Usamos cookies para medir audiência e melhorar sua experiência. Você pode aceitar ou recusar a qualquer momento. Veja sobre o iMasters.
Olá pessoal.
Parabéns pela iniciativa.
Faz um tempo que acompanho os foruns, mas só agora decidi participar.
Tenho um AMD Athlon dual core x2 ql 62 2 Ghz
1.75 RAM
Win 7 Professional 32 bits
Sei que não é lá estas coisas, mas não era pra estar consumindo tanta memória "injustificadamente"
As vezes só ficar ligado ou apenas abrir o navegador vai pra 100% de CPU e chega a 98, 99º
Segue alguns logs que fiz ontem:
*** [ Serviços ] ***
*** [ Arquivos / Pastas ] ***
*** [ Tarefas agendadas ] ***
*** [ Atalhos ] ***
*** [ Registro ] ***
*** [ Navegadores ] ***
-\\ Internet Explorer v9.0.8112.16421
-\\ Mozilla Firefox v38.0.1 (x86 pt-BR)
-\\ Google Chrome v
[C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Apagado [search Provider] : hxxp://br.ask.com/web?q={searchTerms}
*************************
AdwCleaner[R0].txt - [8527 bytes] - [26/05/2015 17:05:20]
AdwCleaner[R1].txt - [1001 bytes] - [22/07/2015 18:42:15]
AdwCleaner[R2].txt - [1064 bytes] - [22/07/2015 18:45:09]
AdwCleaner[R3].txt - [1239 bytes] - [22/07/2015 18:59:33]
AdwCleaner[s0].txt - [8348 bytes] - [26/05/2015 17:24:47]
AdwCleaner[s1].txt - [1119 bytes] - [22/07/2015 18:56:12]
AdwCleaner[s2].txt - [1155 bytes] - [22/07/2015 19:01:02]
########## EOF - C:\AdwCleaner\AdwCleaner[s2].txt - [1214 bytes] ##########
Logfile of Trend Micro HijackThis v2.0.5
Scan saved at 19:12:29, on 22/07/2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
CHROME: 43.0.2357.81
FIREFOX: 38.0.1 (x86 pt-BR)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskhost.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\Motorola Mobility\Motorola Device Manager\MotoHelperAgent.exe
C:\Program Files\Hotkey\Hotkey.exe
C:\Users\Jana\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Windows\system32\NOTEPAD.EXE
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\System32\mobsync.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files\Malwarebytes Anti-Malware\mbam.exe
C:\Users\Jana\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Jana\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Jana\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Jana\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Jana\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Jana\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\Jana\Desktop\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.8.0_45\bin\ssv.dll
O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.8.0_45\bin\jp2ssv.dll
O4 - HKLM\..\Run: [synTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
O4 - HKCU\..\Run: [Dropbox Update] "C:\Users\Jana\AppData\Local\Dropbox\Update\DropboxUpdate.exe" /c
O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVIÇO LOCAL')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVIÇO LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVIÇO DE REDE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVIÇO DE REDE')
O4 - HKUS\S-1-5-18\..\Run: [MotoCast] "C:\Program Files\Motorola Mobility\MotoCast\MotoLauncher.lnk" (User 'SISTEMA')
