gRoOvE 0 Denunciar post Postado Abril 4, 2015 Boa tarde, esses dias fui baixar um aplicativo pelo baixaki e aquele instalador deles zuou muito minha máquina, instalou mil aplicativos, extensões no chrome que não consigo remover, toda hora aparece uma tela de instalador querendo instalar coisas. Chrome tá bugado também, não abre as páginas, some da tela, não é possível finalizar. Segue log do hijacks Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 14:24:12, on 04/04/2015 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Unable to get Internet Explorer version! Boot mode: Normal Running processes: C:\Program Files (x86)\DigitalPersona\Bin\DPAgent.exe C:\Users\Kauan\AppData\Roaming\Spotify\SpotifyWebHelper.exe C:\Users\Kauan\AppData\Local\Apps\Evernote\Evernote\EvernoteClipper.exe C:\Users\Kauan\AppData\Local\Apps\Evernote\Evernote\EvernoteTray.exe C:\Users\Kauan\AppData\Local\Apps\Evernote\Evernote\Evernote.exe C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe C:\Hijacks\HiJackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.mystartsearch.com/web/?type=dspp&ts=1428069492&from=slbnew&uid=TOSHIBAXMK5061GSYN_42CPT7XNTXX42CPT7XNT&q={searchTerms} R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.mystartsearch.com/web/?type=dspp&ts=1428069492&from=slbnew&uid=TOSHIBAXMK5061GSYN_42CPT7XNTXX42CPT7XNT&q={searchTerms} R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = F2 - REG:system.ini: UserInit=userinit.exe O2 - BHO: shopperz Helper - {5081D2D4-1637-404c-B74F-50526718257D} - C:\Program Files\shopperz\mseff32.dll (file missing) O2 - BHO: RoboForm BHO - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll O2 - BHO: IESpeakDoc - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\IEPlugIn.dll O3 - Toolbar: &RoboForm Toolbar - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun O4 - HKLM\..\RunOnce: [Update] C:\Users\Kauan\AppData\Roaming\VOPackage\VOPackage.exe /runonce O4 - HKCU\..\Run: [Spotify Web Helper] "C:\Users\Kauan\AppData\Roaming\Spotify\SpotifyWebHelper.exe" O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVIÇO LOCAL') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVIÇO LOCAL') O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVIÇO DE REDE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVIÇO DE REDE') O4 - HKUS\S-1-5-18\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'SISTEMA') O4 - HKUS\.DEFAULT\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'Default user') O4 - Startup: EvernoteClipper.lnk = C:\Users\Kauan\AppData\Local\Apps\Evernote\Evernote\EvernoteClipper.exe O4 - Startup: EvernoteTray.lnk = Kauan\AppData\Local\Apps\Evernote\Evernote\EvernoteTray.exe O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present O8 - Extra context menu item: Barra de Ferramentas do RF - file://C:/Program Files (x86)/Siber Systems/AI RoboForm/RoboFormComShowToolbar.html O8 - Extra context menu item: Capturar esta página - C:\Users\Kauan\AppData\Local\Apps\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=1 O8 - Extra context menu item: Capturar imagem - C:\Users\Kauan\AppData\Local\Apps\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=4 O8 - Extra context menu item: Capturar seleção - C:\Users\Kauan\AppData\Local\Apps\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=3 O8 - Extra context menu item: Capturar URL - C:\Users\Kauan\AppData\Local\Apps\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=0 O8 - Extra context menu item: Nova nota - C:\Users\Kauan\AppData\Local\Apps\Evernote\Evernote\\EvernoteIERes\NewNote.html O8 - Extra context menu item: Personalizar Menu - file://C:/Program Files (x86)/Siber Systems/AI RoboForm/RoboFormComCustomizeIEMenu.html O8 - Extra context menu item: Preencher - file://C:/Program Files (x86)/Siber Systems/AI RoboForm/RoboFormComFillForms.html O8 - Extra context menu item: Salvar Formulários - file://C:/Program Files (x86)/Siber Systems/AI RoboForm/RoboFormComSavePass.html O9 - Extra button: Preencher - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll O9 - Extra 'Tools' menuitem: Preencher - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll O9 - Extra button: Salvar - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll O9 - Extra 'Tools' menuitem: Salvar Formulários - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll O9 - Extra button: Exibir Barra de Ferramentas - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll O9 - Extra 'Tools' menuitem: Barra de Ferramentas do RF - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll O9 - Extra button: (no name) - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\IEPlugIn.dll O9 - Extra 'Tools' menuitem: Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\IEPlugIn.dll O9 - Extra button: @C:\Users\Kauan\AppData\Local\Apps\Evernote\Evernote\OLIEResource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Users\Kauan\AppData\Local\Apps\Evernote\Evernote\\EvernoteIERes\AddNote.html (HKCU) O9 - Extra 'Tools' menuitem: @C:\Users\Kauan\AppData\Local\Apps\Evernote\Evernote\OLIEResource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Users\Kauan\AppData\Local\Apps\Evernote\Evernote\\EvernoteIERes\AddNote.html (HKCU) O10 - Unknown file in Winsock LSP: c:\windows\system32\vcl.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\vcl.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\vcl.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\vcl.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\vcl.dll O15 - Trusted Zone: *.dell.com O20 - Winlogon Notify: SDWinLogon - SDWinLogon.dll (file missing) O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Program Files\IDT\WDM\AESTSr64.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing) O23 - Service: Atheros Bt&Wlan Coex Agent - Atheros - C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\Ath_CoexAgent.exe O23 - Service: AtherosSvc - Atheros Commnucations - C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\adminservice.exe O23 - Service: NOT Asymmetric Digital Subscriber Line (cicifiso) - Unknown owner - C:\Users\Kauan\AppData\Roaming\4C4C4544-1428069401-4C10-805A-B9C04F315631\nsuD8FB.tmp O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe O23 - Service: @C:\Program Files\DigitalPersona\Bin\DpHostW.exe,-128 (DpHost) - DigitalPersona, Inc. - C:\Program Files\DigitalPersona\Bin\DpHostW.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: Freemake Improver - Freemake - C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe O23 - Service: globalUpdate Update Service (globalUpdate) (globalUpdate) - globalUpdate - C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe O23 - Service: globalUpdate Update Service (globalUpdatem) (globalUpdatem) - globalUpdate - C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe O23 - Service: Serviço do Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Serviço do Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Net.Tcp Service Handler (NetTcpHandler) - QNT - C:\Users\Kauan\AppData\Roaming\NetService\netservice.exe O23 - Service: OracleMTSRecoveryService - Oracle Corporation - C:\oraclexe\app\oracle\product\11.2.0\server\BIN\omtsreco.exe O23 - Service: OracleServiceXE - Oracle Corporation - c:\oraclexe\app\oracle\product\11.2.0\server\bin\ORACLE.EXE O23 - Service: OracleXEClrAgent - Oracle Corporation - C:\oraclexe\app\oracle\product\11.2.0\server\bin\OraClrAgnt.exe O23 - Service: OracleXETNSListener - Oracle Corporation - C:\oraclexe\app\oracle\product\11.2.0\server\BIN\tnslsnr.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Qualcomm Gobi 2000 Download Service (Dell) (QDLService2kDell) - QUALCOMM, Inc. - C:\Program Files (x86)\QUALCOMM\QDLService2k\QDLService2kDell.exe O23 - Service: RoxMediaDB12OEM - Sonic Solutions - C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe O23 - Service: Roxio Hard Drive Watcher 12 (RoxWatch12) - Sonic Solutions - C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Spybot-S&D 2 Scanner Service (SDScannerService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe O23 - Service: Spybot-S&D 2 Updating Service (SDUpdateService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe O23 - Service: Spybot-S&D 2 Security Center Service (SDWSCService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe O23 - Service: Net Service Event Handler (Sed) - Navigation Co., Ltd. - C:\Users\Kauan\AppData\Roaming\ntsvc\ntsvc.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\stlang64.dll,-10102 (STacSV) - IDT, Inc. - C:\Program Files\IDT\WDM\STacSV64.exe O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: Synaptics FP WBF Policy Service (valWBFPolicyService) - Unknown owner - C:\Windows\system32\valWBFPolicyService.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: Wildfly - Apache Software Foundation - C:\wildfly\bin\service\amd64\wildfly-service.exe O23 - Service: WindowsMangerProtect Service (WindowsMangerProtect) - SysTool PasSame LIMITED - C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) O23 - Service: Left Button Alt Key (xyhigysy) - Unknown owner - C:\Users\Kauan\AppData\Roaming\4C4C4544-1428069401-4C10-805A-B9C04F315631\jnssDC69.tmp -- End of file - 13871 bytes Compartilhar este post Link para o post Compartilhar em outros sites
Power Max 54 Denunciar post Postado Abril 4, 2015 Olá. Para evitar estes problemas da próxima vez que for baixar algum programa no Baixaki e outros sites parecidos, escolha sempre a opção de baixar sem o instalador deles. _____________________________________________ :seta: Baixe o programa Adwcleaner clicando no link abaixo e depois clique no botão Download Now @BleepingComputer: http://www.bleepingcomputer.com/download/adwcleaner/ Para executar corretamente o AdwCleaner é só seguir as dicas deste tutorial: Remova adwares e toolbars maliciosas com o Adwcleaner * Na sua próxima resposta poste o log (relatório) do Adwcleaner que estará em C:\AdwCleaner\AdwCleaner[s0].txt Ficamos na espera. Compartilhar este post Link para o post Compartilhar em outros sites
gRoOvE 0 Denunciar post Postado Abril 4, 2015 Power Max faço sempre download dos aplicativos direito do site oficial, porém desta vez estava com pressa e não vi que era ferramenta do baixaki. Segue o log do Adwcleaner: # AdwCleaner v4.200 - Arquivo de log criado 04/04/2015 às 16:19:19 # Atualizado 29/03/2015 por Xplode # Base de dados : 2015-03-29.1 [Servidor] # Sistema operacional : Windows 7 Professional Service Pack 1 (x64) # Usuário : Kauan - KAUAN-PC # Executando de : C:\Users\Kauan\Downloads\adwcleaner_4.200.exe # Opção : Limpar ***** [ Serviços ] ***** [#] Serviço Excluído : cherimoya [#] Serviço Excluído : globalUpdate [#] Serviço Excluído : globalUpdatem [#] Serviço Excluído : WindowsMangerProtect [#] Serviço Excluído : innfd_1_10_0_13 ***** [ Arquivos / Pastas ] ***** Pasta Excluído : C:\ProgramData\baidu Pasta Excluído : C:\ProgramData\Browser Pasta Excluído : C:\ProgramData\WindowsMangerProtect Pasta Excluído : C:\ProgramData\IHProtectUpDate Pasta Excluído : C:\Program Files (x86)\globalUpdate Pasta Excluído : C:\Program Files (x86)\predm Pasta Excluído : C:\Users\Kauan\AppData\Local\Temp\Macwebtoise Pasta Excluído : C:\Users\Administrador\AppData\Local\Crossbrowse Pasta Excluído : C:\Users\Kauan\AppData\Local\globalUpdate Pasta Excluído : C:\Users\Kauan\AppData\Local\BoBrowser Pasta Excluído : C:\Users\Kauan\AppData\Local\SmartWeb Pasta Excluído : C:\Users\Kauan\AppData\Roaming\AnyProtectEx Pasta Excluído : C:\Users\Kauan\AppData\Roaming\Macwebtoise Pasta Excluído : C:\Users\Kauan\AppData\Roaming\Mozilla\Firefox\Profiles\3kHJ9NFI.default\Extensions\fftoolbar2014@etech.com Pasta Excluído : C:\Users\Kauan\AppData\Roaming\Mozilla\Firefox\Profiles\3kHJ9NFI.default\Extensions\searchengine@gmail.com Pasta Excluído : C:\Users\Kauan\AppData\Roaming\Mozilla\Firefox\Profiles\3kHJ9NFI.default\Extensions\istart_ffnt@gmail.com Pasta Excluído : C:\Users\Kauan\AppData\Local\Google\Chrome\User Data\Default\Extensions\niloccemoadcdkdjlinkgdfekeahmflj Arquivo Excluído : C:\Users\Kauan\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_niloccemoadcdkdjlinkgdfekeahmflj_0.localstorage Arquivo Excluído : C:\Users\Kauan\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_niloccemoadcdkdjlinkgdfekeahmflj_0.localstorage-journal Arquivo Excluído : C:\ProgramData\Duplicaterecord.js Arquivo Excluído : C:\Windows\patsearch.bin Arquivo Excluído : C:\Windows\SysWOW64\VCL.dll Arquivo Excluído : C:\Users\Kauan\AppData\Local\Temp\Uninstall.exe Arquivo Excluído : C:\Users\Kauan\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\BoBrowser.lnk Arquivo Excluído : C:\Users\Kauan\Desktop\Continue Live Installation.lnk Arquivo Excluído : C:\Users\Kauan\AppData\Roaming\Mozilla\Firefox\Profiles\3kHJ9NFI.default\searchplugins\mystartsearch.xml Arquivo Excluído : C:\Users\Kauan\AppData\Roaming\Mozilla\Firefox\Profiles\3kHJ9NFI.default\user.js ***** [ Tarefas agendadas ] ***** Tarefa Apagado : APSnotifierPP1 Tarefa Apagado : APSnotifierPP2 Tarefa Apagado : APSnotifierPP3 Tarefa Apagado : globalUpdateUpdateTaskMachineCore Tarefa Apagado : globalUpdateUpdateTaskMachineUA Tarefa Apagado : Run_Bobby_Browser Tarefa Apagado : SmartWeb Upgrade Trigger Task ***** [ Atalhos ] ***** ***** [ Registro ] ***** Valor Apagado : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [fftoolbar2014@etech.com] Valor Apagado : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [{5081D2D4-1637-404c-B74F-50526718257D}] Valor Apagado : [x64] HKLM\SOFTWARE\Mozilla\Firefox\Extensions [{5081D2D4-1637-404c-B74F-50526718257D}] Valor Apagado : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [searchengine@gmail.com] Valor Apagado : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [istart_ffnt@gmail.com] Valor Apagado : HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel [Homepage] Chave Apagado : HKLM\SOFTWARE\Classes\globalUpdate.OneClickCtrl.10 Chave Apagado : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine Chave Apagado : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine.1.0 Chave Apagado : HKLM\SOFTWARE\Classes\globalUpdate.Update3WebControl.4 Chave Apagado : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync Chave Apagado : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync.1.0 Chave Apagado : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass Chave Apagado : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass.1 Chave Apagado : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass Chave Apagado : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass.1 Chave Apagado : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine Chave Apagado : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine.1.0 Chave Apagado : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine Chave Apagado : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine.1.0 Chave Apagado : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback Chave Apagado : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback.1.0 Chave Apagado : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc Chave Apagado : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc.1.0 Chave Apagado : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher Chave Apagado : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher.1.0 Chave Apagado : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService Chave Apagado : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService.1.0 Chave Apagado : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine Chave Apagado : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine.1.0 Chave Apagado : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback Chave Apagado : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback.1.0 Chave Apagado : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc Chave Apagado : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc.1.0 Chave Apagado : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=10 Chave Apagado : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=4 Chave Apagado : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WindowsMangerProtect Chave Apagado : HKCU\Software\Mozilla\Extends Chave Apagado : HKLM\SOFTWARE\Classes\Extension.jshep Chave Apagado : HKLM\SOFTWARE\Classes\Extension.jshep.1 Chave Apagado : HKLM\SOFTWARE\Classes\AppID\{3278F5CF-48F3-4253-A6BB-004CE84AF492} Chave Apagado : HKLM\SOFTWARE\Classes\AppID\{577975B8-C40E-43E6-B0DE-4C6B44088B52} Chave Apagado : HKLM\SOFTWARE\Classes\CLSID\{02A96331-0CA6-40E2-A87D-C224601985EB} Chave Apagado : HKLM\SOFTWARE\Classes\CLSID\{3278F5CF-48F3-4253-A6BB-004CE84AF492} Chave Apagado : HKLM\SOFTWARE\Classes\CLSID\{3B5702BA-7F4C-4D1A-B026-1E9A01D43978} Chave Apagado : HKLM\SOFTWARE\Classes\CLSID\{5645E0E7-FC12-43BF-A6E4-F9751942B298} Chave Apagado : HKLM\SOFTWARE\Classes\CLSID\{577975B8-C40E-43E6-B0DE-4C6B44088B52} Chave Apagado : HKLM\SOFTWARE\Classes\CLSID\{5E89ACE9-E16B-499A-87B4-0DBF742404C1} Chave Apagado : HKLM\SOFTWARE\Classes\CLSID\{69F256DF-BA98-45E9-86EA-FC3CFECF9D30} Chave Apagado : HKLM\SOFTWARE\Classes\CLSID\{6E87FC94-9866-49B9-8E93-5736D6DE3DD7} Chave Apagado : HKLM\SOFTWARE\Classes\CLSID\{7E49F793-B3CD-4BF7-8419-B34B8BD30E61} Chave Apagado : HKLM\SOFTWARE\Classes\CLSID\{834469E3-CA2B-4F21-A5CA-4F6F4DBCDE87} Chave Apagado : HKLM\SOFTWARE\Classes\CLSID\{8529FAA3-5BFD-43C1-AB35-B53C4B96C6E5} Chave Apagado : HKLM\SOFTWARE\Classes\CLSID\{ADBC39BE-3D20-4333-8D99-E91EB1B62474} Chave Apagado : HKLM\SOFTWARE\Classes\CLSID\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A} Chave Apagado : HKLM\SOFTWARE\Classes\CLSID\{CFC47BB5-5FB5-4AD0-8427-6AA04334A3FC} Chave Apagado : HKLM\SOFTWARE\Classes\CLSID\{E06CA7F5-BA34-4FF6-8D24-B1BDC594D91F} Chave Apagado : HKLM\SOFTWARE\Classes\CLSID\{E0ADB535-D7B5-4D8B-B15D-578BDD20D76A} Chave Apagado : HKLM\SOFTWARE\Classes\CLSID\{E5A7A645-8318-4895-B85C-EDC606B80DB6} Chave Apagado : HKLM\SOFTWARE\Classes\CLSID\{F6421EE5-A5BE-4D31-81D5-C16B7BF48E4C} Chave Apagado : HKLM\SOFTWARE\Classes\CLSID\{FD8E81D0-F5FE-4CB1-9AEA-1E163D2BAB78} Chave Apagado : HKLM\SOFTWARE\Classes\CLSID\{5081D2D4-1637-404C-B74F-50526718257D} Chave Apagado : HKLM\SOFTWARE\Classes\Interface\{E4C3E50F-5761-4BF8-95A0-939A819DF1C3} Chave Apagado : HKLM\SOFTWARE\Classes\TypeLib\{9AE7A6AE-162E-44C4-9A2B-A6B4EF19909D} Chave Apagado : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5081D2D4-1637-404C-B74F-50526718257D} Chave Apagado : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{5645E0E7-FC12-43BF-A6E4-F9751942B298} Chave Apagado : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A} Chave Apagado : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5645E0E7-FC12-43BF-A6E4-F9751942B298} Chave Apagado : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5E89ACE9-E16B-499A-87B4-0DBF742404C1} Chave Apagado : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A} Chave Apagado : [x64] HKLM\SOFTWARE\Classes\CLSID\{E5A7A645-8318-4895-B85C-EDC606B80DB6} Chave Apagado : [x64] HKLM\SOFTWARE\Classes\CLSID\{5081D2D4-1637-404C-B74F-50526718257D} Chave Apagado : [x64] HKLM\SOFTWARE\Classes\Interface\{917CAAE9-DD47-4025-936E-1414F07DF5B8} Chave Apagado : [x64] HKLM\SOFTWARE\Classes\Interface\{E4C3E50F-5761-4BF8-95A0-939A819DF1C3} Chave Apagado : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5081D2D4-1637-404C-B74F-50526718257D} Chave Apagado : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0} Chave Apagado : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Chave Apagado : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86} Chave Apagado : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{E733165D-CBCF-4FDA-883E-ADEF965B476C} Chave Apagado : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86} Chave Apagado : HKCU\Software\AnyProtect Chave Apagado : HKCU\Software\APN PIP Chave Apagado : HKCU\Software\GlobalUpdate Chave Apagado : HKCU\Software\HomeTab Chave Apagado : HKCU\Software\simplytech Chave Apagado : HKCU\Software\BoBrowser Chave Apagado : HKCU\Software\TNT2 Chave Apagado : HKCU\Software\WajIntEnhance Chave Apagado : HKCU\Software\SearchProtectWS Chave Apagado : HKCU\Software\{4E7638A1-6962-4e44-A6B9-F40E84FD6D09} Chave Apagado : HKCU\Software\Crossbrowse Chave Apagado : HKCU\Software\AppDataLow\Software\BlockAndSurf Chave Apagado : HKCU\Software\AppDataLow\Software\Crossrider Chave Apagado : HKCU\Software\AppDataLow\Software\DynConIE Chave Apagado : HKLM\SOFTWARE\AskPartnerNetwork Chave Apagado : HKLM\SOFTWARE\Conduit Chave Apagado : HKLM\SOFTWARE\GlobalUpdate Chave Apagado : HKLM\SOFTWARE\Iminent Chave Apagado : HKLM\SOFTWARE\SearchProtect Chave Apagado : HKLM\SOFTWARE\SupDp Chave Apagado : HKLM\SOFTWARE\SupTab Chave Apagado : HKLM\SOFTWARE\Tutorials Chave Apagado : HKLM\SOFTWARE\Clara Chave Apagado : HKLM\SOFTWARE\mystartsearchSoftware Chave Apagado : HKLM\SOFTWARE\IHProtect Chave Apagado : HKLM\SOFTWARE\WajIntEnhance Chave Apagado : HKLM\SOFTWARE\Crossbrowse Chave Apagado : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\IMBoosterARP Chave Apagado : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\IminentToolbar Chave Apagado : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\WajIntEnhance Chave Apagado : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Vosteran.com Chave Apagado : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IMBoosterARP Chave Apagado : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IminentToolbar Chave Apagado : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\VOPackage Chave Apagado : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WajIntEnhance Chave Apagado : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Vosteran.com ***** [ Navegadores ] ***** -\\ Internet Explorer v0.0.0.0 Configuração Restaurado : HKCU\Software\Microsoft\Internet Explorer\Main [Search Page] Configuração Restaurado : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Search_URL] Configuração Restaurado : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL] Configuração Restaurado : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page] -\\ Mozilla Firefox v36.0.1 (x86 pt-BR) [3kHJ9NFI.default\prefs.js] - Linha Apagado : user_pref("browser.search.searchengine.alias", "mystartsearch"); [3kHJ9NFI.default\prefs.js] - Linha Apagado : user_pref("browser.search.searchengine.iconURL", "hxxp://www.mystartsearch.com/web/favicon.ico"); [3kHJ9NFI.default\prefs.js] - Linha Apagado : user_pref("browser.search.searchengine.name", "mystartsearch"); [3kHJ9NFI.default\prefs.js] - Linha Apagado : user_pref("browser.search.searchengine.url", "hxxp://www.mystartsearch.com/web/?type=dspp&ts=1428069492&from=slbnew&uid=TOSHIBAXMK5061GSYN_42CPT7XNTXX42CPT7XNT&q={searchTerms}"); [3kHJ9NFI.default\prefs.js] - Linha Apagado : user_pref("extensions.enabledAddons", "fftoolbar2014%40etech.com:1.0.0.1025,fftoolbar2014%40etech.com:1.0.0.1025,fftoolbar2014%40etech.com:1.0.0.1025,istart_ffnt%40gmail.com:5.3.7,searchengine%40gmail[...] -\\ Google Chrome v41.0.2272.118 [C:\Users\Administrador\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Apagado [Search Provider] : hxxp://br.ask.com/web?q={searchTerms} [C:\Users\Kauan\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Apagado [Search Provider] : hxxp://en.softonic.com/s/{searchTerms} [C:\Users\Kauan\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Apagado [Search Provider] : hxxp://forum.clubedohardware.com.br/searchresults.php?cx=partner-pub-9209131490195072%3Adn0327-g187&cof=FORID%3A10&ie=ISO-8859-1&q={searchTerms}&sa=Ir [C:\Users\Kauan\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Apagado [Search Provider] : hxxp://www.softonic.com.br/s/{searchTerms} [C:\Users\Kauan\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Apagado [Extension] : niloccemoadcdkdjlinkgdfekeahmflj [C:\Users\Kauan\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Apagado [Default_Search_Provider_Data] : ************************* AdwCleaner[R0].txt - [37712 bytes] - [04/04/2015 16:17:32] AdwCleaner[S0].txt - [14610 bytes] - [04/04/2015 16:19:19] ########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [14670 bytes] ########## Ao abrir o Chrome, este site está abrindo sozinho: http://www.123rede.com/?oem=mbtkv3&uid=42CPT7XNT_TOSHIBAMK5061GSYN&tm=1428078008 Compartilhar este post Link para o post Compartilhar em outros sites
Power Max 54 Denunciar post Postado Abril 4, 2015 Desative temporariamente seu antivírus para evitar conflitos. * Acesse este link abaixo e clique no primeiro botão da esquerda que é o botão Download Zoek.exe: http://www.hijackthis.nl/smeenk/ Salve-o no Desktop (Área de Trabalho). Para executá-lo corretamente siga as dicas deste tutorial: Exclua adwares e outras ameaças de seu PC e browsers com o aplicativo Zoek * Assim que ele concluir a limpeza dos problemas acesse o log (relatório) do Zoek que estará em C:\zoek-results.txt e copie todo seu conteúdo e poste em sua próxima resposta. Compartilhar este post Link para o post Compartilhar em outros sites
gRoOvE 0 Denunciar post Postado Abril 4, 2015 Olá, segue o log do zoek: Zoek.exe v5.0.0.0 Updated 02-April-2015 Tool run by Kauan on 04/04/2015 at 17:11:26,81. Microsoft Windows 7 Professional 6.1.7601 Service Pack 1 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\Kauan\Downloads\zoek.exe [Scan all users] [Script inserted] ==== System Restore Info ====================== 04/04/2015 17:14:20 Zoek.exe System Restore Point Created Successfully. ==== Reset Hosts File ====================== # Copyright (c) 1993-2006 Microsoft Corp. # # This is a sample HOSTS file used by Microsoft TCP/IP for Windows. # # This file contains the mappings of IP addresses to host names. Each # entry should be kept on an individual line. The IP address should # be placed in the first column followed by the corresponding host name. # The IP address and the host name should be separated by at least one # space. # # Additionally, comments (such as these) may be inserted on individual # lines or following the machine name denoted by a '#' symbol. # # For example: # # 102.54.94.97 rhino.acme.com # source server # 38.25.63.10 x.acme.com # x client host # localhost name resolution is handled within DNS itself. 127.0.0.1 localhost ::1 localhost ==== Empty Folders Check ====================== C:\PROGRA~2\GUPlayer deleted successfully C:\PROGRA~2\MSXML 4.0 deleted successfully C:\PROGRA~2\COMMON~1\Blizzard Entertainment deleted successfully C:\Program Files\My Dell deleted successfully C:\Users\Kauan\AppData\Roaming\Opera Software deleted successfully C:\Users\Kauan\AppData\Local\CombatArms deleted successfully C:\Users\Kauan\AppData\Local\Opera Software deleted successfully C:\Users\Kauan\AppData\Local\Warface deleted successfully ==== Deleting CLSID Registry Keys ====================== ==== Deleting CLSID Registry Values ====================== ==== Deleting Services ====================== HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\cicifiso deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\cicifiso deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\xyhigysy deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\xyhigysy deleted successfully ==== FireFox Fix ====================== Deleted from C:\Users\Kauan\AppData\Roaming\Mozilla\Firefox\Profiles\3kHJ9NFI.default\prefs.js: user_pref("browser.startup.homepage", "http://www.google.com/"); user_pref("browser.newtab.url", "www.123rede.com?oem=mbtkv3&uid=42CPT7XNT_TOSHIBAMK5061GSYN&tm=1428078008"); Added to C:\Users\Kauan\AppData\Roaming\Mozilla\Firefox\Profiles\3kHJ9NFI.default\prefs.js: user_pref("browser.startup.homepage", "about:home"); user_pref("browser.newtab.url", "about:newtab"); ProfilePath: C:\Users\Kauan\AppData\Roaming\Mozilla\Firefox\Profiles\3kHJ9NFI.default user.js not found ---- Lines browser.startup.page removed from prefs.js ---- user_pref("browser.startup.page", 1); ---- FireFox user.js and prefs.js backups ---- prefs_042015_1729_.backup ==== Deleting Files \ Folders ====================== C:\PROGRA~2\GUPlayer not found C:\PROGRA~2\OperaHelper deleted C:\Users\Kauan\.android deleted C:\Users\Kauan\AppData\Roaming\GoldenGate deleted C:\Users\Kauan\AppData\Roaming\4C4C4544-1428069401-4C10-805A-B9C04F315631 deleted C:\Users\Kauan\AppData\Roaming\4C4C4544-1428070958-4C10-805A-B9C04F315631 deleted C:\Users\Kauan\AppData\Roaming\searchult deleted C:\PROGRA~3\Package Cache deleted C:\Users\Kauan\AppData\Local\nsu56C2.tmp deleted C:\Users\Kauan\AppData\Local\4C4C4544-1428058829-4C10-805A-B9C04F315631 deleted C:\Users\Kauan\AppData\LocalLow\Company deleted C:\Users\Kauan\AppData\LocalLow\{D2020D47-707D-4E26-B4D9-739C4F4C2E9A} deleted C:\Windows\tasks\AKSM.job deleted C:\windows\SysNative\tasks\AKSM deleted C:\Windows\tasks\DOJJ.job deleted C:\windows\SysNative\tasks\DOJJ deleted C:\Windows\tasks\MAIWVPZ.job deleted C:\windows\SysNative\tasks\MAIWVPZ deleted C:\Windows\tasks\SXML.job deleted C:\windows\SysNative\tasks\SXML deleted C:\Windows\tasks\VIXJ.job deleted C:\windows\SysNative\tasks\VIXJ deleted C:\windows\SysNative\VCLOff.ini deleted C:\Windows\Syswow64\VCLOff.ini deleted C:\windows\SysNative\tasks\060184C3-9766-46a0-B258-F4518A0B2633 deleted C:\windows\SysNative\drivers\Msft_Kernel_webTinstMKTN_01009.Wdf deleted C:\Windows\SysNative\config\systemprofile\Searches deleted C:\windows\SysNative\GroupPolicy\Machine deleted C:\windows\SysNative\GroupPolicy\User deleted C:\windows\SysNative\GroupPolicy\GPT.INI deleted C:\Windows\Syswow64\GroupPolicy\gpt.ini deleted C:\Users\Kauan\AppData\Roaming\Mozilla\Firefox\Profiles\3kHJ9NFI.default\extensions\staged deleted C:\Users\Kauan\Desktop\Continue Live Installation.lnk deleted C:\Users\Kauan\AppData\Roaming\AKSM.exe deleted C:\Users\Kauan\AppData\Roaming\DOJJ.exe deleted C:\Users\Kauan\AppData\Roaming\MAIWVPZ.exe deleted C:\Users\Kauan\AppData\Roaming\SXML.exe deleted C:\Users\Kauan\AppData\Roaming\VIXJ.exe deleted C:\PROGRA~3\WeatherMini.exe deleted C:\Users\Kauan\AppData\Roaming\Mozilla\Firefox\Profiles\3kHJ9NFI.default\extensions\abs@avira.com deleted "C:\Users\Kauan\AppData\Roaming\AKSM" deleted "C:\Users\Kauan\AppData\Roaming\DOJJ" deleted "C:\Users\Kauan\AppData\Roaming\MAIWVPZ" deleted "C:\Users\Kauan\AppData\Roaming\SXML" deleted "C:\Users\Kauan\AppData\Roaming\VIXJ" deleted "C:\Users\Kauan\AppData\Roaming\ntsvc\ntsvc.exe" deleted "C:\Users\Kauan\AppData\Roaming\ntsvc" not deleted "C:\Users\Kauan\AppData\Roaming\Sublime Text 2" deleted ==== Firefox Start and Search pages ====================== ProfilePath: C:\Users\Kauan\AppData\Roaming\Mozilla\Firefox\Profiles\3kHJ9NFI.default user_pref("browser.startup.homepage", "about:home"); user_pref("browser.newtab.url", "about:newtab"); ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions] "otis@digitalpersona.com"="C:\Program Files (x86)\DigitalPersona\Bin\FirefoxExt" [01/11/2014 09:24] [HKEY_CURRENT_USER\Software\Mozilla\Firefox\Extensions] "{b9aa91db-385d-4c69-8a2f-96790aa9405b}"="c:\program files (x86)\copernic\desktopsearch4\firefoxconnector" [10/03/2015 18:08] ==== Firefox Extensions ====================== AppDir: C:\Program Files (x86)\Mozilla Firefox - Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} ==== Firefox Plugins ====================== Profilepath: C:\Users\Kauan\AppData\Roaming\Mozilla\Firefox\Profiles\3kHJ9NFI.default 0E8B2D0D9E3415A91EF259CE1112C579 - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1210150.dll - Shockwave for Director / Shockwave for Director ==== Chromium Look ====================== Google Chrome Version: 41.0.2272.118 (Latest Stable version: 41.0.2272.118) HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions flliilndjeohchalpbbcdekjklbdgfkk - No path found[] pnlccmojcmeohlpggmfnbbiapkmbliob - C:\Program Files (x86)\Siber Systems\AI RoboForm\Chrome\rf-chrome.crx[10/03/2015 18:50] HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions cnnbdaahphjgdgfhliignpepgnbnfomp - c:\program files (x86)\copernic\desktopsearch4\ChromeConnector\ChromeConnector.crx[04/11/2014 09:41] lmjegmlicamnimmfhcmpkclmigmmcbeh - No path found[] Google Slides - Administrador\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek Google Docs - Administrador\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake Google Drive - Administrador\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf YouTube - Administrador\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo Google Search - Administrador\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf Google Sheets - Administrador\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap Avast Online Security - Administrador\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki Google Wallet - Administrador\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda Gmail - Administrador\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia Download Button - Kauan\AppData\Local\Google\Chrome\User Data\Default\Extensions\alakoggmijiicdlcjjeakffojoinhlpg MindMeister - Kauan\AppData\Local\Google\Chrome\User Data\Default\Extensions\bdehgigffdnkjpaindemkaniebfaepjm Google Tradutor - Kauan\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhpehmcakkaoihgajhmlgbnddjaanael Google - Kauan\AppData\Local\Google\Chrome\User Data\Default\Extensions\dlppkpafhbajpcmmoheippocdidnckmm Google Calendar - Kauan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejjicmeblgpmajnghnpcppodonldlgfn Lista Segura - Kauan\AppData\Local\Google\Chrome\User Data\Default\Extensions\fkpfhiinfnimfpldpljanohkbjjjeobi AdBlock - Kauan\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom Bookmark Manager - Kauan\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik feedly - Kauan\AppData\Local\Google\Chrome\User Data\Default\Extensions\hipbfijinpcgfogaopmgehiegacbhmob Clearly - Kauan\AppData\Local\Google\Chrome\User Data\Default\Extensions\iooicodkiihhpojmmeghjclgihfjdjhj Google Drive App Launcher - Kauan\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh Google Dictionary (by Google) - Kauan\AppData\Local\Google\Chrome\User Data\Default\Extensions\mgijmajocgfcbeboacabfgobmjgjcoja Baixou Agora - Kauan\AppData\Local\Google\Chrome\User Data\Default\Extensions\nbfjpmeddmamejnmmppjlfglfhcjbbai Save to Pocket - Kauan\AppData\Local\Google\Chrome\User Data\Default\Extensions\niloccemoadcdkdjlinkgdfekeahmflj RSS Subscription Extension by Google - Kauan\AppData\Local\Google\Chrome\User Data\Default\Extensions\nlbjncdgjeocebhnmkbbbdekmmmcbfjd Google Wallet - Kauan\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda Evernote Web Clipper - Kauan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pioclpoplcdbaefihamjohnefbikjilc RoboForm - Kauan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pnlccmojcmeohlpggmfnbbiapkmbliob ==== Chromium Startpages ====================== C:\Users\Administrador\AppData\Local\Google\Chrome\User Data\Default\Preferences {"browser":{"check_default_browser":false,"last_known_google_url":"https://www.google.com.br/","last_prompted_google_url":"https://www.google.com.br/","window_placement":{"bottom":1030,"left":10,"maximized":true,"right":955,"top":10,"work_area_bottom":1040,"work_area_left":0,"work_area_right":1920,"work_area_top":0}},"countryid_at_install":16978,"default_apps_install_state":3,"dns_prefetching":{"host_referral_list":[2,["http://cas.ny.us.criteo.com/",["http://cat.ny.us.criteo.com/",2.60370040,"http://images.ny.us.criteo.net/",4.255301399999999,"http://static.criteo.net/",2.60370040,"http://static.ny.us.criteo.net/",2.60370040]],["http://forum.imasters.com.br/",["http://forum.imasters.com.br/",3.924981199999999,"http://googleads.g.doubleclick.net/",2.27338020,"http://i1143.photobucket.com/",4.585621599999999,"http://imasters.com.br/",6.897862999999998,"http://pagead2.googlesyndication.com/",3.264340799999999,"http://pubads.g.doubleclick.net/",2.27338020,"http://spe.atdmt.com/",2.27338020,"http://static.ak.facebook.com/",2.27338020,"https://accounts.google.com/",2.27338020,"https://s-static.ak.facebook.com/",2.27338020]],["http://googleads.g.doubleclick.net/",["http://cas.ny.us.criteo.com/",2.60370040,"http://googleads.g.doubleclick.net/",2.60370040]],["https://accounts.google.com/",["https://apis.google.com/",2.27338020,"https://oauth.googleusercontent.com/",2.27338020,"https://ssl.gstatic.com/",2.27338020]],["https://apis.google.com/",["https://apis.google.com/",2.60370040]],["https://cas.ny.us.criteo.com/",["https://cat.ny.us.criteo.com/",2.60370040,"https://images.ny.us.criteo.net/",2.93402060,"https://static.criteo.net/",2.27338020,"https://static.eu.criteo.net/",2.60370040,"https://static.ny.us.criteo.net/",2.60370040]],["https://googleads.g.doubleclick.net/",["https://cas.ny.us.criteo.com/",2.60370040,"https://googleads.g.doubleclick.net/",2.60370040]],["https://toolslib.net/",["https://analytics.general-changelog-team.fr/",2.27338020,"https://googleads.g.doubleclick.net/",2.93402060,"https://pagead2.googlesyndication.com/",3.264340799999999,"https://toolslib.net/",9.540424599999996,"https://www.gstatic.com/",2.27338020]],["https://www.facebook.com/",["https://fbstatic-a.akamaihd.net/",2.60370040]]],"startup_list":[1,"http://9.t.imgbox.com/","http://ajax.googleapis.com/","http://forum.imasters.com.br/","http://hijackthis.nl/","http://i1143.photobucket.com/","http://pagead2.googlesyndication.com/","https://apis.google.com/","https://www.google.com.br/","https://www.google.com/","https://www.googleapis.com/"]},"download":{"directory_upgrade":true},"enhanced_bookmarks_enabled":0,"extensions":{"alerts":{"initialized":true},"autoupdate":{"next_check":"13061753989501449"},"chrome_url_overrides":{"bookmarks":["chrome-extension://eemcgdkfndhakfknompkggombfjjjeno/main.html"]},"install_signature":{"expire_date":"2015-02-21","ids":["aapocclcgogkmnckokdopfmhonfmgoek","aohghmighlieiainnegkcijnfilokake","felcaaldnbdncclmgdcncolpebgiejap","gomekmidlodglbbmalcneegieacbdmki"],"invalid_ids":[],"salt":"9xwp2D8Lg/XvEcldvIDyx3+hFZNQO+vTbMpcoGcwJ3I=","signature":"NCB/kY8OlWR0pY7WvxeZ8VXu/PEH57EIDB0xHIgVKUTKHiLMsEl+85qbvDM0oNtSJAcFyBiIfOBcF42hbs70gUAgh7p7hpMePkQTOOBqS1AKynF6VZfER5LobHgZ4h/iKOtJ7ejswA0l/mhAWLgx1bhaZtZ4AXxlwXDskbBGv0grXkn0htVZBUL5L0PZUIGXCj6XMrpMkGKlPcC9cmXWkLQQe9crBL5Eb2eCUTK18vJ3dWajELJtpp8gRW34LyBuj8qwsXskKUDEtvHeJsgeQeZjya9AmMIafX00CqMVrFLrgCUXw3m5/oSN/c5N/5PxmILxEjhzE0Z1ZnjQ/C7TDw==","signature_format_version":2,"timestamp":"13061736664815080"},"last_chrome_version":"39.0.2171.71"},"intl":{"accept_languages":"pt-BR,pt,en-US,en"},"invalidator":{"client_id":"EpJF7IfcSvPeL1qr6Y3CLw=="},"media":{"device_id_salt":"Yy6Z8taHumUN6pZ4oRfG/g=="},"net":{"http_server_properties":{"servers":{"accounts.google.com:443":{"alternate_protocol":{"port":443,"probability":0.020,"protocol_str":"quic"},"settings":{"4":100},"supports_spdy":true},"ajax.googleapis.com:80":{"alternate_protocol":{"port":80,"probability":0.020,"protocol_str":"quic"}},"apis.google.com:443":{"alternate_protocol":{"port":443,"probability":0.020,"protocol_str":"quic"},"settings":{"4":100},"supports_spdy":true},"fbstatic-a.akamaihd.net:443":{"settings":{"4":20,"7":65536},"supports_spdy":true},"googleads.g.doubleclick.net:443":{"alternate_protocol":{"port":443,"probability":0.020,"protocol_str":"quic"},"settings":{"4":100},"supports_spdy":true},"googleads.g.doubleclick.net:80":{"alternate_protocol":{"port":80,"probability":0.020,"protocol_str":"quic"}},"oauth.googleusercontent.com:443":{"alternate_protocol":{"port":443,"probability":0.020,"protocol_str":"quic"},"settings":{"4":100},"supports_spdy":true},"pagead2.googlesyndication.com:443":{"alternate_protocol":{"port":443,"probability":0.020,"protocol_str":"quic"},"settings":{"4":100},"supports_spdy":true},"pagead2.googlesyndication.com:80":{"alternate_protocol":{"port":80,"probability":0.020,"protocol_str":"quic"}},"partner.googleadservices.com:80":{"alternate_protocol":{"port":80,"probability":0.020,"protocol_str":"quic"}},"pubads.g.doubleclick.net:80":{"alternate_protocol":{"port":80,"probability":0.020,"protocol_str":"quic"}},"ssl.gstatic.com:443":{"alternate_protocol":{"port":443,"probability":0.020,"protocol_str":"quic"}},"tpc.googlesyndication.com:80":{"alternate_protocol":{"port":80,"probability":0.020,"protocol_str":"quic"}},"www.facebook.com:443":{"supports_spdy":true},"www.google-analytics.com:80":{"alternate_protocol":{"port":80,"probability":0.020,"protocol_str":"quic"}},"www.google.com.br:443":{"alternate_protocol":{"port":443,"probability":0.020,"protocol_str":"quic"},"settings":{"4":100},"supports_spdy":true},"www.google.com:443":{"alternate_protocol":{"port":443,"probability":0.020,"protocol_str":"quic"},"settings":{"4":100},"supports_spdy":true},"www.googleapis.com:443":{"alternate_protocol":{"port":443,"probability":0.020,"protocol_str":"quic"},"settings":{"4":100},"supports_spdy":true},"www.googletagservices.com:80":{"alternate_protocol":{"port":80,"probability":0.020,"protocol_str":"quic"}},"www.gstatic.com:443":{"alternate_protocol":{"port":443,"probability":0.020,"protocol_str":"quic"}},"www.gstatic.com:80":{"alternate_protocol":{"port":80,"probability":0.020,"protocol_str":"quic"}}},"version":3}},"plugins":{"migrated_to_pepper_flash":true,"plugins_list":[],"removed_old_component_pepper_flash_settings":true},"profile":{"avatar_index":26,"content_settings":{"clear_on_exit_migrated":true,"pattern_pairs":{},"pref_version":1},"created_by_version":"39.0.2171.71","exit_type":"Normal","exited_cleanly":true,"icon_version":3,"managed_user_id":"","name":"Primeiro