Ir para conteúdo

Arquivado

Este tópico foi arquivado e está fechado para novas respostas.

Luca Albuquerque

[Arquivado] Googloe chrome não acessa mais internet

Por , em Tópicos Arquivados (Seguranca & Malwares)

Recommended Posts

Luca Albuquerque    1

Luca Albuquerque
Postado

Bom pessoa, meu google chrome do nada parou de funcionar, não acessa nenhuma página, os plugins/extenções não conseguem acessar a internet... Isso foi do nada.

Tenho u Bitdefender e o Comodo, e em nenhum dos dois estão barrando o chrome...

 

Ontem, ao obter esse problema eu baixei o combofix pra ver se já arrumava, mas nada....

 

Segue o log do HiJackThis:

 

 

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 18:47:11, on 17/01/2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v10.0 (10.00.9200.16635)
Boot mode: Normal

Running processes:
C:\Program Files\Bitdefender\Bitdefender\antispam32\bdapppassmgr.exe
C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe
C:\Users\Luca\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Windows\SysWOW64\RunDll32.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe
C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe
C:\Windows\SysWOW64\DllHost.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: albrechto - {1881a451-f7fb-44bc-85b2-fcea4b1403e3} - C:\Program Files (x86)\albrechto\albrechtobho.dll
O2 - BHO: Bitdefender Wallet - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender\Antispam32\pmbxie.dll
O2 - BHO: E-Web Print - {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} - C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll
O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O2 - BHO: ContentBlockerBrowserHelperObject - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - (no file)
O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: IEExtension.VDownloaderBHO - {7b523e7c-f096-4e36-a0cb-7efeb5c675c1} - mscoree.dll (file missing)
O2 - BHO: Evernote extension - {92EF2EAD-A7CE-4424-B0DB-499CF856608E} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office15\URLREDIR.DLL
O2 - BHO: Advanced SystemCare Browser Protection - {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - C:\PROGRA~2\IObit\SURFIN~1\BROWER~1\ASCPLU~1.DLL
O2 - BHO: Free Download Manager - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files (x86)\Free Download Manager\iefdm2.dll
O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~2\MICROS~1\Office15\GROOVEEX.DLL
O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: E-Web Print - {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} - C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll
O4 - HKLM\..\Run: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [tvncontrol] "C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe" -controlservice -slave
O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [uTorrent] "C:\Users\Luca\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED
O4 - HKCU\..\Run: [bitdefender Wallet Agent] "C:\Program Files\Bitdefender\Bitdefender\pmbxag.exe"
O4 - HKCU\..\Run: [bitdefender Wallet Application Agent] "C:\Program Files\Bitdefender\Bitdefender\antispam32\bdapppassmgr.exe"
O4 - HKCU\..\Run: [Device Doctor] C:\Program Files (x86)\Device Doctor\DDLauncher.exe
O4 - HKCU\..\Run: [bitdefender Wallet] "C:\Program Files\Bitdefender\Bitdefender\pwdmanui.exe" --hidden --nowizard
O4 - HKUS\S-1-5-18\..\Run: [bitdefender Wallet Agent] "C:\Program Files\Bitdefender\Bitdefender\pmbxag.exe" (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [bitdefender Wallet] "C:\Program Files\Bitdefender\Bitdefender\pwdmanui.exe" --hidden --nowizard (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [bitdefender Wallet Application Agent] "C:\Program Files\Bitdefender\Bitdefender\antispam32\bdapppassmgr.exe" (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [bitdefender Wallet Agent] "C:\Program Files\Bitdefender\Bitdefender\pmbxag.exe" (User 'Default user')
O4 - Startup: Dropbox.lnk = C:\Users\Luca\AppData\Roaming\Dropbox\bin\Dropbox.exe
O4 - Global Startup: Bluetooth.lnk = ?
O4 - Global Startup: Start GeekBuddy.lnk = C:\Program Files (x86)\Comodo\GeekBuddy\launcher.exe
O9 - Extra button: Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra button: Clique para Telefonar do Lync - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O9 - Extra 'Tools' menuitem: Clique para Telefonar do Lync - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\AddNote.html
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\AddNote.html
O9 - Extra button: (no name) - {a9eaf767-5ae6-4b79-a213-5963c37cbae6} - (no file)
O9 - Extra button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Exibir ou ocultar HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLL
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL
O23 - Service: ABBYY FineReader 9.0 Sprint Licensing Service (ABBYY.Licensing.FineReader.Sprint.9.0) - ABBYY - C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: BattlEye Service (BEService) - Unknown owner - C:\Program Files (x86)\Common Files\BattlEye\BEService.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: CyberGhost VPN 5 Client Service (CGVPNCliService) - CyberGhost S.R.L - C:\Program Files\CyberGhost 5\Service.exe
O23 - Service: COMODO LPS Launcher (CLPSLauncher) - Comodo Security Solutions, Inc. - C:\Program Files (x86)\Common Files\COMODO\launcher_service.exe
O23 - Service: COMODO Internet Security Helper Service (cmdAgent) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
O23 - Service: COMODO Virtual Service Manager (cmdvirth) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe
O23 - Service: Intel® Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: COMODO Dragon Update Service (DragonUpdater) - Unknown owner - C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: EpsonCustomerParticipation - SEIKO EPSON CORPORATION - C:\Program Files\EPSON\EpsonCustomerParticipation\EPCP.exe
O23 - Service: Epson Scanner Service (EpsonScanSvc) - Unknown owner - C:\Windows\system32\EscSvc64.exe (file missing)
O23 - Service: EPSON V3 Service4(05) (EPSON_PM_RPCV4_05) - SEIKO EPSON CORPORATION - C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_WT50RP.EXE
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: GeekBuddyRSP Server (GeekBuddyRSP) - Comodo Security Solutions, Inc. - C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe
O23 - Service: Serviço do Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Serviço do Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Hi-Rez Studios Authenticate and Update Service (HiPatchService) - Hi-Rez Studios - C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
O23 - Service: Intel® Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: Intel® Integrated Clock Controller Service - Intel® ICCS (ICCS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe
O23 - Service: IconMan_R - Realsil Microelectronics Inc. - C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
O23 - Service: Intel® Capability Licensing Service Interface - Intel® Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel® Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: LiveUpdate (LiveUpdateSvc) - IObit - C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: ServiceLayer - Nokia - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Skype C2C Service - Skype Technologies S.A. - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: Spooler de Impressão (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\stlang64.dll,-10101 (STacSV) - IDT, Inc. - C:\Program Files\IDT\WDM\STacSV64.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: Adobe SwitchBoard (SwitchBoard) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel® Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
O23 - Service: Update albrechto - Unknown owner - C:\Program Files (x86)\albrechto\updatealbrechto.exe
O23 - Service: Bitdefender Desktop Update Service (UPDATESRV) - Bitdefender - C:\Program Files\Bitdefender\Bitdefender\updatesrv.exe
O23 - Service: Util albrechto - Unknown owner - C:\Program Files (x86)\albrechto\bin\utilalbrechto.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: VMware Authorization Service (VMAuthdService) - VMware, Inc. - C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe
O23 - Service: VMware DHCP Service (VMnetDHCP) - VMware, Inc. - C:\Windows\system32\vmnetdhcp.exe
O23 - Service: VMware USB Arbitration Service (VMUSBArbService) - VMware, Inc. - C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe
O23 - Service: VMware NAT Service - VMware, Inc. - C:\Windows\system32\vmnat.exe
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: Bitdefender Virus Shield (vsserv) - Bitdefender - C:\Program Files\Bitdefender\Bitdefender\vsserv.exe
O23 - Service: wampapache - Apache Software Foundation - c:\wamp\bin\apache\apache2.2.22\bin\httpd.exe
O23 - Service: wampmysqld - Unknown owner - c:\wamp\bin\mysql\mysql5.5.24\bin\mysqld.exe
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 16182 bytes

