Flux 
Social bookmarking
Conservar e compartilhar o endereço de PC Seguro em seu site de social bookmarking
Conservar e compartilhar o endereço de Fórum PC Brasil em seu site de social bookmarking
Estatísticas
Temos 14810 usuários registradosO último membro registrado é Josevinil
Os nossos membros postaram um total de 36047 mensagens em 3685 assuntos
Quem está conectado?
Há 16 usuários online :: 0 registrados, 0 invisíveis e 16 visitantes Nenhum
O recorde de usuários online foi de 301 em Ter 26 Out 2021, 15:28
Procurar
Top dos mais postadores
| Power Max |
| |||
| joram |
| |||
| Wings [In Memoriam] |
| |||
| caedurodrigues |
| |||
| Amigo Brasileiro |
| |||
| luizvilarinho |
| |||
| Danii |
| |||
| Admin |
| |||
| Danilo Marsaro |
| |||
| Andreata |
|
Descoberta de Rede
2 participantes
Página 1 de 2
Página 1 de 2 • 1, 2 
Descoberta de Rede
por Paulo Vieira Dom 26 Out 2014, 09:44
Tive problema com websearches. Consegui desinstalar mexendo no registro do windows (ajuda do Spy Hunter). A partir daí não consigo acessar impressora remota a partir do notebook com Win 7 Ultimate de 32.
Na rede pude verificar que tinha que ativar Descoberta de Rede na Central de Rede e Compartilhamento, porém quando marco a opção de Ativar e volto para verificar está desmarcada.
Fiz os seguintes procedimentos orientados pela rede:
No Firewall do Windows habilitei:
Compartilhamento de Arquivos e Impressoras; --> Feito
Descoberta de Rede;--> Feito
SSTP ( Security Socket Tunneling Protocol)--> Feito
Depois em Serviços, colocar Automátioco os seguintes Serviços:
Cliente DNS --> NÂO CONSIGO
Publicação de Recursos de Descoberta de Função --> Feito
Descoberta SSDP Discovery --> Feito
Host de Dispositivo UPnP --> Feito
Portanto NÃO consigo ativar CLIENTE DNS, pois surge a mensagem: " O SISTEMA NÃO PODE ENCONTRAR O CAMINHO ESPECIFICADO!".
Pude perceber que o caminho seria: \\C: windows\system32\svchost.exe -K Network Service
Além disso. pude verificar que o serviço Cliente DNS é dependente dos seguintes componentes serviços:
Driver de Suporte a TDI Herdado do NeO\Driver de Protocolo TCP/IP e do Serviço de Interface de repositório de Rede (está funcionando em automático).
Por favor, alguém pode me ajudar a habilitar de forma Automática o Serviço Cliente DNS e com isso ativar Descoberta de Rede.
Desde já agradeço!
Paulo Vieira
Na rede pude verificar que tinha que ativar Descoberta de Rede na Central de Rede e Compartilhamento, porém quando marco a opção de Ativar e volto para verificar está desmarcada.
Fiz os seguintes procedimentos orientados pela rede:
No Firewall do Windows habilitei:
Compartilhamento de Arquivos e Impressoras; --> Feito
Descoberta de Rede;--> Feito
SSTP ( Security Socket Tunneling Protocol)--> Feito
Depois em Serviços, colocar Automátioco os seguintes Serviços:
Cliente DNS --> NÂO CONSIGO
Publicação de Recursos de Descoberta de Função --> Feito
Descoberta SSDP Discovery --> Feito
Host de Dispositivo UPnP --> Feito
Portanto NÃO consigo ativar CLIENTE DNS, pois surge a mensagem: " O SISTEMA NÃO PODE ENCONTRAR O CAMINHO ESPECIFICADO!".
Pude perceber que o caminho seria: \\C: windows\system32\svchost.exe -K Network Service
Além disso. pude verificar que o serviço Cliente DNS é dependente dos seguintes componentes serviços:
Driver de Suporte a TDI Herdado do NeO\Driver de Protocolo TCP/IP e do Serviço de Interface de repositório de Rede (está funcionando em automático).
Por favor, alguém pode me ajudar a habilitar de forma Automática o Serviço Cliente DNS e com isso ativar Descoberta de Rede.
Desde já agradeço!
Paulo Vieira
Paulo Vieira- Iniciante
- Mensagens : 18
Reputação : 0
Data de inscrição : 19/04/2014
Re: Descoberta de Rede
por joram Dom 26 Out 2014, 11:10
Bom Dia! Paulo Vieira
> Mas...o software que utilizou para a remoção do malware,não foi adequado. Já que o mesmo é [Tens de ter uma conta e sessão iniciada para poderes visualizar este link].
> Caso queira,posso mover este Tópico para a sala de desinfecção,e seguir na pesquisa ou busca por malwares.
A+
> E,também,do serviço [Tens de ter uma conta e sessão iniciada para poderes visualizar este link].Paulo Vieira escreveu:Além disso. pude verificar que o serviço Cliente DNS é dependente dos seguintes componentes serviços:
Driver de Suporte a TDI Herdado do NeO\Driver de Protocolo TCP/IP e do Serviço de Interface de repositório de Rede (está funcionando em automático).
> Mas...o software que utilizou para a remoção do malware,não foi adequado. Já que o mesmo é [Tens de ter uma conta e sessão iniciada para poderes visualizar este link].
> Caso queira,posso mover este Tópico para a sala de desinfecção,e seguir na pesquisa ou busca por malwares.
A+
joram- Administrador
- Mensagens : 4162
Reputação : 471
Data de inscrição : 26/01/2014
Localização : Rio de Janeiro
Re: Descoberta de Rede
por Paulo Vieira Dom 26 Out 2014, 11:39
O cliente DHCP está funcionando (automático).
Pode mover o tópico para a sala de desinfecção. Mas serei notificado de possível solução?
Pode mover o tópico para a sala de desinfecção. Mas serei notificado de possível solução?
Paulo Vieira- Iniciante
- Mensagens : 18
Reputação : 0
Data de inscrição : 19/04/2014
Re: Descoberta de Rede
por joram Dom 26 Out 2014, 11:50
Bom Dia! Paulo VieiraPaulo Vieira escreveu:O cliente DHCP está funcionando (automático).
Pode mover o tópico para a sala de desinfecção. Mas serei notificado de possível solução?
> Não somos helpdesk para lhe dar soluções delineadas ou prontas!
> Seu caso e o de todos,terão que seguir "passo à passo" na investigação e remoção de possíveis vírus,que estão no PC.
< [Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem] >
> Poste o log do HijackThis,segundo a [Tens de ter uma conta e sessão iniciada para poderes visualizar este link].
A+
Última edição por joram em Dom 26 Out 2014, 12:23, editado 1 vez(es)
joram- Administrador
- Mensagens : 4162
Reputação : 471
Data de inscrição : 26/01/2014
Localização : Rio de Janeiro
Re: Descoberta de Rede
por Paulo Vieira Dom 26 Out 2014, 12:14
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 13:12:03, on 26/10/2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17344)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\USB Disk Security\USBGuard.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Real\RealPlayer\Update\realsched.exe
C:\Program Files\Connect Manager\UIExec.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\system32\DllHost.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files\Ralink\Common\RaUI.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\Real\RealPlayer\RPDS\Bin\rpsystray.exe
C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\Macromed\Flash\FlashUtil32_15_0_0_167_ActiveX.exe
C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Users\PV\Downloads\HiJackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Preserve
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: RealNetworks Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (file missing)
O2 - BHO: ssavE net - {43EB4EE6-5E67-8B6D-6241-1CD6094290AE} - C:\Program Files\ssavE net\KTfk2Nj7fw.dll (file missing)
O2 - BHO: SaverExtteneSiion - {596CA237-7AA3-6475-0C4F-2033501605C9} - C:\ProgramData\SaverExtteneSiion\_u7d.dll (file missing)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: Auxiliar de Conexão do Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: G-Buster Browser Defense CEF - {C41A1C0E-EA6C-11D4-B1B8-444553540003} - C:\Program Files\GbPlugin\gbiehcef.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O2 - BHO: YoutubeAdblocker - {F5D17FBE-EE2C-6B39-D167-233CDEE56549} - C:\Program Files\YoutubeAdblocker\7vV.dll (file missing)
O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [USB Security] C:\Program Files\USB Disk Security\USBGuard.exe
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Real\RealPlayer\update\realsched.exe" -osboot
O4 - HKLM\..\Run: [UIExec] "C:\Program Files\Connect Manager\UIExec.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [ISUSPM Startup] "C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -startup
O4 - HKCU\..\RunOnce: [FlashPlayerUpdate] C:\Windows\system32\Macromed\Flash\FlashUtil32_15_0_0_167_ActiveX.exe -update activex
O4 - Startup: BrOffice.org 3.1.lnk = C:\Program Files\BrOffice.org 3\program\quickstart.exe
O4 - Startup: Recorte de tela e Iniciador do OneNote 2007.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O4 - Global Startup: Bluetooth.lnk = ?
O4 - Global Startup: Ralink Wireless Utility.lnk = C:\Program Files\Ralink\Common\RaUI.exe
O4 - Global Startup: RealPlayer Cloud Service UI.lnk = C:\Program Files\Real\RealPlayer\RPDS\Bin\rpsystray.exe
O8 - Extra context menu item: SmarThru4 Capturar seleção - C:\Program Files\SmarThru 4\WebCapture.dll2.htm
O8 - Extra context menu item: SmarThru4 Salvar como HTML - C:\Program Files\SmarThru 4\WebCapture.dll1.htm
O8 - Extra context menu item: SmarThru4 Salvar texto selecionado - C:\Program Files\SmarThru 4\WebCapture.dll.htm
O8 - Extra context menu item: SmarThru4 Web Capture - C:\Program Files\SmarThru 4\WebCapture.dll
O9 - Extra button: Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MIF5BA~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MIF5BA~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MIF5BA~1\Office12\REFIEBAR.DLL
O9 - Extra button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: imagem.caixa.gov.br
O15 - Trusted Zone: internetbanking.caixa.gov.br
O15 - Trusted Zone: [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O15 - Trusted Zone: [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O20 - AppInit_DLLs: c:\progra~1\sw-boo~1\assist~1.dll
O20 - Winlogon Notify: GbPluginCef - C:\Program Files\GbPlugin\gbiehCef.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: AVG Bonjour Service - Unknown owner - C:\Windows\TEMP\avgcu_mDNSResponder.exe (file missing)
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: CDROM_Detect - Unknown owner - C:\Program Files\3.5G HSPA MODEM\WCDMA_Eject.exe
O23 - Service: Gbp Service (GbpSv) - GAS Tecnologia - C:\PROGRA~1\GbPlugin\GbpSv.exe
O23 - Service: Serviço do Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Serviço do Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: Ralink Registry Writer (RalinkRegistryWriter) - Ralink Technology, Corp. - C:\Program Files\Ralink\Common\RaRegistry.exe
O23 - Service: RealNetworks Downloader Resolver Service - Unknown owner - C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
O23 - Service: RealPlayer Cloud Service - RealNetworks, Inc. - c:\program files\real\realplayer\RPDS\Bin\rpdsvc.exe
O23 - Service: RealPlayer Update Service (RealPlayerUpdateSvc) - Unknown owner - C:\Program Files\Real\UpdateService\RealPlayerUpdateSvc.exe
O23 - Service: SpyHunter 4 Service - Enigma Software Group USA, LLC. - C:\PROGRA~1\ENIGMA~1\SPYHUN~1\SH4SER~1.EXE
O23 - Service: UI Assistant Service - Unknown owner - C:\Program Files\Connect Manager\AssistantServices.exe
--
End of file - 9387 bytes
Scan saved at 13:12:03, on 26/10/2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17344)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\USB Disk Security\USBGuard.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Real\RealPlayer\Update\realsched.exe
C:\Program Files\Connect Manager\UIExec.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\system32\DllHost.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files\Ralink\Common\RaUI.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\Real\RealPlayer\RPDS\Bin\rpsystray.exe
C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\Macromed\Flash\FlashUtil32_15_0_0_167_ActiveX.exe
C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Users\PV\Downloads\HiJackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Preserve
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: RealNetworks Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (file missing)
O2 - BHO: ssavE net - {43EB4EE6-5E67-8B6D-6241-1CD6094290AE} - C:\Program Files\ssavE net\KTfk2Nj7fw.dll (file missing)
O2 - BHO: SaverExtteneSiion - {596CA237-7AA3-6475-0C4F-2033501605C9} - C:\ProgramData\SaverExtteneSiion\_u7d.dll (file missing)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: Auxiliar de Conexão do Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: G-Buster Browser Defense CEF - {C41A1C0E-EA6C-11D4-B1B8-444553540003} - C:\Program Files\GbPlugin\gbiehcef.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O2 - BHO: YoutubeAdblocker - {F5D17FBE-EE2C-6B39-D167-233CDEE56549} - C:\Program Files\YoutubeAdblocker\7vV.dll (file missing)
O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [USB Security] C:\Program Files\USB Disk Security\USBGuard.exe
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Real\RealPlayer\update\realsched.exe" -osboot
O4 - HKLM\..\Run: [UIExec] "C:\Program Files\Connect Manager\UIExec.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [ISUSPM Startup] "C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -startup
O4 - HKCU\..\RunOnce: [FlashPlayerUpdate] C:\Windows\system32\Macromed\Flash\FlashUtil32_15_0_0_167_ActiveX.exe -update activex
O4 - Startup: BrOffice.org 3.1.lnk = C:\Program Files\BrOffice.org 3\program\quickstart.exe
O4 - Startup: Recorte de tela e Iniciador do OneNote 2007.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O4 - Global Startup: Bluetooth.lnk = ?
O4 - Global Startup: Ralink Wireless Utility.lnk = C:\Program Files\Ralink\Common\RaUI.exe
O4 - Global Startup: RealPlayer Cloud Service UI.lnk = C:\Program Files\Real\RealPlayer\RPDS\Bin\rpsystray.exe
O8 - Extra context menu item: SmarThru4 Capturar seleção - C:\Program Files\SmarThru 4\WebCapture.dll2.htm
O8 - Extra context menu item: SmarThru4 Salvar como HTML - C:\Program Files\SmarThru 4\WebCapture.dll1.htm
O8 - Extra context menu item: SmarThru4 Salvar texto selecionado - C:\Program Files\SmarThru 4\WebCapture.dll.htm
O8 - Extra context menu item: SmarThru4 Web Capture - C:\Program Files\SmarThru 4\WebCapture.dll
O9 - Extra button: Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MIF5BA~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MIF5BA~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MIF5BA~1\Office12\REFIEBAR.DLL
O9 - Extra button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: imagem.caixa.gov.br
O15 - Trusted Zone: internetbanking.caixa.gov.br
O15 - Trusted Zone: [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O15 - Trusted Zone: [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O20 - AppInit_DLLs: c:\progra~1\sw-boo~1\assist~1.dll
O20 - Winlogon Notify: GbPluginCef - C:\Program Files\GbPlugin\gbiehCef.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: AVG Bonjour Service - Unknown owner - C:\Windows\TEMP\avgcu_mDNSResponder.exe (file missing)
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: CDROM_Detect - Unknown owner - C:\Program Files\3.5G HSPA MODEM\WCDMA_Eject.exe
O23 - Service: Gbp Service (GbpSv) - GAS Tecnologia - C:\PROGRA~1\GbPlugin\GbpSv.exe
O23 - Service: Serviço do Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Serviço do Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: Ralink Registry Writer (RalinkRegistryWriter) - Ralink Technology, Corp. - C:\Program Files\Ralink\Common\RaRegistry.exe
O23 - Service: RealNetworks Downloader Resolver Service - Unknown owner - C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
O23 - Service: RealPlayer Cloud Service - RealNetworks, Inc. - c:\program files\real\realplayer\RPDS\Bin\rpdsvc.exe
O23 - Service: RealPlayer Update Service (RealPlayerUpdateSvc) - Unknown owner - C:\Program Files\Real\UpdateService\RealPlayerUpdateSvc.exe
O23 - Service: SpyHunter 4 Service - Enigma Software Group USA, LLC. - C:\PROGRA~1\ENIGMA~1\SPYHUN~1\SH4SER~1.EXE
O23 - Service: UI Assistant Service - Unknown owner - C:\Program Files\Connect Manager\AssistantServices.exe
--
End of file - 9387 bytes
Paulo Vieira- Iniciante
- Mensagens : 18
Reputação : 0
Data de inscrição : 19/04/2014
Re: Descoberta de Rede
por joram Dom 26 Out 2014, 13:21
Boa Tarde! Paulo Vieira
O20 - AppInit_DLLs: c:\progra~1\sw-boo~1\assist~1.dll
> Abra o HijackThis!
> Clique: "Do a system scan only" >> Marque esta entrada!
> Clique "Fix Checked".
> Baixe: < [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]> ( ... by Farbar )
> Para sistemas 32 bit!
> Baixe: < [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]> (64 bit)
> Ou aqui,para sistemas 64bit!
> Salve-o no desktop! (Área de trabalho ...)
> Execute a ferramenta! Clique "Yes" >> "Scan".
[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
> Antes de clicar "Scan",verifique se as caixinhas em "Whitelist" estão assinaladas.
> Em "Optional Scan",deixe marcada a checkbox "Addition.txt".
> Poste o relatório! (FRST.txt + Addition.txt)
> Ps: O relatório "Addition.txt",somente estará disponibilizado na 1ª execução da ferramenta.
> Como o log será extenso,envie-o à [Tens de ter uma conta e sessão iniciada para poderes visualizar este link].
> Ou acesse: < [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] >
> Maiores informações: < |[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]| >
A+
O20 - AppInit_DLLs: c:\progra~1\sw-boo~1\assist~1.dll
> Abra o HijackThis!
> Clique: "Do a system scan only" >> Marque esta entrada!
> Clique "Fix Checked".
> Baixe: < [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]> ( ... by Farbar )
> Para sistemas 32 bit!
> Baixe: < [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]> (64 bit)
> Ou aqui,para sistemas 64bit!
> Salve-o no desktop! (Área de trabalho ...)
> Execute a ferramenta! Clique "Yes" >> "Scan".
[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
> Antes de clicar "Scan",verifique se as caixinhas em "Whitelist" estão assinaladas.
> Em "Optional Scan",deixe marcada a checkbox "Addition.txt".
> Poste o relatório! (FRST.txt + Addition.txt)
> Ps: O relatório "Addition.txt",somente estará disponibilizado na 1ª execução da ferramenta.
> Como o log será extenso,envie-o à [Tens de ter uma conta e sessão iniciada para poderes visualizar este link].
> Ou acesse: < [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] >
> Maiores informações: < |[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]| >
A+
joram- Administrador
- Mensagens : 4162
Reputação : 471
Data de inscrição : 26/01/2014
Localização : Rio de Janeiro
Re: Descoberta de Rede
por Paulo Vieira Dom 26 Out 2014, 17:07
segui suas orientações: baixei o FRST.exe para 32 bits mas quando mando executá-lo nada acontece.
Paulo Vieira- Iniciante
- Mensagens : 18
Reputação : 0
Data de inscrição : 19/04/2014
Re: Descoberta de Rede
por joram Dom 26 Out 2014, 17:19
Boa Tarde! Paulo VieiraPaulo Vieira escreveu:segui suas orientações: baixei o FRST.exe para 32 bits mas quando mando executá-lo nada acontece.
> Foi pelo clique direito no arquivo e escolheu: Executar como administrador?
> Se não executar,mesmo assim,tente em Modo de Segurança.
A+
joram- Administrador
- Mensagens : 4162
Reputação : 471
Data de inscrição : 26/01/2014
Localização : Rio de Janeiro
Re: Descoberta de Rede
por Paulo Vieira Ter 28 Out 2014, 20:59
Fiz os dois procedimentos, porém sem sucesso. O Programa ameaça abrir mas não consegue.
Paulo Vieira- Iniciante
- Mensagens : 18
Reputação : 0
Data de inscrição : 19/04/2014
Re: Descoberta de Rede
por joram Ter 28 Out 2014, 21:46
Boa Noite! Paulo Vieira
> Baixe: < [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] > ( ... par Xplode )
>
> Ou daqui: < [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] >
> Ao acessar,clique em "Download Now".
>
> Salve-o no desktop!
< [Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem] >
> Clique direito em adwcleaner.exe,e escolha sua execução como administrador.
[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
> Ps: Dê início ao scan,clicando em "Examinar".
< [Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem] >
> Ao concluir,clique "Limpar" >> Ok >> Ok >> Ok.
> Copie o log ou clique "Relatório".
> Poste: < C:\AdwCleaner\AdwCleaner[S0].txt >
A+
> Baixe: < [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] > ( ... par Xplode )
>
> Ou daqui: < [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] >
> Ao acessar,clique em "Download Now".
>
> Salve-o no desktop!
< [Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem] >
> Clique direito em adwcleaner.exe,e escolha sua execução como administrador.
[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
> Ps: Dê início ao scan,clicando em "Examinar".
< [Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem] >
> Ao concluir,clique "Limpar" >> Ok >> Ok >> Ok.
> Copie o log ou clique "Relatório".
> Poste: < C:\AdwCleaner\AdwCleaner[S0].txt >
A+
joram- Administrador
- Mensagens : 4162
Reputação : 471
Data de inscrição : 26/01/2014
Localização : Rio de Janeiro
Re: Descoberta de Rede
por Paulo Vieira Ter 28 Out 2014, 22:47
Baixei o programa e da mesma forma não consigo executá-lo. Será que o Firewall do windows ou anti vírus que não estão deixando?
Uso o anti vírus Malwarebytes Anti-Malware
Uso o anti vírus Malwarebytes Anti-Malware
Paulo Vieira- Iniciante
- Mensagens : 18
Reputação : 0
Data de inscrição : 19/04/2014
Re: Descoberta de Rede
por joram Ter 28 Out 2014, 23:30
Boa Noite! Paulo VieiraPaulo Vieira escreveu:Baixei o programa e da mesma forma não consigo executá-lo. Será que o Firewall do windows ou anti vírus que não estão deixando?
Uso o anti vírus Malwarebytes Anti-Malware
> O Malwarebytes não é antivírus!
> Baixe: < [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] > ( ... by Swearware )
> Salve-o no desktop! ( Área de trabalho! )
> Renomeie-o para Winlogon.
>
> Baixe: < [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] > ( ... by Grinler )
> Baixe: < [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] > ( ... by Grinler )
> Baixe: < [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] > ( ... by Grinler )
> Ps: São 3 os links disponibilizados,onde cada versão deve ser baixada,ao constatar-mos o não funcionamento das anteriores que foram experimentadas.
> Para Windows Vista ou 7,execute-a como administrador! ( Clique direito e ... )
> Ao rodar a ferramenta e surgir caixas pretas,por breves momentos,teremos a certeza que está funcionando ou em operação. Caso não tenhamos caixas pretas em sua execução,delete essa versão e baixe outra.
> Não reinicie o computador,ao concluir! << Importante!
> Execute,agora,a ferramenta ComboFix que foi renomeada para "Winlogon".
> Ps: Tente este comando,ao Prompt de comando:
"%userprofile%\desktop\Winlogon.exe" /KillAll /nombr
> Digite ou cole e aperte Enter.
> Aguarde a conclusão do scan!
> Poste: ComboFix.txt ou Winlogon.txt.
A+
joram- Administrador
- Mensagens : 4162
Reputação : 471
Data de inscrição : 26/01/2014
Localização : Rio de Janeiro
Re: Descoberta de Rede
por Paulo Vieira Qua 29 Out 2014, 20:42
Segue Combofix.txt:
ComboFix 14-10-27.01 - PV 29/10/2014 1:24.1.2 - x86
Microsoft Windows 7 Ultimate 6.1.7601.1.1252.55.1046.18.2037.703 [GMT -2:00]
Executando de: c:\users\PV\Desktop\ComboFix.exe
Comandos utilizados :: /KillAll/nombr
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
ADS - system32: deleted 2 bytes in 1 streams.
ADS - drivers: deleted 212 bytes in 1 streams.
.
((((((((((((((((((((((((((((((((((((( Outras Exclusões )))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\END
c:\users\Administrador\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\balcobjiojeggchhjfjnionmhfijepla\1.0\background.html
c:\users\Administrador\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\balcobjiojeggchhjfjnionmhfijepla\1.0\content.js
c:\users\Administrador\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\balcobjiojeggchhjfjnionmhfijepla\1.0\lsdb.js
c:\users\Administrador\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\balcobjiojeggchhjfjnionmhfijepla\1.0\manifest.json
c:\users\Administrador\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\balcobjiojeggchhjfjnionmhfijepla\1.0\S5wjs.js
c:\users\Administrador\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ipkfnchcgalnafehpglfbommidgmalan\232\background.html
c:\users\Administrador\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ipkfnchcgalnafehpglfbommidgmalan\232\content.js
c:\users\Administrador\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ipkfnchcgalnafehpglfbommidgmalan\232\lsdb.js
c:\users\Administrador\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ipkfnchcgalnafehpglfbommidgmalan\232\manifest.json
c:\users\Administrador\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ipkfnchcgalnafehpglfbommidgmalan\232\Po92VKCaQ.js
c:\users\Administrador\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\mljffajdjfablplhmclmeebhmighmmdg\5.14\background.html
c:\users\Administrador\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\mljffajdjfablplhmclmeebhmighmmdg\5.14\content.js
c:\users\Administrador\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\mljffajdjfablplhmclmeebhmighmmdg\5.14\jCiRh5zsPpl.js
c:\users\Administrador\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\mljffajdjfablplhmclmeebhmighmmdg\5.14\lsdb.js
c:\users\Administrador\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\mljffajdjfablplhmclmeebhmighmmdg\5.14\manifest.json
c:\users\Administrador\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\balcobjiojeggchhjfjnionmhfijepla\1.0\background.html
c:\users\Administrador\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\balcobjiojeggchhjfjnionmhfijepla\1.0\content.js
c:\users\Administrador\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\balcobjiojeggchhjfjnionmhfijepla\1.0\lsdb.js
c:\users\Administrador\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\balcobjiojeggchhjfjnionmhfijepla\1.0\manifest.json
c:\users\Administrador\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\balcobjiojeggchhjfjnionmhfijepla\1.0\S5wjs.js
c:\users\Administrador\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ipkfnchcgalnafehpglfbommidgmalan\232\background.html
c:\users\Administrador\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ipkfnchcgalnafehpglfbommidgmalan\232\content.js
c:\users\Administrador\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ipkfnchcgalnafehpglfbommidgmalan\232\lsdb.js
c:\users\Administrador\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ipkfnchcgalnafehpglfbommidgmalan\232\manifest.json
c:\users\Administrador\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ipkfnchcgalnafehpglfbommidgmalan\232\Po92VKCaQ.js
c:\users\Administrador\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\mljffajdjfablplhmclmeebhmighmmdg\5.14\background.html
c:\users\Administrador\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\mljffajdjfablplhmclmeebhmighmmdg\5.14\content.js
c:\users\Administrador\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\mljffajdjfablplhmclmeebhmighmmdg\5.14\jCiRh5zsPpl.js
c:\users\Administrador\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\mljffajdjfablplhmclmeebhmighmmdg\5.14\lsdb.js
c:\users\Administrador\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\mljffajdjfablplhmclmeebhmighmmdg\5.14\manifest.json
c:\users\Administrador\AppData\Local\Google\Chrome\User Data\Default\Extensions\balcobjiojeggchhjfjnionmhfijepla\1.0\background.html
c:\users\Administrador\AppData\Local\Google\Chrome\User Data\Default\Extensions\balcobjiojeggchhjfjnionmhfijepla\1.0\content.js
c:\users\Administrador\AppData\Local\Google\Chrome\User Data\Default\Extensions\balcobjiojeggchhjfjnionmhfijepla\1.0\lsdb.js
c:\users\Administrador\AppData\Local\Google\Chrome\User Data\Default\Extensions\balcobjiojeggchhjfjnionmhfijepla\1.0\manifest.json
c:\users\Administrador\AppData\Local\Google\Chrome\User Data\Default\Extensions\balcobjiojeggchhjfjnionmhfijepla\1.0\S5wjs.js
c:\users\Administrador\AppData\Local\Google\Chrome\User Data\Default\Extensions\ipkfnchcgalnafehpglfbommidgmalan\232\background.html
c:\users\Administrador\AppData\Local\Google\Chrome\User Data\Default\Extensions\ipkfnchcgalnafehpglfbommidgmalan\232\content.js
c:\users\Administrador\AppData\Local\Google\Chrome\User Data\Default\Extensions\ipkfnchcgalnafehpglfbommidgmalan\232\lsdb.js
c:\users\Administrador\AppData\Local\Google\Chrome\User Data\Default\Extensions\ipkfnchcgalnafehpglfbommidgmalan\232\manifest.json
c:\users\Administrador\AppData\Local\Google\Chrome\User Data\Default\Extensions\ipkfnchcgalnafehpglfbommidgmalan\232\Po92VKCaQ.js
c:\users\Administrador\AppData\Local\Google\Chrome\User Data\Default\Extensions\mljffajdjfablplhmclmeebhmighmmdg\5.14\background.html
c:\users\Administrador\AppData\Local\Google\Chrome\User Data\Default\Extensions\mljffajdjfablplhmclmeebhmighmmdg\5.14\content.js
c:\users\Administrador\AppData\Local\Google\Chrome\User Data\Default\Extensions\mljffajdjfablplhmclmeebhmighmmdg\5.14\jCiRh5zsPpl.js
c:\users\Administrador\AppData\Local\Google\Chrome\User Data\Default\Extensions\mljffajdjfablplhmclmeebhmighmmdg\5.14\lsdb.js
c:\users\Administrador\AppData\Local\Google\Chrome\User Data\Default\Extensions\mljffajdjfablplhmclmeebhmighmmdg\5.14\manifest.json
c:\users\Administrador\AppData\Local\Torch\User Data\Default\Extensions\balcobjiojeggchhjfjnionmhfijepla\1.0\background.html
c:\users\Administrador\AppData\Local\Torch\User Data\Default\Extensions\balcobjiojeggchhjfjnionmhfijepla\1.0\content.js
c:\users\Administrador\AppData\Local\Torch\User Data\Default\Extensions\balcobjiojeggchhjfjnionmhfijepla\1.0\lsdb.js
c:\users\Administrador\AppData\Local\Torch\User Data\Default\Extensions\balcobjiojeggchhjfjnionmhfijepla\1.0\manifest.json
c:\users\Administrador\AppData\Local\Torch\User Data\Default\Extensions\balcobjiojeggchhjfjnionmhfijepla\1.0\S5wjs.js
c:\users\Administrador\AppData\Local\Torch\User Data\Default\Extensions\ipkfnchcgalnafehpglfbommidgmalan\232\background.html
c:\users\Administrador\AppData\Local\Torch\User Data\Default\Extensions\ipkfnchcgalnafehpglfbommidgmalan\232\content.js
c:\users\Administrador\AppData\Local\Torch\User Data\Default\Extensions\ipkfnchcgalnafehpglfbommidgmalan\232\lsdb.js
c:\users\Administrador\AppData\Local\Torch\User Data\Default\Extensions\ipkfnchcgalnafehpglfbommidgmalan\232\manifest.json
c:\users\Administrador\AppData\Local\Torch\User Data\Default\Extensions\ipkfnchcgalnafehpglfbommidgmalan\232\Po92VKCaQ.js
c:\users\Administrador\AppData\Local\Torch\User Data\Default\Extensions\mljffajdjfablplhmclmeebhmighmmdg\5.14\background.html
c:\users\Administrador\AppData\Local\Torch\User Data\Default\Extensions\mljffajdjfablplhmclmeebhmighmmdg\5.14\content.js
c:\users\Administrador\AppData\Local\Torch\User Data\Default\Extensions\mljffajdjfablplhmclmeebhmighmmdg\5.14\jCiRh5zsPpl.js
c:\users\Administrador\AppData\Local\Torch\User Data\Default\Extensions\mljffajdjfablplhmclmeebhmighmmdg\5.14\lsdb.js
c:\users\Administrador\AppData\Local\Torch\User Data\Default\Extensions\mljffajdjfablplhmclmeebhmighmmdg\5.14\manifest.json
c:\users\Convidado\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\balcobjiojeggchhjfjnionmhfijepla\1.0\background.html
c:\users\Convidado\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\balcobjiojeggchhjfjnionmhfijepla\1.0\content.js
c:\users\Convidado\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\balcobjiojeggchhjfjnionmhfijepla\1.0\lsdb.js
c:\users\Convidado\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\balcobjiojeggchhjfjnionmhfijepla\1.0\manifest.json
c:\users\Convidado\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\balcobjiojeggchhjfjnionmhfijepla\1.0\S5wjs.js
c:\users\Convidado\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ipkfnchcgalnafehpglfbommidgmalan\232\background.html
c:\users\Convidado\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ipkfnchcgalnafehpglfbommidgmalan\232\content.js
c:\users\Convidado\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ipkfnchcgalnafehpglfbommidgmalan\232\lsdb.js
c:\users\Convidado\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ipkfnchcgalnafehpglfbommidgmalan\232\manifest.json
c:\users\Convidado\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ipkfnchcgalnafehpglfbommidgmalan\232\Po92VKCaQ.js
c:\users\Convidado\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\mljffajdjfablplhmclmeebhmighmmdg\5.14\background.html
c:\users\Convidado\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\mljffajdjfablplhmclmeebhmighmmdg\5.14\content.js
c:\users\Convidado\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\mljffajdjfablplhmclmeebhmighmmdg\5.14\jCiRh5zsPpl.js
c:\users\Convidado\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\mljffajdjfablplhmclmeebhmighmmdg\5.14\lsdb.js
c:\users\Convidado\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\mljffajdjfablplhmclmeebhmighmmdg\5.14\manifest.json
c:\users\Convidado\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\balcobjiojeggchhjfjnionmhfijepla\1.0\background.html
c:\users\Convidado\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\balcobjiojeggchhjfjnionmhfijepla\1.0\content.js
c:\users\Convidado\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\balcobjiojeggchhjfjnionmhfijepla\1.0\lsdb.js
c:\users\Convidado\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\balcobjiojeggchhjfjnionmhfijepla\1.0\manifest.json
c:\users\Convidado\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\balcobjiojeggchhjfjnionmhfijepla\1.0\S5wjs.js
c:\users\Convidado\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ipkfnchcgalnafehpglfbommidgmalan\232\background.html
c:\users\Convidado\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ipkfnchcgalnafehpglfbommidgmalan\232\content.js
c:\users\Convidado\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ipkfnchcgalnafehpglfbommidgmalan\232\lsdb.js
c:\users\Convidado\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ipkfnchcgalnafehpglfbommidgmalan\232\manifest.json
c:\users\Convidado\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ipkfnchcgalnafehpglfbommidgmalan\232\Po92VKCaQ.js
c:\users\Convidado\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\mljffajdjfablplhmclmeebhmighmmdg\5.14\background.html
c:\users\Convidado\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\mljffajdjfablplhmclmeebhmighmmdg\5.14\content.js
c:\users\Convidado\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\mljffajdjfablplhmclmeebhmighmmdg\5.14\jCiRh5zsPpl.js
c:\users\Convidado\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\mljffajdjfablplhmclmeebhmighmmdg\5.14\lsdb.js
c:\users\Convidado\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\mljffajdjfablplhmclmeebhmighmmdg\5.14\manifest.json
c:\users\Convidado\AppData\Local\Google\Chrome\User Data\Default\Extensions\balcobjiojeggchhjfjnionmhfijepla\1.0\background.html
c:\users\Convidado\AppData\Local\Google\Chrome\User Data\Default\Extensions\balcobjiojeggchhjfjnionmhfijepla\1.0\content.js
c:\users\Convidado\AppData\Local\Google\Chrome\User Data\Default\Extensions\balcobjiojeggchhjfjnionmhfijepla\1.0\lsdb.js
c:\users\Convidado\AppData\Local\Google\Chrome\User Data\Default\Extensions\balcobjiojeggchhjfjnionmhfijepla\1.0\manifest.json
c:\users\Convidado\AppData\Local\Google\Chrome\User Data\Default\Extensions\balcobjiojeggchhjfjnionmhfijepla\1.0\S5wjs.js
c:\users\Convidado\AppData\Local\Google\Chrome\User Data\Default\Extensions\ipkfnchcgalnafehpglfbommidgmalan\232\background.html
c:\users\Convidado\AppData\Local\Google\Chrome\User Data\Default\Extensions\ipkfnchcgalnafehpglfbommidgmalan\232\content.js
c:\users\Convidado\AppData\Local\Google\Chrome\User Data\Default\Extensions\ipkfnchcgalnafehpglfbommidgmalan\232\lsdb.js
c:\users\Convidado\AppData\Local\Google\Chrome\User Data\Default\Extensions\ipkfnchcgalnafehpglfbommidgmalan\232\manifest.json
c:\users\Convidado\AppData\Local\Google\Chrome\User Data\Default\Extensions\ipkfnchcgalnafehpglfbommidgmalan\232\Po92VKCaQ.js
c:\users\Convidado\AppData\Local\Google\Chrome\User Data\Default\Extensions\mljffajdjfablplhmclmeebhmighmmdg\5.14\background.html
c:\users\Convidado\AppData\Local\Google\Chrome\User Data\Default\Extensions\mljffajdjfablplhmclmeebhmighmmdg\5.14\content.js
c:\users\Convidado\AppData\Local\Google\Chrome\User Data\Default\Extensions\mljffajdjfablplhmclmeebhmighmmdg\5.14\jCiRh5zsPpl.js
c:\users\Convidado\AppData\Local\Google\Chrome\User Data\Default\Extensions\mljffajdjfablplhmclmeebhmighmmdg\5.14\lsdb.js
c:\users\Convidado\AppData\Local\Google\Chrome\User Data\Default\Extensions\mljffajdjfablplhmclmeebhmighmmdg\5.14\manifest.json
c:\users\Convidado\AppData\Local\Torch\User Data\Default\Extensions\balcobjiojeggchhjfjnionmhfijepla\1.0\background.html
c:\users\Convidado\AppData\Local\Torch\User Data\Default\Extensions\balcobjiojeggchhjfjnionmhfijepla\1.0\content.js
c:\users\Convidado\AppData\Local\Torch\User Data\Default\Extensions\balcobjiojeggchhjfjnionmhfijepla\1.0\lsdb.js
c:\users\Convidado\AppData\Local\Torch\User Data\Default\Extensions\balcobjiojeggchhjfjnionmhfijepla\1.0\manifest.json
c:\users\Convidado\AppData\Local\Torch\User Data\Default\Extensions\balcobjiojeggchhjfjnionmhfijepla\1.0\S5wjs.js
c:\users\Convidado\AppData\Local\Torch\User Data\Default\Extensions\ipkfnchcgalnafehpglfbommidgmalan\232\background.html
c:\users\Convidado\AppData\Local\Torch\User Data\Default\Extensions\ipkfnchcgalnafehpglfbommidgmalan\232\content.js
c:\users\Convidado\AppData\Local\Torch\User Data\Default\Extensions\ipkfnchcgalnafehpglfbommidgmalan\232\lsdb.js
c:\users\Convidado\AppData\Local\Torch\User Data\Default\Extensions\ipkfnchcgalnafehpglfbommidgmalan\232\manifest.json
c:\users\Convidado\AppData\Local\Torch\User Data\Default\Extensions\ipkfnchcgalnafehpglfbommidgmalan\232\Po92VKCaQ.js
c:\users\Convidado\AppData\Local\Torch\User Data\Default\Extensions\mljffajdjfablplhmclmeebhmighmmdg\5.14\background.html
c:\users\Convidado\AppData\Local\Torch\User Data\Default\Extensions\mljffajdjfablplhmclmeebhmighmmdg\5.14\content.js
c:\users\Convidado\AppData\Local\Torch\User Data\Default\Extensions\mljffajdjfablplhmclmeebhmighmmdg\5.14\jCiRh5zsPpl.js
c:\users\Convidado\AppData\Local\Torch\User Data\Default\Extensions\mljffajdjfablplhmclmeebhmighmmdg\5.14\lsdb.js
c:\users\Convidado\AppData\Local\Torch\User Data\Default\Extensions\mljffajdjfablplhmclmeebhmighmmdg\5.14\manifest.json
c:\users\PV\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_balcobjiojeggchhjfjnionmhfijepla_0.localstorage-journal
c:\users\PV\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_balcobjiojeggchhjfjnionmhfijepla_0.localstorage
c:\users\PV\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_bnljbpiikpikijabbehofahlgpedglcp_0.localstorage-journal
c:\users\PV\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_bnljbpiikpikijabbehofahlgpedglcp_0.localstorage
c:\users\PV\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_ipkfnchcgalnafehpglfbommidgmalan_0.localstorage-journal
c:\users\PV\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_ipkfnchcgalnafehpglfbommidgmalan_0.localstorage
c:\users\PV\AppData\Local\Google\Chrome\User Data\Default\Preferences
c:\users\PV\AppData\Roaming\Mozilla\Firefox\Profiles\6wbyrt5o.default\extensions\staged
c:\users\PV\AppData\Roaming\Mozilla\Firefox\Profiles\6wbyrt5o.default\extensions\staged\io1rxa@i-pfg.co.uk\bootstrap.js
c:\users\PV\AppData\Roaming\Mozilla\Firefox\Profiles\6wbyrt5o.default\extensions\staged\io1rxa@i-pfg.co.uk\chrome.manifest
c:\users\PV\AppData\Roaming\Mozilla\Firefox\Profiles\6wbyrt5o.default\extensions\staged\io1rxa@i-pfg.co.uk\content\bg.js
c:\users\PV\AppData\Roaming\Mozilla\Firefox\Profiles\6wbyrt5o.default\extensions\staged\io1rxa@i-pfg.co.uk\install.rdf
c:\users\PV\AppData\Roaming\Mozilla\Firefox\Profiles\6wbyrt5o.default\extensions\staged\mx.dy1@iyeea-wvu.net\bootstrap.js
c:\users\PV\AppData\Roaming\Mozilla\Firefox\Profiles\6wbyrt5o.default\extensions\staged\mx.dy1@iyeea-wvu.net\chrome.manifest
c:\users\PV\AppData\Roaming\Mozilla\Firefox\Profiles\6wbyrt5o.default\extensions\staged\mx.dy1@iyeea-wvu.net\content\bg.js
c:\users\PV\AppData\Roaming\Mozilla\Firefox\Profiles\6wbyrt5o.default\extensions\staged\mx.dy1@iyeea-wvu.net\install.rdf
c:\users\PV\AppData\Roaming\Mozilla\Firefox\Profiles\6wbyrt5o.default\extensions\staged\yciu_ia@ayavxfzdv.edu\bootstrap.js
c:\users\PV\AppData\Roaming\Mozilla\Firefox\Profiles\6wbyrt5o.default\extensions\staged\yciu_ia@ayavxfzdv.edu\chrome.manifest
c:\users\PV\AppData\Roaming\Mozilla\Firefox\Profiles\6wbyrt5o.default\extensions\staged\yciu_ia@ayavxfzdv.edu\content\bg.js
c:\users\PV\AppData\Roaming\Mozilla\Firefox\Profiles\6wbyrt5o.default\extensions\staged\yciu_ia@ayavxfzdv.edu\install.rdf
c:\windows\system32\Config.ini
c:\windows\system32\pt
c:\windows\system32\pt\AuthFWSnapIn.Resources.dll
c:\windows\system32\pt\AuthFWWizFwk.Resources.dll
c:\windows\system32\pt\Narrator.resources.dll
c:\windows\system32\roboot.exe
.