usuário","per_host_zoom_levels":{}},"protection":{"macs":{}},"proxy":{"bypass_list":"","mode":"system","server":""},"session":{"restore_on_startup_migrated":true,"startup_urls_migration_time":"13061736660692567"},"translate_accepted_count":{"en":0},"translate_blocked_languages":["pt"],"translate_denied_count":{"en":2},"translate_last_denied_time":1417263135639.072,"translate_too_often_denied":true,"translate_whitelists":{}} C:\Users\Kauan\AppData\Local\Google\Chrome\User Data\Default\Preferences "homepage": "http://www.google.com/", "startup_urls": [ "http://www.google.com/" ] ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.google.com/" "Search Page"="http://www.google.com" "Default_Page_URL"="http://www.google.com/" "Default_Search_URL"="http://www.google.com" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.google.com/" "Default_Page_URL"="http://www.google.com/" [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main] "Start Page"="http://www.google.com/" "Default_Page_URL"="http://www.google.com/" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896" "Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896" "Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157" "Start Page"="http://www.google.com/" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157" "Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157" [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main] "Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157" "Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" {012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}" {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC" ==== Reset Google Chrome ====================== C:\Users\Administrador\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully C:\Users\Administrador\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences was reset successfully C:\Users\Kauan\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully C:\Users\Kauan\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences was reset successfully C:\Users\Kauan\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences.bad was reset successfully C:\Users\Administrador\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully C:\Users\Kauan\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully C:\Users\Kauan\AppData\Local\Google\Chrome\User Data\Default\Web Data-journal was reset successfully ==== shortcuts on All Users Desktop ====================== C:\Users\Public\Desktop\Kobo.lnk - C:\Program Files (x86)\Kobo\Kobo.exe ==== shortcuts in Users Start Menu ====================== C:\Users\Kauan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk - C:\Users\Kauan\AppData\Roaming\Spotify\Spotify.exe C:\Users\Kauan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox\Dropbox.lnk - C:\Users\Kauan\AppData\Roaming\Dropbox\bin\Dropbox.exe /home C:\Users\Kauan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox\Uninstall Dropbox.lnk - C:\Users\Kauan\AppData\Roaming\Dropbox\bin\DropboxUninstaller.exe C:\Users\Kauan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Evernote\Evernote.lnk - C:\Users\Kauan\AppData\Local\Apps\Evernote\Evernote\Evernote.exe C:\Users\Kauan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Programas RFB2015\IRPF - Declaração de Ajuste Anual, Final de Espólio e Saída Definitiva do País\Ajuda do IRPF2015.lnk - C:\Users\Kauan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Programas RFB2015\IRPF - Declaração de Ajuste Anual, Final de Espólio e Saída Definitiva do País\Desinstalar IRPF2015.lnk - C:\Users\Kauan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Programas RFB2015\IRPF - Declaração de Ajuste Anual, Final de Espólio e Saída Definitiva do País\IRPF2015 - Declaração de Ajuste Anual, Final de Espólio e Saída Definitiva do País.lnk - C:\Users\Kauan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Programas RFB2015\IRPF - Declaração de Ajuste Anual, Final de Espólio e Saída Definitiva do País\Leia-me do IRPF2015.lnk - ==== shortcuts in All Users Start Menu ====================== C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Anki.lnk - C:\Program Files (x86)\Anki\anki.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Copernic Desktop Search 4.lnk - C:\Program Files (x86)\Copernic\DesktopSearch4\Copernic.DesktopSearch.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk - C:\Program Files (x86)\Microsoft Security Client\msseces.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk - C:\Program Files (x86)\Mozilla Firefox\firefox.exe www.123rede.com?oem=mbtkv3&uid=42CPT7XNT_TOSHIBAMK5061GSYN&tm=1428078008 C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pro Evolution Soccer 2015.lnk - D:\Jogos\Pro Evolution Soccer 2015\PES2015.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWelcome.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sublime Text 2.lnk - C:\Program Files (x86)\Sublime Text 2\sublime_text.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk - C:\Program Files (x86)\Windows Media Player\wmplayer.exe /prefetch:1 C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center\Ajuda.lnk - C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\CLI.exe Start Help -help C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center\AMD Catalyst Control Center.lnk - C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\CCC.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMX Mod X\AMX Mod X.lnk - C:\Program Files (x86)\AMX Mod X\Installer.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMX Mod X\AMXx Studio.lnk - C:\Program Files (x86)\AMX Mod X\amxxstudio\AMXX_Studio.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMX Mod X\Documentation.lnk - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMX Mod X\Uninstall.lnk - C:\Program Files (x86)\AMX Mod X\uninst.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMX Mod X\Website.lnk - C:\Program Files (x86)\AMX Mod X\AMX Mod X Installer.url C:\ProgramData\Microsoft\Windows\Start Menu\Programs\aTube Catcher\aTube Catcher.lnk - C:\Program Files (x86)\DsNET Corp\aTube Catcher 2.0\yct.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Counter-Strike 1.6\Counter-Strike 1.6.lnk - C:\Program Files (x86)\Counter-Strike 1.6\cstrike.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Counter-Strike 1.6\Dedicated Server.lnk - C:\Program Files (x86)\Counter-Strike 1.6\hlds.exe -nomaster -game cstrike -insecure C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Counter-Strike 1.6\Uninstall Counter-Strike 1.6.lnk - C:\Program Files (x86)\Counter-Strike 1.6\Uninstal.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dolby Axon\Dolby Axon Help.lnk - C:\Program Files (x86)\DolbyAxon\Axon.chm C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dolby Axon\Dolby Axon.lnk - C:\Program Files (x86)\DolbyAxon\Axon.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dolby Axon\Uninstall Dolby Axon.lnk - C:\Program Files (x86)\DolbyAxon\unins000.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dolby Axon\View Changelog.lnk - C:\Program Files (x86)\DolbyAxon\changelog.txt C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dolby Axon\View Known Issues.lnk - C:\Program Files (x86)\DolbyAxon\knownissues.txt C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox Folder Sync\Dropbox Folder Sync.lnk - C:\Program Files (x86)\Dropbox Folder Sync\Dropbox Folder Sync.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox Folder Sync\Uninstall Dropbox Folder Sync.lnk - C:\Program Files (x86)\Dropbox Folder Sync\unins000.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FinalWire\AIDA64 Extreme Edition\AIDA64 Extreme Edition Documentation.lnk - C:\Program Files (x86)\FinalWire\AIDA64 Extreme Edition\aida64.chm C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FinalWire\AIDA64 Extreme Edition\AIDA64 Extreme Edition on the Web.lnk - C:\Program Files (x86)\FinalWire\AIDA64 Extreme Edition\aida64.url C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FinalWire\AIDA64 Extreme Edition\AIDA64 Extreme Edition.lnk - C:\Program Files (x86)\FinalWire\AIDA64 Extreme Edition\aida64.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FinalWire\AIDA64 Extreme Edition\Uninstall AIDA64 Extreme Edition.lnk - C:\Program Files (x86)\FinalWire\AIDA64 Extreme Edition\unins000.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive\Google Docs.lnk - C:\Program Files (x86)\Google\Drive\googledrivesync.exe --new_document C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive\Google Drive.lnk - C:\Program Files (x86)\Google\Drive\googledrivesync.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive\Google Sheets.lnk - C:\Program Files (x86)\Google\Drive\googledrivesync.exe --new_spreadsheet C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive\Google Slides.lnk - C:\Program Files (x86)\Google\Drive\googledrivesync.exe --new_presentation C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\About Java.lnk - C:\Program Files\Java\jre1.8.0_40\bin\javacpl.exe -tab about C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Check For Updates.lnk - C:\Program Files\Java\jre1.8.0_40\bin\javacpl.exe -tab update C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Configurar Java.lnk - C:\Program Files (x86)\Java\jre1.8.0_40\bin\javacpl.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Configure Java.lnk - C:\Program Files\Java\jre1.8.0_40\bin\javacpl.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Get Help.lnk - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Obter Ajuda.lnk - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Sobre o Java.lnk - C:\Program Files (x86)\Java\jre1.8.0_40\bin\javacpl.exe -tab about C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Verificar Atualizações.lnk - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Visit Java.com.lnk - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Visite Java.com.lnk - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java Development Kit\Documentação de Referência.lnk - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java Development Kit\Java Mission Control.lnk - C:\Program Files\Java\jdk1.8.0_40\bin\jmc.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java Development Kit\Reference Documentation.lnk - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Codec Tweak Tool.lnk - C:\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Media Player Classic.lnk - C:\Program Files (x86)\K-Lite Codec Pack\Media Player Classic\mpc-hc.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Configuration\DirectVobSub.lnk - C:\Windows\SysWOW64\rundll32.exe "C:\Program Files (x86)\K-Lite Codec Pack\Filters\vsfilter.dll",DirectVobSub C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Configuration\ffdshow audio decoder.lnk - C:\Windows\SysWOW64\rundll32.exe "C:\Program Files (x86)\K-Lite Codec Pack\ffdshow\ffdshow.ax",configureAudio C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Configuration\ffdshow VFW interface.lnk - C:\Windows\SysWOW64\rundll32.exe "C:\Windows\SysWOW64\ff_vfw.dll",configureVFW C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Configuration\ffdshow video decoder.lnk - C:\Windows\SysWOW64\rundll32.exe "C:\Program Files (x86)\K-Lite Codec Pack\ffdshow\ffdshow.ax",configure C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Configuration\Haali Media Splitter.lnk - C:\Windows\SysWOW64\rundll32.exe "C:\Program Files (x86)\K-Lite Codec Pack\Filters\Haali\splitter.ax",Configure C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Configuration\Haali video renderer.lnk - C:\Program Files (x86)\K-Lite Codec Pack\Tools\dsconfig.exe {760A8F35-97E7-479D-AAF5-DA9EFF95D751} C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Configuration\LAV Audio.lnk - C:\Windows\system32\rundll32.exe "C:\Program Files (x86)\K-Lite Codec Pack\Filters\LAV\lavaudio.ax",OpenConfiguration C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Configuration\LAV Splitter.lnk - C:\Windows\system32\rundll32.exe "C:\Program Files (x86)\K-Lite Codec Pack\Filters\LAV\lavsplitter.ax",OpenConfiguration C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Configuration\LAV Video.lnk - C:\Windows\system32\rundll32.exe "C:\Program Files (x86)\K-Lite Codec Pack\Filters\LAV\lavvideo.ax",OpenConfiguration C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Configuration\madFLAC.lnk - C:\Program Files (x86)\K-Lite Codec Pack\Tools\dsconfig.exe {6B257121-CBB6-46B3-ABFA-B14DFA98C4A6} C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Configuration\Reset to recommended settings.lnk - C:\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe /showsections=reset_settings C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Configuration\VP7 decoder.lnk - C:\Program Files (x86)\K-Lite Codec Pack\Tools\dsconfig.exe {C204438D-6E1A-4309-B09C-0C0F749863AF} C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Configuration\Xvid encoder.lnk - C:\Windows\SysWOW64\rundll32.exe "C:\Windows\SysWOW64\xvidvfw.dll",Configure C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Help\Frequently Asked Questions.lnk - C:\Program Files (x86)\K-Lite Codec Pack\Info\faq.htm C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Tools\GraphStudioNext.lnk - C:\Program Files (x86)\K-Lite Codec Pack\Tools\GraphStudioNext.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Tools\MediaInfo.lnk - C:\Program Files (x86)\K-Lite Codec Pack\Tools\mediainfo.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Tools\VobSubStrip.lnk - C:\Program Files (x86)\K-Lite Codec Pack\Tools\VobSubStrip.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Tools\Win7DSFilterTweaker.lnk - C:\Program Files (x86)\K-Lite Codec Pack\Tools\Win7DSFilterTweaker.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Tools\Xvid StatsReader.lnk - C:\Program Files (x86)\K-Lite Codec Pack\Tools\StatsReader.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Uninstall\Uninstall K-Lite Codec Pack.lnk - C:\Program Files (x86)\K-Lite Codec Pack\unins000.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kobo\Kobo.lnk - C:\Program Files (x86)\Kobo\Kobo.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LibreOffice 4.3\LibreOffice Base.lnk - C:\Program Files (x86)\LibreOffice 4\program\sbase.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LibreOffice 4.3\LibreOffice Calc.lnk - C:\Program Files (x86)\LibreOffice 4\program\scalc.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LibreOffice 4.3\LibreOffice Draw.lnk - C:\Program Files (x86)\LibreOffice 4\program\sdraw.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LibreOffice 4.3\LibreOffice Impress.lnk - C:\Program Files (x86)\LibreOffice 4\program\simpress.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LibreOffice 4.3\LibreOffice Math.lnk - C:\Program Files (x86)\LibreOffice 4\program\smath.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LibreOffice 4.3\LibreOffice Writer.lnk - C:\Program Files (x86)\LibreOffice 4\program\swriter.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LibreOffice 4.3\LibreOffice.lnk - C:\Program Files (x86)\LibreOffice 4\program\soffice.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight\Microsoft Silverlight.lnk - C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\Silverlight.Configuration.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Minhateca.com.br\Desinstalar Minhateca.com.br Box.lnk - C:\Windows\system32\msiexec.exe /x {6A22B145-83AD-4320-946C-73E04E4D3E90} C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Minhateca.com.br\Minhateca.lnk - C:\Program Files (x86)\Minhateca.com.br Box\MinhaBox.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Oracle Database 11g Express Edition\Backup Database.lnk - C:\oraclexe\app\oracle\product\11.2.0\server\bin\Backup.bat C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Oracle Database 11g Express Edition\Conceitos Básicos.lnk - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Oracle Database 11g Express Edition\Executar Linha de Comandos SQL.lnk - C:\oraclexe\app\oracle\product\11.2.0\server\bin\sqlplus.exe /nolog C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Oracle Database 11g Express Edition\Restore Database.lnk - C:\oraclexe\app\oracle\product\11.2.0\server\bin\Restore.bat C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Oracle Database 11g Express Edition\Start Database.lnk - C:\Windows\SysWOW64\cmd.exe /k C:\oraclexe\app\oracle\product\11.2.0\server\bin\StartDB.bat C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Oracle Database 11g Express Edition\Stop Database.lnk - C:\Windows\SysWOW64\cmd.exe /k C:\oraclexe\app\oracle\product\11.2.0\server\bin\StopDB.bat C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Oracle Database 11g Express Edition\Obter Ajuda\Ir para Fórum On-line.lnk - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Oracle Database 11g Express Edition\Obter Ajuda\Ler Documentação.lnk - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Oracle Database 11g Express Edition\Obter Ajuda\Registrar em Fórum On-line.lnk - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Process Hacker 2\PE Viewer.lnk - C:\Program Files\Process Hacker 2\peview.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Process Hacker 2\Process Hacker 2.lnk - C:\Program Files (x86)\Process Hacker 2\ProcessHacker.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Process Hacker 2\Uninstall Process Hacker 2.lnk - C:\Program Files\Process Hacker 2\unins000.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Process Hacker 2\Help and Support\Changelog.lnk - C:\Program Files\Process Hacker 2\CHANGELOG.txt C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Programas RFB\Receitanet\Ajuda do Receitanet 1.04 .lnk - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Programas RFB\Receitanet\Desinstalar o Receitanet 1.04.lnk - C:\Program Files (x86)\Programas RFB\Receitanet\Desinstalador.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Programas RFB\Receitanet\Receitanet 1.04 .lnk - C:\Program Files (x86)\Programas RFB\Receitanet\Windows\Receitanet.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RoboForm\Caixa de Pesquisa.lnk - C:\Program Files (x86)\Siber Systems\AI RoboForm\identities.exe -sb C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RoboForm\Checar se há Nova Versão.lnk - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RoboForm\Desinstalar.lnk - C:\Program Files (x86)\Siber Systems\AI RoboForm\rfwipeout.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RoboForm\Gerar Senhas.lnk - C:\Program Files (x86)\Siber Systems\AI RoboForm\passwordgenerator.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RoboForm\Localizar.lnk - C:\Program Files (x86)\Siber Systems\AI RoboForm\identities.exe -s C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RoboForm\RoboForm Editor.lnk - C:\Program Files (x86)\Siber Systems\AI RoboForm\identities.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RoboForm\RoboForm Start Page.lnk - C:\Program Files (x86)\Siber Systems\AI RoboForm\identities.exe -startpage C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RoboForm\Ícone da Barra de Tarefas.lnk - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Roxio Creator Starter\Opções do Roxio Burn.lnk - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Roxio Creator Starter\Roxio Burn.lnk - C:\Program Files (x86)\Roxio\OEM\Roxio Burn\Roxio Burn.exe /STARTMENU C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Roxio Creator Starter\Roxio Creator Starter.lnk - C:\Program Files (x86)\Roxio\OEM\Roxio Central 5\RoxioCentralFx.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SpeedFan\Help and HOW-TO.lnk - C:\Program Files (x86)\SpeedFan\speedfan.chm C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SpeedFan\Release info.lnk - C:\Program Files (x86)\SpeedFan\speedfan.txt C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SpeedFan\SpeedFan.lnk - C:\Program Files (x86)\SpeedFan\speedfan.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SpeedFan\Uninstall SpeedFan.lnk - C:\Program Files (x86)\SpeedFan\uninstall.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2\Create System Report.lnk - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDLogReport.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2\File Scan.lnk - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFiles.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2\Immunization.lnk - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2\Rootkit Scan.lnk - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDRootAlyzer.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2\Spybot-S&D Start Center.lnk - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWelcome.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2\System Scan.lnk - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2\Tray Icon (Live Protection).lnk - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2\Uninstall Spybot-S&D.lnk - C:\Program Files (x86)\Spybot - Search & Destroy 2\unins000.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam\Steam.lnk - D:\Steam\Steam.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\Documentation.lnk - C:\Program Files\VideoLAN\VLC\Documentation.url C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\Release Notes.lnk - C:\Program Files\VideoLAN\VLC\NEWS.txt C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\VideoLAN Website.lnk - C:\Program Files\VideoLAN\VLC\VideoLAN Website.url C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\VLC media player - reset preferences and cache files.lnk - C:\Program Files\VideoLAN\VLC\vlc.exe --reset-config --reset-plugins-cache vlc://quit C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\VLC media player skinned.lnk - C:\Program Files (x86)\VideoLAN\VLC\vlc.exe -Iskins C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\VLC media player.lnk - C:\Program Files (x86)\VideoLAN\VLC\vlc.exe ==== shortcuts in Quick Launch ====================== C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk - C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk - C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk - C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk - C:\Users\Kauan\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Minhateca.lnk - C:\Program Files (x86)\Minhateca.com.br Box\MinhaBox.exe C:\Users\Kauan\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk - C:\Users\Kauan\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk - C:\Users\Kauan\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\µTorrent.lnk - C:\Users\Kauan\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Fraps.lnk - C:\Fraps\fraps.exe C:\Users\Kauan\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Plex Media Server.lnk - C:\Program Files (x86)\Plex\Plex Media Server\Plex Media Server.exe C:\Users\Kauan\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Pro Evolution Soccer 2013.lnk - D:\Jogos\KONAMI\Pro Evolution Soccer 2013\pes2013.exe C:\Users\Kauan\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Pro Evolution Soccer 2015.lnk - D:\Jogos\Pro Evolution Soccer 2015\PES2015.exe C:\Users\Kauan\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Processador de comandos do Windows.lnk - C:\Windows\System32\cmd.exe C:\Users\Kauan\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\services.lnk - C:\Windows\System32\services.msc C:\Users\Kauan\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Space Sniffer.lnk - C:\Program Files (x86)\Space Sniffer\SpaceSniffer.exe C:\Users\Kauan\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\sqldeveloper.lnk - C:\Program Files (x86)\sqldeveloper\sqldeveloper.exe C:\Users\Kauan\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Start Database.lnk - C:\Windows\SysWOW64\cmd.exe /k C:\oraclexe\app\oracle\product\11.2.0\server\bin\StartDB.bat C:\Users\Kauan\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Steam.lnk - D:\Steam\Steam.exe C:\Users\Kauan\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Stop Database.lnk - C:\Windows\SysWOW64\cmd.exe /k C:\oraclexe\app\oracle\product\11.2.0\server\bin\StopDB.bat C:\Users\Kauan\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Sublime Text 2.lnk - C:\Program Files (x86)\Sublime Text 2\sublime_text.exe C:\Users\Kauan\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Anki.lnk - C:\Program Files (x86)\Anki\anki.exe C:\Users\Kauan\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe www.123rede.com?oem=mbtkv3&uid=42CPT7XNT_TOSHIBAMK5061GSYN&tm=1428078008 C:\Users\Kauan\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Freemake Video Converter.lnk - C:\Program Files (x86)\Freemake\Freemake Video Converter\FreemakeVC.exe C:\Users\Kauan\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\NetBeans IDE 8.0.1.lnk - C:\Program Files (x86)\NetBeans 8.0.1\bin\netbeans64.exe C:\Users\Kauan\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Skitch.lnk - C:\Program Files (x86)\Evernote\Skitch\Skitch.exe C:\Users\Kauan\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Spotify.lnk - C:\Users\Kauan\AppData\Roaming\Spotify\Spotify.exe C:\Users\Kauan\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Sublime Text 2.lnk - C:\Program Files (x86)\Sublime Text 2\sublime_text.exe C:\Users\Kauan\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\TeamSpeak 3 Client.lnk - C:\Program Files\TeamSpeak 3 Client\ts3client_win64.exe C:\Users\Kauan\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\VLC media player.lnk - C:\Program Files (x86)\VideoLAN\VLC\vlc.exe C:\Users\Kauan\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Explorer.lnk - C:\Windows\explorer.exe C:\Users\Kauan\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\µTorrent.lnk - C:\Users\USURIO~1\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk - C:\Users\USURIO~1\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk - ==== shortcuts After Repair ====================== C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk - C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Users\Kauan\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==== Reset IE Proxy ====================== Value(s) before fix: "ProxyEnable"=dword:00000000 Value(s) after fix: "ProxyEnable"=dword:00000000 ==== Deleting Registry Keys ====================== HKEY_LOCAL_MACHINE\Software\wow6432node\Policies\Google deleted successfully ==== Empty IE Cache ====================== C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Administrador\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Kauan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Users\Kauan\AppData\Local\Temp\acrord32_sbx\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Kauan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot ==== Empty FireFox Cache ====================== C:\Users\Kauan\AppData\Local\Mozilla\Firefox\Profiles\3kHJ9NFI.default\cache2 emptied successfully ==== Empty Chrome Cache ====================== C:\Users\Administrador\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully C:\Users\Kauan\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== C:\zoek_backup content ====================== C:\zoek_backup (files=1725 folders=109 37581407 bytes) ==== Empty Temp Folders ====================== C:\Users\Administrador\AppData\Local\Temp emptied successfully C:\Users\Default\AppData\Local\Temp emptied successfully C:\Users\Default User\AppData\Local\Temp emptied successfully C:\Users\Kauan\AppData\Local\Temp will be emptied at reboot C:\Users\USURIO~1\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully C:\Windows\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\Kauan\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== Deleting Files / Folders ====================== "C:\Users\Kauan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not deleted "C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not found "C:\Users\Kauan\AppData\Roaming\ntsvc" not found ==== EOF on 04/04/2015 at 17:41:14,36 ====================== Compartilhar este post Link para o post Compartilhar em outros sites
Power Max 54 Denunciar post Postado Abril 4, 2015 Baixe o programa Junkware Removal Tool no link abaixo: http://thisisudax.org/downloads/JRT.exe Para executar corretamente o programa acima é só seguir as dicas deste tutorial: Tutorial do Junkware Removal Tool * Na sua próxima resposta poste o log (relatório) do Junkware Removal Tool que estará salvo em sua área de trabalho com o nome de JRT.txt Ficamos na espera. Compartilhar este post Link para o post Compartilhar em outros sites
gRoOvE 0 Denunciar post Postado Abril 5, 2015 Segue o log do Junkware: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Junkware Removal Tool (JRT) by Thisisu Version: 6.5.1 (04.02.2015:1) OS: Windows 7 Professional x64 Ran by Kauan on 04/04/2015 at 22:13:30,89 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~ Services ~~~ Registry Values ~~~ Registry Keys Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{E921F400-D383-4B1B-9DE6-FCFCACFC1173} ~~~ Files ~~~ Folders Successfully deleted: [Folder] "C:\ProgramData\baidu security" Successfully deleted: [Folder] "C:\ProgramData\flexnet" Successfully deleted: [Folder] "C:\ProgramData\pcdr" Failed to delete: [Folder] "C:\Users\Kauan\AppData\Roaming\flexnet" Successfully deleted: [Folder] "C:\Users\Kauan\AppData\Roaming\pcdr" ~~~ FireFox Successfully deleted the following from C:\Users\Kauan\AppData\Roaming\mozilla\firefox\profiles\3kHJ9NFI.default\prefs.js user_pref("browser.search.searchengine.desc", "this is my first firefox searchEngine"); user_pref("browser.search.searchengine.ptid", "slbnew"); user_pref("browser.search.searchengine.uid", "TOSHIBAXMK5061GSYN_42CPT7XNTXX42CPT7XNT"); ~~~ Event Viewer Logs were cleared ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Scan was completed on 04/04/2015 at 22:20:47,80 End of JRT log ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Compartilhar este post Link para o post Compartilhar em outros sites
Power Max 54 Denunciar post Postado Abril 5, 2015 Faça o download do < ZHPCleaner > < > ( ... de Nicolas Coolman )Obs: Ao acessar o link acima clique no botão Télécharger referente ao ZHPCleaner para baixá-lo, tal como mostra a imagem abaixo:Para executá-lo corretamente siga as dicas desta postagem:Tutorial completo do ZHPCleanerApós a utilização dele, copie todo o conteúdo do seu relatório ZHPCleaner.txt e poste em sua próxima resposta. Compartilhar este post Link para o post Compartilhar em outros sites
gRoOvE 0 Denunciar post Postado Abril 5, 2015 Log do ZHPCleaner: ~ ZHPCleaner v2015.4.4.155 by Nicolas Coolman (04/04/2015) ~ Run by Kauan (Administrator) (04/04/2015 22:59:10) ~ Forum : http://forum.nicolascoolman.fr ~ Facebook : https://www.facebook.com/nicolascoolman1 ~ State version : Version OK ~ Type : Reparo ~ Report : C:\Users\Kauan\Desktop\ZHPCleaner.txt ~ Quarantine : C:\Users\Kauan\AppData\Roaming\ZHP\ZHPCleaner_Quarantine.txt ~ UAC : Deactivate ~ Boot Mode : Normal (Normal boot) ~ Windows 7, 64-bit Service Pack 1 (Build 7601) ---\\ Serviços (0) ~ Nenhum ítem malicioso foi encontrado. ---\\ Navegadores de Internet (0) ~ Nenhum ítem malicioso foi encontrado. ---\\ Arquivo hosts (2) SUBSTITUIDO: Número de redirecionamentos encontrados 1/22 ---\\ Tarefas automáticas agendadas. (0) ~ Nenhum ítem malicioso foi encontrado. ---\\ Explorer ( Arquivos, Pastas) (0) ~ Nenhum ítem malicioso foi encontrado. ---\\ Registro ( Chaves, Valores, Dados ) (8) SUPRIMIDO chave*: HKCU\Software\Cinema PlusV03.04-nv-ie [] (Heuristic.CrossRider) SUPRIMIDO chave*: HKCU\Software\HQ-Video-Pro-2.1cV02.04-nv-ie [] (Heuristic.CrossRider) SUPRIMIDO chave*: HKEY_USERS\S-1-5-21-882373530-2353245900-2290519903-1000\Software\Linkey [] (PUP.LinkeySearch) SUPRIMIDO chave*: HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Linkey [] (PUP.LinkeySearch) SUPRIMIDO chave*: [X64] HKLM\SOFTWARE\Classes\WPDSupport.RCMWPDMediaManager12 [RCMWPDMediaManager Class] (Adware.DoubleD) SUPRIMIDO chave*: [X64] HKLM\SOFTWARE\Classes\WPDSupport.RCMWPDMediaManager12.1 [RCMWPDMediaManager Class] (Adware.DoubleD) SUPRIMIDO chave*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Linkey [] (PUP.LinkeySearch) SUPRIMIDO chave*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\VOPackage [] (Adware.Downware) ---\\ Resultado de reparação ~ Reparação efectuada com sucesso ~ Este navegador está faltando ! (Opera Software) ---\\ Estatísticas ~ Items scan : 69594 ~ Items encontrado : 1 ~ Items réparo : 8 End of clean at 23:08:12 =================== ZHPCleaner-[R]-04042015-23_08_12.txt Compartilhar este post Link para o post Compartilhar em outros sites
Power Max 54 Denunciar post Postado Abril 5, 2015 :seta: Faça o download do Malwarebytes em um destes links abaixo: http://www.malwarebytes.org/mbam/program/mbam-setup.exe http://downloads.malwarebytes.org/mbam-download.php Obs: Depois de acessar um destes links acima, clique no botão DOWNLOAD, como mostra a imagem abaixo: Para instalá-lo e executá-lo corretamente siga, por gentileza, as dicas desta postagem: Tutorial do Malwarebytes Anti-Malware Na sua próxima resposta poste este log (relatório) do Malwarebytes. Ficamos no aguardo. Compartilhar este post Link para o post Compartilhar em outros sites
gRoOvE 0 Denunciar post Postado Abril 5, 2015 Segue log do anti-malware: Malwarebytes Anti-Malware www.malwarebytes.org Data da Verificação: 05/04/2015 Hora da Verificação: 12:04:13 Arquivo de Log: log_anti_malware.txt Administrador: Sim Versão: 2.01.4.1018 Base de Dados de Malware: v2015.04.05.02 Base de Dados de Rootkit: v2015.03.31.01 Licença: Grátis Proteção de Malware: Desabilitado Proteção de Site Malicioso: Desabilitado Auto-Proteção: Desabilitado SO: Windows 7 Service Pack 1 Processador: x64 Sistema de Arquivos: NTFS Usuário: Kauan Tipo da Verificação: Verificação Personalizada Resultado: Terminado Objetos Verificados: 651002 Tempo Decorrido: 3 hr, 41 min, 1 seg Memória: Habilitado Inicialização: Habilitado Sistema de Arquivos: Habilitado Arquivos Compactados: Habilitado Rootkits: Habilitado Heurística: Habilitado PUP: Habilitado PUM: Habilitado Processos: 0 (Nenhum item malicioso detectado) Módulos: 0 (Nenhum item malicioso detectado) Chaves de Registro: 8 PUP.Optional.PortalSepeti, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{E921F400-D383-4B1B-9DE6-FCFCACFC1173}, Quarentena, [7680c3a5e0aaa5913d0bb77df3100ff1], PUP.Optional.PortalSepeti, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SED, Quarentena, [e70fd692bfcb8aac34e35990a85bda26], PUP.Optional.CinemaPlus.A, HKU\S-1-5-18\SOFTWARE\Cinema PlusV03.04-nv, Quarentena, [28cec4a47e0c79bdaa01d2795ea75ca4], PUP.Optional.CinemaPlus.A, HKU\S-1-5-18\SOFTWARE\Cinema PlusV03.04-nv-ie, Quarentena, [f600fa6e3d4d9b9b6b4072d952b326da], PUP.Optional.Crossbrowse.A, HKU\S-1-5-18\SOFTWARE\CrossBrowse-1.4V03.04-nv, Quarentena, [1adcee7a5139cd69d38dd8deb64d10f0], PUP.Optional.Shopperz.A, HKU\S-1-5-18\SOFTWARE\{4E7638A1-6962-4e44-A6B9-F40E84FD6D09}, Quarentena, [e80e491f1a701b1b459ef3c724df3cc4], PUP.Optional.Shopperz.A, HKU\S-1-5-19\SOFTWARE\{4E7638A1-6962-4e44-A6B9-F40E84FD6D09}, Quarentena, [6e88e682f09a66d0ca19853518ebbc44], PUP.Optional.Shopperz.A, HKU\S-1-5-20\SOFTWARE\{4E7638A1-6962-4e44-A6B9-F40E84FD6D09}, Quarentena, [66906800e4a6e74f28bb7a404cb78c74], Valores de Registro: 3 PUP.Optional.GamesDesktop.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|gmsd_br_370, Quarentena, [ca2c0b5d2d5deb4be1ff2f9bbb484fb1], PUP.Optional.GamesDesktop.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|gmsd_br_374, Quarentena, [7185d5936c1e38fe509022a85ba837c9], PUP.Optional.PortalSepeti, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SED|ImagePath, C:\Users\Kauan\AppData\Roaming\ntsvc\ntsvc.exe, Quarentena, [e70fd692bfcb8aac34e35990a85bda26] Dados de Registro: 0 (Nenhum item malicioso detectado) Pastas: 0 (Nenhum item malicioso detectado) Arquivos: 12 Keylogger.Logixoft, D:\Instaladores\Windows 7\keylogger_setup.exe, Nenhuma ação do usuário, [9165ea7ee2a859dd4b5dde23f70fd42c], PUP.RiskwareTool.CK, D:\Instaladores\Windows 7\Adobe Fireworks CS6\DLL FILE\32bit\amtlib.dll, Nenhuma ação do usuário, [ad492246830702349538c2035aa844bc], PUP.Optional.Solimba, C:\Users\Kauan\Downloads\Process Hacker.exe, Quarentena, [aa4c94d4305a46f075eb062c8c7ad32d], PUP.Optional.Protect, C:\AdwCleaner\Quarantine\C\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe.vir, Quarentena, [5e98dd8b1e6c3501398fab3f42c357a9], PUP.Optional.SmartWeb.A, C:\AdwCleaner\Quarantine\C\Users\Kauan\AppData\Local\SmartWeb\__u.exe.vir, Quarentena, [c1355e0ae8a24fe77112b14f13ef18e8], PUP.Optional.Winsock.Hijack, C:\AdwCleaner\Quarantine\C\Windows\SysWOW64\VCL.dll.vir, Quarentena, [5b9b2d3bd3b7dd593193cf6c23df7888], PUP.Optional.HQVideo.A, C:\zoek_backup\C_Users_Kauan_AppData_Roaming_AKSM.exe.vir, Quarentena, [05f10a5e8bffbd798fa86fbb75916b95], PUP.Optional.CrossRider.A, C:\zoek_backup\C_Users_Kauan_AppData_Roaming_DOJJ.exe.vir, Quarentena, [bd39165219711b1beac4012912f4d32d], PUP.Optional.CrossRider.A, C:\zoek_backup\C_Users_Kauan_AppData_Roaming_MAIWVPZ.exe.vir, Quarentena, [c13587e14c3e2e08ae00fb2f8284ca36], PUP.Optional.HQVideo.A, C:\zoek_backup\C_Users_Kauan_AppData_Roaming_SXML.exe.vir, Quarentena, [e2148ade206a1620c27591999175956b], PUP.Optional.CrossRider.A, C:\zoek_backup\C_Users_Kauan_AppData_Roaming_VIXJ.exe.vir, Quarentena, [916569ff49414de9fcb04cded0366c94], PUP.Optional.MyStartSearch.A, C:\Users\Kauan\AppData\Roaming\Mozilla\Firefox\Profiles\3kHJ9NFI.default\search.json, Bom: (), Ruim: (mystartsearch), Substituído,[72845a0ef991ee485f724de5ca3c8779] Setores Físicos: 0 (Nenhum item malicioso detectado) (end) Compartilhar este post Link para o post Compartilhar em outros sites
