Ir ao conteúdo
  • Comunicados

    • diego_moicano

      Gostaria de se tornar um analista em Remoção de Malware?   07-12-2015

      Gostaria de se tornar um analista em Remoção de Malware? O Fórum Clube do Hardware deu início a um programa de treinamento em análises de log. Os interessados deverão enviar um email para aprendizes (arroba) clubedohardware (ponto) com (ponto) br respondendo as seguintes perguntas: Por que você gostaria de aprender a analisar logs? Possui tempo hábil para o treinamento? Tem conhecimentos em informática? Se sim descreva-os. Possui inglês para leitura? Qual seu objetivo após completar o treinamento?   Não se esqueça de incluir no e-mail o seu nome de usuário (fornecer o link também), idade e cidade onde vive. Adicione também qualquer experiência e/ou razão sobre o porquê você seria um bom Analista. É digno de nota que apenas os que forem selecionados receberão resposta por MP (Mensagem Pessoal), não existe um padrão na escolha dos futuros aprendizes, todos os e-mails serão lidos e serão analisados de forma imparcial, portanto não será permitido reclamações neste aspecto. O treinamento é dado no próprio fórum. Quando um aprendiz é selecionado ele é movido para um novo grupo, onde terá acesso a fóruns fechados para os demais usuários onde poderá dar inicio ao seu treinamento. Importante: A cada 30 dias os e-mails não selecionados serão apagados, portanto você pode enviar um novo e-mail após 1 mês, e-mails enviados antes serão desconsiderados.  
    • Gabriel Torres

      Seja um moderador do Clube do Hardware!   12-02-2016

      Prezados membros do Clube do Hardware, Está aberto o processo de seleção de novos moderadores para diversos setores ou áreas do Clube do Hardware. Os requisitos são:   Pelo menos 500 posts e um ano de cadastro; Boa frequência de participação; Ser respeitoso, cordial e educado com os demais membros; Ter bom nível de português; Ter razoável conhecimento da área em que pretende atuar; Saber trabalhar em equipe (com os moderadores, coordenadores e administradores).   Os interessados deverão enviar uma mensagem privada para o usuário @Equipe Clube do Hardware com o título "Candidato a moderador". A mensagem deverá conter respostas às perguntas abaixo:   Qual o seu nome completo? Qual sua data de nascimento? Qual sua formação/profissão? Já atuou como moderador em algo outro fórum, se sim, qual? De forma sucinta, explique o porquê de querer ser moderador do fórum e conte-nos um pouco sobre você.   OBS: Não se trata de função remunerada. Todos que fazem parte do staff são voluntários.
soniagoes

pastas do windows explorer ficam com a extensão .exe

Recommended Posts

Boa tarde !

Desde já, quero agradecer muito pela disponibilidade de todos pelo importantíssimo trabalho.

Estou com um problema bem chato. :mellow:

1. minhas pastas do windows explorer se transformaram em arquivos com extensão .exe.

2. quando tento abrí-las, elas não abrem e também não deixam sair daquele direitorio.

3. se as pastas estão no pendrive, não se consegue fechar o pendrive.

4. agora quando inicio o windows, ele dá erros com mensagens dizendo que estão faltando algumas .dll (exemplo: mozglwe.dll) e que precisam ser instaladas.

5. entrei nesse site e segui as instruções de instalar o dds.scr e postar o resultado dos arquivos gerados aqui....os resultados dos arquivos estão abaixo:

.

DDS (Ver_2011-08-26.01) - NTFSx86

Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 10.3.1

Run by sgoes at 11:47:13 on 2012-05-22

Microsoft Windows 7 Professional 6.1.7601.1.1252.55.1046.18.3327.1886 [GMT -3:00]

.

SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

============== Running Processes ===============

.

C:\Windows\system32\wininit.exe

C:\Windows\system32\lsm.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\system32\nvvsvc.exe

