Ir ao conteúdo
  • Comunicados

    • diego_moicano

      Gostaria de se tornar um analista em Remoção de Malware?   07-12-2015

      Gostaria de se tornar um analista em Remoção de Malware? O Fórum Clube do Hardware deu início a um programa de treinamento em análises de log. Os interessados deverão enviar um email para aprendizes (arroba) clubedohardware (ponto) com (ponto) br respondendo as seguintes perguntas: Por que você gostaria de aprender a analisar logs? Possui tempo hábil para o treinamento? Tem conhecimentos em informática? Se sim descreva-os. Possui inglês para leitura? Qual seu objetivo após completar o treinamento?   Não se esqueça de incluir no e-mail o seu nome de usuário (fornecer o link também), idade e cidade onde vive. Adicione também qualquer experiência e/ou razão sobre o porquê você seria um bom Analista. É digno de nota que apenas os que forem selecionados receberão resposta por MP (Mensagem Pessoal), não existe um padrão na escolha dos futuros aprendizes, todos os e-mails serão lidos e serão analisados de forma imparcial, portanto não será permitido reclamações neste aspecto. O treinamento é dado no próprio fórum. Quando um aprendiz é selecionado ele é movido para um novo grupo, onde terá acesso a fóruns fechados para os demais usuários onde poderá dar inicio ao seu treinamento. Importante: A cada 30 dias os e-mails não selecionados serão apagados, portanto você pode enviar um novo e-mail após 1 mês, e-mails enviados antes serão desconsiderados.  
    • Gabriel Torres

      Seja um moderador do Clube do Hardware!   12-02-2016

      Prezados membros do Clube do Hardware, Está aberto o processo de seleção de novos moderadores para diversos setores ou áreas do Clube do Hardware. Os requisitos são:   Pelo menos 500 posts e um ano de cadastro; Boa frequência de participação; Ser respeitoso, cordial e educado com os demais membros; Ter bom nível de português; Ter razoável conhecimento da área em que pretende atuar; Saber trabalhar em equipe (com os moderadores, coordenadores e administradores).   Os interessados deverão enviar uma mensagem privada para o usuário @Equipe Clube do Hardware com o título "Candidato a moderador". A mensagem deverá conter respostas às perguntas abaixo:   Qual o seu nome completo? Qual sua data de nascimento? Qual sua formação/profissão? Já atuou como moderador em algo outro fórum, se sim, qual? De forma sucinta, explique o porquê de querer ser moderador do fórum e conte-nos um pouco sobre você.   OBS: Não se trata de função remunerada. Todos que fazem parte do staff são voluntários.
Entre para seguir isso  
Magrella

Meu note nao tah desligando.

Recommended Posts

Boa noite!

Meu note nao desliga, já formatei varias vezes e nao resolveu o problema.

Ele finalizada e fica na tela de encerramento do windows. Tenho que desliga-lo no botao do note.

Uso o antivirus avast.

Compartilhar este post


Link para o post
Compartilhar em outros sites
  • Autor do tópico
  • Desculpe a demora ...

    E obrigada pela resposta.

    Nao saco dessas coisas então vai la...

    Nao consigo adicionar mais ninguem no msn e nao recebo convites tb. quando tento adicionar aparece uma mensagem que meus contatos estão cheios e que preciso excluir para adicionar...Mas nao tenho tantos contatos assim.

    Obrigada

    .

    DDS (Ver_2011-08-26.01) - NTFSAMD64

    Internet Explorer: 9.0.8112.16421

    Run by AMANDINHA at 17:30:28 on 2012-02-18

    Microsoft Windows 7 Home Premium 6.1.7601.1.1252.55.1046.18.3990.2103 [GMT -2:00]

    .

    AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}

    SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}

    SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

    .

    ============== Running Processes ===============

    .

    C:\Windows\system32\wininit.exe

    C:\Windows\system32\lsm.exe

    C:\Windows\system32\svchost.exe -k DcomLaunch

    C:\Program Files (x86)\IObit\Advanced SystemCare 5\ASCService.exe

    C:\Windows\system32\nvvsvc.exe

    C:\Windows\system32\svchost.exe -k RPCSS

    C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

    C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

    C:\Windows\system32\svchost.exe -k netsvcs

    C:\Windows\system32\svchost.exe -k LocalService

    C:\Windows\system32\svchost.exe -k NetworkService

    C:\Program Files\AVAST Software\Avast\AvastSvc.exe

    C:\Windows\system32\WLANExt.exe

    C:\Windows\system32\conhost.exe

    C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe

    C:\Windows\system32\nvvsvc.exe

    C:\Windows\System32\spoolsv.exe

    C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

    C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe

    C:\Windows\system32\taskhost.exe

    C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe

    C:\Windows\system32\Dwm.exe

    C:\Windows\system32\svchost.exe -k bthsvcs

    C:\Program Files\Intel\WiFi\bin\EvtEng.exe

    C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe

    C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe

    C:\Windows\system32\wbem\unsecapp.exe

    C:\Windows\system32\wbem\wmiprvse.exe

    C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe

    C:\Windows\Explorer.EXE

    C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe

    C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe

    C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe

    C:\Program Files\Dell\QuickSet\quickset.exe

    C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe

    C:\Windows\System32\igfxtray.exe

    C:\Windows\System32\rundll32.exe

    C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe

    C:\Program Files (x86)\Dell\Dell Mobile Broadband Manager\WirelessManager.exe

    C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe

    C:\Program Files\Windows Sidebar\sidebar.exe

    C:\Windows\system32\SearchIndexer.exe

    C:\Program Files (x86)\Innovative Solutions\DriverMax\drivermax.exe

    C:\Program Files (x86)\IObit\Advanced SystemCare 5\ASCTray.exe

    C:\Program Files\SetPoint\SetPoint.exe

    C:\Windows\system32\wbem\unsecapp.exe

    C:\Program Files\Windows Media Player\wmpnetwk.exe

    C:\Program Files (x86)\AVG Secure Search\vprot.exe

    C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe

    C:\Windows\LockStatusTray.exe

    C:\Program Files\AVAST Software\Avast\AvastUI.exe

    C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

    C:\Program Files\SetPoint\x86\SetPoint32.exe

    C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe

    C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE

    C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe

    C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe

    C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe

    C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe

    C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe

    C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe

    C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe

    C:\Windows\system32\UI0Detect.exe

    C:\Program Files (x86)\Mozilla Firefox\firefox.exe

    C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe

    C:\Program Files (x86)\Internet Explorer\iexplore.exe

    C:\Program Files (x86)\Internet Explorer\iexplore.exe

    C:\Windows\SysWOW64\Macromed\Flash\FlashUtil11e_ActiveX.exe

    C:\Program Files (x86)\Internet Explorer\iexplore.exe

    C:\Windows\System32\svchost.exe -k swprv

    C:\Windows\SysWOW64\NOTEPAD.EXE

    C:\Windows\SysWOW64\NOTEPAD.EXE

    C:\Windows\system32\DllHost.exe

    C:\Windows\system32\DllHost.exe

    C:\Windows\SysWOW64\cmd.exe

    C:\Windows\system32\conhost.exe

    C:\Windows\SysWOW64\cscript.exe

    C:\Windows\system32\wbem\wmiprvse.exe

    .

