Ir ao conteúdo
  • Comunicados

    • diego_moicano

      Gostaria de se tornar um analista em Remoção de Malware?   07-12-2015

      Gostaria de se tornar um analista em Remoção de Malware? O Fórum Clube do Hardware deu início a um programa de treinamento em análises de log. Os interessados deverão enviar um email para aprendizes (arroba) clubedohardware (ponto) com (ponto) br respondendo as seguintes perguntas: Por que você gostaria de aprender a analisar logs? Possui tempo hábil para o treinamento? Tem conhecimentos em informática? Se sim descreva-os. Possui inglês para leitura? Qual seu objetivo após completar o treinamento?   Não se esqueça de incluir no e-mail o seu nome de usuário (fornecer o link também), idade e cidade onde vive. Adicione também qualquer experiência e/ou razão sobre o porquê você seria um bom Analista. É digno de nota que apenas os que forem selecionados receberão resposta por MP (Mensagem Pessoal), não existe um padrão na escolha dos futuros aprendizes, todos os e-mails serão lidos e serão analisados de forma imparcial, portanto não será permitido reclamações neste aspecto. O treinamento é dado no próprio fórum. Quando um aprendiz é selecionado ele é movido para um novo grupo, onde terá acesso a fóruns fechados para os demais usuários onde poderá dar inicio ao seu treinamento. Importante: A cada 30 dias os e-mails não selecionados serão apagados, portanto você pode enviar um novo e-mail após 1 mês, e-mails enviados antes serão desconsiderados.  
    • Gabriel Torres

      Seja um moderador do Clube do Hardware!   12-02-2016

      Prezados membros do Clube do Hardware, Está aberto o processo de seleção de novos moderadores para diversos setores ou áreas do Clube do Hardware. Os requisitos são:   Pelo menos 500 posts e um ano de cadastro; Boa frequência de participação; Ser respeitoso, cordial e educado com os demais membros; Ter bom nível de português; Ter razoável conhecimento da área em que pretende atuar; Saber trabalhar em equipe (com os moderadores, coordenadores e administradores).   Os interessados deverão enviar uma mensagem privada para o usuário @Equipe Clube do Hardware com o título "Candidato a moderador". A mensagem deverá conter respostas às perguntas abaixo:   Qual o seu nome completo? Qual sua data de nascimento? Qual sua formação/profissão? Já atuou como moderador em algo outro fórum, se sim, qual? De forma sucinta, explique o porquê de querer ser moderador do fórum e conte-nos um pouco sobre você.   OBS: Não se trata de função remunerada. Todos que fazem parte do staff são voluntários.
Entre para seguir isso  
loside

Suspeita de malware

Recommended Posts

Ao scanear com o Gmer em um dado momento, durante o processo, aparece a seguinte mensagem: " Gmer hasn´t found any system modification", e não há nada para copiar. Gostaria de saber o que eu fiz de errado.

DDS:

.

DDS (Ver_2011-08-26.01) - NTFSAMD64

Internet Explorer: 9.0.8112.16421

Run by Asus at 16:29:26 on 2012-07-15

Microsoft Windows 7 Ultimate 6.1.7601.1.1252.55.1046.18.3692.2620 [GMT -3:00]

.

AV: AntiVir Desktop *Disabled/Updated* {090F9C29-64CE-6C6F-379C-5901B49A85B7}

SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

SP: AntiVir Desktop *Disabled/Updated* {B26E7DCD-42F4-63E1-0D2C-6273CF1DCF0A}

.

============== Running Processes ===============

.

C:\Windows\system32\wininit.exe

C:\Windows\system32\lsm.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\system32\svchost.exe -k RPCSS

C:\Windows\system32\atiesrxx.exe

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\atieclxx.exe

C:\Windows\system32\svchost.exe -k NetworkService

C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe

C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe

C:\Windows\System32\spoolsv.exe

C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Windows\system32\taskhost.exe

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe

C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe

C:\Windows\system32\taskeng.exe

C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe

C:\Windows\system32\svchost.exe -k imgsvc

C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe

C:\Windows\system32\conhost.exe

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe

C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe

C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe

C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe

C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe

C:\Program Files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe

C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe

C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Program Files (x86)\CyberLink\Shared files\brs.exe

C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe

C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe

C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe

C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe

C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe

C:\Windows\system32\SearchIndexer.exe

C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_3_300_257_ActiveX.exe

C:\Program Files (x86)\Nero\Update\NASvc.exe

C:\Windows\System32\svchost.exe -k secsvcs

C:\Windows\system32\DllHost.exe

C:\Windows\system32\DllHost.exe

C:\Windows\SysWOW64\cmd.exe

C:\Windows\system32\conhost.exe

C:\Windows\SysWOW64\cscript.exe

C:\Windows\system32\wbem\wmiprvse.exe

.

============== Pseudo HJT Report ===============

.

uStart Page = hxxp://www.terra.com.br/

mWinlogon: Userinit=userinit.exe

BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll

BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll

BHO: Auxiliar de Conexão do Windows Live ID: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

mRun: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe

mRun: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe

mRun: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe

mRun: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun

mRun: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"

mRun: [NBAgent] "C:\Program Files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe" /WinStart

mRun: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min

mRun: [RemoteControl10] "C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe"

mRun: [bDRegion] C:\Program Files (x86)\Cyberlink\Shared files\brs.exe

mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"

mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

mRun: [TkBellExe] "C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe" -osboot

mPolicies-explorer: NoActiveDesktop = 1 (0x1)

mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)

mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)

mPolicies-system: EnableUIADesktopToggle = 0 (0x0)

mPolicies-system: EnableLinkedConnections = 1 (0x1)

IE: E&xportar para o Microsoft Excel - C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000

IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll

IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL

TCP: DhcpNameServer = 10.1.1.1

TCP: Interfaces\{16257305-3863-43FC-B6CD-EE833903ADB1} : DhcpNameServer = 10.1.1.1

TCP: Interfaces\{4ADEE47D-6CA7-430E-A2D0-A54EAB420228} : DhcpNameServer = 10.1.1.1

TCP: Interfaces\{4ADEE47D-6CA7-430E-A2D0-A54EAB420228}\34F63747163557C6 : DhcpNameServer = 10.1.1.1

Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll

Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL

Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll

{18DF081C-E8AD-4283-A596-FA578C2EBDC3}

{3049C3E9-B461-4BC5-8870-4C09146192CA}

{72853161-30C5-4D22-B7F9-0BBC1D38A37E}

{9030D464-4C02-4ABF-8ECC-5164760863C6}

mRun-x64: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe

mRun-x64: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe

mRun-x64: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe

mRun-x64: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun

mRun-x64: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"

mRun-x64: [NBAgent] "C:\Program Files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe" /WinStart

mRun-x64: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min

mRun-x64: [RemoteControl10] "C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe"

mRun-x64: [bDRegion] C:\Program Files (x86)\Cyberlink\Shared files\brs.exe

mRun-x64: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"

mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

mRun-x64: [TkBellExe] "C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe" -osboot

SEH-X64: {B5A7F190-DDA6-4420-B3BA-52453494E6CD}: Groove GFS Stub Execution Hook

.

