Ir para conteúdo

Arquivado

Este tópico foi arquivado e está fechado para novas respostas.

leandro aislan

[Resolvido] Computador lento e chrome nao abre

Recommended Posts

Bom dia,

 

 

Segue:

 

Rapport de ZHPFix 2015.2.17.3 par Nicolas Coolman, Update du 17/02/2015
Fichier d'export Registre :
Run by asafer at 03/03/2015 07:52:20
High Elevated Privileges : OK
Windows 8 Business Edition, 64-bit (Build 9200)
Reciclagem vazia (00mn 03s)
Reparação de atalhos do navegador
========== Chaves do Registo ==========
ELIMINÉ Driver Key: Bfilter
ELIMINÉ Driver Key: Bfmon
ELIMINÉ Driver Key: Bnbase
ELIMINÉ Driver Key: Bndef
ELIMINÉ Driver Key: Bprotect
ELIMINÉ: HKCU\Software\Baidu Security
ELIMINÉ: HKCU\Software\Baixaki
ELIMINÉ:* HKLM\Software\Baidu Security
ELIMINÉ: SearchScopes :{012E1000-F331-11DB-8314-0800200C9A66}
ELIMINÉ: SearchScopes :{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
========== Pastas ==========
Nenhuma pasta CLSID local utilizador vazia
========== Ficheiros ==========
ELIMINÉ Temporários windows (202) (134.296.898 octets)
ELIMINÉ Flash Cookies (0) (0 octets)
========== Tarefa planificada ==========
ELIMINÉ: {251387F5-DEA4-4BFE-8BFC-61CE95241A6E}
ELIMINÉ: {79FD070D-9732-4E54-B542-820C69A73805}
========== Restauração Sistema ==========
Ponto de restauro do sistema criado com sucesso
========== Outros ==========
NÃO-TRATADO O4 - HKUS\S-1-5-21\..\Run: [resource] en-ca.dll
NÃO-TRATADO O4 - HKUS\S-1-5-21\..\RunOnce: [resource] en-ca.dll
========== Recapitulativo ==========
10 : Chaves do Registo
1 : Pastas
2 : Ficheiros
2 : Tarefa planificada
1 : Restauração Sistema
2 : Outros
End of clean in 00mn 36s
========== Caminho do ficheiro do relatório ==========
C:\Users\asafer\AppData\Roaming\ZHP\ZHPFix[R1].txt - 03/03/2015 07:52:24 [1550]

Compartilhar este post


Link para o post
Compartilhar em outros sites

:seta: Abra novamente o ( ZHPDiag )

 

ZHPDiag_Pergaminho2_zps6e758639.jpg

 

|- Clique "COMPLETA" e aguarde a conclusão:

 

tutorial_zhpdiag_1.jpg

 

|- Ao concluir, poste o relatório ZHPDiag.txt

 

zhpdia11.png

_______________________________________________

 

Obs: Caso o relatório do ZHPDiag fique muito grande e não couber na sua resposta, acesse o site Cjoint:

http://cjoint.com

 

Clique no botão Escolher arquivo > Selecione o arquivo do log (relatório) e clique no botão Abrir.

 

Clique no botão Créer le lien Cjoint

 

Copie o link que aparecerá ao lado da frase Le lien a été créé e poste este link em sua próxima resposta.

Compartilhar este post


Link para o post
Compartilhar em outros sites
~ Relatório do ZHPDiag v2015.3.1.25 - Nicolas Coolman (01/03/2015)

~ Iniciado por asafer (03/03/2015 13:34:41)


~ Endereço do Webforum : http://forum.nicolascoolman.fr

~ Tradução pelo utilizador

~ Estatuto da versão : Versão atualizada.

~ Lista Branca : Desativado pelo Utilizador

~ Elevação dos Privilégios : OK

~ Controle de Conta de Utilizador : Deactivate by user



---\\ Navegadores Internet

MSIE: Internet Explorer v10.0.9200.16897 (Defaut)

MFIE: Mozilla Firefox 31.0

GCIE: Google Chrome v40.0.2214.115


---\\ Informações sobre os produtos Windows

~ Langage: Portugais

Windows Server License Manager Script : OK

Software Protection Service (Protection logicielle) : OK

Windows Automatic Updates : OK

Windows Activation Technologies : OK

Windows 8 Pro, 64-bit (Build 9200)


---\\ Softwares de proteçao do sistema

Kaspersky PURE 3.0 v13.0.2.558

Malwarebytes Anti-Malware versão 2.0.4.1028

Windows Defender W8 (Deactivate)


---\\ Softwares d'optimização do sistema

CCleaner v4.16


---\\ Softwares de partilha do PeerToPeer (P2P)


---\\ Monitoramento dos softwares


---\\ Informações sobre o sistema

~ Processor: Intel64 Family 6 Model 58 Stepping 9, GenuineIntel

~ Operating System: 64 Bits

Boot mode: Normal (Normal boot)

Total RAM: 6062 MB (61% free)

System Restore: Activé (Enable)

System drive C: has 176 GB (79%) free of 222 GB


---\\ Modo de conexão ao sistema

~ Computer Name: PC-ESCRITORIO

~ User Name: asafer

~ All Users Names: Convidado, asafer, Administrador,

~ Unselected Option: None

Logged in as Administrator


---\\ As variáveis de ambiente

~ System Unit : C:\

~ %AppZHP% : C:\Users\asafer\AppData\Roaming\ZHP\

~ %AppData% : C:\Users\asafer\AppData\Roaming\

~ %Desktop% : C:\Users\asafer\Desktop\

~ %Favorites% : C:\Users\asafer\Favorites\

~ %LocalAppData% : C:\Users\asafer\AppData\Local\

~ %StartMenu% : C:\Users\asafer\AppData\Roaming\Microsoft\Windows\Start Menu\

~ %Windir% : C:\Windows\

~ %System% : C:\Windows\System32\


---\\ Enumeração das unidades dos discos

C: Hard drive, Flash drive, Thumb drive (Free 176 Go of 222 Go)

D: CD-ROM drive (Not Inserted)




---\\ Estado do Centro de Segurança do Windows

[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK

[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK

[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified

[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] DisableTaskMgr: OK

[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] DisableRegistryTools: OK

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: Modified

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK

[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK

[HKLM\SYSTEM\CurrentControlSet\Services\COMSysApp] Type: OK

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime : OK

~ Security Center: 44 Scanned in 00mn 00s




---\\ Pesquisa particular de ficheiros genéricos

[MD5.0E8E6463F81C80AFBED533E0F1F8895D] - (.Microsoft Corporation - Windows Explorer.) (.30/01/2014 - 16:15:28.) -- C:\Windows\Explorer.exe [2391280]

[MD5.FE9AB232B56A12224E8A3F3F9878C9A3] - (.Microsoft Corporation - Aplicativo de Inicialização do Windows.) (.26/07/2012 - 00:08:50.) -- C:\Windows\System32\Wininit.exe [132608]

[MD5.2B7920C7885AC45FD0E27DD860F095A1] - (.Microsoft Corporation - Internet Extensions para Win32.) (.06/03/2014 - 21:08:30.) -- C:\Windows\System32\wininet.dll [2240000]

[MD5.75DD70A14145499C9F7D903CF9A8C91B] - (.Microsoft Corporation - Aplicativo de Logon do Windows.) (.12/04/2014 - 06:10:31.) -- C:\Windows\System32\Winlogon.exe [578048]

[MD5.9448F5740A037EC0C18F0E9177232DD0] - (.Microsoft Corporation - Biblioteca de Licenciamento de Software.) (.26/07/2012 - 00:07:20.) -- C:\Windows\System32\sppcomapi.dll [273408]

[MD5.FE7FB9612D354EB41DF4F0FF5D6FB259] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.29/05/2014 - 19:24:46.) -- C:\Windows\system32\Drivers\AFD.sys [576512]

[MD5.A721FF570C2387E383BDDEA9632863C9] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.26/07/2012 - 02:00:48.) -- C:\Windows\system32\Drivers\atapi.sys [25840]

[MD5.990B1BABE6E81FB18E65A87EBEFB1772] - (.Microsoft Corporation - CD-ROM File System Driver.) (.25/07/2012 - 23:30:10.) -- C:\Windows\system32\Drivers\Cdfs.sys [108544]

[MD5.339BFF85D788268752DA8C9644B188EE] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.25/07/2012 - 23:26:36.) -- C:\Windows\system32\Drivers\Cdrom.sys [174080]

[MD5.431141C6859990824D17F71C30A78728] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.15/01/2014 - 20:42:58.) -- C:\Windows\system32\Drivers\DfsC.sys [118784]

[MD5.7D87B5B6C7188D553E11B59DC7F0B111] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.20/09/2012 - 03:08:44.) -- C:\Windows\system32\Drivers\HDAudBus.sys [71168]

[MD5.C9E9CBF73AFFBFE3E801EFB516787BA3] - (.Microsoft Corporation - Driver de porta i8042.) (.25/07/2012 - 23:28:51.) -- C:\Windows\system32\Drivers\i8042prt.sys [112640]

[MD5.3969B9C218DD3FAA9F4ED2FFC3651C02] - (.Microsoft Corporation - IP Network Address Translator.) (.25/07/2012 - 23:23:01.) -- C:\Windows\system32\Drivers\IpNat.sys [145920]

[MD5.14EE56050E1637926F5CFA65B1F4209B] - (.Microsoft Corporation - Minirdr SMB do Windows NT.) (.12/07/2014 - 01:34:34.) -- C:\Windows\system32\Drivers\MRxSmb.sys [404480]

[MD5.7CEC25C682D319D484630B3952C31A11] - (.Microsoft Corporation - MBT Transport driver.) (.25/07/2012 - 23:24:28.) -- C:\Windows\system32\Drivers\netBT.sys [331776]

[MD5.7BE3EDFFA3216F989A6BDCB14795DD08] - (.Microsoft Corporation - Driver do Sistema de Arquivos NT.) (.27/01/2014 - 00:39:40.) -- C:\Windows\system32\Drivers\ntfs.sys [1939288]

[MD5.4563DAF8C6A740AD7F501E219BD10766] - (.Microsoft Corporation - Driver de porta paralela.) (.25/07/2012 - 23:29:53.) -- C:\Windows\system32\Drivers\Parport.sys [105984]

[MD5.A14D625C5AEE5FFE0F47D1A1D419FAAE] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.25/07/2012 - 23:23:17.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [124928]

[MD5.B2A3AD74FF2E2FFA73AF2567108231B3] - (.Microsoft Corporation - Microsoft RDP Device redirector.) (.25/07/2012 - 23:25:18.) -- C:\Windows\system32\Drivers\rdpdr.sys [179712]

[MD5.73DC722CE5DF26D7638CE2446F2655C7] - (.Microsoft Corporation - TDI Translation Driver.) (.26/07/2012 - 02:26:47.) -- C:\Windows\system32\Drivers\tdx.sys [117248]

[MD5.AA37946941ED3805AB3A924965907147] - (.Microsoft Corporation - Driver de cópia de sombra de volume.) (.04/07/2014 - 07:52:10.) -- C:\Windows\system32\Drivers\volsnap.sys [328000]

~ Generic Processes: Scanned in 00mn 00s




---\\ Estatuto dos ficheiros ocultos (Oculto/Total)

~ Mes Favoris (My Favorites) : 1/5

~ Mes Documents (My Documents) : 2/34

~ Mon Bureau (My Desktop) : 1/1009

~ Menu demarrer (Programs) : 1/33

~ Hidden Files: Scanned in 00mn 00s




---\\ Processos lançados

[MD5.7D6E1809C844B1D2AA02B6DCF1950084] - (.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe [31087200] [PID.4976]

[MD5.80C830207A104F6C1BDE91D0D86D8685] - (.Microsoft Corporation - Send to OneNote Tool.) -- C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.exe [195240] [PID.2980]

[MD5.139C3E683C64935D397A3A656D443E29] - (.CyberLink Corp. - PowerDVD RC Service.) -- C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [102928] [PID.5196]

[MD5.7E91655B4947EC1B18B3BC1645839145] - (.Kaspersky Lab ZAO - Kaspersky Anti-Virus.) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\avp.exe [356128] [PID.1684]

[MD5.F419E9A607B79DAB0AC93119016E8342] - (.CyberLink - CyberLink MediaLibray Service.) -- C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [111136] [PID.6648]

[MD5.883B2E1341E5BE906A7507308A6636DF] - (.Intel Corporation - IAStorIcon.) -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [285240] [PID.7012]

[MD5.253EB69F697FCCFEFCE49335301EF3A1] - (.SoftThinks - Dell - Dell Backup And Recovery Toaster.) -- C:\Program Files (x86)\Dell Backup and Recovery\TOASTER.exe [4124760] [PID.5160]

[MD5.D2512647A82BFCCE0135809C2DD2ED14] - (.SoftThinks - Dell - Dell Backup And Recovery Update Launcher.) -- C:\Program Files (x86)\Dell Backup and Recovery\Components\DBRUpdate\DBRUpd.exe [493656] [PID.2276]

[MD5.9A500B1DC998C52DBB76647EA63C8703] - (...) -- C:\Program Files (x86)\OpenVPN\bin\openvpn-gui.exe [398648] [PID.6216]

[MD5.8A19EA5B41FD53F1A94C5BD649A14F14] - (.The OpenVPN Project - OpenVPN Daemon.) -- C:\Program Files (x86)\OpenVPN\bin\openvpn.exe [676152] [PID.3492]

[MD5.FB823E67BF4C6A31C80E9999453AE66B] - (.Microsoft Corporation - Microsoft Excel.) -- C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.exe [25713304] [PID.6984]

[MD5.B9D6D7E6E5C4FCD8DD7F88EC9D563085] - (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [843592] [PID.6816]

[MD5.1ADAB4A9071A474CAC06509EB901E820] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [8182784] [PID.3576]

~ Processes Running: Scanned in 00mn 00s




---\\ Google Chrome, Arranque,Pesquisa,Extensões (G0,G1,G2)

C:\Users\asafer\AppData\Local\Google\Chrome\User Data\Default\Preferences


---\\ Pasta de extensão do Google Chrome

~ Google Lines Browser: 0 Scanned in 00mn 00s




---\\ Mozilla Firefox, Plugins,Arranque,Pesquisa,Extensões (P2,M0,M1,M2,M3)

M2 - MFEP: RegExtension {87F8774F-B485-47E2-A755-A40A8A5E8873} . (...) --

P2 - FPN: [HKCU] [gastecnologia.com.br/sf/uni] - (.GAS Tecnologia - Internet Banking Helper.) -- C:\Users\asafer\AppData\Local\GAS Tecnologia\GBBD\npsf_uni.dll

