Ir ao conteúdo
  • Comunicados

    • diego_moicano

      Gostaria de se tornar um analista em Remoção de Malware?   07-12-2015

      Gostaria de se tornar um analista em Remoção de Malware? O Fórum Clube do Hardware deu início a um programa de treinamento em análises de log. Os interessados deverão enviar um email para aprendizes (arroba) clubedohardware (ponto) com (ponto) br respondendo as seguintes perguntas: Por que você gostaria de aprender a analisar logs? Possui tempo hábil para o treinamento? Tem conhecimentos em informática? Se sim descreva-os. Possui inglês para leitura? Qual seu objetivo após completar o treinamento?   Não se esqueça de incluir no e-mail o seu nome de usuário (fornecer o link também), idade e cidade onde vive. Adicione também qualquer experiência e/ou razão sobre o porquê você seria um bom Analista. É digno de nota que apenas os que forem selecionados receberão resposta por MP (Mensagem Pessoal), não existe um padrão na escolha dos futuros aprendizes, todos os e-mails serão lidos e serão analisados de forma imparcial, portanto não será permitido reclamações neste aspecto. O treinamento é dado no próprio fórum. Quando um aprendiz é selecionado ele é movido para um novo grupo, onde terá acesso a fóruns fechados para os demais usuários onde poderá dar inicio ao seu treinamento. Importante: A cada 30 dias os e-mails não selecionados serão apagados, portanto você pode enviar um novo e-mail após 1 mês, e-mails enviados antes serão desconsiderados.  
    • Gabriel Torres

      Seja um moderador do Clube do Hardware!   12-02-2016

      Prezados membros do Clube do Hardware, Está aberto o processo de seleção de novos moderadores para diversos setores ou áreas do Clube do Hardware. Os requisitos são:   Pelo menos 500 posts e um ano de cadastro; Boa frequência de participação; Ser respeitoso, cordial e educado com os demais membros; Ter bom nível de português; Ter razoável conhecimento da área em que pretende atuar; Saber trabalhar em equipe (com os moderadores, coordenadores e administradores).   Os interessados deverão enviar uma mensagem privada para o usuário @Equipe Clube do Hardware com o título "Candidato a moderador". A mensagem deverá conter respostas às perguntas abaixo:   Qual o seu nome completo? Qual sua data de nascimento? Qual sua formação/profissão? Já atuou como moderador em algo outro fórum, se sim, qual? De forma sucinta, explique o porquê de querer ser moderador do fórum e conte-nos um pouco sobre você.   OBS: Não se trata de função remunerada. Todos que fazem parte do staff são voluntários.
Aline Brasil

Enviando virus para contato

Recommended Posts

Olá,

Já iniciei a limpeza, porém, devido a um bug do fórum, meu tópico foi apagado, já foi executado o combo fix.

Segue novo log DDS.

Obrigada!

.

DDS (Ver_2011-08-26.01) - NTFSAMD64

Internet Explorer: 8.0.7600.16385 BrowserJavaVersion: 1.6.0_29

Run by Aline at 19:30:51 on 2012-01-13

Microsoft Windows 7 Home Premium 6.1.7600.0.1252.1.1046.18.3836.2442 [GMT -3:00]

.

AV: avast! Antivirus *Disabled/Outdated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}

SP: avast! Antivirus *Disabled/Outdated* {904CF271-6431-DA47-5FCE-A87D98DFB681}

SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

============== Running Processes ===============

.

C:\Windows\system32\wininit.exe

C:\Windows\system32\lsm.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\PROGRA~2\GbPlugin\GbpSv.exe

C:\Windows\system32\svchost.exe -k RPCSS

C:\Windows\system32\atiesrxx.exe

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\STacSV64.exe

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\Hpservice.exe

C:\Windows\system32\atieclxx.exe

C:\Windows\system32\svchost.exe -k NetworkService

C:\Program Files\Alwil Software\Avast5\AvastSvc.exe

C:\Windows\System32\spoolsv.exe

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\AESTSr64.exe

C:\Program Files\LSI SoftModem\agr64svc.exe

C:\Program Files (x86)\Application Updater\ApplicationUpdater.exe

C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE

C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe

C:\Windows\system32\svchost.exe -k regsvc

C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe

C:\Windows\system32\svchost.exe -k imgsvc

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe

C:\Windows\System32\alg.exe

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\Windows\system32\taskhost.exe

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Program Files\Apoint2K\Apoint.exe

