Ir ao conteúdo
  • Comunicados

    • diego_moicano

      Gostaria de se tornar um analista em Remoção de Malware?   07-12-2015

      Gostaria de se tornar um analista em Remoção de Malware? O Fórum Clube do Hardware deu início a um programa de treinamento em análises de log. Os interessados deverão enviar um email para aprendizes (arroba) clubedohardware (ponto) com (ponto) br respondendo as seguintes perguntas: Por que você gostaria de aprender a analisar logs? Possui tempo hábil para o treinamento? Tem conhecimentos em informática? Se sim descreva-os. Possui inglês para leitura? Qual seu objetivo após completar o treinamento?   Não se esqueça de incluir no e-mail o seu nome de usuário (fornecer o link também), idade e cidade onde vive. Adicione também qualquer experiência e/ou razão sobre o porquê você seria um bom Analista. É digno de nota que apenas os que forem selecionados receberão resposta por MP (Mensagem Pessoal), não existe um padrão na escolha dos futuros aprendizes, todos os e-mails serão lidos e serão analisados de forma imparcial, portanto não será permitido reclamações neste aspecto. O treinamento é dado no próprio fórum. Quando um aprendiz é selecionado ele é movido para um novo grupo, onde terá acesso a fóruns fechados para os demais usuários onde poderá dar inicio ao seu treinamento. Importante: A cada 30 dias os e-mails não selecionados serão apagados, portanto você pode enviar um novo e-mail após 1 mês, e-mails enviados antes serão desconsiderados.  
    • Gabriel Torres

      Seja um moderador do Clube do Hardware!   12-02-2016

      Prezados membros do Clube do Hardware, Está aberto o processo de seleção de novos moderadores para diversos setores ou áreas do Clube do Hardware. Os requisitos são:   Pelo menos 500 posts e um ano de cadastro; Boa frequência de participação; Ser respeitoso, cordial e educado com os demais membros; Ter bom nível de português; Ter razoável conhecimento da área em que pretende atuar; Saber trabalhar em equipe (com os moderadores, coordenadores e administradores).   Os interessados deverão enviar uma mensagem privada para o usuário @Equipe Clube do Hardware com o título "Candidato a moderador". A mensagem deverá conter respostas às perguntas abaixo:   Qual o seu nome completo? Qual sua data de nascimento? Qual sua formação/profissão? Já atuou como moderador em algo outro fórum, se sim, qual? De forma sucinta, explique o porquê de querer ser moderador do fórum e conte-nos um pouco sobre você.   OBS: Não se trata de função remunerada. Todos que fazem parte do staff são voluntários.
DarkRenisson

Notebook está lento

Recommended Posts

Bom dia.

Já faz algum tempo que meu notebook está lento, até já formatei e não resolveu, então fiz um post aqui no Clube do Hardware e um companheiro analisando algumas informações que enviava para ele disse que era problema de malware, espero que vocês possam me ajudar a resolver o problema, segue abaixo os logs.

 

DDS (Ver_2012-11-20.01) - NTFS_AMD64 

Internet Explorer: 11.0.9600.17041  BrowserJavaVersion: 10.55.2

Run by ML at 1:19:44 on 2014-05-28

Microsoft Windows 7 Ultimate   6.1.7601.1.1252.55.1033.18.3558.2533 [GMT -3:00]

.

AV: Kaspersky Anti-Virus *Enabled/Updated* {C3113FBF-4BCB-4461-D78D-6EDFEC9593E5}

SP: Kaspersky Anti-Virus *Enabled/Updated* {7870DE5B-6DF1-4BEF-ED3D-55AD9712D958}

SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

============== Running Processes ===============

.

C:\Windows\system32\lsm.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe

C:\PROGRA~2\ENIGMA~1\SPYHUN~1\SH4SER~1.EXE

C:\Windows\system32\svchost.exe -k RPCSS

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\svchost.exe -k netsvcs

C:\Program Files\IDT\WDM\STacSV64.exe

C:\Windows\system32\svchost.exe -k GPSvcGroup

C:\Windows\system32\svchost.exe -k NetworkService

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Windows\System32\spoolsv.exe

C:\Windows\system32\taskhost.exe

C:\Windows\System32\svchost.exe -k LocalServiceAndNoImpersonation

C:\Program Files (x86)\NTRU Cryptosystems\NTRU TCG Software Stack\bin\tcsd_win32.exe

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

C:\Windows\system32\taskeng.exe

C:\Program Files (x86)\IObit\Advanced SystemCare 7\Monitor.exe

C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe

C:\Program Files\Motorola\Bluetooth\devmgrsrv.exe

C:\Program Files\Motorola\Bluetooth\audiosrv.exe

C:\Windows\system32\svchost.exe -k imgsvc

C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted

C:\Program Files\Motorola\Bluetooth\obexsrv.exe

C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe

C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe

C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

C:\Windows\system32\SearchIndexer.exe

C:\Program Files\Windows Media Player\wmpnetwk.exe

C:\Windows\System32\svchost.exe -k LocalServicePeerNet

C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe

C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

C:\Windows\System32\svchost.exe -k secsvcs

C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe

C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE

C:\Windows\system32\SearchProtocolHost.exe

C:\Windows\system32\SearchFilterHost.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Windows\System32\cscript.exe

.

============== Pseudo HJT Report ===============

.

uDefault_Page_URL = hxxp://istart.webssearches.com/?type=hp&ts=1398455447&from=amt&uid=TOSHIBAXMK6461GSYN_51VGF02MSXX51VGF02MS

mStart Page = hxxp://istart.webssearches.com/?type=hp&ts=1398455447&from=amt&uid=TOSHIBAXMK6461GSYN_51VGF02MSXX51VGF02MS

mSearch Page = hxxp://istart.webssearches.com/web/?type=ds&ts=1398455447&from=amt&uid=TOSHIBAXMK6461GSYN_51VGF02MSXX51VGF02MS&q={searchTerms}

mDefault_Page_URL = hxxp://istart.webssearches.com/?type=hp&ts=1398455447&from=amt&uid=TOSHIBAXMK6461GSYN_51VGF02MSXX51VGF02MS

mDefault_Search_URL = hxxp://istart.webssearches.com/web/?type=ds&ts=1398455447&from=amt&uid=TOSHIBAXMK6461GSYN_51VGF02MSXX51VGF02MS&q={searchTerms}

mWinlogon: Userinit = userinit.exe

BHO: IDM integration (IDMIEHlprObj Class): {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll

BHO: Content Blocker Plugin: {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\IEExt\ContentBlocker\ie_content_blocker_plugin.dll

BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL

BHO: Virtual Keyboard Plugin: {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll

BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll

BHO: Safe Money Plugin: {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\IEExt\OnlineBanking\online_banking_bho.dll

BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL

BHO: Advanced SystemCare Browser Protection: {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - C:\Program Files (x86)\IObit\Surfing Protection\BrowerProtect\ASCPlugin_Protection.dll

BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll

BHO: URL Advisor Plugin: {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\IEExt\UrlAdvisor\klwtbbho.dll

mRun: [AVP] "C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe"

mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

uPolicies-Explorer: NoDriveTypeAutoRun = dword:221

mPolicies-Explorer: NoActiveDesktop = dword:1

mPolicies-Explorer: NoActiveDesktopChanges = dword:1

mPolicies-Explorer: NoDriveTypeAutoRun = dword:28

mPolicies-System: ConsentPromptBehaviorAdmin = dword:5

mPolicies-System: ConsentPromptBehaviorUser = dword:3

mPolicies-System: EnableUIADesktopToggle = dword:0

IE: &Enviar para o OneNote - C:\PROGRA~2\MICROS~2\Office14\ONBttnIE.dll/105

IE: Baixar com Mipony - C:\Program Files (x86)\MiPony\Browser\IEContext.htm

IE: E&xportar para o Microsoft Excel - C:\PROGRA~2\MICROS~2\Office14\EXCEL.EXE/3000

IE: Fazer o download de todos os links usando o IDM - C:\Program Files (x86)\Internet Download Manager\IEGetAll.htm

IE: Fazer o download usando o IDM - C:\Program Files (x86)\Internet Download Manager\IEExt.htm

IE: {0C4CC089-D306-440D-9772-464E226F6539} - {0BA14598-4178-4CE5-B1F1-B5C6408A3F2E} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll

IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll

IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

IE: {bd707fe6-39f6-4bda-9265-86a76719bdc5} - C:\Program Files\Motorola\Bluetooth\btmiesend.htm

IE: {CCF151D8-D089-449F-A5A4-D9909053F20F} - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\IEExt\UrlAdvisor\klwtbbho.dll

DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab

TCP: NameServer = 186.223.128.17 186.223.128.14 201.6.4.116

TCP: Interfaces\{DB54A327-DFBD-4C11-AE80-8A2F7F02BFC8} : DHCPNameServer = 186.223.128.17 186.223.128.14 201.6.4.116

Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL

SSODL: WebCheck - <orphaned>

SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL

mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome

x64-mStart Page = hxxp://istart.webssearches.com/?type=hp&ts=1398455447&from=amt&uid=TOSHIBAXMK6461GSYN_51VGF02MSXX51VGF02MS

x64-mSearch Page = hxxp://istart.webssearches.com/web/?type=ds&ts=1398455447&from=amt&uid=TOSHIBAXMK6461GSYN_51VGF02MSXX51VGF02MS&q={searchTerms}

x64-mDefault_Page_URL = hxxp://istart.webssearches.com/?type=hp&ts=1398455447&from=amt&uid=TOSHIBAXMK6461GSYN_51VGF02MSXX51VGF02MS

x64-mDefault_Search_URL = hxxp://istart.webssearches.com/web/?type=ds&ts=1398455447&from=amt&uid=TOSHIBAXMK6461GSYN_51VGF02MSXX51VGF02MS&q={searchTerms}

x64-BHO: IDM integration (IDMIEHlprObj Class): {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC64.dll

x64-BHO: ExplorerWnd Helper: {10921475-03CE-4E04-90CE-E2E7EF20C814} - C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer64.dll

x64-BHO: Content Blocker Plugin: {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll

x64-BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL

x64-BHO: Virtual Keyboard Plugin: {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll

x64-BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre8\bin\ssv.dll

x64-BHO: Safe Money Plugin: {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\x64\IEExt\OnlineBanking\online_banking_bho.dll

x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL

x64-BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre8\bin\jp2ssv.dll

x64-BHO: URL Advisor Plugin: {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\x64\IEExt\UrlAdvisor\klwtbbho.dll

x64-IE: {0C4CC089-D306-440D-9772-464E226F6539} - {0BA14598-4178-4CE5-B1F1-B5C6408A3F2E} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll

x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll

x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

x64-IE: {bd707fe6-39f6-4bda-9265-86a76719bdc5} - C:\Program Files\Motorola\Bluetooth\btmiesend.htm

x64-IE: {CCF151D8-D089-449F-A5A4-D9909053F20F} - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\x64\IEExt\UrlAdvisor\klwtbbho.dll

x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL

x64-Notify: igfxcui - igfxdev.dll

x64-SSODL: WebCheck - <orphaned>

x64-SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL

.

================= FIREFOX ===================

.

FF - ProfilePath - C:\Users\ML\AppData\Roaming\Mozilla\Firefox\Profiles\x92jvrww.default\

FF - prefs.js: browser.search.selectedEngine - Google

FF - prefs.js: network.proxy.type - 0

FF - plugin: C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL

FF - plugin: C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL

FF - plugin: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll

FF - plugin: C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll

FF - plugin: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npdeployJava1.dll

FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll

FF - plugin: C:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrlui.dll

FF - plugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll

FF - plugin: C:\Users\ML\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll

FF - plugin: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1210150.dll

FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll

.

============= SERVICES / DRIVERS ===============

.

R0 SmartDefragDriver;SmartDefragDriver;C:\Windows\System32\drivers\SmartDefragDriver.sys [2014-4-22 21184]

R1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;C:\Windows\System32\drivers\klim6.sys [2012-8-2 29792]

R1 kltdi;kltdi;C:\Windows\System32\drivers\kltdi.sys [2012-6-8 54368]

R1 kneps;kneps;C:\Windows\System32\drivers\kneps.sys [2012-8-13 178448]

R2 AdvancedSystemCareService7;Advanced SystemCare Service 7;C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe [2014-4-24 881952]

R2 AVP;Serviço do Kaspersky Anti-Virus;C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe [2012-8-17 356128]

R2 Bluetooth Media Service;Bluetooth Media Service;C:\Program Files\Motorola\Bluetooth\audiosrv.exe [2014-4-18 1193040]

R2 Bluetooth OBEX Service;Bluetooth OBEX Service;C:\Program Files\Motorola\Bluetooth\obexsrv.exe [2014-4-18 783704]

R2 FPSensor;EgisTec-Corp Fingerprint Reader Driver (FPSensor.sys);C:\Windows\System32\drivers\FPSensor.sys [2010-8-26 35952]

R2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2014-4-18 13336]

R2 SoilIO;SoilIO;C:\Windows\System32\drivers\SoilIO.sys [2009-12-11 17912]

R2 SpyHunter 4 Service;SpyHunter 4 Service;C:\PROGRA~2\ENIGMA~1\SPYHUN~1\SH4SER~1.EXE [2010-5-18 327064]

R2 UNS;Intel® Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2014-4-18 2655768]

R3 asmthub3;ASMedia USB3 Hub Service;C:\Windows\System32\drivers\asmthub3.sys [2010-12-8 122856]

R3 asmtxhci;ASMEDIA XHCI Service;C:\Windows\System32\drivers\asmtxhci.sys [2010-12-8 369640]

R3 Bluetooth Device Manager;Bluetooth Device Manager;C:\Program Files\Motorola\Bluetooth\devmgrsrv.exe [2014-4-18 4180824]

R3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2014-4-18 1028096]

R3 IntcDAud;Intel® Display Audio;C:\Windows\System32\drivers\IntcDAud.sys [2014-4-24 450520]

R3 JMCR;JMCR;C:\Windows\System32\drivers\jmcr.sys [2014-4-24 176880]

R3 JME;JMicron Ethernet Adapter NDIS6.20 Driver (Amd64 Bits);C:\Windows\System32\drivers\JME.sys [2014-4-24 145424]

R3 klkbdflt;Kaspersky Lab KLKBDFLT;C:\Windows\System32\drivers\klkbdflt.sys [2012-5-25 29280]

R3 klmouflt;Kaspersky Lab KLMOUFLT;C:\Windows\System32\drivers\klmouflt.sys [2012-7-25 29280]

R3 RtkBtFilter;Realtek Bluetooth Filter Driver;C:\Windows\System32\drivers\RtkBtfilter.sys [2014-4-24 555736]

R3 RTWlanE;Realtek Wireless LAN 802.11n PCI-E Network Adapter;C:\Windows\System32\drivers\rtwlane.sys [2014-4-24 3073752]

R3 soilkbc;soilkbc;C:\Windows\System32\drivers\Soilkbc.sys [2009-12-3 13816]

R3 SoilMC;SoilMC;C:\Windows\System32\drivers\SoilMC.sys [2009-12-3 13304]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-9-11 105144]

S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-9-11 124088]

S2 LiveUpdateSvc;LiveUpdate;C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2014-4-24 2152736]

S3 BTMCOM;Bluetooth Serial Port;C:\Windows\System32\drivers\btmcom.sys [2014-4-18 52736]

S3 BTMUSB;Motorola Bluetooth Radio Service;C:\Windows\System32\drivers\btmusb.sys [2014-4-18 663936]

S3 dmvsc;dmvsc;C:\Windows\System32\drivers\dmvsc.sys [2011-4-12 71168]

S3 IDMWFP;IDMWFP;C:\Windows\System32\drivers\idmwfp.sys [2014-4-21 175480]

S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2014-4-20 111616]

S3 npggsvc;nProtect GameGuard Service;C:\Windows\System32\GameMon.des -service --> C:\Windows\System32\GameMon.des -service [?]

S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2014-4-24 19456]

S3 RTL8192Ce;Realtek Wireless LAN 802.11n PCI-E NIC Driver;C:\Windows\System32\drivers\rtl8192ce.sys [2014-4-18 1145448]

S3 Synth3dVsc;Synth3dVsc;C:\Windows\System32\drivers\Synth3dVsc.sys [2011-4-12 88960]

S3 terminpt;Microsoft Remote Desktop Input Driver;C:\Windows\System32\drivers\terminpt.sys [2014-4-24 29696]

S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2014-4-24 57856]

S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2014-4-24 30208]

S3 WatAdminSvc;Serviço de Tecnologias de Ativação do Windows;C:\Windows\System32\Wat\WatAdminSvc.exe [2014-4-18 1255736]

SUnknown tsusbhub;tsusbhub; [x]

.

=============== File Associations ===============

.

ShellExec: Opera.exe: open="C:\Program Files (x86)\Opera\Launcher.exe" "%1"

.

=============== Created Last 30 ================

.