.
(((((((((((((((( Arquivos/Ficheiros criados de 2014-09-28 to 2014-10-29 ))))))))))))))))))))))))))))
.
.
2014-10-29 04:02 . 2014-10-29 04:02 62576 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{D3F459C9-F3F3-422D-AB01-71B8093DF24F}\offreg.dll
2014-10-29 04:01 . 2014-10-29 04:01 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-10-28 23:35 . 2014-10-28 23:35 -------- d-----w- C:\FRST
2014-10-26 21:13 . 2014-10-26 21:13 -------- d-----w- c:\users\PV\AppData\Local\Diagnostics
2014-10-22 01:37 . 2014-10-25 00:55 -------- d-----w- c:\users\PV\AppData\Roaming\Solvusoft
2014-10-22 01:37 . 2014-10-25 00:58 -------- d-----w- c:\program files\WinThruster
2014-10-21 02:56 . 2014-10-20 05:37 8901368 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{D3F459C9-F3F3-422D-AB01-71B8093DF24F}\mpengine.dll
2014-10-21 02:15 . 2014-09-19 01:25 4201472 ----a-w- c:\windows\system32\jscript9.dll
2014-10-21 01:37 . 2014-07-17 01:39 3221504 ----a-w- c:\windows\system32\mstscax.dll
2014-10-21 01:33 . 2014-09-04 05:04 372736 ----a-w- c:\windows\system32\rastls.dll
2014-10-21 01:33 . 2014-09-29 00:41 2379264 ----a-w- c:\windows\system32\win32k.sys
2014-10-21 01:30 . 2014-06-18 22:23 81560 ----a-w- c:\windows\system32\mscories.dll
2014-10-21 01:30 . 2014-06-18 22:23 156824 ----a-w- c:\windows\system32\mscorier.dll
2014-10-21 01:30 . 2014-06-18 22:23 1131664 ----a-w- c:\windows\system32\dfshim.dll
2014-10-21 01:26 . 2014-09-13 01:40 67072 ----a-w- c:\windows\system32\packager.dll
2014-10-14 02:30 . 2014-10-14 03:30 -------- d-----w- c:\users\Tô Fora
2014-10-12 18:46 . 2014-10-12 18:46 -------- d-----w- c:\users\PV\AppData\Local\CombatArms
2014-10-12 13:59 . 2014-10-12 14:15 -------- d-----w- c:\programdata\WCService
2014-10-12 13:49 . 2014-10-12 14:09 -------- d-----w- c:\users\PV\AppData\Local\BoBrowser
2014-10-12 13:43 . 2014-10-12 15:08 -------- d-----w- c:\program files\globalUpdate
2014-10-12 13:43 . 2014-10-12 13:43 -------- d-----w- c:\users\PV\AppData\Local\globalUpdate
2014-10-12 13:32 . 2014-10-12 15:04 -------- d-----w- c:\users\PV\AppData\Local\5991
2014-10-12 13:28 . 2014-10-12 13:28 -------- d-----w- c:\programdata\Packer
2014-10-12 13:26 . 2014-10-12 17:02 -------- d-----w- c:\program files\Search Vortex
2014-10-12 13:23 . 2014-10-12 17:02 -------- d-----w- c:\program files\RBM
2014-10-12 13:21 . 2014-10-14 03:27 -------- d-----w- c:\program files\NJax
2014-10-12 13:21 . 2014-10-12 13:28 -------- d-----w- c:\users\PV\AppData\Roaming\GetRightToGo
.
.
.
((((((((((((((((((((((((((((((((((((( Relatório Find3M ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-10-29 04:02 . 2014-06-25 11:21 114904 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2014-10-22 02:53 . 2013-01-07 21:56 701104 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2014-10-22 02:53 . 2012-07-27 01:26 71344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2014-10-02 17:53 . 2013-11-27 14:42 231568 ------w- c:\windows\system32\MpSigStub.exe
2014-10-01 13:11 . 2014-06-25 11:13 51928 ----a-w- c:\windows\system32\drivers\mwac.sys
2014-10-01 13:11 . 2014-06-25 11:13 75480 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2014-10-01 13:11 . 2013-11-27 15:24 23256 ----a-w- c:\windows\system32\drivers\mbam.sys
2014-09-13 02:13 . 2003-03-18 23:14 505416 ----a-w- c:\windows\system32\msvcp71.dll
2014-09-13 02:13 . 2003-02-21 07:42 353864 ----a-w- c:\windows\system32\msvcr71.dll
2014-08-23 01:46 . 2014-08-31 20:39 305152 ----a-w- c:\windows\system32\gdi32.dll
2012-04-21 01:18 . 2012-07-27 01:52 97208 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
(((((((((((((((((((((((((( Pontos de Carregamento do Registro )))))))))))))))))))))))))))))))))))))))
.
.
*Nota* entradas vazias e legítimas por padrão não são apresentadas.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1174016]
"ISUSPM Startup"="c:\program files\Common Files\InstallShield\UpdateService\ISUSPM.exe" [2005-08-11 249856]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2009-08-31 7731744]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2009-09-14 141848]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2009-09-14 173592]
"Persistence"="c:\windows\system32\igfxpers.exe" [2009-09-14 150552]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2014-08-21 959176]
"USB Security"="c:\program files\USB Disk Security\USBGuard.exe" [2011-01-31 623520]
"ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" [2005-08-11 81920]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040]
"TkBellExe"="c:\program files\Real\RealPlayer\update\realsched.exe" [2014-09-13 296520]
"UIExec"="c:\program files\Connect Manager\UIExec.exe" [2010-09-25 138584]
.
c:\users\PV\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games\Startup\
BrOffice.org 3.1.lnk - c:\program files\BrOffice.org 3\program\quickstart.exe [2009-4-16 384000]
Recorte de tela e Iniciador do OneNote 2007.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE /tsr [2009-2-26 97680]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2009-7-1 795936]
Ralink Wireless Utility.lnk - c:\program files\Ralink\Common\RaUI.exe -s [2012-7-26 1672480]
RealPlayer Cloud Service UI.lnk - c:\program files\Real\RealPlayer\RPDS\Bin\rpsystray.exe [2014-9-13 822880]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"3212083974"= 504b03042629ac09068374bfb51100000040000057dfbe4f62c7fd005fb5184b749a521932500c6e36450cbd18ecf31d4f4dacff32af95971262b33710ffa461bd774c05119b02569ce8a8d0a4f9f9d99bd51e577a41bc9fc8512d05718337d5409324eb7973151b62c1ba61bd0f8fbe96057ff064e05ecd5aab1f395d31ed4fbccea9a4ef59f1d841997b222555ed8c2e286fb75804d9b0e20e98e03584359536ae91a4d8ea734bbdfab81defdfa9706ecd97ae56032bdca3ba774500a4f751b3a8f09216d7c2595e1d9f0d331b21ea6ba2011432419355fe9830f9bccc9850f86b72e4230d0a9741ba3f3c1398474d0de822c945416acb94f97b6a422dc2913d6f1a318fbcfa2d5eb9126f3ee3171d9c9c18e5f9c1c73cf20b81cf1cb41c1fa834574a06566dd31c4d50ef0ca0b02222667a910644e353b4665f2c858e7d7547e4f4bc3296159c3e13168d9eae095e53a81e268d2863da02c2f9bc822c5a3f8b10ad61dab11be38a926921d2afc97ce1a01caa14b8fbf4a7073056eaf871f7abfda86773ad2e54d14d30e1fcf526283aebe2c64a96fdfdc1adbcfe9f2a2476b167ab86b53c43a973293743d35d3e66e730776d2ab2d1d3ce56d941e2ea5189635d5838672343aca0afa785490dd6af823e784b6d369fd2f6f5d4116d5a9e06a3b1f9e7e80e661b5b5327519d8d0ac91dbbdefaaf5988791d8a75b3d01b8196b552f4f88b5a10c63b5a2e0fae0f1fe833b992ade9b2260815ce46ea44557c6ed1c7b0463f1764b58870def769fe985843408b7b0702d2d6a5b79b2c1b7fc3cda9bff640ae82f485967d70edd9267dc6195889f3be0da1286ca43f71b470ca3a91d5de46b03c4fbc7aaa61e00c906a706879b88aba54efa087398b3c2c11c1771d2fee3545362e8bbc9bd2307f670d391461ed21f2dcc87a9272704500db61f0f66f6378c631a575e5af2dff5443dc4887649f8744de4a555bd0b9135870f09cbe73107904d919548ff85c0a9d5f9dc791ff6924bee817d6458e1f59a727367781818e668dbe330926365788c5e4483b125be787f408a142298b80396888cc00484d93d225e9a8b3b281114e55e8b1df1168e92666756be62fe21a82e2760458f15849c2357f82ad448b86eb59dccea586027396467b4ae609cf8eb80ea0a3e42f424362faed015f304dcee6c6a41b4bf5bc851c5a47df7475cc20dd1c6b61f4de1c85455e96798de9061ed482b69a63e6ca89a17bc10f924d9d50007ccbbd57de891143454a0048189ebdad633e800ec83a57db25556c92ac7311e368cca0069b2aaff1d1e727c4535e7a40b6fd3c507b64e3304ca953e953a8990fa3df32e52fb0797fca67dfb39cfa47f4ecb9b8486119f0acec137e7872c6ace0254662fcc53b77b1efbceb6382eb7b675122253ff1d6326038146c4a10d395f6120e84ebff37736ac95659f0ba5883770779db1a077757d30abd1c61709b09f45a50cccff3e1ab4cf2c94a55c441587968780330972a15829348dc578834c0f3f64675844ca57f30bbcc88e0c8f7e11924edef715db128a2c066cff8a6e6a2a79c33259440356aa4eb3c04e7858c7f75f3f2a93046b41fb089f43dadd195cbe7a3aa3b33545fd6132fbb96db702066e900c11a54349f7cd28949c5b2ca48c58aceb53b359b3fac86dd7103623bc372aca87c57e32fac448e7365600055f425481b3cbd14b64c2a50b872edfed981157db1d90bea0cc7cbdd630908fc2e429b612a98a5ce45e067c9fe52db3266c9574a12b50675429e4b4064c2fc2ebdd64263a7b9243652a4f4a1c3d0b982c9f280d68f4d215ef11f4573ae87ee93483285e40f931e99f5c31dee9bed53051ae51cf381e54f815f13fb7832e475272ad46dff700ab7b42251ff76ae479f26afa3a6e00ec96d5f80f0d0bb0a7884bda15616eb738f7b6e0ce3dbb94d572036aa7151d761589dd1b4de8057918b70d2835cb8fc44f3868118c14beb61117aa70d393ab6e515fd6f5e0112f83f726c04c97890f343b66b10421918605a7823995876fbe97d4df70c40ab9ee1ebd26b3f19cb6aaf75f7467a69ba56fa42bc4107934b9209d9cb7805f5bce904a02eb0cea4aae7b7aac75393140a59ee9fe54e45c532410cd5681228218055ada857ce86ae55a3d77a00870e5354987028ca242729d312c965751ac280b79b6fb4c5567b30c8972935ec3c06524ecb4f506dafa429d62b7973a01c24d5ab704df79bbda0b8cfced1d7fae36b662818da0087430e01d2dd636f76175b479ccf92c573b151b8bf1761b7e9204ba17f87677c7b5ff08cba04051260f421d1a32b7e0dc320af45065966dbf2241bbae1f8619efcb2b2cce36bfe0dcad76a553f626aecd4d6920e3eba8beadf82f97d53178c2e3e528d3222032892bb522d33e9569c53ad877754761d82bde562bdd73b389fcc477aed96e76210188f5cca71dfb33b27889f95073427094611ced3bbad2cca89ef10b084e5209dd0c1d6fca4e09355012910d07d53d74e941593dcf7f1b99ac5833944983273cf770a1ff413009668ed12c9786b2b43dd0d71579392bda90db992157d9f08cc802cb5bcfc44690610c01bfc120a29bcc9f845c255515046dcee799d41ace3fc4327351aa4bae396c3205eb3ae7fcc53345408493985bc7a16b31fca83552987844f1f071582b9595554fcb79d909626c0bc84d99c6899a48790864b7b18fa0742197b06807d9bc294f088a27fe493d92ba5a733ae8a7ec5f6b7fa07988bedc3dad2984fe3f2ea9b3e00f666a8a1e8c90aa4dcd017cae1a00a09c6462e1899c1066e66c053263c66f77040b2a93d3f9dbebe715f1cabcd961274b0ff943c1b8b75d38b133a9f830886a8b5acd64d8660b7b701e0e2764e0cfa4e6f374ad5de5e10f3bed2fa05ba17d15c4d354453e684f5e877ce4b1d7a6456263147b55063c128a0595d3bbf6ea3715c305a8696815af1757306a6ef5f39eefe33d192afd5a02e9284dd3063d010b3843a3d6e65569987a008d61628a85988c707465c725b584d3d2044d6f3d3c6cf2dd96bfa1b06a49d945daa2de7b34f53bfce6cdd930dd636525d0e34e65d027cbed97ff239940238aee6bb3fa10a2f4c1a91102d47894e906cb56084049b15907360631a16ed2863e37daef3cf06c6f5998317f920b2e03f40c6b7eb8cd871a254f59314f0e1fb585da8a646a6a47e55fb7288f45afd3cd999144ab7150c24ee5a2a59e917a8c80967e021a0a6fc96873eb1a3eb3048ab754198b95275b72a2a1e065f3227b9e9e16cd6966542692b2bffbefcc73167111b9219d094ae4e79fbc880db14fc1dd6e91249cf30f0806baf43deb92d34db7f49b7a5e77f335278dd47c7b8f95719bc3ef5bc8396162bdca957fbf415c2f5cda3cae751fc434e7a8920948c56909342f7af3b5d10129d5572349f5aca1868391d9fc734cd223182e003bf44595b0668f83d00e7a8108fded92356ba1eb28d383e2b4896cdfe10542e7cee6cc9f95d66e78b93430357194d73d8d218656e02a03a7e15d0c9626c4f6b5bb5079b173766ebfab6487161ad904558acf2f2954db2f10e4933edf9e98a87dd18c583abe3018b48b3c9dd5e05beb2d5b0d56af20857ef4deff601fac4e05efac4ef73fb93744b6871bef143bad8c81642e04257ce6d04e4a5433e2fe09874128f5ef394bc49f2f68ac9e0a88384b8d31e4aa15bbc1e94b762ea4277616ea1e3dcdb4a8ea5da936e703b15662a015eeb060cb56c1135e445432e8cbb7f91120f5e610b4ecb9c3fb02670149210d6913f4a8a86e89ca0dbd9d8e74b51ff3563aa1a5e909f4283a98c2b437737aee98998c1189fcbff0e93ce6c1253059be0b5fdcd8d271e90dc970d9c435e18a90fa3d3084c40c18709ed62b81cfe9f0b926eab6efe1b4d518fe6d5e1745086892340bba94a5b183326163bb49767ea8e135aabf5589ddccef7edb6e42622598381bbb479585401e23fda593520907c04f53a58084327d281f42e49715301dc80360816c625bdaad2a8d47e0797f7061240d2fcad1170e1f8c1ba37cf6c4c166006e77849cd8b59c85bd32a5bed00a0b664d56b280113d563be3b1f527c7ce350c00a097e9dcfb8b6edac0cc18c5d2b94dc7a0f93a4277991d8e226c13d2457089e69c5cf4e909926690f3d7c7a175e8a491ac947f5acd97ab0ffaa6d2bcb0d15f1f807be2b79dd3d97a37169a5b403169efc73ac58dc6bbc8833e03ee9341729246269ef654b21db0df2df33e95caf9a77cd7ffe1f93d49e91f20aca3c1f602a3eb04e8d7e744a6a8826f5ac34f55c2f570a30b69660f955d84b0ca6133f86cfe105e8a3579f3799baa75dff13533bb851e81942766431a94a57d4baae0c000393912b8d6effff86be80ff50da89c66c623d08fbef3ba8344d75a5a00e328d031f7e25e306b3f77ef418865b108269c91e9c2ebade2640f88d3694a3ad42684aa52eaf25ba1f47cb7217373295684caeb19ace7d1e55c62a8cfdbe165a147da7b3de81bf330a6f2aa294e067c3afc7f079010641ab7db9983a449e80e34c4c0ca5ee7ec156d6e5de64b010ac16dbc614538bf56baaf4e6a8d4054c9cae8489d2afa644ce736908ea75b198856348ad34bd67a2eaf019c45067514fc799d6787c5e088e75da6a9279016427af54dd678492452e23a9e2d83a200d035543e4da3ce71b83ca8638a535140250cba762f7d8daf043c7adbe05f724ec7b6f844612c37d6fcc4d2624c8325de0aa9434214f6b7906e6af7d3891109c49b7489887eab75df4554d90f255f262d5230a38e0deba33007e2f7b884eab7ffacb81a23b3f094968c6182b2a7ff52b7cc9b83d36a5808ba65f03882faf3c3da2765e6ec39dcb6f4e6d7bef308fb627287bfc12e032793d54423ebcd462108b2c10738b63f7c4dfdc7ddb3a62d3d4fbdffbdc9af70bb91c9efd7eea3916c9396197493d15c2e0701aa4138e400ec4ba014c407608e56bc1c49f1810034ce863a315b6fe0a2fc8b9a8753fbd270dd69cb4eba27f1f0ef22d7df58a9010d9960a989729ade4dc85496aca261d1b8c05deedb0662868bda827ac1ccfb4be3b7c044c15caf448db5194d83fdd72f4521989872f54d015c19bd5bc7cf7b8a69fa608fba04818a68c0dc71ec8ae8dc618c6c55c4f823b6151acec7eb09f497ad8721b3311749dd07cd74d312f45e470c6e73e53d42f5bfc5151f05e4079bf7eb625b3c525eb97f3b1c6f0fac783b5b5fa55c7638262214a257be1ae4ccd10273e317541dfe81efc1a89e9d790889e034f6ee2dfc0b281ade62430c2b93d7f36886869e483ba69237a71b99889fda335958c5474db7cd1b81fac0bf05feff0903c69c4d9f184b53a0331d3bba2bd54e6bc9d1a0290328ecd62b2e43c7af5d618aefc9c72814417b22ae24661448d81545137a05629c6b9456256f7d76d60d822e0b7d44f1b820178d2c6dc0eca44306c3ffb77b5489a65a02411e001c6d6faef894611de94858f5720e905c82225a5e7d6ae6de6080dc5cdb0ff0023eb43f5a3292035ab6df96a4adef51f8b0112d448ccf5e8dcfa9d09e4ac09301a14592535ad7193346a25a402ff48116059f5c69fb6be7cea365e152f448d74bf84e1e55791de259bb6d44dfef64bd9c70eb29da00a4a5e9039142e59d375d6c3f03c23e2b3c59e379c7748026d146edbdaf324a39c784ebdd8ace1781b07071b3389db0aa98c67d50d01075bbee584eaeae66fb614579fb7ad9aa865e8817873921c044efbece91cb0902bb53c21ad35d59482e61b67da08dc417c458309198c1501bc6a10cc1a24b474cb1fe68cf81863c28c4aaaa2375203cc2194e8f95646294e2f3dc3a4b7b2a405464d79f302b7a18394c239be7ea1066b78671e4ae6b3157d7f246511cc2c3b324836c774e8e1be050ef2aca3dc8220da55339db3008eba47363f04ca59b903a598528e04b72c85e6c377263c84fab913db4e9cab469bafe09e84aaa19a666bbd86a22ad48f536050ad6d0d59374da8b04119417eb07a8d1ff9d1704ad4ee085f03777700070241e6aca91dbe511f003bbad6658e7bccbddcce77d50eabbb0ee8203c0682b98e2b147b4bd46d89039ad102ca0760148728edec66914c17b0d5a4d0afa606c4a07108c2c8dfcd7173246f49f6ec9be94cc3af65514693600bc743417bb37c17117faaf9575f273b96afdd1195e4ba006099834bcf18918d7fee32e7320cac1092bf4bc9138871898ec9c80c7c089ce7613187de637764d78dd380feaa8fc9f1e7f8c740b75b161c56307023b8d1f3f6019f2f9475a10ae871d02950ce58b2d1936ec288f22ab5dbdb324116a566ccd141f46633951878b2b8329bd00fe5ef339c82e1ff41b53e4e7cc5b50474e60eafba9fba1851cca652a705ebd2661ea7b8e1c0b8cdeec2
"1781466620"= 504b0304c90da3b1fc052f6a120400000030000057dfbe4f62c7fd005fb5184b749a521932500c6e36750cbd18ecf31d4f4dacff32af95971262b33710ffa461bd774c05119b02569ce8a8d0a4f9f9d99bd51e577a41bc9fc8512d05718337d5409324eb7973151b9680e4b0bdeef74270b882eb420946b7b8b40862b9dac9cbf5a56ed8568c971101f6734e2b8839d84e1778d29918a522d11b349b1be5eec317e6d490c16c1a51d921b47d2d13cf9d64fe92e0d09b6f80680d8d36fe8ff62dd3048af7c85faa6b57e858e3b7bf6588bc5287ad7fb395cfa2bd08ca48d88e6e979eaf922a1b50d44b907b41d7f677a3dd643e04fb52b0ab709b83a9de68a4fead992fdfb3dcbfad3affbecb689110bda87e4f546bd03e5f97d85755d1bfb14fc0d2a03aaf7acd326a91580e0ddc3ae0e2e5c538534f2392c0639bbdeb336ebcf4509566f1839f940e0719f99bb17d1741a1b1441aa2fa2fe091d1f37d32d32c610ea70cb093770d7ce76712d71530a85276cd7377ed3dbe556f3f755000c19981d3cb109c1142a5657e7c89bf1b429820050df6b56f17cbaad3709e786fa3566ed4dcb33d87416dd2dd561ae2c5cef21bac9394b3f748d101be50098941f942150de521b37631f0c4dae3a1075130ee568f9813fc2cf60b57b3957c633c8f899d482881f9302c3bb20bdd291e889d30a0324512dd1be329f3e8fedd2a3fcbc0c025c01b32acefe29e92ce1c420c5d0adc32fc850762eec6c7e6a19b5e50ed6653da04d744496ef47c9e3ffe3c8943f699601c6ce42b368838837c5fe662563c78f4699328a69479eef836e372aa78d88d09053d0de5e8f767f253801269adc9d2572b26e6b5ec6f70b7cf1584cdd6c5b25be3062cd6d0a038141428a81360a742f94a45c66d2c2b7fee81b0127e6ed2a49c62fa0ecf00bf527bdc6f6f2ef8e994bc33f4eb03b50f3a4d91c9fb3ea4a78de1a74b16a4319c7cda11508c79880ee7d20341f3ebc0e4c2e05c048d837aa216ee81ec96b17c3521f5844b1e8c0db51b8fb2d5ee1a805d8a1c07b854637922bd1159968778a9ad7aef71e21f994b751ed50583199c2eff454852be0a4eb1376757cec6be659bb0387b06451b1a080079cd8bf27ae308a81f929265b71292a747062c3c321bd964d60bfd272a92f7f9bb674d7f31ede94b396990b6b1777dd0c3e975709cfddc885cc51f5667baa2618f7fb19e02e223e3313e7713c2fa526dbc36a41999aa9274b68906fba6c9d271e54d0114ebe5fa5f85cff7274ada3fcd59377fb153ee06fc8c5c1fbbe019245f4ef6f48f6948b0d60cc69a75a446d3fe486a97c0573c8486eaa624ca728f187c4725d8284886c32fc3a1a610a5d4e8120b69632134639e24c8a08361914e2ab775cb27d1fe8b7b6ad85d6b77ff469b33b1a8afbcecdcd2a687aac7a0843eb48b39706f462a547085fb2abd9a94644f5d70fc8786065a9e4f91a729ea801bddc2e63866920816
"3518887414"= 504b0304736b0169f6f5bdd1981700000050000057dfbe4f62c7fd005fb5184b749a521932500c6e36750cbd18ecf31d4f4dacff32af95971262b33710ffa461bd774c05119b02569ce8a8d0a4f9f9d99bd51e577a41bc9fc8512d05718337d5409324eb7973151b9680e4b0bdeef742fb6b81eb420946b7b8b40862b9dad1e8c7a5dec04e6c8e0ab4456e6f28ce14f51f3725eee5b20d7ce662c02fac80128ae38637fbf4867c17c9d717663da6767d89c658fdd74fb81b03ebdbdedea7491d2a3c133ef493731b542604f4bebc69fe2f02cb40f9b3b45d29a40a4a1487d0b71dd1b68e821f40084b407b25ee87063b9112ece9514914c7d4423b12f045b6a22d150d28f78c844b2c079f1b78200055c5fca3e82a972455517bd3c9f428b164b89517ab47e6b447afadd38678b857bf838eed34321eede6905e27fd8abfe7ce349b787f2ceadb45bba2f4ea19e70a8a2b5c4f0c177936117491afa1edeb5d5afc2e0e384518db1217850b7eac6ff9df99ed5e1416fe1b93fd4dd2036e8371d5e129993e594b1bbfe0669302928bf5a268e0f4aa93288eba13bc0125cecd46e2906e1d19cd2d3ff14d1b1ffb50ac2b2f5a28df9cb6c2e32f23d6a4fe0fa130be4dba875daef9cd943276420bf4bcfda157a87854590b71981eaf3fe5114e13b51b9956b7586105a81290a7f974ae78e9c5e5305e55b90536d5da9abe3aa6d3d7894737b70914e304c895aeed4ab7aa36fa2b8e5a93a3220506fe29a7d9a60c146e7edcf95ede9f5209637390b061cde231782f8b2a76cc12420afe66c666b54c8e1de9c6d7b8951184ac7f5b77d43b0a93628520289b31b01687daec69134dc85036e82c4f8cdbb84bf893e3d9dfa8898628a43ef08e2a7f442d85e85b083da10c4a48fbb1886aceda7a00296c79c3661b3e6c2d7975064380156ec53adb7ae23bbca7c0efb04863da781aaa195e7907760bb6ef0c1f326f86e4c65616b48513ac1bd36b25480b4b768869c05673029a83a23390f3595fcfb4e4a02fac243146e3a585fa83e91fc142be512a930f2cf296440b42b78c2880f0ff81b398ed373d287e58c5d313b3c28b43fed2489f2de932d5772a2233f3d6499e9e8754a064e61c5297c7d0913fc35baa83fb3c50e415d439f5d925e865435840b2aab80bd945f071db917a602d389ea2e3e4821423c5f4b9c3d04256b28d804e2c3dfd2a3b56cb4562f16616747f6f4974df1671c55e5c585cca7da509c73e567b0e19a1c9e7ba63b5e3fc82973179fb5bbd290612437a66ff92397e2024d203103a81238b4a2db552f8a252756ba784603dc7e1ac6799f1392a037d0128b6e82e0eb7907b10a097fc759bf0a26746e03a5cfb6cc635b5c3ead1266b4be8598a1a440e0ad49f4d4e0707e697a7d50fa766b3b03890cb4584bb70ed819fffe467b4718295d4bfeb9f1c454ed3ad402c01441828cc71e6330f160d4e7d4595c440b3f8ebf43ce4d3579902f00666d62d00eea6e437a3fc99cbc1588935db5dddff1da133827f8329106f3ea7bd9e4850f6b7c2679e9ba5b8542924f2054d089c1bfb27d94efc9550cdda928b972f95da7a48039874f81bcb02169ba4f35b12f420a3b086db2481027a637b789e88ab2287712cb3690d698799868450fa9ca5f7fb2d9980c25362be8ac4830b721795fae6c7c44971cac88cda6fc2c56df6d011b7e563b2ee540f6ea288f2c62f47204c9d944760d7d8a009f0c8c41fd43d1eae86e1c1a1cff7d928ee40ab435d8ba4fce63aa83d67e9095b26eb235d2b70271699209cd956fcd5bb44f6f2987a35057d4535d107764e9fb9b42514aef835272b347f56caf82feae78601abe447535ec9f0aaada05e688e468f66ec3ae7418751dae58a7d2fe0e4ef52e11396cd894c31ae9186e6f9cdd05a66e709c25e0f12bb2bc2e76c79a4ef6af794e522791da444af63073d3933053e2dda8b7a5fa9f892a324465a922d83d20b4a293dc0bf0e21254bfa58a9ee85c4cdfbdd09cde9e5c942655f3c8078aa42544d75ad310fada908142b3971f387103f3c959817ac23479bb7151c97567d388be6e5b58781375c65f52c3382c2294829e5ec2bb33721689adeff8fffcc34e4e7c409b82070a3d5876f0c90018600c2deb148a45fc8f2441d921276e39c0049b72e5ca8037953a9c96f1da6150859b9c992b3f8735f383b8d81e27b9e5a876ab04aadd93519606d13824f27eb090bf13461ed0c8314fc93ba9a8d18c5724d18628d674455a3fbe35f3d72177f252c303313636619b6cbb1aa7495ce886ae790de015c8ee29cb28a0ca5602360f427decabb77a49d204f98ab7ea700f9341c0bf71829bf33f4cdcbf7ee06581320c766ea588a380eccefda8d8f6a669334f0561fc75f199e1e3b3b094ff6a1593b3e3fbe7329304aa06d28744aa7088965416f097465e68dc9b413123f45dadcf67cafdf5e7b655ed4e2352f27a969b3dad5a37fecb4b73de6261cc2a6c64c8d0aeaf035db33d77ec5b6f2100af86b06a56698ef504eff99f4d06c0cbdda2b0b0b15ca9b48df92be6c6c8deacd71ef16e6b9bdbf25e403b23fa3a43d2d3121e95310c451242118a7a4d708aa70aed759dc3a830660b24c1beebf01b6b84aa94cda999d6af0c92f71ff232d83ee1f3109074d716cb1458067a8a2e0c633a527e1df46a392bbe35dd7fb26433e728c0a8df2d0ddaa81de445c6b06cc40ad02c78f3c6fa54f76decbf41841fa4954e65a7e027b018152148b0c30b16de2d2552de793e3964d74edc266f9afbc4a300346d81e6efcf636b9004a0f8f81e84fdc9bc34ed6c9232c1652964a6fdee5cab0a2c9f845c3b4e3536808f7fd66644d91197cf4dace416078a0b6078a897f696c2054f0eaf5dda39495ea0c804f7a4be30e97c8133d77e69ad85b0407673ef2bb186ecd253984a0051d5f2ad19037c83461a699fca9348087e32ba2acf63e39b112e0f3cd936749bab8070a85485352e435351bf19b664420b1a332443f96296ec980c72a3c646d6c80ceb3c45965daed78ff1366da8fce39771d75d997711d6bbc9486f36f6f48cc5b0c014d26500736e0097590212b04b43665838b3547af369d04e52513ed60e396ba9d4b9f8b7b8c8223f730513e9ea20fe6e8befa56fcd9cdaa42ecd7d498db853ec4ef0fd615fb85a521118af1f96e7552fdf287f6b35a28e7714c0310024abda1f07e918b8622eea24a8eb32797d708d15c6406dacc26be6b6f8196173875d119188acd49cfb8663f9f693531201572c0de4d996fcb9e47ff999caffef87285245934c916b5eff308f8aaa0a073bde32d699e8b66a7600001e930e475d84da4b77a780abb5b2516d60f7752e83646a37e1bcb395325926bc8dc0ad2cc21a8d96acb134f69093710902da15417d929fcfd6c7c77756f83000349fe904594aff69dbcc6dccd1f2c8a5ad33626d5fce069726611a008a878f38afd8b03f8b759a8620070eab5ead287665a8d99a4a7e60d8057c135cff8739899c5f8ed21a59e642c03381ce817fcc84be771daeed160d838be914e2f30ee4600a9356600d5050135e1e9b23d198931edf7fc2f7a4eb778103c1e5fc7f1b14bc5a18d76617bb243389510ba16717f18cdc553eb617f7043b1a8ea35094308388d7b2d3f10ea6867f3d8fcd5ff3ef33e55243dfcde4e9310cd1bcc68c24d028c2a9e322ece6058c4483189019ffa2fd7086b1889dff42222a5be59eeca8e0b2144de59a4a20f75be683b3cac38551cbe58711f9d5263968a9c9fe91b575ce5f3d3d72e1b9b3c2b8dcaee7c71536a11d2b78d0c42dd32610060f56e34df0a25f501d9931c6110ddaad1679d53347005b2ddeef846332f862eb775129f105672240e79c3b3ef8eb557e649c6d28d62eb191e8fcc250982a5ece17426a73d72e9f0d90251ec693d4051f17ec02293fab775d8485e52bd9b20478e9cd47d3418e2d44039577a8e4a6240653dedfd527db5524ddcff5219b82235aab3dc6618c0d51276fac13033524f151efca21f00cec6532d6c7f6b8536da5a8a09628eedaa735a7b3573881131d9806386de22f77d095051dfdbd2671bcd17300d5a1a73e3e176e20bf85893db110df52f843868267a0ad7bcf83611917ccbe9db27d22806b41b51bbffeafd48444eeccb427a55a72bd12ae05b351d6682f3d37cf43ed61d538614b6d4a9c5ba8b5d8ce24789d495a25f94f6c15facd726ea1043ab2a57b98395e37eedfdcc8539fc12c1cc8286b1c6afd83361df45a1292be8b35160a6095bdf68d1b89039b51d717423882a1597be4196717d3b064534d3a41f6fbaf346bb553bd45abdeef037a2fc884476ce3d67d209e8535bf1fa5a0c2df1b6658df8004ac8ca091bfa901f765a8a08174d18a515313a9c7534e8c6c1184b368ed151dd7294081b0686a9b7ff549371ce1bf2794a4c92698aa4053c149ad6010d721dff8da64b5c00483b044a134b4f26aa49f4f150411dd2b0e411253a5c03850d6cc8c8ee961320e43733a62d46301d2e25efb1f15b0bbb7bfc46d10da89a3a29171ac3f6e53f94aa51c99bd407f81a809b53a68c4a1af9cea5c58c4e696cabf55c12cb4f018f11a634fbc971ad601b420a05847479601a59cb0510e0625b87f8aa16bf57278bad32fa586b30483a4971cc11741e3f2f8f6e7b3d6d16e73eaf8ee45c5df471cadb7ff4e5291ece73acf05aaa7cede4edf913334774606e4bdb814feea81044f51b16736fae8e47449b6cea9e4285a5c42724a53d02aafe360efda8912530343478477169bb4d81afae7f3926820dfbe8896831458f0cc5948114accfc3bfe95af53f328323049666a1f311089fe459acc283e256808b0bf53615acd77464a3ce8b93fc1cf83515e64f8cae4c429e6214d8b0168d37b40875b157588c99b99f4441429252661fbbaf39c08fce0f68f5d53b16fc9a8d73d1d55f8a04b4f27f5cd337bda4ea44ef23736eb50a0663b0ba8fe30abdfd0ed3110b078def68f41e9a34ad1f6dd39079a2095e5203aa78e665213e641f59bef71d91afa921ed8c87f597b845ccc1d53231bb9035944093fe409e9a22b057ef5192eb5e9b654823e6decb28b27f297cd14d7e095166481d7314686ee8f61ab7c7c196d6d869e3099d5cfa59bc3e660dccf14268662376f9fabb010018ec7ee9a5b07fe18dfc57df9fbe3877c4d0b67b21ef02237cfb6185c7e7885aac68fafab47dbcf5cc4860c247de0b342d824601ec90ec9b548766aab1b457724114c6f9148eaf83c3dc4e8f2b156031a1e43dd04f0b815ffe2183c6b174a6862876c21eb7f685875368f5ae83a46f4b330cfb4b19889b4d34f9152e8135aa4e1af2e165fe54c45c82c789a23c0b47abe49572ad971a2226b40fb09ca949d5e5df9d859e4fd9bb0e37e4784961c7521b785eadc0565c38e162bd2e3185e8af8de96a81c263fa96b6716ed4be287075ff71d48e7643f1e8de335c8ce5da57488e835fe3a10458c6d5f16deaad57d0f32f96a226ff84d3eeb4b8fea8c3ee4da7aa7710782c5ec2ea3da379c404ef5dd884dda303676a051417bc666665877e9840c9d89e6fb6c2a113d0ba2e0b42010a28578e469847392762483b98b4d465fb29b241115b0a96b3f0f82ab100c63ebb774e62a0381c8e47c1d35c13238995ec456d0f852d2a320813282979d09597ae0d61c7f99600aecc92c2c884eb72108fa9906f2f6669bb41fd0605359ee61ebd5be89a0456ecd47ed17fbbf4903a00c7026453dc6eccac0b37c1bd74c5f95da60d8dff61a2921de0af3436bf2a3df6039d9e0418bc64ab76df0b1904f9a870225179679aa30ee7b82ca6c1d838f66e9783d9399c9c61e55f0e6954b301a0dd3ec3a2e39d795f8ad31aa0d90154abd24a47fff5aa2934212516c52d340eb6d148ccc5933a9fb14ad335b2f1855d90dabf8af7a65244684e8e29081bf6aa37e4bcca1e7deb4fadb1768f141294ecb1d9c3298ad0f332614ca3fb64c92f92d3ea085ce810fc75b34870f4dd06b126f43e0f13ec4314ce762b6dd97093ae542446d17406adff089eae7b1c08d0ce8d205af802ecc4946f51a9c58d0719bddc38ef755dd0bbdeaf3c41de8f2d6a9b0cd1619276cada9faafaae0f9c856573b3bb646a4b3afdaa11ce836d9a3a673972b7733c5f45098a286e6b2f5fdb6e46901a47f1dd8dce2452f3937063825389ae08b9acdb358feff0fd45d7b18e838a6e113935316ea3f71343851933ab80df882760fe5a534723e55cf57e0ca089d78fda91090990e0dd4a1f2d91d0044e210584dc29d1b61b6644e7e58747f0054b9de5b1145e4b9e66808374476121c25f73f989780bb9beca60b1b20a3b7240e15435bf76f375f1616fe55b1575d738154a3e78877ea8381a2ba7242d2a58ee06ca1b09c0e86405d29b721369effc14abc27b5e9d4891315fefd448df7209ce7b0ac4675de696c37c1ba5404c0ccfadfa7e360dddacd722b48ce30f1494abe35d9ca30b9488b436dde267f93522a50798ef55f6698f041b2f759aba9099bad4e4912a48e6bd0b2a2b32748d170a7cc276afe0d56e0e41ffb89859d6b20a08870217f13cf879400a68893d8ddfd373d86b2d8574f399e942030e5becf224b480d3df3ccaad9c067635665da54b0123a89ab54d0d215f4473ee0efed6e44f987a9082cb78295362cb17fd35e2e2f078ab8088a422058a794749318560f04563ba663e58ee05a1153441b09ea39c5ea736d3200b71d2e6d79d346f9f86a00639830778a6d11c36fd6527b100ca5cadb86728987db00805aefe9406fda00c8ed302ae73846e55a9ee3a9e3a1272b045fa34d0c7a0459238ebefbee1077faf8c89086e4d26ba79ecdd6ba2f04e06c87873e2dc9428643dcaf28c719548a8a2592542561a346b89990096d068d3ac4ac8dbf9146dc90ea03e8d46c3782c7e2e3326e37c055b0274f2a25f0ef4ca516f3c8afbd0bb94e9945a13cbaa8ae355b03477b900d0622bd1a838fd2668226ea2fa467f19241325a8961c07851d66ad889b9958d518a78428d89ffba2c9b0737928c3cd40406dfc971bb159a3a5e64fd44eb43ac39bd6ca33ca3c6f2d6d4a3e1aad334322a873c58a92a384ca2e051f48d2676e3a21d5b10362dbf02f97e8d99ffc3e88edb6191ac0990015c1ac05ad1b255e1f2b2c13802057dc3f7749c1ac9f87ab923aea3b83587bcceee07a9b91b414935bbd1094552c0af2988af4ec057a1b87493835675db0e3d301e7dfbee8f2ee4445571b1f02a82ecb0f48d788b3e90d93f6a66e365e7753d8668994a406031229818b77fcfe7aa4ab900a9572b1939e75a9403b4a1b11eaae87c7ce1f92ae1c3b91d6c16fe1a903dd9a82bbacf64b509e7791f2a1d345b552a8acf38e8b9f1bea5f2f612147d5f816203f1b7680c815390e391e56a2670cfe2828e3be95fbd10a3dcefb43a3aa802d3120bdab4742a40d043c63bf443f600a433bd5219e6fe431d02cb5bf106dc0dc903d147341bffbba09a3350a395ea109c311c86ce611dea70410c0d8779212d76246cef326d94c390d1ccf649d4cbe7e768d996de359a37781fc762235b0a73dbe1694b83c1171e0f1b9b410161421764301267d3ba855d49852a03523f5f306ce5e70bf8a3759d820aa9baefbb033ac83de502d52d919e028ae331318d4fbf02f1614e1020e570f78097ce3f500d29c3c00457001c9d29c05c9e0f529cca8f84388ad1763f2f0544f16590434560a7347f25056fefa6c9827746d2863deb779bab6a5e2a32b432009bed1499a139cef4e02b72bae5fe02e249181b9186d02be799b3b8ed99c204c527bb0fae7eda3e7ed6cbe3cf0fec0ef9090e89947877bad5c0a6ba177d35edc284ad83dc1182a135012be966dd8e731de664a8fb8c24abca50388f457aee8913f89e5e42eadc1924b7b357363d86694b5a9eb9add8dd0ec81a61f5042a9a331ee131d39f865e66fa5c68bdc389bcff9704de8626d8df84ce85fde68602bcdc4963e247fdb8d50204b34d760a7c86e18f6a770ee864bdb364ec7e34cd8f24062bfe5b58b09b8a64283b8fc9467b2d3e8f74654844047e06ecfd422cf85401c9b006c3ae9e882a7d1bc7a65afb20942ee97ff4571903fa56943743118d7dd6f9ba39e4fe91b023077550b65f5854001897fd509a7b624127705419c46f4b462081abdd912719991dc5ce220e8acfb6eef7e6481d26d6890f0bce55866d7264c10768a06167828ef153cb1f0e26aef6b36f94caf3962336e11e0879d355a95f216ea5bad7653d4e68115120b09a953fae2dd82a281087d9d24271b9d020eea05093fdf4cc0a443ff5b63a2c202d42e485a318630a11bc4c8a6233bca7ba371af771b7179d5df8989bdd85d06c65327f1632085d433ee1acadbdcfb02703ffef87c24cf34ddf1d16f2400a7c6e3dade91d2a519657faf36b32614d692f52abe006294009f87eae07f3600444f26a3152ec6facc666954496f5e992f1d7ad27f3fdd80b99e43cb2e531c7f028c92df8b025976e50922497546037156b7db351756b78ff0
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\ GbPluginCef]
2014-08-12 18:20 1736008 ----a-w- c:\program files\GbPlugin\gbiehcef.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux1"=wdmaud.drv
.
