Ir para conteúdo

Flávio Marquim

Members
  • Total de itens

    57
  • Registro em

  • Última visita

Reputação

0 Comum

Sobre Flávio Marquim

Últimos Visitantes

O bloco dos últimos visitantes está desativado e não está sendo visualizado por outros usuários.

  1. Flávio Marquim

    Iniciando muito lentamente

    Boa tarde Faz anos que uso o forum de vcs quando tenho necessidade e sempre fui bem atendido e tive meus problemas resolvidos. Mas dessa vez está sendo diferente. Não estou tendo resposta alguma. Queria saber o motivo de eu n estar sendo atendido por vcs. Obrigado Flávio
  2. Flávio Marquim

    Iniciando muito lentamente

    Boa noite Meu notebook está iniciando de forma muito lenta. Demora vários minutos até que eu possa usar com normalidade. Seria malware? Seguem os links para análise. Obrigado https://www.cjoint.com/c/HInarxkTWDm https://www.cjoint.com/c/HInas00HcTm
  3. Flávio Marquim

    Inicialização muito lenta

    Boa tarde Peço ajuda para resolver o problema da inicialização do meu notebook. Está lento demais para iniciar. Até poder usar normalmente, tenho de esperar em torno de 5 minutos para que o notebook fique estável e sem lentidão. Flávio Marquim Jr Seguem os logs: https://www.cjoint.com/c/HInarxkTWDm https://www.cjoint.com/c/HInas00HcTm
  4. Flávio Marquim

    [Resolvido] Notebook lento demais

    Boa noite O notebook de fato está bem mais rápido. Tb instalei e fiz os procedimentos do PrivaZer. Mas queria tirar umas dúvidas: 1- Esse programa é o mesmo q o Ccleaner ou um independe do outro? 2- Me indique um bom antivirus gratuito e envie tb o seu link pra q eu baixe Espero retorno e obrigado Flávio Marquim
  5. Flávio Marquim

    [Resolvido] Notebook lento demais

    Boa noite Segue o log Espero retorno Flávio # AdwCleaner v5.112 - Relatório criado 19/04/2016 às 18:09:57 # Atualizado 17/04/2016 por Xplode # Banco de dados : 2016-04-19.5 [servidor] # Sistema operacional : Windows 10 Home Single Language (X64) # Usuário : leitinha pontes - LEITINHA # Executando de : C:\Users\leitinha pontes\Desktop\adwcleaner_5.112.exe # Opção : Limpar # Apoio : http://toolslib.net/forum ***** [ Serviços ] ***** ***** [ Pastas ] ***** ***** [ Arquivos ] ***** ***** [ DLLs ] ***** ***** [ Atalhos ] ***** ***** [ Tarefas agendadas ] ***** ***** [ Registro ] ***** ***** [ Navegadores ] ***** ************************* :: Chaves "Tracing" excluídas :: Configurações Winsock restauradas ************************* C:\AdwCleaner\AdwCleaner[C1].txt - [760 bytes] - [19/04/2016 18:09:57] C:\AdwCleaner\AdwCleaner[s1].txt - [809 bytes] - [19/04/2016 18:00:13] ########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [904 bytes] ##########
  6. Flávio Marquim

    [Resolvido] Notebook lento demais

    Boa noite Segue o log. Espero retorno Obrigado ~ ZHPCleaner v2016.4.14.55 by Nicolas Coolman (2016/04/14) ~ Run by leitinha pontes (Administrator) (15/04/2016 18:20:58) ~ Site : http://www.nicolascoolman.com ~ Facebook : https://www.facebook.com/nicolascoolman1 ~ State version : Version OK ~ Type : Reparo ~ Report : C:\Users\leitinha pontes\Desktop\ZHPCleaner.txt ~ Quarantine : C:\Users\leitinha pontes\AppData\Roaming\ZHP\ZHPCleaner_Quarantine.txt ~ UAC : Activate ~ Boot Mode : Normal (Normal boot) Windows 10 Home Single Language, 64-bit (Build 10586) ---\\ Serviços (0) ~ Nenhum ítem malicioso o desnecessários foi encontrado. ---\\ Navegadores de Internet (6) SUBSTITUIDO Chrome Preferences: "http://live.tb.ask.com/" =>Toolbar.Ask SUBSTITUIDO Chrome Preferences: "https://fbcdn-photos-d-a.akamaihd.net/" =>PUP.Optional.Browser SUBSTITUIDO Chrome Preferences: "https://fbcdn-photos-g-a.akamaihd.net/" =>PUP.Optional.Browser SUBSTITUIDO Chrome Preferences: "https://fbcdn-profile-a.akamaihd.net/" =>PUP.Optional.Browser SUBSTITUIDO Chrome Preferences: "https://fbexternal-a.akamaihd.net/" =>PUP.Optional.Browser SUBSTITUIDO Chrome Preferences: "https://fbstatic-a.akamaihd.net/" =>PUP.Optional.Browser ---\\ Arquivo hosts (1) ~ O arquivo hosts é legítimo (1) ---\\ Tarefas automáticas agendadas. (0) ~ Nenhum ítem malicioso o desnecessários foi encontrado. ---\\ Explorer ( Arquivos, Pastas) (0) ~ Nenhum ítem malicioso o desnecessários foi encontrado. ---\\ Registro ( Chaves, Valores, Dados ) (1) SUPRIMIDO chave*: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2DC097D2C1F32604D9A2F6053436E476 [C:\Program Files (x86)\Nero\Nero 12\Nero Vision\NMTvWizard.exe.manifest] =>PUP.Optional.TVWizard ---\\ Resumo dos elementos encontrados na sua estação de trabalho (3) http://www.nicolascoolman.fr/?p=235 =>Toolbar.Ask http://www.nicolascoolman.fr/?p=546 =>PUP.Optional.Browser http://www.nicolascoolman.fr/pup-tvwizard/ =>PUP.Optional.TVWizard ---\\ Dodatkowe oczyszczenie. (8) ~ Chave de registro Tracing Supprimido (8) ~ Remover os relatórios antigos ZHPCleaner. (0) ---\\ Resultado de reparação Reparação efectuada com sucesso ~ Este navegador está faltando ! (Mozilla Firefox) ~ Este navegador está faltando ! (Opera Software) ---\\ Estatísticas ~ Items scan : 175 ~ Items encontrado : 0 ~ items cancelados : 0 ~ Items réparo : 7 ~ End of clean in 00h00mn05s =================== ZHPCleaner-[R]-15042016-18_21_03.txt ZHPCleaner--15042016-18_06_58.txt
  7. Flávio Marquim

    [Resolvido] Notebook lento demais

    Boa noite. Segue o log. Espero retorno Resultado da Correção pela Farbar Recovery Scan Tool (x64) Versão:05-03-2016 01 Executado por leitinha pontes (2016-04-12 18:09:33) Run:1 Executando a partir de C:\Users\leitinha pontes\Desktop Perfis Carregados: leitinha pontes (Perfis Disponíveis: leitinha pontes) Modo da Inicialização: Normal ============================================== fixlist Conteúdo: ***************** start CloseProcesses: CreateRestorePoint: SearchScopes: HKU\S-1-5-21-3476892036-184575592-1029934308-1001 -> DefaultScope {9DEC62FE-00B8-4F5B-A782-E8C6B3349AA0} URL = SearchScopes: HKU\S-1-5-21-3476892036-184575592-1029934308-1001 -> {9DEC62FE-00B8-4F5B-A782-E8C6B3349AA0} URL = 2014-07-19 11:20 - 2014-07-19 11:20 - 0510976 _____ () C:\ProgramData\DRV10.tmp 2014-07-19 11:20 - 2014-07-19 11:20 - 16905216 _____ (OEM) C:\ProgramData\E1010.tmp 2016-04-08 17:49 - 2016-04-08 17:49 - 00098816 _____ () C:\Users\leitinha pontes\AppData\Local\Temp\_MEI35522\win32api.pyd 2016-04-08 17:49 - 2016-04-08 17:49 - 00110080 _____ () C:\Users\leitinha pontes\AppData\Local\Temp\_MEI35522\pywintypes27.dll 2016-04-08 17:49 - 2016-04-08 17:49 - 00364544 _____ () C:\Users\leitinha pontes\AppData\Local\Temp\_MEI35522\pythoncom27.dll 2016-04-08 17:49 - 2016-04-08 17:49 - 00320512 _____ () C:\Users\leitinha pontes\AppData\Local\Temp\_MEI35522\win32com.shell.shell.pyd 2016-04-08 17:49 - 2016-04-08 17:49 - 00776704 _____ () C:\Users\leitinha pontes\AppData\Local\Temp\_MEI35522\_hashlib.pyd 2016-04-08 17:49 - 2016-04-08 17:49 - 01176576 _____ () C:\Users\leitinha pontes\AppData\Local\Temp\_MEI35522\wx._core_.pyd 2016-04-08 17:49 - 2016-04-08 17:49 - 00806400 _____ () C:\Users\leitinha pontes\AppData\Local\Temp\_MEI35522\wx._gdi_.pyd 2016-04-08 17:49 - 2016-04-08 17:49 - 00816128 _____ () C:\Users\leitinha pontes\AppData\Local\Temp\_MEI35522\wx._windows_.pyd 2016-04-08 17:49 - 2016-04-08 17:49 - 01067008 _____ () C:\Users\leitinha pontes\AppData\Local\Temp\_MEI35522\wx._controls_.pyd 2016-04-08 17:49 - 2016-04-08 17:49 - 00733184 _____ () C:\Users\leitinha pontes\AppData\Local\Temp\_MEI35522\wx._misc_.pyd 2016-04-08 17:49 - 2016-04-08 17:49 - 00682496 _____ () C:\Users\leitinha pontes\AppData\Local\Temp\_MEI35522\pysqlite2._sqlite.pyd 2016-04-08 17:49 - 2016-04-08 17:49 - 00088064 _____ () C:\Users\leitinha pontes\AppData\Local\Temp\_MEI35522\_ctypes.pyd 2016-04-08 17:49 - 2016-04-08 17:49 - 00119808 _____ () C:\Users\leitinha pontes\AppData\Local\Temp\_MEI35522\win32file.pyd 2016-04-08 17:49 - 2016-04-08 17:49 - 00108544 _____ () C:\Users\leitinha pontes\AppData\Local\Temp\_MEI35522\win32security.pyd 2016-04-08 17:49 - 2016-04-08 17:49 - 00007168 _____ () C:\Users\leitinha pontes\AppData\Local\Temp\_MEI35522\hashobjs_ext.pyd 2016-04-08 17:49 - 2016-04-08 17:49 - 00017920 _____ () C:\Users\leitinha pontes\AppData\Local\Temp\_MEI35522\thumbnails_ext.pyd 2016-04-08 17:49 - 2016-04-08 17:49 - 00088064 _____ () C:\Users\leitinha pontes\AppData\Local\Temp\_MEI35522\usb_ext.pyd 2016-04-08 17:49 - 2016-04-08 17:49 - 00167936 _____ () C:\Users\leitinha pontes\AppData\Local\Temp\_MEI35522\win32gui.pyd 2016-04-08 17:49 - 2016-04-08 17:49 - 00018432 _____ () C:\Users\leitinha pontes\AppData\Local\Temp\_MEI35522\win32event.pyd 2016-04-08 17:49 - 2016-04-08 17:49 - 00046080 _____ () C:\Users\leitinha pontes\AppData\Local\Temp\_MEI35522\_socket.pyd 2016-04-08 17:49 - 2016-04-08 17:49 - 01208320 _____ () C:\Users\leitinha pontes\AppData\Local\Temp\_MEI35522\_ssl.pyd 2016-04-08 17:49 - 2016-04-08 17:49 - 00128512 _____ () C:\Users\leitinha pontes\AppData\Local\Temp\_MEI35522\_elementtree.pyd 2016-04-08 17:49 - 2016-04-08 17:49 - 00127488 _____ () C:\Users\leitinha pontes\AppData\Local\Temp\_MEI35522\pyexpat.pyd 2016-04-08 17:49 - 2016-04-08 17:49 - 00013824 _____ () C:\Users\leitinha pontes\AppData\Local\Temp\_MEI35522\common.time34.pyd 2016-04-08 17:49 - 2016-04-08 17:49 - 00038912 _____ () C:\Users\leitinha pontes\AppData\Local\Temp\_MEI35522\win32inet.pyd 2016-04-08 17:49 - 2016-04-08 17:49 - 00036864 _____ () C:\Users\leitinha pontes\AppData\Local\Temp\_MEI35522\_psutil_windows.pyd 2016-04-08 17:49 - 2016-04-08 17:49 - 00525208 _____ () C:\Users\leitinha pontes\AppData\Local\Temp\_MEI35522\windows._lib_cacheinvalidation.pyd 2016-04-08 17:49 - 2016-04-08 17:49 - 00011264 _____ () C:\Users\leitinha pontes\AppData\Local\Temp\_MEI35522\win32crypt.pyd 2016-04-08 17:49 - 2016-04-08 17:49 - 00077312 _____ () C:\Users\leitinha pontes\AppData\Local\Temp\_MEI35522\wx._html2.pyd 2016-04-08 17:49 - 2016-04-08 17:49 - 00027136 _____ () C:\Users\leitinha pontes\AppData\Local\Temp\_MEI35522\_multiprocessing.pyd 2016-04-08 17:49 - 2016-04-08 17:49 - 00020480 _____ () C:\Users\leitinha pontes\AppData\Local\Temp\_MEI35522\_yappi.pyd 2016-04-08 17:49 - 2016-04-08 17:49 - 00035840 _____ () C:\Users\leitinha pontes\AppData\Local\Temp\_MEI35522\win32process.pyd 2016-04-08 17:49 - 2016-04-08 17:49 - 00686080 _____ () C:\Users\leitinha pontes\AppData\Local\Temp\_MEI35522\unicodedata.pyd 2016-04-08 17:49 - 2016-04-08 17:49 - 00078848 _____ () C:\Users\leitinha pontes\AppData\Local\Temp\_MEI35522\wx._animate.pyd 2016-04-08 17:49 - 2016-04-08 17:49 - 00123392 _____ () C:\Users\leitinha pontes\AppData\Local\Temp\_MEI35522\wx._wizard.pyd 2016-04-08 17:49 - 2016-04-08 17:49 - 00024064 _____ () C:\Users\leitinha pontes\AppData\Local\Temp\_MEI35522\win32pipe.pyd 2016-04-08 17:49 - 2016-04-08 17:49 - 00010240 _____ () C:\Users\leitinha pontes\AppData\Local\Temp\_MEI35522\select.pyd 2016-04-08 17:49 - 2016-04-08 17:49 - 00025600 _____ () C:\Users\leitinha pontes\AppData\Local\Temp\_MEI35522\win32pdh.pyd 2016-04-08 17:49 - 2016-04-08 17:49 - 00017408 _____ () C:\Users\leitinha pontes\AppData\Local\Temp\_MEI35522\win32profile.pyd 2016-04-08 17:49 - 2016-04-08 17:49 - 00022528 _____ () C:\Users\leitinha pontes\AppData\Local\Temp\_MEI35522\win32ts.pyd Task: {03BC4123-921F-49D7-BDF8-AC5316601D3E} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Nenhum Arquivo <==== ATENÇÃO Task: {14CAAD8F-9CA7-4DCF-AD11-A61713AC7610} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Nenhum Arquivo <==== ATENÇÃO Task: {1DF2CA1C-8D60-4563-93EF-75C0D0480604} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Nenhum Arquivo <==== ATENÇÃO Task: {2965F553-7D6B-4678-9634-8111F419FA77} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Nenhum Arquivo <==== ATENÇÃO Task: {36EF9B02-1B1D-4210-9205-4473516DF6C3} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Nenhum Arquivo <==== ATENÇÃO Task: {43BB60B3-AA5E-4D5E-B0C3-29F7518F46C8} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Nenhum Arquivo <==== ATENÇÃO Task: {57A778E2-CA57-4486-93C1-BC33CF340C1B} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> Nenhum Arquivo <==== ATENÇÃO Task: {87F2E5AE-AE37-49A5-8D8D-B36FF608A4C0} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Nenhum Arquivo <==== ATENÇÃO Task: {9BF630EC-008A-4B7F-9045-760E4649C069} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> Nenhum Arquivo <==== ATENÇÃO Task: {A7C87782-B1CD-4211-805E-2ECE640BA0BF} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Nenhum Arquivo <==== ATENÇÃO Task: {B5154854-1457-4820-BE67-1A9129BF06ED} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Nenhum Arquivo <==== ATENÇÃO Task: {B6D3B37A-353F-4848-A665-9497E71CCBAF} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Nenhum Arquivo <==== ATENÇÃO Task: {CB07DDBE-9765-4E85-BBFE-DCAF50DAC5AF} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-10-28] (Adobe Systems Incorporated) Task: {E73FD625-CDEF-454C-A22B-F9479C890FB0} - \Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d -> Nenhum Arquivo <==== ATENÇÃO RemoveProxy: EmptyTemp: Reboot: Hosts: end ***************** Processos fechados com sucesso. Ponto de Restauração criado com sucesso. HKU\S-1-5-21-3476892036-184575592-1029934308-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => valor removido (a) com sucesso. "HKU\S-1-5-21-3476892036-184575592-1029934308-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9DEC62FE-00B8-4F5B-A782-E8C6B3349AA0}" => chave removido (a) com sucesso. HKCR\CLSID\{9DEC62FE-00B8-4F5B-A782-E8C6B3349AA0} => chave não encontrado (a). C:\ProgramData\DRV10.tmp => movido com sucesso C:\ProgramData\E1010.tmp => movido com sucesso "C:\Users\leitinha pontes\AppData\Local\Temp\_MEI35522\win32api.pyd" => não encontrado (a). "C:\Users\leitinha pontes\AppData\Local\Temp\_MEI35522\pywintypes27.dll" => não encontrado (a). "C:\Users\leitinha pontes\AppData\Local\Temp\_MEI35522\pythoncom27.dll" => não encontrado (a). "C:\Users\leitinha pontes\AppData\Local\Temp\_MEI35522\win32com.shell.shell.pyd" => não encontrado (a). "C:\Users\leitinha pontes\AppData\Local\Temp\_MEI35522\_hashlib.pyd" => não encontrado (a). "C:\Users\leitinha pontes\AppData\Local\Temp\_MEI35522\wx._core_.pyd" => não encontrado (a). "C:\Users\leitinha pontes\AppData\Local\Temp\_MEI35522\wx._gdi_.pyd" => não encontrado (a). "C:\Users\leitinha pontes\AppData\Local\Temp\_MEI35522\wx._windows_.pyd" => não encontrado (a). "C:\Users\leitinha pontes\AppData\Local\Temp\_MEI35522\wx._controls_.pyd" => não encontrado (a). "C:\Users\leitinha pontes\AppData\Local\Temp\_MEI35522\wx._misc_.pyd" => não encontrado (a). "C:\Users\leitinha pontes\AppData\Local\Temp\_MEI35522\pysqlite2._sqlite.pyd" => não encontrado (a). "C:\Users\leitinha pontes\AppData\Local\Temp\_MEI35522\_ctypes.pyd" => não encontrado (a). "C:\Users\leitinha pontes\AppData\Local\Temp\_MEI35522\win32file.pyd" => não encontrado (a). "C:\Users\leitinha pontes\AppData\Local\Temp\_MEI35522\win32security.pyd" => não encontrado (a). "C:\Users\leitinha pontes\AppData\Local\Temp\_MEI35522\hashobjs_ext.pyd" => não encontrado (a). "C:\Users\leitinha pontes\AppData\Local\Temp\_MEI35522\thumbnails_ext.pyd" => não encontrado (a). "C:\Users\leitinha pontes\AppData\Local\Temp\_MEI35522\usb_ext.pyd" => não encontrado (a). "C:\Users\leitinha pontes\AppData\Local\Temp\_MEI35522\win32gui.pyd" => não encontrado (a). "C:\Users\leitinha pontes\AppData\Local\Temp\_MEI35522\win32event.pyd" => não encontrado (a). "C:\Users\leitinha pontes\AppData\Local\Temp\_MEI35522\_socket.pyd" => não encontrado (a). "C:\Users\leitinha pontes\AppData\Local\Temp\_MEI35522\_ssl.pyd" => não encontrado (a). "C:\Users\leitinha pontes\AppData\Local\Temp\_MEI35522\_elementtree.pyd" => não encontrado (a). "C:\Users\leitinha pontes\AppData\Local\Temp\_MEI35522\pyexpat.pyd" => não encontrado (a). "C:\Users\leitinha pontes\AppData\Local\Temp\_MEI35522\common.time34.pyd" => não encontrado (a). "C:\Users\leitinha pontes\AppData\Local\Temp\_MEI35522\win32inet.pyd" => não encontrado (a). "C:\Users\leitinha pontes\AppData\Local\Temp\_MEI35522\_psutil_windows.pyd" => não encontrado (a). "C:\Users\leitinha pontes\AppData\Local\Temp\_MEI35522\windows._lib_cacheinvalidation.pyd" => não encontrado (a). "C:\Users\leitinha pontes\AppData\Local\Temp\_MEI35522\win32crypt.pyd" => não encontrado (a). "C:\Users\leitinha pontes\AppData\Local\Temp\_MEI35522\wx._html2.pyd" => não encontrado (a). "C:\Users\leitinha pontes\AppData\Local\Temp\_MEI35522\_multiprocessing.pyd" => não encontrado (a). "C:\Users\leitinha pontes\AppData\Local\Temp\_MEI35522\_yappi.pyd" => não encontrado (a). "C:\Users\leitinha pontes\AppData\Local\Temp\_MEI35522\win32process.pyd" => não encontrado (a). "C:\Users\leitinha pontes\AppData\Local\Temp\_MEI35522\unicodedata.pyd" => não encontrado (a). "C:\Users\leitinha pontes\AppData\Local\Temp\_MEI35522\wx._animate.pyd" => não encontrado (a). "C:\Users\leitinha pontes\AppData\Local\Temp\_MEI35522\wx._wizard.pyd" => não encontrado (a). "C:\Users\leitinha pontes\AppData\Local\Temp\_MEI35522\win32pipe.pyd" => não encontrado (a). "C:\Users\leitinha pontes\AppData\Local\Temp\_MEI35522\select.pyd" => não encontrado (a). "C:\Users\leitinha pontes\AppData\Local\Temp\_MEI35522\win32pdh.pyd" => não encontrado (a). "C:\Users\leitinha pontes\AppData\Local\Temp\_MEI35522\win32profile.pyd" => não encontrado (a). "C:\Users\leitinha pontes\AppData\Local\Temp\_MEI35522\win32ts.pyd" => não encontrado (a). "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{03BC4123-921F-49D7-BDF8-AC5316601D3E}" => chave removido (a) com sucesso. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{03BC4123-921F-49D7-BDF8-AC5316601D3E}" => chave removido (a) com sucesso. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d" => chave removido (a) com sucesso. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{14CAAD8F-9CA7-4DCF-AD11-A61713AC7610}" => chave removido (a) com sucesso. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{14CAAD8F-9CA7-4DCF-AD11-A61713AC7610}" => chave removido (a) com sucesso. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfig" => chave removido (a) com sucesso. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{1DF2CA1C-8D60-4563-93EF-75C0D0480604}" => chave removido (a) com sucesso. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1DF2CA1C-8D60-4563-93EF-75C0D0480604}" => chave removido (a) com sucesso. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\launchtrayprocess" => chave removido (a) com sucesso. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{2965F553-7D6B-4678-9634-8111F419FA77}" => chave removido (a) com sucesso. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2965F553-7D6B-4678-9634-8111F419FA77}" => chave removido (a) com sucesso. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Logon-5d" => chave removido (a) com sucesso. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{36EF9B02-1B1D-4210-9205-4473516DF6C3}" => chave removido (a) com sucesso. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{36EF9B02-1B1D-4210-9205-4473516DF6C3}" => chave removido (a) com sucesso. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B" => chave removido (a) com sucesso. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{43BB60B3-AA5E-4D5E-B0C3-29F7518F46C8}" => chave removido (a) com sucesso. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{43BB60B3-AA5E-4D5E-B0C3-29F7518F46C8}" => chave removido (a) com sucesso. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Time-5d" => chave removido (a) com sucesso. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{57A778E2-CA57-4486-93C1-BC33CF340C1B}" => chave removido (a) com sucesso. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{57A778E2-CA57-4486-93C1-BC33CF340C1B}" => chave removido (a) com sucesso. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime" => chave removido (a) com sucesso. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{87F2E5AE-AE37-49A5-8D8D-B36FF608A4C0}" => chave removido (a) com sucesso. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{87F2E5AE-AE37-49A5-8D8D-B36FF608A4C0}" => chave removido (a) com sucesso. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d" => chave removido (a) com sucesso. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{9BF630EC-008A-4B7F-9045-760E4649C069}" => chave removido (a) com sucesso. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9BF630EC-008A-4B7F-9045-760E4649C069}" => chave removido (a) com sucesso. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime" => chave removido (a) com sucesso. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{A7C87782-B1CD-4211-805E-2ECE640BA0BF}" => chave removido (a) com sucesso. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A7C87782-B1CD-4211-805E-2ECE640BA0BF}" => chave removido (a) com sucesso. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxcontent" => chave removido (a) com sucesso. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{B5154854-1457-4820-BE67-1A9129BF06ED}" => chave removido (a) com sucesso. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B5154854-1457-4820-BE67-1A9129BF06ED}" => chave removido (a) com sucesso. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent" => chave removido (a) com sucesso. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{B6D3B37A-353F-4848-A665-9497E71CCBAF}" => chave removido (a) com sucesso. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B6D3B37A-353F-4848-A665-9497E71CCBAF}" => chave removido (a) com sucesso. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d" => chave removido (a) com sucesso. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{CB07DDBE-9765-4E85-BBFE-DCAF50DAC5AF}" => chave removido (a) com sucesso. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CB07DDBE-9765-4E85-BBFE-DCAF50DAC5AF}" => chave removido (a) com sucesso. C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task => movido com sucesso "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Adobe Acrobat Update Task" => chave removido (a) com sucesso. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E73FD625-CDEF-454C-A22B-F9479C890FB0}" => chave removido (a) com sucesso. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E73FD625-CDEF-454C-A22B-F9479C890FB0}" => chave removido (a) com sucesso. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d" => chave removido (a) com sucesso. ========= RemoveProxy: ========= HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => valor removido (a) com sucesso. HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => valor removido (a) com sucesso. HKU\S-1-5-21-3476892036-184575592-1029934308-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => valor removido (a) com sucesso. HKU\S-1-5-21-3476892036-184575592-1029934308-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => valor removido (a) com sucesso. ========= Fim de RemoveProxy: ========= C:\Windows\System32\Drivers\etc\hosts => movido com sucesso Hosts restaurado com sucesso. EmptyTemp: => 175.9 MB de dados temporários Removidos. O sistema precisou ser reiniciado. ==== Fim de Fixlog 18:12:00 ====
  8. Boa noite Me notebook está lento demais principalmente na inicializção. Tb apareceu um barra de ferraments no google chrome e n consigo removê-la. Peço q vcs dêem uma olhada em meus logs q seguem abaixo. Espero retorno e obrigado Flávio Marquim ​ http://www.cjoint.com/c/FDivOjnb8QT http://www.cjoint.com/c/FDivM0M6NAT
  9. Flávio Marquim

    [Resolvido] Notebook lento pra iniciar

    Creio q sim. Está mais rápido, rodando mais limpo. Os meus logs estão limpos? O antivirus q eu uso, Microsoft Security Essentials é bom? Ou vc indicaria outro? Obrigado
  10. Flávio Marquim

