\Program Files (x86)\Sony\SmartWi Connection Utility\SmartWiHelper.exe
O4 - HKUS\.DEFAULT\..\Run: [SpybotPostWindows10UpgradeReInstall] . (.Safer-Networking Ltd. - Makes sure Spybot 2 is there on Windows 10..) -- C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe ©
O4 - HKUS\S-1-5-18\..\Run: [SpybotPostWindows10UpgradeReInstall] . (.Safer-Networking Ltd. - Makes sure Spybot 2 is there on Windows 10..) -- C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe ©
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] . (.Microsoft Corporation - Microsoft OneDrive Setup.) -- C:\Windows\SysWOW64\OneDriveSetup.exe ©
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] . (.Microsoft Corporation - Microsoft OneDrive Setup.) -- C:\Windows\SysWOW64\OneDriveSetup.exe ©
O4 - HKUS\S-1-5-21-1374575058-863926361-3928563230-1000\..\Run: [OneDrive] . (.Microsoft Corporation - Microsoft OneDrive.) -- C:\Users\Ricardo\AppData\Local\Microsoft\OneDrive\OneDrive.exe ©
O4 - HKUS\S-1-5-21-1374575058-863926361-3928563230-1000\..\Run: [BingSvc] . (.© 2015 Microsoft Corporation - Microsoft Bing Service.) -- C:\Users\Ricardo\AppData\Local\Microsoft\BingSvc\BingSvc.exe ©
O4 - HKUS\S-1-5-21-1374575058-863926361-3928563230-1000\..\RunOnce: [Uninstall C:\Users\Ricardo\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64] . (.Microsoft Corporation - Processador de comandos do Windows.) -- C:\Windows\System32\cmd.exe ©
---\\ Alteração Dominio/Clientes DNS (2) - 0s
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 201.55.232.81 201.55.232.76
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: DhcpNameServer = 201.55.232.81 201.55.232.76
---\\ Protocolo adicional (23) - 1s
O18 - Handler: about [64Bits] - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visualizador de HTML da Microsoft (R).) -- C:\Windows\SysWOW64\mshtml.dll ©
O18 - Handler: cdl [64Bits] - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} . (.Microsoft Corporation - Extensões OLE32 para Win32.) -- C:\Windows\SysWOW64\urlmon.dll ©
O18 - Handler: dvd [64Bits] - {12D51199-0DB5-46FE-A120-47A3D7D937CC} . (.Microsoft Corporation - Controle ActiveX para streaming de vídeo.) -- C:\Windows\SysWOW64\MSVidCtl.dll ©
O18 - Handler: file [64Bits] - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensões OLE32 para Win32.) -- C:\Windows\SysWOW64\urlmon.dll ©
O18 - Handler: ftp [64Bits] - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensões OLE32 para Win32.) -- C:\Windows\SysWOW64\urlmon.dll ©
O18 - Handler: http [64Bits] - {79eac9e2-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensões OLE32 para Win32.) -- C:\Windows\SysWOW64\urlmon.dll ©
O18 - Handler: https [64Bits] - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensões OLE32 para Win32.) -- C:\Windows\SysWOW64\urlmon.dll ©
O18 - Handler: its [64Bits] - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\SysWOW64\itss.dll ©
O18 - Handler: javascript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visualizador de HTML da Microsoft (R).) -- C:\Windows\SysWOW64\mshtml.dll ©
O18 - Handler: local [64Bits] - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensões OLE32 para Win32.) -- C:\Windows\SysWOW64\urlmon.dll ©
O18 - Handler: mailto [64Bits] - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visualizador de HTML da Microsoft (R).) -- C:\Windows\SysWOW64\mshtml.dll ©
O18 - Handler: mhtml [64Bits] - {05300401-BCBC-11d0-85E3-00C04FD85AB4} . (.Microsoft Corporation - Microsoft Internet Messaging API Resources.) -- C:\Windows\SysWOW64\inetcomm.dll ©
O18 - Handler: mk [64Bits] - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensões OLE32 para Win32.) -- C:\Windows\SysWOW64\urlmon.dll ©
O18 - Handler: ms-its [64Bits] - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\SysWOW64\itss.dll ©
O18 - Handler: osf [64Bits] - {D924BDC6-C83A-4BD5-90D0-095128A113D1} . (.Microsoft Corporation - Microsoft Office 2013 component.) -- C:\Program Files\Microsoft Office 15\root\office15\MSOSB.DLL ©
O18 - Handler: res [64Bits] - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visualizador de HTML da Microsoft (R).) -- C:\Windows\SysWOW64\mshtml.dll ©
O18 - Handler: skypec2c [64Bits] - {91774881-D725-4E58-B298-07617B9B86A8} . (.Microsoft Corporation - Skype Click to Call IE Add-on.) -- C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll ©
O18 - Handler: tbauth [64Bits] - {14654CA6-5711-491D-B89A-58E571679951} . (.Microsoft Corporation - TBAuth protocol handler.) -- C:\Windows\SysWOW64\tbauth.dll ©
O18 - Handler: tv [64Bits] - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} . (.Microsoft Corporation - Controle ActiveX para streaming de vídeo.) -- C:\Windows\SysWOW64\MSVidCtl.dll ©
O18 - Handler: vbscript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visualizador de HTML da Microsoft (R).) -- C:\Windows\SysWOW64\mshtml.dll ©
O18 - Filter: application/octet-stream [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\SysWOW64\mscoree.dll ©
O18 - Filter: application/x-complus [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\SysWOW64\mscoree.dll ©
O18 - Filter: application/x-msdownload [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\SysWOW64\mscoree.dll ©
---\\ Serviços NT não Microsoft e não desativados (2) - 1s
O23 - Service: Serviço do Kaspersky Anti-Virus 15.0.2 (AVP15.0.2) . (.Kaspersky Lab ZAO - Kaspersky Anti-Virus.) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.2\avp.exe ©
O23 - Service: McAfee Service Controller (mfemms) . (...) - C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe (.not file.)