================= FIREFOX ===================

.

FF - ProfilePath - C:\Users\Asus\AppData\Roaming\Mozilla\Firefox\Profiles\gjq8e5qo.default\

FF - plugin: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll

FF - plugin: C:\Program Files (x86)\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll

FF - plugin: C:\Program Files (x86)\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll

FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrlui.dll

FF - plugin: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpplugin.dll

FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

FF - plugin: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll

FF - plugin: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll

FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_262.dll

FF - plugin: C:\Windows\SysWOW64\npDeployJava1.dll

FF - plugin: C:\Windows\SysWOW64\npmproxy.dll

.

============= SERVICES / DRIVERS ===============

.

R1 ATKWMIACPIIO;ATKWMIACPI Driver;C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [2011-5-25 17536]

R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?]

R2 {1BA31E5A-C098-42d8-8F88-3C9F78A2FDDC};Power Control [2012/01/18 10:44:28];C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\000.fcl [2010-11-17 146928]

R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\system32\atiesrxx.exe --> C:\Windows\system32\atiesrxx.exe [?]

R2 AMD FUEL Service;AMD FUEL Service;C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2011-6-7 365568]

R2 AntiVirSchedulerService;Avira AntiVir Agendamento;C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [2012-1-18 136360]

R2 AntiVirService;Avira AntiVir Guard;C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [2012-1-18 269480]

R2 ASMMAP64;ASMMAP64;C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-7-2 15416]

R2 avgntflt;avgntflt;C:\Windows\system32\DRIVERS\avgntflt.sys --> C:\Windows\system32\DRIVERS\avgntflt.sys [?]

R2 NAUpdate;Nero Update;C:\Program Files (x86)\Nero\Update\NASvc.exe [2010-3-25 490280]

R3 amdiox64;AMD IO Driver;C:\Windows\system32\DRIVERS\amdiox64.sys --> C:\Windows\system32\DRIVERS\amdiox64.sys [?]

R3 amdkmdag;amdkmdag;C:\Windows\system32\DRIVERS\atikmdag.sys --> C:\Windows\system32\DRIVERS\atikmdag.sys [?]

R3 amdkmdap;amdkmdap;C:\Windows\system32\DRIVERS\atikmpag.sys --> C:\Windows\system32\DRIVERS\atikmpag.sys [?]

R3 AtiHDAudioService;ATI Function Driver for HD Audio Service;C:\Windows\system32\drivers\AtihdW76.sys --> C:\Windows\system32\drivers\AtihdW76.sys [?]

R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\system32\DRIVERS\Rt64win7.sys --> C:\Windows\system32\DRIVERS\Rt64win7.sys [?]

R3 usbfilter;AMD USB Filter Driver;C:\Windows\system32\DRIVERS\usbfilter.sys --> C:\Windows\system32\DRIVERS\usbfilter.sys [?]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]

S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]

S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-4-5 158856]

S3 MozillaMaintenance;Mozilla Maintenance Service;C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-7-3 113120]

S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\system32\drivers\rdpvideominiport.sys --> C:\Windows\system32\drivers\rdpvideominiport.sys [?]

S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\Windows\system32\Drivers\RtsUStor.sys --> C:\Windows\system32\Drivers\RtsUStor.sys [?]

S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?]

S3 vwifimp;Microsoft Virtual WiFi Miniport Service;C:\Windows\system32\DRIVERS\vwifimp.sys --> C:\Windows\system32\DRIVERS\vwifimp.sys [?]

S3 WatAdminSvc;Serviço de Tecnologias de Ativação do Windows;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]

.

=============== Created Last 30 ================

.

2012-07-13 16:09:43 9013136 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{46BD7488-7AB0-4C0A-B2FD-92A775F07CDD}\mpengine.dll

2012-07-11 20:19:12 3148800 ----a-w- C:\Windows\System32\win32k.sys

2012-07-11 18:44:12 2004480 ----a-w- C:\Windows\System32\msxml6.dll

2012-07-11 18:44:12 1881600 ----a-w- C:\Windows\System32\msxml3.dll

2012-07-11 18:44:12 1390080 ----a-w- C:\Windows\SysWow64\msxml6.dll

2012-07-11 18:44:11 2048 ----a-w- C:\Windows\SysWow64\msxml3r.dll

2012-07-11 18:44:11 2048 ----a-w- C:\Windows\System32\msxml3r.dll

2012-07-11 18:44:11 1236992 ----a-w- C:\Windows\SysWow64\msxml3.dll

2012-07-11 18:38:27 458704 ----a-w- C:\Windows\System32\drivers\cng.sys

2012-07-11 18:38:27 340992 ----a-w- C:\Windows\System32\schannel.dll

2012-07-11 18:38:27 307200 ----a-w- C:\Windows\System32\ncrypt.dll

2012-07-11 18:38:27 219136 ----a-w- C:\Windows\SysWow64\ncrypt.dll

2012-07-11 18:38:27 151920 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys

2012-07-11 18:38:26 95600 ----a-w- C:\Windows\System32\drivers\ksecdd.sys

2012-07-11 18:38:26 225280 ----a-w- C:\Windows\SysWow64\schannel.dll

2012-07-11 18:38:26 22016 ----a-w- C:\Windows\SysWow64\secur32.dll

2012-07-11 18:38:25 96768 ----a-w- C:\Windows\SysWow64\sspicli.dll

2012-07-05 17:44:07 -------- d-----w- C:\Users\Asus\AppData\Local\Macromedia

2012-07-05 02:21:48 -------- d-----w- C:\Program Files (x86)\Common Files\xing shared

2012-06-22 13:50:31 2622464 ----a-w- C:\Windows\System32\wucltux.dll

2012-06-22 13:50:06 99840 ----a-w- C:\Windows\System32\wudriver.dll

2012-06-22 13:49:46 36864 ----a-w- C:\Windows\System32\wuapp.exe

2012-06-22 13:49:46 186752 ----a-w- C:\Windows\System32\wuwebv.dll

2012-06-21 01:23:48 -------- d-----w- C:\Windows\System32\appmgmt

2012-06-21 00:30:29 687504 ----a-w- C:\Windows\SysWow64\deployJava1.dll

2012-06-21 00:30:28 772504 ----a-w- C:\Windows\SysWow64\npDeployJava1.dll

.

==================== Find3M ====================

.