C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe

C:\Program Files\Java\jre6\bin\jusched.exe

C:\Program Files\IDT\WDM\sttray64.exe

C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe

C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe

C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe

C:\Program Files\Apoint2K\ApMsgFwd.exe

C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe

C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe

C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe

C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe

C:\Windows\system32\SearchIndexer.exe

C:\Program Files\Apoint2K\Apntex.exe

C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe

C:\Windows\system32\conhost.exe

C:\Windows\system32\taskeng.exe

c:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe

c:\Program Files (x86)\Hewlett-Packard\Media\Live TV\TVAgent.exe

c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe

C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe

C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe

C:\Program Files (x86)\Hewlett-Packard\Shared\hpqToaster.exe

C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe

C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe

C:\Windows\System32\svchost.exe -k secsvcs

C:\Windows\system32\wuauclt.exe

C:\Program Files (x86)\Ask.com\Updater\Updater.exe

C:\Windows\system32\taskeng.exe

C:\Windows\system32\AUDIODG.EXE

C:\Program Files\Alwil Software\Avast5\AvastUI.exe

C:\Windows\system32\DllHost.exe

C:\Windows\system32\DllHost.exe

C:\Windows\SysWOW64\cmd.exe

C:\Windows\system32\conhost.exe

C:\Windows\SysWOW64\cscript.exe

C:\Windows\system32\wbem\wmiprvse.exe

.

============== Pseudo HJT Report ===============

.

uStart Page = hxxp://google.com

mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_US&c=94&bd=Pavilion&pf=cnnb

uInternet Settings,ProxyServer = proxy:3128

uURLSearchHooks: UrlSearchHook Class: {00000000-6e41-4fd3-8538-502f5495e5fc} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll

BHO: HP Print Enhancer: {0347c33e-8762-4905-bf09-768834316c61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll

BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

BHO: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll

BHO: Auxiliar de Conexão do Windows Live ID: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

BHO: hpBHO Class: {abd3b5e1-b268-407b-a150-2641dab8d898} - C:\Program Files (x86)\Common Files\Homepage Protection\HomepageProtection.dll

BHO: Skype Plug-In: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

BHO: GbIehObj Class: {c41a1c0e-ea6c-11d4-b1b8-444553540003} - C:\Program Files (x86)\GbPlugin\gbiehCef.dll

BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll"

BHO: Ask Toolbar: {d4027c7f-154a-4066-a1ad-4243d8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll

BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll

BHO: HP Smart BHO Class: {ffffffff-cf4e-4f2b-bdc2-0e72e116a856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll

TB: Ask Toolbar: {d4027c7f-154a-4066-a1ad-4243d8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll

TB: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll

TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll"

TB: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File

uRun: [HPADVISOR] C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe view=DOCKVIEW

uRun: [LightScribe Control Panel] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden

uRun: [MsnLive] C:\Tempo\GBPL.exe

uRun: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background

uRunOnce: [FlashPlayerUpdate] C:\Windows\SysWOW64\Macromed\Flash\FlashUtil10x_Plugin.exe -update plugin

mRun: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun

mRun: [HPCam_Menu] "c:\Program Files (x86)\Hewlett-Packard\Media\Webcam\MUITransfer\MUIStartMenu.exe" "c:\Program Files (x86)\Hewlett-Packard\Media\Webcam" UpdateWithCreateOnce "Software\Hewlett-Packard\Media\Webcam"

mRun: [QlbCtrl.exe] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start

mRun: [updatePRCShortCut] "C:\Program Files (x86)\Hewlett-Packard\Recovery\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Hewlett-Packard\Recovery" UpdateWithCreateOnce "Software\CyberLink\PowerRecover"

mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"

mRun: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe

mRun: [WirelessAssistant] C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe

mRun: [ApnUpdater] "C:\Program Files (x86)\Ask.com\Updater\Updater.exe"

mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

mRun: [searchSettings] "C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe"

mRun: [<NO NAME>]

mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)

mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)

mPolicies-system: EnableUIADesktopToggle = 0 (0x0)

dPolicies-system: WallpaperStyle = 2

IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~4\Office12\EXCEL.EXE/3000

IE: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_6CE5017F567343CA.dll/cmsidewiki.html

IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\PROGRA~2\MICROS~4\Office12\ONBttnIE.dll

IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:\PROGRA~2\MICROS~4\Office12\REFIEBAR.DLL

IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab

DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab

DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

TCP: DhcpNameServer = 200.189.88.12 200.189.88.39

TCP: Interfaces\{563D6202-538C-4E7C-9524-FC833C500C71} : DhcpNameServer = 200.189.88.12 200.189.88.39