~ Firefox Browser: 2 Scanned in 00mn 00s




---\\ Internet Explorer, Arranque, Pesquisa, URLSearchHook( gancho de URL), Phishing (R0,R1,R3,R4)

R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:Tabs

R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com

R0 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com

R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com

R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://dell13.msn.com

R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com

R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com

R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons

R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk

R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com

R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com

R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com

R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com

R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons

R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk

R3 - URLSearchHook: Microsoft Url Search Hook [64Bits] - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Navegador da Internet.) (10.00.9200.16384 (win8_rtm.120725-1247)) -- C:\Windows\SysWOW64\ieframe.dll

~ IE Browser: 16 Scanned in 00mn 00s




---\\ Internet Explorer, Gestão do Proxy (R5)

R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key

R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0

R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1

R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1

R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll

~ Proxy management: Scanned in 00mn 00s




---\\ Análise das linhas F0, F1, F2, F3 - Ficheiros ini, Carregamento Automático de programas

F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,

F2 - REG:system.ini: Shell=C:\Windows\explorer.exe

F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe

~ Keys: Scanned in 00mn 00s




---\\ Redireção do ficheiro Hosts (01)

~ Le fichier hôte est sain (The hosts file is clean) (21)

~ Hosts File: Scanned in 00mn 00s




---\\ Browser Helper Objects do navegador (02)

O2 - BHO: ContentBlockerBrowserHelperObject [64Bits] - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} . (.Kaspersky Lab ZAO - Content Blocker Plugin.) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\ContentBlocker\ie_content_blocker_plugin.dll

O2 - BHO: VirtualKeyboardBrowserHelperObject [64Bits] - {73455575-E40C-433C-9784-C78DC7761455} . (.Kaspersky Lab ZAO - Virtual Keyboard Plugin.) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll

O2 - BHO: Safe Money Plugin [64Bits] - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} . (.Kaspersky Lab ZAO - Safe Money Plugin.) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\OnlineBanking\online_banking_bho.dll

O2 - BHO: G-Buster Browser Defense Itaú Unibanco [64Bits] - {C41A1C0E-EA6C-11D4-B1B8-444553540008} . (.Banco Itaú Unibanco - Gbieh Module.) -- C:\Program Files (x86)\GbPlugin\gbiehuni.dll

O2 - BHO: link filter bho [64Bits] - {E33CF602-D945-461A-83F0-819F76A199F8} . (.Kaspersky Lab ZAO - URL Advisor Plugin.) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\UrlAdvisor\klwtbbho.dll

O2 - BHO: Lync Click to Call BHO [64Bits] - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} Chave orfã

O2 - BHO: (no name) [64Bits] - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} Chave orfã

~ BHO: 11 Scanned in 00mn 00s




---\\ Aplicações iniciadas por registo & pastas (04)

O4 - HKLM\..\Run: [igfxTray] . (.Intel Corporation - igfxTray Module.) -- C:\Windows\system32\igfxtray.exe

O4 - HKLM\..\Run: [HotKeysCmds] . (.Intel Corporation - hkcmd Module.) -- C:\Windows\system32\hkcmd.exe

O4 - HKLM\..\Run: [Persistence] . (.Intel Corporation - persistence Module.) -- C:\Windows\system32\igfxpers.exe

O4 - HKLM\..\Run: [TdmNotify] . (.Wave Systems Corp. - Trusted Drive Manager User Notifier.) -- C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Trusted Drive Manager\TdmNotify.exe

O4 - HKLM\..\Run: [LogMeIn GUI] . (.LogMeIn, Inc. - LogMeIn Desktop Application.) -- C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe

O4 - HKCU\..\Run: [skype] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe =>.Skype Technologies S.A.

O4 - HKLM\..\Wow6432Node\Run: [iAStorIcon] . (.Intel Corporation - Delayed launcher.) -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIconLaunch.exe

O4 - HKLM\..\Wow6432Node\Run: [RemoteControl10] . (.CyberLink Corp. - PowerDVD RC Service.) -- C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe

O4 - HKLM\..\Wow6432Node\Run: [HPUsageTrackingLEDM] . (.Hewlett-Packard Company - HP UT LEDM Driver.) -- C:\Program Files (x86)\HP\HP UT LEDM\bin\hppusg.exe

O4 - HKLM\..\Wow6432Node\Run: [AVP] . (.Kaspersky Lab ZAO - Kaspersky Anti-Virus.) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\runner_avp.exe

O4 - HKUS\S-1-5-21\..\Run: [resource] en-ca.dll

O4 - HKUS\S-1-5-21\..\RunOnce: [resource] en-ca.dll

O4 - HKUS\S-1-5-21-1723347743-867858956-900643699-1001\..\Run: [skype] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe =>.Skype Technologies S.A.

~ Application: Scanned in 00mn 00s




---\\ Icones das opções IE invisiveis no painel das configurações (05)

O5 - control.ini: [HKLM\..\Control Panel] inetcpl.cpl=no

~ IE Control Panel: 1 Scanned in 00mn 00s




---\\ Boutões da barra de ferramentas principal do Internet Explorer (09)

O9 - Extra button: Teclado Virtual [64Bits] - {0C4CC089-D306-440D-9772-464E226F6539} . (...) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\kbrd.ico

O9 - Extra button: Se&nd to OneNote [64Bits] - {2670000A-7350-4f3c-8081-5663EE0C6C49} . (.Microsoft Corporation - Microsoft OneNote Internet Explorer Add-in.) -- C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\ONBttnIE.dll =>.Microsoft Corporation

O9 - Extra button: Lync Click to Call [64Bits] - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -- C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\lync.exe (.not file.)

O9 - Extra button: OneNote Lin&ked Notes [64Bits] - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} . (.Microsoft Corporation - Microsoft OneNote Internet Explorer Add-in.) -- C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\ONBttnIELinkedNotes.dll =>.Microsoft Corporation

O9 - Extra button: Verificação de URLs [64Bits] - {CCF151D8-D089-449F-A5A4-D9909053F20F} . (...) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\logo.ico

~ IE Extra Buttons: Scanned in 00mn 00s




---\\ Winsock hijacker (Layered Service Provider) (O10)

O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Provedor de Correção de Nomeação de Emails.) -- C:\Windows\system32\napinsp.dll

O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - PNRP Name Space Provider.) -- C:\Windows\system32\pnrpnsp.dll

O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - PNRP Name Space Provider.) -- C:\Windows\system32\pnrpnsp.dll

O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - Network Location Awareness 2.) -- C:\Windows\system32\NLAapi.dll

O10 - WLSP:\000000000005\Winsock LSP File . (.Microsoft Corporation - Provedor de serviços do Microsoft Windows Sockets 2.0.) -- C:\Windows\system32\mswsock.dll

O10 - WLSP:\000000000006\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\Windows\system32\winrnr.dll

~ Winsock: 6 Scanned in 00mn 00s




---\\ Alteração Dominio/Clientes DNS (017)

O17 - HKLM\System\CCS\Services\Tcpip\..\{4C4F3CA1-5E77-496E-9789-0D58BA9E1263}: NameServer = 8.8.8.8,8.8.4.4 =>.Google DNS Redirections

O17 - HKLM\System\CCS\Services\Tcpip\..\{7CEB4565-CF3F-49B8-A0DB-03E80E812BAE}: DhcpNameServer = 192.168.42.129

O17 - HKLM\System\CS1\Services\Tcpip\..\{4C4F3CA1-5E77-496E-9789-0D58BA9E1263}: NameServer = 8.8.8.8,8.8.4.4 =>.Google DNS Redirections

O17 - HKLM\System\CS1\Services\Tcpip\..\{7CEB4565-CF3F-49B8-A0DB-03E80E812BAE}: DhcpNameServer = 192.168.42.129

~ Domain: Scanned in 00mn 00s




---\\ Protocolo adicional (018)

O18 - Handler: wlpg [64Bits] - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (...) --

O18 - Filter: application/x-msdownload [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll =>.Microsoft Corporation

~ Protocole Additionnel: Scanned in 00mn 00s




---\\ Valor do Registo AppInit_DLLs e sub-chaves Winlogon Notify (autorun) (O20)

O20 - Winlogon Notify: igfxcui . (.Intel Corporation - igfxdev Module.) -- C:\Windows\System32\igfxdev.dll

O20 - Winlogon Notify: spba . (...) -- C:\Program Files\Common Files\SPBA\homefus2.dll

~ Winlogon: Scanned in 00mn 00s




---\\ Chave do Registo autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21)

O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.

~ SSODL: 1 Scanned in 00mn 00s




---\\ Lista dos serviços NT não Microsoft e não desativados (023)

O23 - Service: Serviço do Kaspersky Anti-Virus (AVP) . (.Kaspersky Lab ZAO - Kaspersky Anti-Virus.) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\avp.exe

O23 - Service: CryptoStorage control service (CSObjectsSrv) . (.Infowatch - InfoWatch CryptoStorage Protected objects c.) - C:\Program Files (x86)\Common Files\InfoWatch\CryptoStorage\ProtectedObjectsSrv.exe

O23 - Service: EmbassyService (EmbassyService) . (.No owner - EmbassyServer Application.) - C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\EMBASSY Client Core\EmbassyServer.exe

O23 - Service: Gbp Service (GbpSv) . (.GAS Tecnologia - G-Buster Browser Defense - Service.) - C:\Program Files (x86)\GbPlugin\gbpsv.exe

O23 - Service: Serviço do Google Update (gupdate) (gupdate) . (.Google Inc. - Google Installer.) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

O23 - Service: HP LaserJet Service (HP LaserJet Service) . (.HP - HP LaserJet Service.) - C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe

O23 - Service: HP SI Service (HPSIService) . (.HP - HP Smart-Install Service.) - C:\Windows\system32\HPSIsvc.exe

O23 - Service: Tecnologia de armazenamento Intel® Rapid (IAStorDataMgrSvc) . (.Intel Corporation - IAStorDataSvc.) - C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe

O23 - Service: LMIGuardianSvc (LMIGuardianSvc) . (.LogMeIn, Inc. - LMIGuardianSvc.) - C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe

O23 - Service: LogMeIn Maintenance Service (LMIMaint) . (.LogMeIn, Inc. - LogMeIn Maintenance Service.) - C:\Program Files (x86)\LogMeIn\x64\RaMaint.exe

O23 - Service: LogMeIn (LogMeIn) . (.LogMeIn, Inc. - LogMeIn.) - C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe

O23 - Service: Dell PBA x64 Service (PbaDrvSvc_x64) . (.Dell, Inc. - Dell Preboot Authentication Service.) - C:\Program Files\Dell\Dell Data Protection\Access\Advanced\hapi64\pbadrvsvc.exe

O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) . (.No owner - RichVideo Module.) - C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe

O23 - Service: (SetupARService) . (.No owner - SetupAfterRebootService.) - C:\Program Files (x86)\Realtek\Audio\SetupAfterRebootService.exe

O23 - Service: SoftThinks Agent Service (SftService) . (.SoftThinks SAS - SoftThinks Agent Service.) - C:\Program Files (x86)\Dell Backup and Recovery\SftService.exe

O23 - Service: Skype Updater (SkypeUpdate) . (.Skype Technologies - Skype Updater Service.) - C:\Program Files (x86)\Skype\Updater\Updater.exe

O23 - Service: SI TSS v1.2.1.41 TCS (tcsd_win32.exe) . (...) - C:\Program Files (x86)\Security Innovation\SI TSS\bin\tcsd_win32.exe

O23 - Service: TdmService (TdmService) . (.Wave Systems Corp. - TDM Service.) - C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Trusted Drive Manager\TdmService.exe

O23 - Service: TeamViewer 9 (TeamViewer9) . (.TeamViewer GmbH - TeamViewer 9.) - C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe

O23 - Service: Wave Authentication Manager Service (Wave Authentication Manager Service) . (.Wave Systems Corp. - WaveAMService.) - C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Authentication Manager\WaveAMService.exe

O23 - Service: WvPCR (WvPCR) . (.Wave Systems Corp. - Embassy Toolkit Service.) - C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Common\WvPCR.exe

~ Services: 21 Scanned in 00mn 05s




---\\ Enumeração Ativa do Ambiente de trabalho & Editor MHTML (024)

O24 - Default MHTML Editor: Last - .(...) - (.not file.)