2012-07-05 17:43:49 70344 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl

2012-07-05 17:43:49 426184 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe

2012-07-05 02:21:21 499712 ----a-w- C:\Windows\SysWow64\msvcp71.dll

2012-06-06 06:02:54 1133568 ----a-w- C:\Windows\System32\cdosys.dll

2012-06-06 05:03:06 805376 ----a-w- C:\Windows\SysWow64\cdosys.dll

2012-06-02 12:12:17 2311680 ----a-w- C:\Windows\System32\jscript9.dll

2012-06-02 12:05:28 1392128 ----a-w- C:\Windows\System32\wininet.dll

2012-06-02 12:04:50 1494528 ----a-w- C:\Windows\System32\inetcpl.cpl

2012-06-02 12:01:40 173056 ----a-w- C:\Windows\System32\ieUnatt.exe

2012-06-02 11:57:08 2382848 ----a-w- C:\Windows\System32\mshtml.tlb

2012-06-02 08:33:25 1800192 ----a-w- C:\Windows\SysWow64\jscript9.dll

2012-06-02 08:25:08 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll

2012-06-02 08:25:03 1427968 ----a-w- C:\Windows\SysWow64\inetcpl.cpl

2012-06-02 08:20:33 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe

2012-06-02 08:16:52 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb

2012-05-04 11:06:22 5559664 ----a-w- C:\Windows\System32\ntoskrnl.exe

2012-05-04 10:03:53 3968368 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe

2012-05-04 10:03:50 3913072 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe

2012-05-01 05:40:20 209920 ----a-w- C:\Windows\System32\profsvc.dll

2012-04-28 05:32:05 1112064 ----a-w- C:\Windows\System32\rdpcorets.dll

2012-04-28 03:55:21 210944 ----a-w- C:\Windows\System32\drivers\rdpwd.sys

2012-04-26 05:41:56 77312 ----a-w- C:\Windows\System32\rdpwsx.dll

2012-04-26 05:41:55 149504 ----a-w- C:\Windows\System32\rdpcorekmts.dll

2012-04-26 05:34:27 9216 ----a-w- C:\Windows\System32\rdrmemptylst.exe

2012-04-24 05:37:37 184320 ----a-w- C:\Windows\System32\cryptsvc.dll

2012-04-24 05:37:37 140288 ----a-w- C:\Windows\System32\cryptnet.dll

2012-04-24 05:37:36 1462272 ----a-w- C:\Windows\System32\crypt32.dll

2012-04-24 04:36:42 140288 ----a-w- C:\Windows\SysWow64\cryptsvc.dll

2012-04-24 04:36:42 1158656 ----a-w- C:\Windows\SysWow64\crypt32.dll

2012-04-24 04:36:42 103936 ----a-w- C:\Windows\SysWow64\cryptnet.dll

.

============= FINISH: 16:30:33,83 ===============

Attach:

.

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

.

DDS (Ver_2011-08-26.01)

.

Microsoft Windows 7 Ultimate

Boot Device: \Device\HarddiskVolume1

Install Date: 17/01/2012 15:44:57

System Uptime: 15/07/2012 16:10:45 (0 hours ago)

.

Motherboard: ASUSTeK Computer Inc. | | K43U

Processor: AMD C-60 APU with Radeon HD Graphics | CPU 1 | 1000/100mhz

.

==== Disk Partitions =========================

.

C: is FIXED (NTFS) - 466 GiB total, 364,906 GiB free.

D: is CDROM ()

.

==== Disabled Device Manager Items =============

.

Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}

Description: Adaptador de Miniporta WiFi Virtual da Microsoft

Device ID: {5D624F94-8850-40C3-A3FA-A4FD2080BAF3}\VWIFIMP\5&152272BF&0&01

Manufacturer: Microsoft

Name: Adaptador de Miniporta WiFi Virtual da Microsoft

PNP Device ID: {5D624F94-8850-40C3-A3FA-A4FD2080BAF3}\VWIFIMP\5&152272BF&0&01

Service: vwifimp

.

==== System Restore Points ===================

.

RP73: 10/07/2012 11:16:12 - Windows Update

RP74: 11/07/2012 17:06:40 - Windows Update

.

==== Installed Programs ======================

.

Update for Microsoft Office 2007 (KB2508958)

Adobe Flash Player 11 ActiveX

Adobe Flash Player 11 Plugin

Adobe Reader 9.5.1 - Português

AMD VISION Engine Control Center

Arquivo do WinRAR

Atheros Client Installation Program

ATK Package

Atualização do produto Microsoft Office Excel 2007 Help (KB963678)

Atualização do produto Microsoft Office Outlook 2007 Help (KB963677)

Atualização do produto Microsoft Office Powerpoint 2007 Help (KB963669)

Atualização do produto Microsoft Office Word 2007 Help (KB963665)

Avira AntiVir Personal - Free Antivirus

Catalyst Control Center InstallProxy

Catalyst Control Center Localization All

Catalyst Control Center Profiles Mobile

CCC Help Chinese Standard

CCC Help Chinese Traditional

CCC Help Czech

CCC Help Danish

CCC Help Dutch

CCC Help English

CCC Help Finnish

CCC Help French

CCC Help German

CCC Help Greek

CCC Help Hungarian

CCC Help Italian

CCC Help Japanese

CCC Help Korean

CCC Help Norwegian

CCC Help Polish

CCC Help Portuguese

CCC Help Russian

CCC Help Spanish

CCC Help Swedish

CCC Help Thai

CCC Help Turkish

CyberLink PowerDVD 10

D3DX10

High-Definition Video Playback 10

K-Lite Mega Codec Pack 3.7.0

Microsoft Office 2007 Service Pack 3 (SP3)

Microsoft Office Access MUI (Portuguese (Brazil)) 2007

Microsoft Office Enterprise 2007

Microsoft Office Excel MUI (Portuguese (Brazil)) 2007

Microsoft Office File Validation Add-In

Microsoft Office Groove MUI (Portuguese (Brazil)) 2007

Microsoft Office InfoPath MUI (Portuguese (Brazil)) 2007

Microsoft Office OneNote MUI (Portuguese (Brazil)) 2007

Microsoft Office Outlook MUI (Portuguese (Brazil)) 2007

Microsoft Office PowerPoint MUI (Portuguese (Brazil)) 2007

Microsoft Office Proof (English) 2007

Microsoft Office Proof (Portuguese (Brazil)) 2007

Microsoft Office Proof (Spanish) 2007

Microsoft Office Proofing (Portuguese (Brazil)) 2007

Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)

Microsoft Office Publisher MUI (Portuguese (Brazil)) 2007

Microsoft Office Shared MUI (Portuguese (Brazil)) 2007

Microsoft Office Word MUI (Portuguese (Brazil)) 2007

Microsoft Primary Interoperability Assemblies 2005

Microsoft SQL Server 2005 Compact Edition [ENU]

Microsoft Visual C++ 2005 Redistributable

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

Mozilla Firefox 13.0.1 (x86 pt-BR)

Mozilla Maintenance Service

MSVCRT

MSXML 4.0 SP2 (KB954430)

MSXML 4.0 SP2 (KB973688)

Nero 10 Menu TemplatePack Basic

Nero 10 Movie ThemePack Basic

Nero BackItUp 10

Nero BackItUp 10 Help (CHM)

Nero Burning ROM 10

Nero BurningROM 10 Help (CHM)

Nero BurnRights 10

Nero BurnRights 10 Help (CHM)

Nero Control Center 10

Nero ControlCenter 10 Help (CHM)

Nero Core Components 10

Nero CoverDesigner 10

Nero CoverDesigner 10 Help (CHM)

Nero DiscSpeed 10

Nero DiscSpeed 10 Help (CHM)

Nero Dolby Files 10

Nero Express 10

Nero Express 10 Help (CHM)

Nero InfoTool 10

Nero InfoTool 10 Help (CHM)

Nero MediaHub 10

Nero MediaHub 10 Help (CHM)