    ============== Pseudo HJT Report ===============

    .

    uStart Page = hxxp://br.ask.com/?l=dis&o=15383

    uSearchURL,(Default) = hxxp://www.oquefazernainternet.com/q/%s

    mCustomizeSearch = hxxp://www.oquefazernainternet.com/

    mSearchAssistant = hxxp://www.oquefazernainternet.com/

    mWinlogon: Userinit=userinit.exe

    BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll

    BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File

    BHO: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll

    BHO: Auxiliar de Conexão do Windows Live: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

    BHO: AVG Security Toolbar: {95b7759c-8c7f-4bf1-b163-73684a933233} - C:\Program Files (x86)\AVG Secure Search\10.0.0.7\AVG Secure Search_toolbar.dll

    TB: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll

    TB: AVG Security Toolbar: {95b7759c-8c7f-4bf1-b163-73684a933233} - C:\Program Files (x86)\AVG Secure Search\10.0.0.7\AVG Secure Search_toolbar.dll

    {e7df6bff-55a5-4eb7-a673-4ed3e9456d39}

    TB: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File

    uRun: [DriverMax_RESTART]

    uRun: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background

    uRun: [WirelessManager] "C:\Program Files (x86)\Dell\Dell Mobile Broadband Manager\WirelessManager.exe"

    uRun: [spybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe

    uRun: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun

    uRun: [Google Update] "C:\Users\AMANDINHA\AppData\Local\Google\Update\GoogleUpdate.exe" /c

    uRun: [DriverMax] "C:\Program Files (x86)\Innovative Solutions\DriverMax\drivermax.exe" -agent

    uRun: [Advanced SystemCare 5] "C:\Program Files (x86)\IObit\Advanced SystemCare 5\ASCTray.exe" /AutoStart

    mRun: [vProt] "C:\Program Files (x86)\AVG Secure Search\vprot.exe"

    mRun: [ROC_roc_dec12] "C:\Program Files (x86)\AVG Secure Search\ROC_roc_dec12.exe" /PROMPT /CMPID=roc_dec12

    mRun: [NUSB3MON] "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"

    mRun: [LockStatusTray] C:\Windows\LockStatusTray.exe

    mRun: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui

    StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\SetPoint.lnk - C:\Program Files\SetPoint\SetPoint.exe

    mPolicies-explorer: NoActiveDesktop = 1 (0x1)

    mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)

    mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)

    mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)

    mPolicies-system: EnableUIADesktopToggle = 0 (0x0)

    IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll

    DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab

    TCP: DhcpNameServer = 192.168.2.1

    TCP: Interfaces\{F116F240-64FA-4A67-A6C9-4ED44CFC0790} : DhcpNameServer = 192.168.2.1

    Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\10.0.6\ViProtocol.dll

    AppInit_DLLs: C:\Windows\SysWOW64\nvinit.dll

    {53707962-6F74-2D53-2644-206D7942484F}

    BHO-X64: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File

    {8E5E2654-AD2D-48bf-AC2D-D17F00898D06}

    {9030D464-4C02-4ABF-8ECC-5164760863C6}

    {95B7759C-8C7F-4BF1-B163-73684A933233}

    {8E5E2654-AD2D-48bf-AC2D-D17F00898D06}

    {95B7759C-8C7F-4BF1-B163-73684A933233}

    TB-X64: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File

    mRun-x64: [vProt] "C:\Program Files (x86)\AVG Secure Search\vprot.exe"

    mRun-x64: [ROC_roc_dec12] "C:\Program Files (x86)\AVG Secure Search\ROC_roc_dec12.exe" /PROMPT /CMPID=roc_dec12

    mRun-x64: [NUSB3MON] "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"

    mRun-x64: [LockStatusTray] C:\Windows\LockStatusTray.exe

    mRun-x64: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui

    AppInit_DLLs-X64: C:\Windows\SysWOW64\nvinit.dll

    .

    ================= FIREFOX ===================

    .

    FF - ProfilePath - C:\Users\AMANDINHA\AppData\Roaming\Mozilla\Firefox\Profiles\uni1ukd9.default\

    FF - prefs.js: browser.search.selectedEngine - Google

    FF - prefs.js: browser.startup.homepage - hxxp://br.ask.com/?l=dis&o=15383

    FF - plugin: C:\Program Files (x86)\Microsoft Silverlight\5.0.61118.0\npctrlui.dll

    FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll

    FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll

    FF - plugin: C:\Users\AMANDINHA\AppData\Local\Google\Update\1.3.21.99\npGoogleUpdate3.dll

    FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll

    .

    ============= SERVICES / DRIVERS ===============

    .

    R0 nvpciflt;nvpciflt;C:\Windows\system32\DRIVERS\nvpciflt.sys --> C:\Windows\system32\DRIVERS\nvpciflt.sys [?]

    R1 aswSnx;aswSnx;C:\Windows\system32\drivers\aswSnx.sys --> C:\Windows\system32\drivers\aswSnx.sys [?]

    R1 aswSP;aswSP;C:\Windows\system32\drivers\aswSP.sys --> C:\Windows\system32\drivers\aswSP.sys [?]

    R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?]

    R2 AdvancedSystemCareService5;Advanced SystemCare Service 5;C:\Program Files (x86)\IObit\Advanced SystemCare 5\ASCService.exe [2012-2-15 497496]

    R2 AERTFilters;Andrea RT Filters Service;C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe [2012-2-15 98208]

    R2 AMPPALR3;Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Service;C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe [2011-10-19 661504]

    R2 aswFsBlk;aswFsBlk;C:\Windows\system32\drivers\aswFsBlk.sys --> C:\Windows\system32\drivers\aswFsBlk.sys [?]

    R2 aswMonFlt;aswMonFlt;\??\C:\Windows\system32\drivers\aswMonFlt.sys --> C:\Windows\system32\drivers\aswMonFlt.sys [?]

    R2 avast! Antivirus;avast! Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2012-2-15 44768]

    R2 Bluetooth Device Monitor;Bluetooth Device Monitor;C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe [2011-10-18 936272]

    R2 Bluetooth OBEX Service;Bluetooth OBEX Service;C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe [2011-10-18 1001808]

    R2 BTHSSecurityMgr;Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Security Service;C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe [2011-10-20 135440]

    R2 cpuz135;cpuz135;\??\C:\Windows\system32\drivers\cpuz135_x64.sys --> C:\Windows\system32\drivers\cpuz135_x64.sys [?]

    R2 DellDigitalDelivery;Dell Digital Delivery Service;C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe [2011-10-26 162816]

    R2 nvUpdatusService;NVIDIA Update Service Daemon;C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2012-2-15 2009704]

    R2 SBSDWSCService;SBSD Security Center Service;C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2012-2-16 1153368]

    R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2011-4-21 378472]

    R3 AMPPAL;Intel® Centrino® Wireless Bluetooth® 3.0 + Adaptador virtual de alta velocidade;C:\Windows\system32\DRIVERS\AMPPAL.sys --> C:\Windows\system32\DRIVERS\AMPPAL.sys [?]

    R3 Bluetooth Media Service;Bluetooth Media Service;C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe [2011-10-18 1354064]

    R3 btmaux;Intel Bluetooth Auxiliary Service;C:\Windows\system32\DRIVERS\btmaux.sys --> C:\Windows\system32\DRIVERS\btmaux.sys [?]

    R3 btmhsf;btmhsf;C:\Windows\system32\DRIVERS\btmhsf.sys --> C:\Windows\system32\DRIVERS\btmhsf.sys [?]

    R3 iBtFltCoex;iBtFltCoex;C:\Windows\system32\DRIVERS\iBtFltCoex.sys --> C:\Windows\system32\DRIVERS\iBtFltCoex.sys [?]

