Ir ao conteúdo
  • Comunicados

    • diego_moicano

      Gostaria de se tornar um analista em Remoção de Malware?   07-12-2015

      Gostaria de se tornar um analista em Remoção de Malware? O Fórum Clube do Hardware deu início a um programa de treinamento em análises de log. Os interessados deverão enviar um email para aprendizes (arroba) clubedohardware (ponto) com (ponto) br respondendo as seguintes perguntas: Por que você gostaria de aprender a analisar logs? Possui tempo hábil para o treinamento? Tem conhecimentos em informática? Se sim descreva-os. Possui inglês para leitura? Qual seu objetivo após completar o treinamento?   Não se esqueça de incluir no e-mail o seu nome de usuário (fornecer o link também), idade e cidade onde vive. Adicione também qualquer experiência e/ou razão sobre o porquê você seria um bom Analista. É digno de nota que apenas os que forem selecionados receberão resposta por MP (Mensagem Pessoal), não existe um padrão na escolha dos futuros aprendizes, todos os e-mails serão lidos e serão analisados de forma imparcial, portanto não será permitido reclamações neste aspecto. O treinamento é dado no próprio fórum. Quando um aprendiz é selecionado ele é movido para um novo grupo, onde terá acesso a fóruns fechados para os demais usuários onde poderá dar inicio ao seu treinamento. Importante: A cada 30 dias os e-mails não selecionados serão apagados, portanto você pode enviar um novo e-mail após 1 mês, e-mails enviados antes serão desconsiderados.  
    • Gabriel Torres

      Seja um moderador do Clube do Hardware!   12-02-2016

      Prezados membros do Clube do Hardware, Está aberto o processo de seleção de novos moderadores para diversos setores ou áreas do Clube do Hardware. Os requisitos são:   Pelo menos 500 posts e um ano de cadastro; Boa frequência de participação; Ser respeitoso, cordial e educado com os demais membros; Ter bom nível de português; Ter razoável conhecimento da área em que pretende atuar; Saber trabalhar em equipe (com os moderadores, coordenadores e administradores).   Os interessados deverão enviar uma mensagem privada para o usuário @Equipe Clube do Hardware com o título "Candidato a moderador". A mensagem deverá conter respostas às perguntas abaixo:   Qual o seu nome completo? Qual sua data de nascimento? Qual sua formação/profissão? Já atuou como moderador em algo outro fórum, se sim, qual? De forma sucinta, explique o porquê de querer ser moderador do fórum e conte-nos um pouco sobre você.   OBS: Não se trata de função remunerada. Todos que fazem parte do staff são voluntários.
epslol

Arquivos como "Desktop.ini" e "Thumbs.db" aparecem nas pastas

Recommended Posts

epslol    0

Começaram a aparecer arquivos em todas as pastas do meu notebook, todas tem o nome de "desktop.ini" e "thumbs.db". Também aparece agora os atalhos de algumas pastas, por exemplo, tem uma pasta chamada "download" e logo abaixo dela, aparece um atalho escrito "download". Todos esses arquivos e pasta estão como ocultos.

 

Me ajudem, por favor :)

 

Log DDS.txt

 

