Ir ao conteúdo
  • Comunicados

    • diego_moicano

      Gostaria de se tornar um analista em Remoção de Malware?   07-12-2015

      Gostaria de se tornar um analista em Remoção de Malware? O Fórum Clube do Hardware deu início a um programa de treinamento em análises de log. Os interessados deverão enviar um email para aprendizes (arroba) clubedohardware (ponto) com (ponto) br respondendo as seguintes perguntas: Por que você gostaria de aprender a analisar logs? Possui tempo hábil para o treinamento? Tem conhecimentos em informática? Se sim descreva-os. Possui inglês para leitura? Qual seu objetivo após completar o treinamento?   Não se esqueça de incluir no e-mail o seu nome de usuário (fornecer o link também), idade e cidade onde vive. Adicione também qualquer experiência e/ou razão sobre o porquê você seria um bom Analista. É digno de nota que apenas os que forem selecionados receberão resposta por MP (Mensagem Pessoal), não existe um padrão na escolha dos futuros aprendizes, todos os e-mails serão lidos e serão analisados de forma imparcial, portanto não será permitido reclamações neste aspecto. O treinamento é dado no próprio fórum. Quando um aprendiz é selecionado ele é movido para um novo grupo, onde terá acesso a fóruns fechados para os demais usuários onde poderá dar inicio ao seu treinamento. Importante: A cada 30 dias os e-mails não selecionados serão apagados, portanto você pode enviar um novo e-mail após 1 mês, e-mails enviados antes serão desconsiderados.  
    • Gabriel Torres

      Seja um moderador do Clube do Hardware!   12-02-2016

      Prezados membros do Clube do Hardware, Está aberto o processo de seleção de novos moderadores para diversos setores ou áreas do Clube do Hardware. Os requisitos são:   Pelo menos 500 posts e um ano de cadastro; Boa frequência de participação; Ser respeitoso, cordial e educado com os demais membros; Ter bom nível de português; Ter razoável conhecimento da área em que pretende atuar; Saber trabalhar em equipe (com os moderadores, coordenadores e administradores).   Os interessados deverão enviar uma mensagem privada para o usuário @Equipe Clube do Hardware com o título "Candidato a moderador". A mensagem deverá conter respostas às perguntas abaixo:   Qual o seu nome completo? Qual sua data de nascimento? Qual sua formação/profissão? Já atuou como moderador em algo outro fórum, se sim, qual? De forma sucinta, explique o porquê de querer ser moderador do fórum e conte-nos um pouco sobre você.   OBS: Não se trata de função remunerada. Todos que fazem parte do staff são voluntários.
Entre para seguir isso  
mia.le90

Explorador do windows parou de funcionar

Recommended Posts

Olá,

Começou a aparecer a seguinte mensagem para mim: "explorador do windows deixou de funcionar" e as teclas de atalho do teclado (aumentar volume, diminuir volume...) também pararam.

Não consegui fazer o download do DDS (nenhum arquivo arquivo é descarregado) por isso só posto aqui o arquivo do GMER:

GMER 1.0.15.15641 - http://www.gmer.net

Rootkit scan 2012-12-13 00:10:27

Windows 6.1.7601 Service Pack 1

Running: gmer.exe

---- Registry - GMER 1.0.15 ----

Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\0025d3b2962e

Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\0025d3b2962e (not active ControlSet)

---- EOF - GMER 1.0.15 ----

Compartilhar este post


Link para o post
Compartilhar em outros sites

Olá

Refaça os logs, pois preciso dos mesmos com datas atualizadas: Leia Antes de Postar - Criando um novo Tópico

ATENÇÃO 1: Não precisa abrir um novo tópico, coloque os novos logs neste mesmo tópico, obrigado!

ATENÇÃO 2: Não edite seu tópico, use o botão responder, obrigado!

ATENÇÃO 3: Não coloque os logs entre TAGS, obrigado!

Abraços :D

  • Curtir 1

Compartilhar este post


Link para o post
Compartilhar em outros sites
  • Autor do tópico
  • Olá, aqui vão os arquivos:

    DDS.txt:

    DDS (Ver_2012-11-20.01) - NTFS_AMD64

    Internet Explorer: 9.0.8112.16457

    Run by Leticia at 14:50:35 on 2012-12-15

    Microsoft Windows 7 Home Premium 6.1.7601.1.1252.351.2070.18.6056.4241 [GMT 0:00]

    .

    AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}

    AV: Trend Micro Titanium Internet Security *Disabled/Updated* {68F968AC-2AA0-091D-848C-803E83E35902}

    SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}

    SP: Trend Micro Titanium Internet Security *Disabled/Updated* {D3988948-0C9A-0693-BE3C-BB4CF86413BF}

    SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

    .

    ============== Running Processes ===============

    .

    C:\Windows\system32\lsm.exe

    C:\Windows\system32\svchost.exe -k DcomLaunch

    C:\Windows\system32\nvvsvc.exe

    C:\Windows\system32\svchost.exe -k RPCSS

    C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

    C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

    C:\Windows\system32\svchost.exe -k netsvcs

    C:\Windows\system32\svchost.exe -k LocalService

    C:\Windows\system32\svchost.exe -k NetworkService

    C:\Windows\system32\FBAgent.exe

    C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe

    C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe

    C:\Program Files\AVAST Software\Avast\AvastSvc.exe

    C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe

    C:\Windows\system32\nvvsvc.exe

    C:\Windows\system32\taskeng.exe

    C:\Windows\System32\spoolsv.exe

    C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

    C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

    C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe

    C:\Windows\system32\svchost.exe -k imgsvc

    C:\Program Files\Trend Micro\Titanium\TiMiniService.exe

    C:\Program Files\Trend Micro\Titanium\TiResumeSrv.exe

    C:\Program Files\Intel\TurboBoost\TurboBoost.exe

    C:\ExpressGateUtil\VAWinService.exe

    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

    C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe

    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe

    C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE

    C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

    C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

    C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

    C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe

    C:\Windows\system32\SearchIndexer.exe

    C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe

    C:\Windows\system32\taskhost.exe

    C:\Windows\system32\taskeng.exe

    C:\Windows\system32\Dwm.exe

    C:\Windows\system32\taskeng.exe

    C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe

    C:\Program Files (x86)\ASUS\Splendid\ACMON.exe

    C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe

    C:\Program Files\ASUS\ASUS Secure Delete\ADDEL.exe

    C:\Program Files\P4G\BatteryLife.exe

    C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe

    C:\Windows\AsScrPro.exe

    C:\Windows\SysWOW64\ACEngSvr.exe

    C:\Users\Leticia\AppData\Roaming\Dropbox\bin\Dropbox.exe

    C:\Program Files (x86)\CheckPoint\Endpoint Connect\TrGUI.exe

    C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe

    C:\Program Files\AVAST Software\Avast\AvastUI.exe

    C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe

    C:\Users\Leticia\AppData\Local\Google\Chrome\Application\chrome.exe

    C:\Windows\system32\wuauclt.exe

    C:\Program Files\Windows Media Player\wmpnetwk.exe

    C:\Users\Leticia\AppData\Local\Google\Chrome\Application\chrome.exe

    C:\Users\Leticia\AppData\Local\Google\Chrome\Application\chrome.exe

    C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe

    C:\Windows\SysWOW64\ctfmon.exe

    C:\Windows\system32\taskhost.exe

    C:\Windows\explorer.exe

    C:\Users\Leticia\AppData\Local\Google\Chrome\Application\chrome.exe

    C:\Users\Leticia\AppData\Local\Google\Chrome\Application\chrome.exe

    C:\Windows\system32\wbem\wmiprvse.exe

    C:\Windows\System32\cscript.exe

    .

    ============== Pseudo HJT Report ===============

    .

    uStart Page = hxxp://asus.msn.com

    uDefault_Page_URL = hxxp://asus.msn.com

    mStart Page = hxxp://asus.msn.com

    mWinlogon: Userinit = userinit.exe

    BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

    BHO: TmIEPlugInBHO Class: {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - C:\Program Files\Trend Micro\AMSP\module\20004\1.5.1381\6.5.1234\TmIEPlg32.dll

    BHO: Babylon toolbar helper: {2EECD738-5844-4a99-B4B6-146BF802613B} - C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.6.9.12\bh\BabylonToolbar.dll

    BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll

    BHO: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll

    BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

    BHO: TmBpIeBHO Class: {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\Program Files\Trend Micro\AMSP\module\20002\6.5.1234\6.5.1234\TmBpIe32.dll

    BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll

    TB: Babylon Toolbar: {98889811-442D-49dd-99D7-DC866BE87DBC} - C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.6.9.12\BabylonToolbarTlbr.dll