TCP: Interfaces\{563D6202-538C-4E7C-9524-FC833C500C71}\14D414A5F4E4F46464943454 : DhcpNameServer = 200.189.88.12 200.189.88.39

TCP: Interfaces\{563D6202-538C-4E7C-9524-FC833C500C71}\6596277696C696F6 : DhcpNameServer = 192.168.254.254

TCP: Interfaces\{563D6202-538C-4E7C-9524-FC833C500C71}\84F6473507F64702D496C6C656E6E69657D6 : DhcpNameServer = 192.168.0.1 200.241.126.11 200.241.126.3

Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL

Notify: GbPluginCef - C:\Program Files (x86)\GbPlugin\gbiehCef.dll

SEH: GbPluginObj Class: {e37cb5f0-51f5-4395-a808-5fa49e399003} - C:\Program Files (x86)\GbPlugin\gbiehcef.dll

mASetup: {10880D85-AAD9-4558-ABDC-2AB1552D831F} - "C:\Program Files (x86)\Common Files\LightScribe\LSRunOnce.exe"

{0347C33E-8762-4905-BF09-768834316C61}

{18DF081C-E8AD-4283-A596-FA578C2EBDC3}

{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}

{9030D464-4C02-4ABF-8ECC-5164760863C6}

{ABD3B5E1-B268-407B-A150-2641DAB8D898}

{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}

{C41A1C0E-EA6C-11D4-B1B8-444553540003}

{d2ce3e00-f94a-4740-988e-03dc2f38c34f}

{D4027C7F-154A-4066-A1AD-4243D8127440}

{DBC80044-A445-435b-BC74-9C25C1C588A9}

{FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856}

{D4027C7F-154A-4066-A1AD-4243D8127440}

{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}

{8dcb7100-df86-4384-8842-8fa844297b3f}

TB-X64: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File

mRun-x64: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun

mRun-x64: [HPCam_Menu] "c:\Program Files (x86)\Hewlett-Packard\Media\Webcam\MUITransfer\MUIStartMenu.exe" "c:\Program Files (x86)\Hewlett-Packard\Media\Webcam" UpdateWithCreateOnce "Software\Hewlett-Packard\Media\Webcam"

mRun-x64: [QlbCtrl.exe] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start

mRun-x64: [updatePRCShortCut] "C:\Program Files (x86)\Hewlett-Packard\Recovery\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Hewlett-Packard\Recovery" UpdateWithCreateOnce "Software\CyberLink\PowerRecover"

mRun-x64: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"

mRun-x64: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe

mRun-x64: [WirelessAssistant] C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe

mRun-x64: [ApnUpdater] "C:\Program Files (x86)\Ask.com\Updater\Updater.exe"

mRun-x64: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

mRun-x64: [searchSettings] "C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe"

mRun-x64: [(padrão)]

SEH-X64: {E37CB5F0-51F5-4395-A808-5FA49E399003}: GbPlugin ShlObj

.

================= FIREFOX ===================

.

FF - ProfilePath - C:\Users\Aline\AppData\Roaming\Mozilla\Firefox\Profiles\v21lsqgg.default\

FF - prefs.js: browser.search.selectedEngine - Yahoo

FF - prefs.js: keyword.URL - hxxp://br.search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=616163&p=

FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll

FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll

FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrlui.dll

FF - plugin: C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll

FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll

.

============= SERVICES / DRIVERS ===============

.

R1 aswSnx;aswSnx;C:\Windows\system32\drivers\aswSnx.sys --> C:\Windows\system32\drivers\aswSnx.sys [?]

R1 aswSP;aswSP;C:\Windows\system32\drivers\aswSP.sys --> C:\Windows\system32\drivers\aswSP.sys [?]

R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?]

R2 AESTFilters;Andrea ST Filters Service;C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\AESTSr64.exe [2009-3-2 89600]

R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\system32\atiesrxx.exe --> C:\Windows\system32\atiesrxx.exe [?]

R2 Application Updater;Application Updater;C:\Program Files (x86)\Application Updater\ApplicationUpdater.exe [2011-12-13 748440]

R2 aswFsBlk;aswFsBlk;C:\Windows\system32\drivers\aswFsBlk.sys --> C:\Windows\system32\drivers\aswFsBlk.sys [?]

R2 aswMonFlt;aswMonFlt;\??\C:\Windows\system32\drivers\aswMonFlt.sys --> C:\Windows\system32\drivers\aswMonFlt.sys [?]