DDS (Ver_2012-11-20.01) - NTFS_AMD64 
Internet Explorer: 10.0.9200.16921
Run by Eduardo at 13:17:07 on 2014-06-21
Microsoft Windows 8 Single Language  6.2.9200.0.1252.55.1046.18.8096.5421 [GMT -3:00]
.
AV: McAfee Anti-Virus and Anti-Spyware *Disabled/Updated* {ADA629C7-7F48-5689-624A-3B76997E0892}
AV: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: McAfee Anti-Virus and Anti-Spyware *Disabled/Updated* {16C7C823-5972-5907-58FA-0004E2F9422F}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: McAfee Firewall *Disabled* {959DA8E2-3527-57D1-4915-924367AD4FE9}
.
============== Running Processes ===============
.
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\PROGRA~2\GbPlugin\GbpSv.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\adminservice.exe
C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe
C:\Windows\system32\dashost.exe
c:\Program Files\Intel\iCLS Client\HeciServer.exe
C:\Windows\system32\mfevtps.exe
C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files (x86)\Dell Wireless\Ath_WlanAgent.exe
C:\Program Files\McAfee\MSC\McAPExe.exe
C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe
C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\SppExtComObj.exe
c:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
C:\Program Files (x86)\Dell Backup and Recovery\SftService.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\dwm.exe
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\taskhostex.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Windows\Explorer.EXE
C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe\LiveComm.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Windows\System32\RuntimeBroker.exe
C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtvStack.exe
C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\ActivateDesktop.exe
C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
C:\Program Files\Dell\QuickSet\quickset.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\system32\igfxsrvc.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Common Files\Autodesk Shared\Autodesk Download Manager\DLMSession.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\SysWOW64\cmd.exe
C:\Users\Eduardo\AppData\Local\Akamai\netsession_win.exe
C:\Users\Eduardo\AppData\Local\Akamai\netsession_win.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\My Dell\uaclauncher.exe
C:\Program Files (x86)\Dell Backup and Recovery\TOASTER.EXE
C:\Program Files (x86)\Dell Backup and Recovery\Components\DBRUpdate\DBRUpd.exe
C:\Program Files (x86)\Dell Backup and Recovery\Components\Shell\DBRCrawler.exe
C:\Program Files\Common Files\McAfee\Platform\mcuicnt.exe
C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Program Files\Common Files\McAfee\Platform\Core\mchost.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = about:blank
mStart Page = about:blank
uProxyOverride = <local>
mWinlogon: Userinit = userinit.exe
BHO: Lync Browser Helper: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
BHO: GbIehObj Class: {C41A1C0E-EA6C-11D4-B1B8-444553540000} - C:\Program Files (x86)\GbPlugin\gbieh.dll
BHO: Microsoft SkyDrive Pro Browser Helper: {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL
uRun: [Akamai NetSession Interface] "C:\Users\Eduardo\AppData\Local\Akamai\netsession_win.exe"
uRun: [Autodesk Sync] C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe
uRun: [GoogleChromeAutoLaunch_5067CAB4F02DB410F3160A138613072A] "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window
mRun: [RemoteControl10] "C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe"
mRun: [mcpltui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
mRun: [ADSK DLMSession] C:\Program Files (x86)\Common Files\Autodesk Shared\Autodesk Download Manager\DLMSession.exe
dRun: [Autodesk Sync] C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe
mExplorerRun: [btvStack] "C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtvStack.exe"
mPolicies-System: DisableCAD = dword:1
mPolicies-Windows\System: EnableSmartScreen = dword:0
IE: &Enviar para o OneNote - C:\PROGRA~1\MICROS~1\Office15\ONBttnIE.dll/105
IE: E&xportar para o Microsoft Excel - C:\PROGRA~1\MICROS~1\Office15\EXCEL.EXE/3000
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
IE: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
TCP: NameServer = 208.67.222.222 208.67.220.220
TCP: Interfaces\{7E6AA193-83A3-4D7C-9301-567A8071731E} : DHCPNameServer = 208.67.222.222 208.67.220.220
TCP: Interfaces\{7E6AA193-83A3-4D7C-9301-567A8071731E}\07C616E64716F60246F6D696E676F6 : DHCPNameServer = 192.168.1.1 192.168.1.1
TCP: Interfaces\{7E6AA193-83A3-4D7C-9301-567A8071731E}\46F6D696E676F6 : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{AF0C7456-51AB-4DBB-B14E-29180AEA273F} : DHCPNameServer = 10.1.200.195 10.1.200.197
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\msc\McSnIePl.dll
Filter: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLL
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
Notify:  GbPluginBb - C:\Program Files (x86)\GbPlugin\gbieh.dll
AppInit_DLLs= C:\Windows\SysWOW64\nvinit.dll
SSODL: WebCheck - <orphaned>
SEH: GbPluginObj Class - {E37CB5F0-51F5-4395-A808-5FA49E399F83} - C:\Program Files (x86)\GbPlugin\gbieh.dll
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-mStart Page = about:blank
x64-BHO: Lync Browser Helper: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office15\OCHelper.dll
x64-BHO: CIESpeechBHO Class: {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\IEPlugIn.dll
x64-BHO: Microsoft SkyDrive Pro Browser Helper: {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL
x64-Run: [RTHDVCPL] "C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s
x64-Run: [RtHDVBg] "C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /MAXX4P1
x64-Run: [RtHDVBg_PushButton] "C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /IM
x64-Run: [iAStorIcon] "C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIconLaunch.exe" "C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe" 60
x64-Run: [QuickSet] c:\Program Files\Dell\QuickSet\QuickSet.exe
x64-Run: [igfxTray] "C:\Windows\System32\igfxtray.exe"
x64-Run: [HotKeysCmds] "C:\Windows\System32\hkcmd.exe"
x64-Run: [Persistence] "C:\Windows\System32\igfxpers.exe"
x64-Run: [NvBackend] "C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
x64-Run: [shadowPlay] C:\Windows\System32\rundll32.exe C:\Windows\System32\nvspcap64.dll,ShadowPlayOnSystemStart
x64-ExplorerRun: [btvStack] "C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtvStack.exe"
x64-mPolicies-System: DisableCAD = dword:1
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office15\ONBttnIE.dll
x64-IE: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office15\OCHelper.dll
x64-IE: {7815BE26-237D-41A8-A98F-F7BD75F71086} - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\IEPlugIn.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
x64-Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\mcafee\msc\McSnIePl64.dll
x64-Filter: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL
x64-Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-Notify: igfxcui - igfxdev.dll
x64-SSODL: WebCheck - <orphaned>
.
============= SERVICES / DRIVERS ===============
.
R0 iaStorA;iaStorA;C:\Windows\System32\Drivers\iaStorA.sys [2014-1-16 644968]
R0 mfehidk;McAfee Inc. mfehidk;C:\Windows\System32\Drivers\mfehidk.sys [2012-11-9 784760]
R0 mfewfpk;McAfee Inc. mfewfpk;C:\Windows\System32\Drivers\mfewfpk.sys [2012-11-9 346760]
R0 nvpciflt;nvpciflt;C:\Windows\System32\Drivers\nvpciflt.sys [2014-6-17 32544]
R1 CLVirtualDrive;CLVirtualDrive;C:\Windows\System32\Drivers\CLVirtualDrive.sys [2014-1-15 92536]
R2 AERTFilters;Andrea RT Filters Service;C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe [2014-1-16 98208]
R2 AtherosSvc;AtherosSvc;C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\AdminService.exe [2013-7-2 312448]
R2 Autodesk Content Service;Autodesk Content Service;C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [2012-12-13 12288]
R2 DellDigitalDelivery;Dell Digital Delivery Service;C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe [2014-1-13 198664]
R2 GbpSv;Gbp Service;C:\PROGRA~2\GbPlugin\GbpSv.exe [2014-3-9 519720]
R2 HomeNetSvc;McAfee Home Network;C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [2014-1-15 328928]
R2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2013-8-30 15720]
R2 Intel® Capability Licensing Service Interface;Intel® Capability Licensing Service Interface;C:\Program Files\Intel\iCLS Client\HeciServer.exe [2013-5-11 733696]
R2 jhi_service;Intel® Dynamic Application Loader Host Interface Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [2014-1-15 169432]
R2 McAPExe;McAfee AP Service;C:\Program Files\mcafee\msc\McAPExe.exe [2012-11-30 178528]
R2 McMPFSvc;McAfee Personal Firewall Service;C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [2014-1-15 328928]
R2 McNaiAnn;McAfee VirusScan Announcer;C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [2014-1-15 328928]
R2 McOobeSv2;McAfee OOBE Service2;C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [2014-1-15 328928]
R2 mcpltsvc;McAfee Platform Services;C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [2014-1-15 328928]
R2 McProxy;McAfee Proxy Service;C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [2014-1-15 328928]
R2 mfecore;McAfee Anti-Malware Core;C:\Program Files\Common Files\mcafee\AMCore\mcshield.exe [2014-1-15 1041192]
R2 mfefire;McAfee Firewall Core Service;C:\Program Files\Common Files\mcafee\systemcore\mfefire.exe [2014-1-15 219752]
R2 mfevtp;McAfee Validation Trust Protection Service;C:\Windows\System32\mfevtps.exe [2014-1-15 189912]
R2 NvNetworkService;NVIDIA Network Service;C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2014-3-1 1593632]
R2 NvStreamSvc;NVIDIA Streamer Service;C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2014-3-1 16941856]
R2 RtkAudioService;Realtek Audio Service;C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [2014-1-16 245832]
R2 SftService;SoftThinks Agent Service;C:\Program Files (x86)\Dell Backup and Recovery\SftService.exe [2014-1-15 1915480]
R2 ZAtheros Wlan Agent;ZAtheros Wlan Agent;C:\Program Files (x86)\Dell Wireless\Ath_WlanAgent.exe [2014-1-15 81536]
R3 AthBTPort;Qualcomm Atheros Virtual Bluetooth Class;C:\Windows\System32\Drivers\btath_flt.sys [2013-7-2 89800]
R3 BTATH_A2DP;Bluetooth A2DP Audio Driver;C:\Windows\System32\Drivers\btath_a2dp.sys [2013-7-2 347336]
R3 btath_avdt;Qualcomm Atheros Bluetooth AVDT Service;C:\Windows\System32\Drivers\btath_avdt.sys [2013-7-2 116424]
R3 BTATH_BUS;Qualcomm Atheros Bluetooth Bus;C:\Windows\System32\Drivers\btath_bus.sys [2014-1-16 34384]
R3 BTATH_HCRP;Bluetooth HCRP Server driver;C:\Windows\System32\Drivers\btath_hcrp.sys [2014-1-16 179432]
R3 BTATH_LWFLT;Bluetooth LWFLT Device;C:\Windows\System32\Drivers\btath_lwflt.sys [2013-7-2 77464]
R3 BTATH_RCP;Bluetooth AVRCP Device;C:\Windows\System32\Drivers\btath_rcp.sys [2014-1-16 137928]
R3 BtFilter;BtFilter;C:\Windows\System32\Drivers\btfilter.sys [2014-1-16 589000]
R3 BthLEEnum;Driver de Baixa Energia do Bluetooth;C:\Windows\System32\Drivers\BthLEEnum.sys [2012-7-25 202752]
R3 cfwids;McAfee Inc. cfwids;C:\Windows\System32\Drivers\cfwids.sys [2012-11-9 70592]
R3 DellRbtn;Airplane Mode Switch;C:\Windows\System32\Drivers\DellRbtn.sys [2014-1-16 10752]
R3 mfeavfk;McAfee Inc. mfeavfk;C:\Windows\System32\Drivers\mfeavfk.sys [2012-11-9 311856]
R3 mfefirek;McAfee Inc. mfefirek;C:\Windows\System32\Drivers\mfefirek.sys [2012-11-9 522360]
R3 mfencbdc;McAfee Inc. mfencbdc;C:\Windows\System32\Drivers\mfencbdc.sys [2014-3-18 441264]
R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);C:\Windows\System32\Drivers\nvvad64v.sys [2014-3-1 39200]
R3 RTL8168;Realtek 8168 NT Driver;C:\Windows\System32\Drivers\Rt630x64.sys [2014-1-16 792648]
R3 SmbDrvI;SmbDrvI;C:\Windows\System32\Drivers\Smb_driver_Intel.sys [2014-1-16 31984]
S0 mfeelamk;McAfee Inc. mfeelamk;C:\Windows\System32\Drivers\mfeelamk.sys [2012-11-9 69352]
S3 AthDfu;Qualcomm Atheros Valkyrie USB BootROM;C:\Windows\System32\Drivers\AthDfu.sys [2014-1-16 55448]
S3 FlexNet Licensing Service 64;FlexNet Licensing Service 64;C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2014-3-2 1471352]
S3 HipShieldK;McAfee Inc. HipShieldK;C:\Windows\System32\Drivers\HipShieldK.sys [2014-4-8 197704]
S3 IntcDAud;Áudio do vídeo Intel®;C:\Windows\System32\Drivers\IntcDAud.sys [2014-1-16 452088]
S3 Intel® Capability Licensing Service TCP IP Interface;Intel® Capability Licensing Service TCP IP Interface;C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2013-5-11 822232]
S3 lehidmini;Bluetooth Low Energy Hid Device;C:\Windows\System32\Drivers\leath_hid.sys [2014-1-16 39704]
S3 McAWFwk;McAfee Activation Service;C:\PROGRA~1\COMMON~1\mcafee\actwiz\mcawfwk.exe [2014-1-15 334760]
S3 mfencrk;McAfee Inc. mfencrk;C:\Windows\System32\Drivers\mfencrk.sys [2014-3-18 96592]
S3 ose64;Office 64 Source Engine;C:\Program Files\Common Files\microsoft shared\Source Engine\OSE.EXE [2014-1-23 178760]
S3 qca_shb;Qualcomm Atheros UART Bus Driver;C:\Windows\System32\Drivers\qca_shb.sys [2014-1-16 99328]
S3 WUDFWpdMtp;WUDFWpdMtp;C:\Windows\System32\Drivers\WUDFRd.sys [2012-7-25 198656]
.
=============== File Associations ===============
.
FileExt: .scr: AutoCADScriptFile=C:\Windows\System32\notepad.exe "%1"
.
=============== Created Last 30 ================
.
2014-06-17 23:20:56 -------- d-----w- C:\Windows\SysWow64\NV
2014-06-17 23:20:56 -------- d-----w- C:\Windows\System32\NV
2014-06-15 00:19:32 619008 ----a-w- C:\Windows\System32\drivers\srv2.sys
2014-06-15 00:19:32 328024 ----a-w- C:\Windows\System32\drivers\Classpnp.sys
2014-06-15 00:19:32 309760 ----a-w- C:\Windows\System32\wusa.exe
2014-06-15 00:19:32 305152 ----a-w- C:\Windows\SysWow64\wusa.exe
2014-06-14 23:28:13 1301504 ----a-w- C:\Windows\System32\gdi32.dll
2014-06-14 23:28:13 1023488 ----a-w- C:\Windows\SysWow64\gdi32.dll
2014-06-14 23:17:39 3246592 ----a-w- C:\Windows\System32\rdpcorets.dll
2014-06-14 23:17:38 235520 ----a-w- C:\Windows\System32\rdpudd.dll
2014-06-14 22:28:23 2233176 ----a-w- C:\Windows\System32\drivers\tcpip.sys
2014-06-14 22:27:45 1845760 ----a-w- C:\Windows\System32\msxml3.dll
2014-06-14 22:27:45 1419264 ----a-w- C:\Windows\SysWow64\msxml3.dll
2014-06-14 21:50:29 283312 ----a-w- C:\ProgramData\Microsoft\Windows\Sqm\Manifest\Sqm10242.bin
2014-06-10 17:41:52 -------- d-----w- C:\Users\Eduardo\AppData\Local\Autodesk, Inc
.
==================== Find3M  ====================
.
2014-05-31 05:16:07 703992 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2014-05-31 05:16:07 105464 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2014-05-24 02:47:54 2239488 ----a-w- C:\Windows\System32\wininet.dll
2014-05-24 02:47:45 915968 ----a-w- C:\Windows\System32\uxtheme.dll
2014-05-24 02:47:44 53760 ----a-w- C:\Windows\System32\UXInit.dll
2014-05-24 02:46:15 3958784 ----a-w- C:\Windows\System32\jscript9.dll
2014-05-24 02:46:07 67072 ----a-w- C:\Windows\System32\iesetup.dll
2014-05-24 02:46:07 136704 ----a-w- C:\Windows\System32\iesysprep.dll
2014-05-24 02:45:26 1508864 ----a-w- C:\Windows\System32\inetcpl.cpl
2014-05-24 01:26:54 1766400 ----a-w- C:\Windows\SysWow64\wininet.dll
2014-05-24 01:26:46 44032 ----a-w- C:\Windows\SysWow64\UXInit.dll
2014-05-24 01:25:52 2862080 ----a-w- C:\Windows\SysWow64\jscript9.dll
2014-05-24 01:25:49 61440 ----a-w- C:\Windows\SysWow64\iesetup.dll
2014-05-24 01:25:49 109056 ----a-w- C:\Windows\SysWow64\iesysprep.dll
2014-05-24 01:25:25 1440768 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2014-05-24 01:09:41 2706432 ----a-w- C:\Windows\System32\mshtml.tlb
2014-05-24 01:03:36 2706432 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2014-05-23 22:37:13 534528 ----a-w- C:\Windows\SysWow64\uxtheme.dll
2014-05-20 01:25:42 6769096 ----a-w- C:\Windows\System32\nvcpl.dll
2014-05-20 01:25:42 3514144 ----a-w- C:\Windows\System32\nvsvc64.dll
2014-05-20 01:25:39 927520 ----a-w- C:\Windows\System32\nvvsvc.exe
2014-05-20 01:25:38 76064 ----a-w- C:\Windows\System32\nv3dappshextr.dll
2014-05-20 01:25:38 62808 ----a-w- C:\Windows\System32\nvshext.dll
2014-05-20 01:25:38 387528 ----a-w- C:\Windows\System32\nvmctray.dll
2014-05-20 01:25:38 2560968 ----a-w- C:\Windows\System32\nvsvcr.dll
2014-05-20 01:25:38 1078616 ----a-w- C:\Windows\System32\nv3dappshext.dll
2014-05-14 23:49:42 3774821 ----a-w- C:\Windows\System32\nvcoproc.bin
2014-04-25 16:23:58 660120 ----a-w- C:\Windows\SysWow64\mscomct2.ocx
2014-04-19 09:39:36 628024 ----a-w- C:\Windows\System32\NotificationUI.exe
2014-04-19 08:45:39 693760 ----a-w- C:\Windows\System32\WSShared.dll
2014-04-19 08:45:39 163840 ----a-w- C:\Windows\System32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-04-19 06:57:49 566784 ----a-w- C:\Windows\SysWow64\WSShared.dll
2014-04-19 06:57:49 124928 ----a-w- C:\Windows\SysWow64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-04-12 09:27:03 172888 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys
2014-04-12 09:10:31 578048 ----a-w- C:\Windows\System32\winlogon.exe
2014-04-12 09:09:43 208896 ----a-w- C:\Windows\System32\wdigest.dll
2014-04-12 09:09:39 1043968 ----a-w- C:\Windows\System32\usercpl.dll
2014-04-12 09:09:34 94720 ----a-w- C:\Windows\System32\TSpkg.dll
2014-04-12 09:09:19 588288 ----a-w- C:\Windows\System32\SHCore.dll
2014-04-12 09:08:37 318464 ----a-w- C:\Windows\System32\msv1_0.dll
2014-04-12 09:08:17 439808 ----a-w- C:\Windows\System32\lsm.dll
2014-04-12 09:08:17 1281536 ----a-w- C:\Windows\System32\lsasrv.dll
2014-04-12 09:08:10 827904 ----a-w- C:\Windows\System32\kerberos.dll
2014-04-12 09:07:36 20480 ----a-w- C:\Windows\System32\credssp.dll
2014-04-12 07:23:59 178688 ----a-w- C:\Windows\SysWow64\wdigest.dll
2014-04-12 07:23:52 961536 ----a-w- C:\Windows\SysWow64\usercpl.dll
2014-04-12 07:23:49 76800 ----a-w- C:\Windows\SysWow64\TSpkg.dll
2014-04-12 07:23:40 452608 ----a-w- C:\Windows\SysWow64\SHCore.dll
2014-04-12 07:23:14 273920 ----a-w- C:\Windows\SysWow64\msv1_0.dll
2014-04-12 07:22:58 666624 ----a-w- C:\Windows\SysWow64\kerberos.dll
2014-04-12 07:22:33 17408 ----a-w- C:\Windows\SysWow64\credssp.dll
2014-04-12 06:58:06 14848 ----a-w- C:\Windows\System32\workerdd.dll
2014-04-03 20:23:54 70592 ----a-w- C:\Windows\System32\drivers\cfwids.sys
2014-04-03 20:16:04 346760 ----a-w- C:\Windows\System32\drivers\mfewfpk.sys
2014-04-03 20:15:34 189912 ----a-w- C:\Windows\System32\mfevtps.exe
2014-04-03 20:10:34 784760 ----a-w- C:\Windows\System32\drivers\mfehidk.sys
2014-04-03 20:08:04 522360 ----a-w- C:\Windows\System32\drivers\mfefirek.sys
2014-04-03 20:06:04 311856 ----a-w- C:\Windows\System32\drivers\mfeavfk.sys
2014-04-03 20:03:32 177544 ----a-w- C:\Windows\System32\drivers\mfeapfk.sys
2014-04-03 19:43:16 69352 ----a-w- C:\Windows\System32\drivers\mfeelamk.sys
2014-03-28 19:19:38 35856 ----a-w- C:\Windows\System32\drivers\WdBoot.sys
2014-03-28 08:23:00 1287168 ----a-w- C:\Windows\System32\schedsvc.dll
2014-03-23 22:11:52 269592 ----a-w- C:\Windows\System32\drivers\WdFilter.sys
.
============= FINISH: 13:17:48,89 ===============
 