O4 - HKUS\.DEFAULT\..\Run: [MotoCast] "C:\Program Files\Motorola Mobility\MotoCast\MotoLauncher.lnk" (User 'Default user')
O4 - Startup: Dropbox.lnk = Jana\AppData\Roaming\Dropbox\bin\Dropbox.exe
O4 - Global Startup: Hotkey.lnk = C:\Program Files\Hotkey\Hotkey.exe
O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office12\EXCEL.EXE/3000
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe--
End of file - 5298 bytes
~ Relatório do ZHPDiag v2015.4.6.36 - Nicolas Coolman (29/03/2015)
~ Iniciado por Jana (22/07/2015 19:18:12)
~ Facebook : https://www.facebook.com/nicolascoolman1
~ Endereço do Webforum : http://forum.nicolascoolman.fr
~ Tradução pelo utilizador
~ Estatuto da versão : Nova Versão disponivel
~ Lista Branca : Ativado pelo programa
~ Elevação dos Privilégios : OK
~ Controle de Conta de Utilizador : Deactivate by user
---\\ Navegadores Internet
MSIE: Internet Explorer v9.0.8112.16421
MFIE: Mozilla Firefox 38.0.1
GCIE: Google Chrome v43.0.2357.81 (Defaut)
---\\ Informações sobre os produtos Windows
~ Langage: Portugais
Windows Server License Manager Script : OK
Software Protection Service (Protection logicielle) : OK
Windows Automatic Updates : OK
Windows Activation Technologies : OK
Windows 7 Professional, 32-bit Service Pack 1 (Build 7601)
---\\ Softwares de proteçao do sistema
Malwarebytes Anti-Malware versão 2.1.8.1057
Microsoft Security Essentials v1.0.2498.0
ESET Online Scanner v3
Windows Defender W7 (Deactivate)
---\\ Softwares d'optimização do sistema
CCleaner v4.15
---\\ Softwares de partilha do PeerToPeer (P2P)
---\\ Monitoramento dos softwares
Adobe Flash Player 18 NPAPI
---\\ Informações sobre o sistema
~ Processor: x86 Family 17 Model 3 Stepping 1, AuthenticAMD
~ Operating System: 32 Bits
Boot mode: Normal (Normal boot)
Total RAM: 1790 MB (26% free)
System Restore: Activé (Enable)
System drive C: has 9 GB (11%) free of 78 GB
---\\ Modo de conexão ao sistema
~ Computer Name: JANA-PC
~ User Name: Jana
~ All Users Names: Jana, HomeGroupUser$, Convidado, Administrador,
~ Unselected Option: 045,061,O62,065,066,080,O82,089
Logged in as Administrator
---\\ As variáveis de ambiente
~ System Unit : C:\
~ %AppZHP% : C:\Users\Jana\AppData\Roaming\ZHP\
~ %AppData% : C:\Users\Jana\AppData\Roaming\
~ %Desktop% : C:\Users\Jana\Desktop\
~ %Favorites% : D:\Jana\Favorites\
~ %LocalAppData% : C:\Users\Jana\AppData\Local\
~ %StartMenu% : C:\Users\Jana\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\
---\\ Enumeração das unidades dos discos
C: Hard drive, Flash drive, Thumb drive (Free 9 Go of 78 Go)
D: Hard drive, Flash drive, Thumb drive (Free 219 Go of 388 Go)
E: CD-ROM drive (Free 0 Go of 1 Go)
---\\ Estado do Centro de Segurança do Windows
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: Modified
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowMyGames: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime : Out Of Date
~ Security Center: 43 Legitimates Filtered in 00mn 00s
---\\ Pesquisa particular de ficheiros genéricos
[MD5.8B88EBBB05A0E56B7DCC708498C02B3E] - (.Microsoft Corporation - Windows Explorer.) (.25/02/2011 - 02:30:54.) -- C:\Windows\Explorer.exe [2616320]