 

Log do Combofix:

 

 


ComboFix 14-01-16.03 - Luca 17/01/2014 2:04.2.4 - x64
Microsoft Windows 7 Ultimate 6.1.7601.1.1252.55.1033.18.4044.2115 [GMT -2:00]
Executando de: c:\users\Luca\Desktop\ComboFix.exe
AV: Bitdefender Antivirus *Enabled/Updated* {9B5F5313-CAF9-DD97-C460-E778420237B4}
FW: Bitdefender Firewall *Disabled* {A364D236-8096-DCCF-EF3F-4E4DBCD170CF}
FW: COMODO Firewall *Disabled* {8F7746F7-FE68-E084-3B6C-7404A51E8FB3}
SP: Bitdefender Antispyware *Enabled/Updated* {203EB2F7-ECC3-D219-FED0-DC0A39857D09}
SP: COMODO Antivirus *Disabled/Outdated* {0C2D2636-923D-EE52-2A83-E643204A8275}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((( Outras Exclusões )))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\1371770600.bdinstall.bin
c:\programdata\1389321704.bdinstall.bin
c:\users\Luca\AppData\Roaming\KW
c:\users\Luca\AppData\Roaming\KW\bl0001.dat
c:\users\Luca\AppData\Roaming\KW\bl0002.dat
c:\users\Luca\AppData\Roaming\KW\bl0003.dat
c:\users\Luca\AppData\Roaming\KW\bl0004.dat
c:\users\Luca\AppData\Roaming\KW\bl0005.dat
c:\users\Luca\AppData\Roaming\KW\bl0006.dat
c:\users\Luca\AppData\Roaming\KW\bl0007.dat
c:\users\Luca\AppData\Roaming\KW\bl0008.dat
c:\users\Luca\AppData\Roaming\KW\bl0009.dat
c:\users\Luca\AppData\Roaming\KW\bl0010.dat
c:\users\Luca\AppData\Roaming\KW\bl0011.dat
c:\users\Luca\AppData\Roaming\KW\bl0012.dat
c:\users\Luca\AppData\Roaming\KW\bl0013.dat
c:\users\Luca\AppData\Roaming\KW\bl0014.dat
c:\users\Luca\AppData\Roaming\KW\bl0015.dat
c:\users\Luca\AppData\Roaming\KW\bl0016.dat
c:\users\Luca\AppData\Roaming\KW\bl0017.dat
c:\users\Luca\AppData\Roaming\KW\bl0018.dat
c:\users\Luca\AppData\Roaming\KW\bl0019.dat
c:\users\Luca\AppData\Roaming\KW\bonus.kkll
c:\users\Luca\AppData\Roaming\KW\unrar.dll
c:\windows\SysWow64\Packet.dll
c:\windows\SysWow64\pthreadVC.dll
c:\windows\SysWow64\wpcap.dll
C:\Windows6.1-KB2581464-x64.msu
.
.
((((((((((((((((((((((((((((((((((((((( Drivers/Serviços )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_NPF
-------\Service_npf
.
.
(((((((((((((((( Arquivos/Ficheiros criados de 2013-12-17 to 2014-01-17 ))))))))))))))))))))))))))))
.
.
2502-03-04 14:49 . 2502-03-04 14:49 888536 ----a-w- c:\windows\system32\drivers\Rt64win7.sys
2502-03-04 14:49 . 2502-03-04 14:49 73800 ----a-w- c:\windows\system32\RtNicProp64.dll
2502-03-04 14:49 . 2502-03-04 14:49 64624 ----a-w- c:\windows\system32\drivers\HECIx64.sys
2501-02-13 08:06 . 2501-02-13 08:06 107552 ----a-w- c:\windows\system32\RTNUninst64.dll
2014-01-17 04:25 . 2014-01-17 04:25 -------- d-----w- c:\users\Public\AppData\Local\temp
2014-01-17 04:25 . 2014-01-17 04:25 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-01-17 03:58 . 2014-01-17 03:58 -------- d-----w- c:\users\Luca\AppData\Local\bdch
2014-01-17 03:58 . 2014-01-17 03:58 -------- d-----w- c:\programdata\bdch
2014-01-17 03:49 . 2013-12-18 23:09 96168 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2014-01-17 03:44 . 2014-01-17 03:44 -------- d-----w- c:\users\Luca\AppData\Roaming\SystemRequirementsLab
2014-01-17 03:33 . 2014-01-17 03:42 -------- d-----w- c:\users\Luca\AppData\Roaming\Device Doctor
2014-01-17 03:33 . 2014-01-17 03:33 -------- d-----w- c:\program files (x86)\Device Doctor
2014-01-17 03:23 . 2014-01-17 03:23 74512 ----a-w- c:\windows\system32\bdsandboxuiskin32.dll.upd
2014-01-17 03:22 . 2014-01-17 03:22 76944 ----a-w- c:\windows\system32\drivers\bdvedisk.sys.upd
2014-01-17 03:13 . 2014-01-17 03:13 75376 ----a-w- c:\program files (x86)\Mozilla Firefox\breakpadinjector.dll
2014-01-17 03:13 . 2014-01-17 03:13 272496 ----a-w- c:\program files (x86)\Mozilla Firefox\browser\components\browsercomps.dll
2014-01-17 03:13 . 2014-01-17 03:13 2106216 ----a-w- c:\program files (x86)\Mozilla Firefox\D3DCompiler_43.dll
2014-01-17 03:13 . 2014-01-17 03:13 20080 ----a-w- c:\program files (x86)\Mozilla Firefox\AccessibleMarshal.dll
2014-01-17 01:12 . 2014-01-17 01:12 -------- d-----w- c:\program files (x86)\Common Files\BattlEye
2014-01-16 21:21 . 2014-01-16 21:21 -------- d-----w- c:\program files (x86)\Common Files\COMODO
2014-01-12 22:15 . 2014-01-12 22:15 -------- d-----w- C:\1a0324c374aab6e9c4aaec
2014-01-12 19:23 . 2014-01-12 19:23 -------- d-----w- c:\users\Luca\AppData\Local\MetaGeek,_LLC
2014-01-10 02:57 . 2014-01-10 02:57 -------- d-----w- c:\programdata\BDLogging
2014-01-10 02:57 . 2013-11-04 17:47 82824 ----a-w- c:\windows\system32\drivers\bdsandbox.sys
2014-01-10 02:57 . 2013-11-04 17:47 74512 ----a-w- c:\windows\SysWow64\bdsandboxuiskin32.dll
2014-01-10 02:57 . 2013-02-22 20:46 93600 ----a-w- c:\windows\system32\drivers\BdfNdisf6.sys
2014-01-10 02:57 . 2007-04-11 12:11 511328 ----a-w- c:\windows\capicom.dll
2014-01-10 02:57 . 2013-07-19 19:08 601360 ----a-w- c:\windows\system32\drivers\avckf.sys
2014-01-10 02:57 . 2013-07-19 19:04 727592 ----a-w- c:\windows\system32\drivers\avc3.sys
2014-01-10 02:57 . 2012-11-02 15:17 261056 ----a-w- c:\windows\system32\drivers\avchv.sys
2014-01-10 02:49 . 2014-01-10 02:49 -------- d-----w- c:\users\Luca\AppData\Roaming\Bitdefender
2014-01-10 02:49 . 2013-08-13 14:38 3271472 ---ha-w- C:\bdr-bz01
2014-01-10 02:43 . 2014-01-10 02:59 -------- d-----w- c:\programdata\Bitdefender
2014-01-10 02:43 . 2014-01-10 02:43 0 ----a-w- c:\windows\system32\BDSandBoxUISkin32.dll
2014-01-10 02:43 . 2013-11-04 17:47 84848 ----a-w- c:\windows\system32\BDSandBoxUISkin.dll
2014-01-10 02:43 . 2013-11-04 17:46 34384 ----a-w- c:\windows\system32\BDSandBoxUH.dll
2014-01-10 02:43 . 2013-08-23 14:48 150256 ----a-w- c:\windows\system32\drivers\gzflt.sys
2014-01-10 02:43 . 2013-08-07 14:46 389240 ----a-w- c:\windows\system32\drivers\trufos.sys
2014-01-10 02:41 . 2014-01-10 02:41 -------- d-----w- c:\users\Luca\AppData\Roaming\QuickScan
2014-01-10 02:20 . 2014-01-10 02:20 -------- d-----w- c:\program files (x86)\Common Files\Bitdefender