C:\PROGRA~1\GbPlugin\GbpSv.exe

C:\Windows\system32\svchost.exe -k RPCSS

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\AUDIODG.EXE

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\nvvsvc.exe

C:\Windows\system32\svchost.exe -k NetworkService

C:\Windows\System32\spoolsv.exe

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe

C:\Windows\system32\svchost.exe -k apphost

C:\Program Files\Bonjour\mDNSResponder.exe

C:\Java\glassfish-3.1.2\glassfish\domains\domain1\bin\domain1Service.exe

C:\PROGRA~1\SOFTWA~1\ENTIREX\BIN\ETBSRV.EXE

C:\Program Files\Kaspersky Lab\NetworkAgent\klnagent.exe

C:\Windows\system32\conhost.exe

C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe

C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe

C:\Windows\system32\java.exe

C:\Java\jre7\bin\java.exe

C:\Windows\system32\conhost.exe

C:\Program Files\Softwell Solutions\Maker 2.7\PostgreSQL\bin\pg_ctl.exe

C:\Windows\system32\rserver30\RServer3.exe

C:\Program Files\Softwell Solutions\Maker 2.7\PostgreSQL\bin\postgres.exe

C:\Windows\system32\conhost.exe

C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe

C:\Windows\system32\svchost.exe -k imgsvc

C:\Java\Tomcat 7.0\bin\Tomcat7.exe

C:\Program Files\Softwell Solutions\Maker 2.7\PostgreSQL\bin\postgres.exe

C:\Program Files\Softwell Solutions\Maker 2.7\PostgreSQL\bin\postgres.exe

C:\Program Files\Softwell Solutions\Maker 2.7\PostgreSQL\bin\postgres.exe

C:\Program Files\Softwell Solutions\Maker 2.7\PostgreSQL\bin\postgres.exe

C:\Program Files\Softwell Solutions\Maker 2.7\PostgreSQL\bin\postgres.exe

C:\Windows\system32\svchost.exe -k iissvcs

C:\Program Files\Softwell Solutions\Maker 2.7\Webrun 2\tomcat\bin\tomcat6.exe

C:\Windows\system32\conhost.exe

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe

C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k secsvcs

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\Windows\system32\WUDFHost.exe

C:\Windows\system32\taskhost.exe

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Windows\System32\install\win32.exe

C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe

C:\Program Files\VIA\VIAudioi\VDeck\VDeck.exe

C:\Program Files\Common Files\Java\Java Update\jusched.exe

C:\Program Files\PDF24\pdf24.exe

C:\Java\Tomcat 7.0\bin\Tomcat7w.exe

C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe

C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe

C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe

C:\Windows\system32\rserver30\FamItrfc.Exe

C:\Program Files\Mozilla Firefox\firefox.exe

C:\Windows\system32\rserver30\FamItrfc.Exe

C:\Windows\system32\SearchIndexer.exe

C:\Program Files\Mozilla Firefox\firefox.exe

C:\Windows\system32\sppsvc.exe

C:\Windows\system32\wuauclt.exe

C:\Windows\system32\SearchProtocolHost.exe

\\?\C:\Windows\system32\wbem\WMIADAP.EXE

C:\Windows\system32\wbem\wmiprvse.exe

C:\Windows\system32\SearchFilterHost.exe

C:\Windows\system32\DllHost.exe

C:\Windows\system32\conhost.exe

C:\Windows\system32\wbem\wmiprvse.exe

.

============== Pseudo HJT Report ===============

.

BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll

BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll

BHO: Windows Live Messenger Companion Helper: {9fdde16b-836f-4806-ab1f-1455cbeff289} - c:\program files\windows live\companion\companioncore.dll

BHO: Skype Browser Helper: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll

BHO: GbIehObj Class: {c41a1c0e-ea6c-11d4-b1b8-444553540003} - c:\program files\gbplugin\gbiehcef.dll

BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\oracle\javafx 2.0 runtime\bin\jp2ssv.dll

uRun: [Google Update] "c:\users\sgoes\appdata\local\google\update\GoogleUpdate.exe" /c

uRun: [ApacheTomcatMonitor7.0_Tomcat7] "c:\java\tomcat 7.0\bin\Tomcat7w.exe" //MS//Tomcat7

uRun: [msnmsgr] "c:\program files\windows live\messenger\msnmsgr.exe" /background

uRun: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "c:\program files\common files\nero\lib\NMBgMonitor.exe"

uRun: [skype] "c:\program files\skype\phone\Skype.exe" /minimized /regrun

uRun: [HKCU] c:\windows\system32\install\win32.exe

mRun: [AdobeAAMUpdater-1.0] "c:\program files\common files\adobe\oobe\pdapp\uwa\UpdaterStartupUtility.exe"

mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"

mRun: [HDAudDeck] c:\program files\via\viaudioi\vdeck\VDeck.exe -r

mRun: [sunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"

mRun: [NeroFilterCheck] c:\program files\common files\nero\lib\NeroCheck.exe

mRun: [NBKeyScan] "c:\program files\nero\nero8\nero backitup\NBKeyScan.exe"

mRun: [Tutorials]

mRun: [PDFPrint] c:\program files\pdf24\pdf24.exe

mRun: [HKLM] c:\windows\system32\install\win32.exe

uExplorerRun: [Policies] c:\windows\system32\install\win32.exe

mExplorerRun: [Policies] c:\windows\system32\install\win32.exe

mPolicies-system: ConsentPromptBehaviorAdmin = 0 (0x0)

mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)

mPolicies-system: EnableLUA = 0 (0x0)

mPolicies-system: EnableUIADesktopToggle = 0 (0x0)

mPolicies-system: PromptOnSecureDesktop = 0 (0x0)

IE: E&xportar para o Microsoft Excel - c:\progra~1\micros~1\office12\EXCEL.EXE/3000

IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - c:\program files\windows live\companion\companioncore.dll

IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll

IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~1\office12\REFIEBAR.DLL

Trusted Zone: caixa.gov.br

DPF: {1663ed61-23eb-11d2-b92f-008048fdd814} - hxxp://10.9.23.15:8010/autorecolhimento/smsx.cab