[MD5.B5C5DCAD3899512020D135600129D665] - (.Microsoft Corporation - Aplicativo de Inicialização do Windows.) (.13/07/2009 - 22:14:45.) -- C:\Windows\System32\Wininit.exe [96256]
[MD5.44465367256D1C72B58F5ABAA19E7016] - (.Microsoft Corporation - Internet Extensions para Win32.) (.27/02/2012 - 22:11:07.) -- C:\Windows\System32\wininet.dll [1127424]
[MD5.6D13E1406F50C66E2A95D97F22C47560] - (.Microsoft Corporation - Aplicativo de Logon do Windows.) (.20/11/2010 - 03:17:56.) -- C:\Windows\System32\Winlogon.exe [286720]
[MD5.E3AE23569749DE12D45BA3B489A036AE] - (.Microsoft Corporation - Biblioteca de Licenciamento de Software.) (.20/11/2010 - 03:21:26.) -- C:\Windows\System32\sppcomapi.dll [193536]
[MD5.9EBBBA55060F786F0FCAA3893BFA2806] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.24/04/2011 - 23:18:03.) -- C:\Windows\system32\Drivers\AFD.sys [338944]
[MD5.338C86357871C167A96AB976519BF59E] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.13/07/2009 - 22:26:15.) -- C:\Windows\system32\Drivers\atapi.sys [21584]
[MD5.77EA11B065E0A8AB902D78145CA51E10] - (.Microsoft Corporation - CD-ROM File System Driver.) (.13/07/2009 - 20:11:15.) -- C:\Windows\system32\Drivers\Cdfs.sys [70656]
[MD5.BE167ED0FDB9C1FA1133953C18D5A6C9] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.19/11/2010 - 23:38:12.) -- C:\Windows\system32\Drivers\Cdrom.sys [108544]
[MD5.F024449C97EC1E464AAFFDA18593DB88] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.19/11/2010 - 23:42:34.) -- C:\Windows\system32\Drivers\DfsC.sys [78336]
[MD5.9036377B8A6C15DC2EEC53E489D159B5] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.20/11/2010 - 00:59:30.) -- C:\Windows\system32\Drivers\HDAudBus.sys [108544]
[MD5.F151F0BDC47F4A28B1B20A0818EA36D6] - (.Microsoft Corporation - Driver de porta i8042.) (.13/07/2009 - 20:11:24.) -- C:\Windows\system32\Drivers\i8042prt.sys [80896]
[MD5.A5FA468D67ABCDAA36264E463A7BB0CD] - (.Microsoft Corporation - IP Network Address Translator.) (.13/07/2009 - 20:54:29.) -- C:\Windows\system32\Drivers\IpNat.sys [101888]
[MD5.5D16C921E3671636C0EBA3BBAAC5FD25] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.26/04/2011 - 23:17:22.) -- C:\Windows\system32\Drivers\MRxSmb.sys [123904]
[MD5.280122DDCF04B378EDD1AD54D71C1E54] - (.Microsoft Corporation - MBT Transport driver.) (.19/11/2010 - 23:39:46.) -- C:\Windows\system32\Drivers\netBT.sys [187904]
[MD5.81189C3D7763838E55C397759D49007A] - (.Microsoft Corporation - Driver do Sistema de Arquivos NT.) (.11/03/2011 - 02:39:00.) -- C:\Windows\system32\Drivers\ntfs.sys [1211264]
[MD5.2EA877ED5DD9713C5AC74E8EA7348D14] - (.Microsoft Corporation - Driver de porta paralela.) (.13/07/2009 - 20:45:35.) -- C:\Windows\system32\Drivers\Parport.sys [79360]
[MD5.D9F91EAFEC2815365CBE6D167E4E332A] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.13/07/2009 - 20:54:34.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [78848]
[MD5.B973FCFC50DC1434E1970A146F7E3885] - (.Microsoft Corporation - Microsoft RDP Device redirector.) (.20/11/2010 - 01:24:48.) -- C:\Windows\system32\Drivers\rdpdr.sys [133632]