 
Attatch.txt
 
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 8 Single Language
Boot Device: \Device\HarddiskVolume1
Install Date: 01/03/2014 01:29:29
System Uptime: 18/06/2014 18:00:04 (67 hours ago)
.
Motherboard: Dell Inc. |  | 03X56P
Processor: Intel® Core i7-4500U CPU @ 1.80GHz | SOCKET 0 | 1801/100mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 920 GiB total, 835,756 GiB free.
D: is CDROM ()
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP18: 29/05/2014 20:45:12 - Ponto de Verificação Agendado
RP19: 10/06/2014 01:14:18 - Windows Update
RP20: 14/06/2014 21:11:35 - Windows Update
RP21: 18/06/2014 03:00:36 - Windows Update
.
==== Installed Programs ======================
.
Akamai NetSession Interface
Atualizações da NVIDIA 11.10.13
AutoCAD 2014 - English
AutoCAD 2014 - Português - Brasil (Brazilian Portuguese)
AutoCAD 2014 Language Pack - English
AutoCAD 2014 Language Pack - Português - Brasil (Brazilian Portuguese)
Autodesk 360
Autodesk App Manager
Autodesk AutoCAD 2014 - Português - Brasil (Brazilian Portuguese)
Autodesk AutoCAD 2014 Language Pack - English
Autodesk Content Service
Autodesk Content Service Language Pack
Autodesk Download Manager
Autodesk Featured Apps
Autodesk Material Library 2014
Autodesk Material Library Base Resolution Image Library 2014
Autodesk ReCap
Autodesk ReCap Language Pack-English
CyberLink LabelPrint 2.5
CyberLink Media Suite 10
CyberLink Media Suite Essentials
CyberLink Power2Go 8
CyberLink PowerDirector 10
CyberLink PowerDVD 10
D3DX10
Definition Update for Microsoft Office 2013 (KB2760587) 64-Bit Edition
Dell Backup and Recovery
Dell Backup and Recovery - Support Software
Dell Digital Delivery
Dell Touchpad
Dell WLAN and Bluetooth Client Installation
Dota 2
DSC/AA Factory Installer
FARO LS 1.1.501.0
FARO LS 1.1.501.0 (64bit)
Galeria de Fotos
GBBD Banco do Brasil
GeForce Experience NvStream Client Components
Google Chrome
Google Update Helper
Intel® Management Engine Components
Intel® Processor Graphics
Intel® Rapid Storage Technology
Intel® SDK for OpenCL - CPU Only Runtime Package
Intel® Trusted Connect Service Client
League of Legends
McAfee LiveSafe – Internet Security
Microsoft Access MUI (Portuguese (Brazil)) 2013
Microsoft Application Error Reporting
Microsoft DCF MUI (Portuguese (Brazil)) 2013
Microsoft Excel MUI (Portuguese (Brazil)) 2013
Microsoft Groove MUI (Portuguese (Brazil)) 2013
Microsoft InfoPath MUI (Portuguese (Brazil)) 2013
Microsoft Lync MUI (Portuguese (Brazil)) 2013
Microsoft Office 32-bit Components 2013
Microsoft Office OSM MUI (Portuguese (Brazil)) 2013
Microsoft Office OSM UX MUI (Portuguese (Brazil)) 2013
Microsoft Office Professional Plus 2013
Microsoft Office Proofing (Portuguese (Brazil)) 2013
Microsoft Office Proofing Tools 2013 - English
Microsoft Office Proofing Tools 2013 - Español
Microsoft Office Shared 32-bit MUI (Portuguese (Brazil)) 2013
Microsoft Office Shared MUI (Portuguese (Brazil)) 2013
Microsoft OneNote MUI (Portuguese (Brazil)) 2013
Microsoft Outlook MUI (Portuguese (Brazil)) 2013
Microsoft PowerPoint MUI (Portuguese (Brazil)) 2013
Microsoft Project MUI (Portuguese (Brazil)) 2013
Microsoft Project Professional 2013
Microsoft Publisher MUI (Portuguese (Brazil)) 2013
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2005 Redistributable (x64)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
Microsoft Word MUI (Portuguese (Brazil)) 2013
Movie Maker
MSVCRT
MSVCRT110
MSVCRT110_amd64
My Dell
NVIDIA Driver de gráficos 337.88
NVIDIA GeForce Experience 1.8.2.1
NVIDIA Install Application
NVIDIA LED Visualizer 1.0
NVIDIA Network Service
NVIDIA Optimus Update 11.10.13
NVIDIA PhysX
NVIDIA ShadowPlay 11.10.13
NVIDIA Software do sistema PhysX 9.13.1220
NVIDIA Update Core
NVIDIA Virtual Audio 1.2.20
Painel de controle da NVIDIA 337.88
Pando Media Booster
Photo Common
Photo Gallery
Qualcomm Atheros Bluetooth Suite (64)
Quickset64
Realtek High Definition Audio Driver
Revisores de Texto do Microsoft Office 2013 – Português do Brasil
Security Update for Microsoft Lync 2013 (KB2881013) 64-Bit Edition
Security Update for Microsoft Office 2013 (KB2760272) 64-Bit Edition
Security Update for Microsoft Office 2013 (KB2878316) 64-Bit Edition
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition
Shared C Run-time for x64
SHIELD Streaming
SketchUp Import for AutoCAD 2014
Steam
TechPowerUp GPU-Z
Update for Microsoft Excel 2013 (KB2881014) 64-Bit Edition
Update for Microsoft Lync 2013 (KB2850074) 64-Bit Edition
Update for Microsoft Office 2013 (KB2760344) 64-Bit Edition
Update for Microsoft Office 2013 (KB2760544) 64-Bit Edition
Update for Microsoft Office 2013 (KB2768012) 64-Bit Edition
Update for Microsoft Office 2013 (KB2817302) 64-Bit Edition
Update for Microsoft Office 2013 (KB2826040) 64-Bit Edition
Update for Microsoft Office 2013 (KB2837644) 64-Bit Edition
Update for Microsoft Office 2013 (KB2863843) 64-Bit Edition
Update for Microsoft Office 2013 (KB2878313) 64-Bit Edition
Update for Microsoft Office 2013 (KB2880457) 64-Bit Edition
Update for Microsoft Office 2013 (KB2880462) 64-Bit Edition
Update for Microsoft Office 2013 (KB2880464) 64-Bit Edition
Update for Microsoft Office 2013 (KB2880476) 64-Bit Edition
Update for Microsoft Office 2013 (KB2880478) 64-Bit Edition
Update for Microsoft Office 2013 (KB2880991) 64-Bit Edition
Update for Microsoft Office 2013 (KB2881035) 64-Bit Edition
Update for Microsoft OneDrive for Business (KB2881018) 64-Bit Edition
Update for Microsoft OneNote 2013 (KB2880458) 64-Bit Edition
Update for Microsoft Outlook 2013 (KB2880470) 64-Bit Edition
Update for Microsoft PowerPoint 2013 (KB2881000) 64-Bit Edition
Update for Microsoft Publisher 2013 (KB2726952) 64-Bit Edition
Update for Microsoft Visio Viewer 2013 (KB2817301) 64-Bit Edition
Update for Microsoft Word 2013 (KB2878319) 64-Bit Edition
Update for Microsoft Word 2013 (KB2881005) 64-Bit Edition
Windows Live Communications Platform
Windows Live Essentials
Windows Live Installer
Windows Live Photo Common
Windows Live PIMT Platform
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live UX Platform
Windows Live UX Platform Language Pack
WinRAR 5.01 (64-bit)
.
==== End Of File ===========================
 
 
Scan GMER
 
GMER 2.1.19357 - http://www.gmer.net
Rootkit scan 2014-06-21 13:33:56
Windows 6.2.9200  x64 \Device\Harddisk0\DR0 -> \Device\0000003a ST1000LM024_HN-M101MBB rev.2AR20004 931,51GB
Running: gmer.exe; Driver: C:\Users\Eduardo\AppData\Local\Temp\uwtoapow.sys
 
 
---- Kernel code sections - GMER 2.1 ----
 
.text   C:\Windows\system32\ntoskrnl.exe!KiCpuId + 988                                                                                    fffff801b44723dc 1 byte [31]
 