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_03-windows-i586.cab

DPF: {CAFEEFAC-0017-0000-0003-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_03-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_03-windows-i586.cab

DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab

DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} -

TCP: DhcpNameServer = 10.9.23.2 10.9.23.4

TCP: Interfaces\{39D8D609-8ABC-448F-A268-F4E1CE9638BB} : DhcpNameServer = 10.9.23.2 10.9.23.4

Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll

Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL

Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - c:\program files\windows live\photo gallery\AlbumDownloadProtocolHandler.dll

Notify: GbPluginCef - c:\program files\gbplugin\gbiehCef.dll

SEH: GbPluginObj Class: {e37cb5f0-51f5-4395-a808-5fa49e399003} - c:\program files\gbplugin\gbiehcef.dll

mASetup: {45ea75a0-a269-11d1-b5bf-f1f2f1f2f1f2} - c:\windows\system32\install\win32.exe -restart

mASetup: {X11271YO-2X30-IW7A-0M66-Q3TCM6415B81} - c:\windows\system32\install\win32.exe Restart

.

================= FIREFOX ===================

.

https://accounts.google.com/ServiceLogin?service=mail&passive=true&rm=false&continue=http://mail.google.com/mail/&scc=1&ltmpl=default&ltmplcache=2

FF - plugin: c:\program files\adobe\reader 10.0\reader\air\nppdf32.dll

FF - plugin: c:\program files\microsoft silverlight\4.1.10329.0\npctrlui.dll

FF - plugin: c:\program files\mozilla firefox\plugins\npatgpc.dll

FF - plugin: c:\program files\oracle\javafx 2.0 runtime\bin\plugin2\npjp2.dll

FF - plugin: c:\program files\windows live\photo gallery\NPWLPG.dll

FF - plugin: c:\users\sgoes\appdata\local\google\update\1.3.21.111\npGoogleUpdate3.dll

FF - plugin: c:\users\sgoes\appdata\roaming\mozilla\firefox\profiles\dnil3iwt.default\extensions\{87f8774f-b485-47e2-a755-a40a8a5e886c}\plugins\npgbfnc_bb.dll

FF - plugin: c:\users\sgoes\appdata\roaming\mozilla\firefox\profiles\dnil3iwt.default\extensions\{87f8774f-b485-47e2-a755-a40a8a5e886d}\plugins\npgbfnc_cef.dll

FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_2_202_235.dll

FF - plugin: c:\windows\system32\npdeployJava1.dll

FF - plugin: c:\windows\system32\npmproxy.dll

.

============= SERVICES / DRIVERS ===============

.

R0 360HookOem;360HookOem;c:\windows\system32\drivers\360HookOem.sys [2012-4-26 54912]

R0 GbpKm;Gbp KernelMode;c:\windows\system32\drivers\gbpkm.sys [2012-3-20 42584]

R1 raddrvv3;raddrvv3;c:\windows\system32\rserver30\raddrvv3.sys [2009-10-9 46304]

R2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\common files\adobe\arm\1.0\armsvc.exe [2011-6-6 64952]

R2 domain1;domain1 GlassFish Server;c:\java\glassfish-3.1.2\glassfish\domains\domain1\bin\domain1Service.exe [2012-5-15 30208]

R2 EXXBrokerService;EntireX Broker Service;c:\progra~1\softwa~1\entirex\bin\ETBSRV.EXE [2011-9-12 57344]

R2 GbpSv;Gbp Service;c:\progra~1\gbplugin\GbpSv.exe [2012-3-20 194904]

R2 klnagent;Kaspersky Lab Network Agent;c:\program files\kaspersky lab\networkagent\klnagent.exe [2012-3-28 124504]

R2 postgresql-9.0;postgresql-9.0 - PostgreSQL Server 9.0;C:/Program Files/Softwell Solutions/Maker 2.7/PostgreSQL/bin/pg_ctl.exe runservice -N "postgresql-9.0" -D

"C:/Program Files/PostgreSQL/9.0/data" -w --> C:/Program Files/Softwell Solutions/Maker 2.7/PostgreSQL/bin/pg_ctl.exe runservice -N postgresql-9.0 [?]

R2 RServer3;Radmin Server V3;c:\windows\system32\rserver30\rserver3.exe [2009-10-9 1242504]

R2 Skype C2C Service;Skype C2C Service;c:\programdata\skype\toolbars\skype c2c service\c2c_service.exe [2012-4-9 3063968]

R2 Tomcat7;Apache Tomcat 7.0 Tomcat7;c:\java\tomcat 7.0\bin\Tomcat7.exe [2012-2-17 77312]

R2 WebrunEnterprise27;Webrun Enterprise 2.7;c:\program files\softwell solutions\maker 2.7\webrun 2\tomcat\bin\tomcat6.exe [2008-7-22 57344]

R3 mirrorv3;mirrorv3;c:\windows\system32\drivers\rminiv3.sys [2009-10-9 3328]

R3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\system32\drivers\viahduaa.sys [2012-3-20 1086976]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]

S2 PSafeSVC;PSafeSVC;c:\program files\psafe\psafesvc.exe --> c:\program files\psafe\PSafesvc.exe [?]

