Nada de remover as chaves :
ComboFix 14-07-25.01 - EDSON 28/07/2014 20:18:06.2.2 - x86
Microsoft Windows 7 Home Basic 6.1.7601.1.1252.55.1046.18.1981.782 [GMT -3]
Executando de: c:\users\EDSON\Desktop\ComboFix.exe
Comandos utilizados :: c:\users\EDSON\Desktop\CFScript.txt
AV: avast! Antivirus *Enabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: avast! Antivirus *Enabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
.
ADS - drivers: deleted 208 bytes in 1 streams. .
(((((((((((((((( Arquivos/Ficheiros criados de 2014-06-28 to 2014-07-28 ))))))))))))))))))))))))))))
.
.
2014-07-28 23:28 . 2014-07-28 23:28 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-07-28 17:55 . 2014-07-28 23:15 -------- d-----w- c:\program files\Malware Defender
2014-07-28 17:53 . 2014-07-28 20:12 -------- d-----w- c:\users\EDSON\AppData\Local\CrashDumps
2014-07-26 17:21 . 2014-07-26 17:27 -------- d-sh--w- c:\users\EDSON\AppData\Local\EmieUserList
2014-07-26 17:21 . 2014-07-26 17:27 -------- d-sh--w- c:\users\EDSON\AppData\Local\EmieSiteList
2014-07-25 00:04 . 2014-07-26 01:04 -------- d-----w- c:\users\EDSON\Governo da República Eslovaca - Controle anti-corrupção
2014-07-23 14:58 . 2014-07-23 14:26 24064 ----a-w- c:\windows\zoek-delete.exe
2014-07-23 14:58 . 2014-07-28 23:28 -------- d-----w- c:\users\EDSON\AppData\Local\Temp
2014-07-18 21:03 . 2014-07-18 21:03 -------- d-----w- c:\users\EDSON\AppData\Local\Opera Software
2014-07-18 16:08 . 2014-07-18 16:08 -------- d-----w- c:\program files\Common Files\Java
2014-07-18 16:07 . 2014-07-18 16:07 96680 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2014-07-18 16:07 . 2014-07-18 16:07 -------- d-----w- c:\program files\Java
2014-07-09 12:58 . 2014-06-18 01:52 399360 ----a-w- c:\program files\Common Files\Microsoft Shared\Ink\tabskb.dll
2014-07-09 12:58 . 2014-06-18 01:51 646144 ----a-w- c:\windows\system32\osk.exe
2014-07-09 12:58 . 2014-06-18 00:52 2350080 ----a-w- c:\windows\system32\win32k.sys
2014-07-09 12:58 . 2014-05-30 07:52 247808 ----a-w- c:\windows\system32\schannel.dll
2014-07-09 12:58 . 2014-05-30 07:52 550912 ----a-w- c:\windows\system32\kerberos.dll
2014-07-09 12:58 . 2014-05-30 07:52 220160 ----a-w- c:\windows\system32\ncrypt.dll
2014-07-09 12:58 . 2014-05-30 07:52 259584 ----a-w- c:\windows\system32\msv1_0.dll
2014-07-09 12:58 . 2014-05-30 07:52 172032 ----a-w- c:\windows\system32\wdigest.dll
2014-07-09 12:58 . 2014-05-30 07:52 65536 ----a-w- c:\windows\system32\TSpkg.dll
2014-07-09 12:57 . 2014-05-30 07:52 17408 ----a-w- c:\windows\system32\credssp.dll
2014-07-09 12:57 . 2014-05-30 06:36 338944 ----a-w- c:\windows\system32\drivers\afd.sys
2014-07-09 12:57 . 2014-06-06 09:44 509440 ----a-w- c:\windows\system32\qedit.dll
2014-07-09 12:57 . 2014-06-05 14:26 1059840 ----a-w- c:\windows\system32\lsasrv.dll
2014-07-07 16:27 . 2014-07-07 16:27 -------- d-----w- c:\users\EDSON\AppData\Local\Programs
2014-07-02 22:32 . 2014-07-02 22:32 -------- d-----w- c:\users\EDSON\AppData\Local\Gadwin
2014-07-02 12:59 . 2014-07-02 12:59 43152 ----a-w- c:\windows\avastSS.scr
.