    R3 MEIx64;Intel® Management Engine Interface ;C:\Windows\system32\DRIVERS\HECIx64.sys --> C:\Windows\system32\DRIVERS\HECIx64.sys [?]

    R3 NETwNs64;___ Driver do adaptador Intel® Wireless WiFi Link Série 5000 para Windows 7 64 bits;C:\Windows\system32\DRIVERS\NETwNs64.sys --> C:\Windows\system32\DRIVERS\NETwNs64.sys [?]

    R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;C:\Windows\system32\DRIVERS\nusb3hub.sys --> C:\Windows\system32\DRIVERS\nusb3hub.sys [?]

    R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;C:\Windows\system32\DRIVERS\nusb3xhc.sys --> C:\Windows\system32\DRIVERS\nusb3xhc.sys [?]

    R3 qicflt;upper Device Filter Driver;C:\Windows\system32\DRIVERS\qicflt.sys --> C:\Windows\system32\DRIVERS\qicflt.sys [?]

    R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\system32\DRIVERS\Rt64win7.sys --> C:\Windows\system32\DRIVERS\Rt64win7.sys [?]

    R3 vwifimp;Microsoft Virtual WiFi Miniport Service;C:\Windows\system32\DRIVERS\vwifimp.sys --> C:\Windows\system32\DRIVERS\vwifimp.sys [?]

    S3 AMPPALP;Intel® Centrino® Wireless Bluetooth® 3.0 + Protocolo de alta velocidade;C:\Windows\system32\DRIVERS\amppal.sys --> C:\Windows\system32\DRIVERS\amppal.sys [?]

    S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2011-11-1 340240]

    S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?]

    S3 WatAdminSvc;Serviço de Tecnologias de Ativação do Windows;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]

    .

    =============== Created Last 30 ================

    .

    2012-02-18 08:39:27 -------- d-----w- C:\Program Files (x86)\AxBx

    2012-02-18 08:05:34 -------- d-----w- C:\Users\AMANDINHA\Tracing

    2012-02-18 07:57:16 -------- d-----w- C:\Program Files (x86)\Microsoft

    2012-02-18 07:56:59 -------- d-----w- C:\Program Files (x86)\Windows Live SkyDrive

    2012-02-18 07:56:23 -------- d-----w- C:\Windows\PCHEALTH

    2012-02-18 07:54:11 -------- d-----w- C:\Program Files (x86)\Common Files\Windows Live

    2012-02-17 15:34:27 8602168 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\Backup\mpengine.dll

    2012-02-17 15:34:25 8602168 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{E0CA0764-3C33-46D7-B236-A222271CD790}\mpengine.dll

    2012-02-17 01:40:12 158056 ----a-w- C:\ProgramData\Microsoft\Windows\Sqm\Manifest\Sqm10139.bin

    2012-02-17 00:13:15 -------- d-----w- C:\Users\AMANDINHA\AppData\Local\APN

    2012-02-17 00:13:07 -------- d-----w- C:\Program Files (x86)\DsNET Corp

    2012-02-16 05:29:24 -------- d-----w- C:\ProgramData\Spybot - Search & Destroy

    2012-02-16 05:29:24 -------- d-----w- C:\Program Files (x86)\Spybot - Search & Destroy

    2012-02-16 05:10:35 -------- d-----w- C:\Program Files (x86)\Combined Community Codec Pack

    2012-02-16 04:22:59 -------- d-----w- C:\Windows\pss

    2012-02-16 02:28:46 -------- d-----w- C:\Users\AMANDINHA\AppData\Local\ElevatedDiagnostics

    2012-02-15 22:27:20 -------- d-----w- C:\Windows\SysWow64\Adobe

    2012-02-15 21:01:57 21992 ----a-w- C:\Windows\System32\drivers\cpuz135_x64.sys

    2012-02-15 21:01:57 -------- d-----w- C:\Program Files\CPUID

    2012-02-15 19:52:00 -------- d-----w- C:\Users\AMANDINHA\AppData\Local\Google

    2012-02-15 15:39:48 -------- d-----w- C:\Windows\System32\SPReview

    2012-02-15 15:29:27 -------- d-----w- C:\Windows\System32\EventProviders

    2012-02-15 15:05:59 99176 ----a-w- C:\Windows\SysWow64\PresentationHostProxy.dll

    2012-02-15 15:04:59 82944 ----a-w- C:\Windows\SysWow64\thumbcache.dll

    2012-02-15 15:03:59 9728 ----a-w- C:\Windows\System32\spwmp.dll

    2012-02-15 15:02:04 529408 ----a-w- C:\Windows\System32\wbemcomn.dll

    2012-02-15 15:02:04 244736 ----a-w- C:\Program Files\Windows Portable Devices\sqmapi.dll

    2012-02-15 15:01:57 244736 ----a-w- C:\Windows\System32\sqmapi.dll

    2012-02-15 14:40:24 80384 ----a-w- C:\Windows\System32\drivers\BTHUSB.SYS

    2012-02-15 14:40:24 552960 ----a-w- C:\Windows\System32\drivers\bthport.sys

    2012-02-15 14:40:24 229376 ----a-w- C:\Windows\System32\fsquirt.exe

    2012-02-15 13:22:29 96768 ----a-w- C:\Windows\System32\fsutil.exe

    2012-02-15 13:22:29 74240 ----a-w- C:\Windows\SysWow64\fsutil.exe

    2012-02-15 13:22:29 410496 ----a-w- C:\Windows\System32\drivers\iaStorV.sys

    2012-02-15 13:22:29 27008 ----a-w- C:\Windows\System32\drivers\amdxata.sys

    2012-02-15 13:22:29 2565632 ----a-w- C:\Windows\System32\esent.dll

    2012-02-15 13:22:29 189824 ----a-w- C:\Windows\System32\drivers\storport.sys

    2012-02-15 13:22:29 1699328 ----a-w- C:\Windows\SysWow64\esent.dll

    2012-02-15 13:22:29 166272 ----a-w- C:\Windows\System32\drivers\nvstor.sys

    2012-02-15 13:22:29 1659776 ----a-w- C:\Windows\System32\drivers\ntfs.sys

    2012-02-15 13:22:29 148352 ----a-w- C:\Windows\System32\drivers\nvraid.sys

    2012-02-15 13:22:29 107904 ----a-w- C:\Windows\System32\drivers\amdsata.sys

    2012-02-15 13:17:50 -------- d-----w- C:\Users\AMANDINHA\AppData\Local\Diagnostics

    2012-02-15 13:11:50 98816 ----a-w- C:\Windows\System32\drivers\usbccgp.sys

    2012-02-15 13:11:50 7936 ----a-w- C:\Windows\System32\drivers\usbd.sys

    2012-02-15 13:11:50 52736 ----a-w- C:\Windows\System32\drivers\usbehci.sys

    2012-02-15 13:11:50 343040 ----a-w- C:\Windows\System32\drivers\usbhub.sys

    2012-02-15 13:11:50 325120 ----a-w- C:\Windows\System32\drivers\usbport.sys

    2012-02-15 13:11:50 30720 ----a-w- C:\Windows\System32\drivers\usbuhci.sys

    2012-02-15 13:11:50 25600 ----a-w- C:\Windows\System32\drivers\usbohci.sys

    2012-02-15 13:01:10 23896 ----a-w- C:\Windows\System32\RegistryDefragBootTime.exe