---\\ Software instalados (17) - 5s
O42 - Logiciel: Intel(R) Graphics Media Accelerator Driver - (.Intel Corporation.) [HKLM][64Bits] -- HDMI ©
O42 - Logiciel: Office 15 Click-to-Run Licensing Component - (.Microsoft Corporation.) [HKLM][64Bits] -- {90150000-008F-0000-1000-0000000FF1CE} ©
O42 - Logiciel: Intel® Matrix Storage Manager - (.Intel Corporation.) [HKLM][64Bits] -- {9068B2BE-D93A-4C0A-861C-5E35E2C0E09E} ©
O42 - Logiciel: Alps Pointing-device for VAIO - (.ALPS ELECTRIC CO., LTD..) [HKLM][64Bits] -- {9F72EF8B-AEC9-4CA5-B483-143980AFD6FD} ©
O42 - Logiciel: Battle.net - (.Blizzard Entertainment.) [HKLM][64Bits] -- Battle.net ©
O42 - Logiciel: Kaspersky Total Security - (.Kaspersky Lab.) [HKLM][64Bits] -- InstallWIX_{02FECEE0-16B2-43DB-BC3B-C844477FC142} ©
O42 - Logiciel: LG PC Suite - (.LG Electronics.) [HKLM][64Bits] -- LG PC Suite ©
O42 - Logiciel: World of Warcraft - (.Blizzard Entertainment.) [HKLM][64Bits] -- World of Warcraft ©
O42 - Logiciel: Kaspersky Total Security - (.Kaspersky Lab.) [HKLM][64Bits] -- {02FECEE0-16B2-43DB-BC3B-C844477FC142} ©
O42 - Logiciel: Atheros Client Installation Program - (.Atheros.) [HKLM][64Bits] -- {28006915-2739-4EBE-B5E8-49B25D32EB33} ©
O42 - Logiciel: LG United Mobile Drivers - (.LG Electronics.) [HKLM][64Bits] -- {4DE95ED9-0A29-4C4F-8463-35857CF9BA36} ©
O42 - Logiciel: Skype™ 7.8 - (.Skype Technologies S.A..) [HKLM][64Bits] -- {6A0549A9-1B96-498C-ACBC-3943001FEB19} ©
O42 - Logiciel: Skype Click to Call - (.Microsoft Corporation.) [HKLM][64Bits] -- {6D1221A9-17BF-4EC0-81F2-27D30EC30701} ©
O42 - Logiciel: Office 15 Click-to-Run Extensibility Component - (.Microsoft Corporation.) [HKLM][64Bits] -- {90150000-008C-0000-0000-0000000FF1CE} ©
O42 - Logiciel: Office 15 Click-to-Run Localization Component - (.Microsoft Corporation.) [HKLM][64Bits] -- {90150000-008C-0416-0000-0000000FF1CE} ©
O42 - Logiciel: SmartWi Connection Utility - (.Sony.) [HKLM][64Bits] -- {9B5F85CA-90D4-4AFC-BB37-32477FD0D2B9} ©
O42 - Logiciel: Realtek High Definition Audio Driver - (.Realtek Semiconductor Corp..) [HKLM][64Bits] -- {F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC} ©
---\\ Ponto de restauro do sistema (54) - 5s
HKLM\SOFTWARE\Wow6432Node\Atheros
HKLM\SOFTWARE\Wow6432Node\Blizzard Entertainment
HKLM\SOFTWARE\Wow6432Node\Google
HKLM\SOFTWARE\Wow6432Node\IM Providers
HKLM\SOFTWARE\Wow6432Node\InstallShield
HKLM\SOFTWARE\Wow6432Node\Intel
HKLM\SOFTWARE\Wow6432Node\KasperskyLab
HKLM\SOFTWARE\Wow6432Node\LG Electronics
HKLM\SOFTWARE\Wow6432Node\Macromedia
HKLM\SOFTWARE\Wow6432Node\McAfee
HKLM\SOFTWARE\Wow6432Node\McAfee.com
HKLM\SOFTWARE\Wow6432Node\McAfeeRiskScan
HKLM\SOFTWARE\Wow6432Node\Mozilla
HKLM\SOFTWARE\Wow6432Node\MozillaPlugins
HKLM\SOFTWARE\Wow6432Node\Nuance
HKLM\SOFTWARE\Wow6432Node\ODBC
HKLM\SOFTWARE\Wow6432Node\Realtek
HKLM\SOFTWARE\Wow6432Node\Realtek Semiconductor Corp.
HKLM\SOFTWARE\Wow6432Node\Safer Networking Limited
HKLM\SOFTWARE\Wow6432Node\Skype
HKLM\SOFTWARE\Wow6432Node\Sony
HKLM\SOFTWARE\Wow6432Node\Sony Corporation
HKLM\SOFTWARE\Wow6432Node\SRS Labs
HKLM\SOFTWARE\Wow6432Node\SuppHelpDir
HKLM\SOFTWARE\Wow6432Node\RegisteredApplications
HKCU\SOFTWARE\Alps
HKCU\SOFTWARE\AppDataLow
HKCU\SOFTWARE\ArcSoft
HKCU\SOFTWARE\AVAST Software
HKCU\SOFTWARE\Blizzard Entertainment
HKCU\SOFTWARE\ESET
HKCU\SOFTWARE\Google
HKCU\SOFTWARE\IM Providers
HKCU\SOFTWARE\Intel
HKCU\SOFTWARE\KasperskyLab
HKCU\SOFTWARE\LG Electronics
HKCU\SOFTWARE\Local AppWizard-Generated Applications
HKCU\SOFTWARE\LowRegistry
HKCU\SOFTWARE\Macromedia
HKCU\SOFTWARE\McAfeeInstaller
HKCU\SOFTWARE\Mine
HKCU\SOFTWARE\MozillaPlugins
HKCU\SOFTWARE\Netscape
HKCU\SOFTWARE\ODBC
HKCU\SOFTWARE\Realtek
HKCU\SOFTWARE\RegisteredApplications
HKCU\SOFTWARE\Safer Networking Limited
HKCU\SOFTWARE\Skype
HKCU\SOFTWARE\Sony
HKCU\SOFTWARE\Sony Corporation
HKCU\SOFTWARE\Trolltech
HKCU\SOFTWARE\Wow6432Node
HKCU\SOFTWARE\ZebHelpProcess Helper
HKCU\SOFTWARE\AppDataLow\Software
---\\ Conteúdo das pastas Programs (124) - 7s
O43 - CFD: 2015/08/14 22:32:20 - [] AD -- C:\Program Files (x86)\Atheros
O43 - CFD: 2015/10/11 10:40:33 - [] AD -- C:\Program Files (x86)\Battle.net
O43 - CFD: 2015/08/22 21:57:00 - [] D -- C:\Program Files (x86)\Common Files
O43 - CFD: 2015/08/20 22:48:43 - [] D -- C:\Program Files (x86)\Google
O43 - CFD: 2015/10/10 12:39:23 - [] HD -- C:\Program Files (x86)\InstallShield Installation Information
O43 - CFD: 2015/08/14 22:09:03 - [] D -- C:\Program Files (x86)\Intel
O43 - CFD: 2015/08/19 21:39:40 - [] D -- C:\Program Files (x86)\Internet Explorer
O43 - CFD: 2015/09/17 21:13:31 - [] D -- C:\Program Files (x86)\Kaspersky Lab
O43 - CFD: 2015/09/10 19:06:25 - [] D -- C:\Program Files (x86)\LG Electronics
O43 - CFD: 2015/08/20 23:19:06 - [] D -- C:\Program Files (x86)\Microsoft Office
O43 - CFD: 2015/08/20 23:27:53 - [] D -- C:\Program Files (x86)\Microsoft.NET
O43 - CFD: 2015/08/19 21:31:32 - [] D -- C:\Program Files (x86)\MSBuild
O43 - CFD: 2015/08/14 22:10:10 - [] D -- C:\Program Files (x86)\Realtek
