Flux RSS


Yahoo! 
MSN 
AOL 
Netvibes 
Bloglines 


Social bookmarking

Social bookmarking Digg  Social bookmarking Delicious  Social bookmarking Reddit  Social bookmarking Stumbleupon  Social bookmarking Slashdot  Social bookmarking Yahoo  Social bookmarking Google  Social bookmarking Blinklist  Social bookmarking Blogmarks  Social bookmarking Technorati  

Conservar e compartilhar o endereço de PC Seguro em seu site de social bookmarking

Conservar e compartilhar o endereço de Fórum PC Brasil em seu site de social bookmarking

Estatísticas
Temos 14443 usuários registrados
O último usuário registrado atende pelo nome de Caio Flavio

Os nossos membros postaram um total de 35198 mensagens em 3565 assuntos
Últimos assuntos
» Notebook lento, acho que está com virus
por joram Ontem à(s) 18:38

Quem está conectado
3 usuários online :: Nenhum usuário registrado, Nenhum Invisível e 3 Visitantes

Nenhum

O recorde de usuários online foi de 108 em Qui 15 Maio 2014, 21:18
Buscar
 
 

Resultados por:
 


Rechercher Busca avançada

Novembro 2017
SegTerQuaQuiSexSabDom
  12345
6789101112
13141516171819
20212223242526
27282930   

Calendário Calendário


Descoberta de Rede

Página 1 de 2 1, 2  Seguinte

Ver o tópico anterior Ver o tópico seguinte Ir em baixo

Descoberta de Rede

Mensagem por Paulo Vieira em Dom 26 Out 2014, 09:44

Tive problema com websearches. Consegui desinstalar mexendo no registro do windows (ajuda do Spy Hunter). A partir daí não consigo acessar impressora remota a partir do notebook com Win 7 Ultimate de 32.
Na rede pude verificar que tinha que ativar Descoberta de Rede na Central de Rede e Compartilhamento, porém quando marco a opção de Ativar e volto para verificar está desmarcada.
Fiz os seguintes procedimentos orientados pela rede:

No Firewall do Windows habilitei:
Compartilhamento de Arquivos e Impressoras; --> Feito
Descoberta de Rede;--> Feito
SSTP ( Security Socket Tunneling Protocol)--> Feito

Depois em Serviços, colocar Automátioco os seguintes Serviços:
Cliente DNS --> NÂO CONSIGO
Publicação de Recursos de Descoberta de Função --> Feito
Descoberta SSDP Discovery --> Feito
Host de Dispositivo UPnP --> Feito

Portanto NÃO consigo ativar CLIENTE DNS, pois surge a mensagem: " O SISTEMA NÃO PODE ENCONTRAR O CAMINHO ESPECIFICADO!".

Pude perceber que o caminho seria: \\C: windows\system32\svchost.exe -K Network Service

Além disso. pude verificar que o serviço Cliente DNS é dependente dos seguintes componentes serviços:
Driver de Suporte a TDI Herdado do NeO\Driver de Protocolo TCP/IP e do Serviço de Interface de repositório de Rede (está funcionando em automático).

Por favor, alguém pode me ajudar a habilitar de forma Automática o Serviço Cliente DNS e com isso ativar Descoberta de Rede.

Desde já agradeço!

Paulo Vieira
avatar
Paulo Vieira
Iniciante
Iniciante

Mensagens : 18
Reputação : 0
Data de inscrição : 19/04/2014

Voltar ao Topo Ir em baixo

Re: Descoberta de Rede

Mensagem por joram em Dom 26 Out 2014, 11:10

Bom Dia! Paulo Vieira

Paulo Vieira escreveu:Além disso. pude verificar que o serviço Cliente DNS é dependente dos seguintes componentes serviços:
Driver de Suporte a TDI Herdado do NeO\Driver de Protocolo TCP/IP e do Serviço de Interface de repositório de Rede (está funcionando em automático).
> E,também,do serviço [Você precisa estar registrado e conectado para ver este link.].
> Mas...o software que utilizou para a remoção do malware,não foi adequado. Já que o mesmo é [Você precisa estar registrado e conectado para ver este link.].
> Caso queira,posso mover este Tópico para a sala de desinfecção,e seguir na pesquisa ou busca por malwares.

A+
avatar
joram
Administrador
Administrador

Mensagens : 3765
Reputação : 416
Data de inscrição : 26/01/2014
Localização : Rio de Janeiro

Voltar ao Topo Ir em baixo

Re: Descoberta de Rede

Mensagem por Paulo Vieira em Dom 26 Out 2014, 11:39

O cliente DHCP está funcionando (automático).

Pode mover o tópico para a sala de desinfecção. Mas serei notificado de possível solução?
avatar
Paulo Vieira
Iniciante
Iniciante

Mensagens : 18
Reputação : 0
Data de inscrição : 19/04/2014

Voltar ao Topo Ir em baixo

Re: Descoberta de Rede

Mensagem por joram em Dom 26 Out 2014, 11:50

Paulo Vieira escreveu:O cliente DHCP está funcionando (automático).

Pode mover o tópico para a sala de desinfecção. Mas serei notificado de possível solução?
Bom Dia! Paulo Vieira

> Não somos helpdesk para lhe dar soluções delineadas ou prontas!
> Seu caso e o de todos,terão que seguir "passo à passo" na investigação e remoção de possíveis vírus,que estão no PC.

< [Você precisa estar registrado e conectado para ver esta imagem.] >

> Poste o log do HijackThis,segundo a [Você precisa estar registrado e conectado para ver este link.].

A+


Última edição por joram em Dom 26 Out 2014, 12:23, editado 1 vez(es)

_________________
[Você precisa estar registrado e conectado para ver este link.] >> O que há de melhor,para desinfectar seu computador!
[Você precisa estar registrado e conectado para ver este link.] >> Não deixem de conhecer!
[Você precisa estar registrado e conectado para ver este link.] >> Tradição em informática!
avatar
joram
Administrador
Administrador

Mensagens : 3765
Reputação : 416
Data de inscrição : 26/01/2014
Localização : Rio de Janeiro

Voltar ao Topo Ir em baixo

Re: Descoberta de Rede

Mensagem por Paulo Vieira em Dom 26 Out 2014, 12:14

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 13:12:03, on 26/10/2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17344)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\USB Disk Security\USBGuard.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Real\RealPlayer\Update\realsched.exe
C:\Program Files\Connect Manager\UIExec.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\system32\DllHost.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files\Ralink\Common\RaUI.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\Real\RealPlayer\RPDS\Bin\rpsystray.exe
C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\Macromed\Flash\FlashUtil32_15_0_0_167_ActiveX.exe
C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Users\PV\Downloads\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = [Você precisa estar registrado e conectado para ver este link.]
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Preserve
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = [Você precisa estar registrado e conectado para ver este link.]
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = [Você precisa estar registrado e conectado para ver este link.]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = [Você precisa estar registrado e conectado para ver este link.]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = [Você precisa estar registrado e conectado para ver este link.]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = [Você precisa estar registrado e conectado para ver este link.]
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = [Você precisa estar registrado e conectado para ver este link.]
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: RealNetworks Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (file missing)
O2 - BHO: ssavE net - {43EB4EE6-5E67-8B6D-6241-1CD6094290AE} - C:\Program Files\ssavE net\KTfk2Nj7fw.dll (file missing)
O2 - BHO: SaverExtteneSiion - {596CA237-7AA3-6475-0C4F-2033501605C9} - C:\ProgramData\SaverExtteneSiion\_u7d.dll (file missing)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: Auxiliar de Conexão do Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: G-Buster Browser Defense CEF - {C41A1C0E-EA6C-11D4-B1B8-444553540003} - C:\Program Files\GbPlugin\gbiehcef.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O2 - BHO: YoutubeAdblocker - {F5D17FBE-EE2C-6B39-D167-233CDEE56549} - C:\Program Files\YoutubeAdblocker\7vV.dll (file missing)
O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [USB Security] C:\Program Files\USB Disk Security\USBGuard.exe
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Real\RealPlayer\update\realsched.exe" -osboot
O4 - HKLM\..\Run: [UIExec] "C:\Program Files\Connect Manager\UIExec.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [ISUSPM Startup] "C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -startup
O4 - HKCU\..\RunOnce: [FlashPlayerUpdate] C:\Windows\system32\Macromed\Flash\FlashUtil32_15_0_0_167_ActiveX.exe -update activex
O4 - Startup: BrOffice.org 3.1.lnk = C:\Program Files\BrOffice.org 3\program\quickstart.exe
O4 - Startup: Recorte de tela e Iniciador do OneNote 2007.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O4 - Global Startup: Bluetooth.lnk = ?
O4 - Global Startup: Ralink Wireless Utility.lnk = C:\Program Files\Ralink\Common\RaUI.exe
O4 - Global Startup: RealPlayer Cloud Service UI.lnk = C:\Program Files\Real\RealPlayer\RPDS\Bin\rpsystray.exe
O8 - Extra context menu item: SmarThru4 Capturar seleção - C:\Program Files\SmarThru 4\WebCapture.dll2.htm
O8 - Extra context menu item: SmarThru4 Salvar como HTML - C:\Program Files\SmarThru 4\WebCapture.dll1.htm
O8 - Extra context menu item: SmarThru4 Salvar texto selecionado - C:\Program Files\SmarThru 4\WebCapture.dll.htm
O8 - Extra context menu item: SmarThru4 Web Capture - C:\Program Files\SmarThru 4\WebCapture.dll
O9 - Extra button: Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MIF5BA~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MIF5BA~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MIF5BA~1\Office12\REFIEBAR.DLL
O9 - Extra button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: imagem.caixa.gov.br
O15 - Trusted Zone: internetbanking.caixa.gov.br
O15 - Trusted Zone: [Você precisa estar registrado e conectado para ver este link.]
O15 - Trusted Zone: [Você precisa estar registrado e conectado para ver este link.]
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O20 - AppInit_DLLs: c:\progra~1\sw-boo~1\assist~1.dll
O20 - Winlogon Notify: GbPluginCef - C:\Program Files\GbPlugin\gbiehCef.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: AVG Bonjour Service - Unknown owner - C:\Windows\TEMP\avgcu_mDNSResponder.exe (file missing)
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: CDROM_Detect - Unknown owner - C:\Program Files\3.5G HSPA MODEM\WCDMA_Eject.exe
O23 - Service: Gbp Service (GbpSv) - GAS Tecnologia - C:\PROGRA~1\GbPlugin\GbpSv.exe
O23 - Service: Serviço do Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Serviço do Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: Ralink Registry Writer (RalinkRegistryWriter) - Ralink Technology, Corp. - C:\Program Files\Ralink\Common\RaRegistry.exe
O23 - Service: RealNetworks Downloader Resolver Service - Unknown owner - C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
O23 - Service: RealPlayer Cloud Service - RealNetworks, Inc. - c:\program files\real\realplayer\RPDS\Bin\rpdsvc.exe
O23 - Service: RealPlayer Update Service (RealPlayerUpdateSvc) - Unknown owner - C:\Program Files\Real\UpdateService\RealPlayerUpdateSvc.exe
O23 - Service: SpyHunter 4 Service - Enigma Software Group USA, LLC. - C:\PROGRA~1\ENIGMA~1\SPYHUN~1\SH4SER~1.EXE
O23 - Service: UI Assistant Service - Unknown owner - C:\Program Files\Connect Manager\AssistantServices.exe

--
End of file - 9387 bytes
avatar
Paulo Vieira
Iniciante
Iniciante

Mensagens : 18
Reputação : 0
Data de inscrição : 19/04/2014

Voltar ao Topo Ir em baixo

Re: Descoberta de Rede

Mensagem por joram em Dom 26 Out 2014, 13:21

Boa Tarde! Paulo Vieira

O20 - AppInit_DLLs: c:\progra~1\sw-boo~1\assist~1.dll

> Abra o HijackThis!
> Clique: "Do a system scan only" >> Marque esta entrada!
> Clique "Fix Checked".

> Baixe: < [Você precisa estar registrado e conectado para ver este link.]> ( ... by Farbar )

> Para sistemas 32 bit!

> Baixe: < [Você precisa estar registrado e conectado para ver este link.]> (64 bit)

> Ou aqui,para sistemas 64bit!
> Salve-o no desktop! (Área de trabalho ...)
> Execute a ferramenta! Clique "Yes" >> "Scan".

[Você precisa estar registrado e conectado para ver esta imagem.]

> Antes de clicar "Scan",verifique se as caixinhas em "Whitelist" estão assinaladas.
> Em "Optional Scan",deixe marcada a checkbox "Addition.txt".
> Poste o relatório! (FRST.txt + Addition.txt)
> Ps: O relatório "Addition.txt",somente estará disponibilizado na 1ª execução da ferramenta.
> Como o log será extenso,envie-o à [Você precisa estar registrado e conectado para ver este link.].

> Ou acesse: < [Você precisa estar registrado e conectado para ver este link.] >

> Maiores informações: < |[Você precisa estar registrado e conectado para ver este link.]| >

A+
avatar
joram
Administrador
Administrador

Mensagens : 3765
Reputação : 416
Data de inscrição : 26/01/2014
Localização : Rio de Janeiro

Voltar ao Topo Ir em baixo

Re: Descoberta de Rede

Mensagem por Paulo Vieira em Dom 26 Out 2014, 17:07

segui suas orientações: baixei o FRST.exe para 32 bits mas quando mando executá-lo nada acontece.
avatar
Paulo Vieira
Iniciante
Iniciante

Mensagens : 18
Reputação : 0
Data de inscrição : 19/04/2014

Voltar ao Topo Ir em baixo

Re: Descoberta de Rede

Mensagem por joram em Dom 26 Out 2014, 17:19

Paulo Vieira escreveu:segui suas orientações: baixei o FRST.exe para 32 bits mas quando mando executá-lo nada acontece.
Boa Tarde! Paulo Vieira

> Foi pelo clique direito no arquivo e escolheu: Executar como administrador?
> Se não executar,mesmo assim,tente em Modo de Segurança.

A+
avatar
joram
Administrador
Administrador

Mensagens : 3765
Reputação : 416
Data de inscrição : 26/01/2014
Localização : Rio de Janeiro

Voltar ao Topo Ir em baixo

Re: Descoberta de Rede

Mensagem por Paulo Vieira em Ter 28 Out 2014, 20:59

Fiz os dois procedimentos, porém sem sucesso. O Programa ameaça abrir mas não consegue.
avatar
Paulo Vieira
Iniciante
Iniciante

Mensagens : 18
Reputação : 0
Data de inscrição : 19/04/2014

Voltar ao Topo Ir em baixo

Re: Descoberta de Rede

Mensagem por joram em Ter 28 Out 2014, 21:46

Boa Noite! Paulo Vieira

> Baixe: < [Você precisa estar registrado e conectado para ver este link.] > ( ... par Xplode )
>
> Ou daqui: < [Você precisa estar registrado e conectado para ver este link.] >
> Ao acessar,clique em "Download Now".
>
> Salve-o no desktop!

< [Você precisa estar registrado e conectado para ver esta imagem.] >

> Clique direito em adwcleaner.exe,e escolha sua execução como administrador.

[Você precisa estar registrado e conectado para ver esta imagem.]

> Ps: Dê início ao scan,clicando em "Examinar". 

< [Você precisa estar registrado e conectado para ver esta imagem.] >

> Ao concluir,clique "Limpar" >> Ok >> Ok >> Ok.
> Copie o log ou clique "Relatório".
> Poste: < C:\AdwCleaner\AdwCleaner[S0].txt > 

A+
avatar
joram
Administrador
Administrador

Mensagens : 3765
Reputação : 416
Data de inscrição : 26/01/2014
Localização : Rio de Janeiro

Voltar ao Topo Ir em baixo

Re: Descoberta de Rede

Mensagem por Paulo Vieira em Ter 28 Out 2014, 22:47

Baixei o programa e da mesma forma não consigo executá-lo. Será que o Firewall do windows ou anti vírus que não estão deixando?
Uso o anti vírus Malwarebytes Anti-Malware
avatar
Paulo Vieira
Iniciante
Iniciante

Mensagens : 18
Reputação : 0
Data de inscrição : 19/04/2014

Voltar ao Topo Ir em baixo

Re: Descoberta de Rede

Mensagem por joram em Ter 28 Out 2014, 23:30

Paulo Vieira escreveu:Baixei o programa e da mesma forma não consigo executá-lo. Será que o Firewall do windows ou anti vírus que não estão deixando?
Uso o anti vírus Malwarebytes Anti-Malware
Boa Noite! Paulo Vieira

> O Malwarebytes não é antivírus!

> Baixe: < [Você precisa estar registrado e conectado para ver este link.] > ( ... by Swearware )
> Salve-o no desktop! ( Área de trabalho! )
> Renomeie-o para Winlogon.
>
> Baixe: < [Você precisa estar registrado e conectado para ver este link.] > ( ... by Grinler )

> Baixe: < [Você precisa estar registrado e conectado para ver este link.] > ( ... by Grinler )

> Baixe: < [Você precisa estar registrado e conectado para ver este link.] > ( ... by Grinler )

> Ps: São 3 os links disponibilizados,onde cada versão deve ser baixada,ao constatar-mos o não funcionamento das anteriores que foram experimentadas.
> Para Windows Vista ou 7,execute-a como administrador! ( Clique direito e ... )
> Ao rodar a ferramenta e surgir caixas pretas,por breves momentos,teremos a certeza que está funcionando ou em operação. Caso não tenhamos caixas pretas em sua execução,delete essa versão e baixe outra.
> Não reinicie o computador,ao concluir! << Importante!
> Execute,agora,a ferramenta ComboFix que foi renomeada para "Winlogon".
> Ps: Tente este comando,ao Prompt de comando:

"%userprofile%\desktop\Winlogon.exe" /KillAll /nombr

> Digite ou cole e aperte Enter.
> Aguarde a conclusão do scan!
> Poste: ComboFix.txt ou Winlogon.txt.

