Publicité

Commentaire : ~ Relatório do ZHPDiag v2015.4.6.36 - Nicolas Coolman (29/03/2015) ~ Iniciado por Elzirene (28/05/2016 23:53:05) ~ Facebook : https://www.facebook.com/nicolascoolman1 ~ Endereço do Webforum : http://forum.nicolascoolman.fr ~ Tradução pelo utilizador ~ Estatuto da versão : Nova Versão disponivel ~ Lista Branca : Desativado pelo Utilizador ~ Elevação dos Privilégios : OK ~ Controle de Conta de Utilizador : Deactivate by program ---\\ Navegadores Internet MSIE: Internet Explorer v10.0.9200.17116 MFIE: Mozilla Firefox 46.0.1 (Defaut) GCIE: Google Chrome v50.0.2661.102 ---\\ Informações sobre os produtos Windows ~ Langage: Portugais Windows Server License Manager Script : OK Software Protection Service (Protection logicielle) : OK Key Management Service client information : KO Windows Automatic Updates : OK Windows Activation Technologies : OK Windows 8, 64-bit (Build 9200) ---\\ Softwares de proteçao do sistema Avast Free Antivirus v11.2.2262 Windows Defender W8 (Deactivate) ---\\ Softwares d'optimização do sistema ---\\ Softwares de partilha do PeerToPeer (P2P) ---\\ Monitoramento dos softwares Adobe Flash Player 21 NPAPI ---\\ Informações sobre o sistema ~ Processor: Intel64 Family 6 Model 58 Stepping 9, GenuineIntel ~ Operating System: 64 Bits Boot mode: Normal (Normal boot) Total RAM: 3969 MB (67% free) System Restore: Activé (Enable) System drive C: has 149 GB (67%) free of 221 GB ---\\ Modo de conexão ao sistema ~ Computer Name: ELZIRENE ~ User Name: Elzirene ~ All Users Names: HomeGroupUser$, Elzirene, Convidado, Administrador, ~ Unselected Option: None Logged in as Administrator ---\\ As variáveis de ambiente ~ System Unit : C:\ ~ %AppZHP% : C:\Users\Elzirene\AppData\Roaming\ZHP\ ~ %AppData% : C:\Users\Elzirene\AppData\Roaming\ ~ %Desktop% : C:\Users\Elzirene\Desktop\ ~ %Favorites% : C:\Users\Elzirene\Favorites\ ~ %LocalAppData% : C:\Users\Elzirene\AppData\Local\ ~ %StartMenu% : C:\Users\Elzirene\AppData\Roaming\Microsoft\Windows\Start Menu\ ~ %Windir% : C:\Windows\ ~ %System% : C:\Windows\System32\ ---\\ Enumeração das unidades dos discos C: Hard drive, Flash drive, Thumb drive (Free 149 Go of 221 Go) D: Hard drive, Flash drive, Thumb drive (Free 244 Go of 244 Go) E: CD-ROM drive (Not Inserted) ---\\ Estado do Centro de Segurança do Windows [HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: Modified =>Hijacker.Application [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK [HKLM\SYSTEM\CurrentControlSet\Services\COMSysApp] Type: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime : Out Of Date ~ Security Center: 41 Scanned in 00mn 00s ---\\ Pesquisa particular de ficheiros genéricos [MD5.928791755FDDEA721B053535EF84FA17] - (.Microsoft Corporation - Explorador do Windows.) (.26/07/2012 - 01:49:13.) -- C:\Windows\Explorer.exe [2380440] [MD5.FE9AB232B56A12224E8A3F3F9878C9A3] - (.Microsoft Corporation - Aplicação de Arranque do Windows.) (.26/07/2012 - 00:08:50.) -- C:\Windows\System32\Wininit.exe [132608] [MD5.949C61BEF8501BD244C50A7F182CEC74] - (.Microsoft Corporation - Extensões da Internet para Win32.) (.20/09/2014 - 02:17:42.) -- C:\Windows\System32\wininet.dll [2236928] [MD5.75DD70A14145499C9F7D903CF9A8C91B] - (.Microsoft Corporation - Aplicação de início de sessão do Windows.) (.12/04/2014 - 06:10:31.) -- C:\Windows\System32\Winlogon.exe [578048] [MD5.9448F5740A037EC0C18F0E9177232DD0] - (.Microsoft Corporation - Biblioteca de Licenciamento de Software.) (.26/07/2012 - 00:07:20.) -- C:\Windows\System32\sppcomapi.dll [273408] [MD5.FE7FB9612D354EB41DF4F0FF5D6FB259] - (.Microsoft Corporation - Controlador de Função Auxiliar para Winsock.) (.29/05/2014 - 19:24:46.) -- C:\Windows\system32\Drivers\AFD.sys [576512] [MD5.A721FF570C2387E383BDDEA9632863C9] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.26/07/2012 - 02:00:48.) -- C:\Windows\system32\Drivers\atapi.sys [25840] [MD5.990B1BABE6E81FB18E65A87EBEFB1772] - (.Microsoft Corporation - CD-ROM File System Driver.) (.25/07/2012 - 23:30:10.) -- C:\Windows\system32\Drivers\Cdfs.sys [108544] [MD5.339BFF85D788268752DA8C9644B188EE] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.25/07/2012 - 23:26:36.) -- C:\Windows\system32\Drivers\Cdrom.sys [174080] [MD5.09D9EB9E7898F8E6561473A20CC808B9] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.25/07/2012 - 23:26:53.) -- C:\Windows\system32\Drivers\DfsC.sys [118784] [MD5.8D6810577E9C4F56DCB8E9BACAC7287B] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.25/07/2012 - 23:27:36.) -- C:\Windows\system32\Drivers\HDAudBus.sys [71168] [MD5.C9E9CBF73AFFBFE3E801EFB516787BA3] - (.Microsoft Corporation - Controlador de porta i8042.) (.25/07/2012 - 23:28:51.) -- C:\Windows\system32\Drivers\i8042prt.sys [112640] [MD5.3969B9C218DD3FAA9F4ED2FFC3651C02] - (.Microsoft Corporation - IP Network Address Translator.) (.25/07/2012 - 23:23:01.) -- C:\Windows\system32\Drivers\IpNat.sys [145920] [MD5.93179D48066918323628CB016D8C94DC] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.05/02/2013 - 19:29:09.) -- C:\Windows\system32\Drivers\MRxSmb.sys [370688] [MD5.7CEC25C682D319D484630B3952C31A11] - (.Microsoft Corporation - MBT Transport driver.) (.25/07/2012 - 23:24:28.) -- C:\Windows\system32\Drivers\netBT.sys [331776] [MD5.76929F4A69E425911A63B407E26C2589] - (.Microsoft Corporation - Controlador de Sistema de Ficheiros NT.) (.02/02/2013 - 07:54:54.) -- C:\Windows\system32\Drivers\ntfs.sys [1933544] [MD5.4563DAF8C6A740AD7F501E219BD10766] - (.Microsoft Corporation - Controlador de porta paralela.) (.25/07/2012 - 23:29:53.) -- C:\Windows\system32\Drivers\Parport.sys [105984] [MD5.A14D625C5AEE5FFE0F47D1A1D419FAAE] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.25/07/2012 - 23:23:17.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [124928] [MD5.B2A3AD74FF2E2FFA73AF2567108231B3] - (.Microsoft Corporation - Microsoft RDP Device redirector.) (.25/07/2012 - 23:25:18.) -- C:\Windows\system32\Drivers\rdpdr.sys [179712] [MD5.73DC722CE5DF26D7638CE2446F2655C7] - (.Microsoft Corporation - TDI Translation Driver.) (.26/07/2012 - 02:26:47.) -- C:\Windows\system32\Drivers\tdx.sys [117248] [MD5.2FB3CDFD5EAF4CD9D4AFAF96877D13AE] - (.Microsoft Corporation - Controlador de cópia sombra do volume.) (.26/07/2012 - 01:57:09.) -- C:\Windows\system32\Drivers\volsnap.sys [332016] ~ Generic Processes: Scanned in 00mn 00s ---\\ Estatuto dos ficheiros ocultos (Oculto/Total) ~ Mes images (My Pictures) : 2/62 ~ Mes musiques (My Musics) : 1/923 ~ Mes Videos (My Videos) : 1/182 ~ Mes Favoris (My Favorites) : 1/8 ~ Mes Documents (My Documents) : 2/180 ~ Mon Bureau (My Desktop) : 4/5238 ~ Menu demarrer (Programs) : 1/60 ~ Hidden Files: Scanned in 00mn 00s ---\\ Processos lançados [MD5.ECE648CDC3A09421E996DFFDA76F5C53] - (.Nero AG - Nero Home.) -- C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe [153136] [PID.2556] [MD5.BB72A4FD979EB45499CCC6BEF467889A] - (.IObit - No Comment.) -- C:\Program Files (x86)\IObit\Start Menu 8\StartMenu8.exe [1540928] [PID.2564] [MD5.CC436BB2A26391F3DEBE316F6FB0474F] - (.