    2012-02-15 12:47:29 -------- d-----w- C:\ProgramData\IObit

    2012-02-15 12:47:20 -------- d-----w- C:\Users\AMANDINHA\AppData\Roaming\IObit

    2012-02-15 12:47:15 -------- d-----w- C:\Program Files (x86)\IObit

    2012-02-15 12:36:41 -------- d-----w- C:\Program Files (x86)\Marcos Velasco Security

    2012-02-15 12:18:46 -------- d-----w- C:\Program Files (x86)\VS Revo Group

    2012-02-15 11:13:48 -------- d-----w- C:\Users\AMANDINHA\AppData\Local\Innovative Solutions

    2012-02-15 11:13:46 -------- d-----w- C:\Program Files (x86)\Innovative Solutions

    2012-02-15 11:11:42 -------- d-----w- C:\ProgramData\AVG Secure Search

    2012-02-15 11:11:40 -------- d-----w- C:\Program Files (x86)\Common Files\AVG Secure Search

    2012-02-15 11:11:39 -------- d-----w- C:\Program Files (x86)\AVG Secure Search

    2012-02-15 11:11:32 -------- d--h--w- C:\ProgramData\Common Files

    2012-02-15 10:57:45 -------- d-----w- C:\Program Files (x86)\BurnAware Free

    2012-02-15 10:56:30 -------- d-----w- C:\Program Files (x86)\FreeTime

    2012-02-15 09:29:26 591192 ----a-w- C:\Windows\System32\drivers\aswSnx.sys

    2012-02-15 09:29:24 66904 ----a-w- C:\Windows\System32\drivers\aswMonFlt.sys

    2012-02-15 09:27:50 41184 ----a-w- C:\Windows\avastSS.scr

    2012-02-15 09:27:43 -------- d-----w- C:\ProgramData\AVAST Software

    2012-02-15 09:27:43 -------- d-----w- C:\Program Files\AVAST Software

    2012-02-15 08:43:23 -------- d-----w- C:\Windows\SysWow64\Wat

    2012-02-15 08:43:22 -------- d-----w- C:\Windows\System32\Wat

    2012-02-15 08:26:24 -------- d-----w- C:\Users\AMANDINHA\AppData\Roaming\WirelessManager

    2012-02-15 08:25:13 192512 ----a-w- C:\Windows\LockStatusTray.exe

    2012-02-15 08:20:02 96272 ----a-w- C:\Windows\System32\KemXML.dll

    2012-02-15 08:20:02 235536 ----a-w- C:\Windows\System32\KemUtil.dll

    2012-02-15 08:20:02 235536 ----a-w- C:\Windows\System32\kemutb.dll

    2012-02-15 08:20:02 159248 ----a-w- C:\Windows\System32\KemWnd.dll

    2012-02-15 08:19:48 -------- d-----w- C:\Program Files\SetPoint

    2012-02-15 08:06:10 -------- d-----w- C:\Program Files\Modem Diagnostic Tool

    2012-02-15 07:51:40 -------- d-----w- C:\Program Files (x86)\Dell Digital Delivery

    2012-02-15 07:50:50 -------- d-----w- C:\Program Files (x86)\Dell

    2012-02-15 07:49:19 -------- d-----w- C:\Program Files\Dell

    2012-02-15 07:39:31 -------- d-----w- C:\Users\AMANDINHA\AppData\Roaming\Intel

    2012-02-15 07:39:21 -------- d-----w- C:\Users\AMANDINHA\Roaming

    2012-02-15 07:39:21 -------- d-----w- C:\ProgramData\Roaming

    2012-02-15 07:37:57 -------- d-----w- C:\Program Files\Common Files\Intel

    2012-02-15 07:37:57 -------- d-----w- C:\Program Files (x86)\Cisco

    2012-02-15 07:35:21 -------- d-----w- C:\Windows\SysWow64\NV

    2012-02-15 07:35:21 -------- d-----w- C:\Windows\System32\NV

    2012-02-15 07:03:33 -------- d-----w- C:\Program Files\NVIDIA Corporation

    2012-02-15 06:46:43 902656 ----a-w- C:\Windows\System32\d2d1.dll

    2012-02-15 06:46:43 739840 ----a-w- C:\Windows\SysWow64\d2d1.dll

    2012-02-15 06:46:43 1544192 ----a-w- C:\Windows\System32\DWrite.dll

    2012-02-15 06:46:43 1139200 ----a-w- C:\Windows\System32\FntCache.dll

    2012-02-15 06:46:43 1076736 ----a-w- C:\Windows\SysWow64\DWrite.dll

    2012-02-15 06:40:28 -------- d-----w- C:\Intel

    2012-02-15 06:40:26 418840 ----a-w- C:\Windows\System32\igfxpers.exe

    2012-02-15 06:40:26 391704 ----a-w- C:\Windows\System32\hkcmd.exe

    2012-02-15 06:40:26 167960 ----a-w- C:\Windows\System32\igfxtray.exe

    2012-02-15 06:40:23 90112 ----a-w- C:\Windows\System32\igfxCoIn_v2342.dll

    2012-02-15 06:40:23 4096 ----a-w- C:\Windows\System32\IGFXDEVLib.dll

    2012-02-15 06:40:23 390144 ----a-w- C:\Windows\System32\igfxdev.dll

    2012-02-15 06:40:23 286208 ----a-w- C:\Windows\System32\igfxrptb.lrc

    2012-02-15 06:40:22 8312320 ----a-w- C:\Windows\System32\igdumd64.dll

    2012-02-15 06:40:21 146432 ----a-w- C:\Windows\System32\gfxSrvc.dll

    2012-02-15 06:30:04 -------- d-----w- C:\Windows\System32\SRSLabs

    2012-02-15 06:30:03 -------- d-----w- C:\Windows\SysWow64\RTCOM

    2012-02-15 06:30:03 -------- d-----w- C:\Program Files\Realtek

    2012-02-15 06:21:34 414368 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl

    2012-02-15 06:08:36 -------- d-----w- C:\Program Files (x86)\JMicron

    2012-02-15 05:18:56 107552 ----a-w- C:\Windows\System32\RTNUninst64.dll

    2012-02-15 05:18:52 -------- d-----w- C:\Program Files (x86)\Realtek

    2012-02-15 05:15:11 -------- d-----w- C:\Users\AMANDINHA\AppData\Local\VirtualStore

    2012-02-15 05:13:39 -------- d-sh--we C:\ProgramData\Modelos

    2012-02-15 05:13:39 -------- d-sh--we C:\ProgramData\Menu Iniciar

    2012-02-15 05:13:39 -------- d-sh--we C:\ProgramData\Favoritos

    2012-02-15 05:13:39 -------- d-sh--we C:\ProgramData\Documentos

    2012-02-15 05:13:39 -------- d-sh--we C:\ProgramData\Dados de aplicativos

    2012-02-15 05:13:39 -------- d-sh--we C:\Program Files\Common Files\Sistema

    2012-02-15 05:13:39 -------- d-sh--we C:\Program Files\Arquivos Comuns

    2012-02-15 05:13:39 -------- d-sh--we C:\Arquivos de Programas

    2012-02-15 05:13:39 -------- d-sh--w- C:\Recovery

    2012-02-15 04:59:37 -------- d-----w- C:\Windows\Panther

    2012-02-15 04:36:10 -------- d-----w- C:\Users\AMANDINHA\AppData\Roaming\Dell

    2012-02-15 03:45:01 -------- d-----w- C:\Windows\SysWow64\SDA

    2012-02-15 03:44:31 -------- d-----w- C:\dell

    2012-02-15 03:37:14 -------- d-----w- C:\Users\AMANDINHA\AppData\Local\Apps

    2012-02-15 03:37:13 -------- d-----w- C:\Users\AMANDINHA\AppData\Local\Deployment