2014-01-09 15:33 . 2014-01-09 15:33 57096 ----a-w- c:\windows\system32\certsentry.dll
2014-01-09 15:33 . 2014-01-09 15:33 48392 ----a-w- c:\windows\SysWow64\certsentry.dll
2014-01-08 06:39 . 2014-01-08 06:39 75888 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{1A5351E6-5469-442E-9DB4-FFAE7C1CB479}\offreg.dll
2014-01-07 02:28 . 2011-07-15 03:39 91648 ----a-w- c:\windows\system32\drivers\USBSTOR.SYS
2014-01-06 23:39 . 2014-01-06 23:39 -------- d-----w- c:\program files\CPUID
2014-01-05 05:38 . 2014-01-16 14:16 -------- d-----w- c:\users\Luca\AppData\Local\ElevatedDiagnostics
2014-01-01 03:52 . 2014-01-01 03:52 -------- d-----w- c:\users\Luca\AppData\Local\Octodad
2014-01-01 02:42 . 2014-01-01 03:59 -------- d-----w- c:\program files (x86)\Octodad
2013-12-31 18:48 . 2013-12-31 18:48 -------- d-----w- c:\program files (x86)\EASEUS
2013-12-31 15:19 . 2013-12-31 15:19 -------- d-----w- c:\users\Luca\AppData\Roaming\Easy2Convert
2013-12-28 00:44 . 2013-12-28 00:44 -------- d-----w- c:\program files\WinPcap
2013-12-28 00:44 . 2013-12-28 00:50 -------- d-----w- c:\program files\VDownloader
2013-12-27 18:00 . 2013-12-27 18:00 -------- d-----w- C:\Games
2013-12-21 06:04 . 2013-12-21 06:04 225656 ----a-w- c:\program files (x86)\Mozilla Firefox\plugins\nppdf32.dll
2013-12-21 06:04 . 2013-12-21 06:04 225656 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\nppdf32.dll
.
.
.
((((((((((((((((((((((((((((((((((((( Relatório Find3M ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-12-10 22:06 . 2013-06-20 22:53 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-12-10 22:06 . 2013-06-20 22:53 692616 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-11-14 11:38 . 2013-06-18 19:16 709144 ----a-w- c:\windows\system32\drivers\cmdguard.sys
2013-11-14 11:38 . 2013-06-18 19:15 43216 ----a-w- c:\windows\system32\cmdcsr.dll
2013-11-13 03:02 . 2013-11-13 02:25 181064 ----a-w- c:\windows\PSEXESVC.EXE
2013-11-09 14:18 . 2013-11-09 14:18 388096 ----a-r- c:\users\Luca\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2013-11-06 17:35 . 2013-06-25 22:28 281848 ----a-w- c:\windows\SysWow64\PnkBstrB.xtr
2013-11-06 17:35 . 2013-06-25 22:27 281848 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
2013-10-30 14:13 . 2013-11-24 01:21 4659712 ----a-w- c:\windows\SysWow64\Redemption.dll
2013-10-30 14:07 . 2013-10-30 14:07 90112 ----a-w- c:\windows\MAMCityDownload.ocx
2013-10-30 14:07 . 2013-10-30 14:07 330240 ----a-w- c:\windows\MASetupCaller.dll
2013-10-30 14:07 . 2013-10-30 14:07 30568 ----a-w- c:\windows\MusiccityDownload.exe
2013-10-30 14:06 . 2013-10-30 14:06 974848 ----a-w- c:\windows\SysWow64\cis-2.4.dll
2013-10-30 14:06 . 2013-10-30 14:06 81920 ----a-w- c:\windows\SysWow64\issacapi_bs-2.3.dll
2013-10-30 14:06 . 2013-10-30 14:06 65536 ----a-w- c:\windows\SysWow64\issacapi_pe-2.3.dll
2013-10-30 14:06 . 2013-10-30 14:06 57344 ----a-w- c:\windows\SysWow64\MTXSYNCICON.dll
2013-10-30 14:06 . 2013-10-30 14:06 57344 ----a-w- c:\windows\SysWow64\MK_Lyric.dll
2013-10-30 14:06 . 2013-10-30 14:06 57344 ----a-w- c:\windows\SysWow64\issacapi_se-2.3.dll
2013-10-30 14:06 . 2013-10-30 14:06 569344 ----a-w- c:\windows\SysWow64\muzdecode.ax
2013-10-30 14:06 . 2013-10-30 14:06 491520 ----a-w- c:\windows\SysWow64\muzapp.dll
2013-10-30 14:06 . 2013-10-30 14:06 49152 ----a-w- c:\windows\SysWow64\MaJGUILib.dll
2013-10-30 14:06 . 2013-10-30 14:06 45320 ----a-w- c:\windows\SysWow64\MAMACExtract.dll
2013-10-30 14:06 . 2013-10-30 14:06 45056 ----a-w- c:\windows\SysWow64\MaXMLProto.dll
2013-10-30 14:06 . 2013-10-30 14:06 45056 ----a-w- c:\windows\SysWow64\MACXMLProto.dll
2013-10-30 14:06 . 2013-10-30 14:06 40960 ----a-w- c:\windows\SysWow64\MTTELECHIP.dll
2013-10-30 14:06 . 2013-10-30 14:06 352256 ----a-w- c:\windows\SysWow64\MSLUR71.dll
2013-10-30 14:06 . 2013-10-30 14:06 258048 ----a-w- c:\windows\SysWow64\muzoggsp.ax
2013-10-30 14:06 . 2013-10-30 14:06 245760 ----a-w- c:\windows\SysWow64\MSCLib.dll
2013-10-30 14:06 . 2013-10-30 14:06 24576 ----a-w- c:\windows\SysWow64\MASetupCleaner.exe
2013-10-30 14:06 . 2013-10-30 14:06 200704 ----a-w- c:\windows\SysWow64\muzwmts.dll
2013-10-30 14:06 . 2013-10-30 14:06 172032 ----a-w- c:\windows\SysWow64\muzapp.exe
2013-10-30 14:06 . 2013-10-30 14:06 155648 ----a-w- c:\windows\SysWow64\MSFLib.dll
2013-10-30 14:06 . 2013-10-30 14:06 143360 ----a-w- c:\windows\SysWow64\3DAudio.ax
2013-10-30 14:06 . 2013-10-30 14:06 135168 ----a-w- c:\windows\SysWow64\muzaf1.dll
2013-10-30 14:06 . 2013-10-30 14:06 131072 ----a-w- c:\windows\SysWow64\muzmpgsp.ax
2013-10-30 14:06 . 2013-10-30 14:06 122880 ----a-w- c:\windows\SysWow64\muzeffect.ax
2013-10-30 14:06 . 2013-10-30 14:06 118784 ----a-w- c:\windows\SysWow64\MaDRM.dll
2013-10-30 14:06 . 2013-10-30 14:06 110592 ----a-w- c:\windows\SysWow64\muzmp4sp.ax
2013-10-30 14:06 . 2013-11-24 01:19 821824 ----a-w- c:\windows\SysWow64\dgderapi.dll
2013-10-30 13:29 . 2013-10-30 13:29 5120 ---ha-w- c:\windows\SysWow64\api-ms-win-core-file-l1-1-0.dll
2013-10-30 13:29 . 2013-10-30 13:29 4608 ---ha-w- c:\windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
2013-10-30 13:29 . 2013-10-30 13:29 424448 ----a-w- c:\windows\system32\KernelBase.dll
2013-10-30 13:29 . 2013-10-30 13:29 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll
2013-10-30 13:29 . 2013-10-30 13:29 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll
2013-10-30 13:29 . 2013-10-30 13:29 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll
2013-10-30 13:29 . 2013-10-30 13:29 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll
2013-10-30 13:29 . 2013-10-30 13:29 362496 ----a-w- c:\windows\system32\wow64win.dll
2013-10-30 13:29 . 2013-10-30 13:29 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
2013-10-30 13:29 . 2013-10-30 13:29 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll
2013-10-30 13:29 . 2013-10-30 13:29 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll
2013-10-30 13:29 . 2013-10-30 13:29 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll
2013-10-30 13:29 . 2013-10-30 13:29 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll
2013-10-30 13:29 . 2013-10-30 13:29 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll
2013-10-30 13:29 . 2013-10-30 13:29 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll
2013-10-30 13:29 . 2013-10-30 13:29 338432 ----a-w- c:\windows\system32\conhost.exe
2013-10-30 13:29 . 2013-10-30 13:29 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-string-l1-1-0.dll
2013-10-30 13:29 . 2013-10-30 13:29 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll
2013-10-30 13:29 . 2013-10-30 13:29 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-io-l1-1-0.dll
2013-10-30 13:29 . 2013-10-30 13:29 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll
2013-10-30 13:29 . 2013-10-30 13:29 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll
2013-10-30 13:29 . 2013-10-30 13:29 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-datetime-l1-1-0.dll
2013-10-30 13:29 . 2013-10-30 13:29 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-console-l1-1-0.dll
2013-10-30 13:29 . 2013-10-30 13:29 274944 ----a-w- c:\windows\SysWow64\KernelBase.dll
2013-10-30 13:29 . 2013-10-30 13:29 243200 ----a-w- c:\windows\system32\wow64.dll
2013-10-30 13:29 . 2013-10-30 13:29 16384 ----a-w- c:\windows\system32\ntvdm64.dll
2013-10-30 13:29 . 2013-10-30 13:29 13312 ----a-w- c:\windows\system32\wow64cpu.dll
2013-10-30 13:29 . 2013-10-30 13:29 1161216 ----a-w- c:\windows\system32\kernel32.dll
2013-10-30 13:29 . 2013-10-30 13:29 6144 ---ha-w- c:\windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
2013-10-30 13:29 . 2013-10-30 13:29 6144 ---ha-w- c:\windows\system32\api-ms-win-security-base-l1-1-0.dll
2013-10-30 13:29 . 2013-10-30 13:29 5120 ---ha-w- c:\windows\system32\api-ms-win-core-file-l1-1-0.dll
2013-10-30 13:29 . 2013-10-30 13:29 4608 ---ha-w- c:\windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll
2013-10-30 13:29 . 2013-10-30 13:29 4608 ---ha-w- c:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2013-10-30 13:29 . 2013-10-30 13:29 4608 ---ha-w- c:\windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2013-10-30 13:29 . 2013-10-30 13:29 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll
2013-10-30 13:29 . 2013-10-30 13:29 4096 ---ha-w- c:\windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2013-10-30 13:29 . 2013-10-30 13:29 4096 ---ha-w- c:\windows\system32\api-ms-win-core-synch-l1-1-0.dll
2013-10-30 13:29 . 2013-10-30 13:29 4096 ---ha-w- c:\windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2013-10-30 13:29 . 2013-10-30 13:29 4096 ---ha-w- c:\windows\system32\api-ms-win-core-localization-l1-1-0.dll
2013-10-30 13:29 . 2013-10-30 13:29 3584 ---ha-w- c:\windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-10-30 13:29 . 2013-10-30 13:29 3584 ---ha-w- c:\windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2013-10-30 13:29 . 2013-10-30 13:29 3584 ---ha-w- c:\windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2013-10-30 13:29 . 2013-10-30 13:29 3584 ---ha-w- c:\windows\system32\api-ms-win-core-misc-l1-1-0.dll
2013-10-30 13:29 . 2013-10-30 13:29 3584 ---ha-w- c:\windows\system32\api-ms-win-core-memory-l1-1-0.dll
2013-10-30 13:29 . 2013-10-30 13:29 3584 ---ha-w- c:\windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2013-10-30 13:29 . 2013-10-30 13:29 3584 ---ha-w- c:\windows\system32\api-ms-win-core-heap-l1-1-0.dll
2013-10-30 13:29 . 2013-10-30 13:29 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
2013-10-30 13:29 . 2013-10-30 13:29 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-10-30 13:29 . 2013-10-30 13:29 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll
2013-10-30 13:29 . 2013-10-30 13:29 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll
2013-10-30 13:29 . 2013-10-30 13:29 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll
2013-10-30 13:29 . 2013-10-30 13:29 3072 ---ha-w- c:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2013-10-30 13:29 . 2013-10-30 13:29 3072 ---ha-w- c:\windows\system32\api-ms-win-core-util-l1-1-0.dll
2013-10-30 13:29 . 2013-10-30 13:29 3072 ---ha-w- c:\windows\system32\api-ms-win-core-string-l1-1-0.dll
2013-10-30 13:29 . 2013-10-30 13:29 3072 ---ha-w- c:\windows\system32\api-ms-win-core-profile-l1-1-0.dll
2013-10-30 13:29 . 2013-10-30 13:29 3072 ---ha-w- c:\windows\system32\api-ms-win-core-io-l1-1-0.dll
2013-10-30 13:29 . 2013-10-30 13:29 3072 ---ha-w- c:\windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2013-10-30 13:29 . 2013-10-30 13:29 3072 ---ha-w- c:\windows\system32\api-ms-win-core-handle-l1-1-0.dll
2013-10-30 13:29 . 2013-10-30 13:29 3072 ---ha-w- c:\windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2013-10-30 13:29 . 2013-10-30 13:29 3072 ---ha-w- c:\windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2013-10-30 13:29 . 2013-10-30 13:29 3072 ---ha-w- c:\windows\system32\api-ms-win-core-delayload-l1-1-0.dll
.
.
(((((((((((((((((((((((((( Pontos de Carregamento do Registro )))))))))))))))))))))))))))))))))))))))
.
.
*Nota* entradas vazias e legítimas por padrão não são apresentadas.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{1881a451-f7fb-44bc-85b2-fcea4b1403e3}]
2013-11-13 20:08 249632 ----a-w- c:\program files (x86)\albrechto\albrechtoBHO.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro1 (ErrorConflict)]
@="{8BA85C75-763B-4103-94EB-9470F12FE0F7}"
[HKEY_CLASSES_ROOT\CLSID\{8BA85C75-763B-4103-94EB-9470F12FE0F7}]
2012-10-01 23:38 1720976 ----a-w- c:\progra~2\MICROS~1\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro2 (SyncInProgress)]
@="{CD55129A-B1A1-438E-A425-CEBC7DC684EE}"
