cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

~ ZHPDiag v2015.10.22.154 Por Nicolas Coolman (2015/10/22)
~ iniciado por Administrador (Administrator) (2015/10/22 12:31:19)
~ Site: http://www.nicolascoolman.fr
~ Facebook: https://www.facebook.com/nicolascoolman1
~ Status da versão: Version OK
~ Modo: Scanner
~ Relatório: C:\Documents and Settings\Administrador\Desktop\ZHPDiag.txt
~ Relatório: C:\Documents and Settings\Administrador\Dados de aplicativos\ZHP\ZHPDiag.txt
~ UAC: Deactivate
~ Inicialização do sistema: Normal (Normal boot)
Windows XP, 32-bit Service Pack 3 (Build 2600)

---\\ Navegadores Internet (3) - 0s
GCIE: Google Chrome v46.0.2490.71
MFIE: Mozilla Firefox 41.0.2 (x86 pt-BR) v41.0.2
MSIE: Internet Explorer v8.0.6001.18702

---\\ Informações sobre os produtos Windows (3) - 0s
Windows Automatic Updates : OK
Windows Activation Technologies : KO
Windows Genuine Advantage : OK

---\\ Softwares de proteçao do sistema (2) - 2s
Avast Free Antivirus v10.4.2233
Malwarebytes Anti-Malware versão 2.2.0.1024

---\\ Softwares d'optimização do sistema (1) - 2s
CCleaner v5.03

---\\ Monitoramento dos softwares (2) - 2s
Adobe Flash Player 19 NPAPI
Adobe Reader XI

---\\ Informações sobre o sistema (6) - 0s
~ Operating System: x86 Family 6 Model 22 Stepping 1, GenuineIntel
~ Operating System: 32-bit
~ Boot mode: Normal (Normal boot)
Total RAM: 1038.512 MB (13% free)
~ System Restore: Activé (Enable)
~ System drive C: has 62 GB free of 80 GB

---\\ Modo de conexão ao sistema (3) - 0s
~ Computer Name: WINDOWS-ZP-SP3
~ User Name: Administrador
~ Logged in as Administrator

---\\ Enumeração das unidades dos discos (2) - 11s
~ Drive C: has 62 GB free of 80 GB (System)
~ Drive D: has 62 GB free of 72 GB

---\\ Estado do Centro de Segurança do Windows (9) - 0s
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Intl: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] XMLLookup: OK
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
[HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] Load: OK
[HKLM\SYSTEM\CurrentControlSet\Services\COMSysApp] Type: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime : OK

---\\ Pesquisa particular de ficheiros genéricos (23) - 0s
[MD5.064EC7FF5F58B928C3E119402977FA6D] - (.Microsoft Corporation - Windows Explorer.) () -- C:\WINDOWS\Explorer.exe [1035776] ©
[MD5.E715412E47D20EB0EBF77B65F9157343] - (.Microsoft Corporation - Executa uma DLL como um aplicativo.) () -- C:\WINDOWS\System32\rundll32.exe [33280] ©
[MD5.E2FFA50357056ADE4FCDB5FD09F9D2FF] - (.Microsoft Corporation - Internet Extensions for Win32.) () -- C:\WINDOWS\System32\wininet.dll [920064] ©
[MD5.71D440F79B711627B12B567FB2EADB42] - (.Microsoft Corporation - Aplicativo de logon do Windows NT.) () -- C:\WINDOWS\System32\Winlogon.exe [509952] ©
[MD5.E96BAA747520F6348F73460CB1812977] - (.Microsoft Corporation - DNS Client API DLL.) () -- C:\WINDOWS\System32\dnsapi.dll [149504] ©
[MD5.F6B7B1ECD7B41736BDB6FF4B092BCB79] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) () -- C:\WINDOWS\System32\drivers\AFD.sys [138496] ©
[MD5.9F3A2F5AA6875C72BF062C712CFA2674] - (.Microsoft Corporation - IDE/ATAPI Port Driver.) () -- C:\WINDOWS\System32\drivers\atapi.sys [96512] ©
[MD5.C885B02847F5D2FD45A24E219ED93B32] - (.Microsoft Corporation - CD-ROM File System Driver.) () -- C:\WINDOWS\System32\drivers\Cdfs.sys [63744] ©
[MD5.1F4260CC5B42272D71F79E570A27A4FE] - (.Microsoft Corporation - SCSI CD-ROM Driver.) () -- C:\WINDOWS\System32\drivers\Cdrom.sys [62976] ©
[MD5.A8D31E836CCF2F51009CE7DFFECF6D51] - (.Microsoft Corporation - FIPS Crypto Driver.) () -- C:\WINDOWS\System32\drivers\Fips.sys [44672] ©
[MD5.573C7D0A32852B48F3058CFD8026F511] - (.Windows (R) Server 2003 DDK provider - High Definition Audio Bus Driver v1.0a.) () -- C:\WINDOWS\System32\drivers\HDAudBus.sys [144384]
[MD5.485BC6BEB778B5E9702E6AA3D384C0CB] - (.Microsoft Corporation - Driver de porta i8042.) () -- C:\WINDOWS\System32\drivers\i8042prt.sys [53504] ©
[MD5.083A052659F5310DD8B6A6CB05EDCF8E] - (.Microsoft Corporation - IMAPI Kernel Driver.) () -- C:\WINDOWS\System32\drivers\Imapi.sys [42112] ©
[MD5.CC748EA12C6EFFDE940EE98098BF96BB] - (.Microsoft Corporation - IP Network Address Translator.) () -- C:\WINDOWS\System32\drivers\IpNat.sys [152832] ©
[MD5.23C74D75E36E7158768DD63D92789A91] - (.Microsoft Corporation - IPSec Driver.) () -- C:\WINDOWS\System32\drivers\IPSec.sys [75264] ©
[MD5.FB2FCCC70F7174C7BF64F48E96D3ADF4] - (.Microsoft Corporation - Windows NT SMB Minirdr.) () -- C:\WINDOWS\System32\drivers\MRxSmb.sys [457856] ©
[MD5.74B2B2F5BEA5E9A3DC021D685551BD3D] - (.Microsoft Corporation - MBT Transport driver.) () -- C:\WINDOWS\System32\drivers\netBT.sys [162816] ©
[MD5.78A08DD6A8D65E697C18E1DB01C5CDCA] - (.Microsoft Corporation - NT File System Driver.) () -- C:\WINDOWS\System32\drivers\ntfs.sys [574976] ©
[MD5.9BADEE6B698BF1AF36E25A1A64A89EAB] - (.Microsoft Corporation - Driver de porta paralela.) () -- C:\WINDOWS\System32\drivers\Parport.sys [80384] ©
[MD5.11B4A627BC9614B885C4969BFA5FF8A6] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) () -- C:\WINDOWS\System32\drivers\Rasl2tp.sys [51328] ©
[MD5.15CABD0F7C00C47C70124907916AF3F1] - (.Microsoft Corporation - Microsoft RDP Device redirector.) () -- C:\WINDOWS\System32\drivers\rdpdr.sys [196224] ©
[MD5.68D749B04BFBBD4D4D15CC5185AFA4DD] - (.Microsoft Corporation - Redbook Audio Filter Driver.) () -- C:\WINDOWS\System32\drivers\redbook.sys [58240] ©
[MD5.EB6B1E2C984D84470FF4FE7EF98CD44A] - (.Microsoft Corporation - Driver de cópia de sombra de volume.) () -- C:\WINDOWS\System32\drivers\volsnap.sys [53248] ©

---\\ Processos lançados (14) - 2s
[MD5.11120878E5276B367E1A10FF8C9B595B] - (.AVAST Software - avast! Service.) -- C:\Arquivos de programas\AVAST Software\Avast\AvastSvc.exe [146600] [PID.1448] ©
[MD5.123CE08362EE48BBA7F9F1D7EB50F24F] - (.AVAST Software - avast! Antivirus.) -- C:\Arquivos de programas\AVAST Software\Avast\AvastUI.exe [6134544] [PID.1308] ©
[MD5.946839F9A8817B94FEA5F372F017DC97] - (.Zbshareware Lab - USB Disk Security.) -- C:\Arquivos de programas\USB Disk Security\USBGuard.exe [2048928] [PID.1344]
[MD5.3FCE1AE36134FD0D0177582F23DF6AD6] - (.Intel Corporation - persistence Module.) -- C:\WINDOWS\system32\igfxpers.exe [142360] [PID.2140] ©
[MD5.03EA3A1EE20A8F5A072093A587422768] - (.Intel Corporation - hkcmd Module.) -- C:\WINDOWS\system32\hkcmd.exe [173592] [PID.2284] ©
[MD5.E50224EECD584E8A944A0B8895DE87F4] - (.VIA Technologies, Inc. - HDeck MFC Application.) -- C:\Arquivos de programas\VIA\VIAudioi\HDADeck\HDeck.exe [33624064] [PID.2336] ©
[MD5.3D035EB2B8BA98DF76C3B7DABB8DA407] - (.Intel Corporation - igfxsrvc Module.) -- C:\WINDOWS\system32\igfxsrvc.exe [250392] [PID.2396] ©
[MD5.946839F9A8817B94FEA5F372F017DC97] - (.Zbshareware Lab - USB Disk Security.) -- C:\Arquivos de programas\USB Disk Security\USBGuard.exe [2048928] [PID.2520]
[MD5.2B24F194FC5B657397ECB2923A68350E] - (.Piriform Ltd - CCleaner.) -- C:\Arquivos de programas\CCleaner\CCleaner.exe [5503768] [PID.2556] ©
[MD5.7824452741212AF839EA61A9E9F1EA0B] - (.Nero AG - Nero Home.) -- C:\Arquivos de programas\Arquivos comuns\Ahead\Lib\NMBgMonitor.exe [139264] [PID.2684] ©
[MD5.A21E313F65231675C5CEE7A687C67E26] - (.Nero AG - Nero Home.) -- C:\Arquivos de programas\Arquivos comuns\Ahead\Lib\NMIndexStoreSvr.exe [884736] [PID.3076] ©
[MD5.14DCA74CB34502CA919966F31FBB8B0D] - (.Mozilla Corporation - Firefox.) -- C:\Arquivos de programas\Mozilla Firefox\firefox.exe [377000] [PID.2068] ©
[MD5.91EADE0A0A24664F75955377EDF2E4E2] - (.Mozilla Corporation - Plugin Container for Firefox.) -- C:\Arquivos de programas\Mozilla Firefox\plugin-container.exe [278184] [PID.2356] ©
[MD5.231AE3BE35DFA790FE484CCA354BCD15] - (.Nicolas Coolman - ZHPDiag.) -- C:\Documents and Settings\Administrador\Desktop\ZHPDiag3.exe [1958912] [PID.3996] ©

---\\ Google Chrome, Arranque,Pesquisa,Extensões (2) - 1s
G2 - GCE: Preference [User Data\Default] [gomekmidlodglbbmalcneegieacbdmki] Avast Online Security
G2 - GCE: Preference [User Data\Default] [nmmhkkegccagdldgiimedpiccmgmieda] Google Chrome manifest =>.Google Inc.