A+
avatar
joram
Administrador
Administrador

Mensagens : 3765
Reputação : 416
Data de inscrição : 26/01/2014
Localização : Rio de Janeiro

Voltar ao Topo Ir em baixo

Re: Descoberta de Rede

Mensagem por Paulo Vieira em Qua 29 Out 2014, 20:42

Segue Combofix.txt:

ComboFix 14-10-27.01 - PV 29/10/2014 1:24.1.2 - x86
Microsoft Windows 7 Ultimate 6.1.7601.1.1252.55.1046.18.2037.703 [GMT -2:00]
Executando de: c:\users\PV\Desktop\ComboFix.exe
Comandos utilizados :: /KillAll/nombr
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
ADS - system32: deleted 2 bytes in 1 streams.
ADS - drivers: deleted 212 bytes in 1 streams.
.
((((((((((((((((((((((((((((((((((((( Outras Exclusões )))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\END
c:\users\Administrador\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\balcobjiojeggchhjfjnionmhfijepla\1.0\background.html
c:\users\Administrador\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\balcobjiojeggchhjfjnionmhfijepla\1.0\content.js
c:\users\Administrador\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\balcobjiojeggchhjfjnionmhfijepla\1.0\lsdb.js
c:\users\Administrador\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\balcobjiojeggchhjfjnionmhfijepla\1.0\manifest.json
c:\users\Administrador\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\balcobjiojeggchhjfjnionmhfijepla\1.0\S5wjs.js
c:\users\Administrador\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ipkfnchcgalnafehpglfbommidgmalan\232\background.html
c:\users\Administrador\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ipkfnchcgalnafehpglfbommidgmalan\232\content.js
c:\users\Administrador\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ipkfnchcgalnafehpglfbommidgmalan\232\lsdb.js
c:\users\Administrador\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ipkfnchcgalnafehpglfbommidgmalan\232\manifest.json
c:\users\Administrador\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ipkfnchcgalnafehpglfbommidgmalan\232\Po92VKCaQ.js
c:\users\Administrador\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\mljffajdjfablplhmclmeebhmighmmdg\5.14\background.html
c:\users\Administrador\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\mljffajdjfablplhmclmeebhmighmmdg\5.14\content.js
c:\users\Administrador\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\mljffajdjfablplhmclmeebhmighmmdg\5.14\jCiRh5zsPpl.js
c:\users\Administrador\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\mljffajdjfablplhmclmeebhmighmmdg\5.14\lsdb.js
c:\users\Administrador\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\mljffajdjfablplhmclmeebhmighmmdg\5.14\manifest.json
c:\users\Administrador\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\balcobjiojeggchhjfjnionmhfijepla\1.0\background.html
c:\users\Administrador\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\balcobjiojeggchhjfjnionmhfijepla\1.0\content.js
c:\users\Administrador\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\balcobjiojeggchhjfjnionmhfijepla\1.0\lsdb.js
c:\users\Administrador\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\balcobjiojeggchhjfjnionmhfijepla\1.0\manifest.json
c:\users\Administrador\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\balcobjiojeggchhjfjnionmhfijepla\1.0\S5wjs.js
c:\users\Administrador\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ipkfnchcgalnafehpglfbommidgmalan\232\background.html
c:\users\Administrador\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ipkfnchcgalnafehpglfbommidgmalan\232\content.js
c:\users\Administrador\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ipkfnchcgalnafehpglfbommidgmalan\232\lsdb.js
c:\users\Administrador\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ipkfnchcgalnafehpglfbommidgmalan\232\manifest.json
c:\users\Administrador\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ipkfnchcgalnafehpglfbommidgmalan\232\Po92VKCaQ.js
c:\users\Administrador\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\mljffajdjfablplhmclmeebhmighmmdg\5.14\background.html
c:\users\Administrador\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\mljffajdjfablplhmclmeebhmighmmdg\5.14\content.js
c:\users\Administrador\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\mljffajdjfablplhmclmeebhmighmmdg\5.14\jCiRh5zsPpl.js
c:\users\Administrador\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\mljffajdjfablplhmclmeebhmighmmdg\5.14\lsdb.js
c:\users\Administrador\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\mljffajdjfablplhmclmeebhmighmmdg\5.14\manifest.json
c:\users\Administrador\AppData\Local\Google\Chrome\User Data\Default\Extensions\balcobjiojeggchhjfjnionmhfijepla\1.0\background.html
c:\users\Administrador\AppData\Local\Google\Chrome\User Data\Default\Extensions\balcobjiojeggchhjfjnionmhfijepla\1.0\content.js
c:\users\Administrador\AppData\Local\Google\Chrome\User Data\Default\Extensions\balcobjiojeggchhjfjnionmhfijepla\1.0\lsdb.js
c:\users\Administrador\AppData\Local\Google\Chrome\User Data\Default\Extensions\balcobjiojeggchhjfjnionmhfijepla\1.0\manifest.json
c:\users\Administrador\AppData\Local\Google\Chrome\User Data\Default\Extensions\balcobjiojeggchhjfjnionmhfijepla\1.0\S5wjs.js
c:\users\Administrador\AppData\Local\Google\Chrome\User Data\Default\Extensions\ipkfnchcgalnafehpglfbommidgmalan\232\background.html
c:\users\Administrador\AppData\Local\Google\Chrome\User Data\Default\Extensions\ipkfnchcgalnafehpglfbommidgmalan\232\content.js
c:\users\Administrador\AppData\Local\Google\Chrome\User Data\Default\Extensions\ipkfnchcgalnafehpglfbommidgmalan\232\lsdb.js
c:\users\Administrador\AppData\Local\Google\Chrome\User Data\Default\Extensions\ipkfnchcgalnafehpglfbommidgmalan\232\manifest.json
c:\users\Administrador\AppData\Local\Google\Chrome\User Data\Default\Extensions\ipkfnchcgalnafehpglfbommidgmalan\232\Po92VKCaQ.js
c:\users\Administrador\AppData\Local\Google\Chrome\User Data\Default\Extensions\mljffajdjfablplhmclmeebhmighmmdg\5.14\background.html
c:\users\Administrador\AppData\Local\Google\Chrome\User Data\Default\Extensions\mljffajdjfablplhmclmeebhmighmmdg\5.14\content.js
c:\users\Administrador\AppData\Local\Google\Chrome\User Data\Default\Extensions\mljffajdjfablplhmclmeebhmighmmdg\5.14\jCiRh5zsPpl.js
c:\users\Administrador\AppData\Local\Google\Chrome\User Data\Default\Extensions\mljffajdjfablplhmclmeebhmighmmdg\5.14\lsdb.js
c:\users\Administrador\AppData\Local\Google\Chrome\User Data\Default\Extensions\mljffajdjfablplhmclmeebhmighmmdg\5.14\manifest.json
c:\users\Administrador\AppData\Local\Torch\User Data\Default\Extensions\balcobjiojeggchhjfjnionmhfijepla\1.0\background.html
c:\users\Administrador\AppData\Local\Torch\User Data\Default\Extensions\balcobjiojeggchhjfjnionmhfijepla\1.0\content.js
c:\users\Administrador\AppData\Local\Torch\User Data\Default\Extensions\balcobjiojeggchhjfjnionmhfijepla\1.0\lsdb.js
c:\users\Administrador\AppData\Local\Torch\User Data\Default\Extensions\balcobjiojeggchhjfjnionmhfijepla\1.0\manifest.json
c:\users\Administrador\AppData\Local\Torch\User Data\Default\Extensions\balcobjiojeggchhjfjnionmhfijepla\1.0\S5wjs.js
c:\users\Administrador\AppData\Local\Torch\User Data\Default\Extensions\ipkfnchcgalnafehpglfbommidgmalan\232\background.html
c:\users\Administrador\AppData\Local\Torch\User Data\Default\Extensions\ipkfnchcgalnafehpglfbommidgmalan\232\content.js
c:\users\Administrador\AppData\Local\Torch\User Data\Default\Extensions\ipkfnchcgalnafehpglfbommidgmalan\232\lsdb.js
c:\users\Administrador\AppData\Local\Torch\User Data\Default\Extensions\ipkfnchcgalnafehpglfbommidgmalan\232\manifest.json
c:\users\Administrador\AppData\Local\Torch\User Data\Default\Extensions\ipkfnchcgalnafehpglfbommidgmalan\232\Po92VKCaQ.js
c:\users\Administrador\AppData\Local\Torch\User Data\Default\Extensions\mljffajdjfablplhmclmeebhmighmmdg\5.14\background.html
c:\users\Administrador\AppData\Local\Torch\User Data\Default\Extensions\mljffajdjfablplhmclmeebhmighmmdg\5.14\content.js
c:\users\Administrador\AppData\Local\Torch\User Data\Default\Extensions\mljffajdjfablplhmclmeebhmighmmdg\5.14\jCiRh5zsPpl.js
c:\users\Administrador\AppData\Local\Torch\User Data\Default\Extensions\mljffajdjfablplhmclmeebhmighmmdg\5.14\lsdb.js
c:\users\Administrador\AppData\Local\Torch\User Data\Default\Extensions\mljffajdjfablplhmclmeebhmighmmdg\5.14\manifest.json
c:\users\Convidado\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\balcobjiojeggchhjfjnionmhfijepla\1.0\background.html
c:\users\Convidado\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\balcobjiojeggchhjfjnionmhfijepla\1.0\content.js
c:\users\Convidado\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\balcobjiojeggchhjfjnionmhfijepla\1.0\lsdb.js
c:\users\Convidado\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\balcobjiojeggchhjfjnionmhfijepla\1.0\manifest.json
c:\users\Convidado\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\balcobjiojeggchhjfjnionmhfijepla\1.0\S5wjs.js
c:\users\Convidado\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ipkfnchcgalnafehpglfbommidgmalan\232\background.html
c:\users\Convidado\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ipkfnchcgalnafehpglfbommidgmalan\232\content.js
c:\users\Convidado\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ipkfnchcgalnafehpglfbommidgmalan\232\lsdb.js
c:\users\Convidado\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ipkfnchcgalnafehpglfbommidgmalan\232\manifest.json
c:\users\Convidado\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ipkfnchcgalnafehpglfbommidgmalan\232\Po92VKCaQ.js
c:\users\Convidado\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\mljffajdjfablplhmclmeebhmighmmdg\5.14\background.html
c:\users\Convidado\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\mljffajdjfablplhmclmeebhmighmmdg\5.14\content.js
c:\users\Convidado\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\mljffajdjfablplhmclmeebhmighmmdg\5.14\jCiRh5zsPpl.js
c:\users\Convidado\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\mljffajdjfablplhmclmeebhmighmmdg\5.14\lsdb.js
c:\users\Convidado\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\mljffajdjfablplhmclmeebhmighmmdg\5.14\manifest.json
c:\users\Convidado\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\balcobjiojeggchhjfjnionmhfijepla\1.0\background.html
c:\users\Convidado\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\balcobjiojeggchhjfjnionmhfijepla\1.0\content.js
c:\users\Convidado\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\balcobjiojeggchhjfjnionmhfijepla\1.0\lsdb.js
c:\users\Convidado\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\balcobjiojeggchhjfjnionmhfijepla\1.0\manifest.json
c:\users\Convidado\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\balcobjiojeggchhjfjnionmhfijepla\1.0\S5wjs.js
c:\users\Convidado\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ipkfnchcgalnafehpglfbommidgmalan\232\background.html
c:\users\Convidado\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ipkfnchcgalnafehpglfbommidgmalan\232\content.js
c:\users\Convidado\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ipkfnchcgalnafehpglfbommidgmalan\232\lsdb.js
c:\users\Convidado\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ipkfnchcgalnafehpglfbommidgmalan\232\manifest.json
c:\users\Convidado\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ipkfnchcgalnafehpglfbommidgmalan\232\Po92VKCaQ.js
c:\users\Convidado\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\mljffajdjfablplhmclmeebhmighmmdg\5.14\background.html
c:\users\Convidado\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\mljffajdjfablplhmclmeebhmighmmdg\5.14\content.js
c:\users\Convidado\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\mljffajdjfablplhmclmeebhmighmmdg\5.14\jCiRh5zsPpl.js
c:\users\Convidado\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\mljffajdjfablplhmclmeebhmighmmdg\5.14\lsdb.js
c:\users\Convidado\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\mljffajdjfablplhmclmeebhmighmmdg\5.14\manifest.json
c:\users\Convidado\AppData\Local\Google\Chrome\User Data\Default\Extensions\balcobjiojeggchhjfjnionmhfijepla\1.0\background.html
c:\users\Convidado\AppData\Local\Google\Chrome\User Data\Default\Extensions\balcobjiojeggchhjfjnionmhfijepla\1.0\content.js
c:\users\Convidado\AppData\Local\Google\Chrome\User Data\Default\Extensions\balcobjiojeggchhjfjnionmhfijepla\1.0\lsdb.js
c:\users\Convidado\AppData\Local\Google\Chrome\User Data\Default\Extensions\balcobjiojeggchhjfjnionmhfijepla\1.0\manifest.json
c:\users\Convidado\AppData\Local\Google\Chrome\User Data\Default\Extensions\balcobjiojeggchhjfjnionmhfijepla\1.0\S5wjs.js
c:\users\Convidado\AppData\Local\Google\Chrome\User Data\Default\Extensions\ipkfnchcgalnafehpglfbommidgmalan\232\background.html
c:\users\Convidado\AppData\Local\Google\Chrome\User Data\Default\Extensions\ipkfnchcgalnafehpglfbommidgmalan\232\content.js
c:\users\Convidado\AppData\Local\Google\Chrome\User Data\Default\Extensions\ipkfnchcgalnafehpglfbommidgmalan\232\lsdb.js
c:\users\Convidado\AppData\Local\Google\Chrome\User Data\Default\Extensions\ipkfnchcgalnafehpglfbommidgmalan\232\manifest.json
c:\users\Convidado\AppData\Local\Google\Chrome\User Data\Default\Extensions\ipkfnchcgalnafehpglfbommidgmalan\232\Po92VKCaQ.js
c:\users\Convidado\AppData\Local\Google\Chrome\User Data\Default\Extensions\mljffajdjfablplhmclmeebhmighmmdg\5.14\background.html
c:\users\Convidado\AppData\Local\Google\Chrome\User Data\Default\Extensions\mljffajdjfablplhmclmeebhmighmmdg\5.14\content.js
c:\users\Convidado\AppData\Local\Google\Chrome\User Data\Default\Extensions\mljffajdjfablplhmclmeebhmighmmdg\5.14\jCiRh5zsPpl.js
c:\users\Convidado\AppData\Local\Google\Chrome\User Data\Default\Extensions\mljffajdjfablplhmclmeebhmighmmdg\5.14\lsdb.js
c:\users\Convidado\AppData\Local\Google\Chrome\User Data\Default\Extensions\mljffajdjfablplhmclmeebhmighmmdg\5.14\manifest.json
c:\users\Convidado\AppData\Local\Torch\User Data\Default\Extensions\balcobjiojeggchhjfjnionmhfijepla\1.0\background.html
c:\users\Convidado\AppData\Local\Torch\User Data\Default\Extensions\balcobjiojeggchhjfjnionmhfijepla\1.0\content.js
c:\users\Convidado\AppData\Local\Torch\User Data\Default\Extensions\balcobjiojeggchhjfjnionmhfijepla\1.0\lsdb.js
c:\users\Convidado\AppData\Local\Torch\User Data\Default\Extensions\balcobjiojeggchhjfjnionmhfijepla\1.0\manifest.json
c:\users\Convidado\AppData\Local\Torch\User Data\Default\Extensions\balcobjiojeggchhjfjnionmhfijepla\1.0\S5wjs.js
c:\users\Convidado\AppData\Local\Torch\User Data\Default\Extensions\ipkfnchcgalnafehpglfbommidgmalan\232\background.html
c:\users\Convidado\AppData\Local\Torch\User Data\Default\Extensions\ipkfnchcgalnafehpglfbommidgmalan\232\content.js
c:\users\Convidado\AppData\Local\Torch\User Data\Default\Extensions\ipkfnchcgalnafehpglfbommidgmalan\232\lsdb.js
c:\users\Convidado\AppData\Local\Torch\User Data\Default\Extensions\ipkfnchcgalnafehpglfbommidgmalan\232\manifest.json
c:\users\Convidado\AppData\Local\Torch\User Data\Default\Extensions\ipkfnchcgalnafehpglfbommidgmalan\232\Po92VKCaQ.js
c:\users\Convidado\AppData\Local\Torch\User Data\Default\Extensions\mljffajdjfablplhmclmeebhmighmmdg\5.14\background.html
c:\users\Convidado\AppData\Local\Torch\User Data\Default\Extensions\mljffajdjfablplhmclmeebhmighmmdg\5.14\content.js
c:\users\Convidado\AppData\Local\Torch\User Data\Default\Extensions\mljffajdjfablplhmclmeebhmighmmdg\5.14\jCiRh5zsPpl.js
c:\users\Convidado\AppData\Local\Torch\User Data\Default\Extensions\mljffajdjfablplhmclmeebhmighmmdg\5.14\lsdb.js
c:\users\Convidado\AppData\Local\Torch\User Data\Default\Extensions\mljffajdjfablplhmclmeebhmighmmdg\5.14\manifest.json
c:\users\PV\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_balcobjiojeggchhjfjnionmhfijepla_0.localstorage-journal
c:\users\PV\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_balcobjiojeggchhjfjnionmhfijepla_0.localstorage
c:\users\PV\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_bnljbpiikpikijabbehofahlgpedglcp_0.localstorage-journal
c:\users\PV\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_bnljbpiikpikijabbehofahlgpedglcp_0.localstorage
c:\users\PV\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_ipkfnchcgalnafehpglfbommidgmalan_0.localstorage-journal
c:\users\PV\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_ipkfnchcgalnafehpglfbommidgmalan_0.localstorage
c:\users\PV\AppData\Local\Google\Chrome\User Data\Default\Preferences
c:\users\PV\AppData\Roaming\Mozilla\Firefox\Profiles\6wbyrt5o.default\extensions\staged
c:\users\PV\AppData\Roaming\Mozilla\Firefox\Profiles\6wbyrt5o.default\extensions\staged\io1rxa@i-pfg.co.uk\bootstrap.js
c:\users\PV\AppData\Roaming\Mozilla\Firefox\Profiles\6wbyrt5o.default\extensions\staged\io1rxa@i-pfg.co.uk\chrome.manifest
c:\users\PV\AppData\Roaming\Mozilla\Firefox\Profiles\6wbyrt5o.default\extensions\staged\io1rxa@i-pfg.co.uk\content\bg.js
c:\users\PV\AppData\Roaming\Mozilla\Firefox\Profiles\6wbyrt5o.default\extensions\staged\io1rxa@i-pfg.co.uk\install.rdf
c:\users\PV\AppData\Roaming\Mozilla\Firefox\Profiles\6wbyrt5o.default\extensions\staged\mx.dy1@iyeea-wvu.net\bootstrap.js
c:\users\PV\AppData\Roaming\Mozilla\Firefox\Profiles\6wbyrt5o.default\extensions\staged\mx.dy1@iyeea-wvu.net\chrome.manifest
c:\users\PV\AppData\Roaming\Mozilla\Firefox\Profiles\6wbyrt5o.default\extensions\staged\mx.dy1@iyeea-wvu.net\content\bg.js
c:\users\PV\AppData\Roaming\Mozilla\Firefox\Profiles\6wbyrt5o.default\extensions\staged\mx.dy1@iyeea-wvu.net\install.rdf
c:\users\PV\AppData\Roaming\Mozilla\Firefox\Profiles\6wbyrt5o.default\extensions\staged\yciu_ia@ayavxfzdv.edu\bootstrap.js
c:\users\PV\AppData\Roaming\Mozilla\Firefox\Profiles\6wbyrt5o.default\extensions\staged\yciu_ia@ayavxfzdv.edu\chrome.manifest
c:\users\PV\AppData\Roaming\Mozilla\Firefox\Profiles\6wbyrt5o.default\extensions\staged\yciu_ia@ayavxfzdv.edu\content\bg.js
c:\users\PV\AppData\Roaming\Mozilla\Firefox\Profiles\6wbyrt5o.default\extensions\staged\yciu_ia@ayavxfzdv.edu\install.rdf
c:\windows\system32\Config.ini
c:\windows\system32\pt
c:\windows\system32\pt\AuthFWSnapIn.Resources.dll
c:\windows\system32\pt\AuthFWWizFwk.Resources.dll