Power Max 54 Denunciar post Postado Abril 5, 2015 Faça o download do < ZHPDiag > < > ( ... de Nicolas Coolman ) Obs: Ao acessar o link acima clique no botão Télécharger referente ao ZHPDiag para baixá-lo, tal como mostra a imagem abaixo: Para instalá-lo e executá-lo corretamente siga as dicas deste artigo: Tutorial de instalação e execução do aplicativo ZHPDiag * Assim que ele concluir a sua verificação, copie todo o conteúdo do seu relatório ZHPDiag.txt e poste em sua próxima resposta. _____________________________________________________________________________ Obs: Caso o relatório do ZHPDiag fique muito grande e não couber na sua resposta, acesse o site Cjoint: http://cjoint.com Clique no botão Escolher arquivo > Selecione o arquivo do log (relatório) e clique no botão Abrir. Clique no botão Créer le lien Cjoint Copie o link que aparecerá ao lado da frase Le lien a été créé e poste este link em sua próxima resposta. Compartilhar este post Link para o post Compartilhar em outros sites
gRoOvE 0 Denunciar post Postado Abril 5, 2015 Segue log do ZHPDiag ~ Relatório do ZHPDiag v2015.4.4.35 - Nicolas Coolman (29/03/2015) ~ Iniciado por Kauan (05/04/2015 17:10:45) ~ Facebook : https://www.facebook.com/nicolascoolman1 ~ Endereço do Webforum : http://forum.nicolascoolman.fr ~ Tradução pelo utilizador ~ Estatuto da versão : Versão atualizada. ~ Lista Branca : Desativado pelo Utilizador ~ Elevação dos Privilégios : OK ~ Controle de Conta de Utilizador : Deactivate by user ---\\ Navegadores Internet MSIE: Internet Explorer v8.0.7601.17514 MFIE: Mozilla Firefox 36.0.1 GCIE: Google Chrome v41.0.2272.118 (Defaut) ---\\ Informações sobre os produtos Windows ~ Langage: Portugais Windows Server License Manager Script : OK Software Protection Service (Protection logicielle) : OK Windows Automatic Updates : OK Windows Activation Technologies : OK Windows 7 Professional, 64-bit Service Pack 1 (Build 7601) ---\\ Softwares de proteçao do sistema Malwarebytes Anti-Malware versão 2.1.4.1018 Spybot - Search & Destroy v2.4.40 Windows Defender W7 (Activate) ---\\ Softwares d'optimização do sistema CCleaner v5.03 ---\\ Softwares de partilha do PeerToPeer (P2P) ---\\ Monitoramento dos softwares Adobe Reader XI ---\\ Informações sobre o sistema ~ Processor: Intel64 Family 6 Model 42 Stepping 7, GenuineIntel ~ Operating System: 64 Bits Boot mode: Normal (Normal boot) Total RAM: 4002 MB (8% free) System Restore: Activé (Enable) System drive C: has 14 GB (23%) free of 60 GB ---\\ Modo de conexão ao sistema ~ Computer Name: KAUAN-PC ~ User Name: Kauan ~ All Users Names: Kauan, kaio, HomeGroupUser$, Convidado, chico, Administrador, ~ Unselected Option: None Logged in as Administrator ---\\ As variáveis de ambiente ~ System Unit : C:\ ~ %AppZHP% : C:\Users\Kauan\AppData\Roaming\ZHP\ ~ %AppData% : C:\Users\Kauan\AppData\Roaming\ ~ %Desktop% : C:\Users\Kauan\Desktop\ ~ %Favorites% : C:\Users\Kauan\Favorites\ ~ %LocalAppData% : C:\Users\Kauan\AppData\Local\ ~ %StartMenu% : C:\Users\Kauan\AppData\Roaming\Microsoft\Windows\Start Menu\ ~ %Windir% : C:\Windows\ ~ %System% : C:\Windows\System32\ ---\\ Enumeração das unidades dos discos C: Hard drive, Flash drive, Thumb drive (Free 14 Go of 60 Go) D: Hard drive, Flash drive, Thumb drive (Free 44 Go of 379 Go) E: Hard drive, Flash drive, Thumb drive (Free 0 Go of 0 Go) F: CD-ROM drive (Not Inserted) H: CD-ROM drive (Not Inserted) I: Floppy drive, Flash card reader, USB Key (Not Inserted) ---\\ Estado do Centro de Segurança do Windows [HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] DisableTaskMgr: OK [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] DisableRegistryTools: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: Modified [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowMyGames: Modified [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK [HKLM\SYSTEM\CurrentControlSet\Services\COMSysApp] Type: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime : OK ~ Security Center: 49 Scanned in 00mn 00s ---\\ Pesquisa particular de ficheiros genéricos [MD5.332FEAB1435662FC6C672E25BEB37BE3] - (.Microsoft Corporation - Windows Explorer.) (.25/02/2011 - 03:19:30.) -- C:\Windows\Explorer.exe [2871808] [MD5.94355C28C1970635A31B3FE52EB7CEBA] - (.Microsoft Corporation - Aplicativo de Inicialização do Windows.) (.13/07/2009 - 22:39:52.) -- C:\Windows\System32\Wininit.exe [129024] [MD5.F6C5302E1F4813D552F41A0AC82455E5] - (.Microsoft Corporation - Internet Extensions para Win32.) (.20/11/2010 - 10:27:28.) -- C:\Windows\System32\wininet.dll [1188864] [MD5.8CEBD9D0A0A879CDE9F36F4383B7CAEA] - (.Microsoft Corporation - Aplicativo de Logon do Windows.) (.16/07/2014 - 23:07:24.) -- C:\Windows\System32\Winlogon.exe [455168] [MD5.067FA52BFB59A56110A12312EF9AF243] - (.Microsoft Corporation - Biblioteca de Licenciamento de Software.) (.20/11/2010 - 10:27:26.) -- C:\Windows\System32\sppcomapi.dll [232448] [MD5.FA886682CFC5D36718D3E436AACF10B9] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.30/05/2014 - 03:45:52.) -- C:\Windows\system32\Drivers\AFD.sys [497152] [MD5.02062C0B390B7729EDC9E69C680A6F3C] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.13/07/2009 - 22:52:21.) -- C:\Windows\system32\Drivers\atapi.sys [24128] [MD5.B8BD2BB284668C84865658C77574381A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.13/07/2009 - 20:19:47.) -- C:\Windows\system32\Drivers\Cdfs.sys [92160] [MD5.F036CE71586E93D94DAB220D7BDF4416] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.20/11/2010 - 06:19:21.) -- C:\Windows\system32\Drivers\Cdrom.sys [147456] [MD5.9BB2EF44EAA163B29C4A4587887A0FE4] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.20/11/2010 - 06:26:32.) -- C:\Windows\system32\Drivers\DfsC.sys [102400] [MD5.97BFED39B6B79EB12CDDBFEED51F56BB] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.20/11/2010 - 07:43:43.) -- C:\Windows\system32\Drivers\HDAudBus.sys [122368] [MD5.FA55C73D4AFFA7EE23AC4BE53B4592D3] - (.Microsoft Corporation - Driver de porta i8042.) (.13/07/2009 - 20:19:57.) -- C:\Windows\system32\Drivers\i8042prt.sys [105472] [MD5.AF9B39A7E7B6CAA203B3862582E9F2D0] - (.Microsoft Corporation - IP Network Address Translator.) (.13/07/2009 - 21:10:03.) -- C:\Windows\system32\Drivers\IpNat.sys [116224] [MD5.A5D9106A73DC88564C825D317CAC68AC] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.26/04/2011 - 23:40:40.) -- C:\Windows\system32\Drivers\MRxSmb.sys [158208] [MD5.09594D1089C523423B32A4229263F068] - (.Microsoft Corporation - MBT Transport driver.) (.20/11/2010 - 06:23:20.) -- C:\Windows\system32\Drivers\netBT.sys [261632] [MD5.1A29A59A4C5BA6F8C85062A613B7E2B2] - (.Microsoft Corporation - Driver do Sistema de Arquivos NT.) (.23/01/2014 - 23:37:55.) -- C:\Windows\system32\Drivers\ntfs.sys [1684928] [MD5.0086431C29C35BE1DBC43F52CC273887] - (.Microsoft Corporation - Driver de porta paralela.) (.13/07/2009 - 21:00:41.) -- C:\Windows\system32\Drivers\Parport.sys [97280] [MD5.471815800AE33E6F1C32FB1B97C490CA] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.20/11/2010 - 07:52:35.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [129536] [MD5.1B6163C503398B23FF8B939C67747683] - (.Microsoft Corporation - Microsoft RDP Device redirector.) (.20/11/2010 - 08:06:41.) -- C:\Windows\system32\Drivers\rdpdr.sys [165888] [MD5.548260A7B8654E024DC30BF8A7C5BAA4] - (.Microsoft Corporation - SMB Transport driver.) (.13/07/2009 - 21:09:09.) -- C:\Windows\system32\Drivers\smb.sys [93184] [MD5.70988118145F5F10EF24720B97F35F65] - (.Microsoft Corporation - TDI Translation Driver.) (.10/11/2014 - 22:46:26.) -- C:\Windows\system32\Drivers\tdx.sys [119296] [MD5.0D08D2F3B3FF84E433346669B5E0F639] - (.Microsoft Corporation - Driver de cópia de sombra de volume.) (.20/11/2010 - 10:34:02.) -- C:\Windows\system32\Drivers\volsnap.sys [295808] ~ Generic Processes: Scanned in 00mn 01s ---\\ Estatuto dos ficheiros ocultos (Oculto/Total) ~ Mes Favoris (My Favorites) : 1/22 ~ Mes Documents (My Documents) : 1/3702 ~ Mon Bureau (My Desktop) : 1/16 ~ Menu demarrer (Programs) : 1/41 ~ Hidden Files: Scanned in 00mn 14s ---\\ Processos lançados [MD5.8C9D2FFFF653C623369C214E4B83FA7C] - (.DigitalPersona, Inc. - DigitalPersona Local Agent.) -- C:\Program Files (x86)\DigitalPersona\Bin\DPAgent.exe [740688] [PID.2564] [MD5.E74BF46DE94E62FA01C61EF084F7A7DD] - (.Spotify Ltd - SpotifyWebHelper.) -- C:\Users\Kauan\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2018360] [PID.3656] [MD5.9291980B154715EEBAB6BB3C0E4F1128] - (.Evernote Corp., 305 Walnut Street, Redwood - Evernote Clipper.) -- C:\Users\Kauan\AppData\Local\Apps\Evernote\Evernote\EvernoteClipper.exe [1116168] [PID.3716] [MD5.32E6162E6DD6D25EEA08F926151F22F6] - (.Valve Corporation - Steam Client Bootstrapper.) -- D:\Steam\Steam.exe [2888896] [PID.5176] [MD5.C4A43FDF7581E595ECBF11ECDCA44869] - (.Valve Corporation - Steam Client WebHelper.) -- D:\Steam\bin\steamwebhelper.exe [1543872] [PID.2020] [MD5.DDBB16DFB55D9035BD6EC4E495BBF9F0] - (...) -- D:\Steam\steamapps\common\dota 2 beta\dota.exe [289672] [PID.912] [MD5.41FCF8BEEB3B98B78C72F8CF2F5FE50C] - (.Valve Corporation - gameoverlayui.exe.) -- D:\Steam\GameOverlayUI.exe [383168] [PID.6012] [MD5.3C8939A06F10D49E27A271FE6479E22A] - (.Dolby Laboratories - Dolby Axon Launcher.) -- C:\Program Files (x86)\DolbyAxon\AxonLauncher.exe [638664] [PID.4952] [MD5.4DDA5C1029E43465604147B3E712701F] - (.Dolby Laboratories - Dolby Axon Desktop Client.) -- C:\Program Files (x86)\DolbyAxon\Axon.exe [4319432] [PID.4888] [MD5.E70D90CAB8B971A3B769C2EDDA72A24A] - (.Siber Systems Inc. - rf-chrome-nm-host.) -- C:\Program Files (x86)\Siber Systems\AI RoboForm\Chrome\rf-chrome-nm-host.exe [3212352] [PID.6080] [MD5.761017ABC629ADDBCD43992AF06AEB65] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [8195584] [PID.5840] [MD5.FC5B75CA6A1DA31EDD4F8D53F5540B98] - (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [81088] [PID.2092] [MD5.650F111D5CDA64C10AE4B9D1BA9D4FFF] - (.Atheros - Atheros Coex Service Application.) -- C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\Ath_CoexAgent.exe [146592] [PID.2148] [MD5.5C89EF3DDAFB3AE71091C956C3F1AFCE] - (.Freemake - FreemakeUtilsService.) -- C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [108032] [PID.2272] [MD5.83BB030C71C9727DCFB2737005772C4E] - (.Google Inc. - Google Crash Handler.) -- C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleCrashHandler.exe [232264] [PID.2420] [MD5.C84DA49D10EA85B8A625BFDEC9F3A2F6] - (.QNT - Net Service Handler for LocalSystem.) -- C:\Users\Kauan\AppData\Roaming\NetService\netservice.exe [211824] [PID.2684] [MD5.BBECE06936782CC63165DCA5BD7BB27F] - (.QUALCOMM, Inc. - QDLService2k.) -- C:\Program Files (x86)\QUALCOMM\QDLService2k\QDLService2kDell.exe [331512] [PID.2748] ~ Processes Running: Scanned in 00mn 01s ---\\ Google Chrome, Arranque,Pesquisa,Extensões (G0,G1,G2) C:\Users\Kauan\AppData\Local\Google\Chrome\User Data\Default\Preferences ---\\ Pasta de extensão do Google Chrome G2 - EXT: C:\Users\Kauan\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [__MSG_appName__] G2 - EXT: C:\Users\Kauan\AppData\Local\Google\Chrome\User Data\Default\Extensions\alakoggmijiicdlcjjeakffojoinhlpg [Download Button] G2 - EXT: C:\Users\Kauan\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [__MSG_appName__] G2 - EXT: C:\Users\Kauan\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [__MSG_appName__] G2 - EXT: C:\Users\Kauan\AppData\Local\Google\Chrome\User Data\Default\Extensions\bdehgigffdnkjpaindemkaniebfaepjm [MindMeister] G2 - EXT: C:\Users\Kauan\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [__MSG_appName__] G2 - EXT: C:\Users\Kauan\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [__MSG_appName__] G2 - EXT: C:\Users\Kauan\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhpehmcakkaoihgajhmlgbnddjaanael [Google Tradutor] G2 - EXT: C:\Users\Kauan\AppData\Local\Google\Chrome\User Data\Default\Extensions\dlppkpafhbajpcmmoheippocdidnckmm [__MSG_app_name__] G2 - EXT: C:\Users\Kauan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejjicmeblgpmajnghnpcppodonldlgfn [__MSG_app_name__] G2 - EXT: C:\Users\Kauan\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [__MSG_appName__] G2 - EXT: C:\Users\Kauan\AppData\Local\Google\Chrome\User Data\Default\Extensions\fkpfhiinfnimfpldpljanohkbjjjeobi [Lista Segura] G2 - EXT: C:\Users\Kauan\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [AdBlock] G2 - EXT: C:\Users\Kauan\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik [Bookmark Manager] G2 - EXT: C:\Users\Kauan\AppData\Local\Google\Chrome\User Data\Default\Extensions\hipbfijinpcgfogaopmgehiegacbhmob [feedly] G2 - EXT: C:\Users\Kauan\AppData\Local\Google\Chrome\User Data\Default\Extensions\iooicodkiihhpojmmeghjclgihfjdjhj [__MSG_meta_extension_name__] G2 - EXT: C:\Users\Kauan\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [Application Launcher for Drive (by Google)] G2 - EXT: C:\Users\Kauan\AppData\Local\Google\Chrome\User Data\Default\Extensions\mgijmajocgfcbeboacabfgobmjgjcoja [Google Dictionary (by Google)] G2 - EXT: C:\Users\Kauan\AppData\Local\Google\Chrome\User Data\Default\Extensions\nbfjpmeddmamejnmmppjlfglfhcjbbai [Baixou Agora] G2 - EXT: C:\Users\Kauan\AppData\Local\Google\Chrome\User Data\Default\Extensions\niloccemoadcdkdjlinkgdfekeahmflj [Save to Pocket] G2 - EXT: C:\Users\Kauan\AppData\Local\Google\Chrome\User Data\Default\Extensions\nlbjncdgjeocebhnmkbbbdekmmmcbfjd [__MSG_rss_subscription_name__] G2 - EXT: C:\Users\Kauan\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [__MSG_APP_NAME__] G2 - EXT: C:\Users\Kauan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pioclpoplcdbaefihamjohnefbikjilc [__MSG_ExtensionName__] G2 - EXT: C:\Users\Kauan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [__MSG_appName__] G2 - EXT: C:\Users\Kauan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pnlccmojcmeohlpggmfnbbiapkmbliob [RoboForm] ~ Google Lines Browser: 50 Scanned in 00mn 04s ---\\ Mozilla Firefox, Plugins,Arranque,Pesquisa,Extensões (P2,M0,M1,M2,M3) C:\Users\Kauan\AppData\Roaming\Mozilla\Firefox\Profiles\3kHJ9NFI.default\prefs.js M2 - MFEP: RegExtension {b9aa91db-385d-4c69-8a2f-96790aa9405b} . (...) -- M0 - MFSP: prefs.js [Kauan - 3kHJ9NFI.default] about:home P2 - FPN: [HKLM] [@java.com/DTPlugin,version=11.40.2] - (.Oracle Corporation - NPRuntime Script Plug-in Library for Java(TM) Deploy.) -- C:\Program Files\Java\jre1.8.0_40\bin\dtplugin\npDeployJava1.dll P2 - FPN: [HKLM] [@java.com/JavaPlugin,version=11.40.2] - (.Oracle Corporation - Next Generation Java Plug-in 11.40.2 for Mozilla browsers.) -- C:\Program Files\Java\jre1.8.0_40\bin\plugin2\npjp2.dll P2 - FPN: [HKLM] [@Microsoft.com/NpCtrl,version=1.0] - (. Microsoft Corporation - 5.1.30514.0.) -- C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll P2 - FPN: [HKLM] [@videolan.org/vlc,version=2.2.0] - (.VideoLAN - VLC media player Web Plugin.) -- C:\Program Files\VideoLAN\VLC\npvlc.dll =>.VideoLAN ~ Firefox Browser: 6 Scanned in 00mn 00s ---\\ Internet Explorer, Arranque, Pesquisa, URLSearchHook( gancho de URL), Phishing (R0,R1,R3,R4) R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com R0 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs = res://ieframe.dll/tabswelcome.htm R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com R3 - URLSearchHook: Microsoft Url Search Hook [64Bits] - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Navegador da Internet.) (8.00.7600.16385 (win7_rtm.090713-1255)) -- C:\Windows\SysWOW64\ieframe.dll R4 - HKLM\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,EnabledV8 = 1 R4 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\PhishingFilter,EnabledV8 = 1 ~ IE Browser: 14 Scanned in 00mn 00s ---\\ Internet Explorer, Gestão do Proxy (R5) R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll ~ Proxy management: Scanned in 00mn 00s ---\\ Análise das linhas F0, F1, F2, F3 - Ficheiros ini, Carregamento Automático de programas F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,C:\Program Files (x86)\DigitalPersona\Bin\DPAgent.exe, F2 - REG:system.ini: Shell=C:\Windows\explorer.exe F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe ~ Keys: Scanned in 00mn 00s ---\\ Redireção do ficheiro Hosts (01) ~ Le fichier hôte est sain (The hosts file is clean) (21) ~ Hosts File: Scanned in 00mn 00s ---\\ Browser Helper Objects do navegador (02) O2 - BHO: RoboForm BHO [64Bits] - {724d43a9-0d85-11d4-9908-00400523e39a} . (.Siber Systems Inc. - RoboForm Main Module.) -- C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll O2 - BHO: IESpeakDoc [64Bits] - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} . (.Atheros Commnucations - Bluetooth IE PlugIn.) -- C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\IEPlugIn.dll O2 - BHO: Java(tm) Plug-In SSV Helper [64Bits] - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} Chave orfã O2 - BHO: Java(tm) Plug-In 2 SSV Helper [64Bits] - {DBC80044-A445-435b-BC74-9C25C1C588A9} Chave orfã ~ BHO: 4 Scanned in 00mn 00s ---\\ Barras do Internet Explorer (03)) O3 - Toolbar: &RoboForm Toolbar - [HKLM]{724d43a0-0d85-11d4-9908-00400523e39a} . (.Siber Systems Inc. - RoboForm Main Module.) -- C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll ~ Toolbar: Scanned in 00mn 00s ---\\ Outras conexões do utilizador (04) O4 - GS\QuickLaunch [Kauan]: µTorrent.lnk . (.BitTorrent Inc. - µTorrent.) -- C:\Users\Kauan\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.BitTorrent O4 - GS\TaskBar [Kauan]: µTorrent.lnk . (.BitTorrent Inc. - µTorrent.) -- C:\Users\Kauan\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.BitTorrent ~ Global Startup: 2 Scanned in 00mn 04s ---\\ Aplicações iniciadas por registo & pastas (04) O4 - HKLM\..\Run: [SysTrayApp] . (.IDT, Inc. - IDT PC Audio.) -- C:\Program Files\IDT\WDM\sttray64.exe O4 - HKLM\..\Run: [IgfxTray] . (.Intel Corporation - igfxTray Module.) -- C:\Windows\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] . (.Intel Corporation - hkcmd Module.) -- C:\Windows\system32\hkcmd.exe O4 - HKLM\..\Run: [Persistence] . (.Intel Corporation - persistence Module.) -- C:\Windows\system32\igfxpers.exe O4 - HKCU\..\Run: [Spotify Web Helper] . (.Spotify Ltd - SpotifyWebHelper.) -- C:\Users\Kauan\AppData\Roaming\Spotify\SpotifyWebHelper.exe O4 - HKLM\..\Wow6432Node\Run: [StartCCC] . (.Advanced Micro Devices, Inc. - Catalyst® Control Center Launcher.) -- C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe =>.Advanced Micro Devices, Inc O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets da Área de Trabalho do Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets da Área de Trabalho do Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe O4 - HKUS\.DEFAULT\..\RunOnce: [SPReview] . (.Microsoft Corporation - SP Reviewer.) -- C:\Windows\System32\SPReview\SPReview.exe =>.Microsoft Corporation O4 - HKUS\S-1-5-18\..\RunOnce: [SPReview] . (.Microsoft Corporation - SP Reviewer.) -- C:\Windows\System32\SPReview\SPReview.exe =>.Microsoft Corporation O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation O4 - HKUS\S-1-5-21-882373530-2353245900-2290519903-1000\..\Run: [Spotify Web Helper] . (.Spotify Ltd - SpotifyWebHelper.) -- C:\Users\Kauan\AppData\Roaming\Spotify\SpotifyWebHelper.exe ~ Application: Scanned in 00mn 00s ---\\ Icones das opções IE invisiveis no painel das configurações (05) O5 - control.ini: [HKLM\..\Control Panel] inetcpl.cpl=no ~ IE Control Panel: 1 Scanned in 00mn 00s ---\\ Boutões da barra de ferramentas principal do Internet Explorer (09) O9 - Extra button: Preencher [64Bits] - {320AF880-6646-11D3-ABEE-C5DBF3571F46} . (.Siber Systems Inc. - RoboForm Main Module.) -- C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll O9 - Extra button: Salvar Formulários [64Bits] - {320AF880-6646-11D3-ABEE-C5DBF3571F49} . (.Siber Systems Inc. - RoboForm Main Module.) -- C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll O9 - Extra button: Barra de Ferramentas do RF [64Bits] - {724d43aa-0d85-11d4-9908-00400523e39a} . (.Siber Systems Inc. - RoboForm Main Module.) -- C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll O9 - Extra button: Send by Bluetooth to [64Bits] - {7815BE26-237D-41A8-A98F-F7BD75F71086} -- Chave orfã ~ IE Extra Buttons: Scanned in 00mn 00s ---\\ Winsock hijacker (Layered Service Provider) (O10) O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Network Location Awareness 2.) -- C:\Windows\system32\NLAapi.dll O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - Provedor de Correção de Nomeação de Emails.) -- C:\Windows\system32\napinsp.dll O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - PNRP Name Space Provider.) -- C:\Windows\system32\pnrpnsp.dll O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - PNRP Name Space Provider.) -- C:\Windows\system32\pnrpnsp.dll O10 - WLSP:\000000000005\Winsock LSP File . (.Microsoft Corporation - Provedor de serviços do Microsoft Windows Sockets 2.0.) -- C:\Windows\system32\mswsock.dll O10 - WLSP:\000000000006\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\Windows\system32\winrnr.dll O10 - WLSP:\000000000007\Winsock LSP File . (.Microsoft Corporation - Windows Sockets Helper DLL.) -- C:\Windows\system32\wshbth.dll ~ Winsock: 7 Scanned in 00mn 00s ---\\ Site na zona confiavél do Internet Explorer (05) O15 - Trusted Zone: [HKCU\...\Domains] *.dell.com ~ IE Zone Confiance: Scanned in 00mn 00s ---\\ Alteração Dominio/Clientes DNS (017) O17 - HKLM\System\CCS\Services\Tcpip\..\{3BAA7522-C138-44CE-A889-85CE52C8DB5C}: DhcpNameServer = 8.8.8.8 8.8.4.4 O17 - HKLM\System\CCS\Services\Tcpip\..\{F776A023-63FD-4588-BF2B-65095BBC2B59}: DhcpNameServer = 8.8.8.8 8.8.4.4 O17 - HKLM\System\CS1\Services\Tcpip\..\{3BAA7522-C138-44CE-A889-85CE52C8DB5C}: DhcpNameServer = 8.8.8.8 8.8.4.4 O17 - HKLM\System\CS1\Services\Tcpip\..\{F776A023-63FD-4588-BF2B-65095BBC2B59}: DhcpNameServer = 8.8.8.8 8.8.4.4 O17 - HKLM\System\CS2\Services\Tcpip\..\{3BAA7522-C138-44CE-A889-85CE52C8DB5C}: DhcpNameServer = 8.8.8.8 8.8.4.4 O17 - HKLM\System\CS2\Services\Tcpip\..\{F776A023-63FD-4588-BF2B-65095BBC2B59}: DhcpNameServer = 8.8.8.8 8.8.4.4 O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 8.8.8.8 8.8.4.4 ~ Domain: Scanned in 00mn 00s ---\\ Protocolo adicional (018) O18 - Handler: vbscript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visualizador de HTML da Microsoft (R).) -- C:\Windows\System32\mshtml.dll O18 - Filter: gzip [64Bits] - {8f6b0360-b80d-11d0-a9b3-006097942311} . (.Microsoft Corporation - Extensões OLE32 para Win32.) -- C:\Windows\system32\urlmon.dll ~ Protocole Additionnel: Scanned in 00mn 00s ---\\ Valor do Registo AppInit_DLLs e sub-chaves Winlogon Notify (autorun) (O20) O20 - Winlogon Notify: igfxcui . (.Intel Corporation - igfxdev Module.) -- C:\Windows\System32\igfxdev.dll ~ Winlogon: Scanned in 00mn 00s ---\\ Chave do Registo autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21) O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found. ~ SSODL: 1 Scanned in 00mn 00s ---\\ Lista dos serviços NT não Microsoft e não desativados (023) O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) . (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Andrea ST Filters Service (AESTFilters) . (.Andrea Electronics Corporation - Andrea filters APO access service (64-bit).) - C:\Program Files\IDT\WDM\AESTSr64.exe O23 - Service: (AMD External Events Utility) . (.AMD - AMD External Events Service Module.) - C:\Windows\System32\atiesrxx.exe O23 - Service: Atheros Bt&Wlan Coex Agent (Atheros Bt&Wlan Coex Agent) . (.Atheros - Atheros Coex Service Application.) - C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\Ath_CoexAgent.exe O23 - Service: AtherosSvc (AtherosSvc) . (.Atheros Commnucations - AdminService Application.) - C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\adminservice.exe O23 - Service: C:\Program Files\DigitalPersona\Bin\DpHostW.exe (DpHost) . (.DigitalPersona, Inc. - DigitalPersona Local Host.) - C:\Program Files\DigitalPersona\Bin\DpHostW.exe O23 - Service: Freemake Improver (Freemake Improver) . (.Freemake - FreemakeUtilsService.) - C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe O23 - Service: Serviço do Google Update (gupdate) (gupdate) . (.Google Inc. - Google Installer.) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: (MBAMService) . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe O23 - Service: Net.Tcp Service Handler (NetTcpHandler) . (.QNT - Net Service Handler for LocalSystem.) - C:\Users\Kauan\AppData\Roaming\NetService\netservice.exe O23 - Service: Qualcomm Gobi 2000 Download Service (Dell) (QDLService2kDell) . (.QUALCOMM, Inc. - QDLService2k.) - C:\Program Files (x86)\QUALCOMM\QDLService2k\QDLService2kDell.exe O23 - Service: Roxio Hard Drive Watcher 12 (RoxWatch12) . (.Sonic Solutions - RoxWatch12 Module.) - C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe O23 - Service: C:\Windows\System32\stlang64.dll (STacSV) . (.IDT, Inc. - IDT PC Audio.) - C:\Program Files\IDT\WDM\STacSV64.exe O23 - Service: Synaptics FP WBF Policy Service (valWBFPolicyService) . (.Synaptics Incorporated - Synaptics WBF Policy Service (CMN).) - C:\Windows\System32\valWBFPolicyService.exe ~ Services: 14 Scanned in 00mn 07s ---\\ Enumeração Ativa do Ambiente de trabalho & Editor MHTML (024) O24 - Default MHTML Editor: Last - .(...) - (.not file.) ~ Desktop Component: 4 Scanned in 00mn 00s ---\\ Listagem dos dados do BootExecute (Bex) (034) O34 - HKLM BootExecute: (autocheck autochk *) - File not found O34 - HKLM BootExecute: (sdnclean64.exe) - File not found ~ BEX: 2 Scanned in 00mn 00s ---\\ Tarefas planificadas automaticamente (039) [MD5.3E04F1E482357B1FC8B088197C3D9FF8] [APT] [Adobe Acrobat Update Task] (.Adobe Systems Incorporated.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152] [MD5.00000000000000000000000000000000] [APT] [brbrw_1614] (...) -- C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\Crossbrowse.exe (.not file.) [0] =>PUP.CrossBrowse [MD5.2B24F194FC5B657397ECB2923A68350E] [APT] [CCleanerSkipUAC] (.Piriform Ltd.) -- C:\Program Files\CCleaner\CCleaner.exe [5503768] [MD5.51508F0C2476177E50C31B0BBFBF1BDB] [APT] [GoogleUpdateTaskMachineCore] (.Google Inc..) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [107912] [MD5.51508F0C2476177E50C31B0BBFBF1BDB] [APT] [GoogleUpdateTaskMachineUA] (.Google Inc..) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [107912] [MD5.00000000000000000000000000000000] [APT] [{3CE4E715-42AA-4806-910F-E4E974253896}] (...) -- C:\Users\Kauan\AppData\Local\Temp\jre-8u31-windows-au.exe (.not file.) [0] [MD5.00000000000000000000000000000000] [APT] [{41B35E0F-4C4F-4F40-8BBF-7CC837764DDD}] (...) -- C:\Users\Kauan\AppData\Roaming\mystartsearch\UninstallManager.exe (.not file.) [0] =>PUP.StartSearch [MD5.00000000000000000000000000000000] [APT] [{5CFA46BC-DA31-4858-BDF1-B437EB932463}] (...) -- D:\Jogos\Counter Strike 1.6\Counter Strike 1.6 Maps.exe (.not file.) [0] [MD5.9CCE733E5262FB92C2331E8578512B49] [APT] [Check for updates] (.Safer-Networking Ltd..) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe [4747720] [MD5.48FAE038F51676A795CEFAD780448D94] [APT] [Refresh immunization] (.Safer-Networking Ltd..) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe [4460472] [MD5.280C014187E24860A7C860329513208F] [APT] [Scan the system] (.Safer-Networking Ltd..) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe [4818848] O39 - APT: GoogleUpdateTaskMachineCore - (.Google Inc..) -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job [1066] O39 - APT: GoogleUpdateTaskMachineCore - (.Google Inc..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore [1066] O39 - APT: GoogleUpdateTaskMachineUA - (.Google Inc..) -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job [1070] O39 - APT: GoogleUpdateTaskMachineUA - (.Google Inc..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA [1070] ~ Scheduled Task: 14 Scanned in 00mn 07s ---\\ Componentes instalados (ActiveSetup Installed Components) (040) O40 - ASIC: Microsoft Windows Media Player [64Bits] - >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Recursos do Windows Media Player.) -- C:\Windows\System32\wmploc.dll =>.Microsoft Corporation O40 - ASIC: Internet Explorer [64Bits] - >{26923b43-4d38-484f-9b9e-de460746276c} . (.Microsoft Corporation - Utilitário de Inicialização por Usuário do Internet Explorer.) -- C:\Windows\System32\ie4uinit.exe O40 - ASIC: Browser Customizations [64Bits] - >{60B49E34-C7CC-11D0-8953-00A0C90347FF} . (.Microsoft Corporation - Identidade visual IEAK.) -- C:\Windows\System32\iedkcs32.dll O40 - ASIC: Microsoft Windows Media Player 12.0 [64Bits] - {22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Windows Media Player Extension.) -- C:\Windows\SysWOW64\wmpdxm.dll =>.Microsoft Corporation O40 - ASIC: Themes Setup [64Bits] - {2C7339CF-2B09-4501-B3F3-F3508C9228ED} . (.Microsoft Corporation - API de tema do Windows.) -- C:\Windows\System32\themeui.dll O40 - ASIC: Microsoft Windows [64Bits] - {44BBA840-CC51-11CF-AAFA-00AA00B6015C} . (.Microsoft Corporation - Windows Mail.) -- C:\Program Files (x86)\Windows Mail\WinMail.exe =>.Microsoft Corporation O40 - ASIC: Browsing Enhancements [64Bits] - {630b1da0-b465-11d1-9948-00c04f98bbc9} . (.Microsoft Corporation - Extensão shell da pasta FTP do Microsoft Internet Explorer.) -- C:\Windows\System32\msieftp.dll O40 - ASIC: Microsoft Windows Media Player [64Bits] - {6BF52A52-394A-11d3-B153-00C04F79FAA6} . (.Microsoft Corporation - Recursos do Windows Media Player.) -- C:\Windows\System32\wmploc.dll =>.Microsoft Corporation O40 - ASIC: Windows Desktop Update [64Bits] - {89820200-ECBD-11cf-8B85-00AA005B4340} . (.Microsoft Corporation - DLL comum do Shell do Windows.) -- C:\Windows\System32\shell32.dll O40 - ASIC: Web Platform Customizations [64Bits] - {89820200-ECBD-11cf-8B85-00AA005B4383} . (.Microsoft Corporation - Utilitário de Inicialização por Usuário do Internet Explorer.) -- C:\Windows\System32\ie4uinit.exe O40 - ASIC: (no name) [64Bits] - {89B4C1CD-B018-4511-B0A1-5476DBF70820} . (.Microsoft Corporation - Microsoft .NET IE SECURITY REGISTRATION.) -- C:\Windows\system32\mscories.dll O40 - ASIC: Google Chrome [64Bits] - {8A69D345-D564-463c-AFF1-A69D9E530F96} . (.Google Inc. - Google Chrome Installer.) -- C:\Program Files (x86)\Google\Chrome\Application\41.0.2272.118\Installer\chrmstp.exe ~ Active Setup: 12 Scanned in 00mn 00s ---\\ Drivers lançados ao arranque do sistema (041) O41 - Driver: C:\Windows\System32\drivers\afd.sys (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\Windows\system32\drivers\afd.sys O41 - Driver: (blbdrive) . (.Microsoft Corporation - BLB Drive Driver.) - C:\Windows\System32\DRIVERS\blbdrive.sys O41 - Driver: (BprotectEx) . (.Baidu, Inc. - Baidu Antivirus Minifilter Driver.) - C:\Windows\system32\drivers\BprotectEx.sys O41 - Driver: (cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\Windows\system32\drivers\cdrom.sys O41 - Driver: C:\Windows\System32\cscsvc.dll (CSC) . (.Microsoft Corporation - Windows Client Side Caching Driver.) - C:\Windows\System32\drivers\csc.sys O41 - Driver: C:\Windows\System32\drivers\dfsc.sys (DfsC) . (.Microsoft Corporation - DFS Namespace Client Driver.) - C:\Windows\System32\Drivers\dfsc.sys O41 - Driver: C:\Windows\System32\drivers\discache.sys (discache) . (.Microsoft Corporation - System Indexer/Cache Driver.) - C:\Windows\System32\drivers\discache.sys O41 - Driver: (dtsoftbus01) . (.Disc Soft Ltd - DAEMON Tools Virtual Bus Driver.) - C:\Windows\System32\DRIVERS\dtsoftbus01.sys O41 - Driver: (mssmbios) . (.Microsoft Corporation - System Management BIOS Driver.) - C:\Windows\system32\drivers\mssmbios.sys O41 - Driver: (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\Windows\System32\DRIVERS\netbios.sys O41 - Driver: C:\Windows\System32\drivers\netbt.sys (NetBT) . (.Microsoft Corporation - MBT Transport driver.) - C:\Windows\System32\DRIVERS\netbt.sys O41 - Driver: C:\Windows\System32\drivers\nsiproxy.sys (nsiproxy) . (.Microsoft Corporation - NSI Proxy.) - C:\Windows\System32\drivers\nsiproxy.sys O41 - Driver: C:\Windows\System32\drivers\pacer.sys (Psched) . (.Microsoft Corporation - Agendador de pacotes de serviço.) - C:\Windows\System32\DRIVERS\pacer.sys O41 - Driver: C:\Windows\System32\wkssvc.dll (rdbss) . (.Microsoft Corporation - Driver do Subsistema de Buffer da Unidade R.) - C:\Windows\System32\DRIVERS\rdbss.sys O41 - Driver: C:\Windows\System32\DRIVERS\RDPCDD.sys (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\System32\DRIVERS\RDPCDD.sys O41 - Driver: C:\Windows\System32\drivers\RDPENCDD.sys (RDPENCDD) . (.Microsoft Corporation - RDP Encoder Miniport.) - C:\Windows\System32\drivers\rdpencdd.sys O41 - Driver: C:\Windows\System32\drivers\RdpRefMp.sys (RDPREFMP) . (.Microsoft Corporation - RDP Reflector Driver Miniport.) - C:\Windows\System32\drivers\rdprefmp.sys O41 - Driver: C:\Windows\System32\tcpipcfg.dll (tdx) . (.Microsoft Corporation - TDI Translation Driver.) - C:\Windows\System32\DRIVERS\tdx.sys O41 - Driver: (TermDD) . (.Microsoft Corporation - Remote Desktop Server Driver.) - C:\Windows\system32\drivers\termdd.sys O41 - Driver: (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\Windows\system32\drivers\vga.sys O41 - Driver: (vwififlt) . (.Microsoft Corporation - Virtual WiFi Filter Driver.) - C:\Windows\System32\DRIVERS\vwififlt.sys O41 - Driver: C:\Windows\System32\rascfg.dll (Wanarpv6) . (.Microsoft Corporation - MS Remote Access and Routing ARP Driver.) - C:\Windows\System32\DRIVERS\wanarp.sys O41 - Driver: (WfpLwf) . (.Microsoft Corporation - WFP NDIS 6.20 Lightweight Filter Driver.) - C:\Windows\System32\DRIVERS\wfplwf.sys O41 - Driver: Ambiente de suporte a provedores de serviços não-IFS do Windows Socket 2.0 (ws2ifsl) . (.Microsoft Corporation - Winsock2 IFS Layer.) - C:\Windows\system32\drivers\ws2ifsl.sys ~ Drivers: 72 Scanned in 00mn 01s ---\\ Software instalados (042) O42 - Logiciel: 7-Zip 9.20 (x64 edition) - (.Igor Pavlov.) [HKLM][64Bits] -- {23170F69-40C1-2702-0920-000001000000} O42 - Logiciel: AIDA64 Extreme Edition v2.50 - (.FinalWire Ltd..) [HKLM][64Bits] -- AIDA64 Extreme Edition_is1 O42 - Logiciel: AMD Accelerated Video Transcoding - (.Advanced Micro Devices, Inc..) [HKLM][64Bits] -- {8F2415FA-72F2-F029-0450-4EB2FAE484C5} O42 - Logiciel: AMD Catalyst Install Manager - (.Advanced Micro Devices, Inc..) [HKLM][64Bits] -- {F2A7CE36-57BF-5C86-952D-90DBF3746D82} O42 - Logiciel: AMD Drag and Drop Transcoding - (.Advanced Micro Devices, Inc..) [HKLM][64Bits] -- {F6BF49D7-479E-23FE-A8A9-63D193D05697} O42 - Logiciel: AMD Wireless Display v3.0 - (.Advanced Micro Devices, Inc..) [HKLM][64Bits] -- {426582A8-202F-D13C-8BD5-F00551BAFC93} O42 - Logiciel: AMX Mod X Installer 1.8.1 - (.AMX Mod X Dev Team.) [HKLM][64Bits] -- AMX Mod X Installer O42 - Logiciel: Adobe Reader XI (11.0.10) - Português - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {AC76BA86-7AD7-1046-7B44-AB0000000001} O42 - Logiciel: Adobe Refresh Manager - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {AC76BA86-0804-1033-1959-001802114130} O42 - Logiciel: Adobe Shockwave Player 12.1 - (.Adobe Systems, Inc..) [HKLM][64Bits] -- Adobe Shockwave Player O42 - Logiciel: Anki - (...) [HKLM][64Bits] -- Anki O42 - Logiciel: Apache Tomcat 8.0.9 - (...) [HKLM][64Bits] -- nbi-tomcat-8.0.9.0.0 O42 - Logiciel: Ares 2.2.8 - (.Seekar Ltd.) [HKLM][64Bits] -- Ares O42 - Logiciel: Battle.net - (.Blizzard Entertainment.) [HKLM][64Bits] -- Battle.net O42 - Logiciel: CCleaner - (.Piriform.) [HKLM][64Bits] -- CCleaner O42 - Logiciel: Catalyst Control Center - Branding - (.Advanced Micro Devices, Inc..) [HKLM][64Bits] -- {11087D24-567D-7D88-69C6-D7A08B5F4C47} O42 - Logiciel: Central de Mouse e Teclado da Microsoft - (.Microsoft Corporation.) [HKLM][64Bits] -- Microsoft Mouse and Keyboard Center O42 - Logiciel: Copernic Desktop Search 4 - (.Copernic.) [HKLM][64Bits] -- CopernicDesktopSearch4 O42 - Logiciel: Counter-Strike 1.6 - (...) [HKLM][64Bits] -- Counter-Strike 1.6 O42 - Logiciel: DAEMON Tools Lite - (.Disc Soft Ltd.) [HKLM][64Bits] -- DAEMON Tools Lite =>.DT Soft Ltd O42 - Logiciel: Dell Touchpad - (.ALPS ELECTRIC CO., LTD..) [HKLM][64Bits] -- {9F72EF8B-AEC9-4CA5-B483-143980AFD6FD} O42 - Logiciel: Dell WLAN and Bluetooth Client Installation - (.Dell Inc..) [HKLM][64Bits] -- {28006915-2739-4EBE-B5E8-49B25D32EB33} O42 - Logiciel: DigitalPersona Fingerprint Software 5.20 - (.DigitalPersona, Inc..) [HKLM][64Bits] -- {C0C2D40A-1231-46FA-8F02-B45E6BF2036A} O42 - Logiciel: DirectX 9 Runtime - (.Sonic Solutions.) [HKLM][64Bits] -- {AF9E97C1-7431-426D-A8D5-ABE40995C0B1} O42 - Logiciel: Dolby Axon - 1.5.1.1 - (.Dolby Laboratories.) [HKLM][64Bits] -- {17936630-5344-4F18-9970-616129E2A114}_is1 O42 - Logiciel: Dota 2 - (.Valve.) [HKLM][64Bits] -- Steam App 570 O42 - Logiciel: Dropbox - (.Dropbox, Inc..) [HKCU][64Bits] -- Dropbox O42 - Logiciel: Dropbox Folder Sync addon - (.Sowrabh & Satyadeep.) [HKLM][64Bits] -- {E0B7CA7A-98B0-4EF1-87F5-FF6B02DC06A9}_is1 O42 - Logiciel: Evernote v. 5.8.4 - (.Evernote Corp..) [HKLM][64Bits] -- {C15841A6-C20A-11E4-977D-00163E98E7D6} O42 - Logiciel: Fraps - (...) [HKLM][64Bits] -- Fraps O42 - Logiciel: Freemake Video Converter versão 4.1.5 - (.Ellora Assets Corporation.) [HKLM][64Bits] -- Freemake Video Converter_is1 O42 - Logiciel: Google Chrome - (.Google Inc..) [HKLM][64Bits] -- Google Chrome O42 - Logiciel: Google Drive - (.Google, Inc..) [HKLM][64Bits] -- {6C36881B-0E51-4231-9D02-BF2149664D34} O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM][64Bits] -- {60EC980A-BDA2-4CB6-A427-B07A5498B4CA} O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM][64Bits] -- {A92DAB39-4E2C-4304-9AB6-BC44E68B55E2} O42 - Logiciel: IDT Audio - (.IDT.) [HKLM][64Bits] -- {E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001} O42 - Logiciel: IRPF2015 - Declaração de Ajuste Anual, Final de Espólio e Saída Definitiva - (.Receita Federal do Brasil.) [HKLM][64Bits] -- IRPF2015 O42 - Logiciel: Intel(R) Chipset Device Software - (.Intel Corporation.) [HKLM][64Bits] -- {B7CC660E-F31D-490C-BD2A-2CB2EC5A5E3A} O42 - Logiciel: Intel(R) Processor Graphics - (.Intel Corporation.) [HKLM][64Bits] -- {F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA} O42 - Logiciel: Intel(R) SDK for OpenCL - CPU Only Runtime Package - (.Intel Corporation.) [HKLM][64Bits] -- {FCB3772C-B7D0-4933-B1A9-3707EBACC573} O42 - Logiciel: Java 8 Update 40 (64-bit) - (.Oracle Corporation.) [HKLM][64Bits] -- {26A24AE4-039D-4CA4-87B4-2F86418040F0} O42 - Logiciel: Java SE Development Kit 8 Update 40 (64-bit) - (.Oracle Corporation.) [HKLM][64Bits] -- {64A3A4F4-B792-11D6-A78A-00B0D0180400} O42 - Logiciel: K-Lite Mega Codec Pack 8.9.2 - (...) [HKLM][64Bits] -- KLiteCodecPack_is1 O42 - Logiciel: Kobo - (.Rakuten Kobo Inc..) [HKLM][64Bits] -- Kobo O42 - Logiciel: Legendas 3.1 - (.LegendasBrasil.com.br.) [HKLM][64Bits] -- {461C0377-D2EC-4FB0-B038-847BC6455432}_is1 O42 - Logiciel: LibreOffice 4.3.5.2 - (.The Document Foundation.) [HKLM][64Bits] -- {1D4E90DA-C33C-40ED-BA00-75F6E6DF9CB0} O42 - Logiciel: MSXML 4.0 SP2 (KB954430) - (.Microsoft Corporation.) [HKLM][64Bits] -- {86493ADD-824D-4B8E-BD72-8C5DCDC52A71} O42 - Logiciel: MSXML 4.0 SP2 (KB973688) - (.Microsoft Corporation.) [HKLM][64Bits] -- {F662A8E6-F4DC-41A2-901E-8C11F044BDEC} O42 - Logiciel: Malwarebytes Anti-Malware versão 2.1.4.1018 - (.Malwarebytes Corporation.) [HKLM][64Bits] -- Malwarebytes Anti-Malware_is1 O42 - Logiciel: Microsoft Silverlight - (.Microsoft Corporation.) [HKLM][64Bits] -- {89F4137D-6C26-4A84-BDB8-2E5A4BB71E00} O42 - Logiciel: Minhateca.com.br Box - (.Minhateca.com.br.) [HKLM][64Bits] -- {6A22B145-83AD-4320-946C-73E04E4D3E90} O42 - Logiciel: Mozilla Firefox 36.0.1 (x86 pt-BR) - (.Mozilla.) [HKLM][64Bits] -- Mozilla Firefox 36.0.1 (x86 pt-BR) O42 - Logiciel: Mozilla Maintenance Service - (.Mozilla.) [HKLM][64Bits] -- MozillaMaintenanceService O42 - Logiciel: NetBeans IDE 8.0.1 - (.NetBeans.org.) [HKLM][64Bits] -- nbi-nb-base-8.0.1.0.201408251540 O42 - Logiciel: Oracle Database 11g Express Edition - (.Oracle Corporation.) [HKLM][64Bits] -- InstallShield_{05A7B662-80A3-4EB9-AE1D-89A62449431C} O42 - Logiciel: Oracle Database 11g Express Edition - (.Oracle Corporation.) [HKLM][64Bits] -- {05A7B662-80A3-4EB9-AE1D-89A62449431C} O42 - Logiciel: PhotoShowExpress - (.Sonic Solutions.) [HKLM][64Bits] -- {3250260C-7A95-4632-893B-89657EB5545B} O42 - Logiciel: Plex Media Server - (.Plex, Inc..) [HKLM][64Bits] -- {5ea93dc7-0906-47a6-8033-d26ed443f0a8} O42 - Logiciel: Plex Media Server - (.Plex, Inc..) [HKLM][64Bits] -- {ACC30F1F-7964-4B30-891A-BAF642A0D1E1} O42 - Logiciel: Pro Evolution Soccer 2013 - (.KONAMI.) [HKLM][64Bits] -- {C2523AE6-F335-4D0B-BC15-1C07E4ACE629} O42 - Logiciel: Pro Evolution Soccer 2015 - (...) [HKLM][64Bits] -- UHJvRXZvbHV0aW9uU29jY2VyMjAxNQ==_is1 O42 - Logiciel: Process Hacker 2.33 (r5590) - (.wj32.) [HKLM][64Bits] -- Process_Hacker2_is1 O42 - Logiciel: Qualcomm Gobi 2000 Package for Dell - (.QUALCOMM.) [HKLM][64Bits] -- {55958FAE-1862-4EE5-96BB-B9309CACE1C0} O42 - Logiciel: RBVirtualFolder64Inst - (.Roxio, Inc..) [HKLM][64Bits] -- {9D6DFAD6-09E5-445E-A4B5-A388FEEBD90D} O42 - Logiciel: Realtek Ethernet Controller Driver - (.Realtek.) [HKLM][64Bits] -- {8833FFB6-5B0C-4764-81AA-06DFEED9A476} O42 - Logiciel: Receitanet - (.Serpro - Serviço Federal de Processamento de Dados.) [HKLM][64Bits] -- ECC16E3C-16D1-4DC2-9D8A-6AC06B3005A5 O42 - Logiciel: RoboForm 7-9-12-2 (All Users) - (.Siber Systems.) [HKLM][64Bits] -- AI RoboForm O42 - Logiciel: Roxio Activation Module - (.Roxio.) [HKLM][64Bits] -- {A121EEDE-C68F-461D-91AA-D48BA226AF1C} O42 - Logiciel: Roxio BackOnTrack - (.Roxio.) [HKLM][64Bits] -- {5A06423A-210C-49FB-950E-CB0EB8C5CEC7} O42 - Logiciel: Roxio Burn - (.Roxio.) [HKLM][64Bits] -- {7746BFAA-2B5D-4FFD-A0E8-4558F4668105} O42 - Logiciel: Roxio Creator Starter - (.Roxio.) [HKLM][64Bits] -- {6F0BBEFE-BE1C-419B-BA1F-D36C9E7915BC} O42 - Logiciel: Roxio Creator Starter - (.Roxio.) [HKLM][64Bits] -- {EF56258E-0326-48C5-A86C-3BAC26FC15DF} O42 - Logiciel: Roxio Creator Starter - (.Roxio.) [HKLM][64Bits] -- {F06B5C4C-8D2E-4B24-9D43-7A45EEC6C878} O42 - Logiciel: Roxio Express Labeler 3 - (.Roxio.) [HKLM][64Bits] -- {6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA} O42 - Logiciel: Roxio File Backup - (.Roxio.) [HKLM][64Bits] -- {60B2315F-680F-4EB3-B8DD-CCDC86A7CCAB} O42 - Logiciel: Skitch - (.Evernote Corp..) [HKLM][64Bits] -- Skitch 2.3.2.173 O42 - Logiciel: Software de dispositivo do Chipset Intel® - (.Intel(R) Corporation.) [HKLM][64Bits] -- {e48a2f61-851a-4155-82f9-af1b04db8c3b} O42 - Logiciel: Sonic CinePlayer Decoder Pack - (.Sonic Solutions.) [HKLM][64Bits] -- {9A00EC4E-27E1-42C4-98DD-662F32AC8870} O42 - Logiciel: Spotify - (.Spotify AB.) [HKCU][64Bits] -- Spotify O42 - Logiciel: Spybot - Search & Destroy - (.Safer-Networking Ltd..) [HKLM][64Bits] -- {B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1 O42 - Logiciel: StarCraft II - (.Blizzard Entertainment.) [HKLM][64Bits] -- StarCraft II O42 - Logiciel: Steam - (.Valve Corporation.) [HKLM][64Bits] -- Steam O42 - Logiciel: Sublime Text 2.0.2 - (...) [HKLM][64Bits] -- Sublime Text 2_is1 O42 - Logiciel: TI USB 3.0 Host Controller Driver - (.Texas Instruments Inc..) [HKLM][64Bits] -- InstallShield_{B1EB7FFF-6E44-43D8-869D-B78E44CD3E0F} O42 - Logiciel: TI USB3 Host Driver - (.Texas Instruments Inc..) [HKLM][64Bits] -- {B1EB7FFF-6E44-43D8-869D-B78E44CD3E0F} O42 - Logiciel: TeamSpeak 3 Client - (.TeamSpeak Systems GmbH.) [HKLM][64Bits] -- TeamSpeak 3 Client O42 - Logiciel: VLC media player - (.VideoLAN.) [HKLM][64Bits] -- VLC media player =>.VideoLAN O42 - Logiciel: Windows 7 USB/DVD Download Tool - (.Microsoft Corporation.) [HKLM][64Bits] -- {CCF298AF-9CE1-4B26-B251-486E98A34789} O42 - Logiciel: aTube Catcher versão 3.8 - (.DsNET Corp.) [HKLM][64Bits] -- {D43B360E-722D-421B-BC77-20B9E0F8B6CD}_is1 O42 - Logiciel: swMSM - (.Adobe Systems, Inc.) [HKLM][64Bits] -- {612C34C7-5E90-47D8-9B5C-0F717DD82726} O42 - Logiciel: µTorrent - (.BitTorrent Inc..) [HKCU][64Bits] -- uTorrent =>P2P.BitTorrent ~ Logic: 65 Scanned in 00mn 00s ---\\ HKCU & HKLM Software Keys [HKCU\Software\7-Zip] [HKCU\Software\AKSM] [HKCU\Software\AMD] [HKCU\Software\AOL] [HKCU\Software\ATI] [HKCU\Software\Adobe] [HKCU\Software\Alps] [HKCU\Software\AppDataLow\Software\DigitalPersona] [HKCU\Software\AppDataLow\Software\JavaSoft] [HKCU\Software\AppDataLow] [HKCU\Software\Ares] [HKCU\Software\Atheros] [HKCU\Software\Baidu Security] [HKCU\Software\Baixaki] [HKCU\Software\BitTorrent] =>P2P.BitTorrent [HKCU\Software\Blizzard Entertainment] [HKCU\Software\Browser] [HKCU\Software\CarbonGames] [HKCU\Software\Chromium] [HKCU\Software\CinemaPlusV03.04] [HKCU\Software\Classes] [HKCU\Software\Clients] [HKCU\Software\Copernic] [HKCU\Software\DOJJ] [HKCU\Software\DSS] [HKCU\Software\DigitalPersona] [HKCU\Software\Disc Soft] [HKCU\Software\Dolby] [HKCU\Software\Evernote] [HKCU\Software\FLEXnet] [HKCU\Software\FinalWire] [HKCU\Software\Fraps3] [HKCU\Software\Freemake] [HKCU\Software\GNU] [HKCU\Software\Gabest] [HKCU\Software\GoldenGate] [HKCU\Software\Google] [HKCU\Software\Haali] [HKCU\Software\IM Providers] [HKCU\Software\Icaros] [HKCU\Software\Intel] [HKCU\Software\JavaSoft] [HKCU\Software\Kobo] [HKCU\Software\Kromtech] [HKCU\Software\L2j Community Network] [HKCU\Software\LAV] [HKCU\Software\MAIWVPZ] [HKCU\Software\Macromedia] [HKCU\Software\MakeMSI] [HKCU\Software\MediaInfo] [HKCU\Software\MozillaPlugins] [HKCU\Software\Mozilla] [HKCU\Software\Netscape] [HKCU\Software\Opera Software] [HKCU\Software\PC-Doctor] [HKCU\Software\Piriform] [HKCU\Software\Plex, Inc.] [HKCU\Software\Policies] [HKCU\Software\ProtectedHp] [HKCU\Software\QtProject] [HKCU\Software\Raptr] [HKCU\Software\Razer] [HKCU\Software\Roxio] [HKCU\Software\SXML] [HKCU\Software\Safer Networking Limited] [HKCU\Software\Siber Systems] [HKCU\Software\Skype] [HKCU\Software\Sonic] [HKCU\Software\SubSystems] [HKCU\Software\Sysinternals] [HKCU\Software\The Document Foundation] [HKCU\Software\Trolltech] [HKCU\Software\VB and VBA Program Settings] [HKCU\Software\VIXJ] [HKCU\Software\Valve] [HKCU\Software\WinRAR SFX] [HKCU\Software\Wow6432Node] [HKCU\Software\ZebHelpProcess Helper] [HKCU\Software\madFlac] [HKCU\Software\madshi] [HKLM\Software\7-Zip] [HKLM\Software\AMD] [HKLM\Software\ATHEROS] [HKLM\Software\ATI Technologies] [HKLM\Software\ATI] [HKLM\Software\Alps] [HKLM\Software\Baidu Security] [HKLM\Software\Classes] [HKLM\Software\Clients] [HKLM\Software\Dell] [HKLM\Software\DigitalPersona] [HKLM\Software\Google] [HKLM\Software\IDT] [HKLM\Software\InstalledOptions] [HKLM\Software\Intel] [HKLM\Software\JavaSoft] [HKLM\Software\JreMetrics] [HKLM\Software\Khronos] [HKLM\Software\MozillaPlugins] [HKLM\Software\Mozilla] [HKLM\Software\ODBC] [HKLM\Software\ORACLE] [HKLM\Software\PC-Doctor] [HKLM\Software\Piriform] [HKLM\Software\Policies] [HKLM\Software\ProtectedHp] [HKLM\Software\RTLSetup] [HKLM\Software\Realtek] [HKLM\Software\RegisteredApplications] [HKLM\Software\SRS Labs] [HKLM\Software\Safer Networking Limited] [HKLM\Software\Siber Systems] [HKLM\Software\Sonic] [HKLM\Software\Validity] [HKLM\Software\VideoLAN] [HKLM\Software\Waves Audio] [HKLM\Software\Widcomm] [HKLM\Software\Wow6432Node\AIM Toolbar] [HKLM\Software\Wow6432Node\AMD] [HKLM\Software\Wow6432Node\ATI Technologies] [HKLM\Software\Wow6432Node\ATI] [HKLM\Software\Wow6432Node\Adobe] [HKLM\Software\Wow6432Node\AdwCleaner] [HKLM\Software\Wow6432Node\Apache Software Foundation] [HKLM\Software\Wow6432Node\AppDataLow] [HKLM\Software\Wow6432Node\Atheros] [HKLM\Software\Wow6432Node\Baidu Security] [HKLM\Software\Wow6432Node\Baidu_Drp_pos] [HKLM\Software\Wow6432Node\Blizzard Entertainment] [HKLM\Software\Wow6432Node\Classes] [HKLM\Software\Wow6432Node\Clients] [HKLM\Software\Wow6432Node\Copernic] [HKLM\Software\Wow6432Node\DT Soft] [HKLM\Software\Wow6432Node\Debug] [HKLM\Software\Wow6432Node\Dell Computer Corporation] [HKLM\Software\Wow6432Node\Dell] [HKLM\Software\Wow6432Node\DesktopSearch2] [HKLM\Software\Wow6432Node\DigitalPersona] [HKLM\Software\Wow6432Node\Disc Soft] [HKLM\Software\Wow6432Node\Evernote Corp.] [HKLM\Software\Wow6432Node\FLEXnet] [HKLM\Software\Wow6432Node\Freemake] [HKLM\Software\Wow6432Node\GNU] [HKLM\Software\Wow6432Node\Google] [HKLM\Software\Wow6432Node\HaaliMkx] [HKLM\Software\Wow6432Node\IDT] [HKLM\Software\Wow6432Node\IObit] [HKLM\Software\Wow6432Node\Infonaut_1.10.0.13] [HKLM\Software\Wow6432Node\InstallShield] [HKLM\Software\Wow6432Node\Intel] [HKLM\Software\Wow6432Node\JavaSoft] [HKLM\Software\Wow6432Node\JreMetrics] [HKLM\Software\Wow6432Node\KLCodecPack] [HKLM\Software\Wow6432Node\KONAMI] [HKLM\Software\Wow6432Node\Khronos] [HKLM\Software\Wow6432Node\LAV] [HKLM\Software\Wow6432Node\LibreOffice] [HKLM\Software\Wow6432Node\Macromedia] [HKLM\Software\Wow6432Node\Malwarebytes' Anti-Malware] [HKLM\Software\Wow6432Node\MicroVision] [HKLM\Software\Wow6432Node\Minhateca.com.br Box] [HKLM\Software\Wow6432Node\MozillaPlugins] [HKLM\Software\Wow6432Node\Mozilla] [HKLM\Software\Wow6432Node\NetTcpHandler] [HKLM\Software\Wow6432Node\NtIObits] [HKLM\Software\Wow6432Node\NtSvcHandler] [HKLM\Software\Wow6432Node\ODBC] [HKLM\Software\Wow6432Node\PocketSoft] [HKLM\Software\Wow6432Node\Policies] [HKLM\Software\Wow6432Node\Realtek] [HKLM\Software\Wow6432Node\RegisteredApplications] [HKLM\Software\Wow6432Node\Roxio] [HKLM\Software\Wow6432Node\Safer Networking Limited] [HKLM\Software\Wow6432Node\Siber Systems] [HKLM\Software\Wow6432Node\Skype] [HKLM\Software\Wow6432Node\Sonic] [HKLM\Software\Wow6432Node\SpeedBit] [HKLM\Software\Wow6432Node\SuppHelpDir] [HKLM\Software\Wow6432Node\Symantec] [HKLM\Software\Wow6432Node\The Document Foundation] [HKLM\Software\Wow6432Node\TrendMicro] [HKLM\Software\Wow6432Node\Valve] [HKLM\Software\Wow6432Node\Volatile] [HKLM\Software\Wow6432Node\illiminable] [HKLM\Software\Wow6432Node\mozilla.org] [HKLM\Software\Wow6432Node] ~ Key Software: 350 Scanned in 00mn 00s ---\\ Conteúdo das pastas Programs/ProgramFiles/ProgramData/AppData (O43) O43 - CFD: 16/11/2014 - 20:49:36 - [] ----D C:\Program Files (x86)\Adobe O43 - CFD: 04/04/2015 - 14:03:51 - [] ----D C:\Program Files (x86)\AMD O43 - CFD: 08/02/2015 - 18:28:04 - [] ----D C:\Program Files (x86)\AMD AVT O43 - CFD: 24/01/2015 - 13:15:50 - [] ----D C:\Program Files (x86)\AMX Mod X O43 - CFD: 11/11/2014 - 21:12:08 - [] ----D C:\Program Files (x86)\Anki O43 - CFD: 31/10/2014 - 17:22:50 - [] ----D C:\Program Files (x86)\Ares O43 - CFD: 14/12/2014 - 16:14:17 - [] ----D C:\Program Files (x86)\Battle.net O43 - CFD: 11/02/2015 - 15:41:20 - [] ----D C:\Program Files (x86)\brModelo O43 - CFD: 04/04/2015 - 17:16:39 - [] ----D C:\Program Files (x86)\Common Files O43 - CFD: 10/03/2015 - 18:08:17 - [] ----D C:\Program Files (x86)\Copernic O43 - CFD: 01/02/2015 - 17:46:13 - [] ----D C:\Program Files (x86)\Counter-Strike 1.6 O43 - CFD: 31/10/2014 - 17:11:26 - [] ----D C:\Program Files (x86)\DAEMON Tools Lite =>.DT Soft Ltd O43 - CFD: 01/11/2014 - 10:15:08 - [] ----D C:\Program Files (x86)\Dell Wireless O43 - CFD: 01/11/2014 - 09:24:20 - [] ----D C:\Program Files (x86)\DigitalPersona O43 - CFD: 17/03/2015 - 23:47:00 - [] ----D C:\Program Files (x86)\DolbyAxon O43 - CFD: 15/01/2015 - 07:45:02 - [] ----D C:\Program Files (x86)\Dropbox Folder Sync O43 - CFD: 26/03/2015 - 12:25:43 - [] ----D C:\Program Files (x86)\DsNET Corp O43 - CFD: 17/11/2014 - 20:26:09 - [] ----D C:\Program Files (x86)\Evernote O43 - CFD: 11/02/2015 - 16:36:22 - [] ----D C:\Program Files (x86)\fabFORCE O43 - CFD: 02/03/2015 - 17:57:01 - [] ----D C:\Program Files (x86)\FinalWire O43 - CFD: 23/11/2014 - 13:22:12 - [] ----D C:\Program Files (x86)\Freemake O43 - CFD: 19/03/2015 - 16:45:03 - [] ----D C:\Program Files (x86)\Google O43 - CFD: 04/03/2015 - 13:03:14 - [] --H-D C:\Program Files (x86)\InstallJammer Registry O43 - CFD: 07/02/2015 - 17:19:19 - [] --H-D C:\Program Files (x86)\InstallShield Installation Information O43 - CFD: 08/02/2015 - 09:15:59 - [] ----D C:\Program Files (x86)\Intel O43 - CFD: 03/11/2014 - 20:14:17 - [] ----D C:\Program Files (x86)\Internet Explorer O43 - CFD: 03/04/2015 - 11:01:42 - [] ----D C:\Program Files (x86)\K-Lite Codec Pack O43 - CFD: 03/03/2015 - 00:38:49 - [] ----D C:\Program Files (x86)\Kobo O43 - CFD: 29/11/2014 - 19:54:17 - [] ----D C:\Program Files (x86)\Legendas-3.1 O43 - CFD: 09/01/2015 - 10:38:09 - [] ----D C:\Program Files (x86)\LibreOffice 4 O43 - CFD: 05/04/2015 - 12:00:49 - [] ----D C:\Program Files (x86)\Malwarebytes Anti-Malware O43 - CFD: 14/01/2015 - 21:31:42 - [] ----D C:\Program Files (x86)\Microsoft Silverlight O43 - CFD: 02/11/2014 - 14:25:27 - [] ----D C:\Program Files (x86)\Microsoft.NET O43 - CFD: 31/01/2015 - 22:10:16 - [] ----D C:\Program Files (x86)\Minhateca.com.br Box O43 - CFD: 16/03/2015 - 14:38:51 - [] ----D C:\Program Files (x86)\Mozilla Firefox O43 - CFD: 16/03/2015 - 14:38:49 - [] ----D C:\Program Files (x86)\Mozilla Maintenance Service O43 - CFD: 14/07/2009 - 02:32:38 - [] ----D C:\Program Files (x86)\MSBuild O43 - CFD: 04/04/2015 - 10:48:32 - [] ----D C:\Program Files (x86)\Opera O43 - CFD: 31/10/2014 - 16:27:40 - [] ----D C:\Program Files (x86)\Plex O43 - CFD: 04/03/2015 - 13:02:38 - [] ----D C:\Program Files (x86)\Programas RFB O43 - CFD: 31/10/2014 - 23:26:40 - [] ----D C:\Program Files (x86)\QUALCOMM O43 - CFD: 28/01/2015 - 08:21:34 - [] ----D C:\Program Files (x86)\Realtek O43 - CFD: 14/07/2009 - 02:32:38 - [] ----D C:\Program Files (x86)\Reference Assemblies O43 - CFD: 02/03/2015 - 19:34:43 - [] ----D C:\Program Files (x86)\Roxio O43 - CFD: 10/03/2015 - 18:50:14 - [] ----D C:\Program Files (x86)\Siber Systems O43 - CFD: 20/02/2015 - 11:06:45 - [] ----D C:\Program Files (x86)\Space Sniffer O43 - CFD: 08/02/2015 - 17:56:49 - [] ----D C:\Program Files (x86)\SpeedFan O43 - CFD: 28/03/2015 - 12:11:32 - [] ----D C:\Program Files (x86)\Spybot - Search & Destroy 2 O43 - CFD: 01/11/2014 - 10:17:10 - [] ----D C:\Program Files (x86)\Texas Instruments Inc O43 - CFD: 14/07/2009 - 01:57:06 - [0] --H-D C:\Program Files (x86)\Uninstall Information O43 - CFD: 22/11/2014 - 23:05:28 - [] ----D C:\Program Files (x86)\USB Vibration O43 - CFD: 08/11/2014 - 21:41:58 - [] ----D C:\Program Files (x86)\Windows Defender O43 - CFD: 03/11/2014 - 20:14:17 - [] ----D C:\Program Files (x86)\Windows Mail =>.Microsoft Corporation O43 - CFD: 11/03/2015 - 12:17:31 - [] ----D C:\Program Files (x86)\Windows Media Player =>.Microsoft Corporation O43 - CFD: 14/07/2009 - 02:32:38 - [] ----D C:\Program Files (x86)\Windows NT O43 - CFD: 03/11/2014 - 20:14:16 - [] ----D C:\Program Files (x86)\Windows Photo Viewer O43 - CFD: 03/11/2014 - 20:14:16 - [] ----D C:\Program Files (x86)\Windows Portable Devices O43 - CFD: 03/11/2014 - 20:14:17 - [] ----D C:\Program Files (x86)\Windows Sidebar O43 - CFD: 20/12/2014 - 16:41:26 - [] ----D C:\Program Files (x86)\WugFresh Development O43 - CFD: 05/04/2015 - 17:10:19 - [] ----D C:\Program Files (x86)\ZHPDiag =>.Nicolas Coolman O43 - CFD: 16/11/2014 - 20:49:38 - [] ----D C:\Program Files (x86)\Common Files\Adobe O43 - CFD: 01/11/2014 - 10:12:57 - [] ----D C:\Program Files (x86)\Common Files\Atheros O43 - CFD: 08/02/2015 - 18:28:01 - [] ----D C:\Program Files (x86)\Common Files\ATI Technologies O43 - CFD: 09/02/2015 - 17:10:33 - [] ----D C:\Program Files (x86)\Common Files\fabFORCE O43 - CFD: 01/12/2014 - 10:45:58 - [] ----D C:\Program Files (x86)\Common Files\InstallShield O43 - CFD: 04/02/2015 - 18:47:02 - [] ----D C:\Program Files (x86)\Common Files\Intel O43 - CFD: 19/03/2015 - 16:28:25 - [] ----D C:\Program Files (x86)\Common Files\Java O43 - CFD: 03/01/2015 - 17:13:03 - [] ----D C:\Program Files (x86)\Common Files\Microsoft Games O43 - CFD: 03/01/2015 - 14:54:23 - [] ----D C:\Program Files (x86)\Common Files\microsoft shared O43 - CFD: 02/03/2015 - 19:37:09 - [] ----D C:\Program Files (x86)\Common Files\PX Storage Engine O43 - CFD: 02/03/2015 - 19:39:08 - [] ----D C:\Program Files (x86)\Common Files\Roxio Shared O43 - CFD: 14/07/2009 - 00:20:08 - [] ----D C:\Program Files (x86)\Common Files\Services O43 - CFD: 02/03/2015 - 19:34:06 - [] ----D C:\Program Files (x86)\Common Files\Sonic Shared O43 - CFD: 14/07/2009 - 00:20:08 - [] ----D C:\Program Files (x86)\Common Files\SpeechEngines O43 - CFD: 09/03/2015 - 17:25:36 - [] ----D C:\Program Files (x86)\Common Files\Steam O43 - CFD: 02/03/2015 - 19:33:48 - [] ----D C:\Program Files (x86)\Common Files\SureThing Shared O43 - CFD: 09/11/2014 - 15:13:28 - [] ----D C:\Program Files (x86)\Common Files\System O43 - CFD: 03/01/2015 - 14:00:22 - [] ----D C:\Program Files (x86)\Common Files\Windows Live O43 - CFD: 17/11/2014 - 19:11:04 - [] ----D C:\ProgramData\Adobe O43 - CFD: 01/12/2014 - 10:57:27 - [] ----D C:\ProgramData\Age of Empires 3 O43 - CFD: 08/02/2015 - 18:28:06 - [] ----D C:\ProgramData\AMD O43 - CFD: 14/07/2009 - 02:08:56 - [] -SH-D C:\ProgramData\Application Data O43 - CFD: 01/02/2015 - 17:48:25 - [] ----D C:\ProgramData\Atheros O43 - CFD: 08/02/2015 - 18:29:22 - [] ----D C:\ProgramData\ATI O43 - CFD: 03/12/2014 - 07:42:09 - [] ----D C:\ProgramData\AVAST Software O43 - CFD: 02/12/2014 - 10:16:02 - [] ----D C:\ProgramData\Battle.net O43 - CFD: 02/12/2014 - 13:20:06 - [] ----D C:\ProgramData\Blizzard Entertainment O43 - CFD: 06/12/2014 - 20:19:45 - [] ----D C:\ProgramData\boost_interprocess O43 - CFD: 03/01/2015 - 13:43:18 - [] ----D C:\ProgramData\Codemasters O43 - CFD: 10/03/2015 - 21:14:58 - [] ----D C:\ProgramData\Copernic O43 - CFD: 31/10/2014 - 15:51:24 - [] -SH-D C:\ProgramData\Dados de aplicativos O43 - CFD: 23/11/2014 - 13:08:20 - [] ----D C:\ProgramData\DAEMON Tools Lite =>.DT Soft Ltd O43 - CFD: 01/11/2014 - 10:12:16 - [] ----D C:\ProgramData\Dell O43 - CFD: 14/07/2009 - 02:08:56 - [] -SH-D C:\ProgramData\Desktop O43 - CFD: 31/10/2014 - 15:51:24 - [] -SH-D C:\ProgramData\Documentos O43 - CFD: 14/07/2009 - 02:08:56 - [] -SH-D C:\ProgramData\Documents O43 - CFD: 01/11/2014 - 09:23:55 - [] ----D C:\ProgramData\Downloaded Installations O43 - CFD: 03/01/2015 - 13:43:20 - [] -SH-D C:\ProgramData\DSS O43 - CFD: 14/07/2009 - 02:08:56 - [] -SH-D C:\ProgramData\Favorites O43 - CFD: 31/10/2014 - 15:51:24 - [] -SH-D C:\ProgramData\Favoritos O43 - CFD: 23/11/2014 - 13:23:00 - [] ----D C:\ProgramData\Freemake O43 - CFD: 31/10/2014 - 15:58:41 - [] ----D C:\ProgramData\Intel O43 - CFD: 31/01/2015 - 23:52:18 - [] ----D C:\ProgramData\IntelDLM O43 - CFD: 08/03/2015 - 11:23:04 - [] ----D C:\ProgramData\KONAMI O43 - CFD: 03/01/2015 - 13:00:50 - [] ----D C:\ProgramData\LogMeIn O43 - CFD: 01/11/2014 - 09:24:24 - [] ----D C:\ProgramData\Macrovision O43 - CFD: 05/04/2015 - 12:00:41 - [] ----D C:\ProgramData\Malwarebytes O43 - CFD: 16/11/2014 - 20:42:38 - [] ----D C:\ProgramData\McAfee O43 - CFD: 31/10/2014 - 15:51:24 - [] -SH-D C:\ProgramData\Menu Iniciar O43 - CFD: 28/03/2015 - 11:55:02 - [] -S--D C:\ProgramData\Microsoft O43 - CFD: 31/10/2014 - 15:51:24 - [] -SH-D C:\ProgramData\Modelos O43 - CFD: 16/03/2015 - 14:38:47 - [] ----D C:\ProgramData\Mozilla O43 - CFD: 19/03/2015 - 16:34:47 - [] ----D C:\ProgramData\Oracle O43 - CFD: 02/03/2015 - 19:33:00 - [] ----D C:\ProgramData\PhotoShow Shared Assets O43 - CFD: 31/10/2014 - 23:26:40 - [] ----D C:\ProgramData\QUALCOMM O43 - CFD: 10/03/2015 - 18:51:33 - [] ----D C:\ProgramData\RoboForm O43 - CFD: 02/03/2015 - 23:18:05 - [] ----D C:\ProgramData\Roxio O43 - CFD: 03/04/2015 - 11:14:53 - [] ----D C:\ProgramData\Skype O43 - CFD: 15/03/2015 - 08:45:33 - [] ----D C:\ProgramData\Sonic O43 - CFD: 01/04/2015 - 00:55:34 - [] ----D C:\ProgramData\Spybot - Search & Destroy O43 - CFD: 14/07/2009 - 02:08:56 - [] -SH-D C:\ProgramData\Start Menu O43 - CFD: 08/03/2015 - 11:22:58 - [] ----D C:\ProgramData\Steam O43 - CFD: 31/10/2014 - 17:06:21 - [] ----D C:\ProgramData\Sun O43 - CFD: 14/07/2009 - 02:08:56 - [] -SH-D C:\ProgramData\Templates O43 - CFD: 02/03/2015 - 19:38:59 - [] ----D C:\ProgramData\Uninstall O43 - CFD: 05/04/2015 - 15:55:26 - [] ----D C:\ProgramData\Validity O43 - CFD: 31/10/2014 - 16:50:53 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip O43 - CFD: 02/12/2014 - 12:18:07 - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories O43 - CFD: 03/11/2014 - 20:17:41 - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools O43 - CFD: 08/02/2015 - 18:27:30 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center O43 - CFD: 24/01/2015 - 12:58:58 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMX Mod X O43 - CFD: 31/10/2014 - 17:22:48 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ares O43 - CFD: 26/03/2015 - 12:25:55 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\aTube Catcher O43 - CFD: 14/12/2014 - 16:14:13 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battle.net O43 - CFD: 01/11/2014 - 10:13:28 - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BT Program O43 - CFD: 08/11/2014 - 20:31:26 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Central de Mouse e Teclado da Microsoft O43 - CFD: 24/01/2015 - 00:30:03 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Counter-Strike 1.6 O43 - CFD: 31/10/2014 - 17:12:25 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite =>.DT Soft Ltd O43 - CFD: 01/02/2015 - 10:11:12 - [0] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell O43 - CFD: 17/03/2015 - 23:46:58 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dolby Axon O43 - CFD: 15/01/2015 - 07:44:59 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox Folder Sync O43 - CFD: 02/03/2015 - 17:57:08 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FinalWire O43 - CFD: 11/12/2014 - 16:47:56 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fraps O43 - CFD: 23/11/2014 - 13:22:13 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Freemake O43 - CFD: 03/01/2015 - 17:12:59 - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games O43 - CFD: 03/01/2015 - 17:39:42 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GameVicio O43 - CFD: 03/04/2015 - 13:31:52 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome O43 - CFD: 15/03/2015 - 09:29:52 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive O43 - CFD: 19/03/2015 - 16:27:48 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java O43 - CFD: 19/03/2015 - 16:26:41 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java Development Kit O43 - CFD: 03/04/2015 - 11:01:20 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack O43 - CFD: 03/03/2015 - 00:38:49 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kobo O43 - CFD: 09/01/2015 - 10:39:09 - [] -S--D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LibreOffice 4.3 O43 - CFD: 14/07/2009 - 01:57:09 - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance O43 - CFD: 05/04/2015 - 12:00:53 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware O43 - CFD: 14/01/2015 - 21:33:07 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight O43 - CFD: 01/02/2015 - 17:48:25 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Minhateca.com.br O43 - CFD: 22/11/2014 - 23:33:18 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NetBeans O43 - CFD: 27/01/2015 - 16:25:35 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Oracle Database 11g Express Edition O43 - CFD: 31/10/2014 - 16:27:58 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Plex Media Server O43 - CFD: 04/04/2015 - 11:09:36 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Process Hacker 2 O43 - CFD: 04/03/2015 - 13:02:45 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Programas RFB O43 - CFD: 10/03/2015 - 18:51:35 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RoboForm O43 - CFD: 02/03/2015 - 19:37:12 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Roxio Creator Starter O43 - CFD: 31/12/2014 - 09:44:08 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skitch O43 - CFD: 08/02/2015 - 15:57:13 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SpeedFan O43 - CFD: 28/03/2015 - 11:55:04 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2 O43 - CFD: 02/12/2014 - 13:20:06 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StarCraft II O43 - CFD: 14/01/2015 - 10:57:15 - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup O43 - CFD: 31/01/2015 - 10:51:52 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam O43 - CFD: 14/07/2009 - 15:12:00 - [0] R-H-D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tablet PC O43 - CFD: 03/12/2014 - 23:04:31 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client O43 - CFD: 02/03/2015 - 23:19:35 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN O43 - CFD: 05/04/2015 - 17:10:19 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZHP =>.Nicolas Coolman O43 - CFD: 03/04/2015 - 11:19:11 - [] ----D C:\Users\Kauan\AppData\Roaming\Adobe O43 - CFD: 01/02/2015 - 16:50:33 - [] ----D C:\Users\Kauan\AppData\Roaming\ATI O43 - CFD: 02/12/2014 - 10:33:33 - [] ----D C:\Users\Kauan\AppData\Roaming\Battle.net O43 - CFD: 01/12/2014 - 21:06:31 - [] ----D C:\Users\Kauan\AppData\Roaming\Carbon O43 - CFD: 18/03/2015 - 12:19:51 - [] ----D C:\Users\Kauan\AppData\Roaming\DAEMON Tools Lite =>.DT Soft Ltd O43 - CFD: 11/02/2015 - 16:29:08 - [] ----D C:\Users\Kauan\AppData\Roaming\DBDesigner4 O43 - CFD: 31/01/2015 - 22:21:56 - [] ----D C:\Users\Kauan\AppData\Roaming\Dell O43 - CFD: 01/11/2014 - 09:26:57 - [] ----D C:\Users\Kauan\AppData\Roaming\DigitalPersona O43 - CFD: 21/03/2015 - 14:48:54 - [] ----D C:\Users\Kauan\AppData\Roaming\Dropbox O43 - CFD: 11/11/2014 - 20:40:07 - [] ----D C:\Users\Kauan\AppData\Roaming\Dropbox Folder Sync O43 - CFD: 01/11/2014 - 09:24:22 - [] ----D C:\Users\Kauan\AppData\Roaming\FLEXnet O43 - CFD: 31/10/2014 - 15:51:52 - [] ----D C:\Users\Kauan\AppData\Roaming\Identities O43 - CFD: 07/02/2015 - 17:19:18 - [] ----D C:\Users\Kauan\AppData\Roaming\InstallShield O43 - CFD: 22/11/2014 - 23:11:00 - [] ----D C:\Users\Kauan\AppData\Roaming\IObit O43 - CFD: 31/01/2015 - 23:10:45 - [] ----D C:\Users\Kauan\AppData\Roaming\library_dir O43 - CFD: 17/11/2014 - 19:17:33 - [] ----D C:\Users\Kauan\AppData\Roaming\LibreOffice O43 - CFD: 03/04/2015 - 11:19:12 - [] ----D C:\Users\Kauan\AppData\Roaming\Macromedia O43 - CFD: 01/11/2014 - 09:24:22 - [] ----D C:\Users\Kauan\AppData\Roaming\Macrovision O43 - CFD: 14/07/2009 - 15:12:00 - [0] ----D C:\Users\Kauan\AppData\Roaming\Media Center Programs O43 - CFD: 27/01/2015 - 16:37:20 - [] -S--D C:\Users\Kauan\AppData\Roaming\Microsoft O43 - CFD: 16/03/2015 - 14:38:56 - [] ----D C:\Users\Kauan\AppData\Roaming\Mozilla O43 - CFD: 23/11/2014 - 09:58:31 - [] ----D C:\Users\Kauan\AppData\Roaming\NetBeans O43 - CFD: 03/04/2015 - 10:55:05 - [] ----D C:\Users\Kauan\AppData\Roaming\NetService O43 - CFD: 17/01/2015 - 13:07:12 - [] ----D C:\Users\Kauan\AppData\Roaming\Notepad++ O43 - CFD: 19/03/2015 - 15:38:09 - [] ----D C:\Users\Kauan\AppData\Roaming\Oracle O43 - CFD: 04/04/2015 - 11:20:08 - [] ----D C:\Users\Kauan\AppData\Roaming\Process Hacker 2 O43 - CFD: 10/03/2015 - 19:15:18 - [] ----D C:\Users\Kauan\AppData\Roaming\RoboForm O43 - CFD: 02/03/2015 - 23:18:05 - [] ----D C:\Users\Kauan\AppData\Roaming\Roxio O43 - CFD: 08/03/2015 - 11:07:22 - [] ----D C:\Users\Kauan\AppData\Roaming\Roxio Burn O43 - CFD: 02/03/2015 - 19:14:25 - [] ----D C:\Users\Kauan\AppData\Roaming\Roxio Log Files O43 - CFD: 03/04/2015 - 13:20:04 - [] ----D C:\Users\Kauan\AppData\Roaming\RunDir O43 - CFD: 03/04/2015 - 11:12:42 - [] ----D C:\Users\Kauan\AppData\Roaming\Skype O43 - CFD: 04/04/2015 - 22:21:07 - [] ----D C:\Users\Kauan\AppData\Roaming\Spotify O43 - CFD: 26/03/2015 - 18:09:09 - [] ----D C:\Users\Kauan\AppData\Roaming\SQL Developer O43 - CFD: 27/01/2015 - 16:43:34 - [] ----D C:\Users\Kauan\AppData\Roaming\sqldeveloper O43 - CFD: 24/01/2015 - 00:18:51 - [] ----D C:\Users\Kauan\AppData\Roaming\TS3Client O43 - CFD: 03/01/2015 - 17:32:43 - [] ----D C:\Users\Kauan\AppData\Roaming\Tunngle O43 - CFD: 28/03/2015 - 13:49:16 - [] ----D C:\Users\Kauan\AppData\Roaming\uTorrent =>P2P.µTorrent O43 - CFD: 04/04/2015 - 15:26:16 - [] ----D C:\Users\Kauan\AppData\Roaming\vlc O43 - CFD: 05/04/2015 - 17:11:32 - [] ----D C:\Users\Kauan\AppData\Roaming\ZHP =>.Nicolas Coolman O43 - CFD: 17/11/2014 - 20:18:58 - [] ----D C:\Users\Kauan\AppData\Local\Adobe O43 - CFD: 05/12/2014 - 14:10:13 - [] ----D C:\Users\Kauan\AppData\Local\Apps O43 - CFD: 31/10/2014 - 17:22:54 - [] ----D C:\Users\Kauan\AppData\Local\Ares O43 - CFD: 01/02/2015 - 16:50:33 - [] ----D C:\Users\Kauan\AppData\Local\ATI O43 - CFD: 22/01/2015 - 20:56:24 - [] ----D C:\Users\Kauan\AppData\Local\Battle.net O43 - CFD: 02/12/2014 - 10:32:47 - [] ----D C:\Users\Kauan\AppData\Local\Blizzard Entertainment O43 - CFD: 01/11/2014 - 10:23:52 - [] ----D C:\Users\Kauan\AppData\Local\BMExplorer O43 - CFD: 10/03/2015 - 18:06:40 - [] ----D C:\Users\Kauan\AppData\Local\Copernic O43 - CFD: 04/04/2015 - 16:15:03 - [] ----D C:\Users\Kauan\AppData\Local\CrashDumps O43 - CFD: 31/10/2014 - 15:51:39 - [] -SH-D C:\Users\Kauan\AppData\Local\Dados de aplicativos O43 - CFD: 02/11/2014 - 14:23:16 - [0] ----D C:\Users\Kauan\AppData\Local\Deployment O43 - CFD: 01/11/2014 - 09:26:57 - [] ----D C:\Users\Kauan\AppData\Local\DigitalPersona O43 - CFD: 11/11/2014 - 20:40:11 - [] ----D C:\Users\Kauan\AppData\Local\Dropbox_Folder_Sync O43 - CFD: 19/03/2015 - 15:35:48 - [] ----D C:\Users\Kauan\AppData\Local\ElevatedDiagnostics O43 - CFD: 31/10/2014 - 16:23:02 - [] ----D C:\Users\Kauan\AppData\Local\Evernote O43 - CFD: 02/04/2015 - 23:20:45 - [] ----D C:\Users\Kauan\AppData\Local\EvernoteNW O43 - CFD: 23/11/2014 - 13:23:06 - [] ----D C:\Users\Kauan\AppData\Local\FreemakeVideoConverter O43 - CFD: 22/11/2014 - 23:08:15 - [] ----D C:\Users\Kauan\AppData\Local\Google O43 - CFD: 31/10/2014 - 15:51:39 - [] -SH-D C:\Users\Kauan\AppData\Local\Histórico O43 - CFD: 31/01/2015 - 23:49:55 - [] ----D C:\Users\Kauan\AppData\Local\Intel O43 - CFD: 03/03/2015 - 00:41:45 - [] ----D C:\Users\Kauan\AppData\Local\Kobo O43 - CFD: 03/01/2015 - 13:00:50 - [] ----D C:\Users\Kauan\AppData\Local\LogMeIn O43 - CFD: 03/01/2015 - 13:59:57 - [] ----D C:\Users\Kauan\AppData\Local\Microsoft O43 - CFD: 03/04/2015 - 16:55:58 - [] ----D C:\Users\Kauan\AppData\Local\MigWiz O43 - CFD: 27/03/2015 - 16:51:37 - [] ----D C:\Users\Kauan\AppData\Local\MinhaBox.br O43 - CFD: 16/03/2015 - 14:38:57 - [] ----D C:\Users\Kauan\AppData\Local\Mozilla O43 - CFD: 23/11/2014 - 09:58:17 - [] ----D C:\Users\Kauan\AppData\Local\NetBeans O43 - CFD: 05/04/2015 - 13:55:42 - [] ----D C:\Users\Kauan\AppData\Local\Plex Media Server O43 - CFD: 31/10/2014 - 16:51:19 - [] ----D C:\Users\Kauan\AppData\Local\Programs O43 - CFD: 30/03/2015 - 21:42:22 - [] ----D C:\Users\Kauan\AppData\Local\Skitch O43 - CFD: 03/04/2015 - 11:00:31 - [] ----D C:\Users\Kauan\AppData\Local\Skype O43 - CFD: 02/03/2015 - 19:43:02 - [] ----D C:\Users\Kauan\AppData\Local\Sonic_Solutions O43 - CFD: 04/04/2015 - 23:55:58 - [] ----D C:\Users\Kauan\AppData\Local\Spotify O43 - CFD: 20/02/2015 - 21:48:00 - [] ----D C:\Users\Kauan\AppData\Local\Steam O43 - CFD: 05/04/2015 - 17:11:40 - [] ----D C:\Users\Kauan\AppData\Local\Temp O43 - CFD: 31/10/2014 - 15:51:39 - [] -SH-D C:\Users\Kauan\AppData\Local\Temporary Internet Files O43 - CFD: 28/11/2014 - 18:21:35 - [] ----D C:\Users\Kauan\AppData\Local\VirtualStore O43 - CFD: 03/01/2015 - 14:00:23 - [] ----D C:\Users\Kauan\AppData\Local\Windows Live O43 - CFD: 14/07/2009 - 01:54:32 - [] R---D C:\Users\Kauan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories O43 - CFD: 04/04/2015 - 16:21:58 - [] R---D C:\Users\Kauan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools O43 - CFD: 24/01/2015 - 13:15:48 - [0] ----D C:\Users\Kauan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AMX Mod X O43 - CFD: 24/01/2015 - 00:30:01 - [0] ----D C:\Users\Kauan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Counter-Strike 1.6 O43 - CFD: 21/03/2015 - 14:48:24 - [] ----D C:\Users\Kauan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox O43 - CFD: 10/03/2015 - 16:06:44 - [] ----D C:\Users\Kauan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Evernote O43 - CFD: 23/11/2014 - 13:22:13 - [] ----D C:\Users\Kauan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Freemake O43 - CFD: 01/12/2014 - 10:57:08 - [] ----D C:\Users\Kauan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games O43 - CFD: 14/07/2009 - 01:49:38 - [] R---D C:\Users\Kauan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance O43 - CFD: 04/03/2015 - 13:03:13 - [] ----D C:\Users\Kauan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Programas RFB2015 O43 - CFD: 04/04/2015 - 16:21:58 - [] R---D C:\Users\Kauan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup O43 - CFD: 31/01/2015 - 10:30:42 - [] ----D C:\Users\Kauan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam O43 - CFD: 05/12/2014 - 14:10:14 - [] ----D C:\Users\Kauan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows 7 USB DVD Download Tool O43 - CFD: 20/12/2014 - 16:41:29 - [] ----D C:\Users\Kauan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WugFresh Development ~ Program Folder: 266 Scanned in 00mn 01s ---\\ Últimos ficheiros alterados ou criados no Windows e Sistema32 (044) O44 - LFC:[MD5.7C62BCBB015DBF84AA40C0806F1C8194] - 03/04/2015 - 11:50:24 ---A- . (.Baidu, Inc. - Baidu Antivirus Minifilter Driver.) -- C:\Windows\System32\Drivers\BprotectEx.sys [94528] O44 - LFC:[MD5.CC7AA7B42CF418FC3D926913490048F8] - 04/04/2015 - 17:11:03 ---A- . (...) -- C:\Windows\zoek-delete.exe [24064] O44 - LFC:[MD5.F39365C55ADC988A8431E0905130840D] - 04/04/2015 - 17:41:14 ---A- . (...) -- C:\zoek-results.log [50800] O44 - LFC:[MD5.CA2A8AF1DBAD0F31F9B33A2827DFBC16] - 04/04/2015 - 22:13:53 ---A- . (...) -- C:\Windows\tweaking.com-regbackup-KAUAN-PC-Windows-7-Professional-(64-bit).dat [207] O44 - LFC:[MD5.CF12E148C6FC151335B7D7FE03F1C7A2] - 05/04/2015 - 12:00:41 ---A- . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Windows\System32\Drivers\mbam.sys [25816] O44 - LFC:[MD5.68C3B11D1ED8C97648BEEFEC37E93E74] - 05/04/2015 - 12:00:41 ---A- . (.Malwarebytes Corporation - Malwarebytes Chameleon Protection Driver.) -- C:\Windows\System32\Drivers\mbamchameleon.sys [107736] O44 - LFC:[MD5.0CE2F3E26C770CBAEB50787A2C1FD09E] - 05/04/2015 - 12:00:41 ---A- . (.Malwarebytes Corporation - Malwarebytes Web Access Control.) -- C:\Windows\System32\Drivers\mwac.sys [63704] O44 - LFC:[MD5.7A9ED60F6FEFEF78D78386498680FB0D] - 05/04/2015 - 15:55:14 ---A- . (...) -- C:\Windows\PFRO.log [27994] O44 - LFC:[MD5.ACFE99D988189CD4F0A5894E53C21C8F] - 05/04/2015 - 15:55:18 -S-A- . (...) -- C:\Windows\bootstat.dat [67584] O44 - LFC:[MD5.918C53929519D14A64A3E9835CD55A7F] - 05/04/2015 - 15:55:19 ---A- . (...) -- C:\Windows\setupact.log [3229] O44 - LFC:[MD5.E9CD058C79EA15B4AA93E259FA713B07] - 05/04/2015 - 15:57:34 ---A- . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Windows\System32\Drivers\MBAMSwissArmy.sys [136408] O44 - LFC:[MD5.BFD0BBDD1875D7ADD88F95B9DD509EA3] - 05/04/2015 - 16:45:32 ---A- . (...) -- C:\Windows\WindowsUpdate.log [1784484] O44 - LFC:[MD5.E185BDA84E5F03F4E1D8DCA30E209277] - 05/04/2015 - 17:08:06 ---A- . (...) -- C:\Windows\epplauncher.mif [1912] O44 - LFC:[MD5.BCBA647F74BF577F6B7330B16FD60919] - 22/03/2015 - 14:06:21 ---A- . (...) -- C:\Windows\ntbtlog.txt [216944] O44 - LFC:[MD5.1C11E0739B2B354647D292FCDCB7AF8E] - 25/03/2015 - 09:51:02 ---A- . (.Microsoft Corporation - Application Experience Program Cache.) -- C:\Windows\System32\aepic.dll [192000] O44 - LFC:[MD5.EBDE90C94A0671F05AAA0DF2A2139F43] - 25/03/2015 - 09:51:02 ---A- . (.Microsoft Corporation - Atualizador de Dados de Compatibilidade ent.) -- C:\Windows\System32\aepdu.dll [227328] O44 - LFC:[MD5.E82D241A892C15FB42AB0A3D83C01ACA] - 25/03/2015 - 09:51:02 ---A- . (.Microsoft Corporation - Device Inventory Library.) -- C:\Windows\System32\devinv.dll [414720] O44 - LFC:[MD5.B3B9C29F90A10216F13113757BCACAD8] - 25/03/2015 - 09:51:03 ---A- . (.Microsoft Corporation - Application Experience Program Inventory Co.) -- C:\Windows\System32\aeinv.dll [1107456] O44 - LFC:[MD5.75A43F9EA79BF721DC6D94980F85F87D] - 25/03/2015 - 09:51:03 ---A- . (.Microsoft Corporation - Compatibility Appraiser.) -- C:\Windows\System32\appraiser.dll [943616] O44 - LFC:[MD5.4BA77DD4E4894EAF2BCB2D3E0A0B6F7A] - 25/03/2015 - 09:51:03 ---A- . (.Microsoft Corporation - Compatibility Upgrade Migration Host.) -- C:\Windows\System32\acmigration.dll [30720] O44 - LFC:[MD5.EBDBE8037B0BE75B05CBC5DEEE49BA90] - 25/03/2015 - 09:51:03 ---A- . (.Microsoft Corporation - General Telemetry.) -- C:\Windows\System32\generaltel.dll [677888] O44 - LFC:[MD5.82009026471290E8A512D1FE2442FDFC] - 25/03/2015 - 09:51:03 ---A- . (.Microsoft Corporation - Inventory Agent.) -- C:\Windows\System32\invagent.dll [760832] O44 - LFC:[MD5.82446D358A9FB51CB9DA32A5C901D7A0] - 28/03/2015 - 11:54:59 ---A- . (.Safer Networking Limited - No Comment.) -- C:\Windows\System32\sdnclean64.exe [21040] O44 - LFC:[MD5.6B9BA82FEDEC1C4F27E3FE0EB1ABAC60] - 29/03/2015 - 13:54:26 ---A- . (...) -- C:\Windows\System32\PerfStringBackup.INI [1642066] O44 - LFC:[MD5.C5CCA3EDE44A284DED3C261C22F19FDD] - 29/03/2015 - 13:54:26 ---A- . (...) -- C:\Windows\System32\perfc009.dat [123184] O44 - LFC:[MD5.5788028A5938C94536FA0BF12E4FC998] - 29/03/2015 - 13:54:26 ---A- . (...) -- C:\Windows\System32\perfh009.dat [656568] O44 - LFC:[MD5.5D2181A0CA73EB1AB9403A1181D87F7E] - 29/03/2015 - 13:54:26 ---A- . (...) -- C:\Windows\System32\prfc0416.dat [148696] O44 - LFC:[MD5.670147F22F865DCE70CE83DFAC4B1AC2] - 29/03/2015 - 13:54:26 ---A- . (...) -- C:\Windows\System32\prfh0416.dat [708112] ~ Files: 28 Scanned in 00mn 06s ---\\ Exportar a chave da aplicação autorizada (047) O47 - AAKE:Key Export SP - "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe" [Enabled] .(.Safer-Networking Ltd..) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe O47 - AAKE:Key Export SP - "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe" [Enabled] .(.Safer-Networking Ltd..) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe O47 - AAKE:Key Export SP - "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe" [Enabled] .(.Safer-Networking Ltd..) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe O47 - AAKE:Key Export SP - "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe" [Enabled] .(.Safer-Networking Ltd..) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe ~ Keys Export: 4 Scanned in 00mn 00s ---\\ Negação do serviço (Local Security Authority) (048) O48 - LSA:Local Security Authority Authentication Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\Windows\System32\msv1_0.dll O48 - LSA:Local Security Authority Notification Packages . (.DigitalPersona, Inc. - Password Filter.) -- C:\Windows\System32\DPPassFilter.dll O48 - LSA:Local Security Authority Notification Packages . (.Microsoft Corporation - Mecanismo cliente do 'Editor de configuração de segurança Windows'.) -- C:\Windows\System32\scecli.dll O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Pacote de Segurança Kerberos.) -- C:\Windows\System32\kerberos.dll O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\Windows\System32\msv1_0.dll O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - TLS / SSL Security Provider.) -- C:\Windows\System32\schannel.dll O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Digest Access.) -- C:\Windows\System32\wdigest.dll O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Web Service Security Package.) -- C:\Windows\System32\tspkg.dll O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Pku2u Security Package.) -- C:\Windows\System32\pku2u.dll ~ LSA: 9 Scanned in 00mn 00s ---\\ Controlo do Modo de Segurança (CSB) (49) O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sermouse.sys . (.Microsoft Corporation - Driver de porta de mouse serial.) -- C:\Windows\System32\Drivers\sermouse.