[MD5.3E21C083B8A01CB70BA1F09303010FCE] - (.Microsoft Corporation - SMB Transport driver.) (.13/07/2009 - 20:53:41.) -- C:\Windows\system32\Drivers\smb.sys [71168]
[MD5.B459575348C20E8121D6039DA063C704] - (.Microsoft Corporation - TDI Translation Driver.) (.19/11/2010 - 23:39:18.) -- C:\Windows\system32\Drivers\tdx.sys [74752]
[MD5.F497F67932C6FA693D7DE2780631CFE7] - (.Microsoft Corporation - Driver de cópia de sombra de volume.) (.20/11/2010 - 03:30:18.) -- C:\Windows\system32\Drivers\volsnap.sys [245632]
~ Generic Processes: Scanned in 00mn 00s
---\\ Estatuto dos ficheiros ocultos (Oculto/Total)
~ Mes images (My Pictures) : 2/123
~ Mes musiques (My Musics) : 4/89
~ Mes Favoris (My Favorites) : 1/22
~ Mes Documents (My Documents) : 4/67
~ Mon Bureau (My Desktop) : 2/6491
~ Menu demarrer (Programs) : 1/40
~ Hidden Files: Scanned in 00mn 06s
---\\ Processos lançados
[MD5.7E4963EE16B0436D38D15879830651F6] - (.Synaptics Incorporated - Synaptics TouchPad Enhancements.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1697064] [PID.2904]
[MD5.4BA2F5C784915385254DA091510B97F5] - (.Synaptics Incorporated - Synaptics Pointing Device Helper.) -- C:\Program Files\Synaptics\SynTP\SynTPHelper.exe [103720] [PID.2952]
[MD5.D91F16AA4A6ED9FE00D1BF99D224932C] - (.Motorola Mobility LLC - MotoHelperAgent.) -- C:\Program Files\Motorola Mobility\Motorola Device Manager\MotoHelperAgent.exe [694584] [PID.2988]
[MD5.25D3D9FDFAB47460852DF3DEAB5AF6EA] - (.No owner - HotKey.) -- C:\Program Files\Hotkey\Hotkey.exe [2553856] [PID.3048]
[MD5.820087CDD437E0307D94BF1E05B49422] - (.Dropbox, Inc. - Dropbox.) -- C:\Users\Jana\AppData\Roaming\Dropbox\bin\Dropbox.exe [43871968] [PID.3060]
[MD5.072678E0D68E9C3A7960328671134C7B] - (.Microsoft Corporation - Windows Update.) -- C:\Windows\system32\wuauclt.exe [54240] [PID.2452]
[MD5.ABFF2B3A80AA5348BE5E43EFD6B415D1] - (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Program Files\Malwarebytes Anti-Malware\mbam.exe [6554424] [PID.3044]
[MD5.C4EF32C1C0473392EF4204890AF8E457] - (.Google Inc. - Google Chrome.) -- C:\Users\Jana\AppData\Local\Google\Chrome\Application\chrome.exe [813896] [PID.1248]
[MD5.E96DD1ABAC2BE889CF521EA2192BFD1D] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [8196608] [PID.3340]
~ Processes Running: Scanned in 00mn 01s
---\\ Google Chrome, Arranque,Pesquisa,Extensões (G0,G1,G2)
C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Default\Preferences
---\\ Pasta de extensão do Google Chrome
~ Google Lines Browser: 5 Legitimates Filtered in 00mn 00s
---\\ Mozilla Firefox, Plugins,Arranque,Pesquisa,Extensões (P2,M0,M1,M2,M3)
P2 - FPN: [HKCU] [@octoshape.com/Octoshape Streaming Services,version=1.0] - (.Octoshape ApS - Octoshape embedded video plugin.) -- C:\Users\Jana\AppData\Roaming\Octoshape\Octoshape Streaming Services\sua-1312180-0-npoctoshape.dll
~ Firefox Browser: 19 Legitimates Filtered in 00mn 00s
---\\ Internet Explorer, Gestão do Proxy (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s
---\\ Análise das linhas F0, F1, F2, F3 - Ficheiros ini, Carregamento Automático de programas