c:\windows\system32\pt\Narrator.resources.dll
c:\windows\system32\roboot.exe
.
.
(((((((((((((((( Arquivos/Ficheiros criados de 2014-09-28 to 2014-10-29 ))))))))))))))))))))))))))))
.
.
2014-10-29 04:02 . 2014-10-29 04:02 62576 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{D3F459C9-F3F3-422D-AB01-71B8093DF24F}\offreg.dll
2014-10-29 04:01 . 2014-10-29 04:01 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-10-28 23:35 . 2014-10-28 23:35 -------- d-----w- C:\FRST
2014-10-26 21:13 . 2014-10-26 21:13 -------- d-----w- c:\users\PV\AppData\Local\Diagnostics
2014-10-22 01:37 . 2014-10-25 00:55 -------- d-----w- c:\users\PV\AppData\Roaming\Solvusoft
2014-10-22 01:37 . 2014-10-25 00:58 -------- d-----w- c:\program files\WinThruster
2014-10-21 02:56 . 2014-10-20 05:37 8901368 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{D3F459C9-F3F3-422D-AB01-71B8093DF24F}\mpengine.dll
2014-10-21 02:15 . 2014-09-19 01:25 4201472 ----a-w- c:\windows\system32\jscript9.dll
2014-10-21 01:37 . 2014-07-17 01:39 3221504 ----a-w- c:\windows\system32\mstscax.dll
2014-10-21 01:33 . 2014-09-04 05:04 372736 ----a-w- c:\windows\system32\rastls.dll
2014-10-21 01:33 . 2014-09-29 00:41 2379264 ----a-w- c:\windows\system32\win32k.sys
2014-10-21 01:30 . 2014-06-18 22:23 81560 ----a-w- c:\windows\system32\mscories.dll
2014-10-21 01:30 . 2014-06-18 22:23 156824 ----a-w- c:\windows\system32\mscorier.dll
2014-10-21 01:30 . 2014-06-18 22:23 1131664 ----a-w- c:\windows\system32\dfshim.dll
2014-10-21 01:26 . 2014-09-13 01:40 67072 ----a-w- c:\windows\system32\packager.dll
2014-10-14 02:30 . 2014-10-14 03:30 -------- d-----w- c:\users\Tô Fora
2014-10-12 18:46 . 2014-10-12 18:46 -------- d-----w- c:\users\PV\AppData\Local\CombatArms
2014-10-12 13:59 . 2014-10-12 14:15 -------- d-----w- c:\programdata\WCService
2014-10-12 13:49 . 2014-10-12 14:09 -------- d-----w- c:\users\PV\AppData\Local\BoBrowser
2014-10-12 13:43 . 2014-10-12 15:08 -------- d-----w- c:\program files\globalUpdate
2014-10-12 13:43 . 2014-10-12 13:43 -------- d-----w- c:\users\PV\AppData\Local\globalUpdate
2014-10-12 13:32 . 2014-10-12 15:04 -------- d-----w- c:\users\PV\AppData\Local\5991
2014-10-12 13:28 . 2014-10-12 13:28 -------- d-----w- c:\programdata\Packer
2014-10-12 13:26 . 2014-10-12 17:02 -------- d-----w- c:\program files\Search Vortex
2014-10-12 13:23 . 2014-10-12 17:02 -------- d-----w- c:\program files\RBM
2014-10-12 13:21 . 2014-10-14 03:27 -------- d-----w- c:\program files\NJax
2014-10-12 13:21 . 2014-10-12 13:28 -------- d-----w- c:\users\PV\AppData\Roaming\GetRightToGo
.
.
.
((((((((((((((((((((((((((((((((((((( Relatório Find3M ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-10-29 04:02 . 2014-06-25 11:21 114904 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2014-10-22 02:53 . 2013-01-07 21:56 701104 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2014-10-22 02:53 . 2012-07-27 01:26 71344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2014-10-02 17:53 . 2013-11-27 14:42 231568 ------w- c:\windows\system32\MpSigStub.exe
2014-10-01 13:11 . 2014-06-25 11:13 51928 ----a-w- c:\windows\system32\drivers\mwac.sys
2014-10-01 13:11 . 2014-06-25 11:13 75480 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2014-10-01 13:11 . 2013-11-27 15:24 23256 ----a-w- c:\windows\system32\drivers\mbam.sys
2014-09-13 02:13 . 2003-03-18 23:14 505416 ----a-w- c:\windows\system32\msvcp71.dll
2014-09-13 02:13 . 2003-02-21 07:42 353864 ----a-w- c:\windows\system32\msvcr71.dll
2014-08-23 01:46 . 2014-08-31 20:39 305152 ----a-w- c:\windows\system32\gdi32.dll
2012-04-21 01:18 . 2012-07-27 01:52 97208 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
(((((((((((((((((((((((((( Pontos de Carregamento do Registro )))))))))))))))))))))))))))))))))))))))
.
.
*Nota* entradas vazias e legítimas por padrão não são apresentadas.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1174016]
"ISUSPM Startup"="c:\program files\Common Files\InstallShield\UpdateService\ISUSPM.exe" [2005-08-11 249856]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2009-08-31 7731744]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2009-09-14 141848]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2009-09-14 173592]
"Persistence"="c:\windows\system32\igfxpers.exe" [2009-09-14 150552]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2014-08-21 959176]
"USB Security"="c:\program files\USB Disk Security\USBGuard.exe" [2011-01-31 623520]
"ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" [2005-08-11 81920]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040]
"TkBellExe"="c:\program files\Real\RealPlayer\update\realsched.exe" [2014-09-13 296520]
"UIExec"="c:\program files\Connect Manager\UIExec.exe" [2010-09-25 138584]
.
c:\users\PV\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games\Startup\
BrOffice.org 3.1.lnk - c:\program files\BrOffice.org 3\program\quickstart.exe [2009-4-16 384000]
Recorte de tela e Iniciador do OneNote 2007.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE /tsr [2009-2-26 97680]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2009-7-1 795936]
Ralink Wireless Utility.lnk - c:\program files\Ralink\Common\RaUI.exe -s [2012-7-26 1672480]
RealPlayer Cloud Service UI.lnk - c:\program files\Real\RealPlayer\RPDS\Bin\rpsystray.exe [2014-9-13 822880]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"3212083974"= 504b03042629ac09068374bfb51100000040000057dfbe4f62c7fd005fb5184b749a521932500c6e36450cbd18ecf31d4f4dacff32af95971262b33710ffa461bd774c05119b02569ce8a8d0a4f9f9d99bd51e577a41bc9fc8512d05718337d5409324eb7973151b62c1ba61bd0f8fbe96057ff064e05ecd5aab1f395d31ed4fbccea9a4ef59f1d841997b222555ed8c2e286fb75804d9b0e20e98e03584359536ae91a4d8ea734bbdfab81defdfa9706ecd97ae56032bdca3ba774500a4f751b3a8f09216d7c2595e1d9f0d331b21ea6ba2011432419355fe9830f9bccc9850f86b72e4230d0a9741ba3f3c1398474d0de822c945416acb94f97b6a422dc2913d6f1a318fbcfa2d5eb9126f3ee3171d9c9c18e5f9c1c73cf20b81cf1cb41c1fa834574a06566dd31c4d50ef0ca0b02222667a910644e353b4665f2c858e7d7547e4f4bc3296159c3e13168d9eae095e53a81e268d2863da02c2f9bc822c5a3f8b10ad61dab11be38a926921d2afc97ce1a01caa14b8fbf4a7073056eaf871f7abfda86773ad2e54d14d30e1fcf526283aebe2c64a96fdfdc1adbcfe9f2a2476b167ab86b53c43a973293743d35d3e66e730776d2ab2d1d3ce56d941e2ea5189635d5838672343aca0afa785490dd6af823e784b6d369fd2f6f5d4116d5a9e06a3b1f9e7e80e661b5b5327519d8d0ac91dbbdefaaf5988791d8a75b3d01b8196b552f4f88b5a10c63b5a2e0fae0f1fe833b992ade9b2260815ce46ea44557c6ed1c7b0463f1764b58870def769fe985843408b7b0702d2d6a5b79b2c1b7fc3cda9bff640ae82f485967d70edd9267dc6195889f3be0da1286ca43f71b470ca3a91d5de46b03c4fbc7aaa61e00c906a706879b88aba54efa087398b3c2c11c1771d2fee3545362e8bbc9bd2307f670d391461ed21f2dcc87a9272704500db61f0f66f6378c631a575e5af2dff5443dc4887649f8744de4a555bd0b9135870f09cbe73107904d919548ff85c0a9d5f9dc791ff6924bee817d6458e1f59a727367781818e668dbe330926365788c5e4483b125be787f408a142298b80396888cc00484d93d225e9a8b3b281114e55e8b1df1168e92666756be62fe21a82e2760458f15849c2357f82ad448b86eb59dccea586027396467b4ae609cf8eb80ea0a3e42f424362faed015f304dcee6c6a41b4bf5bc851c5a47df7475cc20dd1c6b61f4de1c85455e96798de9061ed482b69a63e6ca89a17bc10f924d9d50007ccbbd57de891143454a0048189ebdad633e800ec83a57db25556c92ac7311e368cca0069b2aaff1d1e727c4535e7a40b6fd3c507b64e3304ca953e953a8990fa3df32e52fb0797fca67dfb39cfa47f4ecb9b8486119f0acec137e7872c6ace0254662fcc53b77b1efbceb6382eb7b675122253ff1d6326038146c4a10d395f6120e84ebff37736ac95659f0ba5883770779db1a077757d30abd1c61709b09f45a50cccff3e1ab4cf2c94a55c441587968780330972a15829348dc578834c0f3f64675844ca57f30bbcc88e0c8f7e11924edef715db128a2c066cff8a6e6a2a79c33259440356aa4eb3c04e7858c7f75f3f2a93046b41fb089f43dadd195cbe7a3aa3b33545fd6132fbb96db702066e900c11a54349f7cd28949c5b2ca48c58aceb53b359b3fac86dd7103623bc372aca87c57e32fac448e7365600055f425481b3cbd14b64c2a50b872edfed981157db1d90bea0cc7cbdd630908fc2e429b612a98a5ce45e067c9fe52db3266c9574a12b50675429e4b4064c2fc2ebdd64263a7b9243652a4f4a1c3d0b982c9f280d68f4d215ef11f4573ae87ee93483285e40f931e99f5c31dee9bed53051ae51cf381e54f815f13fb7832e475272ad46dff700ab7b42251ff76ae479f26afa3a6e00ec96d5f80f0d0bb0a7884bda15616eb738f7b6e0ce3dbb94d572036aa7151d761589dd1b4de8057918b70d2835cb8fc44f3868118c14beb61117aa70d393ab6e515fd6f5e0112f83f726c04c97890f343b66b10421918605a7823995876fbe97d4df70c40ab9ee1ebd26b3f19cb6aaf75f7467a69ba56fa42bc4107934b9209d9cb7805f5bce904a02eb0cea4aae7b7aac75393140a59ee9fe54e45c532410cd5681228218055ada857ce86ae55a3d77a00870e5354987028ca242729d312c965751ac280b79b6fb4c5567b30c8972935ec3c06524ecb4f506dafa429d62b7973a01c24d5ab704df79bbda0b8cfced1d7fae36b662818da0087430e01d2dd636f76175b479ccf92c573b151b8bf1761b7e9204ba17f87677c7b5ff08cba04051260f421d1a32b7e0dc320af45065966dbf2241bbae1f8619efcb2b2cce36bfe0dcad76a553f626aecd4d6920e3eba8beadf82f97d53178c2e3e528d3222032892bb522d33e9569c53ad877754761d82bde562bdd73b389fcc477aed96e76210188f5cca71dfb33b27889f95073427094611ced3bbad2cca89ef10b084e5209dd0c1d6fca4e09355012910d07d53d74e941593dcf7f1b99ac5833944983273cf770a1ff413009668ed12c9786b2b43dd0d71579392bda90db992157d9f08cc802cb5bcfc44690610c01bfc120a29bcc9f845c255515046dcee799d41ace3fc4327351aa4bae396c3205eb3ae7fcc53345408493985bc7a16b31fca83552987844f1f071582b9595554fcb79d909626c0bc84d99c6899a48790864b7b18fa0742197b06807d9bc294f088a27fe493d92ba5a733ae8a7ec5f6b7fa07988bedc3dad2984fe3f2ea9b3e00f666a8a1e8c90aa4dcd017cae1a00a09c6462e1899c1066e66c053263c66f77040b2a93d3f9dbebe715f1cabcd961274b0ff943c1b8b75d38b133a9f830886a8b5acd64d8660b7b701e0e2764e0cfa4e6f374ad5de5e10f3bed2fa05ba17d15c4d354453e684f5e877ce4b1d7a6456263147b55063c128a0595d3bbf6ea3715c305a8696815af1757306a6ef5f39eefe33d192afd5a02e9284dd3063d010b3843a3d6e65569987a008d61628a85988c707465c725b584d3d2044d6f3d3c6cf2dd96bfa1b06a49d945daa2de7b34f53bfce6cdd930dd636525d0e34e65d027cbed97ff239940238aee6bb3fa10a2f4c1a91102d47894e906cb56084049b15907360631a16ed2863e37daef3cf06c6f5998317f920b2e03f40c6b7eb8cd871a254f59314f0e1fb585da8a646a6a47e55fb7288f45afd3cd999144ab7150c24ee5a2a59e917a8c80967e021a0a6fc96873eb1a3eb3048ab754198b95275b72a2a1e065f3227b9e9e16cd6966542692b2bffbefcc73167111b9219d094ae4e79fbc880db14fc1dd6e91249cf30f0806baf43deb92d34db7f49b7a5e77f335278dd47c7b8f95719bc3ef5bc8396162bdca957fbf415c2f5cda3cae751fc434e7a8920948c56909342f7af3b5d10129d5572349f5aca1868391d9fc734cd223182e003bf44595b0668f83d00e7a8108fded92356ba1eb28d383e2b4896cdfe10542e7cee6cc9f95d66e78b93430357194d73d8d218656e02a03a7e15d0c9626c4f6b5bb5079b173766ebfab6487161ad904558acf2f2954db2f10e4933edf9e98a87dd18c583abe3018b48b3c9dd5e05beb2d5b0d56af20857ef4deff601fac4e05efac4ef73fb93744b6871bef143bad8c81642e04257ce6d04e4a5433e2fe09874128f5ef394bc49f2f68ac9e0a88384b8d31e4aa15bbc1e94b762ea4277616ea1e3dcdb4a8ea5da936e703b15662a015eeb060cb56c1135e445432e8cbb7f91120f5e610b4ecb9c3fb02670149210d6913f4a8a86e89ca0dbd9d8e74b51ff3563aa1a5e909f4283a98c2b437737aee98998c1189fcbff0e93ce6c1253059be0b5fdcd8d271e90dc970d9c435e18a90fa3d3084c40c18709ed62b81cfe9f0b926eab6efe1b4d518fe6d5e1745086892340bba94a5b183326163bb49767ea8e135aabf5589ddccef7edb6e42622598381bbb479585401e23fda593520907c04f53a58084327d281f42e49715301dc80360816c625bdaad2a8d47e0797f7061240d2fcad1170e1f8c1ba37cf6c4c166006e77849cd8b59c85bd32a5bed00a0b664d56b280113d563be3b1f527c7ce350c00a097e9dcfb8b6edac0cc18c5d2b94dc7a0f93a4277991d8e226c13d2457089e69c5cf4e909926690f3d7c7a175e8a491ac947f5acd97ab0ffaa6d2bcb0d15f1f807be2b79dd3d97a37169a5b403169efc73ac58dc6bbc8833e03ee9341729246269ef654b21db0df2df33e95caf9a77cd7ffe1f93d49e91f20aca3c1f602a3eb04e8d7e744a6a8826f5ac34f55c2f570a30b69660f955d84b0ca6133f86cfe105e8a3579f3799baa75dff13533bb851e81942766431a94a57d4baae0c000393912b8d6effff86be80ff50da89c66c623d08fbef3ba8344d75a5a00e328d031f7e25e306b3f77ef418865b108269c91e9c2ebade2640f88d3694a3ad42684aa52eaf25ba1f47cb7217373295684caeb19ace7d1e55c62a8cfdbe165a147da7b3de81bf330a6f2aa294e067c3afc7f079010641ab7db9983a449e80e34c4c0ca5ee7ec156d6e5de64b010ac16dbc614538bf56baaf4e6a8d4054c9cae8489d2afa644ce736908ea75b198856348ad34bd67a2eaf019c45067514fc799d6787c5e088e75da6a9279016427af54dd678492452e23a9e2d83a200d035543e4da3ce71b83ca8638a535140250cba762f7d8daf043c7adbe05f724ec7b6f844612c37d6fcc4d2624c8325de0aa9434214f6b7906e6af7d3891109c49b7489887eab75df4554d90f255f262d5230a38e0deba33007e2f7b884eab7ffacb81a23b3f094968c6182b2a7ff52b7cc9b83d36a5808ba65f03882faf3c3da2765e6ec39dcb6f4e6d7bef308fb627287bfc12e032793d54423ebcd462108b2c10738b63f7c4dfdc7ddb3a62d3d4fbdffbdc9af70bb91c9efd7eea3916c9396197493d15c2e0701aa4138e400ec4ba014c407608e56bc1c49f1810034ce863a315b6fe0a2fc8b9a8753fbd270dd69cb4eba27f1f0ef22d7df58a9010d9960a989729ade4dc85496aca261d1b8c05deedb0662868bda827ac1ccfb4be3b7c044c15caf448db5194d83fdd72f4521989872f54d015c19bd5bc7cf7b8a69fa608fba04818a68c0dc71ec8ae8dc618c6c55c4f823b6151acec7eb09f497ad8721b3311749dd07cd74d312f45e470c6e73e53d42f5bfc5151f05e4079bf7eb625b3c525eb97f3b1c6f0fac783b5b5fa55c7638262214a257be1ae4ccd10273e317541dfe81efc1a89e9d790889e034f6ee2dfc0b281ade62430c2b93d7f36886869e483ba69237a71b99889fda335958c5474db7cd1b81fac0bf05feff0903c69c4d9f184b53a0331d3bba2bd54e6bc9d1a0290328ecd62b2e43c7af5d618aefc9c72814417b22ae24661448d81545137a05629c6b9456256f7d76d60d822e0b7d44f1b820178d2c6dc0eca44306c3ffb77b5489a65a02411e001c6d6faef894611de94858f5720e905c82225a5e7d6ae6de6080dc5cdb0ff0023eb43f5a3292035ab6df96a4adef51f8b0112d448ccf5e8dcfa9d09e4ac09301a14592535ad7193346a25a402ff48116059f5c69fb6be7cea365e152f448d74bf84e1e55791de259bb6d44dfef64bd9c70eb29da00a4a5e9039142e59d375d6c3f03c23e2b3c59e379c7748026d146edbdaf324a39c784ebdd8ace1781b07071b3389db0aa98c67d50d01075bbee584eaeae66fb614579fb7ad9aa865e8817873921c044efbece91cb0902bb53c21ad35d59482e61b67da08dc417c458309198c1501bc6a10cc1a24b474cb1fe68cf81863c28c4aaaa2375203cc2194e8f95646294e2f3dc3a4b7b2a405464d79f302b7a18394c239be7ea1066b78671e4ae6b3157d7f246511cc2c3b324836c774e8e1be050ef2aca3dc8220da55339db3008eba47363f04ca59b903a598528e04b72c85e6c377263c84fab913db4e9cab469bafe09e84aaa19a666bbd86a22ad48f536050ad6d0d59374da8b04119417eb07a8d1ff9d1704ad4ee085f03777700070241e6aca91dbe511f003bbad6658e7bccbddcce77d50eabbb0ee8203c0682b98e2b147b4bd46d89039ad102ca0760148728edec66914c17b0d5a4d0afa606c4a07108c2c8dfcd7173246f49f6ec9be94cc3af65514693600bc743417bb37c17117faaf9575f273b96afdd1195e4ba006099834bcf18918d7fee32e7320cac1092bf4bc9138871898ec9c80c7c089ce7613187de637764d78dd380feaa8fc9f1e7f8c740b75b161c56307023b8d1f3f6019f2f9475a10ae871d02950ce58b2d1936ec288f22ab5dbdb324116a566ccd141f46633951878b2b8329bd00fe5ef339c82e1ff41b53e4e7cc5b50474e60eafba9fba1851cca652a705ebd2661ea7b8e1c0b8cdeec2
"1781466620"= 504b0304c90da3b1fc052f6a120400000030000057dfbe4f62c7fd005fb5184b749a521932500c6e36750cbd18ecf31d4f4dacff32af95971262b33710ffa461bd774c05119b02569ce8a8d0a4f9f9d99bd51e577a41bc9fc8512d05718337d5409324eb7973151b9680e4b0bdeef74270b882eb420946b7b8b40862b9dac9cbf5a56ed8568c971101f6734e2b8839d84e1778d29918a522d11b349b1be5eec317e6d490c16c1a51d921b47d2d13cf9d64fe92e0d09b6f80680d8d36fe8ff62dd3048af7c85faa6b57e858e3b7bf6588bc5287ad7fb395cfa2bd08ca48d88e6e979eaf922a1b50d44b907b41d7f677a3dd643e04fb52b0ab709b83a9de68a4fead992fdfb3dcbfad3affbecb689110bda87e4f546bd03e5f97d85755d1bfb14fc0d2a03aaf7acd326a91580e0ddc3ae0e2e5c538534f2392c0639bbdeb336ebcf4509566f1839f940e0719f99bb17d1741a1b1441aa2fa2fe091d1f37d32d32c610ea70cb093770d7ce76712d71530a85276cd7377ed3dbe556f3f755000c19981d3cb109c1142a5657e7c89bf1b429820050df6b56f17cbaad3709e786fa3566ed4dcb33d87416dd2dd561ae2c5cef21bac9394b3f748d101be50098941f942150de521b37631f0c4dae3a1075130ee568f9813fc2cf60b57b3957c633c8f899d482881f9302c3bb20bdd291e889d30a0324512dd1be329f3e8fedd2a3fcbc0c025c01b32acefe29e92ce1c420c5d0adc32fc850762eec6c7e6a19b5e50ed6653da04d744496ef47c9e3ffe3c8943f699601c6ce42b368838837c5fe662563c78f4699328a69479eef836e372aa78d88d09053d0de5e8f767f253801269adc9d2572b26e6b5ec6f70b7cf1584cdd6c5b25be3062cd6d0a038141428a81360a742f94a45c66d2c2b7fee81b0127e6ed2a49c62fa0ecf00bf527bdc6f6f2ef8e994bc33f4eb03b50f3a4d91c9fb3ea4a78de1a74b16a4319c7cda11508c79880ee7d20341f3ebc0e4c2e05c048d837aa216ee81ec96b17c3521f5844b1e8c0db51b8fb2d5ee1a805d8a1c07b854637922bd1159968778a9ad7aef71e21f994b751ed50583199c2eff454852be0a4eb1376757cec6be659bb0387b06451b1a080079cd8bf27ae308a81f929265b71292a747062c3c321bd964d60bfd272a92f7f9bb674d7f31ede94b396990b6b1777dd0c3e975709cfddc885cc51f5667baa2618f7fb19e02e223e3313e7713c2fa526dbc36a41999aa9274b68906fba6c9d271e54d0114ebe5fa5f85cff7274ada3fcd59377fb153ee06fc8c5c1fbbe019245f4ef6f48f6948b0d60cc69a75a446d3fe486a97c0573c8486eaa624ca728f187c4725d8284886c32fc3a1a610a5d4e8120b69632134639e24c8a08361914e2ab775cb27d1fe8b7b6ad85d6b77ff469b33b1a8afbcecdcd2a687aac7a0843eb48b39706f462a547085fb2abd9a94644f5d70fc8786065a9e4f91a729ea801bddc2e63866920816