.
.
((((((((((((((((((((((((((((((((((((( Relatório Find3M ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-07-04 10:22 . 2013-11-08 12:43 414520 ----a-w- c:\windows\system32\drivers\aswsp.sys
2014-07-02 12:59 . 2013-12-20 13:45 71944 ----a-w- c:\windows\system32\drivers\aswstm.sys
2014-07-02 12:59 . 2013-11-02 23:21 192352 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2014-07-02 12:59 . 2013-11-02 23:21 779536 ----a-w- c:\windows\system32\drivers\aswsnx.sys
2014-07-02 12:59 . 2014-04-30 16:56 24184 ----a-w- c:\windows\system32\drivers\aswHwid.sys
2014-07-02 12:59 . 2013-11-02 23:21 49944 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2014-07-02 12:59 . 2013-11-02 23:21 67824 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2014-07-02 12:59 . 2013-11-02 23:21 81768 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2014-07-02 12:59 . 2013-04-28 18:33 276432 ----a-w- c:\windows\system32\aswBoot.exe
2014-05-30 20:41 . 2014-05-30 20:35 13464 ----a-w- c:\windows\system32\drivers\SWDUMon.sys
2014-05-29 13:42 . 2012-10-21 18:49 48392 ----a-w- c:\windows\system32\certsentry.dll
2014-05-09 07:06 . 2014-05-14 10:56 369664 ----a-w- c:\windows\system32\aepdu.dll
2014-05-09 07:04 . 2014-05-14 10:56 302592 ----a-w- c:\windows\system32\aeinv.dll
2014-05-08 09:06 . 2014-06-11 12:59 2742784 ----a-w- c:\windows\system32\rdpcorets.dll
2014-05-08 09:06 . 2014-06-11 12:59 13824 ----a-w- c:\windows\system32\RdpGroupPolicyExtension.dll
.
.
(((((((((((((((((((((((((( Pontos de Carregamento do Registro )))))))))))))))))))))))))))))))))))))))
.
.
*Nota* entradas vazias e legítimas por padrão não são apresentadas.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2014-07-02 12:59 578240 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Gadwin PrintScreen Pro (32-bit)"="c:\program files\Gadwin\Gadwin PrintScreenPro\PrintScreenPro32.exe" [2014-02-21 13022888]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2014-07-02 4086432]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\ GbPluginBb]
2014-06-26 20:21 1746984 ----a-w- c:\program files\GbPlugin\gbieh.dll
.
[HKLM\~\startupfolder\C:^Users^EDSON^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Recorte de tela e Iniciador do OneNote 2007.lnk]
backup=c:\windows\pss\Recorte de tela e Iniciador do OneNote 2007.lnk.Startup
backupExtension=.Startup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2013-11-21 16:57 959904 ----a-w- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Gadwin PrintScreen Pro (32-bit)]
2014-02-21 10:47 13022888 ----a-w- c:\program files\Gadwin\Gadwin PrintScreenPro\PrintScreenPro32.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
2009-02-26 21:36 30040 ----a-w- c:\program files\Microsoft Office\Office12\GrooveMonitor.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotKeysCmds]
2011-02-11 22:26 171032 ----a-w- c:\windows\System32\hkcmd.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IgfxTray]
2011-02-11 22:26 137752 ----a-w- c:\windows\System32\igfxtray.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Persistence]
2011-02-11 22:26 172568 ----a-w- c:\windows\System32\igfxpers.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2014-07-11 05:39 256896 ----a-w- c:\program files\Common Files\Java\Java Update\jusched.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"UpdatesOverride"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]
"UpdatesOverride"=dword:00000001
.
R1 kfkagijf;kfkagijf;c:\windows\system32\drivers\kfkagijf.sys [x]
R3 cxbu0wdm;OMNIKEY 3x21;c:\windows\system32\DRIVERS\cxbu0wdm.sys [2011-09-06 119040]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe [2014-06-18 108032]
S0 aswRvrt;avast! Revert; [x]
S0 aswVmm;avast! VM Monitor; [x]
S0 GbpKm;Gbp KernelMode;c:\windows\system32\drivers\gbpkm.sys [2014-03-14 47192]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2014-07-02 779536]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2014-07-04 414520]
S2 aswHwid;avast! HardwareID;c:\windows\system32\drivers\aswHwid.sys [2014-07-02 24184]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2014-07-02 67824]
S2 aswStm;aswStm;c:\windows\system32\drivers\aswStm.sys [2014-07-02 71944]
S2 DragonUpdater;COMODO Dragon Update Service;c:\program files\Comodo\Dragon\dragon_updater.exe [2014-05-21 2135232]
S2 GbpSv;Gbp Service;c:\progra~1\GbPlugin\GbpSv.exe [2014-06-26 555048]
.