© 2015 Microsoft Corporation - Microsoft Bing Service.) -- C:\Users\Elzirene\AppData\Local\Microsoft\BingSvc\BingSvc.exe [144008] [PID.2772] [MD5.B920AAF7ABEA489AC415DD38AD7B76CD] - (.Nero AG - Nero Home.) -- C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexStoreSvr.exe [1209904] [PID.4264] [MD5.36F4C7EF5BFB395CE24F57507F66CE09] - (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\avastui.exe [7400576] [PID.4824] [MD5.E96DD1ABAC2BE889CF521EA2192BFD1D] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [8196608] [PID.5960] [MD5.7DF8845A1CF92C227E81DBBC6F6434DF] - (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe [392136] [PID.3664] ~ Processes Running: Scanned in 00mn 00s ---\\ Google Chrome, Arranque,Pesquisa,Extensões (G0,G1,G2) C:\Users\Elzirene\AppData\Local\Google\Chrome\User Data\Default\Preferences ---\\ Pasta de extensão do Google Chrome G2 - EXT: C:\Users\Elzirene\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [__MSG_appName__] G2 - EXT: C:\Users\Elzirene\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [__MSG_appName__] G2 - EXT: C:\Users\Elzirene\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [__MSG_appName__] G2 - EXT: C:\Users\Elzirene\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [Avast SafePrice] G2 - EXT: C:\Users\Elzirene\AppData\Local\Google\Chrome\User Data\Default\Extensions\fcfenmboojpjinhpgggodefccipikbpd [__MSG_ExtnName__] G2 - EXT: C:\Users\Elzirene\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [__MSG_extName__] G2 - EXT: C:\Users\Elzirene\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim [dregol New Tab] G2 - EXT: C:\Users\Elzirene\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [Skype] G2 - EXT: C:\Users\Elzirene\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [__MSG_APP_NAME__] G2 - EXT: C:\Users\Elzirene\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [__MSG_appName__] ~ Google Lines Browser: 20 Scanned in 00mn 00s ---\\ Mozilla Firefox, Plugins,Arranque,Pesquisa,Extensões (P2,M0,M1,M2,M3) C:\Users\Elzirene\AppData\Roaming\Mozilla\Firefox\Profiles\aw3ei7fk.default\prefs.js M3 - MFPP: Plugins - [Elzirene] -- C:\Users\Elzirene\AppData\Roaming\Mozilla\Firefox\Profiles\aw3ei7fk.default\searchplugins\google-avast.xml M3 - MFPP: Plugins - [Elzirene] -- C:\Users\Elzirene\AppData\Roaming\Mozilla\Firefox\Profiles\aw3ei7fk.default\searchplugins\Search Provided by Yahoo.xml M3 - MFPP: Plugins - [Elzirene] -- C:\Users\Elzirene\AppData\Roaming\Mozilla\Firefox\Profiles\aw3ei7fk.default\searchplugins\webssearches.xml =>Hijacker.WebsSearches P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (...) -- C:\Windows\system32\Macromed\Flash\NPSWF64_21_0_0_242.dll P2 - FPN: [HKLM] [@microsoft.com/OfficeAuthz,version=14.0] - (.Microsoft Corporation - Office Authorization plug-in for NPAPI browsers.) -- C:\Program Files\Microsoft Office\Office14\NPAUTHZ.dll ~ Firefox Browser: 5 Scanned in 00mn 00s ---\\ Internet Explorer, Arranque, Pesquisa, URLSearchHook( gancho de URL), Phishing (R0,R1,R3,R4) R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://br.search.yahoo.comDzztG0E0A0B0A0D0FyD0F0DzztAzy2QtN0A0LzuyE%26cr%3D1009639397%26a%3Dwbf_popjar_16_21_ssg02%26os_ver%3D6.2%26os%3DWindows%2B8 R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://br.search.yahoo.comDzztG0E0A0B0A0D0FyD0F0DzztAzy2QtN0A0LzuyE%26cr%3D1009639397%26a%3Dwbf_popjar_16_21_ssg02%26os_ver%3D6.2%26os%3DWindows%2B8 R0 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://br.search.yahoo.comDzztG0E0A0B0A0D0FyD0F0DzztAzy2QtN0A0LzuyE%26cr%3D1009639397%26a%3Dwbf_popjar_16_21_ssg02%26os_ver%3D6.2%26os%3DWindows%2B8 R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://minilua.com R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = preserve R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://do-search.com =>PUP.DoSearches R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = www.top8844.com R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://do-search.com =>PUP.DoSearches R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs,Tabs = about:newtab R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://minilua.com R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = www.top8844.com R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://minilua.com R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Search,SearchAssistant = http://minilua.com R3 - URLSearchHook: Microsoft Url Search Hook [64Bits] - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Browser.) (10.00.9200.16384 (win8_rtm.120725-1247)) -- C:\Windows\SysWOW64\ieframe.dll ~ IE Browser: 18 Scanned in 00mn 00s ---\\ Internet Explorer, Gestão do Proxy (R5) R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=127.0.0.1:8080;https=127.0.0.1:8080 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll ~ Proxy management: Scanned in 00mn 00s ---\\ Análise das linhas F0, F1, F2, F3 - Ficheiros ini, Carregamento Automático de programas F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe, F2 - REG:system.ini: Shell=C:\Windows\explorer.exe F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe ~ Keys: Scanned in 00mn 00s ---\\ Redireção do ficheiro Hosts (01) ~ Le fichier hôte est sain (The hosts file is clean) (31) ~ Hosts File: Scanned in 00mn 00s ---\\ Browser Helper Objects do navegador (02) O2 - BHO: (no name) [64Bits] - {3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} Chave orfã O2 - BHO: (no name) [64Bits] - {51D26BB4-4D2C-4AE4-9873-5FF41B6DED1F} Chave orfã O2 - BHO: search maven 1.0.0.6 [64Bits] - {5996b4a3-5007-4a35-bfd3-70bd47abd749} Chave orfã O2 - BHO: Sale Charger [64Bits] - {7a38e53c-e000-41e4-9b5a-47447db81c2b} Chave orfã O2 - BHO: (no name) [64Bits] - {84FF7BD6-B47F-46F8-9130-01B2696B36CB} Chave orfã O2 - BHO: avast! Online Security [64Bits] - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} . (.AVAST Software - IE Webrep plugin.) -- C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll O2 - BHO: SkypeIEPluginBHO [64Bits] - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} . (.Microsoft Corporation - Skype Click to Call IE Add-on.) -- C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O2 - BHO: URLRedirectionBHO [64Bits] - {B4F3A835-0E21-4959-BA22-42B3008E02FF} . (.Microsoft Corporation - Microsoft Office Document Cache Handler.) -- C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.dll O2 - BHO: Movies Search App (Dist. by Bandoo Media, Inc.) [64Bits] - {c0caa5fe-7c9c-4dca-a265-63cf55379d1a} Chave orfã =>Adware.Bandoo O2 - BHO: ShopperProBHO [64Bits] - {A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C} Chave orfã =>PUP.ShopperPro O2 - BHO: YTAHelperBHO [64Bits] - {FCE3FA8B-BA81-467C-81D8-E43C00D1BC71} Chave orfã =>PUP.Goobzo ~ BHO: 30 Scanned in 00mn 00s ---\\ Barras do Internet Explorer (03)) O3 - Toolbar\WebBrowser: (no name) - [HKCU]{41545534-5350-2D4D-4544-7A786E7484D7} Chave orfã ~ Toolbar: Scanned in 00mn 00s ---\\ Outras conexões do utilizador (04) O4 - GS\QuickLaunch [Elzirene]: iLivid.lnk . (...) -- C:\Users\Elzirene\AppData\Local\iLivid\iLivid.exe (.not file.) =>Adware.Bandoo O4 - GS\QuickLaunch [Elzirene]: speed browser.lnk . (...) -- C:\Program Files (x86)\speed browser\Application\browser.exe (.not file.) =>PUP.SpeedBrowser O4 - GS\Program [Elzirene]: iLivid.lnk . (...) -- C:\Users\Elzirene\AppData\Local\iLivid\iLivid.exe (.not file.) =>Adware.Bandoo ~ Global Startup: 3 Scanned in 00mn 00s ---\\ Aplicações iniciadas por registo & pastas (04) O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] . (.Nero AG - Nero Home.) -- C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe O4 - HKCU\..\Run: [BingSvc] . (.© 2015 Microsoft Corporation - Microsoft Bing Service.) -- C:\Users\Elzirene\AppData\Local\Microsoft\BingSvc\BingSvc.exe O4 - HKCU\..\Run: [CrashService] C:\Users\Elzirene\AppData\Local\1stBrowser\Application\crash_service.exe (.not file.) O4 - HKCU\..\Run: [1stbrowser] C:\Users\Elzirene\AppData\Local\1stBrowser\Application\1stbrowser.exe (.not file.) O4 - HKLM\..\Wow6432Node\Run: [AvastUI.exe] . (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe O4 - HKUS\S-1-5-21-503934411-1333821644-1509641271-1001\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] . (.Nero AG - Nero Home.) -- C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe O4 - HKUS\S-1-5-21-503934411-1333821644-1509641271-1001\..