---\\ Mozilla Firefox, Plugins,Arranque,Pesquisa,Extensões (5) - 0s
P2 - EXT FILE: (...) -- C:\Documents and Settings\Administrador\Dados de aplicativos\Mozilla\Firefox\Profiles\hqtf3ui0.default\searchplugins\google-avast.xml
P2 - EXT: (.Mozilla - Default.) -- C:\Arquivos de programas\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} ©
P2 - EXT: (.Zigboom - LavaFox V2-Green.) -- C:\Documents and Settings\Administrador\Dados de aplicativos\Mozilla\Firefox\Profiles\hqtf3ui0.default\extensions\zigboom@ymail.com ©
P2 - EXT: (.Jivko Evgeniev - Purple Fox.) -- C:\Documents and Settings\Administrador\Dados de aplicativos\Mozilla\Firefox\Profiles\hqtf3ui0.default\extensions\{3ffb7be0-8bde-11de-8a39-0800200c9a66}
P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (.Adobe Systems Incorporated.) -- C:\WINDOWS\system32\Macromed\Flash\NPSWF32_19_0_0_226.dll ©

---\\ Internet Explorer, Arranque, Pesquisa, Phishing (10) - 0s
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = www.google.com
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = www.google.com
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
R3 - URLSearchHook: (no name) - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} Orphean =>.Microsoft Internet Explorer

---\\ Internet Explorer, Gestão do Proxy (4) - 1s
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll

---\\ Análise das linhas, Carregamento Automático de programas (3) - 0s
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe (.Microsoft Corporation.) ©
F2 - REG:system.ini: Shell=C:\WINDOWS\explorer.exe (.Microsoft Corporation.) ©
F2 - REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL "sysdm.cpl"

---\\ Redireção do ficheiro Hosts (1) - 0s
~ Le fichier hôte est sain (The hosts file is clean) (19)

---\\ Browser Helper Objects do navegador (2) - 0s
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} . (.Microsoft Corporation - GrooveShellExtensions Module.) -- C:\Arquivos de programas\Microsoft Office\Office12\GrooveShellExtensions.dll ©
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} . (.AVAST Software - IE Webrep plugin.) -- C:\Arquivos de programas\AVAST Software\Avast\aswWebRepIE.dll ©

---\\ Barras do Internet Explorer (1) - 0s
O3 - Toolbar: 0xB1C218236549D4119B18009027A5CD4F - [HKCU]{2318C2B1-4965-11D4-9B18-009027A5CD4F} . (...) -- (.not file.)

---\\ Aplicações iniciadas por registo & pastas (25) - 1s
O4 - HKLM\..\Run: [AvastUI.exe] . (.AVAST Software - avast! Antivirus.) -- C:\Arquivos de programas\AVAST Software\Avast\AvastUI.exe ©
O4 - HKLM\..\Run: [USB Security] . (.Zbshareware Lab - USB Disk Security.) -- C:\Arquivos de programas\USB Disk Security\USBGuard.exe
O4 - HKLM\..\Run: [Persistence] . (.Intel Corporation - persistence Module.) -- C:\WINDOWS\system32\igfxpers.exe ©
O4 - HKLM\..\Run: [NeroFilterCheck] . (.Nero AG - NeroCheck.) -- C:\Arquivos de programas\Arquivos comuns\Ahead\Lib\NeroCheck.exe ©
O4 - HKLM\..\Run: [IgfxTray] . (.Intel Corporation - igfxTray Module.) -- C:\WINDOWS\system32\igfxtray.exe ©
O4 - HKLM\..\Run: [HotKeysCmds] . (.Intel Corporation - hkcmd Module.) -- C:\WINDOWS\system32\hkcmd.exe ©
O4 - HKLM\..\Run: [HDAudDeck] . (.VIA Technologies, Inc. - HDeck MFC Application.) -- C:\Arquivos de programas\VIA\VIAudioi\HDADeck\HDeck.exe ©
O4 - HKLM\..\Run: [GrooveMonitor] . (.Microsoft Corporation - GrooveMonitor Utility.) -- C:\Arquivos de programas\Microsoft Office\Office12\GrooveMonitor.exe ©
O4 - HKLM\..\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Arquivos de programas\Arquivos comuns\Adobe\ARM\1.0\AdobeARM.exe ©
O4 - HKCU\..\Run: [ctfmon.exe] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe ©
O4 - HKCU\..\Run: [CCleaner Monitoring] . (.Piriform Ltd - CCleaner.) -- C:\Arquivos de programas\CCleaner\CCleaner.exe ©
O4 - HKCU\..\Run: [MSMSGS] . (.Microsoft Corporation - Windows Messenger.) -- C:\Arquivos de programas\Messenger\msmsgs.exe ©
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] . (.Nero AG - Nero Home.) -- C:\Arquivos de programas\Arquivos comuns\Ahead\Lib\NMBgMonitor.exe ©
O4 - HKCU\..\RunOnce: [Adobe Speed Launcher] 1445523341
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe ©
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe ©
O4 - HKUS\.DEFAULT\..\RunOnce: [_nltide_2] regsvr32 /s /n /i:U shell32
O4 - HKUS\.DEFAULT\..\RunOnce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N
O4 - HKUS\S-1-5-18\..\RunOnce: [_nltide_2] regsvr32 /s /n /i:U shell32
O4 - HKUS\S-1-5-18\..\RunOnce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N
O4 - HKUS\S-1-5-21-1202660629-515967899-1177238915-500\..\Run: [ctfmon.exe] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe ©
O4 - HKUS\S-1-5-21-1202660629-515967899-1177238915-500\..\Run: [CCleaner Monitoring] . (.Piriform Ltd - CCleaner.) -- C:\Arquivos de programas\CCleaner\CCleaner.exe ©
O4 - HKUS\S-1-5-21-1202660629-515967899-1177238915-500\..\Run: [MSMSGS] . (.Microsoft Corporation - Windows Messenger.) -- C:\Arquivos de programas\Messenger\msmsgs.exe ©
O4 - HKUS\S-1-5-21-1202660629-515967899-1177238915-500\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] . (.Nero AG - Nero Home.) -- C:\Arquivos de programas\Arquivos comuns\Ahead\Lib\NMBgMonitor.exe ©
O4 - HKUS\S-1-5-21-1202660629-515967899-1177238915-500\..\RunOnce: [Adobe Speed Launcher] 1445523341

---\\ Alteração Dominio/Clientes DNS (3) - 0s
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1

---\\ Protocolo adicional (25) - 1s
O18 - Handler: about - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\WINDOWS\system32\mshtml.dll ©
O18 - Handler: cdl - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll ©
O18 - Handler: dvd - {12D51199-0DB5-46FE-A120-47A3D7D937CC} . (.Microsoft Corporation - Controle ActiveX para fluxo de vídeo.) -- C:\WINDOWS\system32\msvidctl.dll ©
O18 - Handler: file - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll ©
O18 - Handler: ftp - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll ©
O18 - Handler: gopher - {79eac9e4-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll ©
O18 - Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} . (.Microsoft Corporation - GrooveSystemServices Module.) -- C:\Arquivos de programas\Microsoft Office\Office12\GrooveSystemServices.dll ©
O18 - Handler: http - {79eac9e2-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll ©
O18 - Handler: https - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll ©
O18 - Handler: its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\WINDOWS\system32\itss.dll ©
O18 - Handler: javascript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\WINDOWS\system32\mshtml.dll ©
O18 - Handler: local - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll ©
O18 - Handler: mailto - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\WINDOWS\system32\mshtml.dll ©
O18 - Handler: mhtml - {05300401-BCBC-11d0-85E3-00C04FD85AB4} . (.Microsoft Corporation - Microsoft Internet Messaging API.) -- C:\WINDOWS\system32\inetcomm.dll ©
O18 - Handler: mk - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll ©
O18 - Handler: ms-help - {314111c7-a502-11d2-bbca-00c04f8ec294} . (.Microsoft Corporation - Microsoft® Help Data Services Module.) -- C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Help\hxds.dll ©
O18 - Handler: ms-its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\WINDOWS\system32\itss.dll ©
O18 - Handler: res - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\WINDOWS\system32\mshtml.dll ©
O18 - Handler: tv - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} . (.Microsoft Corporation - Controle ActiveX para fluxo de vídeo.) -- C:\WINDOWS\system32\msvidctl.dll ©
O18 - Handler: vbscript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\WINDOWS\system32\mshtml.dll ©
O18 - Handler: wia - {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} . (.Microsoft Corporation - WIA Scripting Layer.) -- C:\WINDOWS\system32\wiascr.dll ©
O18 - Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll ©
O18 - Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll ©
O18 - Filter: text/webviewhtml - {733AC4CB-F1A4-11d0-B951-00A0C90312E1} . (.Microsoft Corporation - DLL comum do Shell do Windows.) -- C:\WINDOWS\system32\shell32.dll ©
O18 - Filter: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\OFFICE12\MSOXMLMF.DLL ©