    2012-02-15 02:49:48 -------- d-----w- C:\Users\AMANDINHA\AppData\Local\Microsoft Help

    2012-02-15 02:49:38 -------- d-sh--w- C:\Windows\Installer

    2012-02-15 02:44:05 288768 ----a-w- C:\Windows\System32\drivers\mrxsmb10.sys

    2012-02-15 02:44:05 158208 ----a-w- C:\Windows\System32\drivers\mrxsmb.sys

    2012-02-15 02:44:05 128000 ----a-w- C:\Windows\System32\drivers\mrxsmb20.sys

    2012-02-15 02:41:53 7680 ----a-w- C:\Windows\SysWow64\instnm.exe

    2012-02-15 02:40:53 690688 ----a-w- C:\Windows\SysWow64\msvcrt.dll

    2012-02-15 02:39:57 861696 ----a-w- C:\Windows\System32\oleaut32.dll

    2012-02-15 02:39:57 331776 ----a-w- C:\Windows\System32\oleacc.dll

    2012-02-15 02:39:57 233472 ----a-w- C:\Windows\SysWow64\oleacc.dll

    2012-02-15 02:39:56 571904 ----a-w- C:\Windows\SysWow64\oleaut32.dll

    2012-02-15 02:39:54 723456 ----a-w- C:\Windows\System32\EncDec.dll

    2012-02-15 02:39:54 534528 ----a-w- C:\Windows\SysWow64\EncDec.dll

    2012-02-15 02:38:44 77312 ----a-w- C:\Windows\System32\packager.dll

    2012-02-15 02:38:44 67072 ----a-w- C:\Windows\SysWow64\packager.dll

    2012-02-15 02:38:24 1731920 ----a-w- C:\Windows\System32\ntdll.dll

    2012-02-15 02:38:24 1292080 ----a-w- C:\Windows\SysWow64\ntdll.dll

    2012-02-15 02:38:21 5561216 ----a-w- C:\Windows\System32\ntoskrnl.exe

    2012-02-15 02:38:20 3967872 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe

    2012-02-15 02:38:20 3912576 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe

    2012-02-15 02:37:28 279656 ------w- C:\Windows\System32\MpSigStub.exe

    .

    ==================== Find3M ====================

    .

    2012-02-15 19:33:01 175616 ----a-w- C:\Windows\System32\msclmd.dll

    2012-02-15 19:33:01 152576 ----a-w- C:\Windows\SysWow64\msclmd.dll

    2012-01-14 04:06:27 3145728 ----a-w- C:\Windows\System32\win32k.sys

    2012-01-04 10:44:20 509952 ----a-w- C:\Windows\System32\ntshrui.dll

    2012-01-04 08:58:41 442880 ----a-w- C:\Windows\SysWow64\ntshrui.dll

    2011-12-30 06:26:08 515584 ----a-w- C:\Windows\System32\timedate.cpl

    2011-12-30 05:27:56 478720 ----a-w- C:\Windows\SysWow64\timedate.cpl

    2011-12-28 03:59:24 498688 ----a-w- C:\Windows\System32\drivers\afd.sys

    2011-12-16 08:46:06 634880 ----a-w- C:\Windows\System32\msvcrt.dll

    2011-12-09 22:45:00 60416 ----a-w- C:\Windows\System32\drivers\iBtFltCoex.sys

    2011-12-09 22:34:00 47616 ----a-w- C:\Windows\System32\opphelper.dll

    .

    ============= FINISH: 17:30:51,75 ===============

    GMER 1.0.15.15641 - http://www.gmer.net

    Rootkit scan 2012-02-18 18:06:41

    Windows 6.1.7601 Service Pack 1

    Running: gmer.exe

    ---- Registry - GMER 1.0.15 ----

    Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\4c80930e1590

    Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\4c80930e1590 (not active ControlSet)

    ---- Files - GMER 1.0.15 ----

    File C:\## aswSnx private storage 0 bytes

    File C:\## aswSnx private storage\sfzone 0 bytes

    File C:\## aswSnx private storage\sfzone\attrib 0 bytes

    File C:\## aswSnx private storage\sfzone\image 0 bytes

    File C:\## aswSnx private storage\sfzone\image\ProgramData 0 bytes

    File C:\## aswSnx private storage\sfzone\image\ProgramData\NVIDIA Corporation 0 bytes

    File C:\## aswSnx private storage\sfzone\image\ProgramData\NVIDIA Corporation\Drs 0 bytes

    File C:\## aswSnx private storage\sfzone\image\ProgramData\NVIDIA Corporation\Drs\nvdrssel.bin 1 bytes

    File C:\## aswSnx private storage\sfzone\image\sfzone_profile 0 bytes

    File C:\## aswSnx private storage\sfzone\image\sfzone_profile\chrome_shutdown_ms.txt 3 bytes

    File C:\## aswSnx private storage\sfzone\image\sfzone_profile\Default 0 bytes

    File C:\## aswSnx private storage\sfzone\image\sfzone_profile\Default\Archived History 53248 bytes

    File C:\## aswSnx private storage\sfzone\image\sfzone_profile\Default\Bookmarks 511 bytes

    File C:\## aswSnx private storage\sfzone\image\sfzone_profile\Default\Bookmarks.bak 511 bytes

    File C:\## aswSnx private storage\sfzone\image\sfzone_profile\Default\Cache 0 bytes

    File C:\## aswSnx private storage\sfzone\image\sfzone_profile\Default\Cache\f_000010 37343 bytes

    File C:\## aswSnx private storage\sfzone\image\sfzone_profile\Default\Cache\f_000022 18994 bytes

    File C:\## aswSnx private storage\sfzone\image\sfzone_profile\Default\Cache\data_0 45056 bytes

    File C:\## aswSnx private storage\sfzone\image\sfzone_profile\Default\Cache\data_1 794624 bytes

    File C:\## aswSnx private storage\sfzone\image\sfzone_profile\Default\Cache\data_2 1056768 bytes

    File C:\## aswSnx private storage\sfzone\image\sfzone_profile\Default\Cache\data_3 4202496 bytes

    File C:\## aswSnx private storage\sfzone\image\sfzone_profile\Default\Cache\f_000006 37478 bytes

    File C:\## aswSnx private storage\sfzone\image\sfzone_profile\Default\Cache\f_00000a 53658 bytes

    File C:\## aswSnx private storage\sfzone\image\sfzone_profile\Default\Cache\f_00000b 25631 bytes

    File C:\## aswSnx private storage\sfzone\image\sfzone_profile\Default\Cache\f_00000c 77758 bytes

    File C:\## aswSnx private storage\sfzone\image\sfzone_profile\Default\Cache\f_00000d 17209 bytes

    File C:\## aswSnx private storage\sfzone\image\sfzone_profile\Default\Cache\f_00000e 35324 bytes

    File C:\## aswSnx private storage\sfzone\image\sfzone_profile\Default\Cache\f_00000f 18626 bytes

    File C:\## aswSnx private storage\sfzone\image\sfzone_profile\Default\Cache\f_000011 18632 bytes

    File C:\## aswSnx private storage\sfzone\image\sfzone_profile\Default\Cache\f_000012 57254 bytes

    File C:\## aswSnx private storage\sfzone\image\sfzone_profile\Default\Cache\f_000013 17824 bytes