---- User code sections - GMER 2.1 ----
 
.text   C:\Windows\system32\mfevtps.exe[472] C:\Windows\system32\psapi.dll!GetProcessImageFileNameA + 306                                 000007ffc810177a 4 bytes [10, C8, FF, 07]
.text   C:\Windows\system32\mfevtps.exe[472] C:\Windows\system32\psapi.dll!GetProcessImageFileNameA + 314                                 000007ffc8101782 4 bytes [10, C8, FF, 07]
.text   C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe[2272] C:\Windows\system32\PSAPI.DLL!GetProcessImageFileNameA + 306       000007ffc810177a 4 bytes [10, C8, FF, 07]
.text   C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe[2272] C:\Windows\system32\PSAPI.DLL!GetProcessImageFileNameA + 314       000007ffc8101782 4 bytes [10, C8, FF, 07]
.text   C:\Windows\System32\dwm.exe[1220] C:\Windows\system32\KERNEL32.DLL!RegSetValueExW                                                 000007ffc7fd259c 8 bytes JMP 00000800c57b0340
.text   C:\Windows\System32\dwm.exe[1220] C:\Windows\system32\KERNEL32.DLL!RegQueryValueExW                                               000007ffc7fd6b00 9 bytes JMP 00000800c57b0298
.text   C:\Windows\System32\dwm.exe[1220] C:\Windows\system32\KERNEL32.DLL!K32GetModuleInformation                                        000007ffc8055908 7 bytes JMP 00000800c57b0260
.text   C:\Windows\System32\dwm.exe[1220] C:\Windows\system32\KERNEL32.DLL!RegDeleteValueW                                                000007ffc8071610 7 bytes JMP 00000800c57b02d0
.text   C:\Windows\System32\dwm.exe[1220] C:\Windows\system32\KERNEL32.DLL!K32GetMappedFileNameW                                          000007ffc80849a4 7 bytes JMP 00000800c57b0228
.text   C:\Windows\System32\dwm.exe[1220] C:\Windows\system32\KERNEL32.DLL!K32EnumProcessModulesEx                                        000007ffc8084a38 8 bytes JMP 00000800c57b01f0
.text   C:\Windows\System32\dwm.exe[1220] C:\Windows\system32\KERNEL32.DLL!RegSetValueExA                                                 000007ffc8085074 8 bytes JMP 00000800c57b0308
.text   C:\Windows\System32\dwm.exe[1220] C:\Windows\system32\KERNELBASE.dll!GetModuleHandleW                                             000007ffc57c1f70 7 bytes JMP 00000800c57b00d8
.text   C:\Windows\System32\dwm.exe[1220] C:\Windows\system32\KERNELBASE.dll!FreeLibrary                                                  000007ffc57c1ff0 5 bytes JMP 00000800c57b0180
.text   C:\Windows\System32\dwm.exe[1220] C:\Windows\system32\KERNELBASE.dll!GetModuleHandleExW                                           000007ffc57c5880 5 bytes JMP 00000800c57b0110
.text   C:\Windows\System32\dwm.exe[1220] C:\Windows\system32\KERNELBASE.dll!LoadLibraryExW                                               000007ffc57c8650 6 bytes JMP 00000800c57b0148
.text   C:\Windows\System32\dwm.exe[1220] C:\Windows\system32\KERNELBASE.dll!GetModuleFileNameExW                                         000007ffc57f0510 5 bytes JMP 00000800c57b01b8
.text   C:\Windows\System32\dwm.exe[1220] C:\Windows\system32\USER32.dll!CreateWindowExW                                                  000007ffc777c5b0 7 bytes JMP 00000800c57b0420
.text   C:\Windows\System32\dwm.exe[1220] C:\Windows\system32\USER32.dll!DisplayConfigGetDeviceInfo                                       000007ffc77831f0 1 byte JMP 00000800c57b0378
.text   C:\Windows\System32\dwm.exe[1220] C:\Windows\system32\USER32.dll!DisplayConfigGetDeviceInfo + 2                                   000007ffc77831f2 7 bytes {JMP 0xfffffffffe02d188}
.text   C:\Windows\System32\dwm.exe[1220] C:\Windows\system32\USER32.dll!EnumDisplayDevicesW                                              000007ffc77833e0 5 bytes JMP 00000800c57b03e8
.text   C:\Windows\System32\dwm.exe[1220] C:\Windows\system32\USER32.dll!ChangeDisplaySettingsExW                                         000007ffc77845d0 5 bytes JMP 00000800c57b0458
.text   C:\Windows\System32\dwm.exe[1220] C:\Windows\system32\USER32.dll!EnumDisplayDevicesA                                              000007ffc7787160 5 bytes JMP 00000800c57b03b0
.text   C:\Windows\System32\dwm.exe[1220] C:\Windows\system32\GDI32.dll!D3DKMTQueryAdapterInfo                                            000007ffc59f1070 8 bytes JMP 00000800c57b04c8
.text   C:\Windows\System32\dwm.exe[1220] C:\Windows\system32\GDI32.dll!D3DKMTGetDisplayModeList                                          000007ffc5a10bd0 8 bytes JMP 00000800c57b0490
.text   C:\Windows\System32\dwm.exe[1220] C:\Windows\System32\dxgi.dll!CreateDXGIFactory1                                                 000007ffc3826d10 5 bytes JMP 00000800c3610110
.text   C:\Windows\System32\dwm.exe[1220] C:\Windows\System32\dxgi.dll!CreateDXGIFactory                                                  000007ffc382d060 5 bytes JMP 00000800c36100d8
.text   C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe[3788] C:\Windows\SYSTEM32\MSIMG32.dll!GradientFill + 690                 000007ffc2411532 4 bytes [41, C2, FF, 07]
.text   C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe[3788] C:\Windows\SYSTEM32\MSIMG32.dll!GradientFill + 698                 000007ffc241153a 4 bytes [41, C2, FF, 07]
.text   C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe[3788] C:\Windows\SYSTEM32\MSIMG32.dll!TransparentBlt + 246               000007ffc241165a 4 bytes [41, C2, FF, 07]
.text   C:\Windows\system32\nvvsvc.exe[4720] C:\Windows\system32\MSIMG32.dll!GradientFill + 690                                           000007ffc2411532 4 bytes [41, C2, FF, 07]
.text   C:\Windows\system32\nvvsvc.exe[4720] C:\Windows\system32\MSIMG32.dll!GradientFill + 698                                           000007ffc241153a 4 bytes [41, C2, FF, 07]
.text   C:\Windows\system32\nvvsvc.exe[4720] C:\Windows\system32\MSIMG32.dll!TransparentBlt + 246                                         000007ffc241165a 4 bytes [41, C2, FF, 07]
.text   C:\Windows\system32\nvvsvc.exe[4720] C:\Windows\system32\PSAPI.DLL!GetProcessImageFileNameA + 306                                 000007ffc810177a 4 bytes [10, C8, FF, 07]
.text   C:\Windows\system32\nvvsvc.exe[4720] C:\Windows\system32\PSAPI.DLL!GetProcessImageFileNameA + 314                                 000007ffc8101782 4 bytes [10, C8, FF, 07]
.text   C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe[6936] C:\Windows\SYSTEM32\MSIMG32.dll!GradientFill + 690                           000007ffc2411532 4 bytes [41, C2, FF, 07]
.text   C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe[6936] C:\Windows\SYSTEM32\MSIMG32.dll!GradientFill + 698                           000007ffc241153a 4 bytes [41, C2, FF, 07]
.text   C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe[6936] C:\Windows\SYSTEM32\MSIMG32.dll!TransparentBlt + 246                         000007ffc241165a 4 bytes [41, C2, FF, 07]
.text   C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe[2688] C:\Windows\SYSTEM32\MSIMG32.dll!GradientFill + 690                           000007ffc2411532 4 bytes [41, C2, FF, 07]
.text   C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe[2688] C:\Windows\SYSTEM32\MSIMG32.dll!GradientFill + 698                           000007ffc241153a 4 bytes [41, C2, FF, 07]
.text   C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe[2688] C:\Windows\SYSTEM32\MSIMG32.dll!TransparentBlt + 246                         000007ffc241165a 4 bytes [41, C2, FF, 07]
.text   C:\Program Files\NVIDIA Corporation\Display\nvtray.exe[40] C:\Windows\SYSTEM32\MSIMG32.dll!GradientFill + 690                     000007ffc2411532 4 bytes [41, C2, FF, 07]
.text   C:\Program Files\NVIDIA Corporation\Display\nvtray.exe[40] C:\Windows\SYSTEM32\MSIMG32.dll!GradientFill + 698                     000007ffc241153a 4 bytes [41, C2, FF, 07]
.text   C:\Program Files\NVIDIA Corporation\Display\nvtray.exe[40] C:\Windows\SYSTEM32\MSIMG32.dll!TransparentBlt + 246                   000007ffc241165a 4 bytes [41, C2, FF, 07]
.text   C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtvStack.exe[892] C:\Windows\SYSTEM32\MSIMG32.dll!GradientFill + 690         000007ffc2411532 4 bytes [41, C2, FF, 07]
.text   C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtvStack.exe[892] C:\Windows\SYSTEM32\MSIMG32.dll!GradientFill + 698         000007ffc241153a 4 bytes [41, C2, FF, 07]
.text   C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtvStack.exe[892] C:\Windows\SYSTEM32\MSIMG32.dll!TransparentBlt + 246       000007ffc241165a 4 bytes [41, C2, FF, 07]
.text   C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtvStack.exe[892] C:\Windows\SYSTEM32\WSOCK32.dll!recvfrom + 742             000007ffb0bb1b32 4 bytes [bB, B0, FF, 07]
.text   C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtvStack.exe[892] C:\Windows\SYSTEM32\WSOCK32.dll!recvfrom + 750             000007ffb0bb1b3a 4 bytes [bB, B0, FF, 07]
.text   C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe[2360] C:\Windows\SYSTEM32\MSIMG32.dll!GradientFill + 690                         000007ffc2411532 4 bytes [41, C2, FF, 07]
.text   C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe[2360] C:\Windows\SYSTEM32\MSIMG32.dll!GradientFill + 698                         000007ffc241153a 4 bytes [41, C2, FF, 07]
.text   C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe[2360] C:\Windows\SYSTEM32\MSIMG32.dll!TransparentBlt + 246                       000007ffc241165a 4 bytes [41, C2, FF, 07]
.text   C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe[5956] C:\Windows\SYSTEM32\MSIMG32.dll!GradientFill + 690                           000007ffc2411532 4 bytes [41, C2, FF, 07]
.text   C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe[5956] C:\Windows\SYSTEM32\MSIMG32.dll!GradientFill + 698                           000007ffc241153a 4 bytes [41, C2, FF, 07]
.text   C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe[5956] C:\Windows\SYSTEM32\MSIMG32.dll!TransparentBlt + 246                         000007ffc241165a 4 bytes [41, C2, FF, 07]
.text   C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe[3908] C:\Windows\SYSTEM32\MSIMG32.dll!GradientFill + 690                           000007ffc2411532 4 bytes [41, C2, FF, 07]
.text   C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe[3908] C:\Windows\SYSTEM32\MSIMG32.dll!GradientFill + 698                           000007ffc241153a 4 bytes [41, C2, FF, 07]
.text   C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe[3908] C:\Windows\SYSTEM32\MSIMG32.dll!TransparentBlt + 246                         000007ffc241165a 4 bytes [41, C2, FF, 07]
.text   C:\Program Files\Dell\QuickSet\quickset.exe[7376] C:\Windows\system32\PSAPI.DLL!GetProcessImageFileNameA + 306                    000007ffc810177a 4 bytes [10, C8, FF, 07]
.text   C:\Program Files\Dell\QuickSet\quickset.exe[7376] C:\Windows\system32\PSAPI.DLL!GetProcessImageFileNameA + 314                    000007ffc8101782 4 bytes [10, C8, FF, 07]
.text   C:\Program Files\Dell\QuickSet\quickset.exe[7376] C:\Windows\SYSTEM32\MSIMG32.dll!GradientFill + 690                              000007ffc2411532 4 bytes [41, C2, FF, 07]
.text   C:\Program Files\Dell\QuickSet\quickset.exe[7376] C:\Windows\SYSTEM32\MSIMG32.dll!GradientFill + 698                              000007ffc241153a 4 bytes [41, C2, FF, 07]
.text   C:\Program Files\Dell\QuickSet\quickset.exe[7376] C:\Windows\SYSTEM32\MSIMG32.dll!TransparentBlt + 246                            000007ffc241165a 4 bytes [41, C2, FF, 07]
.text   C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe[3840] C:\Windows\system32\PSAPI.DLL!GetProcessImageFileNameA + 306             000007ffc810177a 4 bytes [10, C8, FF, 07]
.text   C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe[3840] C:\Windows\system32\PSAPI.DLL!GetProcessImageFileNameA + 314             000007ffc8101782 4 bytes [10, C8, FF, 07]
.text   C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe[3840] C:\Windows\SYSTEM32\MSIMG32.dll!GradientFill + 690                       000007ffc2411532 4 bytes [41, C2, FF, 07]
.text   C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe[3840] C:\Windows\SYSTEM32\MSIMG32.dll!GradientFill + 698                       000007ffc241153a 4 bytes [41, C2, FF, 07]
.text   C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe[3840] C:\Windows\SYSTEM32\MSIMG32.dll!TransparentBlt + 246                     000007ffc241165a 4 bytes [41, C2, FF, 07]
.text   C:\Program Files\Common Files\McAfee\Platform\Core\mchost.exe[7116] C:\Windows\system32\psapi.dll!GetProcessImageFileNameA + 306  000007ffc810177a 4 bytes [10, C8, FF, 07]
.text   C:\Program Files\Common Files\McAfee\Platform\Core\mchost.exe[7116] C:\Windows\system32\psapi.dll!GetProcessImageFileNameA + 314  000007ffc8101782 4 bytes [10, C8, FF, 07]
.text   C:\Windows\explorer.exe[7548] C:\Windows\system32\MSIMG32.dll!GradientFill + 690                                                  000007ffc2411532 4 bytes [41, C2, FF, 07]
.text   C:\Windows\explorer.exe[7548] C:\Windows\system32\MSIMG32.dll!GradientFill + 698                                                  000007ffc241153a 4 bytes [41, C2, FF, 07]
.text   C:\Windows\explorer.exe[7548] C:\Windows\system32\MSIMG32.dll!TransparentBlt + 246                                                000007ffc241165a 4 bytes [41, C2, FF, 07]
.text   C:\Windows\explorer.exe[7548] C:\Windows\system32\PSAPI.DLL!GetProcessImageFileNameA + 306                                        000007ffc810177a 4 bytes [10, C8, FF, 07]
.text   C:\Windows\explorer.exe[7548] C:\Windows\system32\PSAPI.DLL!GetProcessImageFileNameA + 314                                        000007ffc8101782 4 bytes [10, C8, FF, 07]
 
---- Threads - GMER 2.1 ----
 
Thread  C:\Windows\system32\csrss.exe [8140:6188]                                                                                         fffff960009585e8
 
---- Disk sectors - GMER 2.1 ----
 
Disk    \Device\Harddisk0\DR0                                                                                                             unknown MBR code
 
---- EOF - GMER 2.1 ----
 

Compartilhar este post


Link para o post
Compartilhar em outros sites
diego_moicano    472
Olá

 

Desculpe a demora :)

 

Se ainda precisa de ajuda refaça os logs, pois preciso dos mesmos com datas atualizadas: Leia Antes de Postar - Criando um novo Tópico

 

ATENÇÃO 1: Não precisa abrir um novo tópico, coloque os novos logs neste mesmo tópico, obrigado!

ATENÇÃO 2: Não edite seu tópico, use o botão responder, obrigado!

ATENÇÃO 3: Não coloque os logs entre TAGS, obrigado!

ATENÇÃO 4: Não anexe os logs, obrigado!

 

Abraços :D

Compartilhar este post


Link para o post
Compartilhar em outros sites
epslol    0
  • Autor do tópico
  • Desculpa a demora, estava em época de provas na faculdade hahaha.

     