    [Resolvido] Notebook lento pra iniciar

    Boa tarde Enviando o log ~ Relatório do ZHPDiag v2015.5.25.52 - Nicolas Coolman (25/05/2015) ~ Iniciado por Flávio (28/05/2015 17:09:09) ~ Facebook : https://www.facebook.com/nicolascoolman1 ~ Endereço do Webforum : http://forum.nicolascoolman.fr ~ Tradução pelo utilizador ~ Estatuto da versão : Versão atualizada. ~ Lista Branca : Desativado pelo Utilizador ~ Elevação dos Privilégios : OK ~ Controle de Conta de Utilizador : Activate by user ---\\ Navegadores Internet MSIE: Internet Explorer v11.0.9600.17801 MFIE: Mozilla Firefox 37.0.2 GCIE: Google Chrome v43.0.2357.81 (Defaut) ---\\ Informações sobre os produtos Windows ~ Langage: Portugais Windows Server License Manager Script : OK Software Protection Service (Protection logicielle) : OK Windows Automatic Updates : OK Windows Activation Technologies : OK Windows 7 Home Basic, 64-bit Service Pack 1 (Build 7601) ---\\ Softwares de proteçao do sistema Malwarebytes Anti-Malware versão 2.1.6.1022 Microsoft Security Client v4.8.0204.0 Windows Defender W7 (Deactivate) ---\\ Softwares d'optimização do sistema CCleaner v5.06 ---\\ Softwares de partilha do PeerToPeer (P2P) ---\\ Monitoramento dos softwares Adobe Flash Player 17 NPAPI Adobe Reader X ---\\ Informações sobre o sistema ~ Processor: Intel64 Family 6 Model 42 Stepping 7, GenuineIntel ~ Operating System: 64 Bits Boot mode: Normal (Normal boot) Total RAM: 4004 MB (58% free) System Restore: Activé (Enable) System drive C: has 328 GB (72%) free of 452 GB ---\\ Modo de conexão ao sistema ~ Computer Name: FLÁVIO-PC ~ User Name: Flávio ~ All Users Names: Flávio, Convidado, Administrador, ~ Unselected Option: None Logged in as Administrator ---\\ As variáveis de ambiente ~ System Unit : C:\ ~ %AppZHP% : C:\Users\Flávio\AppData\Roaming\ZHP\ ~ %AppData% : C:\Users\Flávio\AppData\Roaming\ ~ %Desktop% : C:\Users\Flávio\Desktop\ ~ %Favorites% : C:\Users\Flávio\Favorites\ ~ %LocalAppData% : C:\Users\Flávio\AppData\Local\ ~ %StartMenu% : C:\Users\Flávio\AppData\Roaming\Microsoft\Windows\Start Menu\ ~ %Windir% : C:\WINDOWS\ ~ %System% : C:\WINDOWS\System32\ ---\\ Enumeração das unidades dos discos C: Hard drive, Flash drive, Thumb drive (Free 328 Go of 452 Go) D: CD-ROM drive (Not Inserted) ---\\ Estado do Centro de Segurança do Windows [HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] DisableTaskMgr: OK [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] DisableRegistryTools: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK [HKLM\SYSTEM\CurrentControlSet\Services\COMSysApp] Type: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime : OK ~ Security Center: 44 Scanned in 00mn 00s ---\\ Pesquisa particular de ficheiros genéricos [MD5.332FEAB1435662FC6C672E25BEB37BE3] - (.Microsoft Corporation - Windows Explorer.) (.23/09/2011 - 05:38:17.) -- C:\WINDOWS\Explorer.exe [2871808] [MD5.94355C28C1970635A31B3FE52EB7CEBA] - (.Microsoft Corporation - Aplicativo de Inicialização do Windows.) (.13/07/2009 - 22:39:52.) -- C:\WINDOWS\System32\Wininit.exe [129024] [MD5.F0289B3A341429117696F0279DA977B6] - (.Microsoft Corporation - Internet Extensions para Win32.) (.21/04/2015 - 12:27:25.) -- C:\WINDOWS\System32\wininet.dll [2352128] [MD5.8CEBD9D0A0A879CDE9F36F4383B7CAEA] - (.Microsoft Corporation - Aplicativo de Logon do Windows.) (.16/07/2014 - 23:07:24.) -- C:\WINDOWS\System32\Winlogon.exe [455168] [MD5.067FA52BFB59A56110A12312EF9AF243] - (.Microsoft Corporation - Biblioteca de Licenciamento de Software.) (.21/11/2010 - 00:24:16.) -- C:\WINDOWS\System32\sppcomapi.dll [232448] [MD5.FA886682CFC5D36718D3E436AACF10B9] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.30/05/2014 - 03:45:52.) -- C:\WINDOWS\system32\Drivers\AFD.sys [497152] [MD5.02062C0B390B7729EDC9E69C680A6F3C] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.13/07/2009 - 22:52:21.) -- C:\WINDOWS\system32\Drivers\atapi.sys [24128] [MD5.B8BD2BB284668C84865658C77574381A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.13/07/2009 - 20:19:47.) -- C:\WINDOWS\system32\Drivers\Cdfs.sys [92160] [MD5.F036CE71586E93D94DAB220D7BDF4416] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.21/11/2010 - 00:23:47.) -- C:\WINDOWS\system32\Drivers\Cdrom.sys [147456] [MD5.9BB2EF44EAA163B29C4A4587887A0FE4] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.21/11/2010 - 00:24:32.) -- C:\WINDOWS\system32\Drivers\DfsC.sys [102400] [MD5.97BFED39B6B79EB12CDDBFEED51F56BB] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.21/11/2010 - 00:23:47.) -- C:\WINDOWS\system32\Drivers\HDAudBus.sys [122368] [MD5.FA55C73D4AFFA7EE23AC4BE53B4592D3] - (.Microsoft Corporation - Driver de porta i8042.) (.13/07/2009 - 20:19:57.) -- C:\WINDOWS\system32\Drivers\i8042prt.sys [105472] [MD5.AF9B39A7E7B6CAA203B3862582E9F2D0] - (.Microsoft Corporation - IP Network Address Translator.) (.13/07/2009 - 21:10:03.) -- C:\WINDOWS\system32\Drivers\IpNat.sys [116224] [MD5.A5D9106A73DC88564C825D317CAC68AC] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.23/09/2011 - 05:38:12.) -- C:\WINDOWS\system32\Drivers\MRxSmb.sys [158208] [MD5.09594D1089C523423B32A4229263F068] - (.Microsoft Corporation - MBT Transport driver.) (.21/11/2010 - 00:23:51.) -- C:\WINDOWS\system32\Drivers\netBT.sys [261632] [MD5.1A29A59A4C5BA6F8C85062A613B7E2B2] - (.Microsoft Corporation - Driver do Sistema de Arquivos NT.) (.23/01/2014 - 23:37:55.) -- C:\WINDOWS\system32\Drivers\ntfs.sys [1684928] [MD5.0086431C29C35BE1DBC43F52CC273887] - (.Microsoft Corporation - Driver de porta paralela.) (.13/07/2009 - 21:00:41.) -- C:\WINDOWS\system32\Drivers\Parport.sys [97280] [MD5.471815800AE33E6F1C32FB1B97C490CA] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.21/11/2010 - 00:24:33.) -- C:\WINDOWS\system32\Drivers\Rasl2tp.sys [129536] [MD5.548260A7B8654E024DC30BF8A7C5BAA4] - (.Microsoft Corporation - SMB Transport driver.) (.13/07/2009 - 21:09:09.) -- C:\WINDOWS\system32\Drivers\smb.sys [93184] [MD5.70988118145F5F10EF24720B97F35F65] - (.Microsoft Corporation - TDI Translation Driver.) (.10/11/2014 - 22:46:26.) -- C:\WINDOWS\system32\Drivers\tdx.sys [119296] [MD5.0D08D2F3B3FF84E433346669B5E0F639] - (.Microsoft Corporation - Driver de cópia de sombra de volume.) (.21/11/2010 - 00:23:47.) -- C:\WINDOWS\system32\Drivers\volsnap.sys [295808] ~ Generic Processes: Scanned in 00mn 00s ---\\ Estatuto dos ficheiros ocultos (Oculto/Total) ~ Mes images (My Pictures) : 2/384 ~ Mes musiques (My Musics) : 1/536 ~ Mes Videos (My Videos) : 1/65 ~ Mes Favoris (My Favorites) : 1/8 ~ Mes Documents (My Documents) : 1/45 ~ Mon Bureau (My Desktop) : 2/74 ~ Menu demarrer (Programs) : 1/43 ~ Hidden Files: Scanned in 00mn 06s ---\\ Processos lançados [MD5.CAA0C16ADCCE6142A43AD83BFA20B38B] - (.Motorola Mobility LLC - MotoHelperAgent.) -- C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperAgent.exe [698680] [PID.2636] [MD5.E9691BCA8F51BB8698E32847606431AD] - (.SoftThinks - Dell - Dell DataSafe Local Backup.) -- C:\Program Files (x86)\Dell DataSafe Local Backup\TOASTER.exe [4257600] [PID.2556] [MD5.FBF8CA1F240ACD0F9313873B646DADC7] - (.Google - Google Drive.) -- C:\Program Files (x86)\Google\Drive\googledrivesync.exe [25700400] [PID.2664] [MD5.50E999CDFBCFEBC7B14452E35D1E4C83] - (.Microsoft Corporation - Microsoft OneDrive.) -- C:\Users\Flávio\AppData\Local\Microsoft\OneDrive\OneDrive.exe [382664] [PID.3208] [MD5.72A7212B50DD0BD28499C1C8EA09B31A] - (.No owner - ST Service Scheduling.) -- C:\Program Files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.exe [2749248] [PID.3468] [MD5.935CD218C06721994ED48349361467F9] - (.GAS Tecnologia - G-Buster Browser Defense - Service.) -- C:\Program Files (x86)\GbPlugin\gbpsv.exe [555320] [PID.820] [MD5.C4EF32C1C0473392EF4204890AF8E457] - (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [813896] [PID.4264] [MD5.F6B0935B23E3C5B54DF33D3C180CA063] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [8211968] [PID.3328] [MD5.FC5B75CA6A1DA31EDD4F8D53F5540B98] - (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [81088] [PID.1624] [MD5.650F111D5CDA64C10AE4B9D1BA9D4FFF] - (.Atheros - Atheros Coex Service Application.) -- C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\Ath_CoexAgent.exe [146592] [PID.1676] [MD5.A2555605CD54DE880BDB6994B69DB617] - (.Google Inc. - Processo do host.) -- C:\Program Files (x86)\Google\Chrome Remote Desktop\42.0.2311.39\remoting_host.exe [56648] [PID.1884] [MD5.1BCB26A55B2E092FAA4DA01D9A3DE528] - (.Motorola Mobility LLC - MotoHelper Service.) -- C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe [137528] [PID.2408] [MD5.EA735BF6DF13A857A83C99BF27A422AD] - (.Motorola - ForwardDemon.) -- C:\Program Files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe [65657] [PID.2716] [MD5.958E956E119EB7B9ABA142AFED1B5FF4] - (...) -- C:\Program Files (x86)\Photodex\ProShowProducer\ScsiAccess.exe [186760] [PID.2872] [MD5.1968E6EBBEECF61D5F7D8603467E2AD0] - (.SoftThinks SAS - SoftThinks Agent Service.) -- C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.exe [1692480] [PID.2896] ~ Processes Running: Scanned in 00mn 01s ---\\ Google Chrome, Arranque,Pesquisa,Extensões (G0,G1,G2) C:\Users\Flávio\AppData\Local\Google\Chrome\User Data\Default\Preferences ---\\ Pasta de extensão do Google Chrome G2 - EXT: C:\Users\Flávio\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [__MSG_appName__] G2 - EXT: C:\Users\Flávio\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [__MSG_appName__] G2 - EXT: C:\Users\Flávio\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [__MSG_appName__] G2 - EXT: C:\Users\Flávio\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [__MSG_appName__] G2 - EXT: C:\Users\Flávio\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [__MSG_appName__] G2 - EXT: C:\Users\Flávio\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [__MSG_appName__] G2 - EXT: C:\Users\Flávio\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik [bookmark Manager] G2 - EXT: C:\Users\Flávio\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [Chrome Hotword Shared Module] G2 - EXT: C:\Users\Flávio\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [__MSG_APP_NAME__] G2 - EXT: C:\Users\Flávio\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [__MSG_appName__] ~ Google Lines Browser: 20 Scanned in 00mn 00s ---\\ Mozilla Firefox, Plugins,Arranque,Pesquisa,Extensões (P2,M0,M1,M2,M3) C:\Users\Flávio\AppData\Roaming\Mozilla\Firefox\Profiles\9hxcj7r2.default\prefs.js M2 - MFEP: RegExtension {87F8774F-B485-47E2-A755-A40A8A5E886C} . (...) -- M0 - MFSP: prefs.js [Flávio - 9hxcj7r2.default] about:home P2 - FPN:Firefox Plugin Navigator . (...) -- C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\bing.xml P2 - FPN:Firefox Plugin Navigator . (...) -- C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\buscape.xml P2 - FPN:Firefox Plugin Navigator . (...) -- C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\ddg.xml P2 - FPN:Firefox Plugin Navigator . (...) -- C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\google.xml P2 - FPN:Firefox Plugin Navigator . (...) -- C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\mercadolivre.xml P2 - FPN:Firefox Plugin Navigator . (...) -- C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\twitter.xml P2 - FPN:Firefox Plugin Navigator . (...) -- C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\wikipedia-br.xml P2 - FPN:Firefox Plugin Navigator . (...) -- C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\yahoo-br.xml P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (...) -- C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_169.dll P2 - FPN: [HKLM] [@java.com/JavaPlugin] - (.Sun Microsystems, Inc. - Next Generation Java Plug-in 1.6.0_27 for Mozilla browsers.) -- C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll P2 - FPN: [HKLM] [@Microsoft.com/NpCtrl,version=1.0] - (. Microsoft Corporation - 5.1.40416.0.) -- c:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll P2 - FPN: [HKLM] [@microsoft.com/OfficeAuthz,version=14.0] - (.Microsoft Corporation - Office Authorization plug-in for NPAPI browsers.) -- C:\Program Files\Microsoft Office\Office14\NPAUTHZ.dll P2 - FPN: [HKCU] [gastecnologia.com.br/sf/bb] - (.GAS Tecnologia - Internet Banking Helper.) -- C:\Users\Flávio\AppData\Local\GAS Tecnologia\GBBD\npsf_bb.dll P2 - FPN: [HKCU] [gastecnologia.com.br/sf/bb64] - (.GAS Tecnologia - Internet Banking Helper.) -- C:\Users\Flávio\AppData\Local\GAS Tecnologia\GBBD\npsf_bb_64.dll ~ Firefox Browser: 24 Scanned in 00mn 02s ---\\ Internet Explorer, Arranque, Pesquisa, URLSearchHook( gancho de URL), Phishing (R0,R1,R3,R4) R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com R0 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://go.microsoft.com R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://go.microsoft.com R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk R3 - URLSearchHook: Microsoft Url Search Hook [64Bits] - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Navegador da Internet.) (11.00.9600.17631 (winblue_r7.150111-1500)) -- C:\Windows\SysWOW64\ieframe.dll R4 - HKLM\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,EnabledV8 = 1 R4 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\PhishingFilter,EnabledV8 = 1 ~ IE Browser: 22 Scanned in 00mn 00s ---\\ Internet Explorer, Gestão do Proxy (R5) R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll ~ Proxy management: Scanned in 00mn 00s ---\\ Análise das linhas F0, F1, F2, F3 - Ficheiros ini, Carregamento Automático de programas F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe, F2 - REG:system.ini: Shell=C:\WINDOWS\explorer.exe F2 - REG:system.ini: VMApplet=C:\WINDOWS\System32\SystemPropertiesPerformance.exe ~ Keys: Scanned in 00mn 00s ---\\ Redireção do ficheiro Hosts (01) ~ Le fichier hôte est sain (The hosts file is clean) (21) ~ Hosts File: Scanned in 00mn 00s ---\\ Browser Helper Objects do navegador (02) O2 - BHO: Java Plug-In SSV Helper [64Bits] - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} . (.Oracle Corporation - Java Platform SE binary.) -- C:\Program Files (x86)\Java\jre7\bin\ssv.dll O2 - BHO: IESpeakDoc [64Bits] - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} . (.Atheros Commnucations - Bluetooth IE PlugIn.) -- C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\IEPlugIn.dll O2 - BHO: Auxiliar de Conexão do Windows Live ID [64Bits] - {9030D464-4C02-4ABF-8ECC-5164760863C6} . (.Microsoft Corp. - Microsoft® Windows Live ID Login Helper.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Evernote extension [64Bits] - {92EF2EAD-A7CE-4424-B0DB-499CF856608E} . (.Evernote Corp., 305 Walnut Street, Redwood - Evernote Clipper for Microsoft Internet Exp.) -- C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll O2 - BHO: URLRedirectionBHO [64Bits] - {B4F3A835-0E21-4959-BA22-42B3008E02FF} . (.Microsoft Corporation - Microsoft Office Document Cache Handler.) -- C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.dll O2 - BHO: G-Buster Browser Defense [64Bits] - {C41A1C0E-EA6C-11D4-B1B8-444553540000} . (.Banco do Brasil - Gbieh Module.) -- C:\PROGRAM FILES (X86)\GBPLUGIN\gbieh.dll O2 - BHO: Java Plug-In 2 SSV Helper [64Bits] - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Oracle Corporation - Java Platform SE binary.) -- C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll O2 - BHO: (no name) [64Bits] - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} Chave orfã ~ BHO: 11 Scanned in 00mn 00s ---\\ Aplicações iniciadas por registo & pastas (04) O4 - HKLM\..\Run: [QuickSet] . (.Dell Inc. - QuickSet.) -- c:\Program Files\Dell\QuickSet\QuickSet.exe O4 - HKLM\..\Run: [AtherosBtStack] . (.Atheros Communications - Bluetooth Stack Server.) -- C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtvStack.exe O4 - HKLM\..\Run: [AthBtTray] . (.Atheros Commnucations - Bluetooth Suite Common Rescource.) -- C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\AthBtTray.exe O4 - HKLM\..\Run: [DellStage] . (.No owner - Dell Stage.) -- C:\Program Files (x86)\Dell Stage\Dell Stage\stage_primary.exe O4 - HKCU\..\Run: [GoogleDriveSync] . (.Google - Google Drive.) -- C:\Program Files (x86)\Google\Drive\googledrivesync.exe O4 - HKCU\..\Run: [OneDrive] . (.Microsoft Corporation - Microsoft OneDrive.) -- C:\Users\Flávio\AppData\Local\Microsoft\OneDrive\OneDrive.exe O4 - HKLM\..\Wow6432Node\Run: [Dell Registration] . (.Dell, Inc. - System Registration.) -- C:\Program Files (x86)\System Registration\prodreg.exe O4 - HKUS\S-1-5-19\..\Run: [sidebar] . (.Microsoft Corporation - Gadgets da Área de Trabalho do Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe O4 - HKUS\S-1-5-20\..\Run: [sidebar] . (.Microsoft Corporation - Gadgets da Área de Trabalho do Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation O4 - HKUS\S-1-5-21-1210235661-1573419760-1918872127-1000\..\Run: [GoogleDriveSync] . (.Google - Google Drive.) -- C:\Program Files (x86)\Google\Drive\googledrivesync.exe O4 - HKUS\S-1-5-21-1210235661-1573419760-1918872127-1000\..\Run: [OneDrive] . (.Microsoft Corporation - Microsoft OneDrive.) -- C:\Users\Flávio\AppData\Local\Microsoft\OneDrive\OneDrive.exe ~ Application: Scanned in 00mn 00s ---\\ Icones das opções IE invisiveis no painel das configurações (05) O5 - control.ini: [HKLM\..\Control Panel] inetcpl.cpl=no ~ IE Control Panel: 1 Scanned in 00mn 00s ---\\ Boutões da barra de ferramentas principal do Internet Explorer (09) O9 - Extra button: Send by Bluetooth to [64Bits] - {7815BE26-237D-41A8-A98F-F7BD75F71086} -- Chave orfã O9 - Extra button: @C:\Program Files (x86)\Evernote\Evernote\OLIEResource.dll,-101 [64Bits] - {A95fe080-8f5d-11d2-a20b-00aa003c157a} . (.Evernote Corp., 305 Walnut Street, Redwood - Evernote Clipper for Microsoft Internet Explorer.) -- C:\Program Files (x86)\Evernote\Evernote\EvernoteIEx64.dll ~ IE Extra Buttons: Scanned in 00mn 00s ---\\ Winsock hijacker (Layered Service Provider) (O10) O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Network Location Awareness 2.) -- C:\Windows\system32\NLAapi.dll O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - Provedor de Correção de Nomeação de Emails.) -- C:\Windows\system32\napinsp.dll O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - PNRP Name Space Provider.) -- C:\Windows\system32\pnrpnsp.dll O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - PNRP Name Space Provider.) -- C:\Windows\system32\pnrpnsp.dll O10 - WLSP:\000000000005\Winsock LSP File . (.Microsoft Corporation - Provedor de serviços do Microsoft Windows Sockets 2.0.) -- C:\Windows\system32\mswsock.dll O10 - WLSP:\000000000006\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\Windows\system32\winrnr.dll O10 - WLSP:\000000000007\Winsock LSP File . (.Microsoft Corporation - Windows Sockets Helper DLL.) -- C:\Windows\system32\wshbth.dll O10 - WLSP:\000000000008\Winsock LSP File . (.Microsoft Corp. - Microsoft® Windows Live ID Namespace Provider.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.dll =>.Microsoft Corporation O10 - WLSP:\000000000009\Winsock LSP File . (.Microsoft Corp. - Microsoft® Windows Live ID Namespace Provider.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.dll =>.Microsoft Corporation ~ Winsock: 9 Scanned in 00mn 00s ---\\ Site na zona confiavél do Internet Explorer (05) O15 - Trusted Zone: [HKCU\...\Domains\www] *.bancobrasil.com.br O15 - Trusted Zone: [HKCU\...\Domains\www] http.bb.com.br O15 - Trusted Zone: [HKCU\...\Domains] *.dell.com ~ IE Zone Confiance: Scanned in 00mn 00s ---\\ Alteração Dominio/Clientes DNS (017) O17 - HKLM\System\CCS\Services\Tcpip\..\{05389BF2-51CB-4229-B83C-7F6592D3B37D}: DhcpNameServer = 192.168.25.1 O17 - HKLM\System\CCS\Services\Tcpip\..\{8C22330F-3B4B-48AE-BD21-B77AB1AA57B0}: DhcpNameServer = 192.168.25.1 O17 - HKLM\System\CS1\Services\Tcpip\..\{05389BF2-51CB-4229-B83C-7F6592D3B37D}: DhcpNameServer = 192.168.25.1 O17 - HKLM\System\CS1\Services\Tcpip\..\{8C22330F-3B4B-48AE-BD21-B77AB1AA57B0}: DhcpNameServer = 192.168.25.1 O17 - HKLM\System\CS2\Services\Tcpip\..\{05389BF2-51CB-4229-B83C-7F6592D3B37D}: DhcpNameServer = 192.168.25.1 O17 - HKLM\System\CS2\Services\Tcpip\..\{8C22330F-3B4B-48AE-BD21-B77AB1AA57B0}: DhcpNameServer = 192.168.25.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.25.1 ~ Domain: Scanned in 00mn 00s ---\\ Protocolo adicional (018) O18 - Handler: wlpg [64Bits] - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (...) -- O18 - Filter: text/xml [64Bits] - {807573E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.dll =>.Microsoft Corporation ~ Protocole Additionnel: Scanned in 00mn 00s ---\\ Valor do Registo AppInit_DLLs e sub-chaves Winlogon Notify (autorun) (O20) O20 - Winlogon Notify: igfxcui . (.Intel Corporation - igfxdev Module.) -- C:\WINDOWS\System32\igfxdev.dll ~ Winlogon: Scanned in 00mn 00s ---\\ Chave do Registo autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21) O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found. ~ SSODL: 1 Scanned in 00mn 00s ---\\ Lista dos serviços NT não Microsoft e não desativados (023) O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) . (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Andrea ST Filters Service (AESTFilters) . (.Andrea Electronics Corporation - Andrea filters APO access service (64-bit).) - C:\Program Files\IDT\WDM\AESTSr64.exe O23 - Service: Atheros Bt&Wlan Coex Agent (Atheros Bt&Wlan Coex Agent) . (.Atheros - Atheros Coex Service Application.) - C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\Ath_CoexAgent.exe O23 - Service: AtherosSvc (AtherosSvc) . (.Atheros Commnucations - AdminService Application.) - C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\adminservice.exe O23 - Service: Serviço Área de trabalho remota do Google Chrome (chromoting) . (.Google Inc. - Processo do host.) - C:\Program Files (x86)\Google\Chrome Remote Desktop\42.0.2311.39\remoting_host.exe O23 - Service: Gbp Service (GbpSv) . (.GAS Tecnologia - G-Buster Browser Defense - Service.) - C:\Program Files (x86)\GbPlugin\gbpsv.exe O23 - Service: Serviço do Google Update (gupdate) (gupdate) . (.Google Inc. - Google Installer.) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: (MBAMService) . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe O23 - Service: Motorola Device Manager Service (Motorola Device Manager) . (.Motorola Mobility LLC - MotoHelper Service.) - C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe O23 - Service: Corel License Validation Service V2 x64, Powered by arvato (PSI_SVC_2_x64) . (.arvato digital services llc - PsiService PsiService.) - c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe O23 - Service: PST Service (PST Service) . (.Motorola - ForwardDemon.) - C:\Program Files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe O23 - Service: Roxio Hard Drive Watcher 12 (RoxWatch12) . (.Sonic Solutions - RoxWatch12 Module.) - C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe O23 - Service: ScsiAccess (ScsiAccess) . (...) - C:\Program Files (x86)\Photodex\ProShowProducer\ScsiAccess.exe O23 - Service: SoftThinks Agent Service (SftService) . (.SoftThinks SAS - SoftThinks Agent Service.) - C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.exe O23 - Service: Skype Updater (SkypeUpdate) . (.Skype Technologies - Skype Updater Service.) - C:\Program Files (x86)\Skype\Updater\Updater.exe O23 - Service: C:\WINDOWS\System32\stlang64.dll (STacSV) . (.IDT, Inc. - IDT PC Audio TPE.) - C:\Program Files\IDT\WDM\STacSV64.exe O23 - Service: Warsaw Technology (Warsaw Technology) . (.GAS Tecnologia LTDA - GAS Tecnologia - Core.) - C:\Program Files\Diebold\Warsaw\core.exe ~ Services: 17 Scanned in 00mn 03s ---\\ Enumeração Ativa do Ambiente de trabalho & Editor MHTML (024) O24 - Default MHTML Editor: Last - .(...) - (.not file.) ~ Desktop Component: 4 Scanned in 00mn 00s ---\\ Listagem dos dados do BootExecute (Bex) (034) O34 - HKLM BootExecute: (autocheck autochk *) - File not found ~ BEX: 1 Scanned in 00mn 00s ---\\ Tarefas planificadas automaticamente (039) [MD5.3E04F1E482357B1FC8B088197C3D9FF8] [APT] [Adobe Acrobat Update Task] (.Adobe Systems Incorporated.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152] [MD5.B04A4810C6CC205F9DC72DC22E4AB236] [APT] [Adobe Flash Player Updater] (.Adobe Systems Incorporated.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [268464] [MD5.EE526B0428581B57FFC571FF57309E28] [APT] [CCleanerSkipUAC] (.Piriform Ltd.) -- C:\Program Files\CCleaner\CCleaner.exe [6369048] [MD5.506708142BC63DABA64F2D3AD1DCD5BF] [APT] [GoogleUpdateTaskMachineCore] (.Google Inc..) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [116648] [MD5.506708142BC63DABA64F2D3AD1DCD5BF] [APT] [GoogleUpdateTaskMachineUA] (.Google Inc..) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [116648] [MD5.B6037110B175707A353B12C814D34968] [APT] [Motorola Device Manager Engine] (...) -- C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotorolaDeviceManagerUpdate.exe [196920] [MD5.B6037110B175707A353B12C814D34968] [APT] [Motorola Device Manager Initial Update] (...) -- C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotorolaDeviceManagerUpdate.exe [196920] [MD5.B6037110B175707A353B12C814D34968] [APT] [Motorola Device Manager Update] (...) -- C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotorolaDeviceManagerUpdate.exe [196920] [MD5.20BE243A287ABD3D1F9CFBBF6C5A95C8] [APT] [PCDEventLauncher] (.PC-Doctor, Inc..) -- C:\Program Files\Dell Support Center\sessionchecker.exe [362312] [MD5.A4146679AA132CDA8D23C148A2B31F4B] [APT] [systemToolsDailyTest] (.PC-Doctor, Inc..) -- C:\Program Files\Dell Support Center\pcdrcui.exe [1206088] O39 - APT: Adobe Flash Player Updater - (.Adobe Systems Incorporated.) -- C:\WINDOWS\Tasks\Adobe Flash Player Updater.job [902] O39 - APT: Adobe Flash Player Updater - (.Adobe Systems Incorporated.) -- C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater [902] O39 - APT: GoogleUpdateTaskMachineCore - (.Google Inc..) -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job [1066] O39 - APT: GoogleUpdateTaskMachineCore - (.Google Inc..) -- C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore [1066] O39 - APT: GoogleUpdateTaskMachineUA - (.Google Inc..) -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job [1070] O39 - APT: GoogleUpdateTaskMachineUA - (.Google Inc..) -- C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA [1070] O39 - APT: SystemToolsDailyTest - (.PC-Doctor, Inc..) -- C:\WINDOWS\Tasks\SystemToolsDailyTest.job [422] O39 - APT: SystemToolsDailyTest - (.PC-Doctor, Inc..) -- C:\WINDOWS\System32\Tasks\SystemToolsDailyTest [422] ~ Scheduled Task: 15 Scanned in 00mn 12s ---\\ Componentes instalados (ActiveSetup Installed Components) (040) O40 - ASIC: Microsoft Windows Media Player [64Bits] - >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Recursos do Windows Media Player.) -- C:\WINDOWS\System32\wmploc.dll =>.Microsoft Corporation O40 - ASIC: Java (Sun) [64Bits] - {08B0E5C0-4FCB-11CF-AAA5-00401C608500} . (.Sun Microsystems, Inc. - Java Platform SE binary.) -- C:\Program Files\Java\jre6\bin\regutils.dll O40 - ASIC: Microsoft Windows Media Player 12.0 [64Bits] - {22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Windows Media Player Extension.) -- C:\Windows\SysWOW64\wmpdxm.dll =>.Microsoft Corporation O40 - ASIC: Themes Setup [64Bits] - {2C7339CF-2B09-4501-B3F3-F3508C9228ED} . (.Microsoft Corporation - API de tema do Windows.) -- C:\WINDOWS\System32\themeui.dll O40 - ASIC: Internet Explorer [64Bits] - {2D46B6DC-2207-486B-B523-A557E6D54B47} . (.Microsoft Corporation - Processador de comandos do Windows.) -- C:\Windows\system32\cmd.exe O40 - ASIC: Microsoft Windows [64Bits] - {44BBA840-CC51-11CF-AAFA-00AA00B6015C} . (.Microsoft Corporation - Windows Mail.) -- C:\Program Files (x86)\Windows Mail\WinMail.exe =>.Microsoft Corporation O40 - ASIC: Browsing Enhancements [64Bits] - {630b1da0-b465-11d1-9948-00c04f98bbc9} . (.Microsoft Corporation - Extensão shell da pasta FTP do Microsoft Internet Explorer.) -- C:\WINDOWS\System32\msieftp.dll O40 - ASIC: Microsoft Windows Media Player [64Bits] - {6BF52A52-394A-11d3-B153-00C04F79FAA6} . (.Microsoft Corporation - Recursos do Windows Media Player.) -- C:\WINDOWS\System32\wmploc.dll =>.Microsoft Corporation O40 - ASIC: Disable SSL3 [64Bits] - {7D715857-A67C-4C2F-A929-038448584D63} . (.Microsoft Corporation - Utilitário de Inicialização por Usuário do Internet Explorer.) -- C:\Windows\System32\ie4uinit.exe O40 - ASIC: Windows Desktop Update [64Bits] - {89820200-ECBD-11cf-8B85-00AA005B4340} . (.Microsoft Corporation - DLL comum do Shell do Windows.) -- C:\WINDOWS\System32\shell32.dll O40 - ASIC: Web Platform Customizations [64Bits] - {89820200-ECBD-11cf-8B85-00AA005B4383} . (.Microsoft Corporation - Utilitário de Inicialização por Usuário do Internet Explorer.) -- C:\Windows\System32\ie4uinit.exe O40 - ASIC: (no name) [64Bits] - {89B4C1CD-B018-4511-B0A1-5476DBF70820} . (.Microsoft Corporation - Microsoft .NET IE SECURITY REGISTRATION.) -- C:\Windows\system32\mscories.dll ~ Active Setup: 12 Scanned in 00mn 00s ---\\ Drivers lançados ao arranque do sistema (041) O41 - Driver: C:\WINDOWS\System32\drivers\afd.sys (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\WINDOWS\system32\drivers\afd.sys O41 - Driver: (blbdrive) . (.Microsoft Corporation - BLB Drive Driver.) - C:\WINDOWS\System32\DRIVERS\blbdrive.sys O41 - Driver: (cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\WINDOWS\System32\DRIVERS\cdrom.sys O41 - Driver: C:\WINDOWS\System32\drivers\dfsc.sys (DfsC) . (.Microsoft Corporation - DFS Namespace Client Driver.) - C:\WINDOWS\System32\Drivers\dfsc.sys O41 - Driver: C:\WINDOWS\System32\drivers\discache.sys (discache) . (.Microsoft Corporation - System Indexer/Cache Driver.) - C:\WINDOWS\System32\drivers\discache.sys O41 - Driver: (mssmbios) . (.Microsoft Corporation - System Management BIOS Driver.) - C:\WINDOWS\System32\DRIVERS\mssmbios.sys O41 - Driver: (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\WINDOWS\System32\DRIVERS\netbios.sys O41 - Driver: C:\WINDOWS\System32\drivers\netbt.sys (NetBT) . (.Microsoft Corporation - MBT Transport driver.) - C:\WINDOWS\System32\DRIVERS\netbt.sys O41 - Driver: C:\WINDOWS\System32\drivers\nsiproxy.sys (nsiproxy) . (.Microsoft Corporation - NSI Proxy.) - C:\WINDOWS\System32\drivers\nsiproxy.sys O41 - Driver: C:\WINDOWS\System32\drivers\pacer.sys (Psched) . (.Microsoft Corporation - Agendador de pacotes de serviço.) - C:\WINDOWS\System32\DRIVERS\pacer.sys O41 - Driver: C:\WINDOWS\System32\wkssvc.dll (rdbss) . (.Microsoft Corporation - Driver do Subsistema de Buffer da Unidade R.) - C:\WINDOWS\System32\DRIVERS\rdbss.sys O41 - Driver: C:\WINDOWS\System32\DRIVERS\RDPCDD.sys (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\WINDOWS\System32\DRIVERS\RDPCDD.sys O41 - Driver: C:\WINDOWS\System32\drivers\RDPENCDD.sys (RDPENCDD) . (.Microsoft Corporation - RDP Encoder Miniport.) - C:\WINDOWS\System32\drivers\rdpencdd.sys O41 - Driver: C:\WINDOWS\System32\drivers\RdpRefMp.sys (RDPREFMP) . (.Microsoft Corporation - RDP Reflector Driver Miniport.) - C:\WINDOWS\System32\drivers\rdprefmp.sys O41 - Driver: C:\WINDOWS\System32\tcpipcfg.dll (tdx) . (.Microsoft Corporation - TDI Translation Driver.) - C:\WINDOWS\System32\DRIVERS\tdx.sys O41 - Driver: (TermDD) . (.Microsoft Corporation - Remote Desktop Server Driver.) - C:\WINDOWS\System32\DRIVERS\termdd.sys O41 - Driver: (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\WINDOWS\system32\drivers\vga.sys O41 - Driver: (vwififlt) . (.Microsoft Corporation - Virtual WiFi Filter Driver.) - C:\WINDOWS\System32\DRIVERS\vwififlt.sys O41 - Driver: C:\WINDOWS\System32\rascfg.dll (Wanarpv6) . (.Microsoft Corporation - MS Remote Access and Routing ARP Driver.) - C:\WINDOWS\System32\DRIVERS\wanarp.sys O41 - Driver: (WfpLwf) . (.Microsoft Corporation - WFP NDIS 6.20 Lightweight Filter Driver.) - C:\WINDOWS\System32\DRIVERS\wfplwf.sys ~ Drivers: 60 Scanned in 00mn 00s ---\\ Software instalados (042) O42 - Logiciel: Adobe Flash Player 17 ActiveX - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- Adobe Flash Player ActiveX O42 - Logiciel: Adobe Flash Player 17 NPAPI - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- Adobe Flash Player NPAPI O42 - Logiciel: Adobe Reader X (10.1.14) MUI - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {AC76BA86-7AD7-FFFF-7B44-AA0000000001} O42 - Logiciel: Adobe Refresh Manager - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {AC76BA86-0804-1033-1959-001802114130} O42 - Logiciel: Advanced Audio FX Engine - (.Creative Technology Ltd.) [HKLM][64Bits] -- Advanced Audio FX Engine O42 - Logiciel: Ares 2.2.4 - (.Ares Development Group.) [HKLM][64Bits] -- Ares O42 - Logiciel: Ashampoo Burning Studio 2013 v.11.0.5 - (.Ashampoo GmbH & Co. KG.) [HKLM][64Bits] -- {91B33C97-0FBA-74AE-E802-D782F5C8AA89}_is1 O42 - Logiciel: CCleaner - (.Piriform.) [HKLM][64Bits] -- CCleaner O42 - Logiciel: Central de Mouse e Teclado da Microsoft - (.Microsoft Corporation.) [HKLM][64Bits] -- Microsoft Mouse and Keyboard Center O42 - Logiciel: Chrome Remote Desktop Host - (.Google Inc..) [HKLM][64Bits] -- {A1A724F3-F1A6-479C-AE98-208946717E2B} O42 - Logiciel: Corel Graphics - Windows Shell Extension - (.Corel Corporation.) [HKLM][64Bits] -- _{9DA7C2FD-AD83-4E2E-B9F2-9996749318E0} O42 - Logiciel: Corel Graphics - Windows Shell Extension - (.Corel Corporation.) [HKLM][64Bits] -- {9DA7C2FD-AD83-4E2E-B9F2-9996749318E0} O42 - Logiciel: Corel Graphics - Windows Shell Extension 32 Bit - (.Corel Corporation.) [HKLM][64Bits] -- {E9C590E8-F26F-4C99-8A56-9935CBF607EB} O42 - Logiciel: CorelDRAW Graphics Suite X7 (64-Bit) - (.Corel Corporation.) [HKLM][64Bits] -- _{5CB73140-806C-42C6-A05A-1AFD0E92DEB5} O42 - Logiciel: CorelDRAW Graphics Suite X7 - IPM Content (x64) - (.Corel Corporation.) [HKLM][64Bits] -- {EF44BCCD-13F9-4974-862C-CCFAF43EE082} O42 - Logiciel: CorelDRAW Graphics Suite X7 - IPM T (x64) - (.Corel Corporation.) [HKLM][64Bits] -- {13179AB2-69FD-459B-800F-81865A501AD4} O42 - Logiciel: CorelDRAW Graphics Suite X7 - Writing Tools (x64) - (. Corel Corporation.) [HKLM][64Bits] -- {D63404AC-C2F1-4B3D-96EA-9727AC9D994C} O42 - Logiciel: CyberLink PowerDVD 9.5 - (.CyberLink Corp..) [HKLM][64Bits] -- InstallShield_{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8} O42 - Logiciel: CyberLink PowerDVD 9.5 - (.CyberLink Corp..) [HKLM][64Bits] -- {A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8} O42 - Logiciel: D3DX10 - (.Microsoft.) [HKLM][64Bits] -- {E09C4DB7-630C-4F06-A631-8EA7239923AF} O42 - Logiciel: Dell Bluetooth Installation - (.Dell Inc..) [HKLM][64Bits] -- {28006915-2739-4EBE-B5E8-49B25D32EB33} O42 - Logiciel: Dell DataSafe Local Backup - (.Dell Inc..) [HKLM][64Bits] -- {0ED7EE95-6A97-47AA-AD73-152C08A15B04} O42 - Logiciel: Dell DataSafe Local Backup - Support Software - (.Dell Inc..) [HKLM][64Bits] -- {A9668246-FB70-4103-A1E3-66C9BC2EFB49} O42 - Logiciel: Dell Edoc Viewer - (.Dell Inc.) [HKLM][64Bits] -- {8EBA8727-ADC2-477B-9D9A-1A1836BE4E05} O42 - Logiciel: Dell Getting Started Guide - (.Dell Inc..) [HKLM][64Bits] -- {7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045} O42 - Logiciel: Dell PhotoStage - (.ArcSoft.) [HKLM][64Bits] -- {E4335E82-17B3-460F-9E70-39D9BC269DB3} O42 - Logiciel: Dell Product Registration - (.Dell Inc..) [HKLM][64Bits] -- {2A0F2CC5-3065-492C-8380-B03AA7106B1A} O42 - Logiciel: Dell Support Center - (.Dell Inc..) [HKLM][64Bits] -- Dell Support Center O42 - Logiciel: Dell Support Center - (.PC-Doctor, Inc..) [HKLM][64Bits] -- {0090A87C-3E0E-43D4-AA71-A71B06563A4A} O42 - Logiciel: Dell System Detect - (.Dell.) [HKCU][64Bits] -- 9204f5692a8faf3b O42 - Logiciel: Dell System Detect Bootstrapper - (.Dell.) [HKCU][64Bits] -- 8e3135b376bd523e O42 - Logiciel: Dell Touchpad - (.ALPS ELECTRIC CO., LTD..) [HKLM][64Bits] -- {9F72EF8B-AEC9-4CA5-B483-143980AFD6FD} O42 - Logiciel: Dell VideoStage - (.CyberLink Corp..) [HKLM][64Bits] -- InstallShield_{DCE0E79A-B9AC-41AC-98C1-7EF0538BCA7F} O42 - Logiciel: Dell VideoStage - (.CyberLink Corp..) [HKLM][64Bits] -- {DCE0E79A-B9AC-41AC-98C1-7EF0538BCA7F} O42 - Logiciel: Dell Webcam Central - (.Creative Technology Ltd.) [HKLM][64Bits] -- Dell Webcam Central O42 - Logiciel: DirectX 9 Runtime - (.Sonic Solutions.) [HKLM][64Bits] -- {AF9E97C1-7431-426D-A8D5-ABE40995C0B1} O42 - Logiciel: Evernote v. 5.8.6 - (.Evernote Corp..) [HKLM][64Bits] -- {FEDC7C10-EF67-11E4-9B07-00505695D7B0} O42 - Logiciel: First PDF - (...) [HKLM][64Bits] -- First PDF O42 - Logiciel: Freemake Video Converter versão 4.1.0 - (.Ellora Assets Corporation.) [HKLM][64Bits] -- Freemake Video Converter_is1 O42 - Logiciel: Google Chrome - (.Google Inc..) [HKLM][64Bits] -- Google Chrome O42 - Logiciel: Google Drive - (.Google, Inc..) [HKLM][64Bits] -- {35574F09-89F9-4B16-B69B-64F3E25901B8} O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM][64Bits] -- {60EC980A-BDA2-4CB6-A427-B07A5498B4CA} O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM][64Bits] -- {A92DAB39-4E2C-4304-9AB6-BC44E68B55E2} O42 - Logiciel: IDT Audio - (.IDT.) [HKLM][64Bits] -- {E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001} O42 - Logiciel: IRPF2014 - Declaração de Ajuste Anual, Final de Espólio e Saída Definitiva - (.Receita Federal do Brasil.) [HKLM][64Bits] -- IRPF2014 O42 - Logiciel: IRPF2015 - Declaração de Ajuste Anual, Final de Espólio e Saída Definitiva - (.Receita Federal do Brasil.) [HKLM][64Bits] -- IRPF2015 O42 - Logiciel: Intel® C++ Redistributables for Windows* on Intel® 64 - (.Intel Corporation.) [HKLM][64Bits] -- {D2437C5C-2D8C-40D2-8059-689AD7239FA3} O42 - Logiciel: Intel® Processor Graphics - (.Intel Corporation.) [HKLM][64Bits] -- {F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA} O42 - Logiciel: Intel® SDK for OpenCL - CPU Only Runtime Package - (.Intel Corporation.) [HKLM][64Bits] -- {FCB3772C-B7D0-4933-B1A9-3707EBACC573} O42 - Logiciel: JDownloader 2 - (.AppWork GmbH.) [HKLM][64Bits] -- jdownloader2 O42 - Logiciel: Java 7 Update 25 - (.Oracle.) [HKLM][64Bits] -- {26A24AE4-039D-4CA4-87B4-2F83217025FF} O42 - Logiciel: Java 6 Update 27 (64-bit) - (.Oracle.) [HKLM][64Bits] -- {26A24AE4-039D-4CA4-87B4-2F86416027FF} O42 - Logiciel: Junk Mail filter update - (.Microsoft Corporation.) [HKLM][64Bits] -- {1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4} O42 - Logiciel: MSVCRT - (.Microsoft.) [HKLM][64Bits] -- {8DD46C6A-0056-4FEC-B70A-28BB16A1F11F} O42 - Logiciel: MSVCRT_amd64 - (.Microsoft.) [HKLM][64Bits] -- {D0B44725-3666-492D-BEF6-587A14BD9BD9} O42 - Logiciel: MSXML 4.0 SP2 (KB954430) - (.Microsoft Corporation.) [HKLM][64Bits] -- {86493ADD-824D-4B8E-BD72-8C5DCDC52A71} O42 - Logiciel: MSXML 4.0 SP2 (KB973688) - (.Microsoft Corporation.) [HKLM][64Bits] -- {F662A8E6-F4DC-41A2-901E-8C11F044BDEC} O42 - Logiciel: MSXML 4.0 SP3 Parser (KB2758694) - (.Microsoft Corporation.) [HKLM][64Bits] -- {1D95BA90-F4F8-47EC-A882-441C99D30C1E} O42 - Logiciel: MSXML 4.0 SP3 Parser - (.Microsoft Corporation.) [HKLM][64Bits] -- {196467F1-C11F-4F76-858B-5812ADC83B94} O42 - Logiciel: Malwarebytes Anti-Malware versão 2.1.6.1022 - (.Malwarebytes Corporation.) [HKLM][64Bits] -- Malwarebytes Anti-Malware_is1 O42 - Logiciel: Mesh Runtime - (.Microsoft Corporation.) [HKLM][64Bits] -- {8C6D6116-B724-4810-8F2D-D047E6B7D68E} O42 - Logiciel: Microsoft OneDrive - (.Microsoft Corporation.) [HKCU][64Bits] -- OneDriveSetup.exe O42 - Logiciel: Microsoft Security Client - (.Microsoft Corporation.) [HKLM][64Bits] -- {D9FCBAAE-DB72-488B-96D0-0AA3C892C0D6} O42 - Logiciel: Microsoft Security Essentials - (.Microsoft Corporation.) [HKLM][64Bits] -- Microsoft Security Client O42 - Logiciel: Microsoft Silverlight - (.Microsoft Corporation.) [HKLM][64Bits] -- {89F4137D-6C26-4A84-BDB8-2E5A4BB71E00} O42 - Logiciel: Motorola Device Manager - (.Motorola Mobility.) [HKLM][64Bits] -- {28DB8373-C1BB-444F-A427-A55585A12ED7} O42 - Logiciel: Motorola Device Software Update - (.Motorola Mobility.) [HKLM][64Bits] -- {C89FA20F-0236-424C-B7D8-8E5EEDC20E15} O42 - Logiciel: Motorola Mobile Drivers Installation 6.2.0 - (.Motorola Inc..) [HKLM][64Bits] -- {8EC78F02-5C36-4C97-AAC4-95A3D742A285} =>.Motorola O42 - Logiciel: Mozilla Firefox 37.0.2 (x86 pt-BR) - (.Mozilla.) [HKLM][64Bits] -- Mozilla Firefox 37.0.2 (x86 pt-BR) O42 - Logiciel: Mozilla Maintenance Service - (.Mozilla.) [HKLM][64Bits] -- MozillaMaintenanceService O42 - Logiciel: Palco Dell - (.Fingertapps.) [HKLM][64Bits] -- {30703305-42C4-4282-B3E0-49E4E0E1052A} O42 - Logiciel: Palco de Música da Dell - (.Fingertapps.) [HKLM][64Bits] -- {870024EE-C29E-4A17-8610-C234D00E2EA4} O42 - Logiciel: PhotoScape - (...) [HKLM][64Bits] -- PhotoScape O42 - Logiciel: PhotoShowExpress - (.Sonic Solutions.) [HKLM][64Bits] -- {3250260C-7A95-4632-893B-89657EB5545B} O42 - Logiciel: Photodex Presenter - (.Photodex Corporation.) [HKLM][64Bits] -- Photodex Presenter O42 - Logiciel: ProShow Producer - (.Photodex Corporation.) [HKLM][64Bits] -- ProShow Producer O42 - Logiciel: Quickset64 - (.Dell Inc..) [HKLM][64Bits] -- {87CF757E-C1F1-4D22-865C-00C6950B5258} O42 - Logiciel: RBVirtualFolder64Inst - (.Roxio, Inc..) [HKLM][64Bits] -- {9D6DFAD6-09E5-445E-A4B5-A388FEEBD90D} O42 - Logiciel: Receitanet - (.Serpro - Serviço Federal de Processamento de Dados.) [HKLM][64Bits] -- ECC16E3C-16D1-4DC2-9D8A-6AC06B3005A5 O42 - Logiciel: Roxio Activation Module - (.Roxio.) [HKLM][64Bits] -- {A121EEDE-C68F-461D-91AA-D48BA226AF1C} O42 - Logiciel: Roxio BackOnTrack - (.Roxio.) [HKLM][64Bits] -- {5A06423A-210C-49FB-950E-CB0EB8C5CEC7} O42 - Logiciel: Roxio Burn - (.Roxio.) [HKLM][64Bits] -- {7746BFAA-2B5D-4FFD-A0E8-4558F4668105} O42 - Logiciel: Roxio Creator Starter - (.Roxio.) [HKLM][64Bits] -- {6F0BBEFE-BE1C-419B-BA1F-D36C9E7915BC} O42 - Logiciel: Roxio Creator Starter - (.Roxio.) [HKLM][64Bits] -- {EF56258E-0326-48C5-A86C-3BAC26FC15DF} O42 - Logiciel: Roxio Creator Starter - (.Roxio.) [HKLM][64Bits] -- {F06B5C4C-8D2E-4B24-9D43-7A45EEC6C878} O42 - Logiciel: Roxio Express Labeler 3 - (.Roxio.) [HKLM][64Bits] -- {6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA} O42 - Logiciel: Roxio File Backup - (.Roxio.) [HKLM][64Bits] -- {60B2315F-680F-4EB3-B8DD-CCDC86A7CCAB} O42 - Logiciel: Skype™ 7.4 - (.Skype Technologies S.A..) [HKLM][64Bits] -- {24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7} O42 - Logiciel: Software para Impressoras EPSON - (.SEIKO EPSON Corporation.) [HKLM][64Bits] -- EPSON Printer and Utilities O42 - Logiciel: Sonic CinePlayer Decoder Pack - (.Sonic Solutions.) [HKLM][64Bits] -- {9A00EC4E-27E1-42C4-98DD-662F32AC8870} O42 - Logiciel: Sony Mobile Update Engine - (.Sony Mobile Communications Inc..) [HKLM][64Bits] -- Update Engine O42 - Logiciel: Sony PC Companion 2.10.259 - (.Sony.) [HKLM][64Bits] -- {F09EF8F2-0976-42C1-8D9D-8DF78337C6E3} O42 - Logiciel: Subtitle Workshop 2.51 - (...) [HKLM][64Bits] -- SubtitleWorkshop O42 - Logiciel: VLC media player - (.VideoLAN.) [HKLM][64Bits] -- VLC media player =>.VideoLAN O42 - Logiciel: VobSub v2.23 (Remove Only) - (...) [HKLM][64Bits] -- VobSub O42 - Logiciel: Warsaw 1.5.1.8886 64 bits - (.GAS Tecnologia.) [HKLM][64Bits] -- {20E60725-16C8-4FB9-8BC2-AF92C5F8D06D}_is1 O42 - Logiciel: WinRAR 4.20 (32-bit) - (.win.rar GmbH.) [HKLM][64Bits] -- WinRAR archiver ~ Logic: 57 Scanned in 00mn 00s ---\\ HKCU & HKLM Software Keys [HKCU\Software\7AndroidRecovery] [HKCU\Software\ASProtect] [HKCU\Software\Adobe] [HKCU\Software\Alps] [HKCU\Software\AppDataLow\Software\JavaSoft] [HKCU\Software\AppDataLow\Software\MarkAny] [HKCU\Software\AppDataLow] [HKCU\Software\Ares] [HKCU\Software\Ashampoo] [HKCU\Software\Atheros] [HKCU\Software\AutoHelpDesk] [HKCU\Software\Chromium] [HKCU\Software\Classes] [HKCU\Software\Clients] [HKCU\Software\Corel] [HKCU\Software\Creative Tech] [HKCU\Software\CyberLink] [HKCU\Software\Dell] [HKCU\Software\EPSON] [HKCU\Software\Evernote] [HKCU\Software\FSPro Labs] [HKCU\Software\Freemake] [HKCU\Software\Gabest] [HKCU\Software\GbAs] [HKCU\Software\GbPlugin] [HKCU\Software\Google] [HKCU\Software\IM Providers] [HKCU\Software\Intel] [HKCU\Software\JavaSoft] [HKCU\Software\Lake] [HKCU\Software\Leadertech] [HKCU\Software\Macromedia] [HKCU\Software\Macrovision] [HKCU\Software\Mooii] [HKCU\Software\MozillaPlugins] [HKCU\Software\Mozilla] [HKCU\Software\Netscape] [HKCU\Software\ODBC] [HKCU\Software\PC-Doctor] [HKCU\Software\Photodex] [HKCU\Software\Piriform] [HKCU\Software\Policies] [HKCU\Software\Roxio] [HKCU\Software\Samsung] [HKCU\Software\SautinSoft] [HKCU\Software\SkypeRS] [HKCU\Software\Skype] [HKCU\Software\Sonic] [HKCU\Software\Sony] [HKCU\Software\SubSystems] [HKCU\Software\SupRip] [HKCU\Software\Trend Micro] [HKCU\Software\Trolltech] [HKCU\Software\VirtualDub.org] [HKCU\Software\WinRAR SFX] [HKCU\Software\WinRAR] [HKCU\Software\Wondershare] [HKCU\Software\Wow6432Node] [HKCU\Software\ZebHelpProcess Helper] [HKCU\Software\ej-technologies] [HKLM\Software\ATHEROS] [HKLM\Software\ATI Technologies] [HKLM\Software\Alps] [HKLM\Software\Bitstream] [HKLM\Software\CBSTEST] [HKLM\Software\Classes] [HKLM\Software\Clients] [HKLM\Software\Corel] [HKLM\Software\Creative Tech] [HKLM\Software\Dell Computer Corporation] [HKLM\Software\Dell] [HKLM\Software\EPSON] [HKLM\Software\Fingertapps] [HKLM\Software\Google] [HKLM\Software\IDT] [HKLM\Software\IM Providers] [HKLM\Software\InstalledOptions] [HKLM\Software\Intel] [HKLM\Software\JavaSoft] [HKLM\Software\Khronos] [HKLM\Software\Macromedia] [HKLM\Software\McAfee] [HKLM\Software\Motorola Mobility] [HKLM\Software\Motorola] [HKLM\Software\MozillaPlugins] [HKLM\Software\Mozilla] [HKLM\Software\ODBC] [HKLM\Software\PC-Doctor] [HKLM\Software\Piriform] [HKLM\Software\Policies] [HKLM\Software\Protexis64] [HKLM\Software\RegisteredApplications] [HKLM\Software\SAMSUNG] [HKLM\Software\SRS Labs] [HKLM\Software\Sony Mobile] [HKLM\Software\Waves Audio] [HKLM\Software\Wow6432Node\Adobe] [HKLM\Software\Wow6432Node\AdwCleaner] [HKLM\Software\Wow6432Node\Ashampoo] [HKLM\Software\Wow6432Node\Atheros] [HKLM\Software\Wow6432Node\AutoHelpDesk] [HKLM\Software\Wow6432Node\Caphyon] [HKLM\Software\Wow6432Node\Classes] [HKLM\Software\Wow6432Node\Clients] [HKLM\Software\Wow6432Node\Corel] [HKLM\Software\Wow6432Node\Creative Tech] [HKLM\Software\Wow6432Node\CyberLink] [HKLM\Software\Wow6432Node\Debug] [HKLM\Software\Wow6432Node\Dell Inc.] [HKLM\Software\Wow6432Node\Dell] [HKLM\Software\Wow6432Node\EPSON] [HKLM\Software\Wow6432Node\Evernote] [HKLM\Software\Wow6432Node\Freemake] [HKLM\Software\Wow6432Node\Google] [HKLM\Software\Wow6432Node\IDT] [HKLM\Software\Wow6432Node\IM Providers] [HKLM\Software\Wow6432Node\Intel] [HKLM\Software\Wow6432Node\JavaSoft] [HKLM\Software\Wow6432Node\JreMetrics] [HKLM\Software\Wow6432Node\Khronos] [HKLM\Software\Wow6432Node\Lake] [HKLM\Software\Wow6432Node\Macromedia] [HKLM\Software\Wow6432Node\Malwarebytes' Anti-Malware] [HKLM\Software\Wow6432Node\McAfee] [HKLM\Software\Wow6432Node\MicroVision] [HKLM\Software\Wow6432Node\Mooii] [HKLM\Software\Wow6432Node\Motorola Mobility] [HKLM\Software\Wow6432Node\Motorola] [HKLM\Software\Wow6432Node\MozillaPlugins] [HKLM\Software\Wow6432Node\Mozilla] [HKLM\Software\Wow6432Node\ODBC] [HKLM\Software\Wow6432Node\Photodex Media Sources] [HKLM\Software\Wow6432Node\Policies] [HKLM\Software\Wow6432Node\RegisteredApplications] [HKLM\Software\Wow6432Node\Roxio] [HKLM\Software\Wow6432Node\Samsung] [HKLM\Software\Wow6432Node\SautinSoft] [HKLM\Software\Wow6432Node\Skype] [HKLM\Software\Wow6432Node\SoftThinks] [HKLM\Software\Wow6432Node\Sonic] [HKLM\Software\Wow6432Node\Sony Mobile] [HKLM\Software\Wow6432Node\Sony] [HKLM\Software\Wow6432Node\SuppHelpDir] [HKLM\Software\Wow6432Node\Time4Popcorn] [HKLM\Software\Wow6432Node\TrendMicro] [HKLM\Software\Wow6432Node\URUSoft] [HKLM\Software\Wow6432Node\VideoLAN] [HKLM\Software\Wow6432Node\Volatile] [HKLM\Software\Wow6432Node\WinRAR] [HKLM\Software\Wow6432Node\Windows] [HKLM\Software\Wow6432Node\Wondershare] [HKLM\Software\Wow6432Node\illiminable] [HKLM\Software\Wow6432Node\mozilla.org] [HKLM\Software\Wow6432Node] [HKLM\Software\ej-technologies] ~ Key Software: 313 Scanned in 00mn 00s ---\\ Conteúdo das pastas Programs/ProgramFiles/ProgramData/AppData (O43) O43 - CFD: 02/03/2014 - 22:04:46 - [] ----D C:\Program Files (x86)\7-Data Android Recovery O43 - CFD: 23/09/2011 - 00:23:25 - [] ----D C:\Program Files (x86)\Adobe O43 - CFD: 06/08/2013 - 13:49:57 - [] ----D C:\Program Files (x86)\Ares O43 - CFD: 03/08/2013 - 14:50:21 - [] ----D C:\Program Files (x86)\Ashampoo O43 - CFD: 21/03/2015 - 20:14:56 - [] ----D C:\Program Files (x86)\AviSynth 2.5 O43 - CFD: 17/05/2015 - 00:33:10 - [] ----D C:\Program Files (x86)\Common Files O43 - CFD: 31/07/2013 - 19:52:08 - [] ----D C:\Program Files (x86)\Creative O43 - CFD: 31/07/2013 - 20:05:07 - [] ----D C:\Program Files (x86)\Creative Live! Cam O43 - CFD: 23/09/2011 - 00:10:05 - [] ----D C:\Program Files (x86)\Cyberlink O43 - CFD: 23/09/2011 - 00:31:11 - [] ----D C:\Program Files (x86)\Dell O43 - CFD: 28/05/2015 - 17:07:09 - [] ----D C:\Program Files (x86)\Dell DataSafe Local Backup O43 - CFD: 23/09/2011 - 00:31:35 - [] ----D C:\Program Files (x86)\Dell Stage O43 - CFD: 23/09/2011 - 00:12:11 - [] ----D C:\Program Files (x86)\Dell Webcam O43 - CFD: 23/09/2011 - 00:05:50 - [] ----D C:\Program Files (x86)\Dell Wireless O43 - CFD: 26/03/2015 - 08:37:33 - [] --H-D C:\Program Files (x86)\Diebold O43 - CFD: 02/03/2014 - 21:30:54 - [] --H-D C:\Program Files (x86)\DrFoneAndroid_Temp O43 - CFD: 02/03/2014 - 20:38:34 - [] ----D C:\Program Files (x86)\Evernote O43 - CFD: 11/03/2014 - 11:38:41 - [] ----D C:\Program Files (x86)\First PDF O43 - CFD: 30/10/2013 - 10:48:17 - [] ----D C:\Program Files (x86)\Freemake O43 - CFD: 04/10/2013 - 09:47:46 - [] ----D C:\Program Files (x86)\Gabest O43 - CFD: 26/03/2015 - 08:37:33 - [] --H-D C:\Program Files (x86)\GAS Tecnologia O43 - CFD: 13/02/2015 - 15:01:21 - [] ----D C:\Program Files (x86)\GbPlugin O43 - CFD: 08/04/2015 - 21:34:09 - [] ----D C:\Program Files (x86)\Google O43 - CFD: 15/03/2015 - 16:42:04 - [] --H-D C:\Program Files (x86)\InstallJammer Registry O43 - CFD: 30/04/2015 - 15:28:32 - [] --H-D C:\Program Files (x86)\InstallShield Installation Information O43 - CFD: 06/08/2013 - 13:41:03 - [] ----D C:\Program Files (x86)\Intel O43 - CFD: 14/05/2015 - 16:17:23 - [] ----D C:\Program Files (x86)\Internet Explorer O43 - CFD: 01/08/2013 - 13:47:04 - [] ----D C:\Program Files (x86)\Java O43 - CFD: 20/05/2015 - 10:01:07 - [] ----D C:\Program Files (x86)\Malwarebytes Anti-Malware O43 - CFD: 01/08/2013 - 14:30:34 - [0] ----D C:\Program Files (x86)\Microsoft O43 - CFD: 31/07/2013 - 23:35:54 - [] ----D C:\Program Files (x86)\Microsoft Analysis Services O43 - CFD: 31/07/2013 - 23:35:40 - [] ----D C:\Program Files (x86)\Microsoft Office O43 - CFD: 14/05/2015 - 14:40:52 - [] ----D C:\Program Files (x86)\Microsoft Security Client O43 - CFD: 14/05/2015 - 21:36:17 - [] ----D C:\Program Files (x86)\Microsoft Silverlight O43 - CFD: 10/11/2013 - 19:39:13 - [] ----D C:\Program Files (x86)\Microsoft SkyDrive =>.Microsoft Corporation O43 - CFD: 23/09/2011 - 00:18:36 - [] ----D C:\Program Files (x86)\Microsoft SQL Server Compact Edition O43 - CFD: 31/07/2013 - 23:38:43 - [] ----D C:\Program Files (x86)\Microsoft.NET O43 - CFD: 21/09/2013 - 11:13:46 - [] ----D C:\Program Files (x86)\Motorola O43 - CFD: 21/09/2013 - 11:13:52 - [] ----D C:\Program Files (x86)\Motorola Mobility O43 - CFD: 04/05/2015 - 20:27:23 - [] ----D C:\Program Files (x86)\Mozilla Firefox O43 - CFD: 05/05/2015 - 12:58:23 - [] ----D C:\Program Files (x86)\Mozilla Maintenance Service O43 - CFD: 14/07/2009 - 02:32:38 - [] ----D C:\Program Files (x86)\MSBuild O43 - CFD: 21/09/2013 - 11:13:37 - [] ----D C:\Program Files (x86)\MSXML 4.0 O43 - CFD: 03/08/2014 - 20:22:44 - [] ----D C:\Program Files (x86)\Photodex O43 - CFD: 03/08/2014 - 20:23:15 - [] ----D C:\Program Files (x86)\Photodex Presenter O43 - CFD: 22/04/2015 - 22:38:58 - [] ----D C:\Program Files (x86)\PhotoScape O43 - CFD: 15/03/2015 - 16:42:08 - [] ----D C:\Program Files (x86)\Programas RFB O43 - CFD: 14/07/2009 - 02:32:38 - [] ----D C:\Program Files (x86)\Reference Assemblies O43 - CFD: 23/09/2011 - 00:27:55 - [] ----D C:\Program Files (x86)\Roxio O43 - CFD: 22/04/2015 - 12:43:28 - [] R---D C:\Program Files (x86)\Skype O43 - CFD: 02/12/2014 - 10:54:24 - [] ----D C:\Program Files (x86)\Sony O43 - CFD: 02/12/2014 - 11:21:13 - [] ----D C:\Program Files (x86)\Sony Mobile O43 - CFD: 23/09/2011 - 00:20:07 - [] ----D C:\Program Files (x86)\System Registration O43 - CFD: 19/05/2014 - 12:40:42 - [] ----D C:\Program Files (x86)\Time4Popcorn O43 - CFD: 14/07/2009 - 01:57:06 - [0] --H-D C:\Program Files (x86)\Uninstall Information O43 - CFD: 14/08/2013 - 22:49:23 - [] ----D C:\Program Files (x86)\URUSoft O43 - CFD: 01/08/2013 - 14:48:11 - [] ----D C:\Program Files (x86)\VideoLAN O43 - CFD: 31/07/2013 - 22:45:47 - [] ----D C:\Program Files (x86)\Windows Defender O43 - CFD: 23/09/2011 - 00:19:17 - [] ----D C:\Program Files (x86)\Windows Live O43 - CFD: 21/11/2010 - 06:37:34 - [] ----D C:\Program Files (x86)\Windows Mail =>.Microsoft Corporation O43 - CFD: 11/03/2015 - 11:59:02 - [] ----D C:\Program Files (x86)\Windows Media Player =>.Microsoft Corporation O43 - CFD: 14/07/2009 - 02:32:38 - [] ----D C:\Program Files (x86)\Windows NT O43 - CFD: 21/11/2010 - 06:37:34 - [] ----D C:\Program Files (x86)\Windows Photo Viewer O43 - CFD: 21/11/2010 - 00:31:38 - [] ----D C:\Program Files (x86)\Windows Portable Devices O43 - CFD: 21/11/2010 - 06:37:34 - [] ----D C:\Program Files (x86)\Windows Sidebar O43 - CFD: 01/08/2013 - 15:22:56 - [] ----D C:\Program Files (x86)\WinRAR O43 - CFD: 27/05/2015 - 23:12:48 - [] ----D C:\Program Files (x86)\ZHPDiag =>.Nicolas Coolman O43 - CFD: 31/07/2013 - 22:53:52 - [] ----D C:\Program Files (x86)\Common Files\Adobe O43 - CFD: 23/09/2011 - 00:04:11 - [] ----D C:\Program Files (x86)\Common Files\Atheros O43 - CFD: 23/09/2011 - 00:10:35 - [] ----D C:\Program Files (x86)\Common Files\CyberLink O43 - CFD: 23/09/2011 - 00:11:44 - [] ----D C:\Program Files (x86)\Common Files\InstallShield O43 - CFD: 16/10/2014 - 15:13:27 - [] ----D C:\Program Files (x86)\Common Files\Intel O43 - CFD: 01/08/2013 - 13:47:27 - [] ----D C:\Program Files (x86)\Common Files\Java O43 - CFD: 16/10/2014 - 15:11:17 - [] ----D C:\Program Files (x86)\Common Files\microsoft shared O43 - CFD: 21/09/2013 - 11:13:46 - [] ----D C:\Program Files (x86)\Common Files\MSSoap O43 - CFD: 23/09/2011 - 00:28:14 - [] ----D C:\Program Files (x86)\Common Files\PX Storage Engine O43 - CFD: 23/09/2011 - 00:28:34 - [] ----D C:\Program Files (x86)\Common Files\Roxio Shared O43 - CFD: 14/07/2009 - 00:20:08 - [] ----D C:\Program Files (x86)\Common Files\Services O43 - CFD: 22/10/2014 - 12:42:08 - [] ----D C:\Program Files (x86)\Common Files\Skype O43 - CFD: 23/09/2011 - 00:27:48 - [] ----D C:\Program Files (x86)\Common Files\Sonic Shared O43 - CFD: 14/07/2009 - 00:20:08 - [] ----D C:\Program Files (x86)\Common Files\SpeechEngines O43 - CFD: 23/09/2011 - 00:27:45 - [] ----D C:\Program Files (x86)\Common Files\SureThing Shared O43 - CFD: 31/07/2013 - 22:45:50 - [] ----D C:\Program Files (x86)\Common Files\System O43 - CFD: 23/09/2011 - 00:14:25 - [] ----D C:\Program Files (x86)\Common Files\Windows Live O43 - CFD: 31/07/2013 - 22:51:09 - [] ----D C:\ProgramData\Adobe O43 - CFD: 14/07/2009 - 02:08:56 - [] -SH-D C:\ProgramData\Application Data O43 - CFD: 03/08/2013 - 14:50:48 - [] ----D C:\ProgramData\Ashampoo O43 - CFD: 07/08/2013 - 11:33:24 - [] ----D C:\ProgramData\Atheros O43 - CFD: 03/10/2014 - 14:20:05 - [] ----D C:\ProgramData\BlueStacksSetup O43 - CFD: 16/10/2014 - 15:36:03 - [] ----D C:\ProgramData\Corel O43 - CFD: 31/07/2013 - 19:51:49 - [] ----D C:\ProgramData\Creative O43 - CFD: 07/09/2013 - 20:24:41 - [] ----D C:\ProgramData\CyberLink O43 - CFD: 31/07/2013 - 12:28:04 - [] -SH-D C:\ProgramData\Dados de aplicativos O43 - CFD: 23/09/2011 - 00:11:23 - [] ----D C:\ProgramData\dell O43 - CFD: 14/07/2009 - 02:08:56 - [] -SH-D C:\ProgramData\Desktop O43 - CFD: 31/07/2013 - 12:28:04 - [] -SH-D C:\ProgramData\Documentos O43 - CFD: 14/07/2009 - 02:08:56 - [] -SH-D C:\ProgramData\Documents O43 - CFD: 05/11/2013 - 11:35:44 - [] ----D C:\ProgramData\EPSON O43 - CFD: 14/07/2009 - 02:08:56 - [] -SH-D C:\ProgramData\Favorites O43 - CFD: 31/07/2013 - 12:28:04 - [] -SH-D C:\ProgramData\Favoritos O43 - CFD: 30/10/2013 - 10:57:10 - [] ----D C:\ProgramData\Freemake O43 - CFD: 08/05/2015 - 14:04:41 - [] ----D C:\ProgramData\GAS Tecnologia O43 - CFD: 13/02/2015 - 15:01:33 - [] ----D C:\ProgramData\GbPlugin O43 - CFD: 03/10/2014 - 15:20:19 - [] ----D C:\ProgramData\Google O43 - CFD: 23/09/2011 - 00:09:13 - [] ----D C:\ProgramData\install_clap O43 - CFD: 06/08/2013 - 13:41:12 - [] ----D C:\ProgramData\Intel O43 - CFD: 23/09/2011 - 00:25:36 - [] ----D C:\ProgramData\Macrovision O43 - CFD: 20/05/2015 - 10:01:02 - [] ----D C:\ProgramData\Malwarebytes O43 - CFD: 31/07/2013 - 19:49:52 - [] ----D C:\ProgramData\McAfee O43 - CFD: 31/07/2013 - 12:28:04 - [] -SH-D C:\ProgramData\Menu Iniciar O43 - CFD: 10/12/2014 - 16:19:46 - [] -S--D C:\ProgramData\Microsoft O43 - CFD: 14/05/2015 - 14:45:08 - [] ----D C:\ProgramData\Microsoft Help O43 - CFD: 10/11/2013 - 19:39:02 - [] ----D C:\ProgramData\Microsoft OneDrive O43 - CFD: 31/07/2013 - 12:28:04 - [] -SH-D C:\ProgramData\Modelos O43 - CFD: 21/09/2013 - 11:14:21 - [] ----D C:\ProgramData\Motorola O43 - CFD: 31/07/2013 - 20:48:22 - [] ----D C:\ProgramData\Mozilla O43 - CFD: 17/05/2015 - 18:36:06 - [] ----D C:\ProgramData\PCDr O43 - CFD: 03/08/2014 - 20:23:09 - [] ----D C:\ProgramData\Photodex O43 - CFD: 23/09/2011 - 00:27:38 - [] ----D C:\ProgramData\PhotoShow Shared Assets O43 - CFD: 14/04/2015 - 11:09:36 - [] ----D C:\ProgramData\Protexis O43 - CFD: 16/10/2014 - 15:14:43 - [] ----D C:\ProgramData\Protexis64 O43 - CFD: 23/09/2011 - 00:42:58 - [] ----D C:\ProgramData\Roxio O43 - CFD: 02/12/2014 - 10:51:40 - [] ----D C:\ProgramData\Samsung O43 - CFD: 04/05/2015 - 07:23:06 - [] ----D C:\ProgramData\Skype O43 - CFD: 20/05/2015 - 09:38:27 - [] ----D C:\ProgramData\Sonic O43 - CFD: 02/12/2014 - 10:54:24 - [] ----D C:\ProgramData\Sony O43 - CFD: 02/12/2014 - 11:21:13 - [] ----D C:\ProgramData\Sony Mobile O43 - CFD: 14/07/2009 - 02:08:56 - [] -SH-D C:\ProgramData\Start Menu O43 - CFD: 23/09/2011 - 00:02:28 - [] ----D C:\ProgramData\Sun O43 - CFD: 13/02/2015 - 15:04:06 - [] ----D C:\ProgramData\Temp O43 - CFD: 14/07/2009 - 02:08:56 - [] -SH-D C:\ProgramData\Templates O43 - CFD: 23/09/2011 - 00:28:33 - [] ----D C:\ProgramData\Uninstall O43 - CFD: 31/07/2013 - 22:49:59 - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories O43 - CFD: 14/07/2009 - 01:57:13 - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools O43 - CFD: 06/08/2013 - 13:49:54 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ares O43 - CFD: 03/08/2013 - 14:50:46 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ashampoo O43 - CFD: 23/09/2011 - 00:04:39 - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BT Program O43 - CFD: 28/05/2015 - 13:39:18 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner O43 - CFD: 24/12/2014 - 08:16:51 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Central de Mouse e Teclado da Microsoft O43 - CFD: 14/04/2015 - 11:14:45 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CorelDRAW Graphics Suite X7 (64-bit) O43 - CFD: 23/09/2011 - 00:42:51 - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDVD 9.5 O43 - CFD: 23/09/2011 - 00:31:13 - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell O43 - CFD: 23/09/2011 - 00:06:19 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell DataSafe O43 - CFD: 23/09/2011 - 00:31:36 - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell Stage O43 - CFD: 23/09/2011 - 00:20:16 - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell Support Center O43 - CFD: 31/07/2013 - 20:05:46 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell Webcam O43 - CFD: 05/11/2013 - 11:35:40 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON O43 - CFD: 09/05/2015 - 23:51:12 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Evernote O43 - CFD: 11/03/2014 - 11:38:41 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\First PDF O43 - CFD: 30/10/2013 - 10:48:17 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Freemake O43 - CFD: 14/07/2009 - 01:57:12 - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games O43 - CFD: 31/07/2013 - 20:37:32 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome O43 - CFD: 08/05/2015 - 10:35:24 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive O43 - CFD: 14/07/2009 - 01:57:09 - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance O43 - CFD: 20/05/2015 - 10:01:09 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware O43 - CFD: 31/07/2013 - 23:39:25 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office O43 - CFD: 14/05/2015 - 14:25:37 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight O43 - CFD: 21/09/2013 - 11:13:49 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Motorola Device Manager O43 - CFD: 09/08/2013 - 11:29:03 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PhotoScape O43 - CFD: 19/05/2014 - 12:40:48 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Popcorn Time O43 - CFD: 15/03/2015 - 16:42:13 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Programas RFB O43 - CFD: 23/09/2011 - 00:28:15 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Roxio Creator Starter O43 - CFD: 22/10/2014 - 12:42:09 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype O43 - CFD: 30/04/2015 - 15:28:45 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony O43 - CFD: 14/07/2009 - 01:54:24 - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup O43 - CFD: 14/08/2013 - 22:49:25 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\URUSoft O43 - CFD: 09/01/2014 - 13:35:28 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN O43 - CFD: 04/10/2013 - 09:47:46 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VobSub O43 - CFD: 11/09/2014 - 12:49:58 - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live O43 - CFD: 07/04/2014 - 21:09:30 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR O43 - CFD: 27/05/2015 - 23:12:48 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZHP =>.Nicolas Coolman O43 - CFD: 31/07/2013 - 21:33:35 - [] ----D C:\Users\Flávio\AppData\Roaming\Adobe O43 - CFD: 03/08/2013 - 14:50:56 - [] ----D C:\Users\Flávio\AppData\Roaming\Ashampoo O43 - CFD: 04/02/2015 - 10:23:19 - [] ----D C:\Users\Flávio\AppData\Roaming\br.com.iba.magazinesdesktop O43 - CFD: 14/04/2015 - 11:15:11 - [] ----D C:\Users\Flávio\AppData\Roaming\Corel O43 - CFD: 31/07/2013 - 20:07:41 - [] ----D C:\Users\Flávio\AppData\Roaming\Creative O43 - CFD: 07/09/2013 - 20:24:41 - [] ----D C:\Users\Flávio\AppData\Roaming\CyberLink O43 - CFD: 31/07/2013 - 12:32:12 - [] ----D C:\Users\Flávio\AppData\Roaming\Dell O43 - CFD: 31/07/2013 - 12:32:07 - [] ----D C:\Users\Flávio\AppData\Roaming\Dell Touch Zone O43 - CFD: 30/10/2013 - 10:57:46 - [] ----D C:\Users\Flávio\AppData\Roaming\dvdcss O43 - CFD: 31/07/2013 - 12:32:13 - [] ----D C:\Users\Flávio\AppData\Roaming\Fingertapps O43 - CFD: 31/07/2013 - 12:31:31 - [] ----D C:\Users\Flávio\AppData\Roaming\Identities O43 - CFD: 05/11/2013 - 11:10:28 - [] ----D C:\Users\Flávio\AppData\Roaming\InstallShield O43 - CFD: 31/07/2013 - 12:32:02 - [] ----D C:\Users\Flávio\AppData\Roaming\Leadertech O43 - CFD: 31/07/2013 - 19:46:08 - [] ----D C:\Users\Flávio\AppData\Roaming\Macromedia O43 - CFD: 31/07/2013 - 21:58:00 - [] ----D C:\Users\Flávio\AppData\Roaming\Macrovision O43 - CFD: 15/05/2015 - 10:54:47 - [] -S--D C:\Users\Flávio\AppData\Roaming\Microsoft O43 - CFD: 21/09/2013 - 11:11:19 - [] ----D C:\Users\Flávio\AppData\Roaming\Motorola O43 - CFD: 21/09/2013 - 11:13:56 - [] ----D C:\Users\Flávio\AppData\Roaming\Motorola Mobility O43 - CFD: 03/08/2014 - 20:23:09 - [] ----D C:\Users\Flávio\AppData\Roaming\Mozilla O43 - CFD: 03/08/2014 - 20:23:09 - [] ----D C:\Users\Flávio\AppData\Roaming\Netscape O43 - CFD: 03/08/2014 - 20:21:35 - [] ----D C:\Users\Flávio\AppData\Roaming\Photodex O43 - CFD: 28/05/2015 - 13:50:28 - [0] ----D C:\Users\Flávio\AppData\Roaming\PhotoScape O43 - CFD: 31/07/2013 - 12:32:04 - [] ----D C:\Users\Flávio\AppData\Roaming\Roxio O43 - CFD: 02/12/2014 - 10:54:20 - [] ----D C:\Users\Flávio\AppData\Roaming\Samsung O43 - CFD: 11/05/2015 - 17:19:40 - [] ----D C:\Users\Flávio\AppData\Roaming\Skype O43 - CFD: 16/05/2015 - 21:34:50 - [] ----D C:\Users\Flávio\AppData\Roaming\vlc O43 - CFD: 01/08/2013 - 15:23:28 - [] ----D C:\Users\Flávio\AppData\Roaming\WinRAR O43 - CFD: 02/03/2014 - 21:02:57 - [] ----D C:\Users\Flávio\AppData\Roaming\Wondershare O43 - CFD: 28/05/2015 - 17:09:45 - [] ----D C:\Users\Flávio\AppData\Roaming\ZHP =>.Nicolas Coolman O43 - CFD: 22/04/2014 - 13:41:11 - [] ----D C:\Users\Flávio\AppData\Local\Adobe O43 - CFD: 31/07/2013 - 20:36:36 - [] ----D C:\Users\Flávio\AppData\Local\Apps O43 - CFD: 10/02/2014 - 16:28:41 - [] ----D C:\Users\Flávio\AppData\Local\Ares O43 - CFD: 03/08/2013 - 14:50:48 - [] ----D C:\Users\Flávio\AppData\Local\ashampoo O43 - CFD: 31/07/2013 - 12:32:02 - [] ----D C:\Users\Flávio\AppData\Local\BMExplorer O43 - CFD: 09/10/2013 - 10:23:21 - [] ----D C:\Users\Flávio\AppData\Local\Comodo O43 - CFD: 28/05/2015 - 13:50:25 - [0] ----D C:\Users\Flávio\AppData\Local\CrashDumps O43 - CFD: 07/09/2013 - 20:24:38 - [] ----D C:\Users\Flávio\AppData\Local\Cyberlink O43 - CFD: 31/07/2013 - 12:28:17 - [] -SH-D C:\Users\Flávio\AppData\Local\Dados de aplicativos O43 - CFD: 31/07/2013 - 12:32:47 - [] ----D C:\Users\Flávio\AppData\Local\Dell O43 - CFD: 20/05/2015 - 09:37:22 - [0] ----D C:\Users\Flávio\AppData\Local\Deployment O43 - CFD: 30/04/2015 - 15:10:04 - [] ----D C:\Users\Flávio\AppData\Local\Diagnostics O43 - CFD: 19/01/2014 - 18:49:49 - [] ----D C:\Users\Flávio\AppData\Local\Downloaded Installations O43 - CFD: 03/12/2014 - 12:03:28 - [] -SH-D C:\Users\Flávio\AppData\Local\EmieBrowserModeList O43 - CFD: 24/04/2014 - 00:17:23 - [] -SH-D C:\Users\Flávio\AppData\Local\EmieSiteList O43 - CFD: 24/04/2014 - 00:17:23 - [] -SH-D C:\Users\Flávio\AppData\Local\EmieUserList O43 - CFD: 02/03/2014 - 20:38:58 - [] ----D C:\Users\Flávio\AppData\Local\Evernote O43 - CFD: 23/10/2014 - 12:01:01 - [] ----D C:\Users\Flávio\AppData\Local\Facebook O43 - CFD: 25/03/2014 - 15:01:49 - [] ----D C:\Users\Flávio\AppData\Local\GAS Tecnologia O43 - CFD: 17/11/2013 - 18:12:14 - [] ----D C:\Users\Flávio\AppData\Local\Google O43 - CFD: 31/07/2013 - 12:28:17 - [] -SH-D C:\Users\Flávio\AppData\Local\Histórico O43 - CFD: 05/01/2015 - 12:09:40 - [] ----D C:\Users\Flávio\AppData\Local\JDownloader v2.0 O43 - CFD: 09/10/2013 - 10:42:37 - [] ----D C:\Users\Flávio\AppData\Local\Macromedia O43 - CFD: 30/04/2015 - 15:10:03 - [] ----D C:\Users\Flávio\AppData\Local\Microsoft O43 - CFD: 13/04/2014 - 15:04:26 - [] ----D C:\Users\Flávio\AppData\Local\Microsoft Help O43 - CFD: 23/09/2013 - 11:19:57 - [] ----D C:\Users\Flávio\AppData\Local\Mozilla O43 - CFD: 22/03/2015 - 18:29:39 - [] ----D C:\Users\Flávio\AppData\Local\Popcorn-Time O43 - CFD: 03/08/2013 - 14:49:48 - [] ----D C:\Users\Flávio\AppData\Local\Programs O43 - CFD: 05/03/2014 - 13:49:25 - [] ----D C:\Users\Flávio\AppData\Local\Skype O43 - CFD: 28/05/2015 - 17:06:22 - [] ----D C:\Users\Flávio\AppData\Local\SoftThinks O43 - CFD: 28/05/2015 - 17:09:22 - [] ----D C:\Users\Flávio\AppData\Local\Temp O43 - CFD: 31/07/2013 - 12:28:17 - [] -SH-D C:\Users\Flávio\AppData\Local\Temporary Internet Files O43 - CFD: 15/05/2015 - 10:45:22 - [] ----D C:\Users\Flávio\AppData\Local\VirtualStore O43 - CFD: 21/12/2014 - 17:23:02 - [] ----D C:\Users\Flávio\AppData\Local\Windows Live O43 - CFD: 11/07/2014 - 08:34:04 - [] ----D C:\Users\Flávio\AppData\Local\Xenocode O43 - CFD: 14/07/2009 - 01:54:32 - [] R---D C:\Users\Flávio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories O43 - CFD: 12/03/2015 - 10:53:20 - [] R---D C:\Users\Flávio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools O43 - CFD: 28/05/2015 - 17:06:14 - [] R---D C:\Users\Flávio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices O43 - CFD: 06/08/2013 - 13:16:39 - [] ----D C:\Users\Flávio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dell O43 - CFD: 30/10/2013 - 10:48:17 - [] ----D C:\Users\Flávio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Freemake O43 - CFD: 15/05/2015 - 10:54:47 - [] ----D C:\Users\Flávio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HiJackThis O43 - CFD: 01/08/2013 - 14:45:34 - [] ----D C:\Users\Flávio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\JDownloader O43 - CFD: 14/07/2009 - 01:49:38 - [] R---D C:\Users\Flávio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance O43 - CFD: 11/03/2014 - 17:29:09 - [] ----D C:\Users\Flávio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Programas RFB2014 O43 - CFD: 15/03/2015 - 16:41:34 - [] ----D C:\Users\Flávio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Programas RFB2015 O43 - CFD: 28/05/2015 - 13:42:46 - [] R---D C:\Users\Flávio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup O43 - CFD: 14/08/2013 - 22:49:25 - [] ----D C:\Users\Flávio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\URUSoft O43 - CFD: 07/04/2014 - 21:09:30 - [] ----D C:\Users\Flávio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR ~ Program Folder: 248 Scanned in 00mn 01s ---\\ Últimos ficheiros alterados ou criados no Windows e Sistema32 (044) O44 - LFC:[MD5.7E21D3072EB20D5400919D435D549A9B] - 13/05/2015 - 22:31:01 ---A- . (.Microsoft Corporation - Shim Engine DLL.) -- C:\WINDOWS\System32\shimeng.dll [6656] O44 - LFC:[MD5.31D260ADAF1CCFEFC49DB9FBCE9986DA] - 13/05/2015 - 22:31:02 ---A- . (.Microsoft Corporation - Biblioteca de cliente de compatibilidade de.) -- C:\WINDOWS\System32\apphelp.dll [342016] O44 - LFC:[MD5.F55F287810AAF708618793764AF7D1BB] - 13/05/2015 - 22:31:02 ---A- . (.Microsoft Corporation - Instalador de banco de dados de compatibili.) -- C:\WINDOWS\System32\sdbinst.exe [23552] O44 - LFC:[MD5.83BFCCAC53795E8A5055A93672D0C46C] - 13/05/2015 - 22:31:02 ---A- . (.Microsoft Corporation - Serviço de Experiência com Aplicativo.) -- C:\WINDOWS\System32\aelupsvc.dll [72192] O44 - LFC:[MD5.C7E50B04623FC6FF54EAF88938A8936E] - 13/05/2015 - 22:31:48 ---A- . (.Microsoft Corporation - Executor de Fila de Operações Primitivas.) -- C:\WINDOWS\System32\poqexec.exe [142336] O44 - LFC:[MD5.E5404072A5A9E0B452ADDF1D1339176C] - 13/05/2015 - 22:31:55 ---A- . (.Microsoft Corporation - Extensão Shell dos Dispositivos Portáteis.) -- C:\WINDOWS\System32\wpdshext.dll [2543104] O44 - LFC:[MD5.2B36E0C5C262437E1B098344DEFA55F8] - 13/05/2015 - 22:31:58 ---A- . (.Microsoft Corporation - Microsoft Tablet PC InkEdit Control.) -- C:\WINDOWS\System32\InkEd.dll [275456] O44 - LFC:[MD5.D858C33B133740D5F1F1CF71C33F6355] - 13/05/2015 - 22:32:20 ---A- . (.Microsoft Corporation - Driver Win32 multiusuário.) -- C:\WINDOWS\System32\win32k.sys [3204608] O44 - LFC:[MD5.490505F6E53EF046EC70A353BC9CD615] - 13/05/2015 - 22:32:21 ---A- . (.Microsoft Corporation - Serviços de Tipografia de DirectX da Micros.) -- C:\WINDOWS\System32\DWrite.dll [1647104] O44 - LFC:[MD5.E612E86FA15EA1EF9A52433A2743C447] - 13/05/2015 - 22:32:22 ---A- . (.Microsoft Corporation - Serviço de Cache de Fontes do Windows.) -- C:\WINDOWS\System32\FntCache.dll [1179136] O44 - LFC:[MD5.90DC7B112F946B412C9CDC6F459F4053] - 13/05/2015 - 22:32:52 ---A- . (.Microsoft Corporation - Nomes de auditoria dos objetos do sistema.) -- C:\WINDOWS\System32\msobjs.dll [60416] O44 - LFC:[MD5.7A448B8CED7F7348C36159D5CC8E19ED] - 13/05/2015 - 22:32:55 ---A- . (.Microsoft Corporation - DLL de eventos de auditoria de segurança.) -- C:\WINDOWS\System32\msaudite.dll [146432] O44 - LFC:[MD5.AF278DB00C43E925E58C8CA2C0CF4C71] - 13/05/2015 - 22:32:58 ---A- . (.Microsoft Corporation - DLL do Esquema de auditoria de segurança.) -- C:\WINDOWS\System32\adtschema.dll [686080] O44 - LFC:[MD5.90293AAC2AB0908BFF98ADB89CEBC931] - 13/05/2015 - 22:33:11 ---A- . (.Microsoft Corporation - ApiSet Schema DLL.) -- C:\WINDOWS\System32\apisetschema.dll [6656] O44 - LFC:[MD5.19F08DF0A6599D0259D1B224CC5F9ED5] - 13/05/2015 - 22:33:12 --HA- . (.Microsoft Corporation - ApiSet Stub DLL.) -- C:\WINDOWS\System32\api-ms-win-core-console-l1-1-0.dll [3072] O44 - LFC:[MD5.360FBA71F144CE416B2AE7D5553C87AD] - 13/05/2015 - 22:33:13 --HA- . (.Microsoft Corporation - ApiSet Stub DLL.) -- C:\WINDOWS\System32\api-ms-win-core-localization-l1-1-0.dll [4096] O44 - LFC:[MD5.FCA971E5C584A3828A020FF4B2BEFCCE] - 13/05/2015 - 22:33:21 --HA- . (.Microsoft Corporation - ApiSet Stub DLL.) -- C:\WINDOWS\System32\api-ms-win-core-datetime-l1-1-0.dll [3072] O44 - LFC:[MD5.1A7D6385E3F99544327E984830676EF4] - 13/05/2015 - 22:33:21 --HA- . (.Microsoft Corporation - ApiSet Stub DLL.) -- C:\WINDOWS\System32\api-ms-win-core-debug-l1-1-0.dll [3072] O44 - LFC:[MD5.B3A3B2782C1CA5EDFBD380E34AEFB797] - 13/05/2015 - 22:33:21 --HA- . (.Microsoft Corporation - ApiSet Stub DLL.) -- C:\WINDOWS\System32\api-ms-win-core-delayload-l1-1-0.dll [3072] O44 - LFC:[MD5.A5E6D69385BCA6A787434E2FE062986D] - 13/05/2015 - 22:33:21 --HA- . (.Microsoft Corporation - ApiSet Stub DLL.) -- C:\WINDOWS\System32\api-ms-win-core-errorhandling-l1-1-0.dll [3072] O44 - LFC:[MD5.643631684239D63818F30957E8667187] - 13/05/2015 - 22:33:22 --HA- . (.Microsoft Corporation - ApiSet Stub DLL.) -- C:\WINDOWS\System32\api-ms-win-core-fibers-l1-1-0.dll [3072] O44 - LFC:[MD5.5E7FDE8D591E1E184E39A04201403453] - 13/05/2015 - 22:33:22 --HA- . (.Microsoft Corporation - ApiSet Stub DLL.) -- C:\WINDOWS\System32\api-ms-win-core-handle-l1-1-0.dll [3072] O44 - LFC:[MD5.824D1D40174B687108841C9AEE9CF6C8] - 13/05/2015 - 22:33:22 --HA- . (.Microsoft Corporation - ApiSet Stub DLL.) -- C:\WINDOWS\System32\api-ms-win-core-interlocked-l1-1-0.dll [3072] O44 - LFC:[MD5.2FAAFF164E3183477868C4743DD015E3] - 13/05/2015 - 22:33:23 --HA- . (.Microsoft Corporation - ApiSet Stub DLL.) -- C:\WINDOWS\System32\api-ms-win-core-io-l1-1-0.dll [3072] O44 - LFC:[MD5.306C1665A1FA72292827BC62C5068E28] - 13/05/2015 - 22:33:23 --HA- . (.Microsoft Corporation - ApiSet Stub DLL.) -- C:\WINDOWS\System32\api-ms-win-core-libraryloader-l1-1-0.dll [3584] O44 - LFC:[MD5.FD18F6B70748ED7F3004ECA7CB91CE82] - 13/05/2015 - 22:33:25 --HA- . (.Microsoft Corporation - ApiSet Stub DLL.) -- C:\WINDOWS\System32\api-ms-win-core-processenvironment-l1-1-0.dll [3584] O44 - LFC:[MD5.B206F476A21445BDC7C6365070CC33BC] - 13/05/2015 - 22:33:26 --HA- . (.Microsoft Corporation - ApiSet Stub DLL.) -- C:\WINDOWS\System32\api-ms-win-core-file-l1-1-0.dll [5120] O44 - LFC:[MD5.0B558439CCB936A97C78A0CAF9AAB856] - 13/05/2015 - 22:33:26 --HA- . (.Microsoft Corporation - ApiSet Stub DLL.) -- C:\WINDOWS\System32\api-ms-win-core-heap-l1-1-0.dll [3584] O44 - LFC:[MD5.975CA905CF10C14D1C2EB29026DD6E60] - 13/05/2015 - 22:33:26 --HA- . (.Microsoft Corporation - ApiSet Stub DLL.) -- C:\WINDOWS\System32\api-ms-win-core-localregistry-l1-1-0.dll [4096] O44 - LFC:[MD5.67B03204F468B24702787D9AD90089DB] - 13/05/2015 - 22:33:26 --HA- . (.Microsoft Corporation - ApiSet Stub DLL.) -- C:\WINDOWS\System32\api-ms-win-core-memory-l1-1-0.dll [3584] O44 - LFC:[MD5.1FCED4EA7CB62E69D4BBC476384D996D] - 13/05/2015 - 22:33:26 --HA- . (.Microsoft Corporation - ApiSet Stub DLL.) -- C:\WINDOWS\System32\api-ms-win-core-misc-l1-1-0.dll [3584] O44 - LFC:[MD5.E0FF0290115192214F5DC73C2DDACD76] - 13/05/2015 - 22:33:26 --HA- . (.Microsoft Corporation - ApiSet Stub DLL.) -- C:\WINDOWS\System32\api-ms-win-core-namedpipe-l1-1-0.dll [3584] O44 - LFC:[MD5.5FF2586D38C0B50C16976633D2064B4C] - 13/05/2015 - 22:33:26 --HA- . (.Microsoft Corporation - ApiSet Stub DLL.) -- C:\WINDOWS\System32\api-ms-win-core-processthreads-l1-1-0.dll [4608] O44 - LFC:[MD5.2ED9BDA64C82A1FE9614E5CABC98104A] - 13/05/2015 - 22:33:26 --HA- . (.Microsoft Corporation - ApiSet Stub DLL.) -- C:\WINDOWS\System32\api-ms-win-core-profile-l1-1-0.dll [3072] O44 - LFC:[MD5.E229C592341A73F3AB579F503582FEDD] - 13/05/2015 - 22:33:26 --HA- . (.Microsoft Corporation - ApiSet Stub DLL.) -- C:\WINDOWS\System32\api-ms-win-core-rtlsupport-l1-1-0.dll [3584] O44 - LFC:[MD5.8486D0DAC57FC6D20697C5C93B688EF1] - 13/05/2015 - 22:33:26 --HA- . (.Microsoft Corporation - ApiSet Stub DLL.) -- C:\WINDOWS\System32\api-ms-win-core-string-l1-1-0.dll [3072] O44 - LFC:[MD5.21A9F0F2D42258826A78CEA98EDC4641] - 13/05/2015 - 22:33:26 --HA- . (.Microsoft Corporation - ApiSet Stub DLL.) -- C:\WINDOWS\System32\api-ms-win-core-util-l1-1-0.dll [3072] O44 - LFC:[MD5.C7BDEFDC1B82292D9457CB8E5E4FDF5E] - 13/05/2015 - 22:33:26 --HA- . (.Microsoft Corporation - ApiSet Stub DLL.) -- C:\WINDOWS\System32\api-ms-win-core-xstate-l1-1-0.dll [3072] O44 - LFC:[MD5.306215737213CD3839250D3FE142C221] - 13/05/2015 - 22:33:26 --HA- . (.Microsoft Corporation - ApiSet Stub DLL.) -- C:\WINDOWS\System32\api-ms-win-security-base-l1-1-0.dll [6144] O44 - LFC:[MD5.81AA6F9E338EB279DFA5082BCD4F6AC5] - 13/05/2015 - 22:33:28 --HA- . (.Microsoft Corporation - ApiSet Stub DLL.) -- C:\WINDOWS\System32\api-ms-win-core-synch-l1-1-0.dll [4096] O44 - LFC:[MD5.A788BD5D470BE3DB47D8C9EE382B3FEE] - 13/05/2015 - 22:33:28 --HA- . (.Microsoft Corporation - ApiSet Stub DLL.) -- C:\WINDOWS\System32\api-ms-win-core-sysinfo-l1-1-0.dll [4096] O44 - LFC:[MD5.D205305FB0E352A9D4CF922D6A016BF4] - 13/05/2015 - 22:33:29 ---A- . (.Microsoft Corporation - AMD64 Wow64 CPU.) -- C:\WINDOWS\System32\wow64cpu.dll [13312] O44 - LFC:[MD5.50EBA6640805F6D5EF4A0DCEF2D180AB] - 13/05/2015 - 22:33:29 ---A- . (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\WINDOWS\System32\credssp.dll [22016] O44 - LFC:[MD5.ADC2D7B5BFF277E5A9FACE6A21A24ABC] - 13/05/2015 - 22:33:29 ---A- . (.Microsoft Corporation - LSA SSPI RPC interface DLL.) -- C:\WINDOWS\System32\sspisrv.dll [29184] O44 - LFC:[MD5.B3238F9DFCB93035033A4EEE21153C1C] - 13/05/2015 - 22:33:29 --HA- . (.Microsoft Corporation - ApiSet Stub DLL.) -- C:\WINDOWS\System32\api-ms-win-core-threadpool-l1-1-0.dll [4608] O44 - LFC:[MD5.E1B0C7042BA7B8903D60DF3885F2DFE7] - 13/05/2015 - 22:33:30 ---A- . (.Microsoft Corporation - Emulação de 16 bits em NT64.) -- C:\WINDOWS\System32\ntvdm64.dll [16384] O44 - LFC:[MD5.8C711AF30BE3991050D0D011D92CFBE0] - 13/05/2015 - 22:33:30 ---A- . (.Microsoft Corporation - Microsoft® Windows System Restore Client Li.) -- C:\WINDOWS\System32\srclient.dll [50176] O44 - LFC:[MD5.0D9BDBE780DD81757AC5AF87E8B1EBEC] - 13/05/2015 - 22:33:30 ---A- . (.Microsoft Corporation - Security Support Provider Interface.) -- C:\WINDOWS\System32\secur32.dll [28160] O44 - LFC:[MD5.D2602AC48B38FA10956E32D18E7143B0] - 13/05/2015 - 22:33:30 ---A- . (.Microsoft Corporation - Wow64 Console and Win32 API Logging.) -- C:\WINDOWS\System32\wow64win.dll [362496] O44 - LFC:[MD5.BB7BAF9532DBA5AB4009E981687D1EA6] - 13/05/2015 - 22:33:31 ---A- . (.Microsoft Corporation - Utilitário de configuração de desempenho de.) -- C:\WINDOWS\System32\diskperf.exe [19456] O44 - LFC:[MD5.9262D6E2C239EDD6D87B080F2BCCEC9F] - 13/05/2015 - 22:33:33 ---A- . (.Microsoft Corporation - Local Security Authority Process.) -- C:\WINDOWS\System32\lsass.exe [31232] O44 - LFC:[MD5.A3DCC3D8BB57E31EA07949313CC3A3CF] - 13/05/2015 - 22:33:33 ---A- . (.Microsoft Corporation - Processo do tempo de Execução do Servidor d.) -- C:\WINDOWS\System32\csrsrv.dll [43520] O44 - LFC:[MD5.4DD0098FFAB4664DB979537C48AE055F] - 13/05/2015 - 22:33:33 ---A- . (.Microsoft Corporation - Programa de Diretiva de Auditoria.) -- C:\WINDOWS\System32\auditpol.exe [64000] O44 - LFC:[MD5.CD3770C78AFFC223A3B9D38F27B7A309] - 13/05/2015 - 22:33:34 ---A- . (.Microsoft Corporation - Biblioteca criptográfica do Windows.) -- C:\WINDOWS\System32\ncrypt.dll [309760] O44 - LFC:[MD5.FE60A67032A5C94F6ACE483C8FE84105] - 13/05/2015 - 22:33:34 ---A- . (.Microsoft Corporation - Desempenho do sistema da linha de comando.) -- C:\WINDOWS\System32\typeperf.exe [47104] O44 - LFC:[MD5.79F036EB691ABBA84E8EB1715E5F2B17] - 13/05/2015 - 22:33:34 ---A- . (.Microsoft Corporation - Informações de novo log de desempenho.) -- C:\WINDOWS\System32\relog.exe [43008] O44 - LFC:[MD5.2292CD8500725B94B7D2E3C0C84F2D19] - 13/05/2015 - 22:33:34 ---A- . (.Microsoft Corporation - Microsoft Digest Access.) -- C:\WINDOWS\System32\wdigest.dll [210944] O44 - LFC:[MD5.40C5EA47D4AEC96249B09BF0C076A60C] - 13/05/2015 - 22:33:34 ---A- . (.Microsoft Corporation - Security Support Provider Interface.) -- C:\WINDOWS\System32\sspicli.dll [136192] O44 - LFC:[MD5.ACE24D86D2714FCC1639F890DF54951B] - 13/05/2015 - 22:33:34 ---A- . (.Microsoft Corporation - Web Service Security Package.) -- C:\WINDOWS\System32\TSpkg.dll [86528] O44 - LFC:[MD5.DA5EF2CC0764BE7097BAFA9CAF903FE8] - 13/05/2015 - 22:33:35 ---A- . (.Microsoft Corporation - Gerenciador de Sessão do Windows.) -- C:\WINDOWS\System32\smss.exe [112640] O44 - LFC:[MD5.CCAB9BE9C9100C5F54A5A8F355730841] - 13/05/2015 - 22:33:36 ---A- . (.Microsoft Corporation - Pacote de Segurança Kerberos.) -- C:\WINDOWS\System32\kerberos.dll [728064] O44 - LFC:[MD5.52935C072F8D5A92508AA3A3CC9133C7] - 13/05/2015 - 22:33:36 ---A- . (.Microsoft Corporation - Restauração do Sistema do Microsoft® Window.) -- C:\WINDOWS\System32\rstrui.exe [296960] O44 - LFC:[MD5.E55A72876BC5E244D0A8F7F07862A939] - 13/05/2015 - 22:33:37 ---A- . (.Microsoft Corporation - Host da Janela do Console.) -- C:\WINDOWS\System32\conhost.exe [338432] O44 - LFC:[MD5.0CD609B1143961F5C3BA691729A6A5DA] - 13/05/2015 - 22:33:38 ---A- . (.Microsoft Corporation - Biblioteca Principal de Restauração de Sist.) -- C:\WINDOWS\System32\srcore.dll [503808] O44 - LFC:[MD5.D17DD01601460F5899E5C154B3FD0BFA] - 13/05/2015 - 22:33:38 ---A- . (.Microsoft Corporation - DLL do Windows Server para multiusuários.) -- C:\WINDOWS\System32\winsrv.dll [215040] O44 - LFC:[MD5.52146DBFE253B83FAB1980AA704C7974] - 13/05/2015 - 22:33:38 ---A- . (.Microsoft Corporation - Host for SCM/SDDL/LSA Lookup APIs.) -- C:\WINDOWS\System32\sechost.dll [113664] O44 - LFC:[MD5.9C5DBA74D0C641C2A4ABDC79969B7BEF] - 13/05/2015 - 22:33:38 ---A- . (.Microsoft Corporation - Informações de log de desempenho.) -- C:\WINDOWS\System32\logman.exe [104448] O44 - LFC:[MD5.F7DFAE6040AC910B7C64EE208A34157D] - 13/05/2015 - 22:33:38 ---A- . (.Microsoft Corporation - Kernel Security Support Provider Interface.) -- C:\WINDOWS\System32\Drivers\ksecdd.sys [95680] O44 - LFC:[MD5.8FE94F2EF9BF444E93E35D87E210D02F] - 13/05/2015 - 22:33:38 ---A- . (.Microsoft Corporation - Kernel Security Support Provider Interface.) -- C:\WINDOWS\System32\Drivers\ksecpkg.sys [155584] O44 - LFC:[MD5.FDF1E0FD74DED0034BA6FFB665E0641E] - 13/05/2015 - 22:33:39 ---A- . (.Microsoft Corporation - DLL cliente da API BASE do Windows NT.) -- C:\WINDOWS\System32\KernelBase.dll [424448] O44 - LFC:[MD5.EE27E1D639E3807229C15AF94320CF0A] - 13/05/2015 - 22:33:39 ---A- . (.Microsoft Corporation - Ferramenta de relatórios de rastreamento de.) -- C:\WINDOWS\System32\tracerpt.exe [404992] O44 - LFC:[MD5.A0BCD6A64281492EFAE02AC144A335F1] - 13/05/2015 - 22:33:39 ---A- . (.Microsoft Corporation - Win32 Emulation on NT64.) -- C:\WINDOWS\System32\wow64.dll [243712] O44 - LFC:[MD5.DA8B541825991F6699790E617FF0FF60] - 13/05/2015 - 22:33:41 ---A- . (.Microsoft Corporation - DLL do servidor LSA.) -- C:\WINDOWS\System32\lsasrv.dll [1461760] O44 - LFC:[MD5.408A8232E84515E4AA819E0C95E65257] - 13/05/2015 - 22:33:42 ---A- . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\WINDOWS\System32\msv1_0.dll [314880] O44 - LFC:[MD5.1C9F2F4A2C603739BD8CC8C64310AFD7] - 13/05/2015 - 22:33:43 ---A- . (.Microsoft Corporation - DLL cliente da API BASE do Windows NT.) -- C:\WINDOWS\System32\kernel32.dll [1162752] O44 - LFC:[MD5.B01B21E15671ACD3F0AD131DC4CABFC7] - 13/05/2015 - 22:33:44 ---A- . (.Microsoft Corporation - API de base do Windows 32 avançada.) -- C:\WINDOWS\System32\advapi32.dll [879104] O44 - LFC:[MD5.10D39E74B0D5011A8C199B9646579C3F] - 13/05/2015 - 22:33:44 ---A- . (.Microsoft Corporation - Biblioteca de Auxiliar de Rastreamento de E.) -- C:\WINDOWS\System32\tdh.dll [879104] O44 - LFC:[MD5.8453010B6512DAEAFC61CC0836FA137E] - 13/05/2015 - 22:33:46 ---A- . (.Microsoft Corporation - DLL de nível do NT.) -- C:\WINDOWS\System32\ntdll.dll [1728960] O44 - LFC:[MD5.A985325F4FE72FB003749A2FBBA9952E] - 13/05/2015 - 22:33:46 ---A- . (.Microsoft Corporation - NT Kernel & System.) -- C:\WINDOWS\System32\ntoskrnl.exe [5569984] O44 - LFC:[MD5.D449C36379EBEFD3CCDAEC328002BB5B] - 13/05/2015 - 22:33:47 ---A- . (.Microsoft Corporation - Microsoft Windows Diagnostics Tracking.) -- C:\WINDOWS\System32\UtcResources.dll [36864] O44 - LFC:[MD5.EA8A3E8C674B03CB4AFA1D344DBD7BC1] - 13/05/2015 - 22:33:47 ---A- . (.Microsoft Corporation - Microsoft Windows Diagnostics Tracking.) -- C:\WINDOWS\System32\diagtrack.dll [1254400] O44 - LFC:[MD5.71C85477DF9347FE8E7BC55768473FCA] - 13/05/2015 - 22:33:57 ---A- . (.Microsoft Corporation - Aplicativo de serviços e controle.) -- C:\WINDOWS\System32\services.exe [328704] O44 - LFC:[MD5.F2A1718334172C0F4E231E998F6CB8AB] - 13/05/2015 - 22:34:01 ---A- . (.Microsoft Corporation - Classificação da Internet e DLL de gerencia.) -- C:\WINDOWS\System32\msrating.dll [199680] O44 - LFC:[MD5.C31D57F7A58FACDA2671075CEBA75199] - 13/05/2015 - 22:34:01 ---A- . (.Microsoft Corporation - Visualizador de HTML da Microsoft ®.) -- C:\WINDOWS\System32\mshtml.dll [24971776] O44 - LFC:[MD5.5A18ACE782C215300BE1C82D9EDC565B] - 13/05/2015 - 22:34:02 ---A- . (.Microsoft Corporation - DAC for Trident DOM.) -- C:\WINDOWS\System32\MshtmlDac.dll [88064] O44 - LFC:[MD5.C1D6BD834E69E8F77C8B4DDFCEE073F6] - 13/05/2015 - 22:34:03 ---A- . (.Microsoft Corporation - Conversor de HTML da Microsoft.) -- C:\WINDOWS\System32\html.iec [417792] O44 - LFC:[MD5.F0289B3A341429117696F0279DA977B6] - 13/05/2015 - 22:34:03 ---A- . (.Microsoft Corporation - Internet Extensions para Win32.) -- C:\WINDOWS\System32\wininet.dll [2352128] O44 - LFC:[MD5.FFC30231459FC44FD73E07532C707791] - 13/05/2015 - 22:34:04 ---A- . (.Microsoft Corporation - Microsoft ® HTML Media DLL.) -- C:\WINDOWS\System32\mshtmlmedia.dll [1359360] O44 - LFC:[MD5.DC1200D3C3AC1E69A4DAD053BC26BF0D] - 13/05/2015 - 22:34:04 ---A- . (.Microsoft Corporation - Microsoft ® JScript Diagnostics.) -- C:\WINDOWS\System32\jscript9diag.dll [814080] O44 - LFC:[MD5.63061A0826839DE8F5B4713976C99F1B] - 13/05/2015 - 22:34:04 ---A- . (.Microsoft Corporation - Microsoft ® JScript.) -- C:\WINDOWS\System32\jscript.dll [816640] O44 - LFC:[MD5.79A4C71CD8B610DE9F66B72B5654C450] - 13/05/2015 - 22:34:04 ---A- . (.Microsoft Corporation - Microsoft ® JScript.) -- C:\WINDOWS\System32\jscript9.dll [6025728] O44 - LFC:[MD5.1921A72BF1273BED72E569EF1F1A0611] - 13/05/2015 - 22:34:04 ---A- . (.Microsoft Corporation - Microsoft® HTML Editing Component.) -- C:\WINDOWS\System32\mshtmled.dll [92160] O44 - LFC:[MD5.1D610F215769E4FF56C7B1847DE4B86D] - 13/05/2015 - 22:34:05 ---A- . (.Microsoft Corporation - Mecanismo da Interface do Usuário do Intern.) -- C:\WINDOWS\System32\ieui.dll [633856] O44 - LFC:[MD5.E061B5A1D0F9BBACA41149201ADF4A3B] - 13/05/2015 - 22:34:05 ---A- . (.Microsoft Corporation - Navegador da Internet.) -- C:\WINDOWS\System32\ieframe.dll [14401536] O44 - LFC:[MD5.0B4E78E6E65D1FD2CE55C93CF1EFD623] - 13/05/2015 - 22:34:07 ---A- . (.Microsoft Corporation - JScript Proxy Auto-Configuration.) -- C:\WINDOWS\System32\jsproxy.dll [54784] O44 - LFC:[MD5.29BBA65402DD568F49C837533F269482] - 13/05/2015 - 22:34:07 ---A- . (.Microsoft Corporation - Utilitário de Instalação Autônoma do IE 7.0.) -- C:\WINDOWS\System32\ieUnatt.exe [144384] O44 - LFC:[MD5.B85ECB91C88F6E74045061B7F7DDEFA2] - 13/05/2015 - 22:34:09 ---A- . (.Microsoft Corporation - Microsoft ® VBScript.) -- C:\WINDOWS\System32\vbscript.dll [584192] O44 - LFC:[MD5.F918BE3C5ACA0B6485D725CC1A5348DC] - 13/05/2015 - 22:34:09 ---A- . (.Microsoft Corporation - Painel de Controle da Internet.) -- C:\WINDOWS\System32\inetcpl.cpl [2125824] O44 - LFC:[MD5.843D063E75B19188759CBEC82828BCB1] - 13/05/2015 - 22:34:09 ---A- . (.Microsoft Corporation - Run time utility for Internet Explorer.) -- C:\WINDOWS\System32\iertutil.dll [2885120] O44 - LFC:[MD5.F28577138120BA7E5423820D4B4C4727] - 13/05/2015 - 22:34:10 ---A- . (.Microsoft Corporation - Mapa de versão IOD.) -- C:\WINDOWS\System32\iesetup.dll [66560] O44 - LFC:[MD5.49B1935F131A44CD29857D6900CB643F] - 13/05/2015 - 22:34:10 ---A- . (.Microsoft Corporation - Microsoft SmartScreen Filter.) -- C:\WINDOWS\System32\ieapfltr.dll [800768] O44 - LFC:[MD5.E20B5098C8707B2CF0858024568234FF] - 13/05/2015 - 22:34:11 ---A- . (.Microsoft Corporation - Microsoft Feeds Manager.) -- C:\WINDOWS\System32\msfeeds.dll [801280] O44 - LFC:[MD5.2A2CDE78F9E9019AD0E4D804A02688A3] - 13/05/2015 - 22:34:11 ---A- . (.Microsoft Corporation - Microsoft Spell Checking Facility.) -- C:\WINDOWS\System32\MsSpellCheckingFacility.exe [968704] O44 - LFC:[MD5.ED4EB5A0CDD251A17B946C515CB94D70] - 13/05/2015 - 22:34:12 ---A- . (.Microsoft Corporation - Extensões OLE32 para Win32.) -- C:\WINDOWS\System32\urlmon.dll [1547264] O44 - LFC:[MD5.010F562B961AB8CAEC7A0C72F8FDD690] - 13/05/2015 - 22:34:12 ---A- . (.Microsoft Corporation - IE ETW Collector Service Resources.) -- C:\WINDOWS\System32\ieetwcollectorres.dll [4096] O44 - LFC:[MD5.D7B9EEF960F68DC18724BB5F89A464DD] - 13/05/2015 - 22:34:13 ---A- . (.Microsoft Corporation - Identidade visual IEAK.) -- C:\WINDOWS\System32\iedkcs32.dll [389840] O44 - LFC:[MD5.6D2787CD32595A91969502A399E7BA48] - 13/05/2015 - 22:34:14 ---A- . (.Microsoft Corporation - JavaScript Performance Collection Agent.) -- C:\WINDOWS\System32\JavaScriptCollectionAgent.dll [77824] O44 - LFC:[MD5.1122DD841CCB7E07EF41039CBD66A29E] - 13/05/2015 - 22:34:15 ---A- . (.Microsoft Corporation - Processamento de RunOnce estendido com inte.) -- C:\WINDOWS\System32\iernonce.dll [34304] O44 - LFC:[MD5.5EDC6AF7589B65C89CB1154B3377D0C4] - 13/05/2015 - 22:34:15 ---A- . (.Microsoft Corporation - Utilitário de Inicialização por Usuário do.) -- C:\WINDOWS\System32\ie4uinit.exe [720384] O44 - LFC:[MD5.70EDB996FE1BCB699232A15CB0D0FA32] - 13/05/2015 - 22:34:16 ---A- . (.Microsoft Corporation - Microsoft® MSHTML Typelib.) -- C:\WINDOWS\System32\mshtml.tlb [2724864] O44 - LFC:[MD5.E802824B9B4A16355A5233A7B8215ECE] - 13/05/2015 - 22:34:17 ---A- . (.Microsoft Corporation - IE ETW Collector Proxy Stub Resources.) -- C:\WINDOWS\System32\ieetwproxystub.dll [48640] O44 - LFC:[MD5.9DCD15027A13195ABA68B40A5EB26691] - 13/05/2015 - 22:34:17 ---A- . (.Microsoft Corporation - IE ETW Collector Service.) -- C:\WINDOWS\System32\ieetwcollector.exe [114688] O44 - LFC:[MD5.ED4B980701D081AC42F7B121C1E42149] - 13/05/2015 - 22:34:56 ---A- . (.Microsoft Corporation - Cliente dos Serviços de Certificados do Act.) -- C:\WINDOWS\System32\certcli.dll [460800] O44 - LFC:[MD5.8AD8D17425C75D2621B2CDFE0DEABD21] - 13/05/2015 - 22:34:58 ---A- . (.Microsoft Corporation - TLS / SSL Security Provider.) -- C:\WINDOWS\System32\schannel.dll [342016] O44 - LFC:[MD5.189FB45D7442083AE8A2E4E612233EF7] - 14/05/2015 - 14:26:14 ---A- . (.Microsoft Corporation - WinFX OpenType/CFF Rasterizer.) -- C:\WINDOWS\System32\PresentationCFFRasterizerNative_v0300.dll [124112] O44 - LFC:[MD5.65D9D98DBFF574BA9B68F76F0BB1630E] - 14/05/2015 - 14:31:14 ---A- . (.Microsoft Corporation - Ferramentas de Remoção de Software Mal-Inte.) -- C:\WINDOWS\System32\MRT.exe [140425016] O44 - LFC:[MD5.9FFBB8A29E2DCC69A6DC5B034C7C7654] - 14/05/2015 - 14:41:20 ---A- . (...) -- C:\WINDOWS\epplauncher.mif [2155] O44 - LFC:[MD5.D32D375CE7DDF4F7EA8F77CDEE1327F2] - 14/05/2015 - 21:36:36 ---A- . (...) -- C:\WINDOWS\System32\FNTCACHE.DAT [424624] O44 - LFC:[MD5.CA2A8AF1DBAD0F31F9B33A2827DFBC16] - 16/05/2015 - 16:58:04 ---A- . (...) -- C:\WINDOWS\tweaking.com-regbackup-FLÁVIO-PC-Windows-7-Home-Basic-(64-bit).dat [207] O44 - LFC:[MD5.CC7AA7B42CF418FC3D926913490048F8] - 17/05/2015 - 00:20:01 ---A- . (...) -- C:\WINDOWS\zoek-delete.exe [24064] O44 - LFC:[MD5.9DF700E831E39B6098D32E7245BF040A] - 17/05/2015 - 00:41:55 ---A- . (...) -- C:\zoek-results.log [30361] O44 - LFC:[MD5.1E9E32AEC3E1EB1B31B8169F33168B56] - 20/05/2015 - 10:01:02 ---A- . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\WINDOWS\System32\Drivers\mbam.sys [25816] O44 - LFC:[MD5.54D70409DE6932E9EFA117779611E7A9] - 20/05/2015 - 10:01:02 ---A- . (.Malwarebytes Corporation - Malwarebytes Chameleon Protection Driver.) -- C:\WINDOWS\System32\Drivers\mbamchameleon.sys [107736] O44 - LFC:[MD5.F49FB3C88E263AE9A246593B0BB29294] - 20/05/2015 - 10:01:02 ---A- . (.Malwarebytes Corporation - Malwarebytes Web Access Control.) -- C:\WINDOWS\System32\Drivers\mwac.sys [63704] O44 - LFC:[MD5.E9CD058C79EA15B4AA93E259FA713B07] - 20/05/2015 - 13:02:03 ---A- . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\WINDOWS\System32\Drivers\MBAMSwissArmy.sys [136408] O44 - LFC:[MD5.B056647D6E153BCF7E1B58FFCB8E1E57] - 27/05/2015 - 13:48:25 ---A- . (...) -- C:\WINDOWS\System32\PerfStringBackup.INI [1635826] O44 - LFC:[MD5.98DC171CAA3FA2EB44750941EAA6873B] - 27/05/2015 - 13:48:25 ---A- . (...) -- C:\WINDOWS\System32\perfc009.dat [122336] O44 - LFC:[MD5.7A645CABC670218097CE130D25FEF78D] - 27/05/2015 - 13:48:25 ---A- . (...) -- C:\WINDOWS\System32\perfh009.dat [654464] O44 - LFC:[MD5.E7ACE4AE868997F330B8A26685B37D6F] - 27/05/2015 - 13:48:25 ---A- . (...) -- C:\WINDOWS\System32\prfc0416.dat [147848] O44 - LFC:[MD5.595B268A3D72BB250F6B0837D1DC510D] - 27/05/2015 - 13:48:25 ---A- . (...) -- C:\WINDOWS\System32\prfh0416.dat [706008] O44 - LFC:[MD5.2374AA0F944A269E3AFA80DEF61A5D30] - 27/05/2015 - 23:15:50 ---A- . (...) -- C:\PhysicalDisk0_MBR.bin [512] O44 - LFC:[MD5.730FAB20D3A4993C0EDFA132C42CB221] - 28/05/2015 - 16:35:49 ---A- . (...) -- C:\WINDOWS\PFRO.log [848] O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 28/05/2015 - 16:36:01 ---A- . (...) -- C:\WINDOWS\setuperr.log [0] O44 - LFC:[MD5.C689D1F09A5D5AAD73B06FC6AB233508] - 28/05/2015 - 17:05:35 -S-A- . (...) -- C:\WINDOWS\bootstat.dat [67584] O44 - LFC:[MD5.AC849B99E032F4017BB1CE37934DD4AF] - 28/05/2015 - 17:05:39 ---A- . (...) -- C:\WINDOWS\setupact.log [112] O44 - LFC:[MD5.3888D6CD8A7A11E6F3CAD1DBADD2428F] - 28/05/2015 - 17:09:37 ---A- . (...) -- C:\WINDOWS\WindowsUpdate.log [1181645] ~ Files: 138 Scanned in 00mn 17s ---\\ Operações e funções ao arranque do Windows Explorer (046) O46 - SEH:ShellExecuteHooks - Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~1\MICROS~4\Office14\GROOVEEX.DLL ~ ShellExecuteHooks: Scanned in 00mn 00s ---\\ Negação do serviço (Local Security Authority) (048) O48 - LSA:Local Security Authority Authentication Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\WINDOWS\System32\msv1_0.dll O48 - LSA:Local Security Authority Notification Packages . (.Microsoft Corporation - Mecanismo cliente do 'Editor de configuração de segurança Windows'.) -- C:\WINDOWS\System32\scecli.dll O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Pacote de Segurança Kerberos.) -- C:\WINDOWS\System32\kerberos.dll O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\WINDOWS\System32\msv1_0.dll O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - TLS / SSL Security Provider.) -- C:\WINDOWS\System32\schannel.dll O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Digest Access.) -- C:\WINDOWS\System32\wdigest.dll O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Web Service Security Package.) -- C:\WINDOWS\System32\tspkg.dll O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Pku2u Security Package.) -- C:\WINDOWS\System32\pku2u.dll O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corp. - LiveSSP.) -- C:\WINDOWS\System32\livessp.dll ~ LSA: 9 Scanned in 00mn 00s ---\\ Controlo do Modo de Segurança (CSB) (49) O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sermouse.sys . (.Microsoft Corporation - Driver de porta de mouse serial.) -- C:\WINDOWS\System32\Drivers\sermouse.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\WINDOWS\System32\Drivers\vga.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vgasave.sys . (...) -- C:\WINDOWS\System32\Drivers\vgasave.sys (.not file.) O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\WINDOWS\System32\Drivers\volmgr.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgrx.sys . (.Microsoft Corporation - Driver de Extensão do Gerenciador de Volumes.) -- C:\WINDOWS\System32\Drivers\volmgrx.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\Wdf01000.sys . (.Microsoft Corporation - Tempo de Execução da Estrutura de Driver em Modo Kernel.) -- C:\WINDOWS\System32\Drivers\Wdf01000.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ipnat.sys . (.Microsoft Corporation - IP Network Address Translator.) -- C:\WINDOWS\System32\Drivers\ipnat.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\nsiproxy.sys . (.Microsoft Corporation - NSI Proxy.) -- C:\WINDOWS\System32\Drivers\nsiproxy.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpencdd.sys . (.Microsoft Corporation - RDP Encoder Miniport.) -- C:\WINDOWS\System32\Drivers\rdpencdd.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sermouse.sys . (.Microsoft Corporation - Driver de porta de mouse serial.) -- C:\WINDOWS\System32\Drivers\sermouse.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\WINDOWS\System32\Drivers\vga.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vgasave.sys . (...) -- C:\WINDOWS\System32\Drivers\vgasave.sys (.not file.) O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\WINDOWS\System32\Drivers\volmgr.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgrx.sys . (.Microsoft Corporation - Driver de Extensão do Gerenciador de Volumes.) -- C:\WINDOWS\System32\Drivers\volmgrx.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\Wdf01000.sys . (.Microsoft Corporation - Tempo de Execução da Estrutura de Driver em Modo Kernel.) -- C:\WINDOWS\System32\Drivers\Wdf01000.sys ~ CSB: 15 Scanned in 00mn 00s ---\\ Chave do registo Shell MountPoints2 (MPSK) (O51) O51 - MPSK:{4ce291ee-22c7-11e3-9f5e-9439e520b668}\AutoRun\command. (...) -- E:\MotorolaDeviceManagerSetup.exe (.not file.) O51 - MPSK:{929cfdb0-7a28-11e4-9731-9439e520b668}\AutoRun\command. (...) -- F:\Startme.exe (.not file.) ~ Keys: Scanned in 00mn 00s ---\\ Pesquisa de infeções nos drivers (HKLM)(TDSD) (O52) O52 - TDSD: \Drivers32\"msacm.l3acm"="C:\Windows\System32\l3codeca.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm O52 - TDSD: \drivers.desc\"C:\Windows\System32\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm ~ TDSD: 2 Scanned in 00mn 00s ---\\ Enumeração das chaves do registo StartupReg (SMSR) (O53) O53 - SMSR:HKLM\...\startupreg\Adobe ARM [Key] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe =>.Adobe Systems Incorporated O53 - SMSR:HKLM\...\startupreg\Apoint [Key] . (.Alps Electric Co., Ltd. - Alps Pointing-device Driver.) -- C:\Program Files\DellTPad\Apoint.exe O53 - SMSR:HKLM\...\startupreg\CCleaner Monitoring [Key] . (.Piriform Ltd - CCleaner.) -- C:\Program Files\CCleaner\CCleaner64.exe =>.Piriform Ltd O53 - SMSR:HKLM\...\startupreg\Diebold - Warsaw [Key] . (.GAS Tecnologia LTDA - GAS Tecnologia - Core.) -- C:\Program Files\Diebold\Warsaw\core.exe O53 - SMSR:HKLM\...\startupreg\HotKeysCmds [Key] . (.Intel Corporation - hkcmd Module.) -- C:\Windows\system32\hkcmd.exe O53 - SMSR:HKLM\...\startupreg\IgfxTray [Key] . (.Intel Corporation - igfxTray Module.) -- C:\Windows\system32\igfxtray.exe O53 - SMSR:HKLM\...\startupreg\MSC [Key] . (.Microsoft Corporation - Microsoft Security Client User Interface.) -- c:\Program Files\Microsoft Security Client\msseces.exe O53 - SMSR:HKLM\...\startupreg\Persistence [Key] . (.Intel Corporation - persistence Module.) -- C:\Windows\system32\igfxpers.exe O53 - SMSR:HKLM\...\startupreg\SysTrayApp [Key] . (.IDT, Inc. - IDT PC Audio TPE.) -- C:\Program Files\IDT\WDM\sttray64.exe ~ SMSR Keys: 10 Scanned in 00mn 00s ---\\ Enumeração das chaves do registo SecurityProviders (MCSP) (O54) O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\WINDOWS\System32\credssp.dll O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\WINDOWS\System32\credssp.dll ~ MSCP: 2 Scanned in 00mn 00s ---\\ Enumeração das chaves do registo PoliciesSystem (MWPS) (O55) O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorAdmin"=5 O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorUser"=3 O55 - MWPS:[HKLM\...\Policies\System] - "EnableInstallerDetection"=1 O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=1 O55 - MWPS:[HKLM\...\Policies\System] - "EnableSecureUIAPaths"=1 O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0 O55 - MWPS:[HKLM\...\Policies\System] - "EnableVirtualization"=1 O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=1 O55 - MWPS:[HKLM\...\Policies\System] - "ValidateAdminCodeSignatures"=0 O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0 O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"=0 O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"=0 O55 - MWPS:[HKLM\...\Policies\System] - "scforceoption"=0 O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1 O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1 O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0 O55 - MWPS:[HKCU\...\Policies\System] - "DisableRegistryTools"=0 O55 - MWPS:[HKCU\...\Policies\System] - "DisableTaskMgr"=0 ~ MWPS: 18 Scanned in 00mn 00s ---\\ Enumeração das chaves do registo PoliciesExplorer (MWPE) (O56) O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktop"=1 O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktopChanges"=1 O56 - MWPE:[HKLM\...\policies\Explorer] - "ForceActiveDesktopOn"=0 ~ MWPE Keys: 3 Scanned in 00mn 00s ---\\ Lista dos drivers do sistema (SDL) (O58) O58 - SDL:13/07/2009 - 22:52:21 ---A- . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) -- C:\WINDOWS\System32\Drivers\adp94xx.sys [491088] O58 - SDL:13/07/2009 - 22:52:21 ---A- . (.Adaptec, Inc. - Adaptec Windows SATA Storport Driver.) -- C:\WINDOWS\System32\Drivers\adpahci.sys [339536] O58 - SDL:13/07/2009 - 22:52:21 ---A- . (.Adaptec, Inc. - Adaptec StorPort Ultra320 SCSI Driver (X64).) -- C:\WINDOWS\System32\Drivers\adpu320.sys [182864] O58 - SDL:13/07/2009 - 22:52:21 ---A- . (.Acer Laboratories Inc. - ALi mini IDE Driver.) -- C:\WINDOWS\System32\Drivers\aliide.sys [15440] O58 - SDL:23/09/2011 - 05:38:15 ---A- . (.Advanced Micro Devices - AHCI 1.2 Device Driver.) -- C:\WINDOWS\System32\Drivers\amdsata.sys [107904] O58 - SDL:13/07/2009 - 22:52:20 ---A- . (.AMD Technologies Inc. - AMD Technology AHCI Compatible Controller Driver for Windows -.) -- C:\WINDOWS\System32\Drivers\amdsbs.sys [194128] O58 - SDL:23/09/2011 - 05:38:15 ---A- . (.Advanced Micro Devices - Storage Filter Driver.) -- C:\WINDOWS\System32\Drivers\amdxata.sys [27008] O58 - SDL:19/09/2012 - 11:16:20 ---A- . (.Alps Electric Co., Ltd. - Alps Touch Pad Driver.) -- C:\WINDOWS\System32\Drivers\Apfiltr.sys [447864] O58 - SDL:13/07/2009 - 22:52:21 ---A- . (.Adaptec, Inc. - Adaptec RAID Storport Driver.) -- C:\WINDOWS\System32\Drivers\arc.sys [87632] O58 - SDL:13/07/2009 - 22:52:21 ---A- . (.Adaptec, Inc. - Adaptec SAS RAID WS03 Driver.) -- C:\WINDOWS\System32\Drivers\arcsas.sys [97856] O58 - SDL:12/07/2011 - 11:22:50 ---A- . (.Atheros Communications, Inc. - Atheros Extensible Wireless LAN device driver.) -- C:\WINDOWS\System32\Drivers\athrx.sys [2727424] O58 - SDL:10/06/2009 - 17:34:23 ---A- . (.Broadcom Corporation - Broadcom NetXtreme Gigabit Ethernet NDIS6.x Unified Driver..) -- C:\WINDOWS\System32\Drivers\b57nd60a.sys [270848] O58 - SDL:10/06/2009 - 17:41:06 ---A- . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver.) -- C:\WINDOWS\System32\Drivers\BrFiltLo.sys [18432] O58 - SDL:10/06/2009 - 17:41:06 ---A- . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver.) -- C:\WINDOWS\System32\Drivers\BrFiltUp.sys [8704] O58 - SDL:13/07/2009 - 22:19:07 ---A- . (.Brother Industries Ltd. - Brother Serial I/F Driver (WDM).) -- C:\WINDOWS\System32\Drivers\BrSerId.sys [286720] O58 - SDL:10/06/2009 - 17:41:10 ---A- . (.Brother Industries Ltd. - Brother Serial driver (WDM version).) -- C:\WINDOWS\System32\Drivers\BrSerWdm.sys [47104] O58 - SDL:10/06/2009 - 17:41:10 ---A- . (.Brother Industries Ltd. - Brother USB MDM Driver.) -- C:\WINDOWS\System32\Drivers\BrUsbMdm.sys [14976] O58 - SDL:10/06/2009 - 17:41:10 ---A- . (.Brother Industries Ltd. - Brother USB Serial Driver.) -- C:\WINDOWS\System32\Drivers\BrUsbSer.sys [14720] O58 - SDL:20/05/2011 - 11:15:32 ---A- . (.Atheros - Atheros A2DP driver.) -- C:\WINDOWS\System32\Drivers\btath_a2dp.sys [298656] O58 - SDL:20/05/2011 - 11:15:34 ---A- . (.Atheros - Atheros BUS driver.) -- C:\WINDOWS\System32\Drivers\btath_bus.sys [29344] O58 - SDL:20/05/2011 - 11:15:34 ---A- . (.Atheros - Atheros FILTER driver.) -- C:\WINDOWS\System32\Drivers\btath_flt.sys [36000] O58 - SDL:20/05/2011 - 11:15:34 ---A- . (.Atheros - Atheros HCRP driver.) -- C:\WINDOWS\System32\Drivers\btath_hcrp.sys [201376] O58 - SDL:20/05/2011 - 11:15:34 ---A- . (.Atheros - Atheros FILTER driver.) -- C:\WINDOWS\System32\Drivers\btath_lwflt.sys [55456] O58 - SDL:20/05/2011 - 11:15:34 ---A- . (.Atheros - Atheros AVRCP driver.) -- C:\WINDOWS\System32\Drivers\btath_rcp.sys [154272] O58 - SDL:20/05/2011 - 11:15:34 ---A- . (.Atheros - BtFilter Driver.) -- C:\WINDOWS\System32\Drivers\btfilter.sys [282272] O58 - SDL:10/06/2009 - 17:34:28 ---A- . (.Broadcom Corporation - Broadcom NetXtreme II GigE VBD.) -- C:\WINDOWS\System32\Drivers\bxvbda.sys [468480] O58 - SDL:20/10/2009 - 03:00:00 ---A- . (.Sonic Solutions - CDR4 64-bit CD and DVD Place Holder Driver (see PxHelp).) -- C:\WINDOWS\System32\Drivers\cdr4_xp.sys [10224] O58 - SDL:20/10/2009 - 03:00:00 ---A- . (.Sonic Solutions - CDRAL 64-bit Place Holder Driver (see PxHelp).) -- C:\WINDOWS\System32\Drivers\cdralw2k.sys [10224] O58 - SDL:13/07/2009 - 22:52:31 ---A- . (.CMD Technology, Inc. - CMD PCI IDE Bus Driver.) -- C:\WINDOWS\System32\Drivers\cmdide.sys [17488] O58 - SDL:28/05/2009 - 10:49:00 ---A- . (.Creative Technology Ltd. - Advanced Audio FX Driver (64-bit).) -- C:\WINDOWS\System32\Drivers\CtAudDrv.sys [224768] O58 - SDL:16/06/2011 - 14:40:20 ---A- . (.Creative Technology Ltd. - Video Class Upper Filter Driver (64-bit).) -- C:\WINDOWS\System32\Drivers\CtClsFlt.sys [176000] O58 - SDL:13/07/2009 - 22:47:48 ---A- . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\WINDOWS\System32\Drivers\elxstor.sys [530496] O58 - SDL:10/06/2009 - 17:34:33 ---A- . (.Broadcom Corporation - Broadcom NetXtreme II 10 GigE VBD.) -- C:\WINDOWS\System32\Drivers\evbda.sys [3286016] O58 - SDL:22/07/2010 - 17:13:28 ---A- . (.FSPro Labs - FSPro File System Filter.) -- C:\WINDOWS\System32\Drivers\FSPFltd.sys [54848] O58 - SDL:02/12/2014 - 11:22:06 ---A- . (.Sony Mobile Communications - SOMC USB Flash Driver Filter.) -- C:\WINDOWS\System32\Drivers\ggflt.sys [16088] O58 - SDL:02/12/2014 - 11:22:06 ---A- . (.Sony Mobile Communications - SOMC USB Flash Driver.) -- C:\WINDOWS\System32\Drivers\ggsomc.sys [30424] O58 - SDL:10/06/2009 - 17:31:59 ---A- . (.Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for eHome.) -- C:\WINDOWS\System32\Drivers\hcw85cir.sys [31232] O58 - SDL:19/10/2010 - 21:34:26 ---A- . (.Intel Corporation - Intel® Management Engine Interface.) -- C:\WINDOWS\System32\Drivers\HECIx64.sys [56344] O58 - SDL:21/11/2010 - 00:23:47 ---A- . (.Hewlett-Packard Company - Smart Array SAS/SATA Controller Media Driver.) -- C:\WINDOWS\System32\Drivers\HpSAMD.sys [78720] O58 - SDL:12/01/2011 - 21:51:44 ---A- . (.Intel Corporation - Intel Rapid Storage Technology driver - x64.) -- C:\WINDOWS\System32\Drivers\iaStor.sys [439320] O58 - SDL:23/09/2011 - 05:38:15 ---A- . (.Intel Corporation - Intel Matrix Storage Manager driver - x64.) -- C:\WINDOWS\System32\Drivers\iaStorV.sys [410496] O58 - SDL:15/11/2012 - 02:03:46 ---A- . (.Intel Corporation - Intel Graphics Kernel Mode Driver.) -- C:\WINDOWS\System32\Drivers\igdkmd64.sys [9000256] O58 - SDL:13/07/2009 - 22:48:04 ---A- . (.Intel Corp./ICP vortex GmbH - Intel/ICP Raid Storport Driver.) -- C:\WINDOWS\System32\Drivers\iirsp.sys [44112] O58 - SDL:26/02/2010 - 20:32:12 ---A- . (.Intel Corporation - Intel® Turbo Boost Technology Driver.) -- C:\WINDOWS\System32\Drivers\Impcd.sys [158976] O58 - SDL:19/06/2012 - 22:40:52 ---A- . (.Intel® Corporation - Intel® Display Audio Driver.) -- C:\WINDOWS\System32\Drivers\IntcDAud.sys [342528] O58 - SDL:13/07/2009 - 22:48:04 ---A- . (.LSI Corporation - LSI Fusion-MPT FC Driver (StorPort).) -- C:\WINDOWS\System32\Drivers\lsi_fc.sys [114752] O58 - SDL:13/07/2009 - 22:48:04 ---A- . (.LSI Corporation - LSI Fusion-MPT SAS Driver (StorPort).) -- C:\WINDOWS\System32\Drivers\lsi_sas.sys [106560] O58 - SDL:13/07/2009 - 22:48:04 ---A- . (.LSI Corporation - LSI SAS Gen2 Driver (StorPort).) -- C:\WINDOWS\System32\Drivers\lsi_sas2.sys [65600] O58 - SDL:13/07/2009 - 22:48:04 ---A- . (.LSI Corporation - LSI Fusion-MPT SCSI Driver (StorPort).) -- C:\WINDOWS\System32\Drivers\lsi_scsi.sys [115776] O58 - SDL:14/04/2015 - 09:37:42 ---A- . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\WINDOWS\System32\Drivers\mbam.sys [25816] O58 - SDL:14/04/2015 - 09:37:46 ---A- . (.Malwarebytes Corporation - Malwarebytes Chameleon Protection Driver.) -- C:\WINDOWS\System32\Drivers\mbamchameleon.sys [107736] O58 - SDL:20/05/2015 - 13:02:03 ---A- . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\WINDOWS\System32\Drivers\MBAMSwissArmy.sys [136408] O58 - SDL:13/07/2009 - 22:48:04 ---A- . (.LSI Corporation - MEGASAS RAID Controller Driver for Windows 7\Server 2008 R2 for.) -- C:\WINDOWS\System32\Drivers\megasas.sys [35392] O58 - SDL:13/07/2009 - 22:48:04 ---A- . (.LSI Corporation, Inc. - LSI MegaRAID Software RAID Driver.) -- C:\WINDOWS\System32\Drivers\MegaSR.sys [284736] O58 - SDL:19/03/2013 - 17:25:28 ---A- . (.Motorola Mobility Inc - Motorola USB Composite Device Driver.) -- C:\WINDOWS\System32\Drivers\motccgp.sys [23552] O58 - SDL:20/03/2013 - 09:51:14 ---A- . (.Motorola Inc - Motorola Unsafe Removal Filter Driver.) -- C:\WINDOWS\System32\Drivers\motfilt.sys [6144] O58 - SDL:19/03/2013 - 17:25:46 ---A- . (.Motorola Mobility Inc - Motorola USB Networking Driver.) -- C:\WINDOWS\System32\Drivers\Motousbnet.sys [27648] O58 - SDL:08/06/2012 - 16:08:54 ---A- . (.Motorola - No Comment.) -- C:\WINDOWS\System32\Drivers\motswch.sys [8832] O58 - SDL:20/03/2013 - 09:49:34 ---A- . (.Motorola Inc - Motorola USB Device Driver (SVC).) -- C:\WINDOWS\System32\Drivers\motusbdevice.sys [12288] O58 - SDL:14/04/2015 - 09:37:56 ---A- . (.Malwarebytes Corporation - Malwarebytes Web Access Control.) -- C:\WINDOWS\System32\Drivers\mwac.sys [63704] O58 - SDL:13/07/2009 - 22:48:26 ---A- . (.IBM Corporation - IBM ServeRAID Controller Driver.) -- C:\WINDOWS\System32\Drivers\nfrd960.sys [51264] O58 - SDL:23/09/2011 - 05:38:15 ---A- . (.NVIDIA Corporation - NVIDIA® nForce RAID Driver.) -- C:\WINDOWS\System32\Drivers\nvraid.sys [148352] O58 - SDL:23/09/2011 - 05:38:15 ---A- . (.NVIDIA Corporation - NVIDIA® nForce Sata Performance Driver.) -- C:\WINDOWS\System32\Drivers\nvstor.sys [166272] O58 - SDL:19/03/2010 - 03:00:00 ---A- . (.Sonic Solutions - Px Engine Device Driver for 64-bit Windows.) -- C:\WINDOWS\System32\Drivers\PxHlpa64.sys [55856] O58 - SDL:13/07/2009 - 22:45:46 ---A- . (.QLogic Corporation - QLogic Fibre Channel Stor Miniport Driver.) -- C:\WINDOWS\System32\Drivers\ql2300.sys [1524816] O58 - SDL:13/07/2009 - 22:45:45 ---A- . (.QLogic Corporation - QLogic iSCSI Storport Miniport Driver.) -- C:\WINDOWS\System32\Drivers\ql40xx.sys [128592] O58 - SDL:10/06/2011 - 06:34:52 ---A- . (.Realtek - Realtek 8136/8168/8169 NDIS 6.20 64-bit Driver.) -- C:\WINDOWS\System32\Drivers\Rt64win7.sys [539240] O58 - SDL:29/10/2010 - 21:11:42 ---A- . (.Realtek Semiconductor Corp. - Realtek USB Mass Storage Driver for 2K/XP/Vista/Win7.) -- C:\WINDOWS\System32\Drivers\RtsUStor.sys [250984] O58 - SDL:10/06/2009 - 17:37:19 ---A- . (.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) -- C:\WINDOWS\System32\Drivers\secdrv.sys [23040] O58 - SDL:13/07/2009 - 22:45:45 ---A- . (.Silicon Integrated Systems Corp. - SiS RAID Stor Miniport Driver.) -- C:\WINDOWS\System32\Drivers\sisraid2.sys [43584] O58 - SDL:13/07/2009 - 22:45:46 ---A- . (.Silicon Integrated Systems - SiS AHCI Stor-Miniport Driver.) -- C:\WINDOWS\System32\Drivers\sisraid4.sys [80464] O58 - SDL:13/07/2009 - 22:45:55 ---A- . (.Promise Technology - Promise SuperTrak EX Series Driver for Windows.) -- C:\WINDOWS\System32\Drivers\stexstor.sys [24656] O58 - SDL:27/05/2011 - 16:06:16 ---A- . (.IDT, Inc. - IDT PC Audio TPE.) -- C:\WINDOWS\System32\Drivers\stwrt64.sys [528384] O58 - SDL:13/07/2009 - 22:45:55 ---A- . (.VIA Technologies, Inc. - VIA Generic PCI IDE Bus Driver.) -- C:\WINDOWS\System32\Drivers\viaide.sys [17488] O58 - SDL:13/07/2009 - 22:45:55 ---A- . (.VIA Technologies Inc.,Ltd - VIA RAID DRIVER FOR AMD-X86-64.) -- C:\WINDOWS\System32\Drivers\vsmraid.sys [161872] O58 - SDL:13/02/2015 - 15:47:24 ---A- . (.Basil's Projects - WinDivert network packet capture and (re)injection driver.) -- C:\WINDOWS\System32\WinDivert64.sys [37592] O58 - SDL:08/05/2013 - 09:52:48 ---A- . (.GAS Tecnologia - GbPlugin Device Driver.) -- C:\WINDOWS\SysWOW64\drivers\gbpkm.sys [49536] ~ Drivers: 77 Scanned in 00mn 02s ---\\ Últimos ficheiros alterados ou criados (Utilizador) (061) O61 - LFC: 22/05/2015 - 17:10:23 ---A- . (.Google Inc..) -- C:\Users\Flávio\AppData\Local\Google\Chrome\User Data\WidevineCDM\1.4.8.823\_platform_specific\win_x86\widevinecdmadapter.dll [189256] O61 - LFC: 22/05/2015 - 17:10:35 ---A- . (...) -- C:\Users\Flávio\AppData\Local\Microsoft\OneDrive\17.3.5860.0512\CollectOneDriveLogs.bat [5850] O61 - LFC: 22/05/2015 - 17:10:35 ---A- . (.Microsoft Corporation.) -- C:\Users\Flávio\AppData\Local\Microsoft\OneDrive\17.3.5860.0512\ETWlog.dll [28872] O61 - LFC: 22/05/2015 - 17:10:35 ---A- . (.Microsoft Corporation.) -- C:\Users\Flávio\AppData\Local\Microsoft\OneDrive\17.3.5860.0512\FileSync.LocalizedResources.dll [82632] O61 - LFC: 22/05/2015 - 17:10:35 ---A- . (.Microsoft Corporation.) -- C:\Users\Flávio\AppData\Local\Microsoft\OneDrive\17.3.5860.0512\FileSync.Resources.dll [2653896] O61 - LFC: 22/05/2015 - 17:10:35 ---A- . (.Microsoft Corporation.) -- C:\Users\Flávio\AppData\Local\Microsoft\OneDrive\17.3.5860.0512\FileSyncApi.dll [227008] O61 - LFC: 22/05/2015 - 17:10:35 ---A- . (.Microsoft Corporation.) -- C:\Users\Flávio\AppData\Local\Microsoft\OneDrive\17.3.5860.0512\FileSyncClient.dll [1949384] O61 - LFC: 22/05/2015 - 17:10:35 ---A- . (.Microsoft Corporation.) -- C:\Users\Flávio\AppData\Local\Microsoft\OneDrive\17.3.5860.0512\amd64\FileSyncApi64.dll [291016] O61 - LFC: 22/05/2015 - 17:10:35 ---A- . (.Microsoft Corporation.) -- C:\Users\Flávio\AppData\Local\Microsoft\OneDrive\17.3.5860.0512\amd64\FileSyncShell64.dll [1645256] O61 - LFC: 22/05/2015 - 17:10:35 ---A- . (.Microsoft Corporation.) -- C:\Users\Flávio\AppData\Local\Microsoft\OneDrive\17.3.5860.0512\amd64\LoggingPlatform64.dll [135880] O61 - LFC: 22/05/2015 - 17:10:35 ---A- . (.Microsoft Corporation.) -- C:\Users\Flávio\AppData\Local\Microsoft\OneDrive\17.3.5860.0512\amd64\msvcp110.dll [661448] O61 - LFC: 22/05/2015 - 17:10:35 ---A- . (.Microsoft Corporation.) -- C:\Users\Flávio\AppData\Local\Microsoft\OneDrive\17.3.5860.0512\amd64\msvcr110.dll [828872] O61 - LFC: 22/05/2015 - 17:10:36 ---A- . (.Microsoft Corporation.) -- C:\Users\Flávio\AppData\Local\Microsoft\OneDrive\17.3.5860.0512\FileSyncConfig.exe [149704] O61 - LFC: 22/05/2015 - 17:10:36 ---A- . (.Microsoft Corporation.) -- C:\Users\Flávio\AppData\Local\Microsoft\OneDrive\17.3.5860.0512\FileSyncSessions.dll [1359560] O61 - LFC: 22/05/2015 - 17:10:36 ---A- . (.Microsoft Corporation.) -- C:\Users\Flávio\AppData\Local\Microsoft\OneDrive\17.3.5860.0512\FileSyncShell.dll [1605832] O61 - LFC: 22/05/2015 - 17:10:36 ---A- . (.Microsoft Corporation.) -- C:\Users\Flávio\AppData\Local\Microsoft\OneDrive\17.3.5860.0512\LoggingPlatform.dll [110792] O61 - LFC: 22/05/2015 - 17:10:36 ---A- . (.Microsoft Corporation.) -- C:\Users\Flávio\AppData\Local\Microsoft\OneDrive\17.3.5860.0512\OneDriveSetup.exe [7676608] O61 - LFC: 22/05/2015 - 17:10:36 ---A- . (.Microsoft Corporation.) -- C:\Users\Flávio\AppData\Local\Microsoft\OneDrive\17.3.5860.0512\RemoteAccess.dll [765640] O61 - LFC: 22/05/2015 - 17:10:36 ---A- . (.Microsoft Corporation.) -- C:\Users\Flávio\AppData\Local\Microsoft\OneDrive\17.3.5860.0512\SqmWrapper.dll [39112] O61 - LFC: 22/05/2015 - 17:10:36 ---A- . (.Microsoft Corporation.) -- C:\Users\Flávio\AppData\Local\Microsoft\OneDrive\17.3.5860.0512\SyncEngine.dll [3187912] O61 - LFC: 22/05/2015 - 17:10:36 ---A- . (.Microsoft Corporation.) -- C:\Users\Flávio\AppData\Local\Microsoft\OneDrive\17.3.5860.0512\Telemetry.dll [317128] O61 - LFC: 22/05/2015 - 17:10:36 ---A- . (.Microsoft Corporation.) -- C:\Users\Flávio\AppData\Local\Microsoft\OneDrive\17.3.5860.0512\VideoStreamingPlugin.dll [414400] O61 - LFC: 22/05/2015 - 17:10:36 ---A- . (.Microsoft Corporation.) -- C:\Users\Flávio\AppData\Local\Microsoft\OneDrive\17.3.5860.0512\WnsClientApi.dll [393920] O61 - LFC: 22/05/2015 - 17:10:36 ---A- . (.Microsoft Corporation.) -- C:\Users\Flávio\AppData\Local\Microsoft\OneDrive\17.3.5860.0512\msvcp110.dll [534480] O61 - LFC: 22/05/2015 - 17:10:36 ---A- . (.Microsoft Corporation.) -- C:\Users\Flávio\AppData\Local\Microsoft\OneDrive\17.3.5860.0512\msvcr110.dll [862664] O61 - LFC: 22/05/2015 - 17:10:36 ---A- . (.Microsoft Corporation.) -- C:\Users\Flávio\AppData\Local\Microsoft\OneDrive\17.3.5860.0512\sqmapi.dll [196416] O61 - LFC: 22/05/2015 - 17:10:36 ---A- . (.Microsoft Corporation.) -- C:\Users\Flávio\AppData\Local\Microsoft\OneDrive\17.3.5860.0512\wlmfds.dll [427208] O61 - LFC: 22/05/2015 - 17:10:36 ---A- . (.Microsoft Corporation.) -- C:\Users\Flávio\AppData\Local\Microsoft\OneDrive\OneDrive.exe [382664] O61 - LFC: 22/05/2015 - 17:10:36 ---A- . (.Microsoft Corporation.) -- C:\Users\Flávio\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe [7676608] O61 - LFC: 28/05/2015 - 17:10:22 ---A- . (...) -- C:\Users\Flávio\AppData\Local\Google\Chrome\User Data\ev_hashes_whitelist.bin [1113849] O61 - LFC: 28/05/2015 - 17:10:39 ---A- . (...) -- C:\Users\Flávio\AppData\Local\Temp\_MEI26642\PyWinTypes27.dll [110080] O61 - LFC: 28/05/2015 - 17:10:39 ---A- . (...) -- C:\Users\Flávio\AppData\Local\Temp\_MEI26642\pythoncom27.dll [364544] O61 - LFC: 28/05/2015 - 17:10:39 ---A- . (.Microsoft Corporation.) -- C:\Users\Flávio\AppData\Local\Temp\_MEI26642\gdi32.dll [287744] O61 - LFC: 28/05/2015 - 17:10:39 ---A- . (.Microsoft Corporation.) -- C:\Users\Flávio\AppData\Local\Temp\_MEI26642\kernel32.dll [990208] O61 - LFC: 28/05/2015 - 17:10:39 ---A- . (.Microsoft Corporation.) -- C:\Users\Flávio\AppData\Local\Temp\_MEI26642\mfc90.dll [1156600] O61 - LFC: 28/05/2015 - 17:10:39 ---A- . (.Microsoft Corporation.) -- C:\Users\Flávio\AppData\Local\Temp\_MEI26642\mfc90u.dll [1162744] O61 - LFC: 28/05/2015 - 17:10:39 ---A- . (.Microsoft Corporation.) -- C:\Users\Flávio\AppData\Local\Temp\_MEI26642\mfcm90.dll [59904] O61 - LFC: 28/05/2015 - 17:10:39 ---A- . (.Microsoft Corporation.) -- C:\Users\Flávio\AppData\Local\Temp\_MEI26642\mfcm90u.dll [59904] O61 - LFC: 28/05/2015 - 17:10:39 ---A- . (.Microsoft Corporation.) -- C:\Users\Flávio\AppData\Local\Temp\_MEI26642\msvcp100.dll [421200] O61 - LFC: 28/05/2015 - 17:10:39 ---A- . (.Microsoft Corporation.) -- C:\Users\Flávio\AppData\Local\Temp\_MEI26642\msvcr100.dll [773968] O61 - LFC: 28/05/2015 - 17:10:39 ---A- . (.Microsoft Corporation.) -- C:\Users\Flávio\AppData\Local\Temp\_MEI26642\psapi.dll [23040] O61 - LFC: 28/05/2015 - 17:10:39 ---A- . (.Microsoft Corporation.) -- C:\Users\Flávio\AppData\Local\Temp\_MEI26642\shell32.dll [8462848] O61 - LFC: 28/05/2015 - 17:10:39 ---A- . (.Python Software Foundation.) -- C:\Users\Flávio\AppData\Local\Temp\_MEI26642\python27.dll [2449920] O61 - LFC: 28/05/2015 - 17:10:39 ---A- . (.wxWidgets development team.) -- C:\Users\Flávio\AppData\Local\Temp\_MEI26642\wxbase294u_net_vc90.dll [154112] O61 - LFC: 28/05/2015 - 17:10:39 ---A- . (.wxWidgets development team.) -- C:\Users\Flávio\AppData\Local\Temp\_MEI26642\wxbase294u_vc90.dll [1985024] O61 - LFC: 28/05/2015 - 17:10:39 ---A- . (.wxWidgets development team.) -- C:\Users\Flávio\AppData\Local\Temp\_MEI26642\wxmsw294u_adv_vc90.dll [1234944] O61 - LFC: 28/05/2015 - 17:10:39 ---A- . (.wxWidgets development team.) -- C:\Users\Flávio\AppData\Local\Temp\_MEI26642\wxmsw294u_core_vc90.dll [4598272] O61 - LFC: 28/05/2015 - 17:10:39 ---A- . (.wxWidgets development team.) -- C:\Users\Flávio\AppData\Local\Temp\_MEI26642\wxmsw294u_html_vc90.dll [595968] O61 - LFC: 28/05/2015 - 17:10:39 ---A- . (.wxWidgets development team.) -- C:\Users\Flávio\AppData\Local\Temp\_MEI26642\wxmsw294u_webview_vc90.dll [91648] ~ 340 Fichiers temporaires (Temporary files) ~ 2 Fichiers cookies (Cookies files) ~ Files: 49 Scanned in 00mn 49s ---\\ Lista das ferramentas de remoção de vírus (LAT) (063) O63 - Logiciel: ZHPDiag 2015 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =>.Nicolas Coolman O63 - Logiciel: HiJackThis - (.Trend Micro.) [HKLM] -- {45A66726-69BC-466B-A7A4-12FCBA4883D7} ~ ADS: Scanned in 00mn 00s ---\\ Lista dos serviços Legacy du registo (064) O64 - Services: CurCS - 14/04/2015 - C:\Windows\system32\drivers\mbam.sys (MBAMProtector) .(.Malwarebytes Corporation - Malwarebytes Anti-Malware.) - LEGACY_MBAMPROTECTOR O64 - Services: CurCS - 10/06/2009 - C:\WINDOWS\System32\Drivers\secdrv.sys (secdrv) .(.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) - LEGACY_SECDRV O64 - Services: CurCS - 31/10/2014 - C:\Program Files (x86)\GbPlugin\wsftprp64.sys (Warsaw_PP) .(.GAS Tecnologia LTDA - GAS Tecnologia - Driver (PP).) - LEGACY_WARSAW_PP O64 - Services: CurCS - 25/04/2015 - C:\Program Files\Diebold\Warsaw\WinDivert64.sys (WinDivert1.1) .(.Basil - WinDivert (web: http://reqrypt.org/windiver.) - LEGACY_WINDIVERT1.1 ~ Legacy: 78 Scanned in 00mn 00s ---\\ Associações Shell Spawning (O67) O67 - Shell Spawning: <.bat> <batfile>[HKLM\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.cpl> <cplfile>[HKLM\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\WINDOWS\System32\control.exe =>.Microsoft Corporation O67 - Shell Spawning: <.cmd> <cmdfile>[HKLM\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.com> <comfile>[HKLM\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.evt> <evtfile>[HKLM\..\open\Command] (.Microsoft Corporation - Iniciador do snap-in de 'Visualizar eventos'.) -- C:\WINDOWS\System32\eventvwr.exe O67 - Shell Spawning: <.exe> <exefile>[HKLM\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.html> <htmlfile>[HKLM\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe O67 - Shell Spawning: <.js> <JSFile>[HKLM\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\WScript.exe O67 - Shell Spawning: <.reg> <regfile>[HKLM\..\open\Command] (.Microsoft Corporation - Editor do Registro.) -- C:\WINDOWS\regedit.exe O67 - Shell Spawning: <.scr> <scrfile>[HKLM\..\open\Command] (...) -- "%1" /S O67 - Shell Spawning: <.html> <ChromeHTML>[HKCU\..\open\Command] (.Not Key.) ~ FASS Keys: 11 Scanned in 00mn 00s ---\\ Menu de inicialização Internet (068) O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe O68 - StartMenuInternet: <Google Chrome> <Google Chrome>[HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe ~ Keys: Scanned in 00mn 00s ---\\ Listagem dos ficheiros Crack & Keygen (CKF) (O82) C:\Users\Flávio\Desktop\Programas\Corel Draw X7\Corel Draw X7 [32-64]\CORELDRAW_GRAPHICS_SUITE_X7_WIN32-XFORCE\Crack\Keygen.exe =>.Crack,Keygen C:\Users\Flávio\Desktop\Programas\Corel Draw X7\Corel Draw X7 [32-64]\CORELDRAW_GRAPHICS_SUITE_X7_WIN64-XFORCE\Crack\Keygen.exe =>.Crack,Keygen ~ Files: Scanned in 01mn 15s ---\\ Listagem dos serviços iniciados pelo Svchost (SSS) (O83) O83 - Search Svchost Services: AeLookupSvc (AeLookupSvc) . (.Microsoft Corporation - Serviço de Experiência com Aplicativo.) -- C:\WINDOWS\System32\aelupsvc.dll [72192] O83 - Search Svchost Services: CertPropSvc (CertPropSvc) . (.Microsoft Corporation - Serviço de Propagação de Certificado de Cartão Inteligente da Microsof.) -- C:\WINDOWS\System32\certprop.dll [80384] O83 - Search Svchost Services: SCPolicySvc (SCPolicySvc) . (.Microsoft Corporation - Serviço de Propagação de Certificado de Cartão Inteligente da Microsof.) -- C:\WINDOWS\System32\certprop.dll [80384] O83 - Search Svchost Services: lanmanserver (lanmanserver) . (.Microsoft Corporation - DLL de Serviço do Servidor.) -- C:\WINDOWS\System32\srvsvc.dll [236032] O83 - Search Svchost Services: gpsvc (gpsvc) . (.Microsoft Corporation - Cliente da Diretiva de Grupo.) -- C:\WINDOWS\System32\gpsvc.dll [777728] O83 - Search Svchost Services: IKEEXT (IKEEXT) . (.Microsoft Corporation - Extensão IKE.) -- C:\WINDOWS\System32\ikeext.dll [859648] O83 - Search Svchost Services: AudioSrv (AudioSrv) . (.Microsoft Corporation - Serviço de Áudio do Windows.) -- C:\WINDOWS\System32\Audiosrv.dll [680960] O83 - Search Svchost Services: Rasauto (Rasauto) . (.Microsoft Corporation - Gerenciador de Discagem Automática de Acesso Remoto.) -- C:\WINDOWS\System32\rasauto.dll [99328] O83 - Search Svchost Services: Rasman (Rasman) . (.Microsoft Corporation - Gerenciador de conexão de acesso remoto.) -- C:\WINDOWS\System32\rasmans.dll [344064] O83 - Search Svchost Services: Remoteaccess (Remoteaccess) . (.Microsoft Corporation - Gerenciador de Interface Dinâmica.) -- C:\WINDOWS\System32\mprdim.dll [97792] O83 - Search Svchost Services: SENS (SENS) . (.Microsoft Corporation - Serviço de Notificação de Eventos do Sistema (SENS).) -- C:\WINDOWS\System32\sens.dll [64512] O83 - Search Svchost Services: Sharedaccess (Sharedaccess) . (.Microsoft Corporation - Componentes do Microsoft NAT Helper.) -- C:\WINDOWS\System32\ipnathlp.dll [359424] O83 - Search Svchost Services: Tapisrv (Tapisrv) . (.Microsoft Corporation - Servidor de telefonia do Microsoft® Windows.) -- C:\WINDOWS\System32\tapisrv.dll [316928] O83 - Search Svchost Services: TermService (TermService) . (.Microsoft Corporation - Gerenciador de Conexões Remotas do Servidor Host da Sessão da Área de.) -- C:\WINDOWS\System32\termsrv.dll [683520] O83 - Search Svchost Services: wuauserv (wuauserv) . (.Microsoft Corporation - Windows Update Agent.) -- C:\WINDOWS\System32\wuaueng.dll [2553856] O83 - Search Svchost Services: BITS (BITS) . (.Microsoft Corporation - Serviço de transferência inteligente de plano de fundo.) -- C:\WINDOWS\System32\qmgr.dll [849920] O83 - Search Svchost Services: ShellHWDetection (ShellHWDetection) . (.Microsoft Corporation - DLL de serviços do Shell do Windows.) -- C:\WINDOWS\System32\shsvcs.dll [370688] O83 - Search Svchost Services: iphlpsvc (iphlpsvc) . (.Microsoft Corporation - Serviço que oferece conectividade IPv6 em uma rede IPv4..) -- C:\WINDOWS\System32\iphlpsvc.dll [569344] O83 - Search Svchost Services: seclogon (seclogon) . (.Microsoft Corporation - DLL de serviço de logon secundário.) -- C:\WINDOWS\system32\seclogon.dll [30720] O83 - Search Svchost Services: AppInfo (AppInfo) . (.Microsoft Corporation - Serviço de Informações de Aplicativos.) -- C:\WINDOWS\System32\appinfo.dll [70144] O83 - Search Svchost Services: msiscsi (msiscsi) . (.Microsoft Corporation - Serviço de Descoberta iSCSI.) -- C:\WINDOWS\System32\iscsiexe.dll [156672] O83 - Search Svchost Services: MMCSS (MMCSS) . (.Microsoft Corporation - Serviço Agendador de Classes de Multimídia.) -- C:\WINDOWS\System32\mmcss.dll [67584] O83 - Search Svchost Services: winmgmt (winmgmt) . (.Microsoft Corporation - WMI.) -- C:\WINDOWS\System32\wbem\WMIsvc.dll [242688] O83 - Search Svchost Services: SessionEnv (SessionEnv) . (.Microsoft Corporation - Serviço de Configuração da Área de Trabalho Remota.) -- C:\WINDOWS\System32\sessenv.dll [121856] O83 - Search Svchost Services: browser (browser) . (.Microsoft Corporation - DLL de Serviço Pesquisador de Computadores.) -- C:\WINDOWS\System32\browser.dll [136704] O83 - Search Svchost Services: EapHost (EapHost) . (.Microsoft Corporation - Serviço Microsoft EAPHost.) -- C:\WINDOWS\System32\eapsvc.dll [111104] O83 - Search Svchost Services: schedule (schedule) . (.Microsoft Corporation - Serviço Agendador de Tarefas.) -- C:\WINDOWS\System32\schedsvc.dll [1110016] O83 - Search Svchost Services: hkmsvc (hkmsvc) . (.Microsoft Corporation - Serviço de Gerenciamento de Chaves.) -- C:\WINDOWS\System32\kmsvc.dll [90624] O83 - Search Svchost Services: wercplsupport (wercplsupport) . (.Microsoft Corporation - Relatórios de Problemas e Soluções.) -- C:\WINDOWS\System32\wercplsupport.dll [84480] O83 - Search Svchost Services: ProfSvc (ProfSvc) . (.Microsoft Corporation - ProfSvc.) -- C:\WINDOWS\System32\profsvc.dll [210432] O83 - Search Svchost Services: Themes (Themes) . (.Microsoft Corporation - DLL do Serviço de Tema do Shell do Windows.) -- C:\WINDOWS\System32\themeservice.dll [44544] O83 - Search Svchost Services: BDESVC (BDESVC) . (.Microsoft Corporation - Serviço BDE.) -- C:\WINDOWS\System32\bdesvc.dll [100864] ~ Services: 32 Scanned in 00mn 00s ---\\ Pesquisa adicional à raiz do sistema (radicular) (SPRF) (O84) [MD5.1E099A22590841D8E7B3C6C14659EA30] [sPRF][13/02/2015] (...) -- C:\Users\Flávio\AppData\Roaming\unins000.dat [17831] ~ Files: 1 Scanned in 00mn 00s ---\\ Estado general dos serviços não Microsoft (EGS) (SR=Executados, SS=Parados) SS - | Demand 15/04/2015 268464 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe SS - | Demand 15/11/2012 277048 | (cphs) . (.Intel Corporation.) - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe SS - | Auto 31/07/2013 116648 | (gupdate) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe SS - | Demand 31/07/2013 116648 | (gupdatem) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe SS - | Auto 14/04/2015 1080120 | (MBAMService) . (.Malwarebytes Corporation.) - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe SS - | Demand 04/05/2015 148080 | (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe SS - | Demand 25/11/2010 1116656 | (RoxMediaDB12OEM) . (.Sonic Solutions.) - C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe SS - | Auto 25/11/2010 219632 | (RoxWatch12) . (.Sonic Solutions.) - C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe SS - | Auto 18/02/2015 315488 | (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files (x86)\Skype\Updater\Updater.exe SS - | Demand 04/02/2013 155824 | (Sony PC Companion) . (.Avanquest Software.) - C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe SS - | Demand 08/11/2010 74392 | (stllssvr) . (.MicroVision Development, Inc..) - C:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe SS - | Demand 13/07/2009 27136 | C:\Program Files (x86)\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\WINDOWS\System32\svchost.exe SR - | Auto 19/12/2014 81088 | (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe SR - | Auto 03/03/2009 89600 | (AESTFilters) . (.Andrea Electronics Corporation.) - C:\Program Files\IDT\WDM\AESTSr64.exe SR - | Auto 20/05/2011 146592 | (Atheros Bt&Wlan Coex Agent) . (.Atheros.) - C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\Ath_CoexAgent.exe SR - | Auto 20/05/2011 80032 | (AtherosSvc) . (.Atheros Commnucations.) - C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\adminservice.exe SR - | Auto 08/03/2015 56648 | (chromoting) . (.Google Inc..) - C:\Program Files (x86)\Google\Chrome Remote Desktop\42.0.2311.39\remoting_host.exe SR - | Auto 13/01/2015 555320 | (GbpSv) . (.GAS Tecnologia.) - C:\Program Files (x86)\GbPlugin\gbpsv.exe SR - | Auto 31/07/2013 137528 | (Motorola Device Manager) . (.Motorola Mobility LLC.) - C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe SR - | Auto 30/04/2015 23816 | (MsMpSvc) . (.Microsoft Corporation.) - c:\Program Files\Microsoft Security Client\MsMpEng.exe SR - | Auto 30/04/2014 337776 | (PSI_SVC_2_x64) . (.arvato digital services llc.) - c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe SR - | Auto 02/09/2011 65657 | (PST Service) . (.Motorola.) - C:\Program Files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe SR - | Auto 03/08/2014 186760 | (ScsiAccess) . (...) - C:\Program Files (x86)\Photodex\ProShowProducer\ScsiAccess.exe SR - | Auto 08/07/2011 1692480 | (SftService) . (.SoftThinks SAS.) - C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.exe SR - | Auto 27/05/2011 301568 | (STacSV) . (.IDT, Inc..) - C:\Program Files\IDT\WDM\STacSV64.exe SR - | Auto 13/02/2015 847160 | (Warsaw Technology) . (.GAS Tecnologia LTDA.) - C:\Program Files\Diebold\Warsaw\core.exe SR - | Demand 22/07/1658 0 | (WMPNetworkSvc) . (...) - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe =>.Microsoft Corporation SR - | Auto 13/07/2009 27136 | C:\WINDOWS\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\WINDOWS\System32\svchost.exe ~ Services: Scanned in 00mn 10s ---\\ Pesquisa de infeção no Registo Mestre de Inicialização (MBR) (080) Run by Flávio at 28/05/2015 17:12:50 ~ OS 64 not supported by MBR tool ~ MBR: 0 Scanned in 00mn 00s ---\\ Pesquisa de infeção no Registo Mestre de Inicialização (MBRCheck) (080) Written by ad13, http://ad13.geekstog Run by Flávio at 28/05/2015 17:12:52 ********* Dump file Name ********* C:\PhysicalDisk0_MBR.bin ~ MBR: Scanned in 00mn 02s ---\\ Scâner Aditional (088) Database Version : 13008 - (25/05/2015) Clés trouvées (Keys found) : 0 Valeurs trouvées (Values found) : 0 Dossiers trouvés (Folders found) : 0 Fichiers trouvés (Files found) : 0 ~ Additionnel Scan: 345593 Items scanned in 00mn 16s ---\\ Informações complémentaires do módulos ~ http://nicolascoolman.fr/g2-google-chrome-extensions/ =>.Google Chrome, Arranque,Pesquisa,Extensões (G0,G1,G2) ~ http://nicolascoolman.fr/r5-internet-explorer-proxy-management-iepm/ =>.Internet Explorer, Gestão do Proxy (R5) ~ http://nicolascoolman.fr/o2-browser-helper-objects-de-navigateur/ =>.Browser Helper Objects do navegador (02) ~ http://nicolascoolman.fr/o4-applications-demarrees-par-le-registre/ =>.Aplicações iniciadas por registo & pastas (04) ~ http://nicolascoolman.fr/o51-mountpoints2-shell-key-mpsk/ =>.Chave do registo Shell MountPoints2 (MPSK) (O51) ~ AMI: 5 Scanned in 00mn 00s End of the scan (1492 lines in 04mn 04s)(2.6)
  11. Flávio Marquim