S2 SkypeUpdate;Skype Updater;c:\program files\skype\updater\Updater.exe [2012-5-3 158856]

S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\macromed\flash\FlashPlayerUpdateService.exe [2012-4-26 257696]

S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-13 229888]

S3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files\mozilla maintenance service\maintenanceservice.exe [2012-5-2 129976]

S3 StorSvc;Serviço de Armazenamento;c:\windows\system32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-13 20992]

S3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\TsUsbFlt.sys [2012-3-16 52224]

S3 WatAdminSvc;Serviço de Tecnologias de Ativação do Windows;c:\windows\system32\wat\WatAdminSvc.exe [2011-9-9 1343400]

S3 WMSVC;Serviço de Gerenciamento da Web;c:\windows\system32\inetsrv\WMSvc.exe [2009-7-13 9728]

.

=============== Created Last 30 ================

.

2012-05-22 14:27:59 66 ----a-w- c:\users\sgoes\appdata\local\Tempscratch.bat

2012-05-22 14:17:14 -------- d-----w- c:\windows\system32\install

2012-05-22 10:53:49 6737808 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{fd97d141-e988-4bcc-bfae-7d3d8215aec1}\mpengine.dll

2012-05-22 10:52:10 -------- d-----w- c:\users\sgoes\appdata\local\{4D3F2222-B7D4-4956-A470-12B3905FF3A5}

2012-05-22 10:52:02 -------- d-----w- c:\users\sgoes\appdata\local\{502D9D1C-2E7A-43B6-B5AC-56D53CFF0824}

2012-05-21 11:10:29 6737808 ----a-w- c:\programdata\microsoft\windows defender\definition updates\backup\mpengine.dll

2012-05-21 10:46:13 -------- d-----w- c:\users\sgoes\appdata\local\{3A2124DE-5BCD-4EB5-86BB-F0FD87425A1E}

2012-05-21 10:46:06 -------- d-----w- c:\users\sgoes\appdata\local\{886AD296-24D9-4752-A3EB-DF61C3AE53F0}

2012-05-18 17:38:37 -------- d-----w- c:\programdata\KasperskyLab

2012-05-18 17:38:32 -------- d-----w- c:\program files\common files\Cisco Systems

2012-05-18 17:38:29 -------- d-----w- c:\program files\Kaspersky Lab

2012-05-18 10:41:05 -------- d-----w- c:\users\sgoes\appdata\local\{330C2624-066C-4879-9B6B-04BA819E5455}

2012-05-18 10:40:58 -------- d-----w- c:\users\sgoes\appdata\local\{812E3614-0215-4014-96D9-4B146B5C9114}

2012-05-16 10:54:15 -------- d-----w- c:\users\sgoes\appdata\local\{5D91243B-377F-42DA-8E3C-BE757F64AB32}

2012-05-16 10:54:09 -------- d-----w- c:\users\sgoes\appdata\local\{68B6CA91-F476-4D47-92D4-F13718E3B50D}

2012-05-15 10:47:54 -------- d-----w- c:\users\sgoes\appdata\local\{D90829E1-B973-4826-8736-0FB617F40A72}

2012-05-15 10:47:48 -------- d-----w- c:\users\sgoes\appdata\local\{F5CA0DCF-177D-4C7A-B259-2E84157BCC93}

2012-05-14 14:22:25 -------- d-----w- c:\programdata\boost_interprocess

2012-05-14 14:20:37 -------- d-----r- c:\program files\Skype

2012-05-14 11:37:53 1291632 ----a-w- c:\windows\system32\drivers\tcpip.sys

2012-05-14 11:37:50 989184 ----a-w- c:\program files\windows journal\JNTFiltr.dll

2012-05-14 11:37:50 969216 ----a-w- c:\program files\windows journal\JNWDRV.dll

2012-05-14 11:37:50 936960 ----a-w- c:\program files\common files\microsoft shared\ink\journal.dll

2012-05-14 11:37:50 1221632 ----a-w- c:\program files\windows journal\NBDoc.DLL

2012-05-14 11:37:28 3968368 ----a-w- c:\windows\system32\ntkrnlpa.exe

2012-05-14 11:37:27 3913072 ----a-w- c:\windows\system32\ntoskrnl.exe

2012-05-14 11:37:27 2343424 ----a-w- c:\windows\system32\win32k.sys

2012-05-14 11:36:31 56176 ----a-w- c:\windows\system32\drivers\partmgr.sys

2012-05-14 11:35:51 1077248 ----a-w- c:\windows\system32\DWrite.dll

2012-05-14 10:42:36 -------- d-----w- c:\users\sgoes\appdata\local\{57450BB4-EEF6-4793-A5EC-41CCCD801767}