    DDS

    DDS (Ver_2012-11-20.01) - NTFS_AMD64 
    Internet Explorer: 10.0.9200.16921
    Run by Eduardo at 22:04:30 on 2014-06-29
    Microsoft Windows 8 Single Language  6.2.9200.0.1252.55.1046.18.8096.5430 [GMT -3:00]
    .
    AV: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {ADA629C7-7F48-5689-624A-3B76997E0892}
    AV: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    SP: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {16C7C823-5972-5907-58FA-0004E2F9422F}
    SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    FW: McAfee Firewall *Enabled* {959DA8E2-3527-57D1-4915-924367AD4FE9}
    .
    ============== Running Processes ===============
    .
    C:\Windows\system32\svchost.exe -k DcomLaunch
    C:\Windows\system32\nvvsvc.exe
    C:\PROGRA~2\GbPlugin\GbpSv.exe
    C:\Windows\system32\svchost.exe -k RPCSS
    C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
    C:\Windows\system32\svchost.exe -k netsvcs
    C:\Windows\system32\svchost.exe -k LocalService
    C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
    C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
    C:\Windows\system32\svchost.exe -k NetworkService
    C:\Windows\System32\spoolsv.exe
    C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
    C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
    C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\adminservice.exe
    C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe
    C:\Windows\system32\dashost.exe
    c:\Program Files\Intel\iCLS Client\HeciServer.exe
    C:\Windows\system32\mfevtps.exe
    C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
    C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
    C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
    C:\Windows\system32\svchost.exe -k imgsvc
    C:\Program Files (x86)\Dell Wireless\Ath_WlanAgent.exe
    C:\Program Files\McAfee\MSC\McAPExe.exe
    C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe
    C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
    C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
    C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
    C:\Windows\system32\SearchIndexer.exe
    C:\Windows\system32\SppExtComObj.exe
    C:\Windows\system32\wbem\wmiprvse.exe
    c:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe
    C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
    C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
    C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
    C:\Program Files (x86)\Dell Backup and Recovery\SftService.exe
    C:\Program Files\Windows Media Player\wmpnetwk.exe
    C:\Windows\System32\svchost.exe -k LocalServicePeerNet
    C:\Windows\System32\dwm.exe
    C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
    C:\Windows\system32\nvvsvc.exe
    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
    C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
    C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
    C:\Windows\system32\taskhostex.exe
    C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe\LiveComm.exe
    C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
    C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
    C:\Windows\System32\RuntimeBroker.exe
    C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
    C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtvStack.exe
    C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\ActivateDesktop.exe
    C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
    C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
    C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
    C:\Program Files\Dell\QuickSet\quickset.exe
    C:\Windows\System32\igfxtray.exe
    C:\Windows\system32\igfxsrvc.exe
    C:\Windows\System32\hkcmd.exe
    C:\Windows\System32\igfxpers.exe
    C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
    C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
    C:\Windows\system32\wwahost.exe
    C:\Program Files (x86)\Dell Backup and Recovery\Components\DBRUpdate\DBRUpd.exe
    C:\Windows\system32\wwahost.exe
    C:\Program Files\Common Files\Autodesk Shared\WSCommCntr4\lib\WSCommCntr4.exe
    C:\Windows\explorer.exe
    C:\Windows\SysWOW64\cmd.exe
    C:\Users\Eduardo\AppData\Local\Akamai\netsession_win.exe
    C:\Users\Eduardo\AppData\Local\Akamai\netsession_win.exe
    C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
    C:\Program Files\My Dell\uaclauncher.exe
    C:\Program Files\Common Files\McAfee\Platform\mcuicnt.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Windows\syswow64\wwahost.exe
    C:\Windows\system32\taskeng.exe
    C:\Windows\system32\wbem\wmiprvse.exe
    C:\Windows\System32\cscript.exe
    .
    ============== Pseudo HJT Report ===============
    .
    uStart Page = about:blank
    mStart Page = about:blank
    uProxyOverride = <local>
    mWinlogon: Userinit = userinit.exe
    BHO: Lync Browser Helper: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
    BHO: GbIehObj Class: {C41A1C0E-EA6C-11D4-B1B8-444553540000} - C:\Program Files (x86)\GbPlugin\gbieh.dll
    BHO: Microsoft SkyDrive Pro Browser Helper: {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL
    uRun: [Akamai NetSession Interface] "C:\Users\Eduardo\AppData\Local\Akamai\netsession_win.exe"
    uRun: [Autodesk Sync] C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe
    uRun: [GoogleChromeAutoLaunch_5067CAB4F02DB410F3160A138613072A] "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window
    mRun: [RemoteControl10] "C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe"
    mRun: [mcpltui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
    mRun: [ADSK DLMSession] C:\Program Files (x86)\Common Files\Autodesk Shared\Autodesk Download Manager\DLMSession.exe
    dRun: [Autodesk Sync] C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe
    mExplorerRun: [btvStack] "C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtvStack.exe"
    mPolicies-System: DisableCAD = dword:1
    mPolicies-Windows\System: EnableSmartScreen = dword:0
    IE: &Enviar para o OneNote - C:\PROGRA~1\MICROS~1\Office15\ONBttnIE.dll/105
    IE: E&xportar para o Microsoft Excel - C:\PROGRA~1\MICROS~1\Office15\EXCEL.EXE/3000
    IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
    IE: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
    IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
    TCP: NameServer = 208.67.222.222 208.67.220.220
    TCP: Interfaces\{7E6AA193-83A3-4D7C-9301-567A8071731E} : DHCPNameServer = 208.67.222.222 208.67.220.220
    TCP: Interfaces\{7E6AA193-83A3-4D7C-9301-567A8071731E}\07C616E64716F60246F6D696E676F6 : DHCPNameServer = 192.168.1.1 192.168.1.1
    TCP: Interfaces\{7E6AA193-83A3-4D7C-9301-567A8071731E}\46F6D696E676F6 : DHCPNameServer = 192.168.1.1
    TCP: Interfaces\{7E6AA193-83A3-4D7C-9301-567A8071731E}\54D414E45554C413 : DHCPNameServer = 192.168.1.1
    TCP: Interfaces\{7E6AA193-83A3-4D7C-9301-567A8071731E}\C4142494E4430353 : DHCPNameServer = 10.1.200.195 10.1.200.197
    TCP: Interfaces\{7E6AA193-83A3-4D7C-9301-567A8071731E}\E455452594655425359445142594F435 : DHCPNameServer = 192.168.1.1
    TCP: Interfaces\{AF0C7456-51AB-4DBB-B14E-29180AEA273F} : DHCPNameServer = 10.1.200.195 10.1.200.197
    Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\msc\McSnIePl.dll
    Filter: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL
    Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLL
    Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
    Notify:  GbPluginBb - C:\Program Files (x86)\GbPlugin\gbieh.dll
    AppInit_DLLs= C:\Windows\SysWOW64\nvinit.dll
    SSODL: WebCheck - <orphaned>
    SEH: GbPluginObj Class - {E37CB5F0-51F5-4395-A808-5FA49E399F83} - C:\Program Files (x86)\GbPlugin\gbieh.dll
    mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
    x64-mStart Page = about:blank
    x64-BHO: Lync Browser Helper: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office15\OCHelper.dll
    x64-BHO: CIESpeechBHO Class: {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\IEPlugIn.dll
    x64-BHO: Microsoft SkyDrive Pro Browser Helper: {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL
    x64-Run: [RTHDVCPL] "C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s
    x64-Run: [RtHDVBg] "C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /MAXX4P1
    x64-Run: [RtHDVBg_PushButton] "C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /IM
    x64-Run: [iAStorIcon] "C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIconLaunch.exe" "C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe" 60
    x64-Run: [QuickSet] c:\Program Files\Dell\QuickSet\QuickSet.exe
    x64-Run: [igfxTray] "C:\Windows\System32\igfxtray.exe"
    x64-Run: [HotKeysCmds] "C:\Windows\System32\hkcmd.exe"
    x64-Run: [Persistence] "C:\Windows\System32\igfxpers.exe"
    x64-Run: [NvBackend] "C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
    x64-Run: [shadowPlay] C:\Windows\System32\rundll32.exe C:\Windows\System32\nvspcap64.dll,ShadowPlayOnSystemStart
    x64-ExplorerRun: [btvStack] "C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtvStack.exe"
    x64-mPolicies-System: DisableCAD = dword:1
    x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office15\ONBttnIE.dll
    x64-IE: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office15\OCHelper.dll
    x64-IE: {7815BE26-237D-41A8-A98F-F7BD75F71086} - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\IEPlugIn.dll
    x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
    x64-Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\mcafee\msc\McSnIePl64.dll
    x64-Filter: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL
    x64-Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL
    x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
    x64-Notify: igfxcui - igfxdev.dll
    x64-SSODL: WebCheck - <orphaned>
    .
    ============= SERVICES / DRIVERS ===============
    .
    R0 iaStorA;iaStorA;C:\Windows\System32\Drivers\iaStorA.sys [2014-1-16 644968]
    R0 mfehidk;McAfee Inc. mfehidk;C:\Windows\System32\Drivers\mfehidk.sys [2012-11-9 784760]
    R0 mfewfpk;McAfee Inc. mfewfpk;C:\Windows\System32\Drivers\mfewfpk.sys [2012-11-9 346760]
    R0 nvpciflt;nvpciflt;C:\Windows\System32\Drivers\nvpciflt.sys [2014-6-17 32544]
    R1 CLVirtualDrive;CLVirtualDrive;C:\Windows\System32\Drivers\CLVirtualDrive.sys [2014-1-15 92536]
    R2 AERTFilters;Andrea RT Filters Service;C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe [2014-1-16 98208]
    R2 AtherosSvc;AtherosSvc;C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\AdminService.exe [2013-7-2 312448]
    R2 Autodesk Content Service;Autodesk Content Service;C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [2012-12-13 12288]
    R2 DellDigitalDelivery;Dell Digital Delivery Service;C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe [2014-1-13 198664]
    R2 GbpSv;Gbp Service;C:\PROGRA~2\GbPlugin\GbpSv.exe [2014-3-9 519720]
    R2 HomeNetSvc;McAfee Home Network;C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [2014-1-15 328928]
    R2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2013-8-30 15720]