2014-05-26 20:44:32 -------- d-----w- C:\Program Files (x86)\SpeedFan

2014-05-26 20:07:02 -------- d-----w- C:\Program Files (x86)\Lavalys

2014-05-25 22:07:46 -------- d-----w- C:\Users\ML\AppData\Local\Opera Software

2014-05-25 22:07:45 -------- d-----w- C:\Users\ML\AppData\Roaming\Opera Software

2014-05-24 05:47:40 -------- d-----w- C:\Users\ML\AppData\Roaming\Unity

2014-05-24 05:46:19 -------- d-----w- C:\Users\ML\AppData\Local\Unity

2014-05-23 15:09:34 10702536 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{2DEB4A1E-D24F-4143-B43E-4E580EF93BE4}\mpengine.dll

2014-05-23 15:02:48 -------- d-----w- C:\Users\ML\AppData\Roaming\NetworkTunnel

2014-05-23 15:02:45 427376 ----a-w- C:\Windows\SysWow64\networkdlllsp.dll

2014-05-23 14:54:09 -------- d-----w- C:\Program Files (x86)\ExitLag

2014-05-22 19:19:39 -------- d-----w- C:\Program Files (x86)\MiPony

2014-05-22 02:27:15 -------- d-----w- C:\Program Files (x86)\WTFast

2014-05-17 17:56:42 5210480 ----a-w- C:\Windows\SysWow64\GameMon.des

2014-05-17 17:56:24 5174 ----a-w- C:\Windows\SysWow64\nppt9x.vxd

2014-05-17 17:56:24 4682 ----a-w- C:\Windows\SysWow64\npptNT2.sys

2014-05-17 17:55:58 -------- d-----w- C:\Program Files\Common Files\INCA Shared

2014-05-17 17:34:26 -------- d-----w- C:\Level Up! Games

2014-05-17 17:12:46 110080 ----a-r- C:\Users\ML\AppData\Roaming\Microsoft\Installer\{4FC9DA9D-F608-454E-8191-D7EFFDCC5726}\IconF7A21AF7.exe

2014-05-17 17:12:46 110080 ----a-r- C:\Users\ML\AppData\Roaming\Microsoft\Installer\{4FC9DA9D-F608-454E-8191-D7EFFDCC5726}\IconD7F16134.exe

2014-05-17 17:12:45 -------- d-----w- C:\sh4ldr

2014-05-17 17:12:45 -------- d-----w- C:\Program Files (x86)\Enigma Software Group

2014-05-17 17:11:36 -------- d-----w- C:\Windows\4FC9DA9DF608454E8191D7EFFDCC5726.TMP

2014-05-17 14:59:48 -------- d-----w- C:\Program Files\Enigma Software Group

2014-05-17 14:56:51 -------- d-----w- C:\Windows\ACF5FE1B377240688B872D2A6EFD0A05.TMP

2014-05-17 14:56:42 -------- d-----w- C:\Program Files (x86)\Common Files\Wise Installation Wizard

2014-05-16 18:26:04 -------- d-----w- C:\Windows\System32\appmgmt

2014-05-14 11:43:59 2724864 ----a-w- C:\Windows\System32\mshtml.tlb

2014-05-14 11:43:58 2724864 ----a-w- C:\Windows\SysWow64\mshtml.tlb

2014-05-14 11:29:25 477184 ----a-w- C:\Windows\System32\aepdu.dll

2014-05-14 11:29:24 424448 ----a-w- C:\Windows\System32\aeinv.dll

2014-05-14 04:53:06 -------- d-----w- C:\Program Files (x86)\LSI

2014-05-13 13:43:40 -------- d-----w- C:\Users\ML\AppData\Roaming\ProductData

2014-05-12 17:47:16 -------- d-----w- C:\Users\ML\AppData\Local\SKIDROW

2014-05-12 17:45:59 72200 ----a-w- C:\Windows\System32\XAPOFX1_1.dll

2014-05-12 17:44:56 3767504 ----a-w- C:\Windows\System32\d3dx9_26.dll

2014-05-12 17:44:56 2297552 ----a-w- C:\Windows\SysWow64\d3dx9_26.dll

2014-05-12 17:37:33 -------- d-----w- C:\Program Files (x86)\Super Hexagon

2014-05-08 04:38:47 -------- d-----w- C:\Users\ML\AppData\Roaming\Curse Client

2014-05-08 04:38:15 -------- d-----w- C:\Users\ML\AppData\Roaming\Curse

2014-05-06 19:53:02 -------- d-----w- C:\Users\ML\.tuxguitar-1.2

2014-05-06 19:52:37 -------- d-----w- C:\Program Files (x86)\TuxGuitar

2014-05-06 19:27:54 -------- d-----w- C:\Users\ML\AppData\Local\FileViewPro

2014-05-06 19:27:46 -------- d-----w- C:\ProgramData\IsolatedStorage

2014-05-06 19:27:45 -------- d-----w- C:\Users\ML\AppData\Roaming\IsolatedStorage

2014-05-06 19:24:49 -------- d-----w- C:\Spacekace

2014-04-29 17:05:00 -------- d-----w- C:\Users\ML\AppData\Roaming\Mipony

.

==================== Find3M  ====================

.

2014-05-19 15:04:54 91008 ----a-w- C:\Windows\System32\drivers\klflt.sys

2014-05-17 17:50:16 70832 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl

2014-05-17 17:50:16 692400 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe

2014-04-25 06:59:43 111016 ----a-w- C:\Windows\System32\WindowsAccessBridge-64.dll

2014-04-25 06:55:36 96168 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll

2014-04-24 18:53:35 514560 ----a-w- C:\Windows\SysWow64\qdvd.dll

2014-04-24 18:53:35 366592 ----a-w- C:\Windows\System32\qdvd.dll

2014-04-24 18:34:44 99800 ----a-w- C:\Windows\System32\drivers\TeeDriverx64.sys

2014-04-24 18:34:44 1795952 ----a-w- C:\Windows\System32\WdfCoInstaller01011.dll

2014-04-24 18:34:37 145424 ----a-w- C:\Windows\System32\drivers\JME.sys

2014-04-24 18:34:12 3073752 ----a-w- C:\Windows\System32\drivers\rtwlane.sys

2014-04-24 18:27:07 176880 ----a-w- C:\Windows\System32\drivers\jmcr.sys

2014-04-24 18:23:59 450520 ----a-w- C:\Windows\System32\drivers\IntcDAud.sys

2014-04-20 05:31:52 878080 ----a-w- C:\Windows\System32\advapi32.dll

2014-04-20 05:31:52 859648 ----a-w- C:\Windows\System32\tdh.dll

2014-04-20 05:31:52 1732032 ----a-w- C:\Windows\System32\ntdll.dll

2014-04-20 05:31:51 640512 ----a-w- C:\Windows\SysWow64\advapi32.dll

2014-04-20 05:31:51 619520 ----a-w- C:\Windows\SysWow64\tdh.dll

2014-04-20 05:31:51 1292192 ----a-w- C:\Windows\SysWow64\ntdll.dll

2014-04-20 05:31:27 327168 ----a-w- C:\Windows\System32\mswsock.dll

2014-04-20 05:31:27 231424 ----a-w- C:\Windows\SysWow64\mswsock.dll

2014-04-20 05:31:27 1903552 ----a-w- C:\Windows\System32\drivers\tcpip.sys

2014-04-20 01:32:51 1887232 ----a-w- C:\Windows\System32\d3d11.dll

2014-04-20 01:32:51 1505280 ----a-w- C:\Windows\SysWow64\d3d11.dll

2014-04-18 20:47:50 54368 ----a-w- C:\Windows\System32\drivers\kltdi.sys

2014-04-18 20:47:50 178448 ----a-w- C:\Windows\System32\drivers\kneps.sys

2014-04-18 20:47:49 29280 ----a-w- C:\Windows\System32\drivers\klmouflt.sys

2014-04-18 20:47:49 29280 ----a-w- C:\Windows\System32\drivers\klkbdflt.sys

2014-04-18 20:47:48 29792 ----a-w- C:\Windows\System32\drivers\klim6.sys

2014-04-18 20:47:45 458336 ----a-w- C:\Windows\System32\drivers\kl1.sys

2014-04-18 19:22:39 599152 ----a-w- C:\Windows\SysWow64\NBMatS1SDK.dll

2014-04-15 05:34:10 1070232 ----a-w- C:\Windows\SysWow64\MSCOMCTL.OCX

2014-04-12 02:22:05 95680 ----a-w- C:\Windows\System32\drivers\ksecdd.sys

2014-04-12 02:22:05 155072 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys

2014-04-12 02:19:38 29184 ----a-w- C:\Windows\System32\sspisrv.dll

2014-04-12 02:19:38 136192 ----a-w- C:\Windows\System32\sspicli.dll

2014-04-12 02:19:37 28160 ----a-w- C:\Windows\System32\secur32.dll

2014-04-12 02:19:32 1460736 ----a-w- C:\Windows\System32\lsasrv.dll

2014-04-12 02:19:05 31232 ----a-w- C:\Windows\System32\lsass.exe

2014-04-12 02:12:06 22016 ----a-w- C:\Windows\SysWow64\secur32.dll

2014-04-12 02:10:56 96768 ----a-w- C:\Windows\SysWow64\sspicli.dll

2014-03-31 12:35:08 270496 ------w- C:\Windows\System32\MpSigStub.exe

2014-03-10 21:17:22 128288 ----a-w- C:\Windows\System32\IObitSmartDefragExtension.dll

2014-03-06 09:31:33 4096 ----a-w- C:\Windows\System32\ieetwcollectorres.dll

2014-03-06 08:59:04 66048 ----a-w- C:\Windows\System32\iesetup.dll

2014-03-06 08:57:34 548352 ----a-w- C:\Windows\System32\vbscript.dll

2014-03-06 08:57:20 48640 ----a-w- C:\Windows\System32\ieetwproxystub.dll

2014-03-06 08:29:40 139264 ----a-w- C:\Windows\System32\ieUnatt.exe

2014-03-06 08:29:14 111616 ----a-w- C:\Windows\System32\ieetwcollector.exe

2014-03-06 08:28:15 752640 ----a-w- C:\Windows\System32\jscript9diag.dll

2014-03-06 08:15:54 940032 ----a-w- C:\Windows\System32\MsSpellCheckingFacility.exe

2014-03-06 08:11:41 5784064 ----a-w- C:\Windows\System32\jscript9.dll

2014-03-06 08:02:34 61952 ----a-w- C:\Windows\SysWow64\iesetup.dll

2014-03-06 08:02:33 455168 ----a-w- C:\Windows\SysWow64\vbscript.dll

2014-03-06 08:01:01 51200 ----a-w- C:\Windows\SysWow64\ieetwproxystub.dll

2014-03-06 07:56:43 38400 ----a-w- C:\Windows\System32\JavaScriptCollectionAgent.dll

2014-03-06 07:46:36 4254720 ----a-w- C:\Windows\SysWow64\jscript9.dll

2014-03-06 07:38:13 112128 ----a-w- C:\Windows\SysWow64\ieUnatt.exe

2014-03-06 07:36:40 592896 ----a-w- C:\Windows\SysWow64\jscript9diag.dll

2014-03-06 07:13:43 32256 ----a-w- C:\Windows\SysWow64\JavaScriptCollectionAgent.dll

2014-03-06 07:11:15 2043904 ----a-w- C:\Windows\System32\inetcpl.cpl

2014-03-06 06:40:39 1967104 ----a-w- C:\Windows\SysWow64\inetcpl.cpl

2014-03-06 06:22:40 2260480 ----a-w- C:\Windows\System32\wininet.dll

2014-03-06 05:41:49 1789440 ----a-w- C:\Windows\SysWow64\wininet.dll

2014-03-04 09:47:01 5550016 ----a-w- C:\Windows\System32\ntoskrnl.exe

2014-03-04 09:44:21 362496 ----a-w- C:\Windows\System32\wow64win.dll

2014-03-04 09:44:21 243712 ----a-w- C:\Windows\System32\wow64.dll

2014-03-04 09:44:21 13312 ----a-w- C:\Windows\System32\wow64cpu.dll

2014-03-04 09:44:20 39936 ----a-w- C:\Windows\System32\wincredprovider.dll

2014-03-04 09:44:10 210944 ----a-w- C:\Windows\System32\wdigest.dll

2014-03-04 09:44:08 86528 ----a-w- C:\Windows\System32\TSpkg.dll

2014-03-04 09:44:06 340992 ----a-w- C:\Windows\System32\schannel.dll

2014-03-04 09:44:03 722944 ----a-w- C:\Windows\System32\objsel.dll

2014-03-04 09:44:03 314880 ----a-w- C:\Windows\System32\msv1_0.dll

2014-03-04 09:44:03 16384 ----a-w- C:\Windows\System32\ntvdm64.dll

2014-03-04 09:44:00 728064 ----a-w- C:\Windows\System32\kerberos.dll

2014-03-04 09:44:00 424960 ----a-w- C:\Windows\System32\KernelBase.dll

2014-03-04 09:43:56 57344 ----a-w- C:\Windows\System32\cngprovider.dll

2014-03-04 09:43:56 52736 ----a-w- C:\Windows\System32\dpapiprovider.dll

2014-03-04 09:43:56 44544 ----a-w- C:\Windows\System32\dimsroam.dll

2014-03-04 09:43:56 22016 ----a-w- C:\Windows\System32\credssp.dll

2014-03-04 09:43:55 56832 ----a-w- C:\Windows\System32\adprovider.dll

2014-03-04 09:43:55 53760 ----a-w- C:\Windows\System32\capiprovider.dll

2014-03-04 09:43:50 455168 ----a-w- C:\Windows\System32\winlogon.exe

2014-03-04 09:20:11 3969984 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe

2014-03-04 09:20:11 3914176 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe

2014-03-04 09:16:54 25600 ----a-w- C:\Windows\SysWow64\setup16.exe

2014-03-04 09:16:18 5120 ----a-w- C:\Windows\SysWow64\wow32.dll

2014-03-04 09:16:18 274944 ----a-w- C:\Windows\SysWow64\KernelBase.dll

2014-03-04 08:09:30 7680 ----a-w- C:\Windows\SysWow64\instnm.exe

2014-03-04 08:09:29 2048 ----a-w- C:\Windows\SysWow64\user.exe

2014-02-28 18:16:46 61736 ----a-w- C:\Windows\System32\drivers\netfilter64.sys

.

============= FINISH:  1:20:43,67 ===============

 

.

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

.

DDS (Ver_2012-11-20.01)

.

Microsoft Windows 7 Ultimate 

Boot Device: \Device\HarddiskVolume1

Install Date: 18/04/2014 16:12:29

System Uptime: 27/05/2014 22:50:19 (3 hours ago)

.

Motherboard: POSITIVO                |  | A14HV0A               

Processor: Intel® Core i5-2410M CPU @ 2.30GHz | CPU 1 | 782/400mhz

.

==== Disk Partitions =========================

.

C: is FIXED (NTFS) - 166 GiB total, 108,512 GiB free.

D: is FIXED (NTFS) - 430 GiB total, 304,23 GiB free.

E: is CDROM ()

.

==== Disabled Device Manager Items =============

.

Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}

Description: Adaptador do Microsoft ISATAP

Device ID: ROOT\*ISATAP\0000

Manufacturer: Microsoft

Name: Adaptador do Microsoft ISATAP

PNP Device ID: ROOT\*ISATAP\0000

Service: tunnel

.

Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}

Description: Adaptador do Microsoft ISATAP

Device ID: ROOT\*ISATAP\0001

Manufacturer: Microsoft

Name: Microsoft ISATAP Adapter #2

PNP Device ID: ROOT\*ISATAP\0001

Service: tunnel

.

Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}

Description: Adaptador de Túnel Teredo da Microsoft

Device ID: ROOT\*TEREDO\0000

Manufacturer: Microsoft

Name: Teredo Tunneling Pseudo-Interface

PNP Device ID: ROOT\*TEREDO\0000

Service: tunnel

.

==== System Restore Points ===================

.

RP59: 26/05/2014 12:28:29 - Scheduled Checkpoint

.

==== Installed Programs ======================

.