~ Desktop Component: 4 Scanned in 00mn 00s




---\\ Listagem dos dados do BootExecute (Bex) (034)

O34 - HKLM BootExecute: (autocheck autochk *) - File not found

~ BEX: 1 Scanned in 00mn 00s




---\\ Tarefas planificadas automaticamente (039)

[MD5.88077CF32319BEE612C82EBF54680DE8] [APT] [CCleanerSkipUAC] (.Piriform Ltd.) -- C:\Program Files\CCleaner\CCleaner.exe [4626712]

[MD5.F419E9A607B79DAB0AC93119016E8342] [APT] [CLMLSvc_P2G8] (.CyberLink.) -- C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [111136]

[MD5.2FC635380608BD0D1BF3FB4986676D05] [APT] [CLVDLauncher] (.CyberLink Corp..) -- C:\Program Files (x86)\CyberLink\Power2Go8\CLVDLauncher.exe [340000]

[MD5.506708142BC63DABA64F2D3AD1DCD5BF] [APT] [GoogleUpdateTaskMachineCore] (.Google Inc..) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [116648]

[MD5.506708142BC63DABA64F2D3AD1DCD5BF] [APT] [GoogleUpdateTaskMachineUA] (.Google Inc..) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [116648]

[MD5.6B7D7C8A314EA3F96E0F86C92580E976] [APT] [WSCEAA] (.Wave Systems Corp..) -- C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\RemoteManagement\WSCEAA.exe [35184]

O39 - APT: GoogleUpdateTaskMachineCore - (.Google Inc..) -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job [1100]

O39 - APT: GoogleUpdateTaskMachineCore - (.Google Inc..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore [1100]

O39 - APT: GoogleUpdateTaskMachineUA - (.Google Inc..) -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job [1104]

O39 - APT: GoogleUpdateTaskMachineUA - (.Google Inc..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA [1104]

~ Scheduled Task: 10 Scanned in 00mn 01s




---\\ Componentes instalados (ActiveSetup Installed Components) (040)

O40 - ASIC: Microsoft Windows Media Player [64Bits] - >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Recursos do Windows Media Player.) -- C:\Windows\System32\wmploc.dll =>.Microsoft Corporation

O40 - ASIC: Microsoft Windows Media Player 12.0 [64Bits] - {22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Windows Media Player Extension.) -- C:\Windows\SysWOW64\wmpdxm.dll =>.Microsoft Corporation

O40 - ASIC: Themes Setup [64Bits] - {2C7339CF-2B09-4501-B3F3-F3508C9228ED} . (.Microsoft Corporation - API de tema do Windows.) -- C:\Windows\System32\themeui.dll

O40 - ASIC: Microsoft Windows [64Bits] - {44BBA840-CC51-11CF-AAFA-00AA00B6015C} . (.Microsoft Corporation - Windows Mail.) -- C:\Program Files (x86)\Windows Mail\WinMail.exe =>.Microsoft Corporation

O40 - ASIC: Browsing Enhancements [64Bits] - {630b1da0-b465-11d1-9948-00c04f98bbc9} . (.Microsoft Corporation - Extensão shell da pasta FTP do Microsoft Internet Explorer.) -- C:\Windows\System32\msieftp.dll

O40 - ASIC: Microsoft Windows Media Player [64Bits] - {6BF52A52-394A-11d3-B153-00C04F79FAA6} . (.Microsoft Corporation - Recursos do Windows Media Player.) -- C:\Windows\System32\wmploc.dll =>.Microsoft Corporation

O40 - ASIC: Windows Desktop Update [64Bits] - {89820200-ECBD-11cf-8B85-00AA005B4340} . (.Microsoft Corporation - DLL comum do Shell do Windows.) -- C:\Windows\System32\shell32.dll

O40 - ASIC: Web Platform Customizations [64Bits] - {89820200-ECBD-11cf-8B85-00AA005B4383} . (.Microsoft Corporation - Utilitário de Inicialização por Usuário do Internet Explorer.) -- C:\Windows\System32\ie4uinit.exe

O40 - ASIC: (no name) [64Bits] - {89B4C1CD-B018-4511-B0A1-5476DBF70820} . (.Microsoft Corporation - Microsoft .NET IE SECURITY REGISTRATION.) -- C:\Windows\System32\mscories.dll

~ Active Setup: 9 Scanned in 00mn 00s




---\\ Drivers lançados ao arranque do sistema (041)

O41 - Driver: C:\Windows\System32\drivers\afd.sys (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\Windows\system32\drivers\afd.sys

O41 - Driver: (BasicDisplay) . (.Microsoft Corporation - Microsoft Basic Display Driver.) - C:\Windows\system32\drivers\BasicDisplay.sys

O41 - Driver: (BasicRender) . (.Microsoft Corporation - Microsoft Basic Render Driver.) - C:\Windows\system32\drivers\BasicRender.sys

O41 - Driver: cdrom.inf (cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\Windows\system32\drivers\cdrom.sys

O41 - Driver: (CLVirtualDrive) . (.CyberLink - It is a virtual device driver which could c.) - C:\Windows\system32\DRIVERS\CLVirtualDrive.sys

O41 - Driver: C:\Windows\System32\cscsvc.dll (CSC) . (.Microsoft Corporation - Windows Client Side Caching Driver.) - C:\Windows\System32\drivers\csc.sys

O41 - Driver: (CSVirtualDiskDrv) . (.Infowatch - Virtual Volume Container Driver (wnet).) - C:\Windows\system32\DRIVERS\CSVirtualDiskDrv.sys

O41 - Driver: C:\Windows\System32\drivers\dam.sys (dam) . (.Microsoft Corporation - DAM Kernel Driver.) - C:\Windows\System32\drivers\dam.sys

O41 - Driver: C:\Windows\System32\wkssvc.dll (Dfsc) . (.Microsoft Corporation - DFS Namespace Client Driver.) - C:\Windows\System32\Drivers\dfsc.sys

O41 - Driver: C:\Windows\System32\drivers\discache.sys (discache) . (.Microsoft Corporation - System Indexer/Cache Driver.) - C:\Windows\System32\drivers\discache.sys

O41 - Driver: (KLIF) . (.Kaspersky Lab ZAO - Klif Mini-Filter [fre_win8_x64].) - C:\Windows\System32\DRIVERS\klif.sys

O41 - Driver: oem29.inf (KLIM6) . (.Kaspersky Lab ZAO - Kaspersky Lab Intermediate Network Driver.) - C:\Windows\system32\DRIVERS\klim6.sys

O41 - Driver: (klwfp) . (.Kaspersky Lab ZAO - Network filtering component.) - C:\Windows\system32\DRIVERS\klwfp.sys

O41 - Driver: (kneps) . (.Kaspersky Lab ZAO - KNEPS Power [fre_wnet_amd64].) - C:\Windows\system32\DRIVERS\kneps.sys

O41 - Driver: (lmimirr) . (.LogMeIn, Inc. - LogMeIn Mirror Miniport Driver.) - C:\Windows\system32\DRIVERS\lmimirr.sys

O41 - Driver: mssmbios.inf (mssmbios) . (.Microsoft Corporation - System Management BIOS Driver.) - C:\Windows\system32\drivers\mssmbios.sys

O41 - Driver: netnb.inf (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\Windows\System32\DRIVERS\netbios.sys

O41 - Driver: C:\Windows\System32\drivers\netbt.sys (NetBT) . (.Microsoft Corporation - MBT Transport driver.) - C:\Windows\System32\DRIVERS\netbt.sys

O41 - Driver: npsvctrig.inf (npsvctrig) . (.Microsoft Corporation - Named pipe service triggers.) - C:\Windows\system32\drivers\npsvctrig.sys

O41 - Driver: C:\Windows\System32\drivers\nsiproxy.sys (nsiproxy) . (.Microsoft Corporation - NSI Proxy.) - C:\Windows\System32\drivers\nsiproxy.sys

O41 - Driver: C:\Windows\System32\drivers\pacer.sys (Psched) . (.Microsoft Corporation - Agendador de pacotes de serviço.) - C:\Windows\system32\DRIVERS\pacer.sys

O41 - Driver: C:\Windows\System32\wkssvc.dll (rdbss) . (.Microsoft Corporation - Driver do Subsistema de Buffer da Unidade R.) - C:\Windows\System32\DRIVERS\rdbss.sys

O41 - Driver: C:\Windows\System32\tcpipcfg.dll (tdx) . (.Microsoft Corporation - TDI Translation Driver.) - C:\Windows\system32\DRIVERS\tdx.sys

O41 - Driver: C:\Windows\System32\rascfg.dll (Wanarpv6) . (.Microsoft Corporation - MS Remote Access and Routing ARP Driver.) - C:\Windows\system32\DRIVERS\wanarp.sys

~ Drivers: 48 Scanned in 00mn 00s




---\\ Software instalados (042)

O42 - Logiciel: 64 Bit HP CIO Components Installer - (.Hewlett-Packard.) [HKLM][64Bits] -- {FF21C3E6-97FD-474F-9518-8DCBE94C2854}

O42 - Logiciel: Arquivo do WinRAR - (...) [HKLM][64Bits] -- WinRAR archiver

O42 - Logiciel: Bematech WinMFD2 2.6.6 - (.Bematech S.A.) [HKLM][64Bits] -- Bematech WinMFD2_is1

O42 - Logiciel: CCleaner - (.Piriform.) [HKLM][64Bits] -- CCleaner

O42 - Logiciel: Custom - (.Wave Systems Corp..) [HKLM][64Bits] -- {7206B668-FEE0-455B-BB1F-9B5A2E0EC94A}

O42 - Logiciel: CyberLink LabelPrint 2.5 - (.CyberLink Corp..) [HKLM][64Bits] -- {C59C179C-668D-49A9-B6EA-0121CCFC1243}

O42 - Logiciel: CyberLink Media Suite 10 - (.CyberLink Corp..) [HKLM][64Bits] -- {1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}

O42 - Logiciel: CyberLink Media Suite Essentials - (.CyberLink Corp..) [HKLM][64Bits] -- InstallShield_{8F14AA37-5193-4A14-BD5B-BDF9B361AEF7}

O42 - Logiciel: CyberLink Power2Go 8 - (.CyberLink Corp..) [HKLM][64Bits] -- {2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}

O42 - Logiciel: CyberLink PowerDVD 10 - (.CyberLink Corp..) [HKLM][64Bits] -- {DEC235ED-58A4-4517-A278-C41E8DAEAB3B}

O42 - Logiciel: CyberLink PowerDirector 10 - (.CyberLink Corp..) [HKLM][64Bits] -- {B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}

O42 - Logiciel: D3DX10 - (.Microsoft.) [HKLM][64Bits] -- {E09C4DB7-630C-4F06-A631-8EA7239923AF}

O42 - Logiciel: Dell Backup and Recovery - (.Dell Inc..) [HKLM][64Bits] -- {0ED7EE95-6A97-47AA-AD73-152C08A15B04}

O42 - Logiciel: Dell Backup and Recovery - Support Software - (.Dell Inc..) [HKLM][64Bits] -- {A9668246-FB70-4103-A1E3-66C9BC2EFB49}

O42 - Logiciel: Dell Data Protection | Access - (.Dell Inc..) [HKLM][64Bits] -- {ABBA2EA4-740E-4052-902B-9CA70B081E3F}

O42 - Logiciel: DellAccess - (.Wave Systems Corp..) [HKLM][64Bits] -- {20A4AA32-B3FF-4A0B-853C-ACDDCD6CB344}

O42 - Logiciel: EMBASSY Client Core - (.Wave Systems Corp..) [HKLM][64Bits] -- {7EC46A4C-E659-418E-A65A-BD7FC82D4C48}

O42 - Logiciel: ERAS Connector - (.Wave Systems Corp.) [HKLM][64Bits] -- {D46BCA58-0AF7-4455-8017-34CE3FEEE808}

O42 - Logiciel: Galeria de Fotos - (.Microsoft Corporation.) [HKLM][64Bits] -- {F5248B7E-779A-4FA4-8134-D1933D8680FA}

O42 - Logiciel: GemCCIDWin8 - (.Gemalto.) [HKLM][64Bits] -- {528282BE-5A68-4B62-8913-829609E625B1}

O42 - Logiciel: Gemalto - (.Wave Systems Corp.) [HKLM][64Bits] -- {91CE5F03-3A2A-4268-935A-04944F058AE9}

O42 - Logiciel: Google Chrome - (.Google Inc..) [HKLM][64Bits] -- Google Chrome

O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM][64Bits] -- {60EC980A-BDA2-4CB6-A427-B07A5498B4CA}

O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM][64Bits] -- {A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}

O42 - Logiciel: Guardião - Itaú 30 horas - (...) [HKLM][64Bits] -- {70e5f739-1d2a-40ae-bbc9-4b3e6af4c831}_is1

O42 - Logiciel: HP LaserJet Professional P1100-P1560-P1600 Series - (...) [HKLM][64Bits] -- HP LaserJet Professional P1100-P1560-P1600 Series

O42 - Logiciel: HP Officejet 4500 G510g-m Corporate Edition 14.0 - (.HP.) [HKLM][64Bits] -- {2CA31A50-60D3-49A1-821E-9FE78E87BCE1} =>.Hewlett-Packard Co

O42 - Logiciel: HPSSupply - (.Hewlett Packard Development Company L.P..) [HKLM][64Bits] -- {7902E313-FF0F-4493-ACB1-A8147B78DCD0}

O42 - Logiciel: Intel® Control Center - (.Intel Corporation.) [HKLM][64Bits] -- {F8A9085D-4C7A-41a9-8A77-C8998A96C421}

O42 - Logiciel: Intel® Network Connections 17.3.57.00 - (.Intel.) [HKLM][64Bits] -- PROSetDX

O42 - Logiciel: Intel® Network Connections 17.3.57.00 - (.Intel.) [HKLM][64Bits] -- {D2B1C10F-369B-40BC-B550-271F968C5EE0}

O42 - Logiciel: Intel® Processor Graphics - (.Intel Corporation.) [HKLM][64Bits] -- {F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}

O42 - Logiciel: Intel® Rapid Storage Technology - (.Intel Corporation.) [HKLM][64Bits] -- {3E29EE6C-963A-4aae-86C1-DC237C4A49FC}

O42 - Logiciel: Java 8 Update 31 - (.Oracle Corporation.) [HKLM][64Bits] -- {26A24AE4-039D-4CA4-87B4-2F83218031F0}

O42 - Logiciel: Kaspersky PURE 3.0 - (.Kaspersky Lab.) [HKLM][64Bits] -- InstallWIX_{D0702EE9-9DE4-419A-9C6C-4730B1C985BA}

O42 - Logiciel: Kaspersky PURE 3.0 - (.Kaspersky Lab.) [HKLM][64Bits] -- {D0702EE9-9DE4-419A-9C6C-4730B1C985BA}

O42 - Logiciel: LogMeIn - (.LogMeIn, Inc..) [HKLM][64Bits] -- {58CF302E-2281-46D3-BDF0-540B11ADCED2}

O42 - Logiciel: MSVCRT - (.Microsoft.) [HKLM][64Bits] -- {8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}

O42 - Logiciel: MSVCRT110 - (.Microsoft.) [HKLM][64Bits] -- {8E14DDC8-EA60-4E18-B3E3-1937104D5BDA}

O42 - Logiciel: MSVCRT110_amd64 - (.Microsoft.) [HKLM][64Bits] -- {E9FA781F-3E80-4399-825A-AD3E11C28C77}

O42 - Logiciel: Malwarebytes Anti-Malware versão 2.0.4.1028 - (.Malwarebytes Corporation.) [HKLM][64Bits] -- Malwarebytes Anti-Malware_is1

O42 - Logiciel: Microsoft SkyDrive - (.Microsoft Corporation.) [HKCU][64Bits] -- SkyDriveSetup.exe =>.Microsoft Corporation

O42 - Logiciel: MosChip PCI Multi-IO Controller - (...) [HKLM][64Bits] -- MosChip Semiconductor Technology Ltd

O42 - Logiciel: Mozilla Firefox 31.0 (x86 pt-BR) - (.Mozilla.) [HKLM][64Bits] -- Mozilla Firefox 31.0 (x86 pt-BR)

O42 - Logiciel: Mozilla Maintenance Service - (.Mozilla.) [HKLM][64Bits] -- MozillaMaintenanceService

O42 - Logiciel: Office 15 Click-to-Run Extensibility Component - (.Microsoft Corporation.) [HKLM][64Bits] -- {90150000-008C-0000-0000-0000000FF1CE}

O42 - Logiciel: Office 15 Click-to-Run Licensing Component - (.Microsoft Corporation.) [HKLM][64Bits] -- {90150000-008F-0000-1000-0000000FF1CE}