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\Windows\System32\Drivers\vga.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vgasave.sys . (...) -- C:\Windows\System32\Drivers\vgasave.sys (.not file.) O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\System32\Drivers\volmgr.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgrx.sys . (.Microsoft Corporation - Driver de Extensão do Gerenciador de Volumes.) -- C:\Windows\System32\Drivers\volmgrx.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\Wdf01000.sys . (.Microsoft Corporation - Tempo de Execução da Estrutura de Driver em Modo Kernel.) -- C:\Windows\System32\Drivers\Wdf01000.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ipnat.sys . (.Microsoft Corporation - IP Network Address Translator.) -- C:\Windows\System32\Drivers\ipnat.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\nsiproxy.sys . (.Microsoft Corporation - NSI Proxy.) -- C:\Windows\System32\Drivers\nsiproxy.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpencdd.sys . (.Microsoft Corporation - RDP Encoder Miniport.) -- C:\Windows\System32\Drivers\rdpencdd.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sermouse.sys . (.Microsoft Corporation - Driver de porta de mouse serial.) -- C:\Windows\System32\Drivers\sermouse.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\Windows\System32\Drivers\vga.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vgasave.sys . (...) -- C:\Windows\System32\Drivers\vgasave.sys (.not file.) O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\System32\Drivers\volmgr.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgrx.sys . (.Microsoft Corporation - Driver de Extensão do Gerenciador de Volumes.) -- C:\Windows\System32\Drivers\volmgrx.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\Wdf01000.sys . (.Microsoft Corporation - Tempo de Execução da Estrutura de Driver em Modo Kernel.) -- C:\Windows\System32\Drivers\Wdf01000.sys ~ CSB: 15 Scanned in 00mn 00s ---\\ Chave do registo Shell MountPoints2 (MPSK) (O51) O51 - MPSK:{9db89816-6139-11e4-9f02-e006e6fb9e20}\AutoRun\command. (...) -- H:\setup.exe (.not file.) ~ Keys: Scanned in 00mn 00s ---\\ Pesquisa de infeções nos drivers (HKLM)(TDSD) (O52) O52 - TDSD: \Drivers32\"msacm.l3acm"="C:\Windows\System32\l3codeca.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm O52 - TDSD: \Drivers32\"VIDC.FPS1"="frapsv64.dll" . (.Beepa P/L - Fraps.) -- C:\Windows\System32\frapsv64.dll O52 - TDSD: \drivers.desc\"C:\Windows\System32\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm O52 - TDSD: \drivers.desc\"frapsv64.dll"="Fraps Video Decompressor" . (.Beepa P/L - Fraps.) -- C:\Windows\System32\frapsv64.dll ~ TDSD: 4 Scanned in 00mn 00s ---\\ Enumeração das chaves do registo StartupReg (SMSR) (O53) O53 - SMSR:HKLM\...\startupreg\Adobe ARM [Key] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe =>.Adobe Systems Incorporated O53 - SMSR:HKLM\...\startupreg\Apoint [Key] . (.Alps Electric Co., Ltd. - Alps Pointing-device Driver.) -- C:\Program Files\DellTPad\Apoint.exe O53 - SMSR:HKLM\...\startupreg\AthBtTray [Key] . (.Atheros Commnucations - Bluetooth Suite Common Rescource.) -- C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\AthBtTray.exe O53 - SMSR:HKLM\...\startupreg\AtherosBtStack [Key] . (.Atheros Communications - Bluetooth Stack Server.) -- C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtvStack.exe O53 - SMSR:HKLM\...\startupreg\CCleaner Monitoring [Key] . (.Piriform Ltd - CCleaner.) -- C:\Program Files\CCleaner\CCleaner64.exe =>.Piriform Ltd O53 - SMSR:HKLM\...\startupreg\DAEMON Tools Lite [Key] . (.Disc Soft Ltd - DAEMON Tools Lite.) -- C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe =>.DT Soft Ltd O53 - SMSR:HKLM\...\startupreg\Desktop Disc Tool [Key] . (.No owner - Roxio Burn Launcher.) -- C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe =>.Roxio O53 - SMSR:HKLM\...\startupreg\RoxWatchTray [Key] . (.Sonic Solutions - RoxMMTrayApp Module.) -- C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe =>.Sonic Solutions O53 - SMSR:HKLM\...\startupreg\SDTray [Key] . (.Safer-Networking Ltd. - Spybot - Search & Destroy tray access.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe O53 - SMSR:HKLM\...\startupreg\Spotify Web Helper [Key] . (.Spotify Ltd - SpotifyWebHelper.) -- C:\Users\Kauan\AppData\Roaming\Spotify\SpotifyWebHelper.exe ~ SMSR Keys: 10 Scanned in 00mn 00s ---\\ Enumeração das chaves do registo SecurityProviders (MCSP) (O54) O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\Windows\System32\credssp.dll O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\Windows\System32\credssp.dll ~ MSCP: 2 Scanned in 00mn 00s ---\\ Enumeração das chaves do registo PoliciesSystem (MWPS) (O55) O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorAdmin"=0 O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorUser"=3 O55 - MWPS:[HKLM\...\Policies\System] - "EnableInstallerDetection"=1 O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=0 O55 - MWPS:[HKLM\...\Policies\System] - "EnableSecureUIAPaths"=1 O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0 O55 - MWPS:[HKLM\...\Policies\System] - "EnableVirtualization"=1 O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=0 O55 - MWPS:[HKLM\...\Policies\System] - "ValidateAdminCodeSignatures"=0 O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0 O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"=0 O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"=0 O55 - MWPS:[HKLM\...\Policies\System] - "scforceoption"=0 O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1 O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1 O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0 O55 - MWPS:[HKLM\...\Policies\System] - "SoftwareSASGeneration"=1 O55 - MWPS:[HKCU\...\Policies\System] - "DisableLockWorkstation"=0 O55 - MWPS:[HKCU\...\Policies\System] - "DisableRegistryTools"=0 O55 - MWPS:[HKCU\...\Policies\System] - "DisableTaskMgr"=0 ~ MWPS: 20 Scanned in 00mn 00s ---\\ Enumeração das chaves do registo PoliciesExplorer (MWPE) (O56) O56 - MWPE:[HKCU\...\policies\Explorer] - "NoDriveTypeAutoRun"=145 O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktop"=1 O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktopChanges"=1 O56 - MWPE:[HKLM\...\policies\Explorer] - "ForceActiveDesktopOn"=0 ~ MWPE Keys: 4 Scanned in 00mn 00s ---\\ Lista dos drivers do sistema (SDL) (O58) O58 - SDL:13/07/2009 - 22:52:21 ---A- . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) -- C:\Windows\System32\Drivers\adp94xx.sys [491088] O58 - SDL:13/07/2009 - 22:52:21 ---A- . (.Adaptec, Inc. - Adaptec Windows SATA Storport Driver.) -- C:\Windows\System32\Drivers\adpahci.sys [339536] O58 - SDL:13/07/2009 - 22:52:21 ---A- . (.Adaptec, Inc. - Adaptec StorPort Ultra320 SCSI Driver (X64).) -- C:\Windows\System32\Drivers\adpu320.sys [182864] O58 - SDL:13/07/2009 - 22:52:21 ---A- . (.Acer Laboratories Inc. - ALi mini IDE Driver.) -- C:\Windows\System32\Drivers\aliide.sys [15440] O58 - SDL:20/11/2014 - 23:41:36 ---A- . (.Advanced Micro Devices - AMD ACP Binaries.) -- C:\Windows\System32\Drivers\amdacpksd.sys [294600] O58 - SDL:27/10/2014 - 20:46:12 ---A- . (.Advanced Micro Devices, Inc. - AMD PCI Root Bus Lower Filter.) -- C:\Windows\System32\Drivers\amdkmpfd.sys [62152] O58 - SDL:11/03/2011 - 03:41:12 ---A- . (.Advanced Micro Devices - AHCI 1.2 Device Driver.) -- C:\Windows\System32\Drivers\amdsata.sys [107904] O58 - SDL:13/07/2009 - 22:52:20 ---A- . (.AMD Technologies Inc. - AMD Technology AHCI Compatible Controller Driver for Windows -.) -- C:\Windows\System32\Drivers\amdsbs.sys [194128] O58 - SDL:11/03/2011 - 03:41:12 ---A- . (.Advanced Micro Devices - Storage Filter Driver.) -- C:\Windows\System32\Drivers\amdxata.sys [27008] O58 - SDL:12/05/2011 - 23:28:46 ---A- . (.Alps Electric Co., Ltd. - Alps Touch Pad Driver.) -- C:\Windows\System32\Drivers\Apfiltr.sys [363856] O58 - SDL:13/07/2009 - 22:52:21 ---A- . (.Adaptec, Inc. - Adaptec RAID Storport Driver.) -- C:\Windows\System32\Drivers\arc.sys [87632] O58 - SDL:13/07/2009 - 22:52:21 ---A- . (.Adaptec, Inc. - Adaptec SAS RAID WS03 Driver.) -- C:\Windows\System32\Drivers\arcsas.sys [97856] O58 - SDL:21/04/2011 - 19:17:10 ---A- . (.Atheros Communications, Inc. - Atheros Extensible Wireless LAN device driver.) -- C:\Windows\System32\Drivers\athrx.sys [2727424] O58 - SDL:20/11/2014 - 23:40:00 ---A- . (.Advanced Micro Devices, Inc. - ATI Radeon Kernel Mode Driver.) -- C:\Windows\System32\Drivers\atikmdag.sys [18959360] O58 - SDL:20/11/2014 - 23:08:54 ---A- . (.Advanced Micro Devices, Inc. - AMD multi-vendor Miniport Driver.) -- C:\Windows\System32\Drivers\atikmpag.sys [589312] O58 - SDL:10/06/2009 - 17:34:23 ---A- . (.Broadcom Corporation - Broadcom NetXtreme Gigabit Ethernet NDIS6.x Unified Driver..) -- C:\Windows\System32\Drivers\b57nd60a.sys [270848] O58 - SDL:14/12/2014 - 22:59:20 ---A- . (.Baidu, Inc. - Baidu Antivirus Minifilter Driver.) -- C:\Windows\System32\Drivers\BprotectEx.sys [94528] O58 - SDL:10/06/2009 - 17:41:06 ---A- . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver.) -- C:\Windows\System32\Drivers\BrFiltLo.sys [18432] O58 - SDL:10/06/2009 - 17:41:06 ---A- . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver.) -- C:\Windows\System32\Drivers\BrFiltUp.sys [8704] O58 - SDL:13/07/2009 - 22:19:07 ---A- . (.Brother Industries Ltd. - Brother Serial I/F Driver (WDM).) -- C:\Windows\System32\Drivers\BrSerId.sys [286720] O58 - SDL:10/06/2009 - 17:41:10 ---A- . (.Brother Industries Ltd. - Brother Serial driver (WDM version).) -- C:\Windows\System32\Drivers\BrSerWdm.sys [47104] O58 - SDL:10/06/2009 - 17:41:10 ---A- . (.Brother Industries Ltd. - Brother USB MDM Driver.) -- C:\Windows\System32\Drivers\BrUsbMdm.sys [14976] O58 - SDL:10/06/2009 - 17:41:10 ---A- . (.Brother Industries Ltd. - Brother USB Serial Driver.) -- C:\Windows\System32\Drivers\BrUsbSer.sys [14720] O58 - SDL:20/05/2011 - 10:15:32 ---A- . (.Atheros - Atheros A2DP driver.) -- C:\Windows\System32\Drivers\btath_a2dp.sys [298656] O58 - SDL:20/05/2011 - 10:15:34 ---A- . (.Atheros - Atheros BUS driver.) -- C:\Windows\System32\Drivers\btath_bus.sys [29344] O58 - SDL:20/05/2011 - 10:15:34 ---A- . (.Atheros - Atheros FILTER driver.) -- C:\Windows\System32\Drivers\btath_flt.sys [36000] O58 - SDL:20/05/2011 - 10:15:34 ---A- . (.Atheros - Atheros HCRP driver.) -- C:\Windows\System32\Drivers\btath_hcrp.sys [201376] O58 - SDL:20/05/2011 - 10:15:34 ---A- . (.Atheros - Atheros FILTER driver.) -- C:\Windows\System32\Drivers\btath_lwflt.sys [55456] O58 - SDL:20/05/2011 - 10:15:34 ---A- . (.Atheros - Atheros AVRCP driver.) -- C:\Windows\System32\Drivers\btath_rcp.sys [154272] O58 - SDL:20/05/2011 - 10:15:34 ---A- . (.Atheros - BtFilter Driver.) -- C:\Windows\System32\Drivers\btfilter.sys [282272] O58 - SDL:10/06/2009 - 17:34:28 ---A- . (.Broadcom Corporation - Broadcom NetXtreme II GigE VBD.) -- C:\Windows\System32\Drivers\bxvbda.sys [468480] O58 - SDL:20/10/2009 - 03:00:00 ----- . (.Sonic Solutions - CDR4 64-bit CD and DVD Place Holder Driver (see PxHelp).) -- C:\Windows\System32\Drivers\cdr4_xp.sys [10224] O58 - SDL:20/10/2009 - 03:00:00 ----- . (.Sonic Solutions - CDRAL 64-bit Place Holder Driver (see PxHelp).) -- C:\Windows\System32\Drivers\cdralw2k.sys [10224] O58 - SDL:13/07/2009 - 22:52:31 ---A- . (.CMD Technology, Inc. - CMD PCI IDE Bus Driver.) -- C:\Windows\System32\Drivers\cmdide.sys [17488] O58 - SDL:31/10/2014 - 17:11:26 ---A- . (.Disc Soft Ltd - DAEMON Tools Virtual Bus Driver.) -- C:\Windows\System32\Drivers\dtsoftbus01.sys [283064] O58 - SDL:13/07/2009 - 22:47:48 ---A- . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\System32\Drivers\elxstor.sys [530496] O58 - SDL:10/06/2009 - 17:34:33 ---A- . (.Broadcom Corporation - Broadcom NetXtreme II 10 GigE VBD.) -- C:\Windows\System32\Drivers\evbda.sys [3286016] O58 - SDL:18/03/2009 - 16:35:42 --HA- . (.LogMeIn, Inc. - Hamachi Virtual Network Interface Driver.) -- C:\Windows\System32\Drivers\hamachi.sys [33856] O58 - SDL:10/06/2009 - 17:31:59 ---A- . (.Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for eHome.) -- C:\Windows\System32\Drivers\hcw85cir.sys [31232] O58 - SDL:19/10/2010 - 22:34:26 ---A- . (.Intel Corporation - Intel(R) Management Engine Interface.) -- C:\Windows\System32\Drivers\HECIx64.sys [56344] O58 - SDL:20/11/2010 - 10:33:35 ---A- . (.Hewlett-Packard Company - Smart Array SAS/SATA Controller Media Driver.) -- C:\Windows\System32\Drivers\HpSAMD.sys [78720] O58 - SDL:11/03/2011 - 03:41:26 ---A- . (.Intel Corporation - Intel Matrix Storage Manager driver - x64.) -- C:\Windows\System32\Drivers\iaStorV.sys [410496] O58 - SDL:15/11/2012 - 01:03:46 ---A- . (.Intel Corporation - Intel Graphics Kernel Mode Driver.) -- C:\Windows\System32\Drivers\igdkmd64.sys [9000256] O58 - SDL:25/09/2011 - 22:40:28 ---A- . (.Intel Corporation - Intel Graphics Kernel Mode Driver.) -- C:\Windows\System32\Drivers\igdpmd64.sys [12309440] O58 - SDL:13/07/2009 - 22:48:04 ---A- . (.Intel Corp./ICP vortex GmbH - Intel/ICP Raid Storport Driver.) -- C:\Windows\System32\Drivers\iirsp.sys [44112] O58 - SDL:19/06/2012 - 21:40:52 ---A- . (.Intel(R) Corporation - Intel(R) Display Audio Driver.) -- C:\Windows\System32\Drivers\IntcDAud.sys [342528] O58 - SDL:13/07/2009 - 22:48:04 ---A- . (.LSI Corporation - LSI Fusion-MPT FC Driver (StorPort).) -- C:\Windows\System32\Drivers\lsi_fc.sys [114752] O58 - SDL:13/07/2009 - 22:48:04 ---A- . (.LSI Corporation - LSI Fusion-MPT SAS Driver (StorPort).) -- C:\Windows\System32\Drivers\lsi_sas.sys [106560] O58 - SDL:13/07/2009 - 22:48:04 ---A- . (.LSI Corporation - LSI SAS Gen2 Driver (StorPort).) -- C:\Windows\System32\Drivers\lsi_sas2.sys [65600] O58 - SDL:13/07/2009 - 22:48:04 ---A- . (.LSI Corporation - LSI Fusion-MPT SCSI Driver (StorPort).) -- C:\Windows\System32\Drivers\lsi_scsi.sys [115776] O58 - SDL:17/03/2015 - 06:15:24 ---A- . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Windows\System32\Drivers\mbam.sys [25816] O58 - SDL:17/03/2015 - 06:15:28 ---A- . (.Malwarebytes Corporation - Malwarebytes Chameleon Protection Driver.) -- C:\Windows\System32\Drivers\mbamchameleon.sys [107736] O58 - SDL:05/04/2015 - 15:57:34 ---A- . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Windows\System32\Drivers\MBAMSwissArmy.sys [136408] O58 - SDL:13/07/2009 - 22:48:04 ---A- . (.LSI Corporation - MEGASAS RAID Controller Driver for Windows 7\Server 2008 R2 for.) -- C:\Windows\System32\Drivers\megasas.sys [35392] O58 - SDL:13/07/2009 - 22:48:04 ---A- . (.LSI Corporation, Inc. - LSI MegaRAID Software RAID Driver.) -- C:\Windows\System32\Drivers\MegaSR.sys [284736] O58 - SDL:17/03/2015 - 06:15:38 ---A- . (.Malwarebytes Corporation - Malwarebytes Web Access Control.) -- C:\Windows\System32\Drivers\mwac.sys [63704] O58 - SDL:13/07/2009 - 22:48:26 ---A- . (.IBM Corporation - IBM ServeRAID Controller Driver.) -- C:\Windows\System32\Drivers\nfrd960.sys [51264] O58 - SDL:11/03/2011 - 03:41:34 ---A- . (.NVIDIA Corporation - NVIDIA® nForce(TM) RAID Driver.) -- C:\Windows\System32\Drivers\nvraid.sys [148352] O58 - SDL:11/03/2011 - 03:41:34 ---A- . (.NVIDIA Corporation - NVIDIA® nForce(TM) Sata Performance Driver.) -- C:\Windows\System32\Drivers\nvstor.sys [166272] O58 - SDL:19/03/2010 - 03:00:00 ----- . (.Sonic Solutions - Px Engine Device Driver for 64-bit Windows.) -- C:\Windows\System32\Drivers\PxHlpa64.sys [55856] O58 - SDL:13/07/2009 - 22:45:46 ---A- . (.QLogic Corporation - QLogic Fibre Channel Stor Miniport Driver.) -- C:\Windows\System32\Drivers\ql2300.sys [1524816] O58 - SDL:13/07/2009 - 22:45:45 ---A- . (.QLogic Corporation - QLogic iSCSI Storport Miniport Driver.) -- C:\Windows\System32\Drivers\ql40xx.sys [128592] O58 - SDL:10/06/2011 - 05:34:52 ---A- . (.Realtek - Realtek 8136/8168/8169 NDIS 6.20 64-bit Driver.) -- C:\Windows\System32\Drivers\Rt64win7.sys [539240] O58 - SDL:10/06/2009 - 17:37:19 ---A- . (.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) -- C:\Windows\System32\Drivers\secdrv.sys [23040] O58 - SDL:13/07/2009 - 22:45:45 ---A- . (.Silicon Integrated Systems Corp. - SiS RAID Stor Miniport Driver.) -- C:\Windows\System32\Drivers\sisraid2.sys [43584] O58 - SDL:13/07/2009 - 22:45:46 ---A- . (.Silicon Integrated Systems - SiS AHCI Stor-Miniport Driver.) -- C:\Windows\System32\Drivers\sisraid4.sys [80464] O58 - SDL:13/07/2009 - 22:45:55 ---A- . (.Promise Technology - Promise SuperTrak EX Series Driver for Windows.) -- C:\Windows\System32\Drivers\stexstor.sys [24656] O58 - SDL:08/09/2011 - 04:42:28 ---A- . (.IDT, Inc. - IDT PC Audio.) -- C:\Windows\System32\Drivers\stwrt64.sys [535040] O58 - SDL:16/09/2009 - 06:02:42 ---A- . (.Tunngle.net - TAP-Win32 Virtual Network Driver.) -- C:\Windows\System32\Drivers\tap0901t.sys [31232] O58 - SDL:20/07/2011 - 13:21:50 ---A- . (.Texas Instruments Incorporated - TI USB3 Hub Driver.) -- C:\Windows\System32\Drivers\tihub3.sys [136000] O58 - SDL:20/07/2011 - 13:21:50 ---A- . (.Texas Instruments Incorporated - TI XHCI Host Controller Driver.) -- C:\Windows\System32\Drivers\tixhci.sys [406336] O58 - SDL:13/07/2009 - 22:45:55 ---A- . (.VIA Technologies, Inc. - VIA Generic PCI IDE Bus Driver.) -- C:\Windows\System32\Drivers\viaide.sys [17488] O58 - SDL:13/07/2009 - 22:45:55 ---A- . (.VIA Technologies Inc.,Ltd - VIA RAID DRIVER FOR AMD-X86-64.) -- C:\Windows\System32\Drivers\vsmraid.sys [161872] O58 - SDL:21/04/2011 - 19:17:10 ---A- . (.Atheros Communications, Inc. - Atheros Extensible Wireless LAN device driver.) -- C:\Windows\System32\athrx.sys [2727424] O58 - SDL:29/12/2012 - 17:59:38 ---A- . (.Almico Software - SpeedFan x64 Driver.) -- C:\Windows\SysWOW64\speedfan.sys [28664] ~ Drivers: 75 Scanned in 00mn 37s ---\\ Últimos ficheiros alterados ou criados (Utilizador) (061) O61 - LFC: 02/04/2015 - 17:13:26 ---A- . (...) -- C:\Users\Kauan\AppData\Local\Temp\jrt\get.bat [14785] O61 - LFC: 02/04/2015 - 17:13:26 ---A- . (...) -- C:\Users\Kauan\AppData\Local\Temp\jrt\misc.bat [200543] O61 - LFC: 02/04/2015 - 17:13:30 ---A- . (...) -- C:\Users\Kauan\AppData\Roaming\Spotify\pdf.dll [9305656] O61 - LFC: 03/04/2015 - 17:13:29 ---A- . (...) -- C:\Users\Kauan\AppData\Roaming\Spotify\ffmpegsumo.dll [990776] O61 - LFC: 03/04/2015 - 17:13:29 ---A- . (...) -- C:\Users\Kauan\AppData\Roaming\Spotify\libEGL.dll [219192] O61 - LFC: 03/04/2015 - 17:13:29 ---A- . (...) -- C:\Users\Kauan\AppData\Roaming\Spotify\libcef.dll [40506936] O61 - LFC: 03/04/2015 - 17:13:29 ---A- . (.Microsoft Corporation.) -- C:\Users\Kauan\AppData\Roaming\Spotify\d3dcompiler_43.dll [2106424] O61 - LFC: 03/04/2015 - 17:13:29 ---A- . (.Microsoft Corporation.) -- C:\Users\Kauan\AppData\Roaming\Spotify\d3dcompiler_47.dll [3457592] O61 - LFC: 03/04/2015 - 17:13:30 ---A- . (...) -- C:\Users\Kauan\AppData\Roaming\Spotify\libGLESv2.dll [1365560] O61 - LFC: 03/04/2015 - 17:13:30 ---A- . (...) -- C:\Users\Kauan\AppData\Roaming\Spotify\wow_helper.exe [73272] O61 - LFC: 03/04/2015 - 17:13:30 ---A- . (.Spotify Ltd.) -- C:\Users\Kauan\AppData\Roaming\Spotify\Spotify.exe [7112248] O61 - LFC: 03/04/2015 - 17:13:30 ---A- . (.Spotify Ltd.) -- C:\Users\Kauan\AppData\Roaming\Spotify\SpotifyCrashService.exe [762424] O61 - LFC: 03/04/2015 - 17:13:30 ---A- . (.Spotify Ltd.) -- C:\Users\Kauan\AppData\Roaming\Spotify\SpotifyLauncher.exe [124472] O61 - LFC: 03/04/2015 - 17:13:30 ---A- . (.Spotify Ltd.) -- C:\Users\Kauan\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2018360] O61 - LFC: 04/04/2015 - 17:13:30 ---A- . (...) -- C:\Users\Kauan\AppData\Roaming\ZHP\ZHPCleaner.exe [1705984] =>.Nicolas Coolman O61 - LFC: 04/04/2015 - 17:13:31 ---A- . (...) -- C:\Users\Kauan\Downloads\ZHPCleaner.exe [1705984] =>.Nicolas Coolman O61 - LFC: 04/04/2015 - 17:13:31 ---A- . (...) -- C:\Users\Kauan\Downloads\adwcleaner_4.200.exe [2208768] O61 - LFC: 04/04/2015 - 17:13:31 ---A- . (...) -- C:\Users\Kauan\Downloads\zoek.exe [1305600] O61 - LFC: 04/04/2015 - 17:13:31 ---A- . (.Thisisu.) -- C:\Users\Kauan\Downloads\JRT (1).exe [2690981] O61 - LFC: 05/04/2015 - 17:12:41 ---A- . (...) -- C:\Users\Kauan\AppData\Local\Google\Chrome\User Data\ev_hashes_whitelist.bin [1113849] O61 - LFC: 05/04/2015 - 17:13:20 ---A- . (.Plex, Inc..) -- C:\Users\Kauan\AppData\Local\Plex Media Server\Updates\0.9.11.4.739-a4e710f\packages\Plex-Media-Server-0.9.1104.739-a4e710f-en-US.exe [61979064] O61 - LFC: 05/04/2015 - 17:13:31 ---A- . (.Malwarebytes Corporation.) -- C:\Users\Kauan\Downloads\mbam-setup-2.1.4.1018.exe [21540440] O61 - LFC: 05/04/2015 - 17:13:31 ---A- . (.Nicolas Coolman.) -- C:\Users\Kauan\Downloads\ZHPDiag2.exe [6879410] =>.Nicolas Coolman O61 - LFC: 30/03/2015 - 17:12:41 ---A- . (.Google Inc..) -- C:\Users\Kauan\AppData\Local\Google\Chrome\User Data\WidevineCDM\1.4.7.771\_platform_specific\win_x64\widevinecdmadapter.dll [240968] O61 - LFC: 31/03/2015 - 17:13:26 ---A- . (...) -- C:\Users\Kauan\AppData\Local\Temp\jrt\prelim.bat [35577] O61 - LFC: 31/03/2015 - 17:13:26 ---A- . (...) -- C:\Users\Kauan\AppData\Local\Temp\jrt\runvalues.bat [10892] ~ 141 Fichiers temporaires (Temporary files) ~ 14 Fichiers cookies (Cookies files) ~ Files: 26 Scanned in 00mn 58s ---\\ Lista das ferramentas de remoção de vírus (LAT) (063) O63 - Logiciel: ZHPDiag 2015 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =>.Nicolas Coolman O63 - Logiciel: HiJackThis - (.Trend Micro.) [HKLM] -- {45A66726-69BC-466B-A7A4-12FCBA4883D7} ~ ADS: Scanned in 00mn 00s ---\\ Lista dos serviços Legacy du registo (064) O64 - Services: CurCS - 20/11/2014 - C:\Windows\System32\DRIVERS\atikmdag.sys (amdkmdag) .(.Advanced Micro Devices, Inc. - ATI Radeon Kernel Mode Driver.) - LEGACY_AMDKMDAG O64 - Services: CurCS - 14/12/2014 - C:\Windows\system32\drivers\BprotectEx.sys (BprotectEx) .(.Baidu, Inc. - Baidu Antivirus Minifilter Driver.) - LEGACY_BPROTECTEX O64 - Services: CurCS - 15/11/2012 - C:\Windows\System32\DRIVERS\igdkmd64.sys (igfx) .(.Intel Corporation - Intel Graphics Kernel Mode Driver.) - LEGACY_IGFX O64 - Services: CurCS - 17/03/2015 - C:\Windows\system32\drivers\mbam.sys (MBAMProtector) .(.Malwarebytes Corporation - Malwarebytes Anti-Malware.) - LEGACY_MBAMPROTECTOR O64 - Services: CurCS - 10/06/2009 - C:\Windows\System32\Drivers\secdrv.sys (secdrv) .(.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) - LEGACY_SECDRV ~ Legacy: 88 Scanned in 00mn 00s ---\\ Associações Shell Spawning (O67) O67 - Shell Spawning: <.bat> <batfile>[HKLM\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.cpl> <cplfile>[HKLM\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe =>.Microsoft Corporation O67 - Shell Spawning: <.cmd> <cmdfile>[HKLM\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.com> <comfile>[HKLM\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.evt> <evtfile>[HKLM\..\open\Command] (.Microsoft Corporation - Iniciador do snap-in de 'Visualizar eventos'.) -- C:\Windows\System32\eventvwr.exe O67 - Shell Spawning: <.exe> <exefile>[HKLM\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.html> <htmlfile>[HKLM\..\open\Command] (.Not Key.) O67 - Shell Spawning: <.js> <JSFile>[HKLM\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\WScript.exe O67 - Shell Spawning: <.reg> <regfile>[HKLM\..\open\Command] (.Microsoft Corporation - Editor do Registro.) -- C:\Windows\regedit.exe O67 - Shell Spawning: <.scr> <scrfile>[HKLM\..\open\Command] (...) -- "%1" /S O67 - Shell Spawning: <.html> <ChromeHTML>[HKCU\..\open\Command] (.Not Key.) ~ FASS Keys: 11 Scanned in 00mn 00s ---\\ Menu de inicialização Internet (068) O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe O68 - StartMenuInternet: <Google Chrome> <Google Chrome>[HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe O68 - StartMenuInternet: <IEXPLORE.EXE> <>[HKLM\..\Shell\open\Command] (.Not Key.) ~ Keys: Scanned in 00mn 00s ---\\ Pesquisa de infeção nos navegadores da Internet (SBI) (069) O69 - SBI: SearchScopes [HKCU] {012E1000-F331-11DB-8314-0800200C9A66} - (Google) - http://www.google.com O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} [DefaultScope] - (Bing) - http://www.bing.com ~ Keys: Scanned in 00mn 00s ---\\ Listagem dos serviços iniciados pelo Svchost (SSS) (O83) O83 - Search Svchost Services: AeLookupSvc (AeLookupSvc) . (.Microsoft Corporation - Serviço de Experiência com Aplicativo.) -- C:\Windows\System32\aelupsvc.dll [72192] O83 - Search Svchost Services: CertPropSvc (CertPropSvc) . (.Microsoft Corporation - Serviço de Propagação de Certificado de Cartão Inteligente da Microsof.) -- C:\Windows\System32\certprop.dll [80384] O83 - Search Svchost Services: SCPolicySvc (SCPolicySvc) . (.Microsoft Corporation - Serviço de Propagação de Certificado de Cartão Inteligente da Microsof.) -- C:\Windows\System32\certprop.dll [80384] O83 - Search Svchost Services: lanmanserver (lanmanserver) . (.Microsoft Corporation - DLL de Serviço do Servidor.) -- C:\Windows\System32\srvsvc.dll [236032] O83 - Search Svchost Services: gpsvc (gpsvc) . (.Microsoft Corporation - Cliente da Diretiva de Grupo.) -- C:\Windows\System32\gpsvc.dll [777728] O83 - Search Svchost Services: IKEEXT (IKEEXT) . (.Microsoft Corporation - Extensão IKE.) -- C:\Windows\System32\ikeext.dll [859648] O83 - Search Svchost Services: AudioSrv (AudioSrv) . (.Microsoft Corporation - Serviço de Áudio do Windows.) -- C:\Windows\System32\Audiosrv.dll [680960] O83 - Search Svchost Services: Rasauto (Rasauto) . (.Microsoft Corporation - Gerenciador de Discagem Automática de Acesso Remoto.) -- C:\Windows\System32\rasauto.dll [99328] O83 - Search Svchost Services: Rasman (Rasman) . (.Microsoft Corporation - Gerenciador de conexão de acesso remoto.) -- C:\Windows\System32\rasmans.dll [344064] O83 - Search Svchost Services: Remoteaccess (Remoteaccess) . (.Microsoft Corporation - Gerenciador de Interface Dinâmica.) -- C:\Windows\System32\mprdim.dll [97792] O83 - Search Svchost Services: SENS (SENS) . (.Microsoft Corporation - Serviço de Notificação de Eventos do Sistema (SENS).) -- C:\Windows\System32\sens.dll [64512] O83 - Search Svchost Services: Sharedaccess (Sharedaccess) . (.Microsoft Corporation - Componentes do Microsoft NAT Helper.) -- C:\Windows\System32\ipnathlp.dll [359424] O83 - Search Svchost Services: Tapisrv (Tapisrv) . (.Microsoft Corporation - Servidor de telefonia do Microsoft(R) Windows(TM).) -- C:\Windows\System32\tapisrv.dll [316928] O83 - Search Svchost Services: TermService (TermService) . (.Microsoft Corporation - Gerenciador de Conexões Remotas do Servidor Host da Sessão da Área de.) -- C:\Windows\System32\termsrv.dll [683520] O83 - Search Svchost Services: wuauserv (wuauserv) . (.Microsoft Corporation - Windows Update Agent.) -- C:\Windows\System32\wuaueng.dll [2477536] O83 - Search Svchost Services: BITS (BITS) . (.Microsoft Corporation - Serviço de transferência inteligente de plano de fundo.) -- C:\Windows\System32\qmgr.dll [849920] O83 - Search Svchost Services: ShellHWDetection (ShellHWDetection) . (.Microsoft Corporation - DLL de serviços do Shell do Windows.) -- C:\Windows\System32\shsvcs.dll [370688] O83 - Search Svchost Services: iphlpsvc (iphlpsvc) . (.Microsoft Corporation - Serviço que oferece conectividade IPv6 em uma rede IPv4..) -- C:\Windows\System32\iphlpsvc.dll [569344] O83 - Search Svchost Services: seclogon (seclogon) . (.Microsoft Corporation - DLL de serviço de logon secundário.) -- C:\Windows\system32\seclogon.dll [30720] O83 - Search Svchost Services: AppInfo (AppInfo) . (.Microsoft Corporation - Serviço de Informações de Aplicativos.) -- C:\Windows\System32\appinfo.dll [70144] O83 - Search Svchost Services: msiscsi (msiscsi) . (.Microsoft Corporation - Serviço de Descoberta iSCSI.) -- C:\Windows\System32\iscsiexe.dll [156672] O83 - Search Svchost Services: MMCSS (MMCSS) . (.Microsoft Corporation - Serviço Agendador de Classes de Multimídia.) -- C:\Windows\System32\mmcss.dll [67584] O83 - Search Svchost Services: winmgmt (winmgmt) . (.Microsoft Corporation - WMI.) -- C:\Windows\System32\wbem\WMIsvc.dll [242688] O83 - Search Svchost Services: SessionEnv (SessionEnv) . (.Microsoft Corporation - Serviço de Configuração da Área de Trabalho Remota.) -- C:\Windows\System32\sessenv.dll [121856] O83 - Search Svchost Services: browser (browser) . (.Microsoft Corporation - DLL de Serviço Pesquisador de Computadores.) -- C:\Windows\System32\browser.dll [136704] O83 - Search Svchost Services: EapHost (EapHost) . (.Microsoft Corporation - Serviço Microsoft EAPHost.) -- C:\Windows\System32\eapsvc.dll [111104] O83 - Search Svchost Services: schedule (schedule) . (.Microsoft Corporation - Serviço Agendador de Tarefas.) -- C:\Windows\System32\schedsvc.dll [1110016] O83 - Search Svchost Services: hkmsvc (hkmsvc) . (.Microsoft Corporation - Serviço de Gerenciamento de Chaves.) -- C:\Windows\System32\kmsvc.dll [90624] O83 - Search Svchost Services: wercplsupport (wercplsupport) . (.Microsoft Corporation - Relatórios de Problemas e Soluções.) -- C:\Windows\System32\wercplsupport.dll [84480] O83 - Search Svchost Services: ProfSvc (ProfSvc) . (.Microsoft Corporation - ProfSvc.) -- C:\Windows\System32\profsvc.dll [210432] O83 - Search Svchost Services: Themes (Themes) . (.Microsoft Corporation - DLL do Serviço de Tema do Shell do Windows.) -- C:\Windows\System32\themeservice.dll [44544] O83 - Search Svchost Services: BDESVC (BDESVC) . (.Microsoft Corporation - Serviço BDE.) -- C:\Windows\System32\bdesvc.dll [100864] O83 - Search Svchost Services: AppMgmt (AppMgmt) . (.Microsoft Corporation - Serviço de instalação do software.) -- C:\Windows\System32\appmgmts.dll [193536] ~ Services: 33 Scanned in 00mn 00s ---\\ Lista das exceções do FireWall (FirewallRules) (O87) O87 - FAEL: "{04330139-911D-45B2-9E09-BF4A9FFBDCBE}" | In - None - P6 - TRUE | .(.BitTorrent Inc. - µTorrent.) -- C:\Users\Kauan\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.BitTorrent O87 - FAEL: "{4A6AE83A-0B64-4E51-B2C8-0B9DA2FAFCC8}" | In - None - P17 - TRUE | .(.BitTorrent Inc. - µTorrent.) -- C:\Users\Kauan\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.BitTorrent ~ Firewall: 2 Scanned in 00mn 02s ---\\ Search CLSID Registry Key (O101) [HKCR\CLSID\{320AF880-6646-11D3-ABEE-C5DBF3571F49}] (SavePass) =>PUP.CrossRider ~ BCK: 5620 Scanned in 00mn 17s ---\\ Estado general dos serviços não Microsoft (EGS) (SR=Executados, SS=Parados) SS - | Demand 15/11/2012 277048 | (cphs) . (.Intel Corporation.) - C:\Windows\SysWow64\IntelCpHeciSvc.exe SS - | Auto 31/10/2014 107912 | (gupdate) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe SS - | Demand 31/10/2014 107912 | (gupdatem) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe SS - | Demand 03/04/2005 69632 | (IDriverT) . (.Macrovision Corporation.) - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe SS - | Auto 17/03/2015 1080120 | (MBAMService) . (.Malwarebytes Corporation.) - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe SS - | Demand 05/03/2015 148080 | (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe SS - | Disabled 29/05/2014 45568 | (OracleJobSchedulerXE) . (...) - c:\oraclexe\app\oracle\product\11.2.0\server\Bin\extjob.exe SS - | Demand 29/05/2014 81408 | (OracleMTSRecoveryService) . (.Oracle Corporation.) - C:\oraclexe\app\oracle\product\11.2.0\server\BIN\omtsreco.exe SS - | Demand 30/05/2014 147110912 | (OracleServiceXE) . (.Oracle Corporation.) - c:\oraclexe\app\oracle\product\11.2.0\server\bin\ORACLE.exe SS - | Demand 29/05/2014 83968 | (OracleXEClrAgent) . (.Oracle Corporation.) - C:\oraclexe\app\oracle\product\11.2.0\server\bin\OraClrAgnt.exe SS - | Demand 29/05/2014 522240 | (OracleXETNSListener) . (.Oracle Corporation.) - C:\oraclexe\app\oracle\product\11.2.0\server\BIN\tnslsnr.exe SS - | Demand 25/11/2010 1116656 | (RoxMediaDB12OEM) . (.Sonic Solutions.) - C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe SS - | Auto 25/11/2010 219632 | (RoxWatch12) . (.Sonic Solutions.) - C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe SS - | Demand 24/06/2014 1738168 | (SDScannerService) . (.Safer-Networking Ltd..) - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe SS - | Demand 27/06/2014 2088408 | (SDUpdateService) . (.Safer-Networking Ltd..) - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe SS - | Demand 25/04/2014 171928 | (SDWSCService) . (.Safer-Networking Ltd..) - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe SS - | Demand 18/02/2015 835776 | (Steam Client Service) . (.Valve Corporation.) - C:\Program Files (x86)\Common Files\Steam\SteamService.exe SS - | Demand 08/11/2010 74392 | (stllssvr) . (.MicroVision Development, Inc..) - C:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe SS - | Demand 20/11/2014 221184 | (Wildfly) . (.Apache Software Foundation.) - C:\wildfly\bin\service\amd64\wildfly-service.exe SR - | Auto 19/12/2014 81088 | (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe SR - | Auto 03/03/2009 89600 | (AESTFilters) . (.Andrea Electronics Corporation.) - C:\Program Files\IDT\WDM\AESTSr64.exe SR - | Auto 20/11/2014 244736 | (AMD External Events Utility) . (.AMD.) - C:\Windows\System32\atiesrxx.exe SR - | Auto 20/05/2011 146592 | (Atheros Bt&Wlan Coex Agent) . (.Atheros.) - C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\Ath_CoexAgent.exe SR - | Auto 20/05/2011 80032 | (AtherosSvc) . (.Atheros Commnucations.) - C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\adminservice.exe SR - | Auto 29/12/2010 440144 | (DpHost) . (.DigitalPersona, Inc..) - C:\Program Files\DigitalPersona\Bin\DpHostW.exe SR - | Auto 13/11/2014 108032 | (Freemake Improver) . (.Freemake.) - C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe SR - | Auto 20/03/2015 211824 | (NetTcpHandler) . (.QNT.) - C:\Users\Kauan\AppData\Roaming\NetService\netservice.exe SR - | Auto 25/06/2010 331512 | (QDLService2kDell) . (.QUALCOMM, Inc..) - C:\Program Files (x86)\QUALCOMM\QDLService2k\QDLService2kDell.exe SR - | Auto 08/09/2011 305152 | (STacSV) . (.IDT, Inc..) - C:\Program Files\IDT\WDM\STacSV64.exe SR - | Auto 29/01/2015 49968 | (valWBFPolicyService) . (.Synaptics Incorporated.) - C:\Windows\System32\valWBFPolicyService.exe SR - | Auto 13/07/2009 27136 | C:\Program Files (x86)\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe SR - | Auto 22/07/1658 0 | (WMPNetworkSvc) . (...) - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe =>.Microsoft Corporation SR - | Auto 13/07/2009 27136 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe ~ Services: Scanned in 00mn 20s ---\\ Pesquisa de infeção no Registo Mestre de Inicialização (MBR) (080) Run by Kauan at 05/04/2015 17:16:34 ~ OS 64 not supported by MBR tool ~ MBR: 0 Scanned in 00mn 00s ---\\ Pesquisa de infeção no Registo Mestre de Inicialização (MBRCheck) (080) Written by ad13, http://ad13.geekstog Run by Kauan at 05/04/2015 17:16:36 ********* Dump file Name ********* C:\PhysicalDisk0_MBR.bin ~ MBR: Scanned in 00mn 02s ---\\ Lista dos emuladores de CD/DVD (MBR Hook) O42 - Logiciel: DAEMON Tools Lite - (.Disc Soft Ltd.) [HKLM][64Bits] -- DAEMON Tools Lite =>.DT Soft Ltd ~ Emulateurs: Scanned in 00mn 02s ---\\ Scâner Aditional (088) Database Version : 13008 - (29/03/2015) Clés trouvées (Keys found) : 1 Valeurs trouvées (Values found) : 2 Dossiers trouvés (Folders found) : 1 Fichiers trouvés (Files found) : 2 [HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\uTorrent] =>P2P.BitTorrent^ C:\Users\Kauan\AppData\Roaming\uTorrent =>P2P.µTorrent^ [HKCU\Software\BitTorrent] =>P2P.BitTorrent^ [HKCR\CLSID\{320AF880-6646-11D3-ABEE-C5DBF3571F49}] (SavePass) =>PUP.CrossRider^ ~ Additionnel Scan: 321627 Items scanned in 00mn 39s ---\\ Informações complémentaires do módulos ~ http://nicolascoolman.fr/g2-google-chrome-extensions/ =>.Google Chrome, Arranque,Pesquisa,Extensões (G0,G1,G2) ~ http://nicolascoolman.fr/r5-internet-explorer-proxy-management-iepm/ =>.Internet Explorer, Gestão do Proxy (R5) ~ http://nicolascoolman.fr/o2-browser-helper-objects-de-navigateur/ =>.Browser Helper Objects do navegador (02) ~ http://nicolascoolman.fr/o3-internet-explorer-toolbars/ =>.Barras do Internet Explorer (03)) ~ http://nicolascoolman.fr/o4-applications-demarrees-par-le-registre/ =>.Aplicações iniciadas por registo & pastas (04) ~ http://nicolascoolman.fr/o51-mountpoints2-shell-key-mpsk/ =>.Chave do registo Shell MountPoints2 (MPSK) (O51) ~ AMI: 6 Scanned in 00mn 00s ---\\ Sumário das deteções encontradas na sua estação http://www.nicolascoolman.fr/blog/ =>PUP.CrossBrowse http://nicolascoolman.fr/pup-startsearch =>PUP.StartSearch http://nicolascoolman.fr/pup-crossrider =>PUP.CrossRider ~ MSI: 3 link(s) detected in 00mn 00s End of the scan (1451 lines in 06mn 38s)(0.6) Compartilhar este post Link para o post Compartilhar em outros sites
Power Max 54 Denunciar post Postado Abril 5, 2015 :seta: Sugiro que desinstale o Spybot do seu PC. _________________________________________________________________________ :seta: Selecione e copie todo o texto destacado em vermelho abaixo (começando em script zhpfix e indo até emptyclsid) script zhpfix SysRestore [MD5.C84DA49D10EA85B8A625BFDEC9F3A2F6] - (.QNT - Net Service Handler for LocalSystem.) -- C:\Users\Kauan\AppData\Roaming\NetService\netservice.exe [211824] [PID.2684] O23 - Service: Net.Tcp Service Handler (NetTcpHandler) . (.QNT - Net Service Handler for LocalSystem.) - C:\Users\Kauan\AppData\Roaming\NetService\netservice.exe O34 - HKLM BootExecute: (sdnclean64.exe) - File not found [MD5.00000000000000000000000000000000] [APT] [brbrw_1614] (...) -- C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\Crossbrowse.exe (.not file.) [0] =>PUP.CrossBrowse [MD5.00000000000000000000000000000000] [APT] [{3CE4E715-42AA-4806-910F-E4E974253896}] (...) -- C:\Users\Kauan\AppData\Local\Temp\jre-8u31-windows-au.exe (.not file.) [0] [MD5.00000000000000000000000000000000] [APT] [{41B35E0F-4C4F-4F40-8BBF-7CC837764DDD}] (...) -- C:\Users\Kauan\AppData\Roaming\mystartsearch\UninstallManager.exe (.not file.) [0] =>PUP.StartSearch [MD5.00000000000000000000000000000000] [APT] [{5CFA46BC-DA31-4858-BDF1-B437EB932463}] (...) -- D:\Jogos\Counter Strike 1.6\Counter Strike 1.6 Maps.exe (.not file.) [0] O41 - Driver: (BprotectEx) . (.Baidu, Inc. - Baidu Antivirus Minifilter Driver.) - C:\Windows\system32\drivers\BprotectEx.sys O42 - Logiciel: Legendas 3.1 - (.LegendasBrasil.com.br.) [HKLM][64Bits] -- {461C0377-D2EC-4FB0-B038-847BC6455432}_is1 [HKCU\Software\Baidu Security] [HKCU\Software\Baixaki] [HKCU\Software\CinemaPlusV03.04] [HKLM\Software\Baidu Security] [HKLM\Software\Wow6432Node\AIM Toolbar] [HKLM\Software\Wow6432Node\Baidu Security] [HKLM\Software\Wow6432Node\Baidu_Drp_pos] [HKLM\Software\Wow6432Node\Infonaut_1.10.0.13] [HKLM\Software\Wow6432Node\NetTcpHandler] O43 - CFD: 29/11/2014 - 19:54:17 - [] ----D C:\Program Files (x86)\Legendas-3.1 O43 - CFD: 06/12/2014 - 20:19:45 - [] ----D C:\ProgramData\boost_interprocess O43 - CFD: 03/04/2015 - 10:55:05 - [] ----D C:\Users\Kauan\AppData\Roaming\NetService O43 - CFD: 03/04/2015 - 13:20:04 - [] ----D C:\Users\Kauan\AppData\Roaming\RunDir O44 - LFC:[MD5.7C62BCBB015DBF84AA40C0806F1C8194] - 03/04/2015 - 11:50:24 ---A- . (.Baidu, Inc. - Baidu Antivirus Minifilter Driver.) -- C:\Windows\System32\Drivers\BprotectEx.sys [94528] O58 - SDL:14/12/2014 - 22:59:20 ---A- . (.Baidu, Inc. - Baidu Antivirus Minifilter Driver.) -- C:\Windows\System32\Drivers\BprotectEx.sys [94528] O64 - Services: CurCS - 14/12/2014 - C:\Windows\system32\drivers\BprotectEx.sys (BprotectEx) .(.Baidu, Inc. - Baidu Antivirus Minifilter Driver.) - LEGACY_BPROTECTEX O69 - SBI: SearchScopes [HKCU] {012E1000-F331-11DB-8314-0800200C9A66} - (Google) - http://www.google.com O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} [DefaultScope] - (Bing) - http://www.bing.com SR - | Auto 20/03/2015 211824 | (NetTcpHandler) . (.QNT.) - C:\Users\Kauan\AppData\Roaming\NetService\netservice.exe ShortcutFix EmptyTemp EmptyFlash emptyclsid _____________________________________________________________________________________________________________ :seta: Vá no menu: Iniciar > Todos os programas > ZHP > Clique com o botão direito do mouse sobre o Zhpfix e escolha a opção de Executar como administrador > Clique em Importação > Clique no botão GO > Clique em Oui > Caso queira que os arquivos da lixeira sejam excluídos clique em Oui novamente > Um relatório aparecerá no bloco de notas. Copie este relatório e poste em sua próxima resposta. Nota: Esse script foi elaborado somente para este computador, de acordo com os arquivos e chaves presentes. Aos visitantes: Se estiverem com um problema semelhante, não utilizem esse script, pois o uso sem supervisão pode causar danos ao sistema. Compartilhar este post Link para o post Compartilhar em outros sites