    TB: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll

    uRun: [Google Update] "C:\Users\Leticia\AppData\Local\Google\Update\GoogleUpdate.exe" /c

    mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

    mRun: [Check Point Endpoint Security] "C:\Program Files (x86)\CheckPoint\Endpoint Connect\TrGUI.exe"

    mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

    mRun: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui

    StartupFolder: C:\Users\Leticia\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Dropbox.lnk - C:\Users\Leticia\AppData\Roaming\Dropbox\bin\Dropbox.exe

    mPolicies-Explorer: NoActiveDesktop = dword:1

    mPolicies-Explorer: NoActiveDesktopChanges = dword:1

    mPolicies-System: ConsentPromptBehaviorAdmin = dword:5

    mPolicies-System: ConsentPromptBehaviorUser = dword:3

    mPolicies-System: EnableUIADesktopToggle = dword:0

    IE: &Enviar para o OneNote - C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105

    IE: E&xportar para o Microsoft Excel - C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000

    IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

    TCP: NameServer = 212.55.154.174 212.55.154.190

    TCP: Interfaces\{920F3980-83E9-49EF-B5C7-EB4A6E44F23A} : DHCPNameServer = 193.136.28.10 193.136.28.9

    TCP: Interfaces\{CA2C1452-67C6-41B7-81F3-4BF87EAC6300} : DHCPNameServer = 212.55.154.174 212.55.154.190

    Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll

    Handler: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\module\20002\6.5.1234\6.5.1234\TmBpIe32.dll

    Handler: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend Micro\AMSP\module\20004\1.5.1381\6.5.1234\TmIEPlg32.dll

    Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

    AppInit_DLLs= c:\progra~3\browse~1\23787~1.43\{16cdf~1\browse~1.dll c:\progra~3\browse~1\22630~1.40\{16cdf~1\browse~1.dll c:\windows\syswow64\nvinit.dll

    SSODL: WebCheck - <orphaned>

    x64-mStart Page = hxxp://asus.msn.com

    x64-BHO: TmIEPlugInBHO Class: {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - C:\Program Files\Trend Micro\AMSP\module\20004\1.5.1381\6.5.1234\TmIEPlg.dll

    x64-BHO: avast! WebRep: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll

    x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

    x64-BHO: TmBpIeBHO Class: {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\Program Files\Trend Micro\AMSP\module\20002\6.5.1234\6.5.1234\TmBpIe64.dll

    x64-TB: avast! WebRep: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll

    x64-Run: [Trend Micro Client Framework] "C:\Program Files\Trend Micro\UniClient\UiFrmWrk\UIWatchDog.exe"

    x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>

    x64-Handler: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\module\20002\6.5.1234\6.5.1234\TmBpIe64.dll

    x64-Handler: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend Micro\AMSP\module\20004\1.5.1381\6.5.1234\TmIEPlg.dll

    x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>

    x64-Notify: igfxcui - igfxdev.dll

    x64-SSODL: WebCheck - <orphaned>

    .

    ============= SERVICES / DRIVERS ===============

    .

    R0 assd;assd;C:\Windows\System32\drivers\assd.sys [2011-10-28 27264]

    R0 nvpciflt;nvpciflt;C:\Windows\System32\drivers\nvpciflt.sys [2011-10-28 25960]

    R1 aswSnx;aswSnx;C:\Windows\System32\drivers\aswSnx.sys [2012-12-12 984144]

    R1 aswSP;aswSP;C:\Windows\System32\drivers\aswSP.sys [2012-12-12 370288]

    R1 ATKWMIACPIIO;ATKWMIACPI Driver;C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [2010-7-26 17024]

    R2 AFBAgent;AFBAgent;C:\Windows\System32\FBAgent.exe [2011-10-28 377264]

    R2 ASMMAP64;ASMMAP64;C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-7-3 15416]

    R2 aswFsBlk;aswFsBlk;C:\Windows\System32\drivers\aswFsBlk.sys [2012-12-12 25232]

    R2 aswMonFlt;aswMonFlt;C:\Windows\System32\drivers\aswMonFlt.sys [2012-12-12 71600]

    R2 avast! Antivirus;avast! Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2012-12-12 44808]

    R2 cvhsvc;Client Virtualization Handler;C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE [2012-1-4 822624]

    R2 sftlist;Application Virtualization Client;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-1 508776]

    R2 TiMiniService;TiMiniService;C:\Program Files\Trend Micro\Titanium\TiMiniService.exe [2010-10-27 241488]