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys: Scanned in 00mn 00s
---\\ Redireção do ficheiro Hosts (01)
~ Le fichier hôte est sain (The hosts file is clean) (22)
~ Hosts File: Scanned in 00mn 00s
---\\ Outras conexões do utilizador (04)
O4 - GS\Desktop [Jana]: uTorrentPortable - Atalho.lnk . (.PortableApps.com - uTorrent Portable (PortableApps.com Launche.) -- D:\Jana\Downloads\uTorrentPortable\uTorrentPortable.exe =>P2P.µTorrent
O4 - GS\Desktop [Jana]: µTorrent.lnk . (.BitTorrent Inc. - µTorrent.) -- C:\Users\Jana\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.BitTorrent---\\ Aplicações iniciadas por registo & pastas (04)
O4 - HKLM\..\Run: [synTPEnh] . (.Synaptics Incorporated - Synaptics TouchPad Enhancements.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKCU\..\Run: [Dropbox Update] . (.Dropbox, Inc. - Dropbox Update.) -- C:\Users\Jana\AppData\Local\Dropbox\Update\DropboxUpdate.exe
O4 - HKUS\.DEFAULT\..\Run: [MotoCast] . (...) -- C:\Program Files\Motorola Mobility\MotoCast\MotoLauncher.lnk
O4 - HKUS\S-1-5-18\..\Run: [MotoCast] . (...) -- C:\Program Files\Motorola Mobility\MotoCast\MotoLauncher.lnk
O4 - HKUS\S-1-5-19\..\Run: [sidebar] . (.Microsoft Corporation - Gadgets da Área de Trabalho do Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-20\..\Run: [sidebar] . (.Microsoft Corporation - Gadgets da Área de Trabalho do Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-21-2879642822-4171143380-2997861222-1000\..\Run: [Dropbox Update] . (.Dropbox, Inc. - Dropbox Update.) -- C:\Users\Jana\AppData\Local\Dropbox\Update\DropboxUpdate.exe
~ Application: Scanned in 00mn 00s
---\\ Alteração Dominio/Clientes DNS (017)
O17 - HKLM\System\CCS\Services\Tcpip\..\{9F2D5156-C6EE-4973-A77B-6C6F83D3B644}: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{A9F12E76-4C0B-4278-A8C1-091F399C7BE9}: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{9F2D5156-C6EE-4973-A77B-6C6F83D3B644}: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{A9F12E76-4C0B-4278-A8C1-091F399C7BE9}: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{9F2D5156-C6EE-4973-A77B-6C6F83D3B644}: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{A9F12E76-4C0B-4278-A8C1-091F399C7BE9}: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
~ Domain: Scanned in 00mn 00s
---\\ Protocolo adicional (018)
O18 - Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (.Microsoft Corporation - Photo Gallery Album Download Protocol Handl.) -- C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll =>.Microsoft Corporation
O18 - Filter: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.dll =>.Microsoft Corporation
~ Protocole Additionnel: Scanned in 00mn 00s
---\\ Lista dos serviços NT não Microsoft e não desativados (023)
O23 - Service: (PowerBiosServer) . (.No owner - PowerBiosServer.) - C:\Program Files\Hotkey\PowerBiosServer.exe
~ Services: 8 Legitimates Filtered in 00mn 07s
---\\ Tarefas planificadas automaticamente (039)
[MD5.7C6D524C78A1722AD987B9E47AC1FEE2] [APT] [DropboxUpdateTaskUserS-1-5-21-2879642822-4171143380-2997861222-1000Core] (.Dropbox, Inc..) -- C:\Users\Jana\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512]