O42 - Logiciel: Office 15 Click-to-Run Localization Component - (.Microsoft Corporation.) [HKLM][64Bits] -- {90150000-008C-0416-0000-0000000FF1CE}

O42 - Logiciel: OpenVPN 2.3.2-I003 - (...) [HKLM][64Bits] -- OpenVPN

O42 - Logiciel: PBA Driver-x64 - (.Dell Inc..) [HKLM][64Bits] -- {DF5B5BEC-BA44-4669-98C8-2A691C5EA428}

O42 - Logiciel: Preboot Manager - (.Wave Systems Corp..) [HKLM][64Bits] -- {59ACD2BB-FC62-4427-81D2-618CF81A2A32}

O42 - Logiciel: Private Information Manager - (.Wave Systems Corp..) [HKLM][64Bits] -- {A90F92B7-3C3F-4AEF-B281-31DD17BB73CA}

O42 - Logiciel: Remote Desktop Connection Manager - (.Microsoft Corporation.) [HKLM][64Bits] -- {173A2B7F-535A-4403-A454-B41531EF0D7F}

O42 - Logiciel: SI TSS - (.Security Innovation.) [HKLM][64Bits] -- {A2309A2F-4BEB-45C8-92E1-84D430AC15AD}

O42 - Logiciel: SPBA (WBF) 5.9 - (.Authentec Inc..) [HKLM][64Bits] -- {DD317AA5-F0EF-480F-9501-507712B5E0B6}

O42 - Logiciel: Shared C Run-time for x64 - (.McAfee.) [HKLM][64Bits] -- {EF79C448-6946-4D71-8134-03407888C054}

O42 - Logiciel: Skype™ 7.1 - (.Skype Technologies S.A..) [HKLM][64Bits] -- {24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}

O42 - Logiciel: TAP-Windows 9.9.2 - (...) [HKLM][64Bits] -- TAP-Windows

O42 - Logiciel: TeamViewer 9 - (.TeamViewer.) [HKLM][64Bits] -- TeamViewer 9

O42 - Logiciel: Trusted Drive Manager - (.Wave Systems Corp..) [HKLM][64Bits] -- {236EBEF4-8DE5-4E0E-8FD0-27D94F772FF0}

O42 - Logiciel: Wave Crypto Runtime 2.0.9.0 x64 - (.Wave Systems Corp.) [HKLM][64Bits] -- {5F160A36-29D0-4AE0-986C-671A564BC0D4}

O42 - Logiciel: Wave Crypto Runtime 2.0.9.0 x86 - (.Wave Systems Corp.) [HKLM][64Bits] -- {29D07FB4-A026-4E1F-B9A2-8C9EC0E2FEBB}

O42 - Logiciel: Wave Infrastructure Installer - (.Wave Systems Corp.) [HKLM][64Bits] -- {90DB5C39-360F-4187-9D56-E3B013CEEF73}

O42 - Logiciel: Wave Support Software Installer - (.Wave Systems Corp.) [HKLM][64Bits] -- {86A9BBDF-9B6D-4E3D-810E-23C9079C6217}

O42 - Logiciel: toolkit32for64bit - (.Wave Systems Corp.) [HKLM][64Bits] -- {CB63285D-990D-4207-AE31-000025626917}

~ Logic: 48 Scanned in 00mn 00s




---\\ HKCU & HKLM Software Keys

[HKCU\Software\Ammyy]

[HKCU\Software\AppDataLow\Software\JavaSoft]

[HKCU\Software\AppDataLow]

[HKCU\Software\AutoHelpDesk]

[HKCU\Software\Classes]

[HKCU\Software\Clients]

[HKCU\Software\CyberLink]

[HKCU\Software\Dell Computer Corporation]

[HKCU\Software\GbAs]

[HKCU\Software\GbPlugin]

[HKCU\Software\Google]

[HKCU\Software\Hewlett-Packard]

[HKCU\Software\IM Providers]

[HKCU\Software\Intel]

[HKCU\Software\IvoSoft]

[HKCU\Software\JEDI-VCL]

[HKCU\Software\JavaSoft]

[HKCU\Software\KasperskyLab]

[HKCU\Software\LogMeIn Ignition]

[HKCU\Software\LogMeIn]

[HKCU\Software\Macromedia]

[HKCU\Software\Marvell]

[HKCU\Software\Mine]

[HKCU\Software\MozillaPlugins]

[HKCU\Software\Mozilla]

[HKCU\Software\Netscape]

[HKCU\Software\Nilings]

[HKCU\Software\ODBC]

[HKCU\Software\Piriform]

[HKCU\Software\Policies]

[HKCU\Software\Realtek]

[HKCU\Software\RegisteredApplications]

[HKCU\Software\Skype]

[HKCU\Software\SlimWare Utilities Inc]

[HKCU\Software\TeamViewer]

[HKCU\Software\Trend Micro]

[HKCU\Software\Trolltech]

[HKCU\Software\Trusteer]

[HKCU\Software\WinRAR SFX]

[HKCU\Software\WinRAR]

[HKCU\Software\Wow6432Node]

[HKCU\Software\ej-technologies]

[HKLM\Software\ATI Technologies]

[HKLM\Software\Axalto]

[HKLM\Software\Classes]

[HKLM\Software\Clients]

[HKLM\Software\Dell Computer Corporation]

[HKLM\Software\Dell]

[HKLM\Software\Hewlett-Packard]

[HKLM\Software\ICE]

[HKLM\Software\IM Providers]

[HKLM\Software\InfoWatch]

[HKLM\Software\Intel]

[HKLM\Software\Khronos]

[HKLM\Software\LogMeIn, Inc.]

[HKLM\Software\LogMeIn]

[HKLM\Software\Macromedia]

[HKLM\Software\Marvell]

[HKLM\Software\MozillaPlugins]

[HKLM\Software\Mozilla]

[HKLM\Software\ODBC]

[HKLM\Software\Piriform]

[HKLM\Software\Policies]

[HKLM\Software\Protector Suite QL]

[HKLM\Software\Protector Suite]

[HKLM\Software\Realtek]

[HKLM\Software\RegisteredApplications]

[HKLM\Software\SRS Labs]

[HKLM\Software\Security Innovation]

[HKLM\Software\Wave Systems Corp.]

[HKLM\Software\Wave Systems Corp]

[HKLM\Software\Wow6432Node\AdwCleaner]

[HKLM\Software\Wow6432Node\Aladdin]

[HKLM\Software\Wow6432Node\Ammyy]

[HKLM\Software\Wow6432Node\AutoHelpDesk]

[HKLM\Software\Wow6432Node\Bematech]

[HKLM\Software\Wow6432Node\Caphyon]

[HKLM\Software\Wow6432Node\Classes]

[HKLM\Software\Wow6432Node\Clients]

[HKLM\Software\Wow6432Node\CyberLink]

[HKLM\Software\Wow6432Node\Dell Inc.]

[HKLM\Software\Wow6432Node\DellBackupandRecovery]

[HKLM\Software\Wow6432Node\Dell]

[HKLM\Software\Wow6432Node\Google]

[HKLM\Software\Wow6432Node\Hewlett-Packard]

[HKLM\Software\Wow6432Node\HewlettPackard]

[HKLM\Software\Wow6432Node\ICE]

[HKLM\Software\Wow6432Node\IM Providers]

[HKLM\Software\Wow6432Node\InfoWatch]

[HKLM\Software\Wow6432Node\Intel]

[HKLM\Software\Wow6432Node\JavaSoft]

[HKLM\Software\Wow6432Node\JreMetrics]

[HKLM\Software\Wow6432Node\KasperskyLab]

[HKLM\Software\Wow6432Node\Khronos]

[HKLM\Software\Wow6432Node\Lake]

[HKLM\Software\Wow6432Node\Macromedia]

[HKLM\Software\Wow6432Node\Malwarebytes' Anti-Malware]

[HKLM\Software\Wow6432Node\McAfee]

[HKLM\Software\Wow6432Node\MozillaPlugins]

[HKLM\Software\Wow6432Node\Mozilla]

[HKLM\Software\Wow6432Node\ODBC]

[HKLM\Software\Wow6432Node\OpenVPN-GUI]

[HKLM\Software\Wow6432Node\Policies]

[HKLM\Software\Wow6432Node\Realtek]

[HKLM\Software\Wow6432Node\RegisteredApplications]

[HKLM\Software\Wow6432Node\Security Innovation]

[HKLM\Software\Wow6432Node\Skype]

[HKLM\Software\Wow6432Node\SlimWare Utilities Inc]

[HKLM\Software\Wow6432Node\SoftThinks]

[HKLM\Software\Wow6432Node\TeamViewer]

[HKLM\Software\Wow6432Node\TrendMicro]

[HKLM\Software\Wow6432Node\Trusteer]

[HKLM\Software\Wow6432Node\VolDellBackupAndRecovery]

[HKLM\Software\Wow6432Node\Wave Systems Corp.]

[HKLM\Software\Wow6432Node\Wave Systems Corp]

[HKLM\Software\Wow6432Node\WinRAR]

[HKLM\Software\Wow6432Node\Windows]

[HKLM\Software\Wow6432Node\mozilla.org]

[HKLM\Software\Wow6432Node\vtapi]

[HKLM\Software\Wow6432Node]

~ Key Software: 239 Scanned in 00mn 00s




---\\ Conteúdo das pastas Programs/ProgramFiles/ProgramData/AppData (O43)

O43 - CFD: 10/06/2014 - 11:26:13 - [] ----D C:\Program Files (x86)\Bematech

O43 - CFD: 06/02/2015 - 08:29:06 - [] ----D C:\Program Files (x86)\Common Files

O43 - CFD: 30/01/2014 - 11:10:51 - [] ----D C:\Program Files (x86)\CyberLink

O43 - CFD: 30/01/2014 - 11:00:54 - [] ----D C:\Program Files (x86)\Dell

O43 - CFD: 03/03/2015 - 07:54:25 - [] ----D C:\Program Files (x86)\Dell Backup and Recovery

O43 - CFD: 20/10/2014 - 07:03:22 - [] ----D C:\Program Files (x86)\GbPlugin

O43 - CFD: 30/01/2014 - 10:58:15 - [] ----D C:\Program Files (x86)\Gemalto

O43 - CFD: 27/01/2015 - 07:31:30 - [] ----D C:\Program Files (x86)\Google

O43 - CFD: 10/06/2014 - 11:41:34 - [] ----D C:\Program Files (x86)\HP

O43 - CFD: 30/01/2014 - 11:11:09 - [] --H-D C:\Program Files (x86)\InstallShield Installation Information

O43 - CFD: 30/01/2014 - 10:56:58 - [] ----D C:\Program Files (x86)\Intel

O43 - CFD: 14/04/2014 - 08:11:57 - [] ----D C:\Program Files (x86)\Internet Explorer

O43 - CFD: 28/01/2015 - 13:46:38 - [] ----D C:\Program Files (x86)\Java

O43 - CFD: 08/08/2014 - 17:39:09 - [] ----D C:\Program Files (x86)\Kaspersky Lab

O43 - CFD: 28/01/2015 - 06:58:42 - [] ----D C:\Program Files (x86)\LogMeIn

O43 - CFD: 29/01/2015 - 10:00:05 - [] ----D C:\Program Files (x86)\Malwarebytes Anti-Malware

O43 - CFD: 30/01/2014 - 11:16:43 - [] ----D C:\Program Files (x86)\Microsoft Office

O43 - CFD: 13/02/2014 - 07:58:39 - [] ----D C:\Program Files (x86)\Microsoft SkyDrive =>.Microsoft Corporation

O43 - CFD: 30/01/2014 - 11:15:53 - [] ----D C:\Program Files (x86)\Microsoft SQL Server Compact Edition

O43 - CFD: 13/02/2014 - 07:57:52 - [] ----D C:\Program Files (x86)\Microsoft.NET

O43 - CFD: 28/01/2015 - 13:46:35 - [] ----D C:\Program Files (x86)\Mozilla Firefox

O43 - CFD: 25/07/2014 - 10:57:18 - [] ----D C:\Program Files (x86)\Mozilla Maintenance Service

O43 - CFD: 30/01/2014 - 10:39:49 - [] ----D C:\Program Files (x86)\MSBuild

O43 - CFD: 10/06/2014 - 15:47:32 - [] ----D C:\Program Files (x86)\OpenVPN

O43 - CFD: 13/02/2014 - 08:27:23 - [] ----D C:\Program Files (x86)\Realtek

O43 - CFD: 30/01/2014 - 10:39:49 - [] ----D C:\Program Files (x86)\Reference Assemblies

O43 - CFD: 09/01/2015 - 10:03:56 - [] ----D C:\Program Files (x86)\Remote Desktop Connection Manager

O43 - CFD: 30/01/2014 - 10:59:32 - [] ----D C:\Program Files (x86)\Security Innovation

O43 - CFD: 06/02/2015 - 08:29:06 - [] R---D C:\Program Files (x86)\Skype

O43 - CFD: 13/02/2014 - 08:21:45 - [] ----D C:\Program Files (x86)\TeamViewer

O43 - CFD: 13/02/2014 - 09:34:42 - [] --H-D C:\Program Files (x86)\Temp

O43 - CFD: 28/01/2015 - 14:11:40 - [] ----D C:\Program Files (x86)\Trend Micro

O43 - CFD: 17/11/2014 - 07:29:09 - [] ----D C:\Program Files (x86)\Windows Defender

O43 - CFD: 30/01/2014 - 11:15:52 - [] ----D C:\Program Files (x86)\Windows Live

O43 - CFD: 26/07/2012 - 07:32:43 - [] ----D C:\Program Files (x86)\Windows Mail =>.Microsoft Corporation

O43 - CFD: 30/01/2014 - 10:46:54 - [] ----D C:\Program Files (x86)\Windows Media Player =>.Microsoft Corporation

O43 - CFD: 26/07/2012 - 05:13:01 - [] ----D C:\Program Files (x86)\Windows Multimedia Platform

O43 - CFD: 26/07/2012 - 05:12:59 - [] ----D C:\Program Files (x86)\Windows NT

O43 - CFD: 30/01/2014 - 16:19:10 - [] ----D C:\Program Files (x86)\Windows Photo Viewer

O43 - CFD: 26/07/2012 - 05:13:01 - [] ----D C:\Program Files (x86)\Windows Portable Devices

O43 - CFD: 26/07/2012 - 05:12:59 - [] -SH-D C:\Program Files (x86)\Windows Sidebar