    [Resolvido] Notebook lento pra iniciar

    Boa tarde Seguindo o novo log. Espero resposta e obrigado. Flávio Marquim Rapport de ZHPFix 2015.4.9.5 par Nicolas Coolman, Update du 18/03/2015 Fichier d'export Registre : Run by Flávio at 28/05/2015 13:54:58 High Elevated Privileges : OK Windows 7 Home Basic Edition, 64-bit Service Pack 1 (Build 7601) Reciclagem vazia (00mn 03s) Reparação de atalhos do navegador ========== Chaves do Registo ========== ELIMINÉ: HKCU\Software\Baixaki ELIMINÉ: HKLM\Software\Wow6432Node\DragonBranch ELIMINÉ: SearchScopes :{012E1000-F331-11DB-8314-0800200C9A66} ELIMINÉ: SearchScopes :{0633EE93-D776-472f-A0FF-E1416B8B2E3A} ========== Pastas ========== ELIMINÉ: C:\Users\Flávio\AppData\Local\{5C10F885-6970-41E0-A58F-79D91EFD3F6B} ELIMINÉ: C:\Users\Flávio\AppData\Local\{CE2BDB96-DAC4-4F2B-A441-3EC1BADB1EEC} ELIMINÉ: C:\Users\Flávio\AppData\Local\{ED7EF2B9-2471-4758-9582-8BFB83554EC2} ========== Ficheiros ========== ELIMINA REINICIAR: c:\windows\system32\cmd.exe ELIMINÉ Temporários windows (345) (47.676.307 octets) ELIMINÉ Flash Cookies (0) (0 octets) ========== Restauração Sistema ========== Ponto de restauro do sistema criado com sucesso ========== Recapitulativo ========== 4 : Chaves do Registo 3 : Pastas 3 : Ficheiros 1 : Restauração Sistema End of clean in 00mn 16s ========== Caminho do ficheiro do relatório ========== C:\Users\Flávio\AppData\Roaming\ZHP\ZHPFix[R1].txt - 28/05/2015 13:55:02 [1297]
  12. Flávio Marquim