R0 Bhbase;Baidu Hook Base;c:\windows\System32\drivers\Bhbase.sys [x]
R0 fecf2f8c592ffaad;syshost.exe;c:\windows\\SystemRoot\System32\Drivers\fecf2f8c592ffaad.sys [x]
R1 Bfilter;Baidu Antivirus Minifilter Driver;c:\windows\System32\drivers\Bfilter.sys [x]
R1 Bfmon;Baidu FS Monitor Driver;c:\windows\System32\drivers\Bfmon.sys [x]
R1 Bnbase;Bnbase;c:\windows\system32\drivers\bnbasex.sys [x]
R1 Bndef;Baidu NetDefense;c:\windows\System32\drivers\bndef.sys [x]
R1 Bprotect;Baidu Protect;c:\windows\System32\drivers\Bprotect.sys [x]
R3 AVG Bonjour Service;AVG Bonjour Service;c:\windows\TEMP\avgcu_mDNSResponder.exe [x]
R3 BdApiUtil;BdApiUtil;c:\program files\Baidu Security\Baidu Antivirus\BdApiUtil.sys [x]
R3 BdCameraProtect;BdCameraProtect;c:\program files\Baidu Security\Baidu Antivirus\BdCameraProtect.sys [x]
R3 BHipsEx;Baidu HipsEx Driver;c:\windows\System32\drivers\BHipsEx.sys [x]
R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [2010-02-01 29472]
R3 CT_QUALCOMM_U_drv;Qualcomm EVDO USB Device for Serial Communication;c:\windows\system32\DRIVERS\CT_QUALCOMM_U_drv.sys [2009-04-27 103552]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys [2010-11-20 62464]
R3 esgiguard;esgiguard;c:\program files\Enigma Software Group\SpyHunter\esgiguard.sys [2014-01-07 15384]
R3 EsgScanner;EsgScanner;c:\windows\system32\DRIVERS\EsgScanner.sys [2012-06-22 19984]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe [2014-09-19 108032]
R3 massfilter;ZTE Mass Storage Filter Driver;c:\windows\system32\drivers\massfilter.sys [2010-09-15 9216]
R3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\MBAMSwissArmy.sys [2014-10-29 114904]
R3 NdisrdMP;NdisrdMP;c:\windows\system32\DRIVERS\gbpndisrd.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2010-11-20 15872]
R3 RTL8187B;Realtek RTL8187B Wireless 802.11b/g 54Mbps USB 2.0 Network Adapter;c:\windows\system32\DRIVERS\RTL8187B.sys [2009-07-13 347136]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [2010-11-20 77184]
R3 terminpt;Microsoft Remote Desktop Input Driver;c:\windows\system32\drivers\terminpt.sys [2010-11-20 25600]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 52224]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-20 27264]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [2010-11-20 112640]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys [x]
R3 WatAdminSvc;Serviço de Tecnologias de Ativação do Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2012-07-30 1343400]
S0 GbpKm;Gbp KernelMode;c:\windows\system32\drivers\gbpkm.sys [2014-01-24 47192]
S1 Ndisrd;GAS Tecnologia Filter Driver;c:\windows\system32\DRIVERS\gbpndisrdn.sys [2014-03-16 29400]
S2 CDROM_Detect;CDROM_Detect;c:\program files\3.5G HSPA MODEM\WCDMA_Eject.exe [2012-09-18 325632]
S2 GbpSv;Gbp Service;c:\progra~1\GbPlugin\GbpSv.exe [2014-07-22 546104]
S2 MBAMScheduler;MBAMScheduler;c:\program files\Malwarebytes Anti-Malware\mbamscheduler.exe [2014-10-01 1871160]
S2 RealNetworks Downloader Resolver Service;RealNetworks Downloader Resolver Service;c:\program files\RealNetworks\RealDownloader\rndlresolversvc.exe [2014-07-24 39568]
S2 RealPlayer Cloud Service;RealPlayer Cloud Service;c:\program files\real\realplayer\RPDS\Bin\rpdsvc.exe [2014-09-13 1141848]
S2 RealPlayerUpdateSvc;RealPlayer Update Service;c:\program files\Real\UpdateService\RealPlayerUpdateSvc.exe [2014-07-24 23552]
S2 SSPORT;SSPORT;c:\windows\system32\Drivers\SSPORT.sys [2008-01-24 5120]
S2 UI Assistant Service;UI Assistant Service;c:\program files\Connect Manager\AssistantServices.exe [2010-09-25 252784]
S3 netr28;Ralink 802.11n Extensible Wireless Driver;c:\windows\system32\DRIVERS\netr28.sys [2010-02-05 785184]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [2009-03-02 139776]
.
.
--- =Outros Serviços/Drivers Na Memória ---
.
*NewlyCreated* - WS2IFSL
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-04-10 23:56 1077576 ----a-w- c:\program files\Google\Chrome\Application\34.0.1847.116\Installer\chrmstp.exe
.
Conteúdo da pasta 'Tarefas Agendadas'
.
2014-10-29 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-01-07 02:13]
.
2014-10-29 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2013-02-10 14:38]
.
2014-10-29 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2013-02-10 14:38]
.
.
------- Scan Suplementar -------
.
uStart Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
mStart Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
IE: SmarThru4 Capturar seleção - c:\program files\SmarThru 4\WebCapture.dll2.htm
IE: SmarThru4 Salvar como HTML - c:\program files\SmarThru 4\WebCapture.dll1.htm
IE: SmarThru4 Salvar texto selecionado - c:\program files\SmarThru 4\WebCapture.dll.htm
IE: SmarThru4 Web Capture - c:\program files\SmarThru 4\WebCapture.dll
Trusted Zone: caixa.gov.br
Trusted Zone: caixa.gov.br\imagem
Trusted Zone: caixa.gov.br\imagem2
Trusted Zone: caixa.gov.br\internetbanking
Trusted Zone: caixa.gov.br\internetbankingpf
Trusted Zone: caixa.gov.br\www
TCP: DhcpNameServer = 177.36.96.21 192.168.0.1
FF - ProfilePath - c:\users\PV\AppData\Roaming\Mozilla\Firefox\Profiles\6wbyrt5o.default\
FF - ExtSQL: !HIDDEN! 1970-01-17 00:31; jid0-O6MIff3eO5dIGf5Tcv8RsJDKxrs@jetpack; c:\users\PV\AppData\Roaming\Mozilla\Firefox\Profiles\6wbyrt5o.default\extensions\jid0-O6MIff3eO5dIGf5Tcv8RsJDKxrs@jetpack
.
- - - - ORFÃOS REMOVIDOS - - - -
.
BHO-{43EB4EE6-5E67-8B6D-6241-1CD6094290AE} - c:\program files\ssavE net\KTfk2Nj7fw.dll
BHO-{596CA237-7AA3-6475-0C4F-2033501605C9} - c:\programdata\SaverExtteneSiion\_u7d.dll
BHO-{F5D17FBE-EE2C-6B39-D167-233CDEE56549} - c:\program files\YoutubeAdblocker\7vV.dll
Toolbar-Locked - (no file)
AddRemove-ceb30e31-cf58-464a-a65a-af44ee7e0c4f - c:\progra~2\INSTAL~2\{9700F~1\Setup.exe
AddRemove-Digital Editions - c:\program files\Adobe\Adobe Digital Editions 1
AddRemove-{274E3C5C-178E-EAE2-A52F-2863C0EECD46} - c:\programdata\SaverExtteneSiion\_u7d.exe
AddRemove-{7DD5E91C-3864-77EC-7635-D14910C2A03E} - c:\programdata\ssavE net\W6bP0DRVWBK.exe
.
.
.
--------------------- CHAVES DO REGISTRO BLOQUEADAS ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
--------------------- DLLs Carregadas Sob os Processos em Execução ---------------------
.
- - - - - - - > 'Explorer.exe'(2232)
c:\program files\WIDCOMM\Bluetooth Software\btncopy.dll
.
------------------------ Outros Processos em Execução ------------------------
.
c:\progra~1\ENIGMA~1\SPYHUN~1\SH4SER~1.EXE
c:\windows\system32\WLANExt.exe
c:\windows\system32\conhost.exe
c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files\WIDCOMM\Bluetooth Software\btwdins.exe
c:\program files\Ralink\Common\RaRegistry.exe
c:\windows\system32\sppsvc.exe
c:\windows\system32\conhost.exe
c:\windows\system32\DllHost.exe
c:\windows\system32\Mystify.scr
.
**************************************************************************
.
Tempo para conclusão: 2014-10-29 08:07:05 - Máquina reiniciou
ComboFix-quarantined-files.txt 2014-10-29 10:07
.
Pré-execução: 8.735.780.864 bytes disponíveis
Pós execução: 9.363.820.544 bytes disponíveis
.
- - End Of File - - AE996068806CDF7141EA08E254E81312
A36C5E4F47E84449FF07ED3517B43A31
ComboFix 14-10-27.01 - PV 29/10/2014 1:24.1.2 - x86
Microsoft Windows 7 Ultimate 6.1.7601.1.1252.55.1046.18.2037.703 [GMT -2:00]
Executando de: c:\users\PV\Desktop\ComboFix.exe
Comandos utilizados :: /KillAll/nombr
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
ADS - system32: deleted 2 bytes in 1 streams.
ADS - drivers: deleted 212 bytes in 1 streams.
.
((((((((((((((((((((((((((((((((((((( Outras Exclusões )))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\END
c:\users\Administrador\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\balcobjiojeggchhjfjnionmhfijepla\1.0\background.html
c:\users\Administrador\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\balcobjiojeggchhjfjnionmhfijepla\1.0\content.js
c:\users\Administrador\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\balcobjiojeggchhjfjnionmhfijepla\1.0\lsdb.js
c:\users\Administrador\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\balcobjiojeggchhjfjnionmhfijepla\1.0\manifest.json
c:\users\Administrador\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\balcobjiojeggchhjfjnionmhfijepla\1.0\S5wjs.js
c:\users\Administrador\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ipkfnchcgalnafehpglfbommidgmalan\232\background.html
c:\users\Administrador\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ipkfnchcgalnafehpglfbommidgmalan\232\content.js
c:\users\Administrador\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ipkfnchcgalnafehpglfbommidgmalan\232\lsdb.js
c:\users\Administrador\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ipkfnchcgalnafehpglfbommidgmalan\232\manifest.json
c:\users\Administrador\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ipkfnchcgalnafehpglfbommidgmalan\232\Po92VKCaQ.js
c:\users\Administrador\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\mljffajdjfablplhmclmeebhmighmmdg\5.14\background.html
c:\users\Administrador\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\mljffajdjfablplhmclmeebhmighmmdg\5.14\content.js
c:\users\Administrador\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\mljffajdjfablplhmclmeebhmighmmdg\5.14\jCiRh5zsPpl.js
c:\users\Administrador\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\mljffajdjfablplhmclmeebhmighmmdg\5.14\lsdb.js
c:\users\Administrador\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\mljffajdjfablplhmclmeebhmighmmdg\5.14\manifest.json
c:\users\Administrador\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\balcobjiojeggchhjfjnionmhfijepla\1.0\background.html
c:\users\Administrador\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\balcobjiojeggchhjfjnionmhfijepla\1.0\content.js
c:\users\Administrador\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\balcobjiojeggchhjfjnionmhfijepla\1.0\lsdb.js
c:\users\Administrador\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\balcobjiojeggchhjfjnionmhfijepla\1.0\manifest.json
c:\users\Administrador\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\balcobjiojeggchhjfjnionmhfijepla\1.0\S5wjs.js
c:\users\Administrador\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ipkfnchcgalnafehpglfbommidgmalan\232\background.html
c:\users\Administrador\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ipkfnchcgalnafehpglfbommidgmalan\232\content.js
c:\users\Administrador\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ipkfnchcgalnafehpglfbommidgmalan\232\lsdb.js
c:\users\Administrador\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ipkfnchcgalnafehpglfbommidgmalan\232\manifest.json
c:\users\Administrador\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ipkfnchcgalnafehpglfbommidgmalan\232\Po92VKCaQ.js
c:\users\Administrador\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\mljffajdjfablplhmclmeebhmighmmdg\5.14\background.html
c:\users\Administrador\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\mljffajdjfablplhmclmeebhmighmmdg\5.14\content.js
c:\users\Administrador\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\mljffajdjfablplhmclmeebhmighmmdg\5.14\jCiRh5zsPpl.js
c:\users\Administrador\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\mljffajdjfablplhmclmeebhmighmmdg\5.14\lsdb.js
c:\users\Administrador\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\mljffajdjfablplhmclmeebhmighmmdg\5.14\manifest.json
c:\users\Administrador\AppData\Local\Google\Chrome\User Data\Default\Extensions\balcobjiojeggchhjfjnionmhfijepla\1.0\background.html
c:\users\Administrador\AppData\Local\Google\Chrome\User Data\Default\Extensions\balcobjiojeggchhjfjnionmhfijepla\1.0\content.js
c:\users\Administrador\AppData\Local\Google\Chrome\User Data\Default\Extensions\balcobjiojeggchhjfjnionmhfijepla\1.0\lsdb.js
c:\users\Administrador\AppData\Local\Google\Chrome\User Data\Default\Extensions\balcobjiojeggchhjfjnionmhfijepla\1.0\manifest.json
c:\users\Administrador\AppData\Local\Google\Chrome\User Data\Default\Extensions\balcobjiojeggchhjfjnionmhfijepla\1.0\S5wjs.js
c:\users\Administrador\AppData\Local\Google\Chrome\User Data\Default\Extensions\ipkfnchcgalnafehpglfbommidgmalan\232\background.html
c:\users\Administrador\AppData\Local\Google\Chrome\User Data\Default\Extensions\ipkfnchcgalnafehpglfbommidgmalan\232\content.js
c:\users\Administrador\AppData\Local\Google\Chrome\User Data\Default\Extensions\ipkfnchcgalnafehpglfbommidgmalan\232\lsdb.js
c:\users\Administrador\AppData\Local\Google\Chrome\User Data\Default\Extensions\ipkfnchcgalnafehpglfbommidgmalan\232\manifest.json
c:\users\Administrador\AppData\Local\Google\Chrome\User Data\Default\Extensions\ipkfnchcgalnafehpglfbommidgmalan\232\Po92VKCaQ.js
c:\users\Administrador\AppData\Local\Google\Chrome\User Data\Default\Extensions\mljffajdjfablplhmclmeebhmighmmdg\5.14\background.html
c:\users\Administrador\AppData\Local\Google\Chrome\User Data\Default\Extensions\mljffajdjfablplhmclmeebhmighmmdg\5.14\content.js
c:\users\Administrador\AppData\Local\Google\Chrome\User Data\Default\Extensions\mljffajdjfablplhmclmeebhmighmmdg\5.14\jCiRh5zsPpl.js
c:\users\Administrador\AppData\Local\Google\Chrome\User Data\Default\Extensions\mljffajdjfablplhmclmeebhmighmmdg\5.14\lsdb.js
c:\users\Administrador\AppData\Local\Google\Chrome\User Data\Default\Extensions\mljffajdjfablplhmclmeebhmighmmdg\5.14\manifest.json
c:\users\Administrador\AppData\Local\Torch\User Data\Default\Extensions\balcobjiojeggchhjfjnionmhfijepla\1.0\background.html
c:\users\Administrador\AppData\Local\Torch\User Data\Default\Extensions\balcobjiojeggchhjfjnionmhfijepla\1.0\content.js
c:\users\Administrador\AppData\Local\Torch\User Data\Default\Extensions\balcobjiojeggchhjfjnionmhfijepla\1.0\lsdb.js
c:\users\Administrador\AppData\Local\Torch\User Data\Default\Extensions\balcobjiojeggchhjfjnionmhfijepla\1.0\manifest.json
c:\users\Administrador\AppData\Local\Torch\User Data\Default\Extensions\balcobjiojeggchhjfjnionmhfijepla\1.0\S5wjs.js
c:\users\Administrador\AppData\Local\Torch\User Data\Default\Extensions\ipkfnchcgalnafehpglfbommidgmalan\232\background.html
c:\users\Administrador\AppData\Local\Torch\User Data\Default\Extensions\ipkfnchcgalnafehpglfbommidgmalan\232\content.js
c:\users\Administrador\AppData\Local\Torch\User Data\Default\Extensions\ipkfnchcgalnafehpglfbommidgmalan\232\lsdb.js
c:\users\Administrador\AppData\Local\Torch\User Data\Default\Extensions\ipkfnchcgalnafehpglfbommidgmalan\232\manifest.json
c:\users\Administrador\AppData\Local\Torch\User Data\Default\Extensions\ipkfnchcgalnafehpglfbommidgmalan\232\Po92VKCaQ.js
c:\users\Administrador\AppData\Local\Torch\User Data\Default\Extensions\mljffajdjfablplhmclmeebhmighmmdg\5.14\background.html
c:\users\Administrador\AppData\Local\Torch\User Data\Default\Extensions\mljffajdjfablplhmclmeebhmighmmdg\5.14\content.js
c:\users\Administrador\AppData\Local\Torch\User Data\Default\Extensions\mljffajdjfablplhmclmeebhmighmmdg\5.14\jCiRh5zsPpl.js
c:\users\Administrador\AppData\Local\Torch\User Data\Default\Extensions\mljffajdjfablplhmclmeebhmighmmdg\5.14\lsdb.js
c:\users\Administrador\AppData\Local\Torch\User Data\Default\Extensions\mljffajdjfablplhmclmeebhmighmmdg\5.14\manifest.json
c:\users\Convidado\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\balcobjiojeggchhjfjnionmhfijepla\1.0\background.html
c:\users\Convidado\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\balcobjiojeggchhjfjnionmhfijepla\1.0\content.js
c:\users\Convidado\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\balcobjiojeggchhjfjnionmhfijepla\1.0\lsdb.js
c:\users\Convidado\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\balcobjiojeggchhjfjnionmhfijepla\1.0\manifest.json
c:\users\Convidado\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\balcobjiojeggchhjfjnionmhfijepla\1.0\S5wjs.js
c:\users\Convidado\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ipkfnchcgalnafehpglfbommidgmalan\232\background.html
c:\users\Convidado\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ipkfnchcgalnafehpglfbommidgmalan\232\content.js
c:\users\Convidado\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ipkfnchcgalnafehpglfbommidgmalan\232\lsdb.js
c:\users\Convidado\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ipkfnchcgalnafehpglfbommidgmalan\232\manifest.json
c:\users\Convidado\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ipkfnchcgalnafehpglfbommidgmalan\232\Po92VKCaQ.js
c:\users\Convidado\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\mljffajdjfablplhmclmeebhmighmmdg\5.14\background.html
c:\users\Convidado\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\mljffajdjfablplhmclmeebhmighmmdg\5.14\content.js
c:\users\Convidado\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\mljffajdjfablplhmclmeebhmighmmdg\5.14\jCiRh5zsPpl.js
c:\users\Convidado\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\mljffajdjfablplhmclmeebhmighmmdg\5.14\lsdb.js
c:\users\Convidado\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\mljffajdjfablplhmclmeebhmighmmdg\5.14\manifest.json
c:\users\Convidado\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\balcobjiojeggchhjfjnionmhfijepla\1.0\background.html
c:\users\Convidado\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\balcobjiojeggchhjfjnionmhfijepla\1.0\content.js
c:\users\Convidado\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\balcobjiojeggchhjfjnionmhfijepla\1.0\lsdb.js
c:\users\Convidado\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\balcobjiojeggchhjfjnionmhfijepla\1.0\manifest.json
c:\users\Convidado\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\balcobjiojeggchhjfjnionmhfijepla\1.0\S5wjs.js
c:\users\Convidado\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ipkfnchcgalnafehpglfbommidgmalan\232\background.html
c:\users\Convidado\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ipkfnchcgalnafehpglfbommidgmalan\232\content.js
c:\users\Convidado\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ipkfnchcgalnafehpglfbommidgmalan\232\lsdb.js
c:\users\Convidado\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ipkfnchcgalnafehpglfbommidgmalan\232\manifest.json
c:\users\Convidado\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ipkfnchcgalnafehpglfbommidgmalan\232\Po92VKCaQ.js
c:\users\Convidado\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\mljffajdjfablplhmclmeebhmighmmdg\5.14\background.html
c:\users\Convidado\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\mljffajdjfablplhmclmeebhmighmmdg\5.14\content.js
c:\users\Convidado\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\mljffajdjfablplhmclmeebhmighmmdg\5.14\jCiRh5zsPpl.js
c:\users\Convidado\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\mljffajdjfablplhmclmeebhmighmmdg\5.14\lsdb.js
c:\users\Convidado\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\mljffajdjfablplhmclmeebhmighmmdg\5.14\manifest.json
c:\users\Convidado\AppData\Local\Google\Chrome\User Data\Default\Extensions\balcobjiojeggchhjfjnionmhfijepla\1.0\background.html
c:\users\Convidado\AppData\Local\Google\Chrome\User Data\Default\Extensions\balcobjiojeggchhjfjnionmhfijepla\1.0\content.js
c:\users\Convidado\AppData\Local\Google\Chrome\User Data\Default\Extensions\balcobjiojeggchhjfjnionmhfijepla\1.0\lsdb.js
c:\users\Convidado\AppData\Local\Google\Chrome\User Data\Default\Extensions\balcobjiojeggchhjfjnionmhfijepla\1.0\manifest.json
c:\users\Convidado\AppData\Local\Google\Chrome\User Data\Default\Extensions\balcobjiojeggchhjfjnionmhfijepla\1.0\S5wjs.js
c:\users\Convidado\AppData\Local\Google\Chrome\User Data\Default\Extensions\ipkfnchcgalnafehpglfbommidgmalan\232\background.html
c:\users\Convidado\AppData\Local\Google\Chrome\User Data\Default\Extensions\ipkfnchcgalnafehpglfbommidgmalan\232\content.js
c:\users\Convidado\AppData\Local\Google\Chrome\User Data\Default\Extensions\ipkfnchcgalnafehpglfbommidgmalan\232\lsdb.js
c:\users\Convidado\AppData\Local\Google\Chrome\User Data\Default\Extensions\ipkfnchcgalnafehpglfbommidgmalan\232\manifest.json
c:\users\Convidado\AppData\Local\Google\Chrome\User Data\Default\Extensions\ipkfnchcgalnafehpglfbommidgmalan\232\Po92VKCaQ.js
c:\users\Convidado\AppData\Local\Google\Chrome\User Data\Default\Extensions\mljffajdjfablplhmclmeebhmighmmdg\5.14\background.html
c:\users\Convidado\AppData\Local\Google\Chrome\User Data\Default\Extensions\mljffajdjfablplhmclmeebhmighmmdg\5.14\content.js
c:\users\Convidado\AppData\Local\Google\Chrome\User Data\Default\Extensions\mljffajdjfablplhmclmeebhmighmmdg\5.14\jCiRh5zsPpl.js
c:\users\Convidado\AppData\Local\Google\Chrome\User Data\Default\Extensions\mljffajdjfablplhmclmeebhmighmmdg\5.14\lsdb.js
c:\users\Convidado\AppData\Local\Google\Chrome\User Data\Default\Extensions\mljffajdjfablplhmclmeebhmighmmdg\5.14\manifest.json
c:\users\Convidado\AppData\Local\Torch\User Data\Default\Extensions\balcobjiojeggchhjfjnionmhfijepla\1.0\background.html
c:\users\Convidado\AppData\Local\Torch\User Data\Default\Extensions\balcobjiojeggchhjfjnionmhfijepla\1.0\content.js
c:\users\Convidado\AppData\Local\Torch\User Data\Default\Extensions\balcobjiojeggchhjfjnionmhfijepla\1.0\lsdb.js
c:\users\Convidado\AppData\Local\Torch\User Data\Default\Extensions\balcobjiojeggchhjfjnionmhfijepla\1.0\manifest.json
c:\users\Convidado\AppData\Local\Torch\User Data\Default\Extensions\balcobjiojeggchhjfjnionmhfijepla\1.0\S5wjs.js
c:\users\Convidado\AppData\Local\Torch\User Data\Default\Extensions\ipkfnchcgalnafehpglfbommidgmalan\232\background.html
c:\users\Convidado\AppData\Local\Torch\User Data\Default\Extensions\ipkfnchcgalnafehpglfbommidgmalan\232\content.js
c:\users\Convidado\AppData\Local\Torch\User Data\Default\Extensions\ipkfnchcgalnafehpglfbommidgmalan\232\lsdb.js
c:\users\Convidado\AppData\Local\Torch\User Data\Default\Extensions\ipkfnchcgalnafehpglfbommidgmalan\232\manifest.json
c:\users\Convidado\AppData\Local\Torch\User Data\Default\Extensions\ipkfnchcgalnafehpglfbommidgmalan\232\Po92VKCaQ.js
c:\users\Convidado\AppData\Local\Torch\User Data\Default\Extensions\mljffajdjfablplhmclmeebhmighmmdg\5.14\background.html
c:\users\Convidado\AppData\Local\Torch\User Data\Default\Extensions\mljffajdjfablplhmclmeebhmighmmdg\5.14\content.js
c:\users\Convidado\AppData\Local\Torch\User Data\Default\Extensions\mljffajdjfablplhmclmeebhmighmmdg\5.14\jCiRh5zsPpl.js
c:\users\Convidado\AppData\Local\Torch\User Data\Default\Extensions\mljffajdjfablplhmclmeebhmighmmdg\5.14\lsdb.js
c:\users\Convidado\AppData\Local\Torch\User Data\Default\Extensions\mljffajdjfablplhmclmeebhmighmmdg\5.14\manifest.json
c:\users\PV\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_balcobjiojeggchhjfjnionmhfijepla_0.localstorage-journal
c:\users\PV\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_balcobjiojeggchhjfjnionmhfijepla_0.localstorage
c:\users\PV\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_bnljbpiikpikijabbehofahlgpedglcp_0.localstorage-journal
c:\users\PV\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_bnljbpiikpikijabbehofahlgpedglcp_0.localstorage
c:\users\PV\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_ipkfnchcgalnafehpglfbommidgmalan_0.localstorage-journal
c:\users\PV\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_ipkfnchcgalnafehpglfbommidgmalan_0.localstorage
c:\users\PV\AppData\Local\Google\Chrome\User Data\Default\Preferences
c:\users\PV\AppData\Roaming\Mozilla\Firefox\Profiles\6wbyrt5o.default\extensions\staged
c:\users\PV\AppData\Roaming\Mozilla\Firefox\Profiles\6wbyrt5o.default\extensions\staged\io1rxa@i-pfg.co.uk\bootstrap.js
c:\users\PV\AppData\Roaming\Mozilla\Firefox\Profiles\6wbyrt5o.default\extensions\staged\io1rxa@i-pfg.co.uk\chrome.manifest
c:\users\PV\AppData\Roaming\Mozilla\Firefox\Profiles\6wbyrt5o.default\extensions\staged\io1rxa@i-pfg.co.uk\content\bg.js
c:\users\PV\AppData\Roaming\Mozilla\Firefox\Profiles\6wbyrt5o.default\extensions\staged\io1rxa@i-pfg.co.uk\install.rdf
c:\users\PV\AppData\Roaming\Mozilla\Firefox\Profiles\6wbyrt5o.default\extensions\staged\mx.dy1@iyeea-wvu.net\bootstrap.js
c:\users\PV\AppData\Roaming\Mozilla\Firefox\Profiles\6wbyrt5o.default\extensions\staged\mx.dy1@iyeea-wvu.net\chrome.manifest
c:\users\PV\AppData\Roaming\Mozilla\Firefox\Profiles\6wbyrt5o.default\extensions\staged\mx.dy1@iyeea-wvu.net\content\bg.js
c:\users\PV\AppData\Roaming\Mozilla\Firefox\Profiles\6wbyrt5o.default\extensions\staged\mx.dy1@iyeea-wvu.net\install.rdf
c:\users\PV\AppData\Roaming\Mozilla\Firefox\Profiles\6wbyrt5o.default\extensions\staged\yciu_ia@ayavxfzdv.edu\bootstrap.js
c:\users\PV\AppData\Roaming\Mozilla\Firefox\Profiles\6wbyrt5o.default\extensions\staged\yciu_ia@ayavxfzdv.edu\chrome.manifest
c:\users\PV\AppData\Roaming\Mozilla\Firefox\Profiles\6wbyrt5o.default\extensions\staged\yciu_ia@ayavxfzdv.edu\content\bg.js
c:\users\PV\AppData\Roaming\Mozilla\Firefox\Profiles\6wbyrt5o.default\extensions\staged\yciu_ia@ayavxfzdv.edu\install.rdf
c:\windows\system32\Config.ini
c:\windows\system32\pt
c:\windows\system32\pt\AuthFWSnapIn.Resources.dll
c:\windows\system32\pt\AuthFWWizFwk.Resources.dll
c:\windows\system32\pt\Narrator.resources.dll
c:\windows\system32\roboot.exe
.
.
(((((((((((((((( Arquivos/Ficheiros criados de 2014-09-28 to 2014-10-29 ))))))))))))))))))))))))))))
.
.