"3518887414"= 504b0304736b0169f6f5bdd1981700000050000057dfbe4f62c7fd005fb5184b749a521932500c6e36750cbd18ecf31d4f4dacff32af95971262b33710ffa461bd774c05119b02569ce8a8d0a4f9f9d99bd51e577a41bc9fc8512d05718337d5409324eb7973151b9680e4b0bdeef742fb6b81eb420946b7b8b40862b9dad1e8c7a5dec04e6c8e0ab4456e6f28ce14f51f3725eee5b20d7ce662c02fac80128ae38637fbf4867c17c9d717663da6767d89c658fdd74fb81b03ebdbdedea7491d2a3c133ef493731b542604f4bebc69fe2f02cb40f9b3b45d29a40a4a1487d0b71dd1b68e821f40084b407b25ee87063b9112ece9514914c7d4423b12f045b6a22d150d28f78c844b2c079f1b78200055c5fca3e82a972455517bd3c9f428b164b89517ab47e6b447afadd38678b857bf838eed34321eede6905e27fd8abfe7ce349b787f2ceadb45bba2f4ea19e70a8a2b5c4f0c177936117491afa1edeb5d5afc2e0e384518db1217850b7eac6ff9df99ed5e1416fe1b93fd4dd2036e8371d5e129993e594b1bbfe0669302928bf5a268e0f4aa93288eba13bc0125cecd46e2906e1d19cd2d3ff14d1b1ffb50ac2b2f5a28df9cb6c2e32f23d6a4fe0fa130be4dba875daef9cd943276420bf4bcfda157a87854590b71981eaf3fe5114e13b51b9956b7586105a81290a7f974ae78e9c5e5305e55b90536d5da9abe3aa6d3d7894737b70914e304c895aeed4ab7aa36fa2b8e5a93a3220506fe29a7d9a60c146e7edcf95ede9f5209637390b061cde231782f8b2a76cc12420afe66c666b54c8e1de9c6d7b8951184ac7f5b77d43b0a93628520289b31b01687daec69134dc85036e82c4f8cdbb84bf893e3d9dfa8898628a43ef08e2a7f442d85e85b083da10c4a48fbb1886aceda7a00296c79c3661b3e6c2d7975064380156ec53adb7ae23bbca7c0efb04863da781aaa195e7907760bb6ef0c1f326f86e4c65616b48513ac1bd36b25480b4b768869c05673029a83a23390f3595fcfb4e4a02fac243146e3a585fa83e91fc142be512a930f2cf296440b42b78c2880f0ff81b398ed373d287e58c5d313b3c28b43fed2489f2de932d5772a2233f3d6499e9e8754a064e61c5297c7d0913fc35baa83fb3c50e415d439f5d925e865435840b2aab80bd945f071db917a602d389ea2e3e4821423c5f4b9c3d04256b28d804e2c3dfd2a3b56cb4562f16616747f6f4974df1671c55e5c585cca7da509c73e567b0e19a1c9e7ba63b5e3fc82973179fb5bbd290612437a66ff92397e2024d203103a81238b4a2db552f8a252756ba784603dc7e1ac6799f1392a037d0128b6e82e0eb7907b10a097fc759bf0a26746e03a5cfb6cc635b5c3ead1266b4be8598a1a440e0ad49f4d4e0707e697a7d50fa766b3b03890cb4584bb70ed819fffe467b4718295d4bfeb9f1c454ed3ad402c01441828cc71e6330f160d4e7d4595c440b3f8ebf43ce4d3579902f00666d62d00eea6e437a3fc99cbc1588935db5dddff1da133827f8329106f3ea7bd9e4850f6b7c2679e9ba5b8542924f2054d089c1bfb27d94efc9550cdda928b972f95da7a48039874f81bcb02169ba4f35b12f420a3b086db2481027a637b789e88ab2287712cb3690d698799868450fa9ca5f7fb2d9980c25362be8ac4830b721795fae6c7c44971cac88cda6fc2c56df6d011b7e563b2ee540f6ea288f2c62f47204c9d944760d7d8a009f0c8c41fd43d1eae86e1c1a1cff7d928ee40ab435d8ba4fce63aa83d67e9095b26eb235d2b70271699209cd956fcd5bb44f6f2987a35057d4535d107764e9fb9b42514aef835272b347f56caf82feae78601abe447535ec9f0aaada05e688e468f66ec3ae7418751dae58a7d2fe0e4ef52e11396cd894c31ae9186e6f9cdd05a66e709c25e0f12bb2bc2e76c79a4ef6af794e522791da444af63073d3933053e2dda8b7a5fa9f892a324465a922d83d20b4a293dc0bf0e21254bfa58a9ee85c4cdfbdd09cde9e5c942655f3c8078aa42544d75ad310fada908142b3971f387103f3c959817ac23479bb7151c97567d388be6e5b58781375c65f52c3382c2294829e5ec2bb33721689adeff8fffcc34e4e7c409b82070a3d5876f0c90018600c2deb148a45fc8f2441d921276e39c0049b72e5ca8037953a9c96f1da6150859b9c992b3f8735f383b8d81e27b9e5a876ab04aadd93519606d13824f27eb090bf13461ed0c8314fc93ba9a8d18c5724d18628d674455a3fbe35f3d72177f252c303313636619b6cbb1aa7495ce886ae790de015c8ee29cb28a0ca5602360f427decabb77a49d204f98ab7ea700f9341c0bf71829bf33f4cdcbf7ee06581320c766ea588a380eccefda8d8f6a669334f0561fc75f199e1e3b3b094ff6a1593b3e3fbe7329304aa06d28744aa7088965416f097465e68dc9b413123f45dadcf67cafdf5e7b655ed4e2352f27a969b3dad5a37fecb4b73de6261cc2a6c64c8d0aeaf035db33d77ec5b6f2100af86b06a56698ef504eff99f4d06c0cbdda2b0b0b15ca9b48df92be6c6c8deacd71ef16e6b9bdbf25e403b23fa3a43d2d3121e95310c451242118a7a4d708aa70aed759dc3a830660b24c1beebf01b6b84aa94cda999d6af0c92f71ff232d83ee1f3109074d716cb1458067a8a2e0c633a527e1df46a392bbe35dd7fb26433e728c0a8df2d0ddaa81de445c6b06cc40ad02c78f3c6fa54f76decbf41841fa4954e65a7e027b018152148b0c30b16de2d2552de793e3964d74edc266f9afbc4a300346d81e6efcf636b9004a0f8f81e84fdc9bc34ed6c9232c1652964a6fdee5cab0a2c9f845c3b4e3536808f7fd66644d91197cf4dace416078a0b6078a897f696c2054f0eaf5dda39495ea0c804f7a4be30e97c8133d77e69ad85b0407673ef2bb186ecd253984a0051d5f2ad19037c83461a699fca9348087e32ba2acf63e39b112e0f3cd936749bab8070a85485352e435351bf19b664420b1a332443f96296ec980c72a3c646d6c80ceb3c45965daed78ff1366da8fce39771d75d997711d6bbc9486f36f6f48cc5b0c014d26500736e0097590212b04b43665838b3547af369d04e52513ed60e396ba9d4b9f8b7b8c8223f730513e9ea20fe6e8befa56fcd9cdaa42ecd7d498db853ec4ef0fd615fb85a521118af1f96e7552fdf287f6b35a28e7714c0310024abda1f07e918b8622eea24a8eb32797d708d15c6406dacc26be6b6f8196173875d119188acd49cfb8663f9f693531201572c0de4d996fcb9e47ff999caffef87285245934c916b5eff308f8aaa0a073bde32d699e8b66a7600001e930e475d84da4b77a780abb5b2516d60f7752e83646a37e1bcb395325926bc8dc0ad2cc21a8d96acb134f69093710902da15417d929fcfd6c7c77756f83000349fe904594aff69dbcc6dccd1f2c8a5ad33626d5fce069726611a008a878f38afd8b03f8b759a8620070eab5ead287665a8d99a4a7e60d8057c135cff8739899c5f8ed21a59e642c03381ce817fcc84be771daeed160d838be914e2f30ee4600a9356600d5050135e1e9b23d198931edf7fc2f7a4eb778103c1e5fc7f1b14bc5a18d76617bb243389510ba16717f18cdc553eb617f7043b1a8ea35094308388d7b2d3f10ea6867f3d8fcd5ff3ef33e55243dfcde4e9310cd1bcc68c24d028c2a9e322ece6058c4483189019ffa2fd7086b1889dff42222a5be59eeca8e0b2144de59a4a20f75be683b3cac38551cbe58711f9d5263968a9c9fe91b575ce5f3d3d72e1b9b3c2b8dcaee7c71536a11d2b78d0c42dd32610060f56e34df0a25f501d9931c6110ddaad1679d53347005b2ddeef846332f862eb775129f105672240e79c3b3ef8eb557e649c6d28d62eb191e8fcc250982a5ece17426a73d72e9f0d90251ec693d4051f17ec02293fab775d8485e52bd9b20478e9cd47d3418e2d44039577a8e4a6240653dedfd527db5524ddcff5219b82235aab3dc6618c0d51276fac13033524f151efca21f00cec6532d6c7f6b8536da5a8a09628eedaa735a7b3573881131d9806386de22f77d095051dfdbd2671bcd17300d5a1a73e3e176e20bf85893db110df52f843868267a0ad7bcf83611917ccbe9db27d22806b41b51bbffeafd48444eeccb427a55a72bd12ae05b351d6682f3d37cf43ed61d538614b6d4a9c5ba8b5d8ce24789d495a25f94f6c15facd726ea1043ab2a57b98395e37eedfdcc8539fc12c1cc8286b1c6afd83361df45a1292be8b35160a6095bdf68d1b89039b51d717423882a1597be4196717d3b064534d3a41f6fbaf346bb553bd45abdeef037a2fc884476ce3d67d209e8535bf1fa5a0c2df1b6658df8004ac8ca091bfa901f765a8a08174d18a515313a9c7534e8c6c1184b368ed151dd7294081b0686a9b7ff549371ce1bf2794a4c92698aa4053c149ad6010d721dff8da64b5c00483b044a134b4f26aa49f4f150411dd2b0e411253a5c03850d6cc8c8ee961320e43733a62d46301d2e25efb1f15b0bbb7bfc46d10da89a3a29171ac3f6e53f94aa51c99bd407f81a809b53a68c4a1af9cea5c58c4e696cabf55c12cb4f018f11a634fbc971ad601b420a05847479601a59cb0510e0625b87f8aa16bf57278bad32fa586b30483a4971cc11741e3f2f8f6e7b3d6d16e73eaf8ee45c5df471cadb7ff4e5291ece73acf05aaa7cede4edf913334774606e4bdb814feea81044f51b16736fae8e47449b6cea9e4285a5c42724a53d02aafe360efda8912530343478477169bb4d81afae7f3926820dfbe8896831458f0cc5948114accfc3bfe95af53f328323049666a1f311089fe459acc283e256808b0bf53615acd77464a3ce8b93fc1cf83515e64f8cae4c429e6214d8b0168d37b40875b157588c99b99f4441429252661fbbaf39c08fce0f68f5d53b16fc9a8d73d1d55f8a04b4f27f5cd337bda4ea44ef23736eb50a0663b0ba8fe30abdfd0ed3110b078def68f41e9a34ad1f6dd39079a2095e5203aa78e665213e641f59bef71d91afa921ed8c87f597b845ccc1d53231bb9035944093fe409e9a22b057ef5192eb5e9b654823e6decb28b27f297cd14d7e095166481d7314686ee8f61ab7c7c196d6d869e3099d5cfa59bc3e660dccf14268662376f9fabb010018ec7ee9a5b07fe18dfc57df9fbe3877c4d0b67b21ef02237cfb6185c7e7885aac68fafab47dbcf5cc4860c247de0b342d824601ec90ec9b548766aab1b457724114c6f9148eaf83c3dc4e8f2b156031a1e43dd04f0b815ffe2183c6b174a6862876c21eb7f685875368f5ae83a46f4b330cfb4b19889b4d34f9152e8135aa4e1af2e165fe54c45c82c789a23c0b47abe49572ad971a2226b40fb09ca949d5e5df9d859e4fd9bb0e37e4784961c7521b785eadc0565c38e162bd2e3185e8af8de96a81c263fa96b6716ed4be287075ff71d48e7643f1e8de335c8ce5da57488e835fe3a10458c6d5f16deaad57d0f32f96a226ff84d3eeb4b8fea8c3ee4da7aa7710782c5ec2ea3da379c404ef5dd884dda303676a051417bc666665877e9840c9d89e6fb6c2a113d0ba2e0b42010a28578e469847392762483b98b4d465fb29b241115b0a96b3f0f82ab100c63ebb774e62a0381c8e47c1d35c13238995ec456d0f852d2a320813282979d09597ae0d61c7f99600aecc92c2c884eb72108fa9906f2f6669bb41fd0605359ee61ebd5be89a0456ecd47ed17fbbf4903a00c7026453dc6eccac0b37c1bd74c5f95da60d8dff61a2921de0af3436bf2a3df6039d9e0418bc64ab76df0b1904f9a870225179679aa30ee7b82ca6c1d838f66e9783d9399c9c61e55f0e6954b301a0dd3ec3a2e39d795f8ad31aa0d90154abd24a47fff5aa2934212516c52d340eb6d148ccc5933a9fb14ad335b2f1855d90dabf8af7a65244684e8e29081bf6aa37e4bcca1e7deb4fadb1768f141294ecb1d9c3298ad0f332614ca3fb64c92f92d3ea085ce810fc75b34870f4dd06b126f43e0f13ec4314ce762b6dd97093ae542446d17406adff089eae7b1c08d0ce8d205af802ecc4946f51a9c58d0719bddc38ef755dd0bbdeaf3c41de8f2d6a9b0cd1619276cada9faafaae0f9c856573b3bb646a4b3afdaa11ce836d9a3a673972b7733c5f45098a286e6b2f5fdb6e46901a47f1dd8dce2452f3937063825389ae08b9acdb358feff0fd45d7b18e838a6e113935316ea3f71343851933ab80df882760fe5a534723e55cf57e0ca089d78fda91090990e0dd4a1f2d91d0044e210584dc29d1b61b6644e7e58747f0054b9de5b1145e4b9e66808374476121c25f73f989780bb9beca60b1b20a3b7240e15435bf76f375f1616fe55b1575d738154a3e78877ea8381a2ba7242d2a58ee06ca1b09c0e86405d29b721369effc14abc27b5e9d4891315fefd448df7209ce7b0ac4675de696c37c1ba5404c0ccfadfa7e360dddacd722b48ce30f1494abe35d9ca30b9488b436dde267f93522a50798ef55f6698f041b2f759aba9099bad4e4912a48e6bd0b2a2b32748d170a7cc276afe0d56e0e41ffb89859d6b20a08870217f13cf879400a68893d8ddfd373d86b2d8574f399e942030e5becf224b480d3df3ccaad9c067635665da54b0123a89ab54d0d215f4473ee0efed6e44f987a9082cb78295362cb17fd35e2e2f078ab8088a422058a794749318560f04563ba663e58ee05a1153441b09ea39c5ea736d3200b71d2e6d79d346f9f86a00639830778a6d11c36fd6527b100ca5cadb86728987db00805aefe9406fda00c8ed302ae73846e55a9ee3a9e3a1272b045fa34d0c7a0459238ebefbee1077faf8c89086e4d26ba79ecdd6ba2f04e06c87873e2dc9428643dcaf28c719548a8a2592542561a346b89990096d068d3ac4ac8dbf9146dc90ea03e8d46c3782c7e2e3326e37c055b0274f2a25f0ef4ca516f3c8afbd0bb94e9945a13cbaa8ae355b03477b900d0622bd1a838fd2668226ea2fa467f19241325a8961c07851d66ad889b9958d518a78428d89ffba2c9b0737928c3cd40406dfc971bb159a3a5e64fd44eb43ac39bd6ca33ca3c6f2d6d4a3e1aad334322a873c58a92a384ca2e051f48d2676e3a21d5b10362dbf02f97e8d99ffc3e88edb6191ac0990015c1ac05ad1b255e1f2b2c13802057dc3f7749c1ac9f87ab923aea3b83587bcceee07a9b91b414935bbd1094552c0af2988af4ec057a1b87493835675db0e3d301e7dfbee8f2ee4445571b1f02a82ecb0f48d788b3e90d93f6a66e365e7753d8668994a406031229818b77fcfe7aa4ab900a9572b1939e75a9403b4a1b11eaae87c7ce1f92ae1c3b91d6c16fe1a903dd9a82bbacf64b509e7791f2a1d345b552a8acf38e8b9f1bea5f2f612147d5f816203f1b7680c815390e391e56a2670cfe2828e3be95fbd10a3dcefb43a3aa802d3120bdab4742a40d043c63bf443f600a433bd5219e6fe431d02cb5bf106dc0dc903d147341bffbba09a3350a395ea109c311c86ce611dea70410c0d8779212d76246cef326d94c390d1ccf649d4cbe7e768d996de359a37781fc762235b0a73dbe1694b83c1171e0f1b9b410161421764301267d3ba855d49852a03523f5f306ce5e70bf8a3759d820aa9baefbb033ac83de502d52d919e028ae331318d4fbf02f1614e1020e570f78097ce3f500d29c3c00457001c9d29c05c9e0f529cca8f84388ad1763f2f0544f16590434560a7347f25056fefa6c9827746d2863deb779bab6a5e2a32b432009bed1499a139cef4e02b72bae5fe02e249181b9186d02be799b3b8ed99c204c527bb0fae7eda3e7ed6cbe3cf0fec0ef9090e89947877bad5c0a6ba177d35edc284ad83dc1182a135012be966dd8e731de664a8fb8c24abca50388f457aee8913f89e5e42eadc1924b7b357363d86694b5a9eb9add8dd0ec81a61f5042a9a331ee131d39f865e66fa5c68bdc389bcff9704de8626d8df84ce85fde68602bcdc4963e247fdb8d50204b34d760a7c86e18f6a770ee864bdb364ec7e34cd8f24062bfe5b58b09b8a64283b8fc9467b2d3e8f74654844047e06ecfd422cf85401c9b006c3ae9e882a7d1bc7a65afb20942ee97ff4571903fa56943743118d7dd6f9ba39e4fe91b023077550b65f5854001897fd509a7b624127705419c46f4b462081abdd912719991dc5ce220e8acfb6eef7e6481d26d6890f0bce55866d7264c10768a06167828ef153cb1f0e26aef6b36f94caf3962336e11e0879d355a95f216ea5bad7653d4e68115120b09a953fae2dd82a281087d9d24271b9d020eea05093fdf4cc0a443ff5b63a2c202d42e485a318630a11bc4c8a6233bca7ba371af771b7179d5df8989bdd85d06c65327f1632085d433ee1acadbdcfb02703ffef87c24cf34ddf1d16f2400a7c6e3dade91d2a519657faf36b32614d692f52abe006294009f87eae07f3600444f26a3152ec6facc666954496f5e992f1d7ad27f3fdd80b99e43cb2e531c7f028c92df8b025976e50922497546037156b7db351756b78ff0
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\ GbPluginCef]
2014-08-12 18:20 1736008 ----a-w- c:\program files\GbPlugin\gbiehcef.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux1"=wdmaud.drv
.
R0 Bhbase;Baidu Hook Base;c:\windows\System32\drivers\Bhbase.sys [x]
R0 fecf2f8c592ffaad;syshost.exe;c:\windows\\SystemRoot\System32\Drivers\fecf2f8c592ffaad.sys [x]
R1 Bfilter;Baidu Antivirus Minifilter Driver;c:\windows\System32\drivers\Bfilter.sys [x]
R1 Bfmon;Baidu FS Monitor Driver;c:\windows\System32\drivers\Bfmon.sys [x]
R1 Bnbase;Bnbase;c:\windows\system32\drivers\bnbasex.sys [x]
R1 Bndef;Baidu NetDefense;c:\windows\System32\drivers\bndef.sys [x]
R1 Bprotect;Baidu Protect;c:\windows\System32\drivers\Bprotect.sys [x]
R3 AVG Bonjour Service;AVG Bonjour Service;c:\windows\TEMP\avgcu_mDNSResponder.exe [x]
R3 BdApiUtil;BdApiUtil;c:\program files\Baidu Security\Baidu Antivirus\BdApiUtil.sys [x]
R3 BdCameraProtect;BdCameraProtect;c:\program files\Baidu Security\Baidu Antivirus\BdCameraProtect.sys [x]
R3 BHipsEx;Baidu HipsEx Driver;c:\windows\System32\drivers\BHipsEx.sys [x]
R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [2010-02-01 29472]
R3 CT_QUALCOMM_U_drv;Qualcomm EVDO USB Device for Serial Communication;c:\windows\system32\DRIVERS\CT_QUALCOMM_U_drv.sys [2009-04-27 103552]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys [2010-11-20 62464]
R3 esgiguard;esgiguard;c:\program files\Enigma Software Group\SpyHunter\esgiguard.sys [2014-01-07 15384]
R3 EsgScanner;EsgScanner;c:\windows\system32\DRIVERS\EsgScanner.sys [2012-06-22 19984]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe [2014-09-19 108032]
R3 massfilter;ZTE Mass Storage Filter Driver;c:\windows\system32\drivers\massfilter.sys [2010-09-15 9216]
R3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\MBAMSwissArmy.sys [2014-10-29 114904]
R3 NdisrdMP;NdisrdMP;c:\windows\system32\DRIVERS\gbpndisrd.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2010-11-20 15872]
R3 RTL8187B;Realtek RTL8187B Wireless 802.11b/g 54Mbps USB 2.0 Network Adapter;c:\windows\system32\DRIVERS\RTL8187B.sys [2009-07-13 347136]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [2010-11-20 77184]
R3 terminpt;Microsoft Remote Desktop Input Driver;c:\windows\system32\drivers\terminpt.sys [2010-11-20 25600]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 52224]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-20 27264]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [2010-11-20 112640]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys [x]
R3 WatAdminSvc;Serviço de Tecnologias de Ativação do Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2012-07-30 1343400]
S0 GbpKm;Gbp KernelMode;c:\windows\system32\drivers\gbpkm.sys [2014-01-24 47192]
S1 Ndisrd;GAS Tecnologia Filter Driver;c:\windows\system32\DRIVERS\gbpndisrdn.sys [2014-03-16 29400]
S2 CDROM_Detect;CDROM_Detect;c:\program files\3.5G HSPA MODEM\WCDMA_Eject.exe [2012-09-18 325632]
S2 GbpSv;Gbp Service;c:\progra~1\GbPlugin\GbpSv.exe [2014-07-22 546104]
S2 MBAMScheduler;MBAMScheduler;c:\program files\Malwarebytes Anti-Malware\mbamscheduler.exe [2014-10-01 1871160]
S2 RealNetworks Downloader Resolver Service;RealNetworks Downloader Resolver Service;c:\program files\RealNetworks\RealDownloader\rndlresolversvc.exe [2014-07-24 39568]
S2 RealPlayer Cloud Service;RealPlayer Cloud Service;c:\program files\real\realplayer\RPDS\Bin\rpdsvc.exe [2014-09-13 1141848]
S2 RealPlayerUpdateSvc;RealPlayer Update Service;c:\program files\Real\UpdateService\RealPlayerUpdateSvc.exe [2014-07-24 23552]
S2 SSPORT;SSPORT;c:\windows\system32\Drivers\SSPORT.sys [2008-01-24 5120]
S2 UI Assistant Service;UI Assistant Service;c:\program files\Connect Manager\AssistantServices.exe [2010-09-25 252784]
S3 netr28;Ralink 802.11n Extensible Wireless Driver;c:\windows\system32\DRIVERS\netr28.sys [2010-02-05 785184]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [2009-03-02 139776]
.
.
--- =Outros Serviços/Drivers Na Memória ---
.
*NewlyCreated* - WS2IFSL
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-04-10 23:56 1077576 ----a-w- c:\program files\Google\Chrome\Application\34.0.1847.116\Installer\chrmstp.exe
.
Conteúdo da pasta 'Tarefas Agendadas'
.
2014-10-29 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-01-07 02:13]
.
2014-10-29 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2013-02-10 14:38]
.
2014-10-29 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2013-02-10 14:38]
.
.
------- Scan Suplementar -------
.
uStart Page = [Você precisa estar registrado e conectado para ver este link.]
mStart Page = [Você precisa estar registrado e conectado para ver este link.]
IE: SmarThru4 Capturar seleção - c:\program files\SmarThru 4\WebCapture.dll2.htm
IE: SmarThru4 Salvar como HTML - c:\program files\SmarThru 4\WebCapture.dll1.htm
IE: SmarThru4 Salvar texto selecionado - c:\program files\SmarThru 4\WebCapture.dll.htm
IE: SmarThru4 Web Capture - c:\program files\SmarThru 4\WebCapture.dll
Trusted Zone: caixa.gov.br
Trusted Zone: caixa.gov.br\imagem
Trusted Zone: caixa.gov.br\imagem2
Trusted Zone: caixa.gov.br\internetbanking
Trusted Zone: caixa.gov.br\internetbankingpf
Trusted Zone: caixa.gov.br\www
TCP: DhcpNameServer = 177.36.96.21 192.168.0.1
FF - ProfilePath - c:\users\PV\AppData\Roaming\Mozilla\Firefox\Profiles\6wbyrt5o.default\
FF - ExtSQL: !HIDDEN! 1970-01-17 00:31; jid0-O6MIff3eO5dIGf5Tcv8RsJDKxrs@jetpack; c:\users\PV\AppData\Roaming\Mozilla\Firefox\Profiles\6wbyrt5o.default\extensions\jid0-O6MIff3eO5dIGf5Tcv8RsJDKxrs@jetpack
.
- - - - ORFÃOS REMOVIDOS - - - -
.
BHO-{43EB4EE6-5E67-8B6D-6241-1CD6094290AE} - c:\program files\ssavE net\KTfk2Nj7fw.dll
BHO-{596CA237-7AA3-6475-0C4F-2033501605C9} - c:\programdata\SaverExtteneSiion\_u7d.dll
BHO-{F5D17FBE-EE2C-6B39-D167-233CDEE56549} - c:\program files\YoutubeAdblocker\7vV.dll
Toolbar-Locked - (no file)
AddRemove-ceb30e31-cf58-464a-a65a-af44ee7e0c4f - c:\progra~2\INSTAL~2\{9700F~1\Setup.exe
AddRemove-Digital Editions - c:\program files\Adobe\Adobe Digital Editions 1
AddRemove-{274E3C5C-178E-EAE2-A52F-2863C0EECD46} - c:\programdata\SaverExtteneSiion\_u7d.exe
AddRemove-{7DD5E91C-3864-77EC-7635-D14910C2A03E} - c:\programdata\ssavE net\W6bP0DRVWBK.exe
.
.
.
--------------------- CHAVES DO REGISTRO BLOQUEADAS ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
--------------------- DLLs Carregadas Sob os Processos em Execução ---------------------
.
- - - - - - - > 'Explorer.exe'(2232)
c:\program files\WIDCOMM\Bluetooth Software\btncopy.dll
.
------------------------ Outros Processos em Execução ------------------------
.
c:\progra~1\ENIGMA~1\SPYHUN~1\SH4SER~1.EXE
c:\windows\system32\WLANExt.exe
c:\windows\system32\conhost.exe
c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files\WIDCOMM\Bluetooth Software\btwdins.exe
c:\program files\Ralink\Common\RaRegistry.exe
c:\windows\system32\sppsvc.exe
c:\windows\system32\conhost.exe
c:\windows\system32\DllHost.exe
c:\windows\system32\Mystify.scr
.
**************************************************************************
.
Tempo para conclusão: 2014-10-29 08:07:05 - Máquina reiniciou
ComboFix-quarantined-files.txt 2014-10-29 10:07
.
Pré-execução: 8.735.780.864 bytes disponíveis
Pós execução: 9.363.820.544 bytes disponíveis
.
- - End Of File - - AE996068806CDF7141EA08E254E81312
A36C5E4F47E84449FF07ED3517B43A31
avatar
Paulo Vieira
Iniciante
Iniciante