---\\ Serviços NT não Microsoft e não desativados (3) - 0s
O23 - Service: Avast Antivirus (avast! Antivirus) . (.AVAST Software - avast! Service.) - C:\Arquivos de programas\AVAST Software\Avast\AvastSvc.exe ©
O23 - Service: Serviço do Google Update (gupdate) (gupdate) . (.Google Inc. - Google Installer.) - C:\Arquivos de programas\Google\Update\GoogleUpdate.exe ©
O23 - Service: (MBAMService) . (.Malwarebytes - Malwarebytes Anti-Malware.) - C:\Arquivos de programas\Malwarebytes Anti-Malware\mbamservice.exe ©

---\\ Software instalados (98) - 10s
O42 - Logiciel: Adobe Flash Player 19 NPAPI - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player NPAPI ©
O42 - Logiciel: Avast Free Antivirus - (.AVAST Software.) [HKLM] -- avast ©
O42 - Logiciel: CCleaner - (.Piriform.) [HKLM] -- CCleaner ©
O42 - Logiciel: Google Chrome - (.Google Inc..) [HKLM] -- Google Chrome ©
O42 - Logiciel: Intel(R) Graphics Media Accelerator Driver - (.Intel Corporation.) [HKLM] -- HDMI ©
O42 - Logiciel: Windows Internet Explorer 8 - (.Microsoft Corporation.) [HKLM] -- ie8 ©
O42 - Logiciel: VIA Gerenciador de dispositivo de plataforma - (.VIA Technologies, Inc..) [HKLM] -- InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169} ©
O42 - Logiciel: Atualização de Segurança para Windows XP (KB2508272) - (.Microsoft Corporation.) [HKLM] -- KB2508272 ©
O42 - Logiciel: Atualização de Segurança para Windows XP (KB2562937) - (.Microsoft Corporation.) [HKLM] -- KB2562937 ©
O42 - Logiciel: Atualização de Segurança para Microsoft Windows (KB2564958) - (.Microsoft Corporation.) [HKLM] -- KB2564958 ©
O42 - Logiciel: Atualização de Segurança para Windows XP (KB2570947) - (.Microsoft Corporation.) [HKLM] -- KB2570947 ©
O42 - Logiciel: Atualização de Segurança para Windows XP (KB2584146) - (.Microsoft Corporation.) [HKLM] -- KB2584146 ©
O42 - Logiciel: Atualização de Segurança para Windows XP (KB2585542) - (.Microsoft Corporation.) [HKLM] -- KB2585542 ©
O42 - Logiciel: Atualização de Segurança para Windows XP (KB2598479) - (.Microsoft Corporation.) [HKLM] -- KB2598479 ©
O42 - Logiciel: Atualização de Segurança para Windows XP (KB2603381) - (.Microsoft Corporation.) [HKLM] -- KB2603381 ©
O42 - Logiciel: Atualização de Segurança para Windows XP (KB2618451) - (.Microsoft Corporation.) [HKLM] -- KB2618451 ©
O42 - Logiciel: Atualização de Segurança para Windows XP (KB2619339) - (.Microsoft Corporation.) [HKLM] -- KB2619339 ©
O42 - Logiciel: Atualização de Segurança para Windows XP (KB2620712) - (.Microsoft Corporation.) [HKLM] -- KB2620712 ©
O42 - Logiciel: Atualização de Segurança para Windows XP (KB2631813) - (.Microsoft Corporation.) [HKLM] -- KB2631813 ©
O42 - Logiciel: Atualização de Segurança para Windows XP (KB2653956) - (.Microsoft Corporation.) [HKLM] -- KB2653956 ©
O42 - Logiciel: Atualização de Segurança para Windows XP (KB2655992) - (.Microsoft Corporation.) [HKLM] -- KB2655992 ©
O42 - Logiciel: Atualização de Segurança para Windows XP (KB2659262) - (.Microsoft Corporation.) [HKLM] -- KB2659262 ©
O42 - Logiciel: Atualização de Segurança para Windows XP (KB2661637) - (.Microsoft Corporation.) [HKLM] -- KB2661637 ©
O42 - Logiciel: Atualização de Segurança para Windows XP (KB2676562) - (.Microsoft Corporation.) [HKLM] -- KB2676562 ©
O42 - Logiciel: Atualização de Segurança para Windows XP (KB2686509) - (.Microsoft Corporation.) [HKLM] -- KB2686509 ©
O42 - Logiciel: Atualização de Segurança para Windows XP (KB2691442) - (.Microsoft Corporation.) [HKLM] -- KB2691442 ©
O42 - Logiciel: Atualização de Segurança para Windows XP (KB2698365) - (.Microsoft Corporation.) [HKLM] -- KB2698365 ©
O42 - Logiciel: Atualização de Segurança para Windows XP (KB2705219-v2) - (.Microsoft Corporation.) [HKLM] -- KB2705219-v2 ©
O42 - Logiciel: Atualização de Segurança para Windows XP (KB2712808) - (.Microsoft Corporation.) [HKLM] -- KB2712808 ©
O42 - Logiciel: Atualização de Segurança para Windows XP (KB2719985) - (.Microsoft Corporation.) [HKLM] -- KB2719985 ©
O42 - Logiciel: Atualização de Segurança para Windows XP (KB2723135-v2) - (.Microsoft Corporation.) [HKLM] -- KB2723135-v2 ©
O42 - Logiciel: Atualização de Segurança para Windows XP (KB2727528) - (.Microsoft Corporation.) [HKLM] -- KB2727528 ©
O42 - Logiciel: Atualização para Windows XP (KB2749655) - (.Microsoft Corporation.) [HKLM] -- KB2749655 ©
O42 - Logiciel: Atualização de Segurança para Windows XP (KB2757638) - (.Microsoft Corporation.) [HKLM] -- KB2757638 ©
O42 - Logiciel: Atualização de Segurança para Windows XP (KB2770660) - (.Microsoft Corporation.) [HKLM] -- KB2770660 ©
O42 - Logiciel: Atualização de Segurança para Windows XP (KB2780091) - (.Microsoft Corporation.) [HKLM] -- KB2780091 ©
O42 - Logiciel: Atualização de Segurança para Windows XP (KB2802968) - (.Microsoft Corporation.) [HKLM] -- KB2802968 ©
O42 - Logiciel: Atualização de Segurança para Windows XP (KB2807986) - (.Microsoft Corporation.) [HKLM] -- KB2807986 ©
O42 - Logiciel: Atualização de Segurança para Windows XP (KB2820917) - (.Microsoft Corporation.) [HKLM] -- KB2820917 ©
O42 - Logiciel: Atualização de Segurança para Windows XP (KB2834886) - (.Microsoft Corporation.) [HKLM] -- KB2834886 ©
O42 - Logiciel: Atualização de Segurança para o Windows Media Player (KB2834904-v2) - (.Microsoft Corporation.) [HKLM] -- KB2834904-v2_WM11 ©
O42 - Logiciel: Atualização de Segurança para Windows XP (KB2847311) - (.Microsoft Corporation.) [HKLM] -- KB2847311 ©
O42 - Logiciel: Atualização de Segurança para Windows XP (KB2850869) - (.Microsoft Corporation.) [HKLM] -- KB2850869 ©
O42 - Logiciel: Atualização de Segurança para Windows XP (KB2859537) - (.Microsoft Corporation.) [HKLM] -- KB2859537 ©
O42 - Logiciel: Atualização de Segurança para Windows XP (KB2862152) - (.Microsoft Corporation.) [HKLM] -- KB2862152 ©
O42 - Logiciel: Atualização de Segurança para Windows XP (KB2862330) - (.Microsoft Corporation.) [HKLM] -- KB2862330 ©
O42 - Logiciel: Atualização de Segurança para Windows XP (KB2862335) - (.Microsoft Corporation.) [HKLM] -- KB2862335 ©
O42 - Logiciel: Atualização de Segurança para Windows XP (KB2864063) - (.Microsoft Corporation.) [HKLM] -- KB2864063 ©
O42 - Logiciel: Atualização de Segurança para Windows XP (KB2868626) - (.Microsoft Corporation.) [HKLM] -- KB2868626 ©
O42 - Logiciel: Atualização de Segurança para Windows XP (KB2876217) - (.Microsoft Corporation.) [HKLM] -- KB2876217 ©
O42 - Logiciel: Atualização de Segurança para Windows XP (KB2876331) - (.Microsoft Corporation.) [HKLM] -- KB2876331 ©
O42 - Logiciel: Atualização de Segurança para Windows XP (KB2892075) - (.Microsoft Corporation.) [HKLM] -- KB2892075 ©
O42 - Logiciel: Atualização de Segurança para Windows XP (KB2893294) - (.Microsoft Corporation.) [HKLM] -- KB2893294 ©
O42 - Logiciel: Atualização de Segurança para Windows XP (KB2898715) - (.Microsoft Corporation.) [HKLM] -- KB2898715 ©
O42 - Logiciel: Atualização de Segurança para Windows XP (KB2900986) - (.Microsoft Corporation.) [HKLM] -- KB2900986 ©
O42 - Logiciel: Atualização para Windows XP (KB2904266) - (.Microsoft Corporation.) [HKLM] -- KB2904266 ©
O42 - Logiciel: Atualização de Segurança para Windows Internet Explorer 8 (KB2909210) - (.Microsoft Corporation.) [HKLM] -- KB2909210-IE8 ©
O42 - Logiciel: Atualização de Segurança para Windows XP (KB2914368) - (.Microsoft Corporation.) [HKLM] -- KB2914368 ©
O42 - Logiciel: Atualização de Segurança para Windows XP (KB2916036) - (.Microsoft Corporation.) [HKLM] -- KB2916036 ©
O42 - Logiciel: Atualização de Segurança para Windows XP (KB2922229) - (.Microsoft Corporation.) [HKLM] -- KB2922229 ©
O42 - Logiciel: Atualização de Segurança para Windows XP (KB2929961) - (.Microsoft Corporation.) [HKLM] -- KB2929961 ©
O42 - Logiciel: Atualização de Segurança para Windows XP (KB2930275) - (.Microsoft Corporation.) [HKLM] -- KB2930275 ©
O42 - Logiciel: Atualização para Windows XP (KB2934207) - (.Microsoft Corporation.) [HKLM] -- KB2934207 ©
O42 - Logiciel: Atualização de Segurança para Windows Internet Explorer 8 (KB2936068) - (.Microsoft Corporation.) [HKLM] -- KB2936068-IE8 ©
O42 - Logiciel: Atualização de Segurança para Windows Internet Explorer 8 (KB2964358) - (.Microsoft Corporation.) [HKLM] -- KB2964358-IE8 ©
O42 - Logiciel: Atualização para Windows XP (KB898461) - (.Microsoft Corporation.) [HKLM] -- KB898461 ©
O42 - Logiciel: Atualização de Segurança para Windows XP (KB923561) - (.Microsoft Corporation.) [HKLM] -- KB923561 ©
O42 - Logiciel: Atualização de Segurança para Windows XP (KB923789) - (.Microsoft Corporation.) [HKLM] -- KB923789 ©
O42 - Logiciel: Atualização de Segurança para Windows XP (KB941569) - (.Microsoft Corporation.) [HKLM] -- KB941569 ©
O42 - Logiciel: Atualização para o Windows XP (KB943729) - (.Microsoft Corporation.) [HKLM] -- KB943729 ©
O42 - Logiciel: Atualização de Segurança para Windows XP (KB950760) - (.Microsoft Corporation.) [HKLM] -- KB950760 ©
O42 - Logiciel: Atualização de Segurança para o Windows Media Player 11 (KB954154) - (.Microsoft Corporation.) [HKLM] -- KB954154_WM11 ©
O42 - Logiciel: Atualização para Windows XP (KB955759) - (.Microsoft Corporation.) [HKLM] -- KB955759 ©
O42 - Logiciel: Atualização de Segurança para Windows XP (KB960715) - (.Microsoft Corporation.) [HKLM] -- KB960715 ©
O42 - Logiciel: Atualização para Windows Internet Explorer 8 (KB969497) - (.Microsoft Corporation.) [HKLM] -- KB969497-IE8 ©
O42 - Logiciel: Atualização do Microsoft Windows (KB971513) - (.Microsoft Corporation.) [HKLM] -- KB971513 ©
O42 - Logiciel: Atualização de Segurança para o Windows Media Player (KB975558) - (.Microsoft Corporation.) [HKLM] -- KB975558_WM8 ©
O42 - Logiciel: Atualização de Segurança para Windows XP (KB980195) - (.Microsoft Corporation.) [HKLM] -- KB980195 ©
O42 - Logiciel: K-Lite Codec Pack 7.7.0 (Full) - (...) [HKLM] -- KLiteCodecPack_is1
O42 - Logiciel: Malwarebytes Anti-Malware versão 2.2.0.1024 - (.Malwarebytes.) [HKLM] -- Malwarebytes Anti-Malware_is1 ©
O42 - Logiciel: Mozilla Firefox 41.0.2 (x86 pt-BR) - (.Mozilla.) [HKLM] -- Mozilla Firefox 41.0.2 (x86 pt-BR) ©
O42 - Logiciel: Mozilla Maintenance Service - (.Mozilla.) [HKLM] -- MozillaMaintenanceService ©
O42 - Logiciel: Microsoft Compression Client Pack 1.0 for Windows XP - (.Microsoft Corporation.) [HKLM] -- MSCompPackV1 ©
O42 - Logiciel: PhotoScape - (...) [HKLM] -- PhotoScape
O42 - Logiciel: USB Disk Security - (.Zbshareware Lab.) [HKLM] -- USB Disk Security_is1
O42 - Logiciel: Microsoft Kernel-Mode Driver Framework Feature Pack 1.9 - (.Microsoft Corporation.) [HKLM] -- Wdf01009 ©
O42 - Logiciel: Windows Genuine Advantage Notifications (KB905474) - (.Microsoft Corporation.) [HKLM] -- WgaNotify ©
O42 - Logiciel: Windows Media Format 11 runtime - (...) [HKLM] -- Windows Media Format Runtime
O42 - Logiciel: Windows Media Player 11 - (...) [HKLM] -- Windows Media Player
O42 - Logiciel: WinRAR 5.21 (32-bit) - (.win.rar GmbH.) [HKLM] -- WinRAR archiver ©
O42 - Logiciel: Windows Media Format 11 runtime - (.Microsoft Corporation.) [HKLM] -- WMFDist11 ©
O42 - Logiciel: Windows Media Player 11 - (.Microsoft Corporation.) [HKLM] -- wmp11 ©
O42 - Logiciel: Microsoft User-Mode Driver Framework Feature Pack 1.0 - (.Microsoft Corporation.) [HKLM] -- Wudf01000 ©
O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM] -- {60EC980A-BDA2-4CB6-A427-B07A5498B4CA} ©
O42 - Logiciel: Google Drive - (.Google, Inc..) [HKLM] -- {9C350701-AC04-48BA-A435-BD5E0D82897E} ©
O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM] -- {A92DAB39-4E2C-4304-9AB6-BC44E68B55E2} ©
O42 - Logiciel: Adobe Reader XI (11.0.10) - (.Adobe Systems Incorporated.) [HKLM] -- {AC76BA86-7AD7-1033-7B44-AB0000000001} ©
O42 - Logiciel: Nero 7 Premium - (.Nero AG.) [HKLM] -- {F14B8ECC-BDA0-4987-9201-D7B7DBE11046} ©