[MD5.7C6D524C78A1722AD987B9E47AC1FEE2] [APT] [DropboxUpdateTaskUserS-1-5-21-2879642822-4171143380-2997861222-1000UA] (.Dropbox, Inc..) -- C:\Users\Jana\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512]
[MD5.860BEFC83B54E2ED11C075392CD685C9] [APT] [MotoCast Update] (...) -- C:\Program Files\Motorola Mobility\MotoCast\LiveUpdate\MotoCastUpdate.exe [182640][MD5.3102F06AE7F530BA7A1ED79E1CF5A03D] [APT] [Motorola Device Manager Initial Update] (...) -- C:\Program Files\Motorola Mobility\Motorola Device Manager\MotorolaDeviceManagerUpdate.exe [196504]
[MD5.3102F06AE7F530BA7A1ED79E1CF5A03D] [APT] [Motorola Device Manager Update] (...) -- C:\Program Files\Motorola Mobility\Motorola Device Manager\MotorolaDeviceManagerUpdate.exe [196504]---\\ Software instalados (042)
O42 - Logiciel: AMR Player 1.3 - (.www.amrplayer.com.) [HKLM] -- {2F881B56-CBDF-4EC6-A8D2-6412A879C66A}_is1
O42 - Logiciel: USB Debugging Driver - (.Invisibility Ltd.) [HKLM] -- {B61F9010-3474-11E4-8C21-0800200C9A66}
~ Logic: 17 Legitimates Filtered in 00mn 00s
---\\ HKCU & HKLM Software Keys
[HKCU\Software\GbAs]
[HKCU\Software\bioPDF]
[HKLM\Software\WafCX]
[HKLM\Software\a]
[HKLM\Software\bioPDF]
~ Key Software: 216 Legitimates Filtered in 00mn 00s
---\\ Conteúdo das pastas Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 05/04/2013 - 09:57:01 - [] ----D C:\Program Files\AMR Player
O43 - CFD: 01/02/2013 - 14:22:09 - [] ----D C:\Program Files\bioPDF
O43 - CFD: 22/07/2014 - 20:41:07 - [0] ----D C:\Program Files\GUM6A17.tmp
O43 - CFD: 11/05/2015 - 15:23:05 - [] ----D C:\Program Files\Invisibility Ltd
O43 - CFD: 09/06/2012 - 09:11:49 - [] ----D C:\Program Files\LANcet Chat
O43 - CFD: 01/02/2013 - 14:22:20 - [] ----D C:\Program Files\Common Files\bioPDF
O43 - CFD: 02/11/2014 - 11:22:37 - [0] ----D C:\ProgramData\ProductData
O43 - CFD: 02/11/2014 - 11:21:21 - [0] ----D C:\ProgramData\{3C5CBD7B-3D1D-411E-96C2-513FFCA84D2D}
O43 - CFD: 05/04/2013 - 09:57:01 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMR Player
O43 - CFD: 01/02/2013 - 14:22:22 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\bioPDF
O43 - CFD: 14/07/2009 - 05:53:11 - [0] R-H-D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tablet PC
O43 - CFD: 27/05/2012 - 19:10:45 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Win2PDF
O43 - CFD: 11/05/2015 - 15:19:49 - [] ----D C:\Users\Jana\AppData\Roaming\JWrapper-RecordableActivator
O43 - CFD: 02/11/2014 - 11:23:47 - [] ----D C:\Users\Jana\AppData\Roaming\ProductData
O43 - CFD: 11/05/2015 - 15:19:52 - [] ----D C:\Users\Jana\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RecordableActivator
~ 106 Dossier CLSID vide (CLSID Empty Folder)
~ Program Folder: 310 Legitimates Filtered in 00mn 04s
---\\ Chave do registo Shell MountPoints2 (MPSK) (O51)
O51 - MPSK:{5f12be08-8719-11e2-8f01-0090f5989709}\AutoRun\command. (...) -- F:\MotoCastSetup.exe (.not file.)
~ Keys: Scanned in 00mn 00s
---\\ Enumeração das chaves do registo StartupReg (SMSR) (O53)
O53 - SMSR:HKLM\...\startupreg\AirDroid 3 [Key] . (...) -- C:\Program Files\AirDroid\AirDroid.exe (.not file.)