Nero Multimedia Suite 10

Nero Recode 10

Nero Recode 10 Help (CHM)

Nero RescueAgent 10

Nero RescueAgent 10 Help (CHM)

Nero SoundTrax 10

Nero SoundTrax 10 Help (CHM)

Nero StartSmart 10

Nero StartSmart 10 Help (CHM)

Nero Update

Nero Vision 10

Nero Vision 10 Help (CHM)

Nero WaveEditor 10

Nero WaveEditor 10 Help (CHM)

RealNetworks - Microsoft Visual C++ 2008 Runtime

RealPlayer

Realtek Ethernet Controller Driver

Realtek High Definition Audio Driver

Realtek USB 2.0 Card Reader

RealUpgrade 1.1

Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)

Security Update for Microsoft Office 2007 suites (KB2596666) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596672) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596880) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2597162) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2598041) 32-Bit Edition

Security Update for Microsoft Office Excel 2007 (KB2597161) 32-Bit Edition

Security Update for Microsoft Office InfoPath 2007 (KB2596786) 32-Bit Edition

Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition

Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition

Security Update for Microsoft Office Publisher 2007 (KB2596705) 32-Bit Edition

Security Update for Microsoft Office Word 2007 (KB2596917) 32-Bit Edition

Security Update for Pacote de Idiomas do Microsoft .NET Framework 4 Client Profile - Português (Brasil) (KB2518870)

Skype™ 5.9

Update for 2007 Microsoft Office System (KB967642)

Update for Microsoft .NET Framework 4 Client Profile (KB2468871)

Update for Microsoft .NET Framework 4 Client Profile (KB2533523)

Update for Microsoft .NET Framework 4 Client Profile (KB2600217)

Update for Microsoft Office Outlook 2007 (KB2596598) 32-Bit Edition

Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2687310) 32-Bit Edition

Windows Live Communications Platform

Windows Live Essentials

Windows Live Galeria de Fotos

Windows Live Installer

Windows Live Messenger

Windows Live Movie Maker

Windows Live Photo Common

Windows Live Photo Gallery

Windows Live PIMT Platform

Windows Live SOXE

Windows Live SOXE Definitions

Windows Live UX Platform

Windows Live UX Platform Language Pack

.

==== End Of File ===========================

Editado por loside

Compartilhar este post


Link para o post
Compartilhar em outros sites

Baixe o Kaspersky AVP Tool de um desses 2 links:

http://devbuilds.kaspersky-labs.com/devbuilds/AVPTool/

http://dnl-us6.kaspersky-labs.com/devbuilds/AVPTool/

Você será conduzido a uma página da Kaspersky, solicitando um email para cadastro, nome e sobrenome. Somente o campo "email" é obrigatório.

Informe seu email depois clique no botão Submit Form.

A página será recarregada. Clique no botão Download

Salve-o em sua área de trabalho.

Execute o arquivo e aguarde a instalação.

** Usuários do Windows Vista e Windows 7:

Clique com o direito sobre o arquivo, depois clique em Executar como administrador

Na tela do contrato de licença, marque a opção I accept the license agreement e depois clique no botão Start. Aparentemente o programa congela e nada acontece. É normal, apenas aguarde até aparecer a tela inicial do programa, e então clique no ícone Settings:

KRT_settings.png

Nesta tela, marque a caixa ao lado de:

  • Meu Computador
  • Disco local (C:)

Marque também todas as unidades que aparecem abaixo de Disco Local, caso houverem. Depois clique na aba Automatic Scan

KRT_install2_.png

De volta à tela inicial do programa, clique no botão Start scanning

Tenha paciência, é um pouco demorado.

Quando terminar, caso tenha detectado algo, o programa irá lhe perguntar o que fazer.

Marque o quadradinho ao lado de Apply to all objects e depois clique em Skip (queremos apenas o log).

KRT_detection_.png

Enquanto durar o exame, a tela inicial exibirá uma barra de progresso. Quando terminar, o programa exibirá o status concluído e um botão que ficará na cor laranja, caso nada tenha sido detectado, e na cor vermelha, caso tenha encontrado algo.

Caso tenha detectado algo, o programa também exibirá uma tela de alerta, avisando que o seu sistema está desprotegido e sugerindo um produto da Kaspersky. Clique no botão No, thanks.

De volta à tela principal, caso tenha sido detectado algo, então salve o log. Se você fechar o programa e esquecer de salvar o log, terá que repetir todo o scan novamente.

Para salvar o log, clique no ícone Reports (ao lado do ícone "Settings"). Na próxima janela, clique em Detected Threats, depois clique no ícone de disquete para salvar o log.

Escolha um local de fácil acesso e salve como log.txt

Copie todo o conteúdo desse bloco de notas e cole na sua próxima resposta.

Se nada for detectado, então não precisa salvar o log. Apenas poste aqui avisando.

Para sair do programa, basta clicar no X no canto superior direito.

Compartilhar este post


Link para o post
Compartilhar em outros sites
  • Autor do tópico
  • Olá Renato, acabou o scaneamento e o resultado foi negativo, porém ele não conseguiu scanear alguns arquivos por estarem protegidos por senha. Isso pode ser algum sinal de vírus ou não?

    Um deles está relacionado ao Nero.

    Também gostaria de saber o motivo da mensagem do Gmer citado no primeiro post, você saberia me explicar? Ele está scaneando e de repente ele mostra a mensagem.

    Editado por loside

    Compartilhar este post


    Link para o post
    Compartilhar em outros sites

    Olá Renato, acabou o scaneamento e o resultado foi negativo, porém ele não conseguiu scanear alguns arquivos por estarem protegidos por senha. Isso pode ser algum sinal de vírus ou não?

    Um deles está relacionado ao Nero.

    Isso é normal, vários programas fazem isso.

    Também gostaria de saber o motivo da mensagem do Gmer citado no primeiro post, você saberia me explicar? Ele está scaneando e de repente ele mostra a mensagem.

    Não se preocupe com isso.

    Explique os motivos de suas suspeitas.

    Compartilhar este post


    Link para o post
    Compartilhar em outros sites
  • Autor do tópico
  • Olá Renato, essa desconfiança começou após aquela "cena" do windows 7 ao ligar o computador aparecer. O normal seria mostrar que o windows estava carregando mas invés disso apareceu uma atualização, sendo que o windows não baixou nada, pelo que eu saiba, e está configurado para pedir a minha permissão ao instalar.

    Me lembro que foi 13 atualizações que apareceu no computador e a suposta atualização foi muito rápido. Além disso está demorando um pouco mais para iniciar o computador e desligar.

    Na sua opinião, o meu computador está ok aparentemente?

    Já quero aproveitar e perguntar se os nomes abaixo que estão no Gerenciador de Tarefas do Windows são processos normais ou se trata de algum vírus:

    atieclxx.exe

    ATKOSD.exe

    ATKOSD2.exe *32

    avgnt.exe *32

    CCC.exe

    csrss.exe

    winlogon.exe

    WDC.exe

    HControl.exe

    Um abraço e desde já agradeço.

    Editado por loside

    Compartilhar este post


    Link para o post
    Compartilhar em outros sites

    Se não me falha a memória, atualizações críticas (como as que tivemos recentemente) são instaladas automaticamente.