[HKEY_CLASSES_ROOT\CLSID\{CD55129A-B1A1-438E-A425-CEBC7DC684EE}]
2012-10-01 23:38 1720976 ----a-w- c:\progra~2\MICROS~1\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro3 (InSync)]
@="{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}"
[HKEY_CLASSES_ROOT\CLSID\{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}]
2012-10-01 23:38 1720976 ----a-w- c:\progra~2\MICROS~1\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-10 23:54 131248 ----a-w- c:\users\Luca\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-10 23:54 131248 ----a-w- c:\users\Luca\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-10 23:54 131248 ----a-w- c:\users\Luca\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-10 23:54 131248 ----a-w- c:\users\Luca\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe" [2011-04-30 284440]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-07-02 254336]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-11-21 959904]
"tvncontrol"="c:\program files (x86)\Common Files\COMODO\GeekBuddyRSP.exe" [2014-01-15 2327248]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"Bitdefender Wallet Agent"="c:\program files\Bitdefender\Bitdefender\pmbxag.exe" [2013-11-18 560648]
"Bitdefender Wallet"="c:\program files\Bitdefender\Bitdefender\pwdmanui.exe" [2013-11-18 1000488]
"Bitdefender Wallet Application Agent"="c:\program files\Bitdefender\Bitdefender\antispam32\bdapppassmgr.exe" [2013-11-18 612696]
.
c:\users\Luca\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dropbox.lnk - c:\users\Luca\AppData\Roaming\Dropbox\bin\Dropbox.exe /systemstartup [2014-1-2 30714328]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2011-3-25 1137952]
Start GeekBuddy.lnk - c:\program files (x86)\Comodo\GeekBuddy\launcher.exe "unit_manager.exe" [2014-1-16 49360]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux3"=wdmaud.drv
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 EpsonScanSvc;Epson Scanner Service;c:\windows\system32\EscSvc64.exe;c:\windows\SYSNATIVE\EscSvc64.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 andnetadb;ADB Interface DriverNet;c:\windows\system32\Drivers\lgandnetadb.sys;c:\windows\SYSNATIVE\Drivers\lgandnetadb.sys [x]
R3 AndNetDiag;LGE AndroidNet USB Serial Port;c:\windows\system32\DRIVERS\lgandnetdiag64.sys;c:\windows\SYSNATIVE\DRIVERS\lgandnetdiag64.sys [x]
R3 ANDNetModem;LGE AndroidNet USB Modem;c:\windows\system32\DRIVERS\lgandnetmodem64.sys;c:\windows\SYSNATIVE\DRIVERS\lgandnetmodem64.sys [x]
R3 andnetndis;LGE AndroidNet NDIS Ethernet Adapter;c:\windows\system32\DRIVERS\lgandnetndis64.sys;c:\windows\SYSNATIVE\DRIVERS\lgandnetndis64.sys [x]
R3 athur;Wireless Network Adapter Service;c:\windows\system32\DRIVERS\athurx.sys;c:\windows\SYSNATIVE\DRIVERS\athurx.sys [x]
R3 bdfwfpf_pc;bdfwfpf_pc;c:\program files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf_pc.sys;c:\program files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf_pc.sys [x]
R3 BDSandBox;BDSandBox;c:\windows\system32\drivers\bdsandbox.sys;c:\windows\SYSNATIVE\drivers\bdsandbox.sys [x]
R3 BEService;BattlEye Service;c:\program files (x86)\Common Files\BattlEye\BEService.exe;c:\program files (x86)\Common Files\BattlEye\BEService.exe [x]
R3 cmdvirth;COMODO Virtual Service Manager;c:\program files\COMODO\COMODO Internet Security\cmdvirth.exe;c:\program files\COMODO\COMODO Internet Security\cmdvirth.exe [x]
R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys;c:\windows\SYSNATIVE\DRIVERS\ssudbus.sys [x]
R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 RSPCIESTOR;Realtek PCIE CardReader Driver;c:\windows\system32\DRIVERS\RtsPStor.sys;c:\windows\SYSNATIVE\DRIVERS\RtsPStor.sys [x]
R3 ScreamBAudioSvc;ScreamBee Audio;c:\windows\system32\drivers\ScreamingBAudio64.sys;c:\windows\SYSNATIVE\drivers\ScreamingBAudio64.sys [x]
R3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudmdm.sys;c:\windows\SYSNATIVE\DRIVERS\ssudmdm.sys [x]
R3 SwitchBoard;Adobe SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [x]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys;c:\windows\SYSNATIVE\drivers\synth3dvsc.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 tsusbhub;tsusbhub;tsusbhub [x]
R4 BdDesktopParental;Bitdefender Desktop Parental Control;c:\program files\Bitdefender\Bitdefender\bdparentalservice.exe;c:\program files\Bitdefender\Bitdefender\bdparentalservice.exe [x]
S0 avc3;avc3;c:\windows\system32\DRIVERS\avc3.sys;c:\windows\SYSNATIVE\DRIVERS\avc3.sys [x]
S0 gzflt;gzflt;c:\windows\system32\DRIVERS\gzflt.sys;c:\windows\SYSNATIVE\DRIVERS\gzflt.sys [x]
S1 BdfNdisf;BitDefender Firewall NDIS 6 Filter Driver;c:\program files\common files\bitdefender\bitdefender firewall\bdfndisf6.sys;c:\program files\common files\bitdefender\bitdefender firewall\bdfndisf6.sys [x]
S1 bdfwfpf;bdfwfpf;c:\program files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys;c:\program files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys [x]
S1 cmderd;COMODO Internet Security Eradication Driver;c:\windows\system32\DRIVERS\cmderd.sys;c:\windows\SYSNATIVE\DRIVERS\cmderd.sys [x]
S1 cmdGuard;COMODO Internet Security Sandbox Driver;c:\windows\system32\DRIVERS\cmdguard.sys;c:\windows\SYSNATIVE\DRIVERS\cmdguard.sys [x]
S1 cmdHlp;COMODO Internet Security Helper Driver;c:\windows\system32\DRIVERS\cmdhlp.sys;c:\windows\SYSNATIVE\DRIVERS\cmdhlp.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S2 ABBYY.Licensing.FineReader.Sprint.9.0;ABBYY FineReader 9.0 Sprint Licensing Service;c:\program files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe;c:\program files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [x]
S2 CGVPNCliService;CyberGhost VPN 5 Client Service;c:\program files\CyberGhost 5\Service.exe;c:\program files\CyberGhost 5\Service.exe [x]