2014-10-29 04:02 . 2014-10-29 04:02 62576 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{D3F459C9-F3F3-422D-AB01-71B8093DF24F}\offreg.dll
2014-10-29 04:01 . 2014-10-29 04:01 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-10-28 23:35 . 2014-10-28 23:35 -------- d-----w- C:\FRST
2014-10-26 21:13 . 2014-10-26 21:13 -------- d-----w- c:\users\PV\AppData\Local\Diagnostics
2014-10-22 01:37 . 2014-10-25 00:55 -------- d-----w- c:\users\PV\AppData\Roaming\Solvusoft
2014-10-22 01:37 . 2014-10-25 00:58 -------- d-----w- c:\program files\WinThruster
2014-10-21 02:56 . 2014-10-20 05:37 8901368 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{D3F459C9-F3F3-422D-AB01-71B8093DF24F}\mpengine.dll
2014-10-21 02:15 . 2014-09-19 01:25 4201472 ----a-w- c:\windows\system32\jscript9.dll
2014-10-21 01:37 . 2014-07-17 01:39 3221504 ----a-w- c:\windows\system32\mstscax.dll
2014-10-21 01:33 . 2014-09-04 05:04 372736 ----a-w- c:\windows\system32\rastls.dll
2014-10-21 01:33 . 2014-09-29 00:41 2379264 ----a-w- c:\windows\system32\win32k.sys
2014-10-21 01:30 . 2014-06-18 22:23 81560 ----a-w- c:\windows\system32\mscories.dll
2014-10-21 01:30 . 2014-06-18 22:23 156824 ----a-w- c:\windows\system32\mscorier.dll
2014-10-21 01:30 . 2014-06-18 22:23 1131664 ----a-w- c:\windows\system32\dfshim.dll
2014-10-21 01:26 . 2014-09-13 01:40 67072 ----a-w- c:\windows\system32\packager.dll
2014-10-14 02:30 . 2014-10-14 03:30 -------- d-----w- c:\users\Tô Fora
2014-10-12 18:46 . 2014-10-12 18:46 -------- d-----w- c:\users\PV\AppData\Local\CombatArms
2014-10-12 13:59 . 2014-10-12 14:15 -------- d-----w- c:\programdata\WCService
2014-10-12 13:49 . 2014-10-12 14:09 -------- d-----w- c:\users\PV\AppData\Local\BoBrowser
2014-10-12 13:43 . 2014-10-12 15:08 -------- d-----w- c:\program files\globalUpdate
2014-10-12 13:43 . 2014-10-12 13:43 -------- d-----w- c:\users\PV\AppData\Local\globalUpdate
2014-10-12 13:32 . 2014-10-12 15:04 -------- d-----w- c:\users\PV\AppData\Local\5991
2014-10-12 13:28 . 2014-10-12 13:28 -------- d-----w- c:\programdata\Packer
2014-10-12 13:26 . 2014-10-12 17:02 -------- d-----w- c:\program files\Search Vortex
2014-10-12 13:23 . 2014-10-12 17:02 -------- d-----w- c:\program files\RBM
2014-10-12 13:21 . 2014-10-14 03:27 -------- d-----w- c:\program files\NJax
2014-10-12 13:21 . 2014-10-12 13:28 -------- d-----w- c:\users\PV\AppData\Roaming\GetRightToGo
.
.
.
((((((((((((((((((((((((((((((((((((( Relatório Find3M ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-10-29 04:02 . 2014-06-25 11:21 114904 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2014-10-22 02:53 . 2013-01-07 21:56 701104 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2014-10-22 02:53 . 2012-07-27 01:26 71344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2014-10-02 17:53 . 2013-11-27 14:42 231568 ------w- c:\windows\system32\MpSigStub.exe
2014-10-01 13:11 . 2014-06-25 11:13 51928 ----a-w- c:\windows\system32\drivers\mwac.sys
2014-10-01 13:11 . 2014-06-25 11:13 75480 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2014-10-01 13:11 . 2013-11-27 15:24 23256 ----a-w- c:\windows\system32\drivers\mbam.sys
2014-09-13 02:13 . 2003-03-18 23:14 505416 ----a-w- c:\windows\system32\msvcp71.dll
2014-09-13 02:13 . 2003-02-21 07:42 353864 ----a-w- c:\windows\system32\msvcr71.dll
2014-08-23 01:46 . 2014-08-31 20:39 305152 ----a-w- c:\windows\system32\gdi32.dll
2012-04-21 01:18 . 2012-07-27 01:52 97208 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
(((((((((((((((((((((((((( Pontos de Carregamento do Registro )))))))))))))))))))))))))))))))))))))))
.
.
*Nota* entradas vazias e legítimas por padrão não são apresentadas.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1174016]
"ISUSPM Startup"="c:\program files\Common Files\InstallShield\UpdateService\ISUSPM.exe" [2005-08-11 249856]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2009-08-31 7731744]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2009-09-14 141848]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2009-09-14 173592]
"Persistence"="c:\windows\system32\igfxpers.exe" [2009-09-14 150552]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2014-08-21 959176]
"USB Security"="c:\program files\USB Disk Security\USBGuard.exe" [2011-01-31 623520]
"ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" [2005-08-11 81920]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040]
"TkBellExe"="c:\program files\Real\RealPlayer\update\realsched.exe" [2014-09-13 296520]
"UIExec"="c:\program files\Connect Manager\UIExec.exe" [2010-09-25 138584]
.
c:\users\PV\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games\Startup\
BrOffice.org 3.1.lnk - c:\program files\BrOffice.org 3\program\quickstart.exe [2009-4-16 384000]
Recorte de tela e Iniciador do OneNote 2007.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE /tsr [2009-2-26 97680]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2009-7-1 795936]
Ralink Wireless Utility.lnk - c:\program files\Ralink\Common\RaUI.exe -s [2012-7-26 1672480]
RealPlayer Cloud Service UI.lnk - c:\program files\Real\RealPlayer\RPDS\Bin\rpsystray.exe [2014-9-13 822880]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"3212083974"= 504b03042629ac09068374bfb51100000040000057dfbe4f62c7fd005fb5184b749a521932500c6e36450cbd18ecf31d4f4dacff32af95971262b33710ffa461bd774c05119b02569ce8a8d0a4f9f9d99bd51e577a41bc9fc8512d05718337d5409324eb7973151b62c1ba61bd0f8fbe96057ff064e05ecd5aab1f395d31ed4fbccea9a4ef59f1d841997b222555ed8c2e286fb75804d9b0e20e98e03584359536ae91a4d8ea734bbdfab81defdfa9706ecd97ae56032bdca3ba774500a4f751b3a8f09216d7c2595e1d9f0d331b21ea6ba2011432419355fe9830f9bccc9850f86b72e4230d0a9741ba3f3c1398474d0de822c945416acb94f97b6a422dc2913d6f1a318fbcfa2d5eb9126f3ee3171d9c9c18e5f9c1c73cf20b81cf1cb41c1fa834574a06566dd31c4d50ef0ca0b02222667a910644e353b4665f2c858e7d7547e4f4bc3296159c3e13168d9eae095e53a81e268d2863da02c2f9bc822c5a3f8b10ad61dab11be38a926921d2afc97ce1a01caa14b8fbf4a7073056eaf871f7abfda86773ad2e54d14d30e1fcf526283aebe2c64a96fdfdc1adbcfe9f2a2476b167ab86b53c43a973293743d35d3e66e730776d2ab2d1d3ce56d941e2ea5189635d5838672343aca0afa785490dd6af823e784b6d369fd2f6f5d4116d5a9e06a3b1f9e7e80e661b5b5327519d8d0ac91dbbdefaaf5988791d8a75b3d01b8196b552f4f88b5a10c63b5a2e0fae0f1fe833b992ade9b2260815ce46ea44557c6ed1c7b0463f1764b58870def769fe985843408b7b0702d2d6a5b79b2c1b7fc3cda9bff640ae82f485967d70edd9267dc6195889f3be0da1286ca43f71b470ca3a91d5de46b03c4fbc7aaa61e00c906a706879b88aba54efa087398b3c2c11c1771d2fee3545362e8bbc9bd2307f670d391461ed21f2dcc87a9272704500db61f0f66f6378c631a575e5af2dff5443dc4887649f8744de4a555bd0b9135870f09cbe73107904d919548ff85c0a9d5f9dc791ff6924bee817d6458e1f59a727367781818e668dbe330926365788c5e4483b125be787f408a142298b80396888cc00484d93d225e9a8b3b281114e55e8b1df1168e92666756be62fe21a82e2760458f15849c2357f82ad448b86eb59dccea586027396467b4ae609cf8eb80ea0a3e42f424362faed015f304dcee6c6a41b4bf5bc851c5a47df7475cc20dd1c6b61f4de1c85455e96798de9061ed482b69a63e6ca89a17bc10f924d9d50007ccbbd57de891143454a0048189ebdad633e800ec83a57db25556c92ac7311e368cca0069b2aaff1d1e727c4535e7a40b6fd3c507b64e3304ca953e953a8990fa3df32e52fb0797fca67dfb39cfa47f4ecb9b8486119f0acec137e7872c6ace0254662fcc53b77b1efbceb6382eb7b675122253ff1d6326038146c4a10d395f6120e84ebff37736ac95659f0ba5883770779db1a077757d30abd1c61709b09f45a50cccff3e1ab4cf2c94a55c441587968780330972a15829348dc578834c0f3f64675844ca57f30bbcc88e0c8f7e11924edef715db128a2c066cff8a6e6a2a79c33259440356aa4eb3c04e7858c7f75f3f2a93046b41fb089f43dadd195cbe7a3aa3b33545fd6132fbb96db702066e900c11a54349f7cd28949c5b2ca48c58aceb53b359b3fac86dd7103623bc372aca87c57e32fac448e7365600055f425481b3cbd14b64c2a50b872edfed981157db1d90bea0cc7cbdd630908fc2e429b612a98a5ce45e067c9fe52db3266c9574a12b50675429e4b4064c2fc2ebdd64263a7b9243652a4f4a1c3d0b982c9f280d68f4d215ef11f4573ae87ee93483285e40f931e99f5c31dee9bed53051ae51cf381e54f815f13fb7832e475272ad46dff700ab7b42251ff76ae479f26afa3a6e00ec96d5f80f0d0bb0a7884bda15616eb738f7b6e0ce3dbb94d572036aa7151d761589dd1b4de8057918b70d2835cb8fc44f3868118c14beb61117aa70d393ab6e515fd6f5e0112f83f726c04c97890f343b66b10421918605a7823995876fbe97d4df70c40ab9ee1ebd26b3f19cb6aaf75f7467a69ba56fa42bc4107934b9209d9cb7805f5bce904a02eb0cea4aae7b7aac75393140a59ee9fe54e45c532410cd5681228218055ada857ce86ae55a3d77a00870e5354987028ca242729d312c965751ac280b79b6fb4c5567b30c8972935ec3c06524ecb4f506dafa429d62b7973a01c24d5ab704df79bbda0b8cfced1d7fae36b662818da0087430e01d2dd636f76175b479ccf92c573b151b8bf1761b7e9204ba17f87677c7b5ff08cba04051260f421d1a32b7e0dc320af45065966dbf2241bbae1f8619efcb2b2cce36bfe0dcad76a553f626aecd4d6920e3eba8beadf82f97d53178c2e3e528d3222032892bb522d33e9569c53ad877754761d82bde562bdd73b389fcc477aed96e76210188f5cca71dfb33b27889f95073427094611ced3bbad2cca89ef10b084e5209dd0c1d6fca4e09355012910d07d53d74e941593dcf7f1b99ac5833944983273cf770a1ff413009668ed12c9786b2b43dd0d71579392bda90db992157d9f08cc802cb5bcfc44690610c01bfc120a29bcc9f845c255515046dcee799d41ace3fc4327351aa4bae396c3205eb3ae7fcc53345408493985bc7a16b31fca83552987844f1f071582b9595554fcb79d909626c0bc84d99c6899a48790864b7b18fa0742197b06807d9bc294f088a27fe493d92ba5a733ae8a7ec5f6b7fa07988bedc3dad2984fe3f2ea9b3e00f666a8a1e8c90aa4dcd017cae1a00a09c6462e1899c1066e66c053263c66f77040b2a93d3f9dbebe715f1cabcd961274b0ff943c1b8b75d38b133a9f830886a8b5acd64d8660b7b701e0e2764e0cfa4e6f374ad5de5e10f3bed2fa05ba17d15c4d354453e684f5e877ce4b1d7a6456263147b55063c128a0595d3bbf6ea3715c305a8696815af1757306a6ef5f39eefe33d192afd5a02e9284dd3063d010b3843a3d6e65569987a008d61628a85988c707465c725b584d3d2044d6f3d3c6cf2dd96bfa1b06a49d945daa2de7b34f53bfce6cdd930dd636525d0e34e65d027cbed97ff239940238aee6bb3fa10a2f4c1a91102d47894e906cb56084049b15907360631a16ed2863e37daef3cf06c6f5998317f920b2e03f40c6b7eb8cd871a254f59314f0e1fb585da8a646a6a47e55fb7288f45afd3cd999144ab7150c24ee5a2a59e917a8c80967e021a0a6fc96873eb1a3eb3048ab754198b95275b72a2a1e065f3227b9e9e16cd6966542692b2bffbefcc73167111b9219d094ae4e79fbc880db14fc1dd6e91249cf30f0806baf43deb92d34db7f49b7a5e77f335278dd47c7b8f95719bc3ef5bc8396162bdca957fbf415c2f5cda3cae751fc434e7a8920948c56909342f7af3b5d10129d5572349f5aca1868391d9fc734cd223182e003bf44595b0668f83d00e7a8108fded92356ba1eb28d383e2b4896cdfe10542e7cee6cc9f95d66e78b93430357194d73d8d218656e02a03a7e15d0c9626c4f6b5bb5079b173766ebfab6487161ad904558acf2f2954db2f10e4933edf9e98a87dd18c583abe3018b48b3c9dd5e05beb2d5b0d56af20857ef4deff601fac4e05efac4ef73fb93744b6871bef143bad8c81642e04257ce6d04e4a5433e2fe09874128f5ef394bc49f2f68ac9e0a88384b8d31e4aa15bbc1e94b762ea4277616ea1e3dcdb4a8ea5da936e703b15662a015eeb060cb56c1135e445432e8cbb7f91120f5e610b4ecb9c3fb02670149210d6913f4a8a86e89ca0dbd9d8e74b51ff3563aa1a5e909f4283a98c2b437737aee98998c1189fcbff0e93ce6c1253059be0b5fdcd8d271e90dc970d9c435e18a90fa3d3084c40c18709ed62b81cfe9f0b926eab6efe1b4d518fe6d5e1745086892340bba94a5b183326163bb49767ea8e135aabf5589ddccef7edb6e42622598381bbb479585401e23fda593520907c04f53a58084327d281f42e49715301dc80360816c625bdaad2a8d47e0797f7061240d2fcad1170e1f8c1ba37cf6c4c166006e77849cd8b59c85bd32a5bed00a0b664d56b280113d563be3b1f527c7ce350c00a097e9dcfb8b6edac0cc18c5d2b94dc7a0f93a4277991d8e226c13d2457089e69c5cf4e909926690f3d7c7a175e8a491ac947f5acd97ab0ffaa6d2bcb0d15f1f807be2b79dd3d97a37169a5b403169efc73ac58dc6bbc8833e03ee9341729246269ef654b21db0df2df33e95caf9a77cd7ffe1f93d49e91f20aca3c1f602a3eb04e8d7e744a6a8826f5ac34f55c2f570a30b69660f955d84b0ca6133f86cfe105e8a3579f3799baa75dff13533bb851e81942766431a94a57d4baae0c000393912b8d6effff86be80ff50da89c66c623d08fbef3ba8344d75a5a00e328d031f7e25e306b3f77ef418865b108269c91e9c2ebade2640f88d3694a3ad42684aa52eaf25ba1f47cb7217373295684caeb19ace7d1e55c62a8cfdbe165a147da7b3de81bf330a6f2aa294e067c3afc7f079010641ab7db9983a449e80e34c4c0ca5ee7ec156d6e5de64b010ac16dbc614538bf56baaf4e6a8d4054c9cae8489d2afa644ce736908ea75b198856348ad34bd67a2eaf019c45067514fc799d6787c5e088e75da6a9279016427af54dd678492452e23a9e2d83a200d035543e4da3ce71b83ca8638a535140250cba762f7d8daf043c7adbe05f724ec7b6f844612c37d6fcc4d2624c8325de0aa9434214f6b7906e6af7d3891109c49b7489887eab75df4554d90f255f262d5230a38e0deba33007e2f7b884eab7ffacb81a23b3f094968c6182b2a7ff52b7cc9b83d36a5808ba65f03882faf3c3da2765e6ec39dcb6f4e6d7bef308fb627287bfc12e032793d54423ebcd462108b2c10738b63f7c4dfdc7ddb3a62d3d4fbdffbdc9af70bb91c9efd7eea3916c9396197493d15c2e0701aa4138e400ec4ba014c407608e56bc1c49f1810034ce863a315b6fe0a2fc8b9a8753fbd270dd69cb4eba27f1f0ef22d7df58a9010d9960a989729ade4dc85496aca261d1b8c05deedb0662868bda827ac1ccfb4be3b7c044c15caf448db5194d83fdd72f4521989872f54d015c19bd5bc7cf7b8a69fa608fba04818a68c0dc71ec8ae8dc618c6c55c4f823b6151acec7eb09f497ad8721b3311749dd07cd74d312f45e470c6e73e53d42f5bfc5151f05e4079bf7eb625b3c525eb97f3b1c6f0fac783b5b5fa55c7638262214a257be1ae4ccd10273e317541dfe81efc1a89e9d790889e034f6ee2dfc0b281ade62430c2b93d7f36886869e483ba69237a71b99889fda335958c5474db7cd1b81fac0bf05feff0903c69c4d9f184b53a0331d3bba2bd54e6bc9d1a0290328ecd62b2e43c7af5d618aefc9c72814417b22ae24661448d81545137a05629c6b9456256f7d76d60d822e0b7d44f1b820178d2c6dc0eca44306c3ffb77b5489a65a02411e001c6d6faef894611de94858f5720e905c82225a5e7d6ae6de6080dc5cdb0ff0023eb43f5a3292035ab6df96a4adef51f8b0112d448ccf5e8dcfa9d09e4ac09301a14592535ad7193346a25a402ff48116059f5c69fb6be7cea365e152f448d74bf84e1e55791de259bb6d44dfef64bd9c70eb29da00a4a5e9039142e59d375d6c3f03c23e2b3c59e379c7748026d146edbdaf324a39c784ebdd8ace1781b07071b3389db0aa98c67d50d01075bbee584eaeae66fb614579fb7ad9aa865e8817873921c044efbece91cb0902bb53c21ad35d59482e61b67da08dc417c458309198c1501bc6a10cc1a24b474cb1fe68cf81863c28c4aaaa2375203cc2194e8f95646294e2f3dc3a4b7b2a405464d79f302b7a18394c239be7ea1066b78671e4ae6b3157d7f246511cc2c3b324836c774e8e1be050ef2aca3dc8220da55339db3008eba47363f04ca59b903a598528e04b72c85e6c377263c84fab913db4e9cab469bafe09e84aaa19a666bbd86a22ad48f536050ad6d0d59374da8b04119417eb07a8d1ff9d1704ad4ee085f03777700070241e6aca91dbe511f003bbad6658e7bccbddcce77d50eabbb0ee8203c0682b98e2b147b4bd46d89039ad102ca0760148728edec66914c17b0d5a4d0afa606c4a07108c2c8dfcd7173246f49f6ec9be94cc3af65514693600bc743417bb37c17117faaf9575f273b96afdd1195e4ba006099834bcf18918d7fee32e7320cac1092bf4bc9138871898ec9c80c7c089ce7613187de637764d78dd380feaa8fc9f1e7f8c740b75b161c56307023b8d1f3f6019f2f9475a10ae871d02950ce58b2d1936ec288f22ab5dbdb324116a566ccd141f46633951878b2b8329bd00fe5ef339c82e1ff41b53e4e7cc5b50474e60eafba9fba1851cca652a705ebd2661ea7b8e1c0b8cdeec2
"1781466620"= 504b0304c90da3b1fc052f6a120400000030000057dfbe4f62c7fd005fb5184b749a521932500c6e36750cbd18ecf31d4f4dacff32af95971262b33710ffa461bd774c05119b02569ce8a8d0a4f9f9d99bd51e577a41bc9fc8512d05718337d5409324eb7973151b9680e4b0bdeef74270b882eb420946b7b8b40862b9dac9cbf5a56ed8568c971101f6734e2b8839d84e1778d29918a522d11b349b1be5eec317e6d490c16c1a51d921b47d2d13cf9d64fe92e0d09b6f80680d8d36fe8ff62dd3048af7c85faa6b57e858e3b7bf6588bc5287ad7fb395cfa2bd08ca48d88e6e979eaf922a1b50d44b907b41d7f677a3dd643e04fb52b0ab709b83a9de68a4fead992fdfb3dcbfad3affbecb689110bda87e4f546bd03e5f97d85755d1bfb14fc0d2a03aaf7acd326a91580e0ddc3ae0e2e5c538534f2392c0639bbdeb336ebcf4509566f1839f940e0719f99bb17d1741a1b1441aa2fa2fe091d1f37d32d32c610ea70cb093770d7ce76712d71530a85276cd7377ed3dbe556f3f755000c19981d3cb109c1142a5657e7c89bf1b429820050df6b56f17cbaad3709e786fa3566ed4dcb33d87416dd2dd561ae2c5cef21bac9394b3f748d101be50098941f942150de521b37631f0c4dae3a1075130ee568f9813fc2cf60b57b3957c633c8f899d482881f9302c3bb20bdd291e889d30a0324512dd1be329f3e8fedd2a3fcbc0c025c01b32acefe29e92ce1c420c5d0adc32fc850762eec6c7e6a19b5e50ed6653da04d744496ef47c9e3ffe3c8943f699601c6ce42b368838837c5fe662563c78f4699328a69479eef836e372aa78d88d09053d0de5e8f767f253801269adc9d2572b26e6b5ec6f70b7cf1584cdd6c5b25be3062cd6d0a038141428a81360a742f94a45c66d2c2b7fee81b0127e6ed2a49c62fa0ecf00bf527bdc6f6f2ef8e994bc33f4eb03b50f3a4d91c9fb3ea4a78de1a74b16a4319c7cda11508c79880ee7d20341f3ebc0e4c2e05c048d837aa216ee81ec96b17c3521f5844b1e8c0db51b8fb2d5ee1a805d8a1c07b854637922bd1159968778a9ad7aef71e21f994b751ed50583199c2eff454852be0a4eb1376757cec6be659bb0387b06451b1a080079cd8bf27ae308a81f929265b71292a747062c3c321bd964d60bfd272a92f7f9bb674d7f31ede94b396990b6b1777dd0c3e975709cfddc885cc51f5667baa2618f7fb19e02e223e3313e7713c2fa526dbc36a41999aa9274b68906fba6c9d271e54d0114ebe5fa5f85cff7274ada3fcd59377fb153ee06fc8c5c1fbbe019245f4ef6f48f6948b0d60cc69a75a446d3fe486a97c0573c8486eaa624ca728f187c4725d8284886c32fc3a1a610a5d4e8120b69632134639e24c8a08361914e2ab775cb27d1fe8b7b6ad85d6b77ff469b33b1a8afbcecdcd2a687aac7a0843eb48b39706f462a547085fb2abd9a94644f5d70fc8786065a9e4f91a729ea801bddc2e63866920816
"3518887414"= 504b0304736b0169f6f5bdd1981700000050000057dfbe4f62c7fd005fb5184b749a521932500c6e36750cbd18ecf31d4f4dacff32af95971262b33710ffa461bd774c05119b02569ce8a8d0a4f9f9d99bd51e577a41bc9fc8512d05718337d5409324eb7973151b9680e4b0bdeef742fb6b81eb420946b7b8b40862b9dad1e8c7a5dec04e6c8e0ab4456e6f28ce14f51f3725eee5b20d7ce662c02fac80128ae38637fbf4867c17c9d717663da6767d89c658fdd74fb81b03ebdbdedea7491d2a3c133ef493731b542604f4bebc69fe2f02cb40f9b3b45d29a40a4a1487d0b71dd1b68e821f40084b407b25ee87063b9112ece9514914c7d4423b12f045b6a22d150d28f78c844b2c079f1b78200055c5fca3e82a972455517bd3c9f428b164b89517ab47e6b447afadd38678b857bf838eed34321eede6905e27fd8abfe7ce349b787f2ceadb45bba2f4ea19e70a8a2b5c4f0c177936117491afa1edeb5d5afc2e0e384518db1217850b7eac6ff9df99ed5e1416fe1b93fd4dd2036e8371d5e129993e594b1bbfe0669302928bf5a268e0f4aa93288eba13bc0125cecd46e2906e1d19cd2d3ff14d1b1ffb50ac2b2f5a28df9cb6c2e32f23d6a4fe0fa130be4dba875daef9cd943276420bf4bcfda157a87854590b71981eaf3fe5114e13b51b9956b7586105a81290a7f974ae78e9c5e5305e55b90536d5da9abe3aa6d3d7894737b70914e304c895aeed4ab7aa36fa2b8e5a93a3220506fe29a7d9a60c146e7edcf95ede9f5209637390b061cde231782f8b2a76cc12420afe66c666b54c8e1de9c6d7b8951184ac7f5b77d43b0a93628520289b31b01687daec69134dc85036e82c4f8cdbb84bf893e3d9dfa8898628a43ef08e2a7f442d85e85b083da10c4a48fbb1886aceda7a00296c79c3661b3e6c2d7975064380156ec53adb7ae23bbca7c0efb04863da781aaa195e7907760bb6ef0c1f326f86e4c65616b48513ac1bd36b25480b4b768869c05673029a83a23390f3595fcfb4e4a02fac243146e3a585fa83e91fc142be512a930f2cf296440b42b78c2880f0ff81b398ed373d287e58c5d313b3c28b43fed2489f2de932d5772a2233f3d6499e9e8754a064e61c5297c7d0913fc35baa83fb3c50e415d439f5d925e865435840b2aab80bd945f071db917a602d389ea2e3e4821423c5f4b9c3d04256b28d804e2c3dfd2a3b56cb4562f16616747f6f4974df1671c55e5c585cca7da509c73e567b0e19a1c9e7ba63b5e3fc82973179fb5bbd290612437a66ff92397e2024d203103a81238b4a2db552f8a252756ba784603dc7e1ac6799f1392a037d0128b6e82e0eb7907b10a097fc759bf0a26746e03a5cfb6cc635b5c3ead1266b4be8598a1a440e0ad49f4d4e0707e697a7d50fa766b3b03890cb4584bb70ed819fffe467b4718295d4bfeb9f1c454ed3ad402c01441828cc71e6330f160d4e7d4595c440b3f8ebf43ce4d3579902f00666d62d00eea6e437a3fc99cbc1588935db5dddff1da133827f8329106f3ea7bd9e4850f6b7c2679e9ba5b8542924f2054d089c1bfb27d94efc9550cdda928b972f95da7a48039874f81bcb02169ba4f35b12f420a3b086db2481027a637b789e88ab2287712cb3690d698799868450fa9ca5f7fb2d9980c25362be8ac4830b721795fae6c7c44971cac88cda6fc2c56df6d011b7e563b2ee540f6ea288f2c62f47204c9d944760d7d8a009f0c8c41fd43d1eae86e1c1a1cff7d928ee40ab435d8ba4fce63aa83d67e9095b26eb235d2b70271699209cd956fcd5bb44f6f2987a35057d4535d107764e9fb9b42514aef835272b347f56caf82feae78601abe447535ec9f0aaada05e688e468f66ec3ae7418751dae58a7d2fe0e4ef52e11396cd894c31ae9186e6f9cdd05a66e709c25e0f12bb2bc2e76c79a4ef6af794e522791da444af63073d3933053e2dda8b7a5fa9f892a324465a922d83d20b4a293dc0bf0e21254bfa58a9ee85c4cdfbdd09cde9e5c942655f3c8078aa42544d75ad310fada908142b3971f387103f3c959817ac23479bb7151c97567d388be6e5b58781375c65f52c3382c2294829e5ec2bb33721689adeff8fffcc34e4e7c409b82070a3d5876f0c90018600c2deb148a45fc8f2441d921276e39c0049b72e5ca8037953a9c96f1da6150859b9c992b3f8735f383b8d81e27b9e5a876ab04aadd93519606d13824f27eb090bf13461ed0c8314fc93ba9a8d18c5724d18628d674455a3fbe35f3d72177f252c303313636619b6cbb1aa7495ce886ae790de015c8ee29cb28a0ca5602360f427decabb77a49d204f98ab7ea700f9341c0bf71829bf33f4cdcbf7ee06581320c766ea588a380eccefda8d8f6a669334f0561fc75f199e1e3b3b094ff6a1593b3e3fbe7329304aa06d28744aa7088965416f097465e68dc9b413123f45dadcf67cafdf5e7b655ed4e2352f27a969b3dad5a37fecb4b73de6261cc2a6c64c8d0aeaf035db33d77ec5b6f2100af86b06a56698ef504eff99f4d06c0cbdda2b0b0b15ca9b48df92be6c6c8deacd71ef16e6b9bdbf25e403b23fa3a43d2d3121e95310c451242118a7a4d708aa70aed759dc3a830660b24c1beebf01b6b84aa94cda999d6af0c92f71ff232d83ee1f3109074d716cb1458067a8a2e0c633a527e1df46a392bbe35dd7fb26433e728c0a8df2d0ddaa81de445c6b06cc40ad02c78f3c6fa54f76decbf41841fa4954e65a7e027b018152148b0c30b16de2d2552de793e3964d74edc266f9afbc4a300346d81e6efcf636b9004a0f8f81e84fdc9bc34ed6c9232c1652964a6fdee5cab0a2c9f845c3b4e3536808f7fd66644d91197cf4dace416078a0b6078a897f696c2054f0eaf5dda39495ea0c804f7a4be30e97c8133d77e69ad85b0407673ef2bb186ecd253984a0051d5f2ad19037c83461a699fca9348087e32ba2acf63e39b112e0f3cd936749bab8070a85485352e435351bf19b664420b1a332443f96296ec980c72a3c646d6c80ceb3c45965daed78ff1366da8fce39771d75d997711d6bbc9486f36f6f48cc5b0c014d26500736e0097590212b04b43665838b3547af369d04e52513ed60e396ba9d4b9f8b7b8c8223f730513e9ea20fe6e8befa56fcd9cdaa42ecd7d498db853ec4ef0fd615fb85a521118af1f96e7552fdf287f6b35a28e7714c0310024abda1f07e918b8622eea24a8eb32797d708d15c6406dacc26be6b6f8196173875d119188acd49cfb8663f9f693531201572c0de4d996fcb9e47ff999caffef87285245934c916b5eff308f8aaa0a073bde32d699e8b66a7600001e930e475d84da4b77a780abb5b2516d60f7752e83646a37e1bcb395325926bc8dc0ad2cc21a8d96acb134f69093710902da15417d929fcfd6c7c77756f83000349fe904594aff69dbcc6dccd1f2c8a5ad33626d5fce069726611a008a878f38afd8b03f8b759a8620070eab5ead287665a8d99a4a7e60d8057c135cff8739899c5f8ed21a59e642c03381ce817fcc84be771daeed160d838be914e2f30ee4600a9356600d5050135e1e9b23d198931edf7fc2f7a4eb778103c1e5fc7f1b14bc5a18d76617bb243389510ba16717f18cdc553eb617f7043b1a8ea35094308388d7b2d3f10ea6867f3d8fcd5ff3ef33e55243dfcde4e9310cd1bcc68c24d028c2a9e322ece6058c4483189019ffa2fd7086b1889dff42222a5be59eeca8e0b2144de59a4a20f75be683b3cac38551cbe58711f9d5263968a9c9fe91b575ce5f3d3d72e1b9b3c2b8dcaee7c71536a11d2b78d0c42dd32610060f56e34df0a25f501d9931c6110ddaad1679d53347005b2ddeef846332f862eb775129f105672240e79c3b3ef8eb557e649c6d28d62eb191e8fcc250982a5ece17426a73d72e9f0d90251ec693d4051f17ec02293fab775d8485e52bd9b20478e9cd47d3418e2d44039577a8e4a6240653dedfd527db5524ddcff5219b82235aab3dc6618c0d51276fac13033524f151efca21f00cec6532d6c7f6b8536da5a8a09628eedaa735a7b3573881131d9806386de22f77d095051dfdbd2671bcd17300d5a1a73e3e176e20bf85893db110df52f843868267a0ad7bcf83611917ccbe9db27d22806b41b51bbffeafd48444eeccb427a55a72bd12ae05b351d6682f3d37cf43ed61d538614b6d4a9c5ba8b5d8ce24789d495a25f94f6c15facd726ea1043ab2a57b98395e37eedfdcc8539fc12c1cc8286b1c6afd83361df45a1292be8b35160a6095bdf68d1b89039b51d717423882a1597be4196717d3b064534d3a41f6fbaf346bb553bd45abdeef037a2fc884476ce3d67d209e8535bf1fa5a0c2df1b6658df8004ac8ca091bfa901f765a8a08174d18a515313a9c7534e8c6c1184b368ed151dd7294081b0686a9b7ff549371ce1bf2794a4c92698aa4053c149ad6010d721dff8da64b5c00483b044a134b4f26aa49f4f150411dd2b0e411253a5c03850d6cc8c8ee961320e43733a62d46301d2e25efb1f15b0bbb7bfc46d10da89a3a29171ac3f6e53f94aa51c99bd407f81a809b53a68c4a1af9cea5c58c4e696cabf55c12cb4f018f11a634fbc971ad601b420a05847479601a59cb0510e0625b87f8aa16bf57278bad32fa586b30483a4971cc11741e3f2f8f6e7b3d6d16e73eaf8ee45c5df471cadb7ff4e5291ece73acf05aaa7cede4edf913334774606e4bdb814feea81044f51b16736fae8e47449b6cea9e4285a5c42724a53d02aafe360efda8912530343478477169bb4d81afae7f3926820dfbe8896831458f0cc5948114accfc3bfe95af53f328323049666a1f311089fe459acc283e256808b0bf53615acd77464a3ce8b93fc1cf83515e64f8cae4c429e6214d8b0168d37b40875b157588c99b99f4441429252661fbbaf39c08fce0f68f5d53b16fc9a8d73d1d55f8a04b4f27f5cd337bda4ea44ef23736eb50a0663b0ba8fe30abdfd0ed3110b078def68f41e9a34ad1f6dd39079a2095e5203aa78e665213e641f59bef71d91afa921ed8c87f597b845ccc1d53231bb9035944093fe409e9a22b057ef5192eb5e9b654823e6decb28b27f297cd14d7e095166481d7314686ee8f61ab7c7c196d6d869e3099d5cfa59bc3e660dccf14268662376f9fabb010018ec7ee9a5b07fe18dfc57df9fbe3877c4d0b67b21ef02237cfb6185c7e7885aac68fafab47dbcf5cc4860c247de0b342d824601ec90ec9b548766aab1b457724114c6f9148eaf83c3dc4e8f2b156031a1e43dd04f0b815ffe2183c6b174a6862876c21eb7f685875368f5ae83a46f4b330cfb4b19889b4d34f9152e8135aa4e1af2e165fe54c45c82c789a23c0b47abe49572ad971a2226b40fb09ca949d5e5df9d859e4fd9bb0e37e4784961c7521b785eadc0565c38e162bd2e3185e8af8de96a81c263fa96b6716ed4be287075ff71d48e7643f1e8de335c8ce5da57488e835fe3a10458c6d5f16deaad57d0f32f96a226ff84d3eeb4b8fea8c3ee4da7aa7710782c5ec2ea3da379c404ef5dd884dda303676a051417bc666665877e9840c9d89e6fb6c2a113d0ba2e0b42010a28578e469847392762483b98b4d465fb29b241115b0a96b3f0f82ab100c63ebb774e62a0381c8e47c1d35c13238995ec456d0f852d2a320813282979d09597ae0d61c7f99600aecc92c2c884eb72108fa9906f2f6669bb41fd0605359ee61ebd5be89a0456ecd47ed17fbbf4903a00c7026453dc6eccac0b37c1bd74c5f95da60d8dff61a2921de0af3436bf2a3df6039d9e0418bc64ab76df0b1904f9a870225179679aa30ee7b82ca6c1d838f66e9783d9399c9c61e55f0e6954b301a0dd3ec3a2e39d795f8ad31aa0d90154abd24a47fff5aa2934212516c52d340eb6d148ccc5933a9fb14ad335b2f1855d90dabf8af7a65244684e8e29081bf6aa37e4bcca1e7deb4fadb1768f141294ecb1d9c3298ad0f332614ca3fb64c92f92d3ea085ce810fc75b34870f4dd06b126f43e0f13ec4314ce762b6dd97093ae542446d17406adff089eae7b1c08d0ce8d205af802ecc4946f51a9c58d0719bddc38ef755dd0bbdeaf3c41de8f2d6a9b0cd1619276cada9faafaae0f9c856573b3bb646a4b3afdaa11ce836d9a3a673972b7733c5f45098a286e6b2f5fdb6e46901a47f1dd8dce2452f3937063825389ae08b9acdb358feff0fd45d7b18e838a6e113935316ea3f71343851933ab80df882760fe5a534723e55cf57e0ca089d78fda91090990e0dd4a1f2d91d0044e210584dc29d1b61b6644e7e58747f0054b9de5b1145e4b9e66808374476121c25f73f989780bb9beca60b1b20a3b7240e15435bf76f375f1616fe55b1575d738154a3e78877ea8381a2ba7242d2a58ee06ca1b09c0e86405d29b721369effc14abc27b5e9d4891315fefd448df7209ce7b0ac4675de696c37c1ba5404c0ccfadfa7e360dddacd722b48ce30f1494abe35d9ca30b9488b436dde267f93522a50798ef55f6698f041b2f759aba9099bad4e4912a48e6bd0b2a2b32748d170a7cc276afe0d56e0e41ffb89859d6b20a08870217f13cf879400a68893d8ddfd373d86b2d8574f399e942030e5becf224b480d3df3ccaad9c067635665da54b0123a89ab54d0d215f4473ee0efed6e44f987a9082cb78295362cb17fd35e2e2f078ab8088a422058a794749318560f04563ba663e58ee05a1153441b09ea39c5ea736d3200b71d2e6d79d346f9f86a00639830778a6d11c36fd6527b100ca5cadb86728987db00805aefe9406fda00c8ed302ae73846e55a9ee3a9e3a1272b045fa34d0c7a0459238ebefbee1077faf8c89086e4d26ba79ecdd6ba2f04e06c87873e2dc9428643dcaf28c719548a8a2592542561a346b89990096d068d3ac4ac8dbf9146dc90ea03e8d46c3782c7e2e3326e37c055b0274f2a25f0ef4ca516f3c8afbd0bb94e9945a13cbaa8ae355b03477b900d0622bd1a838fd2668226ea2fa467f19241325a8961c07851d66ad889b9958d518a78428d89ffba2c9b0737928c3cd40406dfc971bb159a3a5e64fd44eb43ac39bd6ca33ca3c6f2d6d4a3e1aad334322a873c58a92a384ca2e051f48d2676e3a21d5b10362dbf02f97e8d99ffc3e88edb6191ac0990015c1ac05ad1b255e1f2b2c13802057dc3f7749c1ac9f87ab923aea3b83587bcceee07a9b91b414935bbd1094552c0af2988af4ec057a1b87493835675db0e3d301e7dfbee8f2ee4445571b1f02a82ecb0f48d788b3e90d93f6a66e365e7753d8668994a406031229818b77fcfe7aa4ab900a9572b1939e75a9403b4a1b11eaae87c7ce1f92ae1c3b91d6c16fe1a903dd9a82bbacf64b509e7791f2a1d345b552a8acf38e8b9f1bea5f2f612147d5f816203f1b7680c815390e391e56a2670cfe2828e3be95fbd10a3dcefb43a3aa802d3120bdab4742a40d043c63bf443f600a433bd5219e6fe431d02cb5bf106dc0dc903d147341bffbba09a3350a395ea109c311c86ce611dea70410c0d8779212d76246cef326d94c390d1ccf649d4cbe7e768d996de359a37781fc762235b0a73dbe1694b83c1171e0f1b9b410161421764301267d3ba855d49852a03523f5f306ce5e70bf8a3759d820aa9baefbb033ac83de502d52d919e028ae331318d4fbf02f1614e1020e570f78097ce3f500d29c3c00457001c9d29c05c9e0f529cca8f84388ad1763f2f0544f16590434560a7347f25056fefa6c9827746d2863deb779bab6a5e2a32b432009bed1499a139cef4e02b72bae5fe02e249181b9186d02be799b3b8ed99c204c527bb0fae7eda3e7ed6cbe3cf0fec0ef9090e89947877bad5c0a6ba177d35edc284ad83dc1182a135012be966dd8e731de664a8fb8c24abca50388f457aee8913f89e5e42eadc1924b7b357363d86694b5a9eb9add8dd0ec81a61f5042a9a331ee131d39f865e66fa5c68bdc389bcff9704de8626d8df84ce85fde68602bcdc4963e247fdb8d50204b34d760a7c86e18f6a770ee864bdb364ec7e34cd8f24062bfe5b58b09b8a64283b8fc9467b2d3e8f74654844047e06ecfd422cf85401c9b006c3ae9e882a7d1bc7a65afb20942ee97ff4571903fa56943743118d7dd6f9ba39e4fe91b023077550b65f5854001897fd509a7b624127705419c46f4b462081abdd912719991dc5ce220e8acfb6eef7e6481d26d6890f0bce55866d7264c10768a06167828ef153cb1f0e26aef6b36f94caf3962336e11e0879d355a95f216ea5bad7653d4e68115120b09a953fae2dd82a281087d9d24271b9d020eea05093fdf4cc0a443ff5b63a2c202d42e485a318630a11bc4c8a6233bca7ba371af771b7179d5df8989bdd85d06c65327f1632085d433ee1acadbdcfb02703ffef87c24cf34ddf1d16f2400a7c6e3dade91d2a519657faf36b32614d692f52abe006294009f87eae07f3600444f26a3152ec6facc666954496f5e992f1d7ad27f3fdd80b99e43cb2e531c7f028c92df8b025976e50922497546037156b7db351756b78ff0
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\ GbPluginCef]
2014-08-12 18:20 1736008 ----a-w- c:\program files\GbPlugin\gbiehcef.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux1"=wdmaud.drv
.