    R2 Intel® Capability Licensing Service Interface;Intel® Capability Licensing Service Interface;C:\Program Files\Intel\iCLS Client\HeciServer.exe [2013-5-11 733696]
    R2 jhi_service;Intel® Dynamic Application Loader Host Interface Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [2014-1-15 169432]
    R2 McAPExe;McAfee AP Service;C:\Program Files\mcafee\msc\McAPExe.exe [2012-11-30 178528]
    R2 McMPFSvc;McAfee Personal Firewall Service;C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [2014-1-15 328928]
    R2 McNaiAnn;McAfee VirusScan Announcer;C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [2014-1-15 328928]
    R2 McOobeSv2;McAfee OOBE Service2;C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [2014-1-15 328928]
    R2 mcpltsvc;McAfee Platform Services;C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [2014-1-15 328928]
    R2 McProxy;McAfee Proxy Service;C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [2014-1-15 328928]
    R2 mfecore;McAfee Anti-Malware Core;C:\Program Files\Common Files\mcafee\AMCore\mcshield.exe [2014-1-15 1041192]
    R2 mfefire;McAfee Firewall Core Service;C:\Program Files\Common Files\mcafee\systemcore\mfefire.exe [2014-1-15 219752]
    R2 mfevtp;McAfee Validation Trust Protection Service;C:\Windows\System32\mfevtps.exe [2014-1-15 189912]
    R2 NvNetworkService;NVIDIA Network Service;C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2014-3-1 1593632]
    R2 NvStreamSvc;NVIDIA Streamer Service;C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2014-3-1 16941856]
    R2 RtkAudioService;Realtek Audio Service;C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [2014-1-16 245832]
    R2 SftService;SoftThinks Agent Service;C:\Program Files (x86)\Dell Backup and Recovery\SftService.exe [2014-1-15 1915480]
    R2 ZAtheros Wlan Agent;ZAtheros Wlan Agent;C:\Program Files (x86)\Dell Wireless\Ath_WlanAgent.exe [2014-1-15 81536]
    R3 AthBTPort;Qualcomm Atheros Virtual Bluetooth Class;C:\Windows\System32\Drivers\btath_flt.sys [2013-7-2 89800]
    R3 BTATH_A2DP;Bluetooth A2DP Audio Driver;C:\Windows\System32\Drivers\btath_a2dp.sys [2013-7-2 347336]
    R3 btath_avdt;Qualcomm Atheros Bluetooth AVDT Service;C:\Windows\System32\Drivers\btath_avdt.sys [2013-7-2 116424]
    R3 BTATH_BUS;Qualcomm Atheros Bluetooth Bus;C:\Windows\System32\Drivers\btath_bus.sys [2014-1-16 34384]
    R3 BTATH_HCRP;Bluetooth HCRP Server driver;C:\Windows\System32\Drivers\btath_hcrp.sys [2014-1-16 179432]
    R3 BTATH_LWFLT;Bluetooth LWFLT Device;C:\Windows\System32\Drivers\btath_lwflt.sys [2013-7-2 77464]
    R3 BTATH_RCP;Bluetooth AVRCP Device;C:\Windows\System32\Drivers\btath_rcp.sys [2014-1-16 137928]
    R3 BtFilter;BtFilter;C:\Windows\System32\Drivers\btfilter.sys [2014-1-16 589000]
    R3 BthLEEnum;Driver de Baixa Energia do Bluetooth;C:\Windows\System32\Drivers\BthLEEnum.sys [2012-7-25 202752]
    R3 cfwids;McAfee Inc. cfwids;C:\Windows\System32\Drivers\cfwids.sys [2012-11-9 70592]
    R3 DellRbtn;Airplane Mode Switch;C:\Windows\System32\Drivers\DellRbtn.sys [2014-1-16 10752]
    R3 mfeavfk;McAfee Inc. mfeavfk;C:\Windows\System32\Drivers\mfeavfk.sys [2012-11-9 311856]
    R3 mfefirek;McAfee Inc. mfefirek;C:\Windows\System32\Drivers\mfefirek.sys [2012-11-9 522360]
    R3 mfencbdc;McAfee Inc. mfencbdc;C:\Windows\System32\Drivers\mfencbdc.sys [2014-3-18 441264]
    R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);C:\Windows\System32\Drivers\nvvad64v.sys [2014-3-1 39200]
    R3 RTL8168;Realtek 8168 NT Driver;C:\Windows\System32\Drivers\Rt630x64.sys [2014-1-16 792648]
    R3 SmbDrvI;SmbDrvI;C:\Windows\System32\Drivers\Smb_driver_Intel.sys [2014-1-16 31984]
    S0 mfeelamk;McAfee Inc. mfeelamk;C:\Windows\System32\Drivers\mfeelamk.sys [2012-11-9 69352]
    S2 0195971403762887mcinstcleanup;McAfee Application Installer Cleanup (0195971403762887);C:\Windows\TEMP\019597~1.EXE -cleanup -nolog --> C:\Windows\TEMP\019597~1.EXE -cleanup -nolog [?]
    S3 AthDfu;Qualcomm Atheros Valkyrie USB BootROM;C:\Windows\System32\Drivers\AthDfu.sys [2014-1-16 55448]
    S3 FlexNet Licensing Service 64;FlexNet Licensing Service 64;C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2014-3-2 1471352]
    S3 HipShieldK;McAfee Inc. HipShieldK;C:\Windows\System32\Drivers\HipShieldK.sys [2014-4-8 197704]
    S3 IntcDAud;Áudio do vídeo Intel®;C:\Windows\System32\Drivers\IntcDAud.sys [2014-1-16 452088]
    S3 Intel® Capability Licensing Service TCP IP Interface;Intel® Capability Licensing Service TCP IP Interface;C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2013-5-11 822232]
    S3 lehidmini;Bluetooth Low Energy Hid Device;C:\Windows\System32\Drivers\leath_hid.sys [2014-1-16 39704]
    S3 McAWFwk;McAfee Activation Service;C:\PROGRA~1\COMMON~1\mcafee\actwiz\mcawfwk.exe [2014-1-15 334760]
    S3 mfencrk;McAfee Inc. mfencrk;C:\Windows\System32\Drivers\mfencrk.sys [2014-3-18 96592]
    S3 ose64;Office 64 Source Engine;C:\Program Files\Common Files\microsoft shared\Source Engine\OSE.EXE [2014-1-23 178760]
    S3 qca_shb;Qualcomm Atheros UART Bus Driver;C:\Windows\System32\Drivers\qca_shb.sys [2014-1-16 99328]
    S3 WSDScan;Suporte para Digitalização WSD;C:\Windows\System32\Drivers\WSDScan.sys [2014-1-16 23552]
    S3 WUDFWpdMtp;WUDFWpdMtp;C:\Windows\System32\Drivers\WUDFRd.sys [2012-7-25 198656]
    .
    =============== File Associations ===============
    .
    FileExt: .scr: AutoCADScriptFile=C:\Windows\System32\notepad.exe "%1"
    .
    =============== Created Last 30 ================
    .
    2014-06-26 00:35:34 -------- d-----w- C:\Users\Eduardo\AppData\Local\ElevatedDiagnostics
    2014-06-17 23:20:56 -------- d-----w- C:\Windows\SysWow64\NV
    2014-06-17 23:20:56 -------- d-----w- C:\Windows\System32\NV
    2014-06-15 00:19:32 619008 ----a-w- C:\Windows\System32\drivers\srv2.sys
    2014-06-15 00:19:32 328024 ----a-w- C:\Windows\System32\drivers\Classpnp.sys
    2014-06-15 00:19:32 309760 ----a-w- C:\Windows\System32\wusa.exe
    2014-06-15 00:19:32 305152 ----a-w- C:\Windows\SysWow64\wusa.exe
    2014-06-14 23:28:13 1301504 ----a-w- C:\Windows\System32\gdi32.dll
    2014-06-14 23:28:13 1023488 ----a-w- C:\Windows\SysWow64\gdi32.dll
    2014-06-14 23:17:39 3246592 ----a-w- C:\Windows\System32\rdpcorets.dll
    2014-06-14 23:17:38 235520 ----a-w- C:\Windows\System32\rdpudd.dll
    2014-06-14 22:28:23 2233176 ----a-w- C:\Windows\System32\drivers\tcpip.sys
    2014-06-14 22:27:45 1845760 ----a-w- C:\Windows\System32\msxml3.dll
    2014-06-14 22:27:45 1419264 ----a-w- C:\Windows\SysWow64\msxml3.dll
    2014-06-14 21:50:29 283312 ----a-w- C:\ProgramData\Microsoft\Windows\Sqm\Manifest\Sqm10242.bin
    2014-06-10 17:41:52 -------- d-----w- C:\Users\Eduardo\AppData\Local\Autodesk, Inc
    .
    ==================== Find3M  ====================
    .
    2014-05-31 05:16:07 703992 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
    2014-05-31 05:16:07 105464 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
    2014-05-24 02:47:54 2239488 ----a-w- C:\Windows\System32\wininet.dll
    2014-05-24 02:47:45 915968 ----a-w- C:\Windows\System32\uxtheme.dll
    2014-05-24 02:47:44 53760 ----a-w- C:\Windows\System32\UXInit.dll
    2014-05-24 02:46:15 3958784 ----a-w- C:\Windows\System32\jscript9.dll
    2014-05-24 02:46:07 67072 ----a-w- C:\Windows\System32\iesetup.dll
    2014-05-24 02:46:07 136704 ----a-w- C:\Windows\System32\iesysprep.dll
    2014-05-24 02:45:26 1508864 ----a-w- C:\Windows\System32\inetcpl.cpl
    2014-05-24 01:26:54 1766400 ----a-w- C:\Windows\SysWow64\wininet.dll
    2014-05-24 01:26:46 44032 ----a-w- C:\Windows\SysWow64\UXInit.dll
    2014-05-24 01:25:52 2862080 ----a-w- C:\Windows\SysWow64\jscript9.dll
    2014-05-24 01:25:49 61440 ----a-w- C:\Windows\SysWow64\iesetup.dll
    2014-05-24 01:25:49 109056 ----a-w- C:\Windows\SysWow64\iesysprep.dll
    2014-05-24 01:25:25 1440768 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
    2014-05-24 01:09:41 2706432 ----a-w- C:\Windows\System32\mshtml.tlb
    2014-05-24 01:03:36 2706432 ----a-w- C:\Windows\SysWow64\mshtml.tlb
    2014-05-23 22:37:13 534528 ----a-w- C:\Windows\SysWow64\uxtheme.dll
    2014-05-20 01:25:42 6769096 ----a-w- C:\Windows\System32\nvcpl.dll
    2014-05-20 01:25:42 3514144 ----a-w- C:\Windows\System32\nvsvc64.dll
    2014-05-20 01:25:39 927520 ----a-w- C:\Windows\System32\nvvsvc.exe
    2014-05-20 01:25:38 76064 ----a-w- C:\Windows\System32\nv3dappshextr.dll
    2014-05-20 01:25:38 62808 ----a-w- C:\Windows\System32\nvshext.dll
    2014-05-20 01:25:38 387528 ----a-w- C:\Windows\System32\nvmctray.dll
    2014-05-20 01:25:38 2560968 ----a-w- C:\Windows\System32\nvsvcr.dll
    2014-05-20 01:25:38 1078616 ----a-w- C:\Windows\System32\nv3dappshext.dll
    2014-05-14 23:49:42 3774821 ----a-w- C:\Windows\System32\nvcoproc.bin
    2014-04-25 16:23:58 660120 ----a-w- C:\Windows\SysWow64\mscomct2.ocx
    2014-04-19 09:39:36 628024 ----a-w- C:\Windows\System32\NotificationUI.exe
    2014-04-19 08:45:39 693760 ----a-w- C:\Windows\System32\WSShared.dll
    2014-04-19 08:45:39 163840 ----a-w- C:\Windows\System32\Windows.ApplicationModel.Store.TestingFramework.dll
    2014-04-19 06:57:49 566784 ----a-w- C:\Windows\SysWow64\WSShared.dll
    2014-04-19 06:57:49 124928 ----a-w- C:\Windows\SysWow64\Windows.ApplicationModel.Store.TestingFramework.dll
    2014-04-12 09:27:03 172888 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys
    2014-04-12 09:10:31 578048 ----a-w- C:\Windows\System32\winlogon.exe
    2014-04-12 09:09:43 208896 ----a-w- C:\Windows\System32\wdigest.dll
    2014-04-12 09:09:39 1043968 ----a-w- C:\Windows\System32\usercpl.dll
    2014-04-12 09:09:34 94720 ----a-w- C:\Windows\System32\TSpkg.dll
    2014-04-12 09:09:19 588288 ----a-w- C:\Windows\System32\SHCore.dll
    2014-04-12 09:08:37 318464 ----a-w- C:\Windows\System32\msv1_0.dll
    2014-04-12 09:08:17 439808 ----a-w- C:\Windows\System32\lsm.dll
    2014-04-12 09:08:17 1281536 ----a-w- C:\Windows\System32\lsasrv.dll
    2014-04-12 09:08:10 827904 ----a-w- C:\Windows\System32\kerberos.dll
    2014-04-12 09:07:36 20480 ----a-w- C:\Windows\System32\credssp.dll
    2014-04-12 07:23:59 178688 ----a-w- C:\Windows\SysWow64\wdigest.dll
    2014-04-12 07:23:52 961536 ----a-w- C:\Windows\SysWow64\usercpl.dll
    2014-04-12 07:23:49 76800 ----a-w- C:\Windows\SysWow64\TSpkg.dll
    2014-04-12 07:23:40 452608 ----a-w- C:\Windows\SysWow64\SHCore.dll
    2014-04-12 07:23:14 273920 ----a-w- C:\Windows\SysWow64\msv1_0.dll
    2014-04-12 07:22:58 666624 ----a-w- C:\Windows\SysWow64\kerberos.dll
    2014-04-12 07:22:33 17408 ----a-w- C:\Windows\SysWow64\credssp.dll
    2014-04-12 06:58:06 14848 ----a-w- C:\Windows\System32\workerdd.dll
    2014-04-03 20:23:54 70592 ----a-w- C:\Windows\System32\drivers\cfwids.sys
    2014-04-03 20:16:04 346760 ----a-w- C:\Windows\System32\drivers\mfewfpk.sys
    2014-04-03 20:15:34 189912 ----a-w- C:\Windows\System32\mfevtps.exe
    2014-04-03 20:10:34 784760 ----a-w- C:\Windows\System32\drivers\mfehidk.sys
    2014-04-03 20:08:04 522360 ----a-w- C:\Windows\System32\drivers\mfefirek.sys
    2014-04-03 20:06:04 311856 ----a-w- C:\Windows\System32\drivers\mfeavfk.sys
    2014-04-03 20:03:32 177544 ----a-w- C:\Windows\System32\drivers\mfeapfk.sys
    2014-04-03 19:43:16 69352 ----a-w- C:\Windows\System32\drivers\mfeelamk.sys
    .
    ============= FINISH: 22:05:14,02 ===============
     