R2 avast! Antivirus;avast! Antivirus;C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2011-4-25 42184]

R2 BBUpdate;BBUpdate;C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE [2011-6-15 249648]

R2 GbpSv;Gbp Service;C:\PROGRA~2\GbPlugin\GbpSv.exe [2011-12-14 208328]

R2 hpsrv;HP Service;C:\Windows\system32\Hpservice.exe --> C:\Windows\system32\Hpservice.exe [?]

R3 Com4QLBEx;Com4QLBEx;C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2009-8-24 228408]

R3 enecir;ENE CIR Receiver;C:\Windows\system32\DRIVERS\enecir.sys --> C:\Windows\system32\DRIVERS\enecir.sys [?]

R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\system32\DRIVERS\Rt64win7.sys --> C:\Windows\system32\DRIVERS\Rt64win7.sys [?]

R3 usbfilter;AMD USB Filter Driver;C:\Windows\system32\DRIVERS\usbfilter.sys --> C:\Windows\system32\DRIVERS\usbfilter.sys [?]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]

S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]

S2 gupdate;Serviço do Google Update (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-8-1 136176]

S3 BBSvc;Bing Bar Update Service;C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-7-7 195336]

S3 gupdatem;Serviço do Google Update (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-8-1 136176]

S3 JMCR;JMCR;C:\Windows\system32\DRIVERS\jmcr.sys --> C:\Windows\system32\DRIVERS\jmcr.sys [?]

S3 netw5v64;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;C:\Windows\system32\DRIVERS\netw5v64.sys --> C:\Windows\system32\DRIVERS\netw5v64.sys [?]

S3 SrvHsfHDA;SrvHsfHDA;C:\Windows\system32\DRIVERS\VSTAZL6.SYS --> C:\Windows\system32\DRIVERS\VSTAZL6.SYS [?]

S3 SrvHsfV92;SrvHsfV92;C:\Windows\system32\DRIVERS\VSTDPV6.SYS --> C:\Windows\system32\DRIVERS\VSTDPV6.SYS [?]

S3 SrvHsfWinac;SrvHsfWinac;C:\Windows\system32\DRIVERS\VSTCNXT6.SYS --> C:\Windows\system32\DRIVERS\VSTCNXT6.SYS [?]

S3 WatAdminSvc;WatAdminSvc;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]

S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;C:\Windows\system32\DRIVERS\yk62x64.sys --> C:\Windows\system32\DRIVERS\yk62x64.sys [?]

.

=============== Created Last 30 ================

.

2012-01-13 18:51:33 69000 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{0993D17F-D937-4C07-B86E-7434BFE3D7B7}\offreg.dll

2012-01-13 18:51:30 8822856 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{0993D17F-D937-4C07-B86E-7434BFE3D7B7}\mpengine.dll

2012-01-13 13:27:45 -------- d-----w- C:\Users\Aline\AppData\Local\{03877549-3B38-4543-8A10-8B9E892B4D3A}

2012-01-13 13:26:43 -------- d-----w- C:\Users\Aline\AppData\Local\{D200B83D-CD23-470B-B047-6E6D41C86DE6}

2012-01-12 22:35:17 -------- d-----w- C:\Users\Aline\AppData\Local\{55F7AA04-3AE0-4709-9C64-D18BC8256ADD}

2012-01-12 22:34:28 -------- d-----w- C:\Users\Aline\AppData\Local\{22D0AC1F-B246-4C1F-B613-10247694C772}

2012-01-11 19:21:06 -------- d-----w- C:\Users\Aline\AppData\Local\{B4BAB5F2-76DC-4BAD-88AC-C999C8B70306}

2012-01-11 19:19:51 -------- d-----w- C:\Users\Aline\AppData\Local\{C0E58C0A-9FF0-4B07-B467-BDC098BDFC62}

2012-01-11 00:44:46 1572864 ----a-w- C:\Windows\System32\quartz.dll

2012-01-11 00:44:46 1328640 ----a-w- C:\Windows\SysWow64\quartz.dll

2012-01-11 00:44:45 514560 ----a-w- C:\Windows\SysWow64\qdvd.dll

2012-01-11 00:44:45 366592 ----a-w- C:\Windows\System32\qdvd.dll

2012-01-11 00:44:42 1739160 ----a-w- C:\Windows\System32\ntdll.dll

2012-01-11 00:44:41 1292592 ----a-w- C:\Windows\SysWow64\ntdll.dll

2012-01-11 00:44:35 77312 ----a-w- C:\Windows\System32\packager.dll

2012-01-11 00:44:35 67072 ----a-w- C:\Windows\SysWow64\packager.dll

2012-01-10 22:20:39 -------- d-----w- C:\Users\Aline\AppData\Local\{0230388D-70E4-4F89-B058-247BD5179FAA}