O43 - CFD: 2015/08/19 21:31:32 - [] D -- C:\Program Files (x86)\Reference Assemblies
O43 - CFD: 2015/08/19 23:24:04 - [] RD -- C:\Program Files (x86)\Skype
O43 - CFD: 2015/08/14 22:11:50 - [] D -- C:\Program Files (x86)\Sony
O43 - CFD: 2015/10/08 21:50:58 - [] AD -- C:\Program Files (x86)\Spybot - Search & Destroy 2
O43 - CFD: 2015/08/14 22:10:34 - [0] HD -- C:\Program Files (x86)\Temp
O43 - CFD: 2009/07/14 01:57:06 - [0] HD -- C:\Program Files (x86)\Uninstall Information
O43 - CFD: 2015/08/20 21:33:35 - [] D -- C:\Program Files (x86)\Windows Defender
O43 - CFD: 2015/08/19 21:55:47 - [] D -- C:\Program Files (x86)\Windows Mail
O43 - CFD: 2015/08/20 21:33:35 - [] D -- C:\Program Files (x86)\Windows Media Player
O43 - CFD: 2015/07/10 08:04:26 - [] D -- C:\Program Files (x86)\Windows Multimedia Platform
O43 - CFD: 2015/07/10 08:04:22 - [] D -- C:\Program Files (x86)\Windows NT
O43 - CFD: 2015/08/20 21:33:35 - [] D -- C:\Program Files (x86)\Windows Photo Viewer
O43 - CFD: 2015/07/10 08:04:26 - [] D -- C:\Program Files (x86)\Windows Portable Devices
O43 - CFD: 2015/08/19 21:55:47 - [] SHD -- C:\Program Files (x86)\Windows Sidebar
O43 - CFD: 2015/07/10 08:04:22 - [] SD -- C:\Program Files (x86)\WindowsPowerShell
O43 - CFD: 2015/09/20 11:04:52 - [] AD -- C:\Program Files (x86)\World of Warcraft
O43 - CFD: 2015/07/10 08:04:26 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessibility
O43 - CFD: 2015/08/19 21:58:19 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
O43 - CFD: 2015/07/10 08:04:26 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools
O43 - CFD: 2015/08/19 21:58:19 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battle.net
O43 - CFD: 2009/07/14 01:57:12 - [0] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
O43 - CFD: 2015/08/19 21:58:19 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel® Matrix Storage Manager
O43 - CFD: 2015/09/17 21:14:42 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Total Security
O43 - CFD: 2015/09/10 19:07:19 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LG PC Suite
O43 - CFD: 2015/07/10 08:04:26 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance
O43 - CFD: 2015/10/08 21:58:26 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
O43 - CFD: 2015/08/19 23:18:03 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
O43 - CFD: 2015/08/19 21:58:19 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SmartWi Connection Utility
O43 - CFD: 2015/07/10 08:04:26 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StartUp
O43 - CFD: 2015/07/10 08:04:26 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools
O43 - CFD: 2015/07/10 13:48:51 - [0] RHD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tablet PC
O43 - CFD: 2015/08/19 21:58:19 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\World of Warcraft
O43 - CFD: 2015/07/10 09:21:38 - [0] SHD -- C:\ProgramData\Application Data
O43 - CFD: 2015/08/25 21:21:11 - [] D -- C:\ProgramData\ArcSoft
O43 - CFD: 2015/08/14 22:32:38 - [] D -- C:\ProgramData\Atheros
O43 - CFD: 2015/08/23 20:36:17 - [] D -- C:\ProgramData\AVAST Software
O43 - CFD: 2015/08/14 23:28:33 - [] D -- C:\ProgramData\Battle.net
O43 - CFD: 2015/08/14 23:31:51 - [] D -- C:\ProgramData\Blizzard Entertainment
O43 - CFD: 2015/07/10 08:04:22 - [0] D -- C:\ProgramData\Comms
O43 - CFD: 2015/08/14 21:00:30 - [0] SHD -- C:\ProgramData\Dados de aplicativos
O43 - CFD: 2015/07/10 09:21:38 - [0] SHD -- C:\ProgramData\Desktop
O43 - CFD: 2015/08/14 21:00:30 - [0] SHD -- C:\ProgramData\Documentos
O43 - CFD: 2015/07/10 09:21:38 - [0] SHD -- C:\ProgramData\Documents
O43 - CFD: 2015/08/14 21:00:30 - [0] SHD -- C:\ProgramData\Favoritos
O43 - CFD: 2015/10/11 10:44:30 - [] D -- C:\ProgramData\Kaspersky Lab
O43 - CFD: 2015/08/22 22:00:38 - [] D -- C:\ProgramData\McAfee
O43 - CFD: 2015/08/14 21:00:30 - [0] SHD -- C:\ProgramData\Menu Iniciar
O43 - CFD: 2015/09/06 23:52:27 - [] SD -- C:\ProgramData\Microsoft
O43 - CFD: 2015/08/19 22:18:09 - [] D -- C:\ProgramData\Microsoft OneDrive
O43 - CFD: 2015/08/14 21:00:30 - [0] SHD -- C:\ProgramData\Modelos
O43 - CFD: 2015/09/25 13:23:57 - [] AD -- C:\ProgramData\regid.1991-06.com.microsoft
O43 - CFD: 2015/08/19 23:18:10 - [] D -- C:\ProgramData\Skype
O43 - CFD: 2015/07/10 08:04:22 - [0] D -- C:\ProgramData\SoftwareDistribution
O43 - CFD: 2015/08/14 22:43:00 - [] D -- C:\ProgramData\Sony Corporation
O43 - CFD: 2015/09/07 14:35:35 - [] D -- C:\ProgramData\Spybot - Search & Destroy
O43 - CFD: 2015/07/10 09:21:38 - [0] SHD -- C:\ProgramData\Start Menu
O43 - CFD: 2015/07/10 09:21:38 - [0] SHD -- C:\ProgramData\Templates
O43 - CFD: 2015/07/10 09:22:45 - [] D -- C:\ProgramData\USOPrivate
O43 - CFD: 2015/07/10 09:22:45 - [] D -- C:\ProgramData\USOShared
O43 - CFD: 2015/10/10 12:39:30 - [] D -- C:\Program Files (x86)\Common Files\ArcSoft
O43 - CFD: 2015/08/20 23:28:08 - [] AD -- C:\Program Files (x86)\Common Files\DESIGNER
O43 - CFD: 2015/08/14 22:10:06 - [] D -- C:\Program Files (x86)\Common Files\InstallShield