Mensagens : 18
Reputação : 0
Data de inscrição : 19/04/2014

Voltar ao Topo Ir em baixo

Re: Descoberta de Rede

Mensagem por joram em Qua 29 Out 2014, 21:24

Boa Noite! Paulo Vieira

> Desinstale: c:\program files\Enigma Software Group\SpyHunter <<
>
> Selecione e copie,o conteúdo que está no "Código",para o Bloco de Notas.
> Salve-o,no desktop,com o nome: CFScript << Texto!

Código:
KillAll::

File::
C:\WINDOWS\Installer\{5BAA60F6-577A-81B2-D7DF-90EAB3638451}\syshost.exe

Folder::
C:\WINDOWS\Installer\{5BAA60F6-577A-81B2-D7DF-90EAB3638451}

RegLock::
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]

Firefox::
FF - ExtSQL: !HIDDEN! 1970-01-17 00:31; jid0-O6MIff3eO5dIGf5Tcv8RsJDKxrs@jetpack; c:\users\PV\AppData\Roaming\Mozilla\Firefox\Profiles\6wbyrt5o.default\extensions\jid0-O6MIff3eO5dIGf5Tcv8RsJDKxrs@jetpack

Driver::
Bhbase
Bfilter
Bfmon
Bnbase
Bndef
Bprotect
BHipsEx
BdApiUtil
BdCameraProtect
fecf2f8c592ffaad

Quit::
> Ps: Desabilite,temporariamente,seu antivírus.
> Ps: Não utilizem este script em outra máquina!
> Arraste,o CFScript.txt para o ícone/interior do ComboFix.
> Veja a demonstração!

[Você precisa estar registrado e conectado para ver esta imagem.]

> Atenda à solicitação,que deverá surgir,para rodar o ComboFix.
> Ps: Faça o arraste,até surgir essa solicitação! ( janela )
> Caso apareça alguma mensagem para atualizar a ferramenta,clique Sim!
> Concluindo,poste: C:\ComboFix.txt <<

A+
avatar
joram
Administrador
Administrador

Mensagens : 3765
Reputação : 416
Data de inscrição : 26/01/2014
Localização : Rio de Janeiro

Voltar ao Topo Ir em baixo

Re: Descoberta de Rede

Mensagem por Paulo Vieira em Qua 29 Out 2014, 22:59

Realizado:

ComboFix 14-10-27.01 - PV 29/10/2014 22:02:59.2.2 - x86
Microsoft Windows 7 Ultimate 6.1.7601.1.1252.55.1046.18.2037.868 [GMT -2:00]
Executando de: c:\users\PV\Desktop\ComboFix.exe
Comandos utilizados :: c:\users\PV\Desktop\CFScript.txt
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
FILE ::
"c:\windows\Installer\{5BAA60F6-577A-81B2-D7DF-90EAB3638451}\syshost.exe"
.
ADS - drivers: deleted 55 bytes in 1 streams.
.
((((((((((((((((((((((((((((((((((((( Outras Exclusões )))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Administrador\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\balcobjiojeggchhjfjnionmhfijepla
c:\users\Administrador\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ipkfnchcgalnafehpglfbommidgmalan
c:\users\Administrador\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\mljffajdjfablplhmclmeebhmighmmdg
c:\users\Administrador\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\balcobjiojeggchhjfjnionmhfijepla
c:\users\Administrador\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ipkfnchcgalnafehpglfbommidgmalan
c:\users\Administrador\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\mljffajdjfablplhmclmeebhmighmmdg
c:\users\Administrador\AppData\Local\Google\Chrome\User Data\Default\Extensions\balcobjiojeggchhjfjnionmhfijepla
c:\users\Administrador\AppData\Local\Google\Chrome\User Data\Default\Extensions\ipkfnchcgalnafehpglfbommidgmalan
c:\users\Administrador\AppData\Local\Google\Chrome\User Data\Default\Extensions\mljffajdjfablplhmclmeebhmighmmdg
c:\users\Administrador\AppData\Local\Torch\User Data\Default\Extensions\balcobjiojeggchhjfjnionmhfijepla
c:\users\Administrador\AppData\Local\Torch\User Data\Default\Extensions\ipkfnchcgalnafehpglfbommidgmalan
c:\users\Administrador\AppData\Local\Torch\User Data\Default\Extensions\mljffajdjfablplhmclmeebhmighmmdg
c:\users\Convidado\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\balcobjiojeggchhjfjnionmhfijepla
c:\users\Convidado\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ipkfnchcgalnafehpglfbommidgmalan
c:\users\Convidado\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\mljffajdjfablplhmclmeebhmighmmdg
c:\users\Convidado\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\balcobjiojeggchhjfjnionmhfijepla
c:\users\Convidado\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ipkfnchcgalnafehpglfbommidgmalan
c:\users\Convidado\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\mljffajdjfablplhmclmeebhmighmmdg
c:\users\Convidado\AppData\Local\Google\Chrome\User Data\Default\Extensions\balcobjiojeggchhjfjnionmhfijepla
c:\users\Convidado\AppData\Local\Google\Chrome\User Data\Default\Extensions\ipkfnchcgalnafehpglfbommidgmalan
c:\users\Convidado\AppData\Local\Google\Chrome\User Data\Default\Extensions\mljffajdjfablplhmclmeebhmighmmdg
c:\users\Convidado\AppData\Local\Torch\User Data\Default\Extensions\balcobjiojeggchhjfjnionmhfijepla
c:\users\Convidado\AppData\Local\Torch\User Data\Default\Extensions\ipkfnchcgalnafehpglfbommidgmalan
c:\users\Convidado\AppData\Local\Torch\User Data\Default\Extensions\mljffajdjfablplhmclmeebhmighmmdg
c:\users\PV\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\balcobjiojeggchhjfjnionmhfijepla
c:\users\PV\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\balcobjiojeggchhjfjnionmhfijepla\1.0\background.html
c:\users\PV\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\balcobjiojeggchhjfjnionmhfijepla\1.0\content.js
c:\users\PV\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\balcobjiojeggchhjfjnionmhfijepla\1.0\lsdb.js
c:\users\PV\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\balcobjiojeggchhjfjnionmhfijepla\1.0\manifest.json
c:\users\PV\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\balcobjiojeggchhjfjnionmhfijepla\1.0\S5wjs.js
c:\users\PV\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ipkfnchcgalnafehpglfbommidgmalan
c:\users\PV\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ipkfnchcgalnafehpglfbommidgmalan\232\background.html
c:\users\PV\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ipkfnchcgalnafehpglfbommidgmalan\232\content.js
c:\users\PV\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ipkfnchcgalnafehpglfbommidgmalan\232\lsdb.js
c:\users\PV\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ipkfnchcgalnafehpglfbommidgmalan\232\manifest.json
c:\users\PV\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ipkfnchcgalnafehpglfbommidgmalan\232\Po92VKCaQ.js
c:\users\PV\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\mljffajdjfablplhmclmeebhmighmmdg
c:\users\PV\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\mljffajdjfablplhmclmeebhmighmmdg\5.14\background.html
c:\users\PV\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\mljffajdjfablplhmclmeebhmighmmdg\5.14\content.js
c:\users\PV\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\mljffajdjfablplhmclmeebhmighmmdg\5.14\jCiRh5zsPpl.js
c:\users\PV\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\mljffajdjfablplhmclmeebhmighmmdg\5.14\lsdb.js
c:\users\PV\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\mljffajdjfablplhmclmeebhmighmmdg\5.14\manifest.json
c:\users\PV\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\balcobjiojeggchhjfjnionmhfijepla
c:\users\PV\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\balcobjiojeggchhjfjnionmhfijepla\1.0\background.html
c:\users\PV\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\balcobjiojeggchhjfjnionmhfijepla\1.0\content.js
c:\users\PV\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\balcobjiojeggchhjfjnionmhfijepla\1.0\lsdb.js
c:\users\PV\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\balcobjiojeggchhjfjnionmhfijepla\1.0\manifest.json
c:\users\PV\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\balcobjiojeggchhjfjnionmhfijepla\1.0\S5wjs.js
c:\users\PV\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ipkfnchcgalnafehpglfbommidgmalan
c:\users\PV\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ipkfnchcgalnafehpglfbommidgmalan\232\background.html
c:\users\PV\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ipkfnchcgalnafehpglfbommidgmalan\232\content.js
c:\users\PV\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ipkfnchcgalnafehpglfbommidgmalan\232\lsdb.js
c:\users\PV\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ipkfnchcgalnafehpglfbommidgmalan\232\manifest.json
c:\users\PV\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ipkfnchcgalnafehpglfbommidgmalan\232\Po92VKCaQ.js
c:\users\PV\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\mljffajdjfablplhmclmeebhmighmmdg
c:\users\PV\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\mljffajdjfablplhmclmeebhmighmmdg\5.14\background.html
c:\users\PV\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\mljffajdjfablplhmclmeebhmighmmdg\5.14\content.js
c:\users\PV\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\mljffajdjfablplhmclmeebhmighmmdg\5.14\jCiRh5zsPpl.js
c:\users\PV\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\mljffajdjfablplhmclmeebhmighmmdg\5.14\lsdb.js
c:\users\PV\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\mljffajdjfablplhmclmeebhmighmmdg\5.14\manifest.json
c:\users\PV\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\balcobjiojeggchhjfjnionmhfijepla
c:\users\PV\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\balcobjiojeggchhjfjnionmhfijepla\000046.ldb
c:\users\PV\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\balcobjiojeggchhjfjnionmhfijepla\000054.ldb
c:\users\PV\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\balcobjiojeggchhjfjnionmhfijepla\000055.log
c:\users\PV\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\balcobjiojeggchhjfjnionmhfijepla\CURRENT
c:\users\PV\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\balcobjiojeggchhjfjnionmhfijepla\LOCK
c:\users\PV\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\balcobjiojeggchhjfjnionmhfijepla\LOG
c:\users\PV\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\balcobjiojeggchhjfjnionmhfijepla\LOG.old
c:\users\PV\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\balcobjiojeggchhjfjnionmhfijepla\MANIFEST-000053
c:\users\PV\AppData\Local\Google\Chrome\User Data\Default\Preferences
c:\users\PV\AppData\Local\Torch\User Data\Default\Extensions\balcobjiojeggchhjfjnionmhfijepla
c:\users\PV\AppData\Local\Torch\User Data\Default\Extensions\balcobjiojeggchhjfjnionmhfijepla\1.0\background.html
c:\users\PV\AppData\Local\Torch\User Data\Default\Extensions\balcobjiojeggchhjfjnionmhfijepla\1.0\content.js
c:\users\PV\AppData\Local\Torch\User Data\Default\Extensions\balcobjiojeggchhjfjnionmhfijepla\1.0\lsdb.js
c:\users\PV\AppData\Local\Torch\User Data\Default\Extensions\balcobjiojeggchhjfjnionmhfijepla\1.0\manifest.json
c:\users\PV\AppData\Local\Torch\User Data\Default\Extensions\balcobjiojeggchhjfjnionmhfijepla\1.0\S5wjs.js
c:\users\PV\AppData\Local\Torch\User Data\Default\Extensions\ipkfnchcgalnafehpglfbommidgmalan
c:\users\PV\AppData\Local\Torch\User Data\Default\Extensions\ipkfnchcgalnafehpglfbommidgmalan\232\background.html
c:\users\PV\AppData\Local\Torch\User Data\Default\Extensions\ipkfnchcgalnafehpglfbommidgmalan\232\content.js
c:\users\PV\AppData\Local\Torch\User Data\Default\Extensions\ipkfnchcgalnafehpglfbommidgmalan\232\lsdb.js
c:\users\PV\AppData\Local\Torch\User Data\Default\Extensions\ipkfnchcgalnafehpglfbommidgmalan\232\manifest.json
c:\users\PV\AppData\Local\Torch\User Data\Default\Extensions\ipkfnchcgalnafehpglfbommidgmalan\232\Po92VKCaQ.js
c:\users\PV\AppData\Local\Torch\User Data\Default\Extensions\mljffajdjfablplhmclmeebhmighmmdg
c:\users\PV\AppData\Local\Torch\User Data\Default\Extensions\mljffajdjfablplhmclmeebhmighmmdg\5.14\background.html
c:\users\PV\AppData\Local\Torch\User Data\Default\Extensions\mljffajdjfablplhmclmeebhmighmmdg\5.14\content.js
c:\users\PV\AppData\Local\Torch\User Data\Default\Extensions\mljffajdjfablplhmclmeebhmighmmdg\5.14\jCiRh5zsPpl.js
c:\users\PV\AppData\Local\Torch\User Data\Default\Extensions\mljffajdjfablplhmclmeebhmighmmdg\5.14\lsdb.js
c:\users\PV\AppData\Local\Torch\User Data\Default\Extensions\mljffajdjfablplhmclmeebhmighmmdg\5.14\manifest.json
.
.
((((((((((((((((((((((((((((((((((((((( Drivers/Serviços )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_FECF2F8C592FFAAD
-------\Service_BdApiUtil
-------\Service_BdCameraProtect
-------\Service_Bfilter
-------\Service_Bfmon
-------\Service_Bhbase
-------\Service_BHipsEx
-------\Service_Bnbase
-------\Service_Bndef
-------\Service_Bprotect
-------\Service_fecf2f8c592ffaad
.
.
(((((((((((((((( Arquivos/Ficheiros criados de 2014-09-28 to 2014-10-30 ))))))))))))))))))))))))))))
.
.
2014-10-30 00:36 . 2014-10-30 00:36 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-10-30 00:36 . 2014-10-30 00:36 -------- d-----w- c:\users\Convidado\AppData\Local\temp
2014-10-30 00:36 . 2014-10-30 00:36 -------- d-----w- c:\users\Administrador\AppData\Local\temp
2014-10-29 04:02 . 2014-10-29 04:02 62576 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{D3F459C9-F3F3-422D-AB01-71B8093DF24F}\offreg.dll
2014-10-28 23:35 . 2014-10-29 22:40 -------- d-----w- C:\FRST
2014-10-26 21:13 . 2014-10-26 21:13 -------- d-----w- c:\users\PV\AppData\Local\Diagnostics
2014-10-22 01:37 . 2014-10-25 00:55 -------- d-----w- c:\users\PV\AppData\Roaming\Solvusoft
2014-10-22 01:37 . 2014-10-25 00:58 -------- d-----w- c:\program files\WinThruster
2014-10-21 02:56 . 2014-10-20 05:37 8901368 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{D3F459C9-F3F3-422D-AB01-71B8093DF24F}\mpengine.dll
2014-10-21 02:15 . 2014-09-19 01:25 4201472 ----a-w- c:\windows\system32\jscript9.dll
2014-10-21 01:37 . 2014-07-17 01:39 3221504 ----a-w- c:\windows\system32\mstscax.dll
2014-10-21 01:33 . 2014-09-04 05:04 372736 ----a-w- c:\windows\system32\rastls.dll
2014-10-21 01:33 . 2014-09-29 00:41 2379264 ----a-w- c:\windows\system32\win32k.sys
2014-10-21 01:30 . 2014-06-18 22:23 81560 ----a-w- c:\windows\system32\mscories.dll
2014-10-21 01:30 . 2014-06-18 22:23 156824 ----a-w- c:\windows\system32\mscorier.dll
2014-10-21 01:30 . 2014-06-18 22:23 1131664 ----a-w- c:\windows\system32\dfshim.dll
2014-10-21 01:26 . 2014-09-13 01:40 67072 ----a-w- c:\windows\system32\packager.dll
2014-10-14 02:30 . 2014-10-14 03:30 -------- d-----w- c:\users\Tô Fora
2014-10-12 18:46 . 2014-10-12 18:46 -------- d-----w- c:\users\PV\AppData\Local\CombatArms
2014-10-12 13:59 . 2014-10-12 14:15 -------- d-----w- c:\programdata\WCService
2014-10-12 13:49 . 2014-10-12 14:09 -------- d-----w- c:\users\PV\AppData\Local\BoBrowser
2014-10-12 13:43 . 2014-10-12 15:08 -------- d-----w- c:\program files\globalUpdate
2014-10-12 13:43 . 2014-10-12 13:43 -------- d-----w- c:\users\PV\AppData\Local\globalUpdate
2014-10-12 13:32 . 2014-10-12 15:04 -------- d-----w- c:\users\PV\AppData\Local\5991
2014-10-12 13:28 . 2014-10-12 13:28 -------- d-----w- c:\programdata\Packer
2014-10-12 13:26 . 2014-10-12 17:02 -------- d-----w- c:\program files\Search Vortex
2014-10-12 13:23 . 2014-10-12 17:02 -------- d-----w- c:\program files\RBM
2014-10-12 13:21 . 2014-10-14 03:27 -------- d-----w- c:\program files\NJax
2014-10-12 13:21 . 2014-10-12 13:28 -------- d-----w- c:\users\PV\AppData\Roaming\GetRightToGo
.
.
.
((((((((((((((((((((((((((((((((((((( Relatório Find3M ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-10-29 22:55 . 2014-06-25 11:21 114904 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2014-10-22 02:53 . 2013-01-07 21:56 701104 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2014-10-22 02:53 . 2012-07-27 01:26 71344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2014-10-02 17:53 . 2013-11-27 14:42 231568 ------w- c:\windows\system32\MpSigStub.exe
2014-10-01 13:11 . 2014-06-25 11:13 51928 ----a-w- c:\windows\system32\drivers\mwac.sys
2014-10-01 13:11 . 2014-06-25 11:13 75480 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2014-10-01 13:11 . 2013-11-27 15:24 23256 ----a-w- c:\windows\system32\drivers\mbam.sys
2014-09-13 02:13 . 2003-03-18 23:14 505416 ----a-w- c:\windows\system32\msvcp71.dll
2014-09-13 02:13 . 2003-02-21 07:42 353864 ----a-w- c:\windows\system32\msvcr71.dll
2014-09-02 11:31 . 2012-07-30 17:34 46552 ----a-w- c:\windows\system32\drivers\GbpKm.sys
2014-08-23 01:46 . 2014-08-31 20:39 305152 ----a-w- c:\windows\system32\gdi32.dll
2012-04-21 01:18 . 2012-07-27 01:52 97208 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
(((((((((((((((((((((((((( Pontos de Carregamento do Registro )))))))))))))))))))))))))))))))))))))))
.
.
*Nota* entradas vazias e legítimas por padrão não são apresentadas.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1174016]
"ISUSPM Startup"="c:\program files\Common Files\InstallShield\UpdateService\ISUSPM.exe" [2005-08-11 249856]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2009-08-31 7731744]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2009-09-14 141848]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2009-09-14 173592]
"Persistence"="c:\windows\system32\igfxpers.exe" [2009-09-14 150552]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2014-08-21 959176]
"USB Security"="c:\program files\USB Disk Security\USBGuard.exe" [2011-01-31 623520]
"ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" [2005-08-11 81920]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040]
"TkBellExe"="c:\program files\Real\RealPlayer\update\realsched.exe" [2014-09-13 296520]
"UIExec"="c:\program files\Connect Manager\UIExec.exe" [2010-09-25 138584]
.
c:\users\PV\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games\Startup\
BrOffice.org 3.1.lnk - c:\program files\BrOffice.org 3\program\quickstart.exe [2009-4-16 384000]
Recorte de tela e Iniciador do OneNote 2007.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE /tsr [2009-2-26 97680]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2009-7-1 795936]
Ralink Wireless Utility.lnk - c:\program files\Ralink\Common\RaUI.exe -s [2012-7-26 1672480]
RealPlayer Cloud Service UI.lnk - c:\program files\Real\RealPlayer\RPDS\Bin\rpsystray.exe [2014-9-13 822880]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"3212083974"= 504b03042629ac09068374bfb51100000040000057dfbe4f62c7fd005fb5184b749a521932500c6e36450cbd18ecf31d4f4dacff32af95971262b33710ffa461bd774c05119b02569ce8a8d0a4f9f9d99bd51e577a41bc9fc8512d05718337d5409324eb7973151b62c1ba61bd0f8fbe96057ff064e05ecd5aab1f395d31ed4fbccea9a4ef59f1d841997b222555ed8c2e286fb75804d9b0e20e98e03584359536ae91a4d8ea734bbdfab81defdfa9706ecd97ae56032bdca3ba774500a4f751b3a8f09216d7c2595e1d9f0d331b21ea6ba2011432419355fe9830f9bccc9850f86b72e4230d0a9741ba3f3c1398474d0de822c945416acb94f97b6a422dc2913d6f1a318fbcfa2d5eb9126f3ee3171d9c9c18e5f9c1c73cf20b81cf1cb41c1fa834574a06566dd31c4d50ef0ca0b02222667a910644e353b4665f2c858e7d7547e4f4bc3296159c3e13168d9eae095e53a81e268d2863da02c2f9bc822c5a3f8b10ad61dab11be38a926921d2afc97ce1a01caa14b8fbf4a7073056eaf871f7abfda86773ad2e54d14d30e1fcf526283aebe2c64a96fdfdc1adbcfe9f2a2476b167ab86b53c43a973293743d35d3e66e730776d2ab2d1d3ce56d941e2ea5189635d5838672343aca0afa785490dd6af823e784b6d369fd2f6f5d4116d5a9e06a3b1f9e7e80e661b5b5327519d8d0ac91dbbdefaaf5988791d8a75b3d01b8196b552f4f88b5a10c63b5a2e0fae0f1fe833b992ade9b2260815ce46ea44557c6ed1c7b0463f1764b58870def769fe985843408b7b0702d2d6a5b79b2c1b7fc3cda9bff640ae82f485967d70edd9267dc6195889f3be0da1286ca43f71b470ca3a91d5de46b03c4fbc7aaa61e00c906a706879b88aba54efa087398b3c2c11c1771d2fee3545362e8bbc9bd2307f670d391461ed21f2dcc87a9272704500db61f0f66f6378c631a575e5af2dff5443dc4887649f8744de4a555bd0b9135870f09cbe73107904d919548ff85c0a9d5f9dc791ff6924bee817d6458e1f59a727367781818e668dbe330926365788c5e4483b125be787f408a142298b80396888cc00484d93d225e9a8b3b281114e55e8b1df1168e92666756be62fe21a82e2760458f15849c2357f82ad448b86eb59dccea586027396467b4ae609cf8eb80ea0a3e42f424362faed015f304dcee6c6a41b4bf5bc851c5a47df7475cc20dd1c6b61f4de1c85455e96798de9061ed482b69a63e6ca89a17bc10f924d9d50007ccbbd57de891143454a0048189ebdad633e800ec83a57db25556c92ac7311e368cca0069b2aaff1d1e727c4535e7a40b6fd3c507b64e3304ca953e953a8990fa3df32e52fb0797fca67dfb39cfa47f4ecb9b8486119f0acec137e7872c6ace0254662fcc53b77b1efbceb6382eb7b675122253ff1d6326038146c4a10d395f6120e84ebff37736ac95659f0ba5883770779db1a077757d30abd1c61709b09f45a50cccff3e1ab4cf2c94a55c441587968780330972a15829348dc578834c0f3f64675844ca57f30bbcc88e0c8f7e11924edef715db128a2c066cff8a6e6a2a79c33259440356aa4eb3c04e7858c7f75f3f2a93046b41fb089f43dadd195cbe7a3aa3b33545fd6132fbb96db702066e900c11a54349f7cd28949c5b2ca48c58aceb53b359b3fac86dd7103623bc372aca87c57e32fac448e7365600055f425481b3cbd14b64c2a50b872edfed981157db1d90bea0cc7cbdd630908fc2e429b612a98a5ce45e067c9fe52db3266c9574a12b50675429e4b4064c2fc2ebdd64263a7b9243652a4f4a1c3d0b982c9f280d68f4d215ef11f4573ae87ee93483285e40f931e99f5c31dee9bed53051ae51cf381e54f815f13fb7832e475272ad46dff700ab7b42251ff76ae479f26afa3a6e00ec96d5f80f0d0bb0a7884bda15616eb738f7b6e0ce3dbb94d572036aa7151d761589dd1b4de8057918b70d2835cb8fc44f3868118c14beb61117aa70d393ab6e515fd6f5e0112f83f726c04c97890f343b66b10421918605a7823995876fbe97d4df70c40ab9ee1ebd26b3f19cb6aaf75f7467a69ba56fa42bc4107934b9209d9cb7805f5bce904a02eb0cea4aae7b7aac75393140a59ee9fe54e45c532410cd5681228218055ada857ce86ae55a3d77a00870e5354987028ca242729d312c965751ac280b79b6fb4c5567b30c8972935ec3c06524ecb4f506dafa429d62b7973a01c24d5ab704df79bbda0b8cfced1d7fae36b662818da0087430e01d2dd636f76175b479ccf92c573b151b8bf1761b7e9204ba17f87677c7b5ff08cba04051260f421d1a32b7e0dc320af45065966dbf2241bbae1f8619efcb2b2cce36bfe0dcad76a553f626aecd4d6920e3eba8beadf82f97d53178c2e3e528d3222032892bb522d33e9569c53ad877754761d82bde562bdd73b389fcc477aed96e76210188f5cca71dfb33b27889f95073427094611ced3bbad2cca89ef10b084e5209dd0c1d6fca4e09355012910d07d53d74e941593dcf7f1b99ac5833944983273cf770a1ff413009668ed12c9786b2b43dd0d71579392bda90db992157d9f08cc802cb5bcfc44690610c01bfc120a29bcc9f845c255515046dcee799d41ace3fc4327351aa4bae396c3205eb3ae7fcc53345408493985bc7a16b31fca83552987844f1f071582b9595554fcb79d909626c0bc84d99c6899a48790864b7b18fa0742197b06807d9bc294f088a27fe493d92ba5a733ae8a7ec5f6b7fa07988bedc3dad2984fe3f2ea9b3e00f666a8a1e8c90aa4dcd017cae1a00a09c6462e1899c1066e66c053263c66f77040b2a93d3f9dbebe715f1cabcd961274b0ff943c1b8b75d38b133a9f830886a8b5acd64d8660b7b701e0e2764e0cfa4e6f374ad5de5e10f3bed2fa05ba17d15c4d354453e684f5e877ce4b1d7a6456263147b55063c128a0595d3bbf6ea3715c305a8696815af1757306a6ef5f39eefe33d192afd5a02e9284dd3063d010b3843a3d6e65569987a008d61628a85988c707465c725b584d3d2044d6f3d3c6cf2dd96bfa1b06a49d945daa2de7b34f53bfce6cdd930dd636525d0e34e65d027cbed97ff239940238aee6bb3fa10a2f4c1a91102d47894e906cb56084049b15907360631a16ed2863e37daef3cf06c6f5998317f920b2e03f40c6b7eb8cd871a254f59314f0e1fb585da8a646a6a47e55fb7288f45afd3cd999144ab7150c24ee5a2a59e917a8c80967e021a0a6fc96873eb1a3eb3048ab754198b95275b72a2a1e065f3227b9e9e16cd6966542692b2bffbefcc73167111b9219d094ae4e79fbc880db14fc1dd6e91249cf30f0806baf43deb92d34db7f49b7a5e77f335278dd47c7b8f95719bc3ef5bc8396162bdca957fbf415c2f5cda3cae751fc434e7a8920948c56909342f7af3b5d10129d5572349f5aca1868391d9fc734cd223182e003bf44595b0668f83d00e7a8108fded92356ba1eb28d383e2b4896cdfe10542e7cee6cc9f95d66e78b93430357194d73d8d218656e02a03a7e15d0c9626c4f6b5bb5079b173766ebfab6487161ad904558acf2f2954db2f10e4933edf9e98a87dd18c583abe3018b48b3c9dd5e05beb2d5b0d56af20857ef4deff601fac4e05efac4ef73fb93744b6871bef143bad8c81642e04257ce6d04e4a5433e2fe09874128f5ef394bc49f2f68ac9e0a88384b8d31e4aa15bbc1e94b762ea4277616ea1e3dcdb4a8ea5da936e703b15662a015eeb060cb56c1135e445432e8cbb7f91120f5e610b4ecb9c3fb02670149210d6913f4a8a86e89ca0dbd9d8e74b51ff3563aa1a5e909f4283a98c2b437737aee98998c1189fcbff0e93ce6c1253059be0b5fdcd8d271e90dc970d9c435e18a90fa3d3084c40c18709ed62b81cfe9f0b926eab6efe1b4d518fe6d5e1745086892340bba94a5b183326163bb49767ea8e135aabf5589ddccef7edb6e42622598381bbb479585401e23fda593520907c04f53a58084327d281f42e49715301dc80360816c625bdaad2a8d47e0797f7061240d2fcad1170e1f8c1ba37cf6c4c166006e77849cd8b59c85bd32a5bed00a0b664d56b280113d563be3b1f527c7ce350c00a097e9dcfb8b6edac0cc18c5d2b94dc7a0f93a4277991d8e226c13d2457089e69c5cf4e909926690f3d7c7a175e8a491ac947f5acd97ab0ffaa6d2bcb0d15f1f807be2b79dd3d97a37169a5b403169efc73ac58dc6bbc8833e03ee9341729246269ef654b21db0df2df33e95caf9a77cd7ffe1f93d49e91f20aca3c1f602a3eb04e8d7e744a6a8826f5ac34f55c2f570a30b69660f955d84b0ca6133f86cfe105e8a3579f3799baa75dff13533bb851e81942766431a94a57d4baae0c000393912b8d6effff86be80ff50da89c66c623d08fbef3ba8344d75a5a00e328d031f7e25e306b3f77ef418865b108269c91e9c2ebade2640f88d3694a3ad42684aa52eaf25ba1f47cb7217373295684caeb19ace7d1e55c62a8cfdbe165a147da7b3de81bf330a6f2aa294e067c3afc7f079010641ab7db9983a449e80e34c4c0ca5ee7ec156d6e5de64b010ac16dbc614538bf56baaf4e6a8d4054c9cae8489d2afa644ce736908ea75b198856348ad34bd67a2eaf019c45067514fc799d6787c5e088e75da6a9279016427af54dd678492452e23a9e2d83a200d035543e4da3ce71b83ca8638a535140250cba762f7d8daf043c7adbe05f724ec7b6f844612c37d6fcc4d2624c8325de0aa9434214f6b7906e6af7d3891109c49b7489887eab75df4554d90f255f262d5230a38e0deba33007e2f7b884eab7ffacb81a23b3f094968c6182b2a7ff52b7cc9b83d36a5808ba65f03882faf3c3da2765e6ec39dcb6f4e6d7bef308fb627287bfc12e032793d54423ebcd462108b2c10738b63f7c4dfdc7ddb3a62d3d4fbdffbdc9af70bb91c9efd7eea3916c9396197493d15c2e0701aa4138e400ec4ba014c407608e56bc1c49f1810034ce863a315b6fe0a2fc8b9a8753fbd270dd69cb4eba27f1f0ef22d7df58a9010d9960a989729ade4dc85496aca261d1b8c05deedb0662868bda827ac1ccfb4be3b7c044c15caf448db5194d83fdd72f4521989872f54d015c19bd5bc7cf7b8a69fa608fba04818a68c0dc71ec8ae8dc618c6c55c4f823b6151acec7eb09f497ad8721b3311749dd07cd74d312f45e470c6e73e53d42f5bfc5151f05e4079bf7eb625b3c525eb97f3b1c6f0fac783b5b5fa55c7638262214a257be1ae4ccd10273e317541dfe81efc1a89e9d790889e034f6ee2dfc0b281ade62430c2b93d7f36886869e483ba69237a71b99889fda335958c5474db7cd1b81fac0bf05feff0903c69c4d9f184b53a0331d3bba2bd54e6bc9d1a0290328ecd62b2e43c7af5d618aefc9c72814417b22ae24661448d81545137a05629c6b9456256f7d76d60d822e0b7d44f1b820178d2c6dc0eca44306c3ffb77b5489a65a02411e001c6d6faef894611de94858f5720e905c82225a5e7d6ae6de6080dc5cdb0ff0023eb43f5a3292035ab6df96a4adef51f8b0112d448ccf5e8dcfa9d09e4ac09301a14592535ad7193346a25a402ff48116059f5c69fb6be7cea365e152f448d74bf84e1e55791de259bb6d44dfef64bd9c70eb29da00a4a5e9039142e59d375d6c3f03c23e2b3c59e379c7748026d146edbdaf324a39c784ebdd8ace1781b07071b3389db0aa98c67d50d01075bbee584eaeae66fb614579fb7ad9aa865e8817873921c044efbece91cb0902bb53c21ad35d59482e61b67da08dc417c458309198c1501bc6a10cc1a24b474cb1fe68cf81863c28c4aaaa2375203cc2194e8f95646294e2f3dc3a4b7b2a405464d79f302b7a18394c239be7ea1066b78671e4ae6b3157d7f246511cc2c3b324836c774e8e1be050ef2aca3dc8220da55339db3008eba47363f04ca59b903a598528e04b72c85e6c377263c84fab913db4e9cab469bafe09e84aaa19a666bbd86a22ad48f536050ad6d0d59374da8b04119417eb07a8d1ff9d1704ad4ee085f03777700070241e6aca91dbe511f003bbad6658e7bccbddcce77d50eabbb0ee8203c0682b98e2b147b4bd46d89039ad102ca0760148728edec66914c17b0d5a4d0afa606c4a07108c2c8dfcd7173246f49f6ec9be94cc3af65514693600bc743417bb37c17117faaf9575f273b96afdd1195e4ba006099834bcf18918d7fee32e7320cac1092bf4bc9138871898ec9c80c7c089ce7613187de637764d78dd380feaa8fc9f1e7f8c740b75b161c56307023b8d1f3f6019f2f9475a10ae871d02950ce58b2d1936ec288f22ab5dbdb324116a566ccd141f46633951878b2b8329bd00fe5ef339c82e1ff41b53e4e7cc5b50474e60eafba9fba1851cca652a705ebd2661ea7b8e1c0b8cdeec2