---\\ Ponto de restauro do sistema (74) - 10s
HKLM\SOFTWARE\ActSys
HKLM\SOFTWARE\Adobe
HKLM\SOFTWARE\AdwCleaner
HKLM\SOFTWARE\ahead
HKLM\SOFTWARE\ANA
HKLM\SOFTWARE\AVAST Software
HKLM\SOFTWARE\baidu
HKLM\SOFTWARE\Baidu Security
HKLM\SOFTWARE\Borland
HKLM\SOFTWARE\C07ft5Y
HKLM\SOFTWARE\Creative Tech
HKLM\SOFTWARE\DtsEncodeTools
HKLM\SOFTWARE\Gabest
HKLM\SOFTWARE\Gemplus
HKLM\SOFTWARE\GNU
HKLM\SOFTWARE\Google
HKLM\SOFTWARE\GOSafer
HKLM\SOFTWARE\HaaliMkx
HKLM\SOFTWARE\InstallShield
HKLM\SOFTWARE\Intel
HKLM\SOFTWARE\InterVideo
HKLM\SOFTWARE\JavaSoft
HKLM\SOFTWARE\JreMetrics
HKLM\SOFTWARE\jumpshot.com
HKLM\SOFTWARE\KLCodecPack
HKLM\SOFTWARE\LAV
HKLM\SOFTWARE\LibreOffice
HKLM\SOFTWARE\Macromedia
HKLM\SOFTWARE\Malwarebytes' Anti-Malware
HKLM\SOFTWARE\McAfee.com
HKLM\SOFTWARE\Mooii
HKLM\SOFTWARE\Mozilla
HKLM\SOFTWARE\mozilla.org
HKLM\SOFTWARE\MozillaPlugins
HKLM\SOFTWARE\Nero
HKLM\SOFTWARE\NJax
HKLM\SOFTWARE\ODBC
HKLM\SOFTWARE\Piriform
HKLM\SOFTWARE\Program Groups
HKLM\SOFTWARE\RegisteredApplications
HKLM\SOFTWARE\SaveSys
HKLM\SOFTWARE\Schlumberger
HKLM\SOFTWARE\Search Vortex
HKLM\SOFTWARE\Secure
HKLM\SOFTWARE\Swearware
HKLM\SOFTWARE\The Document Foundation
HKLM\SOFTWARE\TrendMicro
HKLM\SOFTWARE\VIA Technologies, Inc
HKLM\SOFTWARE\Windows 3.1 Migration Status
HKLM\SOFTWARE\WinRAR
HKLM\SOFTWARE\Wow6432Node
HKCU\SOFTWARE\Adobe
HKCU\SOFTWARE\Ahead
HKCU\SOFTWARE\AOL
HKCU\SOFTWARE\AVAST Software
HKCU\SOFTWARE\Baidu Security
HKCU\SOFTWARE\Chromium
HKCU\SOFTWARE\Gabest
HKCU\SOFTWARE\GNU
HKCU\SOFTWARE\Google
HKCU\SOFTWARE\Haali
HKCU\SOFTWARE\Intel
HKCU\SOFTWARE\Licenses
HKCU\SOFTWARE\Macromedia
HKCU\SOFTWARE\MediaInfo
HKCU\SOFTWARE\Mozilla
HKCU\SOFTWARE\MozillaPlugins
HKCU\SOFTWARE\Netscape
HKCU\SOFTWARE\ODBC
HKCU\SOFTWARE\Piriform
HKCU\SOFTWARE\QtProject
HKCU\SOFTWARE\Trolltech
HKCU\SOFTWARE\WinRAR
HKCU\SOFTWARE\ZebHelpProcess Helper