2012-05-14 10:42:30 -------- d-----w- c:\users\sgoes\appdata\local\{12C37B51-4C1A-448E-B3BB-B3CC04A77F42}

2012-05-11 10:44:00 -------- d-----w- c:\users\sgoes\appdata\local\{B2B6577D-4ACD-45A7-9F13-BE52F6275BC8}

2012-05-11 10:43:58 -------- d-----w- c:\users\sgoes\appdata\local\{3981F1C3-CA3F-4ECD-9482-E8B3BB1E7A3B}

2012-05-10 11:15:29 -------- d-----w- c:\users\sgoes\appdata\local\{7E5315BA-E10E-4284-A4F7-C6805B2D49C4}

2012-05-10 11:15:26 -------- d-----w- c:\users\sgoes\appdata\local\{A25FF39A-BA2F-4889-8B40-6F5C761C7047}

2012-05-09 10:48:38 -------- d-----w- c:\users\sgoes\appdata\local\{EE3392EC-4F69-4B8C-BCE0-D0CD32B2E4CE}

2012-05-09 10:48:28 -------- d-----w- c:\users\sgoes\appdata\local\{F5FA8B89-4F99-4607-BB5B-E89512A03979}

2012-05-08 10:18:35 -------- d-----w- c:\users\sgoes\appdata\local\{5819531A-1A15-49C7-9E1A-B72A0854621E}

2012-05-08 10:18:34 -------- d-----w- c:\users\sgoes\appdata\local\{7696DDD1-3FEE-4E2D-9ED6-C547AA3F839D}

2012-05-07 14:21:32 -------- d-sh--w- c:\windows\system32\AI_RecycleBin

2012-05-07 14:21:29 -------- d-----w- c:\program files\Fliptoast

2012-05-07 14:17:36 -------- d-----w- c:\programdata\Babylon

2012-05-07 10:50:27 -------- d-----w- c:\users\sgoes\appdata\local\{FB0AE655-D9E2-4D84-A648-1F487A8FF5D3}

2012-05-07 10:50:21 -------- d-----w- c:\users\sgoes\appdata\local\{C141BC46-A126-47BF-B92F-38E9961A86F4}

2012-05-04 12:13:41 2818560 ----a-w- c:\windows\system32\Protetor de tela animado de uma noite estrelada.scr

2012-05-04 10:51:23 -------- d-----w- c:\users\sgoes\appdata\local\{D8C0B0C0-31EF-4653-85AC-FD51AD70EC36}

2012-05-04 10:51:20 -------- d-----w- c:\users\sgoes\appdata\local\{A24F5076-C9F9-43BA-8293-CAD91C81D7D3}

2012-05-03 10:46:02 -------- d-----w- c:\users\sgoes\appdata\local\{AA06E179-9C2D-4224-9ABD-C46C79E98058}

2012-05-03 10:45:50 -------- d-----w- c:\users\sgoes\appdata\local\{56AA9B20-A1B3-4C4A-BDD0-22E72A160A03}

2012-05-02 11:11:23 -------- d-----w- c:\program files\Mozilla Maintenance Service

2012-05-02 11:11:07 157352 ----a-w- c:\program files\mozilla firefox\maintenanceservice_installer.exe

2012-05-02 11:11:07 129976 ----a-w- c:\program files\mozilla firefox\maintenanceservice.exe

2012-05-02 10:49:25 -------- d-----w- c:\users\sgoes\appdata\local\{0A8697FD-B2BA-4443-98BC-3A0B66D3C25F}

2012-05-02 10:49:22 -------- d-----w- c:\users\sgoes\appdata\local\{2AB7A91D-E824-4F78-9F0F-082879222A03}

2012-04-27 12:16:18 -------- d-----w- c:\users\sgoes\appdata\local\{1F227B4E-C3CA-4388-BD2E-6053B7FE93E0}

2012-04-27 12:16:11 -------- d-----w- c:\users\sgoes\appdata\local\{F531DAE5-AF51-4671-BBCF-F420D6EB72E7}

2012-04-26 14:58:24 -------- d-----w- c:\users\sgoes\PSafe

2012-04-26 14:58:09 23168 ----a-r- c:\windows\system32\drivers\360RegOem.sys

2012-04-26 14:58:09 146304 ----a-r- c:\windows\system32\drivers\360FileOem.sys

2012-04-26 14:57:38 54912 ----a-r- c:\windows\system32\drivers\360HookOem.sys

2012-04-26 10:49:44 419488 ----a-w- c:\windows\system32\FlashPlayerApp.exe

2012-04-26 10:44:42 -------- d-----w- c:\users\sgoes\appdata\local\{F853FB93-DDC3-4530-B8C1-5369AA72B5B7}

2012-04-26 10:44:36 -------- d-----w- c:\users\sgoes\appdata\local\{E162567B-4B27-4071-82DB-3C094C3B9116}