2012-01-10 22:19:52 -------- d-----w- C:\Users\Aline\AppData\Local\{DB02C8BF-CAB2-436D-BCB1-F898EE8306E5}

2012-01-10 17:48:46 -------- d-----w- C:\Users\Aline\AppData\Local\{92FE25FB-012A-484C-8CCD-6A623E423BCB}

2012-01-09 19:04:10 -------- d-----w- C:\Users\Aline\AppData\Local\{6550D681-9968-40D6-80E8-4E4C108059F8}

2012-01-09 19:03:29 -------- d-----w- C:\Users\Aline\AppData\Local\{282EF9C5-D218-45AD-9FC5-11EA77C7D026}

2012-01-07 01:34:51 0 ---ha-w- C:\Users\Aline\AppData\Local\BIT8D6F.tmp

2012-01-06 18:29:21 -------- d-----w- C:\Users\Aline\AppData\Local\{7A95D30D-6EE8-4547-84C1-A651D22E1CE5}

2012-01-06 18:28:55 -------- d-----w- C:\Users\Aline\AppData\Local\{9258510A-03A6-4563-9E85-9A79474004DC}

2012-01-06 04:33:11 -------- d-----w- C:\Users\Aline\AppData\Roaming\Malwarebytes

2012-01-06 04:32:59 -------- d-----w- C:\ProgramData\Malwarebytes

2012-01-06 04:32:58 23152 ----a-w- C:\Windows\System32\drivers\mbam.sys

2012-01-06 04:32:58 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware

2012-01-04 05:53:58 -------- d-----w- C:\bbd82696e607535852a199a8

2011-12-30 19:19:23 -------- d-----w- C:\$RECYCLE.BIN

2011-12-30 18:26:16 98816 ----a-w- C:\Windows\sed.exe

2011-12-30 18:26:16 518144 ----a-w- C:\Windows\SWREG.exe

2011-12-30 18:26:16 256000 ----a-w- C:\Windows\PEV.exe

2011-12-30 18:26:16 208896 ----a-w- C:\Windows\MBR.exe

2011-12-30 18:26:03 -------- d-----w- C:\ComboFix

2011-12-30 17:58:49 -------- d-----w- C:\Users\Aline\AppData\Local\{DE97DF45-4F27-4100-ADE8-C50152D28D3D}

2011-12-29 23:20:28 -------- d-----w- C:\Users\Aline\AppData\Local\{FC27C402-082A-4CAC-8CF5-8D5FB1E55FC6}

2011-12-29 23:19:57 -------- d-----w- C:\Users\Aline\AppData\Local\{51672B2C-56B2-40A8-8C2E-0A7D20B01285}

2011-12-28 17:46:26 -------- d-----w- C:\Users\Aline\AppData\Local\{4115FDAC-A6B0-4DD0-BCC0-F1074C34737F}

2011-12-28 01:24:32 -------- d-----w- C:\Program Files (x86)\Application Updater

2011-12-28 01:24:31 -------- d-----w- C:\Program Files (x86)\Common Files\Spigot

2011-12-27 17:55:41 -------- d-----w- C:\Users\Aline\AppData\Local\{887995D1-1DEB-4A0F-B426-25C0010125D2}

2011-12-27 17:54:32 -------- d-----w- C:\Users\Aline\AppData\Local\{7F651754-9F40-4497-B1DB-483D0FA457E3}

2011-12-26 22:22:03 -------- d-----w- C:\Users\Aline\AppData\Local\{6FA72A39-04C0-4DE1-8BB2-A4F6FF0FCF4E}

2011-12-26 22:20:59 -------- d-----w- C:\Users\Aline\AppData\Local\{9C9F45CF-D69E-43F7-8D67-652F18521062}

2011-12-26 14:18:29 -------- d-----w- C:\Users\Aline\AppData\Local\{D9EF0B82-1C9A-4996-ADF9-5651AF32DFC9}

2011-12-25 19:16:36 -------- d-----w- C:\Users\Aline\AppData\Local\{87D0C406-D593-494E-B2D1-58C4E5F79ACF}

2011-12-24 16:01:24 -------- d-----w- C:\Users\Aline\AppData\Local\{623BC887-6507-4C59-BB36-70B04F09A951}

2011-12-24 16:00:56 -------- d-----w- C:\Users\Aline\AppData\Local\{C7DD29DA-444B-4A39-B23D-AD0234451433}