---\\ Conteúdo das pastas Programs (94) - 5s
O43 - CFD: 2014/12/18 20:42:30 - [] D -- C:\Arquivos de programas\Adobe
O43 - CFD: 2015/03/05 19:57:40 - [] D -- C:\Arquivos de programas\Arquivos comuns
O43 - CFD: 2013/01/07 14:44:07 - [] D -- C:\Arquivos de programas\AVAST Software
O43 - CFD: 2015/05/25 13:15:46 - [] D -- C:\Arquivos de programas\Baidu Security
O43 - CFD: 2015/03/03 21:53:01 - [] D -- C:\Arquivos de programas\CCleaner
O43 - CFD: 2015/10/06 15:10:00 - [] D -- C:\Arquivos de programas\Google
O43 - CFD: 2013/01/07 14:39:05 - [] D -- C:\Arquivos de programas\InstallShield Installation Information
O43 - CFD: 2013/01/07 14:37:36 - [] D -- C:\Arquivos de programas\Intel
O43 - CFD: 2015/03/07 08:05:18 - [] D -- C:\Arquivos de programas\Internet Explorer
O43 - CFD: 2013/01/07 14:13:54 - [] D -- C:\Arquivos de programas\K-Lite Codec Pack
O43 - CFD: 2015/04/29 20:06:38 - [] D -- C:\Arquivos de programas\LibreOffice 4
O43 - CFD: 2015/10/20 18:22:18 - [] D -- C:\Arquivos de programas\Malwarebytes Anti-Malware
O43 - CFD: 2013/04/28 04:44:47 - [] D -- C:\Arquivos de programas\Messenger
O43 - CFD: 2013/01/07 13:51:38 - [] D -- C:\Arquivos de programas\microsoft frontpage
O43 - CFD: 2013/01/07 14:30:59 - [] D -- C:\Arquivos de programas\Microsoft Office
O43 - CFD: 2013/01/07 14:30:51 - [] D -- C:\Arquivos de programas\Microsoft Visual Studio
O43 - CFD: 2013/01/07 14:31:15 - [] D -- C:\Arquivos de programas\Microsoft Works
O43 - CFD: 2013/01/07 13:47:34 - [] D -- C:\Arquivos de programas\Movie Maker
O43 - CFD: 2015/10/17 18:29:06 - [] D -- C:\Arquivos de programas\Mozilla Firefox
O43 - CFD: 2015/10/17 18:29:06 - [] D -- C:\Arquivos de programas\Mozilla Maintenance Service
O43 - CFD: 2013/01/07 14:31:08 - [] D -- C:\Arquivos de programas\MSBuild
O43 - CFD: 2013/01/07 13:46:02 - [] D -- C:\Arquivos de programas\MSN Gaming Zone
O43 - CFD: 2013/01/07 14:18:31 - [] D -- C:\Arquivos de programas\Nero
O43 - CFD: 2013/01/07 13:47:48 - [] D -- C:\Arquivos de programas\NetMeeting
O43 - CFD: 2013/01/07 13:47:45 - [] D -- C:\Arquivos de programas\Outlook Express
O43 - CFD: 2013/01/11 00:56:16 - [] D -- C:\Arquivos de programas\PhotoScape
O43 - CFD: 2013/01/07 13:48:16 - [] D -- C:\Arquivos de programas\Serviços on-line
O43 - CFD: 2013/01/07 14:07:29 - [0] HD -- C:\Arquivos de programas\Uninstall Information
O43 - CFD: 2013/01/07 14:42:25 - [] D -- C:\Arquivos de programas\USB Disk Security
O43 - CFD: 2013/01/07 14:38:53 - [] D -- C:\Arquivos de programas\VIA
O43 - CFD: 2013/04/28 04:44:47 - [] D -- C:\Arquivos de programas\Windows Media Connect 2
O43 - CFD: 2013/01/07 13:52:02 - [] D -- C:\Arquivos de programas\Windows Media Player
O43 - CFD: 2013/01/07 13:45:55 - [] D -- C:\Arquivos de programas\Windows NT
O43 - CFD: 2015/03/15 11:26:01 - [] D -- C:\Arquivos de programas\WinRAR
O43 - CFD: 2013/01/07 13:51:38 - [] D -- C:\Arquivos de programas\xerox
O43 - CFD: 2013/10/19 17:46:10 - [] RD -- C:\Documents and Settings\All Users\Menu Iniciar\Programas\Acessórios
O43 - CFD: 2015/03/04 20:09:22 - [] D -- C:\Documents and Settings\All Users\Menu Iniciar\Programas\Barra de Ferramentas Crawler
O43 - CFD: 2015/03/03 21:53:01 - [] D -- C:\Documents and Settings\All Users\Menu Iniciar\Programas\CCleaner
O43 - CFD: 2013/01/07 13:49:33 - [] RD -- C:\Documents and Settings\All Users\Menu Iniciar\Programas\Ferramentas administrativas
O43 - CFD: 2015/03/04 20:09:22 - [] D -- C:\Documents and Settings\All Users\Menu Iniciar\Programas\Google Chrome
O43 - CFD: 2015/10/18 17:32:46 - [] D -- C:\Documents and Settings\All Users\Menu Iniciar\Programas\Google Drive
O43 - CFD: 2015/10/12 14:53:15 - [] RD -- C:\Documents and Settings\All Users\Menu Iniciar\Programas\Inicializar
O43 - CFD: 2013/01/07 13:46:35 - [] RD -- C:\Documents and Settings\All Users\Menu Iniciar\Programas\Jogos
O43 - CFD: 2013/01/07 14:13:45 - [] D -- C:\Documents and Settings\All Users\Menu Iniciar\Programas\K-Lite Codec Pack
O43 - CFD: 2015/04/29 20:06:57 - [] SD -- C:\Documents and Settings\All Users\Menu Iniciar\Programas\LibreOffice 4.4
O43 - CFD: 2015/10/20 18:22:20 - [] D -- C:\Documents and Settings\All Users\Menu Iniciar\Programas\Malwarebytes Anti-Malware
O43 - CFD: 2013/01/07 14:32:24 - [] D -- C:\Documents and Settings\All Users\Menu Iniciar\Programas\Microsoft Office
O43 - CFD: 2013/01/07 14:20:00 - [] D -- C:\Documents and Settings\All Users\Menu Iniciar\Programas\Nero 7 Premium
O43 - CFD: 2013/01/11 00:56:18 - [] D -- C:\Documents and Settings\All Users\Menu Iniciar\Programas\PhotoScape
O43 - CFD: 2013/01/07 14:12:15 - [] D -- C:\Documents and Settings\All Users\Menu Iniciar\Programas\USB Disk Security
O43 - CFD: 2015/03/15 11:25:55 - [] D -- C:\Documents and Settings\All Users\Menu Iniciar\Programas\WinRAR
O43 - CFD: 2014/12/18 20:42:42 - [] D -- C:\Documents and Settings\All Users\Dados de aplicativos\Adobe
O43 - CFD: 2013/12/05 01:45:21 - [] D -- C:\Documents and Settings\All Users\Dados de aplicativos\AVAST Software
O43 - CFD: 2015/05/25 20:33:53 - [] D -- C:\Documents and Settings\All Users\Dados de aplicativos\Baidu
O43 - CFD: 2015/06/24 16:27:19 - [] D -- C:\Documents and Settings\All Users\Dados de aplicativos\Baidu Security
O43 - CFD: 2015/02/28 00:22:17 - [] D -- C:\Documents and Settings\All Users\Dados de aplicativos\Malwarebytes
O43 - CFD: 2013/01/08 19:59:43 - [] D -- C:\Documents and Settings\All Users\Dados de aplicativos\McAfee
O43 - CFD: 2013/01/15 13:13:26 - [] SD -- C:\Documents and Settings\All Users\Dados de aplicativos\Microsoft
O43 - CFD: 2014/11/13 14:09:44 - [] D -- C:\Documents and Settings\All Users\Dados de aplicativos\Microsoft Help
O43 - CFD: 2013/01/07 14:15:13 - [] D -- C:\Documents and Settings\All Users\Dados de aplicativos\Mozilla
O43 - CFD: 2015/03/07 20:02:14 - [] D -- C:\Documents and Settings\All Users\Dados de aplicativos\Windows Genuine Advantage
O43 - CFD: 2015/10/17 19:14:32 - [0] D -- C:\Documents and Settings\All Users\Dados de aplicativos\Zbshareware Lab
O43 - CFD: 2014/12/18 20:43:19 - [] D -- C:\Arquivos de programas\Arquivos comuns\Adobe
O43 - CFD: 2013/01/07 14:20:04 - [] D -- C:\Arquivos de programas\Arquivos comuns\Ahead
O43 - CFD: 2013/01/07 14:30:51 - [] D -- C:\Arquivos de programas\Arquivos comuns\DESIGNER
O43 - CFD: 2013/01/07 14:38:02 - [] D -- C:\Arquivos de programas\Arquivos comuns\InstallShield
O43 - CFD: 2013/01/07 14:45:04 - [] D -- C:\Arquivos de programas\Arquivos comuns\Microsoft Shared
O43 - CFD: 2013/01/07 13:47:44 - [] D -- C:\Arquivos de programas\Arquivos comuns\MSSoap
O43 - CFD: 2013/01/07 11:42:38 - [] D -- C:\Arquivos de programas\Arquivos comuns\ODBC
O43 - CFD: 2013/01/07 13:47:47 - [] D -- C:\Arquivos de programas\Arquivos comuns\Serviços
O43 - CFD: 2013/01/07 11:42:35 - [] D -- C:\Arquivos de programas\Arquivos comuns\SpeechEngines
O43 - CFD: 2013/01/07 14:21:28 - [] D -- C:\Arquivos de programas\Arquivos comuns\System
O43 - CFD: 2015/05/05 17:26:56 - [] D -- C:\Documents and Settings\Administrador\Dados de aplicativos\Adobe
O43 - CFD: 2015/05/05 15:07:01 - [] D -- C:\Documents and Settings\Administrador\Dados de aplicativos\AVAST Software
O43 - CFD: 2015/05/05 15:06:33 - [] D -- C:\Documents and Settings\Administrador\Dados de aplicativos\Identities
O43 - CFD: 2015/05/08 14:53:14 - [] D -- C:\Documents and Settings\Administrador\Dados de aplicativos\LibreOffice
O43 - CFD: 2015/05/05 15:22:28 - [] D -- C:\Documents and Settings\Administrador\Dados de aplicativos\Macromedia
O43 - CFD: 2015/06/06 16:11:28 - [] D -- C:\Documents and Settings\Administrador\Dados de aplicativos\Media Player Classic
O43 - CFD: 2015/10/16 16:41:19 - [] SD -- C:\Documents and Settings\Administrador\Dados de aplicativos\Microsoft
O43 - CFD: 2015/05/05 15:07:35 - [] D -- C:\Documents and Settings\Administrador\Dados de aplicativos\Mozilla
O43 - CFD: 2015/08/23 15:02:53 - [] D -- C:\Documents and Settings\Administrador\Dados de aplicativos\PhotoScape
O43 - CFD: 2015/05/05 17:30:29 - [] D -- C:\Documents and Settings\Administrador\Dados de aplicativos\WinRAR
O43 - CFD: 2009/05/21 01:06:05 - [] D -- C:\Documents and Settings\Administrador\Dados de aplicativos\Zbshareware Lab
O43 - CFD: 2015/10/22 12:31:40 - [] D -- C:\Documents and Settings\Administrador\Dados de aplicativos\ZHP
O43 - CFD: 2015/10/12 14:40:33 - [] D -- C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Adobe
O43 - CFD: 2015/10/05 17:14:14 - [] D -- C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Ahead
O43 - CFD: 2015/05/25 20:01:32 - [] D -- C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Chromium
O43 - CFD: 2015/10/06 15:02:09 - [] D -- C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Google
O43 - CFD: 2015/05/05 15:06:50 - [] SD -- C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Microsoft
O43 - CFD: 2015/05/16 10:16:18 - [0] D -- C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Microsoft Help
O43 - CFD: 2015/05/05 15:07:26 - [] D -- C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Mozilla
O43 - CFD: 2015/05/05 18:02:05 - [] D -- C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Temp
O43 - CFD: 2015/05/05 15:06:40 - [] RD -- C:\Documents and Settings\Administrador\Menu Iniciar\Programas\Acessórios
O43 - CFD: 2013/01/07 11:42:13 - [] RD -- C:\Documents and Settings\Administrador\Menu Iniciar\Programas\Inicializar