gRoOvE 0 Denunciar post Postado Abril 5, 2015 Pode me dizer por que desinstalar o Spybot? Segue o relatório do script executado: Rapport de ZHPFix 2015.3.18.4 par Nicolas Coolman, Update du 18/03/2015 Fichier d'export Registre : Run by Kauan at 05/04/2015 20:44:48 High Elevated Privileges : OK Windows 7 Business Edition, 64-bit Service Pack 1 (Build 7601) Reciclagem vazia (00mn 04s) Reparação de atalhos do navegador ========== Softwares ========== ELIMINÉ: Legendas 3.1 ========== Processo memória ========== ELIMINÉ: Memory Process: C:\Users\Kauan\AppData\Roaming\NetService\netservice.exe AUSENTE Memory Process: O34 - HKLM BootExecute: (sdnclean64.exe) - File not found ========== Estado dos serviços ========== BPROTECTEX Parado ========== Chaves do Registo ========== ELIMINÉ: Service: NetTcpHandler ELIMINÉ Driver Key: BprotectEx ELIMINÉ: HKCU\Software\Baidu Security ELIMINÉ: HKCU\Software\Baixaki ELIMINÉ: HKCU\Software\CinemaPlusV03.04 ELIMINÉ:* HKLM\Software\Baidu Security ELIMINÉ: HKLM\Software\Wow6432Node\AIM Toolbar ELIMINÉ: HKLM\Software\Wow6432Node\Baidu_Drp_pos ELIMINÉ: HKLM\Software\Wow6432Node\Infonaut_1.10.0.13 ELIMINÉ: HKLM\Software\Wow6432Node\NetTcpHandler ELIMINÉ: SearchScopes :{012E1000-F331-11DB-8314-0800200C9A66} ELIMINÉ: SearchScopes :{0633EE93-D776-472f-A0FF-E1416B8B2E3A} ========== Pastas ========== Nenhuma pasta CLSID local utilizador vazia ========== Ficheiros ========== ELIMINÉ:** c:\users\kauan\appdata\roaming\netservice\netservice.exe ELIMINA REINICIAR: c:\windows\system32\drivers\bprotectex.sys ELIMINÉ Temporários windows (134) (7.334.475 octets) ELIMINÉ Flash Cookies (0) (0 octets) ========== Tarefa planificada ========== ELIMINÉ: brbrw_1614 ELIMINÉ: {3CE4E715-42AA-4806-910F-E4E974253896} ELIMINÉ: {41B35E0F-4C4F-4F40-8BBF-7CC837764DDD} ELIMINÉ: {5CFA46BC-DA31-4858-BDF1-B437EB932463} ========== Restauração Sistema ========== Ponto de restauro do sistema criado com sucesso ========== Recapitulativo ========== 2 : Processo memória 12 : Chaves do Registo 1 : Pastas 4 : Ficheiros 1 : Softwares 1 : Estado dos serviços 4 : Tarefa planificada 1 : Restauração Sistema End of clean in 00mn 50s ========== Caminho do ficheiro do relatório ========== C:\Users\Kauan\AppData\Roaming\ZHP\ZHPFix[R1].txt - 05/04/2015 20:44:52 [2154] Compartilhar este post Link para o post Compartilhar em outros sites
Power Max 54 Denunciar post Postado Abril 5, 2015 Se você quiser pode continuar com o Spybot, mas hoje em dia ele se encontra defasado em vista das novas ameaças e não ajuda em muita coisa. ________________________________________________ :seta: Abra novamente o ( ZHPDiag ) |- Clique "COMPLETA" e aguarde a conclusão: |- Ao concluir, poste o relatório ZHPDiag.txt _______________________________________________ Obs: Caso o relatório do ZHPDiag fique muito grande e não couber na sua resposta, acesse o site Cjoint: http://cjoint.com Clique no botão Escolher arquivo > Selecione o arquivo do log (relatório) e clique no botão Abrir. Clique no botão Créer le lien Cjoint Copie o link que aparecerá ao lado da frase Le lien a été créé e poste este link em sua próxima resposta. Compartilhar este post Link para o post Compartilhar em outros sites
gRoOvE 0 Denunciar post Postado Abril 6, 2015 Segue o relatório do ZHPDiag: ~ Relatório do ZHPDiag v2015.4.4.35 - Nicolas Coolman (29/03/2015) ~ Iniciado por Kauan (06/04/2015 13:27:51) ~ Facebook : https://www.facebook.com/nicolascoolman1 ~ Endereço do Webforum : http://forum.nicolascoolman.fr ~ Tradução pelo utilizador ~ Estatuto da versão : Versão atualizada. ~ Lista Branca : Desativado pelo Utilizador ~ Elevação dos Privilégios : OK ~ Controle de Conta de Utilizador : Deactivate by user ---\\ Navegadores Internet MSIE: Internet Explorer v8.0.7601.17514 MFIE: Mozilla Firefox 36.0.1 GCIE: Google Chrome v41.0.2272.118 (Defaut) ---\\ Informações sobre os produtos Windows ~ Langage: Portugais Windows Server License Manager Script : OK Software Protection Service (Protection logicielle) : OK Windows Automatic Updates : OK Windows Activation Technologies : OK Windows 7 Professional, 64-bit Service Pack 1 (Build 7601) ---\\ Softwares de proteçao do sistema Malwarebytes Anti-Malware versão 2.1.4.1018 Windows Defender W7 (Activate) ---\\ Softwares d'optimização do sistema CCleaner v5.03 ---\\ Softwares de partilha do PeerToPeer (P2P) ---\\ Monitoramento dos softwares Adobe Reader XI ---\\ Informações sobre o sistema ~ Processor: Intel64 Family 6 Model 42 Stepping 7, GenuineIntel ~ Operating System: 64 Bits Boot mode: Normal (Normal boot) Total RAM: 4002 MB (30% free) System Restore: Activé (Enable) System drive C: has 13 GB (21%) free of 60 GB ---\\ Modo de conexão ao sistema ~ Computer Name: KAUAN-PC ~ User Name: Kauan ~ All Users Names: Kauan, kaio, HomeGroupUser$, Convidado, chico, Administrador, ~ Unselected Option: None Logged in as Administrator ---\\ As variáveis de ambiente ~ System Unit : C:\ ~ %AppZHP% : C:\Users\Kauan\AppData\Roaming\ZHP\ ~ %AppData% : C:\Users\Kauan\AppData\Roaming\ ~ %Desktop% : C:\Users\Kauan\Desktop\ ~ %Favorites% : C:\Users\Kauan\Favorites\ ~ %LocalAppData% : C:\Users\Kauan\AppData\Local\ ~ %StartMenu% : C:\Users\Kauan\AppData\Roaming\Microsoft\Windows\Start Menu\ ~ %Windir% : C:\Windows\ ~ %System% : C:\Windows\System32\ ---\\ Enumeração das unidades dos discos C: Hard drive, Flash drive, Thumb drive (Free 13 Go of 60 Go) D: Hard drive, Flash drive, Thumb drive (Free 48 Go of 379 Go) E: Hard drive, Flash drive, Thumb drive (Free 0 Go of 0 Go) F: CD-ROM drive (Not Inserted) H: CD-ROM drive (Not Inserted) I: Floppy drive, Flash card reader, USB Key (Not Inserted) ---\\ Estado do Centro de Segurança do Windows [HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] DisableTaskMgr: OK [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] DisableRegistryTools: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: Modified [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowMyGames: Modified [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK [HKLM\SYSTEM\CurrentControlSet\Services\COMSysApp] Type: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime : OK ~ Security Center: 49 Scanned in 00mn 00s ---\\ Pesquisa particular de ficheiros genéricos [MD5.332FEAB1435662FC6C672E25BEB37BE3] - (.Microsoft Corporation - Windows Explorer.) (.25/02/2011 - 03:19:30.) -- C:\Windows\Explorer.exe [2871808] [MD5.94355C28C1970635A31B3FE52EB7CEBA] - (.Microsoft Corporation - Aplicativo de Inicialização do Windows.) (.13/07/2009 - 22:39:52.) -- C:\Windows\System32\Wininit.exe [129024] [MD5.F6C5302E1F4813D552F41A0AC82455E5] - (.Microsoft Corporation - Internet Extensions para Win32.) (.20/11/2010 - 10:27:28.) -- C:\Windows\System32\wininet.dll [1188864] [MD5.8CEBD9D0A0A879CDE9F36F4383B7CAEA] - (.Microsoft Corporation - Aplicativo de Logon do Windows.) (.16/07/2014 - 23:07:24.) -- C:\Windows\System32\Winlogon.exe [455168] [MD5.067FA52BFB59A56110A12312EF9AF243] - (.Microsoft Corporation - Biblioteca de Licenciamento de Software.) (.20/11/2010 - 10:27:26.) -- C:\Windows\System32\sppcomapi.dll [232448] [MD5.FA886682CFC5D36718D3E436AACF10B9] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.30/05/2014 - 03:45:52.) -- C:\Windows\system32\Drivers\AFD.sys [497152] [MD5.02062C0B390B7729EDC9E69C680A6F3C] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.13/07/2009 - 22:52:21.) -- C:\Windows\system32\Drivers\atapi.sys [24128] [MD5.B8BD2BB284668C84865658C77574381A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.13/07/2009 - 20:19:47.) -- C:\Windows\system32\Drivers\Cdfs.sys [92160] [MD5.F036CE71586E93D94DAB220D7BDF4416] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.20/11/2010 - 06:19:21.) -- C:\Windows\system32\Drivers\Cdrom.sys [147456] [MD5.9BB2EF44EAA163B29C4A4587887A0FE4] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.20/11/2010 - 06:26:32.) -- C:\Windows\system32\Drivers\DfsC.sys [102400] [MD5.97BFED39B6B79EB12CDDBFEED51F56BB] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.20/11/2010 - 07:43:43.) -- C:\Windows\system32\Drivers\HDAudBus.sys [122368] [MD5.FA55C73D4AFFA7EE23AC4BE53B4592D3] - (.Microsoft Corporation - Driver de porta i8042.) (.13/07/2009 - 20:19:57.) -- C:\Windows\system32\Drivers\i8042prt.sys [105472] [MD5.AF9B39A7E7B6CAA203B3862582E9F2D0] - (.Microsoft Corporation - IP Network Address Translator.) (.13/07/2009 - 21:10:03.) -- C:\Windows\system32\Drivers\IpNat.sys [116224] [MD5.A5D9106A73DC88564C825D317CAC68AC] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.26/04/2011 - 23:40:40.) -- C:\Windows\system32\Drivers\MRxSmb.sys [158208] [MD5.09594D1089C523423B32A4229263F068] - (.Microsoft Corporation - MBT Transport driver.) (.20/11/2010 - 06:23:20.) -- C:\Windows\system32\Drivers\netBT.sys [261632] [MD5.1A29A59A4C5BA6F8C85062A613B7E2B2] - (.Microsoft Corporation - Driver do Sistema de Arquivos NT.) (.23/01/2014 - 23:37:55.) -- C:\Windows\system32\Drivers\ntfs.sys [1684928] [MD5.0086431C29C35BE1DBC43F52CC273887] - (.Microsoft Corporation - Driver de porta paralela.) (.13/07/2009 - 21:00:41.) -- C:\Windows\system32\Drivers\Parport.sys [97280] [MD5.471815800AE33E6F1C32FB1B97C490CA] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.20/11/2010 - 07:52:35.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [129536] [MD5.1B6163C503398B23FF8B939C67747683] - (.Microsoft Corporation - Microsoft RDP Device redirector.) (.20/11/2010 - 08:06:41.) -- C:\Windows\system32\Drivers\rdpdr.sys [165888] [MD5.548260A7B8654E024DC30BF8A7C5BAA4] - (.Microsoft Corporation - SMB Transport driver.) (.13/07/2009 - 21:09:09.) -- C:\Windows\system32\Drivers\smb.sys [93184] [MD5.70988118145F5F10EF24720B97F35F65] - (.Microsoft Corporation - TDI Translation Driver.) (.10/11/2014 - 22:46:26.) -- C:\Windows\system32\Drivers\tdx.sys [119296] [MD5.0D08D2F3B3FF84E433346669B5E0F639] - (.Microsoft Corporation - Driver de cópia de sombra de volume.) (.20/11/2010 - 10:34:02.) -- C:\Windows\system32\Drivers\volsnap.sys [295808] ~ Generic Processes: Scanned in 00mn 00s ---\\ Estatuto dos ficheiros ocultos (Oculto/Total) ~ Mes Favoris (My Favorites) : 1/22 ~ Mes Documents (My Documents) : 1/3703 ~ Mon Bureau (My Desktop) : 1/15 ~ Menu demarrer (Programs) : 1/41 ~ Hidden Files: Scanned in 00mn 00s ---\\ Processos lançados [MD5.8C9D2FFFF653C623369C214E4B83FA7C] - (.DigitalPersona, Inc. - DigitalPersona Local Agent.) -- C:\Program Files (x86)\DigitalPersona\Bin\DPAgent.exe [740688] [PID.2304] [MD5.E74BF46DE94E62FA01C61EF084F7A7DD] - (.Spotify Ltd - SpotifyWebHelper.) -- C:\Users\Kauan\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2018360] [PID.2636] [MD5.9291980B154715EEBAB6BB3C0E4F1128] - (.Evernote Corp., 305 Walnut Street, Redwood - Evernote Clipper.) -- C:\Users\Kauan\AppData\Local\Apps\Evernote\Evernote\EvernoteClipper.exe [1116168] [PID.2720] [MD5.4BC0005986190D8C4232F30E2F47F120] - (.Evernote Corp., 305 Walnut Street, Redwood - Evernote Tray Application.) -- C:\Users\Kauan\AppData\Local\Apps\Evernote\Evernote\EvernoteTray.exe [401416] [PID.2980] [MD5.97318C571D1F455D59ECB68A7AD8FDA3] - (.Evernote Corp., 305 Walnut Street, Redwood - Evernote.) -- C:\Users\Kauan\AppData\Local\Apps\Evernote\Evernote\Evernote.exe [20476424] [PID.2876] [MD5.E70D90CAB8B971A3B769C2EDDA72A24A] - (.Siber Systems Inc. - rf-chrome-nm-host.) -- C:\Program Files (x86)\Siber Systems\AI RoboForm\Chrome\rf-chrome-nm-host.exe [3212352] [PID.3824] [MD5.A2DBDE21B550F57EC83AEAC2034D12A5] - (.Siber Systems - RoboForm TaskBar Icon.) -- C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe [110160] [PID.5952] [MD5.761017ABC629ADDBCD43992AF06AEB65] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [8195584] [PID.1728] [MD5.FC5B75CA6A1DA31EDD4F8D53F5540B98] - (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [81088] [PID.1992] [MD5.650F111D5CDA64C10AE4B9D1BA9D4FFF] - (.Atheros - Atheros Coex Service Application.) -- C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\Ath_CoexAgent.exe [146592] [PID.1964] [MD5.5C89EF3DDAFB3AE71091C956C3F1AFCE] - (.Freemake - FreemakeUtilsService.) -- C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [108032] [PID.2108] [MD5.83BB030C71C9727DCFB2737005772C4E] - (.Google Inc. - Google Crash Handler.) -- C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleCrashHandler.exe [232264] [PID.2196] [MD5.BBECE06936782CC63165DCA5BD7BB27F] - (.QUALCOMM, Inc. - QDLService2k.) -- C:\Program Files (x86)\QUALCOMM\QDLService2k\QDLService2kDell.exe [331512] [PID.2792] ~ Processes Running: Scanned in 00mn 00s ---\\ Google Chrome, Arranque,Pesquisa,Extensões (G0,G1,G2) C:\Users\Kauan\AppData\Local\Google\Chrome\User Data\Default\Preferences ---\\ Pasta de extensão do Google Chrome G2 - EXT: C:\Users\Kauan\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [__MSG_appName__] G2 - EXT: C:\Users\Kauan\AppData\Local\Google\Chrome\User Data\Default\Extensions\alakoggmijiicdlcjjeakffojoinhlpg [Download Button] G2 - EXT: C:\Users\Kauan\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [__MSG_appName__] G2 - EXT: C:\Users\Kauan\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [__MSG_appName__] G2 - EXT: C:\Users\Kauan\AppData\Local\Google\Chrome\User Data\Default\Extensions\bdehgigffdnkjpaindemkaniebfaepjm [MindMeister] G2 - EXT: C:\Users\Kauan\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [__MSG_appName__] G2 - EXT: C:\Users\Kauan\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [__MSG_appName__] G2 - EXT: C:\Users\Kauan\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhpehmcakkaoihgajhmlgbnddjaanael [Google Tradutor] G2 - EXT: C:\Users\Kauan\AppData\Local\Google\Chrome\User Data\Default\Extensions\dlppkpafhbajpcmmoheippocdidnckmm [__MSG_app_name__] G2 - EXT: C:\Users\Kauan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejjicmeblgpmajnghnpcppodonldlgfn [__MSG_app_name__] G2 - EXT: C:\Users\Kauan\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [__MSG_appName__] G2 - EXT: C:\Users\Kauan\AppData\Local\Google\Chrome\User Data\Default\Extensions\fkpfhiinfnimfpldpljanohkbjjjeobi [Lista Segura] G2 - EXT: C:\Users\Kauan\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [AdBlock] G2 - EXT: C:\Users\Kauan\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik [Bookmark Manager] G2 - EXT: C:\Users\Kauan\AppData\Local\Google\Chrome\User Data\Default\Extensions\hipbfijinpcgfogaopmgehiegacbhmob [feedly] G2 - EXT: C:\Users\Kauan\AppData\Local\Google\Chrome\User Data\Default\Extensions\iooicodkiihhpojmmeghjclgihfjdjhj [__MSG_meta_extension_name__] G2 - EXT: C:\Users\Kauan\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [Application Launcher for Drive (by Google)] G2 - EXT: C:\Users\Kauan\AppData\Local\Google\Chrome\User Data\Default\Extensions\mgijmajocgfcbeboacabfgobmjgjcoja [Google Dictionary (by Google)] G2 - EXT: C:\Users\Kauan\AppData\Local\Google\Chrome\User Data\Default\Extensions\nbfjpmeddmamejnmmppjlfglfhcjbbai [Baixou Agora] G2 - EXT: C:\Users\Kauan\AppData\Local\Google\Chrome\User Data\Default\Extensions\niloccemoadcdkdjlinkgdfekeahmflj [Save to Pocket] G2 - EXT: C:\Users\Kauan\AppData\Local\Google\Chrome\User Data\Default\Extensions\nlbjncdgjeocebhnmkbbbdekmmmcbfjd [__MSG_rss_subscription_name__] G2 - EXT: C:\Users\Kauan\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [__MSG_APP_NAME__] G2 - EXT: C:\Users\Kauan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pioclpoplcdbaefihamjohnefbikjilc [__MSG_ExtensionName__] G2 - EXT: C:\Users\Kauan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [__MSG_appName__] G2 - EXT: C:\Users\Kauan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pnlccmojcmeohlpggmfnbbiapkmbliob [RoboForm] ~ Google Lines Browser: 50 Scanned in 00mn 03s ---\\ Mozilla Firefox, Plugins,Arranque,Pesquisa,Extensões (P2,M0,M1,M2,M3) C:\Users\Kauan\AppData\Roaming\Mozilla\Firefox\Profiles\3kHJ9NFI.default\prefs.js M2 - MFEP: RegExtension {b9aa91db-385d-4c69-8a2f-96790aa9405b} . (...) -- M0 - MFSP: prefs.js [Kauan - 3kHJ9NFI.default] about:home P2 - FPN: [HKLM] [@java.com/DTPlugin,version=11.40.2] - (.Oracle Corporation - NPRuntime Script Plug-in Library for Java(TM) Deploy.) -- C:\Program Files\Java\jre1.8.0_40\bin\dtplugin\npDeployJava1.dll P2 - FPN: [HKLM] [@java.com/JavaPlugin,version=11.40.2] - (.Oracle Corporation - Next Generation Java Plug-in 11.40.2 for Mozilla browsers.) -- C:\Program Files\Java\jre1.8.0_40\bin\plugin2\npjp2.dll P2 - FPN: [HKLM] [@Microsoft.com/NpCtrl,version=1.0] - (. Microsoft Corporation - 5.1.30514.0.) -- C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll P2 - FPN: [HKLM] [@videolan.org/vlc,version=2.2.0] - (.VideoLAN - VLC media player Web Plugin.) -- C:\Program Files\VideoLAN\VLC\npvlc.dll =>.VideoLAN ~ Firefox Browser: 6 Scanned in 00mn 00s ---\\ Internet Explorer, Arranque, Pesquisa, URLSearchHook( gancho de URL), Phishing (R0,R1,R3,R4) R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com R0 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs = res://ieframe.dll/tabswelcome.htm R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com R3 - URLSearchHook: Microsoft Url Search Hook [64Bits] - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Navegador da Internet.) (8.00.7600.16385 (win7_rtm.090713-1255)) -- C:\Windows\SysWOW64\ieframe.dll R4 - HKLM\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,EnabledV8 = 1 R4 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\PhishingFilter,EnabledV8 = 1 ~ IE Browser: 14 Scanned in 00mn 00s ---\\ Internet Explorer, Gestão do Proxy (R5) R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = localhost:8080 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll ~ Proxy management: Scanned in 00mn 00s ---\\ Análise das linhas F0, F1, F2, F3 - Ficheiros ini, Carregamento Automático de programas F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,C:\Program Files (x86)\DigitalPersona\Bin\DPAgent.exe, F2 - REG:system.ini: Shell=C:\Windows\explorer.exe F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe ~ Keys: Scanned in 00mn 00s ---\\ Redireção do ficheiro Hosts (01) ~ Le fichier hôte est sain (The hosts file is clean) (21) ~ Hosts File: Scanned in 00mn 00s ---\\ Browser Helper Objects do navegador (02) O2 - BHO: RoboForm BHO [64Bits] - {724d43a9-0d85-11d4-9908-00400523e39a} . (.Siber Systems Inc. - RoboForm Main Module.) -- C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll O2 - BHO: IESpeakDoc [64Bits] - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} . (.Atheros Commnucations - Bluetooth IE PlugIn.) -- C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\IEPlugIn.dll O2 - BHO: Java(tm) Plug-In SSV Helper [64Bits] - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} Chave orfã O2 - BHO: Java(tm) Plug-In 2 SSV Helper [64Bits] - {DBC80044-A445-435b-BC74-9C25C1C588A9} Chave orfã ~ BHO: 4 Scanned in 00mn 00s ---\\ Barras do Internet Explorer (03)) O3 - Toolbar: &RoboForm Toolbar - [HKLM]{724d43a0-0d85-11d4-9908-00400523e39a} . (.Siber Systems Inc. - RoboForm Main Module.) -- C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll ~ Toolbar: Scanned in 00mn 00s ---\\ Outras conexões do utilizador (04) O4 - GS\QuickLaunch [Kauan]: µTorrent.lnk . (.BitTorrent Inc. - µTorrent.) -- C:\Users\Kauan\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.BitTorrent O4 - GS\TaskBar [Kauan]: µTorrent.lnk . (.BitTorrent Inc. - µTorrent.) -- C:\Users\Kauan\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.BitTorrent ~ Global Startup: 2 Scanned in 00mn 00s ---\\ Aplicações iniciadas por registo & pastas (04) O4 - HKLM\..\Run: [SysTrayApp] . (.IDT, Inc. - IDT PC Audio.) -- C:\Program Files\IDT\WDM\sttray64.exe O4 - HKLM\..\Run: [IgfxTray] . (.Intel Corporation - igfxTray Module.) -- C:\Windows\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] . (.Intel Corporation - hkcmd Module.) -- C:\Windows\system32\hkcmd.exe O4 - HKLM\..\Run: [Persistence] . (.Intel Corporation - persistence Module.) -- C:\Windows\system32\igfxpers.exe O4 - HKCU\..\Run: [Spotify Web Helper] . (.Spotify Ltd - SpotifyWebHelper.) -- C:\Users\Kauan\AppData\Roaming\Spotify\SpotifyWebHelper.exe O4 - HKLM\..\Wow6432Node\Run: [StartCCC] . (.Advanced Micro Devices, Inc. - Catalyst® Control Center Launcher.) -- C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe =>.Advanced Micro Devices, Inc O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets da Área de Trabalho do Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets da Área de Trabalho do Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe O4 - HKUS\.DEFAULT\..\RunOnce: [SPReview] . (.Microsoft Corporation - SP Reviewer.) -- C:\Windows\System32\SPReview\SPReview.exe =>.Microsoft Corporation O4 - HKUS\S-1-5-18\..\RunOnce: [SPReview] . (.Microsoft Corporation - SP Reviewer.) -- C:\Windows\System32\SPReview\SPReview.exe =>.Microsoft Corporation O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation O4 - HKUS\S-1-5-21-882373530-2353245900-2290519903-1000\..\Run: [Spotify Web Helper] . (.Spotify Ltd - SpotifyWebHelper.) -- C:\Users\Kauan\AppData\Roaming\Spotify\SpotifyWebHelper.exe ~ Application: Scanned in 00mn 00s ---\\ Icones das opções IE invisiveis no painel das configurações (05) O5 - control.ini: [HKLM\..\Control Panel] inetcpl.cpl=no ~ IE Control Panel: 1 Scanned in 00mn 00s ---\\ Boutões da barra de ferramentas principal do Internet Explorer (09) O9 - Extra button: Preencher [64Bits] - {320AF880-6646-11D3-ABEE-C5DBF3571F46} . (.Siber Systems Inc. - RoboForm Main Module.) -- C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll O9 - Extra button: Salvar Formulários [64Bits] - {320AF880-6646-11D3-ABEE-C5DBF3571F49} . (.Siber Systems Inc. - RoboForm Main Module.) -- C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll O9 - Extra button: Barra de Ferramentas do RF [64Bits] - {724d43aa-0d85-11d4-9908-00400523e39a} . (.Siber Systems Inc. - RoboForm Main Module.) -- C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll O9 - Extra button: Send by Bluetooth to [64Bits] - {7815BE26-237D-41A8-A98F-F7BD75F71086} -- Chave orfã ~ IE Extra Buttons: Scanned in 00mn 00s ---\\ Winsock hijacker (Layered Service Provider) (O10) O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Network Location Awareness 2.) -- C:\Windows\system32\NLAapi.dll O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - Provedor de Correção de Nomeação de Emails.) -- C:\Windows\system32\napinsp.dll O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - PNRP Name Space Provider.) -- C:\Windows\system32\pnrpnsp.dll O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - PNRP Name Space Provider.) -- C:\Windows\system32\pnrpnsp.dll O10 - WLSP:\000000000005\Winsock LSP File . (.Microsoft Corporation - Provedor de serviços do Microsoft Windows Sockets 2.0.) -- C:\Windows\system32\mswsock.dll O10 - WLSP:\000000000006\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\Windows\system32\winrnr.dll O10 - WLSP:\000000000007\Winsock LSP File . (.Microsoft Corporation - Windows Sockets Helper DLL.) -- C:\Windows\system32\wshbth.dll ~ Winsock: 7 Scanned in 00mn 00s ---\\ Site na zona confiavél do Internet Explorer (05) O15 - Trusted Zone: [HKCU\...\Domains] *.dell.com ~ IE Zone Confiance: Scanned in 00mn 00s ---\\ Alteração Dominio/Clientes DNS (017) O17 - HKLM\System\CCS\Services\Tcpip\..\{3BAA7522-C138-44CE-A889-85CE52C8DB5C}: DhcpNameServer = 8.8.8.8 8.8.4.4 O17 - HKLM\System\CCS\Services\Tcpip\..\{F776A023-63FD-4588-BF2B-65095BBC2B59}: DhcpNameServer = 8.8.8.8 8.8.4.4 O17 - HKLM\System\CS1\Services\Tcpip\..\{3BAA7522-C138-44CE-A889-85CE52C8DB5C}: DhcpNameServer = 8.8.8.8 8.8.4.4 O17 - HKLM\System\CS1\Services\Tcpip\..\{F776A023-63FD-4588-BF2B-65095BBC2B59}: DhcpNameServer = 8.8.8.8 8.8.4.4 O17 - HKLM\System\CS2\Services\Tcpip\..\{3BAA7522-C138-44CE-A889-85CE52C8DB5C}: DhcpNameServer = 8.8.8.8 8.8.4.4 O17 - HKLM\System\CS2\Services\Tcpip\..\{F776A023-63FD-4588-BF2B-65095BBC2B59}: DhcpNameServer = 8.8.8.8 8.8.4.4 O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 8.8.8.8 8.8.4.4 ~ Domain: Scanned in 00mn 00s ---\\ Protocolo adicional (018) O18 - Handler: vbscript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visualizador de HTML da Microsoft (R).) -- C:\Windows\System32\mshtml.dll O18 - Filter: gzip [64Bits] - {8f6b0360-b80d-11d0-a9b3-006097942311} . (.Microsoft Corporation - Extensões OLE32 para Win32.) -- C:\Windows\system32\urlmon.dll ~ Protocole Additionnel: Scanned in 00mn 00s ---\\ Valor do Registo AppInit_DLLs e sub-chaves Winlogon Notify (autorun) (O20) O20 - Winlogon Notify: igfxcui . (.Intel Corporation - igfxdev Module.) -- C:\Windows\System32\igfxdev.dll ~ Winlogon: Scanned in 00mn 00s ---\\ Chave do Registo autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21) O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found. ~ SSODL: 1 Scanned in 00mn 00s ---\\ Lista dos serviços NT não Microsoft e não desativados (023) O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) . (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Andrea ST Filters Service (AESTFilters) . (.Andrea Electronics Corporation - Andrea filters APO access service (64-bit).) - C:\Program Files\IDT\WDM\AESTSr64.exe O23 - Service: (AMD External Events Utility) . (.AMD - AMD External Events Service Module.) - C:\Windows\System32\atiesrxx.exe O23 - Service: Atheros Bt&Wlan Coex Agent (Atheros Bt&Wlan Coex Agent) . (.Atheros - Atheros Coex Service Application.) - C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\Ath_CoexAgent.exe O23 - Service: AtherosSvc (AtherosSvc) . (.Atheros Commnucations - AdminService Application.) - C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\adminservice.exe O23 - Service: C:\Program Files\DigitalPersona\Bin\DpHostW.exe (DpHost) . (.DigitalPersona, Inc. - DigitalPersona Local Host.) - C:\Program Files\DigitalPersona\Bin\DpHostW.exe O23 - Service: Freemake Improver (Freemake Improver) . (.Freemake - FreemakeUtilsService.) - C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe O23 - Service: Serviço do Google Update (gupdate) (gupdate) . (.Google Inc. - Google Installer.) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: (MBAMService) . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe O23 - Service: Qualcomm Gobi 2000 Download Service (Dell) (QDLService2kDell) . (.QUALCOMM, Inc. - QDLService2k.) - C:\Program Files (x86)\QUALCOMM\QDLService2k\QDLService2kDell.exe O23 - Service: Roxio Hard Drive Watcher 12 (RoxWatch12) . (.Sonic Solutions - RoxWatch12 Module.) - C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe O23 - Service: C:\Windows\System32\stlang64.dll (STacSV) . (.IDT, Inc. - IDT PC Audio.) - C:\Program Files\IDT\WDM\STacSV64.exe O23 - Service: Synaptics FP WBF Policy Service (valWBFPolicyService) . (.Synaptics Incorporated - Synaptics WBF Policy Service (CMN).) - C:\Windows\System32\valWBFPolicyService.exe ~ Services: 13 Scanned in 00mn 04s ---\\ Enumeração Ativa do Ambiente de trabalho & Editor MHTML (024) O24 - Default MHTML Editor: Last - .(...) - (.not file.) ~ Desktop Component: 4 Scanned in 00mn 00s ---\\ Listagem dos dados do BootExecute (Bex) (034) O34 - HKLM BootExecute: (autocheck autochk *) - File not found O34 - HKLM BootExecute: (sdnclean64.exe) - File not found ~ BEX: 2 Scanned in 00mn 00s ---\\ Tarefas planificadas automaticamente (039) [MD5.3E04F1E482357B1FC8B088197C3D9FF8] [APT] [Adobe Acrobat Update Task] (.Adobe Systems Incorporated.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152] [MD5.2B24F194FC5B657397ECB2923A68350E] [APT] [CCleanerSkipUAC] (.Piriform Ltd.) -- C:\Program Files\CCleaner\CCleaner.exe [5503768] [MD5.51508F0C2476177E50C31B0BBFBF1BDB] [APT] [GoogleUpdateTaskMachineCore] (.Google Inc..) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [107912] [MD5.51508F0C2476177E50C31B0BBFBF1BDB] [APT] [GoogleUpdateTaskMachineUA] (.Google Inc..) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [107912] O39 - APT: GoogleUpdateTaskMachineCore - (.Google Inc..) -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job [1066] O39 - APT: GoogleUpdateTaskMachineCore - (.Google Inc..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore [1066] O39 - APT: GoogleUpdateTaskMachineUA - (.Google Inc..) -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job [1070] O39 - APT: GoogleUpdateTaskMachineUA - (.Google Inc..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA [1070] ~ Scheduled Task: 7 Scanned in 00mn 01s ---\\ Componentes instalados (ActiveSetup Installed Components) (040) O40 - ASIC: Microsoft Windows Media Player [64Bits] - >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Recursos do Windows Media Player.) -- C:\Windows\System32\wmploc.dll =>.Microsoft Corporation O40 - ASIC: Internet Explorer [64Bits] - >{26923b43-4d38-484f-9b9e-de460746276c} . (.Microsoft Corporation - Utilitário de Inicialização por Usuário do Internet Explorer.) -- C:\Windows\System32\ie4uinit.exe O40 - ASIC: Browser Customizations [64Bits] - >{60B49E34-C7CC-11D0-8953-00A0C90347FF} . (.Microsoft Corporation - Identidade visual IEAK.) -- C:\Windows\System32\iedkcs32.dll O40 - ASIC: Microsoft Windows Media Player 12.0 [64Bits] - {22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Windows Media Player Extension.) -- C:\Windows\SysWOW64\wmpdxm.dll =>.Microsoft Corporation O40 - ASIC: Themes Setup [64Bits] - {2C7339CF-2B09-4501-B3F3-F3508C9228ED} . (.Microsoft Corporation - API de tema do Windows.) -- C:\Windows\System32\themeui.dll O40 - ASIC: Microsoft Windows [64Bits] - {44BBA840-CC51-11CF-AAFA-00AA00B6015C} . (.Microsoft Corporation - Windows Mail.) -- C:\Program Files (x86)\Windows Mail\WinMail.exe =>.Microsoft Corporation O40 - ASIC: Browsing Enhancements [64Bits] - {630b1da0-b465-11d1-9948-00c04f98bbc9} . (.Microsoft Corporation - Extensão shell da pasta FTP do Microsoft Internet Explorer.) -- C:\Windows\System32\msieftp.dll O40 - ASIC: Microsoft Windows Media Player [64Bits] - {6BF52A52-394A-11d3-B153-00C04F79FAA6} . (.Microsoft Corporation - Recursos do Windows Media Player.) -- C:\Windows\System32\wmploc.dll =>.Microsoft Corporation O40 - ASIC: Windows Desktop Update [64Bits] - {89820200-ECBD-11cf-8B85-00AA005B4340} . (.Microsoft Corporation - DLL comum do Shell do Windows.) -- C:\Windows\System32\shell32.dll O40 - ASIC: Web Platform Customizations [64Bits] - {89820200-ECBD-11cf-8B85-00AA005B4383} . (.Microsoft Corporation - Utilitário de Inicialização por Usuário do Internet Explorer.) -- C:\Windows\System32\ie4uinit.exe O40 - ASIC: (no name) [64Bits] - {89B4C1CD-B018-4511-B0A1-5476DBF70820} . (.Microsoft Corporation - Microsoft .NET IE SECURITY REGISTRATION.) -- C:\Windows\system32\mscories.dll O40 - ASIC: Google Chrome [64Bits] - {8A69D345-D564-463c-AFF1-A69D9E530F96} . (.Google Inc. - Google Chrome Installer.) -- C:\Program Files (x86)\Google\Chrome\Application\41.0.2272.118\Installer\chrmstp.exe ~ Active Setup: 12 Scanned in 00mn 00s ---\\ Drivers lançados ao arranque do sistema (041) O41 - Driver: C:\Windows\System32\drivers\afd.sys (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\Windows\system32\drivers\afd.sys O41 - Driver: (blbdrive) . (.Microsoft Corporation - BLB Drive Driver.) - C:\Windows\System32\DRIVERS\blbdrive.sys O41 - Driver: (cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\Windows\system32\drivers\cdrom.sys O41 - Driver: C:\Windows\System32\cscsvc.dll (CSC) . (.Microsoft Corporation - Windows Client Side Caching Driver.) - C:\Windows\System32\drivers\csc.sys O41 - Driver: C:\Windows\System32\drivers\dfsc.sys (DfsC) . (.Microsoft Corporation - DFS Namespace Client Driver.) - C:\Windows\System32\Drivers\dfsc.sys O41 - Driver: C:\Windows\System32\drivers\discache.sys (discache) . (.Microsoft Corporation - System Indexer/Cache Driver.) - C:\Windows\System32\drivers\discache.sys O41 - Driver: (dtsoftbus01) . (.Disc Soft Ltd - DAEMON Tools Virtual Bus Driver.) - C:\Windows\System32\DRIVERS\dtsoftbus01.sys O41 - Driver: (mssmbios) . (.Microsoft Corporation - System Management BIOS Driver.) - C:\Windows\system32\drivers\mssmbios.sys O41 - Driver: (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\Windows\System32\DRIVERS\netbios.sys O41 - Driver: C:\Windows\System32\drivers\netbt.sys (NetBT) . (.Microsoft Corporation - MBT Transport driver.) - C:\Windows\System32\DRIVERS\netbt.sys O41 - Driver: C:\Windows\System32\drivers\nsiproxy.sys (nsiproxy) . (.Microsoft Corporation - NSI Proxy.) - C:\Windows\System32\drivers\nsiproxy.sys O41 - Driver: C:\Windows\System32\drivers\pacer.sys (Psched) . (.Microsoft Corporation - Agendador de pacotes de serviço.) - C:\Windows\System32\DRIVERS\pacer.sys O41 - Driver: C:\Windows\System32\wkssvc.dll (rdbss) . (.Microsoft Corporation - Driver do Subsistema de Buffer da Unidade R.) - C:\Windows\System32\DRIVERS\rdbss.sys O41 - Driver: C:\Windows\System32\DRIVERS\RDPCDD.sys (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\System32\DRIVERS\RDPCDD.sys O41 - Driver: C:\Windows\System32\drivers\RDPENCDD.sys (RDPENCDD) . (.Microsoft Corporation - RDP Encoder Miniport.) - C:\Windows\System32\drivers\rdpencdd.sys O41 - Driver: C:\Windows\System32\drivers\RdpRefMp.sys (RDPREFMP) . (.Microsoft Corporation - RDP Reflector Driver Miniport.) - C:\Windows\System32\drivers\rdprefmp.sys O41 - Driver: C:\Windows\System32\tcpipcfg.dll (tdx) . (.Microsoft Corporation - TDI Translation Driver.) - C:\Windows\System32\DRIVERS\tdx.sys O41 - Driver: (TermDD) . (.Microsoft Corporation - Remote Desktop Server Driver.) - C:\Windows\system32\drivers\termdd.sys O41 - Driver: (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\Windows\system32\drivers\vga.sys O41 - Driver: (vwififlt) . (.Microsoft Corporation - Virtual WiFi Filter Driver.) - C:\Windows\System32\DRIVERS\vwififlt.sys O41 - Driver: C:\Windows\System32\rascfg.dll (Wanarpv6) . (.Microsoft Corporation - MS Remote Access and Routing ARP Driver.) - C:\Windows\System32\DRIVERS\wanarp.sys O41 - Driver: (WfpLwf) . (.Microsoft Corporation - WFP NDIS 6.20 Lightweight Filter Driver.) - C:\Windows\System32\DRIVERS\wfplwf.sys O41 - Driver: Ambiente de suporte a provedores de serviços não-IFS do Windows Socket 2.0 (ws2ifsl) . (.Microsoft Corporation - Winsock2 IFS Layer.) - C:\Windows\system32\drivers\ws2ifsl.sys ~ Drivers: 69 Scanned in 00mn 00s ---\\ Software instalados (042) O42 - Logiciel: 7-Zip 9.20 (x64 edition) - (.Igor Pavlov.) [HKLM][64Bits] -- {23170F69-40C1-2702-0920-000001000000} O42 - Logiciel: AIDA64 Extreme Edition v2.50 - (.FinalWire Ltd..) [HKLM][64Bits] -- AIDA64 Extreme Edition_is1 O42 - Logiciel: AMD Accelerated Video Transcoding - (.Advanced Micro Devices, Inc..) [HKLM][64Bits] -- {8F2415FA-72F2-F029-0450-4EB2FAE484C5} O42 - Logiciel: AMD Catalyst Install Manager - (.Advanced Micro Devices, Inc..) [HKLM][64Bits] -- {F2A7CE36-57BF-5C86-952D-90DBF3746D82} O42 - Logiciel: AMD Drag and Drop Transcoding - (.Advanced Micro Devices, Inc..) [HKLM][64Bits] -- {F6BF49D7-479E-23FE-A8A9-63D193D05697} O42 - Logiciel: AMD Wireless Display v3.0 - (.Advanced Micro Devices, Inc..) [HKLM][64Bits] -- {426582A8-202F-D13C-8BD5-F00551BAFC93} O42 - Logiciel: AMX Mod X Installer 1.8.1 - (.AMX Mod X Dev Team.) [HKLM][64Bits] -- AMX Mod X Installer O42 - Logiciel: Adobe Reader XI (11.0.10) - Português - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {AC76BA86-7AD7-1046-7B44-AB0000000001} O42 - Logiciel: Adobe Refresh Manager - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {AC76BA86-0804-1033-1959-001802114130} O42 - Logiciel: Adobe Shockwave Player 12.1 - (.Adobe Systems, Inc..) [HKLM][64Bits] -- Adobe Shockwave Player O42 - Logiciel: Anki - (...) [HKLM][64Bits] -- Anki O42 - Logiciel: Apache Tomcat 8.0.9 - (...) [HKLM][64Bits] -- nbi-tomcat-8.0.9.0.0 O42 - Logiciel: Ares 2.2.8 - (.Seekar Ltd.) [HKLM][64Bits] -- Ares O42 - Logiciel: Battle.net - (.Blizzard Entertainment.) [HKLM][64Bits] -- Battle.net O42 - Logiciel: CCleaner - (.Piriform.) [HKLM][64Bits] -- CCleaner O42 - Logiciel: Catalyst Control Center - Branding - (.Advanced Micro Devices, Inc..) [HKLM][64Bits] -- {11087D24-567D-7D88-69C6-D7A08B5F4C47} O42 - Logiciel: Central de Mouse e Teclado da Microsoft - (.Microsoft Corporation.) [HKLM][64Bits] -- Microsoft Mouse and Keyboard Center O42 - Logiciel: Copernic Desktop Search 4 - (.Copernic.) [HKLM][64Bits] -- CopernicDesktopSearch4 O42 - Logiciel: Counter-Strike 1.6 - (...) [HKLM][64Bits] -- Counter-Strike 1.6 O42 - Logiciel: DAEMON Tools Lite - (.Disc Soft Ltd.) [HKLM][64Bits] -- DAEMON Tools Lite =>.DT Soft Ltd O42 - Logiciel: Dell Touchpad - (.ALPS ELECTRIC CO., LTD..) [HKLM][64Bits] -- {9F72EF8B-AEC9-4CA5-B483-143980AFD6FD} O42 - Logiciel: Dell WLAN and Bluetooth Client Installation - (.Dell Inc..) [HKLM][64Bits] -- {28006915-2739-4EBE-B5E8-49B25D32EB33} O42 - Logiciel: DigitalPersona Fingerprint Software 5.20 - (.DigitalPersona, Inc..) [HKLM][64Bits] -- {C0C2D40A-1231-46FA-8F02-B45E6BF2036A} O42 - Logiciel: DirectX 9 Runtime - (.Sonic Solutions.) [HKLM][64Bits] -- {AF9E97C1-7431-426D-A8D5-ABE40995C0B1} O42 - Logiciel: Dolby Axon - 1.5.1.1 - (.Dolby Laboratories.) [HKLM][64Bits] -- {17936630-5344-4F18-9970-616129E2A114}_is1 O42 - Logiciel: Dota 2 - (.Valve.) [HKLM][64Bits] -- Steam App 570 O42 - Logiciel: Dropbox - (.Dropbox, Inc..) [HKCU][64Bits] -- Dropbox O42 - Logiciel: Dropbox Folder Sync addon - (.Sowrabh & Satyadeep.) [HKLM][64Bits] -- {E0B7CA7A-98B0-4EF1-87F5-FF6B02DC06A9}_is1 O42 - Logiciel: Evernote v. 5.8.4 - (.Evernote Corp..) [HKLM][64Bits] -- {C15841A6-C20A-11E4-977D-00163E98E7D6} O42 - Logiciel: Fraps - (...) [HKLM][64Bits] -- Fraps O42 - Logiciel: Freemake Video Converter versão 4.1.5 - (.Ellora Assets Corporation.) [HKLM][64Bits] -- Freemake Video Converter_is1 O42 - Logiciel: Google Chrome - (.Google Inc..) [HKLM][64Bits] -- Google Chrome O42 - Logiciel: Google Drive - (.Google, Inc..) [HKLM][64Bits] -- {6C36881B-0E51-4231-9D02-BF2149664D34} O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM][64Bits] -- {60EC980A-BDA2-4CB6-A427-B07A5498B4CA} O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM][64Bits] -- {A92DAB39-4E2C-4304-9AB6-BC44E68B55E2} O42 - Logiciel: IDT Audio - (.IDT.) [HKLM][64Bits] -- {E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001} O42 - Logiciel: IRPF2015 - Declaração de Ajuste Anual, Final de Espólio e Saída Definitiva - (.Receita Federal do Brasil.) [HKLM][64Bits] -- IRPF2015 O42 - Logiciel: Intel(R) Chipset Device Software - (.Intel Corporation.) [HKLM][64Bits] -- {B7CC660E-F31D-490C-BD2A-2CB2EC5A5E3A} O42 - Logiciel: Intel(R) Processor Graphics - (.Intel Corporation.) [HKLM][64Bits] -- {F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA} O42 - Logiciel: Intel(R) SDK for OpenCL - CPU Only Runtime Package - (.Intel Corporation.) [HKLM][64Bits] -- {FCB3772C-B7D0-4933-B1A9-3707EBACC573} O42 - Logiciel: Java 8 Update 40 (64-bit) - (.Oracle Corporation.) [HKLM][64Bits] -- {26A24AE4-039D-4CA4-87B4-2F86418040F0} O42 - Logiciel: Java SE Development Kit 8 Update 40 (64-bit) - (.Oracle Corporation.) [HKLM][64Bits] -- {64A3A4F4-B792-11D6-A78A-00B0D0180400} O42 - Logiciel: K-Lite Mega Codec Pack 8.9.2 - (...) [HKLM][64Bits] -- KLiteCodecPack_is1 O42 - Logiciel: Kobo - (.Rakuten Kobo Inc..) [HKLM][64Bits] -- Kobo O42 - Logiciel: LibreOffice 4.3.5.2 - (.The Document Foundation.) [HKLM][64Bits] -- {1D4E90DA-C33C-40ED-BA00-75F6E6DF9CB0} O42 - Logiciel: MSXML 4.0 SP2 (KB954430) - (.Microsoft Corporation.) [HKLM][64Bits] -- {86493ADD-824D-4B8E-BD72-8C5DCDC52A71} O42 - Logiciel: MSXML 4.0 SP2 (KB973688) - (.Microsoft Corporation.) [HKLM][64Bits] -- {F662A8E6-F4DC-41A2-901E-8C11F044BDEC} O42 - Logiciel: Malwarebytes Anti-Malware versão 2.1.4.1018 - (.Malwarebytes Corporation.) [HKLM][64Bits] -- Malwarebytes Anti-Malware_is1 O42 - Logiciel: Microsoft Silverlight - (.Microsoft Corporation.) [HKLM][64Bits] -- {89F4137D-6C26-4A84-BDB8-2E5A4BB71E00} O42 - Logiciel: Minhateca.com.br Box - (.Minhateca.com.br.) [HKLM][64Bits] -- {6A22B145-83AD-4320-946C-73E04E4D3E90} O42 - Logiciel: Mozilla Firefox 36.0.1 (x86 pt-BR) - (.Mozilla.) [HKLM][64Bits] -- Mozilla Firefox 36.0.1 (x86 pt-BR) O42 - Logiciel: Mozilla Maintenance Service - (.Mozilla.) [HKLM][64Bits] -- MozillaMaintenanceService O42 - Logiciel: NetBeans IDE 8.0.1 - (.NetBeans.org.) [HKLM][64Bits] -- nbi-nb-base-8.0.1.0.201408251540 O42 - Logiciel: Oracle Database 11g Express Edition - (.Oracle Corporation.) [HKLM][64Bits] -- InstallShield_{05A7B662-80A3-4EB9-AE1D-89A62449431C} O42 - Logiciel: Oracle Database 11g Express Edition - (.Oracle Corporation.) [HKLM][64Bits] -- {05A7B662-80A3-4EB9-AE1D-89A62449431C} O42 - Logiciel: PhotoShowExpress - (.Sonic Solutions.) [HKLM][64Bits] -- {3250260C-7A95-4632-893B-89657EB5545B} O42 - Logiciel: Plex Media Server - (.Plex, Inc..) [HKLM][64Bits] -- {5ea93dc7-0906-47a6-8033-d26ed443f0a8} O42 - Logiciel: Plex Media Server - (.Plex, Inc..) [HKLM][64Bits] -- {ACC30F1F-7964-4B30-891A-BAF642A0D1E1} O42 - Logiciel: Pro Evolution Soccer 2013 - (.KONAMI.) [HKLM][64Bits] -- {C2523AE6-F335-4D0B-BC15-1C07E4ACE629} O42 - Logiciel: Pro Evolution Soccer 2015 - (...) [HKLM][64Bits] -- UHJvRXZvbHV0aW9uU29jY2VyMjAxNQ==_is1 O42 - Logiciel: Process Hacker 2.33 (r5590) - (.wj32.) [HKLM][64Bits] -- Process_Hacker2_is1 O42 - Logiciel: Qualcomm Gobi 2000 Package for Dell - (.QUALCOMM.) [HKLM][64Bits] -- {55958FAE-1862-4EE5-96BB-B9309CACE1C0} O42 - Logiciel: RBVirtualFolder64Inst - (.Roxio, Inc..) [HKLM][64Bits] -- {9D6DFAD6-09E5-445E-A4B5-A388FEEBD90D} O42 - Logiciel: Realtek Ethernet Controller Driver - (.Realtek.) [HKLM][64Bits] -- {8833FFB6-5B0C-4764-81AA-06DFEED9A476} O42 - Logiciel: Receitanet - (.Serpro - Serviço Federal de Processamento de Dados.) [HKLM][64Bits] -- ECC16E3C-16D1-4DC2-9D8A-6AC06B3005A5 O42 - Logiciel: RoboForm 7-9-12-2 (All Users) - (.Siber Systems.) [HKLM][64Bits] -- AI RoboForm O42 - Logiciel: Roxio Activation Module - (.Roxio.) [HKLM][64Bits] -- {A121EEDE-C68F-461D-91AA-D48BA226AF1C} O42 - Logiciel: Roxio BackOnTrack - (.Roxio.) [HKLM][64Bits] -- {5A06423A-210C-49FB-950E-CB0EB8C5CEC7} O42 - Logiciel: Roxio Burn - (.Roxio.) [HKLM][64Bits] -- {7746BFAA-2B5D-4FFD-A0E8-4558F4668105} O42 - Logiciel: Roxio Creator Starter - (.Roxio.) [HKLM][64Bits] -- {6F0BBEFE-BE1C-419B-BA1F-D36C9E7915BC} O42 - Logiciel: Roxio Creator Starter - (.Roxio.) [HKLM][64Bits] -- {EF56258E-0326-48C5-A86C-3BAC26FC15DF} O42 - Logiciel: Roxio Creator Starter - (.Roxio.) [HKLM][64Bits] -- {F06B5C4C-8D2E-4B24-9D43-7A45EEC6C878} O42 - Logiciel: Roxio Express Labeler 3 - (.Roxio.) [HKLM][64Bits] -- {6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA} O42 - Logiciel: Roxio File Backup - (.Roxio.) [HKLM][64Bits] -- {60B2315F-680F-4EB3-B8DD-CCDC86A7CCAB} O42 - Logiciel: Skitch - (.Evernote Corp..) [HKLM][64Bits] -- Skitch 2.3.2.173 O42 - Logiciel: Software de dispositivo do Chipset Intel® - (.Intel(R) Corporation.) [HKLM][64Bits] -- {e48a2f61-851a-4155-82f9-af1b04db8c3b} O42 - Logiciel: Sonic CinePlayer Decoder Pack - (.Sonic Solutions.) [HKLM][64Bits] -- {9A00EC4E-27E1-42C4-98DD-662F32AC8870} O42 - Logiciel: Spotify - (.Spotify AB.) [HKCU][64Bits] -- Spotify O42 - Logiciel: StarCraft II - (.Blizzard Entertainment.) [HKLM][64Bits] -- StarCraft II O42 - Logiciel: Steam - (.Valve Corporation.) [HKLM][64Bits] -- Steam O42 - Logiciel: Sublime Text 2.0.2 - (...) [HKLM][64Bits] -- Sublime Text 2_is1 O42 - Logiciel: TI USB 3.0 Host Controller Driver - (.Texas Instruments Inc..) [HKLM][64Bits] -- InstallShield_{B1EB7FFF-6E44-43D8-869D-B78E44CD3E0F} O42 - Logiciel: TI USB3 Host Driver - (.Texas Instruments Inc..) [HKLM][64Bits] -- {B1EB7FFF-6E44-43D8-869D-B78E44CD3E0F} O42 - Logiciel: TeamSpeak 3 Client - (.TeamSpeak Systems GmbH.) [HKLM][64Bits] -- TeamSpeak 3 Client O42 - Logiciel: VLC media player - (.VideoLAN.) [HKLM][64Bits] -- VLC media player =>.VideoLAN O42 - Logiciel: Windows 7 USB/DVD Download Tool - (.Microsoft Corporation.) [HKLM][64Bits] -- {CCF298AF-9CE1-4B26-B251-486E98A34789} O42 - Logiciel: aTube Catcher versão 3.8 - (.DsNET Corp.) [HKLM][64Bits] -- {D43B360E-722D-421B-BC77-20B9E0F8B6CD}_is1 O42 - Logiciel: swMSM - (.Adobe Systems, Inc.) [HKLM][64Bits] -- {612C34C7-5E90-47D8-9B5C-0F717DD82726} O42 - Logiciel: µTorrent - (.BitTorrent Inc..) [HKCU][64Bits] -- uTorrent =>P2P.BitTorrent ~ Logic: 65 Scanned in 00mn 00s ---\\ HKCU & HKLM Software Keys [HKCU\Software\7-Zip] [HKCU\Software\AKSM] [HKCU\Software\AMD] [HKCU\Software\AOL] [HKCU\Software\ATI] [HKCU\Software\Adobe] [HKCU\Software\Alps] [HKCU\Software\AppDataLow\Software\DigitalPersona] [HKCU\Software\AppDataLow\Software\JavaSoft] [HKCU\Software\AppDataLow] [HKCU\Software\Ares] [HKCU\Software\Atheros] [HKCU\Software\BitTorrent] =>P2P.BitTorrent [HKCU\Software\Blizzard Entertainment] [HKCU\Software\Browser] [HKCU\Software\CarbonGames] [HKCU\Software\Chromium] [HKCU\Software\Classes] [HKCU\Software\Clients] [HKCU\Software\Copernic] [HKCU\Software\DOJJ] [HKCU\Software\DSS] [HKCU\Software\DigitalPersona] [HKCU\Software\Disc Soft] [HKCU\Software\Dolby] [HKCU\Software\Evernote] [HKCU\Software\FLEXnet] [HKCU\Software\FinalWire] [HKCU\Software\Fraps3] [HKCU\Software\Freemake] [HKCU\Software\GNU] [HKCU\Software\Gabest] [HKCU\Software\GoldenGate] [HKCU\Software\Google] [HKCU\Software\Haali] [HKCU\Software\IM Providers] [HKCU\Software\Icaros] [HKCU\Software\Intel] [HKCU\Software\JavaSoft] [HKCU\Software\Kobo] [HKCU\Software\Kromtech] [HKCU\Software\L2j Community Network] [HKCU\Software\LAV] [HKCU\Software\MAIWVPZ] [HKCU\Software\Macromedia] [HKCU\Software\MakeMSI] [HKCU\Software\MediaInfo] [HKCU\Software\MozillaPlugins] [HKCU\Software\Mozilla] [HKCU\Software\Netscape] [HKCU\Software\Opera Software] [HKCU\Software\PC-Doctor] [HKCU\Software\Piriform] [HKCU\Software\Plex, Inc.] [HKCU\Software\Policies] [HKCU\Software\ProtectedHp] [HKCU\Software\QtProject] [HKCU\Software\Raptr] [HKCU\Software\Razer] [HKCU\Software\Roxio] [HKCU\Software\SXML] [HKCU\Software\Safer Networking Limited] [HKCU\Software\Siber Systems] [HKCU\Software\Skype] [HKCU\Software\Sonic] [HKCU\Software\SubSystems] [HKCU\Software\Sysinternals] [HKCU\Software\The Document Foundation] [HKCU\Software\Trolltech] [HKCU\Software\VB and VBA Program Settings] [HKCU\Software\VIXJ] [HKCU\Software\Valve] [HKCU\Software\WinRAR SFX] [HKCU\Software\Wow6432Node] [HKCU\Software\ZebHelpProcess Helper] [HKCU\Software\madFlac] [HKCU\Software\madshi] [HKLM\Software\7-Zip] [HKLM\Software\AMD] [HKLM\Software\ATHEROS] [HKLM\Software\ATI Technologies] [HKLM\Software\ATI] [HKLM\Software\Alps] [HKLM\Software\Classes] [HKLM\Software\Clients] [HKLM\Software\Dell] [HKLM\Software\DigitalPersona] [HKLM\Software\Google] [HKLM\Software\IDT] [HKLM\Software\InstalledOptions] [HKLM\Software\Intel] [HKLM\Software\JavaSoft] [HKLM\Software\JreMetrics] [HKLM\Software\Khronos] [HKLM\Software\MozillaPlugins] [HKLM\Software\Mozilla] [HKLM\Software\ODBC] [HKLM\Software\ORACLE] [HKLM\Software\PC-Doctor] [HKLM\Software\Piriform] [HKLM\Software\Policies] [HKLM\Software\ProtectedHp] [HKLM\Software\RTLSetup] [HKLM\Software\Realtek] [HKLM\Software\RegisteredApplications] [HKLM\Software\SRS Labs] [HKLM\Software\Safer Networking Limited] [HKLM\Software\Siber Systems] [HKLM\Software\Sonic] [HKLM\Software\Validity] [HKLM\Software\VideoLAN] [HKLM\Software\Waves Audio] [HKLM\Software\Widcomm] [HKLM\Software\Wow6432Node\AMD] [HKLM\Software\Wow6432Node\ATI Technologies] [HKLM\Software\Wow6432Node\ATI] [HKLM\Software\Wow6432Node\Adobe] [HKLM\Software\Wow6432Node\AdwCleaner] [HKLM\Software\Wow6432Node\Apache Software Foundation] [HKLM\Software\Wow6432Node\AppDataLow] [HKLM\Software\Wow6432Node\Atheros] [HKLM\Software\Wow6432Node\Blizzard Entertainment] [HKLM\Software\Wow6432Node\Classes] [HKLM\Software\Wow6432Node\Clients] [HKLM\Software\Wow6432Node\Copernic] [HKLM\Software\Wow6432Node\DT Soft] [HKLM\Software\Wow6432Node\Debug] [HKLM\Software\Wow6432Node\Dell Computer Corporation] [HKLM\Software\Wow6432Node\Dell] [HKLM\Software\Wow6432Node\DesktopSearch2] [HKLM\Software\Wow6432Node\DigitalPersona] [HKLM\Software\Wow6432Node\Disc Soft] [HKLM\Software\Wow6432Node\Evernote Corp.] [HKLM\Software\Wow6432Node\FLEXnet] [HKLM\Software\Wow6432Node\Freemake] [HKLM\Software\Wow6432Node\GNU] [HKLM\Software\Wow6432Node\Google] [HKLM\Software\Wow6432Node\HaaliMkx] [HKLM\Software\Wow6432Node\IDT] [HKLM\Software\Wow6432Node\IObit] [HKLM\Software\Wow6432Node\InstallShield] [HKLM\Software\Wow6432Node\Intel] [HKLM\Software\Wow6432Node\JavaSoft] [HKLM\Software\Wow6432Node\JreMetrics] [HKLM\Software\Wow6432Node\KLCodecPack] [HKLM\Software\Wow6432Node\KONAMI] [HKLM\Software\Wow6432Node\Khronos] [HKLM\Software\Wow6432Node\LAV] [HKLM\Software\Wow6432Node\LibreOffice] [HKLM\Software\Wow6432Node\Macromedia] [HKLM\Software\Wow6432Node\Malwarebytes' Anti-Malware] [HKLM\Software\Wow6432Node\MicroVision] [HKLM\Software\Wow6432Node\Minhateca.com.br Box] [HKLM\Software\Wow6432Node\MozillaPlugins] [HKLM\Software\Wow6432Node\Mozilla] [HKLM\Software\Wow6432Node\NtIObits] [HKLM\Software\Wow6432Node\NtSvcHandler] [HKLM\Software\Wow6432Node\ODBC] [HKLM\Software\Wow6432Node\PocketSoft] [HKLM\Software\Wow6432Node\Policies] [HKLM\Software\Wow6432Node\Realtek] [HKLM\Software\Wow6432Node\RegisteredApplications] [HKLM\Software\Wow6432Node\Roxio] [HKLM\Software\Wow6432Node\Safer Networking Limited] [HKLM\Software\Wow6432Node\Siber Systems] [HKLM\Software\Wow6432Node\Skype] [HKLM\Software\Wow6432Node\Sonic] [HKLM\Software\Wow6432Node\SpeedBit] [HKLM\Software\Wow6432Node\SuppHelpDir] [HKLM\Software\Wow6432Node\Symantec] [HKLM\Software\Wow6432Node\The Document Foundation] [HKLM\Software\Wow6432Node\TrendMicro] [HKLM\Software\Wow6432Node\Valve] [HKLM\Software\Wow6432Node\Volatile] [HKLM\Software\Wow6432Node\illiminable] [HKLM\Software\Wow6432Node\mozilla.org] [HKLM\Software\Wow6432Node] ~ Key Software: 339 Scanned in 00mn 00s ---\\ Conteúdo das pastas Programs/ProgramFiles/ProgramData/AppData (O43) O43 - CFD: 16/11/2014 - 20:49:36 - [] ----D C:\Program Files (x86)\Adobe O43 - CFD: 04/04/2015 - 14:03:51 - [] ----D C:\Program Files (x86)\AMD O43 - CFD: 08/02/2015 - 18:28:04 - [] ----D C:\Program Files (x86)\AMD AVT O43 - CFD: 24/01/2015 - 13:15:50 - [] ----D C:\Program Files (x86)\AMX Mod X O43 - CFD: 11/11/2014 - 21:12:08 - [] ----D C:\Program Files (x86)\Anki O43 - CFD: 31/10/2014 - 17:22:50 - [] ----D C:\Program Files (x86)\Ares O43 - CFD: 14/12/2014 - 16:14:17 - [] ----D C:\Program Files (x86)\Battle.net O43 - CFD: 11/02/2015 - 15:41:20 - [] ----D C:\Program Files (x86)\brModelo O43 - CFD: 04/04/2015 - 17:16:39 - [] ----D C:\Program Files (x86)\Common Files O43 - CFD: 10/03/2015 - 18:08:17 - [] ----D C:\Program Files (x86)\Copernic O43 - CFD: 01/02/2015 - 17:46:13 - [] ----D C:\Program Files (x86)\Counter-Strike 1.6 O43 - CFD: 31/10/2014 - 17:11:26 - [] ----D C:\Program Files (x86)\DAEMON Tools Lite =>.DT Soft Ltd O43 - CFD: 01/11/2014 - 10:15:08 - [] ----D C:\Program Files (x86)\Dell Wireless O43 - CFD: 01/11/2014 - 09:24:20 - [] ----D C:\Program Files (x86)\DigitalPersona O43 - CFD: 17/03/2015 - 23:47:00 - [] ----D C:\Program Files (x86)\DolbyAxon O43 - CFD: 15/01/2015 - 07:45:02 - [] ----D C:\Program Files (x86)\Dropbox Folder Sync O43 - CFD: 26/03/2015 - 12:25:43 - [] ----D C:\Program Files (x86)\DsNET Corp O43 - CFD: 17/11/2014 - 20:26:09 - [] ----D C:\Program Files (x86)\Evernote O43 - CFD: 11/02/2015 - 16:36:22 - [] ----D C:\Program Files (x86)\fabFORCE O43 - CFD: 02/03/2015 - 17:57:01 - [] ----D C:\Program Files (x86)\FinalWire O43 - CFD: 23/11/2014 - 13:22:12 - [] ----D C:\Program Files (x86)\Freemake O43 - CFD: 19/03/2015 - 16:45:03 - [] ----D C:\Program Files (x86)\Google O43 - CFD: 04/03/2015 - 13:03:14 - [] --H-D C:\Program Files (x86)\InstallJammer Registry O43 - CFD: 07/02/2015 - 17:19:19 - [] --H-D C:\Program Files (x86)\InstallShield Installation Information O43 - CFD: 08/02/2015 - 09:15:59 - [] ----D C:\Program Files (x86)\Intel O43 - CFD: 03/11/2014 - 20:14:17 - [] ----D C:\Program Files (x86)\Internet Explorer O43 - CFD: 03/04/2015 - 11:01:42 - [] ----D C:\Program Files (x86)\K-Lite Codec Pack O43 - CFD: 03/03/2015 - 00:38:49 - [] ----D C:\Program Files (x86)\Kobo O43 - CFD: 05/04/2015 - 20:44:07 - [] ----D C:\Program Files (x86)\Legendas-3.1 O43 - CFD: 09/01/2015 - 10:38:09 - [] ----D C:\Program Files (x86)\LibreOffice 4 O43 - CFD: 05/04/2015 - 12:00:49 - [] ----D C:\Program Files (x86)\Malwarebytes Anti-Malware O43 - CFD: 14/01/2015 - 21:31:42 - [] ----D C:\Program Files (x86)\Microsoft Silverlight O43 - CFD: 02/11/2014 - 14:25:27 - [] ----D C:\Program Files (x86)\Microsoft.NET O43 - CFD: 31/01/2015 - 22:10:16 - [] ----D C:\Program Files (x86)\Minhateca.com.br Box O43 - CFD: 16/03/2015 - 14:38:51 - [] ----D C:\Program Files (x86)\Mozilla Firefox O43 - CFD: 16/03/2015 - 14:38:49 - [] ----D C:\Program Files (x86)\Mozilla Maintenance Service O43 - CFD: 14/07/2009 - 02:32:38 - [] ----D C:\Program Files (x86)\MSBuild O43 - CFD: 04/04/2015 - 10:48:32 - [] ----D C:\Program Files (x86)\Opera O43 - CFD: 31/10/2014 - 16:27:40 - [] ----D C:\Program Files (x86)\Plex O43 - CFD: 04/03/2015 - 13:02:38 - [] ----D C:\Program Files (x86)\Programas RFB O43 - CFD: 31/10/2014 - 23:26:40 - [] ----D C:\Program Files (x86)\QUALCOMM O43 - CFD: 28/01/2015 - 08:21:34 - [] ----D C:\Program Files (x86)\Realtek O43 - CFD: 14/07/2009 - 02:32:38 - [] ----D C:\Program Files (x86)\Reference Assemblies O43 - CFD: 02/03/2015 - 19:34:43 - [] ----D C:\Program Files (x86)\Roxio O43 - CFD: 10/03/2015 - 18:50:14 - [] ----D C:\Program Files (x86)\Siber Systems O43 - CFD: 20/02/2015 - 11:06:45 - [] ----D C:\Program Files (x86)\Space Sniffer O43 - CFD: 08/02/2015 - 17:56:49 - [] ----D C:\Program Files (x86)\SpeedFan O43 - CFD: 05/04/2015 - 20:49:08 - [] ----D C:\Program Files (x86)\Spybot - Search & Destroy 2 O43 - CFD: 01/11/2014 - 10:17:10 - [] ----D C:\Program Files (x86)\Texas Instruments Inc O43 - CFD: 14/07/2009 - 01:57:06 - [0] --H-D C:\Program Files (x86)\Uninstall Information O43 - CFD: 22/11/2014 - 23:05:28 - [] ----D C:\Program Files (x86)\USB Vibration O43 - CFD: 08/11/2014 - 21:41:58 - [] ----D C:\Program Files (x86)\Windows Defender O43 - CFD: 03/11/2014 - 20:14:17 - [] ----D C:\Program Files (x86)\Windows Mail =>.Microsoft Corporation O43 - CFD: 11/03/2015 - 12:17:31 - [] ----D C:\Program Files (x86)\Windows Media Player =>.Microsoft Corporation O43 - CFD: 14/07/2009 - 02:32:38 - [] ----D C:\Program Files (x86)\Windows NT O43 - CFD: 03/11/2014 - 20:14:16 - [] ----D C:\Program Files (x86)\Windows Photo Viewer O43 - CFD: 03/11/2014 - 20:14:16 - [] ----D C:\Program Files (x86)\Windows Portable Devices O43 - CFD: 03/11/2014 - 20:14:17 - [] ----D C:\Program Files (x86)\Windows Sidebar O43 - CFD: 20/12/2014 - 16:41:26 - [] ----D C:\Program Files (x86)\WugFresh Development O43 - CFD: 05/04/2015 - 17:10:19 - [] ----D C:\Program Files (x86)\ZHPDiag =>.Nicolas Coolman O43 - CFD: 16/11/2014 - 20:49:38 - [] ----D C:\Program Files (x86)\Common Files\Adobe O43 - CFD: 01/11/2014 - 10:12:57 - [] ----D C:\Program Files (x86)\Common Files\Atheros O43 - CFD: 08/02/2015 - 18:28:01 - [] ----D C:\Program Files (x86)\Common Files\ATI Technologies O43 - CFD: 09/02/2015 - 17:10:33 - [] ----D C:\Program Files (x86)\Common Files\fabFORCE O43 - CFD: 01/12/2014 - 10:45:58 - [] ----D C:\Program Files (x86)\Common Files\InstallShield O43 - CFD: 04/02/2015 - 18:47:02 - [] ----D C:\Program Files (x86)\Common Files\Intel O43 - CFD: 19/03/2015 - 16:28:25 - [] ----D C:\Program Files (x86)\Common Files\Java O43 - CFD: 03/01/2015 - 17:13:03 - [] ----D C:\Program Files (x86)\Common Files\Microsoft Games O43 - CFD: 03/01/2015 - 14:54:23 - [] ----D C:\Program Files (x86)\Common Files\microsoft shared O43 - CFD: 02/03/2015 - 19:37:09 - [] ----D C:\Program Files (x86)\Common Files\PX Storage Engine O43 - CFD: 02/03/2015 - 19:39:08 - [] ----D C:\Program Files (x86)\Common Files\Roxio Shared O43 - CFD: 14/07/2009 - 00:20:08 - [] ----D C:\Program Files (x86)\Common Files\Services O43 - CFD: 02/03/2015 - 19:34:06 - [] ----D C:\Program Files (x86)\Common Files\Sonic Shared O43 - CFD: 14/07/2009 - 00:20:08 - [] ----D C:\Program Files (x86)\Common Files\SpeechEngines O43 - CFD: 09/03/2015 - 17:25:36 - [] ----D C:\Program Files (x86)\Common Files\Steam O43 - CFD: 02/03/2015 - 19:33:48 - [] ----D C:\Program Files (x86)\Common Files\SureThing Shared O43 - CFD: 09/11/2014 - 15:13:28 - [] ----D C:\Program Files (x86)\Common Files\System O43 - CFD: 03/01/2015 - 14:00:22 - [] ----D C:\Program Files (x86)\Common Files\Windows Live O43 - CFD: 17/11/2014 - 19:11:04 - [] ----D C:\ProgramData\Adobe O43 - CFD: 01/12/2014 - 10:57:27 - [] ----D C:\ProgramData\Age of Empires 3 O43 - CFD: 08/02/2015 - 18:28:06 - [] ----D C:\ProgramData\AMD O43 - CFD: 14/07/2009 - 02:08:56 - [] -SH-D C:\ProgramData\Application Data O43 - CFD: 01/02/2015 - 17:48:25 - [] ----D C:\ProgramData\Atheros O43 - CFD: 08/02/2015 - 18:29:22 - [] ----D C:\ProgramData\ATI O43 - CFD: 03/12/2014 - 07:42:09 - [] ----D C:\ProgramData\AVAST Software O43 - CFD: 02/12/2014 - 10:16:02 - [] ----D C:\ProgramData\Battle.net O43 - CFD: 02/12/2014 - 13:20:06 - [] ----D C:\ProgramData\Blizzard Entertainment O43 - CFD: 03/01/2015 - 13:43:18 - [] ----D C:\ProgramData\Codemasters O43 - CFD: 10/03/2015 - 21:14:58 - [] ----D C:\ProgramData\Copernic O43 - CFD: 31/10/2014 - 15:51:24 - [] -SH-D C:\ProgramData\Dados de aplicativos O43 - CFD: 23/11/2014 - 13:08:20 - [] ----D C:\ProgramData\DAEMON Tools Lite =>.DT Soft Ltd O43 - CFD: 01/11/2014 - 10:12:16 - [] ----D C:\ProgramData\Dell O43 - CFD: 14/07/2009 - 02:08:56 - [] -SH-D C:\ProgramData\Desktop O43 - CFD: 31/10/2014 - 15:51:24 - [] -SH-D C:\ProgramData\Documentos O43 - CFD: 14/07/2009 - 02:08:56 - [] -SH-D C:\ProgramData\Documents O43 - CFD: 01/11/2014 - 09:23:55 - [] ----D C:\ProgramData\Downloaded Installations O43 - CFD: 03/01/2015 - 13:43:20 - [] -SH-D C:\ProgramData\DSS O43 - CFD: 14/07/2009 - 02:08:56 - [] -SH-D C:\ProgramData\Favorites O43 - CFD: 31/10/2014 - 15:51:24 - [] -SH-D C:\ProgramData\Favoritos O43 - CFD: 23/11/2014 - 13:23:00 - [] ----D C:\ProgramData\Freemake O43 - CFD: 31/10/2014 - 15:58:41 - [] ----D C:\ProgramData\Intel O43 - CFD: 31/01/2015 - 23:52:18 - [] ----D C:\ProgramData\IntelDLM O43 - CFD: 08/03/2015 - 11:23:04 - [] ----D C:\ProgramData\KONAMI O43 - CFD: 03/01/2015 - 13:00:50 - [] ----D C:\ProgramData\LogMeIn O43 - CFD: 01/11/2014 - 09:24:24 - [] ----D C:\ProgramData\Macrovision O43 - CFD: 05/04/2015 - 12:00:41 - [] ----D C:\ProgramData\Malwarebytes O43 - CFD: 16/11/2014 - 20:42:38 - [] ----D C:\ProgramData\McAfee O43 - CFD: 31/10/2014 - 15:51:24 - [] -SH-D C:\ProgramData\Menu Iniciar O43 - CFD: 05/04/2015 - 20:42:17 - [] -S--D C:\ProgramData\Microsoft O43 - CFD: 31/10/2014 - 15:51:24 - [] -SH-D C:\ProgramData\Modelos O43 - CFD: 16/03/2015 - 14:38:47 - [] ----D C:\ProgramData\Mozilla O43 - CFD: 19/03/2015 - 16:34:47 - [] ----D C:\ProgramData\Oracle O43 - CFD: 02/03/2015 - 19:33:00 - [] ----D C:\ProgramData\PhotoShow Shared Assets O43 - CFD: 31/10/2014 - 23:26:40 - [] ----D C:\ProgramData\QUALCOMM O43 - CFD: 10/03/2015 - 18:51:33 - [] ----D C:\ProgramData\RoboForm O43 - CFD: 02/03/2015 - 23:18:05 - [] ----D C:\ProgramData\Roxio O43 - CFD: 03/04/2015 - 11:14:53 - [] ----D C:\ProgramData\Skype O43 - CFD: 15/03/2015 - 08:45:33 - [] ----D C:\ProgramData\Sonic O43 - CFD: 05/04/2015 - 20:42:17 - [] ----D C:\ProgramData\Spybot - Search & Destroy O43 - CFD: 14/07/2009 - 02:08:56 - [] -SH-D C:\ProgramData\Start Menu O43 - CFD: 08/03/2015 - 11:22:58 - [] ----D C:\ProgramData\Steam O43 - CFD: 31/10/2014 - 17:06:21 - [] ----D C:\ProgramData\Sun O43 - CFD: 14/07/2009 - 02:08:56 - [] -SH-D C:\ProgramData\Templates O43 - CFD: 02/03/2015 - 19:38:59 - [] ----D C:\ProgramData\Uninstall O43 - CFD: 06/04/2015 - 09:45:32 - [] ----D C:\ProgramData\Validity O43 - CFD: 31/10/2014 - 16:50:53 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip O43 - CFD: 02/12/2014 - 12:18:07 - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories O43 - CFD: 03/11/2014 - 20:17:41 - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools O43 - CFD: 08/02/2015 - 18:27:30 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center O43 - CFD: 24/01/2015 - 12:58:58 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMX Mod X O43 - CFD: 31/10/2014 - 17:22:48 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ares O43 - CFD: 26/03/2015 - 12:25:55 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\aTube Catcher O43 - CFD: 14/12/2014 - 16:14:13 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battle.net O43 - CFD: 01/11/2014 - 10:13:28 - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BT Program O43 - CFD: 08/11/2014 - 20:31:26 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Central de Mouse e Teclado da Microsoft O43 - CFD: 24/01/2015 - 00:30:03 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Counter-Strike 1.6 O43 - CFD: 31/10/2014 - 17:12:25 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite =>.DT Soft Ltd O43 - CFD: 01/02/2015 - 10:11:12 - [0] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell O43 - CFD: 17/03/2015 - 23:46:58 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dolby Axon O43 - CFD: 15/01/2015 - 07:44:59 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox Folder Sync O43 - CFD: 02/03/2015 - 17:57:08 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FinalWire O43 - CFD: 11/12/2014 - 16:47:56 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fraps O43 - CFD: 23/11/2014 - 13:22:13 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Freemake O43 - CFD: 03/01/2015 - 17:12:59 - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games O43 - CFD: 03/01/2015 - 17:39:42 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GameVicio O43 - CFD: 03/04/2015 - 13:31:52 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome O43 - CFD: 15/03/2015 - 09:29:52 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive O43 - CFD: 19/03/2015 - 16:27:48 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java O43 - CFD: 19/03/2015 - 16:26:41 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java Development Kit O43 - CFD: 03/04/2015 - 11:01:20 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack O43 - CFD: 03/03/2015 - 00:38:49 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kobo O43 - CFD: 09/01/2015 - 10:39:09 - [] -S--D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LibreOffice 4.3 O43 - CFD: 14/07/2009 - 01:57:09 - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance O43 - CFD: 05/04/2015 - 12:00:53 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware O43 - CFD: 14/01/2015 - 21:33:07 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight O43 - CFD: 01/02/2015 - 17:48:25 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Minhateca.com.br O43 - CFD: 22/11/2014 - 23:33:18 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NetBeans O43 - CFD: 27/01/2015 - 16:25:35 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Oracle Database 11g Express Edition O43 - CFD: 31/10/2014 - 16:27:58 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Plex Media Server O43 - CFD: 04/04/2015 - 11:09:36 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Process Hacker 2 O43 - CFD: 04/03/2015 - 13:02:45 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Programas RFB O43 - CFD: 10/03/2015 - 18:51:35 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RoboForm O43 - CFD: 02/03/2015 - 19:37:12 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Roxio Creator Starter O43 - CFD: 31/12/2014 - 09:44:08 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skitch O43 - CFD: 08/02/2015 - 15:57:13 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SpeedFan O43 - CFD: 02/12/2014 - 13:20:06 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StarCraft II O43 - CFD: 14/01/2015 - 10:57:15 - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup O43 - CFD: 31/01/2015 - 10:51:52 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam O43 - CFD: 14/07/2009 - 15:12:00 - [0] R-H-D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tablet PC O43 - CFD: 03/12/2014 - 23:04:31 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client O43 - CFD: 02/03/2015 - 23:19:35 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN O43 - CFD: 05/04/2015 - 17:10:19 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZHP =>.Nicolas Coolman O43 - CFD: 03/04/2015 - 11:19:11 - [] ----D C:\Users\Kauan\AppData\Roaming\Adobe O43 - CFD: 01/02/2015 - 16:50:33 - [] ----D C:\Users\Kauan\AppData\Roaming\ATI O43 - CFD: 02/12/2014 - 10:33:33 - [] ----D C:\Users\Kauan\AppData\Roaming\Battle.net O43 - CFD: 01/12/2014 - 21:06:31 - [] ----D C:\Users\Kauan\AppData\Roaming\Carbon O43 - CFD: 18/03/2015 - 12:19:51 - [] ----D C:\Users\Kauan\AppData\Roaming\DAEMON Tools Lite =>.DT Soft Ltd O43 - CFD: 11/02/2015 - 16:29:08 - [] ----D C:\Users\Kauan\AppData\Roaming\DBDesigner4 O43 - CFD: 31/01/2015 - 22:21:56 - [] ----D C:\Users\Kauan\AppData\Roaming\Dell O43 - CFD: 01/11/2014 - 09:26:57 - [] ----D C:\Users\Kauan\AppData\Roaming\DigitalPersona O43 - CFD: 21/03/2015 - 14:48:54 - [] ----D C:\Users\Kauan\AppData\Roaming\Dropbox O43 - CFD: 11/11/2014 - 20:40:07 - [] ----D C:\Users\Kauan\AppData\Roaming\Dropbox Folder Sync O43 - CFD: 01/11/2014 - 09:24:22 - [] ----D C:\Users\Kauan\AppData\Roaming\FLEXnet O43 - CFD: 31/10/2014 - 15:51:52 - [] ----D C:\Users\Kauan\AppData\Roaming\Identities O43 - CFD: 07/02/2015 - 17:19:18 - [] ----D C:\Users\Kauan\AppData\Roaming\InstallShield O43 - CFD: 22/11/2014 - 23:11:00 - [] ----D C:\Users\Kauan\AppData\Roaming\IObit O43 - CFD: 31/01/2015 - 23:10:45 - [] ----D C:\Users\Kauan\AppData\Roaming\library_dir O43 - CFD: 17/11/2014 - 19:17:33 - [] ----D C:\Users\Kauan\AppData\Roaming\LibreOffice O43 - CFD: 03/04/2015 - 11:19:12 - [] ----D C:\Users\Kauan\AppData\Roaming\Macromedia O43 - CFD: 01/11/2014 - 09:24:22 - [] ----D C:\Users\Kauan\AppData\Roaming\Macrovision O43 - CFD: 14/07/2009 - 15:12:00 - [0] ----D C:\Users\Kauan\AppData\Roaming\Media Center Programs O43 - CFD: 27/01/2015 - 16:37:20 - [] -S--D C:\Users\Kauan\AppData\Roaming\Microsoft O43 - CFD: 16/03/2015 - 14:38:56 - [] ----D C:\Users\Kauan\AppData\Roaming\Mozilla O43 - CFD: 23/11/2014 - 09:58:31 - [] ----D C:\Users\Kauan\AppData\Roaming\NetBeans O43 - CFD: 17/01/2015 - 13:07:12 - [] ----D C:\Users\Kauan\AppData\Roaming\Notepad++ O43 - CFD: 19/03/2015 - 15:38:09 - [] ----D C:\Users\Kauan\AppData\Roaming\Oracle O43 - CFD: 04/04/2015 - 11:20:08 - [] ----D C:\Users\Kauan\AppData\Roaming\Process Hacker 2 O43 - CFD: 10/03/2015 - 19:15:18 - [] ----D C:\Users\Kauan\AppData\Roaming\RoboForm O43 - CFD: 02/03/2015 - 23:18:05 - [] ----D C:\Users\Kauan\AppData\Roaming\Roxio O43 - CFD: 08/03/2015 - 11:07:22 - [] ----D C:\Users\Kauan\AppData\Roaming\Roxio Burn O43 - CFD: 02/03/2015 - 19:14:25 - [] ----D C:\Users\Kauan\AppData\Roaming\Roxio Log Files O43 - CFD: 03/04/2015 - 11:12:42 - [] ----D C:\Users\Kauan\AppData\Roaming\Skype O43 - CFD: 04/04/2015 - 22:21:07 - [] ----D C:\Users\Kauan\AppData\Roaming\Spotify O43 - CFD: 26/03/2015 - 18:09:09 - [] ----D C:\Users\Kauan\AppData\Roaming\SQL Developer O43 - CFD: 27/01/2015 - 16:43:34 - [] ----D C:\Users\Kauan\AppData\Roaming\sqldeveloper O43 - CFD: 24/01/2015 - 00:18:51 - [] ----D C:\Users\Kauan\AppData\Roaming\TS3Client O43 - CFD: 03/01/2015 - 17:32:43 - [] ----D C:\Users\Kauan\AppData\Roaming\Tunngle O43 - CFD: 28/03/2015 - 13:49:16 - [] ----D C:\Users\Kauan\AppData\Roaming\uTorrent =>P2P.µTorrent O43 - CFD: 06/04/2015 - 13:27:20 - [] ----D C:\Users\Kauan\AppData\Roaming\vlc O43 - CFD: 06/04/2015 - 13:28:08 - [] ----D C:\Users\Kauan\AppData\Roaming\ZHP =>.Nicolas Coolman O43 - CFD: 17/11/2014 - 20:18:58 - [] ----D C:\Users\Kauan\AppData\Local\Adobe O43 - CFD: 05/12/2014 - 14:10:13 - [] ----D C:\Users\Kauan\AppData\Local\Apps O43 - CFD: 31/10/2014 - 17:22:54 - [] ----D C:\Users\Kauan\AppData\Local\Ares O43 - CFD: 01/02/2015 - 16:50:33 - [] ----D C:\Users\Kauan\AppData\Local\ATI O43 - CFD: 22/01/2015 - 20:56:24 - [] ----D C:\Users\Kauan\AppData\Local\Battle.net O43 - CFD: 02/12/2014 - 10:32:47 - [] ----D C:\Users\Kauan\AppData\Local\Blizzard Entertainment O43 - CFD: 01/11/2014 - 10:23:52 - [] ----D C:\Users\Kauan\AppData\Local\BMExplorer O43 - CFD: 10/03/2015 - 18:06:40 - [] ----D C:\Users\Kauan\AppData\Local\Copernic O43 - CFD: 06/04/2015 - 13:26:26 - [] ----D C:\Users\Kauan\AppData\Local\CrashDumps O43 - CFD: 31/10/2014 - 15:51:39 - [] -SH-D C:\Users\Kauan\AppData\Local\Dados de aplicativos O43 - CFD: 02/11/2014 - 14:23:16 - [0] ----D C:\Users\Kauan\AppData\Local\Deployment O43 - CFD: 01/11/2014 - 09:26:57 - [] ----D C:\Users\Kauan\AppData\Local\DigitalPersona O43 - CFD: 11/11/2014 - 20:40:11 - [] ----D C:\Users\Kauan\AppData\Local\Dropbox_Folder_Sync O43 - CFD: 19/03/2015 - 15:35:48 - [] ----D C:\Users\Kauan\AppData\Local\ElevatedDiagnostics O43 - CFD: 31/10/2014 - 16:23:02 - [] ----D C:\Users\Kauan\AppData\Local\Evernote O43 - CFD: 02/04/2015 - 23:20:45 - [] ----D C:\Users\Kauan\AppData\Local\EvernoteNW O43 - CFD: 23/11/2014 - 13:23:06 - [] ----D C:\Users\Kauan\AppData\Local\FreemakeVideoConverter O43 - CFD: 22/11/2014 - 23:08:15 - [] ----D C:\Users\Kauan\AppData\Local\Google O43 - CFD: 31/10/2014 - 15:51:39 - [] -SH-D C:\Users\Kauan\AppData\Local\Histórico O43 - CFD: 31/01/2015 - 23:49:55 - [] ----D C:\Users\Kauan\AppData\Local\Intel O43 - CFD: 03/03/2015 - 00:41:45 - [] ----D C:\Users\Kauan\AppData\Local\Kobo O43 - CFD: 03/01/2015 - 13:00:50 - [] ----D C:\Users\Kauan\AppData\Local\LogMeIn O43 - CFD: 03/01/2015 - 13:59:57 - [] ----D C:\Users\Kauan\AppData\Local\Microsoft O43 - CFD: 03/04/2015 - 16:55:58 - [] ----D C:\Users\Kauan\AppData\Local\MigWiz O43 - CFD: 27/03/2015 - 16:51:37 - [] ----D C:\Users\Kauan\AppData\Local\MinhaBox.br O43 - CFD: 16/03/2015 - 14:38:57 - [] ----D C:\Users\Kauan\AppData\Local\Mozilla O43 - CFD: 23/11/2014 - 09:58:17 - [] ----D C:\Users\Kauan\AppData\Local\NetBeans O43 - CFD: 05/04/2015 - 13:55:42 - [] ----D C:\Users\Kauan\AppData\Local\Plex Media Server O43 - CFD: 31/10/2014 - 16:51:19 - [] ----D C:\Users\Kauan\AppData\Local\Programs O43 - CFD: 30/03/2015 - 21:42:22 - [] ----D C:\Users\Kauan\AppData\Local\Skitch O43 - CFD: 03/04/2015 - 11:00:31 - [] ----D C:\Users\Kauan\AppData\Local\Skype O43 - CFD: 02/03/2015 - 19:43:02 - [] ----D C:\Users\Kauan\AppData\Local\Sonic_Solutions O43 - CFD: 04/04/2015 - 23:55:58 - [] ----D C:\Users\Kauan\AppData\Local\Spotify O43 - CFD: 20/02/2015 - 21:48:00 - [] ----D C:\Users\Kauan\AppData\Local\Steam O43 - CFD: 06/04/2015 - 13:27:54 - [] ----D C:\Users\Kauan\AppData\Local\Temp O43 - CFD: 31/10/2014 - 15:51:39 - [] -SH-D C:\Users\Kauan\AppData\Local\Temporary Internet Files O43 - CFD: 28/11/2014 - 18:21:35 - [] ----D C:\Users\Kauan\AppData\Local\VirtualStore O43 - CFD: 03/01/2015 - 14:00:23 - [] ----D C:\Users\Kauan\AppData\Local\Windows Live O43 - CFD: 14/07/2009 - 01:54:32 - [] R---D C:\Users\Kauan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories O43 - CFD: 04/04/2015 - 16:21:58 - [] R---D C:\Users\Kauan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools O43 - CFD: 24/01/2015 - 13:15:48 - [0] ----D C:\Users\Kauan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AMX Mod X O43 - CFD: 24/01/2015 - 00:30:01 - [0] ----D C:\Users\Kauan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Counter-Strike 1.6 O43 - CFD: 21/03/2015 - 14:48:24 - [] ----D C:\Users\Kauan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox O43 - CFD: 10/03/2015 - 16:06:44 - [] ----D C:\Users\Kauan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Evernote O43 - CFD: 23/11/2014 - 13:22:13 - [] ----D C:\Users\Kauan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Freemake O43 - CFD: 01/12/2014 - 10:57:08 - [] ----D C:\Users\Kauan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games O43 - CFD: 14/07/2009 - 01:49:38 - [] R---D C:\Users\Kauan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance O43 - CFD: 04/03/2015 - 13:03:13 - [] ----D C:\Users\Kauan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Programas RFB2015 O43 - CFD: 04/04/2015 - 16:21:58 - [] R---D C:\Users\Kauan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup O43 - CFD: 31/01/2015 - 10:30:42 - [] ----D C:\Users\Kauan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam O43 - CFD: 05/12/2014 - 14:10:14 - [] ----D C:\Users\Kauan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows 7 USB DVD Download Tool O43 - CFD: 20/12/2014 - 16:41:29 - [] ----D C:\Users\Kauan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WugFresh Development ~ Program Folder: 262 Scanned in 00mn 00s ---\\ Últimos ficheiros alterados ou criados no Windows e Sistema32 (044) O44 - LFC:[MD5.7C62BCBB015DBF84AA40C0806F1C8194] - 03/04/2015 - 11:50:24 ---A- . (.Baidu, Inc. - Baidu Antivirus Minifilter Driver.) -- C:\Windows\System32\Drivers\BprotectEx.sys [94528] O44 - LFC:[MD5.CC7AA7B42CF418FC3D926913490048F8] - 04/04/2015 - 17:11:03 ---A- . (...) -- C:\Windows\zoek-delete.exe [24064] O44 - LFC:[MD5.F39365C55ADC988A8431E0905130840D] - 04/04/2015 - 17:41:14 ---A- . (...) -- C:\zoek-results.log [50800] O44 - LFC:[MD5.CA2A8AF1DBAD0F31F9B33A2827DFBC16] - 04/04/2015 - 22:13:53 ---A- . (...) -- C:\Windows\tweaking.com-regbackup-KAUAN-PC-Windows-7-Professional-(64-bit).dat [207] O44 - LFC:[MD5.CF12E148C6FC151335B7D7FE03F1C7A2] - 05/04/2015 - 12:00:41 ---A- . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Windows\System32\Drivers\mbam.sys [25816] O44 - LFC:[MD5.68C3B11D1ED8C97648BEEFEC37E93E74] - 05/04/2015 - 12:00:41 ---A- . (.Malwarebytes Corporation - Malwarebytes Chameleon Protection Driver.) -- C:\Windows\System32\Drivers\mbamchameleon.sys [107736] O44 - LFC:[MD5.0CE2F3E26C770CBAEB50787A2C1FD09E] - 05/04/2015 - 12:00:41 ---A- . (.Malwarebytes Corporation - Malwarebytes Web Access Control.) -- C:\Windows\System32\Drivers\mwac.sys [63704] O44 - LFC:[MD5.E9CD058C79EA15B4AA93E259FA713B07] - 05/04/2015 - 15:57:34 ---A- . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Windows\System32\Drivers\MBAMSwissArmy.sys [136408] O44 - LFC:[MD5.E185BDA84E5F03F4E1D8DCA30E209277] - 05/04/2015 - 17:08:06 ---A- . (...) -- C:\Windows\epplauncher.mif [1912] O44 - LFC:[MD5.0A34066D56D57C0DA73BFFC1E4169FF2] - 05/04/2015 - 20:42:19 ---A- . (...) -- C:\Windows\wininit.ini [85] O44 - LFC:[MD5.97AAACBBFE66163BE4943F108AD6D98A] - 05/04/2015 - 20:49:08 ---A- . (...) -- C:\Windows\PFRO.log [32592] O44 - LFC:[MD5.379D2F0AB259B68A86AC98774FE1F1B5] - 06/04/2015 - 09:45:27 -S-A- . (...) -- C:\Windows\bootstat.dat [67584] O44 - LFC:[MD5.8B741C81AD83E1A2776E32987E87EDD7] - 06/04/2015 - 09:45:29 ---A- . (...) -- C:\Windows\setupact.log [3397] O44 - LFC:[MD5.42473A30780782E82EFA70101711EF50] - 06/04/2015 - 09:49:45 ---A- . (...) -- C:\Windows\WindowsUpdate.log [1827459] O44 - LFC:[MD5.44E9F3C28C263CBCFED88DE877CED4E5] - 06/04/2015 - 13:27:21 ---A- . (...) -- C:\PhysicalDisk0_MBR.bin [512] O44 - LFC:[MD5.BCBA647F74BF577F6B7330B16FD60919] - 22/03/2015 - 14:06:21 ---A- . (...) -- C:\Windows\ntbtlog.txt [216944] O44 - LFC:[MD5.1C11E0739B2B354647D292FCDCB7AF8E] - 25/03/2015 - 09:51:02 ---A- . (.Microsoft Corporation - Application Experience Program Cache.) -- C:\Windows\System32\aepic.dll [192000] O44 - LFC:[MD5.EBDE90C94A0671F05AAA0DF2A2139F43] - 25/03/2015 - 09:51:02 ---A- . (.Microsoft Corporation - Atualizador de Dados de Compatibilidade ent.) -- C:\Windows\System32\aepdu.dll [227328] O44 - LFC:[MD5.E82D241A892C15FB42AB0A3D83C01ACA] - 25/03/2015 - 09:51:02 ---A- . (.Microsoft Corporation - Device Inventory Library.) -- C:\Windows\System32\devinv.dll [414720] O44 - LFC:[MD5.B3B9C29F90A10216F13113757BCACAD8] - 25/03/2015 - 09:51:03 ---A- . (.Microsoft Corporation - Application Experience Program Inventory Co.) -- C:\Windows\System32\aeinv.dll [1107456] O44 - LFC:[MD5.75A43F9EA79BF721DC6D94980F85F87D] - 25/03/2015 - 09:51:03 ---A- . (.Microsoft Corporation - Compatibility Appraiser.) -- C:\Windows\System32\appraiser.dll [943616] O44 - LFC:[MD5.4BA77DD4E4894EAF2BCB2D3E0A0B6F7A] - 25/03/2015 - 09:51:03 ---A- . (.Microsoft Corporation - Compatibility Upgrade Migration Host.) -- C:\Windows\System32\acmigration.dll [30720] O44 - LFC:[MD5.EBDBE8037B0BE75B05CBC5DEEE49BA90] - 25/03/2015 - 09:51:03 ---A- . (.Microsoft Corporation - General Telemetry.) -- C:\Windows\System32\generaltel.dll [677888] O44 - LFC:[MD5.82009026471290E8A512D1FE2442FDFC] - 25/03/2015 - 09:51:03 ---A- . (.Microsoft Corporation - Inventory Agent.) -- C:\Windows\System32\invagent.dll [760832] O44 - LFC:[MD5.6B9BA82FEDEC1C4F27E3FE0EB1ABAC60] - 29/03/2015 - 13:54:26 ---A- . (...) -- C:\Windows\System32\PerfStringBackup.INI [1642066] O44 - LFC:[MD5.C5CCA3EDE44A284DED3C261C22F19FDD] - 29/03/2015 - 13:54:26 ---A- . (...) -- C:\Windows\System32\perfc009.dat [123184] O44 - LFC:[MD5.5788028A5938C94536FA0BF12E4FC998] - 29/03/2015 - 13:54:26 ---A- . (...) -- C:\Windows\System32\perfh009.dat [656568] O44 - LFC:[MD5.5D2181A0CA73EB1AB9403A1181D87F7E] - 29/03/2015 - 13:54:26 ---A- . (...) -- C:\Windows\System32\prfc0416.dat [148696] O44 - LFC:[MD5.670147F22F865DCE70CE83DFAC4B1AC2] - 29/03/2015 - 13:54:26 ---A- . (...) -- C:\Windows\System32\prfh0416.dat [708112] ~ Files: 29 Scanned in 00mn 01s ---\\ Negação do serviço (Local Security Authority) (048) O48 - LSA:Local Security Authority Authentication Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\Windows\System32\msv1_0.dll O48 - LSA:Local Security Authority Notification Packages . (.DigitalPersona, Inc. - Password Filter.) -- C:\Windows\System32\DPPassFilter.dll O48 - LSA:Local Security Authority Notification Packages . (.Microsoft Corporation - Mecanismo cliente do 'Editor de configuração de segurança Windows'.) -- C:\Windows\System32\scecli.dll O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Pacote de Segurança Kerberos.) -- C:\Windows\System32\kerberos.dll O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\Windows\System32\msv1_0.dll O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - TLS / SSL Security Provider.) -- C:\Windows\System32\schannel.dll O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Digest Access.) -- C:\Windows\System32\wdigest.dll O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Web Service Security Package.) -- C:\Windows\System32\tspkg.dll O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Pku2u Security Package.) -- C:\Windows\System32\pku2u.dll ~ LSA: 9 Scanned in 00mn 00s ---\\ Controlo do Modo de Segurança (CSB) (49) O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sermouse.sys . (.Microsoft Corporation - Driver de porta de mouse serial.) -- C:\Windows\System32\Drivers\sermouse.