2012-04-25 10:39:34 -------- d-----w- c:\users\sgoes\appdata\local\{2329B1ED-5CEF-46F4-BD20-0EDF627449F4}

2012-04-25 10:39:26 -------- d-----w- c:\users\sgoes\appdata\local\{829ECDEF-FE9A-4287-848C-6E31BD7A1847}

2012-04-23 13:26:28 -------- d-----w- c:\program files\Bonjour

2012-04-23 13:20:51 -------- d-----w- c:\program files\common files\Macrovision Shared

2012-04-23 10:44:34 -------- d-----w- c:\users\sgoes\appdata\local\{339B62D5-DF15-4CFF-B686-B9E2019BA9EE}

2012-04-23 10:44:31 -------- d-----w- c:\users\sgoes\appdata\local\{88B5D97B-F3DD-4B2C-B1E4-C05FD7358D20}

.

==================== Find3M ====================

.

2012-05-07 12:39:29 70304 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl

2012-03-23 15:52:16 94208 ----a-w- c:\windows\system32\jacob.dll

2012-03-23 15:52:16 2827264 ----a-w- c:\windows\system32\NBSP2-pt.dll

2012-03-23 15:52:16 2101304 ----a-w- c:\windows\system32\NBioBSP.dll

2012-03-23 15:52:16 159744 ----a-w- c:\windows\system32\NBioBSPCOM.dll

2012-03-23 15:52:16 1409024 ----a-w- c:\windows\system32\NBSP2-ko.dll

2012-03-23 15:52:16 1400832 ----a-w- c:\windows\system32\NBSP2-ja.dll

2012-03-23 15:52:16 135168 ----a-w- c:\windows\system32\NImgConv.dll

2012-03-21 11:06:57 152576 ----a-w- c:\windows\system32\msclmd.dll

2012-03-16 15:22:03 729088 ----a-w- c:\windows\iun6002.exe

2012-03-08 21:50:28 49016 ----a-w- c:\windows\system32\sirenacm.dll

2012-03-08 21:37:20 302448 ----a-w- c:\windows\WLXPGSS.SCR

2012-03-01 05:46:57 19824 ----a-w- c:\windows\system32\drivers\fs_rec.sys

2012-03-01 05:37:41 172544 ----a-w- c:\windows\system32\wintrust.dll

2012-03-01 05:33:23 159232 ----a-w- c:\windows\system32\imagehlp.dll

2012-03-01 05:29:16 5120 ----a-w- c:\windows\system32\wmi.dll

2012-02-28 01:18:55 1799168 ----a-w- c:\windows\system32\jscript9.dll

2012-02-28 01:11:21 1427456 ----a-w- c:\windows\system32\inetcpl.cpl

2012-02-28 01:11:07 1127424 ----a-w- c:\windows\system32\wininet.dll

2012-02-28 01:03:16 2382848 ----a-w- c:\windows\system32\mshtml.tlb

2012-02-23 13:18:36 237072 ------w- c:\windows\system32\MpSigStub.exe

.

============= FINISH: 11:47:50,74 ===========

.

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

.

DDS (Ver_2011-08-26.01)

.

Microsoft Windows 7 Professional

Boot Device: \Device\HarddiskVolume1

Install Date: 09/09/2011 13:36:19

System Uptime: 22/05/2012 11:40:19 (0 hours ago)

.

Motherboard: | | Phitronics N68C-M3

Processor: AMD Athlon II X4 640 Processor | CPUSocket |

3000/200mhz

.

==== Disk Partitions =========================

.

C: is FIXED (NTFS) - 156 GiB total, 114,577 GiB free.

D: is CDROM ()

E: is FIXED (NTFS) - 0 GiB total, 0,07 GiB free.

H: is Removable

I: is FIXED (NTFS) - 775 GiB total, 675,991 GiB free.

J: is Removable

K: is Removable

L: is Removable

.

==== Disabled Device Manager Items =============

.

==== System Restore Points ===================

.

RP82: 27/04/2012 09:09:57 - Ponto de Verificação Agendado

RP83: 10/05/2012 10:59:17 - Removed Sentinel Protection Installer

7.6.4

RP84: 10/05/2012 11:01:07 - Removed Fliptoast

RP85: 10/05/2012 11:01:18 - Removed Fliptoast

RP86: 14/05/2012 13:35:28 - Windows Update

RP87: 21/05/2012 08:10:15 - Windows Update

.

==== Installed Programs ======================

.