    [Resolvido] Notebook lento pra iniciar

    Boa noite. Segue o log e espero resposta. ~ Relatório do ZHPDiag v2015.5.25.52 - Nicolas Coolman (25/05/2015) ~ Iniciado por Flávio (27/05/2015 23:13:16) ~ Facebook : https://www.facebook.com/nicolascoolman1 ~ Endereço do Webforum : http://forum.nicolascoolman.fr ~ Tradução pelo utilizador ~ Estatuto da versão : Versão atualizada. ~ Lista Branca : Desativado pelo Utilizador ~ Elevação dos Privilégios : OK ~ Controle de Conta de Utilizador : Activate by user ---\\ Navegadores Internet MSIE: Internet Explorer v11.0.9600.17801 MFIE: Mozilla Firefox 37.0.2 GCIE: Google Chrome v43.0.2357.81 (Defaut) ---\\ Informações sobre os produtos Windows ~ Langage: Portugais Windows Server License Manager Script : OK Software Protection Service (Protection logicielle) : OK Windows Automatic Updates : OK Windows Activation Technologies : OK Windows 7 Home Basic, 64-bit Service Pack 1 (Build 7601) ---\\ Softwares de proteçao do sistema Malwarebytes Anti-Malware versão 2.1.6.1022 Microsoft Security Client v4.8.0204.0 Windows Defender W7 (Deactivate) ---\\ Softwares d'optimização do sistema CCleaner v4.04 ---\\ Softwares de partilha do PeerToPeer (P2P) ---\\ Monitoramento dos softwares Adobe Flash Player 17 NPAPI Adobe Reader X ---\\ Informações sobre o sistema ~ Processor: Intel64 Family 6 Model 42 Stepping 7, GenuineIntel ~ Operating System: 64 Bits Boot mode: Normal (Normal boot) Total RAM: 4004 MB (48% free) System Restore: Activé (Enable) System drive C: has 326 GB (71%) free of 452 GB ---\\ Modo de conexão ao sistema ~ Computer Name: FLÁVIO-PC ~ User Name: Flávio ~ All Users Names: Flávio, Convidado, Administrador, ~ Unselected Option: None Logged in as Administrator ---\\ As variáveis de ambiente ~ System Unit : C:\ ~ %AppZHP% : C:\Users\Flávio\AppData\Roaming\ZHP\ ~ %AppData% : C:\Users\Flávio\AppData\Roaming\ ~ %Desktop% : C:\Users\Flávio\Desktop\ ~ %Favorites% : C:\Users\Flávio\Favorites\ ~ %LocalAppData% : C:\Users\Flávio\AppData\Local\ ~ %StartMenu% : C:\Users\Flávio\AppData\Roaming\Microsoft\Windows\Start Menu\ ~ %Windir% : C:\WINDOWS\ ~ %System% : C:\WINDOWS\System32\ ---\\ Enumeração das unidades dos discos C: Hard drive, Flash drive, Thumb drive (Free 326 Go of 452 Go) D: CD-ROM drive (Not Inserted) ---\\ Estado do Centro de Segurança do Windows [HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] DisableTaskMgr: OK [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] DisableRegistryTools: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK [HKLM\SYSTEM\CurrentControlSet\Services\COMSysApp] Type: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime : OK ~ Security Center: 44 Scanned in 00mn 00s ---\\ Pesquisa particular de ficheiros genéricos [MD5.332FEAB1435662FC6C672E25BEB37BE3] - (.Microsoft Corporation - Windows Explorer.) (.23/09/2011 - 05:38:17.) -- C:\WINDOWS\Explorer.exe [2871808] [MD5.94355C28C1970635A31B3FE52EB7CEBA] - (.Microsoft Corporation - Aplicativo de Inicialização do Windows.) (.13/07/2009 - 22:39:52.) -- C:\WINDOWS\System32\Wininit.exe [129024] [MD5.F0289B3A341429117696F0279DA977B6] - (.Microsoft Corporation - Internet Extensions para Win32.) (.21/04/2015 - 12:27:25.) -- C:\WINDOWS\System32\wininet.dll [2352128] [MD5.8CEBD9D0A0A879CDE9F36F4383B7CAEA] - (.Microsoft Corporation - Aplicativo de Logon do Windows.) (.16/07/2014 - 23:07:24.) -- C:\WINDOWS\System32\Winlogon.exe [455168] [MD5.067FA52BFB59A56110A12312EF9AF243] - (.Microsoft Corporation - Biblioteca de Licenciamento de Software.) (.21/11/2010 - 00:24:16.) -- C:\WINDOWS\System32\sppcomapi.dll [232448] [MD5.FA886682CFC5D36718D3E436AACF10B9] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.30/05/2014 - 03:45:52.) -- C:\WINDOWS\system32\Drivers\AFD.sys [497152] [MD5.02062C0B390B7729EDC9E69C680A6F3C] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.13/07/2009 - 22:52:21.) -- C:\WINDOWS\system32\Drivers\atapi.sys [24128] [MD5.B8BD2BB284668C84865658C77574381A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.13/07/2009 - 20:19:47.) -- C:\WINDOWS\system32\Drivers\Cdfs.sys [92160] [MD5.F036CE71586E93D94DAB220D7BDF4416] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.21/11/2010 - 00:23:47.) -- C:\WINDOWS\system32\Drivers\Cdrom.sys [147456] [MD5.9BB2EF44EAA163B29C4A4587887A0FE4] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.21/11/2010 - 00:24:32.) -- C:\WINDOWS\system32\Drivers\DfsC.sys [102400] [MD5.97BFED39B6B79EB12CDDBFEED51F56BB] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.21/11/2010 - 00:23:47.) -- C:\WINDOWS\system32\Drivers\HDAudBus.sys [122368] [MD5.FA55C73D4AFFA7EE23AC4BE53B4592D3] - (.Microsoft Corporation - Driver de porta i8042.) (.13/07/2009 - 20:19:57.) -- C:\WINDOWS\system32\Drivers\i8042prt.sys [105472] [MD5.AF9B39A7E7B6CAA203B3862582E9F2D0] - (.Microsoft Corporation - IP Network Address Translator.) (.13/07/2009 - 21:10:03.) -- C:\WINDOWS\system32\Drivers\IpNat.sys [116224] [MD5.A5D9106A73DC88564C825D317CAC68AC] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.23/09/2011 - 05:38:12.) -- C:\WINDOWS\system32\Drivers\MRxSmb.sys [158208] [MD5.09594D1089C523423B32A4229263F068] - (.Microsoft Corporation - MBT Transport driver.) (.21/11/2010 - 00:23:51.) -- C:\WINDOWS\system32\Drivers\netBT.sys [261632] [MD5.1A29A59A4C5BA6F8C85062A613B7E2B2] - (.Microsoft Corporation - Driver do Sistema de Arquivos NT.) (.23/01/2014 - 23:37:55.) -- C:\WINDOWS\system32\Drivers\ntfs.sys [1684928] [MD5.0086431C29C35BE1DBC43F52CC273887] - (.Microsoft Corporation - Driver de porta paralela.) (.13/07/2009 - 21:00:41.) -- C:\WINDOWS\system32\Drivers\Parport.sys [97280] [MD5.471815800AE33E6F1C32FB1B97C490CA] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.21/11/2010 - 00:24:33.) -- C:\WINDOWS\system32\Drivers\Rasl2tp.sys [129536] [MD5.548260A7B8654E024DC30BF8A7C5BAA4] - (.Microsoft Corporation - SMB Transport driver.) (.13/07/2009 - 21:09:09.) -- C:\WINDOWS\system32\Drivers\smb.sys [93184] [MD5.70988118145F5F10EF24720B97F35F65] - (.Microsoft Corporation - TDI Translation Driver.) (.10/11/2014 - 22:46:26.) -- C:\WINDOWS\system32\Drivers\tdx.sys [119296] [MD5.0D08D2F3B3FF84E433346669B5E0F639] - (.Microsoft Corporation - Driver de cópia de sombra de volume.) (.21/11/2010 - 00:23:47.) -- C:\WINDOWS\system32\Drivers\volsnap.sys [295808] ~ Generic Processes: Scanned in 00mn 00s ---\\ Estatuto dos ficheiros ocultos (Oculto/Total) ~ Mes images (My Pictures) : 2/384 ~ Mes musiques (My Musics) : 1/536 ~ Mes Videos (My Videos) : 1/65 ~ Mes Favoris (My Favorites) : 1/8 ~ Mes Documents (My Documents) : 1/44 ~ Mon Bureau (My Desktop) : 2/71 ~ Menu demarrer (Programs) : 1/44 ~ Hidden Files: Scanned in 00mn 02s ---\\ Processos lançados [MD5.CAA0C16ADCCE6142A43AD83BFA20B38B] - (.Motorola Mobility LLC - MotoHelperAgent.) -- C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperAgent.exe [698680] [PID.2776] [MD5.E9691BCA8F51BB8698E32847606431AD] - (.SoftThinks - Dell - Dell DataSafe Local Backup.) -- C:\Program Files (x86)\Dell DataSafe Local Backup\TOASTER.exe [4257600] [PID.856] [MD5.72A7212B50DD0BD28499C1C8EA09B31A] - (.No owner - ST Service Scheduling.) -- C:\Program Files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.exe [2749248] [PID.2472] [MD5.935CD218C06721994ED48349361467F9] - (.GAS Tecnologia - G-Buster Browser Defense - Service.) -- C:\Program Files (x86)\GbPlugin\gbpsv.exe [555320] [PID.820] [MD5.FBF8CA1F240ACD0F9313873B646DADC7] - (.Google - Google Drive.) -- C:\Program Files (x86)\Google\Drive\googledrivesync.exe [25700400] [PID.4084] [MD5.50E999CDFBCFEBC7B14452E35D1E4C83] - (.Microsoft Corporation - Microsoft OneDrive.) -- C:\Users\Flávio\AppData\Local\Microsoft\OneDrive\OneDrive.exe [382664] [PID.4216] [MD5.B163C77B1C2B35C9EA4231EB9F6E9853] - (.Evernote Corp., 305 Walnut Street, Redwood - Evernote Clipper.) -- C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe [1202184] [PID.4508] [MD5.54E4265E79839FE24A52C3EF487FA74E] - (.Evernote Corp., 305 Walnut Street, Redwood - Evernote.) -- C:\Program Files (x86)\Evernote\Evernote\Evernote.exe [20120584] [PID.4636] [MD5.E01097FD812370CF3CF38E55705BD2D5] - (.Evernote Corp., 305 Walnut Street, Redwood - Evernote Tray Application.) -- C:\Program Files (x86)\Evernote\Evernote\EvernoteTray.exe [401928] [PID.2312] [MD5.C4EF32C1C0473392EF4204890AF8E457] - (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [813896] [PID.4704] [MD5.F6B0935B23E3C5B54DF33D3C180CA063] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [8211968] [PID.4700] [MD5.FC5B75CA6A1DA31EDD4F8D53F5540B98] - (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [81088] [PID.1628] [MD5.650F111D5CDA64C10AE4B9D1BA9D4FFF] - (.Atheros - Atheros Coex Service Application.) -- C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\Ath_CoexAgent.exe [146592] [PID.1756] [MD5.A2555605CD54DE880BDB6994B69DB617] - (.Google Inc. - Processo do host.) -- C:\Program Files (x86)\Google\Chrome Remote Desktop\42.0.2311.39\remoting_host.exe [56648] [PID.1940] [MD5.1BCB26A55B2E092FAA4DA01D9A3DE528] - (.Motorola Mobility LLC - MotoHelper Service.) -- C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe [137528] [PID.2376] [MD5.EA735BF6DF13A857A83C99BF27A422AD] - (.Motorola - ForwardDemon.) -- C:\Program Files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe [65657] [PID.2836] [MD5.958E956E119EB7B9ABA142AFED1B5FF4] - (...) -- C:\Program Files (x86)\Photodex\ProShowProducer\ScsiAccess.exe [186760] [PID.2904] [MD5.1968E6EBBEECF61D5F7D8603467E2AD0] - (.SoftThinks SAS - SoftThinks Agent Service.) -- C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.exe [1692480] [PID.2960] ~ Processes Running: Scanned in 00mn 01s ---\\ Google Chrome, Arranque,Pesquisa,Extensões (G0,G1,G2) C:\Users\Flávio\AppData\Local\Google\Chrome\User Data\Default\Preferences ---\\ Pasta de extensão do Google Chrome G2 - EXT: C:\Users\Flávio\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [__MSG_appName__] G2 - EXT: C:\Users\Flávio\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [__MSG_appName__] G2 - EXT: C:\Users\Flávio\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [__MSG_appName__] G2 - EXT: C:\Users\Flávio\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [__MSG_appName__] G2 - EXT: C:\Users\Flávio\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [__MSG_appName__] G2 - EXT: C:\Users\Flávio\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [__MSG_appName__] G2 - EXT: C:\Users\Flávio\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik [bookmark Manager] G2 - EXT: C:\Users\Flávio\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [Chrome Hotword Shared Module] G2 - EXT: C:\Users\Flávio\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [__MSG_APP_NAME__] G2 - EXT: C:\Users\Flávio\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [__MSG_appName__] ~ Google Lines Browser: 20 Scanned in 00mn 00s ---\\ Mozilla Firefox, Plugins,Arranque,Pesquisa,Extensões (P2,M0,M1,M2,M3) C:\Users\Flávio\AppData\Roaming\Mozilla\Firefox\Profiles\9hxcj7r2.default\prefs.js M2 - MFEP: RegExtension {87F8774F-B485-47E2-A755-A40A8A5E886C} . (...) -- M0 - MFSP: prefs.js [Flávio - 9hxcj7r2.default] about:home P2 - FPN:Firefox Plugin Navigator . (...) -- C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\bing.xml P2 - FPN:Firefox Plugin Navigator . (...) -- C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\buscape.xml P2 - FPN:Firefox Plugin Navigator . (...) -- C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\ddg.xml P2 - FPN:Firefox Plugin Navigator . (...) -- C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\google.xml P2 - FPN:Firefox Plugin Navigator . (...) -- C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\mercadolivre.xml P2 - FPN:Firefox Plugin Navigator . (...) -- C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\twitter.xml P2 - FPN:Firefox Plugin Navigator . (...) -- C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\wikipedia-br.xml P2 - FPN:Firefox Plugin Navigator . (...) -- C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\yahoo-br.xml P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (...) -- C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_169.dll P2 - FPN: [HKLM] [@java.com/JavaPlugin] - (.Sun Microsystems, Inc. - Next Generation Java Plug-in 1.6.0_27 for Mozilla browsers.) -- C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll P2 - FPN: [HKLM] [@Microsoft.com/NpCtrl,version=1.0] - (. Microsoft Corporation - 5.1.40416.0.) -- c:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll P2 - FPN: [HKLM] [@microsoft.com/OfficeAuthz,version=14.0] - (.Microsoft Corporation - Office Authorization plug-in for NPAPI browsers.) -- C:\Program Files\Microsoft Office\Office14\NPAUTHZ.dll P2 - FPN: [HKCU] [gastecnologia.com.br/sf/bb] - (.GAS Tecnologia - Internet Banking Helper.) -- C:\Users\Flávio\AppData\Local\GAS Tecnologia\GBBD\npsf_bb.dll P2 - FPN: [HKCU] [gastecnologia.com.br/sf/bb64] - (.GAS Tecnologia - Internet Banking Helper.) -- C:\Users\Flávio\AppData\Local\GAS Tecnologia\GBBD\npsf_bb_64.dll ~ Firefox Browser: 24 Scanned in 00mn 00s ---\\ Internet Explorer, Arranque, Pesquisa, URLSearchHook( gancho de URL), Phishing (R0,R1,R3,R4) R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com R0 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://go.microsoft.com R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://go.microsoft.com R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk R3 - URLSearchHook: Microsoft Url Search Hook [64Bits] - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Navegador da Internet.) (11.00.9600.17631 (winblue_r7.150111-1500)) -- C:\Windows\SysWOW64\ieframe.dll R4 - HKLM\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,EnabledV8 = 1 R4 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\PhishingFilter,EnabledV8 = 1 ~ IE Browser: 22 Scanned in 00mn 00s ---\\ Internet Explorer, Gestão do Proxy (R5) R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll ~ Proxy management: Scanned in 00mn 00s ---\\ Análise das linhas F0, F1, F2, F3 - Ficheiros ini, Carregamento Automático de programas F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe, F2 - REG:system.ini: Shell=C:\WINDOWS\explorer.exe F2 - REG:system.ini: VMApplet=C:\WINDOWS\System32\SystemPropertiesPerformance.exe ~ Keys: Scanned in 00mn 00s ---\\ Redireção do ficheiro Hosts (01) ~ Le fichier hôte est sain (The hosts file is clean) (21) ~ Hosts File: Scanned in 00mn 00s ---\\ Browser Helper Objects do navegador (02) O2 - BHO: Java Plug-In SSV Helper [64Bits] - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} . (.Oracle Corporation - Java Platform SE binary.) -- C:\Program Files (x86)\Java\jre7\bin\ssv.dll O2 - BHO: IESpeakDoc [64Bits] - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} . (.Atheros Commnucations - Bluetooth IE PlugIn.) -- C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\IEPlugIn.dll O2 - BHO: Auxiliar de Conexão do Windows Live ID [64Bits] - {9030D464-4C02-4ABF-8ECC-5164760863C6} . (.Microsoft Corp. - Microsoft® Windows Live ID Login Helper.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Evernote extension [64Bits] - {92EF2EAD-A7CE-4424-B0DB-499CF856608E} . (.Evernote Corp., 305 Walnut Street, Redwood - Evernote Clipper for Microsoft Internet Exp.) -- C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll O2 - BHO: URLRedirectionBHO [64Bits] - {B4F3A835-0E21-4959-BA22-42B3008E02FF} . (.Microsoft Corporation - Microsoft Office Document Cache Handler.) -- C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.dll O2 - BHO: G-Buster Browser Defense [64Bits] - {C41A1C0E-EA6C-11D4-B1B8-444553540000} . (.Banco do Brasil - Gbieh Module.) -- C:\PROGRAM FILES (X86)\GBPLUGIN\gbieh.dll O2 - BHO: Java Plug-In 2 SSV Helper [64Bits] - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Oracle Corporation - Java Platform SE binary.) -- C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll O2 - BHO: (no name) [64Bits] - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} Chave orfã ~ BHO: 11 Scanned in 00mn 00s ---\\ Aplicações iniciadas por registo & pastas (04) O4 - HKLM\..\Run: [Apoint] . (.Alps Electric Co., Ltd. - Alps Pointing-device Driver.) -- C:\Program Files\DellTPad\Apoint.exe O4 - HKLM\..\Run: [QuickSet] . (.Dell Inc. - QuickSet.) -- c:\Program Files\Dell\QuickSet\QuickSet.exe O4 - HKLM\..\Run: [AtherosBtStack] . (.Atheros Communications - Bluetooth Stack Server.) -- C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtvStack.exe O4 - HKLM\..\Run: [AthBtTray] . (.Atheros Commnucations - Bluetooth Suite Common Rescource.) -- C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\AthBtTray.exe O4 - HKLM\..\Run: [DellStage] . (.No owner - Dell Stage.) -- C:\Program Files (x86)\Dell Stage\Dell Stage\stage_primary.exe O4 - HKLM\..\Run: [MSC] . (.Microsoft Corporation - Microsoft Security Client User Interface.) -- c:\Program Files\Microsoft Security Client\msseces.exe O4 - HKLM\..\Run: [sysTrayApp] . (.IDT, Inc. - IDT PC Audio TPE.) -- C:\Program Files\IDT\WDM\sttray64.exe O4 - HKLM\..\Run: [igfxTray] . (.Intel Corporation - igfxTray Module.) -- C:\Windows\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] . (.Intel Corporation - hkcmd Module.) -- C:\Windows\system32\hkcmd.exe O4 - HKLM\..\Run: [Persistence] . (.Intel Corporation - persistence Module.) -- C:\Windows\system32\igfxpers.exe O4 - HKLM\..\Run: [Diebold - Warsaw] . (.GAS Tecnologia LTDA - GAS Tecnologia - Core.) -- C:\Program Files\Diebold\Warsaw\core.exe O4 - HKCU\..\Run: [GoogleDriveSync] . (.Google - Google Drive.) -- C:\Program Files (x86)\Google\Drive\googledrivesync.exe O4 - HKCU\..\Run: [OneDrive] . (.Microsoft Corporation - Microsoft OneDrive.) -- C:\Users\Flávio\AppData\Local\Microsoft\OneDrive\OneDrive.exe O4 - HKCU\..\RunOnce: [uninstall C:\Users\Flávio\AppData\Local\Microsoft\SkyDrive\17.0.4041.0512_1\amd64] . (.Microsoft Corporation - Processador de comandos do Windows.) -- C:\Windows\system32\cmd.exe O4 - HKLM\..\Wow6432Node\Run: [Dell Registration] . (.Dell, Inc. - System Registration.) -- C:\Program Files (x86)\System Registration\prodreg.exe O4 - HKLM\..\Wow6432Node\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe =>.Adobe Systems Incorporated O4 - HKUS\S-1-5-19\..\Run: [sidebar] . (.Microsoft Corporation - Gadgets da Área de Trabalho do Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe O4 - HKUS\S-1-5-20\..\Run: [sidebar] . (.Microsoft Corporation - Gadgets da Área de Trabalho do Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation O4 - HKUS\S-1-5-21-1210235661-1573419760-1918872127-1000\..\Run: [GoogleDriveSync] . (.Google - Google Drive.) -- C:\Program Files (x86)\Google\Drive\googledrivesync.exe O4 - HKUS\S-1-5-21-1210235661-1573419760-1918872127-1000\..\Run: [OneDrive] . (.Microsoft Corporation - Microsoft OneDrive.) -- C:\Users\Flávio\AppData\Local\Microsoft\OneDrive\OneDrive.exe O4 - HKUS\S-1-5-21-1210235661-1573419760-1918872127-1000\..\RunOnce: [uninstall C:\Users\Flávio\AppData\Local\Microsoft\SkyDrive\17.0.4041.0512_1\amd64] . (.Microsoft Corporation - Processador de comandos do Windows.) -- C:\Windows\system32\cmd.exe ~ Application: Scanned in 00mn 00s ---\\ Icones das opções IE invisiveis no painel das configurações (05) O5 - control.ini: [HKLM\..\Control Panel] inetcpl.cpl=no ~ IE Control Panel: 1 Scanned in 00mn 00s ---\\ Boutões da barra de ferramentas principal do Internet Explorer (09) O9 - Extra button: Send by Bluetooth to [64Bits] - {7815BE26-237D-41A8-A98F-F7BD75F71086} -- Chave orfã O9 - Extra button: @C:\Program Files (x86)\Evernote\Evernote\OLIEResource.dll,-101 [64Bits] - {A95fe080-8f5d-11d2-a20b-00aa003c157a} . (.Evernote Corp., 305 Walnut Street, Redwood - Evernote Clipper for Microsoft Internet Explorer.) -- C:\Program Files (x86)\Evernote\Evernote\EvernoteIEx64.dll ~ IE Extra Buttons: Scanned in 00mn 00s ---\\ Winsock hijacker (Layered Service Provider) (O10) O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Network Location Awareness 2.) -- C:\Windows\system32\NLAapi.dll O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - Provedor de Correção de Nomeação de Emails.) -- C:\Windows\system32\napinsp.dll O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - PNRP Name Space Provider.) -- C:\Windows\system32\pnrpnsp.dll O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - PNRP Name Space Provider.) -- C:\Windows\system32\pnrpnsp.dll O10 - WLSP:\000000000005\Winsock LSP File . (.Microsoft Corporation - Provedor de serviços do Microsoft Windows Sockets 2.0.) -- C:\Windows\system32\mswsock.dll O10 - WLSP:\000000000006\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\Windows\system32\winrnr.dll O10 - WLSP:\000000000007\Winsock LSP File . (.Microsoft Corporation - Windows Sockets Helper DLL.) -- C:\Windows\system32\wshbth.dll O10 - WLSP:\000000000008\Winsock LSP File . (.Microsoft Corp. - Microsoft® Windows Live ID Namespace Provider.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.dll =>.Microsoft Corporation O10 - WLSP:\000000000009\Winsock LSP File . (.Microsoft Corp. - Microsoft® Windows Live ID Namespace Provider.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.dll =>.Microsoft Corporation ~ Winsock: 9 Scanned in 00mn 00s ---\\ Site na zona confiavél do Internet Explorer (05) O15 - Trusted Zone: [HKCU\...\Domains\www] *.bancobrasil.com.br O15 - Trusted Zone: [HKCU\...\Domains\www] http.bb.com.br O15 - Trusted Zone: [HKCU\...\Domains] *.dell.com ~ IE Zone Confiance: Scanned in 00mn 00s ---\\ Alteração Dominio/Clientes DNS (017) O17 - HKLM\System\CCS\Services\Tcpip\..\{05389BF2-51CB-4229-B83C-7F6592D3B37D}: DhcpNameServer = 192.168.25.1 O17 - HKLM\System\CCS\Services\Tcpip\..\{8C22330F-3B4B-48AE-BD21-B77AB1AA57B0}: DhcpNameServer = 192.168.25.1 O17 - HKLM\System\CS1\Services\Tcpip\..\{05389BF2-51CB-4229-B83C-7F6592D3B37D}: DhcpNameServer = 192.168.25.1 O17 - HKLM\System\CS1\Services\Tcpip\..\{8C22330F-3B4B-48AE-BD21-B77AB1AA57B0}: DhcpNameServer = 192.168.25.1 O17 - HKLM\System\CS2\Services\Tcpip\..\{05389BF2-51CB-4229-B83C-7F6592D3B37D}: DhcpNameServer = 192.168.25.1 O17 - HKLM\System\CS2\Services\Tcpip\..\{8C22330F-3B4B-48AE-BD21-B77AB1AA57B0}: DhcpNameServer = 192.168.25.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.25.1 ~ Domain: Scanned in 00mn 00s ---\\ Protocolo adicional (018) O18 - Handler: wlpg [64Bits] - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (...) -- O18 - Filter: text/xml [64Bits] - {807573E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.dll =>.Microsoft Corporation ~ Protocole Additionnel: Scanned in 00mn 00s ---\\ Valor do Registo AppInit_DLLs e sub-chaves Winlogon Notify (autorun) (O20) O20 - Winlogon Notify: igfxcui . (.Intel Corporation - igfxdev Module.) -- C:\WINDOWS\System32\igfxdev.dll ~ Winlogon: Scanned in 00mn 00s ---\\ Chave do Registo autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21) O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found. ~ SSODL: 1 Scanned in 00mn 00s ---\\ Lista dos serviços NT não Microsoft e não desativados (023) O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) . (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Andrea ST Filters Service (AESTFilters) . (.Andrea Electronics Corporation - Andrea filters APO access service (64-bit).) - C:\Program Files\IDT\WDM\AESTSr64.exe O23 - Service: Atheros Bt&Wlan Coex Agent (Atheros Bt&Wlan Coex Agent) . (.Atheros - Atheros Coex Service Application.) - C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\Ath_CoexAgent.exe O23 - Service: AtherosSvc (AtherosSvc) . (.Atheros Commnucations - AdminService Application.) - C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\adminservice.exe O23 - Service: Serviço Área de trabalho remota do Google Chrome (chromoting) . (.Google Inc. - Processo do host.) - C:\Program Files (x86)\Google\Chrome Remote Desktop\42.0.2311.39\remoting_host.exe O23 - Service: Gbp Service (GbpSv) . (.GAS Tecnologia - G-Buster Browser Defense - Service.) - C:\Program Files (x86)\GbPlugin\gbpsv.exe O23 - Service: Serviço do Google Update (gupdate) (gupdate) . (.Google Inc. - Google Installer.) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: (MBAMService) . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe O23 - Service: Motorola Device Manager Service (Motorola Device Manager) . (.Motorola Mobility LLC - MotoHelper Service.) - C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe O23 - Service: Corel License Validation Service V2 x64, Powered by arvato (PSI_SVC_2_x64) . (.arvato digital services llc - PsiService PsiService.) - c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe O23 - Service: PST Service (PST Service) . (.Motorola - ForwardDemon.) - C:\Program Files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe O23 - Service: Roxio Hard Drive Watcher 12 (RoxWatch12) . (.Sonic Solutions - RoxWatch12 Module.) - C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe O23 - Service: ScsiAccess (ScsiAccess) . (...) - C:\Program Files (x86)\Photodex\ProShowProducer\ScsiAccess.exe O23 - Service: SoftThinks Agent Service (SftService) . (.SoftThinks SAS - SoftThinks Agent Service.) - C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.exe O23 - Service: Skype Updater (SkypeUpdate) . (.Skype Technologies - Skype Updater Service.) - C:\Program Files (x86)\Skype\Updater\Updater.exe O23 - Service: C:\WINDOWS\System32\stlang64.dll (STacSV) . (.IDT, Inc. - IDT PC Audio TPE.) - C:\Program Files\IDT\WDM\STacSV64.exe O23 - Service: Warsaw Technology (Warsaw Technology) . (.GAS Tecnologia LTDA - GAS Tecnologia - Core.) - C:\Program Files\Diebold\Warsaw\core.exe ~ Services: 17 Scanned in 00mn 03s ---\\ Enumeração Ativa do Ambiente de trabalho & Editor MHTML (024) O24 - Default MHTML Editor: Last - .(...) - (.not file.) ~ Desktop Component: 4 Scanned in 00mn 00s ---\\ Listagem dos dados do BootExecute (Bex) (034) O34 - HKLM BootExecute: (autocheck autochk *) - File not found ~ BEX: 1 Scanned in 00mn 00s ---\\ Tarefas planificadas automaticamente (039) [MD5.3E04F1E482357B1FC8B088197C3D9FF8] [APT] [Adobe Acrobat Update Task] (.Adobe Systems Incorporated.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152] [MD5.B04A4810C6CC205F9DC72DC22E4AB236] [APT] [Adobe Flash Player Updater] (.Adobe Systems Incorporated.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [268464] [MD5.E62ED5A7A2F21C5F377F924A33E12792] [APT] [CCleanerSkipUAC] (.Piriform Ltd.) -- C:\Program Files\CCleaner\CCleaner.exe [3643160] [MD5.506708142BC63DABA64F2D3AD1DCD5BF] [APT] [GoogleUpdateTaskMachineCore] (.Google Inc..) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [116648] [MD5.506708142BC63DABA64F2D3AD1DCD5BF] [APT] [GoogleUpdateTaskMachineUA] (.Google Inc..) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [116648] [MD5.B6037110B175707A353B12C814D34968] [APT] [Motorola Device Manager Engine] (...) -- C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotorolaDeviceManagerUpdate.exe [196920] [MD5.B6037110B175707A353B12C814D34968] [APT] [Motorola Device Manager Initial Update] (...) -- C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotorolaDeviceManagerUpdate.exe [196920] [MD5.B6037110B175707A353B12C814D34968] [APT] [Motorola Device Manager Update] (...) -- C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotorolaDeviceManagerUpdate.exe [196920] [MD5.20BE243A287ABD3D1F9CFBBF6C5A95C8] [APT] [PCDEventLauncher] (.PC-Doctor, Inc..) -- C:\Program Files\Dell Support Center\sessionchecker.exe [362312] [MD5.A4146679AA132CDA8D23C148A2B31F4B] [APT] [systemToolsDailyTest] (.PC-Doctor, Inc..) -- C:\Program Files\Dell Support Center\pcdrcui.exe [1206088] O39 - APT: Adobe Flash Player Updater - (.Adobe Systems Incorporated.) -- C:\WINDOWS\Tasks\Adobe Flash Player Updater.job [902] O39 - APT: Adobe Flash Player Updater - (.Adobe Systems Incorporated.) -- C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater [902] O39 - APT: GoogleUpdateTaskMachineCore - (.Google Inc..) -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job [1066] O39 - APT: GoogleUpdateTaskMachineCore - (.Google Inc..) -- C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore [1066] O39 - APT: GoogleUpdateTaskMachineUA - (.Google Inc..) -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job [1070] O39 - APT: GoogleUpdateTaskMachineUA - (.Google Inc..) -- C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA [1070] O39 - APT: SystemToolsDailyTest - (.PC-Doctor, Inc..) -- C:\WINDOWS\Tasks\SystemToolsDailyTest.job [422] O39 - APT: SystemToolsDailyTest - (.PC-Doctor, Inc..) -- C:\WINDOWS\System32\Tasks\SystemToolsDailyTest [422] ~ Scheduled Task: 15 Scanned in 00mn 05s ---\\ Componentes instalados (ActiveSetup Installed Components) (040) O40 - ASIC: Microsoft Windows Media Player [64Bits] - >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Recursos do Windows Media Player.) -- C:\WINDOWS\System32\wmploc.dll =>.Microsoft Corporation O40 - ASIC: Java (Sun) [64Bits] - {08B0E5C0-4FCB-11CF-AAA5-00401C608500} . (.Sun Microsystems, Inc. - Java Platform SE binary.) -- C:\Program Files\Java\jre6\bin\regutils.dll O40 - ASIC: Microsoft Windows Media Player 12.0 [64Bits] - {22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Windows Media Player Extension.) -- C:\Windows\SysWOW64\wmpdxm.dll =>.Microsoft Corporation O40 - ASIC: Themes Setup [64Bits] - {2C7339CF-2B09-4501-B3F3-F3508C9228ED} . (.Microsoft Corporation - API de tema do Windows.) -- C:\WINDOWS\System32\themeui.dll O40 - ASIC: Internet Explorer [64Bits] - {2D46B6DC-2207-486B-B523-A557E6D54B47} . (.Microsoft Corporation - Processador de comandos do Windows.) -- C:\Windows\system32\cmd.exe O40 - ASIC: Microsoft Windows [64Bits] - {44BBA840-CC51-11CF-AAFA-00AA00B6015C} . (.Microsoft Corporation - Windows Mail.) -- C:\Program Files (x86)\Windows Mail\WinMail.exe =>.Microsoft Corporation O40 - ASIC: Browsing Enhancements [64Bits] - {630b1da0-b465-11d1-9948-00c04f98bbc9} . (.Microsoft Corporation - Extensão shell da pasta FTP do Microsoft Internet Explorer.) -- C:\WINDOWS\System32\msieftp.dll O40 - ASIC: Microsoft Windows Media Player [64Bits] - {6BF52A52-394A-11d3-B153-00C04F79FAA6} . (.Microsoft Corporation - Recursos do Windows Media Player.) -- C:\WINDOWS\System32\wmploc.dll =>.Microsoft Corporation O40 - ASIC: Disable SSL3 [64Bits] - {7D715857-A67C-4C2F-A929-038448584D63} . (.Microsoft Corporation - Utilitário de Inicialização por Usuário do Internet Explorer.) -- C:\Windows\System32\ie4uinit.exe O40 - ASIC: Windows Desktop Update [64Bits] - {89820200-ECBD-11cf-8B85-00AA005B4340} . (.Microsoft Corporation - DLL comum do Shell do Windows.) -- C:\WINDOWS\System32\shell32.dll O40 - ASIC: Web Platform Customizations [64Bits] - {89820200-ECBD-11cf-8B85-00AA005B4383} . (.Microsoft Corporation - Utilitário de Inicialização por Usuário do Internet Explorer.) -- C:\Windows\System32\ie4uinit.exe O40 - ASIC: (no name) [64Bits] - {89B4C1CD-B018-4511-B0A1-5476DBF70820} . (.Microsoft Corporation - Microsoft .NET IE SECURITY REGISTRATION.) -- C:\Windows\system32\mscories.dll ~ Active Setup: 12 Scanned in 00mn 00s ---\\ Drivers lançados ao arranque do sistema (041) O41 - Driver: C:\WINDOWS\System32\drivers\afd.sys (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\WINDOWS\system32\drivers\afd.sys O41 - Driver: (blbdrive) . (.Microsoft Corporation - BLB Drive Driver.) - C:\WINDOWS\System32\DRIVERS\blbdrive.sys O41 - Driver: (cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\WINDOWS\System32\DRIVERS\cdrom.sys O41 - Driver: C:\WINDOWS\System32\drivers\dfsc.sys (DfsC) . (.Microsoft Corporation - DFS Namespace Client Driver.) - C:\WINDOWS\System32\Drivers\dfsc.sys O41 - Driver: C:\WINDOWS\System32\drivers\discache.sys (discache) . (.Microsoft Corporation - System Indexer/Cache Driver.) - C:\WINDOWS\System32\drivers\discache.sys O41 - Driver: (mssmbios) . (.Microsoft Corporation - System Management BIOS Driver.) - C:\WINDOWS\System32\DRIVERS\mssmbios.sys O41 - Driver: (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\WINDOWS\System32\DRIVERS\netbios.sys O41 - Driver: C:\WINDOWS\System32\drivers\netbt.sys (NetBT) . (.Microsoft Corporation - MBT Transport driver.) - C:\WINDOWS\System32\DRIVERS\netbt.sys O41 - Driver: C:\WINDOWS\System32\drivers\nsiproxy.sys (nsiproxy) . (.Microsoft Corporation - NSI Proxy.) - C:\WINDOWS\System32\drivers\nsiproxy.sys O41 - Driver: C:\WINDOWS\System32\drivers\pacer.sys (Psched) . (.Microsoft Corporation - Agendador de pacotes de serviço.) - C:\WINDOWS\System32\DRIVERS\pacer.sys O41 - Driver: C:\WINDOWS\System32\wkssvc.dll (rdbss) . (.Microsoft Corporation - Driver do Subsistema de Buffer da Unidade R.) - C:\WINDOWS\System32\DRIVERS\rdbss.sys O41 - Driver: C:\WINDOWS\System32\DRIVERS\RDPCDD.sys (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\WINDOWS\System32\DRIVERS\RDPCDD.sys O41 - Driver: C:\WINDOWS\System32\drivers\RDPENCDD.sys (RDPENCDD) . (.Microsoft Corporation - RDP Encoder Miniport.) - C:\WINDOWS\System32\drivers\rdpencdd.sys O41 - Driver: C:\WINDOWS\System32\drivers\RdpRefMp.sys (RDPREFMP) . (.Microsoft Corporation - RDP Reflector Driver Miniport.) - C:\WINDOWS\System32\drivers\rdprefmp.sys O41 - Driver: C:\WINDOWS\System32\tcpipcfg.dll (tdx) . (.Microsoft Corporation - TDI Translation Driver.) - C:\WINDOWS\System32\DRIVERS\tdx.sys O41 - Driver: (TermDD) . (.Microsoft Corporation - Remote Desktop Server Driver.) - C:\WINDOWS\System32\DRIVERS\termdd.sys O41 - Driver: (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\WINDOWS\system32\drivers\vga.sys O41 - Driver: (vwififlt) . (.Microsoft Corporation - Virtual WiFi Filter Driver.) - C:\WINDOWS\System32\DRIVERS\vwififlt.sys O41 - Driver: C:\WINDOWS\System32\rascfg.dll (Wanarpv6) . (.Microsoft Corporation - MS Remote Access and Routing ARP Driver.) - C:\WINDOWS\System32\DRIVERS\wanarp.sys O41 - Driver: (WfpLwf) . (.Microsoft Corporation - WFP NDIS 6.20 Lightweight Filter Driver.) - C:\WINDOWS\System32\DRIVERS\wfplwf.sys ~ Drivers: 60 Scanned in 00mn 00s ---\\ Software instalados (042) O42 - Logiciel: Adobe Flash Player 17 ActiveX - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- Adobe Flash Player ActiveX O42 - Logiciel: Adobe Flash Player 17 NPAPI - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- Adobe Flash Player NPAPI O42 - Logiciel: Adobe Reader X (10.1.14) MUI - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {AC76BA86-7AD7-FFFF-7B44-AA0000000001} O42 - Logiciel: Adobe Refresh Manager - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {AC76BA86-0804-1033-1959-001802114130} O42 - Logiciel: Advanced Audio FX Engine - (.Creative Technology Ltd.) [HKLM][64Bits] -- Advanced Audio FX Engine O42 - Logiciel: Ares 2.2.4 - (.Ares Development Group.) [HKLM][64Bits] -- Ares O42 - Logiciel: Ashampoo Burning Studio 2013 v.11.0.5 - (.Ashampoo GmbH & Co. KG.) [HKLM][64Bits] -- {91B33C97-0FBA-74AE-E802-D782F5C8AA89}_is1 O42 - Logiciel: CCleaner - (.Piriform.) [HKLM][64Bits] -- CCleaner O42 - Logiciel: Central de Mouse e Teclado da Microsoft - (.Microsoft Corporation.) [HKLM][64Bits] -- Microsoft Mouse and Keyboard Center O42 - Logiciel: Chrome Remote Desktop Host - (.Google Inc..) [HKLM][64Bits] -- {A1A724F3-F1A6-479C-AE98-208946717E2B} O42 - Logiciel: Corel Graphics - Windows Shell Extension - (.Corel Corporation.) [HKLM][64Bits] -- _{9DA7C2FD-AD83-4E2E-B9F2-9996749318E0} O42 - Logiciel: Corel Graphics - Windows Shell Extension - (.Corel Corporation.) [HKLM][64Bits] -- {9DA7C2FD-AD83-4E2E-B9F2-9996749318E0} O42 - Logiciel: Corel Graphics - Windows Shell Extension 32 Bit - (.Corel Corporation.) [HKLM][64Bits] -- {E9C590E8-F26F-4C99-8A56-9935CBF607EB} O42 - Logiciel: CorelDRAW Graphics Suite X7 (64-Bit) - (.Corel Corporation.) [HKLM][64Bits] -- _{5CB73140-806C-42C6-A05A-1AFD0E92DEB5} O42 - Logiciel: CorelDRAW Graphics Suite X7 - IPM Content (x64) - (.Corel Corporation.) [HKLM][64Bits] -- {EF44BCCD-13F9-4974-862C-CCFAF43EE082} O42 - Logiciel: CorelDRAW Graphics Suite X7 - IPM T (x64) - (.Corel Corporation.) [HKLM][64Bits] -- {13179AB2-69FD-459B-800F-81865A501AD4} O42 - Logiciel: CorelDRAW Graphics Suite X7 - Writing Tools (x64) - (. Corel Corporation.) [HKLM][64Bits] -- {D63404AC-C2F1-4B3D-96EA-9727AC9D994C} O42 - Logiciel: CyberLink PowerDVD 9.5 - (.CyberLink Corp..) [HKLM][64Bits] -- InstallShield_{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8} O42 - Logiciel: CyberLink PowerDVD 9.5 - (.CyberLink Corp..) [HKLM][64Bits] -- {A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8} O42 - Logiciel: D3DX10 - (.Microsoft.) [HKLM][64Bits] -- {E09C4DB7-630C-4F06-A631-8EA7239923AF} O42 - Logiciel: Dell Bluetooth Installation - (.Dell Inc..) [HKLM][64Bits] -- {28006915-2739-4EBE-B5E8-49B25D32EB33} O42 - Logiciel: Dell DataSafe Local Backup - (.Dell Inc..) [HKLM][64Bits] -- {0ED7EE95-6A97-47AA-AD73-152C08A15B04} O42 - Logiciel: Dell DataSafe Local Backup - Support Software - (.Dell Inc..) [HKLM][64Bits] -- {A9668246-FB70-4103-A1E3-66C9BC2EFB49} O42 - Logiciel: Dell Edoc Viewer - (.Dell Inc.) [HKLM][64Bits] -- {8EBA8727-ADC2-477B-9D9A-1A1836BE4E05} O42 - Logiciel: Dell Getting Started Guide - (.Dell Inc..) [HKLM][64Bits] -- {7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045} O42 - Logiciel: Dell PhotoStage - (.ArcSoft.) [HKLM][64Bits] -- {E4335E82-17B3-460F-9E70-39D9BC269DB3} O42 - Logiciel: Dell Product Registration - (.Dell Inc..) [HKLM][64Bits] -- {2A0F2CC5-3065-492C-8380-B03AA7106B1A} O42 - Logiciel: Dell Support Center - (.Dell Inc..) [HKLM][64Bits] -- Dell Support Center O42 - Logiciel: Dell Support Center - (.PC-Doctor, Inc..) [HKLM][64Bits] -- {0090A87C-3E0E-43D4-AA71-A71B06563A4A} O42 - Logiciel: Dell System Detect - (.Dell.) [HKCU][64Bits] -- 9204f5692a8faf3b O42 - Logiciel: Dell System Detect Bootstrapper - (.Dell.) [HKCU][64Bits] -- 8e3135b376bd523e O42 - Logiciel: Dell Touchpad - (.ALPS ELECTRIC CO., LTD..) [HKLM][64Bits] -- {9F72EF8B-AEC9-4CA5-B483-143980AFD6FD} O42 - Logiciel: Dell VideoStage - (.CyberLink Corp..) [HKLM][64Bits] -- InstallShield_{DCE0E79A-B9AC-41AC-98C1-7EF0538BCA7F} O42 - Logiciel: Dell VideoStage - (.CyberLink Corp..) [HKLM][64Bits] -- {DCE0E79A-B9AC-41AC-98C1-7EF0538BCA7F} O42 - Logiciel: Dell Webcam Central - (.Creative Technology Ltd.) [HKLM][64Bits] -- Dell Webcam Central O42 - Logiciel: DirectX 9 Runtime - (.Sonic Solutions.) [HKLM][64Bits] -- {AF9E97C1-7431-426D-A8D5-ABE40995C0B1} O42 - Logiciel: Dragon Branch - (.Dragon Branch.) [HKLM][64Bits] -- Dragon Branch =>PUP.DragonBranch O42 - Logiciel: Evernote v. 5.8.6 - (.Evernote Corp..) [HKLM][64Bits] -- {FEDC7C10-EF67-11E4-9B07-00505695D7B0} O42 - Logiciel: First PDF - (...) [HKLM][64Bits] -- First PDF O42 - Logiciel: Freemake Video Converter versão 4.1.0 - (.Ellora Assets Corporation.) [HKLM][64Bits] -- Freemake Video Converter_is1 O42 - Logiciel: Google Chrome - (.Google Inc..) [HKLM][64Bits] -- Google Chrome O42 - Logiciel: Google Drive - (.Google, Inc..) [HKLM][64Bits] -- {35574F09-89F9-4B16-B69B-64F3E25901B8} O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM][64Bits] -- {60EC980A-BDA2-4CB6-A427-B07A5498B4CA} O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM][64Bits] -- {A92DAB39-4E2C-4304-9AB6-BC44E68B55E2} O42 - Logiciel: IDT Audio - (.IDT.) [HKLM][64Bits] -- {E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001} O42 - Logiciel: IRPF2014 - Declaração de Ajuste Anual, Final de Espólio e Saída Definitiva - (.Receita Federal do Brasil.) [HKLM][64Bits] -- IRPF2014 O42 - Logiciel: IRPF2015 - Declaração de Ajuste Anual, Final de Espólio e Saída Definitiva - (.Receita Federal do Brasil.) [HKLM][64Bits] -- IRPF2015 O42 - Logiciel: Intel® C++ Redistributables for Windows* on Intel® 64 - (.Intel Corporation.) [HKLM][64Bits] -- {D2437C5C-2D8C-40D2-8059-689AD7239FA3} O42 - Logiciel: Intel® Processor Graphics - (.Intel Corporation.) [HKLM][64Bits] -- {F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA} O42 - Logiciel: Intel® SDK for OpenCL - CPU Only Runtime Package - (.Intel Corporation.) [HKLM][64Bits] -- {FCB3772C-B7D0-4933-B1A9-3707EBACC573} O42 - Logiciel: JDownloader 2 - (.AppWork GmbH.) [HKLM][64Bits] -- jdownloader2 O42 - Logiciel: Java 7 Update 25 - (.Oracle.) [HKLM][64Bits] -- {26A24AE4-039D-4CA4-87B4-2F83217025FF} O42 - Logiciel: Java 6 Update 27 (64-bit) - (.Oracle.) [HKLM][64Bits] -- {26A24AE4-039D-4CA4-87B4-2F86416027FF} O42 - Logiciel: Junk Mail filter update - (.Microsoft Corporation.) [HKLM][64Bits] -- {1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4} O42 - Logiciel: MSVCRT - (.Microsoft.) [HKLM][64Bits] -- {8DD46C6A-0056-4FEC-B70A-28BB16A1F11F} O42 - Logiciel: MSVCRT_amd64 - (.Microsoft.) [HKLM][64Bits] -- {D0B44725-3666-492D-BEF6-587A14BD9BD9} O42 - Logiciel: MSXML 4.0 SP2 (KB954430) - (.Microsoft Corporation.) [HKLM][64Bits] -- {86493ADD-824D-4B8E-BD72-8C5DCDC52A71} O42 - Logiciel: MSXML 4.0 SP2 (KB973688) - (.Microsoft Corporation.) [HKLM][64Bits] -- {F662A8E6-F4DC-41A2-901E-8C11F044BDEC} O42 - Logiciel: MSXML 4.0 SP3 Parser (KB2758694) - (.Microsoft Corporation.) [HKLM][64Bits] -- {1D95BA90-F4F8-47EC-A882-441C99D30C1E} O42 - Logiciel: MSXML 4.0 SP3 Parser - (.Microsoft Corporation.) [HKLM][64Bits] -- {196467F1-C11F-4F76-858B-5812ADC83B94} O42 - Logiciel: Malwarebytes Anti-Malware versão 2.1.6.1022 - (.Malwarebytes Corporation.) [HKLM][64Bits] -- Malwarebytes Anti-Malware_is1 O42 - Logiciel: Mesh Runtime - (.Microsoft Corporation.) [HKLM][64Bits] -- {8C6D6116-B724-4810-8F2D-D047E6B7D68E} O42 - Logiciel: Microsoft OneDrive - (.Microsoft Corporation.) [HKCU][64Bits] -- OneDriveSetup.exe O42 - Logiciel: Microsoft Security Client - (.Microsoft Corporation.) [HKLM][64Bits] -- {D9FCBAAE-DB72-488B-96D0-0AA3C892C0D6} O42 - Logiciel: Microsoft Security Essentials - (.Microsoft Corporation.) [HKLM][64Bits] -- Microsoft Security Client O42 - Logiciel: Microsoft Silverlight - (.Microsoft Corporation.) [HKLM][64Bits] -- {89F4137D-6C26-4A84-BDB8-2E5A4BB71E00} O42 - Logiciel: Motorola Device Manager - (.Motorola Mobility.) [HKLM][64Bits] -- {28DB8373-C1BB-444F-A427-A55585A12ED7} O42 - Logiciel: Motorola Device Software Update - (.Motorola Mobility.) [HKLM][64Bits] -- {C89FA20F-0236-424C-B7D8-8E5EEDC20E15} O42 - Logiciel: Motorola Mobile Drivers Installation 6.2.0 - (.Motorola Inc..) [HKLM][64Bits] -- {8EC78F02-5C36-4C97-AAC4-95A3D742A285} =>.Motorola O42 - Logiciel: Mozilla Firefox 37.0.2 (x86 pt-BR) - (.Mozilla.) [HKLM][64Bits] -- Mozilla Firefox 37.0.2 (x86 pt-BR) O42 - Logiciel: Mozilla Maintenance Service - (.Mozilla.) [HKLM][64Bits] -- MozillaMaintenanceService O42 - Logiciel: Módulo de Segurança - Banco do Brasil - (...) [HKLM][64Bits] -- {36386dc9-8543-4b12-ae6b-220fd52f19f3}_is1 O42 - Logiciel: Palco Dell - (.Fingertapps.) [HKLM][64Bits] -- {30703305-42C4-4282-B3E0-49E4E0E1052A} O42 - Logiciel: Palco de Música da Dell - (.Fingertapps.) [HKLM][64Bits] -- {870024EE-C29E-4A17-8610-C234D00E2EA4} O42 - Logiciel: PhotoScape - (...) [HKLM][64Bits] -- PhotoScape O42 - Logiciel: PhotoShowExpress - (.Sonic Solutions.) [HKLM][64Bits] -- {3250260C-7A95-4632-893B-89657EB5545B} O42 - Logiciel: Photodex Presenter - (.Photodex Corporation.) [HKLM][64Bits] -- Photodex Presenter O42 - Logiciel: ProShow Producer - (.Photodex Corporation.) [HKLM][64Bits] -- ProShow Producer O42 - Logiciel: Quickset64 - (.Dell Inc..) [HKLM][64Bits] -- {87CF757E-C1F1-4D22-865C-00C6950B5258} O42 - Logiciel: RBVirtualFolder64Inst - (.Roxio, Inc..) [HKLM][64Bits] -- {9D6DFAD6-09E5-445E-A4B5-A388FEEBD90D} O42 - Logiciel: Receitanet - (.Serpro - Serviço Federal de Processamento de Dados.) [HKLM][64Bits] -- ECC16E3C-16D1-4DC2-9D8A-6AC06B3005A5 O42 - Logiciel: Roxio Activation Module - (.Roxio.) [HKLM][64Bits] -- {A121EEDE-C68F-461D-91AA-D48BA226AF1C} O42 - Logiciel: Roxio BackOnTrack - (.Roxio.) [HKLM][64Bits] -- {5A06423A-210C-49FB-950E-CB0EB8C5CEC7} O42 - Logiciel: Roxio Burn - (.Roxio.) [HKLM][64Bits] -- {7746BFAA-2B5D-4FFD-A0E8-4558F4668105} O42 - Logiciel: Roxio Creator Starter - (.Roxio.) [HKLM][64Bits] -- {6F0BBEFE-BE1C-419B-BA1F-D36C9E7915BC} O42 - Logiciel: Roxio Creator Starter - (.Roxio.) [HKLM][64Bits] -- {EF56258E-0326-48C5-A86C-3BAC26FC15DF} O42 - Logiciel: Roxio Creator Starter - (.Roxio.) [HKLM][64Bits] -- {F06B5C4C-8D2E-4B24-9D43-7A45EEC6C878} O42 - Logiciel: Roxio Express Labeler 3 - (.Roxio.) [HKLM][64Bits] -- {6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA} O42 - Logiciel: Roxio File Backup - (.Roxio.) [HKLM][64Bits] -- {60B2315F-680F-4EB3-B8DD-CCDC86A7CCAB} O42 - Logiciel: Skype™ 7.4 - (.Skype Technologies S.A..) [HKLM][64Bits] -- {24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7} O42 - Logiciel: Software para Impressoras EPSON - (.SEIKO EPSON Corporation.) [HKLM][64Bits] -- EPSON Printer and Utilities O42 - Logiciel: Sonic CinePlayer Decoder Pack - (.Sonic Solutions.) [HKLM][64Bits] -- {9A00EC4E-27E1-42C4-98DD-662F32AC8870} O42 - Logiciel: Sony Mobile Update Engine - (.Sony Mobile Communications Inc..) [HKLM][64Bits] -- Update Engine O42 - Logiciel: Sony PC Companion 2.10.259 - (.Sony.) [HKLM][64Bits] -- {F09EF8F2-0976-42C1-8D9D-8DF78337C6E3} O42 - Logiciel: Subtitle Workshop 2.51 - (...) [HKLM][64Bits] -- SubtitleWorkshop O42 - Logiciel: VLC media player - (.VideoLAN.) [HKLM][64Bits] -- VLC media player =>.VideoLAN O42 - Logiciel: VobSub v2.23 (Remove Only) - (...) [HKLM][64Bits] -- VobSub O42 - Logiciel: Warsaw 1.5.1.8886 64 bits - (.GAS Tecnologia.) [HKLM][64Bits] -- {20E60725-16C8-4FB9-8BC2-AF92C5F8D06D}_is1 O42 - Logiciel: WinRAR 4.20 (32-bit) - (.win.rar GmbH.) [HKLM][64Bits] -- WinRAR archiver ~ Logic: 58 Scanned in 00mn 00s ---\\ HKCU & HKLM Software Keys [HKCU\Software\7AndroidRecovery] [HKCU\Software\ASProtect] [HKCU\Software\Adobe] [HKCU\Software\Alps] [HKCU\Software\AppDataLow\Software\JavaSoft] [HKCU\Software\AppDataLow\Software\MarkAny] [HKCU\Software\AppDataLow] [HKCU\Software\Ares] [HKCU\Software\Ashampoo] [HKCU\Software\Atheros] [HKCU\Software\AutoHelpDesk] [HKCU\Software\BVRP Software] [HKCU\Software\Baixaki] [HKCU\Software\Chromium] [HKCU\Software\Classes] [HKCU\Software\Clients] [HKCU\Software\Corel] [HKCU\Software\Creative Tech] [HKCU\Software\CyberLink] [HKCU\Software\Dell] [HKCU\Software\EPSON] [HKCU\Software\Evernote] [HKCU\Software\FSPro Labs] [HKCU\Software\Facebook] [HKCU\Software\Freemake] [HKCU\Software\Gabest] [HKCU\Software\GbAs] [HKCU\Software\GbPlugin] [HKCU\Software\Google] [HKCU\Software\IM Providers] [HKCU\Software\Intel] [HKCU\Software\JavaSoft] [HKCU\Software\Lake] [HKCU\Software\Leadertech] [HKCU\Software\Macromedia] [HKCU\Software\Macrovision] [HKCU\Software\Mooii] [HKCU\Software\MozillaPlugins] [HKCU\Software\Mozilla] [HKCU\Software\Netscape] [HKCU\Software\ODBC] [HKCU\Software\PC-Doctor] [HKCU\Software\Photodex] [HKCU\Software\Piriform] [HKCU\Software\Policies] [HKCU\Software\Roxio] [HKCU\Software\Samsung] [HKCU\Software\SautinSoft] [HKCU\Software\SkypeRS] [HKCU\Software\Skype] [HKCU\Software\Sonic] [HKCU\Software\Sony] [HKCU\Software\SubSystems] [HKCU\Software\SupRip] [HKCU\Software\Trend Micro] [HKCU\Software\Trolltech] [HKCU\Software\VirtualDub.org] [HKCU\Software\WinRAR SFX] [HKCU\Software\WinRAR] [HKCU\Software\Winnydows] [HKCU\Software\Wondershare] [HKCU\Software\Wow6432Node] [HKCU\Software\ZebHelpProcess Helper] [HKCU\Software\ej-technologies] [HKLM\Software\ATHEROS] [HKLM\Software\ATI Technologies] [HKLM\Software\Alps] [HKLM\Software\Bitstream] [HKLM\Software\CBSTEST] [HKLM\Software\Classes] [HKLM\Software\Clients] [HKLM\Software\Corel] [HKLM\Software\Creative Tech] [HKLM\Software\Dell Computer Corporation] [HKLM\Software\Dell] [HKLM\Software\EPSON] [HKLM\Software\Fingertapps] [HKLM\Software\Google] [HKLM\Software\IDT] [HKLM\Software\IM Providers] [HKLM\Software\InstalledOptions] [HKLM\Software\Intel] [HKLM\Software\JavaSoft] [HKLM\Software\Khronos] [HKLM\Software\Macromedia] [HKLM\Software\McAfee] [HKLM\Software\Motorola Mobility] [HKLM\Software\Motorola] [HKLM\Software\MozillaPlugins] [HKLM\Software\Mozilla] [HKLM\Software\ODBC] [HKLM\Software\PC-Doctor] [HKLM\Software\Piriform] [HKLM\Software\Policies] [HKLM\Software\Protexis64] [HKLM\Software\RegisteredApplications] [HKLM\Software\SAMSUNG] [HKLM\Software\SRS Labs] [HKLM\Software\SoftThinks] [HKLM\Software\Sony Mobile] [HKLM\Software\Waves Audio] [HKLM\Software\Wow6432Node\Adobe] [HKLM\Software\Wow6432Node\AdwCleaner] [HKLM\Software\Wow6432Node\Ashampoo] [HKLM\Software\Wow6432Node\Atheros] [HKLM\Software\Wow6432Node\AutoHelpDesk] [HKLM\Software\Wow6432Node\Caphyon] [HKLM\Software\Wow6432Node\Classes] [HKLM\Software\Wow6432Node\Clients] [HKLM\Software\Wow6432Node\ComodoGroup] [HKLM\Software\Wow6432Node\Corel] [HKLM\Software\Wow6432Node\Creative Tech] [HKLM\Software\Wow6432Node\CyberLink] [HKLM\Software\Wow6432Node\Debug] [HKLM\Software\Wow6432Node\Dell Inc.] [HKLM\Software\Wow6432Node\Dell] [HKLM\Software\Wow6432Node\DragonBranch] =>PUP.DragonBranch [HKLM\Software\Wow6432Node\EPSON] [HKLM\Software\Wow6432Node\Evernote] [HKLM\Software\Wow6432Node\Freemake] [HKLM\Software\Wow6432Node\Google] [HKLM\Software\Wow6432Node\IDT] [HKLM\Software\Wow6432Node\IM Providers] [HKLM\Software\Wow6432Node\InstallShield] [HKLM\Software\Wow6432Node\Intel] [HKLM\Software\Wow6432Node\JavaSoft] [HKLM\Software\Wow6432Node\JreMetrics] [HKLM\Software\Wow6432Node\Khronos] [HKLM\Software\Wow6432Node\Lake] [HKLM\Software\Wow6432Node\Macromedia] [HKLM\Software\Wow6432Node\Malwarebytes' Anti-Malware] [HKLM\Software\Wow6432Node\McAfee] [HKLM\Software\Wow6432Node\MicroVision] [HKLM\Software\Wow6432Node\Mooii] [HKLM\Software\Wow6432Node\Motorola Mobility] [HKLM\Software\Wow6432Node\Motorola] [HKLM\Software\Wow6432Node\MozillaPlugins] [HKLM\Software\Wow6432Node\Mozilla] [HKLM\Software\Wow6432Node\ODBC] [HKLM\Software\Wow6432Node\Photodex Media Sources] [HKLM\Software\Wow6432Node\Policies] [HKLM\Software\Wow6432Node\RegisteredApplications] [HKLM\Software\Wow6432Node\Roxio] [HKLM\Software\Wow6432Node\Samsung] [HKLM\Software\Wow6432Node\SautinSoft] [HKLM\Software\Wow6432Node\Skype] [HKLM\Software\Wow6432Node\SoftThinks] [HKLM\Software\Wow6432Node\Sonic] [HKLM\Software\Wow6432Node\Sony Mobile] [HKLM\Software\Wow6432Node\Sony] [HKLM\Software\Wow6432Node\SuppHelpDir] [HKLM\Software\Wow6432Node\Time4Popcorn] [HKLM\Software\Wow6432Node\TrendMicro] [HKLM\Software\Wow6432Node\URUSoft] [HKLM\Software\Wow6432Node\VideoLAN] [HKLM\Software\Wow6432Node\Volatile] [HKLM\Software\Wow6432Node\WinRAR] [HKLM\Software\Wow6432Node\Windows] [HKLM\Software\Wow6432Node\Wondershare] [HKLM\Software\Wow6432Node\illiminable] [HKLM\Software\Wow6432Node\mozilla.org] [HKLM\Software\Wow6432Node] [HKLM\Software\ej-technologies] ~ Key Software: 324 Scanned in 00mn 00s ---\\ Conteúdo das pastas Programs/ProgramFiles/ProgramData/AppData (O43) O43 - CFD: 02/03/2014 - 22:04:46 - [] ----D C:\Program Files (x86)\7-Data Android Recovery O43 - CFD: 23/09/2011 - 00:23:25 - [] ----D C:\Program Files (x86)\Adobe O43 - CFD: 06/08/2013 - 13:49:57 - [] ----D C:\Program Files (x86)\Ares O43 - CFD: 03/08/2013 - 14:50:21 - [] ----D C:\Program Files (x86)\Ashampoo O43 - CFD: 21/03/2015 - 20:14:56 - [] ----D C:\Program Files (x86)\AviSynth 2.5 O43 - CFD: 17/05/2015 - 00:33:10 - [] ----D C:\Program Files (x86)\Common Files O43 - CFD: 31/07/2013 - 19:52:08 - [] ----D C:\Program Files (x86)\Creative O43 - CFD: 31/07/2013 - 20:05:07 - [] ----D C:\Program Files (x86)\Creative Live! Cam O43 - CFD: 23/09/2011 - 00:10:05 - [] ----D C:\Program Files (x86)\Cyberlink O43 - CFD: 23/09/2011 - 00:31:11 - [] ----D C:\Program Files (x86)\Dell O43 - CFD: 27/05/2015 - 12:57:17 - [] ----D C:\Program Files (x86)\Dell DataSafe Local Backup O43 - CFD: 23/09/2011 - 00:31:35 - [] ----D C:\Program Files (x86)\Dell Stage O43 - CFD: 23/09/2011 - 00:12:11 - [] ----D C:\Program Files (x86)\Dell Webcam O43 - CFD: 23/09/2011 - 00:05:50 - [] ----D C:\Program Files (x86)\Dell Wireless O43 - CFD: 26/03/2015 - 08:37:33 - [] --H-D C:\Program Files (x86)\Diebold O43 - CFD: 02/03/2014 - 21:30:54 - [] --H-D C:\Program Files (x86)\DrFoneAndroid_Temp O43 - CFD: 02/03/2014 - 20:38:34 - [] ----D C:\Program Files (x86)\Evernote O43 - CFD: 11/03/2014 - 11:38:41 - [] ----D C:\Program Files (x86)\First PDF O43 - CFD: 30/10/2013 - 10:48:17 - [] ----D C:\Program Files (x86)\Freemake O43 - CFD: 04/10/2013 - 09:47:46 - [] ----D C:\Program Files (x86)\Gabest O43 - CFD: 26/03/2015 - 08:37:33 - [] --H-D C:\Program Files (x86)\GAS Tecnologia O43 - CFD: 13/02/2015 - 15:01:21 - [] ----D C:\Program Files (x86)\GbPlugin O43 - CFD: 08/04/2015 - 21:34:09 - [] ----D C:\Program Files (x86)\Google O43 - CFD: 15/03/2015 - 16:42:04 - [] --H-D C:\Program Files (x86)\InstallJammer Registry O43 - CFD: 30/04/2015 - 15:28:32 - [] --H-D C:\Program Files (x86)\InstallShield Installation Information O43 - CFD: 06/08/2013 - 13:41:03 - [] ----D C:\Program Files (x86)\Intel O43 - CFD: 14/05/2015 - 16:17:23 - [] ----D C:\Program Files (x86)\Internet Explorer O43 - CFD: 01/08/2013 - 13:47:04 - [] ----D C:\Program Files (x86)\Java O43 - CFD: 20/05/2015 - 10:01:07 - [] ----D C:\Program Files (x86)\Malwarebytes Anti-Malware O43 - CFD: 01/08/2013 - 14:30:34 - [0] ----D C:\Program Files (x86)\Microsoft O43 - CFD: 31/07/2013 - 23:35:54 - [] ----D C:\Program Files (x86)\Microsoft Analysis Services O43 - CFD: 31/07/2013 - 23:35:40 - [] ----D C:\Program Files (x86)\Microsoft Office O43 - CFD: 14/05/2015 - 14:40:52 - [] ----D C:\Program Files (x86)\Microsoft Security Client O43 - CFD: 14/05/2015 - 21:36:17 - [] ----D C:\Program Files (x86)\Microsoft Silverlight O43 - CFD: 10/11/2013 - 19:39:13 - [] ----D C:\Program Files (x86)\Microsoft SkyDrive =>.Microsoft Corporation O43 - CFD: 23/09/2011 - 00:18:36 - [] ----D C:\Program Files (x86)\Microsoft SQL Server Compact Edition O43 - CFD: 31/07/2013 - 23:38:43 - [] ----D C:\Program Files (x86)\Microsoft.NET O43 - CFD: 21/09/2013 - 11:13:46 - [] ----D C:\Program Files (x86)\Motorola O43 - CFD: 21/09/2013 - 11:13:52 - [] ----D C:\Program Files (x86)\Motorola Mobility O43 - CFD: 04/05/2015 - 20:27:23 - [] ----D C:\Program Files (x86)\Mozilla Firefox O43 - CFD: 05/05/2015 - 12:58:23 - [] ----D C:\Program Files (x86)\Mozilla Maintenance Service O43 - CFD: 14/07/2009 - 02:32:38 - [] ----D C:\Program Files (x86)\MSBuild O43 - CFD: 21/09/2013 - 11:13:37 - [] ----D C:\Program Files (x86)\MSXML 4.0 O43 - CFD: 03/08/2014 - 20:22:44 - [] ----D C:\Program Files (x86)\Photodex O43 - CFD: 03/08/2014 - 20:23:15 - [] ----D C:\Program Files (x86)\Photodex Presenter O43 - CFD: 22/04/2015 - 22:38:58 - [] ----D C:\Program Files (x86)\PhotoScape O43 - CFD: 15/03/2015 - 16:42:08 - [] ----D C:\Program Files (x86)\Programas RFB O43 - CFD: 14/07/2009 - 02:32:38 - [] ----D C:\Program Files (x86)\Reference Assemblies O43 - CFD: 23/09/2011 - 00:27:55 - [] ----D C:\Program Files (x86)\Roxio O43 - CFD: 22/04/2015 - 12:43:28 - [] R---D C:\Program Files (x86)\Skype O43 - CFD: 02/12/2014 - 10:54:24 - [] ----D C:\Program Files (x86)\Sony O43 - CFD: 02/12/2014 - 11:21:13 - [] ----D C:\Program Files (x86)\Sony Mobile O43 - CFD: 23/09/2011 - 00:20:07 - [] ----D C:\Program Files (x86)\System Registration O43 - CFD: 19/05/2014 - 12:40:42 - [] ----D C:\Program Files (x86)\Time4Popcorn O43 - CFD: 14/07/2009 - 01:57:06 - [0] --H-D C:\Program Files (x86)\Uninstall Information O43 - CFD: 14/08/2013 - 22:49:23 - [] ----D C:\Program Files (x86)\URUSoft O43 - CFD: 01/08/2013 - 14:48:11 - [] ----D C:\Program Files (x86)\VideoLAN O43 - CFD: 31/07/2013 - 22:45:47 - [] ----D C:\Program Files (x86)\Windows Defender O43 - CFD: 23/09/2011 - 00:19:17 - [] ----D C:\Program Files (x86)\Windows Live O43 - CFD: 21/11/2010 - 06:37:34 - [] ----D C:\Program Files (x86)\Windows Mail =>.Microsoft Corporation O43 - CFD: 11/03/2015 - 11:59:02 - [] ----D C:\Program Files (x86)\Windows Media Player =>.Microsoft Corporation O43 - CFD: 14/07/2009 - 02:32:38 - [] ----D C:\Program Files (x86)\Windows NT O43 - CFD: 21/11/2010 - 06:37:34 - [] ----D C:\Program Files (x86)\Windows Photo Viewer O43 - CFD: 21/11/2010 - 00:31:38 - [] ----D C:\Program Files (x86)\Windows Portable Devices O43 - CFD: 21/11/2010 - 06:37:34 - [] ----D C:\Program Files (x86)\Windows Sidebar O43 - CFD: 01/08/2013 - 15:22:56 - [] ----D C:\Program Files (x86)\WinRAR O43 - CFD: 27/05/2015 - 23:12:48 - [] ----D C:\Program Files (x86)\ZHPDiag =>.Nicolas Coolman O43 - CFD: 31/07/2013 - 22:53:52 - [] ----D C:\Program Files (x86)\Common Files\Adobe O43 - CFD: 23/09/2011 - 00:04:11 - [] ----D C:\Program Files (x86)\Common Files\Atheros O43 - CFD: 23/09/2011 - 00:10:35 - [] ----D C:\Program Files (x86)\Common Files\CyberLink O43 - CFD: 23/09/2011 - 00:11:44 - [] ----D C:\Program Files (x86)\Common Files\InstallShield O43 - CFD: 16/10/2014 - 15:13:27 - [] ----D C:\Program Files (x86)\Common Files\Intel O43 - CFD: 01/08/2013 - 13:47:27 - [] ----D C:\Program Files (x86)\Common Files\Java O43 - CFD: 16/10/2014 - 15:11:17 - [] ----D C:\Program Files (x86)\Common Files\microsoft shared O43 - CFD: 21/09/2013 - 11:13:46 - [] ----D C:\Program Files (x86)\Common Files\MSSoap O43 - CFD: 23/09/2011 - 00:28:14 - [] ----D C:\Program Files (x86)\Common Files\PX Storage Engine O43 - CFD: 23/09/2011 - 00:28:34 - [] ----D C:\Program Files (x86)\Common Files\Roxio Shared O43 - CFD: 14/07/2009 - 00:20:08 - [] ----D C:\Program Files (x86)\Common Files\Services O43 - CFD: 22/10/2014 - 12:42:08 - [] ----D C:\Program Files (x86)\Common Files\Skype O43 - CFD: 23/09/2011 - 00:27:48 - [] ----D C:\Program Files (x86)\Common Files\Sonic Shared O43 - CFD: 14/07/2009 - 00:20:08 - [] ----D C:\Program Files (x86)\Common Files\SpeechEngines O43 - CFD: 23/09/2011 - 00:27:45 - [] ----D C:\Program Files (x86)\Common Files\SureThing Shared O43 - CFD: 31/07/2013 - 22:45:50 - [] ----D C:\Program Files (x86)\Common Files\System O43 - CFD: 23/09/2011 - 00:14:25 - [] ----D C:\Program Files (x86)\Common Files\Windows Live O43 - CFD: 31/07/2013 - 22:51:09 - [] ----D C:\ProgramData\Adobe O43 - CFD: 14/07/2009 - 02:08:56 - [] -SH-D C:\ProgramData\Application Data O43 - CFD: 03/08/2013 - 14:50:48 - [] ----D C:\ProgramData\Ashampoo O43 - CFD: 07/08/2013 - 11:33:24 - [] ----D C:\ProgramData\Atheros O43 - CFD: 03/10/2014 - 14:20:05 - [] ----D C:\ProgramData\BlueStacksSetup O43 - CFD: 13/02/2015 - 15:04:33 - [] ----D C:\ProgramData\boost_interprocess O43 - CFD: 16/10/2014 - 15:36:03 - [] ----D C:\ProgramData\Corel O43 - CFD: 31/07/2013 - 19:51:49 - [] ----D C:\ProgramData\Creative O43 - CFD: 07/09/2013 - 20:24:41 - [] ----D C:\ProgramData\CyberLink O43 - CFD: 31/07/2013 - 12:28:04 - [] -SH-D C:\ProgramData\Dados de aplicativos O43 - CFD: 23/09/2011 - 00:11:23 - [] ----D C:\ProgramData\dell O43 - CFD: 14/07/2009 - 02:08:56 - [] -SH-D C:\ProgramData\Desktop O43 - CFD: 31/07/2013 - 12:28:04 - [] -SH-D C:\ProgramData\Documentos O43 - CFD: 14/07/2009 - 02:08:56 - [] -SH-D C:\ProgramData\Documents O43 - CFD: 05/11/2013 - 11:35:44 - [] ----D C:\ProgramData\EPSON O43 - CFD: 14/07/2009 - 02:08:56 - [] -SH-D C:\ProgramData\Favorites O43 - CFD: 31/07/2013 - 12:28:04 - [] -SH-D C:\ProgramData\Favoritos O43 - CFD: 30/10/2013 - 10:57:10 - [] ----D C:\ProgramData\Freemake O43 - CFD: 08/05/2015 - 14:04:41 - [] ----D C:\ProgramData\GAS Tecnologia O43 - CFD: 13/02/2015 - 15:01:33 - [] ----D C:\ProgramData\GbPlugin O43 - CFD: 03/10/2014 - 15:20:19 - [] ----D C:\ProgramData\Google O43 - CFD: 23/09/2011 - 00:09:13 - [] ----D C:\ProgramData\install_clap O43 - CFD: 06/08/2013 - 13:41:12 - [] ----D C:\ProgramData\Intel O43 - CFD: 23/09/2011 - 00:25:36 - [] ----D C:\ProgramData\Macrovision O43 - CFD: 20/05/2015 - 10:01:02 - [] ----D C:\ProgramData\Malwarebytes O43 - CFD: 31/07/2013 - 19:49:52 - [] ----D C:\ProgramData\McAfee O43 - CFD: 31/07/2013 - 12:28:04 - [] -SH-D C:\ProgramData\Menu Iniciar O43 - CFD: 10/12/2014 - 16:19:46 - [] -S--D C:\ProgramData\Microsoft O43 - CFD: 14/05/2015 - 14:45:08 - [] ----D C:\ProgramData\Microsoft Help O43 - CFD: 10/11/2013 - 19:39:02 - [] ----D C:\ProgramData\Microsoft OneDrive O43 - CFD: 31/07/2013 - 12:28:04 - [] -SH-D C:\ProgramData\Modelos O43 - CFD: 21/09/2013 - 11:14:21 - [] ----D C:\ProgramData\Motorola O43 - CFD: 31/07/2013 - 20:48:22 - [] ----D C:\ProgramData\Mozilla O43 - CFD: 17/05/2015 - 18:36:06 - [] ----D C:\ProgramData\PCDr O43 - CFD: 03/08/2014 - 20:23:09 - [] ----D C:\ProgramData\Photodex O43 - CFD: 23/09/2011 - 00:27:38 - [] ----D C:\ProgramData\PhotoShow Shared Assets O43 - CFD: 14/04/2015 - 11:09:36 - [] ----D C:\ProgramData\Protexis O43 - CFD: 16/10/2014 - 15:14:43 - [] ----D C:\ProgramData\Protexis64 O43 - CFD: 23/09/2011 - 00:42:58 - [] ----D C:\ProgramData\Roxio O43 - CFD: 02/12/2014 - 10:51:40 - [] ----D C:\ProgramData\Samsung O43 - CFD: 04/05/2015 - 07:23:06 - [] ----D C:\ProgramData\Skype O43 - CFD: 20/05/2015 - 09:38:27 - [] ----D C:\ProgramData\Sonic O43 - CFD: 02/12/2014 - 10:54:24 - [] ----D C:\ProgramData\Sony O43 - CFD: 02/12/2014 - 11:21:13 - [] ----D C:\ProgramData\Sony Mobile O43 - CFD: 14/07/2009 - 02:08:56 - [] -SH-D C:\ProgramData\Start Menu O43 - CFD: 23/09/2011 - 00:02:28 - [] ----D C:\ProgramData\Sun O43 - CFD: 13/02/2015 - 15:04:06 - [] ----D C:\ProgramData\Temp O43 - CFD: 14/07/2009 - 02:08:56 - [] -SH-D C:\ProgramData\Templates O43 - CFD: 23/09/2011 - 00:28:33 - [] ----D C:\ProgramData\Uninstall O43 - CFD: 31/07/2013 - 22:49:59 - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories O43 - CFD: 14/07/2009 - 01:57:13 - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools O43 - CFD: 06/08/2013 - 13:49:54 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ares O43 - CFD: 03/08/2013 - 14:50:46 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ashampoo O43 - CFD: 23/09/2011 - 00:04:39 - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BT Program O43 - CFD: 01/08/2013 - 14:38:55 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner O43 - CFD: 24/12/2014 - 08:16:51 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Central de Mouse e Teclado da Microsoft O43 - CFD: 14/04/2015 - 11:14:45 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CorelDRAW Graphics Suite X7 (64-bit) O43 - CFD: 23/09/2011 - 00:42:51 - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDVD 9.5 O43 - CFD: 23/09/2011 - 00:31:13 - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell O43 - CFD: 23/09/2011 - 00:06:19 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell DataSafe O43 - CFD: 23/09/2011 - 00:31:36 - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell Stage O43 - CFD: 23/09/2011 - 00:20:16 - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell Support Center O43 - CFD: 31/07/2013 - 20:05:46 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell Webcam O43 - CFD: 05/11/2013 - 11:35:40 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON O43 - CFD: 09/05/2015 - 23:51:12 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Evernote O43 - CFD: 11/03/2014 - 11:38:41 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\First PDF O43 - CFD: 30/10/2013 - 10:48:17 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Freemake O43 - CFD: 14/07/2009 - 01:57:12 - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games O43 - CFD: 31/07/2013 - 20:37:32 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome O43 - CFD: 08/05/2015 - 10:35:24 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive O43 - CFD: 14/07/2009 - 01:57:09 - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance O43 - CFD: 20/05/2015 - 10:01:09 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware O43 - CFD: 31/07/2013 - 23:39:25 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office O43 - CFD: 14/05/2015 - 14:25:37 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight O43 - CFD: 21/09/2013 - 11:13:49 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Motorola Device Manager O43 - CFD: 09/08/2013 - 11:29:03 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PhotoScape O43 - CFD: 19/05/2014 - 12:40:48 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Popcorn Time O43 - CFD: 15/03/2015 - 16:42:13 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Programas RFB O43 - CFD: 23/09/2011 - 00:28:15 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Roxio Creator Starter O43 - CFD: 22/10/2014 - 12:42:09 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype O43 - CFD: 30/04/2015 - 15:28:45 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony O43 - CFD: 14/07/2009 - 01:54:24 - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup O43 - CFD: 14/08/2013 - 22:49:25 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\URUSoft O43 - CFD: 09/01/2014 - 13:35:28 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN O43 - CFD: 04/10/2013 - 09:47:46 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VobSub O43 - CFD: 11/09/2014 - 12:49:58 - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live O43 - CFD: 07/04/2014 - 21:09:30 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR O43 - CFD: 27/05/2015 - 23:12:48 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZHP =>.Nicolas Coolman O43 - CFD: 31/07/2013 - 21:33:35 - [] ----D C:\Users\Flávio\AppData\Roaming\Adobe O43 - CFD: 03/08/2013 - 14:50:56 - [] ----D C:\Users\Flávio\AppData\Roaming\Ashampoo O43 - CFD: 04/02/2015 - 10:23:19 - [] ----D C:\Users\Flávio\AppData\Roaming\br.com.iba.magazinesdesktop O43 - CFD: 14/04/2015 - 11:15:11 - [] ----D C:\Users\Flávio\AppData\Roaming\Corel O43 - CFD: 31/07/2013 - 20:07:41 - [] ----D C:\Users\Flávio\AppData\Roaming\Creative O43 - CFD: 07/09/2013 - 20:24:41 - [] ----D C:\Users\Flávio\AppData\Roaming\CyberLink O43 - CFD: 31/07/2013 - 12:32:12 - [] ----D C:\Users\Flávio\AppData\Roaming\Dell O43 - CFD: 31/07/2013 - 12:32:07 - [] ----D C:\Users\Flávio\AppData\Roaming\Dell Touch Zone O43 - CFD: 30/10/2013 - 10:57:46 - [] ----D C:\Users\Flávio\AppData\Roaming\dvdcss O43 - CFD: 31/07/2013 - 12:32:13 - [] ----D C:\Users\Flávio\AppData\Roaming\Fingertapps O43 - CFD: 31/07/2013 - 12:31:31 - [] ----D C:\Users\Flávio\AppData\Roaming\Identities O43 - CFD: 05/11/2013 - 11:10:28 - [] ----D C:\Users\Flávio\AppData\Roaming\InstallShield O43 - CFD: 31/07/2013 - 12:32:02 - [] ----D C:\Users\Flávio\AppData\Roaming\Leadertech O43 - CFD: 31/07/2013 - 19:46:08 - [] ----D C:\Users\Flávio\AppData\Roaming\Macromedia O43 - CFD: 31/07/2013 - 21:58:00 - [] ----D C:\Users\Flávio\AppData\Roaming\Macrovision O43 - CFD: 15/05/2015 - 10:54:47 - [] -S--D C:\Users\Flávio\AppData\Roaming\Microsoft O43 - CFD: 21/09/2013 - 11:11:19 - [] ----D C:\Users\Flávio\AppData\Roaming\Motorola O43 - CFD: 21/09/2013 - 11:13:56 - [] ----D C:\Users\Flávio\AppData\Roaming\Motorola Mobility O43 - CFD: 03/08/2014 - 20:23:09 - [] ----D C:\Users\Flávio\AppData\Roaming\Mozilla O43 - CFD: 03/08/2014 - 20:23:09 - [] ----D C:\Users\Flávio\AppData\Roaming\Netscape O43 - CFD: 03/08/2014 - 20:21:35 - [] ----D C:\Users\Flávio\AppData\Roaming\Photodex O43 - CFD: 24/03/2015 - 16:10:43 - [] ----D C:\Users\Flávio\AppData\Roaming\PhotoScape O43 - CFD: 31/07/2013 - 12:32:04 - [] ----D C:\Users\Flávio\AppData\Roaming\Roxio O43 - CFD: 02/12/2014 - 10:54:20 - [] ----D C:\Users\Flávio\AppData\Roaming\Samsung O43 - CFD: 11/05/2015 - 17:19:40 - [] ----D C:\Users\Flávio\AppData\Roaming\Skype O43 - CFD: 16/05/2015 - 21:34:50 - [] ----D C:\Users\Flávio\AppData\Roaming\vlc O43 - CFD: 01/08/2013 - 15:23:28 - [] ----D C:\Users\Flávio\AppData\Roaming\WinRAR O43 - CFD: 02/03/2014 - 21:02:57 - [] ----D C:\Users\Flávio\AppData\Roaming\Wondershare O43 - CFD: 27/05/2015 - 23:13:40 - [] ----D C:\Users\Flávio\AppData\Roaming\ZHP =>.Nicolas Coolman O43 - CFD: 22/04/2014 - 13:41:11 - [] ----D C:\Users\Flávio\AppData\Local\Adobe O43 - CFD: 31/07/2013 - 20:36:36 - [] ----D C:\Users\Flávio\AppData\Local\Apps O43 - CFD: 10/02/2014 - 16:28:41 - [] ----D C:\Users\Flávio\AppData\Local\Ares O43 - CFD: 03/08/2013 - 14:50:48 - [] ----D C:\Users\Flávio\AppData\Local\ashampoo O43 - CFD: 31/07/2013 - 12:32:02 - [] ----D C:\Users\Flávio\AppData\Local\BMExplorer O43 - CFD: 09/10/2013 - 10:23:21 - [] ----D C:\Users\Flávio\AppData\Local\Comodo O43 - CFD: 29/04/2015 - 16:00:38 - [] ----D C:\Users\Flávio\AppData\Local\CrashDumps O43 - CFD: 07/09/2013 - 20:24:38 - [] ----D C:\Users\Flávio\AppData\Local\Cyberlink O43 - CFD: 31/07/2013 - 12:28:17 - [] -SH-D C:\Users\Flávio\AppData\Local\Dados de aplicativos O43 - CFD: 31/07/2013 - 12:32:47 - [] ----D C:\Users\Flávio\AppData\Local\Dell O43 - CFD: 20/05/2015 - 09:37:22 - [0] ----D C:\Users\Flávio\AppData\Local\Deployment O43 - CFD: 30/04/2015 - 15:10:04 - [] ----D C:\Users\Flávio\AppData\Local\Diagnostics O43 - CFD: 19/01/2014 - 18:49:49 - [] ----D C:\Users\Flávio\AppData\Local\Downloaded Installations O43 - CFD: 03/12/2014 - 12:03:28 - [] -SH-D C:\Users\Flávio\AppData\Local\EmieBrowserModeList O43 - CFD: 24/04/2014 - 00:17:23 - [] -SH-D C:\Users\Flávio\AppData\Local\EmieSiteList O43 - CFD: 24/04/2014 - 00:17:23 - [] -SH-D C:\Users\Flávio\AppData\Local\EmieUserList O43 - CFD: 02/03/2014 - 20:38:58 - [] ----D C:\Users\Flávio\AppData\Local\Evernote O43 - CFD: 23/10/2014 - 12:01:01 - [] ----D C:\Users\Flávio\AppData\Local\Facebook O43 - CFD: 25/03/2014 - 15:01:49 - [] ----D C:\Users\Flávio\AppData\Local\GAS Tecnologia O43 - CFD: 17/11/2013 - 18:12:14 - [] ----D C:\Users\Flávio\AppData\Local\Google O43 - CFD: 31/07/2013 - 12:28:17 - [] -SH-D C:\Users\Flávio\AppData\Local\Histórico O43 - CFD: 05/01/2015 - 12:09:40 - [] ----D C:\Users\Flávio\AppData\Local\JDownloader v2.0 O43 - CFD: 09/10/2013 - 10:42:37 - [] ----D C:\Users\Flávio\AppData\Local\Macromedia O43 - CFD: 30/04/2015 - 15:10:03 - [] ----D C:\Users\Flávio\AppData\Local\Microsoft O43 - CFD: 13/04/2014 - 15:04:26 - [] ----D C:\Users\Flávio\AppData\Local\Microsoft Help O43 - CFD: 23/09/2013 - 11:19:57 - [] ----D C:\Users\Flávio\AppData\Local\Mozilla O43 - CFD: 22/03/2015 - 18:29:39 - [] ----D C:\Users\Flávio\AppData\Local\Popcorn-Time O43 - CFD: 03/08/2013 - 14:49:48 - [] ----D C:\Users\Flávio\AppData\Local\Programs O43 - CFD: 05/03/2014 - 13:49:25 - [] ----D C:\Users\Flávio\AppData\Local\Skype O43 - CFD: 27/05/2015 - 12:56:56 - [] ----D C:\Users\Flávio\AppData\Local\SoftThinks O43 - CFD: 27/05/2015 - 23:13:34 - [] ----D C:\Users\Flávio\AppData\Local\Temp O43 - CFD: 31/07/2013 - 12:28:17 - [] -SH-D C:\Users\Flávio\AppData\Local\Temporary Internet Files O43 - CFD: 15/05/2015 - 10:45:22 - [] ----D C:\Users\Flávio\AppData\Local\VirtualStore O43 - CFD: 21/12/2014 - 17:23:02 - [] ----D C:\Users\Flávio\AppData\Local\Windows Live O43 - CFD: 11/07/2014 - 08:34:04 - [] ----D C:\Users\Flávio\AppData\Local\Xenocode O43 - CFD: 14/07/2009 - 01:54:32 - [] R---D C:\Users\Flávio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories O43 - CFD: 12/03/2015 - 10:53:20 - [] R---D C:\Users\Flávio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools O43 - CFD: 27/05/2015 - 12:56:45 - [] R---D C:\Users\Flávio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices O43 - CFD: 06/08/2013 - 13:16:39 - [] ----D C:\Users\Flávio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dell O43 - CFD: 30/10/2013 - 10:48:17 - [] ----D C:\Users\Flávio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Freemake O43 - CFD: 15/05/2015 - 10:54:47 - [] ----D C:\Users\Flávio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HiJackThis O43 - CFD: 01/08/2013 - 14:45:34 - [] ----D C:\Users\Flávio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\JDownloader O43 - CFD: 14/07/2009 - 01:49:38 - [] R---D C:\Users\Flávio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance O43 - CFD: 11/03/2014 - 17:29:09 - [] ----D C:\Users\Flávio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Programas RFB2014 O43 - CFD: 15/03/2015 - 16:41:34 - [] ----D C:\Users\Flávio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Programas RFB2015 O43 - CFD: 09/05/2015 - 23:51:22 - [] R---D C:\Users\Flávio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup O43 - CFD: 14/08/2013 - 22:49:25 - [] ----D C:\Users\Flávio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\URUSoft O43 - CFD: 07/04/2014 - 21:09:30 - [] ----D C:\Users\Flávio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR ~ 3 Dossier CLSID vide (CLSID Empty Folder) ~ Program Folder: 252 Scanned in 00mn 00s ---\\ Últimos ficheiros alterados ou criados no Windows e Sistema32 (044) O44 - LFC:[MD5.7E21D3072EB20D5400919D435D549A9B] - 13/05/2015 - 22:31:01 ---A- . (.Microsoft Corporation - Shim Engine DLL.) -- C:\WINDOWS\System32\shimeng.dll [6656] O44 - LFC:[MD5.31D260ADAF1CCFEFC49DB9FBCE9986DA] - 13/05/2015 - 22:31:02 ---A- . (.Microsoft Corporation - Biblioteca de cliente de compatibilidade de.) -- C:\WINDOWS\System32\apphelp.dll [342016] O44 - LFC:[MD5.F55F287810AAF708618793764AF7D1BB] - 13/05/2015 - 22:31:02 ---A- . (.Microsoft Corporation - Instalador de banco de dados de compatibili.) -- C:\WINDOWS\System32\sdbinst.exe [23552] O44 - LFC:[MD5.83BFCCAC53795E8A5055A93672D0C46C] - 13/05/2015 - 22:31:02 ---A- . (.Microsoft Corporation - Serviço de Experiência com Aplicativo.) -- C:\WINDOWS\System32\aelupsvc.dll [72192] O44 - LFC:[MD5.C7E50B04623FC6FF54EAF88938A8936E] - 13/05/2015 - 22:31:48 ---A- . (.Microsoft Corporation - Executor de Fila de Operações Primitivas.) -- C:\WINDOWS\System32\poqexec.exe [142336] O44 - LFC:[MD5.E5404072A5A9E0B452ADDF1D1339176C] - 13/05/2015 - 22:31:55 ---A- . (.Microsoft Corporation - Extensão Shell dos Dispositivos Portáteis.) -- C:\WINDOWS\System32\wpdshext.dll [2543104] O44 - LFC:[MD5.2B36E0C5C262437E1B098344DEFA55F8] - 13/05/2015 - 22:31:58 ---A- . (.Microsoft Corporation - Microsoft Tablet PC InkEdit Control.) -- C:\WINDOWS\System32\InkEd.dll [275456] O44 - LFC:[MD5.D858C33B133740D5F1F1CF71C33F6355] - 13/05/2015 - 22:32:20 ---A- . (.Microsoft Corporation - Driver Win32 multiusuário.) -- C:\WINDOWS\System32\win32k.sys [3204608] O44 - LFC:[MD5.490505F6E53EF046EC70A353BC9CD615] - 13/05/2015 - 22:32:21 ---A- . (.Microsoft Corporation - Serviços de Tipografia de DirectX da Micros.) -- C:\WINDOWS\System32\DWrite.dll [1647104] O44 - LFC:[MD5.E612E86FA15EA1EF9A52433A2743C447] - 13/05/2015 - 22:32:22 ---A- . (.Microsoft Corporation - Serviço de Cache de Fontes do Windows.) -- C:\WINDOWS\System32\FntCache.dll [1179136] O44 - LFC:[MD5.90DC7B112F946B412C9CDC6F459F4053] - 13/05/2015 - 22:32:52 ---A- . (.Microsoft Corporation - Nomes de auditoria dos objetos do sistema.) -- C:\WINDOWS\System32\msobjs.dll [60416] O44 - LFC:[MD5.7A448B8CED7F7348C36159D5CC8E19ED] - 13/05/2015 - 22:32:55 ---A- . (.Microsoft Corporation - DLL de eventos de auditoria de segurança.) -- C:\WINDOWS\System32\msaudite.dll [146432] O44 - LFC:[MD5.AF278DB00C43E925E58C8CA2C0CF4C71] - 13/05/2015 - 22:32:58 ---A- . (.Microsoft Corporation - DLL do Esquema de auditoria de segurança.) -- C:\WINDOWS\System32\adtschema.dll [686080] O44 - LFC:[MD5.90293AAC2AB0908BFF98ADB89CEBC931] - 13/05/2015 - 22:33:11 ---A- . (.Microsoft Corporation - ApiSet Schema DLL.) -- C:\WINDOWS\System32\apisetschema.dll [6656] O44 - LFC:[MD5.19F08DF0A6599D0259D1B224CC5F9ED5] - 13/05/2015 - 22:33:12 --HA- . (.Microsoft Corporation - ApiSet Stub DLL.) -- C:\WINDOWS\System32\api-ms-win-core-console-l1-1-0.dll [3072] O44 - LFC:[MD5.360FBA71F144CE416B2AE7D5553C87AD] - 13/05/2015 - 22:33:13 --HA- . (.Microsoft Corporation - ApiSet Stub DLL.) -- C:\WINDOWS\System32\api-ms-win-core-localization-l1-1-0.dll [4096] O44 - LFC:[MD5.FCA971E5C584A3828A020FF4B2BEFCCE] - 13/05/2015 - 22:33:21 --HA- . (.Microsoft Corporation - ApiSet Stub DLL.) -- C:\WINDOWS\System32\api-ms-win-core-datetime-l1-1-0.dll [3072] O44 - LFC:[MD5.1A7D6385E3F99544327E984830676EF4] - 13/05/2015 - 22:33:21 --HA- . (.Microsoft Corporation - ApiSet Stub DLL.) -- C:\WINDOWS\System32\api-ms-win-core-debug-l1-1-0.dll [3072] O44 - LFC:[MD5.B3A3B2782C1CA5EDFBD380E34AEFB797] - 13/05/2015 - 22:33:21 --HA- . (.Microsoft Corporation - ApiSet Stub DLL.) -- C:\WINDOWS\System32\api-ms-win-core-delayload-l1-1-0.dll [3072] O44 - LFC:[MD5.A5E6D69385BCA6A787434E2FE062986D] - 13/05/2015 - 22:33:21 --HA- . (.Microsoft Corporation - ApiSet Stub DLL.) -- C:\WINDOWS\System32\api-ms-win-core-errorhandling-l1-1-0.dll [3072] O44 - LFC:[MD5.643631684239D63818F30957E8667187] - 13/05/2015 - 22:33:22 --HA- . (.Microsoft Corporation - ApiSet Stub DLL.) -- C:\WINDOWS\System32\api-ms-win-core-fibers-l1-1-0.dll [3072] O44 - LFC:[MD5.5E7FDE8D591E1E184E39A04201403453] - 13/05/2015 - 22:33:22 --HA- . (.Microsoft Corporation - ApiSet Stub DLL.) -- C:\WINDOWS\System32\api-ms-win-core-handle-l1-1-0.dll [3072] O44 - LFC:[MD5.824D1D40174B687108841C9AEE9CF6C8] - 13/05/2015 - 22:33:22 --HA- . (.Microsoft Corporation - ApiSet Stub DLL.) -- C:\WINDOWS\System32\api-ms-win-core-interlocked-l1-1-0.dll [3072] O44 - LFC:[MD5.2FAAFF164E3183477868C4743DD015E3] - 13/05/2015 - 22:33:23 --HA- . (.Microsoft Corporation - ApiSet Stub DLL.) -- C:\WINDOWS\System32\api-ms-win-core-io-l1-1-0.dll [3072] O44 - LFC:[MD5.306C1665A1FA72292827BC62C5068E28] - 13/05/2015 - 22:33:23 --HA- . (.Microsoft Corporation - ApiSet Stub DLL.) -- C:\WINDOWS\System32\api-ms-win-core-libraryloader-l1-1-0.dll [3584] O44 - LFC:[MD5.FD18F6B70748ED7F3004ECA7CB91CE82] - 13/05/2015 - 22:33:25 --HA- . (.Microsoft Corporation - ApiSet Stub DLL.) -- C:\WINDOWS\System32\api-ms-win-core-processenvironment-l1-1-0.dll [3584] O44 - LFC:[MD5.B206F476A21445BDC7C6365070CC33BC] - 13/05/2015 - 22:33:26 --HA- . (.Microsoft Corporation - ApiSet Stub DLL.) -- C:\WINDOWS\System32\api-ms-win-core-file-l1-1-0.dll [5120] O44 - LFC:[MD5.0B558439CCB936A97C78A0CAF9AAB856] - 13/05/2015 - 22:33:26 --HA- . (.Microsoft Corporation - ApiSet Stub DLL.) -- C:\WINDOWS\System32\api-ms-win-core-heap-l1-1-0.dll [3584] O44 - LFC:[MD5.975CA905CF10C14D1C2EB29026DD6E60] - 13/05/2015 - 22:33:26 --HA- . (.Microsoft Corporation - ApiSet Stub DLL.) -- C:\WINDOWS\System32\api-ms-win-core-localregistry-l1-1-0.dll [4096] O44 - LFC:[MD5.67B03204F468B24702787D9AD90089DB] - 13/05/2015 - 22:33:26 --HA- . (.Microsoft Corporation - ApiSet Stub DLL.) -- C:\WINDOWS\System32\api-ms-win-core-memory-l1-1-0.dll [3584] O44 - LFC:[MD5.1FCED4EA7CB62E69D4BBC476384D996D] - 13/05/2015 - 22:33:26 --HA- . (.Microsoft Corporation - ApiSet Stub DLL.) -- C:\WINDOWS\System32\api-ms-win-core-misc-l1-1-0.dll [3584] O44 - LFC:[MD5.E0FF0290115192214F5DC73C2DDACD76] - 13/05/2015 - 22:33:26 --HA- . (.Microsoft Corporation - ApiSet Stub DLL.) -- C:\WINDOWS\System32\api-ms-win-core-namedpipe-l1-1-0.dll [3584] O44 - LFC:[MD5.5FF2586D38C0B50C16976633D2064B4C] - 13/05/2015 - 22:33:26 --HA- . (.Microsoft Corporation - ApiSet Stub DLL.) -- C:\WINDOWS\System32\api-ms-win-core-processthreads-l1-1-0.dll [4608] O44 - LFC:[MD5.2ED9BDA64C82A1FE9614E5CABC98104A] - 13/05/2015 - 22:33:26 --HA- . (.Microsoft Corporation - ApiSet Stub DLL.) -- C:\WINDOWS\System32\api-ms-win-core-profile-l1-1-0.dll [3072] O44 - LFC:[MD5.E229C592341A73F3AB579F503582FEDD] - 13/05/2015 - 22:33:26 --HA- . (.Microsoft Corporation - ApiSet Stub DLL.) -- C:\WINDOWS\System32\api-ms-win-core-rtlsupport-l1-1-0.dll [3584] O44 - LFC:[MD5.8486D0DAC57FC6D20697C5C93B688EF1] - 13/05/2015 - 22:33:26 --HA- . (.Microsoft Corporation - ApiSet Stub DLL.) -- C:\WINDOWS\System32\api-ms-win-core-string-l1-1-0.dll [3072] O44 - LFC:[MD5.21A9F0F2D42258826A78CEA98EDC4641] - 13/05/2015 - 22:33:26 --HA- . (.Microsoft Corporation - ApiSet Stub DLL.) -- C:\WINDOWS\System32\api-ms-win-core-util-l1-1-0.dll [3072] O44 - LFC:[MD5.C7BDEFDC1B82292D9457CB8E5E4FDF5E] - 13/05/2015 - 22:33:26 --HA- . (.Microsoft Corporation - ApiSet Stub DLL.) -- C:\WINDOWS\System32\api-ms-win-core-xstate-l1-1-0.dll [3072] O44 - LFC:[MD5.306215737213CD3839250D3FE142C221] - 13/05/2015 - 22:33:26 --HA- . (.Microsoft Corporation - ApiSet Stub DLL.) -- C:\WINDOWS\System32\api-ms-win-security-base-l1-1-0.dll [6144] O44 - LFC:[MD5.81AA6F9E338EB279DFA5082BCD4F6AC5] - 13/05/2015 - 22:33:28 --HA- . (.Microsoft Corporation - ApiSet Stub DLL.) -- C:\WINDOWS\System32\api-ms-win-core-synch-l1-1-0.dll [4096] O44 - LFC:[MD5.A788BD5D470BE3DB47D8C9EE382B3FEE] - 13/05/2015 - 22:33:28 --HA- . (.Microsoft Corporation - ApiSet Stub DLL.) -- C:\WINDOWS\System32\api-ms-win-core-sysinfo-l1-1-0.dll [4096] O44 - LFC:[MD5.D205305FB0E352A9D4CF922D6A016BF4] - 13/05/2015 - 22:33:29 ---A- . (.Microsoft Corporation - AMD64 Wow64 CPU.) -- C:\WINDOWS\System32\wow64cpu.dll [13312] O44 - LFC:[MD5.50EBA6640805F6D5EF4A0DCEF2D180AB] - 13/05/2015 - 22:33:29 ---A- . (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\WINDOWS\System32\credssp.dll [22016] O44 - LFC:[MD5.ADC2D7B5BFF277E5A9FACE6A21A24ABC] - 13/05/2015 - 22:33:29 ---A- . (.Microsoft Corporation - LSA SSPI RPC interface DLL.) -- C:\WINDOWS\System32\sspisrv.dll [29184] O44 - LFC:[MD5.B3238F9DFCB93035033A4EEE21153C1C] - 13/05/2015 - 22:33:29 --HA- . (.Microsoft Corporation - ApiSet Stub DLL.) -- C:\WINDOWS\System32\api-ms-win-core-threadpool-l1-1-0.dll [4608] O44 - LFC:[MD5.E1B0C7042BA7B8903D60DF3885F2DFE7] - 13/05/2015 - 22:33:30 ---A- . (.Microsoft Corporation - Emulação de 16 bits em NT64.) -- C:\WINDOWS\System32\ntvdm64.dll [16384] O44 - LFC:[MD5.8C711AF30BE3991050D0D011D92CFBE0] - 13/05/2015 - 22:33:30 ---A- . (.Microsoft Corporation - Microsoft® Windows System Restore Client Li.) -- C:\WINDOWS\System32\srclient.dll [50176] O44 - LFC:[MD5.0D9BDBE780DD81757AC5AF87E8B1EBEC] - 13/05/2015 - 22:33:30 ---A- . (.Microsoft Corporation - Security Support Provider Interface.) -- C:\WINDOWS\System32\secur32.dll [28160] O44 - LFC:[MD5.D2602AC48B38FA10956E32D18E7143B0] - 13/05/2015 - 22:33:30 ---A- . (.Microsoft Corporation - Wow64 Console and Win32 API Logging.) -- C:\WINDOWS\System32\wow64win.dll [362496] O44 - LFC:[MD5.BB7BAF9532DBA5AB4009E981687D1EA6] - 13/05/2015 - 22:33:31 ---A- . (.Microsoft Corporation - Utilitário de configuração de desempenho de.) -- C:\WINDOWS\System32\diskperf.exe [19456] O44 - LFC:[MD5.9262D6E2C239EDD6D87B080F2BCCEC9F] - 13/05/2015 - 22:33:33 ---A- . (.Microsoft Corporation - Local Security Authority Process.) -- C:\WINDOWS\System32\lsass.exe [31232] O44 - LFC:[MD5.A3DCC3D8BB57E31EA07949313CC3A3CF] - 13/05/2015 - 22:33:33 ---A- . (.Microsoft Corporation - Processo do tempo de Execução do Servidor d.) -- C:\WINDOWS\System32\csrsrv.dll [43520] O44 - LFC:[MD5.4DD0098FFAB4664DB979537C48AE055F] - 13/05/2015 - 22:33:33 ---A- . (.Microsoft Corporation - Programa de Diretiva de Auditoria.) -- C:\WINDOWS\System32\auditpol.exe [64000] O44 - LFC:[MD5.CD3770C78AFFC223A3B9D38F27B7A309] - 13/05/2015 - 22:33:34 ---A- . (.Microsoft Corporation - Biblioteca criptográfica do Windows.) -- C:\WINDOWS\System32\ncrypt.dll [309760] O44 - LFC:[MD5.FE60A67032A5C94F6ACE483C8FE84105] - 13/05/2015 - 22:33:34 ---A- . (.Microsoft Corporation - Desempenho do sistema da linha de comando.) -- C:\WINDOWS\System32\typeperf.exe [47104] O44 - LFC:[MD5.79F036EB691ABBA84E8EB1715E5F2B17] - 13/05/2015 - 22:33:34 ---A- . (.Microsoft Corporation - Informações de novo log de desempenho.) -- C:\WINDOWS\System32\relog.exe [43008] O44 - LFC:[MD5.2292CD8500725B94B7D2E3C0C84F2D19] - 13/05/2015 - 22:33:34 ---A- . (.Microsoft Corporation - Microsoft Digest Access.) -- C:\WINDOWS\System32\wdigest.dll [210944] O44 - LFC:[MD5.40C5EA47D4AEC96249B09BF0C076A60C] - 13/05/2015 - 22:33:34 ---A- . (.Microsoft Corporation - Security Support Provider Interface.) -- C:\WINDOWS\System32\sspicli.dll [136192] O44 - LFC:[MD5.ACE24D86D2714FCC1639F890DF54951B] - 13/05/2015 - 22:33:34 ---A- . (.Microsoft Corporation - Web Service Security Package.) -- C:\WINDOWS\System32\TSpkg.dll [86528] O44 - LFC:[MD5.DA5EF2CC0764BE7097BAFA9CAF903FE8] - 13/05/2015 - 22:33:35 ---A- . (.Microsoft Corporation - Gerenciador de Sessão do Windows.) -- C:\WINDOWS\System32\smss.exe [112640] O44 - LFC:[MD5.CCAB9BE9C9100C5F54A5A8F355730841] - 13/05/2015 - 22:33:36 ---A- . (.Microsoft Corporation - Pacote de Segurança Kerberos.) -- C:\WINDOWS\System32\kerberos.dll [728064] O44 - LFC:[MD5.52935C072F8D5A92508AA3A3CC9133C7] - 13/05/2015 - 22:33:36 ---A- . (.Microsoft Corporation - Restauração do Sistema do Microsoft® Window.) -- C:\WINDOWS\System32\rstrui.exe [296960] O44 - LFC:[MD5.E55A72876BC5E244D0A8F7F07862A939] - 13/05/2015 - 22:33:37 ---A- . (.Microsoft Corporation - Host da Janela do Console.) -- C:\WINDOWS\System32\conhost.exe [338432] O44 - LFC:[MD5.0CD609B1143961F5C3BA691729A6A5DA] - 13/05/2015 - 22:33:38 ---A- . (.Microsoft Corporation - Biblioteca Principal de Restauração de Sist.) -- C:\WINDOWS\System32\srcore.dll [503808] O44 - LFC:[MD5.D17DD01601460F5899E5C154B3FD0BFA] - 13/05/2015 - 22:33:38 ---A- . (.Microsoft Corporation - DLL do Windows Server para multiusuários.) -- C:\WINDOWS\System32\winsrv.dll [215040] O44 - LFC:[MD5.52146DBFE253B83FAB1980AA704C7974] - 13/05/2015 - 22:33:38 ---A- . (.Microsoft Corporation - Host for SCM/SDDL/LSA Lookup APIs.) -- C:\WINDOWS\System32\sechost.dll [113664] O44 - LFC:[MD5.9C5DBA74D0C641C2A4ABDC79969B7BEF] - 13/05/2015 - 22:33:38 ---A- . (.Microsoft Corporation - Informações de log de desempenho.) -- C:\WINDOWS\System32\logman.exe [104448] O44 - LFC:[MD5.F7DFAE6040AC910B7C64EE208A34157D] - 13/05/2015 - 22:33:38 ---A- . (.Microsoft Corporation - Kernel Security Support Provider Interface.) -- C:\WINDOWS\System32\Drivers\ksecdd.sys [95680] O44 - LFC:[MD5.8FE94F2EF9BF444E93E35D87E210D02F] - 13/05/2015 - 22:33:38 ---A- . (.Microsoft Corporation - Kernel Security Support Provider Interface.) -- C:\WINDOWS\System32\Drivers\ksecpkg.sys [155584] O44 - LFC:[MD5.FDF1E0FD74DED0034BA6FFB665E0641E] - 13/05/2015 - 22:33:39 ---A- . (.Microsoft Corporation - DLL cliente da API BASE do Windows NT.) -- C:\WINDOWS\System32\KernelBase.dll [424448] O44 - LFC:[MD5.EE27E1D639E3807229C15AF94320CF0A] - 13/05/2015 - 22:33:39 ---A- . (.Microsoft Corporation - Ferramenta de relatórios de rastreamento de.) -- C:\WINDOWS\System32\tracerpt.exe [404992] O44 - LFC:[MD5.A0BCD6A64281492EFAE02AC144A335F1] - 13/05/2015 - 22:33:39 ---A- . (.Microsoft Corporation - Win32 Emulation on NT64.) -- C:\WINDOWS\System32\wow64.dll [243712] O44 - LFC:[MD5.DA8B541825991F6699790E617FF0FF60] - 13/05/2015 - 22:33:41 ---A- . (.Microsoft Corporation - DLL do servidor LSA.) -- C:\WINDOWS\System32\lsasrv.dll [1461760] O44 - LFC:[MD5.408A8232E84515E4AA819E0C95E65257] - 13/05/2015 - 22:33:42 ---A- . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\WINDOWS\System32\msv1_0.dll [314880] O44 - LFC:[MD5.1C9F2F4A2C603739BD8CC8C64310AFD7] - 13/05/2015 - 22:33:43 ---A- . (.Microsoft Corporation - DLL cliente da API BASE do Windows NT.) -- C:\WINDOWS\System32\kernel32.dll [1162752] O44 - LFC:[MD5.B01B21E15671ACD3F0AD131DC4CABFC7] - 13/05/2015 - 22:33:44 ---A- . (.Microsoft Corporation - API de base do Windows 32 avançada.) -- C:\WINDOWS\System32\advapi32.dll [879104] O44 - LFC:[MD5.10D39E74B0D5011A8C199B9646579C3F] - 13/05/2015 - 22:33:44 ---A- . (.Microsoft Corporation - Biblioteca de Auxiliar de Rastreamento de E.) -- C:\WINDOWS\System32\tdh.dll [879104] O44 - LFC:[MD5.8453010B6512DAEAFC61CC0836FA137E] - 13/05/2015 - 22:33:46 ---A- . (.Microsoft Corporation - DLL de nível do NT.) -- C:\WINDOWS\System32\ntdll.dll [1728960] O44 - LFC:[MD5.A985325F4FE72FB003749A2FBBA9952E] - 13/05/2015 - 22:33:46 ---A- . (.Microsoft Corporation - NT Kernel & System.) -- C:\WINDOWS\System32\ntoskrnl.exe [5569984] O44 - LFC:[MD5.D449C36379EBEFD3CCDAEC328002BB5B] - 13/05/2015 - 22:33:47 ---A- . (.Microsoft Corporation - Microsoft Windows Diagnostics Tracking.) -- C:\WINDOWS\System32\UtcResources.dll [36864] O44 - LFC:[MD5.EA8A3E8C674B03CB4AFA1D344DBD7BC1] - 13/05/2015 - 22:33:47 ---A- . (.Microsoft Corporation - Microsoft Windows Diagnostics Tracking.) -- C:\WINDOWS\System32\diagtrack.dll [1254400] O44 - LFC:[MD5.71C85477DF9347FE8E7BC55768473FCA] - 13/05/2015 - 22:33:57 ---A- . (.Microsoft Corporation - Aplicativo de serviços e controle.) -- C:\WINDOWS\System32\services.exe [328704] O44 - LFC:[MD5.F2A1718334172C0F4E231E998F6CB8AB] - 13/05/2015 - 22:34:01 ---A- . (.Microsoft Corporation - Classificação da Internet e DLL de gerencia.) -- C:\WINDOWS\System32\msrating.dll [199680] O44 - LFC:[MD5.C31D57F7A58FACDA2671075CEBA75199] - 13/05/2015 - 22:34:01 ---A- . (.Microsoft Corporation - Visualizador de HTML da Microsoft ®.) -- C:\WINDOWS\System32\mshtml.dll [24971776] O44 - LFC:[MD5.5A18ACE782C215300BE1C82D9EDC565B] - 13/05/2015 - 22:34:02 ---A- . (.Microsoft Corporation - DAC for Trident DOM.) -- C:\WINDOWS\System32\MshtmlDac.dll [88064] O44 - LFC:[MD5.C1D6BD834E69E8F77C8B4DDFCEE073F6] - 13/05/2015 - 22:34:03 ---A- . (.Microsoft Corporation - Conversor de HTML da Microsoft.) -- C:\WINDOWS\System32\html.iec [417792] O44 - LFC:[MD5.F0289B3A341429117696F0279DA977B6] - 13/05/2015 - 22:34:03 ---A- . (.Microsoft Corporation - Internet Extensions para Win32.) -- C:\WINDOWS\System32\wininet.dll [2352128] O44 - LFC:[MD5.FFC30231459FC44FD73E07532C707791] - 13/05/2015 - 22:34:04 ---A- . (.Microsoft Corporation - Microsoft ® HTML Media DLL.) -- C:\WINDOWS\System32\mshtmlmedia.dll [1359360] O44 - LFC:[MD5.DC1200D3C3AC1E69A4DAD053BC26BF0D] - 13/05/2015 - 22:34:04 ---A- . (.Microsoft Corporation - Microsoft ® JScript Diagnostics.) -- C:\WINDOWS\System32\jscript9diag.dll [814080] O44 - LFC:[MD5.63061A0826839DE8F5B4713976C99F1B] - 13/05/2015 - 22:34:04 ---A- . (.Microsoft Corporation - Microsoft ® JScript.) -- C:\WINDOWS\System32\jscript.dll [816640] O44 - LFC:[MD5.79A4C71CD8B610DE9F66B72B5654C450] - 13/05/2015 - 22:34:04 ---A- . (.Microsoft Corporation - Microsoft ® JScript.) -- C:\WINDOWS\System32\jscript9.dll [6025728] O44 - LFC:[MD5.1921A72BF1273BED72E569EF1F1A0611] - 13/05/2015 - 22:34:04 ---A- . (.Microsoft Corporation - Microsoft® HTML Editing Component.) -- C:\WINDOWS\System32\mshtmled.dll [92160] O44 - LFC:[MD5.1D610F215769E4FF56C7B1847DE4B86D] - 13/05/2015 - 22:34:05 ---A- . (.Microsoft Corporation - Mecanismo da Interface do Usuário do Intern.) -- C:\WINDOWS\System32\ieui.dll [633856] O44 - LFC:[MD5.E061B5A1D0F9BBACA41149201ADF4A3B] - 13/05/2015 - 22:34:05 ---A- . (.Microsoft Corporation - Navegador da Internet.) -- C:\WINDOWS\System32\ieframe.dll [14401536] O44 - LFC:[MD5.0B4E78E6E65D1FD2CE55C93CF1EFD623] - 13/05/2015 - 22:34:07 ---A- . (.Microsoft Corporation - JScript Proxy Auto-Configuration.) -- C:\WINDOWS\System32\jsproxy.dll [54784] O44 - LFC:[MD5.29BBA65402DD568F49C837533F269482] - 13/05/2015 - 22:34:07 ---A- . (.Microsoft Corporation - Utilitário de Instalação Autônoma do IE 7.0.) -- C:\WINDOWS\System32\ieUnatt.exe [144384] O44 - LFC:[MD5.B85ECB91C88F6E74045061B7F7DDEFA2] - 13/05/2015 - 22:34:09 ---A- . (.Microsoft Corporation - Microsoft ® VBScript.) -- C:\WINDOWS\System32\vbscript.dll [584192] O44 - LFC:[MD5.F918BE3C5ACA0B6485D725CC1A5348DC] - 13/05/2015 - 22:34:09 ---A- . (.Microsoft Corporation - Painel de Controle da Internet.) -- C:\WINDOWS\System32\inetcpl.cpl [2125824] O44 - LFC:[MD5.843D063E75B19188759CBEC82828BCB1] - 13/05/2015 - 22:34:09 ---A- . (.Microsoft Corporation - Run time utility for Internet Explorer.) -- C:\WINDOWS\System32\iertutil.dll [2885120] O44 - LFC:[MD5.F28577138120BA7E5423820D4B4C4727] - 13/05/2015 - 22:34:10 ---A- . (.Microsoft Corporation - Mapa de versão IOD.) -- C:\WINDOWS\System32\iesetup.dll [66560] O44 - LFC:[MD5.49B1935F131A44CD29857D6900CB643F] - 13/05/2015 - 22:34:10 ---A- . (.Microsoft Corporation - Microsoft SmartScreen Filter.) -- C:\WINDOWS\System32\ieapfltr.dll [800768] O44 - LFC:[MD5.E20B5098C8707B2CF0858024568234FF] - 13/05/2015 - 22:34:11 ---A- . (.Microsoft Corporation - Microsoft Feeds Manager.) -- C:\WINDOWS\System32\msfeeds.dll [801280] O44 - LFC:[MD5.2A2CDE78F9E9019AD0E4D804A02688A3] - 13/05/2015 - 22:34:11 ---A- . (.Microsoft Corporation - Microsoft Spell Checking Facility.) -- C:\WINDOWS\System32\MsSpellCheckingFacility.exe [968704] O44 - LFC:[MD5.ED4EB5A0CDD251A17B946C515CB94D70] - 13/05/2015 - 22:34:12 ---A- . (.Microsoft Corporation - Extensões OLE32 para Win32.) -- C:\WINDOWS\System32\urlmon.dll [1547264] O44 - LFC:[MD5.010F562B961AB8CAEC7A0C72F8FDD690] - 13/05/2015 - 22:34:12 ---A- . (.Microsoft Corporation - IE ETW Collector Service Resources.) -- C:\WINDOWS\System32\ieetwcollectorres.dll [4096] O44 - LFC:[MD5.D7B9EEF960F68DC18724BB5F89A464DD] - 13/05/2015 - 22:34:13 ---A- . (.Microsoft Corporation - Identidade visual IEAK.) -- C:\WINDOWS\System32\iedkcs32.dll [389840] O44 - LFC:[MD5.6D2787CD32595A91969502A399E7BA48] - 13/05/2015 - 22:34:14 ---A- . (.Microsoft Corporation - JavaScript Performance Collection Agent.) -- C:\WINDOWS\System32\JavaScriptCollectionAgent.dll [77824] O44 - LFC:[MD5.1122DD841CCB7E07EF41039CBD66A29E] - 13/05/2015 - 22:34:15 ---A- . (.Microsoft Corporation - Processamento de RunOnce estendido com inte.) -- C:\WINDOWS\System32\iernonce.dll [34304] O44 - LFC:[MD5.5EDC6AF7589B65C89CB1154B3377D0C4] - 13/05/2015 - 22:34:15 ---A- . (.Microsoft Corporation - Utilitário de Inicialização por Usuário do.) -- C:\WINDOWS\System32\ie4uinit.exe [720384] O44 - LFC:[MD5.70EDB996FE1BCB699232A15CB0D0FA32] - 13/05/2015 - 22:34:16 ---A- . (.Microsoft Corporation - Microsoft® MSHTML Typelib.) -- C:\WINDOWS\System32\mshtml.tlb [2724864] O44 - LFC:[MD5.E802824B9B4A16355A5233A7B8215ECE] - 13/05/2015 - 22:34:17 ---A- . (.Microsoft Corporation - IE ETW Collector Proxy Stub Resources.) -- C:\WINDOWS\System32\ieetwproxystub.dll [48640] O44 - LFC:[MD5.9DCD15027A13195ABA68B40A5EB26691] - 13/05/2015 - 22:34:17 ---A- . (.Microsoft Corporation - IE ETW Collector Service.) -- C:\WINDOWS\System32\ieetwcollector.exe [114688] O44 - LFC:[MD5.ED4B980701D081AC42F7B121C1E42149] - 13/05/2015 - 22:34:56 ---A- . (.Microsoft Corporation - Cliente dos Serviços de Certificados do Act.) -- C:\WINDOWS\System32\certcli.dll [460800] O44 - LFC:[MD5.8AD8D17425C75D2621B2CDFE0DEABD21] - 13/05/2015 - 22:34:58 ---A- . (.Microsoft Corporation - TLS / SSL Security Provider.) -- C:\WINDOWS\System32\schannel.dll [342016] O44 - LFC:[MD5.189FB45D7442083AE8A2E4E612233EF7] - 14/05/2015 - 14:26:14 ---A- . (.Microsoft Corporation - WinFX OpenType/CFF Rasterizer.) -- C:\WINDOWS\System32\PresentationCFFRasterizerNative_v0300.dll [124112] O44 - LFC:[MD5.65D9D98DBFF574BA9B68F76F0BB1630E] - 14/05/2015 - 14:31:14 ---A- . (.Microsoft Corporation - Ferramentas de Remoção de Software Mal-Inte.) -- C:\WINDOWS\System32\MRT.exe [140425016] O44 - LFC:[MD5.9FFBB8A29E2DCC69A6DC5B034C7C7654] - 14/05/2015 - 14:41:20 ---A- . (...) -- C:\WINDOWS\epplauncher.mif [2155] O44 - LFC:[MD5.D32D375CE7DDF4F7EA8F77CDEE1327F2] - 14/05/2015 - 21:36:36 ---A- . (...) -- C:\WINDOWS\System32\FNTCACHE.DAT [424624] O44 - LFC:[MD5.CA2A8AF1DBAD0F31F9B33A2827DFBC16] - 16/05/2015 - 16:58:04 ---A- . (...) -- C:\WINDOWS\tweaking.com-regbackup-FLÁVIO-PC-Windows-7-Home-Basic-(64-bit).dat [207] O44 - LFC:[MD5.CC7AA7B42CF418FC3D926913490048F8] - 17/05/2015 - 00:20:01 ---A- . (...) -- C:\WINDOWS\zoek-delete.exe [24064] O44 - LFC:[MD5.9DF700E831E39B6098D32E7245BF040A] - 17/05/2015 - 00:41:55 ---A- . (...) -- C:\zoek-results.log [30361] O44 - LFC:[MD5.1E9E32AEC3E1EB1B31B8169F33168B56] - 20/05/2015 - 10:01:02 ---A- . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\WINDOWS\System32\Drivers\mbam.sys [25816] O44 - LFC:[MD5.54D70409DE6932E9EFA117779611E7A9] - 20/05/2015 - 10:01:02 ---A- . (.Malwarebytes Corporation - Malwarebytes Chameleon Protection Driver.) -- C:\WINDOWS\System32\Drivers\mbamchameleon.sys [107736] O44 - LFC:[MD5.F49FB3C88E263AE9A246593B0BB29294] - 20/05/2015 - 10:01:02 ---A- . (.Malwarebytes Corporation - Malwarebytes Web Access Control.) -- C:\WINDOWS\System32\Drivers\mwac.sys [63704] O44 - LFC:[MD5.E9CD058C79EA15B4AA93E259FA713B07] - 20/05/2015 - 13:02:03 ---A- . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\WINDOWS\System32\Drivers\MBAMSwissArmy.sys [136408] O44 - LFC:[MD5.EF4514942907A6937BD76CFF976A929D] - 20/05/2015 - 19:52:45 ---A- . (...) -- C:\WINDOWS\PFRO.log [273870] O44 - LFC:[MD5.9BF012236807E079836FA857E61448AC] - 27/05/2015 - 12:55:42 -S-A- . (...) -- C:\WINDOWS\bootstat.dat [67584] O44 - LFC:[MD5.68EE201047758B4AEB7DCFACBBE23E25] - 27/05/2015 - 12:55:46 ---A- . (...) -- C:\WINDOWS\setupact.log [79261] O44 - LFC:[MD5.B056647D6E153BCF7E1B58FFCB8E1E57] - 27/05/2015 - 13:48:25 ---A- . (...) -- C:\WINDOWS\System32\PerfStringBackup.INI [1635826] O44 - LFC:[MD5.98DC171CAA3FA2EB44750941EAA6873B] - 27/05/2015 - 13:48:25 ---A- . (...) -- C:\WINDOWS\System32\perfc009.dat [122336] O44 - LFC:[MD5.7A645CABC670218097CE130D25FEF78D] - 27/05/2015 - 13:48:25 ---A- . (...) -- C:\WINDOWS\System32\perfh009.dat [654464] O44 - LFC:[MD5.E7ACE4AE868997F330B8A26685B37D6F] - 27/05/2015 - 13:48:25 ---A- . (...) -- C:\WINDOWS\System32\prfc0416.dat [147848] O44 - LFC:[MD5.595B268A3D72BB250F6B0837D1DC510D] - 27/05/2015 - 13:48:25 ---A- . (...) -- C:\WINDOWS\System32\prfh0416.dat [706008] O44 - LFC:[MD5.B85718E33644C7A0358640575BB73A86] - 27/05/2015 - 23:08:22 ---A- . (...) -- C:\WINDOWS\WindowsUpdate.log [1112312] ~ Files: 136 Scanned in 00mn 14s ---\\ Operações e funções ao arranque do Windows Explorer (046) O46 - SEH:ShellExecuteHooks - Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~1\MICROS~4\Office14\GROOVEEX.DLL ~ ShellExecuteHooks: Scanned in 00mn 00s ---\\ Negação do serviço (Local Security Authority) (048) O48 - LSA:Local Security Authority Authentication Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\WINDOWS\System32\msv1_0.dll O48 - LSA:Local Security Authority Notification Packages . (.Microsoft Corporation - Mecanismo cliente do 'Editor de configuração de segurança Windows'.) -- C:\WINDOWS\System32\scecli.dll O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Pacote de Segurança Kerberos.) -- C:\WINDOWS\System32\kerberos.dll O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\WINDOWS\System32\msv1_0.dll O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - TLS / SSL Security Provider.) -- C:\WINDOWS\System32\schannel.dll O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Digest Access.) -- C:\WINDOWS\System32\wdigest.dll O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Web Service Security Package.) -- C:\WINDOWS\System32\tspkg.dll O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Pku2u Security Package.) -- C:\WINDOWS\System32\pku2u.dll O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corp. - LiveSSP.) -- C:\WINDOWS\System32\livessp.dll ~ LSA: 9 Scanned in 00mn 00s ---\\ Controlo do Modo de Segurança (CSB) (49) O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sermouse.sys . (.Microsoft Corporation - Driver de porta de mouse serial.) -- C:\WINDOWS\System32\Drivers\sermouse.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\WINDOWS\System32\Drivers\vga.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vgasave.sys . (...) -- C:\WINDOWS\System32\Drivers\vgasave.sys (.not file.) O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\WINDOWS\System32\Drivers\volmgr.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgrx.sys . (.Microsoft Corporation - Driver de Extensão do Gerenciador de Volumes.) -- C:\WINDOWS\System32\Drivers\volmgrx.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\Wdf01000.sys . (.Microsoft Corporation - Tempo de Execução da Estrutura de Driver em Modo Kernel.) -- C:\WINDOWS\System32\Drivers\Wdf01000.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ipnat.sys . (.Microsoft Corporation - IP Network Address Translator.) -- C:\WINDOWS\System32\Drivers\ipnat.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\nsiproxy.sys . (.Microsoft Corporation - NSI Proxy.) -- C:\WINDOWS\System32\Drivers\nsiproxy.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpencdd.sys . (.Microsoft Corporation - RDP Encoder Miniport.) -- C:\WINDOWS\System32\Drivers\rdpencdd.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sermouse.sys . (.Microsoft Corporation - Driver de porta de mouse serial.) -- C:\WINDOWS\System32\Drivers\sermouse.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\WINDOWS\System32\Drivers\vga.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vgasave.sys . (...) -- C:\WINDOWS\System32\Drivers\vgasave.sys (.not file.) O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\WINDOWS\System32\Drivers\volmgr.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgrx.sys . (.Microsoft Corporation - Driver de Extensão do Gerenciador de Volumes.) -- C:\WINDOWS\System32\Drivers\volmgrx.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\Wdf01000.sys . (.Microsoft Corporation - Tempo de Execução da Estrutura de Driver em Modo Kernel.) -- C:\WINDOWS\System32\Drivers\Wdf01000.sys ~ CSB: 15 Scanned in 00mn 00s ---\\ Chave do registo Shell MountPoints2 (MPSK) (O51) O51 - MPSK:{4ce291ee-22c7-11e3-9f5e-9439e520b668}\AutoRun\command. (...) -- E:\MotorolaDeviceManagerSetup.exe (.not file.) O51 - MPSK:{929cfdb0-7a28-11e4-9731-9439e520b668}\AutoRun\command. (...) -- F:\Startme.exe (.not file.) ~ Keys: Scanned in 00mn 00s ---\\ Pesquisa de infeções nos drivers (HKLM)(TDSD) (O52) O52 - TDSD: \Drivers32\"msacm.l3acm"="C:\Windows\System32\l3codeca.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm O52 - TDSD: \drivers.desc\"C:\Windows\System32\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm ~ TDSD: 2 Scanned in 00mn 00s ---\\ Enumeração das chaves do registo StartupReg (SMSR) (O53) O53 - SMSR:HKLM\...\startupreg\msnmsgr [Key] . (.Microsoft Corporation - Windows Live Messenger.) -- C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe ~ SMSR Keys: 1 Scanned in 00mn 00s ---\\ Enumeração das chaves do registo SecurityProviders (MCSP) (O54) O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\WINDOWS\System32\credssp.dll O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\WINDOWS\System32\credssp.dll ~ MSCP: 2 Scanned in 00mn 00s ---\\ Enumeração das chaves do registo PoliciesSystem (MWPS) (O55) O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorAdmin"=5 O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorUser"=3 O55 - MWPS:[HKLM\...\Policies\System] - "EnableInstallerDetection"=1 O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=1 O55 - MWPS:[HKLM\...\Policies\System] - "EnableSecureUIAPaths"=1 O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0 O55 - MWPS:[HKLM\...\Policies\System] - "EnableVirtualization"=1 O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=1 O55 - MWPS:[HKLM\...\Policies\System] - "ValidateAdminCodeSignatures"=0 O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0 O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"=0 O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"=0 O55 - MWPS:[HKLM\...\Policies\System] - "scforceoption"=0 O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1 O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1 O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0 O55 - MWPS:[HKCU\...\Policies\System] - "DisableRegistryTools"=0 O55 - MWPS:[HKCU\...\Policies\System] - "DisableTaskMgr"=0 ~ MWPS: 18 Scanned in 00mn 00s ---\\ Enumeração das chaves do registo Policie---plorer (MWPE) (O56) O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktop"=1 O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktopChanges"=1 O56 - MWPE:[HKLM\...\policies\Explorer] - "ForceActiveDesktopOn"=0 ~ MWPE Keys: 3 Scanned in 00mn 00s ---\\ Lista dos drivers do sistema (SDL) (O58) O58 - SDL:13/07/2009 - 22:52:21 ---A- . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) -- C:\WINDOWS\System32\Drivers\adp94xx.sys [491088] O58 - SDL:13/07/2009 - 22:52:21 ---A- . (.Adaptec, Inc. - Adaptec Windows SATA Storport Driver.) -- C:\WINDOWS\System32\Drivers\adpahci.sys [339536] O58 - SDL:13/07/2009 - 22:52:21 ---A- . (.Adaptec, Inc. - Adaptec StorPort Ultra320 SCSI Driver (X64).) -- C:\WINDOWS\System32\Drivers\adpu320.sys [182864] O58 - SDL:13/07/2009 - 22:52:21 ---A- . (.Acer Laboratories Inc. - ALi mini IDE Driver.) -- C:\WINDOWS\System32\Drivers\aliide.sys [15440] O58 - SDL:23/09/2011 - 05:38:15 ---A- . (.Advanced Micro Devices - AHCI 1.2 Device Driver.) -- C:\WINDOWS\System32\Drivers\amdsata.sys [107904] O58 - SDL:13/07/2009 - 22:52:20 ---A- . (.AMD Technologies Inc. - AMD Technology AHCI Compatible Controller Driver for Windows -.) -- C:\WINDOWS\System32\Drivers\amdsbs.sys [194128] O58 - SDL:23/09/2011 - 05:38:15 ---A- . (.Advanced Micro Devices - Storage Filter Driver.) -- C:\WINDOWS\System32\Drivers\amdxata.sys [27008] O58 - SDL:19/09/2012 - 11:16:20 ---A- . (.Alps Electric Co., Ltd. - Alps Touch Pad Driver.) -- C:\WINDOWS\System32\Drivers\Apfiltr.sys [447864] O58 - SDL:13/07/2009 - 22:52:21 ---A- . (.Adaptec, Inc. - Adaptec RAID Storport Driver.) -- C:\WINDOWS\System32\Drivers\arc.sys [87632] O58 - SDL:13/07/2009 - 22:52:21 ---A- . (.Adaptec, Inc. - Adaptec SAS RAID WS03 Driver.) -- C:\WINDOWS\System32\Drivers\arcsas.sys [97856] O58 - SDL:12/07/2011 - 11:22:50 ---A- . (.Atheros Communications, Inc. - Atheros Extensible Wireless LAN device driver.) -- C:\WINDOWS\System32\Drivers\athrx.sys [2727424] O58 - SDL:10/06/2009 - 17:34:23 ---A- . (.Broadcom Corporation - Broadcom NetXtreme Gigabit Ethernet NDIS6.x Unified Driver..) -- C:\WINDOWS\System32\Drivers\b57nd60a.sys [270848] O58 - SDL:10/06/2009 - 17:41:06 ---A- . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver.) -- C:\WINDOWS\System32\Drivers\BrFiltLo.sys [18432] O58 - SDL:10/06/2009 - 17:41:06 ---A- . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver.) -- C:\WINDOWS\System32\Drivers\BrFiltUp.sys [8704] O58 - SDL:13/07/2009 - 22:19:07 ---A- . (.Brother Industries Ltd. - Brother Serial I/F Driver (WDM).) -- C:\WINDOWS\System32\Drivers\BrSerId.sys [286720] O58 - SDL:10/06/2009 - 17:41:10 ---A- . (.Brother Industries Ltd. - Brother Serial driver (WDM version).) -- C:\WINDOWS\System32\Drivers\BrSerWdm.sys [47104] O58 - SDL:10/06/2009 - 17:41:10 ---A- . (.Brother Industries Ltd. - Brother USB MDM Driver.) -- C:\WINDOWS\System32\Drivers\BrUsbMdm.sys [14976] O58 - SDL:10/06/2009 - 17:41:10 ---A- . (.Brother Industries Ltd. - Brother USB Serial Driver.) -- C:\WINDOWS\System32\Drivers\BrUsbSer.sys [14720] O58 - SDL:20/05/2011 - 11:15:32 ---A- . (.Atheros - Atheros A2DP driver.) -- C:\WINDOWS\System32\Drivers\btath_a2dp.sys [298656] O58 - SDL:20/05/2011 - 11:15:34 ---A- . (.Atheros - Atheros BUS driver.) -- C:\WINDOWS\System32\Drivers\btath_bus.sys [29344] O58 - SDL:20/05/2011 - 11:15:34 ---A- . (.Atheros - Atheros FILTER driver.) -- C:\WINDOWS\System32\Drivers\btath_flt.sys [36000] O58 - SDL:20/05/2011 - 11:15:34 ---A- . (.Atheros - Atheros HCRP driver.) -- C:\WINDOWS\System32\Drivers\btath_hcrp.sys [201376] O58 - SDL:20/05/2011 - 11:15:34 ---A- . (.Atheros - Atheros FILTER driver.) -- C:\WINDOWS\System32\Drivers\btath_lwflt.sys [55456] O58 - SDL:20/05/2011 - 11:15:34 ---A- . (.Atheros - Atheros AVRCP driver.) -- C:\WINDOWS\System32\Drivers\btath_rcp.sys [154272] O58 - SDL:20/05/2011 - 11:15:34 ---A- . (.Atheros - BtFilter Driver.) -- C:\WINDOWS\System32\Drivers\btfilter.sys [282272] O58 - SDL:10/06/2009 - 17:34:28 ---A- . (.Broadcom Corporation - Broadcom NetXtreme II GigE VBD.) -- C:\WINDOWS\System32\Drivers\bxvbda.sys [468480] O58 - SDL:20/10/2009 - 03:00:00 ---A- . (.Sonic Solutions - CDR4 64-bit CD and DVD Place Holder Driver (see PxHelp).) -- C:\WINDOWS\System32\Drivers\cdr4_xp.sys [10224] O58 - SDL:20/10/2009 - 03:00:00 ---A- . (.Sonic Solutions - CDRAL 64-bit Place Holder Driver (see PxHelp).) -- C:\WINDOWS\System32\Drivers\cdralw2k.sys [10224] O58 - SDL:13/07/2009 - 22:52:31 ---A- . (.CMD Technology, Inc. - CMD PCI IDE Bus Driver.) -- C:\WINDOWS\System32\Drivers\cmdide.sys [17488] O58 - SDL:28/05/2009 - 10:49:00 ---A- . (.Creative Technology Ltd. - Advanced Audio FX Driver (64-bit).) -- C:\WINDOWS\System32\Drivers\CtAudDrv.sys [224768] O58 - SDL:16/06/2011 - 14:40:20 ---A- . (.Creative Technology Ltd. - Video Class Upper Filter Driver (64-bit).) -- C:\WINDOWS\System32\Drivers\CtClsFlt.sys [176000] O58 - SDL:13/07/2009 - 22:47:48 ---A- . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\WINDOWS\System32\Drivers\elxstor.sys [530496] O58 - SDL:10/06/2009 - 17:34:33 ---A- . (.Broadcom Corporation - Broadcom NetXtreme II 10 GigE VBD.) -- C:\WINDOWS\System32\Drivers\evbda.sys [3286016] O58 - SDL:22/07/2010 - 17:13:28 ---A- . (.FSPro Labs - FSPro File System Filter.) -- C:\WINDOWS\System32\Drivers\FSPFltd.sys [54848] O58 - SDL:02/12/2014 - 11:22:06 ---A- . (.Sony Mobile Communications - SOMC USB Flash Driver Filter.) -- C:\WINDOWS\System32\Drivers\ggflt.sys [16088] O58 - SDL:02/12/2014 - 11:22:06 ---A- . (.Sony Mobile Communications - SOMC USB Flash Driver.) -- C:\WINDOWS\System32\Drivers\ggsomc.sys [30424] O58 - SDL:10/06/2009 - 17:31:59 ---A- . (.Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for eHome.) -- C:\WINDOWS\System32\Drivers\hcw85cir.sys [31232] O58 - SDL:19/10/2010 - 21:34:26 ---A- . (.Intel Corporation - Intel® Management Engine Interface.) -- C:\WINDOWS\System32\Drivers\HECIx64.sys [56344] O58 - SDL:21/11/2010 - 00:23:47 ---A- . (.Hewlett-Packard Company - Smart Array SAS/SATA Controller Media Driver.) -- C:\WINDOWS\System32\Drivers\HpSAMD.sys [78720] O58 - SDL:12/01/2011 - 21:51:44 ---A- . (.Intel Corporation - Intel Rapid Storage Technology driver - x64.) -- C:\WINDOWS\System32\Drivers\iaStor.sys [439320] O58 - SDL:23/09/2011 - 05:38:15 ---A- . (.Intel Corporation - Intel Matrix Storage Manager driver - x64.) -- C:\WINDOWS\System32\Drivers\iaStorV.sys [410496] O58 - SDL:15/11/2012 - 02:03:46 ---A- . (.Intel Corporation - Intel Graphics Kernel Mode Driver.) -- C:\WINDOWS\System32\Drivers\igdkmd64.sys [9000256] O58 - SDL:13/07/2009 - 22:48:04 ---A- . (.Intel Corp./ICP vortex GmbH - Intel/ICP Raid Storport Driver.) -- C:\WINDOWS\System32\Drivers\iirsp.sys [44112] O58 - SDL:26/02/2010 - 20:32:12 ---A- . (.Intel Corporation - Intel® Turbo Boost Technology Driver.) -- C:\WINDOWS\System32\Drivers\Impcd.sys [158976] O58 - SDL:19/06/2012 - 22:40:52 ---A- . (.Intel® Corporation - Intel® Display Audio Driver.) -- C:\WINDOWS\System32\Drivers\IntcDAud.sys [342528] O58 - SDL:13/07/2009 - 22:48:04 ---A- . (.LSI Corporation - LSI Fusion-MPT FC Driver (StorPort).) -- C:\WINDOWS\System32\Drivers\lsi_fc.sys [114752] O58 - SDL:13/07/2009 - 22:48:04 ---A- . (.LSI Corporation - LSI Fusion-MPT SAS Driver (StorPort).) -- C:\WINDOWS\System32\Drivers\lsi_sas.sys [106560] O58 - SDL:13/07/2009 - 22:48:04 ---A- . (.LSI Corporation - LSI SAS Gen2 Driver (StorPort).) -- C:\WINDOWS\System32\Drivers\lsi_sas2.sys [65600] O58 - SDL:13/07/2009 - 22:48:04 ---A- . (.LSI Corporation - LSI Fusion-MPT SCSI Driver (StorPort).) -- C:\WINDOWS\System32\Drivers\lsi_scsi.sys [115776] O58 - SDL:14/04/2015 - 09:37:42 ---A- . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\WINDOWS\System32\Drivers\mbam.sys [25816] O58 - SDL:14/04/2015 - 09:37:46 ---A- . (.Malwarebytes Corporation - Malwarebytes Chameleon Protection Driver.) -- C:\WINDOWS\System32\Drivers\mbamchameleon.sys [107736] O58 - SDL:20/05/2015 - 13:02:03 ---A- . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\WINDOWS\System32\Drivers\MBAMSwissArmy.sys [136408] O58 - SDL:13/07/2009 - 22:48:04 ---A- . (.LSI Corporation - MEGASAS RAID Controller Driver for Windows 7\Server 2008 R2 for.) -- C:\WINDOWS\System32\Drivers\megasas.sys [35392] O58 - SDL:13/07/2009 - 22:48:04 ---A- . (.LSI Corporation, Inc. - LSI MegaRAID Software RAID Driver.) -- C:\WINDOWS\System32\Drivers\MegaSR.sys [284736] O58 - SDL:19/03/2013 - 17:25:28 ---A- . (.Motorola Mobility Inc - Motorola USB Composite Device Driver.) -- C:\WINDOWS\System32\Drivers\motccgp.sys [23552] O58 - SDL:20/03/2013 - 09:51:14 ---A- . (.Motorola Inc - Motorola Unsafe Removal Filter Driver.) -- C:\WINDOWS\System32\Drivers\motfilt.sys [6144] O58 - SDL:19/03/2013 - 17:25:46 ---A- . (.Motorola Mobility Inc - Motorola USB Networking Driver.) -- C:\WINDOWS\System32\Drivers\Motousbnet.sys [27648] O58 - SDL:08/06/2012 - 16:08:54 ---A- . (.Motorola - No Comment.) -- C:\WINDOWS\System32\Drivers\motswch.sys [8832] O58 - SDL:20/03/2013 - 09:49:34 ---A- . (.Motorola Inc - Motorola USB Device Driver (SVC).) -- C:\WINDOWS\System32\Drivers\motusbdevice.sys [12288] O58 - SDL:14/04/2015 - 09:37:56 ---A- . (.Malwarebytes Corporation - Malwarebytes Web Access Control.) -- C:\WINDOWS\System32\Drivers\mwac.sys [63704] O58 - SDL:13/07/2009 - 22:48:26 ---A- . (.IBM Corporation - IBM ServeRAID Controller Driver.) -- C:\WINDOWS\System32\Drivers\nfrd960.sys [51264] O58 - SDL:23/09/2011 - 05:38:15 ---A- . (.NVIDIA Corporation - NVIDIA® nForce RAID Driver.) -- C:\WINDOWS\System32\Drivers\nvraid.sys [148352] O58 - SDL:23/09/2011 - 05:38:15 ---A- . (.NVIDIA Corporation - NVIDIA® nForce Sata Performance Driver.) -- C:\WINDOWS\System32\Drivers\nvstor.sys [166272] O58 - SDL:19/03/2010 - 03:00:00 ---A- . (.Sonic Solutions - Px Engine Device Driver for 64-bit Windows.) -- C:\WINDOWS\System32\Drivers\PxHlpa64.sys [55856] O58 - SDL:13/07/2009 - 22:45:46 ---A- . (.QLogic Corporation - QLogic Fibre Channel Stor Miniport Driver.) -- C:\WINDOWS\System32\Drivers\ql2300.sys [1524816] O58 - SDL:13/07/2009 - 22:45:45 ---A- . (.QLogic Corporation - QLogic iSCSI Storport Miniport Driver.) -- C:\WINDOWS\System32\Drivers\ql40xx.sys [128592] O58 - SDL:10/06/2011 - 06:34:52 ---A- . (.Realtek - Realtek 8136/8168/8169 NDIS 6.20 64-bit Driver.) -- C:\WINDOWS\System32\Drivers\Rt64win7.sys [539240] O58 - SDL:29/10/2010 - 21:11:42 ---A- . (.Realtek Semiconductor Corp. - Realtek USB Mass Storage Driver for 2K/XP/Vista/Win7.) -- C:\WINDOWS\System32\Drivers\RtsUStor.sys [250984] O58 - SDL:10/06/2009 - 17:37:19 ---A- . (.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) -- C:\WINDOWS\System32\Drivers\secdrv.sys [23040] O58 - SDL:13/07/2009 - 22:45:45 ---A- . (.Silicon Integrated Systems Corp. - SiS RAID Stor Miniport Driver.) -- C:\WINDOWS\System32\Drivers\sisraid2.sys [43584] O58 - SDL:13/07/2009 - 22:45:46 ---A- . (.Silicon Integrated Systems - SiS AHCI Stor-Miniport Driver.) -- C:\WINDOWS\System32\Drivers\sisraid4.sys [80464] O58 - SDL:13/07/2009 - 22:45:55 ---A- . (.Promise Technology - Promise SuperTrak EX Series Driver for Windows.) -- C:\WINDOWS\System32\Drivers\stexstor.sys [24656] O58 - SDL:27/05/2011 - 16:06:16 ---A- . (.IDT, Inc. - IDT PC Audio TPE.) -- C:\WINDOWS\System32\Drivers\stwrt64.sys [528384] O58 - SDL:13/07/2009 - 22:45:55 ---A- . (.VIA Technologies, Inc. - VIA Generic PCI IDE Bus Driver.) -- C:\WINDOWS\System32\Drivers\viaide.sys [17488] O58 - SDL:13/07/2009 - 22:45:55 ---A- . (.VIA Technologies Inc.,Ltd - VIA RAID DRIVER FOR AMD-X86-64.) -- C:\WINDOWS\System32\Drivers\vsmraid.sys [161872] O58 - SDL:13/02/2015 - 15:47:24 ---A- . (.Basil's Projects - WinDivert network packet capture and (re)injection driver.) -- C:\WINDOWS\System32\WinDivert64.sys [37592] O58 - SDL:08/05/2013 - 09:52:48 ---A- . (.GAS Tecnologia - GbPlugin Device Driver.) -- C:\WINDOWS\SysWOW64\drivers\gbpkm.sys [49536] ~ Drivers: 77 Scanned in 00mn 04s ---\\ Últimos ficheiros alterados ou criados (Utilizador) (061) O61 - LFC: 22/05/2015 - 23:14:07 ---A- . (.Google Inc..) -- C:\Users\Flávio\AppData\Local\Google\Chrome\User Data\WidevineCDM\1.4.8.823\_platform_specific\win_x86\widevinecdmadapter.dll [189256] O61 - LFC: 22/05/2015 - 23:14:13 ---A- . (...) -- C:\Users\Flávio\AppData\Local\Microsoft\OneDrive\17.3.5860.0512\CollectOneDriveLogs.bat [5850] O61 - LFC: 22/05/2015 - 23:14:13 ---A- . (.Microsoft Corporation.) -- C:\Users\Flávio\AppData\Local\Microsoft\OneDrive\17.3.5860.0512\ETWlog.dll [28872] O61 - LFC: 22/05/2015 - 23:14:13 ---A- . (.Microsoft Corporation.) -- C:\Users\Flávio\AppData\Local\Microsoft\OneDrive\17.3.5860.0512\FileSync.LocalizedResources.dll [82632] O61 - LFC: 22/05/2015 - 23:14:13 ---A- . (.Microsoft Corporation.) -- C:\Users\Flávio\AppData\Local\Microsoft\OneDrive\17.3.5860.0512\FileSync.Resources.dll [2653896] O61 - LFC: 22/05/2015 - 23:14:13 ---A- . (.Microsoft Corporation.) -- C:\Users\Flávio\AppData\Local\Microsoft\OneDrive\17.3.5860.0512\FileSyncApi.dll [227008] O61 - LFC: 22/05/2015 - 23:14:13 ---A- . (.Microsoft Corporation.) -- C:\Users\Flávio\AppData\Local\Microsoft\OneDrive\17.3.5860.0512\FileSyncClient.dll [1949384] O61 - LFC: 22/05/2015 - 23:14:13 ---A- . (.Microsoft Corporation.) -- C:\Users\Flávio\AppData\Local\Microsoft\OneDrive\17.3.5860.0512\FileSyncConfig.exe [149704] O61 - LFC: 22/05/2015 - 23:14:13 ---A- . (.Microsoft Corporation.) -- C:\Users\Flávio\AppData\Local\Microsoft\OneDrive\17.3.5860.0512\FileSyncSessions.dll [1359560] O61 - LFC: 22/05/2015 - 23:14:13 ---A- . (.Microsoft Corporation.) -- C:\Users\Flávio\AppData\Local\Microsoft\OneDrive\17.3.5860.0512\FileSyncShell.dll [1605832] O61 - LFC: 22/05/2015 - 23:14:13 ---A- . (.Microsoft Corporation.) -- C:\Users\Flávio\AppData\Local\Microsoft\OneDrive\17.3.5860.0512\LoggingPlatform.dll [110792] O61 - LFC: 22/05/2015 - 23:14:13 ---A- . (.Microsoft Corporation.) -- C:\Users\Flávio\AppData\Local\Microsoft\OneDrive\17.3.5860.0512\OneDriveSetup.exe [7676608] O61 - LFC: 22/05/2015 - 23:14:13 ---A- . (.Microsoft Corporation.) -- C:\Users\Flávio\AppData\Local\Microsoft\OneDrive\17.3.5860.0512\RemoteAccess.dll [765640] O61 - LFC: 22/05/2015 - 23:14:13 ---A- . (.Microsoft Corporation.) -- C:\Users\Flávio\AppData\Local\Microsoft\OneDrive\17.3.5860.0512\SqmWrapper.dll [39112] O61 - LFC: 22/05/2015 - 23:14:13 ---A- . (.Microsoft Corporation.) -- C:\Users\Flávio\AppData\Local\Microsoft\OneDrive\17.3.5860.0512\SyncEngine.dll [3187912] O61 - LFC: 22/05/2015 - 23:14:13 ---A- . (.Microsoft Corporation.) -- C:\Users\Flávio\AppData\Local\Microsoft\OneDrive\17.3.5860.0512\Telemetry.dll [317128] O61 - LFC: 22/05/2015 - 23:14:13 ---A- . (.Microsoft Corporation.) -- C:\Users\Flávio\AppData\Local\Microsoft\OneDrive\17.3.5860.0512\VideoStreamingPlugin.dll [414400] O61 - LFC: 22/05/2015 - 23:14:13 ---A- . (.Microsoft Corporation.) -- C:\Users\Flávio\AppData\Local\Microsoft\OneDrive\17.3.5860.0512\amd64\FileSyncApi64.dll [291016] O61 - LFC: 22/05/2015 - 23:14:13 ---A- . (.Microsoft Corporation.) -- C:\Users\Flávio\AppData\Local\Microsoft\OneDrive\17.3.5860.0512\amd64\FileSyncShell64.dll [1645256] O61 - LFC: 22/05/2015 - 23:14:13 ---A- . (.Microsoft Corporation.) -- C:\Users\Flávio\AppData\Local\Microsoft\OneDrive\17.3.5860.0512\amd64\LoggingPlatform64.dll [135880] O61 - LFC: 22/05/2015 - 23:14:13 ---A- . (.Microsoft Corporation.) -- C:\Users\Flávio\AppData\Local\Microsoft\OneDrive\17.3.5860.0512\amd64\msvcp110.dll [661448] O61 - LFC: 22/05/2015 - 23:14:13 ---A- . (.Microsoft Corporation.) -- C:\Users\Flávio\AppData\Local\Microsoft\OneDrive\17.3.5860.0512\amd64\msvcr110.dll [828872] O61 - LFC: 22/05/2015 - 23:14:13 ---A- . (.Microsoft Corporation.) -- C:\Users\Flávio\AppData\Local\Microsoft\OneDrive\17.3.5860.0512\msvcp110.dll [534480] O61 - LFC: 22/05/2015 - 23:14:13 ---A- . (.Microsoft Corporation.) -- C:\Users\Flávio\AppData\Local\Microsoft\OneDrive\17.3.5860.0512\msvcr110.dll [862664] O61 - LFC: 22/05/2015 - 23:14:13 ---A- . (.Microsoft Corporation.) -- C:\Users\Flávio\AppData\Local\Microsoft\OneDrive\17.3.5860.0512\sqmapi.dll [196416] O61 - LFC: 22/05/2015 - 23:14:13 ---A- . (.Microsoft Corporation.) -- C:\Users\Flávio\AppData\Local\Microsoft\OneDrive\17.3.5860.0512\wlmfds.dll [427208] O61 - LFC: 22/05/2015 - 23:14:14 ---A- . (.Microsoft Corporation.) -- C:\Users\Flávio\AppData\Local\Microsoft\OneDrive\17.3.5860.0512\WnsClientApi.dll [393920] O61 - LFC: 22/05/2015 - 23:14:14 ---A- . (.Microsoft Corporation.) -- C:\Users\Flávio\AppData\Local\Microsoft\OneDrive\OneDrive.exe [382664] O61 - LFC: 22/05/2015 - 23:14:14 ---A- . (.Microsoft Corporation.) -- C:\Users\Flávio\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe [7676608] O61 - LFC: 27/05/2015 - 23:14:06 ---A- . (...) -- C:\Users\Flávio\AppData\Local\Google\Chrome\User Data\ev_hashes_whitelist.bin [1113849] O61 - LFC: 27/05/2015 - 23:14:26 ---A- . (...) -- C:\Users\Flávio\AppData\Local\Temp\_MEI40842\pythoncom27.dll [364544] O61 - LFC: 27/05/2015 - 23:14:26 ---A- . (.Microsoft Corporation.) -- C:\Users\Flávio\AppData\Local\Temp\_MEI40842\gdi32.dll [287744] O61 - LFC: 27/05/2015 - 23:14:26 ---A- . (.Microsoft Corporation.) -- C:\Users\Flávio\AppData\Local\Temp\_MEI40842\kernel32.dll [990208] O61 - LFC: 27/05/2015 - 23:14:26 ---A- . (.Microsoft Corporation.) -- C:\Users\Flávio\AppData\Local\Temp\_MEI40842\mfc90.dll [1156600] O61 - LFC: 27/05/2015 - 23:14:26 ---A- . (.Microsoft Corporation.) -- C:\Users\Flávio\AppData\Local\Temp\_MEI40842\mfc90u.dll [1162744] O61 - LFC: 27/05/2015 - 23:14:26 ---A- . (.Microsoft Corporation.) -- C:\Users\Flávio\AppData\Local\Temp\_MEI40842\mfcm90.dll [59904] O61 - LFC: 27/05/2015 - 23:14:26 ---A- . (.Microsoft Corporation.) -- C:\Users\Flávio\AppData\Local\Temp\_MEI40842\mfcm90u.dll [59904] O61 - LFC: 27/05/2015 - 23:14:26 ---A- . (.Microsoft Corporation.) -- C:\Users\Flávio\AppData\Local\Temp\_MEI40842\msvcp100.dll [421200] O61 - LFC: 27/05/2015 - 23:14:26 ---A- . (.Microsoft Corporation.) -- C:\Users\Flávio\AppData\Local\Temp\_MEI40842\msvcr100.dll [773968] O61 - LFC: 27/05/2015 - 23:14:26 ---A- . (.Microsoft Corporation.) -- C:\Users\Flávio\AppData\Local\Temp\_MEI40842\psapi.dll [23040] O61 - LFC: 27/05/2015 - 23:14:26 ---A- . (.Python Software Foundation.) -- C:\Users\Flávio\AppData\Local\Temp\_MEI40842\python27.dll [2449920] O61 - LFC: 27/05/2015 - 23:14:27 ---A- . (...) -- C:\Users\Flávio\AppData\Local\Temp\_MEI40842\PyWinTypes27.dll [110080] O61 - LFC: 27/05/2015 - 23:14:27 ---A- . (.Microsoft Corporation.) -- C:\Users\Flávio\AppData\Local\Temp\_MEI40842\shell32.dll [8462848] O61 - LFC: 27/05/2015 - 23:14:27 ---A- . (.wxWidgets development team.) -- C:\Users\Flávio\AppData\Local\Temp\_MEI40842\wxbase294u_net_vc90.dll [154112] O61 - LFC: 27/05/2015 - 23:14:27 ---A- . (.wxWidgets development team.) -- C:\Users\Flávio\AppData\Local\Temp\_MEI40842\wxbase294u_vc90.dll [1985024] O61 - LFC: 27/05/2015 - 23:14:27 ---A- . (.wxWidgets development team.) -- C:\Users\Flávio\AppData\Local\Temp\_MEI40842\wxmsw294u_adv_vc90.dll [1234944] O61 - LFC: 27/05/2015 - 23:14:27 ---A- . (.wxWidgets development team.) -- C:\Users\Flávio\AppData\Local\Temp\_MEI40842\wxmsw294u_core_vc90.dll [4598272] O61 - LFC: 27/05/2015 - 23:14:27 ---A- . (.wxWidgets development team.) -- C:\Users\Flávio\AppData\Local\Temp\_MEI40842\wxmsw294u_html_vc90.dll [595968] O61 - LFC: 27/05/2015 - 23:14:27 ---A- . (.wxWidgets development team.) -- C:\Users\Flávio\AppData\Local\Temp\_MEI40842\wxmsw294u_webview_vc90.dll [91648] O61 - LFC: 27/05/2015 - 23:14:31 ---A- . (.Nicolas Coolman.) -- C:\Users\Flávio\Downloads\ZHPDiag2.exe [6882129] =>.Nicolas Coolman ~ 1094 Fichiers temporaires (Temporary files) ~ 6 Fichiers cookies (Cookies files) ~ Files: 50 Scanned in 00mn 26s ---\\ Lista das ferramentas de remoção de vírus (LAT) (063) O63 - Logiciel: ZHPDiag 2015 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =>.Nicolas Coolman O63 - Logiciel: HiJackThis - (.Trend Micro.) [HKLM] -- {45A66726-69BC-466B-A7A4-12FCBA4883D7} ~ ADS: Scanned in 00mn 00s ---\\ Lista dos serviços Legacy du registo (064) O64 - Services: CurCS - 14/04/2015 - C:\Windows\system32\drivers\mbam.sys (MBAMProtector) .(.Malwarebytes Corporation - Malwarebytes Anti-Malware.) - LEGACY_MBAMPROTECTOR O64 - Services: CurCS - 10/06/2009 - C:\WINDOWS\System32\Drivers\secdrv.sys (secdrv) .(.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) - LEGACY_SECDRV O64 - Services: CurCS - 31/10/2014 - C:\Program Files (x86)\GbPlugin\wsftprp64.sys (Warsaw_PP) .(.GAS Tecnologia LTDA - GAS Tecnologia - Driver (PP).) - LEGACY_WARSAW_PP O64 - Services: CurCS - 25/04/2015 - C:\Program Files\Diebold\Warsaw\WinDivert64.sys (WinDivert1.1) .(.Basil - WinDivert (web: http://reqrypt.org/windiver.) - LEGACY_WINDIVERT1.1 ~ Legacy: 78 Scanned in 00mn 00s ---\\ Associações Shell Spawning (O67) O67 - Shell Spawning: <.bat> <batfile>[HKLM\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.cpl> <cplfile>[HKLM\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\WINDOWS\System32\control.exe =>.Microsoft Corporation O67 - Shell Spawning: <.cmd> <cmdfile>[HKLM\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.com> <comfile>[HKLM\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.evt> <evtfile>[HKLM\..\open\Command] (.Microsoft Corporation - Iniciador do snap-in de 'Visualizar eventos'.) -- C:\WINDOWS\System32\eventvwr.exe O67 - Shell Spawning: <.exe> <exefile>[HKLM\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.html> <htmlfile>[HKLM\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe O67 - Shell Spawning: <.js> <JSFile>[HKLM\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\WScript.exe O67 - Shell Spawning: <.reg> <regfile>[HKLM\..\open\Command] (.Microsoft Corporation - Editor do Registro.) -- C:\WINDOWS\regedit.exe O67 - Shell Spawning: <.scr> <scrfile>[HKLM\..\open\Command] (...) -- "%1" /S O67 - Shell Spawning: <.html> <ChromeHTML>[HKCU\..\open\Command] (.Not Key.) ~ FASS Keys: 11 Scanned in 00mn 00s ---\\ Menu de inicialização Internet (068) O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe O68 - StartMenuInternet: <Google Chrome> <Google Chrome>[HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe ~ Keys: Scanned in 00mn 00s ---\\ Pesquisa de infeção nos navegadores da Internet (SBI) (069) O69 - SBI: SearchScopes [HKCU] {012E1000-F331-11DB-8314-0800200C9A66} - (Google) - http://www.google.com O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} [DefaultScope] - (Bing) - http://www.bing.com ~ Keys: Scanned in 00mn 00s ---\\ Listagem dos ficheiros Crack & Keygen (CKF) (O82) C:\Users\Flávio\Desktop\Programas\Corel Draw X7\Corel Draw X7 [32-64]\CORELDRAW_GRAPHICS_SUITE_X7_WIN32-XFORCE\Crack\Keygen.exe =>.Crack,Keygen C:\Users\Flávio\Desktop\Programas\Corel Draw X7\Corel Draw X7 [32-64]\CORELDRAW_GRAPHICS_SUITE_X7_WIN64-XFORCE\Crack\Keygen.exe =>.Crack,Keygen ~ Files: Scanned in 00mn 53s ---\\ Listagem dos serviços iniciados pelo Svchost (SSS) (O83) O83 - Search Svchost Services: AeLookupSvc (AeLookupSvc) . (.Microsoft Corporation - Serviço de Experiência com Aplicativo.) -- C:\WINDOWS\System32\aelupsvc.dll [72192] O83 - Search Svchost Services: CertPropSvc (CertPropSvc) . (.Microsoft Corporation - Serviço de Propagação de Certificado de Cartão Inteligente da Microsof.) -- C:\WINDOWS\System32\certprop.dll [80384] O83 - Search Svchost Services: SCPolicySvc (SCPolicySvc) . (.Microsoft Corporation - Serviço de Propagação de Certificado de Cartão Inteligente da Microsof.) -- C:\WINDOWS\System32\certprop.dll [80384] O83 - Search Svchost Services: lanmanserver (lanmanserver) . (.Microsoft Corporation - DLL de Serviço do Servidor.) -- C:\WINDOWS\System32\srvsvc.dll [236032] O83 - Search Svchost Services: gpsvc (gpsvc) . (.Microsoft Corporation - Cliente da Diretiva de Grupo.) -- C:\WINDOWS\System32\gpsvc.dll [777728] O83 - Search Svchost Services: IKEEXT (IKEEXT) . (.Microsoft Corporation - Extensão IKE.) -- C:\WINDOWS\System32\ikeext.dll [859648] O83 - Search Svchost Services: AudioSrv (AudioSrv) . (.Microsoft Corporation - Serviço de Áudio do Windows.) -- C:\WINDOWS\System32\Audiosrv.dll [680960] O83 - Search Svchost Services: Rasauto (Rasauto) . (.Microsoft Corporation - Gerenciador de Discagem Automática de Acesso Remoto.) -- C:\WINDOWS\System32\rasauto.dll [99328] O83 - Search Svchost Services: Rasman (Rasman) . (.Microsoft Corporation - Gerenciador de conexão de acesso remoto.) -- C:\WINDOWS\System32\rasmans.dll [344064] O83 - Search Svchost Services: Remoteaccess (Remoteaccess) . (.Microsoft Corporation - Gerenciador de Interface Dinâmica.) -- C:\WINDOWS\System32\mprdim.dll [97792] O83 - Search Svchost Services: SENS (SENS) . (.Microsoft Corporation - Serviço de Notificação de Eventos do Sistema (SENS).) -- C:\WINDOWS\System32\sens.dll [64512] O83 - Search Svchost Services: Sharedaccess (Sharedaccess) . (.Microsoft Corporation - Componentes do Microsoft NAT Helper.) -- C:\WINDOWS\System32\ipnathlp.dll [359424] O83 - Search Svchost Services: Tapisrv (Tapisrv) . (.Microsoft Corporation - Servidor de telefonia do Microsoft® Windows.) -- C:\WINDOWS\System32\tapisrv.dll [316928] O83 - Search Svchost Services: TermService (TermService) . (.Microsoft Corporation - Gerenciador de Conexões Remotas do Servidor Host da Sessão da Área de.) -- C:\WINDOWS\System32\termsrv.dll [683520] O83 - Search Svchost Services: wuauserv (wuauserv) . (.Microsoft Corporation - Windows Update Agent.) -- C:\WINDOWS\System32\wuaueng.dll [2553856] O83 - Search Svchost Services: BITS (BITS) . (.Microsoft Corporation - Serviço de transferência inteligente de plano de fundo.) -- C:\WINDOWS\System32\qmgr.dll [849920] O83 - Search Svchost Services: ShellHWDetection (ShellHWDetection) . (.Microsoft Corporation - DLL de serviços do Shell do Windows.) -- C:\WINDOWS\System32\shsvcs.dll [370688] O83 - Search Svchost Services: iphlpsvc (iphlpsvc) . (.Microsoft Corporation - Serviço que oferece conectividade IPv6 em uma rede IPv4..) -- C:\WINDOWS\System32\iphlpsvc.dll [569344] O83 - Search Svchost Services: seclogon (seclogon) . (.Microsoft Corporation - DLL de serviço de logon secundário.) -- C:\WINDOWS\system32\seclogon.dll [30720] O83 - Search Svchost Services: AppInfo (AppInfo) . (.Microsoft Corporation - Serviço de Informações de Aplicativos.) -- C:\WINDOWS\System32\appinfo.dll [70144] O83 - Search Svchost Services: msiscsi (msiscsi) . (.Microsoft Corporation - Serviço de Descoberta iSCSI.) -- C:\WINDOWS\System32\iscsiexe.dll [156672] O83 - Search Svchost Services: MMCSS (MMCSS) . (.Microsoft Corporation - Serviço Agendador de Classes de Multimídia.) -- C:\WINDOWS\System32\mmcss.dll [67584] O83 - Search Svchost Services: winmgmt (winmgmt) . (.Microsoft Corporation - WMI.) -- C:\WINDOWS\System32\wbem\WMIsvc.dll [242688] O83 - Search Svchost Services: SessionEnv (SessionEnv) . (.Microsoft Corporation - Serviço de Configuração da Área de Trabalho Remota.) -- C:\WINDOWS\System32\sessenv.dll [121856] O83 - Search Svchost Services: browser (browser) . (.Microsoft Corporation - DLL de Serviço Pesquisador de Computadores.) -- C:\WINDOWS\System32\browser.dll [136704] O83 - Search Svchost Services: EapHost (EapHost) . (.Microsoft Corporation - Serviço Microsoft EAPHost.) -- C:\WINDOWS\System32\eapsvc.dll [111104] O83 - Search Svchost Services: schedule (schedule) . (.Microsoft Corporation - Serviço Agendador de Tarefas.) -- C:\WINDOWS\System32\schedsvc.dll [1110016] O83 - Search Svchost Services: hkmsvc (hkmsvc) . (.Microsoft Corporation - Serviço de Gerenciamento de Chaves.) -- C:\WINDOWS\System32\kmsvc.dll [90624] O83 - Search Svchost Services: wercplsupport (wercplsupport) . (.Microsoft Corporation - Relatórios de Problemas e Soluções.) -- C:\WINDOWS\System32\wercplsupport.dll [84480] O83 - Search Svchost Services: ProfSvc (ProfSvc) . (.Microsoft Corporation - ProfSvc.) -- C:\WINDOWS\System32\profsvc.dll [210432] O83 - Search Svchost Services: Themes (Themes) . (.Microsoft Corporation - DLL do Serviço de Tema do Shell do Windows.) -- C:\WINDOWS\System32\themeservice.dll [44544] O83 - Search Svchost Services: BDESVC (BDESVC) . (.Microsoft Corporation - Serviço BDE.) -- C:\WINDOWS\System32\bdesvc.dll [100864] ~ Services: 32 Scanned in 00mn 00s ---\\ Pesquisa adicional à raiz do sistema (radicular) (SPRF) (O84) [MD5.1E099A22590841D8E7B3C6C14659EA30] [sPRF][13/02/2015] (...) -- C:\Users\Flávio\AppData\Roaming\unins000.dat [17831] ~ Files: 1 Scanned in 00mn 00s ---\\ Estado general dos serviços não Microsoft (EGS) (SR=Executados, SS=Parados) SS - | Demand 15/04/2015 268464 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe SS - | Demand 15/11/2012 277048 | (cphs) . (.Intel Corporation.) - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe SS - | Auto 31/07/2013 116648 | (gupdate) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe SS - | Demand 31/07/2013 116648 | (gupdatem) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe SS - | Auto 14/04/2015 1080120 | (MBAMService) . (.Malwarebytes Corporation.) - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe SS - | Demand 04/05/2015 148080 | (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe SS - | Demand 25/11/2010 1116656 | (RoxMediaDB12OEM) . (.Sonic Solutions.) - C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe SS - | Auto 25/11/2010 219632 | (RoxWatch12) . (.Sonic Solutions.) - C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe SS - | Auto 18/02/2015 315488 | (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files (x86)\Skype\Updater\Updater.exe SS - | Demand 04/02/2013 155824 | (Sony PC Companion) . (.Avanquest Software.) - C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe SS - | Demand 08/11/2010 74392 | (stllssvr) . (.MicroVision Development, Inc..) - C:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe SS - | Demand 13/07/2009 27136 | C:\Program Files (x86)\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\WINDOWS\System32\svchost.exe SR - | Auto 19/12/2014 81088 | (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe SR - | Auto 03/03/2009 89600 | (AESTFilters) . (.Andrea Electronics Corporation.) - C:\Program Files\IDT\WDM\AESTSr64.exe SR - | Auto 20/05/2011 146592 | (Atheros Bt&Wlan Coex Agent) . (.Atheros.) - C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\Ath_CoexAgent.exe SR - | Auto 20/05/2011 80032 | (AtherosSvc) . (.Atheros Commnucations.) - C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\adminservice.exe SR - | Auto 08/03/2015 56648 | (chromoting) . (.Google Inc..) - C:\Program Files (x86)\Google\Chrome Remote Desktop\42.0.2311.39\remoting_host.exe SR - | Auto 13/01/2015 555320 | (GbpSv) . (.GAS Tecnologia.) - C:\Program Files (x86)\GbPlugin\gbpsv.exe SR - | Auto 31/07/2013 137528 | (Motorola Device Manager) . (.Motorola Mobility LLC.) - C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe SR - | Auto 30/04/2015 23816 | (MsMpSvc) . (.Microsoft Corporation.) - c:\Program Files\Microsoft Security Client\MsMpEng.exe SR - | Auto 30/04/2014 337776 | (PSI_SVC_2_x64) . (.arvato digital services llc.) - c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe SR - | Auto 02/09/2011 65657 | (PST Service) . (.Motorola.) - C:\Program Files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe SR - | Auto 03/08/2014 186760 | (ScsiAccess) . (...) - C:\Program Files (x86)\Photodex\ProShowProducer\ScsiAccess.exe SR - | Auto 08/07/2011 1692480 | (SftService) . (.SoftThinks SAS.) - C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.exe SR - | Auto 27/05/2011 301568 | (STacSV) . (.IDT, Inc..) - C:\Program Files\IDT\WDM\STacSV64.exe SR - | Auto 13/02/2015 847160 | (Warsaw Technology) . (.GAS Tecnologia LTDA.) - C:\Program Files\Diebold\Warsaw\core.exe SR - | Demand 22/07/1658 0 | (WMPNetworkSvc) . (...) - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe =>.Microsoft Corporation SR - | Auto 13/07/2009 27136 | C:\WINDOWS\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\WINDOWS\System32\svchost.exe ~ Services: Scanned in 00mn 10s ---\\ Pesquisa de infeção no Registo Mestre de Inicialização (MBR) (080) Run by Flávio at 27/05/2015 23:15:50 ~ OS 64 not supported by MBR tool ~ MBR: 0 Scanned in 00mn 00s ---\\ Pesquisa de infeção no Registo Mestre de Inicialização (MBRCheck) (080) Written by ad13, http://ad13.geekstog Run by Flávio at 27/05/2015 23:15:52 ********* Dump file Name ********* C:\PhysicalDisk0_MBR.bin ~ MBR: Scanned in 00mn 02s ---\\ Scâner Aditional (088) Database Version : 13008 - (25/05/2015) Clés trouvées (Keys found) : 1 Valeurs trouvées (Values found) : 0 Dossiers trouvés (Folders found) : 0 Fichiers trouvés (Files found) : 1 [HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Dragon Branch] =>PUP.DragonBranch^ [HKLM\Software\Wow6432Node\DragonBranch] =>PUP.DragonBranch^ ~ Additionnel Scan: 348054 Items scanned in 00mn 17s ---\\ Informações complémentaires do módulos ~ http://nicolascoolman.fr/g2-google-chrome-extensions/ =>.Google Chrome, Arranque,Pesquisa,Extensões (G0,G1,G2) ~ http://nicolascoolman.fr/r5-internet-explorer-proxy-management-iepm/ =>.Internet Explorer, Gestão do Proxy (R5) ~ http://nicolascoolman.fr/o2-browser-helper-objects-de-navigateur/ =>.Browser Helper Objects do navegador (02) ~ http://nicolascoolman.fr/o4-applications-demarrees-par-le-registre/ =>.Aplicações iniciadas por registo & pastas (04) ~ http://nicolascoolman.fr/o51-mountpoints2-shell-key-mpsk/ =>.Chave do registo Shell MountPoints2 (MPSK) (O51) ~ AMI: 5 Scanned in 00mn 00s ---\\ Sumário das deteções encontradas na sua estação http://www.nicolascoolman.fr/blog/ =>PUP.DragonBranch ~ MSI: 1 link(s) detected in 00mn 00s End of the scan (1523 lines in 02mn 57s)(2.6)
  13. Flávio Marquim