Adobe AIR

Adobe Flash Player 13 ActiveX

Adobe Flash Player 13 Plugin

Adobe Reader XI (11.0.07) - Português

Adobe Shockwave Player 12.1

Advanced SystemCare 7

Asmedia ASM104x USB 3.0 Host Controller Driver

µTorrent

CCleaner

Cisco EAP-FAST Module

Cisco LEAP Module

Cisco PEAP Module

Curse

Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition

Driver 1.3

Driver Booster

EgisTec ES603 WDM Driver

ES603 WDM Driver

EVEREST Ultimate Edition v5.50

ExitLag

FormatFactory 3.3.4.0

Google Chrome

Google Update Helper

IDT Audio

Intel® Management Engine Components

Intel® Processor Graphics

Intel® Rapid Storage Technology

Internet Download Manager

IObit Uninstaller

Java 7 Update 55

Java 8 Update 5 (64-bit)

Java Auto Updater

JMicron Ethernet Adapter NDIS Driver

JMicron Flash Media Controller Driver

Kaspersky Anti-Virus 2013

League of Legends

Microsoft .NET Framework 1.1

Microsoft .NET Framework 4.5.1

Microsoft .NET Framework 4.5.1 (Português do Brasil)

Microsoft .NET Framework 4.5.1 (PTB)

Microsoft Office Access MUI (Portuguese (Brazil)) 2010

Microsoft Office Excel MUI (Portuguese (Brazil)) 2010

Microsoft Office Groove MUI (Portuguese (Brazil)) 2010

Microsoft Office InfoPath MUI (Portuguese (Brazil)) 2010

Microsoft Office Office 64-bit Components 2010

Microsoft Office OneNote MUI (Portuguese (Brazil)) 2010

Microsoft Office Outlook MUI (Portuguese (Brazil)) 2010

Microsoft Office PowerPoint MUI (Portuguese (Brazil)) 2010

Microsoft Office Professional Plus 2010

Microsoft Office Proof (English) 2010

Microsoft Office Proof (Portuguese (Brazil)) 2010

Microsoft Office Proof (Spanish) 2010

Microsoft Office Proofing (Portuguese (Brazil)) 2010

Microsoft Office Publisher MUI (Portuguese (Brazil)) 2010

Microsoft Office Shared 64-bit MUI (Portuguese (Brazil)) 2010

Microsoft Office Shared MUI (Portuguese (Brazil)) 2010

Microsoft Office Word MUI (Portuguese (Brazil)) 2010

Microsoft Silverlight

Microsoft Visual C++ 2005 Redistributable

Microsoft Visual C++ 2005 Redistributable (x64)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

Microsoft XNA Framework Redistributable 4.0

MiPony 2.1.3

Motorola Bluetooth

Mozilla Firefox 29.0.1 (x86 pt-BR)

Mozilla Maintenance Service

NTRU TCG Software Stack

Nuvoton SafeKeeper TPM Software

Opera Stable 21.0.1432.67

OSD 1.12.10

Pando Media Booster

REALTEK Wireless LAN Driver

Security Update for Microsoft .NET Framework 4.5.1 (KB2898869)

Security Update for Microsoft .NET Framework 4.5.1 (KB2901126)

Security Update for Microsoft .NET Framework 4.5.1 (KB2931368)

Security Update for Microsoft Excel 2010 (KB2826033) 32-Bit Edition

Security Update for Microsoft Office 2010 (KB2553284) 32-Bit Edition

Security Update for Microsoft Office 2010 (KB2687423) 32-Bit Edition

Security Update for Microsoft Office 2010 (KB2760781) 32-Bit Edition

Security Update for Microsoft Office 2010 (KB2810073) 32-Bit Edition

Security Update for Microsoft Office 2010 (KB2826023) 32-Bit Edition

Security Update for Microsoft Office 2010 (KB2826035) 32-Bit Edition

Security Update for Microsoft Office 2010 (KB2850016) 32-Bit Edition

Security Update for Microsoft Office 2010 (KB2878284) 32-Bit Edition

Security Update for Microsoft Office 2010 (KB2880971) 32-Bit Edition

Security Update for Microsoft Word 2010 (KB2863926) 32-Bit Edition

Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition

Smart Defrag 3

SpeedFan (remove only)

SpyHunter

Super Hexagon

Surfing Protection

swMSM

Synaptics Pointing Device Driver

TuxGuitar

Unity Web Player

Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition

Update for Microsoft Filter Pack 2.0 (KB2878281) 32-Bit Edition

Update for Microsoft InfoPath 2010 (KB2817369) 32-Bit Edition

Update for Microsoft InfoPath 2010 (KB2817396) 32-Bit Edition

Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition

Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition

Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition

Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition

Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition

Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition

Update for Microsoft Office 2010 (KB2825635) 32-Bit Edition

Update for Microsoft Office 2010 (KB2825640) 32-Bit Edition

Update for Microsoft Office 2010 (KB2863818) 32-Bit Edition

Update for Microsoft Office 2010 (KB2878225) 32-Bit Edition

Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition

Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition

Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition

Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition

Update for Microsoft Visio 2010 (KB2880526) 32-Bit Edition

Update for Microsoft Visio Viewer 2010 (KB2837587) 32-Bit Edition

VLC media player 2.1.4

Webcam 1.5

WinRAR 5.01 (64-bit)

YTD Video Downloader 4.8

.

==== End Of File ===========================

 

OBS : Não consegui postar o GMER, aparece a mensagem "post too long"

Editado por DarkRenisson

Compartilhar este post


Link para o post
Compartilhar em outros sites
Olá

 

Desculpe a demora :)

 

Se ainda precisa de ajuda refaça os logs, pois preciso dos mesmos com datas atualizadas: Leia Antes de Postar - Criando um novo Tópico

 

ATENÇÃO 1: Não precisa abrir um novo tópico, coloque os novos logs neste mesmo tópico, obrigado!

ATENÇÃO 2: Não edite seu tópico, use o botão responder, obrigado!

ATENÇÃO 3: Não coloque os logs entre TAGS, obrigado!

ATENÇÃO 4: Não anexe os logs, obrigado!

 

Abraços :D

Compartilhar este post


Link para o post
Compartilhar em outros sites
  • Autor do tópico
  • OBS: GMER ficou muito grande então não consegui colocá-lo

     

    DDS (Ver_2012-11-20.01) - NTFS_AMD64 

    Internet Explorer: 11.0.9600.17041  BrowserJavaVersion: 10.55.2

    Run by ML at 21:24:53 on 2014-06-02

    Microsoft Windows 7 Ultimate   6.1.7601.1.1252.55.1033.18.3558.2063 [GMT -3:00]

    .

    AV: Kaspersky Anti-Virus *Disabled/Updated* {C3113FBF-4BCB-4461-D78D-6EDFEC9593E5}

    SP: Kaspersky Anti-Virus *Disabled/Updated* {7870DE5B-6DF1-4BEF-ED3D-55AD9712D958}

    SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

    .

    ============== Running Processes ===============

    .

    C:\Windows\system32\lsm.exe

    C:\Windows\system32\svchost.exe -k DcomLaunch

    C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe

    C:\PROGRA~2\ENIGMA~1\SPYHUN~1\SH4SER~1.EXE

    C:\Windows\system32\svchost.exe -k RPCSS

    C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

    C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

    C:\Windows\system32\svchost.exe -k LocalService

    C:\Windows\system32\svchost.exe -k netsvcs

    C:\Program Files\IDT\WDM\STacSV64.exe

    C:\Windows\system32\svchost.exe -k GPSvcGroup

    C:\Windows\system32\svchost.exe -k NetworkService

    C:\Windows\System32\spoolsv.exe

    C:\Windows\System32\svchost.exe -k LocalServiceAndNoImpersonation

    C:\Windows\system32\Dwm.exe

    C:\Windows\Explorer.EXE

    C:\Program Files (x86)\NTRU Cryptosystems\NTRU TCG Software Stack\bin\tcsd_win32.exe

    C:\Windows\system32\taskhost.exe

    C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

    C:\Windows\system32\taskeng.exe

    C:\Program Files (x86)\IObit\Advanced SystemCare 7\Monitor.exe

    C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

    C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe

    C:\Program Files\Motorola\Bluetooth\devmgrsrv.exe

    C:\Program Files\Motorola\Bluetooth\audiosrv.exe

    C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe

    C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe

    C:\Windows\system32\svchost.exe -k imgsvc

    C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted

    C:\Program Files\Motorola\Bluetooth\obexsrv.exe

    C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe

    C:\Windows\system32\SearchIndexer.exe

    C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

    C:\Windows\system32\SearchProtocolHost.exe

    C:\Windows\system32\wbem\wmiprvse.exe

    C:\Windows\System32\svchost.exe -k LocalServicePeerNet

    C:\Program Files\Windows Media Player\wmpnetwk.exe

    C:\Windows\system32\wbem\wmiprvse.exe

    C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe

    C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

    C:\Windows\system32\sppsvc.exe

    C:\Windows\System32\svchost.exe -k secsvcs

    C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe

    C:\Windows\servicing\TrustedInstaller.exe

    C:\Windows\system32\taskhost.exe

    \\?\C:\Windows\system32\wbem\WMIADAP.EXE

    C:\Windows\system32\SearchFilterHost.exe

    C:\Windows\System32\cscript.exe

    .

    ============== Pseudo HJT Report ===============

    .

    uDefault_Page_URL = hxxp://istart.webssearches.com/?type=hp&ts=1398455447&from=amt&uid=TOSHIBAXMK6461GSYN_51VGF02MSXX51VGF02MS

    mStart Page = hxxp://istart.webssearches.com/?type=hp&ts=1398455447&from=amt&uid=TOSHIBAXMK6461GSYN_51VGF02MSXX51VGF02MS

    mSearch Page = hxxp://istart.webssearches.com/web/?type=ds&ts=1398455447&from=amt&uid=TOSHIBAXMK6461GSYN_51VGF02MSXX51VGF02MS&q={searchTerms}

    mDefault_Page_URL = hxxp://istart.webssearches.com/?type=hp&ts=1398455447&from=amt&uid=TOSHIBAXMK6461GSYN_51VGF02MSXX51VGF02MS

    mDefault_Search_URL = hxxp://istart.webssearches.com/web/?type=ds&ts=1398455447&from=amt&uid=TOSHIBAXMK6461GSYN_51VGF02MSXX51VGF02MS&q={searchTerms}

    mWinlogon: Userinit = userinit.exe

    BHO: IDM integration (IDMIEHlprObj Class): {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll

    BHO: Content Blocker Plugin: {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\IEExt\ContentBlocker\ie_content_blocker_plugin.dll

    BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL

    BHO: Virtual Keyboard Plugin: {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll

    BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll

    BHO: Safe Money Plugin: {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\IEExt\OnlineBanking\online_banking_bho.dll

    BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL

    BHO: Advanced SystemCare Browser Protection: {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - C:\Program Files (x86)\IObit\Surfing Protection\BrowerProtect\ASCPlugin_Protection.dll

    BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll

    BHO: URL Advisor Plugin: {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\IEExt\UrlAdvisor\klwtbbho.dll

    uRun: [Viber] "C:\Users\ML\AppData\Local\Viber\Viber.exe"

    mRun: [AVP] "C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe"

    mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

    uPolicies-Explorer: NoDriveTypeAutoRun = dword:221

    mPolicies-Explorer: NoActiveDesktop = dword:1

    mPolicies-Explorer: NoActiveDesktopChanges = dword:1

    mPolicies-Explorer: NoDriveTypeAutoRun = dword:28

    mPolicies-System: ConsentPromptBehaviorAdmin = dword:5

    mPolicies-System: ConsentPromptBehaviorUser = dword:3

    mPolicies-System: EnableUIADesktopToggle = dword:0

    IE: &Enviar para o OneNote - C:\PROGRA~2\MICROS~2\Office14\ONBttnIE.dll/105

    IE: Baixar com Mipony - C:\Program Files (x86)\MiPony\Browser\IEContext.htm

    IE: E&xportar para o Microsoft Excel - C:\PROGRA~2\MICROS~2\Office14\EXCEL.EXE/3000

    IE: Fazer o download de todos os links usando o IDM - C:\Program Files (x86)\Internet Download Manager\IEGetAll.htm

    IE: Fazer o download usando o IDM - C:\Program Files (x86)\Internet Download Manager\IEExt.htm

    IE: {0C4CC089-D306-440D-9772-464E226F6539} - {0BA14598-4178-4CE5-B1F1-B5C6408A3F2E} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll

    IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll

    IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

    IE: {bd707fe6-39f6-4bda-9265-86a76719bdc5} - C:\Program Files\Motorola\Bluetooth\btmiesend.htm

    IE: {CCF151D8-D089-449F-A5A4-D9909053F20F} - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\IEExt\UrlAdvisor\klwtbbho.dll

    DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab

    TCP: NameServer = 186.223.128.17 186.223.128.14 201.6.4.116

    TCP: Interfaces\{DB54A327-DFBD-4C11-AE80-8A2F7F02BFC8} : DHCPNameServer = 186.223.128.17 186.223.128.14 201.6.4.116

    Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL

    SSODL: WebCheck - <orphaned>

    SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL

    mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome

    x64-mStart Page = hxxp://istart.webssearches.com/?type=hp&ts=1398455447&from=amt&uid=TOSHIBAXMK6461GSYN_51VGF02MSXX51VGF02MS

    x64-mSearch Page = hxxp://istart.webssearches.com/web/?type=ds&ts=1398455447&from=amt&uid=TOSHIBAXMK6461GSYN_51VGF02MSXX51VGF02MS&q={searchTerms}

    x64-mDefault_Page_URL = hxxp://istart.webssearches.com/?type=hp&ts=1398455447&from=amt&uid=TOSHIBAXMK6461GSYN_51VGF02MSXX51VGF02MS

    x64-mDefault_Search_URL = hxxp://istart.webssearches.com/web/?type=ds&ts=1398455447&from=amt&uid=TOSHIBAXMK6461GSYN_51VGF02MSXX51VGF02MS&q={searchTerms}

    x64-BHO: IDM integration (IDMIEHlprObj Class): {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC64.dll

    x64-BHO: ExplorerWnd Helper: {10921475-03CE-4E04-90CE-E2E7EF20C814} - C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer64.dll

    x64-BHO: Content Blocker Plugin: {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll

    x64-BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL

    x64-BHO: Virtual Keyboard Plugin: {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll

    x64-BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre8\bin\ssv.dll

    x64-BHO: Safe Money Plugin: {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\x64\IEExt\OnlineBanking\online_banking_bho.dll

    x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL

    x64-BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre8\bin\jp2ssv.dll

    x64-BHO: URL Advisor Plugin: {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\x64\IEExt\UrlAdvisor\klwtbbho.dll

    x64-IE: {0C4CC089-D306-440D-9772-464E226F6539} - {0BA14598-4178-4CE5-B1F1-B5C6408A3F2E} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll

    x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll

    x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

    x64-IE: {bd707fe6-39f6-4bda-9265-86a76719bdc5} - C:\Program Files\Motorola\Bluetooth\btmiesend.htm

    x64-IE: {CCF151D8-D089-449F-A5A4-D9909053F20F} - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\x64\IEExt\UrlAdvisor\klwtbbho.dll

    x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL

    x64-Notify: igfxcui - igfxdev.dll

    x64-SSODL: WebCheck - <orphaned>

    x64-SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL

    .

    ================= FIREFOX ===================

    .

    FF - ProfilePath - C:\Users\ML\AppData\Roaming\Mozilla\Firefox\Profiles\x92jvrww.default\

    FF - prefs.js: browser.search.selectedEngine - Google

    FF - prefs.js: network.proxy.type - 0

    FF - plugin: C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL

    FF - plugin: C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL

    FF - plugin: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll

    FF - plugin: C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll

    FF - plugin: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npdeployJava1.dll

    FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll

    FF - plugin: C:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrlui.dll

    FF - plugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll

    FF - plugin: C:\Users\ML\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll

    FF - plugin: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1210150.dll

    FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll

    .

    ============= SERVICES / DRIVERS ===============

    .

    R0 SmartDefragDriver;SmartDefragDriver;C:\Windows\System32\drivers\SmartDefragDriver.sys [2014-4-22 21184]

    R1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;C:\Windows\System32\drivers\klim6.sys [2012-8-2 29792]

    R1 kltdi;kltdi;C:\Windows\System32\drivers\kltdi.sys [2012-6-8 54368]

    R1 kneps;kneps;C:\Windows\System32\drivers\kneps.sys [2012-8-13 178448]

    R2 AdvancedSystemCareService7;Advanced SystemCare Service 7;C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe [2014-4-24 881952]

    R2 AVP;Serviço do Kaspersky Anti-Virus;C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe [2012-8-17 356128]

    R2 Bluetooth Media Service;Bluetooth Media Service;C:\Program Files\Motorola\Bluetooth\audiosrv.exe [2014-4-18 1193040]

    R2 Bluetooth OBEX Service;Bluetooth OBEX Service;C:\Program Files\Motorola\Bluetooth\obexsrv.exe [2014-4-18 783704]

    R2 FPSensor;EgisTec-Corp Fingerprint Reader Driver (FPSensor.sys);C:\Windows\System32\drivers\FPSensor.sys [2010-8-26 35952]

    R2 Freemake Improver;Freemake Improver;C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [2014-6-2 108032]

    R2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2014-4-18 13336]

    R2 SoilIO;SoilIO;C:\Windows\System32\drivers\SoilIO.sys [2009-12-11 17912]

    R2 SpyHunter 4 Service;SpyHunter 4 Service;C:\PROGRA~2\ENIGMA~1\SPYHUN~1\SH4SER~1.EXE [2010-5-18 327064]

    R2 UNS;Intel® Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2014-4-18 2655768]

    R3 asmthub3;ASMedia USB3 Hub Service;C:\Windows\System32\drivers\asmthub3.sys [2010-12-8 122856]

    R3 asmtxhci;ASMEDIA XHCI Service;C:\Windows\System32\drivers\asmtxhci.sys [2010-12-8 369640]

    R3 Bluetooth Device Manager;Bluetooth Device Manager;C:\Program Files\Motorola\Bluetooth\devmgrsrv.exe [2014-4-18 4180824]

    R3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2014-4-18 1028096]

    R3 IntcDAud;Intel® Display Audio;C:\Windows\System32\drivers\IntcDAud.sys [2014-4-24 450520]

    R3 JMCR;JMCR;C:\Windows\System32\drivers\jmcr.sys [2014-4-24 176880]

    R3 JME;JMicron Ethernet Adapter NDIS6.20 Driver (Amd64 Bits);C:\Windows\System32\drivers\JME.sys [2014-4-24 145424]

    R3 klkbdflt;Kaspersky Lab KLKBDFLT;C:\Windows\System32\drivers\klkbdflt.sys [2012-5-25 29280]

    R3 klmouflt;Kaspersky Lab KLMOUFLT;C:\Windows\System32\drivers\klmouflt.sys [2012-7-25 29280]

    R3 RtkBtFilter;Realtek Bluetooth Filter Driver;C:\Windows\System32\drivers\RtkBtfilter.sys [2014-4-24 555736]

    R3 RTWlanE;Realtek Wireless LAN 802.11n PCI-E Network Adapter;C:\Windows\System32\drivers\rtwlane.sys [2014-4-24 3073752]

    R3 soilkbc;soilkbc;C:\Windows\System32\drivers\Soilkbc.sys [2009-12-3 13816]

    R3 SoilMC;SoilMC;C:\Windows\System32\drivers\SoilMC.sys [2009-12-3 13304]

    S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-9-11 105144]

    S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-9-11 124088]

    S2 LiveUpdateSvc;LiveUpdate;C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2014-4-24 2152736]

    S3 BTMCOM;Bluetooth Serial Port;C:\Windows\System32\drivers\btmcom.sys [2014-4-18 52736]

    S3 BTMUSB;Motorola Bluetooth Radio Service;C:\Windows\System32\drivers\btmusb.sys [2014-4-18 663936]

    S3 dmvsc;dmvsc;C:\Windows\System32\drivers\dmvsc.sys [2011-4-12 71168]

    S3 IDMWFP;IDMWFP;C:\Windows\System32\drivers\idmwfp.sys [2014-4-21 175480]

    S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2014-4-20 111616]

    S3 npggsvc;nProtect GameGuard Service;C:\Windows\System32\GameMon.des -service --> C:\Windows\System32\GameMon.des -service [?]