---\\ Softwares de proteçao do sistema (Supérfluo) (10) - 0s
O106 - SIOI: Google Drive Shell extension [ GoogleDriveBlacklisted] - {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}. (.Google - Google Drive shell extension.) -- C:\Arquivos de programas\Google\Drive\googledrivesync32.dll ©
O106 - SIOI: Google Drive Shell extension [ GoogleDriveSynced] - {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}. (.Google - Google Drive shell extension.) -- C:\Arquivos de programas\Google\Drive\googledrivesync32.dll ©
O106 - SIOI: Google Drive Shell extension [ GoogleDriveSyncing] - {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}. (.Google - Google Drive shell extension.) -- C:\Arquivos de programas\Google\Drive\googledrivesync32.dll ©
O106 - SIOI: avast [00avast] - {472083B0-C522-11CF-8763-00608CC02F24}. (.AVAST Software - avast! Shell Extension.) -- C:\Arquivos de programas\AVAST Software\Avast\ashShell.dll ©
O106 - SIOI: Groove Explorer Icon Overlay 1 (GFS Unread Stub) [Groove Explorer Icon Overlay 1 (GFS Unread Stub)] - {99FD978C-D287-4F50-827F-B2C658EDA8E7}. (.Microsoft Corporation - GrooveShellExtensions Module.) -- C:\Arquivos de programas\Microsoft Office\Office12\GrooveShellExtensions.dll ©
O106 - SIOI: Groove Explorer Icon Overlay 2 (GFS Stub) [Groove Explorer Icon Overlay 2 (GFS Stub)] - {AB5C5600-7E6E-4B06-9197-9ECEF74D31CC}. (.Microsoft Corporation - GrooveShellExtensions Module.) -- C:\Arquivos de programas\Microsoft Office\Office12\GrooveShellExtensions.dll ©
O106 - SIOI: Groove Explorer Icon Overlay 2.5 (GFS Unread Folder) [Groove Explorer Icon Overlay 2.5 (GFS Unread Folder)] - {920E6DB1-9907-4370-B3A0-BAFC03D81399}. (.Microsoft Corporation - GrooveShellExtensions Module.) -- C:\Arquivos de programas\Microsoft Office\Office12\GrooveShellExtensions.dll ©
O106 - SIOI: Groove Explorer Icon Overlay 3 (GFS Folder) [Groove Explorer Icon Overlay 3 (GFS Folder)] - {16F3DD56-1AF5-4347-846D-7C10C4192619}. (.Microsoft Corporation - GrooveShellExtensions Module.) -- C:\Arquivos de programas\Microsoft Office\Office12\GrooveShellExtensions.dll ©
O106 - SIOI: Groove Explorer Icon Overlay 4 (GFS Unread Mark) [Groove Explorer Icon Overlay 4 (GFS Unread Mark)] - {2916C86E-86A6-43FE-8112-43ABE6BF8DCC}. (.Microsoft Corporation - GrooveShellExtensions Module.) -- C:\Arquivos de programas\Microsoft Office\Office12\GrooveShellExtensions.dll ©
O106 - SIOI: Offline Files Menu [Offline Files] - {750fdf0e-2a26-11d1-a3ea-080036587f03}. (.Microsoft Corporation - Interface de usuário de cache do cliente.) -- C:\WINDOWS\system32\cscui.dll ©

---\\ Lista dos drivers do sistema (47) - 4s
O58 - SDL:2013/10/31 04:46:14 A . (.AVAST Software - avast! Filtering TDI driver.) -- C:\WINDOWS\System32\drivers\aswFW.sys [104752] ©
O58 - SDL:2015/09/28 14:35:45 A . (.AVAST Software - avast! HWID.) -- C:\WINDOWS\System32\drivers\aswHwid.sys [24016] ©
O58 - SDL:2015/09/28 14:35:45 A . (.AVAST Software - avast! File System Minifilter for Windows 2.) -- C:\WINDOWS\System32\drivers\aswMonFlt.sys [76000] ©
O58 - SDL:2015/09/28 14:35:45 A . (.AVAST Software - avast! TDI Redirect Driver.) -- C:\WINDOWS\System32\drivers\aswRdr.sys [55200] ©
O58 - SDL:2015/09/28 14:35:45 A . (.AVAST Software - avast! Revert.) -- C:\WINDOWS\System32\drivers\aswRvrt.sys [49776] ©
O58 - SDL:2015/09/28 14:35:22 A . (.AVAST Software - avast! Virtualization Driver.) -- C:\WINDOWS\System32\drivers\aswSnx.sys [789296] ©
O58 - SDL:2015/09/28 14:35:45 A . (.AVAST Software - avast! self protection module.) -- C:\WINDOWS\System32\drivers\aswSP.sys [434184] ©
O58 - SDL:2015/09/28 14:35:46 A . (.AVAST Software - avast! Stream Filter.) -- C:\WINDOWS\System32\drivers\aswStmXP.sys [157888] ©
O58 - SDL:2015/09/28 14:35:46 A . (.AVAST Software - avast! TDI Filter Driver.) -- C:\WINDOWS\System32\drivers\aswTdi.sys [57888] ©
O58 - SDL:2015/09/28 14:35:45 A . (.AVAST Software - avast! VM Monitor.) -- C:\WINDOWS\System32\drivers\aswVmm.sys [208664] ©
O58 - SDL:2011/09/27 20:44:52 A . (.RAVISENT Technologies Inc. - CineMaster C 1.2 WDM Main Driver.) -- C:\WINDOWS\System32\drivers\cinemst2.sys [262528] ©
O58 - SDL:2011/09/27 20:44:52 A . (.Compaq Computer Corporation - Compaq PA-1 Player Driver.) -- C:\WINDOWS\System32\drivers\cpqdap01.sys [11776] ©
O58 - SDL:2008/04/14 02:00:00 A . (.Microsoft Corp., Veritas Software - NT Disk Manager Startup Driver.) -- C:\WINDOWS\System32\drivers\dmboot.sys [800000] ©
O58 - SDL:2008/04/14 02:00:00 A . (.Microsoft Corp., Veritas Software - NT Disk Manager I/O Driver.) -- C:\WINDOWS\System32\drivers\dmio.sys [153984] ©
O58 - SDL:2008/04/14 02:00:00 A . (.Microsoft Corp., Veritas Software. - NT Disk Manager Startup Driver.) -- C:\WINDOWS\System32\drivers\dmload.sys [5888] ©
O58 - SDL:2008/04/14 02:00:00 A . (.Windows (R) Server 2003 DDK provider - High Definition Audio Bus Driver v1.0a.) -- C:\WINDOWS\System32\drivers\hdaudbus.sys [144384]
O58 - SDL:2009/03/09 09:36:58 A . (.Intel Corporation - Intel Graphics Miniport Driver.) -- C:\WINDOWS\System32\drivers\igxpmp32.sys [6278016] ©
O58 - SDL:2005/08/15 12:08:26 A . (.Ahead Software AG - NERO IMAGEDRIVE SCSI miniport.) -- C:\WINDOWS\System32\drivers\imagedrv.sys [5888] ©
O58 - SDL:2005/08/15 12:08:26 A . (.Ahead Software AG - Nero Image Server.) -- C:\WINDOWS\System32\drivers\imagesrv.sys [127488] ©
O58 - SDL:2008/10/16 23:14:00 A . (.Atheros Communications, Inc. - Atheros Fast Ethernet Controller ndis minip.) -- C:\WINDOWS\System32\drivers\l251x86.sys [30720] ©
O58 - SDL:2015/10/05 09:50:04 A . (.Malwarebytes - Malwarebytes Anti-Malware.) -- C:\WINDOWS\System32\drivers\mbam.sys [23256] ©
O58 - SDL:2015/10/05 09:50:10 A . (.Malwarebytes - Malwarebytes Chameleon Protection Driver.) -- C:\WINDOWS\System32\drivers\mbamchameleon.sys [121560] ©
O58 - SDL:2015/10/21 16:39:15 A . (.Malwarebytes - Malwarebytes Anti-Malware.) -- C:\WINDOWS\System32\drivers\MBAMSwissArmy.sys [170200] ©
O58 - SDL:2008/02/14 14:12:00 RA . (.Creative Technology Ltd. - Creative WDM Audio Driver (32-bit).) -- C:\WINDOWS\System32\drivers\monfilt.sys [1389056] ©
O58 - SDL:2011/09/27 20:44:52 A . (.S3/Diamond Multimedia Systems - NikeDrv Usb Driver.) -- C:\WINDOWS\System32\drivers\nikedrv.sys [12032] ©
O58 - SDL:2008/04/14 02:00:00 A . (.Parallel Technologies, Inc. - Parallel Technologies DirectParallel IO Lib.) -- C:\WINDOWS\System32\drivers\ptilink.sys [17792] ©
O58 - SDL:2011/09/27 20:44:52 A . (.S3/Diamond Multimedia Systems - Rio8Drv.sys Usb Driver.) -- C:\WINDOWS\System32\drivers\rio8drv.sys [12032] ©
O58 - SDL:2011/09/27 20:44:52 A . (.S3/Diamond Multimedia Systems - RioDrv Usb Driver.) -- C:\WINDOWS\System32\drivers\riodrv.sys [12032] ©
O58 - SDL:2008/04/14 02:00:00 A . (.Macrovision Corporation, Macrovision Europe Limited, - Macrovision SECURITY Driver.) -- C:\WINDOWS\System32\drivers\secdrv.sys [20480] ©
O58 - SDL:2011/09/27 20:44:52 A . (.Toshiba Corporation - WDM Toshiba Tecra Video Capture Driver.) -- C:\WINDOWS\System32\drivers\tsbvcap.sys [21376] ©
O58 - SDL:2011/09/27 20:44:52 A . (.RAVISENT Technologies Inc. - CineMaster C WDM DVD Minidriver.) -- C:\WINDOWS\System32\drivers\vdmindvd.sys [58112] ©
O58 - SDL:2009/05/08 11:22:28 RA . (.VIA Technologies, Inc. - VIA High Definition Audio Function Driver.) -- C:\WINDOWS\System32\drivers\viahduaa.sys [1358720] ©
O58 - SDL:2008/04/14 02:00:00 A . (...) -- C:\WINDOWS\System32\ansi.sys [9032]
O58 - SDL:2008/04/14 02:00:00 A . (...) -- C:\WINDOWS\System32\country.sys [27097]
O58 - SDL:2008/04/14 02:00:00 A . (...) -- C:\WINDOWS\System32\himem.sys [4896]
O58 - SDL:2008/04/14 02:00:00 A . (...) -- C:\WINDOWS\System32\key01.sys [42809]
O58 - SDL:2008/04/14 02:00:00 A . (...) -- C:\WINDOWS\System32\keyboard.sys [42537]
O58 - SDL:2008/04/14 02:00:00 A . (...) -- C:\WINDOWS\System32\ntdos.sys [27900]
O58 - SDL:2008/04/14 02:00:00 A . (...) -- C:\WINDOWS\System32\ntdos404.sys [29146]
O58 - SDL:2008/04/14 02:00:00 A . (...) -- C:\WINDOWS\System32\ntdos411.sys [29370]
O58 - SDL:2008/04/14 02:00:00 A . (...) -- C:\WINDOWS\System32\ntdos412.sys [29274]
O58 - SDL:2008/04/14 02:00:00 A . (...) -- C:\WINDOWS\System32\ntdos804.sys [29146]
O58 - SDL:2008/04/14 02:00:00 A . (...) -- C:\WINDOWS\System32\ntio.sys [33984]
O58 - SDL:2008/04/14 02:00:00 A . (...) -- C:\WINDOWS\System32\ntio404.sys [34560]
O58 - SDL:2008/04/14 02:00:00 A . (...) -- C:\WINDOWS\System32\ntio411.sys [35648]
O58 - SDL:2008/04/14 02:00:00 A . (...) -- C:\WINDOWS\System32\ntio412.sys [35424]
O58 - SDL:2008/04/14 02:00:00 A . (...) -- C:\WINDOWS\System32\ntio804.sys [34560]