2011-12-24 16:00:14 -------- d-----w- C:\Users\Aline\AppData\Local\{E6129457-F0E8-4122-AF53-5574849F2CE7}

2011-12-24 15:59:40 -------- d-----w- C:\Users\Aline\AppData\Local\{525BEDCC-B9BF-4C48-957D-C91A5DD1EC5C}

2011-12-23 23:10:35 -------- d-----w- C:\Users\Aline\AppData\Local\{36EBE49B-FC68-4F10-BD51-EE10BB908DAA}

2011-12-23 23:09:24 -------- d-----w- C:\Users\Aline\AppData\Local\{6AEE655B-3061-44A1-9CAC-1DE95D302F99}

2011-12-23 01:49:31 -------- d-----w- C:\Users\Aline\AppData\Local\{00BB1950-0852-4DE1-A9E6-51BFE3FCE28A}

2011-12-23 01:48:38 -------- d-----w- C:\Users\Aline\AppData\Local\{EE40CD1A-C877-4F35-BE7B-60D2C9D630C0}

2011-12-22 12:43:06 -------- d-----w- C:\Users\Aline\AppData\Local\{10AFF510-81FD-46DD-94C8-AEEB1BB1D2C6}

2011-12-22 12:42:02 -------- d-----w- C:\Users\Aline\AppData\Local\{1329CDF8-7FDA-4F9A-BD9F-314DA0A7CBD6}

2011-12-21 15:47:23 -------- d-----w- C:\Users\Aline\AppData\Local\{5BFC2152-F4B9-43BA-B124-5AE6C2353305}

2011-12-21 15:46:16 -------- d-----w- C:\Users\Aline\AppData\Local\{1DC9F029-C43D-4849-9B6D-5F1764463511}

2011-12-20 17:14:42 -------- d-----w- C:\Users\Aline\AppData\Local\{335D6820-7955-47E2-8866-CB577DA16BE6}

2011-12-20 17:13:56 -------- d-----w- C:\Users\Aline\AppData\Local\{E32387FB-1928-46E7-95FA-10154511CF30}

2011-12-19 13:47:24 -------- d-----w- C:\Users\Aline\AppData\Local\{7CAB6BBB-57A5-49DD-BA20-63665023F6FA}

2011-12-19 13:46:37 -------- d-----w- C:\Users\Aline\AppData\Local\{1B77F9A0-05EB-40F3-9B5A-A0632C0EDE67}

2011-12-16 19:56:19 -------- d-----w- C:\Users\Aline\AppData\Roaming\WildTangentv1001

2011-12-16 17:23:09 -------- d-----w- C:\Users\Aline\AppData\Local\{6776EB11-5DAC-4958-98F9-4A54EA084B84}

2011-12-15 21:48:28 -------- d-----w- C:\Users\Aline\AppData\Local\{D45EFC5A-6A03-491D-A866-762479E44A46}

2011-12-15 21:47:59 -------- d-----w- C:\Users\Aline\AppData\Local\{927B4EA7-C080-45E9-9049-075DC59DB219}

2011-12-15 17:34:36 -------- d-----w- C:\Users\Aline\AppData\Local\{EB6B4D70-B2E0-4757-B7B1-7EF5A911BF5E}

2011-12-14 22:43:59 57856 ----a-w- C:\Windows\System32\licmgr10.dll

2011-12-14 22:40:37 3141632 ----a-w- C:\Windows\System32\win32k.sys

2011-12-14 22:40:32 723456 ----a-w- C:\Windows\System32\EncDec.dll

2011-12-14 22:40:31 534528 ----a-w- C:\Windows\SysWow64\EncDec.dll

2011-12-14 22:39:36 2048 ----a-w- C:\Windows\SysWow64\tzres.dll

2011-12-14 22:39:36 2048 ----a-w- C:\Windows\System32\tzres.dll

.

==================== Find3M ====================

.

2011-12-14 15:45:24 414368 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl

2011-11-15 17:29:56 270720 ------w- C:\Windows\System32\MpSigStub.exe

2011-11-05 05:26:29 1197568 ----a-w- C:\Windows\System32\wininet.dll

2011-11-05 04:35:50 981504 ----a-w- C:\Windows\SysWow64\wininet.dll

2011-11-05 04:34:15 44544 ----a-w- C:\Windows\SysWow64\licmgr10.dll

2011-11-05 04:07:32 482816 ----a-w- C:\Windows\System32\html.iec

2011-11-05 03:28:41 386048 ----a-w- C:\Windows\SysWow64\html.iec

2011-11-05 03:25:44 1638912 ----a-w- C:\Windows\System32\mshtml.tlb

2011-11-05 02:55:38 1638912 ----a-w- C:\Windows\SysWow64\mshtml.tlb

2011-10-26 05:19:07 43520 ----a-w- C:\Windows\System32\csrsrv.dll

2011-10-17 20:20:36 43720 ----a-w- C:\Windows\SysWow64\drivers\gbpkm.sys

.