.
--- =Outros Serviços/Drivers Na Memória ---
.
*NewlyCreated* - MJMJKODK
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ SSDPSRV upnphost SCardSvr TBS fdrespub AppIDSvc QWAVE wcncsvc SensrSvc
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-07-17 13:38 1104200 ----a-w- c:\program files\Google\Chrome\Application\36.0.1985.125\Installer\chrmstp.exe
.
Conteúdo da pasta 'Tarefas Agendadas'
.
2014-07-28 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2014-04-23 01:46]
.
2014-07-28 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2014-04-23 01:46]
.
.
------- Scan Suplementar -------
.
uStart Page =
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]mStart Page =
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]mSearch Bar =
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]uInternet Settings,ProxyOverride = *.local
uInternet Settings,ProxyServer = 127.0.0.1:8080
Trusted Zone: bancobrasil.com.br\www
Trusted Zone: bancobrasil.com.br\www14
Trusted Zone: bancobrasil.com.br\www2
Trusted Zone: bb.com.br\seg
Trusted Zone: bb.com.br\www
TCP: DhcpNameServer = 192.168.0.1
FF - ProfilePath - c:\users\EDSON\AppData\Roaming\Mozilla\Firefox\Profiles\s5mdtf9j.default\
FF - prefs.js: browser.search.defaulturl -
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage -
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]FF - prefs.js: keyword.URL -
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link].
.
--------------------- CHAVES DO REGISTRO BLOQUEADAS ---------------------
.
[HKEY_LOCAL_MACHINE\software\COMODO\CIS\Installer\Sym_Cam\CIS]
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\CmdAgent\Mode\Configurations]
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,59,00,53,00,\
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\CmdAgent\Mode\Data]
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\CmdAgent\Mode\Options]
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\
.
[HKEY_LOCAL_MACHINE\system\Software\COMODO\Cam]
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\
.
[HKEY_LOCAL_MACHINE\system\Software\COMODO\Firewall Pro]
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,59,00,53,00,\
.
Tempo para conclusão: 2014-07-28 20:30:29
ComboFix-quarantined-files.txt 2014-07-28 23:30
.
Pré-execução: 475.140.030.464 bytes disponíveis
Pós execução: 475.091.869.696 bytes disponíveis
.
- - End Of File - - 75ACB599E37C721AAE625EFB8AD66329
A36C5E4F47E84449FF07ED3517B43A31
Não tem mais os novos rootkits :
Runscanner logfile
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]* = signed file
- = file not found
General info
------------
Computer name : EDSON-PC
Creation time : 28/07/2014 21:13:17
Hosts <> 127.0.0.1 : 0
Hosts file location : %SystemRoot%\System32\drivers\etc
IE version : 9.11.9600.17207
OS : Windows 7 Home Basic
OS Build : 7601
OS SP : Service Pack 1
RunScanner Version : 2.0.0.60
User Language : Português (Brasil)
User rights : Administrator
Windows folder : C:\Windows
Running processes
-----------------
* C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
* C:\Windows\System32\wininit.exe (Microsoft Corporation)
* C:\Windows\System32\winlogon.exe (Microsoft Corporation)
* C:\Windows\System32\services.exe (Microsoft Corporation)
* C:\Windows\System32\spoolsv.exe (Microsoft Corporation)
* C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
* C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
* C:\Program Files\Comodo\Dragon\dragon_updater.exe
* C:\Program Files\Gadwin\Gadwin PrintScreenPro\PrintScreenPro32.exe (Gadwin Systems)
* C:\PROGRA~1\GbPlugin\gbpsv.exe (GAS Tecnologia)
* C:\Windows\System32\dwm.exe (Microsoft Corporation)
* C:\Windows\System32\smss.exe (Microsoft Corporation)
* C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.)