R0 Bhbase;Baidu Hook Base;c:\windows\System32\drivers\Bhbase.sys [x]
R0 fecf2f8c592ffaad;syshost.exe;c:\windows\\SystemRoot\System32\Drivers\fecf2f8c592ffaad.sys [x]
R1 Bfilter;Baidu Antivirus Minifilter Driver;c:\windows\System32\drivers\Bfilter.sys [x]
R1 Bfmon;Baidu FS Monitor Driver;c:\windows\System32\drivers\Bfmon.sys [x]
R1 Bnbase;Bnbase;c:\windows\system32\drivers\bnbasex.sys [x]
R1 Bndef;Baidu NetDefense;c:\windows\System32\drivers\bndef.sys [x]
R1 Bprotect;Baidu Protect;c:\windows\System32\drivers\Bprotect.sys [x]
R3 AVG Bonjour Service;AVG Bonjour Service;c:\windows\TEMP\avgcu_mDNSResponder.exe [x]
R3 BdApiUtil;BdApiUtil;c:\program files\Baidu Security\Baidu Antivirus\BdApiUtil.sys [x]
R3 BdCameraProtect;BdCameraProtect;c:\program files\Baidu Security\Baidu Antivirus\BdCameraProtect.sys [x]
R3 BHipsEx;Baidu HipsEx Driver;c:\windows\System32\drivers\BHipsEx.sys [x]
R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [2010-02-01 29472]
R3 CT_QUALCOMM_U_drv;Qualcomm EVDO USB Device for Serial Communication;c:\windows\system32\DRIVERS\CT_QUALCOMM_U_drv.sys [2009-04-27 103552]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys [2010-11-20 62464]
R3 esgiguard;esgiguard;c:\program files\Enigma Software Group\SpyHunter\esgiguard.sys [2014-01-07 15384]
R3 EsgScanner;EsgScanner;c:\windows\system32\DRIVERS\EsgScanner.sys [2012-06-22 19984]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe [2014-09-19 108032]
R3 massfilter;ZTE Mass Storage Filter Driver;c:\windows\system32\drivers\massfilter.sys [2010-09-15 9216]
R3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\MBAMSwissArmy.sys [2014-10-29 114904]
R3 NdisrdMP;NdisrdMP;c:\windows\system32\DRIVERS\gbpndisrd.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2010-11-20 15872]
R3 RTL8187B;Realtek RTL8187B Wireless 802.11b/g 54Mbps USB 2.0 Network Adapter;c:\windows\system32\DRIVERS\RTL8187B.sys [2009-07-13 347136]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [2010-11-20 77184]
R3 terminpt;Microsoft Remote Desktop Input Driver;c:\windows\system32\drivers\terminpt.sys [2010-11-20 25600]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 52224]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-20 27264]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [2010-11-20 112640]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys [x]
R3 WatAdminSvc;Serviço de Tecnologias de Ativação do Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2012-07-30 1343400]
S0 GbpKm;Gbp KernelMode;c:\windows\system32\drivers\gbpkm.sys [2014-01-24 47192]
S1 Ndisrd;GAS Tecnologia Filter Driver;c:\windows\system32\DRIVERS\gbpndisrdn.sys [2014-03-16 29400]
S2 CDROM_Detect;CDROM_Detect;c:\program files\3.5G HSPA MODEM\WCDMA_Eject.exe [2012-09-18 325632]
S2 GbpSv;Gbp Service;c:\progra~1\GbPlugin\GbpSv.exe [2014-07-22 546104]
S2 MBAMScheduler;MBAMScheduler;c:\program files\Malwarebytes Anti-Malware\mbamscheduler.exe [2014-10-01 1871160]
S2 RealNetworks Downloader Resolver Service;RealNetworks Downloader Resolver Service;c:\program files\RealNetworks\RealDownloader\rndlresolversvc.exe [2014-07-24 39568]
S2 RealPlayer Cloud Service;RealPlayer Cloud Service;c:\program files\real\realplayer\RPDS\Bin\rpdsvc.exe [2014-09-13 1141848]
S2 RealPlayerUpdateSvc;RealPlayer Update Service;c:\program files\Real\UpdateService\RealPlayerUpdateSvc.exe [2014-07-24 23552]
S2 SSPORT;SSPORT;c:\windows\system32\Drivers\SSPORT.sys [2008-01-24 5120]
S2 UI Assistant Service;UI Assistant Service;c:\program files\Connect Manager\AssistantServices.exe [2010-09-25 252784]
S3 netr28;Ralink 802.11n Extensible Wireless Driver;c:\windows\system32\DRIVERS\netr28.sys [2010-02-05 785184]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [2009-03-02 139776]
.
.
--- =Outros Serviços/Drivers Na Memória ---
.
*NewlyCreated* - WS2IFSL
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-04-10 23:56 1077576 ----a-w- c:\program files\Google\Chrome\Application\34.0.1847.116\Installer\chrmstp.exe
.
Conteúdo da pasta 'Tarefas Agendadas'
.
2014-10-29 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-01-07 02:13]
.
2014-10-29 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2013-02-10 14:38]
.
2014-10-29 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2013-02-10 14:38]
.
.
------- Scan Suplementar -------
.
uStart Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
mStart Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
IE: SmarThru4 Capturar seleção - c:\program files\SmarThru 4\WebCapture.dll2.htm
IE: SmarThru4 Salvar como HTML - c:\program files\SmarThru 4\WebCapture.dll1.htm
IE: SmarThru4 Salvar texto selecionado - c:\program files\SmarThru 4\WebCapture.dll.htm
IE: SmarThru4 Web Capture - c:\program files\SmarThru 4\WebCapture.dll
Trusted Zone: caixa.gov.br
Trusted Zone: caixa.gov.br\imagem
Trusted Zone: caixa.gov.br\imagem2
Trusted Zone: caixa.gov.br\internetbanking
Trusted Zone: caixa.gov.br\internetbankingpf
Trusted Zone: caixa.gov.br\www
TCP: DhcpNameServer = 177.36.96.21 192.168.0.1
FF - ProfilePath - c:\users\PV\AppData\Roaming\Mozilla\Firefox\Profiles\6wbyrt5o.default\
FF - ExtSQL: !HIDDEN! 1970-01-17 00:31; jid0-O6MIff3eO5dIGf5Tcv8RsJDKxrs@jetpack; c:\users\PV\AppData\Roaming\Mozilla\Firefox\Profiles\6wbyrt5o.default\extensions\jid0-O6MIff3eO5dIGf5Tcv8RsJDKxrs@jetpack
.
- - - - ORFÃOS REMOVIDOS - - - -
.
BHO-{43EB4EE6-5E67-8B6D-6241-1CD6094290AE} - c:\program files\ssavE net\KTfk2Nj7fw.dll
BHO-{596CA237-7AA3-6475-0C4F-2033501605C9} - c:\programdata\SaverExtteneSiion\_u7d.dll
BHO-{F5D17FBE-EE2C-6B39-D167-233CDEE56549} - c:\program files\YoutubeAdblocker\7vV.dll
Toolbar-Locked - (no file)
AddRemove-ceb30e31-cf58-464a-a65a-af44ee7e0c4f - c:\progra~2\INSTAL~2\{9700F~1\Setup.exe
AddRemove-Digital Editions - c:\program files\Adobe\Adobe Digital Editions 1
AddRemove-{274E3C5C-178E-EAE2-A52F-2863C0EECD46} - c:\programdata\SaverExtteneSiion\_u7d.exe
AddRemove-{7DD5E91C-3864-77EC-7635-D14910C2A03E} - c:\programdata\ssavE net\W6bP0DRVWBK.exe
.
.
.
--------------------- CHAVES DO REGISTRO BLOQUEADAS ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
--------------------- DLLs Carregadas Sob os Processos em Execução ---------------------
.
- - - - - - - > 'Explorer.exe'(2232)
c:\program files\WIDCOMM\Bluetooth Software\btncopy.dll
.
------------------------ Outros Processos em Execução ------------------------
.
c:\progra~1\ENIGMA~1\SPYHUN~1\SH4SER~1.EXE
c:\windows\system32\WLANExt.exe
c:\windows\system32\conhost.exe
c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files\WIDCOMM\Bluetooth Software\btwdins.exe
c:\program files\Ralink\Common\RaRegistry.exe
c:\windows\system32\sppsvc.exe
c:\windows\system32\conhost.exe
c:\windows\system32\DllHost.exe
c:\windows\system32\Mystify.scr
.
**************************************************************************
.
Tempo para conclusão: 2014-10-29 08:07:05 - Máquina reiniciou
ComboFix-quarantined-files.txt 2014-10-29 10:07
.
Pré-execução: 8.735.780.864 bytes disponíveis
Pós execução: 9.363.820.544 bytes disponíveis
.
- - End Of File - - AE996068806CDF7141EA08E254E81312
A36C5E4F47E84449FF07ED3517B43A31
Paulo Vieira- Iniciante
- Mensagens : 18
Reputação : 0
Data de inscrição : 19/04/2014
Re: Descoberta de Rede
por joram Qua 29 Out 2014, 21:24
Boa Noite! Paulo Vieira
> Desinstale: c:\program files\Enigma Software Group\SpyHunter <<
>
> Selecione e copie,o conteúdo que está no "Código",para o Bloco de Notas.
> Salve-o,no desktop,com o nome: CFScript << Texto!
> Ps: Não utilizem este script em outra máquina!
> Arraste,o CFScript.txt para o ícone/interior do ComboFix.
> Veja a demonstração!
[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
> Atenda à solicitação,que deverá surgir,para rodar o ComboFix.
> Ps: Faça o arraste,até surgir essa solicitação! ( janela )
> Caso apareça alguma mensagem para atualizar a ferramenta,clique Sim!
> Concluindo,poste: C:\ComboFix.txt <<
A+
> Desinstale: c:\program files\Enigma Software Group\SpyHunter <<
>
> Selecione e copie,o conteúdo que está no "Código",para o Bloco de Notas.
> Salve-o,no desktop,com o nome: CFScript << Texto!
- Código:
KillAll::
File::
C:\WINDOWS\Installer\{5BAA60F6-577A-81B2-D7DF-90EAB3638451}\syshost.exe
Folder::
C:\WINDOWS\Installer\{5BAA60F6-577A-81B2-D7DF-90EAB3638451}
RegLock::
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
Firefox::
FF - ExtSQL: !HIDDEN! 1970-01-17 00:31; jid0-O6MIff3eO5dIGf5Tcv8RsJDKxrs@jetpack; c:\users\PV\AppData\Roaming\Mozilla\Firefox\Profiles\6wbyrt5o.default\extensions\jid0-O6MIff3eO5dIGf5Tcv8RsJDKxrs@jetpack
Driver::
Bhbase
Bfilter
Bfmon
Bnbase
Bndef
Bprotect
BHipsEx
BdApiUtil
BdCameraProtect
fecf2f8c592ffaad
Quit::
> Ps: Não utilizem este script em outra máquina!
> Arraste,o CFScript.txt para o ícone/interior do ComboFix.
> Veja a demonstração!
[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
> Atenda à solicitação,que deverá surgir,para rodar o ComboFix.
> Ps: Faça o arraste,até surgir essa solicitação! ( janela )
> Caso apareça alguma mensagem para atualizar a ferramenta,clique Sim!
> Concluindo,poste: C:\ComboFix.txt <<
A+
joram- Administrador
- Mensagens : 4162
Reputação : 471
Data de inscrição : 26/01/2014
Localização : Rio de Janeiro
Re: Descoberta de Rede
por Paulo Vieira Qua 29 Out 2014, 22:59
Realizado:
ComboFix 14-10-27.01 - PV 29/10/2014 22:02:59.2.2 - x86
Microsoft Windows 7 Ultimate 6.1.7601.1.1252.55.1046.18.2037.868 [GMT -2:00]
Executando de: c:\users\PV\Desktop\ComboFix.exe
Comandos utilizados :: c:\users\PV\Desktop\CFScript.txt
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
FILE ::
"c:\windows\Installer\{5BAA60F6-577A-81B2-D7DF-90EAB3638451}\syshost.exe"
.
ADS - drivers: deleted 55 bytes in 1 streams.
.
((((((((((((((((((((((((((((((((((((( Outras Exclusões )))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Administrador\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\balcobjiojeggchhjfjnionmhfijepla
c:\users\Administrador\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ipkfnchcgalnafehpglfbommidgmalan
c:\users\Administrador\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\mljffajdjfablplhmclmeebhmighmmdg
c:\users\Administrador\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\balcobjiojeggchhjfjnionmhfijepla
c:\users\Administrador\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ipkfnchcgalnafehpglfbommidgmalan
c:\users\Administrador\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\mljffajdjfablplhmclmeebhmighmmdg
c:\users\Administrador\AppData\Local\Google\Chrome\User Data\Default\Extensions\balcobjiojeggchhjfjnionmhfijepla
c:\users\Administrador\AppData\Local\Google\Chrome\User Data\Default\Extensions\ipkfnchcgalnafehpglfbommidgmalan
c:\users\Administrador\AppData\Local\Google\Chrome\User Data\Default\Extensions\mljffajdjfablplhmclmeebhmighmmdg
c:\users\Administrador\AppData\Local\Torch\User Data\Default\Extensions\balcobjiojeggchhjfjnionmhfijepla
c:\users\Administrador\AppData\Local\Torch\User Data\Default\Extensions\ipkfnchcgalnafehpglfbommidgmalan
c:\users\Administrador\AppData\Local\Torch\User Data\Default\Extensions\mljffajdjfablplhmclmeebhmighmmdg
c:\users\Convidado\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\balcobjiojeggchhjfjnionmhfijepla
c:\users\Convidado\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ipkfnchcgalnafehpglfbommidgmalan
c:\users\Convidado\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\mljffajdjfablplhmclmeebhmighmmdg
c:\users\Convidado\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\balcobjiojeggchhjfjnionmhfijepla
c:\users\Convidado\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ipkfnchcgalnafehpglfbommidgmalan
c:\users\Convidado\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\mljffajdjfablplhmclmeebhmighmmdg
c:\users\Convidado\AppData\Local\Google\Chrome\User Data\Default\Extensions\balcobjiojeggchhjfjnionmhfijepla
c:\users\Convidado\AppData\Local\Google\Chrome\User Data\Default\Extensions\ipkfnchcgalnafehpglfbommidgmalan
c:\users\Convidado\AppData\Local\Google\Chrome\User Data\Default\Extensions\mljffajdjfablplhmclmeebhmighmmdg
c:\users\Convidado\AppData\Local\Torch\User Data\Default\Extensions\balcobjiojeggchhjfjnionmhfijepla
c:\users\Convidado\AppData\Local\Torch\User Data\Default\Extensions\ipkfnchcgalnafehpglfbommidgmalan
c:\users\Convidado\AppData\Local\Torch\User Data\Default\Extensions\mljffajdjfablplhmclmeebhmighmmdg
c:\users\PV\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\balcobjiojeggchhjfjnionmhfijepla
c:\users\PV\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\balcobjiojeggchhjfjnionmhfijepla\1.0\background.html
c:\users\PV\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\balcobjiojeggchhjfjnionmhfijepla\1.0\content.js
c:\users\PV\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\balcobjiojeggchhjfjnionmhfijepla\1.0\lsdb.js
c:\users\PV\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\balcobjiojeggchhjfjnionmhfijepla\1.0\manifest.json
c:\users\PV\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\balcobjiojeggchhjfjnionmhfijepla\1.0\S5wjs.js
c:\users\PV\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ipkfnchcgalnafehpglfbommidgmalan
c:\users\PV\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ipkfnchcgalnafehpglfbommidgmalan\232\background.html
c:\users\PV\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ipkfnchcgalnafehpglfbommidgmalan\232\content.js
c:\users\PV\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ipkfnchcgalnafehpglfbommidgmalan\232\lsdb.js
c:\users\PV\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ipkfnchcgalnafehpglfbommidgmalan\232\manifest.json
c:\users\PV\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ipkfnchcgalnafehpglfbommidgmalan\232\Po92VKCaQ.js
c:\users\PV\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\mljffajdjfablplhmclmeebhmighmmdg
c:\users\PV\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\mljffajdjfablplhmclmeebhmighmmdg\5.14\background.html
c:\users\PV\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\mljffajdjfablplhmclmeebhmighmmdg\5.14\content.js
c:\users\PV\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\mljffajdjfablplhmclmeebhmighmmdg\5.14\jCiRh5zsPpl.js
c:\users\PV\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\mljffajdjfablplhmclmeebhmighmmdg\5.14\lsdb.js
c:\users\PV\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\mljffajdjfablplhmclmeebhmighmmdg\5.14\manifest.json
c:\users\PV\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\balcobjiojeggchhjfjnionmhfijepla
c:\users\PV\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\balcobjiojeggchhjfjnionmhfijepla\1.0\background.html
c:\users\PV\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\balcobjiojeggchhjfjnionmhfijepla\1.0\content.js
c:\users\PV\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\balcobjiojeggchhjfjnionmhfijepla\1.0\lsdb.js
c:\users\PV\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\balcobjiojeggchhjfjnionmhfijepla\1.0\manifest.json
c:\users\PV\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\balcobjiojeggchhjfjnionmhfijepla\1.0\S5wjs.js
c:\users\PV\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ipkfnchcgalnafehpglfbommidgmalan
c:\users\PV\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ipkfnchcgalnafehpglfbommidgmalan\232\background.html
c:\users\PV\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ipkfnchcgalnafehpglfbommidgmalan\232\content.js
c:\users\PV\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ipkfnchcgalnafehpglfbommidgmalan\232\lsdb.js
c:\users\PV\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ipkfnchcgalnafehpglfbommidgmalan\232\manifest.json
c:\users\PV\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ipkfnchcgalnafehpglfbommidgmalan\232\Po92VKCaQ.js
c:\users\PV\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\mljffajdjfablplhmclmeebhmighmmdg
c:\users\PV\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\mljffajdjfablplhmclmeebhmighmmdg\5.14\background.html
c:\users\PV\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\mljffajdjfablplhmclmeebhmighmmdg\5.14\content.js
c:\users\PV\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\mljffajdjfablplhmclmeebhmighmmdg\5.14\jCiRh5zsPpl.js
c:\users\PV\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\mljffajdjfablplhmclmeebhmighmmdg\5.14\lsdb.js
c:\users\PV\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\mljffajdjfablplhmclmeebhmighmmdg\5.14\manifest.json
c:\users\PV\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\balcobjiojeggchhjfjnionmhfijepla
c:\users\PV\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\balcobjiojeggchhjfjnionmhfijepla\000046.ldb
c:\users\PV\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\balcobjiojeggchhjfjnionmhfijepla\000054.ldb
c:\users\PV\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\balcobjiojeggchhjfjnionmhfijepla\000055.log
c:\users\PV\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\balcobjiojeggchhjfjnionmhfijepla\CURRENT
c:\users\PV\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\balcobjiojeggchhjfjnionmhfijepla\LOCK
c:\users\PV\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\balcobjiojeggchhjfjnionmhfijepla\LOG
c:\users\PV\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\balcobjiojeggchhjfjnionmhfijepla\LOG.old
c:\users\PV\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\balcobjiojeggchhjfjnionmhfijepla\MANIFEST-000053
c:\users\PV\AppData\Local\Google\Chrome\User Data\Default\Preferences
c:\users\PV\AppData\Local\Torch\User Data\Default\Extensions\balcobjiojeggchhjfjnionmhfijepla
c:\users\PV\AppData\Local\Torch\User Data\Default\Extensions\balcobjiojeggchhjfjnionmhfijepla\1.0\background.html
c:\users\PV\AppData\Local\Torch\User Data\Default\Extensions\balcobjiojeggchhjfjnionmhfijepla\1.0\content.js
c:\users\PV\AppData\Local\Torch\User Data\Default\Extensions\balcobjiojeggchhjfjnionmhfijepla\1.0\lsdb.js
c:\users\PV\AppData\Local\Torch\User Data\Default\Extensions\balcobjiojeggchhjfjnionmhfijepla\1.0\manifest.json
c:\users\PV\AppData\Local\Torch\User Data\Default\Extensions\balcobjiojeggchhjfjnionmhfijepla\1.0\S5wjs.js
c:\users\PV\AppData\Local\Torch\User Data\Default\Extensions\ipkfnchcgalnafehpglfbommidgmalan
c:\users\PV\AppData\Local\Torch\User Data\Default\Extensions\ipkfnchcgalnafehpglfbommidgmalan\232\background.html
c:\users\PV\AppData\Local\Torch\User Data\Default\Extensions\ipkfnchcgalnafehpglfbommidgmalan\232\content.js
c:\users\PV\AppData\Local\Torch\User Data\Default\Extensions\ipkfnchcgalnafehpglfbommidgmalan\232\lsdb.js
c:\users\PV\AppData\Local\Torch\User Data\Default\Extensions\ipkfnchcgalnafehpglfbommidgmalan\232\manifest.json
c:\users\PV\AppData\Local\Torch\User Data\Default\Extensions\ipkfnchcgalnafehpglfbommidgmalan\232\Po92VKCaQ.js
c:\users\PV\AppData\Local\Torch\User Data\Default\Extensions\mljffajdjfablplhmclmeebhmighmmdg
c:\users\PV\AppData\Local\Torch\User Data\Default\Extensions\mljffajdjfablplhmclmeebhmighmmdg\5.14\background.html
c:\users\PV\AppData\Local\Torch\User Data\Default\Extensions\mljffajdjfablplhmclmeebhmighmmdg\5.14\content.js
c:\users\PV\AppData\Local\Torch\User Data\Default\Extensions\mljffajdjfablplhmclmeebhmighmmdg\5.14\jCiRh5zsPpl.js
c:\users\PV\AppData\Local\Torch\User Data\Default\Extensions\mljffajdjfablplhmclmeebhmighmmdg\5.14\lsdb.js
c:\users\PV\AppData\Local\Torch\User Data\Default\Extensions\mljffajdjfablplhmclmeebhmighmmdg\5.14\manifest.json
.
.
((((((((((((((((((((((((((((((((((((((( Drivers/Serviços )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_FECF2F8C592FFAAD
-------\Service_BdApiUtil
-------\Service_BdCameraProtect
-------\Service_Bfilter
-------\Service_Bfmon
-------\Service_Bhbase
-------\Service_BHipsEx
-------\Service_Bnbase
-------\Service_Bndef
-------\Service_Bprotect
-------\Service_fecf2f8c592ffaad
.
.
(((((((((((((((( Arquivos/Ficheiros criados de 2014-09-28 to 2014-10-30 ))))))))))))))))))))))))))))
.
.
2014-10-30 00:36 . 2014-10-30 00:36 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-10-30 00:36 . 2014-10-30 00:36 -------- d-----w- c:\users\Convidado\AppData\Local\temp
2014-10-30 00:36 . 2014-10-30 00:36 -------- d-----w- c:\users\Administrador\AppData\Local\temp
2014-10-29 04:02 . 2014-10-29 04:02 62576 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{D3F459C9-F3F3-422D-AB01-71B8093DF24F}\offreg.dll
2014-10-28 23:35 . 2014-10-29 22:40 -------- d-----w- C:\FRST
2014-10-26 21:13 . 2014-10-26 21:13 -------- d-----w- c:\users\PV\AppData\Local\Diagnostics
2014-10-22 01:37 . 2014-10-25 00:55 -------- d-----w- c:\users\PV\AppData\Roaming\Solvusoft
2014-10-22 01:37 . 2014-10-25 00:58 -------- d-----w- c:\program files\WinThruster
2014-10-21 02:56 . 2014-10-20 05:37 8901368 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{D3F459C9-F3F3-422D-AB01-71B8093DF24F}\mpengine.dll
2014-10-21 02:15 . 2014-09-19 01:25 4201472 ----a-w- c:\windows\system32\jscript9.dll
2014-10-21 01:37 . 2014-07-17 01:39 3221504 ----a-w- c:\windows\system32\mstscax.dll
2014-10-21 01:33 . 2014-09-04 05:04 372736 ----a-w- c:\windows\system32\rastls.dll
2014-10-21 01:33 . 2014-09-29 00:41 2379264 ----a-w- c:\windows\system32\win32k.sys
2014-10-21 01:30 . 2014-06-18 22:23 81560 ----a-w- c:\windows\system32\mscories.dll
2014-10-21 01:30 . 2014-06-18 22:23 156824 ----a-w- c:\windows\system32\mscorier.dll
2014-10-21 01:30 . 2014-06-18 22:23 1131664 ----a-w- c:\windows\system32\dfshim.dll
2014-10-21 01:26 . 2014-09-13 01:40 67072 ----a-w- c:\windows\system32\packager.dll
2014-10-14 02:30 . 2014-10-14 03:30 -------- d-----w- c:\users\Tô Fora
2014-10-12 18:46 . 2014-10-12 18:46 -------- d-----w- c:\users\PV\AppData\Local\CombatArms
2014-10-12 13:59 . 2014-10-12 14:15 -------- d-----w- c:\programdata\WCService
2014-10-12 13:49 . 2014-10-12 14:09 -------- d-----w- c:\users\PV\AppData\Local\BoBrowser
2014-10-12 13:43 . 2014-10-12 15:08 -------- d-----w- c:\program files\globalUpdate
2014-10-12 13:43 . 2014-10-12 13:43 -------- d-----w- c:\users\PV\AppData\Local\globalUpdate
2014-10-12 13:32 . 2014-10-12 15:04 -------- d-----w- c:\users\PV\AppData\Local\5991
2014-10-12 13:28 . 2014-10-12 13:28 -------- d-----w- c:\programdata\Packer
2014-10-12 13:26 . 2014-10-12 17:02 -------- d-----w- c:\program files\Search Vortex
2014-10-12 13:23 . 2014-10-12 17:02 -------- d-----w- c:\program files\RBM
2014-10-12 13:21 . 2014-10-14 03:27 -------- d-----w- c:\program files\NJax
2014-10-12 13:21 . 2014-10-12 13:28 -------- d-----w- c:\users\PV\AppData\Roaming\GetRightToGo
.
.
.
((((((((((((((((((((((((((((((((((((( Relatório Find3M ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-10-29 22:55 . 2014-06-25 11:21 114904 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2014-10-22 02:53 . 2013-01-07 21:56 701104 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2014-10-22 02:53 . 2012-07-27 01:26 71344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2014-10-02 17:53 . 2013-11-27 14:42 231568 ------w- c:\windows\system32\MpSigStub.exe
2014-10-01 13:11 . 2014-06-25 11:13 51928 ----a-w- c:\windows\system32\drivers\mwac.sys
2014-10-01 13:11 . 2014-06-25 11:13 75480 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2014-10-01 13:11 . 2013-11-27 15:24 23256 ----a-w- c:\windows\system32\drivers\mbam.sys
2014-09-13 02:13 . 2003-03-18 23:14 505416 ----a-w- c:\windows\system32\msvcp71.dll
2014-09-13 02:13 . 2003-02-21 07:42 353864 ----a-w- c:\windows\system32\msvcr71.dll
2014-09-02 11:31 . 2012-07-30 17:34 46552 ----a-w- c:\windows\system32\drivers\GbpKm.sys
2014-08-23 01:46 . 2014-08-31 20:39 305152 ----a-w- c:\windows\system32\gdi32.dll
2012-04-21 01:18 . 2012-07-27 01:52 97208 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
(((((((((((((((((((((((((( Pontos de Carregamento do Registro )))))))))))))))))))))))))))))))))))))))
.
.
*Nota* entradas vazias e legítimas por padrão não são apresentadas.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1174016]
"ISUSPM Startup"="c:\program files\Common Files\InstallShield\UpdateService\ISUSPM.exe" [2005-08-11 249856]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2009-08-31 7731744]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2009-09-14 141848]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2009-09-14 173592]
"Persistence"="c:\windows\system32\igfxpers.exe" [2009-09-14 150552]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2014-08-21 959176]
"USB Security"="c:\program files\USB Disk Security\USBGuard.exe" [2011-01-31 623520]
"ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" [2005-08-11 81920]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040]
"TkBellExe"="c:\program files\Real\RealPlayer\update\realsched.exe" [2014-09-13 296520]
"UIExec"="c:\program files\Connect Manager\UIExec.exe" [2010-09-25 138584]
.