"1781466620"= 504b0304c90da3b1fc052f6a120400000030000057dfbe4f62c7fd005fb5184b749a521932500c6e36750cbd18ecf31d4f4dacff32af95971262b33710ffa461bd774c05119b02569ce8a8d0a4f9f9d99bd51e577a41bc9fc8512d05718337d5409324eb7973151b9680e4b0bdeef74270b882eb420946b7b8b40862b9dac9cbf5a56ed8568c971101f6734e2b8839d84e1778d29918a522d11b349b1be5eec317e6d490c16c1a51d921b47d2d13cf9d64fe92e0d09b6f80680d8d36fe8ff62dd3048af7c85faa6b57e858e3b7bf6588bc5287ad7fb395cfa2bd08ca48d88e6e979eaf922a1b50d44b907b41d7f677a3dd643e04fb52b0ab709b83a9de68a4fead992fdfb3dcbfad3affbecb689110bda87e4f546bd03e5f97d85755d1bfb14fc0d2a03aaf7acd326a91580e0ddc3ae0e2e5c538534f2392c0639bbdeb336ebcf4509566f1839f940e0719f99bb17d1741a1b1441aa2fa2fe091d1f37d32d32c610ea70cb093770d7ce76712d71530a85276cd7377ed3dbe556f3f755000c19981d3cb109c1142a5657e7c89bf1b429820050df6b56f17cbaad3709e786fa3566ed4dcb33d87416dd2dd561ae2c5cef21bac9394b3f748d101be50098941f942150de521b37631f0c4dae3a1075130ee568f9813fc2cf60b57b3957c633c8f899d482881f9302c3bb20bdd291e889d30a0324512dd1be329f3e8fedd2a3fcbc0c025c01b32acefe29e92ce1c420c5d0adc32fc850762eec6c7e6a19b5e50ed6653da04d744496ef47c9e3ffe3c8943f699601c6ce42b368838837c5fe662563c78f4699328a69479eef836e372aa78d88d09053d0de5e8f767f253801269adc9d2572b26e6b5ec6f70b7cf1584cdd6c5b25be3062cd6d0a038141428a81360a742f94a45c66d2c2b7fee81b0127e6ed2a49c62fa0ecf00bf527bdc6f6f2ef8e994bc33f4eb03b50f3a4d91c9fb3ea4a78de1a74b16a4319c7cda11508c79880ee7d20341f3ebc0e4c2e05c048d837aa216ee81ec96b17c3521f5844b1e8c0db51b8fb2d5ee1a805d8a1c07b854637922bd1159968778a9ad7aef71e21f994b751ed50583199c2eff454852be0a4eb1376757cec6be659bb0387b06451b1a080079cd8bf27ae308a81f929265b71292a747062c3c321bd964d60bfd272a92f7f9bb674d7f31ede94b396990b6b1777dd0c3e975709cfddc885cc51f5667baa2618f7fb19e02e223e3313e7713c2fa526dbc36a41999aa9274b68906fba6c9d271e54d0114ebe5fa5f85cff7274ada3fcd59377fb153ee06fc8c5c1fbbe019245f4ef6f48f6948b0d60cc69a75a446d3fe486a97c0573c8486eaa624ca728f187c4725d8284886c32fc3a1a610a5d4e8120b69632134639e24c8a08361914e2ab775cb27d1fe8b7b6ad85d6b77ff469b33b1a8afbcecdcd2a687aac7a0843eb48b39706f462a547085fb2abd9a94644f5d70fc8786065a9e4f91a729ea801bddc2e63866920816
"3518887414"= 504b0304736b0169f6f5bdd1981700000050000057dfbe4f62c7fd005fb5184b749a521932500c6e36750cbd18ecf31d4f4dacff32af95971262b33710ffa461bd774c05119b02569ce8a8d0a4f9f9d99bd51e577a41bc9fc8512d05718337d5409324eb7973151b9680e4b0bdeef742fb6b81eb420946b7b8b40862b9dad1e8c7a5dec04e6c8e0ab4456e6f28ce14f51f3725eee5b20d7ce662c02fac80128ae38637fbf4867c17c9d717663da6767d89c658fdd74fb81b03ebdbdedea7491d2a3c133ef493731b542604f4bebc69fe2f02cb40f9b3b45d29a40a4a1487d0b71dd1b68e821f40084b407b25ee87063b9112ece9514914c7d4423b12f045b6a22d150d28f78c844b2c079f1b78200055c5fca3e82a972455517bd3c9f428b164b89517ab47e6b447afadd38678b857bf838eed34321eede6905e27fd8abfe7ce349b787f2ceadb45bba2f4ea19e70a8a2b5c4f0c177936117491afa1edeb5d5afc2e0e384518db1217850b7eac6ff9df99ed5e1416fe1b93fd4dd2036e8371d5e129993e594b1bbfe0669302928bf5a268e0f4aa93288eba13bc0125cecd46e2906e1d19cd2d3ff14d1b1ffb50ac2b2f5a28df9cb6c2e32f23d6a4fe0fa130be4dba875daef9cd943276420bf4bcfda157a87854590b71981eaf3fe5114e13b51b9956b7586105a81290a7f974ae78e9c5e5305e55b90536d5da9abe3aa6d3d7894737b70914e304c895aeed4ab7aa36fa2b8e5a93a3220506fe29a7d9a60c146e7edcf95ede9f5209637390b061cde231782f8b2a76cc12420afe66c666b54c8e1de9c6d7b8951184ac7f5b77d43b0a93628520289b31b01687daec69134dc85036e82c4f8cdbb84bf893e3d9dfa8898628a43ef08e2a7f442d85e85b083da10c4a48fbb1886aceda7a00296c79c3661b3e6c2d7975064380156ec53adb7ae23bbca7c0efb04863da781aaa195e7907760bb6ef0c1f326f86e4c65616b48513ac1bd36b25480b4b768869c05673029a83a23390f3595fcfb4e4a02fac243146e3a585fa83e91fc142be512a930f2cf296440b42b78c2880f0ff81b398ed373d287e58c5d313b3c28b43fed2489f2de932d5772a2233f3d6499e9e8754a064e61c5297c7d0913fc35baa83fb3c50e415d439f5d925e865435840b2aab80bd945f071db917a602d389ea2e3e4821423c5f4b9c3d04256b28d804e2c3dfd2a3b56cb4562f16616747f6f4974df1671c55e5c585cca7da509c73e567b0e19a1c9e7ba63b5e3fc82973179fb5bbd290612437a66ff92397e2024d203103a81238b4a2db552f8a252756ba784603dc7e1ac6799f1392a037d0128b6e82e0eb7907b10a097fc759bf0a26746e03a5cfb6cc635b5c3ead1266b4be8598a1a440e0ad49f4d4e0707e697a7d50fa766b3b03890cb4584bb70ed819fffe467b4718295d4bfeb9f1c454ed3ad402c01441828cc71e6330f160d4e7d4595c440b3f8ebf43ce4d3579902f00666d62d00eea6e437a3fc99cbc1588935db5dddff1da133827f8329106f3ea7bd9e4850f6b7c2679e9ba5b8542924f2054d089c1bfb27d94efc9550cdda928b972f95da7a48039874f81bcb02169ba4f35b12f420a3b086db2481027a637b789e88ab2287712cb3690d698799868450fa9ca5f7fb2d9980c25362be8ac4830b721795fae6c7c44971cac88cda6fc2c56df6d011b7e563b2ee540f6ea288f2c62f47204c9d944760d7d8a009f0c8c41fd43d1eae86e1c1a1cff7d928ee40ab435d8ba4fce63aa83d67e9095b26eb235d2b70271699209cd956fcd5bb44f6f2987a35057d4535d107764e9fb9b42514aef835272b347f56caf82feae78601abe447535ec9f0aaada05e688e468f66ec3ae7418751dae58a7d2fe0e4ef52e11396cd894c31ae9186e6f9cdd05a66e709c25e0f12bb2bc2e76c79a4ef6af794e522791da444af63073d3933053e2dda8b7a5fa9f892a324465a922d83d20b4a293dc0bf0e21254bfa58a9ee85c4cdfbdd09cde9e5c942655f3c8078aa42544d75ad310fada908142b3971f387103f3c959817ac23479bb7151c97567d388be6e5b58781375c65f52c3382c2294829e5ec2bb33721689adeff8fffcc34e4e7c409b82070a3d5876f0c90018600c2deb148a45fc8f2441d921276e39c0049b72e5ca8037953a9c96f1da6150859b9c992b3f8735f383b8d81e27b9e5a876ab04aadd93519606d13824f27eb090bf13461ed0c8314fc93ba9a8d18c5724d18628d674455a3fbe35f3d72177f252c303313636619b6cbb1aa7495ce886ae790de015c8ee29cb28a0ca5602360f427decabb77a49d204f98ab7ea700f9341c0bf71829bf33f4cdcbf7ee06581320c766ea588a380eccefda8d8f6a669334f0561fc75f199e1e3b3b094ff6a1593b3e3fbe7329304aa06d28744aa7088965416f097465e68dc9b413123f45dadcf67cafdf5e7b655ed4e2352f27a969b3dad5a37fecb4b73de6261cc2a6c64c8d0aeaf035db33d77ec5b6f2100af86b06a56698ef504eff99f4d06c0cbdda2b0b0b15ca9b48df92be6c6c8deacd71ef16e6b9bdbf25e403b23fa3a43d2d3121e95310c451242118a7a4d708aa70aed759dc3a830660b24c1beebf01b6b84aa94cda999d6af0c92f71ff232d83ee1f3109074d716cb1458067a8a2e0c633a527e1df46a392bbe35dd7fb26433e728c0a8df2d0ddaa81de445c6b06cc40ad02c78f3c6fa54f76decbf41841fa4954e65a7e027b018152148b0c30b16de2d2552de793e3964d74edc266f9afbc4a300346d81e6efcf636b9004a0f8f81e84fdc9bc34ed6c9232c1652964a6fdee5cab0a2c9f845c3b4e3536808f7fd66644d91197cf4dace416078a0b6078a897f696c2054f0eaf5dda39495ea0c804f7a4be30e97c8133d77e69ad85b0407673ef2bb186ecd253984a0051d5f2ad19037c83461a699fca9348087e32ba2acf63e39b112e0f3cd936749bab8070a85485352e435351bf19b664420b1a332443f96296ec980c72a3c646d6c80ceb3c45965daed78ff1366da8fce39771d75d997711d6bbc9486f36f6f48cc5b0c014d26500736e0097590212b04b43665838b3547af369d04e52513ed60e396ba9d4b9f8b7b8c8223f730513e9ea20fe6e8befa56fcd9cdaa42ecd7d498db853ec4ef0fd615fb85a521118af1f96e7552fdf287f6b35a28e7714c0310024abda1f07e918b8622eea24a8eb32797d708d15c6406dacc26be6b6f8196173875d119188acd49cfb8663f9f693531201572c0de4d996fcb9e47ff999caffef87285245934c916b5eff308f8aaa0a073bde32d699e8b66a7600001e930e475d84da4b77a780abb5b2516d60f7752e83646a37e1bcb395325926bc8dc0ad2cc21a8d96acb134f69093710902da15417d929fcfd6c7c77756f83000349fe904594aff69dbcc6dccd1f2c8a5ad33626d5fce069726611a008a878f38afd8b03f8b759a8620070eab5ead287665a8d99a4a7e60d8057c135cff8739899c5f8ed21a59e642c03381ce817fcc84be771daeed160d838be914e2f30ee4600a9356600d5050135e1e9b23d198931edf7fc2f7a4eb778103c1e5fc7f1b14bc5a18d76617bb243389510ba16717f18cdc553eb617f7043b1a8ea35094308388d7b2d3f10ea6867f3d8fcd5ff3ef33e55243dfcde4e9310cd1bcc68c24d028c2a9e322ece6058c4483189019ffa2fd7086b1889dff42222a5be59eeca8e0b2144de59a4a20f75be683b3cac38551cbe58711f9d5263968a9c9fe91b575ce5f3d3d72e1b9b3c2b8dcaee7c71536a11d2b78d0c42dd32610060f56e34df0a25f501d9931c6110ddaad1679d53347005b2ddeef846332f862eb775129f105672240e79c3b3ef8eb557e649c6d28d62eb191e8fcc250982a5ece17426a73d72e9f0d90251ec693d4051f17ec02293fab775d8485e52bd9b20478e9cd47d3418e2d44039577a8e4a6240653dedfd527db5524ddcff5219b82235aab3dc6618c0d51276fac13033524f151efca21f00cec6532d6c7f6b8536da5a8a09628eedaa735a7b3573881131d9806386de22f77d095051dfdbd2671bcd17300d5a1a73e3e176e20bf85893db110df52f843868267a0ad7bcf83611917ccbe9db27d22806b41b51bbffeafd48444eeccb427a55a72bd12ae05b351d6682f3d37cf43ed61d538614b6d4a9c5ba8b5d8ce24789d495a25f94f6c15facd726ea1043ab2a57b98395e37eedfdcc8539fc12c1cc8286b1c6afd83361df45a1292be8b35160a6095bdf68d1b89039b51d717423882a1597be4196717d3b064534d3a41f6fbaf346bb553bd45abdeef037a2fc884476ce3d67d209e8535bf1fa5a0c2df1b6658df8004ac8ca091bfa901f765a8a08174d18a515313a9c7534e8c6c1184b368ed151dd7294081b0686a9b7ff549371ce1bf2794a4c92698aa4053c149ad6010d721dff8da64b5c00483b044a134b4f26aa49f4f150411dd2b0e411253a5c03850d6cc8c8ee961320e43733a62d46301d2e25efb1f15b0bbb7bfc46d10da89a3a29171ac3f6e53f94aa51c99bd407f81a809b53a68c4a1af9cea5c58c4e696cabf55c12cb4f018f11a634fbc971ad601b420a05847479601a59cb0510e0625b87f8aa16bf57278bad32fa586b30483a4971cc11741e3f2f8f6e7b3d6d16e73eaf8ee45c5df471cadb7ff4e5291ece73acf05aaa7cede4edf913334774606e4bdb814feea81044f51b16736fae8e47449b6cea9e4285a5c42724a53d02aafe360efda8912530343478477169bb4d81afae7f3926820dfbe8896831458f0cc5948114accfc3bfe95af53f328323049666a1f311089fe459acc283e256808b0bf53615acd77464a3ce8b93fc1cf83515e64f8cae4c429e6214d8b0168d37b40875b157588c99b99f4441429252661fbbaf39c08fce0f68f5d53b16fc9a8d73d1d55f8a04b4f27f5cd337bda4ea44ef23736eb50a0663b0ba8fe30abdfd0ed3110b078def68f41e9a34ad1f6dd39079a2095e5203aa78e665213e641f59bef71d91afa921ed8c87f597b845ccc1d53231bb9035944093fe409e9a22b057ef5192eb5e9b654823e6decb28b27f297cd14d7e095166481d7314686ee8f61ab7c7c196d6d869e3099d5cfa59bc3e660dccf14268662376f9fabb010018ec7ee9a5b07fe18dfc57df9fbe3877c4d0b67b21ef02237cfb6185c7e7885aac68fafab47dbcf5cc4860c247de0b342d824601ec90ec9b548766aab1b457724114c6f9148eaf83c3dc4e8f2b156031a1e43dd04f0b815ffe2183c6b174a6862876c21eb7f685875368f5ae83a46f4b330cfb4b19889b4d34f9152e8135aa4e1af2e165fe54c45c82c789a23c0b47abe49572ad971a2226b40fb09ca949d5e5df9d859e4fd9bb0e37e4784961c7521b785eadc0565c38e162bd2e3185e8af8de96a81c263fa96b6716ed4be287075ff71d48e7643f1e8de335c8ce5da57488e835fe3a10458c6d5f16deaad57d0f32f96a226ff84d3eeb4b8fea8c3ee4da7aa7710782c5ec2ea3da379c404ef5dd884dda303676a051417bc666665877e9840c9d89e6fb6c2a113d0ba2e0b42010a28578e469847392762483b98b4d465fb29b241115b0a96b3f0f82ab100c63ebb774e62a0381c8e47c1d35c13238995ec456d0f852d2a320813282979d09597ae0d61c7f99600aecc92c2c884eb72108fa9906f2f6669bb41fd0605359ee61ebd5be89a0456ecd47ed17fbbf4903a00c7026453dc6eccac0b37c1bd74c5f95da60d8dff61a2921de0af3436bf2a3df6039d9e0418bc64ab76df0b1904f9a870225179679aa30ee7b82ca6c1d838f66e9783d9399c9c61e55f0e6954b301a0dd3ec3a2e39d795f8ad31aa0d90154abd24a47fff5aa2934212516c52d340eb6d148ccc5933a9fb14ad335b2f1855d90dabf8af7a65244684e8e29081bf6aa37e4bcca1e7deb4fadb1768f141294ecb1d9c3298ad0f332614ca3fb64c92f92d3ea085ce810fc75b34870f4dd06b126f43e0f13ec4314ce762b6dd97093ae542446d17406adff089eae7b1c08d0ce8d205af802ecc4946f51a9c58d0719bddc38ef755dd0bbdeaf3c41de8f2d6a9b0cd1619276cada9faafaae0f9c856573b3bb646a4b3afdaa11ce836d9a3a673972b7733c5f45098a286e6b2f5fdb6e46901a47f1dd8dce2452f3937063825389ae08b9acdb358feff0fd45d7b18e838a6e113935316ea3f71343851933ab80df882760fe5a534723e55cf57e0ca089d78fda91090990e0dd4a1f2d91d0044e210584dc29d1b61b6644e7e58747f0054b9de5b1145e4b9e66808374476121c25f73f989780bb9beca60b1b20a3b7240e15435bf76f375f1616fe55b1575d738154a3e78877ea8381a2ba7242d2a58ee06ca1b09c0e86405d29b721369effc14abc27b5e9d4891315fefd448df7209ce7b0ac4675de696c37c1ba5404c0ccfadfa7e360dddacd722b48ce30f1494abe35d9ca30b9488b436dde267f93522a50798ef55f6698f041b2f759aba9099bad4e4912a48e6bd0b2a2b32748d170a7cc276afe0d56e0e41ffb89859d6b20a08870217f13cf879400a68893d8ddfd373d86b2d8574f399e942030e5becf224b480d3df3ccaad9c067635665da54b0123a89ab54d0d215f4473ee0efed6e44f987a9082cb78295362cb17fd35e2e2f078ab8088a422058a794749318560f04563ba663e58ee05a1153441b09ea39c5ea736d3200b71d2e6d79d346f9f86a00639830778a6d11c36fd6527b100ca5cadb86728987db00805aefe9406fda00c8ed302ae73846e55a9ee3a9e3a1272b045fa34d0c7a0459238ebefbee1077faf8c89086e4d26ba79ecdd6ba2f04e06c87873e2dc9428643dcaf28c719548a8a2592542561a346b89990096d068d3ac4ac8dbf9146dc90ea03e8d46c3782c7e2e3326e37c055b0274f2a25f0ef4ca516f3c8afbd0bb94e9945a13cbaa8ae355b03477b900d0622bd1a838fd2668226ea2fa467f19241325a8961c07851d66ad889b9958d518a78428d89ffba2c9b0737928c3cd40406dfc971bb159a3a5e64fd44eb43ac39bd6ca33ca3c6f2d6d4a3e1aad334322a873c58a92a384ca2e051f48d2676e3a21d5b10362dbf02f97e8d99ffc3e88edb6191ac0990015c1ac05ad1b255e1f2b2c13802057dc3f7749c1ac9f87ab923aea3b83587bcceee07a9b91b414935bbd1094552c0af2988af4ec057a1b87493835675db0e3d301e7dfbee8f2ee4445571b1f02a82ecb0f48d788b3e90d93f6a66e365e7753d8668994a406031229818b77fcfe7aa4ab900a9572b1939e75a9403b4a1b11eaae87c7ce1f92ae1c3b91d6c16fe1a903dd9a82bbacf64b509e7791f2a1d345b552a8acf38e8b9f1bea5f2f612147d5f816203f1b7680c815390e391e56a2670cfe2828e3be95fbd10a3dcefb43a3aa802d3120bdab4742a40d043c63bf443f600a433bd5219e6fe431d02cb5bf106dc0dc903d147341bffbba09a3350a395ea109c311c86ce611dea70410c0d8779212d76246cef326d94c390d1ccf649d4cbe7e768d996de359a37781fc762235b0a73dbe1694b83c1171e0f1b9b410161421764301267d3ba855d49852a03523f5f306ce5e70bf8a3759d820aa9baefbb033ac83de502d52d919e028ae331318d4fbf02f1614e1020e570f78097ce3f500d29c3c00457001c9d29c05c9e0f529cca8f84388ad1763f2f0544f16590434560a7347f25056fefa6c9827746d2863deb779bab6a5e2a32b432009bed1499a139cef4e02b72bae5fe02e249181b9186d02be799b3b8ed99c204c527bb0fae7eda3e7ed6cbe3cf0fec0ef9090e89947877bad5c0a6ba177d35edc284ad83dc1182a135012be966dd8e731de664a8fb8c24abca50388f457aee8913f89e5e42eadc1924b7b357363d86694b5a9eb9add8dd0ec81a61f5042a9a331ee131d39f865e66fa5c68bdc389bcff9704de8626d8df84ce85fde68602bcdc4963e247fdb8d50204b34d760a7c86e18f6a770ee864bdb364ec7e34cd8f24062bfe5b58b09b8a64283b8fc9467b2d3e8f74654844047e06ecfd422cf85401c9b006c3ae9e882a7d1bc7a65afb20942ee97ff4571903fa56943743118d7dd6f9ba39e4fe91b023077550b65f5854001897fd509a7b624127705419c46f4b462081abdd912719991dc5ce220e8acfb6eef7e6481d26d6890f0bce55866d7264c10768a06167828ef153cb1f0e26aef6b36f94caf3962336e11e0879d355a95f216ea5bad7653d4e68115120b09a953fae2dd82a281087d9d24271b9d020eea05093fdf4cc0a443ff5b63a2c202d42e485a318630a11bc4c8a6233bca7ba371af771b7179d5df8989bdd85d06c65327f1632085d433ee1acadbdcfb02703ffef87c24cf34ddf1d16f2400a7c6e3dade91d2a519657faf36b32614d692f52abe006294009f87eae07f3600444f26a3152ec6facc666954496f5e992f1d7ad27f3fdd80b99e43cb2e531c7f028c92df8b025976e50922497546037156b7db351756b78ff0
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\ GbPluginCef]
2014-08-12 18:20 1736008 ----a-w- c:\program files\GbPlugin\gbiehcef.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux1"=wdmaud.drv
.
R3 AVG Bonjour Service;AVG Bonjour Service;c:\windows\TEMP\avgcu_mDNSResponder.exe [x]
R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [2010-02-01 29472]
R3 CT_QUALCOMM_U_drv;Qualcomm EVDO USB Device for Serial Communication;c:\windows\system32\DRIVERS\CT_QUALCOMM_U_drv.sys [2009-04-27 103552]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys [2010-11-20 62464]
R3 esgiguard;esgiguard;c:\program files\Enigma Software Group\SpyHunter\esgiguard.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe [2014-09-19 108032]
R3 massfilter;ZTE Mass Storage Filter Driver;c:\windows\system32\drivers\massfilter.sys [2010-09-15 9216]
R3 NdisrdMP;NdisrdMP;c:\windows\system32\DRIVERS\gbpndisrd.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2010-11-20 15872]
R3 RTL8187B;Realtek RTL8187B Wireless 802.11b/g 54Mbps USB 2.0 Network Adapter;c:\windows\system32\DRIVERS\RTL8187B.sys [2009-07-13 347136]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [2010-11-20 77184]
R3 terminpt;Microsoft Remote Desktop Input Driver;c:\windows\system32\drivers\terminpt.sys [2010-11-20 25600]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 52224]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-20 27264]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [2010-11-20 112640]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys [x]
R3 WatAdminSvc;Serviço de Tecnologias de Ativação do Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2012-07-30 1343400]
S0 GbpKm;Gbp KernelMode;c:\windows\system32\drivers\gbpkm.sys [2014-09-02 46552]
S1 Ndisrd;GAS Tecnologia Filter Driver;c:\windows\system32\DRIVERS\gbpndisrdn.sys [2014-03-16 29400]
S2 CDROM_Detect;CDROM_Detect;c:\program files\3.5G HSPA MODEM\WCDMA_Eject.exe [2012-09-18 325632]
S2 GbpSv;Gbp Service;c:\progra~1\GbPlugin\GbpSv.exe [2014-07-22 546104]
S2 MBAMScheduler;MBAMScheduler;c:\program files\Malwarebytes Anti-Malware\mbamscheduler.exe [2014-10-01 1871160]
S2 RealNetworks Downloader Resolver Service;RealNetworks Downloader Resolver Service;c:\program files\RealNetworks\RealDownloader\rndlresolversvc.exe [2014-07-24 39568]
S2 RealPlayer Cloud Service;RealPlayer Cloud Service;c:\program files\real\realplayer\RPDS\Bin\rpdsvc.exe [2014-09-13 1141848]
S2 RealPlayerUpdateSvc;RealPlayer Update Service;c:\program files\Real\UpdateService\RealPlayerUpdateSvc.exe [2014-07-24 23552]
S2 SSPORT;SSPORT;c:\windows\system32\Drivers\SSPORT.sys [2008-01-24 5120]
S2 UI Assistant Service;UI Assistant Service;c:\program files\Connect Manager\AssistantServices.exe [2010-09-25 252784]
S3 netr28;Ralink 802.11n Extensible Wireless Driver;c:\windows\system32\DRIVERS\netr28.sys [2010-02-05 785184]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [2009-03-02 139776]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-04-10 23:56 1077576 ----a-w- c:\program files\Google\Chrome\Application\34.0.1847.116\Installer\chrmstp.exe
.
Conteúdo da pasta 'Tarefas Agendadas'
.
2014-10-29 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-01-07 02:13]
.
2014-10-30 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2013-02-10 14:38]
.
2014-10-30 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2013-02-10 14:38]
.
.
------- Scan Suplementar -------
.
uStart Page = [Você precisa estar registrado e conectado para ver este link.]
mStart Page = [Você precisa estar registrado e conectado para ver este link.]
IE: SmarThru4 Capturar seleção - c:\program files\SmarThru 4\WebCapture.dll2.htm
IE: SmarThru4 Salvar como HTML - c:\program files\SmarThru 4\WebCapture.dll1.htm
IE: SmarThru4 Salvar texto selecionado - c:\program files\SmarThru 4\WebCapture.dll.htm
IE: SmarThru4 Web Capture - c:\program files\SmarThru 4\WebCapture.dll
Trusted Zone: caixa.gov.br
Trusted Zone: caixa.gov.br\imagem
Trusted Zone: caixa.gov.br\imagem2
Trusted Zone: caixa.gov.br\internetbanking
Trusted Zone: caixa.gov.br\internetbankingpf
Trusted Zone: caixa.gov.br\www
TCP: DhcpNameServer = 177.36.96.21 192.168.0.1
FF - ProfilePath - c:\users\PV\AppData\Roaming\Mozilla\Firefox\Profiles\6wbyrt5o.default\
FF - ExtSQL: !HIDDEN! 1970-01-17 00:31; jid0-O6MIff3eO5dIGf5Tcv8RsJDKxrs@jetpack; c:\users\PV\AppData\Roaming\Mozilla\Firefox\Profiles\6wbyrt5o.default\extensions\jid0-O6MIff3eO5dIGf5Tcv8RsJDKxrs@jetpack
.
.
--------------------- CHAVES DO REGISTRO BLOQUEADAS ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Outros Processos em Execução ------------------------
.
c:\windows\system32\WLANExt.exe
c:\windows\system32\conhost.exe
c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files\WIDCOMM\Bluetooth Software\btwdins.exe
c:\program files\Ralink\Common\RaRegistry.exe
c:\windows\system32\DllHost.exe
c:\windows\system32\conhost.exe
c:\windows\system32\sppsvc.exe
c:\windows\system32\Mystify.scr
.
**************************************************************************
.
Tempo para conclusão: 2014-10-29 22:53:35 - Máquina reiniciou
ComboFix-quarantined-files.txt 2014-10-30 00:53
ComboFix2.txt 2014-10-29 10:07
.
Pré-execução: 10.457.837.568 bytes disponíveis
Pós execução: 10.097.311.744 bytes disponíveis
.
- - End Of File - - E0DB171F90B4D9C61B44CCDF37B62367
A36C5E4F47E84449FF07ED3517B43A31
avatar
Paulo Vieira
Iniciante
Iniciante