    Recomendo que acesso o site abaixo:

    http://support.microsoft.com/fixit/

    Selecione o seu sistema operacional, depois "Fix performance, errors or crashes", e execute os scans ali apontados.

    Compartilhar este post


    Link para o post
    Compartilhar em outros sites
  • Autor do tópico
  • Fora isso, está tudo certo o meu computador?

    Posso desisntalar os programas que você pediu para baixar? Como faço isso?

    Andei observando que após baixar o Gmer e o DDS, qualquer arquivo que eu fizer o download fica um escudo no canto inferior direito do ícone. Sabe me dizer porque disso? E como faço para deixa-lo normal?

    Parece que significa que só o administrador usa-lo como administrador, porém, antigamente não aparecia.

    Editado por loside

    Compartilhar este post


    Link para o post
    Compartilhar em outros sites
  • Autor do tópico
  • To postando um novo log do DDS pois acabei de fazer a varredura completa do sistema com o Avira 2012 e logo no começo do scaneamento, apareceu uma mensagem de um objeto oculto com suspeita de vírus. Pediu para usar o CD de remoção de vírus do Avira. Selecionei a opção de cancelar a varredura e logo em seguida pediu para reiniciar o sistema para fazer o reparo.

    DDS:

    .

    DDS (Ver_2011-08-26.01) - NTFSAMD64

    Internet Explorer: 9.0.8112.16421

    Run by Asus at 14:57:50 on 2012-07-21

    Microsoft Windows 7 Ultimate 6.1.7601.1.1252.55.1046.18.3692.2536 [GMT -3:00]

    .

    AV: Avira Desktop *Disabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}

    SP: Avira Desktop *Disabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}

    SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

    .

    ============== Running Processes ===============

    .

    C:\Windows\system32\wininit.exe

    C:\Windows\system32\lsm.exe

    C:\Windows\system32\svchost.exe -k DcomLaunch

    C:\Windows\system32\svchost.exe -k RPCSS

    C:\Windows\system32\atiesrxx.exe

    C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

    C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

    C:\Windows\system32\svchost.exe -k netsvcs

    C:\Windows\system32\svchost.exe -k LocalService

    C:\Windows\system32\atieclxx.exe

    C:\Windows\system32\svchost.exe -k NetworkService

    C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe

    C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe

    C:\Windows\System32\spoolsv.exe

    C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe

    C:\Windows\system32\taskhost.exe

    C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

    C:\Windows\system32\Dwm.exe

    C:\Windows\Explorer.EXE

    C:\Windows\system32\taskeng.exe

    C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe

    C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe

    C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe

    C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe

    C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe

    C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe

    C:\Windows\system32\svchost.exe -k imgsvc

    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

    C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe

    C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe

    C:\Windows\system32\wbem\wmiprvse.exe

    C:\Program Files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe

    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe

    C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe

    C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe

    C:\Program Files (x86)\CyberLink\Shared files\brs.exe

    C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe

    C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe

    C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe

    C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe

    C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe

    C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe

    C:\Windows\system32\conhost.exe

    C:\Windows\system32\SearchIndexer.exe

    C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

    C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe

    C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

    C:\Program Files (x86)\Nero\Update\NASvc.exe

    C:\Windows\System32\svchost.exe -k secsvcs

    C:\Windows\servicing\TrustedInstaller.exe

    C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_3_300_265_ActiveX.exe

    C:\Windows\System32\svchost.exe -k WerSvcGroup

    C:\Windows\system32\DllHost.exe

    C:\Windows\system32\DllHost.exe

    C:\Windows\SysWOW64\cmd.exe

    C:\Windows\system32\conhost.exe

    C:\Windows\SysWOW64\cscript.exe

    C:\Windows\system32\wbem\wmiprvse.exe

    .

    ============== Pseudo HJT Report ===============

    .

    uStart Page = hxxp://www.terra.com.br/

    mWinlogon: Userinit=userinit.exe

    BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

    BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll

    BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll

    BHO: Auxiliar de Conexão do Windows Live ID: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

    mRun: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe

    mRun: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe

    mRun: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe

    mRun: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun

    mRun: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"

    mRun: [NBAgent] "C:\Program Files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe" /WinStart

    mRun: [RemoteControl10] "C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe"

    mRun: [bDRegion] C:\Program Files (x86)\Cyberlink\Shared files\brs.exe

    mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"

    mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

    mRun: [TkBellExe] "C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe" -osboot

    mRun: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min

    mPolicies-explorer: NoActiveDesktop = 1 (0x1)

    mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)

    mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)

    mPolicies-system: EnableUIADesktopToggle = 0 (0x0)

    mPolicies-system: EnableLinkedConnections = 1 (0x1)

    IE: E&xportar para o Microsoft Excel - C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000

    IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll

    IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL

    TCP: DhcpNameServer = 10.1.1.1

    TCP: Interfaces\{16257305-3863-43FC-B6CD-EE833903ADB1} : DhcpNameServer = 10.1.1.1

    TCP: Interfaces\{4ADEE47D-6CA7-430E-A2D0-A54EAB420228} : DhcpNameServer = 10.1.1.1

    TCP: Interfaces\{4ADEE47D-6CA7-430E-A2D0-A54EAB420228}\34F63747163557C6 : DhcpNameServer = 10.1.1.1

    Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll

    Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL

    Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

    SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll

    {18DF081C-E8AD-4283-A596-FA578C2EBDC3}

    {3049C3E9-B461-4BC5-8870-4C09146192CA}

    {72853161-30C5-4D22-B7F9-0BBC1D38A37E}

    {9030D464-4C02-4ABF-8ECC-5164760863C6}

    mRun-x64: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe

    mRun-x64: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe

    mRun-x64: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe

    mRun-x64: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun

    mRun-x64: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"

    mRun-x64: [NBAgent] "C:\Program Files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe" /WinStart

    mRun-x64: [RemoteControl10] "C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe"

    mRun-x64: [bDRegion] C:\Program Files (x86)\Cyberlink\Shared files\brs.exe

    mRun-x64: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"

    mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

    mRun-x64: [TkBellExe] "C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe" -osboot

    mRun-x64: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min

    SEH-X64: {B5A7F190-DDA6-4420-B3BA-52453494E6CD}: Groove GFS Stub Execution Hook

    .

    ================= FIREFOX ===================

    .

    FF - ProfilePath - C:\Users\Asus\AppData\Roaming\Mozilla\Firefox\Profiles\gjq8e5qo.default\

    FF - plugin: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll

    FF - plugin: C:\Program Files (x86)\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll

    FF - plugin: C:\Program Files (x86)\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll

    FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrlui.dll

    FF - plugin: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpplugin.dll

    FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

    FF - plugin: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll

    FF - plugin: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll

    FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_262.dll

    FF - plugin: C:\Windows\SysWOW64\npDeployJava1.dll

    FF - plugin: C:\Windows\SysWOW64\npmproxy.dll

    .

    ============= SERVICES / DRIVERS ===============

    .

    R1 ATKWMIACPIIO;ATKWMIACPI Driver;C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [2011-5-25 17536]

    R1 avkmgr;avkmgr;C:\Windows\system32\DRIVERS\avkmgr.sys --> C:\Windows\system32\DRIVERS\avkmgr.sys [?]