O43 - CFD: 10/06/2014 - 14:34:19 - [] ----D C:\Program Files (x86)\WinRAR

O43 - CFD: 02/03/2015 - 07:55:21 - [] ----D C:\Program Files (x86)\ZHPDiag =>.Nicolas Coolman

O43 - CFD: 30/01/2014 - 11:07:19 - [] ----D C:\Program Files (x86)\Common Files\CyberLink

O43 - CFD: 13/02/2014 - 07:57:53 - [] ----D C:\Program Files (x86)\Common Files\DESIGNER

O43 - CFD: 10/06/2014 - 11:42:40 - [] ----D C:\Program Files (x86)\Common Files\Hewlett-Packard

O43 - CFD: 10/06/2014 - 11:42:42 - [] ----D C:\Program Files (x86)\Common Files\HP

O43 - CFD: 08/08/2014 - 17:39:10 - [] ----D C:\Program Files (x86)\Common Files\InfoWatch

O43 - CFD: 13/02/2014 - 09:34:32 - [] ----D C:\Program Files (x86)\Common Files\InstallShield

O43 - CFD: 30/01/2014 - 10:32:57 - [] ----D C:\Program Files (x86)\Common Files\Intel

O43 - CFD: 30/01/2014 - 11:08:49 - [] ----D C:\Program Files (x86)\Common Files\Intel Corporation

O43 - CFD: 28/01/2015 - 13:46:06 - [] ----D C:\Program Files (x86)\Common Files\Java

O43 - CFD: 13/02/2014 - 09:30:16 - [] ----D C:\Program Files (x86)\Common Files\Microsoft Shared

O43 - CFD: 26/07/2012 - 05:13:01 - [] ----D C:\Program Files (x86)\Common Files\Services

O43 - CFD: 06/02/2015 - 08:29:06 - [] ----D C:\Program Files (x86)\Common Files\Skype

O43 - CFD: 30/01/2014 - 10:58:29 - [] ----D C:\Program Files (x86)\Common Files\SPBA

O43 - CFD: 26/07/2012 - 07:32:43 - [] ----D C:\Program Files (x86)\Common Files\System

O43 - CFD: 30/01/2014 - 11:13:06 - [] ----D C:\Program Files (x86)\Common Files\Windows Live

O43 - CFD: 26/07/2012 - 04:22:08 - [] -SH-D C:\ProgramData\Application Data

O43 - CFD: 30/01/2014 - 11:06:59 - [] ----D C:\ProgramData\CLSK

O43 - CFD: 30/01/2014 - 11:09:59 - [] ----D C:\ProgramData\CyberLink

O43 - CFD: 13/02/2014 - 07:38:44 - [] -SH-D C:\ProgramData\Dados de Aplicativos

O43 - CFD: 26/07/2012 - 04:22:08 - [] -SH-D C:\ProgramData\Desktop

O43 - CFD: 13/02/2014 - 07:38:44 - [] -SH-D C:\ProgramData\Documentos

O43 - CFD: 26/07/2012 - 04:22:08 - [] -SH-D C:\ProgramData\Documents

O43 - CFD: 03/03/2015 - 07:50:09 - [] ----D C:\ProgramData\GAS Tecnologia

O43 - CFD: 02/03/2015 - 08:14:24 - [] ----D C:\ProgramData\GbPlugin

O43 - CFD: 27/01/2015 - 07:05:23 - [] ----D C:\ProgramData\Hewlett-Packard

O43 - CFD: 10/06/2014 - 11:11:51 - [] ----D C:\ProgramData\HP

O43 - CFD: 10/06/2014 - 11:14:45 - [] ----D C:\ProgramData\HPSSUPPLY

O43 - CFD: 30/01/2014 - 11:10:09 - [] ----D C:\ProgramData\install_clap

O43 - CFD: 13/02/2014 - 07:48:54 - [] ----D C:\ProgramData\Intel

O43 - CFD: 03/03/2015 - 12:48:40 - [] ----D C:\ProgramData\Kaspersky Lab

O43 - CFD: 03/03/2015 - 07:54:30 - [] ----D C:\ProgramData\LogMeIn

O43 - CFD: 28/01/2015 - 13:16:45 - [] ----D C:\ProgramData\Malwarebytes

O43 - CFD: 11/06/2014 - 09:45:22 - [] ----D C:\ProgramData\McAfee

O43 - CFD: 13/02/2014 - 07:38:44 - [] -SH-D C:\ProgramData\Menu Iniciar

O43 - CFD: 02/03/2015 - 08:12:13 - [] -S--D C:\ProgramData\Microsoft

O43 - CFD: 13/02/2014 - 07:58:30 - [] ----D C:\ProgramData\Microsoft SkyDrive =>.Microsoft Corporation

O43 - CFD: 13/02/2014 - 07:38:44 - [] -SH-D C:\ProgramData\Modelos

O43 - CFD: 25/07/2014 - 10:57:17 - [] ----D C:\ProgramData\Mozilla

O43 - CFD: 28/01/2015 - 13:47:01 - [] ----D C:\ProgramData\Oracle

O43 - CFD: 13/02/2014 - 07:48:06 - [] ----D C:\ProgramData\PRICache

O43 - CFD: 24/02/2015 - 08:03:19 - [] ----D C:\ProgramData\regid.1991-06.com.microsoft

O43 - CFD: 30/01/2014 - 10:59:32 - [] ----D C:\ProgramData\Security Innovation

O43 - CFD: 06/02/2015 - 08:29:09 - [] ----D C:\ProgramData\Skype

O43 - CFD: 07/03/2014 - 11:07:49 - [] ----D C:\ProgramData\softthinks

O43 - CFD: 26/07/2012 - 04:22:08 - [] -SH-D C:\ProgramData\Start Menu

O43 - CFD: 10/06/2014 - 13:52:57 - [] ----D C:\ProgramData\Sun

O43 - CFD: 16/06/2014 - 17:20:41 - [] ----D C:\ProgramData\Temp

O43 - CFD: 26/07/2012 - 04:22:08 - [] -SH-D C:\ProgramData\Templates

O43 - CFD: 12/08/2014 - 09:43:35 - [] ----D C:\ProgramData\Trusteer

O43 - CFD: 30/01/2014 - 11:06:30 - [] ----D C:\ProgramData\Wave Systems Corp

O43 - CFD: 26/07/2012 - 05:13:01 - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessibility

O43 - CFD: 17/10/2014 - 17:36:02 - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories

O43 - CFD: 17/02/2014 - 16:48:33 - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools

O43 - CFD: 10/06/2014 - 11:26:15 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bematech WinMFD2

O43 - CFD: 30/01/2014 - 11:10:59 - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink Media Suite

O43 - CFD: 30/01/2014 - 11:12:06 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell

O43 - CFD: 27/01/2015 - 07:31:38 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome

O43 - CFD: 10/06/2014 - 11:42:25 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP

O43 - CFD: 30/01/2014 - 10:56:59 - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel

O43 - CFD: 28/01/2015 - 13:45:53 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java

O43 - CFD: 26/07/2012 - 05:13:01 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance

O43 - CFD: 29/01/2015 - 10:00:05 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware

O43 - CFD: 13/02/2014 - 07:55:55 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013

O43 - CFD: 10/06/2014 - 17:28:31 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenVPN

O43 - CFD: 06/02/2015 - 08:29:07 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype

O43 - CFD: 13/06/2014 - 10:21:12 - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StartUp

O43 - CFD: 30/01/2014 - 16:19:11 - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools

O43 - CFD: 26/07/2012 - 07:34:39 - [0] R-H-D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tablet PC

O43 - CFD: 10/06/2014 - 15:47:28 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TAP-Windows

O43 - CFD: 10/06/2014 - 11:25:34 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR

O43 - CFD: 02/03/2015 - 07:55:22 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZHP =>.Nicolas Coolman

O43 - CFD: 13/02/2014 - 07:46:16 - [] ----D C:\Users\asafer\AppData\Roaming\Adobe

O43 - CFD: 24/05/2014 - 09:40:14 - [] ----D C:\Users\asafer\AppData\Roaming\Easeware

O43 - CFD: 19/02/2014 - 08:25:45 - [] ----D C:\Users\asafer\AppData\Roaming\HP

O43 - CFD: 13/02/2014 - 07:50:33 - [] ----D C:\Users\asafer\AppData\Roaming\Intel Corporation

O43 - CFD: 13/02/2014 - 07:46:17 - [] ----D C:\Users\asafer\AppData\Roaming\Macromedia

O43 - CFD: 12/01/2015 - 09:39:36 - [] -S--D C:\Users\asafer\AppData\Roaming\Microsoft

O43 - CFD: 25/07/2014 - 10:57:29 - [] ----D C:\Users\asafer\AppData\Roaming\Mozilla

O43 - CFD: 03/03/2015 - 12:49:50 - [] ----D C:\Users\asafer\AppData\Roaming\Skype

O43 - CFD: 12/01/2015 - 08:46:31 - [] ----D C:\Users\asafer\AppData\Roaming\TeamViewer

O43 - CFD: 24/05/2014 - 09:55:57 - [] ----D C:\Users\asafer\AppData\Roaming\WinRAR

O43 - CFD: 03/03/2015 - 13:34:52 - [] ----D C:\Users\asafer\AppData\Roaming\ZHP =>.Nicolas Coolman

O43 - CFD: 13/02/2014 - 08:31:21 - [] ----D C:\Users\asafer\AppData\Local\Apps

O43 - CFD: 13/02/2014 - 07:45:06 - [] -SH-D C:\Users\asafer\AppData\Local\Dados de Aplicativos

O43 - CFD: 27/01/2015 - 07:29:50 - [0] ----D C:\Users\asafer\AppData\Local\Deployment

O43 - CFD: 19/02/2015 - 08:53:13 - [0] ----D C:\Users\asafer\AppData\Local\Diagnostics

O43 - CFD: 04/02/2015 - 07:09:03 - [] ----D C:\Users\asafer\AppData\Local\ElevatedDiagnostics

O43 - CFD: 16/06/2014 - 17:20:50 - [] ----D C:\Users\asafer\AppData\Local\GAS Tecnologia

O43 - CFD: 13/02/2014 - 08:33:37 - [] ----D C:\Users\asafer\AppData\Local\Google

O43 - CFD: 13/02/2014 - 07:45:06 - [] -SH-D C:\Users\asafer\AppData\Local\Histórico

O43 - CFD: 17/02/2014 - 16:22:41 - [] ----D C:\Users\asafer\AppData\Local\LogMeIn

O43 - CFD: 25/04/2014 - 15:14:43 - [] ----D C:\Users\asafer\AppData\Local\LogMeInIgnition

O43 - CFD: 02/12/2014 - 14:54:59 - [] ----D C:\Users\asafer\AppData\Local\Microsoft

O43 - CFD: 09/01/2015 - 10:05:40 - [] ----D C:\Users\asafer\AppData\Local\Microsoft Corporation

O43 - CFD: 06/10/2014 - 14:16:39 - [] ----D C:\Users\asafer\AppData\Local\Microsoft Help

O43 - CFD: 25/07/2014 - 10:57:23 - [] ----D C:\Users\asafer\AppData\Local\Mozilla

O43 - CFD: 03/03/2015 - 10:24:30 - [] ----D C:\Users\asafer\AppData\Local\Packages

O43 - CFD: 13/02/2014 - 07:51:23 - [] ----D C:\Users\asafer\AppData\Local\Power2Go8

O43 - CFD: 12/06/2014 - 11:16:51 - [] ----D C:\Users\asafer\AppData\Local\Programs

O43 - CFD: 13/02/2014 - 08:09:39 - [] ----D C:\Users\asafer\AppData\Local\Skype

O43 - CFD: 24/05/2014 - 09:48:36 - [] ----D C:\Users\asafer\AppData\Local\SlimWare Utilities Inc

O43 - CFD: 03/03/2015 - 13:30:45 - [] ----D C:\Users\asafer\AppData\Local\Temp

O43 - CFD: 13/02/2014 - 07:45:06 - [] -SH-D C:\Users\asafer\AppData\Local\Temporary Internet Files

O43 - CFD: 12/08/2014 - 09:49:34 - [] ----D C:\Users\asafer\AppData\Local\Trusteer

O43 - CFD: 01/12/2014 - 15:38:23 - [] ----D C:\Users\asafer\AppData\Local\VirtualStore

O43 - CFD: 08/08/2014 - 17:44:05 - [] ----D C:\Users\asafer\AppData\Local\Wave Systems Corp

O43 - CFD: 30/01/2014 - 16:19:11 - [] R---D C:\Users\asafer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility

O43 - CFD: 26/07/2012 - 05:13:00 - [] R---D C:\Users\asafer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories

O43 - CFD: 12/12/2014 - 06:55:18 - [] R---D C:\Users\asafer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools

O43 - CFD: 28/01/2015 - 14:11:40 - [] ----D C:\Users\asafer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HiJackThis

O43 - CFD: 26/07/2012 - 05:13:00 - [] ----D C:\Users\asafer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance

O43 - CFD: 29/01/2015 - 09:59:52 - [] R---D C:\Users\asafer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup

O43 - CFD: 30/01/2014 - 16:19:11 - [] R---D C:\Users\asafer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools

O43 - CFD: 10/06/2014 - 11:25:34 - [] ----D C:\Users\asafer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR

~ Program Folder: 157 Scanned in 00mn 00s




---\\ Últimos ficheiros alterados ou criados no Windows e Sistema32 (044)

O44 - LFC:[MD5.B910B8D5B394394D512F200998E4B10D] - 02/03/2015 - 08:10:55 ---A- . (...) -- C:\PhysicalDisk0_MBR.bin [512]

O44 - LFC:[MD5.415D8F6FA68462DA969ED4BDCDB2FACC] - 02/03/2015 - 08:18:28 ---A- . (...) -- C:\Windows\System32\PerfStringBackup.INI [1769104]

O44 - LFC:[MD5.254D53F86743C3AB5E1DCA8BC9EB6A7B] - 02/03/2015 - 08:18:28 ---A- . (...) -- C:\Windows\System32\perfc009.dat [132952]

O44 - LFC:[MD5.BEC97069D4EE3F668DFEF3C7A953526E] - 02/03/2015 - 08:18:28 ---A- . (...) -- C:\Windows\System32\perfh009.dat [711084]

O44 - LFC:[MD5.3B91920FA8EAD62F8584926C65FC76EE] - 02/03/2015 - 08:18:28 ---A- . (...) -- C:\Windows\System32\prfc0416.dat [154946]