O43 - CFD: 2015/08/22 21:57:00 - [] D -- C:\Program Files (x86)\Common Files\McAfee
O43 - CFD: 2015/08/29 18:42:29 - [] AD -- C:\Program Files (x86)\Common Files\Microsoft Shared
O43 - CFD: 2015/07/10 08:04:26 - [] D -- C:\Program Files (x86)\Common Files\Services
O43 - CFD: 2015/08/19 23:18:01 - [] AD -- C:\Program Files (x86)\Common Files\Skype
O43 - CFD: 2015/08/19 21:55:47 - [] D -- C:\Program Files (x86)\Common Files\SpeechEngines
O43 - CFD: 2015/07/10 13:36:39 - [] D -- C:\Program Files (x86)\Common Files\System
O43 - CFD: 2015/08/16 06:48:37 - [] D -- C:\Users\Ricardo\AppData\Roaming\Adobe
O43 - CFD: 2015/08/14 22:24:41 - [] D -- C:\Users\Ricardo\AppData\Roaming\ArcSoft
O43 - CFD: 2015/08/15 16:10:16 - [] D -- C:\Users\Ricardo\AppData\Roaming\Battle.net
O43 - CFD: 2015/09/17 20:42:10 - [] D -- C:\Users\Ricardo\AppData\Roaming\ESET
O43 - CFD: 2015/08/14 21:01:02 - [] D -- C:\Users\Ricardo\AppData\Roaming\Identities
O43 - CFD: 2015/08/14 22:08:54 - [] D -- C:\Users\Ricardo\AppData\Roaming\InstallShield
O43 - CFD: 2015/09/10 19:26:12 - [] D -- C:\Users\Ricardo\AppData\Roaming\LG Electronics
O43 - CFD: 2015/08/19 22:43:56 - [] D -- C:\Users\Ricardo\AppData\Roaming\Macromedia
O43 - CFD: 2015/08/29 20:04:02 - [] SD -- C:\Users\Ricardo\AppData\Roaming\Microsoft
O43 - CFD: 2015/09/10 19:32:13 - [] D -- C:\Users\Ricardo\AppData\Roaming\ML
O43 - CFD: 2015/08/23 20:46:31 - [] D -- C:\Users\Ricardo\AppData\Roaming\Skype
O43 - CFD: 2015/10/11 10:55:16 - [] D -- C:\Users\Ricardo\AppData\Roaming\ZHP
O43 - CFD: 2015/08/14 21:13:30 - [] D -- C:\Users\Ricardo\AppData\Local\Apps
O43 - CFD: 2015/08/14 22:03:03 - [] D -- C:\Users\Ricardo\AppData\Local\ArcSoft
O43 - CFD: 2015/10/11 10:42:00 - [] D -- C:\Users\Ricardo\AppData\Local\Battle.net
O43 - CFD: 2015/08/14 23:32:17 - [] D -- C:\Users\Ricardo\AppData\Local\Blizzard Entertainment
O43 - CFD: 2015/08/19 23:01:03 - [] D -- C:\Users\Ricardo\AppData\Local\Comms
O43 - CFD: 2015/08/19 21:53:44 - [0] SHD -- C:\Users\Ricardo\AppData\Local\Dados de Aplicativos
O43 - CFD: 2015/10/10 19:26:06 - [] D -- C:\Users\Ricardo\AppData\Local\Diagnostics
O43 - CFD: 2015/09/19 16:17:14 - [0] D -- C:\Users\Ricardo\AppData\Local\ElevatedDiagnostics
O43 - CFD: 2015/08/20 22:48:15 - [] D -- C:\Users\Ricardo\AppData\Local\Google
O43 - CFD: 2015/08/16 22:40:12 - [] D -- C:\Users\Ricardo\AppData\Local\GWX
O43 - CFD: 2015/08/19 21:53:44 - [0] SHD -- C:\Users\Ricardo\AppData\Local\Histórico
O43 - CFD: 2015/09/10 19:07:17 - [] D -- C:\Users\Ricardo\AppData\Local\LG Electronics
O43 - CFD: 2015/10/10 19:25:53 - [] D -- C:\Users\Ricardo\AppData\Local\Microsoft
O43 - CFD: 2015/08/19 22:43:27 - [] D -- C:\Users\Ricardo\AppData\Local\MicrosoftEdge
O43 - CFD: 2015/08/19 22:28:36 - [0] D -- C:\Users\Ricardo\AppData\Local\NetworkTiles
O43 - CFD: 2015/10/10 17:59:12 - [] D -- C:\Users\Ricardo\AppData\Local\Packages
O43 - CFD: 2015/09/06 23:51:12 - [] D -- C:\Users\Ricardo\AppData\Local\Programs
O43 - CFD: 2015/08/19 22:15:45 - [] D -- C:\Users\Ricardo\AppData\Local\Publishers
O43 - CFD: 2015/08/19 23:18:24 - [] D -- C:\Users\Ricardo\AppData\Local\Skype
O43 - CFD: 2015/08/20 20:34:13 - [] D -- C:\Users\Ricardo\AppData\Local\speech
O43 - CFD: 2015/10/11 10:54:25 - [] AD -- C:\Users\Ricardo\AppData\Local\Temp
O43 - CFD: 2015/08/19 21:53:44 - [0] SHD -- C:\Users\Ricardo\AppData\Local\Temporary Internet Files
O43 - CFD: 2015/08/19 22:13:34 - [] D -- C:\Users\Ricardo\AppData\Local\TileDataLayer
O43 - CFD: 2015/08/20 23:17:06 - [] D -- C:\Users\Ricardo\AppData\Local\VirtualStore
O43 - CFD: 2015/07/10 08:04:26 - [] RD -- C:\Users\Ricardo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
O43 - CFD: 2015/08/19 22:13:35 - [] RD -- C:\Users\Ricardo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
O43 - CFD: 2015/08/27 18:03:39 - [] RD -- C:\Users\Ricardo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
O43 - CFD: 2015/07/10 08:04:26 - [] D -- C:\Users\Ricardo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
O43 - CFD: 2015/08/27 18:03:39 - [] RD -- C:\Users\Ricardo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
O43 - CFD: 2015/07/10 08:04:26 - [] RD -- C:\Users\Ricardo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
O43 - CFD: 2015/07/10 08:04:45 - [] RSD -- C:\Users\Ricardo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell
---\\ Softwares de proteçao do sistema (Supérfluo) (8) - 0s
O106 - SIOI: ErrorOverlayHandler Class [ OneDrive1] - {BBACC218-34EA-4666-9D7A-C78F2274A524}. (.Microsoft Corporation - Microsoft OneDrive Shell Extension.) -- C:\Users\Ricardo\AppData\Local\Microsoft\OneDrive\17.3.5951.0827\FileSyncShell.dll ©
O106 - SIOI: SharedOverlayHandler Class [ OneDrive2] - {5AB7172C-9C11-405C-8DD5-AF20F3606282}. (.Microsoft Corporation - Microsoft OneDrive Shell Extension.) -- C:\Users\Ricardo\AppData\Local\Microsoft\OneDrive\17.3.5951.0827\FileSyncShell.dll ©
O106 - SIOI: SharedSyncingOverlayHandler Class [ OneDrive3] - {A78ED123-AB77-406B-9962-2A5D9D2F7F30}. (.Microsoft Corporation - Microsoft OneDrive Shell Extension.) -- C:\Users\Ricardo\AppData\Local\Microsoft\OneDrive\17.3.5951.0827\FileSyncShell.dll ©