    R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?]

    R2 {1BA31E5A-C098-42d8-8F88-3C9F78A2FDDC};Power Control [2012/01/18 10:44:28];C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\000.fcl [2010-11-17 146928]

    R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\system32\atiesrxx.exe --> C:\Windows\system32\atiesrxx.exe [?]

    R2 AMD FUEL Service;AMD FUEL Service;C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2011-6-7 365568]

    R2 AntiVirSchedulerService;Avira Programador;C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [2012-7-20 86224]

    R2 AntiVirService;Avira Realtime Protection;C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [2012-7-20 110032]

    R2 ASMMAP64;ASMMAP64;C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-7-2 15416]

    R2 avgntflt;avgntflt;C:\Windows\system32\DRIVERS\avgntflt.sys --> C:\Windows\system32\DRIVERS\avgntflt.sys [?]

    R2 NAUpdate;Nero Update;C:\Program Files (x86)\Nero\Update\NASvc.exe [2010-3-25 490280]

    R3 amdiox64;AMD IO Driver;C:\Windows\system32\DRIVERS\amdiox64.sys --> C:\Windows\system32\DRIVERS\amdiox64.sys [?]

    R3 amdkmdag;amdkmdag;C:\Windows\system32\DRIVERS\atikmdag.sys --> C:\Windows\system32\DRIVERS\atikmdag.sys [?]

    R3 amdkmdap;amdkmdap;C:\Windows\system32\DRIVERS\atikmpag.sys --> C:\Windows\system32\DRIVERS\atikmpag.sys [?]

    R3 AtiHDAudioService;ATI Function Driver for HD Audio Service;C:\Windows\system32\drivers\AtihdW76.sys --> C:\Windows\system32\drivers\AtihdW76.sys [?]

    R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\system32\DRIVERS\Rt64win7.sys --> C:\Windows\system32\DRIVERS\Rt64win7.sys [?]

    R3 usbfilter;AMD USB Filter Driver;C:\Windows\system32\DRIVERS\usbfilter.sys --> C:\Windows\system32\DRIVERS\usbfilter.sys [?]

    S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]

    S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]

    S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-4-5 158856]

    S3 MozillaMaintenance;Mozilla Maintenance Service;C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-7-3 113120]

    S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\system32\drivers\rdpvideominiport.sys --> C:\Windows\system32\drivers\rdpvideominiport.sys [?]

    S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\Windows\system32\Drivers\RtsUStor.sys --> C:\Windows\system32\Drivers\RtsUStor.sys [?]

    S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?]

    S3 vwifimp;Microsoft Virtual WiFi Miniport Service;C:\Windows\system32\DRIVERS\vwifimp.sys --> C:\Windows\system32\DRIVERS\vwifimp.sys [?]

    S3 WatAdminSvc;Serviço de Tecnologias de Ativação do Windows;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]

    .

    =============== Created Last 30 ================

    .

    2012-07-21 02:55:59 -------- d-----w- C:\Users\Asus\AppData\Roaming\Avira

    2012-07-21 02:46:09 97312 ----a-w- C:\Windows\System32\drivers\avgntflt.sys

    2012-07-21 02:46:09 27760 ----a-w- C:\Windows\System32\drivers\avkmgr.sys

    2012-07-21 02:46:07 -------- d-----w- C:\ProgramData\Avira

    2012-07-21 02:46:07 -------- d-----w- C:\Program Files (x86)\Avira

    2012-07-20 13:22:45 9133488 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{22DFD0CD-DB5D-45E3-AE2F-8D3AC61D26CA}\mpengine.dll

    2012-07-17 02:21:37 -------- d-----w- C:\Users\Asus\AppData\Local\{334E3834-8FBE-4E34-8961-18E22A0CC1DE}

    2012-07-16 21:39:01 -------- d-----w- C:\ProgramData\Kaspersky Lab

    2012-07-11 20:19:12 3148800 ----a-w- C:\Windows\System32\win32k.sys

    2012-07-11 18:44:12 2004480 ----a-w- C:\Windows\System32\msxml6.dll

    2012-07-11 18:44:12 1881600 ----a-w- C:\Windows\System32\msxml3.dll

    2012-07-11 18:44:12 1390080 ----a-w- C:\Windows\SysWow64\msxml6.dll

    2012-07-11 18:44:11 2048 ----a-w- C:\Windows\SysWow64\msxml3r.dll

    2012-07-11 18:44:11 2048 ----a-w- C:\Windows\System32\msxml3r.dll

    2012-07-11 18:44:11 1236992 ----a-w- C:\Windows\SysWow64\msxml3.dll

    2012-07-11 18:38:27 458704 ----a-w- C:\Windows\System32\drivers\cng.sys

    2012-07-11 18:38:27 340992 ----a-w- C:\Windows\System32\schannel.dll

    2012-07-11 18:38:27 307200 ----a-w- C:\Windows\System32\ncrypt.dll

    2012-07-11 18:38:27 219136 ----a-w- C:\Windows\SysWow64\ncrypt.dll

    2012-07-11 18:38:27 151920 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys

    2012-07-11 18:38:26 95600 ----a-w- C:\Windows\System32\drivers\ksecdd.sys

    2012-07-11 18:38:26 225280 ----a-w- C:\Windows\SysWow64\schannel.dll

    2012-07-11 18:38:26 22016 ----a-w- C:\Windows\SysWow64\secur32.dll

    2012-07-11 18:38:25 96768 ----a-w- C:\Windows\SysWow64\sspicli.dll

    2012-07-05 17:44:07 -------- d-----w- C:\Users\Asus\AppData\Local\Macromedia

    2012-07-05 02:21:48 -------- d-----w- C:\Program Files (x86)\Common Files\xing shared

    2012-06-22 13:50:31 2622464 ----a-w- C:\Windows\System32\wucltux.dll

    2012-06-22 13:50:06 99840 ----a-w- C:\Windows\System32\wudriver.dll

    2012-06-22 13:49:46 36864 ----a-w- C:\Windows\System32\wuapp.exe

    2012-06-22 13:49:46 186752 ----a-w- C:\Windows\System32\wuwebv.dll

    .

    ==================== Find3M ====================

    .