O53 - SMSR:HKLM\...\startupreg\Wondershare Helper Compact.exe [Key] . (.Wondershare - Wondershare Studio.) -- C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
~ SMSR Keys: 6 Legitimates Filtered in 00mn 00s
---\\ Enumeração das chaves do registo PoliciesSystem (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=0
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
~ MWPS: 16 Legitimates Filtered in 00mn 00s
---\\ Lista dos drivers do sistema (SDL) (O58)
O58 - SDL:13/07/2009 - 22:20:28 ---A- . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\System32\Drivers\elxstor.sys [453712]
O58 - SDL:13/07/2009 - 19:54:14 ---A- . (.Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for eHome.) -- C:\Windows\System32\Drivers\hcw85cir.sys [26624]
O58 - SDL:13/07/2009 - 22:19:04 ---A- . (.Promise Technology - Promise SuperTrak EX Series Driver for Windows.) -- C:\Windows\System32\Drivers\stexstor.sys [21072]
O58 - SDL:13/07/2009 - 18:40:41 ---A- . (...) -- C:\Windows\System32\ANSI.SYS [9029]
O58 - SDL:13/07/2009 - 18:40:44 ---A- . (...) -- C:\Windows\System32\country.sys [27097]
O58 - SDL:13/07/2009 - 18:40:40 ---A- . (...) -- C:\Windows\System32\HIMEM.SYS [4768]
O58 - SDL:13/07/2009 - 18:40:43 ---A- . (...) -- C:\Windows\System32\KEY01.SYS [42809]
O58 - SDL:13/07/2009 - 18:40:43 ---A- . (...) -- C:\Windows\System32\KEYBOARD.SYS [42537]
O58 - SDL:13/07/2009 - 18:40:23 ---A- . (...) -- C:\Windows\System32\NTDOS.SYS [27866]
O58 - SDL:13/07/2009 - 18:40:31 ---A- . (...) -- C:\Windows\System32\NTDOS404.SYS [29146]
O58 - SDL:13/07/2009 - 18:40:35 ---A- . (...) -- C:\Windows\System32\NTDOS411.SYS [29370]
O58 - SDL:13/07/2009 - 18:40:39 ---A- . (...) -- C:\Windows\System32\NTDOS412.SYS [29274]
O58 - SDL:13/07/2009 - 18:40:27 ---A- . (...) -- C:\Windows\System32\NTDOS804.SYS [29146]
O58 - SDL:13/07/2009 - 18:40:11 ---A- . (...) -- C:\Windows\System32\NTIO.SYS [33952]
O58 - SDL:13/07/2009 - 18:40:15 ---A- . (...) -- C:\Windows\System32\NTIO404.SYS [34672]
O58 - SDL:13/07/2009 - 18:40:17 ---A- . (...) -- C:\Windows\System32\NTIO411.SYS [35776]
O58 - SDL:13/07/2009 - 18:40:19 ---A- . (...) -- C:\Windows\System32\NTIO412.SYS [35536]
O58 - SDL:13/07/2009 - 18:40:13 ---A- . (...) -- C:\Windows\System32\NTIO804.SYS [34672]
~ Drivers: 77 Legitimates Filtered in 00mn 01s
---\\ Lista das ferramentas de remoção de vírus (LAT) (063)
O63 - Logiciel: ZHPDiag 2015 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =>.Nicolas Coolman
~ ADS: Scanned in 00mn 00s
---\\ Associações Shell Spawning (O67)
O67 - Shell Spawning: <.html> <ChromeHTML>[HKCU\..\open\Command] (.Not Key.)