Mensagens : 18
Reputação : 0
Data de inscrição : 19/04/2014

Voltar ao Topo Ir em baixo

Re: Descoberta de Rede

Mensagem por joram em Qua 29 Out 2014, 23:09

Boa Noite! Paulo Vieira

> Veja se já pode executar AdwCleaner.
> Poste o relatório!

A+

_________________
[Você precisa estar registrado e conectado para ver este link.] >> O que há de melhor,para desinfectar seu computador!
[Você precisa estar registrado e conectado para ver este link.] >> Não deixem de conhecer!
[Você precisa estar registrado e conectado para ver este link.] >> Tradição em informática!
avatar
joram
Administrador
Administrador

Mensagens : 3765
Reputação : 416
Data de inscrição : 26/01/2014
Localização : Rio de Janeiro

Voltar ao Topo Ir em baixo

Re: Descoberta de Rede

Mensagem por Paulo Vieira em Qui 30 Out 2014, 00:26

Consegui executar o AdwCleaner e fiz os procedimentos indicados. Eis o relatório:

# AdwCleaner v3.311 - Relatório criado 30/10/2014 às 00:11:47
# Atualizado 30/09/2014 por Xplode
# Sistema Operacional : Windows 7 Ultimate Service Pack 1 (32 bits)
# Usuário : PV - PAULOVIEIRA-PC
# Executando de : C:\Users\PV\Downloads\adwcleaner_3.311.exe
# Opção : Limpar

***** [ Serviços ] *****


***** [ Arquivos / Pastas ] *****

Pasta Deletada : C:\ProgramData\apn
Pasta Deletada : C:\ProgramData\AVG Secure Search
Pasta Deletada : C:\ProgramData\AVG Security Toolbar
Pasta Deletada : C:\ProgramData\baidu
Pasta Deletada : C:\ProgramData\ParetoLogic
Pasta Deletada : C:\ProgramData\Rightapp software
Pasta Deletada : C:\ProgramData\Tarma Installer
Pasta Deletada : C:\ProgramData\WPM
Pasta Deletada : C:\ProgramData\SaverExtteneSiion
Pasta Deletada : C:\ProgramData\ssavE net
Pasta Deletada : C:\Program Files\globalUpdate
Pasta Deletada : C:\Program Files\ssavE net
Pasta Deletada : C:\Users\Administrador\AppData\Local\torch
Pasta Deletada : C:\Users\Convidado\AppData\Local\torch
Pasta Deletada : C:\Users\Public\Documents\baidu
Pasta Deletada : C:\Users\PV\AppData\Local\globalUpdate
Pasta Deletada : C:\Users\PV\AppData\Local\iac
Pasta Deletada : C:\Users\PV\AppData\Local\Mobogenie
Pasta Deletada : C:\Users\PV\AppData\Local\torch
Pasta Deletada : C:\Users\PV\AppData\Roaming\baidu
Pasta Deletada : C:\Users\PV\AppData\Roaming\DriverCure
Pasta Deletada : C:\Users\PV\AppData\Roaming\ParetoLogic
Pasta Deletada : C:\Users\PV\AppData\Roaming\PC TEKNIX
Pasta Deletada : C:\Users\PV\AppData\Roaming\Solvusoft
Pasta Deletada : C:\Users\PV\Documents\Mobogenie
Arquivo Deletada : C:\Users\PV\daemonprocess.txt
Arquivo Deletada : C:\Users\PV\AppData\Roaming\Mozilla\Firefox\Profiles\6wbyrt5o.default\.autoreg
Arquivo Deletada : C:\Users\PV\AppData\Roaming\Mozilla\Firefox\Profiles\6wbyrt5o.default\user.js
Arquivo Deletada : C:\Users\PV\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage
Arquivo Deletada : C:\Users\PV\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage-journal

***** [ Tarefas ] *****


***** [ Atalhos ] *****


***** [ Registro ] *****

Chave Deletedo : HKCU\Software\Microsoft\Internet Explorer\DOMStorage\[Você precisa estar registrado e conectado para ver este link.]
Chave Deletedo : HKLM\SOFTWARE\Classes\Prod.cap
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\avg-secure-search-installer_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\avg-secure-search-installer_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\Iminent_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\Iminent_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\IminentSetup_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\IminentSetup_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\YontooDesktop_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\YontooDesktop_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\MobogenieAdd
Chave Deletedo : HKCU\Software\5c55db8fb63db948
Chave Deletedo : HKCU\Software\AppDataLow\{5F189DF5-2D05-472B-9091-84D9848AE48B}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{02054E11-5113-4BE3-8153-AA8DFB5D3761}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{31E3BC75-2A09-4CFF-9C92-8D0ED8D1DC0F}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{917CAAE9-DD47-4025-936E-1414F07DF5B8}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{C66F0B7A-BD67-4982-AF71-C6CA6E7F016F}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{EAF749DC-CD87-4B04-B22A-D4AC3FBCB2BC}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}
Chave Deletedo : HKLM\SOFTWARE\Classes\TypeLib\{2BF2028E-3F3C-4C05-AB45-B2F1DCFE0759}
Chave Deletedo : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Chave Deletedo : HKLM\SOFTWARE\Classes\TypeLib\{DB538320-D3C5-433C-BCA9-C4081A054FCF}
Chave Deletedo : HKLM\SOFTWARE\Classes\TypeLib\{E2343056-CC08-46AC-B898-BFC7ACF4E755}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
Chave Deletedo : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9A216821-0EC5-49A3-85AC-FB72AE79A1E8}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9A216821-0EC5-49A3-85AC-FB72AE79A1E8}
Chave Deletedo : HKCU\Software\Adorika
Chave Deletedo : HKCU\Software\ParetoLogic
Chave Deletedo : HKCU\Software\PrivitizeVPNInstallDates
Chave Deletedo : HKCU\Software\RegisteredApplicationsEx
Chave Deletedo : HKCU\Software\StartSearch
Chave Deletedo : HKLM\SOFTWARE\Babylon
Chave Deletedo : HKLM\SOFTWARE\ParetoLogic
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchTheWebARP
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0238BBE24EA3A70408B81E4BB89C15E5
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\29799DE249E7DBC459FC6C8F07EB8375

***** [ Navegadores ] *****

-\\ Internet Explorer v11.0.9600.17344


-\\ Mozilla Firefox v12.0 (pt-BR)

[ Arquivo : C:\Users\PV\AppData\Roaming\Mozilla\Firefox\Profiles\6wbyrt5o.default\prefs.js ]

Linha deletada : user_pref("extensions.enabledAddons", "quick_start%40gmail.com:3.2.0,quick_start%40gmail.com:3.2.0,{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA}:6.0.31,{972ce4c6-7e08-4474-a285-3208198ce6fd}:12.0");

-\\ Google Chrome v34.0.1847.131

[ Arquivo : C:\Users\PV\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [10412 octets] - [30/10/2014 00:05:34]
AdwCleaner[S0].txt - [10013 octets] - [30/10/2014 00:11:47]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [10074 octets] ##########
avatar
Paulo Vieira
Iniciante
Iniciante

Mensagens : 18
Reputação : 0
Data de inscrição : 19/04/2014

Voltar ao Topo Ir em baixo

Re: Descoberta de Rede

Mensagem por joram em Qui 30 Out 2014, 00:54

Bom Dia! Paulo Vieira

> Baixe: < [Você precisa estar registrado e conectado para ver este link.] > ( ... by Oleg N. Scherbakov )
> Salve-o no desktop!
> Desabilite seu antivírus!
> Para Windows 7,clique direito em JRT.exe e execute-o ... 

[Você precisa estar registrado e conectado para ver esta imagem.]

[Você precisa estar registrado e conectado para ver esta imagem.]

> Aguarde a conclusão e poste o relatório. ( JRT.txt )

A+
avatar
joram
Administrador
Administrador

Mensagens : 3765
Reputação : 416
Data de inscrição : 26/01/2014
Localização : Rio de Janeiro

Voltar ao Topo Ir em baixo

Re: Descoberta de Rede

Mensagem por Paulo Vieira em Qui 30 Out 2014, 21:40

Baixei o programa, mas não consigo executar.

Verifiquei que ao tentar ativar Serviço Cliente DNS surge a mensagem: O SISTEMA NÃO PODE ENCONTRAR O CAMINHO ESPECIFICADO.
avatar
Paulo Vieira
Iniciante
Iniciante

Mensagens : 18
Reputação : 0
Data de inscrição : 19/04/2014

Voltar ao Topo Ir em baixo

Re: Descoberta de Rede

Mensagem por joram em Qui 30 Out 2014, 23:49

Paulo Vieira escreveu:Baixei o programa, mas não consigo executar.

Verifiquei que ao tentar ativar Serviço Cliente DNS surge a mensagem: O SISTEMA NÃO PODE ENCONTRAR O CAMINHO ESPECIFICADO.
Boa Noite! Paulo Vieira

< [Você precisa estar registrado e conectado para ver este link.] >

> Verifique se este artigo lhe ajuda!

A+
avatar
joram
Administrador
Administrador

Mensagens : 3765
Reputação : 416
Data de inscrição : 26/01/2014
Localização : Rio de Janeiro

Voltar ao Topo Ir em baixo

Re: Descoberta de Rede

Mensagem por Paulo Vieira em Sex 31 Out 2014, 00:51

Pelo que entendi do site que as abas Logon dos serviços DHCP e DNS tem que ser iguais. Verifiquei que o serviço Cliente DNS estava com a aba LOGON diferente da do serviço Cliente DHCP e pelo artigo ambas tem que ser idênticas.
Como o serviço DHCP estava com LOGON/Esta conta ( opção marcada) com nome de Serviço Local e senha ( que não sei qual é) fiz o mesmo no serviço/Cliente DNS; LOGON--> Esta conta (marquei e escrevi Serviço Local com senha pré definida que não sei qual é). Ao colocar em Automático surge a mesma mensagem: O SISTEMA NÃO PODE ENCONTRAR O CAMINHO ESPECIFICADO.
avatar
Paulo Vieira
Iniciante
Iniciante

Mensagens : 18
Reputação : 0
Data de inscrição : 19/04/2014

Voltar ao Topo Ir em baixo

Re: Descoberta de Rede

Mensagem por joram em Sex 31 Out 2014, 01:28


  • Bom Dia! Paulo Vieira

  • Baixe: < [Você precisa estar registrado e conectado para ver este link.] > ( ... by Farbar )
  • Salve-a no desktop!

    [Você precisa estar registrado e conectado para ver esta imagem.]

  • Para Windows Vista ou 7,execute "FSS.exe" como administrador.

  • <1> Internet Services
  • <2> Windows Firewall
  • <3> System Restore
  • <4> Security Center/Action Center
  • <5> Windows Update
  • <6> Windows Defender

    [Você precisa estar registrado e conectado para ver esta imagem.]

  • Marque as seguintes caixas!
  • Clique em "Scan" e aguarde o seu término!
  • Poste o relatório! ( FSS.txt )

  • A+
avatar
joram
Administrador
Administrador

Mensagens : 3765
Reputação : 416
Data de inscrição : 26/01/2014
Localização : Rio de Janeiro

Voltar ao Topo Ir em baixo

Re: Descoberta de Rede

Mensagem por Paulo Vieira em Sex 31 Out 2014, 21:29

Baixei o programa mas não consigo executá-lo, quando tento abrir o mesmo ameaça abrir mas some.
avatar
Paulo Vieira
Iniciante
Iniciante

Mensagens : 18
Reputação : 0
Data de inscrição : 19/04/2014

Voltar ao Topo Ir em baixo

Re: Descoberta de Rede

Mensagem por joram em Sex 31 Out 2014, 23:59

Boa Noite! Paulo Vieira

> Baixe: < [Você precisa estar registrado e conectado para ver este link.] >  < [Você precisa estar registrado e conectado para ver esta imagem.] > ( ... de Nicolas Coolman )
> Ou [Você precisa estar registrado e conectado para ver este link.] << Link!
> Salve-o no disco local! ( C ou D )
> Desabilite seu antivírus e execute "ZHPDiag2.exe",para instalar a ferramenta.

[Você precisa estar registrado e conectado para ver esta imagem.]

> Execute o ícone do pergaminho. ( ZHPDiag )

[Você precisa estar registrado e conectado para ver esta imagem.]

> Clique "COMPLETA" e aguarde a conclusão!
> Clique OK e,ao concluir,poste o relatório! ( ZHPDiag.txt
> Ps: Como o log será extenso,envie-o à [Você precisa estar registrado e conectado para ver este link.].

> Ou acesse: < [Você precisa estar registrado e conectado para ver este link.]

> Ou acesse: < [Você precisa estar registrado e conectado para ver este link.] >

> Ou anexe-o |[Você precisa estar registrado e conectado para ver este link.]| << Link!

> Maiores informações: < |[Você precisa estar registrado e conectado para ver este link.]| > << Hospedagem!

A+
avatar
joram
Administrador
Administrador

Mensagens : 3765
Reputação : 416
Data de inscrição : 26/01/2014
Localização : Rio de Janeiro

Voltar ao Topo Ir em baixo

Re: Descoberta de Rede

Mensagem por Paulo Vieira em Sab 01 Nov 2014, 01:10

Segue link com relatório do ZHPD

[Você precisa estar registrado e conectado para ver este link.]
avatar
Paulo Vieira
Iniciante
Iniciante

Mensagens : 18
Reputação : 0
Data de inscrição : 19/04/2014

Voltar ao Topo Ir em baixo

Re: Descoberta de Rede

Mensagem por Conteúdo patrocinado


Conteúdo patrocinado


Voltar ao Topo Ir em baixo

Página 1 de 2 1, 2  Seguinte

Ver o tópico anterior Ver o tópico seguinte Voltar ao Topo


 
Permissão deste fórum:
Você não pode responder aos tópicos neste fórum