    S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2014-4-24 19456]

    S3 RTL8192Ce;Realtek Wireless LAN 802.11n PCI-E NIC Driver;C:\Windows\System32\drivers\rtl8192ce.sys [2014-4-18 1145448]

    S3 Synth3dVsc;Synth3dVsc;C:\Windows\System32\drivers\Synth3dVsc.sys [2011-4-12 88960]

    S3 terminpt;Microsoft Remote Desktop Input Driver;C:\Windows\System32\drivers\terminpt.sys [2014-4-24 29696]

    S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2014-4-24 57856]

    S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2014-4-24 30208]

    S3 WatAdminSvc;Serviço de Tecnologias de Ativação do Windows;C:\Windows\System32\Wat\WatAdminSvc.exe [2014-4-18 1255736]

    SUnknown tsusbhub;tsusbhub; [x]

    .

    =============== File Associations ===============

    .

    ShellExec: Opera.exe: open="C:\Program Files (x86)\Opera\Launcher.exe" "%1"

    .

    =============== Created Last 30 ================

    .

    2014-06-02 15:51:49 -------- d-----w- C:\Users\ML\AppData\Local\FreemakeVideoConverter

    2014-06-02 15:51:12 -------- d-----w- C:\ProgramData\Freemake

    2014-06-02 15:50:21 -------- d-----w- C:\Program Files (x86)\Freemake

    2014-05-30 14:19:08 10702536 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{F0598845-99E8-43CB-9E9D-000BC517C811}\mpengine.dll

    2014-05-26 20:44:32 -------- d-----w- C:\Program Files (x86)\SpeedFan

    2014-05-26 20:07:02 -------- d-----w- C:\Program Files (x86)\Lavalys

    2014-05-25 22:07:46 -------- d-----w- C:\Users\ML\AppData\Local\Opera Software

    2014-05-25 22:07:45 -------- d-----w- C:\Users\ML\AppData\Roaming\Opera Software

    2014-05-24 05:47:40 -------- d-----w- C:\Users\ML\AppData\Roaming\Unity

    2014-05-24 05:46:19 -------- d-----w- C:\Users\ML\AppData\Local\Unity

    2014-05-23 15:02:48 -------- d-----w- C:\Users\ML\AppData\Roaming\NetworkTunnel

    2014-05-23 15:02:45 427376 ----a-w- C:\Windows\SysWow64\networkdlllsp.dll

    2014-05-23 14:54:09 -------- d-----w- C:\Program Files (x86)\ExitLag

    2014-05-22 19:19:39 -------- d-----w- C:\Program Files (x86)\MiPony

    2014-05-22 02:27:15 -------- d-----w- C:\Program Files (x86)\WTFast

    2014-05-17 17:56:42 5210480 ----a-w- C:\Windows\SysWow64\GameMon.des

    2014-05-17 17:56:24 5174 ----a-w- C:\Windows\SysWow64\nppt9x.vxd

    2014-05-17 17:56:24 4682 ----a-w- C:\Windows\SysWow64\npptNT2.sys

    2014-05-17 17:55:58 -------- d-----w- C:\Program Files\Common Files\INCA Shared

    2014-05-17 17:34:26 -------- d-----w- C:\Level Up! Games

    2014-05-17 17:12:46 110080 ----a-r- C:\Users\ML\AppData\Roaming\Microsoft\Installer\{4FC9DA9D-F608-454E-8191-D7EFFDCC5726}\IconF7A21AF7.exe

    2014-05-17 17:12:46 110080 ----a-r- C:\Users\ML\AppData\Roaming\Microsoft\Installer\{4FC9DA9D-F608-454E-8191-D7EFFDCC5726}\IconD7F16134.exe

    2014-05-17 17:12:45 -------- d-----w- C:\sh4ldr

    2014-05-17 17:12:45 -------- d-----w- C:\Program Files (x86)\Enigma Software Group

    2014-05-17 17:11:36 -------- d-----w- C:\Windows\4FC9DA9DF608454E8191D7EFFDCC5726.TMP

    2014-05-17 14:59:48 -------- d-----w- C:\Program Files\Enigma Software Group

    2014-05-17 14:56:51 -------- d-----w- C:\Windows\ACF5FE1B377240688B872D2A6EFD0A05.TMP

    2014-05-17 14:56:42 -------- d-----w- C:\Program Files (x86)\Common Files\Wise Installation Wizard

    2014-05-16 18:26:04 -------- d-----w- C:\Windows\System32\appmgmt

    2014-05-14 11:43:59 2724864 ----a-w- C:\Windows\System32\mshtml.tlb

    2014-05-14 11:43:58 2724864 ----a-w- C:\Windows\SysWow64\mshtml.tlb

    2014-05-14 11:29:25 477184 ----a-w- C:\Windows\System32\aepdu.dll

    2014-05-14 11:29:24 424448 ----a-w- C:\Windows\System32\aeinv.dll

    2014-05-14 04:53:06 -------- d-----w- C:\Program Files (x86)\LSI

    2014-05-13 13:43:40 -------- d-----w- C:\Users\ML\AppData\Roaming\ProductData

    2014-05-12 17:47:16 -------- d-----w- C:\Users\ML\AppData\Local\SKIDROW

    2014-05-12 17:45:59 72200 ----a-w- C:\Windows\System32\XAPOFX1_1.dll

    2014-05-12 17:44:56 3767504 ----a-w- C:\Windows\System32\d3dx9_26.dll

    2014-05-12 17:44:56 2297552 ----a-w- C:\Windows\SysWow64\d3dx9_26.dll

    2014-05-12 17:37:33 -------- d-----w- C:\Program Files (x86)\Super Hexagon

    2014-05-08 04:38:47 -------- d-----w- C:\Users\ML\AppData\Roaming\Curse Client

    2014-05-08 04:38:15 -------- d-----w- C:\Users\ML\AppData\Roaming\Curse

    2014-05-06 19:53:02 -------- d-----w- C:\Users\ML\.tuxguitar-1.2

    2014-05-06 19:52:37 -------- d-----w- C:\Program Files (x86)\TuxGuitar

    2014-05-06 19:27:54 -------- d-----w- C:\Users\ML\AppData\Local\FileViewPro

    2014-05-06 19:27:46 -------- d-----w- C:\ProgramData\IsolatedStorage

    2014-05-06 19:27:45 -------- d-----w- C:\Users\ML\AppData\Roaming\IsolatedStorage

    2014-05-06 19:24:49 -------- d-----w- C:\Spacekace

    .

    ==================== Find3M  ====================

    .

    2014-05-19 15:04:54 91008 ----a-w- C:\Windows\System32\drivers\klflt.sys

    2014-05-17 17:50:16 70832 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl

    2014-05-17 17:50:16 692400 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe

    2014-04-25 06:59:43 111016 ----a-w- C:\Windows\System32\WindowsAccessBridge-64.dll

    2014-04-25 06:55:36 96168 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll

    2014-04-24 18:53:35 514560 ----a-w- C:\Windows\SysWow64\qdvd.dll

    2014-04-24 18:53:35 366592 ----a-w- C:\Windows\System32\qdvd.dll

    2014-04-24 18:34:44 99800 ----a-w- C:\Windows\System32\drivers\TeeDriverx64.sys

    2014-04-24 18:34:44 1795952 ----a-w- C:\Windows\System32\WdfCoInstaller01011.dll

    2014-04-24 18:34:37 145424 ----a-w- C:\Windows\System32\drivers\JME.sys

    2014-04-24 18:34:12 3073752 ----a-w- C:\Windows\System32\drivers\rtwlane.sys

    2014-04-24 18:27:07 176880 ----a-w- C:\Windows\System32\drivers\jmcr.sys

    2014-04-24 18:23:59 450520 ----a-w- C:\Windows\System32\drivers\IntcDAud.sys

    2014-04-20 05:31:52 878080 ----a-w- C:\Windows\System32\advapi32.dll

    2014-04-20 05:31:52 859648 ----a-w- C:\Windows\System32\tdh.dll

    2014-04-20 05:31:52 1732032 ----a-w- C:\Windows\System32\ntdll.dll

    2014-04-20 05:31:51 640512 ----a-w- C:\Windows\SysWow64\advapi32.dll

    2014-04-20 05:31:51 619520 ----a-w- C:\Windows\SysWow64\tdh.dll

    2014-04-20 05:31:51 1292192 ----a-w- C:\Windows\SysWow64\ntdll.dll

    2014-04-20 05:31:27 327168 ----a-w- C:\Windows\System32\mswsock.dll

    2014-04-20 05:31:27 231424 ----a-w- C:\Windows\SysWow64\mswsock.dll

    2014-04-20 05:31:27 1903552 ----a-w- C:\Windows\System32\drivers\tcpip.sys

    2014-04-20 01:32:51 1887232 ----a-w- C:\Windows\System32\d3d11.dll

    2014-04-20 01:32:51 1505280 ----a-w- C:\Windows\SysWow64\d3d11.dll

    2014-04-18 20:47:50 54368 ----a-w- C:\Windows\System32\drivers\kltdi.sys

    2014-04-18 20:47:50 178448 ----a-w- C:\Windows\System32\drivers\kneps.sys

    2014-04-18 20:47:49 29280 ----a-w- C:\Windows\System32\drivers\klmouflt.sys

    2014-04-18 20:47:49 29280 ----a-w- C:\Windows\System32\drivers\klkbdflt.sys

    2014-04-18 20:47:48 29792 ----a-w- C:\Windows\System32\drivers\klim6.sys

    2014-04-18 20:47:45 458336 ----a-w- C:\Windows\System32\drivers\kl1.sys

    2014-04-18 19:22:39 599152 ----a-w- C:\Windows\SysWow64\NBMatS1SDK.dll

    2014-04-15 05:34:10 1070232 ----a-w- C:\Windows\SysWow64\MSCOMCTL.OCX

    2014-04-12 02:22:05 95680 ----a-w- C:\Windows\System32\drivers\ksecdd.sys

    2014-04-12 02:22:05 155072 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys

    2014-04-12 02:19:38 29184 ----a-w- C:\Windows\System32\sspisrv.dll

    2014-04-12 02:19:38 136192 ----a-w- C:\Windows\System32\sspicli.dll

    2014-04-12 02:19:37 28160 ----a-w- C:\Windows\System32\secur32.dll

    2014-04-12 02:19:32 1460736 ----a-w- C:\Windows\System32\lsasrv.dll

    2014-04-12 02:19:05 31232 ----a-w- C:\Windows\System32\lsass.exe

    2014-04-12 02:12:06 22016 ----a-w- C:\Windows\SysWow64\secur32.dll

    2014-04-12 02:10:56 96768 ----a-w- C:\Windows\SysWow64\sspicli.dll

    2014-03-31 12:35:08 270496 ------w- C:\Windows\System32\MpSigStub.exe

    2014-03-10 21:17:22 128288 ----a-w- C:\Windows\System32\IObitSmartDefragExtension.dll

    2014-03-06 09:31:33 4096 ----a-w- C:\Windows\System32\ieetwcollectorres.dll

    2014-03-06 08:59:04 66048 ----a-w- C:\Windows\System32\iesetup.dll

    2014-03-06 08:57:34 548352 ----a-w- C:\Windows\System32\vbscript.dll

    2014-03-06 08:57:20 48640 ----a-w- C:\Windows\System32\ieetwproxystub.dll

    2014-03-06 08:29:40 139264 ----a-w- C:\Windows\System32\ieUnatt.exe

    2014-03-06 08:29:14 111616 ----a-w- C:\Windows\System32\ieetwcollector.exe

    2014-03-06 08:28:15 752640 ----a-w- C:\Windows\System32\jscript9diag.dll

    2014-03-06 08:15:54 940032 ----a-w- C:\Windows\System32\MsSpellCheckingFacility.exe

    2014-03-06 08:11:41 5784064 ----a-w- C:\Windows\System32\jscript9.dll

    2014-03-06 08:02:34 61952 ----a-w- C:\Windows\SysWow64\iesetup.dll

    2014-03-06 08:02:33 455168 ----a-w- C:\Windows\SysWow64\vbscript.dll

    2014-03-06 08:01:01 51200 ----a-w- C:\Windows\SysWow64\ieetwproxystub.dll

    2014-03-06 07:56:43 38400 ----a-w- C:\Windows\System32\JavaScriptCollectionAgent.dll

    2014-03-06 07:46:36 4254720 ----a-w- C:\Windows\SysWow64\jscript9.dll

    2014-03-06 07:38:13 112128 ----a-w- C:\Windows\SysWow64\ieUnatt.exe

    2014-03-06 07:36:40 592896 ----a-w- C:\Windows\SysWow64\jscript9diag.dll

    2014-03-06 07:13:43 32256 ----a-w- C:\Windows\SysWow64\JavaScriptCollectionAgent.dll

    2014-03-06 07:11:15 2043904 ----a-w- C:\Windows\System32\inetcpl.cpl

    2014-03-06 06:40:39 1967104 ----a-w- C:\Windows\SysWow64\inetcpl.cpl

    2014-03-06 06:22:40 2260480 ----a-w- C:\Windows\System32\wininet.dll

    2014-03-06 05:41:49 1789440 ----a-w- C:\Windows\SysWow64\wininet.dll

    .

    ============= FINISH: 21:25:54,51 ===============


    .

    UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

    IF REQUESTED, ZIP IT UP & ATTACH IT

    .

    DDS (Ver_2012-11-20.01)

    .

    Microsoft Windows 7 Ultimate 

    Boot Device: \Device\HarddiskVolume1

    Install Date: 18/04/2014 16:12:29

    System Uptime: 02/06/2014 21:18:44 (0 hours ago)

    .

    Motherboard: POSITIVO                |  | A14HV0A               

    Processor: Intel® Core i5-2410M CPU @ 2.30GHz | CPU 1 | 782/400mhz

    .

    ==== Disk Partitions =========================

    .

    C: is FIXED (NTFS) - 166 GiB total, 104,599 GiB free.

    D: is FIXED (NTFS) - 430 GiB total, 304,204 GiB free.

    E: is CDROM ()

    .

    ==== Disabled Device Manager Items =============

    .

    Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}

    Description: Adaptador do Microsoft ISATAP

    Device ID: ROOT\*ISATAP\0000

    Manufacturer: Microsoft

    Name: Adaptador do Microsoft ISATAP

    PNP Device ID: ROOT\*ISATAP\0000

    Service: tunnel

    .

    Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}

    Description: Adaptador do Microsoft ISATAP

    Device ID: ROOT\*ISATAP\0001

    Manufacturer: Microsoft

    Name: Microsoft ISATAP Adapter #2

    PNP Device ID: ROOT\*ISATAP\0001

    Service: tunnel

    .

    Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}

    Description: Adaptador de Túnel Teredo da Microsoft

    Device ID: ROOT\*TEREDO\0000

    Manufacturer: Microsoft

    Name: Teredo Tunneling Pseudo-Interface

    PNP Device ID: ROOT\*TEREDO\0000

    Service: tunnel

    .

    ==== System Restore Points ===================

    .

    RP59: 26/05/2014 12:28:29 - Scheduled Checkpoint

    RP60: 30/05/2014 11:18:25 - Windows Update

    .

    ==== Installed Programs ======================

    .