* C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.)
* C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.)
* C:\Windows\System32\SearchIndexer.exe (Microsoft Corporation)
* C:\Windows\servicing\TrustedInstaller.exe (Microsoft Corporation)
* C:\Windows\System32\lsass.exe (Microsoft Corporation)
* C:\Windows\System32\taskeng.exe (Microsoft Corporation)
* C:\Windows\System32\SearchFilterHost.exe (Microsoft Corporation)
* C:\Windows\System32\SearchProtocolHost.exe (Microsoft Corporation)
* C:\Windows\System32\svchost.exe (Microsoft Corporation)
* C:\Windows\System32\svchost.exe (Microsoft Corporation)
* C:\Windows\System32\svchost.exe (Microsoft Corporation)
* C:\Windows\System32\svchost.exe (Microsoft Corporation)
* C:\Windows\System32\svchost.exe (Microsoft Corporation)
* C:\Windows\System32\svchost.exe (Microsoft Corporation)
* C:\Windows\System32\svchost.exe (Microsoft Corporation)
* C:\Windows\System32\svchost.exe (Microsoft Corporation)
* C:\Windows\System32\svchost.exe (Microsoft Corporation)
* C:\Windows\System32\svchost.exe (Microsoft Corporation)
* C:\Windows\System32\taskhost.exe (Microsoft Corporation)
* C:\Windows\System32\taskhost.exe (Microsoft Corporation)
* C:\Windows\System32\csrss.exe (Microsoft Corporation)
* C:\Windows\System32\csrss.exe (Microsoft Corporation)
* C:\Users\EDSON\Downloads\runscanner.exe (Runscanner.net)
* C:\Program Files\Windows Media Player\wmpnetwk.exe (Microsoft Corporation)
* C:\Windows\System32\lsm.exe (Microsoft Corporation)
* C:\Windows\explorer.exe (Microsoft Corporation)
* C:\Windows\System32\wbem\WmiPrvSE.exe (Microsoft Corporation)
Unrated items
-------------
002 * C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
003 * C:\Program Files\Gadwin\Gadwin PrintScreenPro\PrintScreenPro32.exe (Gadwin Systems)
010 * C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (.NET Runtime Optimization Service)
010 * C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Acrobat Update Service)
010 * C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe® Flash® Player Update Service 12.0 r0)
010 * C:\Program Files\AVAST Software\Avast\AvastSvc.exe (avast! Service)
010 * C:\Program Files\Comodo\Dragon\dragon_updater.exe (dragon_updater.exe)
010 * C:\PROGRA~1\GbPlugin\GbpSv.exe (G-Buster Browser Defense - Service)
010 * C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe (maintenanceservice.exe)
011 c:\windows\system32\drivers\aswHwid.sys (aswHwid.sys)
011 * C:\Windows\system32\drivers\aswRvrt.sys (aswRvrt.sys)
011 * C:\Windows\system32\drivers\aswVmm.sys (aswVmm.sys)
011 * c:\windows\system32\drivers\aswMonFlt.sys (avast! File System Minifilter for Windows 2003/Vista)
011 * c:\windows\system32\drivers\aswSP.sys (avast! self protection module)
011 * c:\windows\system32\drivers\aswSnx.sys (avast! Virtualization Driver)
011 * c:\windows\system32\drivers\aswRdr2.sys (avast! WFP Redirect Driver)
011 * C:\Windows\system32\DRIVERS\gbpndisrdn.sys (GAS Tecnologia - LWF Helper Driver)
011 * C:\Windows\system32\drivers\gbpkm.sys (GbPlugin Device Driver)
011 * c:\windows\system32\drivers\aswStm.sys (Stream Filter)
035 * C:\Program Files\Google\Chrome\Application\36.0.1985.125\Installer\chrmstp.exe (Google Inc.) {8A69D345-D564-463c-AFF1-A69D9E530F96}
047 Zone: seg.bb.com.br :
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]047 Zone:
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] : *.www.bancobrasil.com.br
047 Zone:
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] : *.www.bb.com.br
047 Zone:
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] :
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]047 Zone: www14.bancobrasil.com.br : *.www14.bancobrasil.com.br
047 Zone: www14.bancobrasil.com.br :
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]047 Zone: www2.bancobrasil.com.br : *.www2.bancobrasil.com.br
047 Zone: www2.bancobrasil.com.br :
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]050 * C:\PROGRAM FILES\GBPLUGIN\gbieh.dll (Banco do Brasil) {E37CB5F0-51F5-4395-A808-5FA49E399F83}
052 * C:\PROGRAM FILES\GBPLUGIN\gbieh.dll (Banco do Brasil) {C41A1C0E-EA6C-11D4-B1B8-444553540000}
052 * C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) {8E5E2654-AD2D-48bf-AC2D-D17F00898D06}
052 * C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation) {761497BB-D6F0-462C-B6EB-D4DAF1D92D43}
052 * C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) {DBC80044-A445-435b-BC74-9C25C1C588A9}
061 * C:\Program Files\AVAST Software\Avast\ashShell.dll (AVAST Software) {472083B0-C522-11CF-8763-00608CC02F24}
061 * C:\PROGRAM FILES\GBPLUGIN\gbieh.dll (Banco do Brasil) {98C11555-BC81-40aa-A053-DAADC5630000}
061 * C:\PROGRAM FILES\GBPLUGIN\gbieh.dll (Banco do Brasil) {E37CB5F0-51F5-4395-A808-5FA49E399F83}
062 * C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.dll (Adobe Systems, Inc.) {F9DB5320-233E-11D1-9F84-707F02C10627}
067 * C:\PROGRAM FILES\GBPLUGIN\gbieh.dll (Banco do Brasil)
100 ProxyServer HKCU : 127.0.0.1:8080
100 ProxyServer HKLM : 127.0.0.1:8080
100 Start Page HKCU :
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]100 Start Page HKLM :
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]104 * C:\Windows\system32\Macromed\Flash\Flash32_12_0_0_70.ocx (Adobe Systems, Inc.) {D27CDB6E-AE6D-11CF-96B8-444553540000}
173 * C:\Program Files\AVAST Software\Avast\ashShell.dll (AVAST Software) {472083B0-C522-11CF-8763-00608CC02F24}
221 * C:\Program Files\AVAST Software\Avast\ashShell.dll (AVAST Software) {472083B0-C522-11CF-8763-00608CC02F24}
223 * C:\Program Files\AVAST Software\Avast\ashShell.dll (AVAST Software) {472083B0-C522-11CF-8763-00608CC02F24}
225 * C:\Program Files\AVAST Software\Avast\ashShell.dll (AVAST Software) {472083B0-C522-11CF-8763-00608CC02F24}
225 * C:\Program Files\AVAST Software\Avast\ashShell.dll (AVAST Software) {472083B0-C522-11CF-8763-00608CC02F24}
231 * C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.dll (Adobe Systems, Inc.) PDF Column Info
241 * C:\Program Files\AVAST Software\Avast\ashShell.dll (AVAST Software) {472083B0-C522-11CF-8763-00608CC02F24}
254 * C:\PROGRAM FILES\GBPLUGIN\gbieh.dll (Banco do Brasil) {98C11555-BC81-40aa-A053-DAADC5630000}
Missing files
-------------
011 c:\windows\system32\drivers\mjmjkodk.sys
032 rdpclip
Abraços
Sáb Mar 23, 2024 10:28 am por joram
» KpRm ( ... by Kernel-panik )
Ter Ago 11, 2020 9:47 pm por joram
» ESET Rogue Applications Remover ( ... by Eset.com )
Sáb Ago 01, 2020 7:49 am por joram
» PW Clean 2.7 ( ... by Doutor PW )
Ter maio 15, 2018 9:27 am por joram
» CKScanner ( ... by askey127 )
Sáb maio 05, 2018 1:12 pm por joram
» AdwCleaner ( ... by XPlode )
Seg Abr 16, 2018 8:47 am por joram
» ZHPDiag ( ... de Nicolas Coolman )
Sáb Abr 14, 2018 8:56 am por joram
» Argente - Registry Cleaner ( ... by Argente Software )
Dom Nov 19, 2017 4:36 pm por joram
» ListChkdskResult ( ... by SleepyDude )
Dom Set 24, 2017 1:39 pm por joram