    File C:\## aswSnx private storage\sfzone\image\sfzone_profile\Default\Cache\f_000014 17209 bytes

    File C:\## aswSnx private storage\sfzone\image\sfzone_profile\Default\Cache\f_000015 29619 bytes

    File C:\## aswSnx private storage\sfzone\image\sfzone_profile\Default\Cache\f_000016 46420 bytes

    File C:\## aswSnx private storage\sfzone\image\sfzone_profile\Default\Cache\f_000017 66106 bytes

    File C:\## aswSnx private storage\sfzone\image\sfzone_profile\Default\Cache\f_000018 66459 bytes

    File C:\## aswSnx private storage\sfzone\image\sfzone_profile\Default\Cache\f_000019 84126 bytes

    File C:\## aswSnx private storage\sfzone\image\sfzone_profile\Default\Cache\f_00001a 18626 bytes

    File C:\## aswSnx private storage\sfzone\image\sfzone_profile\Default\Cache\f_00001b 18632 bytes

    File C:\## aswSnx private storage\sfzone\image\sfzone_profile\Default\Cache\f_00001c 37343 bytes

    File C:\## aswSnx private storage\sfzone\image\sfzone_profile\Default\Cache\f_00001d 57254 bytes

    File C:\## aswSnx private storage\sfzone\image\sfzone_profile\Default\Cache\f_00001e 17824 bytes

    File C:\## aswSnx private storage\sfzone\image\sfzone_profile\Default\Cache\f_00001f 17209 bytes

    File C:\## aswSnx private storage\sfzone\image\sfzone_profile\Default\Cache\f_000020 84126 bytes

    File C:\## aswSnx private storage\sfzone\image\sfzone_profile\Default\Cache\f_000021 21522 bytes

    File C:\## aswSnx private storage\sfzone\image\sfzone_profile\Default\Cache\index 524656 bytes

    File C:\## aswSnx private storage\sfzone\image\sfzone_profile\Default\Cookies 18432 bytes

    File C:\## aswSnx private storage\sfzone\image\sfzone_profile\Default\Current Session 2175 bytes

    File C:\## aswSnx private storage\sfzone\image\sfzone_profile\Default\Current Tabs 1454 bytes

    File C:\## aswSnx private storage\sfzone\image\sfzone_profile\Default\databases 0 bytes

    File C:\## aswSnx private storage\sfzone\image\sfzone_profile\Default\databases\Databases.db 9216 bytes

    File C:\## aswSnx private storage\sfzone\image\sfzone_profile\Default\Favicons 16384 bytes

    File C:\## aswSnx private storage\sfzone\image\sfzone_profile\Default\History 110592 bytes

    File C:\## aswSnx private storage\sfzone\image\sfzone_profile\Default\History Index 2012-02 180224 bytes

    File C:\## aswSnx private storage\sfzone\image\sfzone_profile\Default\JumpListIcons 0 bytes

    File C:\## aswSnx private storage\sfzone\image\sfzone_profile\Default\JumpListIcons\AA22.tmp 151814 bytes

    File C:\## aswSnx private storage\sfzone\image\sfzone_profile\Default\JumpListIconsOld 0 bytes

    File C:\## aswSnx private storage\sfzone\image\sfzone_profile\Default\JumpListIconsOld\530A.tmp 151814 bytes

    File C:\## aswSnx private storage\sfzone\image\sfzone_profile\Default\Local Storage 0 bytes

    File C:\## aswSnx private storage\sfzone\image\sfzone_profile\Default\Media Cache 0 bytes

    File C:\## aswSnx private storage\sfzone\image\sfzone_profile\Default\Media Cache\data_0 8192 bytes

    File C:\## aswSnx private storage\sfzone\image\sfzone_profile\Default\Media Cache\data_1 270336 bytes

    File C:\## aswSnx private storage\sfzone\image\sfzone_profile\Default\Media Cache\data_2 8192 bytes

    File C:\## aswSnx private storage\sfzone\image\sfzone_profile\Default\Media Cache\data_3 8192 bytes

    File C:\## aswSnx private storage\sfzone\image\sfzone_profile\Default\Media Cache\index 524656 bytes

    File C:\## aswSnx private storage\sfzone\image\sfzone_profile\Default\Plugin Data 0 bytes

    File C:\## aswSnx private storage\sfzone\image\sfzone_profile\Default\Plugin Data\Google Gears 0 bytes

    File C:\## aswSnx private storage\sfzone\image\sfzone_profile\Default\Preferences 3788 bytes

    File C:\## aswSnx private storage\sfzone\image\sfzone_profile\Default\Top Sites 20480 bytes

    File C:\## aswSnx private storage\sfzone\image\sfzone_profile\Default\User StyleSheets 0 bytes

    File C:\## aswSnx private storage\sfzone\image\sfzone_profile\Default\User StyleSheets\Custom.css 0 bytes

    File C:\## aswSnx private storage\sfzone\image\sfzone_profile\Default\Visited Links 131072 bytes

    File C:\## aswSnx private storage\sfzone\image\sfzone_profile\Default\Web Data 61440 bytes

    File C:\## aswSnx private storage\sfzone\image\sfzone_profile\Local State 6080 bytes

    File C:\## aswSnx private storage\sfzone\image\sfzone_profile\Safe Browsing Bloom 3911052 bytes

    File C:\## aswSnx private storage\sfzone\image\sfzone_profile\Safe Browsing Bloom Filter 2 1190943 bytes

    File C:\## aswSnx private storage\sfzone\image\Users 0 bytes

    File C:\## aswSnx private storage\sfzone\image\Users\AMANDINHA 0 bytes

    File C:\## aswSnx private storage\sfzone\image\Users\AMANDINHA\AppData 0 bytes

    File C:\## aswSnx private storage\sfzone\image\Users\AMANDINHA\AppData\Local 0 bytes

    File C:\## aswSnx private storage\sfzone\image\Users\AMANDINHA\AppData\Local\Microsoft 0 bytes

    File C:\## aswSnx private storage\sfzone\image\Users\AMANDINHA\AppData\Local\Microsoft\Windows 0 bytes

    File C:\## aswSnx private storage\sfzone\image\Users\AMANDINHA\AppData\Local\Microsoft\Windows\History 0 bytes

    File C:\## aswSnx private storage\sfzone\image\Users\AMANDINHA\AppData\Local\Microsoft\Windows\History\History.IE5 0 bytes

    File C:\## aswSnx private storage\sfzone\image\Users\AMANDINHA\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat 16384 bytes

    File C:\## aswSnx private storage\sfzone\image\Users\AMANDINHA\AppData\Local\Microsoft\Windows\Temporary Internet Files 0 bytes

    File C:\## aswSnx private storage\sfzone\image\Users\AMANDINHA\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 0 bytes

    File C:\## aswSnx private storage\sfzone\image\Users\AMANDINHA\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3O29JEYL 0 bytes

    File C:\## aswSnx private storage\sfzone\image\Users\AMANDINHA\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3O29JEYL\desktop.ini 67 bytes

    File C:\## aswSnx private storage\sfzone\image\Users\AMANDINHA\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8Z1ZBYO4 0 bytes

    File C:\## aswSnx private storage\sfzone\image\Users\AMANDINHA\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8Z1ZBYO4\desktop.ini 67 bytes

    File C:\## aswSnx private storage\sfzone\image\Users\AMANDINHA\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\D3UFHESK 0 bytes