    2012-07-18 20:14:07 70344 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl

    2012-07-18 20:14:07 426184 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe

    2012-07-05 02:21:21 499712 ----a-w- C:\Windows\SysWow64\msvcp71.dll

    2012-06-06 06:02:54 1133568 ----a-w- C:\Windows\System32\cdosys.dll

    2012-06-06 05:03:06 805376 ----a-w- C:\Windows\SysWow64\cdosys.dll

    2012-06-02 12:12:17 2311680 ----a-w- C:\Windows\System32\jscript9.dll

    2012-06-02 12:05:28 1392128 ----a-w- C:\Windows\System32\wininet.dll

    2012-06-02 12:04:50 1494528 ----a-w- C:\Windows\System32\inetcpl.cpl

    2012-06-02 12:01:40 173056 ----a-w- C:\Windows\System32\ieUnatt.exe

    2012-06-02 11:57:08 2382848 ----a-w- C:\Windows\System32\mshtml.tlb

    2012-06-02 08:33:25 1800192 ----a-w- C:\Windows\SysWow64\jscript9.dll

    2012-06-02 08:25:08 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll

    2012-06-02 08:25:03 1427968 ----a-w- C:\Windows\SysWow64\inetcpl.cpl

    2012-06-02 08:20:33 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe

    2012-06-02 08:16:52 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb

    2012-05-31 15:25:12 279656 ------w- C:\Windows\System32\MpSigStub.exe

    2012-05-04 22:29:22 772504 ----a-w- C:\Windows\SysWow64\npDeployJava1.dll

    2012-05-04 22:29:16 687504 ----a-w- C:\Windows\SysWow64\deployJava1.dll

    2012-05-04 11:06:22 5559664 ----a-w- C:\Windows\System32\ntoskrnl.exe

    2012-05-04 10:03:53 3968368 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe

    2012-05-04 10:03:50 3913072 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe

    2012-05-01 05:40:20 209920 ----a-w- C:\Windows\System32\profsvc.dll

    2012-04-28 05:32:05 1112064 ----a-w- C:\Windows\System32\rdpcorets.dll

    2012-04-28 03:55:21 210944 ----a-w- C:\Windows\System32\drivers\rdpwd.sys

    2012-04-26 05:41:56 77312 ----a-w- C:\Windows\System32\rdpwsx.dll

    2012-04-26 05:41:55 149504 ----a-w- C:\Windows\System32\rdpcorekmts.dll

    2012-04-26 05:34:27 9216 ----a-w- C:\Windows\System32\rdrmemptylst.exe

    2012-04-24 05:37:37 184320 ----a-w- C:\Windows\System32\cryptsvc.dll

    2012-04-24 05:37:37 140288 ----a-w- C:\Windows\System32\cryptnet.dll

    2012-04-24 05:37:36 1462272 ----a-w- C:\Windows\System32\crypt32.dll

    2012-04-24 04:36:42 140288 ----a-w- C:\Windows\SysWow64\cryptsvc.dll

    2012-04-24 04:36:42 1158656 ----a-w- C:\Windows\SysWow64\crypt32.dll

    2012-04-24 04:36:42 103936 ----a-w- C:\Windows\SysWow64\cryptnet.dll

    .

    ============= FINISH: 14:58:55,38 ===============

    Attack:

    .

    UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

    IF REQUESTED, ZIP IT UP & ATTACH IT

    .

    DDS (Ver_2011-08-26.01)

    .

    Microsoft Windows 7 Ultimate

    Boot Device: \Device\HarddiskVolume1

    Install Date: 17/01/2012 15:44:57

    System Uptime: 21/07/2012 14:41:03 (0 hours ago)

    .

    Motherboard: ASUSTeK Computer Inc. | | K43U

    Processor: AMD C-60 APU with Radeon HD Graphics | CPU 1 | 1000/100mhz

    .

    ==== Disk Partitions =========================

    .

    C: is FIXED (NTFS) - 466 GiB total, 362,302 GiB free.

    D: is CDROM ()

    .

    ==== Disabled Device Manager Items =============

    .

    Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}

    Description: Adaptador de Miniporta WiFi Virtual da Microsoft

    Device ID: {5D624F94-8850-40C3-A3FA-A4FD2080BAF3}\VWIFIMP\5&152272BF&0&01

    Manufacturer: Microsoft

    Name: Adaptador de Miniporta WiFi Virtual da Microsoft

    PNP Device ID: {5D624F94-8850-40C3-A3FA-A4FD2080BAF3}\VWIFIMP\5&152272BF&0&01

    Service: vwifimp

    .

    Class GUID: {6bdd1fc6-810f-11d0-bec7-08002be2092f}

    Description: Dispositivo de vídeo USB

    Device ID: USB\VID_058F&PID_A016&MI_00\6&282BA305&0&0000

    Manufacturer: Microsoft

    Name: ASUS USB2.0 WebCam

    PNP Device ID: USB\VID_058F&PID_A016&MI_00\6&282BA305&0&0000

    Service: usbvideo

    .

    ==== System Restore Points ===================

    .

    RP73: 10/07/2012 11:16:12 - Windows Update

    RP74: 11/07/2012 17:06:40 - Windows Update

    RP75: 17/07/2012 19:07:45 - Windows Update

    RP76: 20/07/2012 10:03:39 - Fixit

    RP77: 21/07/2012 14:16:43 - Windows Update

    .

    ==== Installed Programs ======================

    .

    Update for Microsoft Office 2007 (KB2508958)

    Adobe Flash Player 11 ActiveX

    Adobe Flash Player 11 Plugin

    Adobe Reader 9.5.1 - Português

    AMD VISION Engine Control Center

    Arquivo do WinRAR

    Atheros Client Installation Program

    ATK Package

    Atualização do produto Microsoft Office Excel 2007 Help (KB963678)

    Atualização do produto Microsoft Office Outlook 2007 Help (KB963677)

    Atualização do produto Microsoft Office Powerpoint 2007 Help (KB963669)

    Atualização do produto Microsoft Office Word 2007 Help (KB963665)

    Avira Free Antivirus

    Catalyst Control Center InstallProxy

    Catalyst Control Center Localization All

    Catalyst Control Center Profiles Mobile

    CCC Help Chinese Standard

    CCC Help Chinese Traditional

    CCC Help Czech

    CCC Help Danish

    CCC Help Dutch

    CCC Help English

    CCC Help Finnish

    CCC Help French

    CCC Help German

    CCC Help Greek

    CCC Help Hungarian

    CCC Help Italian

    CCC Help Japanese

    CCC Help Korean

    CCC Help Norwegian

    CCC Help Polish

    CCC Help Portuguese

    CCC Help Russian

    CCC Help Spanish

    CCC Help Swedish

    CCC Help Thai

    CCC Help Turkish

    CyberLink PowerDVD 10

    D3DX10

    High-Definition Video Playback 10

    K-Lite Mega Codec Pack 3.7.0

    Microsoft Office 2007 Service Pack 3 (SP3)

    Microsoft Office Access MUI (Portuguese (Brazil)) 2007

    Microsoft Office Enterprise 2007

    Microsoft Office Excel MUI (Portuguese (Brazil)) 2007

    Microsoft Office File Validation Add-In

    Microsoft Office Groove MUI (Portuguese (Brazil)) 2007

    Microsoft Office InfoPath MUI (Portuguese (Brazil)) 2007

    Microsoft Office OneNote MUI (Portuguese (Brazil)) 2007

    Microsoft Office Outlook MUI (Portuguese (Brazil)) 2007

    Microsoft Office PowerPoint MUI (Portuguese (Brazil)) 2007

    Microsoft Office Proof (English) 2007

    Microsoft Office Proof (Portuguese (Brazil)) 2007

    Microsoft Office Proof (Spanish) 2007

    Microsoft Office Proofing (Portuguese (Brazil)) 2007

    Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)