~ FASS Keys: 11 Legitimates Filtered in 00mn 00s
---\\ Menu de inicialização Internet (068)
O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe
O68 - StartMenuInternet: <Google Chrome> <Google Chrome>[HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Users\Jana\AppData\Local\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe---\\ Pesquisa de infeção nos navegadores da Internet (SBI) (069)
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (Bing) - http://www.bing.com
O69 - SBI: SearchScopes [HKCU] {BC1071B8-DCCC-4DA8-B4D2-ED2700DBE298} [DefaultScope] - (Google) - http://www.google.com
~ Keys: Scanned in 00mn 00s
---\\ Pesquisa adicional à raiz do sistema (radicular) (SPRF) (O84)
[MD5.09B6F6FCCC35DBAFCB38CB3751FA7C2F] [sPRF][22/07/2015] (.No owner - AdwCleaner.) -- C:\Users\Jana\Desktop\adwcleaner_4.208.exe [2248704]
~ Files: 3 Legitimates Filtered in 00mn 00s
---\\ Lista das exceções do FireWall (FirewallRules) (O87)
O87 - FAEL: "{49F96D33-2C0B-4A7F-9E4C-C6E62592F5B7}" | In - None - P6 - TRUE | .(.BitTorrent Inc. - µTorrent.) -- C:\Users\Jana\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.BitTorrent
O87 - FAEL: "{31C9700E-46D8-40B7-9037-FAA16869947E}" | In - None - P17 - TRUE | .(.BitTorrent Inc. - µTorrent.) -- C:\Users\Jana\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.BitTorrent---\\ Estado general dos serviços não Microsoft (EGS) (SR=Executados, SS=Parados)
SS - | Demand 17/07/2015 268976 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
SS - | Auto 18/06/2015 1133880 | (MBAMService) . (.Malwarebytes Corporation.) - C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe
SS - | Demand 14/05/2015 148080 | (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
SS - | Auto 28/02/2013 161384 | (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files\Skype\Updater\Updater.exe
SS - | Demand 13/07/2009 20992 | C:\Program Files\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SR - | Auto 07/07/2015 82128 | (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
SR - | Auto 18/08/2009 176128 | (AMD External Events Utility) . (.AMD.) - C:\Windows\System32\atiesrxx.exe
SR - | Auto 07/09/2012 87992 | (DeviceMonitorService) . (.Nero AG.) - C:\Program Files\Motorola Media Link\Lite\NServiceEntry.exe
SR - | Auto 25/03/2013 121144 | (Motorola Device Manager) . (.Motorola Mobility LLC.) - C:\Program Files\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe
SR - | Auto 25/03/2010 17904 | (MsMpSvc) . (.Microsoft Corporation.) - C:\Program Files\Microsoft Security Essentials\MsMpEng.exe
SR - | Auto 03/03/2010 32256 | (PowerBiosServer) . (...) - C:\Program Files\Hotkey\PowerBiosServer.exe
SR - | Auto 02/09/2011 65657 | (PST Service) . (.Motorola.) - C:\Program Files\Motorola\MotForwardDaemon\ForwardDaemon.exe
SR - | Auto 13/07/2009 20992 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
~ Services: Scanned in 00mn 25s
---\\ Scâner Aditional (088)
Database Version : 13008 - (29/03/2015)
Clés trouvées (Keys found) : 0
Valeurs trouvées (Values found) : 2
Dossiers trouvés (Folders found) : 0
Fichiers trouvés (Files found) : 0
~ Additionnel Scan: 227384 Items scanned in 00mn 42s
---\\ Informações complémentaires do módulos
~ http://nicolascoolman.fr/r5-internet-explorer-proxy-management-iepm/ =>.Internet Explorer, Gestão do Proxy (R5)
~ http://nicolascoolman.fr/o4-applications-demarrees-par-le-registre/ =>.Aplicações iniciadas por registo & pastas (04)
~ http://nicolascoolman.fr/o51-mountpoints2-shell-key-mpsk/ =>.Chave do registo Shell MountPoints2 (MPSK) (O51)
~ AMI: 3 Legitimates Filtered in 00mn 00s
~ 834 Legitimates filtered by white list
End of the scan (394 lines in 02mn 23s)(0.6)
Grato
Eduardo
Carregando comentários...