    Adobe AIR

    Adobe Flash Player 13 ActiveX

    Adobe Flash Player 13 Plugin

    Adobe Reader XI (11.0.07) - Português

    Adobe Shockwave Player 12.1

    Advanced SystemCare 7

    Asmedia ASM104x USB 3.0 Host Controller Driver

    µTorrent

    CCleaner

    Cisco EAP-FAST Module

    Cisco LEAP Module

    Cisco PEAP Module

    Curse

    Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition

    Driver 1.3

    Driver Booster

    EgisTec ES603 WDM Driver

    ES603 WDM Driver

    EVEREST Ultimate Edition v5.50

    ExitLag

    FormatFactory 3.3.4.0

    Freemake Video Converter versão 4.1.4

    Google Chrome

    Google Update Helper

    IDT Audio

    Intel® Management Engine Components

    Intel® Processor Graphics

    Intel® Rapid Storage Technology

    Internet Download Manager

    IObit Uninstaller

    Java 7 Update 55

    Java 8 Update 5 (64-bit)

    Java Auto Updater

    JMicron Ethernet Adapter NDIS Driver

    JMicron Flash Media Controller Driver

    Kaspersky Anti-Virus 2013

    League of Legends

    Microsoft .NET Framework 1.1

    Microsoft .NET Framework 4.5.1

    Microsoft .NET Framework 4.5.1 (Português do Brasil)

    Microsoft .NET Framework 4.5.1 (PTB)

    Microsoft Office Access MUI (Portuguese (Brazil)) 2010

    Microsoft Office Excel MUI (Portuguese (Brazil)) 2010

    Microsoft Office Groove MUI (Portuguese (Brazil)) 2010

    Microsoft Office InfoPath MUI (Portuguese (Brazil)) 2010

    Microsoft Office Office 64-bit Components 2010

    Microsoft Office OneNote MUI (Portuguese (Brazil)) 2010

    Microsoft Office Outlook MUI (Portuguese (Brazil)) 2010

    Microsoft Office PowerPoint MUI (Portuguese (Brazil)) 2010

    Microsoft Office Professional Plus 2010

    Microsoft Office Proof (English) 2010

    Microsoft Office Proof (Portuguese (Brazil)) 2010

    Microsoft Office Proof (Spanish) 2010

    Microsoft Office Proofing (Portuguese (Brazil)) 2010

    Microsoft Office Publisher MUI (Portuguese (Brazil)) 2010

    Microsoft Office Shared 64-bit MUI (Portuguese (Brazil)) 2010

    Microsoft Office Shared MUI (Portuguese (Brazil)) 2010

    Microsoft Office Word MUI (Portuguese (Brazil)) 2010

    Microsoft Silverlight

    Microsoft Visual C++ 2005 Redistributable

    Microsoft Visual C++ 2005 Redistributable (x64)

    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

    Microsoft XNA Framework Redistributable 4.0

    MiPony 2.1.3

    Motorola Bluetooth

    Mozilla Firefox 29.0.1 (x86 pt-BR)

    Mozilla Maintenance Service

    NTRU TCG Software Stack

    Nuvoton SafeKeeper TPM Software

    Opera Stable 21.0.1432.67

    OSD 1.12.10

    Pando Media Booster

    REALTEK Wireless LAN Driver

    Security Update for Microsoft .NET Framework 4.5.1 (KB2898869)

    Security Update for Microsoft .NET Framework 4.5.1 (KB2901126)

    Security Update for Microsoft .NET Framework 4.5.1 (KB2931368)

    Security Update for Microsoft Excel 2010 (KB2826033) 32-Bit Edition

    Security Update for Microsoft Office 2010 (KB2553284) 32-Bit Edition

    Security Update for Microsoft Office 2010 (KB2687423) 32-Bit Edition

    Security Update for Microsoft Office 2010 (KB2760781) 32-Bit Edition

    Security Update for Microsoft Office 2010 (KB2810073) 32-Bit Edition

    Security Update for Microsoft Office 2010 (KB2826023) 32-Bit Edition

    Security Update for Microsoft Office 2010 (KB2826035) 32-Bit Edition

    Security Update for Microsoft Office 2010 (KB2850016) 32-Bit Edition

    Security Update for Microsoft Office 2010 (KB2878284) 32-Bit Edition

    Security Update for Microsoft Office 2010 (KB2880971) 32-Bit Edition

    Security Update for Microsoft Word 2010 (KB2863926) 32-Bit Edition

    Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition

    Smart Defrag 3

    SpeedFan (remove only)

    SpyHunter

    Super Hexagon

    Surfing Protection

    swMSM

    Synaptics Pointing Device Driver

    TuxGuitar

    Unity Web Player

    Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition

    Update for Microsoft Filter Pack 2.0 (KB2878281) 32-Bit Edition

    Update for Microsoft InfoPath 2010 (KB2817369) 32-Bit Edition

    Update for Microsoft InfoPath 2010 (KB2817396) 32-Bit Edition

    Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition

    Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition

    Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition

    Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition

    Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition

    Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition

    Update for Microsoft Office 2010 (KB2825635) 32-Bit Edition

    Update for Microsoft Office 2010 (KB2825640) 32-Bit Edition

    Update for Microsoft Office 2010 (KB2863818) 32-Bit Edition

    Update for Microsoft Office 2010 (KB2878225) 32-Bit Edition

    Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition

    Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition

    Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition

    Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition

    Update for Microsoft Visio 2010 (KB2880526) 32-Bit Edition

    Update for Microsoft Visio Viewer 2010 (KB2837587) 32-Bit Edition

    VLC media player 2.1.4

    Webcam 1.5

    WinRAR 5.01 (64-bit)

    YTD Video Downloader 4.8

    .

    ==== End Of File ===========================

     

    Editado por DarkRenisson

    Compartilhar este post


    Link para o post
    Compartilhar em outros sites

    Caro DarkRenisson

     

    Recomendo que salve este tópico em seus Favoritos para facilitar na hora de encontrá-lo.
     
    Por favor, atente para o seguinte:
    • Caso fique sem resposta durante 3 dias, me envie uma Mensagem Privada (MP);
    O que será passado aqui, somente será com relação ao problema do seu computador portanto, não faça mais em nenhum outro;
    Siga, por favor, atentamente as instruções passadas e em caso de dúvidas não hesite em perguntá-las;
    Sempre coloque suas respostas neste tópico... Não abra outro!
    Procure sempre me manter informado, durante a remoção, sobre o que acontece com seu computador.
    Respeite a ordem das instruções passadas.
    Observação: Não tome outra medida além das passadas aqui; atente para que, caso peça ajuda em outro fórum, não deixe de nos informar, sob risco de desconfigurar seu computador!

    # Etapa nº 1 #

     
    Faça o download Junkware Removal Tool e salve em seu Desktop.
    • Desative seus programas de proteção (antivírus etc) para evitar qualquer conflito.
    • Clique duas vezes JRT.exe
      • Se seu sistema for Windows Vista ou Windows 7 ou Windows 8, clique com o botão direito do mouse e peça para Executar como Administrador.

      [*]Seja paciente e aguarde o scan terminar.[*]Abra o log JRT.txt que está em seu Desktop.[*]Copie todo conteúdo e cole em sua próximo mensagem.

     
    # Etapa nº 2 #
     

    • Clique duas vezes no adwcleaner.exe
    • Atenção: Usuários Windows Vista, 7 e 8, cliquem com o botão direito do mouse e escolha: execadmin.png

    • Clique em Pesquisar
    No final do scan será aberto um log com o resultado.
    Caso algo seja detectado, clique então no botão Remover.
    Novamente, no final do scan será aberto um log com o resultado.
    Copie todo seu conteúdo e cole em sua próxima resposta.

     
    # Etapa nº 3 #
     
    Leia as instruções contidas neste link:
     
     
    Nas instruções contidas no link acima, poderá verificar quais os fóruns onde os Analistas estão devidamente habilitados a utilizar corretamente a ferramenta:"Fóruns para receber ajuda com logs do ComboFix"
    Faça o download do ComboFix de um dos links oficiais listados abaixo e salve no seu desktop:

    [*]Temporariamente e durante a execução destas instruções, é muito importante que mantenha desabilitados os seus programas de proteção (Antivirus, Antispyware e Firewall). Reative as proteções após a execução do(s) procedimento(s) abaixo mencionado(s).
    [*]Duplo clique no icone desktopicon.png que está no desktop.
    [*]Leia e aceite as condições, digitando 1 e enter.
    [*]Computadores com Windows XP deverão instalar o Console de Recuperação:
    Se o seu computador tem instalado o Windows XP e ainda não tem instalado o Console de Recuperação, por favor certifique-se que está conectado à Internet, e clique em "Sim".
    Clique em "OK" ao EULA.
    Quando o Console de Recuperação estiver já instalado, clique em "SIM" para continuar.

    [*]O ComboFix será executado, por favor seja paciente e aguarde.
    [*]Atenção: Não utilize o mouse nem o teclado enquanto a ferramenta estiver sendo executada, isso pode fazer com que o computador pare.
    [*]Poderá surgir o aviso que é necessário reiniciar o computador.
    NÃO REINICIE!!! O ComboFix reiniciará o computador automaticamente.
    [*]Quando a ferramenta terminar de rodar, gerará um log (o arquivo C:\ComboFix.txt). Copie e cole o conteúdo desse arquivo na sua proxima resposta.


    NÃO utilize a ferramenta por conta própria. É uma ferramenta poderosa criada pra lidar com infecções sofisticadas e caso não a utilize corretamente poderá danificar o seu computador.
    Existem vários malwares que impedem a execução correta da ferramenta e com isso danificar gravemente o computador. Analistas habilitados a utilizar o ComboFix conhecem esses casos e sabem lidar com estas situações.
    Muitos dos Analistas não respondem a topicos em que vejam que o ComboFix foi utilizado sem supervisão.
    Existem varias ferramentas anti-malware generalistas em que os autores ao elaborarem a programação das mesmas, estão pensando nos usuários finais e para serem usadas sem supervisão. O Combofix não é uma ferramenta desse tipo, e assim sendo e até por respeito ao autor da ferramenta, não utilize sem supervisão.

    Abraços :D

    Compartilhar este post


    Link para o post
    Compartilhar em outros sites
  • Autor do tópico
  • Obrigado por me ajudar =D

    Segue abaixo os logs

     

    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    Junkware Removal Tool (JRT) by Thisisu
    Version: 6.1.4 (04.06.2014:1)
    OS: Windows 7 Ultimate x64
    Ran by ML on 04/06/2014 at  9:26:55,97
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
     
     
     
     
    ~~~ Services
     
     
     
    ~~~ Registry Values
     
     
     
    ~~~ Registry Keys
     
    Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\conduit
     
     
     
    ~~~ Files
     
     
     
    ~~~ Folders
     
    Successfully deleted: [Folder] "C:\ProgramData\ytd video downloader"
    Successfully deleted: [Folder] "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ytd video downloader"
    Successfully deleted: [Folder] "C:\Windows\syswow64\ai_recyclebin"
     
     
     
    ~~~ FireFox
     
    Emptied folder: C:\Users\ML\AppData\Roaming\mozilla\firefox\profiles\x92jvrww.default\minidumps [24 files]
     
     
     
    ~~~ Event Viewer Logs were cleared
     
     
     
     
     
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    Scan was completed on 04/06/2014 at  9:54:04,10
    End of JRT log
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
     
    # AdwCleaner v3.211 - Report created 04/06/2014 at 09:54:44
    # Updated 26/05/2014 by Xplode
    # Operating System : Windows 7 Ultimate Service Pack 1 (64 bits)
    # Username : ML - ML-PC
    # Running from : C:\Users\ML\Desktop\adwcleaner_3.211.exe
    # Option : Scan
     
    ***** [ Services ] *****
     
     
    ***** [ Files / Folders ] *****
     
    File Found : C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\webssearches.xml
    File Found : C:\Users\ML\daemonprocess.txt
    File Found : C:\Windows\System32\Tasks\Driver Booster Update
    Folder Found : C:\Program Files (x86)\GreenTree Applications
    Folder Found : C:\Program Files\002
    Folder Found : C:\Program Files\RrFilter
    Folder Found : C:\Users\ML\AppData\Roaming\Mozilla\Firefox\Profiles\x92jvrww.default\Extensions\quick_start@gmail.com
     
    ***** [ Shortcuts ] *****
     
     
    ***** [ Registry ] *****
     
    Data Found : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command [(Default)] - C:\Program Files\Internet Explorer\iexplore.exe hxxp://istart.webssearches.com/?type=sc&ts=1398455447&from=amt&uid=TOSHIBAXMK6461GSYN_51VGF02MSXX51VGF02MS
    Key Found : HKCU\Software\AppDataLow\Software
    Key Found : HKCU\Software\AppDataLow\Software\Rr Savings
    Key Found : HKCU\Software\genesis
    Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
    Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
    Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
    Key Found : [x64] HKCU\Software\genesis
    Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
    Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
    Key Found : HKLM\Software\SupTab
    Key Found : HKLM\Software\supWPM
    Key Found : HKLM\Software\webssearchesSoftware
    Key Found : HKLM\Software\Wpm
    Key Found : [x64] HKLM\SOFTWARE\LevelQualityWatcher
    Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
    Key Found : [x64] HKLM\SOFTWARE\RrSavings
     
    ***** [ Browsers ] *****
     
    -\\ Internet Explorer v11.0.9600.17041
     
    Setting Found : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Page_URL] - hxxp://istart.webssearches.com/?type=hp&ts=1398455447&from=amt&uid=TOSHIBAXMK6461GSYN_51VGF02MSXX51VGF02MS
    Setting Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL] - hxxp://istart.webssearches.com/web/?type=ds&ts=1398455447&from=amt&uid=TOSHIBAXMK6461GSYN_51VGF02MSXX51VGF02MS&q={searchTerms}
    Setting Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL] - hxxp://istart.webssearches.com/?type=hp&ts=1398455447&from=amt&uid=TOSHIBAXMK6461GSYN_51VGF02MSXX51VGF02MS
    Setting Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [start Page] - hxxp://istart.webssearches.com/?type=hp&ts=1398455447&from=amt&uid=TOSHIBAXMK6461GSYN_51VGF02MSXX51VGF02MS
    Setting Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [search Page] - hxxp://istart.webssearches.com/web/?type=ds&ts=1398455447&from=amt&uid=TOSHIBAXMK6461GSYN_51VGF02MSXX51VGF02MS&q={searchTerms}
    Setting Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL] - hxxp://istart.webssearches.com/web/?type=ds&ts=1398455447&from=amt&uid=TOSHIBAXMK6461GSYN_51VGF02MSXX51VGF02MS&q={searchTerms}
    Setting Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL] - hxxp://istart.webssearches.com/?type=hp&ts=1398455447&from=amt&uid=TOSHIBAXMK6461GSYN_51VGF02MSXX51VGF02MS
    Setting Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [start Page] - hxxp://istart.webssearches.com/?type=hp&ts=1398455447&from=amt&uid=TOSHIBAXMK6461GSYN_51VGF02MSXX51VGF02MS
    Setting Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [search Page] - hxxp://istart.webssearches.com/web/?type=ds&ts=1398455447&from=amt&uid=TOSHIBAXMK6461GSYN_51VGF02MSXX51VGF02MS&q={searchTerms}
     
    -\\ Mozilla Firefox v29.0.1 (pt-BR)
     
    [ File : C:\Users\ML\AppData\Roaming\Mozilla\Firefox\Profiles\x92jvrww.default\prefs.js ]
     
     
    -\\ Google Chrome v35.0.1916.114
     
    [ File : C:\Users\ML\AppData\Local\Google\Chrome\User Data\Default\preferences ]
     
    Found [search Provider] : hxxp://websearch.greatresults.info/?l=1&q={searchTerms}
    Found [search Provider] : hxxp://websearch.ask.com/redirect?client=cr&src=kw&tb=FF&o=14594&locale=pt_BR&apn_uid=191d3569-01eb-47e4-86b2-c6726d6f5e7f&apn_ptnrs=%5EFV&apn_sauid=F2086038-D516-436C-AD38-CE9CA36C491D&apn_dtid=%5EYYYYYY%5EYY%5EBR&q={searchTerms}
    Found [search Provider] : hxxp://br.ask.com/web?q={searchTerms}
    Found [search Provider] : hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT1098640
    Found [search Provider] : hxxp://istart.webssearches.com/web/?type=dspp&ts=1400336823&from=amt&uid=TOSHIBAXMK6461GSYN_51VGF02MSXX51VGF02MS&q={searchTerms}
     
    *************************
     
    AdwCleaner[R0].txt - [5014 octets] - [04/06/2014 09:54:44]
     
    ########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [5074 octets] ##########
    # AdwCleaner v3.211 - Report created 04/06/2014 at 10:05:15
    # Updated 26/05/2014 by Xplode
    # Operating System : Windows 7 Ultimate Service Pack 1 (64 bits)
    # Username : ML - ML-PC
    # Running from : C:\Users\ML\Desktop\adwcleaner_3.211.exe
    # Option : Clean
     
    ***** [ Services ] *****
     
     
    ***** [ Files / Folders ] *****
     
    Folder Deleted : C:\Program Files (x86)\GreenTree Applications
    Folder Deleted : C:\Program Files\002
    Folder Deleted : C:\Program Files\RrFilter
    Folder Deleted : C:\Users\ML\AppData\Roaming\Mozilla\Firefox\Profiles\x92jvrww.default\Extensions\quick_start@gmail.com
    File Deleted : C:\Users\ML\daemonprocess.txt
    File Deleted : C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\webssearches.xml
    File Deleted : C:\Windows\System32\Tasks\Driver Booster Update
     
    ***** [ Shortcuts ] *****
     
     
    ***** [ Registry ] *****
     
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
    Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
    Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
    Data Restored : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command
    Key Deleted : HKCU\Software\genesis
    Key Deleted : HKCU\Software\AppDataLow\Software
    Key Deleted : HKLM\Software\SupTab
    Key Deleted : HKLM\Software\supWPM
    Key Deleted : HKLM\Software\webssearchesSoftware
    Key Deleted : HKLM\Software\Wpm
    Key Deleted : [x64] HKLM\SOFTWARE\LevelQualityWatcher
    Key Deleted : [x64] HKLM\SOFTWARE\RrSavings
     
    ***** [ Browsers ] *****
     
    -\\ Internet Explorer v11.0.9600.17041
     
    Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Page_URL]
    Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
    Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
    Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [start Page]
    Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [search Page]
    Setting Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
    Setting Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
    Setting Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [start Page]
    Setting Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [search Page]
     
    -\\ Mozilla Firefox v29.0.1 (pt-BR)
     
    [ File : C:\Users\ML\AppData\Roaming\Mozilla\Firefox\Profiles\x92jvrww.default\prefs.js ]
     
     
    -\\ Google Chrome v35.0.1916.114
     
    [ File : C:\Users\ML\AppData\Local\Google\Chrome\User Data\Default\preferences ]
     
    Deleted [search Provider] : hxxp://websearch.greatresults.info/?l=1&q={searchTerms}
    Deleted [search Provider] : hxxp://websearch.ask.com/redirect?client=cr&src=kw&tb=FF&o=14594&locale=pt_BR&apn_uid=191d3569-01eb-47e4-86b2-c6726d6f5e7f&apn_ptnrs=%5EFV&apn_sauid=F2086038-D516-436C-AD38-CE9CA36C491D&apn_dtid=%5EYYYYYY%5EYY%5EBR&q={searchTerms}
    Deleted [search Provider] : hxxp://br.ask.com/web?q={searchTerms}
    Deleted [search Provider] : hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT1098640
    Deleted [search Provider] : hxxp://istart.webssearches.com/web/?type=dspp&ts=1400336823&from=amt&uid=TOSHIBAXMK6461GSYN_51VGF02MSXX51VGF02MS&q={searchTerms}
     
    *************************
     
    AdwCleaner[R0].txt - [5190 octets] - [04/06/2014 09:54:44]
    AdwCleaner[s0].txt - [3721 octets] - [04/06/2014 10:05:15]
     