O106 - SIOI: UpToDateOverlayHandler Class [ OneDrive4] - {F241C880-6982-4CE5-8CF7-7085BA96DA5A}. (.Microsoft Corporation - Microsoft OneDrive Shell Extension.) -- C:\Users\Ricardo\AppData\Local\Microsoft\OneDrive\17.3.5951.0827\FileSyncShell.dll ©
O106 - SIOI: SyncingOverlayHandler Class [ OneDrive5] - {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}. (.Microsoft Corporation - Microsoft OneDrive Shell Extension.) -- C:\Users\Ricardo\AppData\Local\Microsoft\OneDrive\17.3.5951.0827\FileSyncShell.dll ©
O106 - SIOI: Microsoft SkyDrive Pro Icon Overlay 1 (ErrorConflict) [ SkyDrivePro1 (ErrorConflict)] - {8BA85C75-763B-4103-94EB-9470F12FE0F7}. (.Microsoft Corporation - Microsoft OneDrive for Business Extensions.) -- C:\Program Files\Microsoft Office 15\root\office15\grooveex.dll ©
O106 - SIOI: Microsoft SkyDrive Pro Icon Overlay 2 (SyncInProgress) [ SkyDrivePro2 (SyncInProgress)] - {CD55129A-B1A1-438E-A425-CEBC7DC684EE}. (.Microsoft Corporation - Microsoft OneDrive for Business Extensions.) -- C:\Program Files\Microsoft Office 15\root\office15\grooveex.dll ©
O106 - SIOI: Microsoft SkyDrive Pro Icon Overlay 3 (InSync) [ SkyDrivePro3 (InSync)] - {E768CD3B-BDDC-436D-9C13-E1B39CA257B1}. (.Microsoft Corporation - Microsoft OneDrive for Business Extensions.) -- C:\Program Files\Microsoft Office 15\root\office15\grooveex.dll ©
---\\ Lista dos drivers do sistema (65) - 14s
O58 - SDL:2015/07/10 07:59:38 A . (.LSI - LSI 3ware SCSI Storport Driver.) -- C:\WINDOWS\System32\drivers\3ware.sys [107360] ©
O58 - SDL:2015/07/10 07:59:38 A . (.PMC-Sierra - PMC-Sierra Storport Driver For SPC8x6G SAS.) -- C:\WINDOWS\System32\drivers\adp80xx.sys [1135456] ©
O58 - SDL:2015/07/10 07:59:38 A . (.Advanced Micro Devices - AHCI 1.3 Device Driver.) -- C:\WINDOWS\System32\drivers\amdsata.sys [83296] ©
O58 - SDL:2015/07/10 07:59:38 A . (.AMD Technologies Inc. - AMD Technology AHCI Compatible Controller D.) -- C:\WINDOWS\System32\drivers\amdsbs.sys [259424] ©
O58 - SDL:2015/07/10 07:59:38 A . (.Advanced Micro Devices - Storage Filter Driver.) -- C:\WINDOWS\System32\drivers\amdxata.sys [26976] ©
O58 - SDL:2009/09/10 11:47:42 A . (.Alps Electric Co., Ltd. - Alps Touch Pad Driver.) -- C:\WINDOWS\System32\drivers\Apfiltr.sys [250928] ©
O58 - SDL:2015/07/10 07:59:38 A . (.PMC-Sierra, Inc. - Adaptec SAS RAID WS03 Driver.) -- C:\WINDOWS\System32\drivers\arcsas.sys [131936] ©
O58 - SDL:2009/10/05 08:34:00 A . (.Atheros Communications, Inc. - Atheros Extensible Wireless LAN device driv.) -- C:\WINDOWS\System32\drivers\athrx.sys [1542656] ©
O58 - SDL:2015/07/10 07:59:38 A . (.Windows (R) Win 7 DDK provider - BCM Function 2 Device Driver.) -- C:\WINDOWS\System32\drivers\bcmfn2.sys [17624] ©
O58 - SDL:2015/07/10 07:59:38 A . (.Broadcom Corporation - Broadcom NetXtreme II GigE VBD.) -- C:\WINDOWS\System32\drivers\bxvbda.sys [531296] ©
O58 - SDL:2015/07/02 18:55:56 A . (.Kaspersky Lab UK Ltd - Cryptographic Module.) -- C:\WINDOWS\System32\drivers\cm_km_w.sys [247016] ©
O58 - SDL:2015/07/10 07:59:38 A . (.QLogic Corporation - QLogic 10 GigE VBD.) -- C:\WINDOWS\System32\drivers\evbda.sys [3436896] ©
O58 - SDL:2015/07/10 07:59:38 A . (.Hewlett-Packard Company - Smart Array SAS/SATA Controller Media Drive.) -- C:\WINDOWS\System32\drivers\HpSAMD.sys [64352] ©
O58 - SDL:2015/07/10 07:59:36 A . (.Intel Corporation - Intel(R) Serial IO GPIO Controller Driver.) -- C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys [38128] ©
O58 - SDL:2015/07/10 07:59:36 A . (.Intel Corporation - Intel(R) Serial IO I2C Controller Driver.) -- C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys [122608] ©
O58 - SDL:2009/06/04 18:54:36 A . (.Intel Corporation - Intel Matrix Storage Manager driver - x64.) -- C:\WINDOWS\System32\drivers\iaStor.sys [408600] ©
O58 - SDL:2015/07/10 07:59:38 A . (.Intel Corporation - Intel(R) Rapid Storage Technology driver (i.) -- C:\WINDOWS\System32\drivers\iaStorAV.sys [673120] ©
O58 - SDL:2015/07/10 07:59:38 A . (.Intel Corporation - Intel Matrix Storage Manager driver - x64.) -- C:\WINDOWS\System32\drivers\iaStorV.sys [412000] ©
O58 - SDL:2015/07/10 07:59:39 A . (.Mellanox - InfiniBand Fabric Bus Driver.) -- C:\WINDOWS\System32\drivers\ibbus.sys [424800] ©
O58 - SDL:2012/03/23 18:13:28 A . (.Intel Corporation - Intel Graphics Kernel Mode Driver.) -- C:\WINDOWS\System32\drivers\igdkmd64.sys [10627744] ©
O58 - SDL:2015/08/14 22:50:23 A . (.Intel(R) Corporation - Intel(R) High Definition Audio HDMI.) -- C:\WINDOWS\System32\drivers\IntcHdmi.sys [139264] ©
O58 - SDL:2015/07/02 18:55:56 A . (.Kaspersky Lab ZAO - Kaspersky Unified Driver.) -- C:\WINDOWS\System32\drivers\kl1.sys [478392] ©
O58 - SDL:2015/07/02 18:55:56 A . (.Kaspersky Lab ZAO - Virtual Disk fre_wnet_x64.) -- C:\WINDOWS\System32\drivers\kldisk.sys [64368] ©
O58 - SDL:2012/07/27 17:38:24 A . (.Kaspersky Lab - Klelam Mini-Filter [fre_win8_x64].) -- C:\WINDOWS\System32\drivers\klelam.sys [29616] ©