O44 - LFC:[MD5.EE8C20483A6E94A92E77A8227662CB9D] - 02/03/2015 - 08:18:28 ---A- . (...) -- C:\Windows\System32\prfh0416.dat [763656]

O44 - LFC:[MD5.95FCB84CE77B75743B4FEA2574129E7A] - 03/03/2015 - 11:35:31 ---A- . (...) -- C:\BemaFI32-20150303.log [19243]

O44 - LFC:[MD5.0BA675CFC482C013FD65CE4120794C45] - 03/03/2015 - 13:09:19 ---A- . (...) -- C:\Windows\WindowsUpdate.log [1103676]

O44 - LFC:[MD5.0E71FAED99892750DFE1C5237A6F8FE6] - 17/02/2015 - 07:06:58 ---A- . (.Kaspersky Lab ZAO - KNEPS Power [fre_wnet_amd64].) -- C:\Windows\System32\Drivers\kneps.sys [177864]

O44 - LFC:[MD5.0FB1BBE9E3B635BF2FA268C6EBD82738] - 25/02/2015 - 09:54:17 ---A- . (.Microsoft Corporation - Windows Globalization.) -- C:\Windows\System32\Windows.Globalization.dll [951808]

O44 - LFC:[MD5.65CE473E4368E67D6EDB5D86646C08F3] - 25/02/2015 - 09:54:19 ---A- . (...) -- C:\Windows\System32\locale.nls [478296]

O44 - LFC:[MD5.9BC00C5608BF75BEAE893814A3AEC2AD] - 27/02/2015 - 10:38:57 ---A- . (.Microsoft Corporation - Microsoft ASP.NET Performance Counter Shim.) -- C:\Windows\System32\aspnet_counters.dll [29888]

~ Files: 12 Scanned in 00mn 02s




---\\ Negação do serviço (Local Security Authority) (048)

O48 - LSA:Local Security Authority Authentication Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\Windows\System32\msv1_0.dll

O48 - LSA:Local Security Authority Authentication Packages . (.Wave Systems Corp. - Authentication Package.) -- C:\Windows\System32\wvauth.dll

O48 - LSA:Local Security Authority Notification Packages . (.Microsoft Corporation - Mecanismo cliente do 'Editor de configuração de segurança Windows'.) -- C:\Windows\System32\scecli.dll

O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Pacote de Segurança Kerberos.) -- C:\Windows\System32\kerberos.dll

O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\Windows\System32\msv1_0.dll

O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Provedor de Segurança TLS/SSL.) -- C:\Windows\System32\schannel.dll

O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Digest Access.) -- C:\Windows\System32\wdigest.dll

O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Web Service Security Package.) -- C:\Windows\System32\tspkg.dll

O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Pku2u Security Package.) -- C:\Windows\System32\pku2u.dll

O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Live Security Package.) -- C:\Windows\System32\livessp.dll

~ LSA: 10 Scanned in 00mn 00s




---\\ Controlo do Modo de Segurança (CSB) (49)

O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\BasicDisplay.sys . (.Microsoft Corporation - Microsoft Basic Display Driver.) -- C:\Windows\System32\Drivers\BasicDisplay.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\BasicRender.sys . (.Microsoft Corporation - Microsoft Basic Render Driver.) -- C:\Windows\System32\Drivers\BasicRender.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\dxgkrnl.sys . (.Microsoft Corporation - DirectX Graphics Kernel.) -- C:\Windows\System32\Drivers\dxgkrnl.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\FsDepends.sys . (.Microsoft Corporation - File System Dependency Manager Mini Filter Driver.) -- C:\Windows\System32\Drivers\FsDepends.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sermouse.sys . (.Microsoft Corporation - Driver de porta de mouse serial.) -- C:\Windows\System32\Drivers\sermouse.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\System32\Drivers\volmgr.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgrx.sys . (.Microsoft Corporation - Driver de Extensão do Gerenciador de Volumes.) -- C:\Windows\System32\Drivers\volmgrx.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\BasicDisplay.sys . (.Microsoft Corporation - Microsoft Basic Display Driver.) -- C:\Windows\System32\Drivers\BasicDisplay.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\BasicRender.sys . (.Microsoft Corporation - Microsoft Basic Render Driver.) -- C:\Windows\System32\Drivers\BasicRender.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\dxgkrnl.sys . (.Microsoft Corporation - DirectX Graphics Kernel.) -- C:\Windows\System32\Drivers\dxgkrnl.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\FsDepends.sys . (.Microsoft Corporation - File System Dependency Manager Mini Filter Driver.) -- C:\Windows\System32\Drivers\FsDepends.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ipnat.sys . (.Microsoft Corporation - IP Network Address Translator.) -- C:\Windows\System32\Drivers\ipnat.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\nsiproxy.sys . (.Microsoft Corporation - NSI Proxy.) -- C:\Windows\System32\Drivers\nsiproxy.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpencdd.sys . (...) -- C:\Windows\System32\Drivers\rdpencdd.sys (.not file.)

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sermouse.sys . (.Microsoft Corporation - Driver de porta de mouse serial.) -- C:\Windows\System32\Drivers\sermouse.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\System32\Drivers\volmgr.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgrx.sys . (.Microsoft Corporation - Driver de Extensão do Gerenciador de Volumes.) -- C:\Windows\System32\Drivers\volmgrx.sys

~ CSB: 17 Scanned in 00mn 00s




---\\ Chave do registo Shell MountPoints2 (MPSK) (O51)

O51 - MPSK:{2c3ad892-d6ce-11e3-be83-74867afd44c9}\AutoRun\command. (...) -- E:\SISetup.exe (.not file.)

~ Keys: Scanned in 00mn 00s




---\\ Pesquisa de infeções nos drivers (HKLM)(TDSD) (O52)

O52 - TDSD: \Drivers32\"msacm.l3acm"="C:\Windows\System32\l3codeca.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm

O52 - TDSD: \drivers.desc\"C:\Windows\System32\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm

~ TDSD: 2 Scanned in 00mn 00s




---\\ Enumeração das chaves do registo SecurityProviders (MCSP) (O54)

O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\Windows\System32\credssp.dll

O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\Windows\System32\credssp.dll

~ MSCP: 2 Scanned in 00mn 00s




---\\ Enumeração das chaves do registo PoliciesSystem (MWPS) (O55)

O55 - MWPS:[HKLM\...\Policies\System] - "EnableVirtualization"=1

O55 - MWPS:[HKLM\...\Policies\System] - "EnableInstallerDetection"=1

O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=0

O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=0

O55 - MWPS:[HKLM\...\Policies\System] - "EnableSecureUIAPaths"=1

O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorAdmin"=0

O55 - MWPS:[HKLM\...\Policies\System] - "ValidateAdminCodeSignatures"=0

O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0

O55 - MWPS:[HKLM\...\Policies\System] - "EnableCursorSuppression"=1

O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorUser"=3

O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0

O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"=0

O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"=0

O55 - MWPS:[HKLM\...\Policies\System] - "scforceoption"=0

O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1

O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1

O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0

O55 - MWPS:[HKLM\...\Policies\System] - "DisableCAD"=1

O55 - MWPS:[HKCU\...\Policies\System] - "DisableRegistryTools"=0

O55 - MWPS:[HKCU\...\Policies\System] - "DisableTaskMgr"=0

~ MWPS: 20 Scanned in 00mn 00s




---\\ Enumeração das chaves do registo PoliciesExplorer (MWPE) (O56)

O56 - MWPE:[HKLM\...\policies\Explorer] - "ForceActiveDesktopOn"=0

O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktopChanges"=1

O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktop"=1

O56 - MWPE:[HKLM\...\policies\Explorer] - "NoDriveTypeAutoRun"=28

~ MWPE Keys: 4 Scanned in 00mn 00s




---\\ Lista dos drivers do sistema (SDL) (O58)

O58 - SDL:26/07/2012 - 02:00:49 ---A- . (.LSI - LSI 3ware SCSI Storport Driver.) -- C:\Windows\System32\Drivers\3ware.sys [106736]

O58 - SDL:26/07/2012 - 02:00:49 ---A- . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) -- C:\Windows\System32\Drivers\adp94xx.sys [492272]

O58 - SDL:26/07/2012 - 02:00:48 ---A- . (.Adaptec, Inc. - Adaptec Windows SATA Storport Driver.) -- C:\Windows\System32\Drivers\adpahci.sys [340720]

O58 - SDL:26/07/2012 - 02:00:49 ---A- . (.Adaptec, Inc. - Adaptec StorPort Ultra320 SCSI Driver (X64).) -- C:\Windows\System32\Drivers\adpu320.sys [184048]

O58 - SDL:26/07/2012 - 02:00:49 ---A- . (.Advanced Micro Devices - AHCI 1.2 Device Driver.) -- C:\Windows\System32\Drivers\amdsata.sys [76016]

O58 - SDL:26/07/2012 - 02:00:49 ---A- . (.AMD Technologies Inc. - AMD Technology AHCI Compatible Controller Driver for Windows -.) -- C:\Windows\System32\Drivers\amdsbs.sys [258288]

O58 - SDL:26/07/2012 - 02:00:48 ---A- . (.Advanced Micro Devices - Storage Filter Driver.) -- C:\Windows\System32\Drivers\amdxata.sys [26352]

O58 - SDL:26/07/2012 - 02:00:49 ---A- . (.PMC-Sierra, Inc. - Adaptec RAID Storport Driver.) -- C:\Windows\System32\Drivers\arc.sys [104688]

O58 - SDL:26/07/2012 - 02:00:48 ---A- . (.PMC-Sierra, Inc. - Adaptec SAS RAID WS03 Driver.) -- C:\Windows\System32\Drivers\arcsas.sys [108272]

O58 - SDL:20/09/2012 - 04:55:24 ---A- . (.Broadcom Corporation - Broadcom NetXtreme II GigE VBD.) -- C:\Windows\System32\Drivers\bxvbda.sys [533224]

O58 - SDL:25/06/2012 - 09:24:50 ---A- . (.CyberLink - It is a virtual device driver which could create multiple virtu.) -- C:\Windows\System32\Drivers\CLVirtualDrive.sys [92536]

O58 - SDL:10/12/2012 - 15:14:54 ---A- . (.Infowatch - Cryptographic Algorithm Lib Driver..) -- C:\Windows\System32\Drivers\CSCrySec.sys [98064]

O58 - SDL:10/12/2012 - 15:14:54 ---A- . (.Infowatch - Virtual Volume Container Driver (wnet).) -- C:\Windows\System32\Drivers\CSVirtualDiskDrv.sys [67344]

O58 - SDL:23/09/2012 - 02:18:58 ---A- . (.Dell Inc. - Dell BASE Device Driver.) -- C:\Windows\System32\Drivers\dcdbas64.sys [39016]

O58 - SDL:19/10/2012 - 04:52:32 ---A- . (.Windows ® Win 7 DDK provider - IEEE-1284.4-1999 Driver.) -- C:\Windows\System32\Drivers\Dot4.sys [151968]

O58 - SDL:19/10/2012 - 04:52:30 ---A- . (.Windows ® Win 7 DDK provider - IEEE-1284.4 Print Class Driver.) -- C:\Windows\System32\Drivers\Dot4Prt.sys [27040]

O58 - SDL:24/09/2012 - 17:36:30 ---A- . (.Intel Corporation - Intel® Gigabit Adapter NDIS 6.x driver.) -- C:\Windows\System32\Drivers\e1c63x64.sys [452432]

O58 - SDL:20/09/2012 - 04:55:27 ---A- . (.Broadcom Corporation - Broadcom NetXtreme II 10 GigE VBD.) -- C:\Windows\System32\Drivers\evbda.sys [3265256]

O58 - SDL:26/07/2012 - 02:00:52 ---A- . (.Hewlett-Packard Company - Smart Array SAS/SATA Controller Media Driver.) -- C:\Windows\System32\Drivers\HpSAMD.sys [64752]

O58 - SDL:02/09/2012 - 15:01:56 ---A- . (.Intel Corporation - Intel Rapid Storage Technology driver - x64.) -- C:\Windows\System32\Drivers\iaStorA.sys [647736]

O58 - SDL:26/07/2012 - 02:00:52 ---A- . (.Intel Corporation - Intel Matrix Storage Manager driver - x64.) -- C:\Windows\System32\Drivers\iaStorV.sys [411888]

O58 - SDL:07/08/2012 - 23:58:56 ---A- . (.Intel Corporation - Intel Graphics Kernel Mode Driver.) -- C:\Windows\System32\Drivers\igdkmd64.sys [8987456]

O58 - SDL:26/07/2012 - 02:00:52 ---A- . (.Intel Corp./ICP vortex GmbH - Intel/ICP Raid Storport Driver.) -- C:\Windows\System32\Drivers\iirsp.sys [45296]

O58 - SDL:19/06/2012 - 12:40:50 ---A- . (.Intel® Corporation - Intel® Display Audio Driver.) -- C:\Windows\System32\Drivers\IntcDAud.sys [342528]

O58 - SDL:15/08/2012 - 09:57:12 ---A- . (.Intel Corporation - Intel® Network Adapter Diagnostic Driver.) -- C:\Windows\System32\Drivers\iqvw64e.sys [33616]

O58 - SDL:11/08/2014 - 10:53:59 ---A- . (.Kaspersky Lab ZAO - Kaspersky Unified Driver.) -- C:\Windows\System32\Drivers\kl1.sys [458336]

O58 - SDL:04/12/2013 - 19:26:50 ---A- . (.Kaspersky Lab - Klelam Mini-Filter [fre_win8_x64].) -- C:\Windows\System32\Drivers\klelam.sys [29792]

O58 - SDL:11/08/2014 - 10:54:00 ---A- . (.Kaspersky Lab ZAO - Filter Core [fre_win8_x64].) -- C:\Windows\System32\Drivers\klflt.sys [92768]

O58 - SDL:11/08/2014 - 10:54:01 ---A- . (.Kaspersky Lab ZAO - Klif Mini-Filter [fre_win8_x64].) -- C:\Windows\System32\Drivers\klif.sys [627264]

O58 - SDL:11/08/2014 - 10:54:01 ---A- . (.Kaspersky Lab ZAO - Kaspersky Lab Intermediate Network Driver.) -- C:\Windows\System32\Drivers\klim6.sys [30304]

O58 - SDL:04/12/2013 - 19:26:50 ---A- . (.Kaspersky Lab ZAO - KLKBDFLT Keyboard Device Filter [fre_win8_x64].) -- C:\Windows\System32\Drivers\klkbdflt.sys [29280]

O58 - SDL:04/12/2013 - 19:26:50 ---A- . (.Kaspersky Lab ZAO - KLMOUFLT Mouse Device Filter [fre_win8_x64].) -- C:\Windows\System32\Drivers\klmouflt.sys [29280]