    ########## EOF - C:\AdwCleaner\AdwCleaner[s0].txt - [3781 octets] ##########
    ComboFix 14-06-03.01 - ML 04/06/2014  10:24:03.1.4 - x64
    Microsoft Windows 7 Ultimate   6.1.7601.1.1252.55.1033.18.3558.2396 [GMT -3:00]
    Executando de: c:\users\ML\Desktop\ComboFix.exe
    AV: Kaspersky Anti-Virus *Disabled/Updated* {C3113FBF-4BCB-4461-D78D-6EDFEC9593E5}
    SP: Kaspersky Anti-Virus *Disabled/Updated* {7870DE5B-6DF1-4BEF-ED3D-55AD9712D958}
    SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    .
    .
    (((((((((((((((((((((((((((((((((((((   Outras Exclusões   )))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    c:\users\ML\AppData\Local\Microsoft\Windows\Temporary Internet Files\{72678F19-032D-41D1-871B-9685F1E4CAC0}.xps
    c:\windows\SysWow64\networkdlllsp.dll
    .
    .
    ((((((((((((((((   Arquivos/Ficheiros criados de 2014-05-04 to 2014-06-04  ))))))))))))))))))))))))))))
    .
    .
    2014-06-04 13:34 . 2014-06-04 13:34 -------- d-----w- c:\users\Default\AppData\Local\temp
    2014-06-04 12:55 . 2010-08-30 11:34 536576 ----a-w- c:\windows\SysWow64\sqlite3.dll
    2014-06-04 12:54 . 2014-06-04 13:05 -------- d-----w- C:\AdwCleaner
    2014-06-04 12:26 . 2014-06-04 12:26 -------- d-----w- c:\windows\ERUNT
    2014-06-03 16:33 . 2014-06-03 16:53 -------- d-----w- c:\users\ML\Cisco Packet Tracer 6.0.1
    2014-06-03 16:31 . 2014-06-03 16:32 -------- d-----w- c:\program files (x86)\Cisco Packet Tracer 6.0.1
    2014-06-03 13:38 . 2014-04-30 23:20 10702536 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{0BE803D0-C94E-479D-BB5D-E4B672818F33}\mpengine.dll
    2014-06-02 15:51 . 2014-06-02 15:51 -------- d-----w- c:\users\ML\AppData\Local\FreemakeVideoConverter
    2014-06-02 15:51 . 2014-06-02 15:51 -------- d-----w- c:\programdata\Freemake
    2014-06-02 15:50 . 2014-06-02 15:51 -------- d-----w- c:\program files (x86)\Freemake
    2014-05-26 20:44 . 2014-05-27 04:21 -------- d-----w- c:\program files (x86)\SpeedFan
    2014-05-26 20:07 . 2014-05-26 20:07 -------- d-----w- c:\program files (x86)\Lavalys
    2014-05-25 22:07 . 2014-05-25 22:07 -------- d-----w- c:\users\ML\AppData\Local\Opera Software
    2014-05-25 22:07 . 2014-05-25 22:07 -------- d-----w- c:\users\ML\AppData\Roaming\Opera Software
    2014-05-25 22:07 . 2014-06-03 13:34 -------- d-----w- c:\program files (x86)\Opera
    2014-05-24 05:47 . 2014-05-24 05:47 -------- d-----w- c:\users\ML\AppData\Roaming\Unity
    2014-05-24 05:46 . 2014-05-24 05:46 -------- d-----w- c:\users\ML\AppData\Local\Unity
    2014-05-23 15:02 . 2014-05-23 15:02 -------- d-----w- c:\users\ML\AppData\Roaming\NetworkTunnel
    2014-05-23 14:54 . 2014-05-23 14:54 -------- d-----w- c:\program files (x86)\ExitLag
    2014-05-22 19:19 . 2014-05-22 19:19 -------- d-----w- c:\program files (x86)\MiPony
    2014-05-22 02:27 . 2014-05-24 02:02 -------- d-----w- c:\program files (x86)\WTFast
    2014-05-17 17:56 . 2013-11-03 16:51 5210480 ----a-w- c:\windows\SysWow64\GameMon.des
    2014-05-17 17:56 . 2005-01-04 09:43 4682 ----a-w- c:\windows\SysWow64\npptNT2.sys
    2014-05-17 17:56 . 2003-07-20 18:17 5174 ----a-w- c:\windows\SysWow64\nppt9x.vxd
    2014-05-17 17:55 . 2014-05-17 17:55 -------- d-----w- c:\program files\Common Files\INCA Shared
    2014-05-17 17:34 . 2014-05-17 17:34 -------- d-----w- C:\Level Up! Games
    2014-05-17 17:12 . 2014-05-17 17:12 110080 ----a-r- c:\users\ML\AppData\Roaming\Microsoft\Installer\{4FC9DA9D-F608-454E-8191-D7EFFDCC5726}\IconF7A21AF7.exe
    2014-05-17 17:12 . 2014-05-17 17:12 110080 ----a-r- c:\users\ML\AppData\Roaming\Microsoft\Installer\{4FC9DA9D-F608-454E-8191-D7EFFDCC5726}\IconD7F16134.exe
    2014-05-17 17:12 . 2014-05-17 17:12 -------- d-----w- C:\sh4ldr
    2014-05-17 17:12 . 2014-05-17 17:12 -------- d-----w- c:\program files (x86)\Enigma Software Group
    2014-05-17 17:11 . 2014-05-17 17:12 -------- d-----w- c:\windows\4FC9DA9DF608454E8191D7EFFDCC5726.TMP
    2014-05-17 14:59 . 2014-05-17 14:59 -------- d-----w- c:\program files\Enigma Software Group
    2014-05-17 14:56 . 2014-05-17 17:10 -------- d-----w- c:\windows\ACF5FE1B377240688B872D2A6EFD0A05.TMP
    2014-05-17 14:56 . 2014-05-17 17:08 -------- d-----w- c:\program files (x86)\Common Files\Wise Installation Wizard
    2014-05-16 18:26 . 2014-05-17 17:10 -------- d-----w- c:\windows\system32\appmgmt
    2014-05-14 11:44 . 2014-05-06 04:40 23544320 ----a-w- c:\windows\system32\mshtml.dll
    2014-05-14 11:44 . 2014-05-06 03:00 84992 ----a-w- c:\windows\system32\mshtmled.dll
    2014-05-14 11:43 . 2014-05-06 04:17 2724864 ----a-w- c:\windows\system32\mshtml.tlb
    2014-05-14 11:43 . 2014-05-06 03:07 2724864 ----a-w- c:\windows\SysWow64\mshtml.tlb
    2014-05-14 11:29 . 2014-03-25 02:43 14175744 ----a-w- c:\windows\system32\shell32.dll
    2014-05-14 11:29 . 2014-05-09 06:14 477184 ----a-w- c:\windows\system32\aepdu.dll
    2014-05-14 11:29 . 2014-05-09 06:11 424448 ----a-w- c:\windows\system32\aeinv.dll
    2014-05-14 04:53 . 2014-05-16 18:27 -------- d-----w- c:\program files (x86)\LSI
    2014-05-13 13:43 . 2014-05-13 13:43 -------- d-----w- c:\users\ML\AppData\Roaming\ProductData
    2014-05-12 17:47 . 2014-05-12 17:47 -------- d-----w- c:\users\ML\AppData\Local\SKIDROW
    2014-05-12 17:45 . 2008-07-31 13:41 72200 ----a-w- c:\windows\system32\XAPOFX1_1.dll
    2014-05-12 17:44 . 2005-07-22 22:59 3807440 ----a-w- c:\windows\system32\d3dx9_27.dll
    2014-05-12 17:44 . 2005-05-26 18:34 3767504 ----a-w- c:\windows\system32\d3dx9_26.dll
    2014-05-12 17:44 . 2005-05-26 18:34 2297552 ----a-w- c:\windows\SysWow64\d3dx9_26.dll
    2014-05-12 17:44 . 2005-03-18 20:19 3823312 ----a-w- c:\windows\system32\d3dx9_25.dll
    2014-05-12 17:44 . 2005-02-05 22:45 3544272 ----a-w- c:\windows\system32\d3dx9_24.dll
    2014-05-12 17:37 . 2014-05-12 17:37 -------- d-----w- c:\program files (x86)\Super Hexagon
    2014-05-08 04:38 . 2014-05-08 05:04 -------- d-----w- c:\users\ML\AppData\Roaming\Curse Client
    2014-05-08 04:38 . 2014-05-08 04:38 -------- d-----w- c:\users\ML\AppData\Roaming\Curse
    2014-05-06 19:53 . 2014-05-06 19:53 -------- d-----w- c:\users\ML\.tuxguitar-1.2
    2014-05-06 19:52 . 2014-05-06 19:52 -------- d-----w- c:\program files (x86)\TuxGuitar
    2014-05-06 19:27 . 2014-05-06 19:27 -------- d-----w- c:\users\ML\AppData\Local\FileViewPro
    2014-05-06 19:27 . 2014-05-06 19:27 -------- d-----w- c:\programdata\IsolatedStorage
    2014-05-06 19:27 . 2014-05-06 19:27 -------- d-----w- c:\users\ML\AppData\Roaming\IsolatedStorage
    2014-05-06 19:24 . 2014-05-06 19:24 -------- d-----w- C:\Spacekace
    .
    .
    .
    (((((((((((((((((((((((((((((((((((((   Relatório Find3M   ))))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2014-05-19 15:04 . 2014-04-18 20:08 91008 ----a-w- c:\windows\system32\drivers\klflt.sys
    2014-05-19 15:04 . 2014-04-18 20:08 628320 ----a-w- c:\windows\system32\drivers\klif.sys
    2014-05-17 17:50 . 2014-04-19 16:02 70832 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
    2014-05-17 17:50 . 2014-04-19 16:02 692400 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
    2014-05-16 18:34 . 2014-04-18 22:13 93223848 ----a-w- c:\windows\system32\MRT.exe
    2014-04-25 06:59 . 2014-04-25 07:00 111016 ----a-w- c:\windows\system32\WindowsAccessBridge-64.dll
    2014-04-25 06:59 . 2014-04-25 07:00 313256 ----a-w- c:\windows\system32\javaws.exe
    2014-04-25 06:59 . 2014-04-25 07:00 191400 ----a-w- c:\windows\system32\javaw.exe
    2014-04-25 06:59 . 2014-04-25 07:00 190888 ----a-w- c:\windows\system32\java.exe
    2014-04-25 06:55 . 2014-04-25 06:55 96168 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
    2014-04-24 18:57 . 2014-04-24 18:57 62976 ----a-w- c:\windows\system32\TSWbPrxy.exe
    2014-04-24 18:57 . 2014-04-24 18:57 57856 ----a-w- c:\windows\system32\drivers\TsUsbFlt.sys
    2014-04-24 18:57 . 2014-04-24 18:57 5773824 ----a-w- c:\windows\system32\mstscax.dll
    2014-04-24 18:57 . 2014-04-24 18:57 54272 ----a-w- c:\windows\system32\MsRdpWebAccess.dll
    2014-04-24 18:57 . 2014-04-24 18:57 4916224 ----a-w- c:\windows\SysWow64\mstscax.dll
    2014-04-24 18:57 . 2014-04-24 18:57 46592 ----a-w- c:\windows\SysWow64\MsRdpWebAccess.dll
    2014-04-24 18:57 . 2014-04-24 18:57 44032 ----a-w- c:\windows\system32\tsgqec.dll
    2014-04-24 18:57 . 2014-04-24 18:57 43520 ----a-w- c:\windows\system32\TsUsbGDCoInstaller.dll
    2014-04-24 18:57 . 2014-04-24 18:57 384000 ----a-w- c:\windows\system32\wksprt.exe
    2014-04-24 18:57 . 2014-04-24 18:57 37376 ----a-w- c:\windows\SysWow64\tsgqec.dll
    2014-04-24 18:57 . 2014-04-24 18:57 322560 ----a-w- c:\windows\system32\aaclient.dll
    2014-04-24 18:57 . 2014-04-24 18:57 3174912 ----a-w- c:\windows\system32\rdpcorets.dll
    2014-04-24 18:57 . 2014-04-24 18:57 30208 ----a-w- c:\windows\system32\drivers\TsUsbGD.sys
    2014-04-24 18:57 . 2014-04-24 18:57 29696 ----a-w- c:\windows\system32\drivers\terminpt.sys
    2014-04-24 18:57 . 2014-04-24 18:57 269312 ----a-w- c:\windows\SysWow64\aaclient.dll
    2014-04-24 18:57 . 2014-04-24 18:57 243200 ----a-w- c:\windows\system32\rdpudd.dll
    2014-04-24 18:57 . 2014-04-24 18:57 228864 ----a-w- c:\windows\system32\rdpendp_winip.dll
    2014-04-24 18:57 . 2014-04-24 18:57 19456 ----a-w- c:\windows\system32\drivers\rdpvideominiport.sys
    2014-04-24 18:57 . 2014-04-24 18:57 192000 ----a-w- c:\windows\SysWow64\rdpendp_winip.dll
    2014-04-24 18:57 . 2014-04-24 18:57 18432 ----a-w- c:\windows\system32\wksprtPS.dll
    2014-04-24 18:57 . 2014-04-24 18:57 16896 ----a-w- c:\windows\SysWow64\wksprtPS.dll
    2014-04-24 18:57 . 2014-04-24 18:57 15360 ----a-w- c:\windows\system32\RdpGroupPolicyExtension.dll
    2014-04-24 18:57 . 2014-04-24 18:57 13312 ----a-w- c:\windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
    2014-04-24 18:57 . 2014-04-24 18:57 13312 ----a-w- c:\windows\system32\TsUsbRedirectionGroupPolicyControl.exe
    2014-04-24 18:57 . 2014-04-24 18:57 1123840 ----a-w- c:\windows\system32\mstsc.exe
    2014-04-24 18:57 . 2014-04-24 18:57 1048064 ----a-w- c:\windows\SysWow64\mstsc.exe
    2014-04-24 18:53 . 2014-04-24 18:53 514560 ----a-w- c:\windows\SysWow64\qdvd.dll
    2014-04-24 18:53 . 2014-04-24 18:53 366592 ----a-w- c:\windows\system32\qdvd.dll
    2014-04-24 18:34 . 2014-04-24 18:34 99800 ----a-w- c:\windows\system32\drivers\TeeDriverx64.sys
    2014-04-24 18:34 . 2014-04-24 18:34 1795952 ----a-w- c:\windows\system32\WdfCoInstaller01011.dll
    2014-04-24 18:34 . 2014-04-24 18:34 145424 ----a-w- c:\windows\system32\drivers\JME.sys
    2014-04-24 18:34 . 2014-04-24 18:34 3073752 ----a-w- c:\windows\system32\drivers\rtwlane.sys
    2014-04-24 18:32 . 2014-04-24 18:32 64000 ----a-w- c:\windows\system32\igfxsrvc.dll
    2014-04-24 18:32 . 2014-04-24 18:32 524800 ----a-w- c:\windows\system32\iglhsip64.dll
    2014-04-24 18:32 . 2014-04-24 18:32 519680 ----a-w- c:\windows\SysWow64\iglhsip32.dll
    2014-04-24 18:32 . 2014-04-24 18:32 515568 ----a-w- c:\windows\system32\igfxsrvc.exe
    2014-04-24 18:32 . 2014-04-24 18:32 439296 ----a-w- c:\windows\system32\igfxrrus.lrc
    2014-04-24 18:32 . 2014-04-24 18:32 439296 ----a-w- c:\windows\system32\igfxrrom.lrc
    2014-04-24 18:32 . 2014-04-24 18:32 438784 ----a-w- c:\windows\system32\igfxrsky.lrc
    2014-04-24 18:32 . 2014-04-24 18:32 438784 ----a-w- c:\windows\system32\igfxrptg.lrc
    2014-04-24 18:32 . 2014-04-24 18:32 437760 ----a-w- c:\windows\system32\igfxrtrk.lrc
    2014-04-24 18:32 . 2014-04-24 18:32 437760 ----a-w- c:\windows\system32\igfxrsve.lrc
    2014-04-24 18:32 . 2014-04-24 18:32 437760 ----a-w- c:\windows\system32\igfxrslv.lrc
    2014-04-24 18:32 . 2014-04-24 18:32 437760 ----a-w- c:\windows\system32\igfxrptb.lrc
    2014-04-24 18:32 . 2014-04-24 18:32 437248 ----a-w- c:\windows\system32\igfxrtha.lrc
    2014-04-24 18:32 . 2014-04-24 18:32 410624 ----a-w- c:\windows\system32\igfxTMM.dll
    2014-04-24 18:32 . 2014-04-24 18:32 279024 ----a-w- c:\windows\SysWow64\IntelCpHeciSvc.exe
    2014-04-24 18:32 . 2014-04-24 18:32 272928 ----a-w- c:\windows\system32\igvpkrng600.bin
    2014-04-24 18:32 . 2014-04-24 18:32 216064 ----a-w- c:\windows\system32\iglhcp64.dll
    2014-04-24 18:32 . 2014-04-24 18:32 180224 ----a-w- c:\windows\SysWow64\iglhcp32.dll
    2014-04-24 18:32 . 2014-04-24 18:32 172016 ----a-w- c:\windows\system32\igfxtray.exe
    2014-04-24 18:32 . 2014-04-24 18:32 116224 ----a-w- c:\windows\system32\igfxCoIn_v3347.dll
    2014-04-24 18:32 . 2014-04-24 18:32 438784 ----a-w- c:\windows\system32\igfxrplk.lrc
    2014-04-24 18:32 . 2014-04-24 18:32 9728 ----a-w- c:\windows\system32\IGFXDEVLib.dll
    2014-04-24 18:32 . 2014-04-24 18:32 931840 ----a-w- c:\windows\SysWow64\igfxcmrt32.dll
    2014-04-24 18:32 . 2014-04-24 18:32 9007616 ----a-w- c:\windows\system32\igfxress.dll
    2014-04-24 18:32 . 2014-04-24 18:32 442880 ----a-w- c:\windows\system32\igfxdev.dll
    2014-04-24 18:32 . 2014-04-24 18:32 442352 ----a-w- c:\windows\system32\igfxpers.exe
    2014-04-24 18:32 . 2014-04-24 18:32 440320 ----a-w- c:\windows\system32\igfxrell.lrc
    2014-04-24 18:32 . 2014-04-24 18:32 439808 ----a-w- c:\windows\system32\igfxrfra.lrc
    2014-04-24 18:32 . 2014-04-24 18:32 439808 ----a-w- c:\windows\system32\igfxresn.lrc
    2014-04-24 18:32 . 2014-04-24 18:32 438784 ----a-w- c:\windows\system32\igfxrnld.lrc
    2014-04-24 18:32 . 2014-04-24 18:32 438784 ----a-w- c:\windows\system32\igfxrita.lrc
    2014-04-24 18:32 . 2014-04-24 18:32 438784 ----a-w- c:\windows\system32\igfxrhrv.lrc
    2014-04-24 18:32 . 2014-04-24 18:32 438784 ----a-w- c:\windows\system32\igfxrdeu.lrc
    2014-04-24 18:32 . 2014-04-24 18:32 438272 ----a-w- c:\windows\system32\igfxrhun.lrc
    2014-04-24 18:32 . 2014-04-24 18:32 438272 ----a-w- c:\windows\system32\igfxrfin.lrc
    2014-04-24 18:32 . 2014-04-24 18:32 438272 ----a-w- c:\windows\system32\igfxrcsy.lrc
    2014-04-24 18:32 . 2014-04-24 18:32 437760 ----a-w- c:\windows\system32\igfxrnor.lrc
    2014-04-24 18:32 . 2014-04-24 18:32 437248 ----a-w- c:\windows\system32\igfxrdan.lrc
    2014-04-24 18:32 . 2014-04-24 18:32 435712 ----a-w- c:\windows\system32\igfxrheb.lrc
    2014-04-24 18:32 . 2014-04-24 18:32 435712 ----a-w- c:\windows\system32\igfxrara.lrc
    2014-04-24 18:32 . 2014-04-24 18:32 432128 ----a-w- c:\windows\system32\igfxrjpn.lrc
    2014-04-24 18:32 . 2014-04-24 18:32 431104 ----a-w- c:\windows\system32\igfxrkor.lrc
    2014-04-24 18:32 . 2014-04-24 18:32 429056 ----a-w- c:\windows\system32\igfxrcht.lrc
    2014-04-24 18:32 . 2014-04-24 18:32 428544 ----a-w- c:\windows\system32\igfxrchs.lrc
    2014-04-24 18:32 . 2014-04-24 18:32 384512 ----a-w- c:\windows\system32\igfxpph.dll
    2014-04-24 18:32 . 2014-04-24 18:32 3511296 ----a-w- c:\windows\system32\igfxcmjit64.dll
    2014-04-24 18:32 . 2014-04-24 18:32 330752 ----a-w- c:\windows\SysWow64\igfxdv32.dll
    2014-04-24 18:32 . 2014-04-24 18:32 28672 ----a-w- c:\windows\system32\igfxexps.dll
    2014-04-24 18:32 . 2014-04-24 18:32 286208 ----a-w- c:\windows\system32\igfxrenu.lrc
    2014-04-24 18:32 . 2014-04-24 18:32 254960 ----a-w- c:\windows\system32\igfxext.exe
    2014-04-24 18:32 . 2014-04-24 18:32 25088 ----a-w- c:\windows\SysWow64\igfxexps32.dll
    2014-04-24 18:32 . 2014-04-24 18:32 142336 ----a-w- c:\windows\system32\igfxdo.dll
    2014-04-24 18:32 . 2014-04-24 18:32 126976 ----a-w- c:\windows\system32\igfxcpl.cpl