O58 - SDL:2015/07/02 18:55:56 A . (.Kaspersky Lab ZAO - Filter Core [fre_win8_x64].) -- C:\WINDOWS\System32\drivers\klflt.sys [159960] ©
O58 - SDL:2015/07/02 18:55:56 A . (.Kaspersky Lab ZAO - KLHK [fre_win8_x64].) -- C:\WINDOWS\System32\drivers\klhk.sys [226480] ©
O58 - SDL:2015/10/06 14:11:55 A . (.Kaspersky Lab ZAO - Klif Mini-Filter [fre_win8_x64].) -- C:\WINDOWS\System32\drivers\klif.sys [817848] ©
O58 - SDL:2015/07/02 18:55:56 A . (.Kaspersky Lab ZAO - Kaspersky Lab Intermediate Network Driver [.) -- C:\WINDOWS\System32\drivers\klim6.sys [39792] ©
O58 - SDL:2015/07/02 18:55:56 A . (.Kaspersky Lab ZAO - KLKBDFLT Keyboard Device Filter [fre_win8_x.) -- C:\WINDOWS\System32\drivers\klkbdflt.sys [40304] ©
O58 - SDL:2015/07/02 18:55:56 A . (.Kaspersky Lab ZAO - KLMOUFLT Mouse Device Filter [fre_win8_x64].) -- C:\WINDOWS\System32\drivers\klmouflt.sys [39792] ©
O58 - SDL:2015/07/02 18:55:58 A . (.Kaspersky Lab ZAO - KLPD [fre_wnet_x64].) -- C:\WINDOWS\System32\drivers\klpd.sys [24944] ©
O58 - SDL:2015/07/02 18:55:58 A . (.Kaspersky Lab ZAO - Network filtering component [fre_win8_x64].) -- C:\WINDOWS\System32\drivers\klwfp.sys [77680] ©
O58 - SDL:2015/07/02 18:55:58 A . (.Kaspersky Lab ZAO - Network filtering component.) -- C:\WINDOWS\System32\drivers\klwtp.sys [85360] ©
O58 - SDL:2015/10/06 14:11:57 A . (.Kaspersky Lab ZAO - KNEPS Power [fre_wnet_amd64].) -- C:\WINDOWS\System32\drivers\kneps.sys [190648] ©
O58 - SDL:2015/01/21 13:55:54 A . (.LG Electronics Inc. - LGE AndroidNet Driver.) -- C:\WINDOWS\System32\drivers\lgandnetbus64.sys [20992] ©
O58 - SDL:2015/01/26 09:22:42 A . (.LG Electronics Inc. - LGE AndroidNet Driver.) -- C:\WINDOWS\System32\drivers\lgandnetdiag64.sys [30720] ©
O58 - SDL:2015/01/26 09:23:56 A . (.LG Electronics Inc. - LGE AndroidNet Driver.) -- C:\WINDOWS\System32\drivers\lgandnetmodem64.sys [37376] ©
O58 - SDL:2015/07/10 07:59:38 A . (.LSI Corporation - LSI Fusion-MPT SAS Driver (StorPort).) -- C:\WINDOWS\System32\drivers\lsi_sas.sys [108896] ©
O58 - SDL:2015/07/10 07:59:38 A . (.LSI Corporation - LSI SAS Gen2 Driver (StorPort).) -- C:\WINDOWS\System32\drivers\lsi_sas2i.sys [104800] ©
O58 - SDL:2015/07/10 07:59:38 A . (.Avago Technologies - Avago SAS Gen3 Driver (StorPort).) -- C:\WINDOWS\System32\drivers\lsi_sas3i.sys [99168] ©
O58 - SDL:2015/07/10 07:59:38 A . (.LSI Corporation - LSI SSS PCIe/Flash Driver (StorPort).) -- C:\WINDOWS\System32\drivers\lsi_sss.sys [82784] ©
O58 - SDL:2015/07/10 07:59:39 A . (.Avago Technologies - MEGASAS RAID Controller Driver for Windows.) -- C:\WINDOWS\System32\drivers\megasas.sys [59744] ©
O58 - SDL:2015/07/10 07:59:39 A . (.LSI Corporation, Inc. - LSI MegaRAID Software RAID Driver.) -- C:\WINDOWS\System32\drivers\megasr.sys [575840] ©
O58 - SDL:2015/07/10 07:59:39 A . (.Mellanox - MLX4 Bus Driver.) -- C:\WINDOWS\System32\drivers\mlx4_bus.sys [705376] ©
O58 - SDL:2015/07/10 07:59:39 A . (.Marvell Semiconductor, Inc. - Marvell Flash Controller Driver.) -- C:\WINDOWS\System32\drivers\mvumis.sys [63840] ©
O58 - SDL:2015/07/10 07:59:39 A . (.Mellanox - NetworkDirect Support Filter Driver.) -- C:\WINDOWS\System32\drivers\ndfltr.sys [76128] ©
O58 - SDL:2015/07/10 07:59:39 A . (.NVIDIA Corporation - NVIDIA® nForce(TM) RAID Driver.) -- C:\WINDOWS\System32\drivers\nvraid.sys [150368] ©
O58 - SDL:2015/07/10 07:59:39 A . (.NVIDIA Corporation - NVIDIA® nForce(TM) Sata Performance Driver.) -- C:\WINDOWS\System32\drivers\nvstor.sys [166240] ©
O58 - SDL:2015/07/10 07:59:39 A . (.LSI Corporation - MEGASAS RAID Controller Driver for Windows.) -- C:\WINDOWS\System32\drivers\percsas2i.sys [58208] ©
O58 - SDL:2015/07/10 07:59:39 A . (.Avago Technologies - MEGASAS RAID Controller Driver for Windows.) -- C:\WINDOWS\System32\drivers\percsas3i.sys [58720] ©
O58 - SDL:2015/06/24 22:57:00 A . (.Realtek Semiconductor Corp. - Realtek(r) High Definition Audio Function D.) -- C:\WINDOWS\System32\drivers\RTKVHD64.sys [4504320] ©
O58 - SDL:2007/08/03 05:35:54 A . (.Sony Corporation - Sony Firmware Extension Parser driver.) -- C:\WINDOWS\System32\drivers\SFEP.sys [11392] ©
O58 - SDL:2015/07/10 07:59:39 A . (.Silicon Integrated Systems Corp. - SiS RAID Stor Miniport Driver.) -- C:\WINDOWS\System32\drivers\sisraid2.sys [44896] ©
O58 - SDL:2015/07/10 07:59:39 A . (.Silicon Integrated Systems - SiS AHCI Stor-Miniport Driver.) -- C:\WINDOWS\System32\drivers\sisraid4.sys [81760] ©
O58 - SDL:2015/07/10 07:59:39 A . (.Promise Technology, Inc. - Promise SuperTrak EX Series Driver for Wind.) -- C:\WINDOWS\System32\drivers\stexstor.sys [31072] ©
O58 - SDL:2015/07/10 07:59:48 A . (...) -- C:\WINDOWS\System32\drivers\Udecx.sys [44032]
O58 - SDL:2015/07/10 07:59:39 A . (.VIA Technologies Inc.,Ltd - VIA RAID DRIVER FOR AMD-X86-64.) -- C:\WINDOWS\System32\drivers\vsmraid.sys [166752] ©
O58 - SDL:2015/07/10 07:59:39 A . (.Conexant Systems, Inc. - HSF_HWAZL WDM driver.) -- C:\WINDOWS\System32\drivers\VSTAZL6.SYS [292864] ©
O58 - SDL:2015/07/10 07:59:39 A . (.Conexant Systems, Inc. - HSF_CNXT driver.) -- C:\WINDOWS\System32\drivers\VSTCNXT6.SYS [740864] ©