============= FINISH: 19:31:47,77 ===============

.

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

.

DDS (Ver_2011-08-26.01)

.

Microsoft Windows 7 Home Premium

Boot Device: \Device\HarddiskVolume1

Install Date: 31/01/2010 19:21:58

System Uptime: 13/01/2012 17:29:43 (2 hours ago)

.

Motherboard: Compal | | 3642

Processor: AMD Turion II Dual-Core Mobile M500 | Socket S1G3 | 2200/200mhz

.

==== Disk Partitions =========================

.

C: is FIXED (NTFS) - 285 GiB total, 182,181 GiB free.

D: is FIXED (NTFS) - 13 GiB total, 2,164 GiB free.

E: is CDROM ()

.

==== Disabled Device Manager Items =============

.

==== System Restore Points ===================

.

RP193: 20/12/2011 14:17:25 - Windows Update

RP194: 23/12/2011 20:13:12 - Windows Update

RP195: 27/12/2011 14:59:10 - Windows Update

RP196: 30/12/2011 15:26:30 - ComboFix created restore point

RP197: 30/12/2011 16:08:36 - Windows Update

RP198: 04/01/2012 02:52:30 - Windows Update

RP199: 04/01/2012 14:19:13 - Windows Update

RP200: 04/01/2012 17:35:12 - Windows Update

RP201: 06/01/2012 15:08:44 - Windows Update

RP202: 10/01/2012 21:41:13 - Windows Update

RP203: 10/01/2012 22:18:42 - Windows Update

RP204: 13/01/2012 15:50:27 - Windows Update

.

==== Installed Programs ======================

.

Update for Microsoft Office 2007 (KB2508958)

7-Zip 9.21beta

Acrobat.com

ActiveCheck component for HP Active Support Library

Adobe AIR

Adobe Flash Player 10 Plugin

Adobe Reader 9.1 MUI

Adobe Shockwave Player

AMD USB Filter Driver

Ask Toolbar

Ask Toolbar Updater

Atheros Driver Installation Program

Atualização do produto Microsoft Office Excel 2007 Help (KB963678)

Atualização do produto Microsoft Office Powerpoint 2007 Help (KB963669)

Atualização do produto Microsoft Office Word 2007 Help (KB963665)

aTube Catcher

avast! Free Antivirus

Bing Bar

Catalyst Control Center - Branding

Catalyst Control Center Core Implementation

Catalyst Control Center Graphics Full Existing

Catalyst Control Center Graphics Full New

Catalyst Control Center Graphics Light

Catalyst Control Center Graphics Previews Common

Catalyst Control Center Graphics Previews Vista

Catalyst Control Center InstallProxy

Catalyst Control Center Localization All

ccc-core-static

CCC Help Chinese Standard

CCC Help Chinese Traditional

CCC Help Czech

CCC Help Danish

CCC Help Dutch

CCC Help English

CCC Help Finnish

CCC Help French

CCC Help German

CCC Help Greek

CCC Help Hungarian

CCC Help Italian

CCC Help Japanese

CCC Help Korean

CCC Help Norwegian

CCC Help Polish

CCC Help Portuguese

CCC Help Russian

CCC Help Spanish

CCC Help Swedish

CCC Help Thai

CCC Help Turkish

Clean Virus MSN

Compatibility Pack for the 2007 Office system

CyberLink DVD Suite

D3DX10

Dealio Toolbar v4.9

Fitness Assistant 3.0

Foxit Reader

Google Chrome

Google Update Helper

Homepage Protection

HP Advisor

HP Customer Experience Enhancements

HP Games

HP MediaSmart DVD

HP MediaSmart Internet TV

HP MediaSmart Live TV

HP MediaSmart Movie Themes

HP MediaSmart Music/Photo/Video

HP MediaSmart SlingPlayer

HP MediaSmart Software Notebook Demo

HP MediaSmart Webcam

HP Quick Launch Buttons

HP Setup

HP Smart Web Printing

HP Support Assistant

HP Update

HP User Guides 0146

HP Wireless Assistant

HPAsset component for HP Active Support Library

IDT Audio

IRPF2007 - Declaração de Ajuste Anual

Java Auto Updater

Java 6 Update 29

JMicron Flash Media Controller Driver

Junk Mail filter update

K-Lite Codec Pack 6.0.4 (Full)