c:\users\PV\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games\Startup\
BrOffice.org 3.1.lnk - c:\program files\BrOffice.org 3\program\quickstart.exe [2009-4-16 384000]
Recorte de tela e Iniciador do OneNote 2007.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE /tsr [2009-2-26 97680]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2009-7-1 795936]
Ralink Wireless Utility.lnk - c:\program files\Ralink\Common\RaUI.exe -s [2012-7-26 1672480]
RealPlayer Cloud Service UI.lnk - c:\program files\Real\RealPlayer\RPDS\Bin\rpsystray.exe [2014-9-13 822880]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"3212083974"= 504b03042629ac09068374bfb51100000040000057dfbe4f62c7fd005fb5184b749a521932500c6e36450cbd18ecf31d4f4dacff32af95971262b33710ffa461bd774c05119b02569ce8a8d0a4f9f9d99bd51e577a41bc9fc8512d05718337d5409324eb7973151b62c1ba61bd0f8fbe96057ff064e05ecd5aab1f395d31ed4fbccea9a4ef59f1d841997b222555ed8c2e286fb75804d9b0e20e98e03584359536ae91a4d8ea734bbdfab81defdfa9706ecd97ae56032bdca3ba774500a4f751b3a8f09216d7c2595e1d9f0d331b21ea6ba2011432419355fe9830f9bccc9850f86b72e4230d0a9741ba3f3c1398474d0de822c945416acb94f97b6a422dc2913d6f1a318fbcfa2d5eb9126f3ee3171d9c9c18e5f9c1c73cf20b81cf1cb41c1fa834574a06566dd31c4d50ef0ca0b02222667a910644e353b4665f2c858e7d7547e4f4bc3296159c3e13168d9eae095e53a81e268d2863da02c2f9bc822c5a3f8b10ad61dab11be38a926921d2afc97ce1a01caa14b8fbf4a7073056eaf871f7abfda86773ad2e54d14d30e1fcf526283aebe2c64a96fdfdc1adbcfe9f2a2476b167ab86b53c43a973293743d35d3e66e730776d2ab2d1d3ce56d941e2ea5189635d5838672343aca0afa785490dd6af823e784b6d369fd2f6f5d4116d5a9e06a3b1f9e7e80e661b5b5327519d8d0ac91dbbdefaaf5988791d8a75b3d01b8196b552f4f88b5a10c63b5a2e0fae0f1fe833b992ade9b2260815ce46ea44557c6ed1c7b0463f1764b58870def769fe985843408b7b0702d2d6a5b79b2c1b7fc3cda9bff640ae82f485967d70edd9267dc6195889f3be0da1286ca43f71b470ca3a91d5de46b03c4fbc7aaa61e00c906a706879b88aba54efa087398b3c2c11c1771d2fee3545362e8bbc9bd2307f670d391461ed21f2dcc87a9272704500db61f0f66f6378c631a575e5af2dff5443dc4887649f8744de4a555bd0b9135870f09cbe73107904d919548ff85c0a9d5f9dc791ff6924bee817d6458e1f59a727367781818e668dbe330926365788c5e4483b125be787f408a142298b80396888cc00484d93d225e9a8b3b281114e55e8b1df1168e92666756be62fe21a82e2760458f15849c2357f82ad448b86eb59dccea586027396467b4ae609cf8eb80ea0a3e42f424362faed015f304dcee6c6a41b4bf5bc851c5a47df7475cc20dd1c6b61f4de1c85455e96798de9061ed482b69a63e6ca89a17bc10f924d9d50007ccbbd57de891143454a0048189ebdad633e800ec83a57db25556c92ac7311e368cca0069b2aaff1d1e727c4535e7a40b6fd3c507b64e3304ca953e953a8990fa3df32e52fb0797fca67dfb39cfa47f4ecb9b8486119f0acec137e7872c6ace0254662fcc53b77b1efbceb6382eb7b675122253ff1d6326038146c4a10d395f6120e84ebff37736ac95659f0ba5883770779db1a077757d30abd1c61709b09f45a50cccff3e1ab4cf2c94a55c441587968780330972a15829348dc578834c0f3f64675844ca57f30bbcc88e0c8f7e11924edef715db128a2c066cff8a6e6a2a79c33259440356aa4eb3c04e7858c7f75f3f2a93046b41fb089f43dadd195cbe7a3aa3b33545fd6132fbb96db702066e900c11a54349f7cd28949c5b2ca48c58aceb53b359b3fac86dd7103623bc372aca87c57e32fac448e7365600055f425481b3cbd14b64c2a50b872edfed981157db1d90bea0cc7cbdd630908fc2e429b612a98a5ce45e067c9fe52db3266c9574a12b50675429e4b4064c2fc2ebdd64263a7b9243652a4f4a1c3d0b982c9f280d68f4d215ef11f4573ae87ee93483285e40f931e99f5c31dee9bed53051ae51cf381e54f815f13fb7832e475272ad46dff700ab7b42251ff76ae479f26afa3a6e00ec96d5f80f0d0bb0a7884bda15616eb738f7b6e0ce3dbb94d572036aa7151d761589dd1b4de8057918b70d2835cb8fc44f3868118c14beb61117aa70d393ab6e515fd6f5e0112f83f726c04c97890f343b66b10421918605a7823995876fbe97d4df70c40ab9ee1ebd26b3f19cb6aaf75f7467a69ba56fa42bc4107934b9209d9cb7805f5bce904a02eb0cea4aae7b7aac75393140a59ee9fe54e45c532410cd5681228218055ada857ce86ae55a3d77a00870e5354987028ca242729d312c965751ac280b79b6fb4c5567b30c8972935ec3c06524ecb4f506dafa429d62b7973a01c24d5ab704df79bbda0b8cfced1d7fae36b662818da0087430e01d2dd636f76175b479ccf92c573b151b8bf1761b7e9204ba17f87677c7b5ff08cba04051260f421d1a32b7e0dc320af45065966dbf2241bbae1f8619efcb2b2cce36bfe0dcad76a553f626aecd4d6920e3eba8beadf82f97d53178c2e3e528d3222032892bb522d33e9569c53ad877754761d82bde562bdd73b389fcc477aed96e76210188f5cca71dfb33b27889f95073427094611ced3bbad2cca89ef10b084e5209dd0c1d6fca4e09355012910d07d53d74e941593dcf7f1b99ac5833944983273cf770a1ff413009668ed12c9786b2b43dd0d71579392bda90db992157d9f08cc802cb5bcfc44690610c01bfc120a29bcc9f845c255515046dcee799d41ace3fc4327351aa4bae396c3205eb3ae7fcc53345408493985bc7a16b31fca83552987844f1f071582b9595554fcb79d909626c0bc84d99c6899a48790864b7b18fa0742197b06807d9bc294f088a27fe493d92ba5a733ae8a7ec5f6b7fa07988bedc3dad2984fe3f2ea9b3e00f666a8a1e8c90aa4dcd017cae1a00a09c6462e1899c1066e66c053263c66f77040b2a93d3f9dbebe715f1cabcd961274b0ff943c1b8b75d38b133a9f830886a8b5acd64d8660b7b701e0e2764e0cfa4e6f374ad5de5e10f3bed2fa05ba17d15c4d354453e684f5e877ce4b1d7a6456263147b55063c128a0595d3bbf6ea3715c305a8696815af1757306a6ef5f39eefe33d192afd5a02e9284dd3063d010b3843a3d6e65569987a008d61628a85988c707465c725b584d3d2044d6f3d3c6cf2dd96bfa1b06a49d945daa2de7b34f53bfce6cdd930dd636525d0e34e65d027cbed97ff239940238aee6bb3fa10a2f4c1a91102d47894e906cb56084049b15907360631a16ed2863e37daef3cf06c6f5998317f920b2e03f40c6b7eb8cd871a254f59314f0e1fb585da8a646a6a47e55fb7288f45afd3cd999144ab7150c24ee5a2a59e917a8c80967e021a0a6fc96873eb1a3eb3048ab754198b95275b72a2a1e065f3227b9e9e16cd6966542692b2bffbefcc73167111b9219d094ae4e79fbc880db14fc1dd6e91249cf30f0806baf43deb92d34db7f49b7a5e77f335278dd47c7b8f95719bc3ef5bc8396162bdca957fbf415c2f5cda3cae751fc434e7a8920948c56909342f7af3b5d10129d5572349f5aca1868391d9fc734cd223182e003bf44595b0668f83d00e7a8108fded92356ba1eb28d383e2b4896cdfe10542e7cee6cc9f95d66e78b93430357194d73d8d218656e02a03a7e15d0c9626c4f6b5bb5079b173766ebfab6487161ad904558acf2f2954db2f10e4933edf9e98a87dd18c583abe3018b48b3c9dd5e05beb2d5b0d56af20857ef4deff601fac4e05efac4ef73fb93744b6871bef143bad8c81642e04257ce6d04e4a5433e2fe09874128f5ef394bc49f2f68ac9e0a88384b8d31e4aa15bbc1e94b762ea4277616ea1e3dcdb4a8ea5da936e703b15662a015eeb060cb56c1135e445432e8cbb7f91120f5e610b4ecb9c3fb02670149210d6913f4a8a86e89ca0dbd9d8e74b51ff3563aa1a5e909f4283a98c2b437737aee98998c1189fcbff0e93ce6c1253059be0b5fdcd8d271e90dc970d9c435e18a90fa3d3084c40c18709ed62b81cfe9f0b926eab6efe1b4d518fe6d5e1745086892340bba94a5b183326163bb49767ea8e135aabf5589ddccef7edb6e42622598381bbb479585401e23fda593520907c04f53a58084327d281f42e49715301dc80360816c625bdaad2a8d47e0797f7061240d2fcad1170e1f8c1ba37cf6c4c166006e77849cd8b59c85bd32a5bed00a0b664d56b280113d563be3b1f527c7ce350c00a097e9dcfb8b6edac0cc18c5d2b94dc7a0f93a4277991d8e226c13d2457089e69c5cf4e909926690f3d7c7a175e8a491ac947f5acd97ab0ffaa6d2bcb0d15f1f807be2b79dd3d97a37169a5b403169efc73ac58dc6bbc8833e03ee9341729246269ef654b21db0df2df33e95caf9a77cd7ffe1f93d49e91f20aca3c1f602a3eb04e8d7e744a6a8826f5ac34f55c2f570a30b69660f955d84b0ca6133f86cfe105e8a3579f3799baa75dff13533bb851e81942766431a94a57d4baae0c000393912b8d6effff86be80ff50da89c66c623d08fbef3ba8344d75a5a00e328d031f7e25e306b3f77ef418865b108269c91e9c2ebade2640f88d3694a3ad42684aa52eaf25ba1f47cb7217373295684caeb19ace7d1e55c62a8cfdbe165a147da7b3de81bf330a6f2aa294e067c3afc7f079010641ab7db9983a449e80e34c4c0ca5ee7ec156d6e5de64b010ac16dbc614538bf56baaf4e6a8d4054c9cae8489d2afa644ce736908ea75b198856348ad34bd67a2eaf019c45067514fc799d6787c5e088e75da6a9279016427af54dd678492452e23a9e2d83a200d035543e4da3ce71b83ca8638a535140250cba762f7d8daf043c7adbe05f724ec7b6f844612c37d6fcc4d2624c8325de0aa9434214f6b7906e6af7d3891109c49b7489887eab75df4554d90f255f262d5230a38e0deba33007e2f7b884eab7ffacb81a23b3f094968c6182b2a7ff52b7cc9b83d36a5808ba65f03882faf3c3da2765e6ec39dcb6f4e6d7bef308fb627287bfc12e032793d54423ebcd462108b2c10738b63f7c4dfdc7ddb3a62d3d4fbdffbdc9af70bb91c9efd7eea3916c9396197493d15c2e0701aa4138e400ec4ba014c407608e56bc1c49f1810034ce863a315b6fe0a2fc8b9a8753fbd270dd69cb4eba27f1f0ef22d7df58a9010d9960a989729ade4dc85496aca261d1b8c05deedb0662868bda827ac1ccfb4be3b7c044c15caf448db5194d83fdd72f4521989872f54d015c19bd5bc7cf7b8a69fa608fba04818a68c0dc71ec8ae8dc618c6c55c4f823b6151acec7eb09f497ad8721b3311749dd07cd74d312f45e470c6e73e53d42f5bfc5151f05e4079bf7eb625b3c525eb97f3b1c6f0fac783b5b5fa55c7638262214a257be1ae4ccd10273e317541dfe81efc1a89e9d790889e034f6ee2dfc0b281ade62430c2b93d7f36886869e483ba69237a71b99889fda335958c5474db7cd1b81fac0bf05feff0903c69c4d9f184b53a0331d3bba2bd54e6bc9d1a0290328ecd62b2e43c7af5d618aefc9c72814417b22ae24661448d81545137a05629c6b9456256f7d76d60d822e0b7d44f1b820178d2c6dc0eca44306c3ffb77b5489a65a02411e001c6d6faef894611de94858f5720e905c82225a5e7d6ae6de6080dc5cdb0ff0023eb43f5a3292035ab6df96a4adef51f8b0112d448ccf5e8dcfa9d09e4ac09301a14592535ad7193346a25a402ff48116059f5c69fb6be7cea365e152f448d74bf84e1e55791de259bb6d44dfef64bd9c70eb29da00a4a5e9039142e59d375d6c3f03c23e2b3c59e379c7748026d146edbdaf324a39c784ebdd8ace1781b07071b3389db0aa98c67d50d01075bbee584eaeae66fb614579fb7ad9aa865e8817873921c044efbece91cb0902bb53c21ad35d59482e61b67da08dc417c458309198c1501bc6a10cc1a24b474cb1fe68cf81863c28c4aaaa2375203cc2194e8f95646294e2f3dc3a4b7b2a405464d79f302b7a18394c239be7ea1066b78671e4ae6b3157d7f246511cc2c3b324836c774e8e1be050ef2aca3dc8220da55339db3008eba47363f04ca59b903a598528e04b72c85e6c377263c84fab913db4e9cab469bafe09e84aaa19a666bbd86a22ad48f536050ad6d0d59374da8b04119417eb07a8d1ff9d1704ad4ee085f03777700070241e6aca91dbe511f003bbad6658e7bccbddcce77d50eabbb0ee8203c0682b98e2b147b4bd46d89039ad102ca0760148728edec66914c17b0d5a4d0afa606c4a07108c2c8dfcd7173246f49f6ec9be94cc3af65514693600bc743417bb37c17117faaf9575f273b96afdd1195e4ba006099834bcf18918d7fee32e7320cac1092bf4bc9138871898ec9c80c7c089ce7613187de637764d78dd380feaa8fc9f1e7f8c740b75b161c56307023b8d1f3f6019f2f9475a10ae871d02950ce58b2d1936ec288f22ab5dbdb324116a566ccd141f46633951878b2b8329bd00fe5ef339c82e1ff41b53e4e7cc5b50474e60eafba9fba1851cca652a705ebd2661ea7b8e1c0b8cdeec2
"1781466620"= 504b0304c90da3b1fc052f6a120400000030000057dfbe4f62c7fd005fb5184b749a521932500c6e36750cbd18ecf31d4f4dacff32af95971262b33710ffa461bd774c05119b02569ce8a8d0a4f9f9d99bd51e577a41bc9fc8512d05718337d5409324eb7973151b9680e4b0bdeef74270b882eb420946b7b8b40862b9dac9cbf5a56ed8568c971101f6734e2b8839d84e1778d29918a522d11b349b1be5eec317e6d490c16c1a51d921b47d2d13cf9d64fe92e0d09b6f80680d8d36fe8ff62dd3048af7c85faa6b57e858e3b7bf6588bc5287ad7fb395cfa2bd08ca48d88e6e979eaf922a1b50d44b907b41d7f677a3dd643e04fb52b0ab709b83a9de68a4fead992fdfb3dcbfad3affbecb689110bda87e4f546bd03e5f97d85755d1bfb14fc0d2a03aaf7acd326a91580e0ddc3ae0e2e5c538534f2392c0639bbdeb336ebcf4509566f1839f940e0719f99bb17d1741a1b1441aa2fa2fe091d1f37d32d32c610ea70cb093770d7ce76712d71530a85276cd7377ed3dbe556f3f755000c19981d3cb109c1142a5657e7c89bf1b429820050df6b56f17cbaad3709e786fa3566ed4dcb33d87416dd2dd561ae2c5cef21bac9394b3f748d101be50098941f942150de521b37631f0c4dae3a1075130ee568f9813fc2cf60b57b3957c633c8f899d482881f9302c3bb20bdd291e889d30a0324512dd1be329f3e8fedd2a3fcbc0c025c01b32acefe29e92ce1c420c5d0adc32fc850762eec6c7e6a19b5e50ed6653da04d744496ef47c9e3ffe3c8943f699601c6ce42b368838837c5fe662563c78f4699328a69479eef836e372aa78d88d09053d0de5e8f767f253801269adc9d2572b26e6b5ec6f70b7cf1584cdd6c5b25be3062cd6d0a038141428a81360a742f94a45c66d2c2b7fee81b0127e6ed2a49c62fa0ecf00bf527bdc6f6f2ef8e994bc33f4eb03b50f3a4d91c9fb3ea4a78de1a74b16a4319c7cda11508c79880ee7d20341f3ebc0e4c2e05c048d837aa216ee81ec96b17c3521f5844b1e8c0db51b8fb2d5ee1a805d8a1c07b854637922bd1159968778a9ad7aef71e21f994b751ed50583199c2eff454852be0a4eb1376757cec6be659bb0387b06451b1a080079cd8bf27ae308a81f929265b71292a747062c3c321bd964d60bfd272a92f7f9bb674d7f31ede94b396990b6b1777dd0c3e975709cfddc885cc51f5667baa2618f7fb19e02e223e3313e7713c2fa526dbc36a41999aa9274b68906fba6c9d271e54d0114ebe5fa5f85cff7274ada3fcd59377fb153ee06fc8c5c1fbbe019245f4ef6f48f6948b0d60cc69a75a446d3fe486a97c0573c8486eaa624ca728f187c4725d8284886c32fc3a1a610a5d4e8120b69632134639e24c8a08361914e2ab775cb27d1fe8b7b6ad85d6b77ff469b33b1a8afbcecdcd2a687aac7a0843eb48b39706f462a547085fb2abd9a94644f5d70fc8786065a9e4f91a729ea801bddc2e63866920816
"3518887414"= 504b0304736b0169f6f5bdd1981700000050000057dfbe4f62c7fd005fb5184b749a521932500c6e36750cbd18ecf31d4f4dacff32af95971262b33710ffa461bd774c05119b02569ce8a8d0a4f9f9d99bd51e577a41bc9fc8512d05718337d5409324eb7973151b9680e4b0bdeef742fb6b81eb420946b7b8b40862b9dad1e8c7a5dec04e6c8e0ab4456e6f28ce14f51f3725eee5b20d7ce662c02fac80128ae38637fbf4867c17c9d717663da6767d89c658fdd74fb81b03ebdbdedea7491d2a3c133ef493731b542604f4bebc69fe2f02cb40f9b3b45d29a40a4a1487d0b71dd1b68e821f40084b407b25ee87063b9112ece9514914c7d4423b12f045b6a22d150d28f78c844b2c079f1b78200055c5fca3e82a972455517bd3c9f428b164b89517ab47e6b447afadd38678b857bf838eed34321eede6905e27fd8abfe7ce349b787f2ceadb45bba2f4ea19e70a8a2b5c4f0c177936117491afa1edeb5d5afc2e0e384518db1217850b7eac6ff9df99ed5e1416fe1b93fd4dd2036e8371d5e129993e594b1bbfe0669302928bf5a268e0f4aa93288eba13bc0125cecd46e2906e1d19cd2d3ff14d1b1ffb50ac2b2f5a28df9cb6c2e32f23d6a4fe0fa130be4dba875daef9cd943276420bf4bcfda157a87854590b71981eaf3fe5114e13b51b9956b7586105a81290a7f974ae78e9c5e5305e55b90536d5da9abe3aa6d3d7894737b70914e304c895aeed4ab7aa36fa2b8e5a93a3220506fe29a7d9a60c146e7edcf95ede9f5209637390b061cde231782f8b2a76cc12420afe66c666b54c8e1de9c6d7b8951184ac7f5b77d43b0a93628520289b31b01687daec69134dc85036e82c4f8cdbb84bf893e3d9dfa8898628a43ef08e2a7f442d85e85b083da10c4a48fbb1886aceda7a00296c79c3661b3e6c2d7975064380156ec53adb7ae23bbca7c0efb04863da781aaa195e7907760bb6ef0c1f326f86e4c65616b48513ac1bd36b25480b4b768869c05673029a83a23390f3595fcfb4e4a02fac243146e3a585fa83e91fc142be512a930f2cf296440b42b78c2880f0ff81b398ed373d287e58c5d313b3c28b43fed2489f2de932d5772a2233f3d6499e9e8754a064e61c5297c7d0913fc35baa83fb3c50e415d439f5d925e865435840b2aab80bd945f071db917a602d389ea2e3e4821423c5f4b9c3d04256b28d804e2c3dfd2a3b56cb4562f16616747f6f4974df1671c55e5c585cca7da509c73e567b0e19a1c9e7ba63b5e3fc82973179fb5bbd290612437a66ff92397e2024d203103a81238b4a2db552f8a252756ba784603dc7e1ac6799f1392a037d0128b6e82e0eb7907b10a097fc759bf0a26746e03a5cfb6cc635b5c3ead1266b4be8598a1a440e0ad49f4d4e0707e697a7d50fa766b3b03890cb4584bb70ed819fffe467b4718295d4bfeb9f1c454ed3ad402c01441828cc71e6330f160d4e7d4595c440b3f8ebf43ce4d3579902f00666d62d00eea6e437a3fc99cbc1588935db5dddff1da133827f8329106f3ea7bd9e4850f6b7c2679e9ba5b8542924f2054d089c1bfb27d94efc9550cdda928b972f95da7a48039874f81bcb02169ba4f35b12f420a3b086db2481027a637b789e88ab2287712cb3690d698799868450fa9ca5f7fb2d9980c25362be8ac4830b721795fae6c7c44971cac88cda6fc2c56df6d011b7e563b2ee540f6ea288f2c62f47204c9d944760d7d8a009f0c8c41fd43d1eae86e1c1a1cff7d928ee40ab435d8ba4fce63aa83d67e9095b26eb235d2b70271699209cd956fcd5bb44f6f2987a35057d4535d107764e9fb9b42514aef835272b347f56caf82feae78601abe447535ec9f0aaada05e688e468f66ec3ae7418751dae58a7d2fe0e4ef52e11396cd894c31ae9186e6f9cdd05a66e709c25e0f12bb2bc2e76c79a4ef6af794e522791da444af63073d3933053e2dda8b7a5fa9f892a324465a922d83d20b4a293dc0bf0e21254bfa58a9ee85c4cdfbdd09cde9e5c942655f3c8078aa42544d75ad310fada908142b3971f387103f3c959817ac23479bb7151c97567d388be6e5b58781375c65f52c3382c2294829e5ec2bb33721689adeff8fffcc34e4e7c409b82070a3d5876f0c90018600c2deb148a45fc8f2441d921276e39c0049b72e5ca8037953a9c96f1da6150859b9c992b3f8735f383b8d81e27b9e5a876ab04aadd93519606d13824f27eb090bf13461ed0c8314fc93ba9a8d18c5724d18628d674455a3fbe35f3d72177f252c303313636619b6cbb1aa7495ce886ae790de015c8ee29cb28a0ca5602360f427decabb77a49d204f98ab7ea700f9341c0bf71829bf33f4cdcbf7ee06581320c766ea588a380eccefda8d8f6a669334f0561fc75f199e1e3b3b094ff6a1593b3e3fbe7329304aa06d28744aa7088965416f097465e68dc9b413123f45dadcf67cafdf5e7b655ed4e2352f27a969b3dad5a37fecb4b73de6261cc2a6c64c8d0aeaf035db33d77ec5b6f2100af86b06a56698ef504eff99f4d06c0cbdda2b0b0b15ca9b48df92be6c6c8deacd71ef16e6b9bdbf25e403b23fa3a43d2d3121e95310c451242118a7a4d708aa70aed759dc3a830660b24c1beebf01b6b84aa94cda999d6af0c92f71ff232d83ee1f3109074d716cb1458067a8a2e0c633a527e1df46a392bbe35dd7fb26433e728c0a8df2d0ddaa81de445c6b06cc40ad02c78f3c6fa54f76decbf41841fa4954e65a7e027b018152148b0c30b16de2d2552de793e3964d74edc266f9afbc4a300346d81e6efcf636b9004a0f8f81e84fdc9bc34ed6c9232c1652964a6fdee5cab0a2c9f845c3b4e3536808f7fd66644d91197cf4dace416078a0b6078a897f696c2054f0eaf5dda39495ea0c804f7a4be30e97c8133d77e69ad85b0407673ef2bb186ecd253984a0051d5f2ad19037c83461a699fca9348087e32ba2acf63e39b112e0f3cd936749bab8070a85485352e435351bf19b664420b1a332443f96296ec980c72a3c646d6c80ceb3c45965daed78ff1366da8fce39771d75d997711d6bbc9486f36f6f48cc5b0c014d26500736e0097590212b04b43665838b3547af369d04e52513ed60e396ba9d4b9f8b7b8c8223f730513e9ea20fe6e8befa56fcd9cdaa42ecd7d498db853ec4ef0fd615fb85a521118af1f96e7552fdf287f6b35a28e7714c0310024abda1f07e918b8622eea24a8eb32797d708d15c6406dacc26be6b6f8196173875d119188acd49cfb8663f9f693531201572c0de4d996fcb9e47ff999caffef87285245934c916b5eff308f8aaa0a073bde32d699e8b66a7600001e930e475d84da4b77a780abb5b2516d60f7752e83646a37e1bcb395325926bc8dc0ad2cc21a8d96acb134f69093710902da15417d929fcfd6c7c77756f83000349fe904594aff69dbcc6dccd1f2c8a5ad33626d5fce069726611a008a878f38afd8b03f8b759a8620070eab5ead287665a8d99a4a7e60d8057c135cff8739899c5f8ed21a59e642c03381ce817fcc84be771daeed160d838be914e2f30ee4600a9356600d5050135e1e9b23d198931edf7fc2f7a4eb778103c1e5fc7f1b14bc5a18d76617bb243389510ba16717f18cdc553eb617f7043b1a8ea35094308388d7b2d3f10ea6867f3d8fcd5ff3ef33e55243dfcde4e9310cd1bcc68c24d028c2a9e322ece6058c4483189019ffa2fd7086b1889dff42222a5be59eeca8e0b2144de59a4a20f75be683b3cac38551cbe58711f9d5263968a9c9fe91b575ce5f3d3d72e1b9b3c2b8dcaee7c71536a11d2b78d0c42dd32610060f56e34df0a25f501d9931c6110ddaad1679d53347005b2ddeef846332f862eb775129f105672240e79c3b3ef8eb557e649c6d28d62eb191e8fcc250982a5ece17426a73d72e9f0d90251ec693d4051f17ec02293fab775d8485e52bd9b20478e9cd47d3418e2d44039577a8e4a6240653dedfd527db5524ddcff5219b82235aab3dc6618c0d51276fac13033524f151efca21f00cec6532d6c7f6b8536da5a8a09628eedaa735a7b3573881131d9806386de22f77d095051dfdbd2671bcd17300d5a1a73e3e176e20bf85893db110df52f843868267a0ad7bcf83611917ccbe9db27d22806b41b51bbffeafd48444eeccb427a55a72bd12ae05b351d6682f3d37cf43ed61d538614b6d4a9c5ba8b5d8ce24789d495a25f94f6c15facd726ea1043ab2a57b98395e37eedfdcc8539fc12c1cc8286b1c6afd83361df45a1292be8b35160a6095bdf68d1b89039b51d717423882a1597be4196717d3b064534d3a41f6fbaf346bb553bd45abdeef037a2fc884476ce3d67d209e8535bf1fa5a0c2df1b6658df8004ac8ca091bfa901f765a8a08174d18a515313a9c7534e8c6c1184b368ed151dd7294081b0686a9b7ff549371ce1bf2794a4c92698aa4053c149ad6010d721dff8da64b5c00483b044a134b4f26aa49f4f150411dd2b0e411253a5c03850d6cc8c8ee961320e43733a62d46301d2e25efb1f15b0bbb7bfc46d10da89a3a29171ac3f6e53f94aa51c99bd407f81a809b53a68c4a1af9cea5c58c4e696cabf55c12cb4f018f11a634fbc971ad601b420a05847479601a59cb0510e0625b87f8aa16bf57278bad32fa586b30483a4971cc11741e3f2f8f6e7b3d6d16e73eaf8ee45c5df471cadb7ff4e5291ece73acf05aaa7cede4edf913334774606e4bdb814feea81044f51b16736fae8e47449b6cea9e4285a5c42724a53d02aafe360efda8912530343478477169bb4d81afae7f3926820dfbe8896831458f0cc5948114accfc3bfe95af53f328323049666a1f311089fe459acc283e256808b0bf53615acd77464a3ce8b93fc1cf83515e64f8cae4c429e6214d8b0168d37b40875b157588c99b99f4441429252661fbbaf39c08fce0f68f5d53b16fc9a8d73d1d55f8a04b4f27f5cd337bda4ea44ef23736eb50a0663b0ba8fe30abdfd0ed3110b078def68f41e9a34ad1f6dd39079a2095e5203aa78e665213e641f59bef71d91afa921ed8c87f597b845ccc1d53231bb9035944093fe409e9a22b057ef5192eb5e9b654823e6decb28b27f297cd14d7e095166481d7314686ee8f61ab7c7c196d6d869e3099d5cfa59bc3e660dccf14268662376f9fabb010018ec7ee9a5b07fe18dfc57df9fbe3877c4d0b67b21ef02237cfb6185c7e7885aac68fafab47dbcf5cc4860c247de0b342d824601ec90ec9b548766aab1b457724114c6f9148eaf83c3dc4e8f2b156031a1e43dd04f0b815ffe2183c6b174a6862876c21eb7f685875368f5ae83a46f4b330cfb4b19889b4d34f9152e8135aa4e1af2e165fe54c45c82c789a23c0b47abe49572ad971a2226b40fb09ca949d5e5df9d859e4fd9bb0e37e4784961c7521b785eadc0565c38e162bd2e3185e8af8de96a81c263fa96b6716ed4be287075ff71d48e7643f1e8de335c8ce5da57488e835fe3a10458c6d5f16deaad57d0f32f96a226ff84d3eeb4b8fea8c3ee4da7aa7710782c5ec2ea3da379c404ef5dd884dda303676a051417bc666665877e9840c9d89e6fb6c2a113d0ba2e0b42010a28578e469847392762483b98b4d465fb29b241115b0a96b3f0f82ab100c63ebb774e62a0381c8e47c1d35c13238995ec456d0f852d2a320813282979d09597ae0d61c7f99600aecc92c2c884eb72108fa9906f2f6669bb41fd0605359ee61ebd5be89a0456ecd47ed17fbbf4903a00c7026453dc6eccac0b37c1bd74c5f95da60d8dff61a2921de0af3436bf2a3df6039d9e0418bc64ab76df0b1904f9a870225179679aa30ee7b82ca6c1d838f66e9783d9399c9c61e55f0e6954b301a0dd3ec3a2e39d795f8ad31aa0d90154abd24a47fff5aa2934212516c52d340eb6d148ccc5933a9fb14ad335b2f1855d90dabf8af7a65244684e8e29081bf6aa37e4bcca1e7deb4fadb1768f141294ecb1d9c3298ad0f332614ca3fb64c92f92d3ea085ce810fc75b34870f4dd06b126f43e0f13ec4314ce762b6dd97093ae542446d17406adff089eae7b1c08d0ce8d205af802ecc4946f51a9c58d0719bddc38ef755dd0bbdeaf3c41de8f2d6a9b0cd1619276cada9faafaae0f9c856573b3bb646a4b3afdaa11ce836d9a3a673972b7733c5f45098a286e6b2f5fdb6e46901a47f1dd8dce2452f3937063825389ae08b9acdb358feff0fd45d7b18e838a6e113935316ea3f71343851933ab80df882760fe5a534723e55cf57e0ca089d78fda91090990e0dd4a1f2d91d0044e210584dc29d1b61b6644e7e58747f0054b9de5b1145e4b9e66808374476121c25f73f989780bb9beca60b1b20a3b7240e15435bf76f375f1616fe55b1575d738154a3e78877ea8381a2ba7242d2a58ee06ca1b09c0e86405d29b721369effc14abc27b5e9d4891315fefd448df7209ce7b0ac4675de696c37c1ba5404c0ccfadfa7e360dddacd722b48ce30f1494abe35d9ca30b9488b436dde267f93522a50798ef55f6698f041b2f759aba9099bad4e4912a48e6bd0b2a2b32748d170a7cc276afe0d56e0e41ffb89859d6b20a08870217f13cf879400a68893d8ddfd373d86b2d8574f399e942030e5becf224b480d3df3ccaad9c067635665da54b0123a89ab54d0d215f4473ee0efed6e44f987a9082cb78295362cb17fd35e2e2f078ab8088a422058a794749318560f04563ba663e58ee05a1153441b09ea39c5ea736d3200b71d2e6d79d346f9f86a00639830778a6d11c36fd6527b100ca5cadb86728987db00805aefe9406fda00c8ed302ae73846e55a9ee3a9e3a1272b045fa34d0c7a0459238ebefbee1077faf8c89086e4d26ba79ecdd6ba2f04e06c87873e2dc9428643dcaf28c719548a8a2592542561a346b89990096d068d3ac4ac8dbf9146dc90ea03e8d46c3782c7e2e3326e37c055b0274f2a25f0ef4ca516f3c8afbd0bb94e9945a13cbaa8ae355b03477b900d0622bd1a838fd2668226ea2fa467f19241325a8961c07851d66ad889b9958d518a78428d89ffba2c9b0737928c3cd40406dfc971bb159a3a5e64fd44eb43ac39bd6ca33ca3c6f2d6d4a3e1aad334322a873c58a92a384ca2e051f48d2676e3a21d5b10362dbf02f97e8d99ffc3e88edb6191ac0990015c1ac05ad1b255e1f2b2c13802057dc3f7749c1ac9f87ab923aea3b83587bcceee07a9b91b414935bbd1094552c0af2988af4ec057a1b87493835675db0e3d301e7dfbee8f2ee4445571b1f02a82ecb0f48d788b3e90d93f6a66e365e7753d8668994a406031229818b77fcfe7aa4ab900a9572b1939e75a9403b4a1b11eaae87c7ce1f92ae1c3b91d6c16fe1a903dd9a82bbacf64b509e7791f2a1d345b552a8acf38e8b9f1bea5f2f612147d5f816203f1b7680c815390e391e56a2670cfe2828e3be95fbd10a3dcefb43a3aa802d3120bdab4742a40d043c63bf443f600a433bd5219e6fe431d02cb5bf106dc0dc903d147341bffbba09a3350a395ea109c311c86ce611dea70410c0d8779212d76246cef326d94c390d1ccf649d4cbe7e768d996de359a37781fc762235b0a73dbe1694b83c1171e0f1b9b410161421764301267d3ba855d49852a03523f5f306ce5e70bf8a3759d820aa9baefbb033ac83de502d52d919e028ae331318d4fbf02f1614e1020e570f78097ce3f500d29c3c00457001c9d29c05c9e0f529cca8f84388ad1763f2f0544f16590434560a7347f25056fefa6c9827746d2863deb779bab6a5e2a32b432009bed1499a139cef4e02b72bae5fe02e249181b9186d02be799b3b8ed99c204c527bb0fae7eda3e7ed6cbe3cf0fec0ef9090e89947877bad5c0a6ba177d35edc284ad83dc1182a135012be966dd8e731de664a8fb8c24abca50388f457aee8913f89e5e42eadc1924b7b357363d86694b5a9eb9add8dd0ec81a61f5042a9a331ee131d39f865e66fa5c68bdc389bcff9704de8626d8df84ce85fde68602bcdc4963e247fdb8d50204b34d760a7c86e18f6a770ee864bdb364ec7e34cd8f24062bfe5b58b09b8a64283b8fc9467b2d3e8f74654844047e06ecfd422cf85401c9b006c3ae9e882a7d1bc7a65afb20942ee97ff4571903fa56943743118d7dd6f9ba39e4fe91b023077550b65f5854001897fd509a7b624127705419c46f4b462081abdd912719991dc5ce220e8acfb6eef7e6481d26d6890f0bce55866d7264c10768a06167828ef153cb1f0e26aef6b36f94caf3962336e11e0879d355a95f216ea5bad7653d4e68115120b09a953fae2dd82a281087d9d24271b9d020eea05093fdf4cc0a443ff5b63a2c202d42e485a318630a11bc4c8a6233bca7ba371af771b7179d5df8989bdd85d06c65327f1632085d433ee1acadbdcfb02703ffef87c24cf34ddf1d16f2400a7c6e3dade91d2a519657faf36b32614d692f52abe006294009f87eae07f3600444f26a3152ec6facc666954496f5e992f1d7ad27f3fdd80b99e43cb2e531c7f028c92df8b025976e50922497546037156b7db351756b78ff0
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\ GbPluginCef]
2014-08-12 18:20 1736008 ----a-w- c:\program files\GbPlugin\gbiehcef.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux1"=wdmaud.drv
.
R3 AVG Bonjour Service;AVG Bonjour Service;c:\windows\TEMP\avgcu_mDNSResponder.exe [x]
R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [2010-02-01 29472]
R3 CT_QUALCOMM_U_drv;Qualcomm EVDO USB Device for Serial Communication;c:\windows\system32\DRIVERS\CT_QUALCOMM_U_drv.sys [2009-04-27 103552]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys [2010-11-20 62464]
R3 esgiguard;esgiguard;c:\program files\Enigma Software Group\SpyHunter\esgiguard.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe [2014-09-19 108032]
R3 massfilter;ZTE Mass Storage Filter Driver;c:\windows\system32\drivers\massfilter.sys [2010-09-15 9216]
R3 NdisrdMP;NdisrdMP;c:\windows\system32\DRIVERS\gbpndisrd.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2010-11-20 15872]
R3 RTL8187B;Realtek RTL8187B Wireless 802.11b/g 54Mbps USB 2.0 Network Adapter;c:\windows\system32\DRIVERS\RTL8187B.sys [2009-07-13 347136]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [2010-11-20 77184]
R3 terminpt;Microsoft Remote Desktop Input Driver;c:\windows\system32\drivers\terminpt.sys [2010-11-20 25600]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 52224]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-20 27264]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [2010-11-20 112640]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys [x]
R3 WatAdminSvc;Serviço de Tecnologias de Ativação do Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2012-07-30 1343400]
S0 GbpKm;Gbp KernelMode;c:\windows\system32\drivers\gbpkm.sys [2014-09-02 46552]
S1 Ndisrd;GAS Tecnologia Filter Driver;c:\windows\system32\DRIVERS\gbpndisrdn.sys [2014-03-16 29400]
S2 CDROM_Detect;CDROM_Detect;c:\program files\3.5G HSPA MODEM\WCDMA_Eject.exe [2012-09-18 325632]
S2 GbpSv;Gbp Service;c:\progra~1\GbPlugin\GbpSv.exe [2014-07-22 546104]
S2 MBAMScheduler;MBAMScheduler;c:\program files\Malwarebytes Anti-Malware\mbamscheduler.exe [2014-10-01 1871160]
S2 RealNetworks Downloader Resolver Service;RealNetworks Downloader Resolver Service;c:\program files\RealNetworks\RealDownloader\rndlresolversvc.exe [2014-07-24 39568]
S2 RealPlayer Cloud Service;RealPlayer Cloud Service;c:\program files\real\realplayer\RPDS\Bin\rpdsvc.exe [2014-09-13 1141848]
S2 RealPlayerUpdateSvc;RealPlayer Update Service;c:\program files\Real\UpdateService\RealPlayerUpdateSvc.exe [2014-07-24 23552]
S2 SSPORT;SSPORT;c:\windows\system32\Drivers\SSPORT.sys [2008-01-24 5120]
S2 UI Assistant Service;UI Assistant Service;c:\program files\Connect Manager\AssistantServices.exe [2010-09-25 252784]
S3 netr28;Ralink 802.11n Extensible Wireless Driver;c:\windows\system32\DRIVERS\netr28.sys [2010-02-05 785184]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [2009-03-02 139776]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-04-10 23:56 1077576 ----a-w- c:\program files\Google\Chrome\Application\34.0.1847.116\Installer\chrmstp.exe
.
Conteúdo da pasta 'Tarefas Agendadas'
.
2014-10-29 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-01-07 02:13]
.
2014-10-30 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2013-02-10 14:38]
.
2014-10-30 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2013-02-10 14:38]
.
.
------- Scan Suplementar -------
.
uStart Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
mStart Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
IE: SmarThru4 Capturar seleção - c:\program files\SmarThru 4\WebCapture.dll2.htm
IE: SmarThru4 Salvar como HTML - c:\program files\SmarThru 4\WebCapture.dll1.htm
IE: SmarThru4 Salvar texto selecionado - c:\program files\SmarThru 4\WebCapture.dll.htm
IE: SmarThru4 Web Capture - c:\program files\SmarThru 4\WebCapture.dll
Trusted Zone: caixa.gov.br
Trusted Zone: caixa.gov.br\imagem
Trusted Zone: caixa.gov.br\imagem2
Trusted Zone: caixa.gov.br\internetbanking
Trusted Zone: caixa.gov.br\internetbankingpf
Trusted Zone: caixa.gov.br\www
TCP: DhcpNameServer = 177.36.96.21 192.168.0.1
FF - ProfilePath - c:\users\PV\AppData\Roaming\Mozilla\Firefox\Profiles\6wbyrt5o.default\
FF - ExtSQL: !HIDDEN! 1970-01-17 00:31; jid0-O6MIff3eO5dIGf5Tcv8RsJDKxrs@jetpack; c:\users\PV\AppData\Roaming\Mozilla\Firefox\Profiles\6wbyrt5o.default\extensions\jid0-O6MIff3eO5dIGf5Tcv8RsJDKxrs@jetpack
.
.
--------------------- CHAVES DO REGISTRO BLOQUEADAS ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Outros Processos em Execução ------------------------
.
c:\windows\system32\WLANExt.exe
c:\windows\system32\conhost.exe
c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files\WIDCOMM\Bluetooth Software\btwdins.exe
c:\program files\Ralink\Common\RaRegistry.exe
c:\windows\system32\DllHost.exe
c:\windows\system32\conhost.exe
c:\windows\system32\sppsvc.exe
c:\windows\system32\Mystify.scr
.
**************************************************************************
.
Tempo para conclusão: 2014-10-29 22:53:35 - Máquina reiniciou
ComboFix-quarantined-files.txt 2014-10-30 00:53
ComboFix2.txt 2014-10-29 10:07
.
Pré-execução: 10.457.837.568 bytes disponíveis
Pós execução: 10.097.311.744 bytes disponíveis
.
- - End Of File - - E0DB171F90B4D9C61B44CCDF37B62367
A36C5E4F47E84449FF07ED3517B43A31
ComboFix 14-10-27.01 - PV 29/10/2014 22:02:59.2.2 - x86
Microsoft Windows 7 Ultimate 6.1.7601.1.1252.55.1046.18.2037.868 [GMT -2:00]
Executando de: c:\users\PV\Desktop\ComboFix.exe
Comandos utilizados :: c:\users\PV\Desktop\CFScript.txt
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
FILE ::
"c:\windows\Installer\{5BAA60F6-577A-81B2-D7DF-90EAB3638451}\syshost.exe"
.
ADS - drivers: deleted 55 bytes in 1 streams.
.