O58 - SDL:04/12/2013 - 19:26:50 ---A- . (.Kaspersky Lab ZAO - Network filtering component.) -- C:\Windows\System32\Drivers\klwfp.sys [50448]

O58 - SDL:17/02/2015 - 07:06:58 ---A- . (.Kaspersky Lab ZAO - KNEPS Power [fre_wnet_amd64].) -- C:\Windows\System32\Drivers\kneps.sys [177864]

O58 - SDL:07/02/2014 - 16:29:20 ---A- . (.LogMeIn, Inc. - LogMeIn Mirror Miniport Driver.) -- C:\Windows\System32\Drivers\lmimirr.sys [11552]

O58 - SDL:07/02/2014 - 16:29:38 ---A- . (.LogMeIn, Inc. - LogMeIn Rfs Drivemap Driver.) -- C:\Windows\System32\Drivers\LMIRfsDriver.sys [72216]

O58 - SDL:26/07/2012 - 02:00:52 ---A- . (.LSI Corporation - LSI Fusion-MPT SAS Driver (StorPort).) -- C:\Windows\System32\Drivers\lsi_sas.sys [108784]

O58 - SDL:26/07/2012 - 02:00:52 ---A- . (.LSI Corporation - LSI SAS Gen2 Driver (StorPort).) -- C:\Windows\System32\Drivers\lsi_sas2.sys [92400]

O58 - SDL:26/07/2012 - 02:00:52 ---A- . (.LSI Corporation - LSI Fusion-MPT SCSI Driver (StorPort).) -- C:\Windows\System32\Drivers\lsi_scsi.sys [116976]

O58 - SDL:26/07/2012 - 02:00:52 ---A- . (.LSI Corporation - LSI SSS PCIe/Flash Driver (StorPort).) -- C:\Windows\System32\Drivers\lsi_sss.sys [81136]

O58 - SDL:21/11/2014 - 05:14:08 ---A- . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Windows\System32\Drivers\mbam.sys [25816]

O58 - SDL:21/11/2014 - 05:14:12 ---A- . (.Malwarebytes Corporation - Malwarebytes Chameleon Protection Driver.) -- C:\Windows\System32\Drivers\mbamchameleon.sys [93400]

O58 - SDL:11/02/2015 - 12:36:37 ---A- . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Windows\System32\Drivers\MBAMSwissArmy.sys [129752]

O58 - SDL:26/07/2012 - 02:00:52 ---A- . (.LSI Corporation - MEGASAS RAID Controller Driver for Windows.) -- C:\Windows\System32\Drivers\megasas.sys [51952]

O58 - SDL:26/07/2012 - 02:00:52 ---A- . (.LSI Corporation, Inc. - LSI MegaRAID Software RAID Driver.) -- C:\Windows\System32\Drivers\MegaSR.sys [353008]

O58 - SDL:26/07/2012 - 02:00:55 ---A- . (.Marvell Semiconductor, Inc. - Marvell Flash Controller Driver.) -- C:\Windows\System32\Drivers\mvumis.sys [64240]

O58 - SDL:05/03/2010 - 20:41:05 ---A- . (.Marvell Semiconductor, Inc. - USB EWS Device Driver.) -- C:\Windows\System32\Drivers\mvusbews.sys [20480]

O58 - SDL:21/11/2014 - 05:14:26 ---A- . (.Malwarebytes Corporation - Malwarebytes Web Access Control.) -- C:\Windows\System32\Drivers\mwac.sys [64216]

O58 - SDL:26/07/2012 - 02:00:55 ---A- . (.IBM Corporation - IBM ServeRAID Controller Driver.) -- C:\Windows\System32\Drivers\nfrd960.sys [52464]

O58 - SDL:26/07/2012 - 02:00:55 ---A- . (.NVIDIA Corporation - NVIDIA® nForce RAID Driver.) -- C:\Windows\System32\Drivers\nvraid.sys [150256]

O58 - SDL:26/07/2012 - 02:00:55 ---A- . (.NVIDIA Corporation - NVIDIA® nForce Sata Performance Driver.) -- C:\Windows\System32\Drivers\nvstor.sys [168176]

O58 - SDL:18/12/2008 - 23:23:30 ---A- . (.Windows ® Codename Longhorn DDK provider - Serial Device Driver.) -- C:\Windows\System32\Drivers\PciIsaSerial.sys [68608]

O58 - SDL:23/07/2009 - 04:07:36 ---A- . (.No owner - Parallel driver for PCI Parallel Port..) -- C:\Windows\System32\Drivers\PciPPorts.sys [96768]

O58 - SDL:18/12/2008 - 23:25:34 ---A- . (.No owner - Serial driver for PCI Serial Port..) -- C:\Windows\System32\Drivers\PciSPorts.sys [122880]

O58 - SDL:24/04/2014 - 15:44:44 ---A- . (.The OpenVPN Project - TAP-Windows Virtual Network Driver (NDIS 6.0).) -- C:\Windows\System32\Drivers\ptun0901.sys [27136]

O58 - SDL:26/07/2012 - 05:11:43 ---A- . (.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) -- C:\Windows\System32\Drivers\secdrv.sys [23040]

O58 - SDL:26/07/2012 - 02:00:55 ---A- . (.Silicon Integrated Systems Corp. - SiS RAID Stor Miniport Driver.) -- C:\Windows\System32\Drivers\sisraid2.sys [44784]

O58 - SDL:26/07/2012 - 02:00:56 ---A- . (.Silicon Integrated Systems - SiS AHCI Stor-Miniport Driver.) -- C:\Windows\System32\Drivers\sisraid4.sys [81648]

O58 - SDL:22/01/2014 - 07:52:10 ---A- . (.DEVGURU Co., LTD.(www.devguru.co.kr) - SAMSUNG USB Composite Device Driver (MSS Ver.3).) -- C:\Windows\System32\Drivers\ssudbus.sys [108800]

O58 - SDL:22/01/2014 - 07:52:10 ---A- . (.DEVGURU Co., LTD.(www.devguru.co.kr) - SAMSUNG Android Modem Device Driver (MSS Ver.3).) -- C:\Windows\System32\Drivers\ssudmdm.sys [206080]

O58 - SDL:26/07/2012 - 02:00:55 ---A- . (.Promise Technology, Inc. - Promise SuperTrak EX Series Driver for Windows x64.) -- C:\Windows\System32\Drivers\stexstor.sys [30960]

O58 - SDL:24/05/2014 - 09:48:37 ---A- . (...) -- C:\Windows\System32\Drivers\SWDUMon.sys [16152]

O58 - SDL:22/08/2013 - 09:40:24 ---A- . (.The OpenVPN Project - TAP-Windows Virtual Network Driver.) -- C:\Windows\System32\Drivers\tap0901.sys [40664]

O58 - SDL:26/07/2012 - 02:00:58 ---A- . (.VIA Technologies, Inc. - VIA Generic PCI IDE Bus Driver.) -- C:\Windows\System32\Drivers\viaide.sys [19184]

O58 - SDL:26/07/2012 - 02:00:58 ---A- . (.VIA Technologies Inc.,Ltd - VIA RAID DRIVER FOR AMD-X86-64.) -- C:\Windows\System32\Drivers\vsmraid.sys [164080]

O58 - SDL:26/07/2012 - 02:00:58 ---A- . (.VIA Corporation - VIA StorX RAID Controller Driver.) -- C:\Windows\System32\Drivers\VSTXRAID.SYS [322800]

~ Drivers: 66 Scanned in 00mn 01s




---\\ Últimos ficheiros alterados ou criados (Utilizador) (061)

O61 - LFC: 02/03/2015 - 13:35:03 ---A- . (.Nicolas Coolman.) -- C:\Users\asafer\Downloads\ZHPDiag2.exe [6876249] =>.Nicolas Coolman

O61 - LFC: 03/03/2015 - 13:35:00 ---A- . (.GAS Tecnologia.) -- C:\Users\asafer\AppData\Local\Temp\GAS Tecnologia\GBBD\warsaw_setup.exe [962592]

O61 - LFC: 25/02/2015 - 13:35:00 ---A- . (...) -- C:\Users\asafer\AppData\Local\Microsoft\Windows\1046\StructuredQuerySchema.bin [339470]

O61 - LFC: 25/02/2015 - 13:35:03 ---A- . (.Thisisu.) -- C:\Users\asafer\Downloads\JRT.exe [1388274]

~ 11 Fichiers temporaires (Temporary files)

~ 13 Fichiers cookies (Cookies files)

~ Files: 4 Scanned in 00mn 03s




---\\ Lista das ferramentas de remoção de vírus (LAT) (063)

O63 - Logiciel: ZHPDiag 2015 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =>.Nicolas Coolman

O63 - Logiciel: HiJackThis - (.Trend Micro.) [HKLM] -- {45A66726-69BC-466B-A7A4-12FCBA4883D7}

~ ADS: Scanned in 00mn 00s




---\\ Associações Shell Spawning (O67)

O67 - Shell Spawning: <.bat> <batfile>[HKLM\..\open\Command] (...) -- "%1" %*

O67 - Shell Spawning: <.cpl> <cplfile>[HKLM\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe =>.Microsoft Corporation

O67 - Shell Spawning: <.cmd> <cmdfile>[HKLM\..\open\Command] (...) -- "%1" %*

O67 - Shell Spawning: <.com> <comfile>[HKLM\..\open\Command] (...) -- "%1" %*

O67 - Shell Spawning: <.evt> <evtfile>[HKLM\..\open\Command] (.Microsoft Corporation - Iniciador do snap-in de 'Visualizar eventos'.) -- C:\Windows\System32\eventvwr.exe

O67 - Shell Spawning: <.exe> <exefile>[HKLM\..\open\Command] (...) -- "%1" %*

O67 - Shell Spawning: <.html> <htmlfile>[HKLM\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe

O67 - Shell Spawning: <.js> <JSFile>[HKLM\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\WScript.exe

O67 - Shell Spawning: <.reg> <regfile>[HKLM\..\open\Command] (.Microsoft Corporation - Editor do Registro.) -- C:\Windows\regedit.exe

O67 - Shell Spawning: <.scr> <scrfile>[HKLM\..\open\Command] (...) -- "%1" /S

~ FASS Keys: 10 Scanned in 00mn 00s




---\\ Menu de inicialização Internet (068)

O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe

O68 - StartMenuInternet: <Google Chrome> <Google Chrome>[HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe

~ Keys: Scanned in 00mn 00s




---\\ Listagem dos serviços iniciados pelo Svchost (SSS) (O83)

O83 - Search Svchost Services: AeLookupSvc (AeLookupSvc) . (.Microsoft Corporation - Serviço de Experiência com Aplicativo.) -- C:\Windows\System32\aelupsvc.dll [190976]

O83 - Search Svchost Services: CertPropSvc (CertPropSvc) . (.Microsoft Corporation - Serviço de Propagação de Certificado de Cartão Inteligente da Microsof.) -- C:\Windows\System32\certprop.dll [149504]

O83 - Search Svchost Services: SCPolicySvc (SCPolicySvc) . (.Microsoft Corporation - Serviço de Propagação de Certificado de Cartão Inteligente da Microsof.) -- C:\Windows\System32\certprop.dll [149504]

O83 - Search Svchost Services: lanmanserver (lanmanserver) . (.Microsoft Corporation - DLL de Serviço do Servidor.) -- C:\Windows\System32\srvsvc.dll [305664]

O83 - Search Svchost Services: gpsvc (gpsvc) . (.Microsoft Corporation - Cliente da Política de Grupo.) -- C:\Windows\System32\gpsvc.dll [1366016]

O83 - Search Svchost Services: IKEEXT (IKEEXT) . (.Microsoft Corporation - Extensão IKE.) -- C:\Windows\System32\ikeext.dll [1160192]

O83 - Search Svchost Services: Rasauto (Rasauto) . (.Microsoft Corporation - Gerenciador de Discagem Automática de Acesso Remoto.) -- C:\Windows\System32\rasauto.dll [99840]

O83 - Search Svchost Services: Rasman (Rasman) . (.Microsoft Corporation - Gerenciador de conexão de acesso remoto.) -- C:\Windows\System32\rasmans.dll [358400]

O83 - Search Svchost Services: Remoteaccess (Remoteaccess) . (.Microsoft Corporation - Gerenciador de Interface Dinâmica.) -- C:\Windows\System32\mprdim.dll [107520]

O83 - Search Svchost Services: SENS (SENS) . (.Microsoft Corporation - Serviço de Notificação de Eventos do Sistema (SENS).) -- C:\Windows\System32\sens.dll [62976]

O83 - Search Svchost Services: Sharedaccess (Sharedaccess) . (.Microsoft Corporation - Componentes do Microsoft NAT Helper.) -- C:\Windows\System32\ipnathlp.dll [438784]

O83 - Search Svchost Services: Tapisrv (Tapisrv) . (.Microsoft Corporation - Servidor de telefonia do Microsoft® Windows.) -- C:\Windows\System32\tapisrv.dll [305664]

O83 - Search Svchost Services: wuauserv (wuauserv) . (.Microsoft Corporation - Windows Update Agent.) -- C:\Windows\System32\wuaueng.dll [3286016]

O83 - Search Svchost Services: BITS (BITS) . (.Microsoft Corporation - Serviço de transferência inteligente de tela de fundo.) -- C:\Windows\System32\qmgr.dll [826368]

O83 - Search Svchost Services: ShellHWDetection (ShellHWDetection) . (.Microsoft Corporation - DLL de serviços do Shell do Windows.) -- C:\Windows\System32\shsvcs.dll [565760]

O83 - Search Svchost Services: iphlpsvc (iphlpsvc) . (.Microsoft Corporation - Serviço que oferece conectividade IPv6 em uma rede IPv4..) -- C:\Windows\System32\iphlpsvc.dll [894464]

O83 - Search Svchost Services: seclogon (seclogon) . (.Microsoft Corporation - DLL de serviço de logon secundário.) -- C:\Windows\system32\seclogon.dll [30720]

O83 - Search Svchost Services: AppInfo (AppInfo) . (.Microsoft Corporation - Serviço de Informações de Aplicativos.) -- C:\Windows\System32\appinfo.dll [70144]

O83 - Search Svchost Services: msiscsi (msiscsi) . (.Microsoft Corporation - Serviço de Descoberta iSCSI.) -- C:\Windows\System32\iscsiexe.dll [151552]