    2014-04-24 18:32 . 2014-04-24 18:32 1040384 ----a-w- c:\windows\system32\igfxcmrt64.dll
    2014-04-24 18:32 . 2014-04-24 18:32 3121152 ----a-w- c:\windows\SysWow64\igfxcmjit32.dll
    2014-04-24 18:32 . 2014-04-24 18:32 575488 ----a-w- c:\windows\system32\igfx11cmrt64.dll
    2014-04-24 18:32 . 2014-04-24 18:32 542720 ----a-w- c:\windows\SysWow64\igfx11cmrt32.dll
    2014-04-24 18:32 . 2014-04-24 18:32 12617216 ----a-w- c:\windows\system32\igdumd64.dll
    .
    .
    ((((((((((((((((((((((((((   Pontos de Carregamento do Registro   )))))))))))))))))))))))))))))))))))))))
    .
    .
    *Nota* entradas vazias e legítimas por padrão não são apresentadas. 
    REGEDIT4
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
    "AVP"="c:\program files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe" [2014-04-18 356128]
    "Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-11-21 959904]
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
    "ConsentPromptBehaviorAdmin"= 5 (0x5)
    "ConsentPromptBehaviorUser"= 3 (0x3)
    "EnableUIADesktopToggle"= 0 (0x0)
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
    "DisableMonitoring"=dword:00000001
    .
    R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
    R2 LiveUpdateSvc;LiveUpdate;c:\program files (x86)\IObit\LiveUpdate\LiveUpdate.exe;c:\program files (x86)\IObit\LiveUpdate\LiveUpdate.exe [x]
    R3 BTMCOM;Bluetooth Serial Port;c:\windows\system32\Drivers\btmcom.sys;c:\windows\SYSNATIVE\Drivers\btmcom.sys [x]
    R3 BTMUSB;Motorola Bluetooth Radio Service;c:\windows\system32\Drivers\btmusb.sys;c:\windows\SYSNATIVE\Drivers\btmusb.sys [x]
    R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys;c:\windows\SYSNATIVE\drivers\dmvsc.sys [x]
    R3 esgiguard;esgiguard;c:\program files\Enigma Software Group\SpyHunter\esgiguard.sys;c:\program files\Enigma Software Group\SpyHunter\esgiguard.sys [x]
    R3 IDMWFP;IDMWFP;c:\windows\system32\DRIVERS\idmwfp.sys;c:\windows\SYSNATIVE\DRIVERS\idmwfp.sys [x]
    R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
    R3 npggsvc;nProtect GameGuard Service;c:\windows\system32\GameMon.des;c:\windows\SYSNATIVE\GameMon.des [x]
    R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
    R3 RTL8192Ce;Realtek Wireless LAN 802.11n PCI-E NIC Driver;c:\windows\system32\DRIVERS\rtl8192Ce.sys;c:\windows\SYSNATIVE\DRIVERS\rtl8192Ce.sys [x]
    R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys;c:\windows\SYSNATIVE\drivers\synth3dvsc.sys [x]
    R3 terminpt;Microsoft Remote Desktop Input Driver;c:\windows\system32\drivers\terminpt.sys;c:\windows\SYSNATIVE\drivers\terminpt.sys [x]
    R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
    R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
    R3 tsusbhub;tsusbhub;tsusbhub [x]
    S0 SmartDefragDriver;SmartDefragDriver;c:\windows\System32\Drivers\SmartDefragDriver.sys;c:\windows\SYSNATIVE\Drivers\SmartDefragDriver.sys [x]
    S1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;c:\windows\system32\DRIVERS\klim6.sys;c:\windows\SYSNATIVE\DRIVERS\klim6.sys [x]
    S1 kltdi;kltdi;c:\windows\system32\DRIVERS\kltdi.sys;c:\windows\SYSNATIVE\DRIVERS\kltdi.sys [x]
    S1 kneps;kneps;c:\windows\system32\DRIVERS\kneps.sys;c:\windows\SYSNATIVE\DRIVERS\kneps.sys [x]
    S2 AdvancedSystemCareService7;Advanced SystemCare Service 7;c:\program files (x86)\IObit\Advanced SystemCare 7\ASCService.exe;c:\program files (x86)\IObit\Advanced SystemCare 7\ASCService.exe [x]
    S2 Bluetooth Media Service;Bluetooth Media Service;c:\program files\Motorola\Bluetooth\audiosrv.exe;c:\program files\Motorola\Bluetooth\audiosrv.exe [x]
    S2 Bluetooth OBEX Service;Bluetooth OBEX Service;c:\program files\Motorola\Bluetooth\obexsrv.exe;c:\program files\Motorola\Bluetooth\obexsrv.exe [x]
    S2 FPSensor;EgisTec-Corp Fingerprint Reader Driver (FPSensor.sys);c:\windows\system32\Drivers\FPSensor.sys;c:\windows\SYSNATIVE\Drivers\FPSensor.sys [x]
    S2 Freemake Improver;Freemake Improver;c:\programdata\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe;c:\programdata\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [x]
    S2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
    S2 SoilIO;SoilIO; [x]
    S2 SpyHunter 4 Service;SpyHunter 4 Service;c:\progra~2\ENIGMA~1\SPYHUN~1\SH4SER~1.EXE;c:\progra~2\ENIGMA~1\SPYHUN~1\SH4SER~1.EXE [x]
    S3 asmthub3;ASMedia USB3 Hub Service;c:\windows\system32\DRIVERS\asmthub3.sys;c:\windows\SYSNATIVE\DRIVERS\asmthub3.sys [x]
    S3 asmtxhci;ASMEDIA XHCI Service;c:\windows\system32\DRIVERS\asmtxhci.sys;c:\windows\SYSNATIVE\DRIVERS\asmtxhci.sys [x]
    S3 Bluetooth Device Manager;Bluetooth Device Manager;c:\program files\Motorola\Bluetooth\devmgrsrv.exe;c:\program files\Motorola\Bluetooth\devmgrsrv.exe [x]
    S3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [x]
    S3 IntcDAud;Intel® Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
    S3 JMCR;JMCR;c:\windows\system32\DRIVERS\jmcr.sys;c:\windows\SYSNATIVE\DRIVERS\jmcr.sys [x]
    S3 JME;JMicron Ethernet Adapter NDIS6.20 Driver (Amd64 Bits);c:\windows\system32\DRIVERS\JME.sys;c:\windows\SYSNATIVE\DRIVERS\JME.sys [x]
    S3 klkbdflt;Kaspersky Lab KLKBDFLT;c:\windows\system32\DRIVERS\klkbdflt.sys;c:\windows\SYSNATIVE\DRIVERS\klkbdflt.sys [x]
    S3 klmouflt;Kaspersky Lab KLMOUFLT;c:\windows\system32\DRIVERS\klmouflt.sys;c:\windows\SYSNATIVE\DRIVERS\klmouflt.sys [x]
    S3 RtkBtFilter;Realtek Bluetooth Filter Driver;c:\windows\system32\DRIVERS\RtkBtfilter.sys;c:\windows\SYSNATIVE\DRIVERS\RtkBtfilter.sys [x]
    S3 RTWlanE;Realtek Wireless LAN 802.11n PCI-E Network Adapter;c:\windows\system32\DRIVERS\rtwlane.sys;c:\windows\SYSNATIVE\DRIVERS\rtwlane.sys [x]
    S3 soilkbc;soilkbc; [x]
    S3 SoilMC;SoilMC; [x]
    .
    .
    --- =Outros Serviços/Drivers Na Memória ---
    .
    *NewlyCreated* - WS2IFSL
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
    2014-05-23 19:58 1091912 ----a-w- c:\program files (x86)\Google\Chrome\Application\35.0.1916.114\Installer\chrmstp.exe
    .
    Conteúdo da pasta 'Tarefas Agendadas'
    .
    2014-06-04 c:\windows\Tasks\Adobe Flash Player Updater.job
    - c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-04-19 17:50]
    .
    2014-06-04 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
    - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-05-18 17:47]
    .
    2014-06-04 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
    - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-05-18 17:47]
    .
    .
    --------- X64 Entries -----------
    .
    .
    [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{10921475-03CE-4E04-90CE-E2E7EF20C814}]
    2014-05-13 13:42 2471744 ----a-w- c:\program files (x86)\IObit\IObit Uninstaller\UninstallExplorer64.dll
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\IDM Shell Extension]
    @="{CDC95B92-E27C-4745-A8C5-64A52A78855D}"
    [HKEY_CLASSES_ROOT\CLSID\{CDC95B92-E27C-4745-A8C5-64A52A78855D}]
    2014-04-21 10:02 25112 ----a-w- c:\program files (x86)\Internet Download Manager\IDMShellExt64.dll
    .
    ------- Scan Suplementar -------
    .
    uLocal Page = c:\windows\system32\blank.htm
    mDefault_Search_URL = hxxp://www.google.com
    mDefault_Page_URL = hxxp://www.google.com
    mStart Page = hxxp://www.google.com
    mLocal Page = c:\windows\SysWOW64\blank.htm
    mSearch Page = hxxp://www.google.com
    IE: &Enviar para o OneNote - c:\progra~2\MICROS~2\Office14\ONBttnIE.dll/105
    IE: Baixar com Mipony - file://c:\program files (x86)\MiPony\Browser\IEContext.htm
    IE: E&xportar para o Microsoft Excel - c:\progra~2\MICROS~2\Office14\EXCEL.EXE/3000
    IE: Fazer o download de todos os links usando o IDM - c:\program files (x86)\Internet Download Manager\IEGetAll.htm
    IE: Fazer o download usando o IDM - c:\program files (x86)\Internet Download Manager\IEExt.htm
    IE: {{bd707fe6-39f6-4bda-9265-86a76719bdc5} - c:\program files\Motorola\Bluetooth\btmiesend.htm
    TCP: DhcpNameServer = 186.223.128.17 186.223.128.14 201.6.4.116
    FF - ProfilePath - c:\users\ML\AppData\Roaming\Mozilla\Firefox\Profiles\x92jvrww.default\
    FF - prefs.js: browser.search.selectedEngine - Google
    FF - prefs.js: network.proxy.type - 0
    .
    - - - - ORFÃOS REMOVIDOS - - - -
    .
    Wow6432Node-HKCU-Run-Viber - c:\users\ML\AppData\Local\Viber\Viber.exe
    HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
    AddRemove-{1a413f37-ed88-4fec-9666-5c48dc4b7bb7} - c:\program files (x86)\GreenTree Applications\YTD Video Downloader\uninstall.exe
    .
    .
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\npggsvc]
    "ImagePath"="c:\windows\system32\GameMon.des -service"
    .
    --------------------- CHAVES DO REGISTRO BLOQUEADAS ---------------------
    .
    [HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\User Preferences]
    @Denied: (2) (LocalSystem)
    "88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
       d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,6e,f9,4e,61,41,4c,ee,4c,b7,38,b3,\
    "2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,
       d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,6e,f9,4e,61,41,4c,ee,4c,b7,38,b3,\
    .
    [HKEY_USERS\S-1-5-21-661373312-583542093-967206773-1000_Classes\Wow6432Node\CLSID\{0524c5de-53d3-4e40-b648-8675a558011b}]
    @Denied: (Full) (Everyone)
    @Allowed: (Read) (RestrictedCode)
    "Model"=dword:00000081
    "Therad"=dword:00000017
    .
    [HKEY_USERS\S-1-5-21-661373312-583542093-967206773-1000_Classes\Wow6432Node\CLSID\{5ED60779-4DE2-4E07-B862-974CA4FF2E9C}]
    @Denied: (Full) (Everyone)
    @Allowed: (Read) (RestrictedCode)
    "scansk"=hex(0):c6,3e,a6,50,d6,c5,55,1b,89,ed,0c,85,d6,a8,aa,56,3a,4e,eb,d3,9f,
       31,1b,92,c5,75,60,d3,00,f9,c4,21,ef,f2,cd,f6,ac,fb,7e,17,00,00,00,00,00,00,\
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
    @Denied: (A 2) (Everyone)
    @="FlashBroker"
    "LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_13_0_0_214_ActiveX.exe,-101"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
    "Enabled"=dword:00000001
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
    @="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_13_0_0_214_ActiveX.exe"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
    @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
    @Denied: (A 2) (Everyone)
    @="IFlashBroker5"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
    @="{00020424-0000-0000-C000-000000000046}"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
    @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
    "Version"="1.0"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
    @Denied: (A 2) (Everyone)
    @="FlashBroker"
    "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_13_0_0_214_ActiveX.exe,-101"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
    "Enabled"=dword:00000001
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
    @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_13_0_0_214_ActiveX.exe"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
    @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
    @Denied: (A 2) (Everyone)
    @="Shockwave Flash Object"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
    @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_13_0_0_214.ocx"
    "ThreadingModel"="Apartment"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
    @="0"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
    @="ShockwaveFlash.ShockwaveFlash.13"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
    @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_13_0_0_214.ocx, 1"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
    @="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
    @="1.0"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
    @="ShockwaveFlash.ShockwaveFlash"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
    @Denied: (A 2) (Everyone)
    @="Macromedia Flash Factory Object"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
    @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_13_0_0_214.ocx"
    "ThreadingModel"="Apartment"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
    @="FlashFactory.FlashFactory.1"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
    @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_13_0_0_214.ocx, 1"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
    @="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
    @="1.0"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
    @="FlashFactory.FlashFactory"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}]
    @Denied: (A 2) (Everyone)
    @="IFlashBroker3"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\ProxyStubClsid32]
    @="{00020424-0000-0000-C000-000000000046}"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\TypeLib]
    @="{6EF568F4-D437-4466-AA63-A3645136D93E}"
    "Version"="1.0"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{2E4BB6BE-A75F-4DC0-9500-68203655A2C4}]
    @Denied: (A 2) (Everyone)
    @="IFlashBroker"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{2E4BB6BE-A75F-4DC0-9500-68203655A2C4}\ProxyStubClsid32]
    @="{00020424-0000-0000-C000-000000000046}"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{2E4BB6BE-A75F-4DC0-9500-68203655A2C4}\TypeLib]
    @="{6EF568F4-D437-4466-AA63-A3645136D93E}"
    "Version"="1.0"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
    @Denied: (A 2) (Everyone)
    @="IFlashBroker5"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
    @="{00020424-0000-0000-C000-000000000046}"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
    @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
    "Version"="1.0"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{DDF4CE26-4BDA-42BC-B0F0-0E75243AD285}]
    @Denied: (A 2) (Everyone)
    @="IFlashBroker2"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{DDF4CE26-4BDA-42BC-B0F0-0E75243AD285}\ProxyStubClsid32]
    @="{00020424-0000-0000-C000-000000000046}"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{DDF4CE26-4BDA-42BC-B0F0-0E75243AD285}\TypeLib]
    @="{6EF568F4-D437-4466-AA63-A3645136D93E}"
    "Version"="1.0"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
    @Denied: (A) (Everyone)
    "Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
    @Denied: (A) (Everyone)
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
    "Key"="ActionsPane3"
    "Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
    @Denied: (Full) (Everyone)
    .
    ------------------------ Outros Processos em Execução ------------------------
    .
    c:\program files (x86)\NTRU Cryptosystems\NTRU TCG Software Stack\bin\tcsd_win32.exe
    c:\program files (x86)\IObit\Advanced SystemCare 7\Monitor.exe
    c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
    c:\program files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
    c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
    .
    **************************************************************************
    .
    Tempo para conclusão: 2014-06-04  10:43:23 - Máquina reiniciou
    ComboFix-quarantined-files.txt  2014-06-04 13:43
    .
    Pré-execução: 111.971.442.688 bytes disponíveis
    Pós execução: 111.585.103.872 bytes disponíveis
    .
    - - End Of File - - 039EC26370581A4BC361267548361538
     