((((((((((((((((((((((((((((((((((((( Outras Exclusões )))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Administrador\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\balcobjiojeggchhjfjnionmhfijepla
c:\users\Administrador\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ipkfnchcgalnafehpglfbommidgmalan
c:\users\Administrador\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\mljffajdjfablplhmclmeebhmighmmdg
c:\users\Administrador\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\balcobjiojeggchhjfjnionmhfijepla
c:\users\Administrador\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ipkfnchcgalnafehpglfbommidgmalan
c:\users\Administrador\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\mljffajdjfablplhmclmeebhmighmmdg
c:\users\Administrador\AppData\Local\Google\Chrome\User Data\Default\Extensions\balcobjiojeggchhjfjnionmhfijepla
c:\users\Administrador\AppData\Local\Google\Chrome\User Data\Default\Extensions\ipkfnchcgalnafehpglfbommidgmalan
c:\users\Administrador\AppData\Local\Google\Chrome\User Data\Default\Extensions\mljffajdjfablplhmclmeebhmighmmdg
c:\users\Administrador\AppData\Local\Torch\User Data\Default\Extensions\balcobjiojeggchhjfjnionmhfijepla
c:\users\Administrador\AppData\Local\Torch\User Data\Default\Extensions\ipkfnchcgalnafehpglfbommidgmalan
c:\users\Administrador\AppData\Local\Torch\User Data\Default\Extensions\mljffajdjfablplhmclmeebhmighmmdg
c:\users\Convidado\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\balcobjiojeggchhjfjnionmhfijepla
c:\users\Convidado\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ipkfnchcgalnafehpglfbommidgmalan
c:\users\Convidado\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\mljffajdjfablplhmclmeebhmighmmdg
c:\users\Convidado\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\balcobjiojeggchhjfjnionmhfijepla
c:\users\Convidado\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ipkfnchcgalnafehpglfbommidgmalan
c:\users\Convidado\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\mljffajdjfablplhmclmeebhmighmmdg
c:\users\Convidado\AppData\Local\Google\Chrome\User Data\Default\Extensions\balcobjiojeggchhjfjnionmhfijepla
c:\users\Convidado\AppData\Local\Google\Chrome\User Data\Default\Extensions\ipkfnchcgalnafehpglfbommidgmalan
c:\users\Convidado\AppData\Local\Google\Chrome\User Data\Default\Extensions\mljffajdjfablplhmclmeebhmighmmdg
c:\users\Convidado\AppData\Local\Torch\User Data\Default\Extensions\balcobjiojeggchhjfjnionmhfijepla
c:\users\Convidado\AppData\Local\Torch\User Data\Default\Extensions\ipkfnchcgalnafehpglfbommidgmalan
c:\users\Convidado\AppData\Local\Torch\User Data\Default\Extensions\mljffajdjfablplhmclmeebhmighmmdg
c:\users\PV\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\balcobjiojeggchhjfjnionmhfijepla
c:\users\PV\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\balcobjiojeggchhjfjnionmhfijepla\1.0\background.html
c:\users\PV\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\balcobjiojeggchhjfjnionmhfijepla\1.0\content.js
c:\users\PV\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\balcobjiojeggchhjfjnionmhfijepla\1.0\lsdb.js
c:\users\PV\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\balcobjiojeggchhjfjnionmhfijepla\1.0\manifest.json
c:\users\PV\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\balcobjiojeggchhjfjnionmhfijepla\1.0\S5wjs.js
c:\users\PV\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ipkfnchcgalnafehpglfbommidgmalan
c:\users\PV\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ipkfnchcgalnafehpglfbommidgmalan\232\background.html
c:\users\PV\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ipkfnchcgalnafehpglfbommidgmalan\232\content.js
c:\users\PV\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ipkfnchcgalnafehpglfbommidgmalan\232\lsdb.js
c:\users\PV\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ipkfnchcgalnafehpglfbommidgmalan\232\manifest.json
c:\users\PV\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ipkfnchcgalnafehpglfbommidgmalan\232\Po92VKCaQ.js
c:\users\PV\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\mljffajdjfablplhmclmeebhmighmmdg
c:\users\PV\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\mljffajdjfablplhmclmeebhmighmmdg\5.14\background.html
c:\users\PV\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\mljffajdjfablplhmclmeebhmighmmdg\5.14\content.js
c:\users\PV\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\mljffajdjfablplhmclmeebhmighmmdg\5.14\jCiRh5zsPpl.js
c:\users\PV\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\mljffajdjfablplhmclmeebhmighmmdg\5.14\lsdb.js
c:\users\PV\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\mljffajdjfablplhmclmeebhmighmmdg\5.14\manifest.json
c:\users\PV\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\balcobjiojeggchhjfjnionmhfijepla
c:\users\PV\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\balcobjiojeggchhjfjnionmhfijepla\1.0\background.html
c:\users\PV\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\balcobjiojeggchhjfjnionmhfijepla\1.0\content.js
c:\users\PV\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\balcobjiojeggchhjfjnionmhfijepla\1.0\lsdb.js
c:\users\PV\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\balcobjiojeggchhjfjnionmhfijepla\1.0\manifest.json
c:\users\PV\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\balcobjiojeggchhjfjnionmhfijepla\1.0\S5wjs.js
c:\users\PV\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ipkfnchcgalnafehpglfbommidgmalan
c:\users\PV\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ipkfnchcgalnafehpglfbommidgmalan\232\background.html
c:\users\PV\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ipkfnchcgalnafehpglfbommidgmalan\232\content.js
c:\users\PV\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ipkfnchcgalnafehpglfbommidgmalan\232\lsdb.js
c:\users\PV\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ipkfnchcgalnafehpglfbommidgmalan\232\manifest.json
c:\users\PV\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ipkfnchcgalnafehpglfbommidgmalan\232\Po92VKCaQ.js
c:\users\PV\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\mljffajdjfablplhmclmeebhmighmmdg
c:\users\PV\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\mljffajdjfablplhmclmeebhmighmmdg\5.14\background.html
c:\users\PV\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\mljffajdjfablplhmclmeebhmighmmdg\5.14\content.js
c:\users\PV\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\mljffajdjfablplhmclmeebhmighmmdg\5.14\jCiRh5zsPpl.js
c:\users\PV\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\mljffajdjfablplhmclmeebhmighmmdg\5.14\lsdb.js
c:\users\PV\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\mljffajdjfablplhmclmeebhmighmmdg\5.14\manifest.json
c:\users\PV\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\balcobjiojeggchhjfjnionmhfijepla
c:\users\PV\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\balcobjiojeggchhjfjnionmhfijepla\000046.ldb
c:\users\PV\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\balcobjiojeggchhjfjnionmhfijepla\000054.ldb
c:\users\PV\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\balcobjiojeggchhjfjnionmhfijepla\000055.log
c:\users\PV\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\balcobjiojeggchhjfjnionmhfijepla\CURRENT
c:\users\PV\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\balcobjiojeggchhjfjnionmhfijepla\LOCK
c:\users\PV\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\balcobjiojeggchhjfjnionmhfijepla\LOG
c:\users\PV\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\balcobjiojeggchhjfjnionmhfijepla\LOG.old
c:\users\PV\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\balcobjiojeggchhjfjnionmhfijepla\MANIFEST-000053
c:\users\PV\AppData\Local\Google\Chrome\User Data\Default\Preferences
c:\users\PV\AppData\Local\Torch\User Data\Default\Extensions\balcobjiojeggchhjfjnionmhfijepla
c:\users\PV\AppData\Local\Torch\User Data\Default\Extensions\balcobjiojeggchhjfjnionmhfijepla\1.0\background.html
c:\users\PV\AppData\Local\Torch\User Data\Default\Extensions\balcobjiojeggchhjfjnionmhfijepla\1.0\content.js
c:\users\PV\AppData\Local\Torch\User Data\Default\Extensions\balcobjiojeggchhjfjnionmhfijepla\1.0\lsdb.js
c:\users\PV\AppData\Local\Torch\User Data\Default\Extensions\balcobjiojeggchhjfjnionmhfijepla\1.0\manifest.json
c:\users\PV\AppData\Local\Torch\User Data\Default\Extensions\balcobjiojeggchhjfjnionmhfijepla\1.0\S5wjs.js
c:\users\PV\AppData\Local\Torch\User Data\Default\Extensions\ipkfnchcgalnafehpglfbommidgmalan
c:\users\PV\AppData\Local\Torch\User Data\Default\Extensions\ipkfnchcgalnafehpglfbommidgmalan\232\background.html
c:\users\PV\AppData\Local\Torch\User Data\Default\Extensions\ipkfnchcgalnafehpglfbommidgmalan\232\content.js
c:\users\PV\AppData\Local\Torch\User Data\Default\Extensions\ipkfnchcgalnafehpglfbommidgmalan\232\lsdb.js
c:\users\PV\AppData\Local\Torch\User Data\Default\Extensions\ipkfnchcgalnafehpglfbommidgmalan\232\manifest.json
c:\users\PV\AppData\Local\Torch\User Data\Default\Extensions\ipkfnchcgalnafehpglfbommidgmalan\232\Po92VKCaQ.js
c:\users\PV\AppData\Local\Torch\User Data\Default\Extensions\mljffajdjfablplhmclmeebhmighmmdg
c:\users\PV\AppData\Local\Torch\User Data\Default\Extensions\mljffajdjfablplhmclmeebhmighmmdg\5.14\background.html
c:\users\PV\AppData\Local\Torch\User Data\Default\Extensions\mljffajdjfablplhmclmeebhmighmmdg\5.14\content.js
c:\users\PV\AppData\Local\Torch\User Data\Default\Extensions\mljffajdjfablplhmclmeebhmighmmdg\5.14\jCiRh5zsPpl.js
c:\users\PV\AppData\Local\Torch\User Data\Default\Extensions\mljffajdjfablplhmclmeebhmighmmdg\5.14\lsdb.js
c:\users\PV\AppData\Local\Torch\User Data\Default\Extensions\mljffajdjfablplhmclmeebhmighmmdg\5.14\manifest.json
.
.
((((((((((((((((((((((((((((((((((((((( Drivers/Serviços )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_FECF2F8C592FFAAD
-------\Service_BdApiUtil
-------\Service_BdCameraProtect
-------\Service_Bfilter
-------\Service_Bfmon
-------\Service_Bhbase
-------\Service_BHipsEx
-------\Service_Bnbase
-------\Service_Bndef
-------\Service_Bprotect
-------\Service_fecf2f8c592ffaad
.
.
(((((((((((((((( Arquivos/Ficheiros criados de 2014-09-28 to 2014-10-30 ))))))))))))))))))))))))))))
.
.
2014-10-30 00:36 . 2014-10-30 00:36 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-10-30 00:36 . 2014-10-30 00:36 -------- d-----w- c:\users\Convidado\AppData\Local\temp
2014-10-30 00:36 . 2014-10-30 00:36 -------- d-----w- c:\users\Administrador\AppData\Local\temp
2014-10-29 04:02 . 2014-10-29 04:02 62576 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{D3F459C9-F3F3-422D-AB01-71B8093DF24F}\offreg.dll
2014-10-28 23:35 . 2014-10-29 22:40 -------- d-----w- C:\FRST
2014-10-26 21:13 . 2014-10-26 21:13 -------- d-----w- c:\users\PV\AppData\Local\Diagnostics
2014-10-22 01:37 . 2014-10-25 00:55 -------- d-----w- c:\users\PV\AppData\Roaming\Solvusoft
2014-10-22 01:37 . 2014-10-25 00:58 -------- d-----w- c:\program files\WinThruster
2014-10-21 02:56 . 2014-10-20 05:37 8901368 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{D3F459C9-F3F3-422D-AB01-71B8093DF24F}\mpengine.dll
2014-10-21 02:15 . 2014-09-19 01:25 4201472 ----a-w- c:\windows\system32\jscript9.dll
2014-10-21 01:37 . 2014-07-17 01:39 3221504 ----a-w- c:\windows\system32\mstscax.dll
2014-10-21 01:33 . 2014-09-04 05:04 372736 ----a-w- c:\windows\system32\rastls.dll
2014-10-21 01:33 . 2014-09-29 00:41 2379264 ----a-w- c:\windows\system32\win32k.sys
2014-10-21 01:30 . 2014-06-18 22:23 81560 ----a-w- c:\windows\system32\mscories.dll
2014-10-21 01:30 . 2014-06-18 22:23 156824 ----a-w- c:\windows\system32\mscorier.dll
2014-10-21 01:30 . 2014-06-18 22:23 1131664 ----a-w- c:\windows\system32\dfshim.dll
2014-10-21 01:26 . 2014-09-13 01:40 67072 ----a-w- c:\windows\system32\packager.dll
2014-10-14 02:30 . 2014-10-14 03:30 -------- d-----w- c:\users\Tô Fora
2014-10-12 18:46 . 2014-10-12 18:46 -------- d-----w- c:\users\PV\AppData\Local\CombatArms
2014-10-12 13:59 . 2014-10-12 14:15 -------- d-----w- c:\programdata\WCService
2014-10-12 13:49 . 2014-10-12 14:09 -------- d-----w- c:\users\PV\AppData\Local\BoBrowser
2014-10-12 13:43 . 2014-10-12 15:08 -------- d-----w- c:\program files\globalUpdate
2014-10-12 13:43 . 2014-10-12 13:43 -------- d-----w- c:\users\PV\AppData\Local\globalUpdate
2014-10-12 13:32 . 2014-10-12 15:04 -------- d-----w- c:\users\PV\AppData\Local\5991
2014-10-12 13:28 . 2014-10-12 13:28 -------- d-----w- c:\programdata\Packer
2014-10-12 13:26 . 2014-10-12 17:02 -------- d-----w- c:\program files\Search Vortex
2014-10-12 13:23 . 2014-10-12 17:02 -------- d-----w- c:\program files\RBM
2014-10-12 13:21 . 2014-10-14 03:27 -------- d-----w- c:\program files\NJax
2014-10-12 13:21 . 2014-10-12 13:28 -------- d-----w- c:\users\PV\AppData\Roaming\GetRightToGo
.
.
.
((((((((((((((((((((((((((((((((((((( Relatório Find3M ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-10-29 22:55 . 2014-06-25 11:21 114904 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2014-10-22 02:53 . 2013-01-07 21:56 701104 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2014-10-22 02:53 . 2012-07-27 01:26 71344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2014-10-02 17:53 . 2013-11-27 14:42 231568 ------w- c:\windows\system32\MpSigStub.exe
2014-10-01 13:11 . 2014-06-25 11:13 51928 ----a-w- c:\windows\system32\drivers\mwac.sys
2014-10-01 13:11 . 2014-06-25 11:13 75480 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2014-10-01 13:11 . 2013-11-27 15:24 23256 ----a-w- c:\windows\system32\drivers\mbam.sys
2014-09-13 02:13 . 2003-03-18 23:14 505416 ----a-w- c:\windows\system32\msvcp71.dll
2014-09-13 02:13 . 2003-02-21 07:42 353864 ----a-w- c:\windows\system32\msvcr71.dll
2014-09-02 11:31 . 2012-07-30 17:34 46552 ----a-w- c:\windows\system32\drivers\GbpKm.sys
2014-08-23 01:46 . 2014-08-31 20:39 305152 ----a-w- c:\windows\system32\gdi32.dll
2012-04-21 01:18 . 2012-07-27 01:52 97208 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
(((((((((((((((((((((((((( Pontos de Carregamento do Registro )))))))))))))))))))))))))))))))))))))))
.
.
*Nota* entradas vazias e legítimas por padrão não são apresentadas.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1174016]
"ISUSPM Startup"="c:\program files\Common Files\InstallShield\UpdateService\ISUSPM.exe" [2005-08-11 249856]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2009-08-31 7731744]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2009-09-14 141848]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2009-09-14 173592]
"Persistence"="c:\windows\system32\igfxpers.exe" [2009-09-14 150552]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2014-08-21 959176]
"USB Security"="c:\program files\USB Disk Security\USBGuard.exe" [2011-01-31 623520]
"ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" [2005-08-11 81920]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040]
"TkBellExe"="c:\program files\Real\RealPlayer\update\realsched.exe" [2014-09-13 296520]
"UIExec"="c:\program files\Connect Manager\UIExec.exe" [2010-09-25 138584]
.
c:\users\PV\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games\Startup\
BrOffice.org 3.1.lnk - c:\program files\BrOffice.org 3\program\quickstart.exe [2009-4-16 384000]
Recorte de tela e Iniciador do OneNote 2007.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE /tsr [2009-2-26 97680]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2009-7-1 795936]
Ralink Wireless Utility.lnk - c:\program files\Ralink\Common\RaUI.exe -s [2012-7-26 1672480]
RealPlayer Cloud Service UI.lnk - c:\program files\Real\RealPlayer\RPDS\Bin\rpsystray.exe [2014-9-13 822880]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"3212083974"= 504b03042629ac09068374bfb51100000040000057dfbe4f62c7fd005fb5184b749a521932500c6e36450cbd18ecf31d4f4dacff32af95971262b33710ffa461bd774c05119b02569ce8a8d0a4f9f9d99bd51e577a41bc9fc8512d05718337d5409324eb7973151b62c1ba61bd0f8fbe96057ff064e05ecd5aab1f395d31ed4fbccea9a4ef59f1d841997b222555ed8c2e286fb75804d9b0e20e98e03584359536ae91a4d8ea734bbdfab81defdfa9706ecd97ae56032bdca3ba774500a4f751b3a8f09216d7c2595e1d9f0d331b21ea6ba2011432419355fe9830f9bccc9850f86b72e4230d0a9741ba3f3c1398474d0de822c945416acb94f97b6a422dc2913d6f1a318fbcfa2d5eb9126f3ee3171d9c9c18e5f9c1c73cf20b81cf1cb41c1fa834574a06566dd31c4d50ef0ca0b02222667a910644e353b4665f2c858e7d7547e4f4bc3296159c3e13168d9eae095e53a81e268d2863da02c2f9bc822c5a3f8b10ad61dab11be38a926921d2afc97ce1a01caa14b8fbf4a7073056eaf871f7abfda86773ad2e54d14d30e1fcf526283aebe2c64a96fdfdc1adbcfe9f2a2476b167ab86b53c43a973293743d35d3e66e730776d2ab2d1d3ce56d941e2ea5189635d5838672343aca0afa785490dd6af823e784b6d369fd2f6f5d4116d5a9e06a3b1f9e7e80e661b5b5327519d8d0ac91dbbdefaaf5988791d8a75b3d01b8196b552f4f88b5a10c63b5a2e0fae0f1fe833b992ade9b2260815ce46ea44557c6ed1c7b0463f1764b58870def769fe985843408b7b0702d2d6a5b79b2c1b7fc3cda9bff640ae82f485967d70edd9267dc6195889f3be0da1286ca43f71b470ca3a91d5de46b03c4fbc7aaa61e00c906a706879b88aba54efa087398b3c2c11c1771d2fee3545362e8bbc9bd2307f670d391461ed21f2dcc87a9272704500db61f0f66f6378c631a575e5af2dff5443dc4887649f8744de4a555bd0b9135870f09cbe73107904d919548ff85c0a9d5f9dc791ff6924bee817d6458e1f59a727367781818e668dbe330926365788c5e4483b125be787f408a142298b80396888cc00484d93d225e9a8b3b281114e55e8b1df1168e92666756be62fe21a82e2760458f15849c2357f82ad448b86eb59dccea586027396467b4ae609cf8eb80ea0a3e42f424362faed015f304dcee6c6a41b4bf5bc851c5a47df7475cc20dd1c6b61f4de1c85455e96798de9061ed482b69a63e6ca89a17bc10f924d9d50007ccbbd57de891143454a0048189ebdad633e800ec83a57db25556c92ac7311e368cca0069b2aaff1d1e727c4535e7a40b6fd3c507b64e3304ca953e953a8990fa3df32e52fb0797fca67dfb39cfa47f4ecb9b8486119f0acec137e7872c6ace0254662fcc53b77b1efbceb6382eb7b675122253ff1d6326038146c4a10d395f6120e84ebff37736ac95659f0ba5883770779db1a077757d30abd1c61709b09f45a50cccff3e1ab4cf2c94a55c441587968780330972a15829348dc578834c0f3f64675844ca57f30bbcc88e0c8f7e11924edef715db128a2c066cff8a6e6a2a79c33259440356aa4eb3c04e7858c7f75f3f2a93046b41fb089f43dadd195cbe7a3aa3b33545fd6132fbb96db702066e900c11a54349f7cd28949c5b2ca48c58aceb53b359b3fac86dd7103623bc372aca87c57e32fac448e7365600055f425481b3cbd14b64c2a50b872edfed981157db1d90bea0cc7cbdd630908fc2e429b612a98a5ce45e067c9fe52db3266c9574a12b50675429e4b4064c2fc2ebdd64263a7b9243652a4f4a1c3d0b982c9f280d68f4d215ef11f4573ae87ee93483285e40f931e99f5c31dee9bed53051ae51cf381e54f815f13fb7832e475272ad46dff700ab7b42251ff76ae479f26afa3a6e00ec96d5f80f0d0bb0a7884bda15616eb738f7b6e0ce3dbb94d572036aa7151d761589dd1b4de8057918b70d2835cb8fc44f3868118c14beb61117aa70d393ab6e515fd6f5e0112f83f726c04c97890f343b66b10421918605a7823995876fbe97d4df70c40ab9ee1ebd26b3f19cb6aaf75f7467a69ba56fa42bc4107934b9209d9cb7805f5bce904a02eb0cea4aae7b7aac75393140a59ee9fe54e45c532410cd5681228218055ada857ce86ae55a3d77a00870e5354987028ca242729d312c965751ac280b79b6fb4c5567b30c8972935ec3c06524ecb4f506dafa429d62b7973a01c24d5ab704df79bbda0b8cfced1d7fae36b662818da0087430e01d2dd636f76175b479ccf92c573b151b8bf1761b7e9204ba17f87677c7b5ff08cba04051260f421d1a32b7e0dc320af45065966dbf2241bbae1f8619efcb2b2cce36bfe0dcad76a553f626aecd4d6920e3eba8beadf82f97d53178c2e3e528d3222032892bb522d33e9569c53ad877754761d82bde562bdd73b389fcc477aed96e76210188f5cca71dfb33b27889f95073427094611ced3bbad2cca89ef10b084e5209dd0c1d6fca4e09355012910d07d53d74e941593dcf7f1b99ac5833944983273cf770a1ff413009668ed12c9786b2b43dd0d71579392bda90db992157d9f08cc802cb5bcfc44690610c01bfc120a29bcc9f845c255515046dcee799d41ace3fc4327351aa4bae396c3205eb3ae7fcc53345408493985bc7a16b31fca83552987844f1f071582b9595554fcb79d909626c0bc84d99c6899a48790864b7b18fa0742197b06807d9bc294f088a27fe493d92ba5a733ae8a7ec5f6b7fa07988bedc3dad2984fe3f2ea9b3e00f666a8a1e8c90aa4dcd017cae1a00a09c6462e1899c1066e66c053263c66f77040b2a93d3f9dbebe715f1cabcd961274b0ff943c1b8b75d38b133a9f830886a8b5acd64d8660b7b701e0e2764e0cfa4e6f374ad5de5e10f3bed2fa05ba17d15c4d354453e684f5e877ce4b1d7a6456263147b55063c128a0595d3bbf6ea3715c305a8696815af1757306a6ef5f39eefe33d192afd5a02e9284dd3063d010b3843a3d6e65569987a008d61628a85988c707465c725b584d3d2044d6f3d3c6cf2dd96bfa1b06a49d945daa2de7b34f53bfce6cdd930dd636525d0e34e65d027cbed97ff239940238aee6bb3fa10a2f4c1a91102d47894e906cb56084049b15907360631a16ed2863e37daef3cf06c6f5998317f920b2e03f40c6b7eb8cd871a254f59314f0e1fb585da8a646a6a47e55fb7288f45afd3cd999144ab7150c24ee5a2a59e917a8c80967e021a0a6fc96873eb1a3eb3048ab754198b95275b72a2a1e065f3227b9e9e16cd6966542692b2bffbefcc73167111b9219d094ae4e79fbc880db14fc1dd6e91249cf30f0806baf43deb92d34db7f49b7a5e77f335278dd47c7b8f95719bc3ef5bc8396162bdca957fbf415c2f5cda3cae751fc434e7a8920948c56909342f7af3b5d10129d5572349f5aca1868391d9fc734cd223182e003bf44595b0668f83d00e7a8108fded92356ba1eb28d383e2b4896cdfe10542e7cee6cc9f95d66e78b93430357194d73d8d218656e02a03a7e15d0c9626c4f6b5bb5079b173766ebfab6487161ad904558acf2f2954db2f10e4933edf9e98a87dd18c583abe3018b48b3c9dd5e05beb2d5b0d56af20857ef4deff601fac4e05efac4ef73fb93744b6871bef143bad8c81642e04257ce6d04e4a5433e2fe09874128f5ef394bc49f2f68ac9e0a88384b8d31e4aa15bbc1e94b762ea4277616ea1e3dcdb4a8ea5da936e703b15662a015eeb060cb56c1135e445432e8cbb7f91120f5e610b4ecb9c3fb02670149210d6913f4a8a86e89ca0dbd9d8e74b51ff3563aa1a5e909f4283a98c2b437737aee98998c1189fcbff0e93ce6c1253059be0b5fdcd8d271e90dc970d9c435e18a90fa3d3084c40c18709ed62b81cfe9f0b926eab6efe1b4d518fe6d5e1745086892340bba94a5b183326163bb49767ea8e135aabf5589ddccef7edb6e42622598381bbb479585401e23fda593520907c04f53a58084327d281f42e49715301dc80360816c625bdaad2a8d47e0797f7061240d2fcad1170e1f8c1ba37cf6c4c166006e77849cd8b59c85bd32a5bed00a0b664d56b280113d563be3b1f527c7ce350c00a097e9dcfb8b6edac0cc18c5d2b94dc7a0f93a4277991d8e226c13d2457089e69c5cf4e909926690f3d7c7a175e8a491ac947f5acd97ab0ffaa6d2bcb0d15f1f807be2b79dd3d97a37169a5b403169efc73ac58dc6bbc8833e03ee9341729246269ef654b21db0df2df33e95caf9a77cd7ffe1f93d49e91f20aca3c1f602a3eb04e8d7e744a6a8826f5ac34f55c2f570a30b69660f955d84b0ca6133f86cfe105e8a3579f3799baa75dff13533bb851e81942766431a94a57d4baae0c000393912b8d6effff86be80ff50da89c66c623d08fbef3ba8344d75a5a00e328d031f7e25e306b3f77ef418865b108269c91e9c2ebade2640f88d3694a3ad42684aa52eaf25ba1f47cb7217373295684caeb19ace7d1e55c62a8cfdbe165a147da7b3de81bf330a6f2aa294e067c3afc7f079010641ab7db9983a449e80e34c4c0ca5ee7ec156d6e5de64b010ac16dbc614538bf56baaf4e6a8d4054c9cae8489d2afa644ce736908ea75b198856348ad34bd67a2eaf019c45067514fc799d6787c5e088e75da6a9279016427af54dd678492452e23a9e2d83a200d035543e4da3ce71b83ca8638a535140250cba762f7d8daf043c7adbe05f724ec7b6f844612c37d6fcc4d2624c8325de0aa9434214f6b7906e6af7d3891109c49b7489887eab75df4554d90f255f262d5230a38e0deba33007e2f7b884eab7ffacb81a23b3f094968c6182b2a7ff52b7cc9b83d36a5808ba65f03882faf3c3da2765e6ec39dcb6f4e6d7bef308fb627287bfc12e032793d54423ebcd462108b2c10738b63f7c4dfdc7ddb3a62d3d4fbdffbdc9af70bb91c9efd7eea3916c9396197493d15c2e0701aa4138e400ec4ba014c407608e56bc1c49f1810034ce863a315b6fe0a2fc8b9a8753fbd270dd69cb4eba27f1f0ef22d7df58a9010d9960a989729ade4dc85496aca261d1b8c05deedb0662868bda827ac1ccfb4be3b7c044c15caf448db5194d83fdd72f4521989872f54d015c19bd5bc7cf7b8a69fa608fba04818a68c0dc71ec8ae8dc618c6c55c4f823b6151acec7eb09f497ad8721b3311749dd07cd74d312f45e470c6e73e53d42f5bfc5151f05e4079bf7eb625b3c525eb97f3b1c6f0fac783b5b5fa55c7638262214a257be1ae4ccd10273e317541dfe81efc1a89e9d790889e034f6ee2dfc0b281ade62430c2b93d7f36886869e483ba69237a71b99889fda335958c5474db7cd1b81fac0bf05feff0903c69c4d9f184b53a0331d3bba2bd54e6bc9d1a0290328ecd62b2e43c7af5d618aefc9c72814417b22ae24661448d81545137a05629c6b9456256f7d76d60d822e0b7d44f1b820178d2c6dc0eca44306c3ffb77b5489a65a02411e001c6d6faef894611de94858f5720e905c82225a5e7d6ae6de6080dc5cdb0ff0023eb43f5a3292035ab6df96a4adef51f8b0112d448ccf5e8dcfa9d09e4ac09301a14592535ad7193346a25a402ff48116059f5c69fb6be7cea365e152f448d74bf84e1e55791de259bb6d44dfef64bd9c70eb29da00a4a5e9039142e59d375d6c3f03c23e2b3c59e379c7748026d146edbdaf324a39c784ebdd8ace1781b07071b3389db0aa98c67d50d01075bbee584eaeae66fb614579fb7ad9aa865e8817873921c044efbece91cb0902bb53c21ad35d59482e61b67da08dc417c458309198c1501bc6a10cc1a24b474cb1fe68cf81863c28c4aaaa2375203cc2194e8f95646294e2f3dc3a4b7b2a405464d79f302b7a18394c239be7ea1066b78671e4ae6b3157d7f246511cc2c3b324836c774e8e1be050ef2aca3dc8220da55339db3008eba47363f04ca59b903a598528e04b72c85e6c377263c84fab913db4e9cab469bafe09e84aaa19a666bbd86a22ad48f536050ad6d0d59374da8b04119417eb07a8d1ff9d1704ad4ee085f03777700070241e6aca91dbe511f003bbad6658e7bccbddcce77d50eabbb0ee8203c0682b98e2b147b4bd46d89039ad102ca0760148728edec66914c17b0d5a4d0afa606c4a07108c2c8dfcd7173246f49f6ec9be94cc3af65514693600bc743417bb37c17117faaf9575f273b96afdd1195e4ba006099834bcf18918d7fee32e7320cac1092bf4bc9138871898ec9c80c7c089ce7613187de637764d78dd380feaa8fc9f1e7f8c740b75b161c56307023b8d1f3f6019f2f9475a10ae871d02950ce58b2d1936ec288f22ab5dbdb324116a566ccd141f46633951878b2b8329bd00fe5ef339c82e1ff41b53e4e7cc5b50474e60eafba9fba1851cca652a705ebd2661ea7b8e1c0b8cdeec2
"1781466620"= 504b0304c90da3b1fc052f6a120400000030000057dfbe4f62c7fd005fb5184b749a521932500c6e36750cbd18ecf31d4f4dacff32af95971262b33710ffa461bd774c05119b02569ce8a8d0a4f9f9d99bd51e577a41bc9fc8512d05718337d5409324eb7973151b9680e4b0bdeef74270b882eb420946b7b8b40862b9dac9cbf5a56ed8568c971101f6734e2b8839d84e1778d29918a522d11b349b1be5eec317e6d490c16c1a51d921b47d2d13cf9d64fe92e0d09b6f80680d8d36fe8ff62dd3048af7c85faa6b57e858e3b7bf6588bc5287ad7fb395cfa2bd08ca48d88e6e979eaf922a1b50d44b907b41d7f677a3dd643e04fb52b0ab709b83a9de68a4fead992fdfb3dcbfad3affbecb689110bda87e4f546bd03e5f97d85755d1bfb14fc0d2a03aaf7acd326a91580e0ddc3ae0e2e5c538534f2392c0639bbdeb336ebcf4509566f1839f940e0719f99bb17d1741a1b1441aa2fa2fe091d1f37d32d32c610ea70cb093770d7ce76712d71530a85276cd7377ed3dbe556f3f755000c19981d3cb109c1142a5657e7c89bf1b429820050df6b56f17cbaad3709e786fa3566ed4dcb33d87416dd2dd561ae2c5cef21bac9394b3f748d101be50098941f942150de521b37631f0c4dae3a1075130ee568f9813fc2cf60b57b3957c633c8f899d482881f9302c3bb20bdd291e889d30a0324512dd1be329f3e8fedd2a3fcbc0c025c01b32acefe29e92ce1c420c5d0adc32fc850762eec6c7e6a19b5e50ed6653da04d744496ef47c9e3ffe3c8943f699601c6ce42b368838837c5fe662563c78f4699328a69479eef836e372aa78d88d09053d0de5e8f767f253801269adc9d2572b26e6b5ec6f70b7cf1584cdd6c5b25be3062cd6d0a038141428a81360a742f94a45c66d2c2b7fee81b0127e6ed2a49c62fa0ecf00bf527bdc6f6f2ef8e994bc33f4eb03b50f3a4d91c9fb3ea4a78de1a74b16a4319c7cda11508c79880ee7d20341f3ebc0e4c2e05c048d837aa216ee81ec96b17c3521f5844b1e8c0db51b8fb2d5ee1a805d8a1c07b854637922bd1159968778a9ad7aef71e21f994b751ed50583199c2eff454852be0a4eb1376757cec6be659bb0387b06451b1a080079cd8bf27ae308a81f929265b71292a747062c3c321bd964d60bfd272a92f7f9bb674d7f31ede94b396990b6b1777dd0c3e975709cfddc885cc51f5667baa2618f7fb19e02e223e3313e7713c2fa526dbc36a41999aa9274b68906fba6c9d271e54d0114ebe5fa5f85cff7274ada3fcd59377fb153ee06fc8c5c1fbbe019245f4ef6f48f6948b0d60cc69a75a446d3fe486a97c0573c8486eaa624ca728f187c4725d8284886c32fc3a1a610a5d4e8120b69632134639e24c8a08361914e2ab775cb27d1fe8b7b6ad85d6b77ff469b33b1a8afbcecdcd2a687aac7a0843eb48b39706f462a547085fb2abd9a94644f5d70fc8786065a9e4f91a729ea801bddc2e63866920816