O58 - SDL:2015/07/10 07:59:39 A . (.Conexant Systems, Inc. - HSF_DP driver.) -- C:\WINDOWS\System32\drivers\VSTDPV6.SYS [1485312] ©
O58 - SDL:2015/07/10 07:59:39 A . (.VIA Corporation - VIA StorX RAID Controller Driver.) -- C:\WINDOWS\System32\drivers\VSTXRAID.SYS [305504] ©
O58 - SDL:2015/07/10 07:59:39 A . (.Mellanox - Kernel WinMad.) -- C:\WINDOWS\System32\drivers\winmad.sys [26976] ©
O58 - SDL:2015/07/10 07:59:39 A . (.Mellanox - Kernel WinVerbs.) -- C:\WINDOWS\System32\drivers\winverbs.sys [59232] ©
O58 - SDL:2015/07/10 07:59:39 A . (.Marvell - NDIS6.30 Miniport Driver for Marvell Yukon.) -- C:\WINDOWS\System32\drivers\yk63x64.sys [295216] ©
O58 - SDL:2009/10/05 08:34:00 A . (.Atheros Communications, Inc. - Atheros Extensible Wireless LAN device driv.) -- C:\WINDOWS\System32\athrx.sys [1542656] ©
---\\ Últimos ficheiros alterados ou criados (Utilizador) (6) - 32s
O61 - LFC: 2015/10/06 17:23:30 A . (..) -- C:\Users\Ricardo\AppData\Roaming\Microsoft\UProof\CMAdj.1046.bin [246]
O61 - LFC: 2015/10/11 08:35:14 A . (..) -- C:\Users\Ricardo\AppData\Local\Packages\Microsoft.XboxApp_8wekyb3d8bbwe\LocalState\GameDVR\KnownGameList.bin [38492]
O61 - LFC: 2015/10/07 19:50:42 A . (..) -- C:\Users\Ricardo\AppData\Local\Packages\Microsoft.WindowsFeedback_cw5n1h2txyewy\AC\Microsoft\CLR_v4.0\NativeImages\feedbackapp.helper\64e439fe869e407acfead97d0dc16d90\feedbackapp.helper.ni.dll [54784]
O61 - LFC: 2015/10/11 10:13:18 A . (..) -- C:\Users\Ricardo\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\MicrosoftEdge\UrlBlock\urlblock_635801599368000959.bin [36476]
O61 - LFC: 2015/10/08 18:24:21 A . (..) -- C:\Users\Ricardo\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\CQMAA33W\beacon[1].dll [0]
O61 - LFC: 2015/10/10 19:23:02 A . (..) -- C:\Users\Ricardo\AppData\Local\Microsoft\Internet Explorer\UrlBlock\urlblock_635801092301585820.bin [34844]
---\\ Associações Shell Spawning (10) - 1s
O67 - Shell Spawning: <.bat>
O67 - Shell Spawning: <.cpl>
O67 - Shell Spawning: <.cmd>
O67 - Shell Spawning: <.com>
O67 - Shell Spawning: <.evt>
O67 - Shell Spawning: <.exe>
O67 - Shell Spawning: <.html>
O67 - Shell Spawning: <.js>
O67 - Shell Spawning: <.reg>
O67 - Shell Spawning: <.scr>
---\\ Menu de inicialização Internet (4) - 0s
O68 - StartMenuInternet:
O68 - StartMenuInternet:
O68 - StartMenuInternet:
O68 - StartMenuInternet:
---\\ Pesquisa de infeção nos navegadores da Internet (1) - 0s
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} [DefaultScope] - (Bing) - http://www.bing.com/
---\\ Listagem dos serviços iniciados pelo Svchost (41) - 2s
O83 - Search Svchost Services: CertPropSvc (CertPropSvc) . (.Microsoft Corporation - Serviço de Propagação de Certificado de Car.) -- C:\WINDOWS\System32\certprop.dll [192000] ©
O83 - Search Svchost Services: SCPolicySvc (SCPolicySvc) . (.Microsoft Corporation - Serviço de Propagação de Certificado de Car.) -- C:\WINDOWS\System32\certprop.dll [192000] ©
O83 - Search Svchost Services: lanmanserver (lanmanserver) . (.Microsoft Corporation - DLL de Serviço do Servidor.) -- C:\WINDOWS\system32\srvsvc.dll [283136] ©
O83 - Search Svchost Services: gpsvc (gpsvc) . (.Microsoft Corporation - Cliente da Política de Grupo.) -- C:\WINDOWS\System32\gpsvc.dll [1335296] ©
O83 - Search Svchost Services: IKEEXT (IKEEXT) . (.Microsoft Corporation - Extensão IKE.) -- C:\WINDOWS\System32\ikeext.dll [954368] ©
O83 - Search Svchost Services: iphlpsvc (iphlpsvc) . (.Microsoft Corporation - Serviço que oferece conectividade IPv6 em u.) -- C:\WINDOWS\System32\iphlpsvc.dll [954880] ©
O83 - Search Svchost Services: seclogon (seclogon) . (.Microsoft Corporation - DLL de serviço de logon secundário.) -- C:\WINDOWS\system32\seclogon.dll [31232] ©
O83 - Search Svchost Services: AppInfo (AppInfo) . (.Microsoft Corporation - Serviço de Informações de Aplicativos.) -- C:\WINDOWS\System32\appinfo.dll [93696] ©
O83 - Search Svchost Services: msiscsi (msiscsi) . (.Microsoft Corporation - Serviço de Descoberta iSCSI.) -- C:\WINDOWS\system32\iscsiexe.dll [151040] ©
O83 - Search Svchost Services: EapHost (EapHost) . (.Microsoft Corporation - Serviço Microsoft EAPHost.) -- C:\WINDOWS\System32\eapsvc.dll [106496] ©
O83 - Search Svchost Services: schedule (schedule) . (.Microsoft Corporation - Serviço Agendador de Tarefas.) -- C:\WINDOWS\system32\schedsvc.dll [1008640] ©
O83 - Search Svchost Services: winmgmt (winmgmt) . (.Microsoft Corporation - WMI.) -- C:\WINDOWS\system32\wbem\WMIsvc.dll [226304] ©
O83 - Search Svchost Services: browser (browser) . (.Microsoft Corporation - DLL de Serviço Pesquisador de Computadores.) -- C:\WINDOWS\System32\browser.dll [133120] ©
O83 - Search Svchost Services: ProfSvc (ProfSvc) . (.Microsoft Corporation - ProfSvc.) -- C:\WINDOWS\system32\profsvc.dll [324608] ©
O83 - Search Svchost Services: SessionEnv (SessionEnv) . (.Microsoft Corporation - Serviço de Configuração da Área de Trabalho.) -- C:\Windows\System32\SessEnv.dll [371200] ©