Update for Microsoft Office 2007 (KB2508958)

Adobe AIR

Adobe Anchor Service CS3

Adobe Asset Services CS3

Adobe Bridge CS3

Adobe Bridge Start Meeting

Adobe Camera Raw 4.0

Adobe CMaps

Adobe Community Help

Adobe Default Language CS3

Adobe Device Central CS3

Adobe Dreamweaver CS3

Adobe ExtendScript Toolkit 2

Adobe Extension Manager CS3

Adobe Fireworks CS3

Adobe Flash Player 11 ActiveX

Adobe Flash Player 11 Plugin

Adobe Help Viewer CS3

Adobe Media Player

Adobe PDF Library Files

Adobe Reader X (10.1.0) - Português

Adobe Setup

Adobe Type Support

Adobe Update Manager CS3

Adobe Version Cue CS3 Client

Adobe XMP Panels CS3

All Video to MP4 Converter 1.8.0

Apache Tomcat 7.0 Tomcat7 (remove only)

ApplinX

ATI Catalyst Install Manager

Atualização do produto Microsoft Office Excel 2007 Help (KB963678)

Atualização do produto Microsoft Office Outlook 2007 Help

(KB963677)

Atualização do produto Microsoft Office Powerpoint 2007 Help

(KB963669)

Atualização do produto Microsoft Office Word 2007 Help (KB963665)

CuteFTP 8 Professional

D3DX10

DHTML Menu Builder 4.8

Enterprise Architect 7.1

EntireX 5.3.1

EVEREST Ultimate Edition v5.30

EXTRA! for Windows 98/Windows NT

GlassFish Server Open Source Edition 3.1.2

Google Chrome

HydraVision

IRPF2012 - Declaração de Ajuste Anual, Final de Espólio e Saída

Definitiva do País

Java Auto Updater

Java 7 Update 3

Java SE Development Kit 7 Update 3

JavaFX 2.0.3

JavaFX 2.0.3 SDK

Junk Mail filter update

K-Lite Mega Codec Pack 6.9.0

Kaspersky Security Center Network Agent

Maker 2.7

Messenger Companion

Microsoft .NET Framework 4 Client Profile

Microsoft .NET Framework 4 Client Profile PTB Language Pack

Microsoft Application Error Reporting

Microsoft Office 2007 Service Pack 3 (SP3)

Microsoft Office Access MUI (Portuguese (Brazil)) 2007

Microsoft Office Enterprise 2007

Microsoft Office Excel MUI (Portuguese (Brazil)) 2007

Microsoft Office Groove MUI (Portuguese (Brazil)) 2007

Microsoft Office InfoPath MUI (Portuguese (Brazil)) 2007

Microsoft Office OneNote MUI (Portuguese (Brazil)) 2007

Microsoft Office Outlook MUI (Portuguese (Brazil)) 2007

Microsoft Office PowerPoint MUI (Portuguese (Brazil)) 2007

Microsoft Office Proof (English) 2007

Microsoft Office Proof (Portuguese (Brazil)) 2007

Microsoft Office Proof (Spanish) 2007

Microsoft Office Proofing (Portuguese (Brazil)) 2007

Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)

Microsoft Office Publisher MUI (Portuguese (Brazil)) 2007

Microsoft Office Shared MUI (Portuguese (Brazil)) 2007

Microsoft Office Word MUI (Portuguese (Brazil)) 2007

Microsoft Primary Interoperability Assemblies 2005

Microsoft Silverlight

Microsoft SQL Server 2005 Compact Edition [ENU]

Microsoft SQL Server Native Client

Microsoft Visual C++ 2005 Redistributable

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

Microsoft_VC80_ATL_x86

Microsoft_VC80_CRT_x86

Microsoft_VC80_MFC_x86

Microsoft_VC80_MFCLOC_x86

Microsoft_VC90_ATL_x86

Microsoft_VC90_CRT_x86

Microsoft_VC90_MFC_x86

Mozilla Firefox 12.0 (x86 pt-BR)

Mozilla Maintenance Service

MSVCRT

MSXML 4.0 SP2 (KB954430)

MSXML 4.0 SP2 (KB973688)

Nero 8

NetBeans IDE 7.1.1

Network Recording Player

NVIDIA Drivers

Pacote de Idiomas do Microsoft .NET Framework 4 Client Profile -

Português (Brasil)

PDF24 Creator 4.5.0

Platform

PostgreSQL 9.0

Radmin Server 3.4

Radmin Viewer 3.4

Realtek High Definition Audio Driver

Receitanet

Security Update for Microsoft .NET Framework 4 Client Profile

(KB2518870)

Security Update for Microsoft .NET Framework 4 Client Profile

(KB2572078)

Security Update for Microsoft .NET Framework 4 Client Profile

(KB2604121)

Security Update for Microsoft .NET Framework 4 Client Profile

(KB2633870)

Security Update for Microsoft .NET Framework 4 Client Profile

(KB2656351)

Security Update for Microsoft .NET Framework 4 Client Profile

(KB2656368)

Security Update for Microsoft .NET Framework 4 Client Profile

(KB2656405)

Security Update for Microsoft Office 2007 suites (KB2596672) 32-Bit

Edition

Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit

Edition

Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit

Edition

Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit

Edition

Security Update for Microsoft Office 2007 suites (KB2596880) 32-Bit

Edition

Security Update for Microsoft Office 2007 suites (KB2597162) 32-Bit

Edition

Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit

Edition

Security Update for Microsoft Office 2007 suites (KB2598041) 32-Bit

Edition

Security Update for Microsoft Office Excel 2007 (KB2597161) 32-Bit

Edition

Security Update for Microsoft Office PowerPoint 2007 (KB2596764)