"3518887414"= 504b0304736b0169f6f5bdd1981700000050000057dfbe4f62c7fd005fb5184b749a521932500c6e36750cbd18ecf31d4f4dacff32af95971262b33710ffa461bd774c05119b02569ce8a8d0a4f9f9d99bd51e577a41bc9fc8512d05718337d5409324eb7973151b9680e4b0bdeef742fb6b81eb420946b7b8b40862b9dad1e8c7a5dec04e6c8e0ab4456e6f28ce14f51f3725eee5b20d7ce662c02fac80128ae38637fbf4867c17c9d717663da6767d89c658fdd74fb81b03ebdbdedea7491d2a3c133ef493731b542604f4bebc69fe2f02cb40f9b3b45d29a40a4a1487d0b71dd1b68e821f40084b407b25ee87063b9112ece9514914c7d4423b12f045b6a22d150d28f78c844b2c079f1b78200055c5fca3e82a972455517bd3c9f428b164b89517ab47e6b447afadd38678b857bf838eed34321eede6905e27fd8abfe7ce349b787f2ceadb45bba2f4ea19e70a8a2b5c4f0c177936117491afa1edeb5d5afc2e0e384518db1217850b7eac6ff9df99ed5e1416fe1b93fd4dd2036e8371d5e129993e594b1bbfe0669302928bf5a268e0f4aa93288eba13bc0125cecd46e2906e1d19cd2d3ff14d1b1ffb50ac2b2f5a28df9cb6c2e32f23d6a4fe0fa130be4dba875daef9cd943276420bf4bcfda157a87854590b71981eaf3fe5114e13b51b9956b7586105a81290a7f974ae78e9c5e5305e55b90536d5da9abe3aa6d3d7894737b70914e304c895aeed4ab7aa36fa2b8e5a93a3220506fe29a7d9a60c146e7edcf95ede9f5209637390b061cde231782f8b2a76cc12420afe66c666b54c8e1de9c6d7b8951184ac7f5b77d43b0a93628520289b31b01687daec69134dc85036e82c4f8cdbb84bf893e3d9dfa8898628a43ef08e2a7f442d85e85b083da10c4a48fbb1886aceda7a00296c79c3661b3e6c2d7975064380156ec53adb7ae23bbca7c0efb04863da781aaa195e7907760bb6ef0c1f326f86e4c65616b48513ac1bd36b25480b4b768869c05673029a83a23390f3595fcfb4e4a02fac243146e3a585fa83e91fc142be512a930f2cf296440b42b78c2880f0ff81b398ed373d287e58c5d313b3c28b43fed2489f2de932d5772a2233f3d6499e9e8754a064e61c5297c7d0913fc35baa83fb3c50e415d439f5d925e865435840b2aab80bd945f071db917a602d389ea2e3e4821423c5f4b9c3d04256b28d804e2c3dfd2a3b56cb4562f16616747f6f4974df1671c55e5c585cca7da509c73e567b0e19a1c9e7ba63b5e3fc82973179fb5bbd290612437a66ff92397e2024d203103a81238b4a2db552f8a252756ba784603dc7e1ac6799f1392a037d0128b6e82e0eb7907b10a097fc759bf0a26746e03a5cfb6cc635b5c3ead1266b4be8598a1a440e0ad49f4d4e0707e697a7d50fa766b3b03890cb4584bb70ed819fffe467b4718295d4bfeb9f1c454ed3ad402c01441828cc71e6330f160d4e7d4595c440b3f8ebf43ce4d3579902f00666d62d00eea6e437a3fc99cbc1588935db5dddff1da133827f8329106f3ea7bd9e4850f6b7c2679e9ba5b8542924f2054d089c1bfb27d94efc9550cdda928b972f95da7a48039874f81bcb02169ba4f35b12f420a3b086db2481027a637b789e88ab2287712cb3690d698799868450fa9ca5f7fb2d9980c25362be8ac4830b721795fae6c7c44971cac88cda6fc2c56df6d011b7e563b2ee540f6ea288f2c62f47204c9d944760d7d8a009f0c8c41fd43d1eae86e1c1a1cff7d928ee40ab435d8ba4fce63aa83d67e9095b26eb235d2b70271699209cd956fcd5bb44f6f2987a35057d4535d107764e9fb9b42514aef835272b347f56caf82feae78601abe447535ec9f0aaada05e688e468f66ec3ae7418751dae58a7d2fe0e4ef52e11396cd894c31ae9186e6f9cdd05a66e709c25e0f12bb2bc2e76c79a4ef6af794e522791da444af63073d3933053e2dda8b7a5fa9f892a324465a922d83d20b4a293dc0bf0e21254bfa58a9ee85c4cdfbdd09cde9e5c942655f3c8078aa42544d75ad310fada908142b3971f387103f3c959817ac23479bb7151c97567d388be6e5b58781375c65f52c3382c2294829e5ec2bb33721689adeff8fffcc34e4e7c409b82070a3d5876f0c90018600c2deb148a45fc8f2441d921276e39c0049b72e5ca8037953a9c96f1da6150859b9c992b3f8735f383b8d81e27b9e5a876ab04aadd93519606d13824f27eb090bf13461ed0c8314fc93ba9a8d18c5724d18628d674455a3fbe35f3d72177f252c303313636619b6cbb1aa7495ce886ae790de015c8ee29cb28a0ca5602360f427decabb77a49d204f98ab7ea700f9341c0bf71829bf33f4cdcbf7ee06581320c766ea588a380eccefda8d8f6a669334f0561fc75f199e1e3b3b094ff6a1593b3e3fbe7329304aa06d28744aa7088965416f097465e68dc9b413123f45dadcf67cafdf5e7b655ed4e2352f27a969b3dad5a37fecb4b73de6261cc2a6c64c8d0aeaf035db33d77ec5b6f2100af86b06a56698ef504eff99f4d06c0cbdda2b0b0b15ca9b48df92be6c6c8deacd71ef16e6b9bdbf25e403b23fa3a43d2d3121e95310c451242118a7a4d708aa70aed759dc3a830660b24c1beebf01b6b84aa94cda999d6af0c92f71ff232d83ee1f3109074d716cb1458067a8a2e0c633a527e1df46a392bbe35dd7fb26433e728c0a8df2d0ddaa81de445c6b06cc40ad02c78f3c6fa54f76decbf41841fa4954e65a7e027b018152148b0c30b16de2d2552de793e3964d74edc266f9afbc4a300346d81e6efcf636b9004a0f8f81e84fdc9bc34ed6c9232c1652964a6fdee5cab0a2c9f845c3b4e3536808f7fd66644d91197cf4dace416078a0b6078a897f696c2054f0eaf5dda39495ea0c804f7a4be30e97c8133d77e69ad85b0407673ef2bb186ecd253984a0051d5f2ad19037c83461a699fca9348087e32ba2acf63e39b112e0f3cd936749bab8070a85485352e435351bf19b664420b1a332443f96296ec980c72a3c646d6c80ceb3c45965daed78ff1366da8fce39771d75d997711d6bbc9486f36f6f48cc5b0c014d26500736e0097590212b04b43665838b3547af369d04e52513ed60e396ba9d4b9f8b7b8c8223f730513e9ea20fe6e8befa56fcd9cdaa42ecd7d498db853ec4ef0fd615fb85a521118af1f96e7552fdf287f6b35a28e7714c0310024abda1f07e918b8622eea24a8eb32797d708d15c6406dacc26be6b6f8196173875d119188acd49cfb8663f9f693531201572c0de4d996fcb9e47ff999caffef87285245934c916b5eff308f8aaa0a073bde32d699e8b66a7600001e930e475d84da4b77a780abb5b2516d60f7752e83646a37e1bcb395325926bc8dc0ad2cc21a8d96acb134f69093710902da15417d929fcfd6c7c77756f83000349fe904594aff69dbcc6dccd1f2c8a5ad33626d5fce069726611a008a878f38afd8b03f8b759a8620070eab5ead287665a8d99a4a7e60d8057c135cff8739899c5f8ed21a59e642c03381ce817fcc84be771daeed160d838be914e2f30ee4600a9356600d5050135e1e9b23d198931edf7fc2f7a4eb778103c1e5fc7f1b14bc5a18d76617bb243389510ba16717f18cdc553eb617f7043b1a8ea35094308388d7b2d3f10ea6867f3d8fcd5ff3ef33e55243dfcde4e9310cd1bcc68c24d028c2a9e322ece6058c4483189019ffa2fd7086b1889dff42222a5be59eeca8e0b2144de59a4a20f75be683b3cac38551cbe58711f9d5263968a9c9fe91b575ce5f3d3d72e1b9b3c2b8dcaee7c71536a11d2b78d0c42dd32610060f56e34df0a25f501d9931c6110ddaad1679d53347005b2ddeef846332f862eb775129f105672240e79c3b3ef8eb557e649c6d28d62eb191e8fcc250982a5ece17426a73d72e9f0d90251ec693d4051f17ec02293fab775d8485e52bd9b20478e9cd47d3418e2d44039577a8e4a6240653dedfd527db5524ddcff5219b82235aab3dc6618c0d51276fac13033524f151efca21f00cec6532d6c7f6b8536da5a8a09628eedaa735a7b3573881131d9806386de22f77d095051dfdbd2671bcd17300d5a1a73e3e176e20bf85893db110df52f843868267a0ad7bcf83611917ccbe9db27d22806b41b51bbffeafd48444eeccb427a55a72bd12ae05b351d6682f3d37cf43ed61d538614b6d4a9c5ba8b5d8ce24789d495a25f94f6c15facd726ea1043ab2a57b98395e37eedfdcc8539fc12c1cc8286b1c6afd83361df45a1292be8b35160a6095bdf68d1b89039b51d717423882a1597be4196717d3b064534d3a41f6fbaf346bb553bd45abdeef037a2fc884476ce3d67d209e8535bf1fa5a0c2df1b6658df8004ac8ca091bfa901f765a8a08174d18a515313a9c7534e8c6c1184b368ed151dd7294081b0686a9b7ff549371ce1bf2794a4c92698aa4053c149ad6010d721dff8da64b5c00483b044a134b4f26aa49f4f150411dd2b0e411253a5c03850d6cc8c8ee961320e43733a62d46301d2e25efb1f15b0bbb7bfc46d10da89a3a29171ac3f6e53f94aa51c99bd407f81a809b53a68c4a1af9cea5c58c4e696cabf55c12cb4f018f11a634fbc971ad601b420a05847479601a59cb0510e0625b87f8aa16bf57278bad32fa586b30483a4971cc11741e3f2f8f6e7b3d6d16e73eaf8ee45c5df471cadb7ff4e5291ece73acf05aaa7cede4edf913334774606e4bdb814feea81044f51b16736fae8e47449b6cea9e4285a5c42724a53d02aafe360efda8912530343478477169bb4d81afae7f3926820dfbe8896831458f0cc5948114accfc3bfe95af53f328323049666a1f311089fe459acc283e256808b0bf53615acd77464a3ce8b93fc1cf83515e64f8cae4c429e6214d8b0168d37b40875b157588c99b99f4441429252661fbbaf39c08fce0f68f5d53b16fc9a8d73d1d55f8a04b4f27f5cd337bda4ea44ef23736eb50a0663b0ba8fe30abdfd0ed3110b078def68f41e9a34ad1f6dd39079a2095e5203aa78e665213e641f59bef71d91afa921ed8c87f597b845ccc1d53231bb9035944093fe409e9a22b057ef5192eb5e9b654823e6decb28b27f297cd14d7e095166481d7314686ee8f61ab7c7c196d6d869e3099d5cfa59bc3e660dccf14268662376f9fabb010018ec7ee9a5b07fe18dfc57df9fbe3877c4d0b67b21ef02237cfb6185c7e7885aac68fafab47dbcf5cc4860c247de0b342d824601ec90ec9b548766aab1b457724114c6f9148eaf83c3dc4e8f2b156031a1e43dd04f0b815ffe2183c6b174a6862876c21eb7f685875368f5ae83a46f4b330cfb4b19889b4d34f9152e8135aa4e1af2e165fe54c45c82c789a23c0b47abe49572ad971a2226b40fb09ca949d5e5df9d859e4fd9bb0e37e4784961c7521b785eadc0565c38e162bd2e3185e8af8de96a81c263fa96b6716ed4be287075ff71d48e7643f1e8de335c8ce5da57488e835fe3a10458c6d5f16deaad57d0f32f96a226ff84d3eeb4b8fea8c3ee4da7aa7710782c5ec2ea3da379c404ef5dd884dda303676a051417bc666665877e9840c9d89e6fb6c2a113d0ba2e0b42010a28578e469847392762483b98b4d465fb29b241115b0a96b3f0f82ab100c63ebb774e62a0381c8e47c1d35c13238995ec456d0f852d2a320813282979d09597ae0d61c7f99600aecc92c2c884eb72108fa9906f2f6669bb41fd0605359ee61ebd5be89a0456ecd47ed17fbbf4903a00c7026453dc6eccac0b37c1bd74c5f95da60d8dff61a2921de0af3436bf2a3df6039d9e0418bc64ab76df0b1904f9a870225179679aa30ee7b82ca6c1d838f66e9783d9399c9c61e55f0e6954b301a0dd3ec3a2e39d795f8ad31aa0d90154abd24a47fff5aa2934212516c52d340eb6d148ccc5933a9fb14ad335b2f1855d90dabf8af7a65244684e8e29081bf6aa37e4bcca1e7deb4fadb1768f141294ecb1d9c3298ad0f332614ca3fb64c92f92d3ea085ce810fc75b34870f4dd06b126f43e0f13ec4314ce762b6dd97093ae542446d17406adff089eae7b1c08d0ce8d205af802ecc4946f51a9c58d0719bddc38ef755dd0bbdeaf3c41de8f2d6a9b0cd1619276cada9faafaae0f9c856573b3bb646a4b3afdaa11ce836d9a3a673972b7733c5f45098a286e6b2f5fdb6e46901a47f1dd8dce2452f3937063825389ae08b9acdb358feff0fd45d7b18e838a6e113935316ea3f71343851933ab80df882760fe5a534723e55cf57e0ca089d78fda91090990e0dd4a1f2d91d0044e210584dc29d1b61b6644e7e58747f0054b9de5b1145e4b9e66808374476121c25f73f989780bb9beca60b1b20a3b7240e15435bf76f375f1616fe55b1575d738154a3e78877ea8381a2ba7242d2a58ee06ca1b09c0e86405d29b721369effc14abc27b5e9d4891315fefd448df7209ce7b0ac4675de696c37c1ba5404c0ccfadfa7e360dddacd722b48ce30f1494abe35d9ca30b9488b436dde267f93522a50798ef55f6698f041b2f759aba9099bad4e4912a48e6bd0b2a2b32748d170a7cc276afe0d56e0e41ffb89859d6b20a08870217f13cf879400a68893d8ddfd373d86b2d8574f399e942030e5becf224b480d3df3ccaad9c067635665da54b0123a89ab54d0d215f4473ee0efed6e44f987a9082cb78295362cb17fd35e2e2f078ab8088a422058a794749318560f04563ba663e58ee05a1153441b09ea39c5ea736d3200b71d2e6d79d346f9f86a00639830778a6d11c36fd6527b100ca5cadb86728987db00805aefe9406fda00c8ed302ae73846e55a9ee3a9e3a1272b045fa34d0c7a0459238ebefbee1077faf8c89086e4d26ba79ecdd6ba2f04e06c87873e2dc9428643dcaf28c719548a8a2592542561a346b89990096d068d3ac4ac8dbf9146dc90ea03e8d46c3782c7e2e3326e37c055b0274f2a25f0ef4ca516f3c8afbd0bb94e9945a13cbaa8ae355b03477b900d0622bd1a838fd2668226ea2fa467f19241325a8961c07851d66ad889b9958d518a78428d89ffba2c9b0737928c3cd40406dfc971bb159a3a5e64fd44eb43ac39bd6ca33ca3c6f2d6d4a3e1aad334322a873c58a92a384ca2e051f48d2676e3a21d5b10362dbf02f97e8d99ffc3e88edb6191ac0990015c1ac05ad1b255e1f2b2c13802057dc3f7749c1ac9f87ab923aea3b83587bcceee07a9b91b414935bbd1094552c0af2988af4ec057a1b87493835675db0e3d301e7dfbee8f2ee4445571b1f02a82ecb0f48d788b3e90d93f6a66e365e7753d8668994a406031229818b77fcfe7aa4ab900a9572b1939e75a9403b4a1b11eaae87c7ce1f92ae1c3b91d6c16fe1a903dd9a82bbacf64b509e7791f2a1d345b552a8acf38e8b9f1bea5f2f612147d5f816203f1b7680c815390e391e56a2670cfe2828e3be95fbd10a3dcefb43a3aa802d3120bdab4742a40d043c63bf443f600a433bd5219e6fe431d02cb5bf106dc0dc903d147341bffbba09a3350a395ea109c311c86ce611dea70410c0d8779212d76246cef326d94c390d1ccf649d4cbe7e768d996de359a37781fc762235b0a73dbe1694b83c1171e0f1b9b410161421764301267d3ba855d49852a03523f5f306ce5e70bf8a3759d820aa9baefbb033ac83de502d52d919e028ae331318d4fbf02f1614e1020e570f78097ce3f500d29c3c00457001c9d29c05c9e0f529cca8f84388ad1763f2f0544f16590434560a7347f25056fefa6c9827746d2863deb779bab6a5e2a32b432009bed1499a139cef4e02b72bae5fe02e249181b9186d02be799b3b8ed99c204c527bb0fae7eda3e7ed6cbe3cf0fec0ef9090e89947877bad5c0a6ba177d35edc284ad83dc1182a135012be966dd8e731de664a8fb8c24abca50388f457aee8913f89e5e42eadc1924b7b357363d86694b5a9eb9add8dd0ec81a61f5042a9a331ee131d39f865e66fa5c68bdc389bcff9704de8626d8df84ce85fde68602bcdc4963e247fdb8d50204b34d760a7c86e18f6a770ee864bdb364ec7e34cd8f24062bfe5b58b09b8a64283b8fc9467b2d3e8f74654844047e06ecfd422cf85401c9b006c3ae9e882a7d1bc7a65afb20942ee97ff4571903fa56943743118d7dd6f9ba39e4fe91b023077550b65f5854001897fd509a7b624127705419c46f4b462081abdd912719991dc5ce220e8acfb6eef7e6481d26d6890f0bce55866d7264c10768a06167828ef153cb1f0e26aef6b36f94caf3962336e11e0879d355a95f216ea5bad7653d4e68115120b09a953fae2dd82a281087d9d24271b9d020eea05093fdf4cc0a443ff5b63a2c202d42e485a318630a11bc4c8a6233bca7ba371af771b7179d5df8989bdd85d06c65327f1632085d433ee1acadbdcfb02703ffef87c24cf34ddf1d16f2400a7c6e3dade91d2a519657faf36b32614d692f52abe006294009f87eae07f3600444f26a3152ec6facc666954496f5e992f1d7ad27f3fdd80b99e43cb2e531c7f028c92df8b025976e50922497546037156b7db351756b78ff0
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\ GbPluginCef]
2014-08-12 18:20 1736008 ----a-w- c:\program files\GbPlugin\gbiehcef.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux1"=wdmaud.drv
.
R3 AVG Bonjour Service;AVG Bonjour Service;c:\windows\TEMP\avgcu_mDNSResponder.exe [x]
R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [2010-02-01 29472]
R3 CT_QUALCOMM_U_drv;Qualcomm EVDO USB Device for Serial Communication;c:\windows\system32\DRIVERS\CT_QUALCOMM_U_drv.sys [2009-04-27 103552]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys [2010-11-20 62464]
R3 esgiguard;esgiguard;c:\program files\Enigma Software Group\SpyHunter\esgiguard.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe [2014-09-19 108032]
R3 massfilter;ZTE Mass Storage Filter Driver;c:\windows\system32\drivers\massfilter.sys [2010-09-15 9216]
R3 NdisrdMP;NdisrdMP;c:\windows\system32\DRIVERS\gbpndisrd.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2010-11-20 15872]
R3 RTL8187B;Realtek RTL8187B Wireless 802.11b/g 54Mbps USB 2.0 Network Adapter;c:\windows\system32\DRIVERS\RTL8187B.sys [2009-07-13 347136]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [2010-11-20 77184]
R3 terminpt;Microsoft Remote Desktop Input Driver;c:\windows\system32\drivers\terminpt.sys [2010-11-20 25600]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 52224]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-20 27264]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [2010-11-20 112640]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys [x]
R3 WatAdminSvc;Serviço de Tecnologias de Ativação do Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2012-07-30 1343400]
S0 GbpKm;Gbp KernelMode;c:\windows\system32\drivers\gbpkm.sys [2014-09-02 46552]
S1 Ndisrd;GAS Tecnologia Filter Driver;c:\windows\system32\DRIVERS\gbpndisrdn.sys [2014-03-16 29400]
S2 CDROM_Detect;CDROM_Detect;c:\program files\3.5G HSPA MODEM\WCDMA_Eject.exe [2012-09-18 325632]
S2 GbpSv;Gbp Service;c:\progra~1\GbPlugin\GbpSv.exe [2014-07-22 546104]
S2 MBAMScheduler;MBAMScheduler;c:\program files\Malwarebytes Anti-Malware\mbamscheduler.exe [2014-10-01 1871160]
S2 RealNetworks Downloader Resolver Service;RealNetworks Downloader Resolver Service;c:\program files\RealNetworks\RealDownloader\rndlresolversvc.exe [2014-07-24 39568]
S2 RealPlayer Cloud Service;RealPlayer Cloud Service;c:\program files\real\realplayer\RPDS\Bin\rpdsvc.exe [2014-09-13 1141848]
S2 RealPlayerUpdateSvc;RealPlayer Update Service;c:\program files\Real\UpdateService\RealPlayerUpdateSvc.exe [2014-07-24 23552]
S2 SSPORT;SSPORT;c:\windows\system32\Drivers\SSPORT.sys [2008-01-24 5120]
S2 UI Assistant Service;UI Assistant Service;c:\program files\Connect Manager\AssistantServices.exe [2010-09-25 252784]
S3 netr28;Ralink 802.11n Extensible Wireless Driver;c:\windows\system32\DRIVERS\netr28.sys [2010-02-05 785184]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [2009-03-02 139776]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-04-10 23:56 1077576 ----a-w- c:\program files\Google\Chrome\Application\34.0.1847.116\Installer\chrmstp.exe
.
Conteúdo da pasta 'Tarefas Agendadas'
.
2014-10-29 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-01-07 02:13]
.
2014-10-30 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2013-02-10 14:38]
.
2014-10-30 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2013-02-10 14:38]
.
.
------- Scan Suplementar -------
.
uStart Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
mStart Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
IE: SmarThru4 Capturar seleção - c:\program files\SmarThru 4\WebCapture.dll2.htm
IE: SmarThru4 Salvar como HTML - c:\program files\SmarThru 4\WebCapture.dll1.htm
IE: SmarThru4 Salvar texto selecionado - c:\program files\SmarThru 4\WebCapture.dll.htm
IE: SmarThru4 Web Capture - c:\program files\SmarThru 4\WebCapture.dll
Trusted Zone: caixa.gov.br
Trusted Zone: caixa.gov.br\imagem
Trusted Zone: caixa.gov.br\imagem2
Trusted Zone: caixa.gov.br\internetbanking
Trusted Zone: caixa.gov.br\internetbankingpf
Trusted Zone: caixa.gov.br\www
TCP: DhcpNameServer = 177.36.96.21 192.168.0.1
FF - ProfilePath - c:\users\PV\AppData\Roaming\Mozilla\Firefox\Profiles\6wbyrt5o.default\
FF - ExtSQL: !HIDDEN! 1970-01-17 00:31; jid0-O6MIff3eO5dIGf5Tcv8RsJDKxrs@jetpack; c:\users\PV\AppData\Roaming\Mozilla\Firefox\Profiles\6wbyrt5o.default\extensions\jid0-O6MIff3eO5dIGf5Tcv8RsJDKxrs@jetpack
.
.
--------------------- CHAVES DO REGISTRO BLOQUEADAS ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Outros Processos em Execução ------------------------
.
c:\windows\system32\WLANExt.exe
c:\windows\system32\conhost.exe
c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files\WIDCOMM\Bluetooth Software\btwdins.exe
c:\program files\Ralink\Common\RaRegistry.exe
c:\windows\system32\DllHost.exe
c:\windows\system32\conhost.exe
c:\windows\system32\sppsvc.exe
c:\windows\system32\Mystify.scr
.
**************************************************************************
.
Tempo para conclusão: 2014-10-29 22:53:35 - Máquina reiniciou
ComboFix-quarantined-files.txt 2014-10-30 00:53
ComboFix2.txt 2014-10-29 10:07
.
Pré-execução: 10.457.837.568 bytes disponíveis
Pós execução: 10.097.311.744 bytes disponíveis
.
- - End Of File - - E0DB171F90B4D9C61B44CCDF37B62367
A36C5E4F47E84449FF07ED3517B43A31
Paulo Vieira- Iniciante
- Mensagens : 18
Reputação : 0
Data de inscrição : 19/04/2014
Re: Descoberta de Rede
por joram Qua 29 Out 2014, 23:09
Boa Noite! Paulo Vieira
> Veja se já pode executar AdwCleaner.
> Poste o relatório!
A+
> Veja se já pode executar AdwCleaner.
> Poste o relatório!
A+
joram- Administrador
- Mensagens : 4162
Reputação : 471
Data de inscrição : 26/01/2014
Localização : Rio de Janeiro
Re: Descoberta de Rede
por Paulo Vieira Qui 30 Out 2014, 00:26
Consegui executar o AdwCleaner e fiz os procedimentos indicados. Eis o relatório:
# AdwCleaner v3.311 - Relatório criado 30/10/2014 às 00:11:47
# Atualizado 30/09/2014 por Xplode
# Sistema Operacional : Windows 7 Ultimate Service Pack 1 (32 bits)
# Usuário : PV - PAULOVIEIRA-PC
# Executando de : C:\Users\PV\Downloads\adwcleaner_3.311.exe
# Opção : Limpar
***** [ Serviços ] *****
***** [ Arquivos / Pastas ] *****
Pasta Deletada : C:\ProgramData\apn
Pasta Deletada : C:\ProgramData\AVG Secure Search
Pasta Deletada : C:\ProgramData\AVG Security Toolbar
Pasta Deletada : C:\ProgramData\baidu
Pasta Deletada : C:\ProgramData\ParetoLogic
Pasta Deletada : C:\ProgramData\Rightapp software
Pasta Deletada : C:\ProgramData\Tarma Installer
Pasta Deletada : C:\ProgramData\WPM
Pasta Deletada : C:\ProgramData\SaverExtteneSiion
Pasta Deletada : C:\ProgramData\ssavE net
Pasta Deletada : C:\Program Files\globalUpdate
Pasta Deletada : C:\Program Files\ssavE net
Pasta Deletada : C:\Users\Administrador\AppData\Local\torch
Pasta Deletada : C:\Users\Convidado\AppData\Local\torch
Pasta Deletada : C:\Users\Public\Documents\baidu
Pasta Deletada : C:\Users\PV\AppData\Local\globalUpdate
Pasta Deletada : C:\Users\PV\AppData\Local\iac
Pasta Deletada : C:\Users\PV\AppData\Local\Mobogenie
Pasta Deletada : C:\Users\PV\AppData\Local\torch
Pasta Deletada : C:\Users\PV\AppData\Roaming\baidu
Pasta Deletada : C:\Users\PV\AppData\Roaming\DriverCure
Pasta Deletada : C:\Users\PV\AppData\Roaming\ParetoLogic
Pasta Deletada : C:\Users\PV\AppData\Roaming\PC TEKNIX
Pasta Deletada : C:\Users\PV\AppData\Roaming\Solvusoft
Pasta Deletada : C:\Users\PV\Documents\Mobogenie
Arquivo Deletada : C:\Users\PV\daemonprocess.txt
Arquivo Deletada : C:\Users\PV\AppData\Roaming\Mozilla\Firefox\Profiles\6wbyrt5o.default\.autoreg
Arquivo Deletada : C:\Users\PV\AppData\Roaming\Mozilla\Firefox\Profiles\6wbyrt5o.default\user.js
Arquivo Deletada : C:\Users\PV\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage
Arquivo Deletada : C:\Users\PV\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage-journal
***** [ Tarefas ] *****
***** [ Atalhos ] *****
***** [ Registro ] *****
Chave Deletedo : HKCU\Software\Microsoft\Internet Explorer\DOMStorage\[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Chave Deletedo : HKLM\SOFTWARE\Classes\Prod.cap
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\avg-secure-search-installer_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\avg-secure-search-installer_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\Iminent_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\Iminent_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\IminentSetup_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\IminentSetup_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\YontooDesktop_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\YontooDesktop_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\MobogenieAdd
Chave Deletedo : HKCU\Software\5c55db8fb63db948
Chave Deletedo : HKCU\Software\AppDataLow\{5F189DF5-2D05-472B-9091-84D9848AE48B}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{02054E11-5113-4BE3-8153-AA8DFB5D3761}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{31E3BC75-2A09-4CFF-9C92-8D0ED8D1DC0F}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{917CAAE9-DD47-4025-936E-1414F07DF5B8}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{C66F0B7A-BD67-4982-AF71-C6CA6E7F016F}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{EAF749DC-CD87-4B04-B22A-D4AC3FBCB2BC}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}
Chave Deletedo : HKLM\SOFTWARE\Classes\TypeLib\{2BF2028E-3F3C-4C05-AB45-B2F1DCFE0759}
Chave Deletedo : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Chave Deletedo : HKLM\SOFTWARE\Classes\TypeLib\{DB538320-D3C5-433C-BCA9-C4081A054FCF}
Chave Deletedo : HKLM\SOFTWARE\Classes\TypeLib\{E2343056-CC08-46AC-B898-BFC7ACF4E755}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
Chave Deletedo : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9A216821-0EC5-49A3-85AC-FB72AE79A1E8}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9A216821-0EC5-49A3-85AC-FB72AE79A1E8}
Chave Deletedo : HKCU\Software\Adorika
Chave Deletedo : HKCU\Software\ParetoLogic
Chave Deletedo : HKCU\Software\PrivitizeVPNInstallDates
Chave Deletedo : HKCU\Software\RegisteredApplicationsEx
Chave Deletedo : HKCU\Software\StartSearch
Chave Deletedo : HKLM\SOFTWARE\Babylon
Chave Deletedo : HKLM\SOFTWARE\ParetoLogic
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchTheWebARP
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0238BBE24EA3A70408B81E4BB89C15E5
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\29799DE249E7DBC459FC6C8F07EB8375
***** [ Navegadores ] *****
-\\ Internet Explorer v11.0.9600.17344
-\\ Mozilla Firefox v12.0 (pt-BR)
[ Arquivo : C:\Users\PV\AppData\Roaming\Mozilla\Firefox\Profiles\6wbyrt5o.default\prefs.js ]
Linha deletada : user_pref("extensions.enabledAddons", "quick_start%40gmail.com:3.2.0,quick_start%40gmail.com:3.2.0,{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA}:6.0.31,{972ce4c6-7e08-4474-a285-3208198ce6fd}:12.0");
-\\ Google Chrome v34.0.1847.131
[ Arquivo : C:\Users\PV\AppData\Local\Google\Chrome\User Data\Default\preferences ]
*************************
AdwCleaner[R0].txt - [10412 octets] - [30/10/2014 00:05:34]
AdwCleaner[S0].txt - [10013 octets] - [30/10/2014 00:11:47]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [10074 octets] ##########
# AdwCleaner v3.311 - Relatório criado 30/10/2014 às 00:11:47
# Atualizado 30/09/2014 por Xplode
# Sistema Operacional : Windows 7 Ultimate Service Pack 1 (32 bits)
# Usuário : PV - PAULOVIEIRA-PC
# Executando de : C:\Users\PV\Downloads\adwcleaner_3.311.exe
# Opção : Limpar
***** [ Serviços ] *****
***** [ Arquivos / Pastas ] *****
Pasta Deletada : C:\ProgramData\apn
Pasta Deletada : C:\ProgramData\AVG Secure Search
Pasta Deletada : C:\ProgramData\AVG Security Toolbar
Pasta Deletada : C:\ProgramData\baidu
Pasta Deletada : C:\ProgramData\ParetoLogic
Pasta Deletada : C:\ProgramData\Rightapp software
Pasta Deletada : C:\ProgramData\Tarma Installer
Pasta Deletada : C:\ProgramData\WPM
Pasta Deletada : C:\ProgramData\SaverExtteneSiion
Pasta Deletada : C:\ProgramData\ssavE net
Pasta Deletada : C:\Program Files\globalUpdate
Pasta Deletada : C:\Program Files\ssavE net
Pasta Deletada : C:\Users\Administrador\AppData\Local\torch
Pasta Deletada : C:\Users\Convidado\AppData\Local\torch
Pasta Deletada : C:\Users\Public\Documents\baidu
Pasta Deletada : C:\Users\PV\AppData\Local\globalUpdate
Pasta Deletada : C:\Users\PV\AppData\Local\iac
Pasta Deletada : C:\Users\PV\AppData\Local\Mobogenie
Pasta Deletada : C:\Users\PV\AppData\Local\torch
Pasta Deletada : C:\Users\PV\AppData\Roaming\baidu
Pasta Deletada : C:\Users\PV\AppData\Roaming\DriverCure
Pasta Deletada : C:\Users\PV\AppData\Roaming\ParetoLogic
Pasta Deletada : C:\Users\PV\AppData\Roaming\PC TEKNIX
Pasta Deletada : C:\Users\PV\AppData\Roaming\Solvusoft
Pasta Deletada : C:\Users\PV\Documents\Mobogenie
Arquivo Deletada : C:\Users\PV\daemonprocess.txt
Arquivo Deletada : C:\Users\PV\AppData\Roaming\Mozilla\Firefox\Profiles\6wbyrt5o.default\.autoreg
Arquivo Deletada : C:\Users\PV\AppData\Roaming\Mozilla\Firefox\Profiles\6wbyrt5o.default\user.js
Arquivo Deletada : C:\Users\PV\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage
Arquivo Deletada : C:\Users\PV\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage-journal
***** [ Tarefas ] *****
***** [ Atalhos ] *****
***** [ Registro ] *****
Chave Deletedo : HKCU\Software\Microsoft\Internet Explorer\DOMStorage\[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Chave Deletedo : HKLM\SOFTWARE\Classes\Prod.cap
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\avg-secure-search-installer_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\avg-secure-search-installer_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\Iminent_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\Iminent_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\IminentSetup_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\IminentSetup_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\YontooDesktop_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\YontooDesktop_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\MobogenieAdd
Chave Deletedo : HKCU\Software\5c55db8fb63db948
Chave Deletedo : HKCU\Software\AppDataLow\{5F189DF5-2D05-472B-9091-84D9848AE48B}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{02054E11-5113-4BE3-8153-AA8DFB5D3761}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{31E3BC75-2A09-4CFF-9C92-8D0ED8D1DC0F}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{917CAAE9-DD47-4025-936E-1414F07DF5B8}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{C66F0B7A-BD67-4982-AF71-C6CA6E7F016F}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{EAF749DC-CD87-4B04-B22A-D4AC3FBCB2BC}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}
Chave Deletedo : HKLM\SOFTWARE\Classes\TypeLib\{2BF2028E-3F3C-4C05-AB45-B2F1DCFE0759}
Chave Deletedo : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Chave Deletedo : HKLM\SOFTWARE\Classes\TypeLib\{DB538320-D3C5-433C-BCA9-C4081A054FCF}
Chave Deletedo : HKLM\SOFTWARE\Classes\TypeLib\{E2343056-CC08-46AC-B898-BFC7ACF4E755}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
Chave Deletedo : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9A216821-0EC5-49A3-85AC-FB72AE79A1E8}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9A216821-0EC5-49A3-85AC-FB72AE79A1E8}
Chave Deletedo : HKCU\Software\Adorika
Chave Deletedo : HKCU\Software\ParetoLogic
Chave Deletedo : HKCU\Software\PrivitizeVPNInstallDates
Chave Deletedo : HKCU\Software\RegisteredApplicationsEx
Chave Deletedo : HKCU\Software\StartSearch
Chave Deletedo : HKLM\SOFTWARE\Babylon
Chave Deletedo : HKLM\SOFTWARE\ParetoLogic
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchTheWebARP
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0238BBE24EA3A70408B81E4BB89C15E5
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\29799DE249E7DBC459FC6C8F07EB8375
***** [ Navegadores ] *****
-\\ Internet Explorer v11.0.9600.17344
-\\ Mozilla Firefox v12.0 (pt-BR)
[ Arquivo : C:\Users\PV\AppData\Roaming\Mozilla\Firefox\Profiles\6wbyrt5o.default\prefs.js ]
Linha deletada : user_pref("extensions.enabledAddons", "quick_start%40gmail.com:3.2.0,quick_start%40gmail.com:3.2.0,{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA}:6.0.31,{972ce4c6-7e08-4474-a285-3208198ce6fd}:12.0");
-\\ Google Chrome v34.0.1847.131
[ Arquivo : C:\Users\PV\AppData\Local\Google\Chrome\User Data\Default\preferences ]
*************************
AdwCleaner[R0].txt - [10412 octets] - [30/10/2014 00:05:34]
AdwCleaner[S0].txt - [10013 octets] - [30/10/2014 00:11:47]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [10074 octets] ##########
Paulo Vieira- Iniciante
- Mensagens : 18
Reputação : 0
Data de inscrição : 19/04/2014
Re: Descoberta de Rede
por joram Qui 30 Out 2014, 00:54
Bom Dia! Paulo Vieira
> Baixe: < [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] > ( ... by Oleg N. Scherbakov )
> Salve-o no desktop!
> Desabilite seu antivírus!
> Para Windows 7,clique direito em JRT.exe e execute-o ...
[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
> Aguarde a conclusão e poste o relatório. ( JRT.txt )
A+
> Baixe: < [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] > ( ... by Oleg N. Scherbakov )
> Salve-o no desktop!
> Desabilite seu antivírus!
> Para Windows 7,clique direito em JRT.exe e execute-o ...
[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
> Aguarde a conclusão e poste o relatório. ( JRT.txt )
A+
joram- Administrador
- Mensagens : 4162
Reputação : 471
Data de inscrição : 26/01/2014
Localização : Rio de Janeiro
Re: Descoberta de Rede
por Paulo Vieira Qui 30 Out 2014, 21:40
Baixei o programa, mas não consigo executar.
Verifiquei que ao tentar ativar Serviço Cliente DNS surge a mensagem: O SISTEMA NÃO PODE ENCONTRAR O CAMINHO ESPECIFICADO.
Verifiquei que ao tentar ativar Serviço Cliente DNS surge a mensagem: O SISTEMA NÃO PODE ENCONTRAR O CAMINHO ESPECIFICADO.
Paulo Vieira- Iniciante
- Mensagens : 18
Reputação : 0
Data de inscrição : 19/04/2014
Re: Descoberta de Rede
por joram Qui 30 Out 2014, 23:49
Boa Noite! Paulo VieiraPaulo Vieira escreveu:Baixei o programa, mas não consigo executar.
Verifiquei que ao tentar ativar Serviço Cliente DNS surge a mensagem: O SISTEMA NÃO PODE ENCONTRAR O CAMINHO ESPECIFICADO.
< [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] >
> Verifique se este artigo lhe ajuda!
A+
joram- Administrador
- Mensagens : 4162
Reputação : 471
Data de inscrição : 26/01/2014
Localização : Rio de Janeiro
Re: Descoberta de Rede
por Paulo Vieira Sex 31 Out 2014, 00:51
Pelo que entendi do site que as abas Logon dos serviços DHCP e DNS tem que ser iguais. Verifiquei que o serviço Cliente DNS estava com a aba LOGON diferente da do serviço Cliente DHCP e pelo artigo ambas tem que ser idênticas.
Como o serviço DHCP estava com LOGON/Esta conta ( opção marcada) com nome de Serviço Local e senha ( que não sei qual é) fiz o mesmo no serviço/Cliente DNS; LOGON--> Esta conta (marquei e escrevi Serviço Local com senha pré definida que não sei qual é). Ao colocar em Automático surge a mesma mensagem: O SISTEMA NÃO PODE ENCONTRAR O CAMINHO ESPECIFICADO.
Como o serviço DHCP estava com LOGON/Esta conta ( opção marcada) com nome de Serviço Local e senha ( que não sei qual é) fiz o mesmo no serviço/Cliente DNS; LOGON--> Esta conta (marquei e escrevi Serviço Local com senha pré definida que não sei qual é). Ao colocar em Automático surge a mesma mensagem: O SISTEMA NÃO PODE ENCONTRAR O CAMINHO ESPECIFICADO.
Paulo Vieira- Iniciante
- Mensagens : 18
Reputação : 0
Data de inscrição : 19/04/2014
Re: Descoberta de Rede
por joram Sex 31 Out 2014, 01:28
- Bom Dia! Paulo Vieira
- Baixe: < [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] > ( ... by Farbar )
- Salve-a no desktop!
[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem] - Para Windows Vista ou 7,execute "FSS.exe" como administrador.
- <1> Internet Services
- <2> Windows Firewall
- <3> System Restore
- <4> Security Center/Action Center
- <5> Windows Update
- <6> Windows Defender
[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem] - Marque as seguintes caixas!
- Clique em "Scan" e aguarde o seu término!
- Poste o relatório! ( FSS.txt )
- A+
joram- Administrador
- Mensagens : 4162
Reputação : 471
Data de inscrição : 26/01/2014
Localização : Rio de Janeiro
Re: Descoberta de Rede
por Paulo Vieira Sex 31 Out 2014, 21:29
Baixei o programa mas não consigo executá-lo, quando tento abrir o mesmo ameaça abrir mas some.
Paulo Vieira- Iniciante
- Mensagens : 18
Reputação : 0
Data de inscrição : 19/04/2014
Re: Descoberta de Rede
por joram Sex 31 Out 2014, 23:59
Boa Noite! Paulo Vieira
> Baixe: < [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] > < [Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem] > ( ... de Nicolas Coolman )
> Ou [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] << Link!
> Salve-o no disco local! ( C ou D )
> Desabilite seu antivírus e execute "ZHPDiag2.exe",para instalar a ferramenta.
[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
> Execute o ícone do pergaminho. ( ZHPDiag )
[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
> Clique "COMPLETA" e aguarde a conclusão!
> Clique OK e,ao concluir,poste o relatório! ( ZHPDiag.txt )
> Ps: Como o log será extenso,envie-o à [Tens de ter uma conta e sessão iniciada para poderes visualizar este link].
> Ou acesse: < [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] >
> Ou acesse: < [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] >
> Ou anexe-o |[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]| << Link!
> Maiores informações: < |[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]| > << Hospedagem!
A+
> Baixe: < [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] > < [Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem] > ( ... de Nicolas Coolman )
> Ou [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] << Link!
> Salve-o no disco local! ( C ou D )
> Desabilite seu antivírus e execute "ZHPDiag2.exe",para instalar a ferramenta.
[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
> Execute o ícone do pergaminho. ( ZHPDiag )
[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
> Clique "COMPLETA" e aguarde a conclusão!
> Clique OK e,ao concluir,poste o relatório! ( ZHPDiag.txt )
> Ps: Como o log será extenso,envie-o à [Tens de ter uma conta e sessão iniciada para poderes visualizar este link].
> Ou acesse: < [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] >
> Ou acesse: < [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] >
> Ou anexe-o |[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]| << Link!
> Maiores informações: < |[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]| > << Hospedagem!
A+
joram- Administrador
- Mensagens : 4162
Reputação : 471
Data de inscrição : 26/01/2014
Localização : Rio de Janeiro
Re: Descoberta de Rede
por Paulo Vieira Sáb 01 Nov 2014, 01:10
Segue link com relatório do ZHPD
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Paulo Vieira- Iniciante
- Mensagens : 18
Reputação : 0
Data de inscrição : 19/04/2014
Página 1 de 2 • 1, 2
Tópicos semelhantes» Nova espécie de dinossauro 'narigudo' é descoberta nos EUA
» Deletar pagina 123 rede
» Placa de Rede não funciona
» problema de rede.
» ADAPTADOR DE REDE NÃO INSTALADO
» Deletar pagina 123 rede
» Placa de Rede não funciona
» problema de rede.
» ADAPTADOR DE REDE NÃO INSTALADO
Página 1 de 2
Permissões neste sub-fórum
Não podes responder a tópicos|
|
|