O83 - Search Svchost Services: wercplsupport (wercplsupport) . (.Microsoft Corporation - Relatórios de Problemas e Soluções.) -- C:\WINDOWS\System32\wercplsupport.dll [95744] ©
O83 - Search Svchost Services: wlidsvc (wlidsvc) . (.Microsoft Corporation - Serviço Conta da Microsoft®.) -- C:\WINDOWS\system32\wlidsvc.dll [2093056] ©
O83 - Search Svchost Services: DcpSvc (DcpSvc) . (.Microsoft Corporation - dcpsvc Task.) -- C:\WINDOWS\system32\dcpsvc.dll [196096] ©
O83 - Search Svchost Services: NcaSvc (NcaSvc) . (.Microsoft Corporation - Serviço Assistente de Conectividade de Rede.) -- C:\WINDOWS\System32\ncasvc.dll [167424] ©
O83 - Search Svchost Services: NetSetupSvc (NetSetupSvc) . (.Microsoft Corporation - Serviço de Configuração de Rede.) -- C:\WINDOWS\System32\NetSetupSvc.dll [187392] ©
O83 - Search Svchost Services: Rasauto (Rasauto) . (.Microsoft Corporation - Gerenciador de Discagem Automática de Acess.) -- C:\WINDOWS\System32\rasauto.dll [106496] ©
O83 - Search Svchost Services: Rasman (Rasman) . (.Microsoft Corporation - Gerenciador de conexão de acesso remoto.) -- C:\WINDOWS\System32\rasmans.dll [679936] ©
O83 - Search Svchost Services: Remoteaccess (Remoteaccess) . (.Microsoft Corporation - Gerenciador de Interface Dinâmica.) -- C:\Windows\System32\mprdim.dll [497152] ©
O83 - Search Svchost Services: SENS (SENS) . (.Microsoft Corporation - Serviço de Notificação de Eventos do Sistem.) -- C:\WINDOWS\System32\sens.dll [72192] ©
O83 - Search Svchost Services: Sharedaccess (Sharedaccess) . (.Microsoft Corporation - Componentes do Microsoft NAT Helper.) -- C:\WINDOWS\System32\ipnathlp.dll [452608] ©
O83 - Search Svchost Services: Tapisrv (Tapisrv) . (.Microsoft Corporation - Servidor de telefonia do Microsoft® Windows.) -- C:\Windows\System32\tapisrv.dll [311808] ©
O83 - Search Svchost Services: wuauserv (wuauserv) . (.Microsoft Corporation - Windows Update Agent.) -- C:\WINDOWS\system32\wuaueng.dll [2235904] ©
O83 - Search Svchost Services: BITS (BITS) . (.Microsoft Corporation - Serviço de transferência inteligente de tel.) -- C:\WINDOWS\System32\qmgr.dll [1168896] ©
O83 - Search Svchost Services: ShellHWDetection (ShellHWDetection) . (.Microsoft Corporation - DLL de serviços do Shell do Windows.) -- C:\Windows\System32\shsvcs.dll [593920] ©
O83 - Search Svchost Services: dmwappushservice (dmwappushservice) . (.Microsoft Corporation - dmwappushsvc.) -- C:\WINDOWS\system32\dmwappushsvc.dll [63488] ©
O83 - Search Svchost Services: XblGameSave (XblGameSave) . (.Microsoft Corporation - Xbox Live Game Save Service.) -- C:\WINDOWS\System32\XblGameSave.dll [1149440] ©
O83 - Search Svchost Services: XboxNetApiSvc (XboxNetApiSvc) . (.Microsoft Corporation - Xbox Live Networking Service.) -- C:\WINDOWS\system32\XboxNetApiSvc.dll [1019392] ©
O83 - Search Svchost Services: UsoSvc (UsoSvc) . (.Microsoft Corporation - Atualizar Sessão do Orchestrator Core.) -- C:\WINDOWS\system32\usocore.dll [343040] ©
O83 - Search Svchost Services: UserManager (UserManager) . (.Microsoft Corporation - UserMgr.) -- C:\WINDOWS\System32\usermgr.dll [717312] ©
O83 - Search Svchost Services: lfsvc (lfsvc) . (.Microsoft Corporation - Serviço de Geolocalização.) -- C:\Windows\System32\lfsvc.dll [27136] ©
O83 - Search Svchost Services: DmEnrollmentSvc (DmEnrollmentSvc) . (.Microsoft Corporation - DLL do Serviço de Gerenciamento do Windows.) -- C:\Windows\System32\Windows.Internal.Management.dll [267776] ©
O83 - Search Svchost Services: XblAuthManager (XblAuthManager) . (.Microsoft Corporation - Xbox Live Auth Manager.) -- C:\WINDOWS\System32\XblAuthManager.dll [918016] ©
O83 - Search Svchost Services: RetailDemo (RetailDemo) . (.Microsoft Corporation - RDXService.) -- C:\WINDOWS\system32\RDXService.dll [996352] ©
O83 - Search Svchost Services: BDESVC (BDESVC) . (.Microsoft Corporation - Serviço BDE.) -- C:\WINDOWS\System32\bdesvc.dll [359936] ©
O83 - Search Svchost Services: DsmSvc (DsmSvc) . (.Microsoft Corporation - Gerenciador de Instalação de Dispositivo.) -- C:\WINDOWS\System32\DeviceSetupManager.dll [237568] ©
O83 - Search Svchost Services: Themes (Themes) . (.Microsoft Corporation - DLL do Serviço de Tema do Shell do Windows.) -- C:\WINDOWS\system32\themeservice.dll [58368] ©
---\\ Serviços não Microsoft (SR=Executados, SS=Parados) (4) - 47s
SR - Auto [2015/07/02 18:55:58] [ 194000] Serviço do Kaspersky Anti-Virus 15.0.2 (AVP15.0.2) . (.Kaspersky Lab ZAO.) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.2\avp.exe ©
SS - Disabled [2009/06/04 19:03:06] [ 354840] Intel(R) Matrix Storage Event Monitor (IAANTMON) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe ©
SS - Disabled [2015/07/09 13:14:04] [ 327296] Skype Updater (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files (x86)\Skype\Updater\Updater.exe ©
---\\ Scâner Aditional (1) - 0s
~ Nenhum ítem malicioso o desnecessários foi encontrado.
---\\ Informações complémentaires do módulos (1) - 0s
~ Nenhum ítem malicioso o desnecessários foi encontrado.
~ End of the scan, 12939 items in 222 seconds (505)(0)()