\Run: [BingSvc] . (.© 2015 Microsoft Corporation - Microsoft Bing Service.) -- C:\Users\Elzirene\AppData\Local\Microsoft\BingSvc\BingSvc.exe O4 - HKUS\S-1-5-21-503934411-1333821644-1509641271-1001\..\Run: [CrashService] C:\Users\Elzirene\AppData\Local\1stBrowser\Application\crash_service.exe (.not file.) O4 - HKUS\S-1-5-21-503934411-1333821644-1509641271-1001\..\Run: [1stbrowser] C:\Users\Elzirene\AppData\Local\1stBrowser\Application\1stbrowser.exe (.not file.) ~ Application: Scanned in 00mn 00s ---\\ Icones das opções IE invisiveis no painel das configurações (05) O5 - control.ini: [HKLM\..\Control Panel] inetcpl.cpl=no ~ IE Control Panel: 1 Scanned in 00mn 00s ---\\ Boutões da barra de ferramentas principal do Internet Explorer (09) O9 - Extra button: Skype Click to Call settings [64Bits] - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} . (...) -- c:\program files (x86)\skype\toolbars\internet explorer x64\icon.ico ~ IE Extra Buttons: Scanned in 00mn 00s ---\\ Winsock hijacker (Layered Service Provider) (O10) O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Fornecedor de Correções de Compatibilidade de Nomenclatura de Correio Ele.) -- C:\Windows\system32\napinsp.dll O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - Fornecedor de Espaço de Nomes PNRP.) -- C:\Windows\system32\pnrpnsp.dll O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fornecedor de Espaço de Nomes PNRP.) -- C:\Windows\system32\pnrpnsp.dll O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - Network Location Awareness 2.) -- C:\Windows\system32\NLAapi.dll O10 - WLSP:\000000000005\Winsock LSP File . (.Microsoft Corporation - Fornecedor de serviços de Microsoft Windows Sockets 2.0.) -- C:\Windows\system32\mswsock.dll O10 - WLSP:\000000000006\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\Windows\system32\winrnr.dll O10 - WLSP:\000000000007\Winsock LSP File . (.Microsoft Corporation - Windows Sockets Helper DLL.) -- C:\Windows\system32\wshbth.dll ~ Winsock: 7 Scanned in 00mn 00s ---\\ Alteração Dominio/Clientes DNS (017) O17 - HKLM\System\CCS\Services\Tcpip\..\{4F5118BB-9051-4D89-BCFC-0A77F8B6FB62}: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\..\{C772D1BF-0857-4527-A1B8-584A2BB2F76E}: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\..\{4F5118BB-9051-4D89-BCFC-0A77F8B6FB62}: DhcpDomain = domain.name O17 - HKLM\System\CCS\Services\Tcpip\..\{C772D1BF-0857-4527-A1B8-584A2BB2F76E}: DhcpDomain = domain.name O17 - HKLM\System\CS1\Services\Tcpip\..\{4F5118BB-9051-4D89-BCFC-0A77F8B6FB62}: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CS1\Services\Tcpip\..\{C772D1BF-0857-4527-A1B8-584A2BB2F76E}: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CS1\Services\Tcpip\..\{4F5118BB-9051-4D89-BCFC-0A77F8B6FB62}: DhcpDomain = domain.name O17 - HKLM\System\CS1\Services\Tcpip\..\{C772D1BF-0857-4527-A1B8-584A2BB2F76E}: DhcpDomain = domain.name O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 ~ Domain: Scanned in 00mn 00s ---\\ Protocolo adicional (018) O18 - Handler: vbscript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visualizador de HTML da Microsoft (R).) -- C:\Windows\System32\mshtml.dll O18 - Filter: text/xml [64Bits] - {807573E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.dll =>.Microsoft Corporation ~ Protocole Additionnel: Scanned in 00mn 00s ---\\ Chave do Registo autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21) O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found. ~ SSODL: 1 Scanned in 00mn 00s ---\\ Lista dos serviços NT não Microsoft e não desativados (023) O23 - Service: AtherosSvc (AtherosSvc) . (.Atheros Commnucations - AdminService Application.) - C:\Windows\System32\AdminService.exe O23 - Service: Avast Antivirus (avast! Antivirus) . (.AVAST Software - avast! Service.) - C:\Program Files\AVAST Software\Avast\AvastSvc.exe O23 - Service: Serviço Google Update (gupdate) (gupdate) . (.Google Inc. - Instalador do Google.) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService1.0.0.0) . (.Intel Corporation - igfxCUIService Module.) - C:\Windows\System32\igfxCUIService.exe O23 - Service: KMService (KMService) . (...) - C:\Windows\SysWOW64\srvany.exe O23 - Service: Refresh Keyboard (midityjezbt) . (...) - C:\Program Files (x86)\63A9D0CC-1464210093-19DE-80F8-5D39BF27DA9A\knsh128.tmp O23 - Service: Net.Tcp Service Handler (NetTcpHandler) . (...) - C:\Users\Elzirene\AppData\Roaming\NetService\netservice.exe O23 - Service: Skype Updater (SkypeUpdate) . (.Skype Technologies - Skype Updater Service.) - C:\Program Files (x86)\Skype\Updater\Updater.exe O23 - Service: (SkypeUpdateEx) . (.skype.cog.cc - SkypeUpdateEx.) - C:\Program Files (x86)\SkypeUpdateEx\SkypeUpdateEx.exe O23 - Service: StartMenu8 Service (StartMenuService) . (.IObit - StartMenu8 Services.) - C:\Program Files (x86)\IObit\Start Menu 8\StartMenuServices.exe O23 - Service: SW Update Service (SWUpdateService) . (.Samsung Electronics CO., LTD. - SW Update Agent.) - C:\ProgramData\Samsung\SW Update Service\SWMAgent.exe O23 - Service: The Calendar Service (TheCalendarService) . (.No owner - The Calendar Service.) - C:\Program Files (x86)\CalendarTool\2.0.0.11189\CalendarServ.exe O23 - Service: update service (update_service) . (...) - C:\Program Files (x86)\updateservice\updateservice.exe O23 - Service: Windows Net Proxy Auto Service (WinNetSvc) . (...) - C:\Users\Elzirene\AppData\Roaming\WinNetSvc\WinNetSvc.exe O23 - Service: Windows Media Player Network Access Service (WMPNetworkAcSvc) . (...) - C:\Users\Elzirene\AppData\Roaming\WMPNetworkAcSvc\WMPNetworkAcSvc.exe =>.Microsoft Corporation ~ Services: 15 Scanned in 00mn 03s ---\\ Enumeração Ativa do Ambiente de trabalho & Editor MHTML (024) O24 - Default MHTML Editor: Last - .(...) - (.not file.) ~ Desktop Component: 4 Scanned in 00mn 00s ---\\ Listagem dos dados do BootExecute (Bex) (034) O34 - HKLM BootExecute: (autocheck autochk *) - File not found ~ BEX: 1 Scanned in 00mn 00s ---\\ Tarefas planificadas automaticamente (039) [MD5.00000000000000000000000000000000] [APT] [1stbrowser] (...) -- C:\Users\Elzirene\AppData\Local\1stBrowser\Application\1stbrowser.exe (.not file.) [0] [MD5.6A050671F2C76FB48131F12786802807] [APT] [Adobe Flash Player Updater] (.Adobe Systems Incorporated.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [269504] [MD5.1282F8C897DBF180BCF3F6F6968DE2C3] [APT] [avast! Emergency Update] (.AVAST Software.) -- C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [1517200] [MD5.00000000000000000000000000000000] [APT] [crash_service] (...) -- C:\Users\Elzirene\AppData\Local\1stBrowser\Application\crash_service.exe (.not file.) [0] [MD5.DD7423ABBE2913E70D50E9318AD57EE4] [APT] [GoogleUpdateTaskMachineCore] (.Google Inc..) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200] [MD5.DD7423ABBE2913E70D50E9318AD57EE4] [APT] [GoogleUpdateTaskMachineUA] (.Google Inc..) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200] [MD5.00000000000000000000000000000000] [APT] [NetEngine] (...) -- C:\ProgramData\NetEngine\bin\D10\netengine.exe (.not file.) [0] =>PUP.NetEngine [MD5.2E696C90B2D1DD842F59E38FD212D225] [APT] [SafeZone scheduled Autoupdate 1462097065] (.Avast Software.) -- C:\Program Files\AVAST Software\SZBrowser\launcher.exe [735736] [MD5.F0D63994F39C95259B06F70811F41833] [APT] [SAgent] (.Samsung Electronics CO., LTD..) -- C:\Program Files\Samsung\S Agent\CommonAgent.exe [2975056] [MD5.45BCD6113DE37F0C839731352B84CB24] [APT] [StartMenuAutoupdate] (.IObit.) -- C:\Program Files (x86)\IObit\Start Menu 8\AutoUpdate.exe [827680] [MD5.C6F268F8A91671D163028D16495AE244] [APT] [{2A6A6C0A-6DF1-4478-807F-2FF9BF46B935}] (...) -- C:\Users\Elzirene\AppData\Roaming\{2F3AA0F6-976C-4b02-A66A-5D1DEA00811F}\InstallHelp.exe [1188328] [MD5.91685926CA2361F4D1BB101F3A140B28] [APT] [{2A75E130-E0AE-40d1-B479-E583A0419691}] (...) -- C:\Program Files (x86)\updateservice\updateservice.exe [43008] [MD5.00000000000000000000000000000000] [APT] [{64DEA17D-0519-47E6-9D78-37A58266C6E7}] (...) -- C:\Program Files (x86)\baidu\Baidu Browser\uninst.exe (.not file.) [0] [MD5.00000000000000000000000000000000] [APT] [{6DB74B7B-6976-482A-981B-A76E0F6A9C5A}] (...) -- C:\Program Files (x86)\baidu\Baidu Browser\uninst.exe (.not file.) [0] [MD5.00000000000000000000000000000000] [APT] [{82C15761-BA1F-4098-9D33-24F7B4D8FDEC}] (...) -- C:\ProgramData\TVTime\uninstall.exe (.not file.) [0] [MD5.00000000000000000000000000000000] [APT] [{906553F6-2267-4D99-B782-3E41D6776624}] (...) -- C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_19_0_0_245_pepper.exe (.not file.) [0] [MD5.00000000000000000000000000000000] [APT] [{C3835365-7902-46C0-9114-AABC723475CE}] (...) -- C:\Users\Elzirene\AppData\Roaming\do-search\UninstallManager.exe (.not file.) [0] =>PUP.DoSearches [MD5.7068D0DC90FD95505A2BEEF5C2F6320E] [APT] [{FF2F182C-3E91-4027-8552-A90822E213C2}] (...) -- C:\Program Files (x86)\ToolsAssist\toolserv.exe [202872] [MD5.224EFC8B50E88D79DCEB19D658D5C41B] [APT] [Avast settings backup] (.AVAST Software.) -- C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [652816] O39 - APT: Adobe Flash Player Updater - (.Adobe Systems Incorporated.) -- C:\Windows\Tasks\Adobe Flash Player Updater.job [830] O39 - APT: Adobe Flash Player Updater - (.Adobe Systems Incorporated.) -- C:\Windows\System32\Tasks\Adobe Flash Player Updater [830] O39 - APT: GoogleUpdateTaskMachineCore - (.Google Inc..) -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job [1030] O39 - APT: GoogleUpdateTaskMachineCore - (.Google Inc..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore [1030] O39 - APT: GoogleUpdateTaskMachineUA - (.Google Inc..) -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job [1034] O39 - APT: GoogleUpdateTaskMachineUA - (.Google Inc..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA [1034] O39 - APT: {2A6A6C0A-6DF1-4478-807F-2FF9BF46B935} - (...) -- C:\Windows\Tasks\{2A6A6C0A-6DF1-4478-807F-2FF9BF46B935}.job [694] O39 - APT: {2A6A6C0A-6DF1-4478-807F-2FF9BF46B935} - (...) -- C:\Windows\System32\Tasks\{2A6A6C0A-6DF1-4478-807F-2FF9BF46B935} [694] O39 - APT: {2A75E130-E0AE-40d1-B479-E583A0419691} - (...) -- C:\Windows\Tasks\{2A75E130-E0AE-40d1-B479-E583A0419691}.job [308] O39 - APT: {2A75E130-E0AE-40d1-B479-E583A0419691} - (...) -- C:\Windows\System32\Tasks\{2A75E130-E0AE-40d1-B479-E583A0419691} [308] O39 - APT: {FF2F182C-3E91-4027-8552-A90822E213C2} - (...) -- C:\Windows\Tasks\{FF2F182C-3E91-4027-8552-A90822E213C2}.job [330] O39 - APT: {FF2F182C-3E91-4027-8552-A90822E213C2} - (...) -- C:\Windows\System32\Tasks\{FF2F182C-3E91-4027-8552-A90822E213C2} [330] ~ Scheduled Task: 62 Scanned in 00mn 02s ---\\ Componentes instalados (ActiveSetup Installed Components) (040) O40 - ASIC: Microsoft Windows Media Player [64Bits] - >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Recursos do Windows Media Player.) -- C:\Windows\System32\wmploc.dll =>.Microsoft Corporation O40 - ASIC: Microsoft Windows Media Player 12.0 [64Bits] - {22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Windows Media Player Extension.) -- C:\Windows\SysWOW64\wmpdxm.dll =>.Microsoft Corporation O40 - ASIC: Themes Setup [64Bits] - {2C7339CF-2B09-4501-B3F3-F3508C9228ED} . (.Microsoft Corporation - API de tema do Windows.) -- C:\Windows\System32\themeui.dll O40 - ASIC: Microsoft Windows [64Bits] - {44BBA840-CC51-11CF-AAFA-00AA00B6015C} . (.Microsoft Corporation - Windows Mail.) -- C:\Program Files (x86)\Windows Mail\WinMail.exe =>.Microsoft Corporation O40 - ASIC: Browsing Enhancements [64Bits] - {630b1da0-b465-11d1-9948-00c04f98bbc9} . (.Microsoft Corporation - Extensão da shell da pasta de FTP do Microsoft Internet Explore.) -- C:\Windows\System32\msieftp.dll O40 - ASIC: Microsoft Windows Media Player [64Bits] - {6BF52A52-394A-11d3-B153-00C04F79FAA6} . (.Microsoft Corporation - Recursos do Windows Media Player.) -- C:\Windows\System32\wmploc.dll =>.Microsoft Corporation O40 - ASIC: Windows Desktop Update [64Bits] - {89820200-ECBD-11cf-8B85-00AA005B4340} . (.Microsoft Corporation - DLL comum da shell do Windows.) -- C:\Windows\System32\shell32.dll O40 - ASIC: Web Platform Customizations [64Bits] - {89820200-ECBD-11cf-8B85-00AA005B4383} . (.Microsoft Corporation - Utilitário de Inicialização por utilizador do IE.) -- C:\Windows\System32\ie4uinit.exe O40 - ASIC: (no name) [64Bits] - {89B4C1CD-B018-4511-B0A1-5476DBF70820} . (.Microsoft Corporation - Microsoft .NET IE SECURITY REGISTRATION.) -- C:\Windows\System32\mscories.dll O40 - ASIC: Google Chrome [64Bits] - {8A69D345-D564-463c-AFF1-A69D9E530F96} . (.Google Inc. - Google Chrome Installer.) -- C:\Program Files (x86)\Google\Chrome\Application\50.0.2661.102\Installer\chrmstp.exe ~ Active Setup: 10 Scanned in 00mn 00s ---\\ Drivers lançados ao arranque do sistema (041) O41 - Driver: C:\Windows\System32\drivers\afd.sys (AFD) . (.Microsoft Corporation - Controlador de Função Auxiliar para Winsock.) - C:\Windows\system32\drivers\afd.sys O41 - Driver: (aswKbd) . (.AVAST Software - avast! Keyboard Filter Driver.) - C:\Windows\system32\drivers\aswKbd.sys O41 - Driver: (aswRdr) . (.AVAST Software - avast! WFP Redirect Driver.) - C:\Windows\system32\drivers\aswRdr2.sys O41 - Driver: (aswSnx) . (.AVAST Software - avast! Virtualization Driver.) - C:\Windows\system32\drivers\aswSnx.sys O41 - Driver: (aswSP) . (.AVAST Software - avast! self protection module.) - C:\Windows\system32\drivers\aswSP.sys O41 - Driver: (BasicDisplay) . (.Microsoft Corporation - Microsoft Basic Display Driver.) - C:\Windows\system32\drivers\BasicDisplay.sys O41 - Driver: (BasicRender) . (.Microsoft Corporation - Microsoft Basic Render Driver.) - C:\Windows\system32\drivers\BasicRender.sys O41 - Driver: cdrom.inf (cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\Windows\system32\drivers\cdrom.sys O41 - Driver: C:\Windows\System32\drivers\dam.sys (dam) . (.Microsoft Corporation - DAM Kernel Driver.) - C:\Windows\System32\drivers\dam.sys O41 - Driver: C:\Windows\System32\wkssvc.dll (Dfsc) . (.Microsoft Corporation - DFS Namespace Client Driver.) - C:\Windows\System32\Drivers\dfsc.sys O41 - Driver: C:\Windows\System32\drivers\discache.sys (discache) . (.Microsoft Corporation - System Indexer/Cache Driver.) - C:\Windows\System32\drivers\discache.sys O41 - Driver: mssmbios.inf (mssmbios) . (.Microsoft Corporation - System Management BIOS Driver.) - C:\Windows\system32\drivers\mssmbios.sys O41 - Driver: netnb.inf (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\Windows\System32\DRIVERS\netbios.sys O41 - Driver: C:\Windows\System32\drivers\netbt.sys (NetBT) . (.Microsoft Corporation - MBT Transport driver.) - C:\Windows\System32\DRIVERS\netbt.sys O41 - Driver: npsvctrig.inf (npsvctrig) . (.Microsoft Corporation - Named pipe service triggers.) - C:\Windows\system32\drivers\npsvctrig.sys O41 - Driver: C:\Windows\System32\drivers\nsiproxy.sys (nsiproxy) . (.Microsoft Corporation - NSI Proxy.) - C:\Windows\System32\drivers\nsiproxy.sys O41 - Driver: C:\Windows\System32\drivers\pacer.sys (Psched) . (.Microsoft Corporation - Agendador de pacotes QoS.) - C:\Windows\system32\DRIVERS\pacer.sys O41 - Driver: C:\Windows\System32\wkssvc.dll (rdbss) . (.Microsoft Corporation - Controlador de Subsistema de Colocação em M.) - C:\Windows\System32\DRIVERS\rdbss.sys O41 - Driver: (tbfd_1_10_0_16) . (. - .) - C:\Windows\System32\drivers\tbfd_1_10_0_16.sys (.not file.) O41 - Driver: C:\Windows\System32\tcpipcfg.dll (tdx) . (.Microsoft Corporation - TDI Translation Driver.) - C:\Windows\system32\DRIVERS\tdx.sys O41 - Driver: C:\Windows\System32\drivers\vwififlt.sys (vwififlt) . (.Microsoft Corporation - Virtual WiFi Filter Driver.) - C:\Windows\system32\DRIVERS\vwififlt.sys O41 - Driver: C:\Windows\System32\rascfg.dll (Wanarpv6) . (.Microsoft Corporation - MS Remote Access and Routing ARP Driver.) - C:\Windows\system32\DRIVERS\wanarp.sys ~ Drivers: 44 Scanned in 00mn 00s ---\\ Software instalados (042) O42 - Logiciel: Adobe Flash Player 21 NPAPI - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- Adobe Flash Player NPAPI O42 - Logiciel: Advanced Calendar 2.0.0.11189 - (.MEIXIAN XIE.) [HKLM][64Bits] -- {D9BAB2C9-5236-48c3-AF02-67E799F09BBD} O42 - Logiciel: Avast Free Antivirus - (.AVAST Software.) [HKLM][64Bits] -- Avast O42 - Logiciel: Dic Michaelis - UOL - (...) [HKLM][64Bits] -- WDIC O42 - Logiciel: Google Chrome - (.Google Inc..) [HKLM][64Bits] -- Google Chrome O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM][64Bits] -- {60EC980A-BDA2-4CB6-A427-B07A5498B4CA} O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM][64Bits] -- {A92DAB39-4E2C-4304-9AB6-BC44E68B55E2} O42 - Logiciel: Intel(R) Processor Graphics - (.Intel Corporation.) [HKLM][64Bits] -- {F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA} O42 - Logiciel: Intel(R) Rapid Storage Technology - (.Intel Corporation.) [HKLM][64Bits] -- {409CB30E-E457-4008-9B1A-ED1B9EA21140} O42 - Logiciel: Intel(R) Rapid Storage Technology - (.Intel Corporation.) [HKLM][64Bits] -- {5017D82E-6F1C-478B-9941-D6FD93DB9909} O42 - Logiciel: K-Lite Codec Pack 9.9.5 (Full) - (...) [HKLM][64Bits] -- KLiteCodecPack_is1 O42 - Logiciel: Mozilla Firefox 46.0.1 (x86 pt-BR) - (.Mozilla.) [HKLM][64Bits] -- Mozilla Firefox 46.0.1 (x86 pt-BR) O42 - Logiciel: Mozilla Maintenance Service - (.Mozilla.) [HKLM][64Bits] -- MozillaMaintenanceService O42 - Logiciel: Nero 7 Essentials - (.Nero AG.) [HKLM][64Bits] -- {66EBD70F-A42C-475F-AEDF-277378152070} O42 - Logiciel: Realtek High Definition Audio Driver - (.Realtek Semiconductor Corp..) [HKLM][64Bits] -- {F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC} O42 - Logiciel: Receitanet - (.Serpro - Serviço Federal de Processamento de Dados.) [HKLM][64Bits] -- ECC16E3C-16D1-4DC2-9D8A-6AC06B3005A5 O42 - Logiciel: S Agent - (.Samsung Electronics CO., LTD..) [HKLM][64Bits] -- {00692554-EDF4-4514-878F-A1C527EED296} O42 - Logiciel: SafeZone Stable 1.48.2066.101 - (.Avast Software.) [HKLM][64Bits] -- SafeZone 1.48.2066.101 O42 - Logiciel: Skype Click to Call - (.Microsoft Corporation.) [HKLM][64Bits] -- {6D1221A9-17BF-4EC0-81F2-27D30EC30701} O42 - Logiciel: Skype™ 7.22 - (.Skype Technologies S.A..) [HKLM][64Bits] -- {FC965A47-4839-40CA-B618-18F486F042C6} O42 - Logiciel: Start Menu 8 - (.IObit.) [HKLM][64Bits] -- IObit_StartMenu8_is1 O42 - Logiciel: Tools Assist - (.Jinju Wang.) [HKLM][64Bits] -- {3CA099AA-D173-49e0-B3EA-145D67934BB5} O42 - Logiciel: VLC media player - (.VideoLAN.) [HKLM][64Bits] -- VLC media player =>.VideoLAN O42 - Logiciel: WinRAR 5.31 (64-bit) - (.win.rar GmbH.) [HKLM][64Bits] -- WinRAR archiver O42 - Logiciel: Windows Sales Application - (.PopDeals.) [HKLM][64Bits] -- PopDeals O42 - Logiciel: aTube Catcher versão 3.8 - (.DsNET Corp.) [HKLM][64Bits] -- {D43B360E-722D-421B-BC77-20B9E0F8B6CD}_is1 O42 - Logiciel: iLivid - (.Bandoo Media Inc.) [HKCU][64Bits] -- iLivid =>Adware.Bandoo O42 - Logiciel: neroxml - (.Nero AG.) [HKLM][64Bits] -- {56C049BE-79E9-4502-BEA7-9754A3E60F9B} O42 - Logiciel: speed browser - (.Smart Applications.) [HKLM][64Bits] -- speed browser =>PUP.SpeedBrowser O42 - Logiciel: swMSM - (.Adobe Systems, Inc.) [HKLM][64Bits] -- {612C34C7-5E90-47D8-9B5C-0F717DD82726} ~ Logic: 52 Scanned in 00mn 00s ---\\ HKCU & HKLM Software Keys [HKCU\Software\APN PIP] [HKCU\Software\APNDTX] =>Toolbar.Ask [HKCU\Software\AVAST Software] [HKCU\Software\Adobe] [HKCU\Software\Ahead] [HKCU\Software\Amigo Mouse] [HKCU\Software\App Lid-nv-ie] [HKCU\Software\AppDataLow\Software\Adobe] [HKCU\Software\AppDataLow\Software\DynConIE] =>PUP.DynConIE [HKCU\Software\AppDataLow\Software\JavaSoft] [HKCU\Software\AppDataLow\Software\ilividbandoomoviestoolbar] =>Adware.Bandoo [HKCU\Software\AppDataLow] [HKCU\Software\Baidu Security] [HKCU\Software\Baidu] [HKCU\Software\Browser] [HKCU\Software\CalendarTool] [HKCU\Software\Caphyon] [HKCU\Software\Chromium] [HKCU\Software\Classes] [HKCU\Software\Clients] [HKCU\Software\GNU] [HKCU\Software\Gabest] [HKCU\Software\Gameo] =>PUP.Gameo [HKCU\Software\Goobzo] =>PUP.Goobzo [HKCU\Software\Google] [HKCU\Software\Haali] [HKCU\Software\IM Providers] [HKCU\Software\Icaros] [HKCU\Software\Intel] [HKCU\Software\JavaSoft] [HKCU\Software\Macromedia] [HKCU\Software\MediaInfo] [HKCU\Software\Megacubo] [HKCU\Software\Mine] [HKCU\Software\MozillaPlugins] [HKCU\Software\Mozilla] [HKCU\Software\Netscape] [HKCU\Software\Nico Mak Computing] [HKCU\Software\ODBC] [HKCU\Software\Opera Software] [HKCU\Software\Policies] [HKCU\Software\ProductSetup] =>Adware.InstallCore [HKCU\Software\Realtek] [HKCU\Software\RegisteredApplications] [HKCU\Software\Samsung] [HKCU\Software\Skype] [HKCU\Software\SourceForge] [HKCU\Software\ToolsAssist] [HKCU\Software\Trolltech] [HKCU\Software\Tuguu] =>PUP.VAFPlayer [HKCU\Software\VB and VBA Program Settings] [HKCU\Software\Wargaming.net] [HKCU\Software\WinRAR SFX] [HKCU\Software\WinRAR] [HKCU\Software\Wow6432Node] [HKCU\Software\YBR] [HKCU\Software\ZebHelpProcess Helper] [HKCU\Software\csastats] [HKCU\Software\globalUpdate] =>PUP.GlobalUpdate [HKCU\Software\ilividbandoomoviestoolbar] =>Adware.Bandoo [HKCU\Software\madshi] [HKCU\Software\roxio] [HKCU\Software\search maven] [HKCU\Software\teras games] [HKCU\Software\undefined] [HKLM\Software\ATI Technologies] [HKLM\Software\Atheros] [HKLM\Software\Baidu Security] [HKLM\Software\CalendarTool] [HKLM\Software\Classes] [HKLM\Software\Clients] [HKLM\Software\Clocker] [HKLM\Software\DTS] [HKLM\Software\Dolby] [HKLM\Software\DtsEncodeTools] [HKLM\Software\Google] [HKLM\Software\IM Providers] [HKLM\Software\Iminent] =>Adware.IMBooster [HKLM\Software\Intel] [HKLM\Software\JavaSoft] [HKLM\Software\Khronos] [HKLM\Software\Knowles] [HKLM\Software\Macromedia] [HKLM\Software\Megacubo] [HKLM\Software\MozillaPlugins] [HKLM\Software\Mozilla] [HKLM\Software\Nuance] [HKLM\Software\ODBC] [HKLM\Software\Policies] [HKLM\Software\Realtek] [HKLM\Software\RegisteredApplications] [HKLM\Software\SRS Labs] [HKLM\Software\Sakura] [HKLM\Software\ShopperPro] =>PUP.ShopperPro [HKLM\Software\SonicFocus] [HKLM\Software\TrendMicro] [HKLM\Software\WWS] [HKLM\Software\Waves Audio] [HKLM\Software\WinRAR] [HKLM\Software\Wow6432Node\AVAST Software] [HKLM\Software\Wow6432Node\Adobe] [HKLM\Software\Wow6432Node\Ahead] [HKLM\Software\Wow6432Node\AppDataLow] [HKLM\Software\Wow6432Node\Audible] [HKLM\Software\Wow6432Node\Baidu Security] [HKLM\Software\Wow6432Node\Chromium] [HKLM\Software\Wow6432Node\Classes] [HKLM\Software\Wow6432Node\Clients] [HKLM\Software\Wow6432Node\Data Fellows] [HKLM\Software\Wow6432Node\Datamngr] =>PUP.Datamngr [HKLM\Software\Wow6432Node\EVP] [HKLM\Software\Wow6432Node\F-Secure] [HKLM\Software\Wow6432Node\FFPluginHp] [HKLM\Software\Wow6432Node\GNU] [HKLM\Software\Wow6432Node\GlobalUpdate] =>PUP.GlobalUpdate [HKLM\Software\Wow6432Node\Goobzo] =>PUP.Goobzo [HKLM\Software\Wow6432Node\Google] [HKLM\Software\Wow6432Node\HaaliMkx] [HKLM\Software\Wow6432Node\IHProtect] =>Adware.AgentODR [HKLM\Software\Wow6432Node\IM Providers] [HKLM\Software\Wow6432Node\IObit] [HKLM\Software\Wow6432Node\Icaros] [HKLM\Software\Wow6432Node\Iminent] =>Adware.IMBooster [HKLM\Software\Wow6432Node\Intel] [HKLM\Software\Wow6432Node\JavaSoft] [HKLM\Software\Wow6432Node\JreMetrics] [HKLM\Software\Wow6432Node\KLCodecPack] [HKLM\Software\Wow6432Node\Khronos] [HKLM\Software\Wow6432Node\LAV] [HKLM\Software\Wow6432Node\Licenses] [HKLM\Software\Wow6432Node\Macromedia] [HKLM\Software\Wow6432Node\MozillaPlugins] [HKLM\Software\Wow6432Node\Mozilla] [HKLM\Software\Wow6432Node\Nero] [HKLM\Software\Wow6432Node\NetTcpHandler] [HKLM\Software\Wow6432Node\NtIObits] [HKLM\Software\Wow6432Node\NtSvcHandler] [HKLM\Software\Wow6432Node\Nuance] [HKLM\Software\Wow6432Node\ODBC] [HKLM\Software\Wow6432Node\Opera Software] [HKLM\Software\Wow6432Node\Policies] [HKLM\Software\Wow6432Node\Realtek Semiconductor Corp.] [HKLM\Software\Wow6432Node\Realtek] [HKLM\Software\Wow6432Node\RegisteredApplications] [HKLM\Software\Wow6432Node\Sakura] [HKLM\Software\Wow6432Node\Samsung] [HKLM\Software\Wow6432Node\SkypeUpdateEx] [HKLM\Software\Wow6432Node\Skype] [HKLM\Software\Wow6432Node\SpeedBrowser] =>PUP.SpeedBrowser [HKLM\Software\Wow6432Node\SupDp] =>PUP.SupTab [HKLM\Software\Wow6432Node\TermBlazer_1.10.0.16] [HKLM\Software\Wow6432Node\ToolsAssist] [HKLM\Software\Wow6432Node\TrendMicro] [HKLM\Software\Wow6432Node\VideoLAN] [HKLM\Software\Wow6432Node\Volatile] [HKLM\Software\Wow6432Node\WMPNetworkAcSvc] [HKLM\Software\Wow6432Node\WinNetSvc] [HKLM\Software\Wow6432Node\baidu] [HKLM\Software\Wow6432Node\delta-homesSoftware] =>Hijacker.DeltaHomes [HKLM\Software\Wow6432Node\do-searchSoftware] =>PUP.DoSearches [HKLM\Software\Wow6432Node\im-dosearch] [HKLM\Software\Wow6432Node\mozilla.org] [HKLM\Software\Wow6432Node\mystartsearchSoftware] =>PUP.StartSearch [HKLM\Software\Wow6432Node\navegaki] [HKLM\Software\Wow6432Node\search maven] [HKLM\Software\Wow6432Node\supTab] =>PUP.SupTab [HKLM\Software\Wow6432Node\supWindowsMangerProtect] =>PUP.Fuyu [HKLM\Software\Wow6432Node\yoursearchingSoftware] [HKLM\Software\Wow6432Node] [HKLM\Software\im-dosearch] [HKLM\Software\navegaki] ~ Key Software: 257 Scanned in 00mn 00s ---\\ Conteúdo das pastas Programs/ProgramFiles/ProgramData/AppData (O43) O43 - CFD: 26/05/2016 - 16:43:39 - [] ----D C:\Program Files (x86)\63A9D0CC-1464210093-19DE-80F8-5D39BF27DA9A O43 - CFD: 02/02/2016 - 21:06:18 - [0] ----D C:\Program Files (x86)\Adobe O43 - CFD: 18/03/2016 - 12:29:46 - [] ----D C:\Program Files (x86)\CalendarTool O43 - CFD: 25/05/2016 - 21:29:25 - [] ----D C:\Program Files (x86)\CleanBrowser O43 - CFD: 13/04/2016 - 23:13:42 - [] ----D C:\Program Files (x86)\Common Files O43 - CFD: 19/08/2015 - 14:26:49 - [] ----D C:\Program Files (x86)\DsNET Corp O43 - CFD: 25/05/2016 - 21:09:59 - [] ----D C:\Program Files (x86)\Google O43 - CFD: 03/03/2015 - 05:11:09 - [] --H-D C:\Program Files (x86)\InstallJammer Registry O43 - CFD: 09/11/2014 - 20:03:39 - [] --H-D C:\Program Files (x86)\InstallShield Installation Information O43 - CFD: 09/11/2014 - 15:37:43 - [] ----D C:\Program Files (x86)\Intel O43 - CFD: 09/11/2014 - 16:41:38 - [] ----D C:\Program Files (x86)\Internet Explorer O43 - CFD: 09/11/2014 - 14:02:52 - [] ----D C:\Program Files (x86)\IObit O43 - CFD: 09/11/2014 - 14:03:33 - [] ----D C:\Program Files (x86)\K-Lite Codec Pack O43 - CFD: 09/11/2014 - 14:29:26 - [] ----D C:\Program Files (x86)\Microsoft Analysis Services O43 - CFD: 09/11/2014 - 14:29:19 - [] ----D C:\Program Files (x86)\Microsoft Office O43 - CFD: 09/11/2014 - 14:31:35 - [] ----D C:\Program Files (x86)\Microsoft.NET O43 - CFD: 07/05/2016 - 11:01:41 - [] ----D C:\Program Files (x86)\Mozilla Firefox O43 - CFD: 07/05/2016 - 15:54:30 - [] ----D C:\Program Files (x86)\Mozilla Maintenance Service O43 - CFD: 09/11/2014 - 17:44:04 - [] ----D C:\Program Files (x86)\Nero O43 - CFD: 03/03/2015 - 05:11:02 - [] ----D C:\Program Files (x86)\Programas RFB O43 - CFD: 09/11/2014 - 20:03:39 - [] ----D C:\Program Files (x86)\Realtek O43 - CFD: 08/11/2015 - 19:24:47 - [] ----D C:\Program Files (x86)\search maven O43 - CFD: 28/05/2016 - 21:07:59 - [] R---D C:\Program Files (x86)\Skype O43 - CFD: 25/05/2016 - 21:03:09 - [] ----D C:\Program Files (x86)\SkypeUpdateEx O43 - CFD: 09/11/2014 - 20:07:39 - [0] --H-D C:\Program Files (x86)\Temp O43 - CFD: 03/03/2015 - 16:23:52 - [0] ----D C:\Program Files (x86)\TipTv O43 - CFD: 11/12/2015 - 22:09:11 - [] ----D C:\Program Files (x86)\ToolsAssist O43 - CFD: 25/05/2016 - 21:02:15 - [] ----D C:\Program Files (x86)\updateservice O43 - CFD: 09/11/2014 - 17:30:20 - [] ----D C:\Program Files (x86)\VideoLAN O43 - CFD: 09/11/2014 - 16:42:48 - [] ----D C:\Program Files (x86)\Windows Defender O43 - CFD: 26/07/2012 - 08:00:30 - [] ----D C:\Program Files (x86)\Windows Mail =>.Microsoft Corporation O43 - CFD: 09/11/2014 - 16:40:10 - [] ----D C:\Program Files (x86)\Windows Media Player =>.Microsoft Corporation O43 - CFD: 26/07/2012 - 05:13:01 - [] ----D C:\Program Files (x86)\Windows Multimedia Platform O43 - CFD: 26/07/2012 - 05:12:59 - [] ----D C:\Program Files (x86)\Windows NT O43 - CFD: 09/11/2014 - 16:40:45 - [] ----D C:\Program Files (x86)\Windows Photo Viewer O43 - CFD: 26/07/2012 - 05:13:01 - [] ----D C:\Program Files (x86)\Windows Portable Devices O43 - CFD: 26/07/2012 - 05:12:59 - [] -SH-D C:\Program Files (x86)\Windows Sidebar O43 - CFD: 28/05/2016 - 23:04:59 - [] ----D C:\Program Files (x86)\ZHPDiag =>.Nicolas Coolman O43 - CFD: 02/02/2016 - 21:06:13 - [] ----D C:\Program Files (x86)\Common Files\Adobe O43 - CFD: 09/11/2014 - 17:44:29 - [] ----D C:\Program Files (x86)\Common Files\Ahead O43 - CFD: 03/12/2015 - 17:53:03 - [] ----D C:\Program Files (x86)\Common Files\AV O43 - CFD: 09/11/2014 - 20:03:34 - [] ----D C:\Program Files (x86)\Common Files\InstallShield O43 - CFD: 09/11/2014 - 15:37:34 - [] ----D C:\Program Files (x86)\Common Files\Intel O43 - CFD: 20/05/2015 - 03:47:26 - [] ----D C:\Program Files (x86)\Common Files\Microsoft Shared O43 - CFD: 26/07/2012 - 05:13:01 - [] ----D C:\Program Files (x86)\Common Files\Services O43 - CFD: 13/04/2016 - 23:13:42 - [] ----D C:\Program Files (x86)\Common Files\Skype O43 - CFD: 26/07/2012 - 08:00:30 - [] ----D C:\Program Files (x86)\Common Files\System O43 - CFD: 02/02/2016 - 20:05:58 - [] ----D C:\ProgramData\Adobe O43 - CFD: 02/09/2015 - 22:19:38 - [] ----D C:\ProgramData\Aeusuliite O43 - CFD: 09/11/2014 - 13:51:04 - [] -SH-D C:\ProgramData\Ambiente de Trabalho O43 - CFD: 19/08/2015 - 14:27:12 - [] ----D C:\ProgramData\APN O43 - CFD: 01/04/2016 - 02:36:51 - [] ----D C:\ProgramData\AppData O43 - CFD: 26/07/2012 - 04:22:08 - [] -SH-D C:\ProgramData\Application Data O43 - CFD: 01/05/2016 - 07:00:57 - [] ----D C:\ProgramData\AVAST Software O43 - CFD: 11/12/2015 - 22:10:58 - [] ----D C:\ProgramData\Baidu O43 - CFD: 26/01/2015 - 17:37:03 - [0] ----D C:\ProgramData\Baidu Security O43 - CFD: 27/03/2015 - 06:23:09 - [] ----D C:\ProgramData\Datamngr =>PUP.Datamngr O43 - CFD: 26/07/2012 - 04:22:08 - [] -SH-D C:\ProgramData\Desktop O43 - CFD: 09/11/2014 - 13:51:04 - [] -SH-D C:\ProgramData\Documentos O43 - CFD: 26/07/2012 - 04:22:08 - [] -SH-D C:\ProgramData\Documents O43 - CFD: 03/04/2016 - 23:36:52 - [] ----D C:\ProgramData\F-Secure O43 - CFD: 20/05/2015 - 03:47:33 - [] ----D C:\ProgramData\Hunter O43 - CFD: 02/02/2015 - 15:45:53 - [] ----D C:\ProgramData\IHProtectUpDate =>Adware.AgentODR O43 - CFD: 11/05/2016 - 07:11:48 - [] ----D C:\ProgramData\Intel O43 - CFD: 09/11/2014 - 14:02:56 - [] ----D