    Microsoft Office Publisher MUI (Portuguese (Brazil)) 2007

    Microsoft Office Shared MUI (Portuguese (Brazil)) 2007

    Microsoft Office Word MUI (Portuguese (Brazil)) 2007

    Microsoft Primary Interoperability Assemblies 2005

    Microsoft SQL Server 2005 Compact Edition [ENU]

    Microsoft Visual C++ 2005 Redistributable

    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

    Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219

    Mozilla Firefox 13.0.1 (x86 pt-BR)

    Mozilla Maintenance Service

    MSVCRT

    MSXML 4.0 SP2 (KB954430)

    MSXML 4.0 SP2 (KB973688)

    Nero 10 Menu TemplatePack Basic

    Nero 10 Movie ThemePack Basic

    Nero BackItUp 10

    Nero BackItUp 10 Help (CHM)

    Nero Burning ROM 10

    Nero BurningROM 10 Help (CHM)

    Nero BurnRights 10

    Nero BurnRights 10 Help (CHM)

    Nero Control Center 10

    Nero ControlCenter 10 Help (CHM)

    Nero Core Components 10

    Nero CoverDesigner 10

    Nero CoverDesigner 10 Help (CHM)

    Nero DiscSpeed 10

    Nero DiscSpeed 10 Help (CHM)

    Nero Dolby Files 10

    Nero Express 10

    Nero Express 10 Help (CHM)

    Nero InfoTool 10

    Nero InfoTool 10 Help (CHM)

    Nero MediaHub 10

    Nero MediaHub 10 Help (CHM)

    Nero Multimedia Suite 10

    Nero Recode 10

    Nero Recode 10 Help (CHM)

    Nero RescueAgent 10

    Nero RescueAgent 10 Help (CHM)

    Nero SoundTrax 10

    Nero SoundTrax 10 Help (CHM)

    Nero StartSmart 10

    Nero StartSmart 10 Help (CHM)

    Nero Update

    Nero Vision 10

    Nero Vision 10 Help (CHM)

    Nero WaveEditor 10

    Nero WaveEditor 10 Help (CHM)

    RealNetworks - Microsoft Visual C++ 2008 Runtime

    RealPlayer

    Realtek Ethernet Controller Driver

    Realtek High Definition Audio Driver

    Realtek USB 2.0 Card Reader

    RealUpgrade 1.1

    Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)

    Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)

    Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)

    Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)

    Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)

    Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)

    Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)

    Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)

    Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)

    Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)

    Security Update for Microsoft Office 2007 suites (KB2596666) 32-Bit Edition

    Security Update for Microsoft Office 2007 suites (KB2596672) 32-Bit Edition

    Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition

    Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition

    Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition

    Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition

    Security Update for Microsoft Office 2007 suites (KB2596880) 32-Bit Edition

    Security Update for Microsoft Office 2007 suites (KB2597162) 32-Bit Edition

    Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition

    Security Update for Microsoft Office 2007 suites (KB2598041) 32-Bit Edition

    Security Update for Microsoft Office Excel 2007 (KB2597161) 32-Bit Edition

    Security Update for Microsoft Office InfoPath 2007 (KB2596786) 32-Bit Edition

    Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition

    Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition

    Security Update for Microsoft Office Publisher 2007 (KB2596705) 32-Bit Edition

    Security Update for Microsoft Office Word 2007 (KB2596917) 32-Bit Edition

    Security Update for Pacote de Idiomas do Microsoft .NET Framework 4 Client Profile - Português (Brasil) (KB2518870)

    Skype™ 5.9

    Update for 2007 Microsoft Office System (KB967642)

    Update for Microsoft .NET Framework 4 Client Profile (KB2468871)

    Update for Microsoft .NET Framework 4 Client Profile (KB2533523)

    Update for Microsoft .NET Framework 4 Client Profile (KB2600217)

    Update for Microsoft Office Outlook 2007 (KB2596598) 32-Bit Edition

    Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2687310) 32-Bit Edition

    Windows Live Communications Platform

    Windows Live Essentials

    Windows Live Galeria de Fotos

    Windows Live Installer

    Windows Live Messenger

    Windows Live Movie Maker

    Windows Live Photo Common

    Windows Live Photo Gallery

    Windows Live PIMT Platform

    Windows Live SOXE

    Windows Live SOXE Definitions

    Windows Live UX Platform

    Windows Live UX Platform Language Pack

    .

    ==== End Of File ===========================

    Compartilhar este post


    Link para o post
    Compartilhar em outros sites

    Arquivos protegidos por senha em geral não representam nenhum problema, muitos programas fazem isso, principalmente os de segurança.

    Andei observando que após baixar o Gmer e o DDS, qualquer arquivo que eu fizer o download fica um escudo no canto inferior direito do ícone. Sabe me dizer porque disso? E como faço para deixa-lo normal?

    Essa informação não confere, tanto o DDS como o GMER não fazem qualquer alteração desse tipo. Você deve ter instalado um novo programa que fez isso.

    Mais alguma dúvida?

    Compartilhar este post


    Link para o post
    Compartilhar em outros sites
  • Autor do tópico
  • Os novos logs que postei estão limpos?

    E quanto as pergunta do post #7?

    Compartilhar este post


    Link para o post
    Compartilhar em outros sites

    Seus logs estão limpos.

    Quanto a desinstalar os programas, isso só é feito no meu último post.

    Quanto ao escudo, já respondi no meu post #9.

    Parabéns, seu log está limpo.

    De agora em diante fique ALERTA!

    Para finalizar faça o seguinte:

    Vá em Iniciar > Executar e digite ComboFix /Uninstall . Isso desinstalará o ComboFix de sua máquina.

    Faça download do OTC

    • Salve no seu desktop (área/ambiente de trabalho).
    • Duplo-clique no icone do OTC.
    • Clique no botão "Cleanup" 8gehxg0.gif
    • Permita que o seu computador seja reiniciado.

    Sugiro que rode o CCleaner para fazer uma limpeza em sua máquina. Faça o download dele aqui CCleaner

    • Abra o programa e clique em Executar Limpeza;
    • Após isto, clique em Erros >> Procurar erros >> Corrigir Erros

    Sugiro também que consulte este artigo: Proteja seu PC

    Mais algum problema com o computador?

    Compartilhar este post


    Link para o post
    Compartilhar em outros sites
  • Autor do tópico
  • E quanto ao Gmer, DDS e o Kaspersky Remove Tool. É só apertar o botão delete?

    Compartilhar este post


    Link para o post
    Compartilhar em outros sites

    O Kaspersky Removal Tool pode ser desinstalado, o resto, excluído.

    Compartilhar este post


    Link para o post
    Compartilhar em outros sites

    Caso o autor do tópico necessite, o mesmo será reaberto, para isso deverá entrar em contato com a moderação solicitando o desbloqueio.

    Compartilhar este post


    Link para o post
    Compartilhar em outros sites
    Visitante
    Este tópico está impedido de receber novos posts.
    Entre para seguir isso  





    Sobre o Clube do Hardware

    No ar desde 1996, o Clube do Hardware é uma das maiores, mais antigas e mais respeitadas publicações sobre tecnologia do Brasil. Leia mais

    Direitos autorais

    Não permitimos a cópia ou reprodução do conteúdo do nosso site, fórum, newsletters e redes sociais, mesmo citando-se a fonte. Leia mais

    ×