S2 CLPSLauncher;COMODO LPS Launcher;c:\program files (x86)\Common Files\COMODO\launcher_service.exe;c:\program files (x86)\Common Files\COMODO\launcher_service.exe [x]
S2 DragonUpdater;COMODO Dragon Update Service;c:\program files (x86)\Comodo\Dragon\dragon_updater.exe;c:\program files (x86)\Comodo\Dragon\dragon_updater.exe [x]
S2 EPSON_PM_RPCV4_05;EPSON V3 Service4(05);c:\program files\Common Files\EPSON\EPW!3 SSRP\E_WT50RP.EXE;c:\program files\Common Files\EPSON\EPW!3 SSRP\E_WT50RP.EXE [x]
S2 EpsonCustomerParticipation;EpsonCustomerParticipation;c:\program files\EPSON\EpsonCustomerParticipation\EPCP.exe;c:\program files\EPSON\EpsonCustomerParticipation\EPCP.exe [x]
S2 GeekBuddyRSP;GeekBuddyRSP Server;c:\program files (x86)\Common Files\COMODO\GeekBuddyRSP.exe;c:\program files (x86)\Common Files\COMODO\GeekBuddyRSP.exe [x]
S2 HiPatchService;Hi-Rez Studios Authenticate and Update Service;c:\program files (x86)\Hi-Rez Studios\HiPatchService.exe;c:\program files (x86)\Hi-Rez Studios\HiPatchService.exe [x]
S2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
S2 IconMan_R;IconMan_R;c:\program files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe;c:\program files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [x]
S2 Intel® Capability Licensing Service Interface;Intel® Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe;c:\program files\Intel\iCLS Client\HeciServer.exe [x]
S2 jhi_service;Intel® Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe;c:\program files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [x]
S2 LiveUpdateSvc;LiveUpdate;c:\program files (x86)\IObit\LiveUpdate\LiveUpdate.exe;c:\program files (x86)\IObit\LiveUpdate\LiveUpdate.exe [x]
S2 Skype C2C Service;Skype C2C Service;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe [x]
S3 avchv;avchv Function Driver;c:\windows\system32\DRIVERS\avchv.sys;c:\windows\SYSNATIVE\DRIVERS\avchv.sys [x]
S3 avckf;avckf;c:\windows\system32\DRIVERS\avckf.sys;c:\windows\SYSNATIVE\DRIVERS\avckf.sys [x]
S3 BTWAMPFL;btwampfl;c:\windows\system32\DRIVERS\btwampfl.sys;c:\windows\SYSNATIVE\DRIVERS\btwampfl.sys [x]
S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys;c:\windows\SYSNATIVE\DRIVERS\btwl2cap.sys [x]
S3 ICCS;Intel® Integrated Clock Controller Service - Intel® ICCS;c:\program files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe;c:\program files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe [x]
S3 IntcDAud;Intel® Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-01-16 19:11 1211672 ----a-w- c:\program files (x86)\Google\Chrome\Application\32.0.1700.76\Installer\chrmstp.exe
.
Conteúdo da pasta 'Tarefas Agendadas'
.
2014-01-17 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-06-20 22:06]
.
2014-01-17 c:\windows\Tasks\AmiUpdXp.job
- c:\users\Luca\AppData\Local\SwvUpdater\Updater.exe [2013-11-24 18:44]
.
2014-01-17 c:\windows\Tasks\Driver Booster Update.job
- c:\program files (x86)\IObit\Driver Booster\AutoUpdate.exe [2014-01-06 13:01]
.
2014-01-16 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1497592914-3536481116-1766862959-1000Core.job
- c:\users\Luca\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-12-13 18:44]
.
2014-01-17 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1497592914-3536481116-1766862959-1000UA.job
- c:\users\Luca\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-12-13 18:44]
.
2014-01-17 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-07-04 00:45]
.
2014-01-17 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-07-04 00:45]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{10921475-03CE-4E04-90CE-E2E7EF20C814}]
2013-11-03 21:36 2486592 ----a-w- c:\program files (x86)\IObit\IObit Uninstaller\UninstallExplorer64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro1 (ErrorConflict)]
@="{8BA85C75-763B-4103-94EB-9470F12FE0F7}"
[HKEY_CLASSES_ROOT\CLSID\{8BA85C75-763B-4103-94EB-9470F12FE0F7}]
2012-10-01 23:37 2322576 ----a-w- c:\progra~1\MICROS~2\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro2 (SyncInProgress)]
@="{CD55129A-B1A1-438E-A425-CEBC7DC684EE}"
[HKEY_CLASSES_ROOT\CLSID\{CD55129A-B1A1-438E-A425-CEBC7DC684EE}]
2012-10-01 23:37 2322576 ----a-w- c:\progra~1\MICROS~2\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro3 (InSync)]
@="{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}"
[HKEY_CLASSES_ROOT\CLSID\{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}]
2012-10-01 23:37 2322576 ----a-w- c:\progra~1\MICROS~2\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-10 23:54 164016 ----a-w- c:\users\Luca\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-10 23:54 164016 ----a-w- c:\users\Luca\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-10 23:54 164016 ----a-w- c:\users\Luca\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-10 23:54 164016 ----a-w- c:\users\Luca\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"="c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe" [bU]
"SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2000-01-01 1664000]
"COMODO Internet Security"="c:\program files\COMODO\COMODO Internet Security\cistray.exe" [2013-11-11 1612504]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2012-04-04 446392]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2013-08-09 172016]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2013-08-09 399856]
"Persistence"="c:\windows\system32\igfxpers.exe" [2013-08-09 442352]
"Bdagent"="c:\program files\Bitdefender\Bitdefender\bdagent.exe" [2013-11-21 1734848]
.
------- Scan Suplementar -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.com
IE: {{a9eaf767-5ae6-4b79-a213-5963c37cbae6} - {da2e16d5-254c-4e11-8fed-2a1b201de379} -
TCP: DhcpNameServer = 192.168.25.1
TCP: Interfaces\{5F760EAA-91AA-42E2-B362-A573FDF94F4B}\34F6E656364756023756020757465627: DhcpNameServer = 192.168.25.1
TCP: Interfaces\{5F760EAA-91AA-42E2-B362-A573FDF94F4B}\746545D233335493: DhcpNameServer = 192.168.1.1