LabelPrint

LightScribe System Software

Malwarebytes Anti-Malware versão 1.60.0.1800

Media Player Codec Pack 4.1.1

Microsoft Live Search Toolbar

Microsoft Office 2007 Service Pack 2 (SP2)

Microsoft Office Excel MUI (Portuguese (Brazil)) 2007

Microsoft Office Home and Student 2007

Microsoft Office OneNote MUI (Portuguese (Brazil)) 2007

Microsoft Office PowerPoint MUI (Portuguese (Brazil)) 2007

Microsoft Office PowerPoint Viewer 2007 (English)

Microsoft Office Proof (English) 2007

Microsoft Office Proof (Portuguese (Brazil)) 2007

Microsoft Office Proof (Spanish) 2007

Microsoft Office Proofing (Portuguese (Brazil)) 2007

Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)

Microsoft Office Shared MUI (Portuguese (Brazil)) 2007

Microsoft Office Word MUI (Portuguese (Brazil)) 2007

Microsoft Silverlight

Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053

Microsoft Visual C++ 2005 Redistributable

Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

Microsoft Works

Mozilla Firefox 6.0.2 (x86 pt-BR)

Mozilla Thunderbird (8.0)

MSVCRT

MSVCRT_amd64

MSXML 4.0 SP2 (KB954430)

MSXML 4.0 SP2 (KB973688)

PhotoScape

Power2Go

PowerDirector

PowerRecover

QLBCASL

Realtek 8136 8168 8169 Ethernet Driver

Security Update for 2007 Microsoft Office System (KB2288621)

Security Update for 2007 Microsoft Office System (KB2288931)

Security Update for 2007 Microsoft Office System (KB2345043)

Security Update for 2007 Microsoft Office System (KB2553089)

Security Update for 2007 Microsoft Office System (KB2553090)

Security Update for 2007 Microsoft Office System (KB2584063)

Security Update for 2007 Microsoft Office System (KB969559)

Security Update for 2007 Microsoft Office System (KB976321)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)

Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition

Security Update for Microsoft Office InfoPath 2007 (KB979441)

Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition

Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition

Security Update for Microsoft Office system 2007 (972581)

Security Update for Microsoft Office system 2007 (KB974234)

Security Update for Microsoft Office Visio Viewer 2007 (KB973709)

Security Update for Microsoft Office Word 2007 (KB2344993)

Security Update for Pacote de Idiomas do Microsoft .NET Framework 4 Client Profile - Português (Brasil) (KB2478663)

Security Update for Pacote de Idiomas do Microsoft .NET Framework 4 Client Profile - Português (Brasil) (KB2518870)

Skype Toolbars

Skype™ 5.0

SlingBoxWatchYourTVAnyWhere

TIM Web Banda Larga

Update for 2007 Microsoft Office System (KB2284654)

Update for 2007 Microsoft Office System (KB967642)

Update for Microsoft .NET Framework 4 Client Profile (KB2468871)

Update for Microsoft .NET Framework 4 Client Profile (KB2533523)

Update for Microsoft Office 2007 suites (KB2596651) 32-Bit Edition

Update for Microsoft Office 2007 suites (KB2596789) 32-Bit Edition

Update for Microsoft Office 2007 System (KB2539530)

Update for Microsoft Office Excel 2007 (KB2596596) 32-Bit Edition

Update for Microsoft Office OneNote 2007 (KB980729)

Windows Live Communications Platform

Windows Live Essentials

Windows Live Installer

Windows Live Mail

Windows Live Messenger

Windows Live Photo Common

Windows Live PIMT Platform

Windows Live SOXE

Windows Live SOXE Definitions

Windows Live UX Platform

Windows Live UX Platform Language Pack

Windows Live Writer

Windows Live Writer Resources

WinRAR 4.01 (32-bit)

.

==== End Of File ===========================

Compartilhar este post


Link para o post
Compartilhar em outros sites

Olá, qual foi o último procedimento realizado?

Compartilhar este post


Link para o post
Compartilhar em outros sites

Ok, poste o log do Malware Bytes, por gentileza.

Compartilhar este post


Link para o post
Compartilhar em outros sites





Sobre o Clube do Hardware

No ar desde 1996, o Clube do Hardware é uma das maiores, mais antigas e mais respeitadas publicações sobre tecnologia do Brasil. Leia mais

Direitos autorais

Não permitimos a cópia ou reprodução do conteúdo do nosso site, fórum, newsletters e redes sociais, mesmo citando-se a fonte. Leia mais

×