    File C:\## aswSnx private storage\sfzone\image\Users\AMANDINHA\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\D3UFHESK\desktop.ini 67 bytes

    File C:\## aswSnx private storage\sfzone\image\Users\AMANDINHA\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat 32768 bytes

    File C:\## aswSnx private storage\sfzone\image\Users\AMANDINHA\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\JTEC0F47 0 bytes

    File C:\## aswSnx private storage\sfzone\image\Users\AMANDINHA\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\JTEC0F47\desktop.ini 67 bytes

    File C:\## aswSnx private storage\sfzone\image\Users\AMANDINHA\AppData\Local\Temp 0 bytes

    File C:\## aswSnx private storage\sfzone\image\Users\AMANDINHA\AppData\LocalLow 0 bytes

    File C:\## aswSnx private storage\sfzone\image\Users\AMANDINHA\AppData\LocalLow\Microsoft 0 bytes

    File C:\## aswSnx private storage\sfzone\image\Users\AMANDINHA\AppData\LocalLow\Microsoft\CryptnetUrlCache 0 bytes

    File C:\## aswSnx private storage\sfzone\image\Users\AMANDINHA\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content 0 bytes

    File C:\## aswSnx private storage\sfzone\image\Users\AMANDINHA\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\48C226A0FE7D97DE1C716B47235CB639_A62A12E9232B27717F82C4F61F73EB86 1084 bytes

    File C:\## aswSnx private storage\sfzone\image\Users\AMANDINHA\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\8890A77645B73478F5B1DED18ACBF795_D3DB95C0E7608ACC9AA10ACCCCEBBDF5 471 bytes

    File C:\## aswSnx private storage\sfzone\image\Users\AMANDINHA\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F4B372709D6C2AD766C34D274501DC76_C08D897FBCD7D5D638FCD154D1404CBE 1938 bytes

    File C:\## aswSnx private storage\sfzone\image\Users\AMANDINHA\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\FDCDA60516A338BF2CE73506D1835F5D_562B5820AA1E7B9963A0EC2E87D8F224 471 bytes

    File C:\## aswSnx private storage\sfzone\image\Users\AMANDINHA\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\FDCDA60516A338BF2CE73506D1835F5D_EB0A434D23B40DF48D0DE6FB6A09D527 471 bytes

    File C:\## aswSnx private storage\sfzone\image\Users\AMANDINHA\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData 0 bytes

    File C:\## aswSnx private storage\sfzone\image\Users\AMANDINHA\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\48C226A0FE7D97DE1C716B47235CB639_A62A12E9232B27717F82C4F61F73EB86 400 bytes

    File C:\## aswSnx private storage\sfzone\image\Users\AMANDINHA\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\8890A77645B73478F5B1DED18ACBF795_D3DB95C0E7608ACC9AA10ACCCCEBBDF5 400 bytes

    File C:\## aswSnx private storage\sfzone\image\Users\AMANDINHA\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F4B372709D6C2AD766C34D274501DC76_C08D897FBCD7D5D638FCD154D1404CBE 374 bytes

    File C:\## aswSnx private storage\sfzone\image\Users\AMANDINHA\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\FDCDA60516A338BF2CE73506D1835F5D_562B5820AA1E7B9963A0EC2E87D8F224 404 bytes

    File C:\## aswSnx private storage\sfzone\image\Users\AMANDINHA\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\FDCDA60516A338BF2CE73506D1835F5D_EB0A434D23B40DF48D0DE6FB6A09D527 404 bytes

    File C:\## aswSnx private storage\sfzone\image\Users\AMANDINHA\AppData\Roaming 0 bytes

    File C:\## aswSnx private storage\sfzone\image\Users\AMANDINHA\AppData\Roaming\Macromedia 0 bytes

    File C:\## aswSnx private storage\sfzone\image\Users\AMANDINHA\AppData\Roaming\Macromedia\Flash Player 0 bytes

    File C:\## aswSnx private storage\sfzone\image\Users\AMANDINHA\AppData\Roaming\Macromedia\Flash Player\#SharedObjects 0 bytes

    File C:\## aswSnx private storage\sfzone\image\Users\AMANDINHA\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\S6U33WG8 0 bytes

    File C:\## aswSnx private storage\sfzone\image\Users\AMANDINHA\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\S6U33WG8\static.xvideos.com 0 bytes

    File C:\## aswSnx private storage\sfzone\image\Users\AMANDINHA\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\S6U33WG8\static.xvideos.com\swf 0 bytes

    File C:\## aswSnx private storage\sfzone\image\Users\AMANDINHA\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\S6U33WG8\static.xvideos.com\swf\flv_player_site_v4.swf 0 bytes

    File C:\## aswSnx private storage\sfzone\image\Users\AMANDINHA\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\S6U33WG8\static.xvideos.com\swf\flv_player_site_v4.swf\hexaplayerVolumeCookie.sol 61 bytes

    File C:\## aswSnx private storage\sfzone\image\Users\AMANDINHA\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\S6U33WG8\static.xvideos.com\swf\xv-player.swf 0 bytes

    File C:\## aswSnx private storage\sfzone\image\Users\AMANDINHA\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\S6U33WG8\static.xvideos.com\swf\xv-player.swf\hexaplayerVolumeCookie.sol 61 bytes

    File C:\## aswSnx private storage\sfzone\image\Users\AMANDINHA\AppData\Roaming\Macromedia\Flash Player\macromedia.com 0 bytes

    File C:\## aswSnx private storage\sfzone\image\Users\AMANDINHA\AppData\Roaming\Macromedia\Flash Player\macromedia.com\support 0 bytes

    File C:\## aswSnx private storage\sfzone\image\Users\AMANDINHA\AppData\Roaming\Macromedia\Flash Player\macromedia.com\support\flashplayer 0 bytes

    File C:\## aswSnx private storage\sfzone\image\Users\AMANDINHA\AppData\Roaming\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys 0 bytes

    File C:\## aswSnx private storage\sfzone\image\Users\AMANDINHA\AppData\Roaming\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#static.xvideos.com 0 bytes

    File C:\## aswSnx private storage\sfzone\image\Users\AMANDINHA\AppData\Roaming\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#static.xvideos.com\settings.sol 88 bytes

    File C:\## aswSnx private storage\sfzone\image\Users\AMANDINHA\AppData\Roaming\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\settings.sol 507 bytes

    File C:\## aswSnx private storage\sfzone\image\Users\AMANDINHA\AppData\Roaming\Microsoft 0 bytes

    File C:\## aswSnx private storage\sfzone\image\Users\AMANDINHA\AppData\Roaming\Microsoft\Windows 0 bytes

    File C:\## aswSnx private storage\sfzone\image\Users\AMANDINHA\AppData\Roaming\Microsoft\Windows\Cookies 0 bytes

    File C:\## aswSnx private storage\sfzone\image\Users\AMANDINHA\AppData\Roaming\Microsoft\Windows\Cookies\index.dat 16384 bytes

    File C:\## aswSnx private storage\sfzone\image\Users\AMANDINHA\AppData\Roaming\Microsoft\Windows\Recent 0 bytes

    File C:\## aswSnx private storage\sfzone\image\Users\AMANDINHA\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations 0 bytes

    File C:\## aswSnx private storage\sfzone\image\Users\AMANDINHA\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\d8b393b9387fc13c.customDestinations-ms 7500 bytes

    File C:\## aswSnx private storage\sfzone\image\Users\AMANDINHA\Desktop 0 bytes

    File C:\## aswSnx private storage\sfzone\image\Users\AMANDINHA\Desktop\Chromium.lnk 2123 bytes