TCP: Interfaces\{5F760EAA-91AA-42E2-B362-A573FDF94F4B}\746545D234545443: DhcpNameServer = 192.168.25.1
TCP: Interfaces\{5F760EAA-91AA-42E2-B362-A573FDF94F4B}\C6579637027766: DhcpNameServer = 192.168.43.1
Filter: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - c:\program files (x86)\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL
FF - ProfilePath - c:\users\Luca\AppData\Roaming\Mozilla\Firefox\Profiles\9grtisnz.default\
FF - prefs.js: browser.search.selectedEngine - DuckDuckGo
FF - prefs.js: browser.startup.homepage - hxxps://www.google.com.br/
FF - ExtSQL: 2013-11-28 16:42; ffpwdman@bitdefender.com; c:\program files\Bitdefender\Bitdefender\Antispam32\ffpwdman
FF - ExtSQL: 2014-01-12 20:16; e-webprint@epson.com; c:\program files (x86)\Epson Software\E-Web Print\Firefox Add-on
FF - ExtSQL: 2014-01-17 00:42; jid0-GjwrPchS3Ugt7xydvqVK4DQk8Ls@jetpack; c:\users\Luca\AppData\Roaming\Mozilla\Firefox\Profiles\9grtisnz.default\extensions\jid0-GjwrPchS3Ugt7xydvqVK4DQk8Ls@jetpack.xpi
FF - ExtSQL: 2014-01-17 00:46; jid1-ZAdIEUB7XOzOJw@jetpack; c:\users\Luca\AppData\Roaming\Mozilla\Firefox\Profiles\9grtisnz.default\extensions\jid1-ZAdIEUB7XOzOJw@jetpack.xpi
FF - ExtSQL: 2014-01-17 00:47; patrique@retrolink.com.br; c:\users\Luca\AppData\Roaming\Mozilla\Firefox\Profiles\9grtisnz.default\extensions\patrique@retrolink.com.br.xpi
FF - ExtSQL: 2014-01-17 00:47; jid1-cwbvBTE216jjpg@jetpack; c:\users\Luca\AppData\Roaming\Mozilla\Firefox\Profiles\9grtisnz.default\extensions\jid1-cwbvBTE216jjpg@jetpack.xpi
FF - ExtSQL: !HIDDEN! 2013-07-03 23:24; smartwebprinting@hp.com; c:\program files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
.
- - - - ORFÃOS REMOVIDOS - - - -
.
Toolbar-Locked - (no file)
AddRemove-BattlEye for A2 - c:\program files (x86)\Steam\steamapps\common\Arma 2BattlEye\UnInstallBE.exe
.
.
.
--------------------- CHAVES DO REGISTRO BLOQUEADAS ---------------------
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\Approved Extensions]
@Denied: (2) (LocalSystem)
"{0347C33E-8762-4905-BF09-768834316C61}"=hex:51,66,7a,6c,4c,1d,38,12,50,c0,54,
07,50,c9,6b,0c,c0,1f,35,c8,31,6f,28,75
"{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}"=hex:51,66,7a,6c,4c,1d,38,12,ce,98,c3,
35,c7,5c,a0,09,c1,9c,6a,63,e2,38,41,ce
"{5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F}"=hex:51,66,7a,6c,4c,1d,38,12,1d,cf,77,
51,95,a1,d1,09,ee,9c,1f,b7,fe,e1,bb,5b
"{73455575-E40C-433C-9784-C78DC7761455}"=hex:51,66,7a,6c,4c,1d,38,12,1b,56,56,
77,3e,aa,52,06,e8,92,84,cd,c2,28,50,41
"{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}"=hex:51,66,7a,6c,4c,1d,38,12,d5,94,07,
72,c2,98,42,03,c9,fd,97,9a,f4,87,69,57
"{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}"=hex:51,66,7a,6c,4c,1d,38,12,07,5b,93,
aa,6e,60,ba,0b,f0,6d,b2,b7,80,44,00,83
"{B4F3A835-0E21-4959-BA22-42B3008E02FF}"=hex:51,66,7a,6c,4c,1d,38,12,5b,ab,e0,
b0,13,40,37,0c,c5,34,01,f3,05,d0,46,eb
"{CC59E0F9-7E43-44FA-9FAA-8377850BF205}"=hex:51,66,7a,6c,4c,1d,38,12,97,e3,4a,
c8,71,30,94,01,e0,bc,c0,37,80,55,b6,11
"{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}"=hex:51,66,7a,6c,4c,1d,38,12,64,8d,5a,
d4,85,0b,c0,07,d6,bc,e8,e4,66,85,97,ab
"{DBC80044-A445-435B-BC74-9C25C1C588A9}"=hex:51,66,7a,6c,4c,1d,38,12,2a,03,db,
df,77,ea,35,06,c3,62,df,65,c4,9b,cc,bd
"{E33CF602-D945-461A-83F0-819F76A199F8}"=hex:51,66,7a,6c,4c,1d,38,12,6c,f5,2f,
e7,77,97,74,03,fc,e6,c2,df,73,ff,dd,ec
"{FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856}"=hex:51,66,7a,6c,4c,1d,38,12,91,fc,ec,
fb,7c,81,45,0a,c2,d4,4d,32,e4,48,ec,42
"{555D4D79-4BD2-4094-A395-CFC534424A05}"=hex:51,66,7a,6c,4c,1d,38,12,17,4e,4e,
51,e0,05,fa,05,dc,83,8c,85,31,1c,0e,11
.
[HKEY_USERS\S-1-5-21-1497592914-3536481116-1766862959-1000\Software\SecuROM\License information*]
@Allowed: (Read) (RestrictedCode)
"datasecu"=hex:7a,00,58,27,ca,21,c1,f9,f8,d4,57,6d,91,68,1f,73,14,e5,49,30,c6,
a1,96,0d,f1,dd,72,2c,dc,bc,db,fc,52,2b,3f,22,d5,16,8b,1d,f8,61,6e,77,80,2e,\
"rkeysecu"=hex:09,16,5c,b4,de,bd,3d,d6,71,57,b1,f5,e4,d5,f5,2b
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_170_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_170_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_9_900_170_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_9_900_170_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_170.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_170.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_170.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_170.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\VMware, Inc.\VMnetLibSaved\VMnetBridge\Adapters]
@DACL=(02 0000)
"Test"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
------------------------ Outros Processos em Execução ------------------------
.
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\windows\SysWOW64\PnkBstrA.exe
c:\program files (x86)\albrechto\updatealbrechto.exe
c:\program files (x86)\albrechto\bin\utilalbrechto.exe
c:\windows\SysWOW64\vmnat.exe
c:\program files (x86)\VMware\VMware Player\vmware-authd.exe
c:\windows\SysWOW64\vmnetdhcp.exe
c:\program files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
c:\program files (x86)\Comodo\GeekBuddy\unit_manager.exe
c:\program files (x86)\Comodo\GeekBuddy\unit.exe
c:\users\Luca\AppData\Roaming\Dropbox\bin\Dropbox.exe
c:\windows\SysWOW64\RunDll32.exe
c:\program files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe
.
**************************************************************************
.
Tempo para conclusão: 2014-01-17 03:41:40 - Máquina reiniciou
ComboFix-quarantined-files.txt 2014-01-17 05:41
ComboFix2.txt 2013-11-18 01:22
.
Pré-execução: 331.547.906.048 bytes disponíveis
Pós execução: 331.171.287.040 bytes disponíveis
.
- - End Of File - - 5F82D4C0523A55FF1B53C0D7F85B6424