     
    attach
     
    .
    UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
    IF REQUESTED, ZIP IT UP & ATTACH IT
    .
    DDS (Ver_2012-11-20.01)
    .
    Microsoft Windows 8 Single Language
    Boot Device: \Device\HarddiskVolume1
    Install Date: 01/03/2014 01:29:29
    System Uptime: 25/06/2014 21:27:52 (97 hours ago)
    .
    Motherboard: Dell Inc. |  | 03X56P
    Processor: Intel® Core i7-4500U CPU @ 1.80GHz | SOCKET 0 | 1801/100mhz
    .
    ==== Disk Partitions =========================
    .
    C: is FIXED (NTFS) - 920 GiB total, 835,782 GiB free.
    D: is CDROM ()
    .
    ==== Disabled Device Manager Items =============
    .
    ==== System Restore Points ===================
    .
    RP19: 10/06/2014 01:14:18 - Windows Update
    RP20: 14/06/2014 21:11:35 - Windows Update
    RP21: 18/06/2014 03:00:36 - Windows Update
    .
    ==== Installed Programs ======================
    .
    Akamai NetSession Interface
    Atualizações da NVIDIA 11.10.13
    AutoCAD 2014 - English
    AutoCAD 2014 - Português - Brasil (Brazilian Portuguese)
    AutoCAD 2014 Language Pack - English
    AutoCAD 2014 Language Pack - Português - Brasil (Brazilian Portuguese)
    Autodesk 360
    Autodesk App Manager
    Autodesk AutoCAD 2014 - Português - Brasil (Brazilian Portuguese)
    Autodesk AutoCAD 2014 Language Pack - English
    Autodesk Content Service
    Autodesk Content Service Language Pack
    Autodesk Download Manager
    Autodesk Featured Apps
    Autodesk Material Library 2014
    Autodesk Material Library Base Resolution Image Library 2014
    Autodesk ReCap
    Autodesk ReCap Language Pack-English
    CyberLink LabelPrint 2.5
    CyberLink Media Suite 10
    CyberLink Media Suite Essentials
    CyberLink Power2Go 8
    CyberLink PowerDirector 10
    CyberLink PowerDVD 10
    D3DX10
    Definition Update for Microsoft Office 2013 (KB2760587) 64-Bit Edition
    Dell Backup and Recovery
    Dell Backup and Recovery - Support Software
    Dell Digital Delivery
    Dell Touchpad
    Dell WLAN and Bluetooth Client Installation
    Dota 2
    DSC/AA Factory Installer
    FARO LS 1.1.501.0
    FARO LS 1.1.501.0 (64bit)
    Galeria de Fotos
    GBBD Banco do Brasil
    GeForce Experience NvStream Client Components
    Google Chrome
    Google Update Helper
    Intel® Management Engine Components
    Intel® Processor Graphics
    Intel® Rapid Storage Technology
    Intel® SDK for OpenCL - CPU Only Runtime Package
    Intel® Trusted Connect Service Client
    League of Legends
    McAfee LiveSafe – Internet Security
    Microsoft Access MUI (Portuguese (Brazil)) 2013
    Microsoft Application Error Reporting
    Microsoft DCF MUI (Portuguese (Brazil)) 2013
    Microsoft Excel MUI (Portuguese (Brazil)) 2013
    Microsoft Groove MUI (Portuguese (Brazil)) 2013
    Microsoft InfoPath MUI (Portuguese (Brazil)) 2013
    Microsoft Lync MUI (Portuguese (Brazil)) 2013
    Microsoft Office 32-bit Components 2013
    Microsoft Office OSM MUI (Portuguese (Brazil)) 2013
    Microsoft Office OSM UX MUI (Portuguese (Brazil)) 2013
    Microsoft Office Professional Plus 2013
    Microsoft Office Proofing (Portuguese (Brazil)) 2013
    Microsoft Office Proofing Tools 2013 - English
    Microsoft Office Proofing Tools 2013 - Español
    Microsoft Office Shared 32-bit MUI (Portuguese (Brazil)) 2013
    Microsoft Office Shared MUI (Portuguese (Brazil)) 2013
    Microsoft OneNote MUI (Portuguese (Brazil)) 2013
    Microsoft Outlook MUI (Portuguese (Brazil)) 2013
    Microsoft PowerPoint MUI (Portuguese (Brazil)) 2013
    Microsoft Project MUI (Portuguese (Brazil)) 2013
    Microsoft Project Professional 2013
    Microsoft Publisher MUI (Portuguese (Brazil)) 2013
    Microsoft SQL Server 2005 Compact Edition [ENU]
    Microsoft Visual C++ 2005 Redistributable
    Microsoft Visual C++ 2005 Redistributable (x64)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
    Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219
    Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
    Microsoft Word MUI (Portuguese (Brazil)) 2013
    Movie Maker
    MSVCRT
    MSVCRT110
    MSVCRT110_amd64
    My Dell
    NVIDIA Driver de gráficos 337.88
    NVIDIA GeForce Experience 1.8.2.1
    NVIDIA Install Application
    NVIDIA LED Visualizer 1.0
    NVIDIA Network Service
    NVIDIA Optimus Update 11.10.13
    NVIDIA PhysX
    NVIDIA ShadowPlay 11.10.13
    NVIDIA Software do sistema PhysX 9.13.1220
    NVIDIA Update Core
    NVIDIA Virtual Audio 1.2.20
    Painel de controle da NVIDIA 337.88
    Pando Media Booster
    Photo Common
    Photo Gallery
    Qualcomm Atheros Bluetooth Suite (64)
    Quickset64
    Realtek High Definition Audio Driver
    Revisores de Texto do Microsoft Office 2013 – Português do Brasil
    Security Update for Microsoft Lync 2013 (KB2881013) 64-Bit Edition
    Security Update for Microsoft Office 2013 (KB2760272) 64-Bit Edition
    Security Update for Microsoft Office 2013 (KB2878316) 64-Bit Edition
    Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition
    Shared C Run-time for x64
    SHIELD Streaming
    SketchUp Import for AutoCAD 2014
    Steam
    TechPowerUp GPU-Z
    Update for Microsoft Excel 2013 (KB2881014) 64-Bit Edition
    Update for Microsoft Lync 2013 (KB2850074) 64-Bit Edition
    Update for Microsoft Office 2013 (KB2760344) 64-Bit Edition
    Update for Microsoft Office 2013 (KB2760544) 64-Bit Edition
    Update for Microsoft Office 2013 (KB2768012) 64-Bit Edition
    Update for Microsoft Office 2013 (KB2817302) 64-Bit Edition
    Update for Microsoft Office 2013 (KB2826040) 64-Bit Edition
    Update for Microsoft Office 2013 (KB2837644) 64-Bit Edition
    Update for Microsoft Office 2013 (KB2863843) 64-Bit Edition
    Update for Microsoft Office 2013 (KB2878313) 64-Bit Edition
    Update for Microsoft Office 2013 (KB2880457) 64-Bit Edition
    Update for Microsoft Office 2013 (KB2880462) 64-Bit Edition
    Update for Microsoft Office 2013 (KB2880464) 64-Bit Edition
    Update for Microsoft Office 2013 (KB2880476) 64-Bit Edition
    Update for Microsoft Office 2013 (KB2880478) 64-Bit Edition
    Update for Microsoft Office 2013 (KB2880991) 64-Bit Edition
    Update for Microsoft Office 2013 (KB2881035) 64-Bit Edition
    Update for Microsoft OneDrive for Business (KB2881018) 64-Bit Edition
    Update for Microsoft OneNote 2013 (KB2880458) 64-Bit Edition
    Update for Microsoft Outlook 2013 (KB2880470) 64-Bit Edition
    Update for Microsoft PowerPoint 2013 (KB2881000) 64-Bit Edition
    Update for Microsoft Publisher 2013 (KB2726952) 64-Bit Edition
    Update for Microsoft Visio Viewer 2013 (KB2817301) 64-Bit Edition
    Update for Microsoft Word 2013 (KB2878319) 64-Bit Edition
    Update for Microsoft Word 2013 (KB2881005) 64-Bit Edition
    Windows Live Communications Platform
    Windows Live Essentials
    Windows Live Installer
    Windows Live Photo Common
    Windows Live PIMT Platform
    Windows Live SOXE
    Windows Live SOXE Definitions
    Windows Live UX Platform
    Windows Live UX Platform Language Pack
    WinRAR 5.01 (64-bit)
    .
    ==== End Of File ===========================

     
    gmer
    GMER 2.1.19357 - http://www.gmer.net
    Rootkit scan 2014-06-29 22:20:23
    Windows 6.2.9200  x64 \Device\Harddisk0\DR0 -> \Device\0000003a ST1000LM024_HN-M101MBB rev.2AR20004 931,51GB
    Running: gmer.exe; Driver: C:\Users\Eduardo\AppData\Local\Temp\uwtoapow.sys
     
     
    ---- Kernel code sections - GMER 2.1 ----
     
    .text    C:\Windows\system32\ntoskrnl.exe!KiCpuId + 988                                                                                                                                                                                                                fffff80035ec83dc 1 byte [31]
    .text    C:\Windows\System32\win32k.sys!W32pServiceTable                                                                                                                                                                                                               fffff9600022de00 7 bytes [00, 77, 82, 01, 00, 57, F2]
    .text    C:\Windows\System32\win32k.sys!W32pServiceTable + 8                                                                                                                                                                                                           fffff9600022de08 7 bytes [01, 42, C0, FF, 00, 17, DB]
     