    [Resolvido] Notebook lento pra iniciar

    Boa tarde Segue o logo, conforme pedido. Aguardo retorno Flávio Malwarebytes Anti-Malware www.malwarebytes.org Data da Verificação: 20/05/2015 Hora da Verificação: 10:03:26 Arquivo de Log: log.txt Administrador: Sim Versão: 2.01.6.1022 Base de Dados de Malware: v2015.05.20.03 Base de Dados de Rootkit: v2015.05.16.01 Licença: Grátis Proteção de Malware: Desabilitado Proteção de Site Malicioso: Desabilitado Auto-Proteção: Desabilitado SO: Windows 7 Service Pack 1 Processador: x64 Sistema de Arquivos: NTFS Usuário: Flávio Tipo da Verificação: Verificação Personalizada Resultado: Terminado Objetos Verificados: 526623 Tempo Decorrido: 2 hr, 17 min, 31 seg Memória: Habilitado Inicialização: Habilitado Sistema de Arquivos: Habilitado Arquivos Compactados: Habilitado Rootkits: Habilitado Heurística: Habilitado PUP: Habilitado PUM: Habilitado Processos: 0 (Nenhum item malicioso detectado) Módulos: 0 (Nenhum item malicioso detectado) Chaves de Registro: 2 PUP.Optional.DragonBranch.A, HKU\S-1-5-21-1210235661-1573419760-1918872127-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{D640CE67-58E4-43C2-9ADC-6BB959D7C606}, Quarentena, [aa39b7de3b4f999dde257cd6bf441ee2], PUP.Optional.DragonBranch.A, HKU\S-1-5-21-1210235661-1573419760-1918872127-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{D640CE67-58E4-43C2-9ADC-6BB959D7C606}, Quarentena, [aa39b7de3b4f999dde257cd6bf441ee2], Valores de Registro: 1 PUP.Vulnerable.DellSystemDetect, HKU\S-1-5-21-1210235661-1573419760-1918872127-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|DellSystemDetect, C:\Users\Flávio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dell\Dell System Detect.appref-ms, Quarentena, [905365308901ab8b52e266757d864bb5] Dados de Registro: 0 (Nenhum item malicioso detectado) Pastas: 0 (Nenhum item malicioso detectado) Arquivos: 2 PUP.Optional.Linkury.A, C:\AdwCleaner\Quarantine\C\Users\Flávio\AppData\Roaming\OpenCandy\83C2A2F7E7BD4017BA9882337011E50E\Installer.exe.vir, Quarentena, [3aa98411d4b6d5613a2060617e8743bd], PUP.Optional.DealPly, C:\AdwCleaner\Quarantine\C\Users\Flávio\AppData\Roaming\UpdaterEX\UpdateProc\UpdateTask.exe.vir, Quarentena, [de05d4c1a5e5ef470ed72b22808209f7], Setores Físicos: 0 (Nenhum item malicioso detectado) (end)
  14. Flávio Marquim

    [Resolvido] Notebook lento pra iniciar

    Boa noiteSegue o log: ~ ZHPCleaner v2015.5.17.241 by Nicolas Coolman (2015\05\17) ~ Run by Flávio (Administrator) (17/05/2015 19:01:27) ~ Forum : http://forum.nicolascoolman.fr ~ Facebook : https://www.facebook.com/nicolascoolman1 ~ State version : Version OK ~ Type : Reparo ~ Report : C:\Users\Flávio\Desktop\ZHPCleaner.txt ~ Quarantine : C:\Users\Flávio\AppData\Roaming\ZHP\ZHPCleaner_Quarantine.txt ~ UAC : Activate ~ Boot Mode : Normal (Normal boot) ~ Windows 7, 64-bit Service Pack 1 (Build 7601) ---\\ Serviços (0) ~ Nenhum ítem malicioso foi encontrado. ---\\ Navegadores de Internet (0) ~ Nenhum ítem malicioso foi encontrado. ---\\ Arquivo hosts (2) SUBSTITUIDO: Número de redirecionamentos encontrados 1/22 ---\\ Tarefas automáticas agendadas. (0) ~ Nenhum ítem malicioso foi encontrado. ---\\ Explorer ( Arquivos, Pastas) (67) MOVIDO pasta: C:\Users\Flávio\AppData\Roaming\unins000.exe [ - Setup/Uninstall] (Adware.Pirrit) MOVIDO arquivo: C:\Windows\Installer\MSI105.tmp- (Empty) MOVIDO arquivo: C:\Windows\Installer\MSI1238.tmp- (Empty) MOVIDO arquivo: C:\Windows\Installer\MSI1728.tmp- (Empty) MOVIDO arquivo: C:\Windows\Installer\MSI19E3.tmp- (Empty) MOVIDO arquivo: C:\Windows\Installer\MSI1CE4.tmp- (Empty) MOVIDO arquivo: C:\Windows\Installer\MSI2222.tmp- (Empty) MOVIDO arquivo: C:\Windows\Installer\MSI2524.tmp- (Empty) MOVIDO arquivo: C:\Windows\Installer\MSI296.tmp- (Empty) MOVIDO arquivo: C:\Windows\Installer\MSI3461.tmp- (Empty) MOVIDO arquivo: C:\Windows\Installer\MSI3679.tmp- (Empty) MOVIDO arquivo: C:\Windows\Installer\MSI3825.tmp- (Empty) MOVIDO arquivo: C:\Windows\Installer\MSI393C.tmp- (Empty) MOVIDO arquivo: C:\Windows\Installer\MSI4025.tmp- (Empty) MOVIDO arquivo: C:\Windows\Installer\MSI48F9.tmp- (Empty) MOVIDO arquivo: C:\Windows\Installer\MSI4CB3.tmp- (Empty) MOVIDO arquivo: C:\Windows\Installer\MSI50BA.tmp- (Empty) MOVIDO arquivo: C:\Windows\Installer\MSI56EE.tmp- (Empty) MOVIDO arquivo: C:\Windows\Installer\MSI5996.tmp- (Empty) MOVIDO arquivo: C:\Windows\Installer\MSI5C5C.tmp- (Empty) MOVIDO arquivo: C:\Windows\Installer\MSI5E52.tmp- (Empty) MOVIDO arquivo: C:\Windows\Installer\MSI5FD6.tmp- (Empty) MOVIDO arquivo: C:\Windows\Installer\MSI637F.tmp- (Empty) MOVIDO arquivo: C:\Windows\Installer\MSI66E4.tmp- (Empty) MOVIDO arquivo: C:\Windows\Installer\MSI6748.tmp- (Empty) MOVIDO arquivo: C:\Windows\Installer\MSI67F3.tmp- (Empty) MOVIDO arquivo: C:\Windows\Installer\MSI73F6.tmp- (Empty) MOVIDO arquivo: C:\Windows\Installer\MSI8238.tmp- (Empty) MOVIDO arquivo: C:\Windows\Installer\MSI8778.tmp- (Empty) MOVIDO arquivo: C:\Windows\Installer\MSI87E4.tmp- (Empty) MOVIDO arquivo: C:\Windows\Installer\MSI8B5D.tmp- (Empty) MOVIDO arquivo: C:\Windows\Installer\MSI9358.tmp- (Empty) MOVIDO arquivo: C:\Windows\Installer\MSI937A.tmp- (Empty) MOVIDO arquivo: C:\Windows\Installer\MSI9655.tmp- (Empty) MOVIDO arquivo: C:\Windows\Installer\MSI97DC.tmp- (Empty) MOVIDO arquivo: C:\Windows\Installer\MSI99FE.tmp- (Empty) MOVIDO arquivo: C:\Windows\Installer\MSI9EDF.tmp- (Empty) MOVIDO arquivo: C:\Windows\Installer\MSIA334.tmp- (Empty) MOVIDO arquivo: C:\Windows\Installer\MSIA47E.tmp- (Empty) MOVIDO arquivo: C:\Windows\Installer\MSIA6CB.tmp- (Empty) MOVIDO arquivo: C:\Windows\Installer\MSIA90E.tmp- (Empty) MOVIDO arquivo: C:\Windows\Installer\MSIAAC2.tmp- (Empty) MOVIDO arquivo: C:\Windows\Installer\MSIAD73.tmp- (Empty) MOVIDO arquivo: C:\Windows\Installer\MSIB0DD.tmp- (Empty) MOVIDO arquivo: C:\Windows\Installer\MSIB3F4.tmp- (Empty) MOVIDO arquivo: C:\Windows\Installer\MSIB689.tmp- (Empty) MOVIDO arquivo: C:\Windows\Installer\MSIBA8A.tmp- (Empty) MOVIDO arquivo: C:\Windows\Installer\MSIBD57.tmp- (Empty) MOVIDO arquivo: C:\Windows\Installer\MSIBDD5.tmp- (Empty) MOVIDO arquivo: C:\Windows\Installer\MSIC1EB.tmp- (Empty) MOVIDO arquivo: C:\Windows\Installer\MSIC4BF.tmp- (Empty) MOVIDO arquivo: C:\Windows\Installer\MSICCA6.tmp- (Empty) MOVIDO arquivo: C:\Windows\Installer\MSID2EE.tmp- (Empty) MOVIDO arquivo: C:\Windows\Installer\MSID9C3.tmp- (Empty) MOVIDO arquivo: C:\Windows\Installer\MSID9E3.tmp- (Empty) MOVIDO arquivo: C:\Windows\Installer\MSIDCEB.tmp- (Empty) MOVIDO arquivo: C:\Windows\Installer\MSIDDE9.tmp- (Empty) MOVIDO arquivo: C:\Windows\Installer\MSIE1E0.tmp- (Empty) MOVIDO arquivo: C:\Windows\Installer\MSIE589.tmp- (Empty) MOVIDO arquivo: C:\Windows\Installer\MSIE634.tmp- (Empty) MOVIDO arquivo: C:\Windows\Installer\MSIE9AF.tmp- (Empty) MOVIDO arquivo: C:\Windows\Installer\MSIED75.tmp- (Empty) MOVIDO arquivo: C:\Windows\Installer\MSIEDE4.tmp- (Empty) MOVIDO arquivo: C:\Windows\Installer\MSIF15E.tmp- (Empty) MOVIDO arquivo: C:\Windows\Installer\MSIF19A.tmp- (Empty) MOVIDO arquivo: C:\Windows\Installer\MSIF4AA.tmp- (Empty) MOVIDO arquivo: C:\Windows\Installer\MSIF91E.tmp- (Empty) ---\\ Registro ( Chaves, Valores, Dados ) (3) SUPRIMIDO chave*: HKEY_USERS\S-1-5-21-1210235661-1573419760-1918872127-1000\Software\Smartbar [] (PUP.QuickShare) SUPRIMIDO chave: HKCU\Software\Smartbar [] (PUP.QuickShare) SUPRIMIDO chave*: [X64] HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5} [iTool] (Toolbar.Ask) ---\\ Resultado de reparação Reparação efectuada com sucesso ~ Este navegador está faltando ! (Opera Software) ---\\ Estatísticas ~ Items scan : 4845 ~ Items encontrado : 1 ~ items cancelados : 0 ~ Items réparo : 70 End of clean at 19:01:43 =================== ZHPCleaner-[R]-17052015-19_01_43.txt ZHPCleaner--17052015-18_59_30.txt
  15. Flávio Marquim

    [Resolvido] Notebook lento pra iniciar

    Bom dia Segue o log. Flávio Zoek.exe v5.0.0.0 Updated 04-May-2015 Tool run by Fl vio on 17/05/2015 at 0:20:55,86. Microsoft Windows 7 Home Basic 6.1.7601 Service Pack 1 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\FLVIO~1\Desktop\zoek.exe [scan all users] [script inserted] ==== System Restore Info ====================== 17/05/2015 00:23:16 Zoek.exe System Restore Point Created Successfully. ==== Reset Hosts File ====================== # Copyright © 1993-2006 Microsoft Corp. # # This is a sample HOSTS file used by Microsoft TCP/IP for Windows. # # This file contains the mappings of IP addresses to host names. Each # entry should be kept on an individual line. The IP address should # be placed in the first column followed by the corresponding host name. # The IP address and the host name should be separated by at least one # space. # # Additionally, comments (such as these) may be inserted on individual # lines or following the machine name denoted by a '#' symbol. # # For example: # # 102.54.94.97 rhino.acme.com # source server # 38.25.63.10 x.acme.com # x client host # localhost name resolution is handled within DNS itself. 127.0.0.1 localhost ::1 localhost ==== Empty Folders Check ====================== C:\PROGRA~2\MarkAny deleted successfully C:\PROGRA~2\Samsung deleted successfully C:\PROGRA~2\Winnydows deleted successfully C:\PROGRA~2\Wondershare deleted successfully C:\Users\FLVIO~1\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\First PDF deleted successfully C:\Users\FLVIO~1\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\VobSub deleted successfully C:\PROGRA~3\CorelDRAW Graphics Suite X7 x64 deleted successfully C:\Windows\serviceprofiles\networkservice\AppData\\LocalLow deleted successfully C:\Windows\serviceprofiles\Localservice\AppData\\LocalLow deleted successfully C:\Users\FLVIO~1\AppData\Local\Samsung deleted successfully ==== Deleting CLSID Registry Keys ====================== ==== Deleting CLSID Registry Values ====================== ==== Deleting Services ====================== ==== FireFox Fix ====================== Deleted from C:\Users\FLVIO~1\AppData\Roaming\Mozilla\Firefox\Profiles\9hxcj7r2.default\prefs.js: user_pref("browser.startup.homepage", "https://www.google.com.br/"); user_pref("browser.newtab.url", "about:blank"); Added to C:\Users\FLVIO~1\AppData\Roaming\Mozilla\Firefox\Profiles\9hxcj7r2.default\prefs.js: user_pref("browser.startup.homepage", "about:home"); user_pref("browser.newtab.url", "about:newtab"); ==== Deleting Files \ Folders ====================== C:\PROGRA~2\MarkAny not found C:\PROGRA~2\Samsung not found C:\PROGRA~2\Winnydows not found C:\PROGRA~2\Wondershare not found C:\PROGRA~3\CorelDRAW Graphics Suite X7 x64 not found C:\Users\FLVIO~1\.android deleted C:\PROGRA~2\COMMON~1\Wondershare deleted C:\PROGRA~3\Package Cache deleted C:\Users\FLVIO~1\AppData\Local\Wondershare deleted C:\Windows\SysNative\config\systemprofile\Searches deleted ==== Firefox Start and Search pages ====================== ProfilePath: C:\Users\FLVIO~1\AppData\Roaming\Mozilla\Firefox\Profiles\9hxcj7r2.default user_pref("browser.startup.homepage", "about:home"); user_pref("browser.newtab.url", "about:newtab"); ==== Firefox Extensions Registry ====================== [HKEY_CURRENT_USER\Software\Mozilla\Firefox\Extensions] "{87F8774F-B485-47E2-A755-A40A8A5E886C}"="C:\Users\Fl vio\AppData\Local\GAS Tecnologia\GBBD\bb\xpi" [28/03/2015 12:46] ==== Firefox Extensions ====================== ProfilePath: C:\Users\FLVIO~1\AppData\Roaming\Mozilla\Firefox\Profiles\9hxcj7r2.default - Undetermined - C:\Users\Flávio\AppData\Local\GAS Tecnologia\GBBD\bb\xpi AppDir: C:\Program Files (x86)\Mozilla Firefox - Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} ==== Firefox Plugins ====================== ==== Chromium Look ====================== Google Chrome Version: 42.0.2311.152 HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions lmjegmlicamnimmfhcmpkclmigmmcbeh - No path found[] Google Docs - FLVIO~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake Google Drive - FLVIO~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf YouTube - FLVIO~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo Google Search - FLVIO~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf Bookmark Manager - FLVIO~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik CHROME;360;liebao - FLVIO~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\knngjajhgkigjgiblkjjfoenpkcokngl Chrome Hotword Shared Module - FLVIO~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg Facebook Album Photo Manager - FLVIO~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\lgiedegfmekolcplboelnmfoiefpcpfg GBBD Banco do Brasil - FLVIO~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkeabchhfifpaaoefpockjhaphjmoapp Google Wallet - FLVIO~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda Gmail - FLVIO~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia Google Slides - FLVIO~1\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek Google Docs - FLVIO~1\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake Google Drive - FLVIO~1\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf YouTube - FLVIO~1\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo Google Search - FLVIO~1\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf Google Sheets - FLVIO~1\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap Google Drive App Launcher - FLVIO~1\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh Google Wallet - FLVIO~1\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda Gmail - FLVIO~1\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia ==== Chromium Startpages ====================== C:\Users\FLVIO~1\AppData\Local\Google\Chrome\User Data\Default\Preferences "homepage": "http://www.google.com.br/", "startup_urls": [ "https://www.google.com.br/" ] ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="https://www.google.com.br/" "Search Page"="http://www.google.com" "Search Bar"="http://www.google.com" "Use Search Asst"="yes" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchUrl] "Default"="http://www.google.com" [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\SearchUrl] "Default"="http://www.google.com" [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl] "Default"="http://www.google.com" [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search] "Default_Search_URL"="http://www.google.com" "SearchAssistant"="http://www.google.com" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896" "Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896" "Start Page"="https://www.google.com.br/" "Use Search Asst"="no" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchUrl] "(Default)"="http://search.msn.com/results.asp?q=%s" [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\SearchUrl] "(Default)"="http://search.msn.com/results.asp?q=%s" [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl] "(Default)"="http://search.msn.com/results.asp?q=%s" [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search] "Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896" "SearchAssistant"="http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" {012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}" {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC" ==== Reset Google Chrome ====================== C:\Users\FLVIO~1\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully C:\Users\FLVIO~1\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences was reset successfully C:\Users\FLVIO~1\AppData\Local\Google\Chrome\User Data\Profile 1\Preferences was reset successfully C:\Users\FLVIO~1\AppData\Local\Google\Chrome\User Data\Profile 1\Secure Preferences was reset successfully C:\Users\FLVIO~1\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully C:\Users\FLVIO~1\AppData\Local\Google\Chrome\User Data\Default\Web Data-journal was reset successfully C:\Users\FLVIO~1\AppData\Local\Google\Chrome\User Data\Default\Web Data.temp was reset successfully C:\Users\FLVIO~1\AppData\Local\Google\Chrome\User Data\Profile 1\Web Data was reset successfully C:\Users\FLVIO~1\AppData\Local\Google\Chrome\User Data\Profile 1\Web Data-journal was reset successfully ==== shortcuts on Users Desktops ====================== C:\Users\FLVIO~1\Desktop\HiJackThis.lnk - C:\Users\Flávio\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe C:\Users\FLVIO~1\Desktop\Programas\Ares.lnk - C:\Program Files (x86)\Ares\Ares.exe C:\Users\FLVIO~1\Desktop\Programas\Ashampoo Burning Studio 2013.lnk - C:\Program Files (x86)\Ashampoo\Ashampoo Burning Studio 2013\burningstudio2013.exe C:\Users\FLVIO~1\Desktop\Programas\CCleaner.lnk - C:\Program Files\CCleaner\CCleaner64.exe C:\Users\FLVIO~1\Desktop\Programas\Evernote.lnk - C:\Program Files (x86)\Evernote\Evernote\Evernote.exe C:\Users\FLVIO~1\Desktop\Programas\First PDF.lnk - C:\Program Files (x86)\First PDF\First PDF.exe C:\Users\FLVIO~1\Desktop\Programas\Freemake Video Converter.lnk - C:\Program Files (x86)\Freemake\Freemake Video Converter\FreemakeVideoConverter.exe C:\Users\FLVIO~1\Desktop\Programas\JDownloader 2.lnk - C:\Users\Flávio\AppData\Local\JDownloader v2.0\JDownloader2.exe C:\Users\FLVIO~1\Desktop\Programas\PhotoScape.lnk - C:\Program Files (x86)\PhotoScape\PhotoScape.exe C:\Users\FLVIO~1\Desktop\Programas\Popcorn-Time.lnk - C:\Program Files (x86)\Time4Popcorn\Popcorn Time\Popcorn-Time.exe C:\Users\FLVIO~1\Desktop\Programas\ProShow Producer.lnk - C:\Program Files (x86)\Photodex\ProShowProducer\proshow.exe C:\Users\FLVIO~1\Desktop\Programas\Sony PC Companion 2.1.lnk - C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe C:\Users\FLVIO~1\Desktop\Programas\Subtitle Workshop.lnk - C:\Program Files (x86)\URUSoft\Subtitle Workshop\SubtitleWorkshop.exe C:\Users\FLVIO~1\Desktop\Programas\VLC media player.lnk - C:\Program Files (x86)\VideoLAN\VLC\vlc.exe C:\Users\FLVIO~1\Desktop\Programas\Corel Draw X7\Bitstream Font Navigator (64-Bit).lnk - C:\Program Files (x86)\Corel\CorelDRAW Graphics Suite X7\FontNav64\FontNav.exe C:\Users\FLVIO~1\Desktop\Programas\Corel Draw X7\Corel CAPTURE X7 (64-Bit).lnk - c:\Windows\Installer\{2C91CB9D-323D-43E5-A433-229B71CFB773}\NewShortcut8_65BCA6E0337A452DA55C0654EAAD7A0B.exe C:\Users\FLVIO~1\Desktop\Programas\Corel Draw X7\Corel CONNECT X7 (64-Bit).lnk - C:\Program Files (x86)\Corel\CorelDRAW Graphics Suite X7\Connect64\Connect.exe C:\Users\FLVIO~1\Desktop\Programas\Corel Draw X7\Corel PHOTO-PAINT X7 (64-Bit).lnk - c:\Windows\Installer\{C922F325-DD52-4E22-B204-431A06E63E51}\NewShortcut2_EBB51BFEE10948A888CB7ADF96E8EC80.exe C:\Users\FLVIO~1\Desktop\Programas\Corel Draw X7\CorelDRAW X7 (64-Bit).lnk - c:\Windows\Installer\{2C0DDC74-5234-43DD-BB5A-0645B8FE5289}\NewShortcut1_68427AB8B2C044C58AA777A4C3F75634.exe C:\Users\FLVIO~1\Desktop\Programas\Google\Google Docs.lnk - C:\Program Files (x86)\Google\Drive\googledrivesync.exe --new_document C:\Users\FLVIO~1\Desktop\Programas\Google\Google Drive.lnk - C:\Users\Flávio\Google Drive C:\Users\FLVIO~1\Desktop\Programas\Google\Google Sheets.lnk - C:\Program Files (x86)\Google\Drive\googledrivesync.exe --new_spreadsheet C:\Users\FLVIO~1\Desktop\Programas\Google\Google Slides.lnk - C:\Program Files (x86)\Google\Drive\googledrivesync.exe --new_presentation ==== shortcuts in Users Start Menu ====================== C:\Users\Flávio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk - C:\Users\Flávio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HiJackThis\HiJackThis.lnk - C:\Users\Flávio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Programas RFB2015\IRPF - Declaração de Ajuste Anual, Final de Espólio e Saída Definitiva do País\Ajuda do IRPF2015.lnk - C:\Users\Flávio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Programas RFB2015\IRPF - Declaração de Ajuste Anual, Final de Espólio e Saída Definitiva do País\Desinstalar IRPF2015.lnk - C:\Users\Flávio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Programas RFB2015\IRPF - Declaração de Ajuste Anual, Final de Espólio e Saída Definitiva do País\IRPF2015 - Declaração de Ajuste Anual, Final de Espólio e Saída Definitiva do País.lnk - C:\Users\Flávio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Programas RFB2015\IRPF - Declaração de Ajuste Anual, Final de Espólio e Saída Definitiva do País\Leia-me do IRPF2015.lnk - C:\Users\Flávio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EvernoteClipper.lnk - C:\Users\Flávio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk - C:\Users\Flávio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HiJackThis\HiJackThis.lnk - C:\Users\Flávio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Programas RFB2015\IRPF - Declaração de Ajuste Anual, Final de Espólio e Saída Definitiva do País\Ajuda do IRPF2015.lnk - C:\Users\Flávio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Programas RFB2015\IRPF - Declaração de Ajuste Anual, Final de Espólio e Saída Definitiva do País\Desinstalar IRPF2015.lnk - C:\Users\Flávio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Programas RFB2015\IRPF - Declaração de Ajuste Anual, Final de Espólio e Saída Definitiva do País\IRPF2015 - Declaração de Ajuste Anual, Final de Espólio e Saída Definitiva do País.lnk - C:\Users\Flávio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Programas RFB2015\IRPF - Declaração de Ajuste Anual, Final de Espólio e Saída Definitiva do País\Leia-me do IRPF2015.lnk - C:\Users\Flávio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EvernoteClipper.lnk - C:\Users\Flávio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk - C:\Users\Flávio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HiJackThis\HiJackThis.lnk - C:\Users\Flávio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Programas RFB2015\IRPF - Declaração de Ajuste Anual, Final de Espólio e Saída Definitiva do País\Ajuda do IRPF2015.lnk - C:\Users\Flávio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Programas RFB2015\IRPF - Declaração de Ajuste Anual, Final de Espólio e Saída Definitiva do País\Desinstalar IRPF2015.lnk - C:\Users\Flávio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Programas RFB2015\IRPF - Declaração de Ajuste Anual, Final de Espólio e Saída Definitiva do País\IRPF2015 - Declaração de Ajuste Anual, Final de Espólio e Saída Definitiva do País.lnk - C:\Users\Flávio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Programas RFB2015\IRPF - Declaração de Ajuste Anual, Final de Espólio e Saída Definitiva do País\Leia-me do IRPF2015.lnk - C:\Users\Flávio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EvernoteClipper.lnk - C:\Users\Flávio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk - C:\Users\Flávio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HiJackThis\HiJackThis.lnk - C:\Users\Flávio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Programas RFB2015\IRPF - Declaração de Ajuste Anual, Final de Espólio e Saída Definitiva do País\Ajuda do IRPF2015.lnk - C:\Users\Flávio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Programas RFB2015\IRPF - Declaração de Ajuste Anual, Final de Espólio e Saída Definitiva do País\Desinstalar IRPF2015.lnk - C:\Users\Flávio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Programas RFB2015\IRPF - Declaração de Ajuste Anual, Final de Espólio e Saída Definitiva do País\IRPF2015 - Declaração de Ajuste Anual, Final de Espólio e Saída Definitiva do País.lnk - C:\Users\Flávio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Programas RFB2015\IRPF - Declaração de Ajuste Anual, Final de Espólio e Saída Definitiva do País\Leia-me do IRPF2015.lnk - C:\Users\Flávio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EvernoteClipper.lnk - C:\Users\Flávio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk - C:\Users\Flávio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HiJackThis\HiJackThis.lnk - C:\Users\Flávio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Programas RFB2015\IRPF - Declaração de Ajuste Anual, Final de Espólio e Saída Definitiva do País\Ajuda do IRPF2015.lnk - C:\Users\Flávio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Programas RFB2015\IRPF - Declaração de Ajuste Anual, Final de Espólio e Saída Definitiva do País\Desinstalar IRPF2015.lnk - C:\Users\Flávio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Programas RFB2015\IRPF - Declaração de Ajuste Anual, Final de Espólio e Saída Definitiva do País\IRPF2015 - Declaração de Ajuste Anual, Final de Espólio e Saída Definitiva do País.lnk - C:\Users\Flávio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Programas RFB2015\IRPF - Declaração de Ajuste Anual, Final de Espólio e Saída Definitiva do País\Leia-me do IRPF2015.lnk - C:\Users\Flávio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EvernoteClipper.lnk - C:\Users\Flávio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk - C:\Users\Flávio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HiJackThis\HiJackThis.lnk - C:\Users\Flávio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Programas RFB2015\IRPF - Declaração de Ajuste Anual, Final de Espólio e Saída Definitiva do País\Ajuda do IRPF2015.lnk - C:\Users\Flávio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Programas RFB2015\IRPF - Declaração de Ajuste Anual, Final de Espólio e Saída Definitiva do País\Desinstalar IRPF2015.lnk - C:\Users\Flávio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Programas RFB2015\IRPF - Declaração de Ajuste Anual, Final de Espólio e Saída Definitiva do País\IRPF2015 - Declaração de Ajuste Anual, Final de Espólio e Saída Definitiva do País.lnk - C:\Users\Flávio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Programas RFB2015\IRPF - Declaração de Ajuste Anual, Final de Espólio e Saída Definitiva do País\Leia-me do IRPF2015.lnk - C:\Users\Flávio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EvernoteClipper.lnk - C:\Users\Flávio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk - C:\Users\Flávio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HiJackThis\HiJackThis.lnk - C:\Users\Flávio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Programas RFB2015\IRPF - Declaração de Ajuste Anual, Final de Espólio e Saída Definitiva do País\Ajuda do IRPF2015.lnk - C:\Users\Flávio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Programas RFB2015\IRPF - Declaração de Ajuste Anual, Final de Espólio e Saída Definitiva do País\Desinstalar IRPF2015.lnk - C:\Users\Flávio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Programas RFB2015\IRPF - Declaração de Ajuste Anual, Final de Espólio e Saída Definitiva do País\IRPF2015 - Declaração de Ajuste Anual, Final de Espólio e Saída Definitiva do País.lnk - C:\Users\Flávio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Programas RFB2015\IRPF - Declaração de Ajuste Anual, Final de Espólio e Saída Definitiva do País\Leia-me do IRPF2015.lnk - C:\Users\Flávio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EvernoteClipper.lnk - C:\Users\Flávio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk - C:\Users\Flávio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HiJackThis\HiJackThis.lnk - C:\Users\Flávio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Programas RFB2015\IRPF - Declaração de Ajuste Anual, Final de Espólio e Saída Definitiva do País\Ajuda do IRPF2015.lnk - C:\Users\Flávio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Programas RFB2015\IRPF - Declaração de Ajuste Anual, Final de Espólio e Saída Definitiva do País\Desinstalar IRPF2015.lnk - C:\Users\Flávio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Programas RFB2015\IRPF - Declaração de Ajuste Anual, Final de Espólio e Saída Definitiva do País\IRPF2015 - Declaração de Ajuste Anual, Final de Espólio e Saída Definitiva do País.lnk - C:\Users\Flávio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Programas RFB2015\IRPF - Declaração de Ajuste Anual, Final de Espólio e Saída Definitiva do País\Leia-me do IRPF2015.lnk - C:\Users\Flávio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EvernoteClipper.lnk - C:\Users\Flávio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk - C:\Users\Flávio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HiJackThis\HiJackThis.lnk - C:\Users\Flávio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Programas RFB2015\IRPF - Declaração de Ajuste Anual, Final de Espólio e Saída Definitiva do País\Ajuda do IRPF2015.lnk - C:\Users\Flávio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Programas RFB2015\IRPF - Declaração de Ajuste Anual, Final de Espólio e Saída Definitiva do País\Desinstalar IRPF2015.lnk - C:\Users\Flávio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Programas RFB2015\IRPF - Declaração de Ajuste Anual, Final de Espólio e Saída Definitiva do País\IRPF2015 - Declaração de Ajuste Anual, Final de Espólio e Saída Definitiva do País.lnk - C:\Users\Flávio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Programas RFB2015\IRPF - Declaração de Ajuste Anual, Final de Espólio e Saída Definitiva do País\Leia-me do IRPF2015.lnk - C:\Users\Flávio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EvernoteClipper.lnk - ==== shortcuts in All Users Start Menu ====================== C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk - C:\Windows\Installer\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}\SC_Reader.ico C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk - C:\Program Files (x86)\Microsoft Security Client\msseces.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CorelDRAW Graphics Suite X7 (64-bit)\Bitstream Font Navigator (64-Bit).lnk - C:\Program Files (x86)\Corel\CorelDRAW Graphics Suite X7\FontNav64\FontNav.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CorelDRAW Graphics Suite X7 (64-bit)\Corel CAPTURE X7 (64-Bit).lnk - c:\Windows\Installer\{2C91CB9D-323D-43E5-A433-229B71CFB773}\NewShortcut8_65BCA6E0337A452DA55C0654EAAD7A0B.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CorelDRAW Graphics Suite X7 (64-bit)\Corel CONNECT X7 (64-Bit).lnk - C:\Program Files (x86)\Corel\CorelDRAW Graphics Suite X7\Connect64\Connect.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CorelDRAW Graphics Suite X7 (64-bit)\Corel PHOTO-PAINT X7 (64-Bit).lnk - c:\Windows\Installer\{C922F325-DD52-4E22-B204-431A06E63E51}\NewShortcut2_EBB51BFEE10948A888CB7ADF96E8EC80.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CorelDRAW Graphics Suite X7 (64-bit)\CorelDRAW X7 (64-Bit).lnk - c:\Windows\Installer\{2C0DDC74-5234-43DD-BB5A-0645B8FE5289}\NewShortcut1_68427AB8B2C044C58AA777A4C3F75634.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CorelDRAW Graphics Suite X7 (64-bit)\Duplexing Wizard (64-Bit).lnk - c:\Windows\Installer\{2C0DDC74-5234-43DD-BB5A-0645B8FE5289}\NewShortcut10_BB562587DB944A668ECBA27E6BFD871C.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CorelDRAW Graphics Suite X7 (64-bit)\Video Tutorials X7 (64-Bit).lnk - C:\Program Files (x86)\Corel\CorelDRAW Graphics Suite X7\VideoBrowser64\VideoBrowser.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CorelDRAW Graphics Suite X7 (64-bit)\Documentation\Macro Programming Guide.lnk - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Evernote\Evernote.lnk - C:\Windows\Installer\{FEDC7C10-EF67-11E4-9B07-00505695D7B0}\Evernote.ico C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive\Google Docs.lnk - C:\Program Files (x86)\Google\Drive\googledrivesync.exe --new_document C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive\Google Drive.lnk - C:\Program Files (x86)\Google\Drive\googledrivesync.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive\Google Sheets.lnk - C:\Program Files (x86)\Google\Drive\googledrivesync.exe --new_spreadsheet C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive\Google Slides.lnk - C:\Program Files (x86)\Google\Drive\googledrivesync.exe --new_presentation C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight\Microsoft Silverlight.lnk - C:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\Silverlight.Configuration.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PhotoScape\PhotoScape.lnk - C:\Program Files (x86)\PhotoScape\PhotoScape.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PhotoScape\Uninstall PhotoScape.lnk - C:\Program Files (x86)\PhotoScape\uninstall.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Programas RFB\Receitanet\Ajuda do Receitanet 1.05 .lnk - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Programas RFB\Receitanet\Desinstalar o Receitanet 1.05.lnk - C:\Program Files (x86)\Programas RFB\Receitanet\Desinstalador.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Programas RFB\Receitanet\Receitanet 1.05 .lnk - C:\Program Files (x86)\Programas RFB\Receitanet\Windows\Receitanet.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony\Sony PC Companion\Desinstalar.lnk - C:\Program Files (x86)\InstallShield Installation Information\{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}\setup.exe -uninst -runfromtemp C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony\Sony PC Companion\Sony PC Companion 2.1.lnk - C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe ==== Reset IE Proxy ====================== Value(s) before fix: "ProxyEnable"=dword:00000000 Value(s) after fix: "ProxyEnable"=dword:00000000 ==== Deleting Registry Keys ====================== HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PlusService deleted successfully ==== Empty IE Cache ====================== C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\FLVIO~1\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\FLVIO~1\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully ==== Empty FireFox Cache ====================== C:\Users\FLVIO~1\AppData\Local\Mozilla\Firefox\Profiles\9hxcj7r2.default\cache2 emptied successfully ==== Empty Chrome Cache ====================== C:\Users\FLVIO~1\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully C:\Users\FLVIO~1\AppData\Local\Google\Chrome\User Data\Profile 1\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== C:\zoek_backup content ====================== C:\zoek_backup (files=80 folders=98 22151499 bytes) ==== Empty Temp Folders ====================== C:\Users\Default\AppData\Local\Temp emptied successfully C:\Users\Default User\AppData\Local\Temp emptied successfully C:\Users\FLVIO~1\AppData\Local\Temp will be emptied at reboot C:\Users\USURIO~1\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully C:\Windows\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\FLVIO~1\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== EOF on 17/05/2015 at 0:41:55,65 ======================
×

Informação importante

Ao usar o fórum, você concorda com nossos Termos e condições.