Compartilhar este post

Link para o post
Compartilhar em outros sites

Power Max    54

Power Max
Postado

:) Olá Lucas!

 

:seta: Siga, por gentileza, as dicas dos tutoriais abaixo:

 

Remova adwares e toolbars maliciosas com o Adwcleaner

 

Tutorial do Junkware Removal Tool

 

* Na sua próxima resposta poste, por gentileza, o log do Adwcleaner que estará em C:\AdwCleaner\AdwCleaner[s0].txt e o log do Junkware Removal Tool que estará salvo em sua área de trabalho com o nome de JRT.txt e nos diga como está seu PC depois destes procedimentos.

 

Ficamos na espera.

Compartilhar este post

Link para o post
Compartilhar em outros sites

Power Max    54

Power Max
Postado

Tópico Arquivado

 

Como o autor não respondeu por mais de 10 dias, o tópico foi arquivado.

 

Caso você seja o autor do tópico e quer reabrir, envie uma mensagem privada para um moderador da área juntamente com o link para este tópico e explique o motivo da reabertura.

Compartilhar este post

Link para o post
Compartilhar em outros sites
Ir para a lista de tópicos Tópicos Arquivados (Seguranca & Malwares)
×

Informação importante

Ao usar o fórum, você concorda com nossos Termos e condições.

  Aceito