    ---- User code sections - GMER 2.1 ----
     
    .text    C:\Windows\system32\mfevtps.exe[1444] C:\Windows\system32\psapi.dll!GetProcessImageFileNameA + 306                                                                                                                                                            000007fd262b177a 4 bytes [2B, 26, FD, 07]
    .text    C:\Windows\system32\mfevtps.exe[1444] C:\Windows\system32\psapi.dll!GetProcessImageFileNameA + 314                                                                                                                                                            000007fd262b1782 4 bytes [2B, 26, FD, 07]
    .text    C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe[2236] C:\Windows\system32\PSAPI.DLL!GetProcessImageFileNameA + 306                                                                                                                                   000007fd262b177a 4 bytes [2B, 26, FD, 07]
    .text    C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe[2236] C:\Windows\system32\PSAPI.DLL!GetProcessImageFileNameA + 314                                                                                                                                   000007fd262b1782 4 bytes [2B, 26, FD, 07]
    .text    C:\Windows\System32\dwm.exe[6560] C:\Windows\system32\KERNEL32.DLL!RegSetValueExW                                                                                                                                                                             000007fd23d2259c 8 bytes JMP 000007fe238d0340
    .text    C:\Windows\System32\dwm.exe[6560] C:\Windows\system32\KERNEL32.DLL!RegQueryValueExW                                                                                                                                                                           000007fd23d26b00 9 bytes JMP 000007fe238d0298
    .text    C:\Windows\System32\dwm.exe[6560] C:\Windows\system32\KERNEL32.DLL!K32GetModuleInformation                                                                                                                                                                    000007fd23da5908 7 bytes JMP 000007fe238d0260
    .text    C:\Windows\System32\dwm.exe[6560] C:\Windows\system32\KERNEL32.DLL!RegDeleteValueW                                                                                                                                                                            000007fd23dc1610 7 bytes JMP 000007fe238d02d0
    .text    C:\Windows\System32\dwm.exe[6560] C:\Windows\system32\KERNEL32.DLL!K32GetMappedFileNameW                                                                                                                                                                      000007fd23dd49a4 7 bytes JMP 000007fe238d0228
    .text    C:\Windows\System32\dwm.exe[6560] C:\Windows\system32\KERNEL32.DLL!K32EnumProcessModulesEx                                                                                                                                                                    000007fd23dd4a38 8 bytes JMP 000007fe238d01f0
    .text    C:\Windows\System32\dwm.exe[6560] C:\Windows\system32\KERNEL32.DLL!RegSetValueExA                                                                                                                                                                             000007fd23dd5074 8 bytes JMP 000007fe238d0308
    .text    C:\Windows\System32\dwm.exe[6560] C:\Windows\system32\KERNELBASE.dll!GetModuleHandleW                                                                                                                                                                         000007fd23911f70 7 bytes JMP 000007fe238d00d8
    .text    C:\Windows\System32\dwm.exe[6560] C:\Windows\system32\KERNELBASE.dll!FreeLibrary                                                                                                                                                                              000007fd23911ff0 5 bytes JMP 000007fe238d0180
    .text    C:\Windows\System32\dwm.exe[6560] C:\Windows\system32\KERNELBASE.dll!GetModuleHandleExW                                                                                                                                                                       000007fd23915880 5 bytes JMP 000007fe238d0110
    .text    C:\Windows\System32\dwm.exe[6560] C:\Windows\system32\KERNELBASE.dll!LoadLibraryExW                                                                                                                                                                           000007fd23918650 6 bytes JMP 000007fe238d0148
    .text    C:\Windows\System32\dwm.exe[6560] C:\Windows\system32\KERNELBASE.dll!GetModuleFileNameExW                                                                                                                                                                     000007fd23940510 5 bytes JMP 000007fe238d01b8
    .text    C:\Windows\System32\dwm.exe[6560] C:\Windows\system32\USER32.dll!CreateWindowExW                                                                                                                                                                              000007fd260ac5b0 7 bytes JMP 000007fe238d0420
    .text    C:\Windows\System32\dwm.exe[6560] C:\Windows\system32\USER32.dll!DisplayConfigGetDeviceInfo                                                                                                                                                                   000007fd260b31f0 1 byte JMP 000007fe238d0378
    .text    C:\Windows\System32\dwm.exe[6560] C:\Windows\system32\USER32.dll!DisplayConfigGetDeviceInfo + 2                                                                                                                                                               000007fd260b31f2 7 bytes {JMP 0xfffffffffd81d188}
    .text    C:\Windows\System32\dwm.exe[6560] C:\Windows\system32\USER32.dll!EnumDisplayDevicesW                                                                                                                                                                          000007fd260b33e0 5 bytes JMP 000007fe238d03e8
    .text    C:\Windows\System32\dwm.exe[6560] C:\Windows\system32\USER32.dll!ChangeDisplaySettingsExW                                                                                                                                                                     000007fd260b45d0 5 bytes JMP 000007fe238d0458
    .text    C:\Windows\System32\dwm.exe[6560] C:\Windows\system32\USER32.dll!EnumDisplayDevicesA                                                                                                                                                                          000007fd260b7160 5 bytes JMP 000007fe238d03b0
    .text    C:\Windows\System32\dwm.exe[6560] C:\Windows\system32\GDI32.dll!D3DKMTQueryAdapterInfo                                                                                                                                                                        000007fd25471070 8 bytes JMP 000007fe238d04c8
    .text    C:\Windows\System32\dwm.exe[6560] C:\Windows\system32\GDI32.dll!D3DKMTGetDisplayModeList                                                                                                                                                                      000007fd25490bd0 8 bytes JMP 000007fe238d0490
    .text    C:\Windows\System32\dwm.exe[6560] C:\Windows\System32\dxgi.dll!CreateDXGIFactory1                                                                                                                                                                             000007fd21c46d10 5 bytes JMP 000007fe21a30110
    .text    C:\Windows\System32\dwm.exe[6560] C:\Windows\System32\dxgi.dll!CreateDXGIFactory                                                                                                                                                                              000007fd21c4d060 5 bytes JMP 000007fe21a300d8
    .text    C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe[6672] C:\Windows\SYSTEM32\MSIMG32.dll!GradientFill + 690                                                                                                                                             000007fd20f11532 4 bytes [F1, 20, FD, 07]
    .text    C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe[6672] C:\Windows\SYSTEM32\MSIMG32.dll!GradientFill + 698                                                                                                                                             000007fd20f1153a 4 bytes [F1, 20, FD, 07]
    .text    C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe[6672] C:\Windows\SYSTEM32\MSIMG32.dll!TransparentBlt + 246                                                                                                                                           000007fd20f1165a 4 bytes [F1, 20, FD, 07]
    .text    C:\Windows\system32\nvvsvc.exe[396] C:\Windows\system32\MSIMG32.dll!GradientFill + 690                                                                                                                                                                        000007fd20f11532 4 bytes [F1, 20, FD, 07]
    .text    C:\Windows\system32\nvvsvc.exe[396] C:\Windows\system32\MSIMG32.dll!GradientFill + 698                                                                                                                                                                        000007fd20f1153a 4 bytes [F1, 20, FD, 07]
    .text    C:\Windows\system32\nvvsvc.exe[396] C:\Windows\system32\MSIMG32.dll!TransparentBlt + 246                                                                                                                                                                      000007fd20f1165a 4 bytes [F1, 20, FD, 07]
    .text    C:\Windows\system32\nvvsvc.exe[396] C:\Windows\system32\PSAPI.DLL!GetProcessImageFileNameA + 306                                                                                                                                                              000007fd262b177a 4 bytes [2B, 26, FD, 07]
    .text    C:\Windows\system32\nvvsvc.exe[396] C:\Windows\system32\PSAPI.DLL!GetProcessImageFileNameA + 314                                                                                                                                                              000007fd262b1782 4 bytes [2B, 26, FD, 07]
    .text    C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe[6572] C:\Windows\SYSTEM32\MSIMG32.dll!GradientFill + 690                                                                                                                                                       000007fd20f11532 4 bytes [F1, 20, FD, 07]
    .text    C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe[6572] C:\Windows\SYSTEM32\MSIMG32.dll!GradientFill + 698                                                                                                                                                       000007fd20f1153a 4 bytes [F1, 20, FD, 07]
    .text    C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe[6572] C:\Windows\SYSTEM32\MSIMG32.dll!TransparentBlt + 246                                                                                                                                                     000007fd20f1165a 4 bytes [F1, 20, FD, 07]
    .text    C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe[4420] C:\Windows\SYSTEM32\MSIMG32.dll!GradientFill + 690                                                                                                                                                       000007fd20f11532 4 bytes [F1, 20, FD, 07]
    .text    C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe[4420] C:\Windows\SYSTEM32\MSIMG32.dll!GradientFill + 698                                                                                                                                                       000007fd20f1153a 4 bytes [F1, 20, FD, 07]
    .text    C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe[4420] C:\Windows\SYSTEM32\MSIMG32.dll!TransparentBlt + 246                                                                                                                                                     000007fd20f1165a 4 bytes [F1, 20, FD, 07]
    .text    C:\Program Files\NVIDIA Corporation\Display\nvtray.exe[5716] C:\Windows\SYSTEM32\MSIMG32.dll!GradientFill + 690                                                                                                                                               000007fd20f11532 4 bytes [F1, 20, FD, 07]
    .text    C:\Program Files\NVIDIA Corporation\Display\nvtray.exe[5716] C:\Windows\SYSTEM32\MSIMG32.dll!GradientFill + 698                                                                                                                                               000007fd20f1153a 4 bytes [F1, 20, FD, 07]
    .text    C:\Program Files\NVIDIA Corporation\Display\nvtray.exe[5716] C:\Windows\SYSTEM32\MSIMG32.dll!TransparentBlt + 246                                                                                                                                             000007fd20f1165a 4 bytes [F1, 20, FD, 07]
    .text    C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtvStack.exe[7796] C:\Windows\SYSTEM32\MSIMG32.dll!GradientFill + 690                                                                                                                                    000007fd20f11532 4 bytes [F1, 20, FD, 07]
    .text    C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtvStack.exe[7796] C:\Windows\SYSTEM32\MSIMG32.dll!GradientFill + 698                                                                                                                                    000007fd20f1153a 4 bytes [F1, 20, FD, 07]
    .text    C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtvStack.exe[7796] C:\Windows\SYSTEM32\MSIMG32.dll!TransparentBlt + 246                                                                                                                                  000007fd20f1165a 4 bytes [F1, 20, FD, 07]
    .text    C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtvStack.exe[7796] C:\Windows\SYSTEM32\WSOCK32.dll!recvfrom + 742                                                                                                                                        000007fd15171b32 4 bytes [17, 15, FD, 07]
    .text    C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtvStack.exe[7796] C:\Windows\SYSTEM32\WSOCK32.dll!recvfrom + 750                                                                                                                                        000007fd15171b3a 4 bytes [17, 15, FD, 07]
    .text    C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe[3716] C:\Windows\SYSTEM32\MSIMG32.dll!GradientFill + 690                                                                                                                                                     000007fd20f11532 4 bytes [F1, 20, FD, 07]
    .text    C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe[3716] C:\Windows\SYSTEM32\MSIMG32.dll!GradientFill + 698                                                                                                                                                     000007fd20f1153a 4 bytes [F1, 20, FD, 07]
    .text    C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe[3716] C:\Windows\SYSTEM32\MSIMG32.dll!TransparentBlt + 246                                                                                                                                                   000007fd20f1165a 4 bytes [F1, 20, FD, 07]
    .text    C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe[4832] C:\Windows\SYSTEM32\MSIMG32.dll!GradientFill + 690                                                                                                                                                       000007fd20f11532 4 bytes [F1, 20, FD, 07]
    .text    C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe[4832] C:\Windows\SYSTEM32\MSIMG32.dll!GradientFill + 698                                                                                                                                                       000007fd20f1153a 4 bytes [F1, 20, FD, 07]
    .text    C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe[4832] C:\Windows\SYSTEM32\MSIMG32.dll!TransparentBlt + 246                                                                                                                                                     000007fd20f1165a 4 bytes [F1, 20, FD, 07]
    .text    C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe[1348] C:\Windows\SYSTEM32\MSIMG32.dll!GradientFill + 690                                                                                                                                                       000007fd20f11532 4 bytes [F1, 20, FD, 07]
    .text    C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe[1348] C:\Windows\SYSTEM32\MSIMG32.dll!GradientFill + 698                                                                                                                                                       000007fd20f1153a 4 bytes [F1, 20, FD, 07]
    .text    C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe[1348] C:\Windows\SYSTEM32\MSIMG32.dll!TransparentBlt + 246                                                                                                                                                     000007fd20f1165a 4 bytes [F1, 20, FD, 07]
    .text    C:\Program Files\Dell\QuickSet\quickset.exe[48] C:\Windows\system32\PSAPI.DLL!GetProcessImageFileNameA + 306                                                                                                                                                  000007fd262b177a 4 bytes [2B, 26, FD, 07]
    .text    C:\Program Files\Dell\QuickSet\quickset.exe[48] C:\Windows\system32\PSAPI.DLL!GetProcessImageFileNameA + 314                                                                                                                                                  000007fd262b1782 4 bytes [2B, 26, FD, 07]
    .text    C:\Program Files\Dell\QuickSet\quickset.exe[48] C:\Windows\SYSTEM32\MSIMG32.dll!GradientFill + 690                                                                                                                                                            000007fd20f11532 4 bytes [F1, 20, FD, 07]
    .text    C:\Program Files\Dell\QuickSet\quickset.exe[48] C:\Windows\SYSTEM32\MSIMG32.dll!GradientFill + 698                                                                                                                                                            000007fd20f1153a 4 bytes [F1, 20, FD, 07]
    .text    C:\Program Files\Dell\QuickSet\quickset.exe[48] C:\Windows\SYSTEM32\MSIMG32.dll!TransparentBlt + 246                                                                                                                                                          000007fd20f1165a 4 bytes [F1, 20, FD, 07]
    .text    C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe[6992] C:\Windows\system32\PSAPI.DLL!GetProcessImageFileNameA + 306                                                                                                                                         000007fd262b177a 4 bytes [2B, 26, FD, 07]
    .text    C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe[6992] C:\Windows\system32\PSAPI.DLL!GetProcessImageFileNameA + 314                                                                                                                                         000007fd262b1782 4 bytes [2B, 26, FD, 07]
    .text    C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe[6992] C:\Windows\SYSTEM32\MSIMG32.dll!GradientFill + 690                                                                                                                                                   000007fd20f11532 4 bytes [F1, 20, FD, 07]
    .text    C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe[6992] C:\Windows\SYSTEM32\MSIMG32.dll!GradientFill + 698                                                                                                                                                   000007fd20f1153a 4 bytes [F1, 20, FD, 07]
    .text    C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe[6992] C:\Windows\SYSTEM32\MSIMG32.dll!TransparentBlt + 246                                                                                                                                                 000007fd20f1165a 4 bytes [F1, 20, FD, 07]
    .text    C:\Windows\system32\wwahost.exe[3788] C:\Windows\system32\PSAPI.DLL!GetProcessImageFileNameA + 306                                                                                                                                                            000007fd262b177a 4 bytes [2B, 26, FD, 07]
    .text    C:\Windows\system32\wwahost.exe[3788] C:\Windows\system32\PSAPI.DLL!GetProcessImageFileNameA + 314                                                                                                                                                            000007fd262b1782 4 bytes [2B, 26, FD, 07]
    .text    C:\Windows\system32\wwahost.exe[5788] C:\Windows\system32\PSAPI.DLL!GetProcessImageFileNameA + 306                                                                                                                                                            000007fd262b177a 4 bytes [2B, 26, FD, 07]
    .text    C:\Windows\system32\wwahost.exe[5788] C:\Windows\system32\PSAPI.DLL!GetProcessImageFileNameA + 314                                                                                                                                                            000007fd262b1782 4 bytes [2B, 26, FD, 07]
    .text    C:\Program Files\Common Files\Autodesk Shared\WSCommCntr4\lib\WSCommCntr4.exe[1164] C:\Windows\SYSTEM32\WSOCK32.dll!recvfrom + 742                                                                                                                            000007fd15171b32 4 bytes [17, 15, FD, 07]
    .text    C:\Program Files\Common Files\Autodesk Shared\WSCommCntr4\lib\WSCommCntr4.exe[1164] C:\Windows\SYSTEM32\WSOCK32.dll!recvfrom + 750                                                                                                                            000007fd15171b3a 4 bytes [17, 15, FD, 07]
    .text    C:\Windows\explorer.exe[4592] C:\Windows\system32\MSIMG32.dll!GradientFill + 690                                                                                                                                                                              000007fd20f11532 4 bytes [F1, 20, FD, 07]
    .text    C:\Windows\explorer.exe[4592] C:\Windows\system32\MSIMG32.dll!GradientFill + 698                                                                                                                                                                              000007fd20f1153a 4 bytes [F1, 20, FD, 07]
    .text    C:\Windows\explorer.exe[4592] C:\Windows\system32\MSIMG32.dll!TransparentBlt + 246                                                                                                                                                                            000007fd20f1165a 4 bytes [F1, 20, FD, 07]
    .text    C:\Windows\explorer.exe[4592] C:\Windows\system32\psapi.dll!GetProcessImageFileNameA + 306                                                                                                                                                                    000007fd262b177a 4 bytes [2B, 26, FD, 07]
    .text    C:\Windows\explorer.exe[4592] C:\Windows\system32\psapi.dll!GetProcessImageFileNameA + 314                                                                                                                                                                    000007fd262b1782 4 bytes [2B, 26, FD, 07]
     
    ---- Threads - GMER 2.1 ----
     
    Thread   C:\Windows\system32\csrss.exe [7736:6664]                                                                                                                                                                                                                     fffff960009265e8
    ---- Processes - GMER 2.1 ----
     
    Library  C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe\Microsoft.PerfTrack.dll (*** suspicious ***) @ C:\Windows\system32\wwahost.exe [3788] (Microsoft.PerfTrack.dll/Microsoft Corporation)(2014-01-16 04:20:56)  000007fd0c1e0000
    Library  C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe\Microsoft.PerfTrack.dll (*** suspicious ***) @ C:\Windows\system32\wwahost.exe [5788] (Microsoft.PerfTrack.dll/Microsoft Corporation)(2014-01-16 04:20:56)  000007fd0c1e0000
     
    ---- Disk sectors - GMER 2.1 ----
     
    Disk     \Device\Harddisk0\DR0                                                                                                                                                                                                                                         unknown MBR code
     
    ---- EOF - GMER 2.1 ----

    Compartilhar este post


    Link para o post
    Compartilhar em outros sites
    diego_moicano    472

    Caro epslol

     

    Recomendo que salve este tópico em seus Favoritos para facilitar na hora de encontrá-lo.
     
    Por favor, atente para o seguinte:
    • Caso fique sem resposta durante 3 dias, me envie uma Mensagem Privada (MP);
    O que será passado aqui, somente será com relação ao problema do seu computador portanto, não faça mais em nenhum outro;
    Siga, por favor, atentamente as instruções passadas e em caso de dúvidas não hesite em perguntá-las;
    Sempre coloque suas respostas neste tópico... Não abra outro!
    Procure sempre me manter informado, durante a remoção, sobre o que acontece com seu computador.
    Respeite a ordem das instruções passadas.
    Observação: Não tome outra medida além das passadas aqui; atente para que, caso peça ajuda em outro fórum, não deixe de nos informar, sob risco de desconfigurar seu computador!

    # Etapa nº 1 #

     
    Encontra-se instalado em seu sistema operacional mais de uma antivírus e antispyware. Não é recomendado ter mais de um programa de prevenção. Leitura recomendada: http://www.linhadefensiva.org/2010/09/o-antivirus-a-camisinha-e-o-atrito/

    AV: McAfee Anti-Virus and Anti-Spyware 
    AV: Windows Defender 
    SP: McAfee Anti-Virus and Anti-Spyware 
    SP: Windows Defender

     

    Escolha um deles e desinstale o outro e me informe qual ficou, para podermos dar continuidade. Note, deixe somente um firewall ativo. ;)
     
    Abraços :D

    Compartilhar este post


    Link para o post
    Compartilhar em outros sites





    Sobre o Clube do Hardware

    No ar desde 1996, o Clube do Hardware é uma das maiores, mais antigas e mais respeitadas publicações sobre tecnologia do Brasil. Leia mais

    Direitos autorais

    Não permitimos a cópia ou reprodução do conteúdo do nosso site, fórum, newsletters e redes sociais, mesmo citando-se a fonte. Leia mais

    ×