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\Windows\System32\Drivers\vga.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vgasave.sys . (...) -- C:\Windows\System32\Drivers\vgasave.sys (.not file.) O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\System32\Drivers\volmgr.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgrx.sys . (.Microsoft Corporation - Driver de Extensão do Gerenciador de Volumes.) -- C:\Windows\System32\Drivers\volmgrx.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\Wdf01000.sys . (.Microsoft Corporation - Tempo de Execução da Estrutura de Driver em Modo Kernel.) -- C:\Windows\System32\Drivers\Wdf01000.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ipnat.sys . (.Microsoft Corporation - IP Network Address Translator.) -- C:\Windows\System32\Drivers\ipnat.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\nsiproxy.sys . (.Microsoft Corporation - NSI Proxy.) -- C:\Windows\System32\Drivers\nsiproxy.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpencdd.sys . (.Microsoft Corporation - RDP Encoder Miniport.) -- C:\Windows\System32\Drivers\rdpencdd.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sermouse.sys . (.Microsoft Corporation - Driver de porta de mouse serial.) -- C:\Windows\System32\Drivers\sermouse.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\Windows\System32\Drivers\vga.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vgasave.sys . (...) -- C:\Windows\System32\Drivers\vgasave.sys (.not file.) O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\System32\Drivers\volmgr.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgrx.sys . (.Microsoft Corporation - Driver de Extensão do Gerenciador de Volumes.) -- C:\Windows\System32\Drivers\volmgrx.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\Wdf01000.sys . (.Microsoft Corporation - Tempo de Execução da Estrutura de Driver em Modo Kernel.) -- C:\Windows\System32\Drivers\Wdf01000.sys ~ CSB: 15 Scanned in 00mn 00s ---\\ Chave do registo Shell MountPoints2 (MPSK) (O51) O51 - MPSK:{9db89816-6139-11e4-9f02-e006e6fb9e20}\AutoRun\command. (...) -- H:\setup.exe (.not file.) ~ Keys: Scanned in 00mn 00s ---\\ Pesquisa de infeções nos drivers (HKLM)(TDSD) (O52) O52 - TDSD: \Drivers32\"msacm.l3acm"="C:\Windows\System32\l3codeca.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm O52 - TDSD: \Drivers32\"VIDC.FPS1"="frapsv64.dll" . (.Beepa P/L - Fraps.) -- C:\Windows\System32\frapsv64.dll O52 - TDSD: \drivers.desc\"C:\Windows\System32\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm O52 - TDSD: \drivers.desc\"frapsv64.dll"="Fraps Video Decompressor" . (.Beepa P/L - Fraps.) -- C:\Windows\System32\frapsv64.dll ~ TDSD: 4 Scanned in 00mn 00s ---\\ Enumeração das chaves do registo StartupReg (SMSR) (O53) O53 - SMSR:HKLM\...\startupreg\Adobe ARM [Key] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe =>.Adobe Systems Incorporated O53 - SMSR:HKLM\...\startupreg\Apoint [Key] . (.Alps Electric Co., Ltd. - Alps Pointing-device Driver.) -- C:\Program Files\DellTPad\Apoint.exe O53 - SMSR:HKLM\...\startupreg\AthBtTray [Key] . (.Atheros Commnucations - Bluetooth Suite Common Rescource.) -- C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\AthBtTray.exe O53 - SMSR:HKLM\...\startupreg\AtherosBtStack [Key] . (.Atheros Communications - Bluetooth Stack Server.) -- C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtvStack.exe O53 - SMSR:HKLM\...\startupreg\CCleaner Monitoring [Key] . (.Piriform Ltd - CCleaner.) -- C:\Program Files\CCleaner\CCleaner64.exe =>.Piriform Ltd O53 - SMSR:HKLM\...\startupreg\DAEMON Tools Lite [Key] . (.Disc Soft Ltd - DAEMON Tools Lite.) -- C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe =>.DT Soft Ltd O53 - SMSR:HKLM\...\startupreg\Desktop Disc Tool [Key] . (.No owner - Roxio Burn Launcher.) -- C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe =>.Roxio O53 - SMSR:HKLM\...\startupreg\RoxWatchTray [Key] . (.Sonic Solutions - RoxMMTrayApp Module.) -- C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe =>.Sonic Solutions O53 - SMSR:HKLM\...\startupreg\SDTray [Key] . (...) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe (.not file.) O53 - SMSR:HKLM\...\startupreg\Spotify Web Helper [Key] . (.Spotify Ltd - SpotifyWebHelper.) -- C:\Users\Kauan\AppData\Roaming\Spotify\SpotifyWebHelper.exe ~ SMSR Keys: 10 Scanned in 00mn 00s ---\\ Enumeração das chaves do registo SecurityProviders (MCSP) (O54) O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\Windows\System32\credssp.dll O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\Windows\System32\credssp.dll ~ MSCP: 2 Scanned in 00mn 00s ---\\ Enumeração das chaves do registo PoliciesSystem (MWPS) (O55) O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorAdmin"=0 O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorUser"=3 O55 - MWPS:[HKLM\...\Policies\System] - "EnableInstallerDetection"=1 O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=0 O55 - MWPS:[HKLM\...\Policies\System] - "EnableSecureUIAPaths"=1 O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0 O55 - MWPS:[HKLM\...\Policies\System] - "EnableVirtualization"=1 O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=0 O55 - MWPS:[HKLM\...\Policies\System] - "ValidateAdminCodeSignatures"=0 O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0 O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"=0 O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"=0 O55 - MWPS:[HKLM\...\Policies\System] - "scforceoption"=0 O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1 O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1 O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0 O55 - MWPS:[HKLM\...\Policies\System] - "SoftwareSASGeneration"=1 O55 - MWPS:[HKCU\...\Policies\System] - "DisableLockWorkstation"=0 O55 - MWPS:[HKCU\...\Policies\System] - "DisableRegistryTools"=0 O55 - MWPS:[HKCU\...\Policies\System] - "DisableTaskMgr"=0 ~ MWPS: 20 Scanned in 00mn 00s ---\\ Enumeração das chaves do registo PoliciesExplorer (MWPE) (O56) O56 - MWPE:[HKCU\...\policies\Explorer] - "NoDriveTypeAutoRun"=145 O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktop"=1 O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktopChanges"=1 O56 - MWPE:[HKLM\...\policies\Explorer] - "ForceActiveDesktopOn"=0 ~ MWPE Keys: 4 Scanned in 00mn 00s ---\\ Lista dos drivers do sistema (SDL) (O58) O58 - SDL:13/07/2009 - 22:52:21 ---A- . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) -- C:\Windows\System32\Drivers\adp94xx.sys [491088] O58 - SDL:13/07/2009 - 22:52:21 ---A- . (.Adaptec, Inc. - Adaptec Windows SATA Storport Driver.) -- C:\Windows\System32\Drivers\adpahci.sys [339536] O58 - SDL:13/07/2009 - 22:52:21 ---A- . (.Adaptec, Inc. - Adaptec StorPort Ultra320 SCSI Driver (X64).) -- C:\Windows\System32\Drivers\adpu320.sys [182864] O58 - SDL:13/07/2009 - 22:52:21 ---A- . (.Acer Laboratories Inc. - ALi mini IDE Driver.) -- C:\Windows\System32\Drivers\aliide.sys [15440] O58 - SDL:20/11/2014 - 23:41:36 ---A- . (.Advanced Micro Devices - AMD ACP Binaries.) -- C:\Windows\System32\Drivers\amdacpksd.sys [294600] O58 - SDL:27/10/2014 - 20:46:12 ---A- . (.Advanced Micro Devices, Inc. - AMD PCI Root Bus Lower Filter.) -- C:\Windows\System32\Drivers\amdkmpfd.sys [62152] O58 - SDL:11/03/2011 - 03:41:12 ---A- . (.Advanced Micro Devices - AHCI 1.2 Device Driver.) -- C:\Windows\System32\Drivers\amdsata.sys [107904] O58 - SDL:13/07/2009 - 22:52:20 ---A- . (.AMD Technologies Inc. - AMD Technology AHCI Compatible Controller Driver for Windows -.) -- C:\Windows\System32\Drivers\amdsbs.sys [194128] O58 - SDL:11/03/2011 - 03:41:12 ---A- . (.Advanced Micro Devices - Storage Filter Driver.) -- C:\Windows\System32\Drivers\amdxata.sys [27008] O58 - SDL:12/05/2011 - 23:28:46 ---A- . (.Alps Electric Co., Ltd. - Alps Touch Pad Driver.) -- C:\Windows\System32\Drivers\Apfiltr.sys [363856] O58 - SDL:13/07/2009 - 22:52:21 ---A- . (.Adaptec, Inc. - Adaptec RAID Storport Driver.) -- C:\Windows\System32\Drivers\arc.sys [87632] O58 - SDL:13/07/2009 - 22:52:21 ---A- . (.Adaptec, Inc. - Adaptec SAS RAID WS03 Driver.) -- C:\Windows\System32\Drivers\arcsas.sys [97856] O58 - SDL:21/04/2011 - 19:17:10 ---A- . (.Atheros Communications, Inc. - Atheros Extensible Wireless LAN device driver.) -- C:\Windows\System32\Drivers\athrx.sys [2727424] O58 - SDL:20/11/2014 - 23:40:00 ---A- . (.Advanced Micro Devices, Inc. - ATI Radeon Kernel Mode Driver.) -- C:\Windows\System32\Drivers\atikmdag.sys [18959360] O58 - SDL:20/11/2014 - 23:08:54 ---A- . (.Advanced Micro Devices, Inc. - AMD multi-vendor Miniport Driver.) -- C:\Windows\System32\Drivers\atikmpag.sys [589312] O58 - SDL:10/06/2009 - 17:34:23 ---A- . (.Broadcom Corporation - Broadcom NetXtreme Gigabit Ethernet NDIS6.x Unified Driver..) -- C:\Windows\System32\Drivers\b57nd60a.sys [270848] O58 - SDL:14/12/2014 - 22:59:20 ---A- . (.Baidu, Inc. - Baidu Antivirus Minifilter Driver.) -- C:\Windows\System32\Drivers\BprotectEx.sys [94528] O58 - SDL:10/06/2009 - 17:41:06 ---A- . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver.) -- C:\Windows\System32\Drivers\BrFiltLo.sys [18432] O58 - SDL:10/06/2009 - 17:41:06 ---A- . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver.) -- C:\Windows\System32\Drivers\BrFiltUp.sys [8704] O58 - SDL:13/07/2009 - 22:19:07 ---A- . (.Brother Industries Ltd. - Brother Serial I/F Driver (WDM).) -- C:\Windows\System32\Drivers\BrSerId.sys [286720] O58 - SDL:10/06/2009 - 17:41:10 ---A- . (.Brother Industries Ltd. - Brother Serial driver (WDM version).) -- C:\Windows\System32\Drivers\BrSerWdm.sys [47104] O58 - SDL:10/06/2009 - 17:41:10 ---A- . (.Brother Industries Ltd. - Brother USB MDM Driver.) -- C:\Windows\System32\Drivers\BrUsbMdm.sys [14976] O58 - SDL:10/06/2009 - 17:41:10 ---A- . (.Brother Industries Ltd. - Brother USB Serial Driver.) -- C:\Windows\System32\Drivers\BrUsbSer.sys [14720] O58 - SDL:20/05/2011 - 10:15:32 ---A- . (.Atheros - Atheros A2DP driver.) -- C:\Windows\System32\Drivers\btath_a2dp.sys [298656] O58 - SDL:20/05/2011 - 10:15:34 ---A- . (.Atheros - Atheros BUS driver.) -- C:\Windows\System32\Drivers\btath_bus.sys [29344] O58 - SDL:20/05/2011 - 10:15:34 ---A- . (.Atheros - Atheros FILTER driver.) -- C:\Windows\System32\Drivers\btath_flt.sys [36000] O58 - SDL:20/05/2011 - 10:15:34 ---A- . (.Atheros - Atheros HCRP driver.) -- C:\Windows\System32\Drivers\btath_hcrp.sys [201376] O58 - SDL:20/05/2011 - 10:15:34 ---A- . (.Atheros - Atheros FILTER driver.) -- C:\Windows\System32\Drivers\btath_lwflt.sys [55456] O58 - SDL:20/05/2011 - 10:15:34 ---A- . (.Atheros - Atheros AVRCP driver.) -- C:\Windows\System32\Drivers\btath_rcp.sys [154272] O58 - SDL:20/05/2011 - 10:15:34 ---A- . (.Atheros - BtFilter Driver.) -- C:\Windows\System32\Drivers\btfilter.sys [282272] O58 - SDL:10/06/2009 - 17:34:28 ---A- . (.Broadcom Corporation - Broadcom NetXtreme II GigE VBD.) -- C:\Windows\System32\Drivers\bxvbda.sys [468480] O58 - SDL:20/10/2009 - 03:00:00 ----- . (.Sonic Solutions - CDR4 64-bit CD and DVD Place Holder Driver (see PxHelp).) -- C:\Windows\System32\Drivers\cdr4_xp.sys [10224] O58 - SDL:20/10/2009 - 03:00:00 ----- . (.Sonic Solutions - CDRAL 64-bit Place Holder Driver (see PxHelp).) -- C:\Windows\System32\Drivers\cdralw2k.sys [10224] O58 - SDL:13/07/2009 - 22:52:31 ---A- . (.CMD Technology, Inc. - CMD PCI IDE Bus Driver.) -- C:\Windows\System32\Drivers\cmdide.sys [17488] O58 - SDL:31/10/2014 - 17:11:26 ---A- . (.Disc Soft Ltd - DAEMON Tools Virtual Bus Driver.) -- C:\Windows\System32\Drivers\dtsoftbus01.sys [283064] O58 - SDL:13/07/2009 - 22:47:48 ---A- . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\System32\Drivers\elxstor.sys [530496] O58 - SDL:10/06/2009 - 17:34:33 ---A- . (.Broadcom Corporation - Broadcom NetXtreme II 10 GigE VBD.) -- C:\Windows\System32\Drivers\evbda.sys [3286016] O58 - SDL:18/03/2009 - 16:35:42 --HA- . (.LogMeIn, Inc. - Hamachi Virtual Network Interface Driver.) -- C:\Windows\System32\Drivers\hamachi.sys [33856] O58 - SDL:10/06/2009 - 17:31:59 ---A- . (.Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for eHome.) -- C:\Windows\System32\Drivers\hcw85cir.sys [31232] O58 - SDL:19/10/2010 - 22:34:26 ---A- . (.Intel Corporation - Intel(R) Management Engine Interface.) -- C:\Windows\System32\Drivers\HECIx64.sys [56344] O58 - SDL:20/11/2010 - 10:33:35 ---A- . (.Hewlett-Packard Company - Smart Array SAS/SATA Controller Media Driver.) -- C:\Windows\System32\Drivers\HpSAMD.sys [78720] O58 - SDL:11/03/2011 - 03:41:26 ---A- . (.Intel Corporation - Intel Matrix Storage Manager driver - x64.) -- C:\Windows\System32\Drivers\iaStorV.sys [410496] O58 - SDL:15/11/2012 - 01:03:46 ---A- . (.Intel Corporation - Intel Graphics Kernel Mode Driver.) -- C:\Windows\System32\Drivers\igdkmd64.sys [9000256] O58 - SDL:25/09/2011 - 22:40:28 ---A- . (.Intel Corporation - Intel Graphics Kernel Mode Driver.) -- C:\Windows\System32\Drivers\igdpmd64.sys [12309440] O58 - SDL:13/07/2009 - 22:48:04 ---A- . (.Intel Corp./ICP vortex GmbH - Intel/ICP Raid Storport Driver.) -- C:\Windows\System32\Drivers\iirsp.sys [44112] O58 - SDL:19/06/2012 - 21:40:52 ---A- . (.Intel(R) Corporation - Intel(R) Display Audio Driver.) -- C:\Windows\System32\Drivers\IntcDAud.sys [342528] O58 - SDL:13/07/2009 - 22:48:04 ---A- . (.LSI Corporation - LSI Fusion-MPT FC Driver (StorPort).) -- C:\Windows\System32\Drivers\lsi_fc.sys [114752] O58 - SDL:13/07/2009 - 22:48:04 ---A- . (.LSI Corporation - LSI Fusion-MPT SAS Driver (StorPort).) -- C:\Windows\System32\Drivers\lsi_sas.sys [106560] O58 - SDL:13/07/2009 - 22:48:04 ---A- . (.LSI Corporation - LSI SAS Gen2 Driver (StorPort).) -- C:\Windows\System32\Drivers\lsi_sas2.sys [65600] O58 - SDL:13/07/2009 - 22:48:04 ---A- . (.LSI Corporation - LSI Fusion-MPT SCSI Driver (StorPort).) -- C:\Windows\System32\Drivers\lsi_scsi.sys [115776] O58 - SDL:17/03/2015 - 06:15:24 ---A- . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Windows\System32\Drivers\mbam.sys [25816] O58 - SDL:17/03/2015 - 06:15:28 ---A- . (.Malwarebytes Corporation - Malwarebytes Chameleon Protection Driver.) -- C:\Windows\System32\Drivers\mbamchameleon.sys [107736] O58 - SDL:05/04/2015 - 15:57:34 ---A- . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Windows\System32\Drivers\MBAMSwissArmy.sys [136408] O58 - SDL:13/07/2009 - 22:48:04 ---A- . (.LSI Corporation - MEGASAS RAID Controller Driver for Windows 7\Server 2008 R2 for.) -- C:\Windows\System32\Drivers\megasas.sys [35392] O58 - SDL:13/07/2009 - 22:48:04 ---A- . (.LSI Corporation, Inc. - LSI MegaRAID Software RAID Driver.) -- C:\Windows\System32\Drivers\MegaSR.sys [284736] O58 - SDL:17/03/2015 - 06:15:38 ---A- . (.Malwarebytes Corporation - Malwarebytes Web Access Control.) -- C:\Windows\System32\Drivers\mwac.sys [63704] O58 - SDL:13/07/2009 - 22:48:26 ---A- . (.IBM Corporation - IBM ServeRAID Controller Driver.) -- C:\Windows\System32\Drivers\nfrd960.sys [51264] O58 - SDL:11/03/2011 - 03:41:34 ---A- . (.NVIDIA Corporation - NVIDIA® nForce(TM) RAID Driver.) -- C:\Windows\System32\Drivers\nvraid.sys [148352] O58 - SDL:11/03/2011 - 03:41:34 ---A- . (.NVIDIA Corporation - NVIDIA® nForce(TM) Sata Performance Driver.) -- C:\Windows\System32\Drivers\nvstor.sys [166272] O58 - SDL:19/03/2010 - 03:00:00 ----- . (.Sonic Solutions - Px Engine Device Driver for 64-bit Windows.) -- C:\Windows\System32\Drivers\PxHlpa64.sys [55856] O58 - SDL:13/07/2009 - 22:45:46 ---A- . (.QLogic Corporation - QLogic Fibre Channel Stor Miniport Driver.) -- C:\Windows\System32\Drivers\ql2300.sys [1524816] O58 - SDL:13/07/2009 - 22:45:45 ---A- . (.QLogic Corporation - QLogic iSCSI Storport Miniport Driver.) -- C:\Windows\System32\Drivers\ql40xx.sys [128592] O58 - SDL:10/06/2011 - 05:34:52 ---A- . (.Realtek - Realtek 8136/8168/8169 NDIS 6.20 64-bit Driver.) -- C:\Windows\System32\Drivers\Rt64win7.sys [539240] O58 - SDL:10/06/2009 - 17:37:19 ---A- . (.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) -- C:\Windows\System32\Drivers\secdrv.sys [23040] O58 - SDL:13/07/2009 - 22:45:45 ---A- . (.Silicon Integrated Systems Corp. - SiS RAID Stor Miniport Driver.) -- C:\Windows\System32\Drivers\sisraid2.sys [43584] O58 - SDL:13/07/2009 - 22:45:46 ---A- . (.Silicon Integrated Systems - SiS AHCI Stor-Miniport Driver.) -- C:\Windows\System32\Drivers\sisraid4.sys [80464] O58 - SDL:13/07/2009 - 22:45:55 ---A- . (.Promise Technology - Promise SuperTrak EX Series Driver for Windows.) -- C:\Windows\System32\Drivers\stexstor.sys [24656] O58 - SDL:08/09/2011 - 04:42:28 ---A- . (.IDT, Inc. - IDT PC Audio.) -- C:\Windows\System32\Drivers\stwrt64.sys [535040] O58 - SDL:16/09/2009 - 06:02:42 ---A- . (.Tunngle.net - TAP-Win32 Virtual Network Driver.) -- C:\Windows\System32\Drivers\tap0901t.sys [31232] O58 - SDL:20/07/2011 - 13:21:50 ---A- . (.Texas Instruments Incorporated - TI USB3 Hub Driver.) -- C:\Windows\System32\Drivers\tihub3.sys [136000] O58 - SDL:20/07/2011 - 13:21:50 ---A- . (.Texas Instruments Incorporated - TI XHCI Host Controller Driver.) -- C:\Windows\System32\Drivers\tixhci.sys [406336] O58 - SDL:13/07/2009 - 22:45:55 ---A- . (.VIA Technologies, Inc. - VIA Generic PCI IDE Bus Driver.) -- C:\Windows\System32\Drivers\viaide.sys [17488] O58 - SDL:13/07/2009 - 22:45:55 ---A- . (.VIA Technologies Inc.,Ltd - VIA RAID DRIVER FOR AMD-X86-64.) -- C:\Windows\System32\Drivers\vsmraid.sys [161872] O58 - SDL:21/04/2011 - 19:17:10 ---A- . (.Atheros Communications, Inc. - Atheros Extensible Wireless LAN device driver.) -- C:\Windows\System32\athrx.sys [2727424] O58 - SDL:29/12/2012 - 17:59:38 ---A- . (.Almico Software - SpeedFan x64 Driver.) -- C:\Windows\SysWOW64\speedfan.sys [28664] ~ Drivers: 75 Scanned in 00mn 00s ---\\ Últimos ficheiros alterados ou criados (Utilizador) (061) O61 - LFC: 02/04/2015 - 13:28:19 ---A- . (...) -- C:\Users\Kauan\AppData\Roaming\Spotify\pdf.dll [9305656] O61 - LFC: 03/04/2015 - 13:28:19 ---A- . (...) -- C:\Users\Kauan\AppData\Roaming\Spotify\ffmpegsumo.dll [990776] O61 - LFC: 03/04/2015 - 13:28:19 ---A- . (...) -- C:\Users\Kauan\AppData\Roaming\Spotify\libEGL.dll [219192] O61 - LFC: 03/04/2015 - 13:28:19 ---A- . (...) -- C:\Users\Kauan\AppData\Roaming\Spotify\libGLESv2.dll [1365560] O61 - LFC: 03/04/2015 - 13:28:19 ---A- . (...) -- C:\Users\Kauan\AppData\Roaming\Spotify\libcef.dll [40506936] O61 - LFC: 03/04/2015 - 13:28:19 ---A- . (...) -- C:\Users\Kauan\AppData\Roaming\Spotify\wow_helper.exe [73272] O61 - LFC: 03/04/2015 - 13:28:19 ---A- . (.Microsoft Corporation.) -- C:\Users\Kauan\AppData\Roaming\Spotify\d3dcompiler_43.dll [2106424] O61 - LFC: 03/04/2015 - 13:28:19 ---A- . (.Microsoft Corporation.) -- C:\Users\Kauan\AppData\Roaming\Spotify\d3dcompiler_47.dll [3457592] O61 - LFC: 03/04/2015 - 13:28:19 ---A- . (.Spotify Ltd.) -- C:\Users\Kauan\AppData\Roaming\Spotify\Spotify.exe [7112248] O61 - LFC: 03/04/2015 - 13:28:19 ---A- . (.Spotify Ltd.) -- C:\Users\Kauan\AppData\Roaming\Spotify\SpotifyCrashService.exe [762424] O61 - LFC: 03/04/2015 - 13:28:19 ---A- . (.Spotify Ltd.) -- C:\Users\Kauan\AppData\Roaming\Spotify\SpotifyLauncher.exe [124472] O61 - LFC: 03/04/2015 - 13:28:19 ---A- . (.Spotify Ltd.) -- C:\Users\Kauan\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2018360] O61 - LFC: 04/04/2015 - 13:28:19 ---A- . (...) -- C:\Users\Kauan\AppData\Roaming\ZHP\ZHPCleaner.exe [1705984] =>.Nicolas Coolman O61 - LFC: 04/04/2015 - 13:28:19 ---A- . (...) -- C:\Users\Kauan\Downloads\ZHPCleaner.exe [1705984] =>.Nicolas Coolman O61 - LFC: 04/04/2015 - 13:28:19 ---A- . (...) -- C:\Users\Kauan\Downloads\adwcleaner_4.200.exe [2208768] O61 - LFC: 04/04/2015 - 13:28:19 ---A- . (...) -- C:\Users\Kauan\Downloads\zoek.exe [1305600] O61 - LFC: 04/04/2015 - 13:28:19 ---A- . (.Thisisu.) -- C:\Users\Kauan\Downloads\JRT (1).exe [2690981] O61 - LFC: 05/04/2015 - 13:28:19 ---A- . (.Malwarebytes Corporation.) -- C:\Users\Kauan\Downloads\mbam-setup-2.1.4.1018.exe [21540440] O61 - LFC: 05/04/2015 - 13:28:19 ---A- . (.Nicolas Coolman.) -- C:\Users\Kauan\Downloads\ZHPDiag2.exe [6879410] =>.Nicolas Coolman O61 - LFC: 05/04/2015 - 13:28:19 ---A- . (.Plex, Inc..) -- C:\Users\Kauan\AppData\Local\Plex Media Server\Updates\0.9.11.4.739-a4e710f\packages\Plex-Media-Server-0.9.1104.739-a4e710f-en-US.exe [61979064] O61 - LFC: 06/04/2015 - 13:28:17 ---A- . (...) -- C:\Users\Kauan\AppData\Local\Google\Chrome\User Data\ev_hashes_whitelist.bin [1113849] O61 - LFC: 30/03/2015 - 13:28:17 ---A- . (.Google Inc..) -- C:\Users\Kauan\AppData\Local\Google\Chrome\User Data\WidevineCDM\1.4.7.771\_platform_specific\win_x64\widevinecdmadapter.dll [240968] ~ 6 Fichiers temporaires (Temporary files) ~ 15 Fichiers cookies (Cookies files) ~ Files: 22 Scanned in 00mn 03s ---\\ Lista das ferramentas de remoção de vírus (LAT) (063) O63 - Logiciel: ZHPDiag 2015 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =>.Nicolas Coolman O63 - Logiciel: HiJackThis - (.Trend Micro.) [HKLM] -- {45A66726-69BC-466B-A7A4-12FCBA4883D7} ~ ADS: Scanned in 00mn 00s ---\\ Lista dos serviços Legacy du registo (064) O64 - Services: CurCS - 20/11/2014 - C:\Windows\System32\DRIVERS\atikmdag.sys (amdkmdag) .(.Advanced Micro Devices, Inc. - ATI Radeon Kernel Mode Driver.) - LEGACY_AMDKMDAG O64 - Services: CurCS - 15/11/2012 - C:\Windows\System32\DRIVERS\igdkmd64.sys (igfx) .(.Intel Corporation - Intel Graphics Kernel Mode Driver.) - LEGACY_IGFX O64 - Services: CurCS - 17/03/2015 - C:\Windows\system32\drivers\mbam.sys (MBAMProtector) .(.Malwarebytes Corporation - Malwarebytes Anti-Malware.) - LEGACY_MBAMPROTECTOR O64 - Services: CurCS - 10/06/2009 - C:\Windows\System32\Drivers\secdrv.sys (secdrv) .(.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) - LEGACY_SECDRV ~ Legacy: 88 Scanned in 00mn 00s ---\\ Associações Shell Spawning (O67) O67 - Shell Spawning: <.bat> <batfile>[HKLM\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.cpl> <cplfile>[HKLM\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe =>.Microsoft Corporation O67 - Shell Spawning: <.cmd> <cmdfile>[HKLM\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.com> <comfile>[HKLM\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.evt> <evtfile>[HKLM\..\open\Command] (.Microsoft Corporation - Iniciador do snap-in de 'Visualizar eventos'.) -- C:\Windows\System32\eventvwr.exe O67 - Shell Spawning: <.exe> <exefile>[HKLM\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.html> <htmlfile>[HKLM\..\open\Command] (.Not Key.) O67 - Shell Spawning: <.js> <JSFile>[HKLM\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\WScript.exe O67 - Shell Spawning: <.reg> <regfile>[HKLM\..\open\Command] (.Microsoft Corporation - Editor do Registro.) -- C:\Windows\regedit.exe O67 - Shell Spawning: <.scr> <scrfile>[HKLM\..\open\Command] (...) -- "%1" /S O67 - Shell Spawning: <.html> <ChromeHTML>[HKCU\..\open\Command] (.Not Key.) ~ FASS Keys: 11 Scanned in 00mn 00s ---\\ Menu de inicialização Internet (068) O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe O68 - StartMenuInternet: <Google Chrome> <Google Chrome>[HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe O68 - StartMenuInternet: <IEXPLORE.EXE> <>[HKLM\..\Shell\open\Command] (.Not Key.) ~ Keys: Scanned in 00mn 00s ---\\ Listagem dos serviços iniciados pelo Svchost (SSS) (O83) O83 - Search Svchost Services: AeLookupSvc (AeLookupSvc) . (.Microsoft Corporation - Serviço de Experiência com Aplicativo.) -- C:\Windows\System32\aelupsvc.dll [72192] O83 - Search Svchost Services: CertPropSvc (CertPropSvc) . (.Microsoft Corporation - Serviço de Propagação de Certificado de Cartão Inteligente da Microsof.) -- C:\Windows\System32\certprop.dll [80384] O83 - Search Svchost Services: SCPolicySvc (SCPolicySvc) . (.Microsoft Corporation - Serviço de Propagação de Certificado de Cartão Inteligente da Microsof.) -- C:\Windows\System32\certprop.dll [80384] O83 - Search Svchost Services: lanmanserver (lanmanserver) . (.Microsoft Corporation - DLL de Serviço do Servidor.) -- C:\Windows\System32\srvsvc.dll [236032] O83 - Search Svchost Services: gpsvc (gpsvc) . (.Microsoft Corporation - Cliente da Diretiva de Grupo.) -- C:\Windows\System32\gpsvc.dll [777728] O83 - Search Svchost Services: IKEEXT (IKEEXT) . (.Microsoft Corporation - Extensão IKE.) -- C:\Windows\System32\ikeext.dll [859648] O83 - Search Svchost Services: AudioSrv (AudioSrv) . (.Microsoft Corporation - Serviço de Áudio do Windows.) -- C:\Windows\System32\Audiosrv.dll [680960] O83 - Search Svchost Services: Rasauto (Rasauto) . (.Microsoft Corporation - Gerenciador de Discagem Automática de Acesso Remoto.) -- C:\Windows\System32\rasauto.dll [99328] O83 - Search Svchost Services: Rasman (Rasman) . (.Microsoft Corporation - Gerenciador de conexão de acesso remoto.) -- C:\Windows\System32\rasmans.dll [344064] O83 - Search Svchost Services: Remoteaccess (Remoteaccess) . (.Microsoft Corporation - Gerenciador de Interface Dinâmica.) -- C:\Windows\System32\mprdim.dll [97792] O83 - Search Svchost Services: SENS (SENS) . (.Microsoft Corporation - Serviço de Notificação de Eventos do Sistema (SENS).) -- C:\Windows\System32\sens.dll [64512] O83 - Search Svchost Services: Sharedaccess (Sharedaccess) . (.Microsoft Corporation - Componentes do Microsoft NAT Helper.) -- C:\Windows\System32\ipnathlp.dll [359424] O83 - Search Svchost Services: Tapisrv (Tapisrv) . (.Microsoft Corporation - Servidor de telefonia do Microsoft(R) Windows(TM).) -- C:\Windows\System32\tapisrv.dll [316928] O83 - Search Svchost Services: TermService (TermService) . (.Microsoft Corporation - Gerenciador de Conexões Remotas do Servidor Host da Sessão da Área de.) -- C:\Windows\System32\termsrv.dll [683520] O83 - Search Svchost Services: wuauserv (wuauserv) . (.Microsoft Corporation - Windows Update Agent.) -- C:\Windows\System32\wuaueng.dll [2477536] O83 - Search Svchost Services: BITS (BITS) . (.Microsoft Corporation - Serviço de transferência inteligente de plano de fundo.) -- C:\Windows\System32\qmgr.dll [849920] O83 - Search Svchost Services: ShellHWDetection (ShellHWDetection) . (.Microsoft Corporation - DLL de serviços do Shell do Windows.) -- C:\Windows\System32\shsvcs.dll [370688] O83 - Search Svchost Services: iphlpsvc (iphlpsvc) . (.Microsoft Corporation - Serviço que oferece conectividade IPv6 em uma rede IPv4..) -- C:\Windows\System32\iphlpsvc.dll [569344] O83 - Search Svchost Services: seclogon (seclogon) . (.Microsoft Corporation - DLL de serviço de logon secundário.) -- C:\Windows\system32\seclogon.dll [30720] O83 - Search Svchost Services: AppInfo (AppInfo) . (.Microsoft Corporation - Serviço de Informações de Aplicativos.) -- C:\Windows\System32\appinfo.dll [70144] O83 - Search Svchost Services: msiscsi (msiscsi) . (.Microsoft Corporation - Serviço de Descoberta iSCSI.) -- C:\Windows\System32\iscsiexe.dll [156672] O83 - Search Svchost Services: MMCSS (MMCSS) . (.Microsoft Corporation - Serviço Agendador de Classes de Multimídia.) -- C:\Windows\System32\mmcss.dll [67584] O83 - Search Svchost Services: winmgmt (winmgmt) . (.Microsoft Corporation - WMI.) -- C:\Windows\System32\wbem\WMIsvc.dll [242688] O83 - Search Svchost Services: SessionEnv (SessionEnv) . (.Microsoft Corporation - Serviço de Configuração da Área de Trabalho Remota.) -- C:\Windows\System32\sessenv.dll [121856] O83 - Search Svchost Services: browser (browser) . (.Microsoft Corporation - DLL de Serviço Pesquisador de Computadores.) -- C:\Windows\System32\browser.dll [136704] O83 - Search Svchost Services: EapHost (EapHost) . (.Microsoft Corporation - Serviço Microsoft EAPHost.) -- C:\Windows\System32\eapsvc.dll [111104] O83 - Search Svchost Services: schedule (schedule) . (.Microsoft Corporation - Serviço Agendador de Tarefas.) -- C:\Windows\System32\schedsvc.dll [1110016] O83 - Search Svchost Services: hkmsvc (hkmsvc) . (.Microsoft Corporation - Serviço de Gerenciamento de Chaves.) -- C:\Windows\System32\kmsvc.dll [90624] O83 - Search Svchost Services: wercplsupport (wercplsupport) . (.Microsoft Corporation - Relatórios de Problemas e Soluções.) -- C:\Windows\System32\wercplsupport.dll [84480] O83 - Search Svchost Services: ProfSvc (ProfSvc) . (.Microsoft Corporation - ProfSvc.) -- C:\Windows\System32\profsvc.dll [210432] O83 - Search Svchost Services: Themes (Themes) . (.Microsoft Corporation - DLL do Serviço de Tema do Shell do Windows.) -- C:\Windows\System32\themeservice.dll [44544] O83 - Search Svchost Services: BDESVC (BDESVC) . (.Microsoft Corporation - Serviço BDE.) -- C:\Windows\System32\bdesvc.dll [100864] O83 - Search Svchost Services: AppMgmt (AppMgmt) . (.Microsoft Corporation - Serviço de instalação do software.) -- C:\Windows\System32\appmgmts.dll [193536] ~ Services: 33 Scanned in 00mn 00s ---\\ Lista das exceções do FireWall (FirewallRules) (O87) O87 - FAEL: "{04330139-911D-45B2-9E09-BF4A9FFBDCBE}" | In - None - P6 - TRUE | .(.BitTorrent Inc. - µTorrent.) -- C:\Users\Kauan\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.BitTorrent O87 - FAEL: "{4A6AE83A-0B64-4E51-B2C8-0B9DA2FAFCC8}" | In - None - P17 - TRUE | .(.BitTorrent Inc. - µTorrent.) -- C:\Users\Kauan\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.BitTorrent ~ Firewall: 2 Scanned in 00mn 01s ---\\ Search CLSID Registry Key (O101) [HKCR\CLSID\{320AF880-6646-11D3-ABEE-C5DBF3571F49}] (SavePass) =>PUP.CrossRider ~ BCK: 5618 Scanned in 00mn 12s ---\\ Estado general dos serviços não Microsoft (EGS) (SR=Executados, SS=Parados) SS - | Demand 15/11/2012 277048 | (cphs) . (.Intel Corporation.) - C:\Windows\SysWow64\IntelCpHeciSvc.exe SS - | Auto 31/10/2014 107912 | (gupdate) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe SS - | Demand 31/10/2014 107912 | (gupdatem) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe SS - | Demand 03/04/2005 69632 | (IDriverT) . (.Macrovision Corporation.) - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe SS - | Auto 17/03/2015 1080120 | (MBAMService) . (.Malwarebytes Corporation.) - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe SS - | Demand 05/03/2015 148080 | (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe SS - | Disabled 29/05/2014 45568 | (OracleJobSchedulerXE) . (...) - c:\oraclexe\app\oracle\product\11.2.0\server\Bin\extjob.exe SS - | Demand 29/05/2014 81408 | (OracleMTSRecoveryService) . (.Oracle Corporation.) - C:\oraclexe\app\oracle\product\11.2.0\server\BIN\omtsreco.exe SS - | Demand 30/05/2014 147110912 | (OracleServiceXE) . (.Oracle Corporation.) - c:\oraclexe\app\oracle\product\11.2.0\server\bin\ORACLE.exe SS - | Demand 29/05/2014 83968 | (OracleXEClrAgent) . (.Oracle Corporation.) - C:\oraclexe\app\oracle\product\11.2.0\server\bin\OraClrAgnt.exe SS - | Demand 29/05/2014 522240 | (OracleXETNSListener) . (.Oracle Corporation.) - C:\oraclexe\app\oracle\product\11.2.0\server\BIN\tnslsnr.exe SS - | Demand 25/11/2010 1116656 | (RoxMediaDB12OEM) . (.Sonic Solutions.) - C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe SS - | Auto 25/11/2010 219632 | (RoxWatch12) . (.Sonic Solutions.) - C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe SS - | Demand 18/02/2015 835776 | (Steam Client Service) . (.Valve Corporation.) - C:\Program Files (x86)\Common Files\Steam\SteamService.exe SS - | Demand 08/11/2010 74392 | (stllssvr) . (.MicroVision Development, Inc..) - C:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe SS - | Demand 20/11/2014 221184 | (Wildfly) . (.Apache Software Foundation.) - C:\wildfly\bin\service\amd64\wildfly-service.exe SR - | Auto 19/12/2014 81088 | (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe SR - | Auto 03/03/2009 89600 | (AESTFilters) . (.Andrea Electronics Corporation.) - C:\Program Files\IDT\WDM\AESTSr64.exe SR - | Auto 20/11/2014 244736 | (AMD External Events Utility) . (.AMD.) - C:\Windows\System32\atiesrxx.exe SR - | Auto 20/05/2011 146592 | (Atheros Bt&Wlan Coex Agent) . (.Atheros.) - C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\Ath_CoexAgent.exe SR - | Auto 20/05/2011 80032 | (AtherosSvc) . (.Atheros Commnucations.) - C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\adminservice.exe SR - | Auto 29/12/2010 440144 | (DpHost) . (.DigitalPersona, Inc..) - C:\Program Files\DigitalPersona\Bin\DpHostW.exe SR - | Auto 13/11/2014 108032 | (Freemake Improver) . (.Freemake.) - C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe SR - | Auto 25/06/2010 331512 | (QDLService2kDell) . (.QUALCOMM, Inc..) - C:\Program Files (x86)\QUALCOMM\QDLService2k\QDLService2kDell.exe SR - | Auto 08/09/2011 305152 | (STacSV) . (.IDT, Inc..) - C:\Program Files\IDT\WDM\STacSV64.exe SR - | Auto 29/01/2015 49968 | (valWBFPolicyService) . (.Synaptics Incorporated.) - C:\Windows\System32\valWBFPolicyService.exe SR - | Auto 13/07/2009 27136 | C:\Program Files (x86)\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe SR - | Auto 22/07/1658 0 | (WMPNetworkSvc) . (...) - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe =>.Microsoft Corporation SR - | Auto 13/07/2009 27136 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe ~ Services: Scanned in 00mn 12s ---\\ Pesquisa de infeção no Registo Mestre de Inicialização (MBR) (080) Run by Kauan at 06/04/2015 13:29:26 ~ OS 64 not supported by MBR tool ~ MBR: 0 Scanned in 00mn 00s ---\\ Pesquisa de infeção no Registo Mestre de Inicialização (MBRCheck) (080) Written by ad13, http://ad13.geekstog Run by Kauan at 06/04/2015 13:29:29 ********* Dump file Name ********* C:\PhysicalDisk0_MBR.bin ~ MBR: Scanned in 00mn 02s ---\\ Lista dos emuladores de CD/DVD (MBR Hook) O42 - Logiciel: DAEMON Tools Lite - (.Disc Soft Ltd.) [HKLM][64Bits] -- DAEMON Tools Lite =>.DT Soft Ltd ~ Emulateurs: Scanned in 00mn 02s ---\\ Scâner Aditional (088) Database Version : 13008 - (29/03/2015) Clés trouvées (Keys found) : 1 Valeurs trouvées (Values found) : 2 Dossiers trouvés (Folders found) : 1 Fichiers trouvés (Files found) : 2 [HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\uTorrent] =>P2P.BitTorrent^ C:\Users\Kauan\AppData\Roaming\uTorrent =>P2P.µTorrent^ [HKCU\Software\BitTorrent] =>P2P.BitTorrent^ [HKCR\CLSID\{320AF880-6646-11D3-ABEE-C5DBF3571F49}] (SavePass) =>PUP.CrossRider^ ~ Additionnel Scan: 320181 Items scanned in 00mn 28s ---\\ Informações complémentaires do módulos ~ http://nicolascoolman.fr/g2-google-chrome-extensions/ =>.Google Chrome, Arranque,Pesquisa,Extensões (G0,G1,G2) ~ http://nicolascoolman.fr/r5-internet-explorer-proxy-management-iepm/ =>.Internet Explorer, Gestão do Proxy (R5) ~ http://nicolascoolman.fr/o2-browser-helper-objects-de-navigateur/ =>.Browser Helper Objects do navegador (02) ~ http://nicolascoolman.fr/o3-internet-explorer-toolbars/ =>.Barras do Internet Explorer (03)) ~ http://nicolascoolman.fr/o4-applications-demarrees-par-le-registre/ =>.Aplicações iniciadas por registo & pastas (04) ~ http://nicolascoolman.fr/o51-mountpoints2-shell-key-mpsk/ =>.Chave do registo Shell MountPoints2 (MPSK) (O51) ~ AMI: 6 Scanned in 00mn 00s ---\\ Sumário das deteções encontradas na sua estação http://nicolascoolman.fr/pup-crossrider =>PUP.CrossRider ~ MSI: 1 link(s) detected in 00mn 00s End of the scan (1396 lines in 02mn 11s)(0.6) Compartilhar este post Link para o post Compartilhar em outros sites
Power Max 54 Denunciar post Postado Abril 6, 2015 :seta: Selecione e copie todo o texto destacado em vermelho abaixo (começando em script zhpfix e indo até emptyclsid) script zhpfix SysRestore O34 - HKLM BootExecute: (sdnclean64.exe) - File not found [HKCU\Software\AKSM] [HKCU\Software\DOJJ] [HKCU\Software\MAIWVPZ] [HKCU\Software\SXML] [HKCU\Software\VIXJ] [HKLM\Software\Wow6432Node\NtSvcHandler] [HKLM\Software\Wow6432Node\NtIObits] O43 - CFD: 05/04/2015 - 20:44:07 - [] ----D C:\Program Files (x86)\Legendas-3.1 O44 - LFC:[MD5.7C62BCBB015DBF84AA40C0806F1C8194] - 03/04/2015 - 11:50:24 ---A- . (.Baidu, Inc. - Baidu Antivirus Minifilter Driver.) -- C:\Windows\System32\Drivers\BprotectEx.sys [94528] O58 - SDL:14/12/2014 - 22:59:20 ---A- . (.Baidu, Inc. - Baidu Antivirus Minifilter Driver.) -- C:\Windows\System32\Drivers\BprotectEx.sys [94528] [HKCR\CLSID\{320AF880-6646-11D3-ABEE-C5DBF3571F49}] (SavePass) =>PUP.CrossRider [HKCR\CLSID\{320AF880-6646-11D3-ABEE-C5DBF3571F49}] (SavePass) =>PUP.CrossRider^ ShortcutFix EmptyTemp EmptyFlash emptyclsid _____________________________________________________________________________________________________________ :seta: Vá no menu: Iniciar > Todos os programas > ZHP > Clique com o botão direito do mouse sobre o Zhpfix e escolha a opção de Executar como administrador > Clique em Importação > Clique no botão GO > Clique em Oui > Caso queira que os arquivos da lixeira sejam excluídos clique em Oui novamente > Um relatório aparecerá no bloco de notas. Copie este relatório e poste em sua próxima resposta. Nota: Esse script foi elaborado somente para este computador, de acordo com os arquivos e chaves presentes. Aos visitantes: Se estiverem com um problema semelhante, não utilizem esse script, pois o uso sem supervisão pode causar danos ao sistema. Compartilhar este post Link para o post Compartilhar em outros sites
gRoOvE 0 Denunciar post Postado Abril 6, 2015 Segue o relatório do Zhpfix: Rapport de ZHPFix 2015.3.18.4 par Nicolas Coolman, Update du 18/03/2015 Fichier d'export Registre : Run by Kauan at 06/04/2015 17:46:21 High Elevated Privileges : OK Windows 7 Business Edition, 64-bit Service Pack 1 (Build 7601) Reciclagem vazia (00mn 01s) Reparação de atalhos do navegador ========== Processo memória ========== AUSENTE Memory Process: O34 - HKLM BootExecute: (sdnclean64.exe) - File not found ========== Chaves do Registo ========== ELIMINÉ: HKCU\Software\AKSM ELIMINÉ: HKCU\Software\DOJJ ELIMINÉ: HKCU\Software\MAIWVPZ ELIMINÉ: HKCU\Software\SXML ELIMINÉ: HKCU\Software\VIXJ ELIMINÉ: HKLM\Software\Wow6432Node\NtSvcHandler ELIMINÉ: HKLM\Software\Wow6432Node\NtIObits ELIMINÉ:* HKCR\CLSID\{320AF880-6646-11D3-ABEE-C5DBF3571F49} ========== Pastas ========== Nenhuma pasta CLSID local utilizador vazia ========== Ficheiros ========== ELIMINA REINICIAR: c:\windows\system32\drivers\bprotectex.sys ELIMINÉ Temporários windows (3) (4.754 octets) ELIMINÉ Flash Cookies (0) (0 octets) ========== Restauração Sistema ========== Ponto de restauro do sistema criado com sucesso ========== Recapitulativo ========== 1 : Processo memória 8 : Chaves do Registo 1 : Pastas 3 : Ficheiros 1 : Restauração Sistema End of clean in 00mn 16s ========== Caminho do ficheiro do relatório ========== C:\Users\Kauan\AppData\Roaming\ZHP\ZHPFix[R1].txt - 05/04/2015 20:44:52 [2234] C:\Users\Kauan\AppData\Roaming\ZHP\ZHPFix[R2].txt - 06/04/2015 17:46:23 [1433] Compartilhar este post Link para o post Compartilhar em outros sites
Power Max 54 Denunciar post Postado Abril 7, 2015 Como está o PC depois destes procedimentos? Os problemas foram resolvidos? Compartilhar este post Link para o post Compartilhar em outros sites