C:\ProgramData\IObit O43 - CFD: 09/11/2014 - 13:51:04 - [] -SH-D C:\ProgramData\Menu Iniciar O43 - CFD: 11/05/2016 - 07:11:36 - [] -S--D C:\ProgramData\Microsoft O43 - CFD: 09/11/2014 - 14:34:00 - [] ----D C:\ProgramData\Microsoft Help O43 - CFD: 09/11/2014 - 13:51:04 - [] -SH-D C:\ProgramData\Modelos O43 - CFD: 09/11/2014 - 17:44:04 - [] ----D C:\ProgramData\Nero O43 - CFD: 06/08/2015 - 20:11:51 - [] ----D C:\ProgramData\Package Cache O43 - CFD: 09/11/2014 - 13:54:41 - [] ----D C:\ProgramData\PRICache O43 - CFD: 17/04/2015 - 04:46:13 - [] ----D C:\ProgramData\Radio O43 - CFD: 26/07/2012 - 08:02:42 - [] ----D C:\ProgramData\regid.1991-06.com.microsoft O43 - CFD: 10/11/2014 - 08:14:08 - [] ----D C:\ProgramData\Samsung O43 - CFD: 13/04/2016 - 23:13:39 - [] ----D C:\ProgramData\Skype O43 - CFD: 26/07/2012 - 04:22:08 - [] -SH-D C:\ProgramData\Start Menu O43 - CFD: 16/04/2015 - 09:41:14 - [] ----D C:\ProgramData\Sun O43 - CFD: 07/04/2015 - 10:19:57 - [0] ----D C:\ProgramData\T122078ED O43 - CFD: 16/04/2015 - 09:42:09 - [0] ---AD C:\ProgramData\TEMP O43 - CFD: 26/07/2012 - 04:22:08 - [] -SH-D C:\ProgramData\Templates O43 - CFD: 29/03/2016 - 16:26:15 - [] ----D C:\ProgramData\ToolsAssist O43 - CFD: 28/05/2016 - 21:59:54 - [] ----D C:\ProgramData\Windows Security O43 - CFD: 05/06/2015 - 22:01:41 - [] ----D C:\ProgramData\WindowsMangerProtect =>PUP.Fuyu O43 - CFD: 03/05/2016 - 20:52:46 - [0] ----D C:\ProgramData\WinZip O43 - CFD: 26/07/2012 - 05:13:01 - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessibility O43 - CFD: 09/11/2014 - 16:41:54 - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories O43 - CFD: 26/07/2012 - 05:13:01 - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools O43 - CFD: 03/05/2016 - 20:44:19 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\aTube Catcher O43 - CFD: 25/08/2015 - 09:14:56 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software O43 - CFD: 25/05/2016 - 20:18:10 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ByteFence Anti-Malware O43 - CFD: 09/11/2014 - 14:04:17 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dic Michaelis - UOL O43 - CFD: 09/11/2014 - 14:03:35 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack O43 - CFD: 26/07/2012 - 05:13:01 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance O43 - CFD: 09/11/2014 - 14:32:57 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office O43 - CFD: 09/11/2014 - 17:48:05 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero 7 Essentials O43 - CFD: 03/03/2015 - 05:11:05 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Programas RFB O43 - CFD: 13/04/2016 - 23:13:43 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype O43 - CFD: 23/03/2015 - 20:23:08 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\speed browser =>PUP.SpeedBrowser O43 - CFD: 09/11/2014 - 14:02:54 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Start Menu 8 O43 - CFD: 20/05/2016 - 00:49:07 - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StartUp O43 - CFD: 26/07/2012 - 05:13:01 - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools O43 - CFD: 26/07/2012 - 08:02:42 - [0] R-H-D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tablet PC O43 - CFD: 09/11/2014 - 17:30:26 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN O43 - CFD: 13/04/2016 - 23:10:25 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR O43 - CFD: 28/05/2016 - 23:04:58 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZHP =>.Nicolas Coolman O43 - CFD: 03/03/2015 - 16:28:51 - [] ----D C:\Users\Elzirene\AppData\Roaming\.ACEStream O43 - CFD: 12/03/2016 - 14:47:07 - [] ----D C:\Users\Elzirene\AppData\Roaming\Adobe O43 - CFD: 09/11/2014 - 17:44:54 - [] ----D C:\Users\Elzirene\AppData\Roaming\Ahead O43 - CFD: 09/11/2014 - 18:08:02 - [] ----D C:\Users\Elzirene\AppData\Roaming\AVAST Software O43 - CFD: 11/12/2015 - 22:10:54 - [] ----D C:\Users\Elzirene\AppData\Roaming\Baidu O43 - CFD: 28/05/2016 - 22:32:06 - [] ----D C:\Users\Elzirene\AppData\Roaming\CalendarTool O43 - CFD: 15/12/2015 - 19:18:46 - [] ----D C:\Users\Elzirene\AppData\Roaming\dvdcss O43 - CFD: 29/11/2015 - 09:05:03 - [] ----D C:\Users\Elzirene\AppData\Roaming\Google O43 - CFD: 13/09/2015 - 09:51:40 - [] ----D C:\Users\Elzirene\AppData\Roaming\Identities O43 - CFD: 19/01/2015 - 10:47:06 - [] ----D C:\Users\Elzirene\AppData\Roaming\IObit O43 - CFD: 13/03/2016 - 16:25:27 - [] ----D C:\Users\Elzirene\AppData\Roaming\Macromedia O43 - CFD: 26/11/2014 - 19:25:07 - [] ----D C:\Users\Elzirene\AppData\Roaming\Media Player Classic O43 - CFD: 21/04/2016 - 15:12:32 - [] -S--D C:\Users\Elzirene\AppData\Roaming\Microsoft O43 - CFD: 09/11/2014 - 14:08:07 - [] ----D C:\Users\Elzirene\AppData\Roaming\Mozilla O43 - CFD: 19/08/2015 - 14:11:56 - [] ----D C:\Users\Elzirene\AppData\Roaming\NetService O43 - CFD: 01/12/2015 - 21:22:37 - [] ----D C:\Users\Elzirene\AppData\Roaming\Opera Software O43 - CFD: 03/03/2015 - 16:33:12 - [] ----D C:\Users\Elzirene\AppData\Roaming\RoxTemp O43 - CFD: 25/05/2016 - 18:32:25 - [] ----D C:\Users\Elzirene\AppData\Roaming\RunDir O43 - CFD: 04/06/2015 - 02:53:01 - [] ----D C:\Users\Elzirene\AppData\Roaming\Run_dregol O43 - CFD: 14/05/2016 - 20:39:39 - [0] ----D C:\Users\Elzirene\AppData\Roaming\sc O43 - CFD: 16/04/2015 - 11:31:22 - [0] ----D C:\Users\Elzirene\AppData\Roaming\searchult O43 - CFD: 20/05/2016 - 21:39:32 - [] ----D C:\Users\Elzirene\AppData\Roaming\shortCutStore O43 - CFD: 14/04/2016 - 00:41:57 - [] ----D C:\Users\Elzirene\AppData\Roaming\Skype O43 - CFD: 20/05/2015 - 03:47:33 - [] ----D C:\Users\Elzirene\AppData\Roaming\theHunter O43 - CFD: 03/03/2015 - 16:19:19 - [] ----D C:\Users\Elzirene\AppData\Roaming\Tiptv O43 - CFD: 29/03/2016 - 16:26:43 - [] ----D C:\Users\Elzirene\AppData\Roaming\updateservice O43 - CFD: 02/02/2015 - 15:52:24 - [] ----D C:\Users\Elzirene\AppData\Roaming\VDownloader O43 - CFD: 20/05/2016 - 09:23:11 - [] ----D C:\Users\Elzirene\AppData\Roaming\vlc O43 - CFD: 17/12/2015 - 07:48:15 - [] ----D C:\Users\Elzirene\AppData\Roaming\WinNetSvc O43 - CFD: 09/11/2014 - 18:46:41 - [] ----D C:\Users\Elzirene\AppData\Roaming\WinRAR O43 - CFD: 28/05/2016 - 23:43:16 - [] ----D C:\Users\Elzirene\AppData\Roaming\WMPNetworkAcSvc O43 - CFD: 11/12/2015 - 22:40:20 - [0] ----D C:\Users\Elzirene\AppData\Roaming\yoursearching O43 - CFD: 28/05/2016 - 23:54:33 - [] ----D C:\Users\Elzirene\AppData\Roaming\ZHP =>.Nicolas Coolman O43 - CFD: 04/06/2015 - 02:47:01 - [] ----D C:\Users\Elzirene\AppData\Roaming\{2F3AA0F6-976C-4b02-A66A-5D1DEA00811F} O43 - CFD: 03/02/2016 - 21:36:34 - [0] --H-D C:\Users\Elzirene\AppData\Local\17b946a9045e0952 O43 - CFD: 19/11/2015 - 23:30:16 - [] ----D C:\Users\Elzirene\AppData\Local\1stBrowser O43 - CFD: 03/02/2016 - 00:38:52 - [] ----D C:\Users\Elzirene\AppData\Local\Adobe O43 - CFD: 09/11/2014 - 17:48:06 - [] ----D C:\Users\Elzirene\AppData\Local\Ahead O43 - CFD: 09/11/2014 - 13:53:53 - [] -SH-D C:\Users\Elzirene\AppData\Local\Application Data O43 - CFD: 04/05/2016 - 01:26:42 - [] ----D C:\Users\Elzirene\AppData\Local\assembly O43 - CFD: 20/05/2016 - 21:52:52 - [] ----D C:\Users\Elzirene\AppData\Local\CrashDumps O43 - CFD: 16/04/2015 - 09:37:07 - [] ----D C:\Users\Elzirene\AppData\Local\CrashRpt O43 - CFD: 20/05/2016 - 01:16:27 - [] ----D C:\Users\Elzirene\AppData\Local\Diagnostics O43 - CFD: 25/05/2016 - 20:18:38 - [] ----D C:\Users\Elzirene\AppData\Local\dine O43 - CFD: 11/12/2015 - 22:37:37 - [] ----D C:\Users\Elzirene\AppData\Local\ElevatedDiagnostics O43 - CFD: 04/04/2016 - 07:30:17 - [0] ----D C:\Users\Elzirene\AppData\Local\FSDART O43 - CFD: 16/04/2015 - 09:26:56 - [] ----D C:\Users\Elzirene\AppData\Local\Gameo =>PUP.Gameo O43 - CFD: 02/02/2015 - 15:45:51 - [] ----D C:\Users\Elzirene\AppData\Local\globalUpdate =>PUP.GlobalUpdate O43 - CFD: 28/01/2016 - 21:10:04 - [] ----D C:\Users\Elzirene\AppData\Local\Google O43 - CFD: 09/11/2014 - 13:53:53 - [] -SH-D C:\Users\Elzirene\AppData\Local\Histórico O43 - CFD: 16/04/2015 - 09:37:16 - [] ----D C:\Users\Elzirene\AppData\Local\Installer O43 - CFD: 09/11/2014 - 17:20:00 - [] ----D C:\Users\Elzirene\AppData\Local\Macromedia O43 - CFD: 04/04/2016 - 13:20:10 - [] ----D C:\Users\Elzirene\AppData\Local\Microsoft O43 - CFD: 01/09/2015 - 00:06:40 - [] ----D C:\Users\Elzirene\AppData\Local\Microsoft Help O43 - CFD: 11/12/2015 - 22:09:21 - [] ----D C:\Users\Elzirene\AppData\Local\MiniService O43 - CFD: 09/11/2014 - 14:08:02 - [] ----D C:\Users\Elzirene\AppData\Local\Mozilla O43 - CFD: 11/12/2015 - 22:39:44 - [0] ----D C:\Users\Elzirene\AppData\Local\Opera Software O43 - CFD: 09/11/2014 - 13:54:36 - [] ----D C:\Users\Elzirene\AppData\Local\Packages O43 - CFD: 09/11/2014 - 14:03:24 - [] ----D C:\Users\Elzirene\AppData\Local\Programs O43 - CFD: 04/06/2015 - 02:53:04 - [] ----D C:\Users\Elzirene\AppData\Local\remi O43 - CFD: 03/03/2015 - 16:34:52 - [] ----D C:\Users\Elzirene\AppData\Local\ROX Player O43 - CFD: 09/11/2014 - 20:54:12 - [] ----D C:\Users\Elzirene\AppData\Local\Samsung O43 - CFD: 04/06/2015 - 02:53:06 - [] ----D C:\Users\Elzirene\AppData\Local\Setup27788187 O43 - CFD: 20/05/2016 - 21:52:49 - [] ----D C:\Users\Elzirene\AppData\Local\Setup4911328 O43 - CFD: 25/05/2016 - 20:18:38 - [] ----D C:\Users\Elzirene\AppData\Local\Setup7848296 O43 - CFD: 25/05/2016 - 20:18:41 - [] ----D C:\Users\Elzirene\AppData\Local\Setup7851078 O43 - CFD: 13/04/2016 - 23:13:41 - [0] ----D C:\Users\Elzirene\AppData\Local\Skype O43 - CFD: 23/03/2015 - 20:23:11 - [] ----D C:\Users\Elzirene\AppData\Local\speed browser =>PUP.SpeedBrowser O43 - CFD: 28/05/2016 - 23:53:37 - [] ----D C:\Users\Elzirene\AppData\Local\Temp O43 - CFD: 09/11/2014 - 13:53:53 - [] -SH-D C:\Users\Elzirene\AppData\Local\Temporary Internet Files O43 - CFD: 14/09/2015 - 20:45:12 - [] ----D C:\Users\Elzirene\AppData\Local\TVTime O43 - CFD: 16/11/2015 - 19:49:55 - [] ----D C:\Users\Elzirene\AppData\Local\VirtualStore O43 - CFD: 25/05/2016 - 20:18:38 - [] ----D C:\Users\Elzirene\AppData\Local\{4737716B-639F-1DD3-0E07-383B2A6FC4A3} O43 - CFD: 26/07/2012 - 05:13:00 - [] R---D C:\Users\Elzirene\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility O43 - CFD: 26/07/2012 - 05:13:00 - [] R---D C:\Users\Elzirene\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories O43 - CFD: 09/11/2014 - 16:48:09 - [] R---D C:\Users\Elzirene\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools O43 - CFD: 09/11/2014 - 14:04:17 - [0] ----D C:\Users\Elzirene\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dic Michaelis - UOL O43 - CFD: 26/07/2012 - 05:13:00 - [] ----D C:\Users\Elzirene\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance O43 - CFD: 09/11/2014 - 16:48:09 - [] R---D C:\Users\Elzirene\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup O43 - CFD: 26/07/2012 - 05:13:00 - [] R---D C:\Users\Elzirene\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools O43 - CFD: 13/04/2016 - 23:10:25 - [] ----D C:\Users\Elzirene\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR ~ Program Folder: 187 Scanned in 00mn 00s ---\\ Últimos ficheiros alterados ou criados no Windows e Sistema32 (044) O44 - LFC:[MD5.6738B22AF2D1ABB797DC0D76E3BBF75D] - 25/05/2016 - 21:29:25 ---A- . (...) -- C:\Windows\PFRO.log [239268] O44 - LFC:[MD5.9AE848DB3AC6855B3C8AB5FC131BAC14] - 27/05/2016 - 16:52:15 ---A- . (...) -- C:\Windows\System32\PerfStringBackup.INI [1696874] O44 - LFC:[MD5.470B916AAF060B2A1C0FE0CCC9294B7D] - 27/05/2016 - 16:52:15 ---A- . (...) -- C:\Windows\System32\perfc009.dat [124834] O44 - LFC:[MD5.B70E95242F05ED30F38C802CBEA13383] - 27/05/2016 - 16:52:15 ---A- . (...) -- C:\Windows\System32\perfh009.dat [674948] O44 - LFC:[MD5.47BCE44713083AFF0342F30A2C37849B] - 27/05/2016 - 16:52:15 ---A- . (...) -- C:\Windows\System32\prfc0816.dat [152194] O44 - LFC:[MD5.8B6CAF901534DE5EDCE34B0A6048A042] - 27/05/2016 - 16:52:15 ---A- . (...) -- C:\Windows\System32\prfh0816.dat [741758] O44 - LFC:[MD5.E49549A1C0BF4BD6FB2ECAF73C3C5D14] - 28/05/2016 - 23:39:18 -S-A- . (...) -- C:\Windows\bootstat.dat [67584] O44 - LFC:[MD5.71384084241F761B1A1312E31A9CF5D9] - 28/05/2016 - 23:49:30 ---A- . (...) -- C:\PhysicalDisk0_MBR.bin [512] O44 - LFC:[MD5.88BE06358ED372EDA81062D8DDF90164] - 28/05/2016 - 23:51:37 ---A- . (...) -- C:\Windows\WindowsUpdate.log [1190767] ~ Files: 9 Scanned in 00mn 02s ---\\ Negação do serviço (Local Security Authority) (048) O48 - LSA:Local Security Authority Authentication Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\Windows\System32\msv1_0.dll O48 - LSA:Local Security Authority Notification Packages . (.Microsoft Corporation - Motor cliente do editor de configuração de proteção do Windows.) -- C:\Windows\System32\scecli.dll O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Pacote de segurança Kerberos.) -- C:\Windows\System32\kerberos.dll O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\Windows\System32\msv1_0.dll O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Fornecedor de Segurança TLS/SSL.) -- C:\Windows\System32\schannel.dll O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Digest Access.) -- C:\Windows\System32\wdigest.dll O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Web Service Security Package.) -- C:\Windows\System32\tspkg.dll O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Pku2u Security Package.) -- C:\Windows\System32\pku2u.dll O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Live Security Package.) -- C:\Windows\System32\livessp.dll ~ LSA: 9 Scanned in 00mn 00s ---\\ Controlo do Modo de Segurança (CSB) (49) O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\828A9A2D.sys . (.Kaspersky Lab ZAO - Kaspersky Unified Driver.) -- C:\Windows\System32\Drivers\828A9A2D.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\BasicDisplay.sys . (.Microsoft Corporation - Microsoft Basic Display Driver.) -- C:\Windows\System32\Drivers\BasicDisplay.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\BasicRender.sys . (.Microsoft Corporation - Microsoft Basic Render Driver.) -- C:\Windows\System32\Drivers\BasicRender.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\dxgkrnl.sys . (.Microsoft Corporation - DirectX Graphics Kernel.) -- C:\Windows\System32\Drivers\dxgkrnl.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\FsDepends.sys . (.Microsoft Corporation - File System Dependency Manager Mini Filter Driver.) -- C:\Windows\System32\Drivers\FsDepends.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sermouse.sys . (.Microsoft Corporation - Controlador de filtro de rato série.) -- C:\Windows\System32\Drivers\sermouse.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\System32\Drivers\volmgr.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgrx.sys . (.Microsoft Corporation - Controlador de Extensão do Gestor de Volumes.) -- C:\Windows\System32\Drivers\volmgrx.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\828A9A2D.sys . (.Kaspersky Lab ZAO - Kaspersky Unified Driver.) -- C:\Windows\System32\Drivers\828A9A2D.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\BasicDisplay.sys . (.Microsoft Corporation - Microsoft Basic Display Driver.) -- C:\Windows\System32\Drivers\BasicDisplay.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\BasicRender.sys . (.Microsoft Corporation - M

Format du document : text/plain

Prévisualisation