---\\ Últimos ficheiros alterados ou criados (Utilizador) (5) - 28s
O61 - LFC: 2015/10/17 18:36:13 A . (..) -- C:\Documents and Settings\Administrador\Desktop\zoek.exe [1309184]
O61 - LFC: 2015/10/16 23:08:39 A . (..) -- C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Google\Chrome\User Data\ev_hashes_whitelist.bin [674082]
O61 - LFC: 2015/10/15 14:20:48 A . (..) -- C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Google\Chrome\User Data\PepperFlash\19.0.0.226\pepflashplayer.dll [16493256]
O61 - LFC: 2015/10/16 16:30:42 A . (..) -- C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Chromium\User Data\ev_hashes_whitelist.bin [674082]
O61 - LFC: 2015/10/19 12:11:13 A . (..) -- C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Adobe\Acrobat\11.0\UserCache.bin [88200]

---\\ Associações Shell Spawning (10) - 1s
O67 - Shell Spawning: <.bat> [HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.cpl> [HKLM\..\cplopen\Command] (.Microsoft Corporation - DLL comum do Shell do Windows.) -- C:\WINDOWS\system32\shell32.dll ©
O67 - Shell Spawning: <.cmd> [HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.com> [HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.exe> [HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.html> [HKLM\..\open\Command] (.Google Inc. - Google Chrome.) -- C:\Arquivos de programas\Google\Chrome\Application\chrome.exe ©
O67 - Shell Spawning: <.js> [HKLM\..\open\Command] (.Microsoft Corporation - Microsoft (R) Windows Based Script Host.) -- C:\WINDOWS\system32\wscript.exe ©
O67 - Shell Spawning: <.reg> [HKLM\..\open\Command] (.Microsoft Corporation - Editor do Registro.) -- C:\WINDOWS\regedit.exe ©
O67 - Shell Spawning: <.scr> [HKLM\..\open\Command] (...) -- "%1" /S
O67 - Shell Spawning: <.html> [HKCU\..\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Arquivos de programas\Mozilla Firefox\firefox.exe ©

---\\ Menu de inicialização Internet (17) - 0s
O68 - StartMenuInternet: <>[HKLM\..\Shell\open\Command] (...) -- Chrome.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.The Chromium Authors - Chromium.) -- C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Chromium\Application\chrome.exe ©
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Arquivos de programas\Mozilla Firefox\firefox.exe ©
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Arquivos de programas\Google\Chrome\Application\chrome.exe ©
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- iexplore.exe ©
O68 - StartMenuInternet: [HKLM\..\InstallInfo\ShowIconsCommand] (.The Chromium Authors - Chromium.) -- C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Chromium\Application\chrome.exe ©
O68 - StartMenuInternet: [HKLM\..\InstallInfo\ShowIconsCommand] (.Mozilla Corporation - Firefox Helper.) -- C:\Arquivos de programas\Mozilla Firefox\uninstall\helper.exe ©
O68 - StartMenuInternet: [HKLM\..\InstallInfo\ShowIconsCommand] (.Google Inc. - Google Chrome.) -- C:\Arquivos de programas\Google\Chrome\Application\chrome.exe ©
O68 - StartMenuInternet: [HKLM\..\InstallInfo\ShowIconsCommand] (.Microsoft Corporation - IE Per-User Initialization Utility.) -- C:\WINDOWS\system32\ie4uinit.exe ©
O68 - StartMenuInternet: [HKLM\..\InstallInfo\ReinstallCommand] (.The Chromium Authors - Chromium.) -- C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Chromium\Application\chrome.exe ©
O68 - StartMenuInternet: [HKLM\..\InstallInfo\ReinstallCommand] (.Mozilla Corporation - Firefox Helper.) -- C:\Arquivos de programas\Mozilla Firefox\uninstall\helper.exe ©
O68 - StartMenuInternet: [HKLM\..\InstallInfo\ReinstallCommand] (.Google Inc. - Google Chrome.) -- C:\Arquivos de programas\Google\Chrome\Application\chrome.exe ©
O68 - StartMenuInternet: [HKLM\..\InstallInfo\ReinstallCommand] (.Microsoft Corporation - IE Per-User Initialization Utility.) -- C:\WINDOWS\system32\ie4uinit.exe ©
O68 - StartMenuInternet: [HKLM\..\InstallInfo\HideIconsCommand] (.The Chromium Authors - Chromium.) -- C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Chromium\Application\chrome.exe ©
O68 - StartMenuInternet: [HKLM\..\InstallInfo\HideIconsCommand] (.Mozilla Corporation - Firefox Helper.) -- C:\Arquivos de programas\Mozilla Firefox\uninstall\helper.exe ©
O68 - StartMenuInternet: [HKLM\..\InstallInfo\HideIconsCommand] (.Google Inc. - Google Chrome.) -- C:\Arquivos de programas\Google\Chrome\Application\chrome.exe ©
O68 - StartMenuInternet: [HKLM\..\InstallInfo\HideIconsCommand] (.Microsoft Corporation - IE Per-User Initialization Utility.) -- C:\WINDOWS\system32\ie4uinit.exe ©

---\\ Pesquisa de infeção nos navegadores da Internet (2) - 6s
O69 - SBI: SearchScopes [HKCU] {012E1000-F331-11DB-8314-0800200C9A66} [DefaultScope] - (Google) - http://www.google.com/
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (Bing) - http://www.bing.com/