O83 - Search Svchost Services: EapHost (EapHost) . (.Microsoft Corporation - Serviço Microsoft EAPHost.) -- C:\Windows\System32\eapsvc.dll [105472]

O83 - Search Svchost Services: schedule (schedule) . (.Microsoft Corporation - Serviço Agendador de Tarefas.) -- C:\Windows\System32\schedsvc.dll [1285632]

O83 - Search Svchost Services: winmgmt (winmgmt) . (.Microsoft Corporation - WMI.) -- C:\Windows\System32\wbem\WMIsvc.dll [219648]

O83 - Search Svchost Services: MMCSS (MMCSS) . (.Microsoft Corporation - Serviço Agendador de Classes de Multimídia.) -- C:\Windows\System32\mmcss.dll [80896]

O83 - Search Svchost Services: browser (browser) . (.Microsoft Corporation - DLL de Serviço Pesquisador de Computadores.) -- C:\Windows\System32\browser.dll [134144]

O83 - Search Svchost Services: ProfSvc (ProfSvc) . (.Microsoft Corporation - ProfSvc.) -- C:\Windows\System32\profsvc.dll [210432]

O83 - Search Svchost Services: SessionEnv (SessionEnv) . (.Microsoft Corporation - Serviço de Configuração da Área de Trabalho Remota.) -- C:\Windows\System32\sessenv.dll [291328]

O83 - Search Svchost Services: wercplsupport (wercplsupport) . (.Microsoft Corporation - Relatórios de Problemas e Soluções.) -- C:\Windows\System32\wercplsupport.dll [84992]

O83 - Search Svchost Services: hkmsvc (hkmsvc) . (.Microsoft Corporation - Serviço de Gerenciamento de Chaves.) -- C:\Windows\System32\kmsvc.dll [97792]

O83 - Search Svchost Services: BDESVC (BDESVC) . (.Microsoft Corporation - Serviço BDE.) -- C:\Windows\System32\bdesvc.dll [190976]

O83 - Search Svchost Services: wlidsvc (wlidsvc) . (.Microsoft Corporation - Serviço Conta da Microsoft®.) -- C:\Windows\System32\wlidsvc.dll [1964544]

O83 - Search Svchost Services: Themes (Themes) . (.Microsoft Corporation - DLL do Serviço de Tema do Shell do Windows.) -- C:\Windows\System32\themeservice.dll [47104]

O83 - Search Svchost Services: DsmSvc (DsmSvc) . (.Microsoft Corporation - Gerenciador de Instalação de Dispositivo.) -- C:\Windows\System32\DeviceSetupManager.dll [207872]

O83 - Search Svchost Services: NcaSvc (NcaSvc) . (.Microsoft Corporation - Serviço Assistente de Conectividade de Rede da Microsoft.) -- C:\Windows\System32\ncasvc.dll [161792]

O83 - Search Svchost Services: SystemEventsBroker (SystemEventsBroker) . (.Microsoft Corporation - Agente de Eventos do Sistema.) -- C:\Windows\System32\SystemEventsBrokerServer.dll [180224]

O83 - Search Svchost Services: AppMgmt (AppMgmt) . (.Microsoft Corporation - Serviço de instalação do software.) -- C:\Windows\System32\appmgmts.dll [187392]

~ Services: 35 Scanned in 00mn 00s




---\\ Pesquisa adicional à raiz do sistema (radicular) (SPRF) (O84)

[MD5.00385536FF0237E0B6D429CA9228CDDA] [sPRF][16/06/2014] (...) -- C:\Users\asafer\AppData\Roaming\unins000.dat [46527]

[MD5.F8CD52B70A11A1FB3F29C6F89FF971EC] [sPRF][31/07/2014] (.Ammyy LLC - Ammyy Admin.) -- C:\Users\asafer\Desktop\Ammy.exe [764184]

[MD5.92ABBC6E52E32F8F66684F90BF4A25CE] [sPRF][29/01/2015] (...) -- C:\Users\asafer\Desktop\zoek.exe [1295360]

~ Files: 3 Scanned in 00mn 00s




---\\ Estado general dos serviços não Microsoft (EGS) (SR=Executados, SS=Parados)

SS - | Demand 08/08/2012 276288 | (cphs) . (.Intel Corporation.) - C:\Windows\SysWow64\IntelCpHeciSvc.exe

SS - | Auto 13/02/2014 116648 | (gupdate) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

SS - | Demand 13/02/2014 116648 | (gupdatem) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

SS - | Demand 17/07/2014 119408 | (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe

SS - | Auto 20/09/2012 29696 | C:\Windows\System32\HPZinw12.dll (Net Driver HPZ12) . (.Hewlett-Packard.) - C:\Windows\System32\svchost.exe

SS - | Demand 22/08/2013 37176 | (OpenVPNService) . (.The OpenVPN Project.) - C:\Program Files\OpenVPN\bin\openvpnserv.exe

SS - | Auto 20/09/2012 29696 | C:\Windows\System32\HPZipm12.dll (Pml Driver HPZ12) . (.Hewlett-Packard.) - C:\Windows\System32\svchost.exe

SS - | Demand 01/02/2013 2215272 | (SecureStorageService) . (.Wave Systems Corp..) - C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Secure Storage Manager\SecureStorageService.exe

SS - | Auto 13/02/2014 10752 | (SetupARService) . (...) - C:\Program Files (x86)\Realtek\Audio\SetupAfterRebootService.exe

SS - | Auto 02/01/2015 315488 | (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files (x86)\Skype\Updater\Updater.exe

SS - | Demand 22/07/1658 0 | (WMPNetworkSvc) . (...) - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe =>.Microsoft Corporation

SS - | Demand 20/09/2012 29696 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe

SR - | Auto 04/12/2013 356128 | (AVP) . (.Kaspersky Lab ZAO.) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\avp.exe

SR - | Auto 25/09/2013 818888 | (CSObjectsSrv) . (.Infowatch.) - C:\Program Files (x86)\Common Files\InfoWatch\CryptoStorage\ProtectedObjectsSrv.exe

SR - | Auto 11/03/2013 231792 | (EmbassyService) . (...) - C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\EMBASSY Client Core\EmbassyServer.exe

SR - | Auto 29/09/2014 546104 | (GbpSv) . (.GAS Tecnologia.) - C:\Program Files (x86)\GbPlugin\gbpsv.exe

SR - | Auto 24/06/2009 136704 | (HP LaserJet Service) . (.HP.) - C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe

SR - | Auto 07/04/2010 127800 | (HPSIService) . (.HP.) - C:\Windows\system32\HPSIsvc.exe

SR - | Auto 20/09/2012 29696 | C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.dll (HPSLPSVC) . (.Hewlett-Packard Co..) - C:\Windows\System32\svchost.exe

SR - | Auto 02/09/2012 14904 | (IAStorDataMgrSvc) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe

SR - | Auto 28/01/2015 377704 | (LMIGuardianSvc) . (.LogMeIn, Inc..) - C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe

SR - | Auto 28/01/2015 226152 | (LMIMaint) . (.LogMeIn, Inc..) - C:\Program Files (x86)\LogMeIn\x64\RaMaint.exe

SR - | Auto 07/02/2014 407424 | (LogMeIn) . (.LogMeIn, Inc..) - C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe

SR - | Auto 21/01/2013 21504 | (PbaDrvSvc_x64) . (.Dell, Inc..) - C:\Program Files\Dell\Dell Data Protection\Access\Advanced\hapi64\pbadrvsvc.exe

SR - | Auto 24/04/2012 254512 | (RichVideo) . (...) - C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe

SR - | Auto 23/05/2013 1915480 | (SftService) . (.SoftThinks SAS.) - C:\Program Files (x86)\Dell Backup and Recovery\SftService.exe

SR - | Auto 11/05/2012 1643520 | (tcsd_win32.exe) . (...) - C:\Program Files (x86)\Security Innovation\SI TSS\bin\tcsd_win32.exe

SR - | Auto 05/03/2013 5159760 | (TdmService) . (.Wave Systems Corp..) - C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Trusted Drive Manager\TdmService.exe

SR - | Auto 12/09/2014 4799760 | (TeamViewer9) . (.TeamViewer GmbH.) - C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe

SR - | Auto 26/02/2013 1773056 | (Wave Authentication Manager Service) . (.Wave Systems Corp..) - C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Authentication Manager\WaveAMService.exe

SR - | Demand 22/07/1658 0 | (WinDefend) . (...) - C:\Program Files (x86)\Windows Defender\MsMpEng.exe

SR - | Auto 08/03/2013 254824 | (WvPCR) . (.Wave Systems Corp..) - C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Common\WvPCR.exe

~ Services: Scanned in 00mn 07s




---\\ Pesquisa de infeção no Registo Mestre de Inicialização (MBR) (080)

Run by asafer at 03/03/2015 13:35:36

~ OS 64 not supported by MBR tool

~ MBR: 0 Scanned in 00mn 00s




---\\ Pesquisa de infeção no Registo Mestre de Inicialização (MBRCheck) (080)

Written by ad13, http://ad13.geekstog

Run by asafer at 03/03/2015 13:35:38

********* Dump file Name *********

C:\PhysicalDisk0_MBR.bin

~ MBR: Scanned in 00mn 02s




---\\ Scâner Aditional (088)

Database Version : 13008 - (01/03/2015)

Clés trouvées (Keys found) : 0

Valeurs trouvées (Values found) : 0

Dossiers trouvés (Folders found) : 0

Fichiers trouvés (Files found) : 0


~ Additionnel Scan: 231235 Items scanned in 00mn 10s




---\\ Informações complémentaires do módulos

~ http://nicolascoolman.fr/r5-internet-explorer-proxy-management-iepm/ =>.Internet Explorer, Gestão do Proxy (R5)

~ http://nicolascoolman.fr/o2-browser-helper-objects-de-navigateur/ =>.Browser Helper Objects do navegador (02)

~ http://nicolascoolman.fr/o4-applications-demarrees-par-le-registre/ =>.Aplicações iniciadas por registo & pastas (04)

~ http://nicolascoolman.fr/o51-mountpoints2-shell-key-mpsk/ =>.Chave do registo Shell MountPoints2 (MPSK) (O51)

~ AMI: 4 Scanned in 00mn 00s




End of the scan (1079 lines in 01mn 09s)(0.6)

Compartilhar este post


Link para o post
Compartilhar em outros sites

:seta: Selecione e copie todo o texto destacado em vermelho abaixo (começando em script zhpfix e indo até emptyclsid)

 

script zhpfix

SysRestore

O4 - HKUS\S-1-5-21\..\Run: [resource] en-ca.dll

O4 - HKUS\S-1-5-21\..\RunOnce: [resource] en-ca.dll

ShortcutFix

EmptyTemp

EmptyFlash

emptyclsid

_____________________________________________________________________________________________________________

 

Vá no menu: Iniciar > Todos os programas > ZHP > Clique com o botão direito do mouse sobre o Zhpfix e escolha a opção de Executar como administrador > Clique em Importação > Clique no botão GO > Clique em Oui > Caso queira que os arquivos da lixeira sejam excluídos clique em Oui novamente > Um relatório aparecerá no bloco de notas.

 

Copie este relatório e poste em sua próxima resposta e nos diga como está o PC depois disto e se os problemas foram resolvidos.

Compartilhar este post


Link para o post
Compartilhar em outros sites

Boa tarde desculpa a demora, segue:

 

Rapport de ZHPFix 2015.2.17.3 par Nicolas Coolman, Update du 17/02/2015
Fichier d'export Registre :
Run by asafer at 12/03/2015 17:58:21
High Elevated Privileges : OK
Windows 8 Business Edition, 64-bit (Build 9200)
Reciclagem vazia (00mn 02s)
Reparação de atalhos do navegador
========== Pastas ==========
Nenhuma pasta CLSID local utilizador vazia
========== Ficheiros ==========
ELIMINÉ Temporários windows (16) (46.327.512 octets)
ELIMINÉ Flash Cookies (0) (0 octets)
========== Restauração Sistema ==========
Ponto de restauro do sistema criado com sucesso
========== Outros ==========
NÃO-TRATADO O4 - HKUS\S-1-5-21\..\Run: [resource] en-ca.dll
NÃO-TRATADO O4 - HKUS\S-1-5-21\..\RunOnce: [resource] en-ca.dll
========== Recapitulativo ==========
1 : Pastas
2 : Ficheiros
1 : Restauração Sistema
2 : Outros
End of clean in 00mn 04s
========== Caminho do ficheiro do relatório ==========
C:\Users\asafer\AppData\Roaming\ZHP\ZHPFix[R1].txt - 03/03/2015 07:52:24 [1631]
C:\Users\asafer\AppData\Roaming\ZHP\ZHPFix[R2].txt - 12/03/2015 17:58:23 [1018]

Ficou bem melhor, o unico problema é que o skype não quer abrir, só abre quando pede alguma atualização.

Compartilhar este post


Link para o post
Compartilhar em outros sites

Ficou bem melhor, o unico problema é que o skype não quer abrir, só abre quando pede alguma atualização.

Quanto ao Skype, veja se você tem a versão mais nova dele. Se estiver com uma versão antiga, atualize-o para a versão mais recente. Se já está com a versão mais recente, seria bom tentar desinstalá-lo, baixar a versão atual no site oficial dele e reinstalá-lo.

_________________________________________________

 

:thumbsup: Quanto às questões de vírus e adwares, seu PC está limpo.

 

:seta: Só para finalizar siga estes tutoriais abaixo, por gentileza:

 

Excluindo erros e otimizando seu PC com o CCleaner

 

Elimine arquivos inúteis de seu PC com o PureRa

_______________________________________________________________________________________________________________________

 

:seta: Para remover os programas usados na limpeza deste PC e criar um novo ponto de restauração seguro e sem problemas, utilize o DelFix seguindo as dicas deste tutorial.

_______________________________________________________________________________________________________________________

 

:) Foi um prazer ajudar. Conte sempre conosco!

Compartilhar este post


Link para o post
Compartilhar em outros sites

tenho outro pc em casa, temos que rever ele ou nao precisa?

No aguardo

Este outro PC está apresentando algum problema ou sintoma de contaminação? Se estiver tudo certo com ele não precisa fazer nada. Já se estiver com algum problema, crie um novo tópico para que este outro PC seja analisado.

PROBLEMA RESOLVIDO

 

Caso o autor necessite que o tópico seja reaberto basta enviar uma Mensagem Privada para um Moderador com um link para o tópico.

Compartilhar este post


Link para o post
Compartilhar em outros sites
Visitante
Este tópico está impedido de receber novos posts.

×

Informação importante

Ao usar o fórum, você concorda com nossos Termos e condições.