    File C:\## aswSnx private storage\sfzone\snx_fs.dat 25750 bytes

    File C:\## aswSnx private storage\snx_rhive 262144 bytes

    File C:\## aswSnx private storage\snx_rhive.LOG1 87040 bytes

    File C:\## aswSnx private storage\snx_rhive.LOG2 0 bytes

    File C:\## aswSnx private storage\snx_rhive{60c91d4a-57ba-11e1-adde-4c80930e1590}.TM.blf 65536 bytes

    File C:\## aswSnx private storage\snx_rhive{60c91d4a-57ba-11e1-adde-4c80930e1590}.TMContainer00000000000000000001.regtrans-ms 524288 bytes

    File C:\## aswSnx private storage\snx_rhive{60c91d4a-57ba-11e1-adde-4c80930e1590}.TMContainer00000000000000000002.regtrans-ms 524288 bytes

    File F:\## aswSnx private storage 0 bytes

    File F:\## aswSnx private storage\sfzone 0 bytes

    File F:\## aswSnx private storage\sfzone\attrib 0 bytes

    File F:\## aswSnx private storage\sfzone\image 0 bytes

    ---- EOF - GMER 1.0.15 ----

    Editado por Magrella

    Compartilhar este post


    Link para o post
    Compartilhar em outros sites

    Olá! Seja bem vindo(a) à Remoção de Malwares do Fórum do Clube do Hardware.

    Se preferir, salve essa página em seus favoritos para acessar mais facilmente.

    Tome nota do seguinte, por favor:

    • a partir de agora analisarei seus logs e orientar-lhe-ei quando necessário. Voltarei assim que possível!
      NÃO faça nenhuma alteração e aguarde.
    • O processo de análise não é instantâneo. Seja paciente e aguarde pelas minhas instruções.
    • As instruções serão específicas para o seu problema e apenas deverão ser usadas neste PC.
    • Se houver algo que não entenda e lhe deixe dúvidas, por favor pergunte antes de prosseguir com as instruções.
    • Por favor coloque as suas respostas neste topico. NÃO inicie um novo tópico!
    • Caso eu fique mais de 4 (quatro) dias sem lhe responder, me envie uma Mensagem Privada.

    Abraços!

    Compartilhar este post


    Link para o post
    Compartilhar em outros sites

    Olá!

    Salve ou imprima estas instruções, se preferir.

    Vamos lá!

    ETAPA #1

    Faça o download do Malwarebytes Anti-Malware:

    • Link1
    • Link alternativo
      • Duplo-clique em mbam-setup.exe, escolha a linguagem e siga as instruções para o software ser instalado.
      • Certifique-se que marca a caixa Atualizar Malwarebytes Anti-Malware e Executar Malwarebytes Anti-Malware, e clique em concluir.
      • Se existirem atualizações, elas serão baixadas e instaladas.
      • Quando as atualizações terminarem, abrirá uma janela do programa. Marque "Verificação Rápida", e depois clique no botão Verificar.
      • O scan iniciará e poderá ser demorado. Por favor seja paciente.
      • Quando o scan estiver completo, clique em Ok, depois em Mostrar Resultados para ver o log.
      • Se algo for encontrado, certifique-se que tudo está marcado e clique em Remover.
      • Quando a desinfecção terminar, automaticamente um log surgirá aberto num documento do Bloco de Notas e pode ser questionado para reiniciar o PC. (Leia a nota)
      • O log é automaticamente guardado e pode ser consultado clicando na tab Logs do menu principal.
      • Copie e cole o conteúdo desse log na sua próxima resposta.

    Nota: Em infecções mais complicadas, poderá haver a necessidade de reiniciar o PC. Caso lhe seja pedido para reiniciar o PC, por favor, faça-o imediatamente.

    Abraços!

    Compartilhar este post


    Link para o post
    Compartilhar em outros sites
  • Autor do tópico
  • Boa noite!

    Malwarebytes Anti-Malware 1.60.1.1000

    www.malwarebytes.org

    Versão da Base de Dados: v2012.02.23.01

    Windows 7 Service Pack 1 x64 NTFS

    Internet Explorer 9.0.8112.16421

    AMANDINHA :: PSICODELICA-PC [administrador]

    22/02/2012 23:51:23

    mbam-log-2012-02-22 (23-51-23).txt

    Tipo de Verificação: Verificação Rápida

    Opções de verificações ativadas: Memória | Inicialização | Registro | Sistema de arquivos | Heurística/Extra | Heurística/Shuriken | PUP | PUM

    Opções de verificação desativadas: P2P

    Objetos escaneados: 196376

    Tempo decorrido: 3 minuto(s), 21 segundo(s)

    Processos de Memória Detectados: 0

    (Não foram detectados ítens maliciosos)

    Módulos de Memória Detectados: 0

    (Não foram detectados ítens maliciosos)

    Chaves de Registro Detectadas: 0

    (Não foram detectados ítens maliciosos)

    Valores de Registro Detectadas: 0

    (Não foram detectados ítens maliciosos)

    Itens de Dados no Registro Detectadas: 0

    (Não foram detectados ítens maliciosos)

    Pastas Detectadas: 0

    (Não foram detectados ítens maliciosos)

    Arquivos Detectados: 1

    C:\Users\Public\Desktop\MP3 Downloader.lnk (Rogue.Link) -> Enviado para a Quarentena e deletado com sucesso.

    (fim)

    deletei o que foi encontrado..

    abraço !!1

    Compartilhar este post


    Link para o post
    Compartilhar em outros sites

    Parabéns, seu log está limpo. Seu problema não tem relação com malwares.

    Uma das opções que você tem é tentar reparar a instalação do windows, colocando o CD do mesmo e utilizando suas ferramentas de recuperação.

    Como seu problema não tem relação com Malwares, recomendo a criação de um tópico em uma seção onde mais usuários possam lhe auxiliar, como por exemplo esta:

    http://forum.clubedohardware.com.br/windows-7/f274

    De agora em diante fique ALERTA!

    Para finalizar faça o seguinte:

    Sugiro que rode o CCleaner para fazer uma limpeza em sua máquina. Faça o download dele aqui CCleaner

    • Abra o programa e clique em Executar Limpeza;
    • Após isto, clique em Erros >> Procurar erros >> Corrigir Erros

    Sugiro também que consulte este artigo: Proteja seu PC

    Mantenha seus programas devidamente atualizados.

    Estar atualizado é estar seguro. Clique aqui

    Mais algum problema com o computador?

    Compartilhar este post


    Link para o post
    Compartilhar em outros sites
  • Autor do tópico
  • Valeu e obrigada pela ajuda...

    Mas o note passou a desligar normalmente...

    Obrigada pela atencao...

    Compartilhar este post


    Link para o post
    Compartilhar em outros sites

    Caso o autor do tópico necessite, o mesmo será reaberto, para isso deverá entrar em contato com a moderação solicitando o desbloqueio.

    Compartilhar este post


    Link para o post
    Compartilhar em outros sites
    Visitante
    Este tópico está impedido de receber novos posts.
    Entre para seguir isso  





    Sobre o Clube do Hardware

    No ar desde 1996, o Clube do Hardware é uma das maiores, mais antigas e mais respeitadas publicações sobre tecnologia do Brasil. Leia mais

    Direitos autorais

    Não permitimos a cópia ou reprodução do conteúdo do nosso site, fórum, newsletters e redes sociais, mesmo citando-se a fonte. Leia mais

    ×