---\\ Listagem dos serviços iniciados pelo Svchost (41) - 1s
O83 - Search Svchost Services: AppMgmt (AppMgmt) . (.Microsoft Corporation - Serviço de instalação do software.) -- C:\WINDOWS\system32\appmgmts.dll [172032] ©
O83 - Search Svchost Services: AudioSrv (AudioSrv) . (.Microsoft Corporation - Windows Audio Service.) -- C:\WINDOWS\system32\audiosrv.dll [42496] ©
O83 - Search Svchost Services: Browser (Browser) . (.Microsoft Corporation - Computer Browser Service DLL.) -- C:\WINDOWS\system32\browser.dll [78336] ©
O83 - Search Svchost Services: CryptSvc (CryptSvc) . (.Microsoft Corporation - Cryptographic Services.) -- C:\WINDOWS\system32\cryptsvc.dll [62464] ©
O83 - Search Svchost Services: DMServer (DMServer) . (.Microsoft Corp. - Dll do serviço do Gerenciador de discos lóg.) -- C:\WINDOWS\system32\dmserver.dll [23552] ©
O83 - Search Svchost Services: DHCP (DHCP) . (.Microsoft Corporation - Serviço do Cliente DHCP.) -- C:\WINDOWS\system32\dhcpcsvc.dll [126976] ©
O83 - Search Svchost Services: ERSvc (ERSvc) . (.Microsoft Corporation - Windows Error Reporting Service.) -- C:\WINDOWS\system32\ersvc.dll [23040] ©
O83 - Search Svchost Services: EventSystem (EventSystem) . (.Microsoft Corporation - .) -- C:\WINDOWS\system32\es.dll [253952] ©
O83 - Search Svchost Services: FastUserSwitchingCompatibility (FastUserSwitchingCompatibility) . (.Microsoft Corporation - DLL de serviços do Shell do Windows.) -- C:\WINDOWS\system32\shsvcs.dll [135168] ©
O83 - Search Svchost Services: HidServ (HidServ) . (.Microsoft Corporation - HID Audio Service.) -- C:\WINDOWS\system32\hidserv.dll [21504] ©
O83 - Search Svchost Services: LanmanServer (LanmanServer) . (.Microsoft Corporation - Server Service DLL.) -- C:\WINDOWS\system32\srvsvc.dll [99840] ©
O83 - Search Svchost Services: LanmanWorkstation (LanmanWorkstation) . (.Microsoft Corporation - Workstation Service DLL.) -- C:\WINDOWS\system32\wkssvc.dll [134144] ©
O83 - Search Svchost Services: Messenger (Messenger) . (.Microsoft Corporation - NT Messenger Service.) -- C:\WINDOWS\system32\msgsvc.dll [33792] ©
O83 - Search Svchost Services: Netman (Netman) . (.Microsoft Corporation - Gerenciador de conexões de rede.) -- C:\WINDOWS\system32\netman.dll [198144] ©
O83 - Search Svchost Services: Nla (Nla) . (.Microsoft Corporation - Fornecedor de serviços do Microsoft Windows.) -- C:\WINDOWS\system32\mswsock.dll [247808] ©
O83 - Search Svchost Services: Ntmssvc (Ntmssvc) . (.Microsoft Corporation - Gerenciador de armazenamento removível.) -- C:\WINDOWS\system32\ntmssvc.dll [437248] ©
O83 - Search Svchost Services: NWCWorkstation (NWCWorkstation) . (.Microsoft Corporation - Client Service for Netware.) -- C:\WINDOWS\system32\nwwks.dll [65536] ©
O83 - Search Svchost Services: Rasauto (Rasauto) . (.Microsoft Corporation - Remote Access AutoDial Manager.) -- C:\WINDOWS\system32\rasauto.dll [88576] ©
O83 - Search Svchost Services: Rasman (Rasman) . (.Microsoft Corporation - Remote Access Connection Manager.) -- C:\WINDOWS\system32\rasmans.dll [186368] ©
O83 - Search Svchost Services: Remoteaccess (Remoteaccess) . (.Microsoft Corporation - Dynamic Interface Manager.) -- C:\WINDOWS\system32\mprdim.dll [53248] ©
O83 - Search Svchost Services: Schedule (Schedule) . (.Microsoft Corporation - Mecanismo do 'Agendador de tarefas'.) -- C:\WINDOWS\system32\schedsvc.dll [193536] ©
O83 - Search Svchost Services: Seclogon (Seclogon) . (.Microsoft Corporation - DLL de serviço de logon secundário.) -- C:\WINDOWS\system32\seclogon.dll [18944] ©
O83 - Search Svchost Services: SENS (SENS) . (.Microsoft Corporation - System Event Notification Service (SENS).) -- C:\WINDOWS\system32\sens.dll [39424] ©
O83 - Search Svchost Services: Sharedaccess (Sharedaccess) . (.Microsoft Corporation - Componentes do Microsoft NAT Helper.) -- C:\WINDOWS\system32\ipnathlp.dll [331264] ©
O83 - Search Svchost Services: SRService (SRService) . (.Microsoft Corporation - Serviço de restauração do sistema.) -- C:\WINDOWS\system32\srsvc.dll [171520] ©
O83 - Search Svchost Services: Tapisrv (Tapisrv) . (.Microsoft Corporation - Servidor de telefonia do Microsoft(R) Windo.) -- C:\WINDOWS\system32\tapisrv.dll [249856] ©
O83 - Search Svchost Services: Themes (Themes) . (.Microsoft Corporation - DLL de serviços do Shell do Windows.) -- C:\WINDOWS\system32\shsvcs.dll [135168] ©
O83 - Search Svchost Services: TrkWks (TrkWks) . (.Microsoft Corporation - Distributed Link Tracking Client.) -- C:\WINDOWS\system32\trkwks.dll [90112] ©
O83 - Search Svchost Services: W32Time (W32Time) . (.Microsoft Corporation - Windows Time Service.) -- C:\WINDOWS\system32\w32time.dll [176128] ©
O83 - Search Svchost Services: WZCSVC (WZCSVC) . (.Microsoft Corporation - Serviço de configuração zero sem fio.) -- C:\WINDOWS\system32\wzcsvc.dll [483840] ©
O83 - Search Svchost Services: Wmi (Wmi) . (.Microsoft Corporation - API de base do Windows 32 avançada.) -- C:\WINDOWS\system32\advapi32.dll [683520] ©
O83 - Search Svchost Services: winmgmt (winmgmt) . (.Microsoft Corporation - WMI.) -- C:\WINDOWS\system32\wbem\wmisvc.dll [145408] ©
O83 - Search Svchost Services: wscsvc (wscsvc) . (.Microsoft Corporation - Windows Security Center Service.) -- C:\WINDOWS\system32\wscsvc.dll [80896] ©
O83 - Search Svchost Services: xmlprov (xmlprov) . (.Microsoft Corporation - Network Provisioning Service.) -- C:\WINDOWS\system32\xmlprov.dll [129024] ©
O83 - Search Svchost Services: napagent (napagent) . (.Microsoft Corporation - Tempo de Execução de Serviço de Agente de Q.) -- C:\WINDOWS\system32\qagentrt.dll [292864] ©
O83 - Search Svchost Services: hkmsvc (hkmsvc) . (.Microsoft Corporation - Serviço de Gerenciamento de Chaves.) -- C:\WINDOWS\system32\kmsvc.dll [61440] ©
O83 - Search Svchost Services: BITS (BITS) . (.Microsoft Corporation - Serviço de transferência inteligente de pla.) -- C:\WINDOWS\system32\qmgr.dll [409088] ©
O83 - Search Svchost Services: wuauserv (wuauserv) . (.Microsoft Corporation - Windows Update AutoUpdate Service.) -- C:\WINDOWS\system32\wuauserv.dll [6656] ©
O83 - Search Svchost Services: ShellHWDetection (ShellHWDetection) . (.Microsoft Corporation - DLL de serviços do Shell do Windows.) -- C:\WINDOWS\system32\shsvcs.dll [135168] ©
O83 - Search Svchost Services: helpsvc (helpsvc) . (.Microsoft Corporation - Microsoft PCHealth Service Holder.) -- C:\WINDOWS\pchealth\helpctr\binaries\pchsvc.dll [38400] ©
O83 - Search Svchost Services: WmdmPmSN (WmdmPmSN) . (.Microsoft Corporation - Microsoft Media Device Service Provider.) -- C:\WINDOWS\system32\mspmsnsv.dll [27136] ©

---\\ Serviços não Microsoft (SR=Executados, SS=Parados) (8) - 19s

SS - Demand [2015/10/16 20:03:58] [ 269000] Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe ©
SR - Auto [2015/09/28 14:35:33] [ 146600] Avast Antivirus (avast! Antivirus) . (.AVAST Software.) - C:\Arquivos de programas\AVAST Software\Avast\AvastSvc.exe ©
SS - Auto [2015/08/28 17:25:54] [ 144200] Serviço do Google Update (gupdate) (gupdate) . (.Google Inc..) - C:\Arquivos de programas\Google\Update\GoogleUpdate.exe ©
SS - Demand [2015/08/28 17:25:54] [ 144200] Serviço do Google Update (gupdatem) (gupdatem) . (.Google Inc..) - C:\Arquivos de programas\Google\Update\GoogleUpdate.exe ©
SS - Auto [2015/10/05 09:48:46] [ 1135416] (MBAMService) . (.Malwarebytes.) - C:\Arquivos de programas\Malwarebytes Anti-Malware\mbamservice.exe ©
SS - Demand [2015/10/15 18:37:53] [ 147624] Mozilla Maintenance Service (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Arquivos de programas\Mozilla Maintenance Service\maintenanceservice.exe ©
SS - Demand [2006/10/09 22:11:08] [ 724992] NBService (NBService) . (.Nero AG.) - C:\Arquivos de programas\Nero\Nero 7\Nero BackItUp\NBService.exe ©

---\\ Scâner Aditional (1) - 0s
~ Nenhum ítem malicioso o desnecessários foi encontrado.

---\\ Informações complémentaires do módulos (1) - 0s
~ Nenhum ítem malicioso o desnecessários foi encontrado.

~ End of the scan, 23610 items in 109 seconds (596)(0)()

Publicité


Signaler le contenu de ce document

Publicité