32-Bit Edition

Security Update for Microsoft Office PowerPoint 2007 (KB2596912)

32-Bit Edition

Security Update for Microsoft Office Publisher 2007 (KB2596705) 32

-Bit Edition

Security Update for Microsoft Office Word 2007 (KB2596917) 32-Bit

Edition

Security Update for Pacote de Idiomas do Microsoft .NET Framework 4

Client Profile - Português (Brasil) (KB2518870)

Skype Click to Call

Skype™ 5.9

Slik Subversion 1.6.17 (x86)

SQLyog Community 9.20

Update for 2007 Microsoft Office System (KB967642)

Update for Microsoft .NET Framework 4 Client Profile (KB2468871)

Update for Microsoft .NET Framework 4 Client Profile (KB2533523)

Update for Microsoft .NET Framework 4 Client Profile (KB2600217)

Update for Microsoft Office Outlook 2007 Junk Email Filter

(KB2598290) 32-Bit Edition

VIA Gerenciador de dispositivo de plataforma

WampServer 2.1

Webrun Enterprise

Windows Live Communications Platform

Windows Live Essentials

Windows Live Galeria de Fotos

Windows Live ID Sign-in Assistant

Windows Live Installer

Windows Live Mail

Windows Live Messenger

Windows Live Messenger Companion Core

Windows Live MIME IFilter

Windows Live Movie Maker

Windows Live Photo Common

Windows Live Photo Gallery

Windows Live PIMT Platform

Windows Live SOXE

Windows Live SOXE Definitions

Windows Live UX Platform

Windows Live UX Platform Language Pack

Windows Live Writer

Windows Live Writer Resources

WinRAR archiver

.

==== End Of File ===========================

Editado por soniagoes

Compartilhar este post


Link para o post
Compartilhar em outros sites

Por que não usa um antivírus?

Leia as instruções contidas neste link:

Nas instruções contidas no link acima, poderá verificar quais os fóruns onde os Analistas estão devidamente habilitados a utilizar corretamente a ferramenta:"Fóruns para receber ajuda com logs do ComboFix"

  1. Faça o download do ComboFix de um dos links oficiais listados abaixo e salve no seu desktop:

[*]Temporariamente e durante a execução destas instruções, é muito importante que mantenha desabilitados os seus programas de proteção (Antivirus, Antispyware e Firewall). Reative as proteções após a execução do(s) procedimento(s) abaixo mencionado(s).[*]Duplo clique no icone desktopicon.png que está no desktop.[*]Leia e aceite as condições, digitando 1 e enter.[*]Computadores com Windows XP deverão instalar o Console de Recuperação:

  • Se o seu computador tem instalado o Windows XP e ainda não tem instalado o Console de Recuperação, por favor certifique-se que está conectado à Internet, e clique em "Sim".
  • Clique em "OK" ao EULA.
  • Quando o Console de Recuperação estiver já instalado, clique em "SIM" para continuar.

[*]O ComboFix será executado, por favor seja paciente e aguarde. [*]Atenção: Não utilize o mouse nem o teclado enquanto a ferramenta estiver sendo executada, isso pode fazer com que o computador pare.[*]Poderá surgir o aviso que é necessário reiniciar o computador.

NÃO REINICIE!!! O ComboFix reiniciará o computador automaticamente.[*]Quando a ferramenta terminar de rodar, gerará um log (o arquivo C:\ComboFix.txt). Copie e cole o conteúdo desse arquivo na sua proxima resposta.

NÃO utilize a ferramenta por conta própria. É uma ferramenta poderosa criada pra lidar com infecções sofisticadas e caso não a utilize corretamente poderá danificar o seu computador.

  • Existem vários malwares que impedem a execução correta da ferramenta e com isso danificar gravemente o computador. Analistas habilitados a utilizar o ComboFix conhecem esses casos e sabem lidar com estas situações.
  • Muitos dos Analistas não respondem a topicos em que vejam que o ComboFix foi utilizado sem supervisão.
  • Existem varias ferramentas anti-malware generalistas em que os autores ao elaborarem a programação das mesmas, estão pensando nos usuários finais e para serem usadas sem supervisão. O Combofix não é uma ferramenta desse tipo, e assim sendo e até por respeito ao autor da ferramenta, não utilize sem supervisão.

Compartilhar este post


Link para o post
Compartilhar em outros sites





Sobre o Clube do Hardware

No ar desde 1996, o Clube do Hardware é uma das maiores, mais antigas e mais respeitadas publicações sobre tecnologia do Brasil. Leia mais

Direitos autorais

Não permitimos a cópia ou reprodução do conteúdo do nosso site, fórum, newsletters e redes sociais, mesmo citando-se a fonte. Leia mais

×