    Compartilhar este post


    Link para o post
    Compartilhar em outros sites

    Caro DarkRenisson

     

    Conhece esta pasta: C:\sh4ldr. Caso não, pode deletá-la. ;)

     

    Faça o download do Malwarebytes Anti-Malware:

    • Link1
    • Link alternativo
      • Clique duas vezes em mbam-setup.exe, escolha a linguagem e siga as instruções para o software ser instalado.
      • Certifique-se que esteja marcada a caixa Atualizar Malwarebytes Anti-Malware e Executar Malwarebytes Anti-Malware, e clique em concluir.
      • Se existirem atualizações, elas serão baixadas e instaladas.
      • Quando as atualizações terminarem, abrirá uma janela do programa. Marque "Verificação Rápida", e depois clique no botão Verificar.
      • O scan iniciará e poderá ser demorado. Por favor seja paciente.
      • Quando o scan estiver completo, clique em Ok, depois em Mostrar Resultados para ver o log.
      • Se algo for encontrado, certifique-se que tudo está marcado e clique em Remover.
      • Quando a desinfecção terminar, automaticamente um log surgirá aberto num documento do Bloco de Notas e pode ser questionado para reiniciar o PC. (Leia a nota)
      • O log é automaticamente guardado e pode ser consultado clicando na tab Logs do menu principal.
      • Copie e cole o conteúdo desse log na sua próxima resposta.

    Nota: Em infecções mais complicadas, poderá haver a necessidade de reiniciar o PC. Caso lhe seja pedido para reiniciar, por favor, faça-o imediatamente.

     

    Abraços :D

    Compartilhar este post


    Link para o post
    Compartilhar em outros sites
  • Autor do tópico
  • Não conheço essa pasta e já deletei a mesma.

    Segue abaixo o log do Malwarebytes Anti-Malware

     

    Malwarebytes Anti-Malware
    www.malwarebytes.org
     
    Data de Verificação: 05/06/2014
    Hora da Verificação: 11:19:28
    Logfile: Limpeza.txt
    Administrador: Sim
     
    Versão: 2.00.2.1012
    Malware Database: v2014.06.05.08
    Rootkit Database: v2014.06.02.01
    Licença: Trial
    Proteção de Malware: Enabled
    Proteção de Site Malicioso: Enabled
    Self-protection: Desabilitado
     
    OS: Windows 7 Service Pack 1
    CPU: x64
    Sistema de Arquivo: NTFS
    Usuário: ML
     
    Tipo da Verificação: Verificação Rápida
    Resultado: Completado
    Arquivos Verificados: 226579
    Tempo Decorrido: 5 min, 10 seg
     
    Memória: Enabled
    Inicialização: Enabled
    Filesystem: Desabilitado
    Arquivos: Enabled
    Rootkits: Desabilitado
    Heuristics: Enabled
    PUP: Enabled
    PUM: Enabled
     
    Processos: 0
    (No malicious items detected)
     
    Módulos: 0
    (No malicious items detected)
     
    Chaves de Registro: 0
    (No malicious items detected)
     
    Valores de Registro: 0
    (No malicious items detected)
     
    Dados do Registro: 1
    PUP.Optional.Qone8, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES|DefaultScope, {33BB0A4E-99AF-4226-BDF6-49120163DE86}, Good: ({0633EE93-D776-472f-A0FF-E1416B8B2E3A}), Bad: ({33BB0A4E-99AF-4226-BDF6-49120163DE86}),No Action By User,[37a5c6ae94e7c175f4030e5cb4505ba5]
     
    Pastas: 0
    (No malicious items detected)
     
    Arquivos: 0
    (No malicious items detected)
     
    Physical Sectors: 0
    (No malicious items detected)
     
     
    (end)

    Compartilhar este post


    Link para o post
    Compartilhar em outros sites

    Caro DarkRenisson

     

    # Etapa nº 1 #
     
    Faça o download do Kaspersky AVP Tool de um desses links:
     
    Você será direcionado a uma página da Kaspersky, solicitando um email para cadastro, nome e sobrenome. 
    Somente o campo "email" é obrigatório.
    Informe seu email depois clique no botão Submit Form.
    A página será recarregada. Clique no botão Download
    Salve-o em sua área de trabalho (Desktop).
    Execute o arquivo e aguarde a instalação.
    • ** Usuários do Windows Vista e Windows 7: Clique com o direito sobre o arquivo, depois clique em Executar como administrador

    • Na tela do contrato de licença, marque a opção I accept the license agreement e depois clique no botão Start.
    Aparentemente o programa congela e nada acontece. É normal, apenas aguarde até aparecer a tela inicial do programa, e então clique no ícone Settings:

     
    KRT_settings.png
     
    Nesta tela, marque a caixa ao lado de:
    Meu Computador; 
    Disco local (C:);
    Marque também todas as unidades que aparecem abaixo de Disco Local, caso houverem;
    Depois clique na aba Automatic Scan.

     
    KRT_install2_.png
     
    De volta à tela inicial do programa, clique no botão Start scanning;
    Tenha paciência, é um pouco demorado;
    Quando terminar, caso tenha detectado algo, o programa irá lhe perguntar o que fazer;
    Marque o quadradinho ao lado de Apply to all objects e depois clique em Skip (queremos apenas o log).

     
    KRT_detection_.png
     
    Uma vez finalizado o scan, proceda da seguinte forma:
    Na tela principal, caso tenha sido detectado algo, então salve o log
    Se você fechar o programa e esquecer de salvar o log, terá que repetir todo o scan novamente.
    Para salvar o log, clique no ícone Reports (ao lado do ícone "Settings"). 
    Na próxima janela, clique em Detected Threats, depois clique no ícone de disquete para salvar o log.
    Escolha um local de fácil acesso e salve como log.txt
    Copie todo o conteúdo desse bloco de notas e cole em sua próxima resposta.
    Se nada for detectado, então não precisa salvar o log, apenas avise.
    Para sair do programa, basta clicar no X no canto superior direito.

     

    Observações:
    Enquanto durar o scan, a tela inicial exibirá uma barra de progresso. Quando terminar, o programa exibirá o status concluído e um botão que ficará na cor
    laranja
    , caso nada tenha sido detectado; e na cor
    vermelha
    , caso tenha encontrado algo. Caso tenha detectado algo, o programa também exibirá uma tela de alerta, avisando que o seu sistema está desprotegido e sugerindo um produto da Kaspersky. Clique no botão
    No, thanks
    .

     
    # Etapa nº 2 #
     
    Faça o download do SecurityCheck e salve em seu Desktop
     
    Clique duas vezes no SecurityCheck.exe
    • Atenção: Usuários Windows Vista, 7 e 8, cliquem com o botão direito do mouse e escolha: execadmin.png

    Pressione qualquer tecla para continuar... será aberto um relatório
    Copie todo seu conteúdo e cole em sua próxima resposta

    Abraços :D

    Compartilhar este post


    Link para o post
    Compartilhar em outros sites
  • Autor do tópico
  • Kaspersky AVP Tool

     

    Status: Detected   (events: 7)

    06/06/2014 15:08:14 Detected unknown threat UDS:DangerousObject.Multi.Generic C:\Documents and Settings\ML\AppData\Local\Google\Chrome\User Data\Default\File System\001\t\00\00000001 High

    06/06/2014 15:11:37 Detected adware not-a-virus:AdWare.Win32.Agent.allm C:\Documents and Settings\ML\Downloads\ClickHeretoDownloadSetup-bVhqIIS7.exe//data0001 Medium

    06/06/2014 15:39:30 Detected Trojan program Trojan-Banker.Win32.Banker.bplj C:\Documents and Settings\ML\Downloads\Compressed\install_flashplayer11x32_mssd_aaa_aih.zip/install_flashplayer11x32_mssd_aaa_aih - Cópia.zip/install_flashplayer11x32_mssd_aaa_aih.exe High

    06/06/2014 15:45:28 Detected unknown threat UDS:DangerousObject.Multi.Generic C:\Documents and Settings\ML\Local Settings\Google\Chrome\User Data\Default\File System\001\t\00\00000001 High

    06/06/2014 16:04:19 Detected unknown threat UDS:DangerousObject.Multi.Generic C:\Users\ML\AppData\Local\Google\Chrome\User Data\Default\File System\001\t\00\00000001 High

    06/06/2014 16:07:16 Detected Trojan program Trojan-Banker.Win32.Banker.bplj C:\Users\ML\Downloads\Compressed\install_flashplayer11x32_mssd_aaa_aih.zip/install_flashplayer11x32_mssd_aaa_aih - Cópia.zip/install_flashplayer11x32_mssd_aaa_aih.exe High

    06/06/2014 16:10:33 Detected unknown threat UDS:DangerousObject.Multi.Generic C:\Users\ML\Local Settings\Google\Chrome\User Data\Default\File System\001\t\00\00000001 High

     

    Security check

     


     Results of screen317's Security Check version 0.99.83  

     Windows 7 Service Pack 1 x64 (UAC is enabled)  

     Internet Explorer 11  

    ``````````````Antivirus/Firewall Check:`````````````` 

    Kaspersky Anti-Virus   

     Antivirus up to date!   

    `````````Anti-malware/Other Utilities Check:````````` 

     SpyHunter     

     Java 7 Update 55  

     Adobe Flash Player 13.0.0.214  

     Adobe Reader XI  

     Mozilla Firefox (29.0.1) 

     Google Chrome 34.0.1847.137  

     Google Chrome 35.0.1916.114  

    ````````Process Check: objlist.exe by Laurent````````  

     Kaspersky Lab Kaspersky Anti-Virus 2013 avp.exe  

     ML Desktop Kaspersky AVP Tool 11.exe  

    `````````````````System Health check````````````````` 

     Total Fragmentation on Drive C: = 

    ````````````````````End of Log`````````````````````` 

     

    Compartilhar este post


    Link para o post
    Compartilhar em outros sites
    Caro DarkRenisson

     

    Faça um novo scan com o Kaspersky e delete o que for encontrado ;)

     

    >>>> Como está o computador?

     

    # Etapa nº 1 #

     

    Vamos desinstalar o ComboFix:

     

    Renomeie o combofix.exe para uninstall.exe, clique duas vezes nele e aguarde o programa ser removido. 

     

    Ou se preferir vá em,

     

    iniciar > executar e digite  Combofix /Uninstall e clique OK, na janela que aparecer clique em executar e aguarde o programa ser removido.

     

    # Etapa nº 2 #

     

    Faça download do OTC by OldTimer e salve em seu desktop.

    • Clique duas vezes no ícone 4142006426_4719050954_o.gif
    • Clique em executar;
    • Clique em seu único botão (imagem abaixo):

    4141259853_5a542d5908_o.jpgPermita que seu computador seja reiniciado.


     

    # Etapa nº 3 #

     

    • Novamente: clique duas vezes no adwcleaner.exe
      • Atenção: Usuários Windows Vista, 7 e 8, cliquem com o botão direito do mouse e escolha: execadmin.png

    • Clique em Desinstalar
    • Clique em Sim, aguarde.

     

    # Etapa nº 4 #

     

    <<@>> Instale o CCleaner

     

    O CCleaner é um excelente utilitário de limpeza para o computador, que lhe ajudará no desempenho do computador. Faça o download dele aqui CCleaner

    IMPORTANTE: Após a instalação vá até o local onde o programa foi instalado, C:\Arquivos de programas\CCleaner, clique duas vezes na pasta, numa área vazia desta janela, clique com o botão direito do mouse e escolha Novo > pasta e crie uma nova pasta; coloque o nome de backups!

    Abra o programa e clique em Executar Limpeza;

    clique no botão Registro > Procurar Erros > Corrigir erro(s) seleciona(s)...

     

    Obs: Não se esqueça de aceitar o backup das correções, e salvá-los nas pasta criada acima!


    <<@>> Mantenha sempre seu Windows atualizado; mantenha uma vigilância constante com o firewall e antivírus e por fim, lembre-se que, a melhor forma de prevenir começa pelas nossas atitudes!

     

    Abraços :D

    Compartilhar este post


    Link para o post
    Compartilhar em outros sites
  • Autor do tópico
  • Olá, fiz todos os procedimentos que você mandou e o desempenho do computador continua o mesmo, bem lento.

     

    obs: Quando fui utilizar o OTC ele pediu permissão para reiniciar o computador, eu cliquei em sim, então ele reiniciou logo em seguida iniciou o Kaspersky AVP Tool e deu tela azul .

    Compartilhar este post


    Link para o post
    Compartilhar em outros sites

    Lentidão nem sempre está relacionado a malware, provavelmente pode ser hardware. Procure a área correspondente ao seu problema, abra um tópico, explique o que acontece e poste o link deste tópico informado que seu PC está limpo de malware ;)

     

    Mais alguma coisa?

    Compartilhar este post


    Link para o post
    Compartilhar em outros sites
  • Autor do tópico
  • Quero apenas tirar uma dúvida , como eu citei no começo do tópico eu comecei a achar que talvez pudesse ser um problema de malware porque um colega que estava me ajudando em outro tópico disse que esse era o problema após eu postar isso 

     

    "Sobre os processos o explorer.exe acredito que esteja normal , fica em média em 25.000.. o que está puxando mais no momento é o navegador, mandarei as prints.
    Não sei se isso é comum mas lá em baixo, onde tá escrito "Uso de CPU" aqui oscila demais, as vezes fica super baixo e do nada pula pra 90~100%."

    8ozs.png

     

    7mw1.png

     

    Quando perguntei porque ele achava que era malware ele disse isso : "Bom, como eu tenho um conhecimento avançado nessa área de programação só de ver os processos da pra ver que tem um arquivo editando seus executáveis, veja que esse suposto executável opera.exe não sei se é seu navegador ou pode ser o vírus que está executando diversos executáveis sem necessidades, e também reparei o *32 que no OS normal não é necessário, isso é típico de vírus, para fazer um tópico na sessão malware eu não posso mais te ajudar daqui por diante leia as regras e veja qual programa você tem que usar para obter os logs do seu notebook e será removido manualmente usando script."

     

    Isso é mesmo um indício de malware ou pode ser alguma outra coisa?

    Compartilhar este post


    Link para o post
    Compartilhar em outros sites

    Caro DarkRenisson

     

    A informação não procede.

     

    O que aparece no Gerenciador de Tarefas, realmente pertence ao Ópera. Cada serviço é um plug-in sendo executado, conforme descrito no fórum do Ópera:

     

    http://forums.opera.com/discussion/1834227/multiple-processes-for-opera-exe/p1

     

    Creio que talvez seja este: http://processchecker.com/file/opera_plugin_wrapper_32.exe.html

     

    Você tem que dar uma olhada e verificar quais plug-ins estão instalados e analisá-los... como não sou usuário do Ópera, não poderia te dizer muito sobre isso ;)

     

    Tudo certo?!

     

    Abraços :D

    Compartilhar este post


    Link para o post
    Compartilhar em outros sites
  • Autor do tópico
  • Tudo bem, obrigado pela ajuda, espero ter mais sorte na seção de hardware  :(

    Tá complicado usar o notebook nessas condições, enfim

    Muito obrigado por tudo.

    Compartilhar este post


    Link para o post
    Compartilhar em outros sites

    Caso o autor necessite, o mesmo será reaberto, para isso deverá entrar em contato com a moderação solicitando o desbloqueio.

    Compartilhar este post


    Link para o post
    Compartilhar em outros sites
    Visitante
    Este tópico está impedido de receber novos posts.





    Sobre o Clube do Hardware

    No ar desde 1996, o Clube do Hardware é uma das maiores, mais antigas e mais respeitadas publicações sobre tecnologia do Brasil. Leia mais

    Direitos autorais

    Não permitimos a cópia ou reprodução do conteúdo do nosso site, fórum, newsletters e redes sociais, mesmo citando-se a fonte. Leia mais

    ×