    R2 tmevtmgr;tmevtmgr;C:\Windows\System32\drivers\tmevtmgr.sys [2011-4-13 67664]

    R2 TurboB;Turbo Boost UI Monitor driver;C:\Windows\System32\drivers\TurboB.sys [2010-4-16 13832]

    R2 TurboBoost;Intel® Turbo Boost Technology Monitor;C:\Program Files\Intel\TurboBoost\TurboBoost.exe [2010-4-16 134928]

    R2 UNS;Intel® Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2011-10-28 2655768]

    R2 VideAceWindowsService;VideAceWindowsService;C:\ExpressGateUtil\VAWinService.exe [2011-3-26 91464]

    R3 IntcDAud;Intel® Display Audio;C:\Windows\System32\drivers\IntcDAud.sys [2011-8-12 317440]

    R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;C:\Windows\System32\drivers\L1C62x64.sys [2011-8-12 169584]

    R3 Sftfs;Sftfs;C:\Windows\System32\drivers\Sftfslh.sys [2011-10-1 764264]

    R3 Sftplay;Sftplay;C:\Windows\System32\drivers\Sftplaylh.sys [2011-10-1 268648]

    R3 Sftredir;Sftredir;C:\Windows\System32\drivers\Sftredirlh.sys [2011-10-1 25960]

    R3 Sftvol;Sftvol;C:\Windows\System32\drivers\Sftvollh.sys [2011-10-1 22376]

    R3 sftvsa;Application Virtualization Service Agent;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-1 219496]

    R3 vna_ap;Check Point Virtual Network Adapter - Apollo;C:\Windows\System32\drivers\vnaap.sys [2011-3-1 161256]

    S2 Browser Manager;Browser Manager;C:\ProgramData\Browser Manager\2.3.787.43\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.exe [2012-10-10 2309656]

    S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]

    S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]

    S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-11-9 160944]

    S2 TracSrvWrapper;Check Point Endpoint Security VPN;C:\Program Files (x86)\CheckPoint\Endpoint Connect\TracSrvWrapper.exe [2011-3-1 4306448]

    S3 Amsp;Trend Micro Solution Platform;C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe [2011-4-13 267480]

    S3 fssfltr;fssfltr;C:\Windows\System32\drivers\fssfltr.sys [2011-4-13 48488]

    S3 fsssvc;Windows Live Family Safety Service;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2010-9-23 1493352]

    S3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;C:\Windows\System32\drivers\SiSG664.sys [2009-6-10 56832]

    S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2011-2-18 59392]

    S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2011-2-18 31232]

    S3 WatAdminSvc;Serviço de Tecnologias de Activação do Windows;C:\Windows\System32\Wat\WatAdminSvc.exe [2012-9-10 1255736]

    S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-23 57184]

    .

    =============== Created Last 30 ================

    .

    2012-12-12 23:19:14 2048 ----a-w- C:\Windows\SysWow64\tzres.dll

    2012-12-12 23:19:14 2048 ----a-w- C:\Windows\System32\tzres.dll

    2012-12-12 15:08:38 54072 ----a-w- C:\Windows\System32\drivers\aswRdr2.sys

    2012-12-12 15:08:36 984144 ----a-w- C:\Windows\System32\drivers\aswSnx.sys

    2012-12-12 15:08:36 71600 ----a-w- C:\Windows\System32\drivers\aswMonFlt.sys

    2012-12-12 15:08:03 41224 ----a-w- C:\Windows\avastSS.scr

    2012-12-12 15:07:30 -------- d-----w- C:\ProgramData\AVAST Software

    2012-12-12 15:07:30 -------- d-----w- C:\Program Files\AVAST Software

    2012-12-09 22:27:54 -------- d-----w- C:\Users\Leticia\AppData\Local\Microsoft Help

    2012-12-09 19:15:31 -------- d-----w- C:\Users\Leticia\AppData\Roaming\OpenOffice.org

    2012-12-09 19:14:36 -------- d-----w- C:\Program Files (x86)\OpenOffice.org 3

    2012-12-08 19:15:47 46952 ----a-r- C:\Users\Leticia\AppData\Roaming\Microsoft\Installer\{C0B7F99C-06FB-4C80-A182-4B1F5FD5E05E}\NewShortcut3_D7E18086B4F441ACA56E2F8017753290.exe

    2012-12-08 19:15:47 46952 ----a-r- C:\Users\Leticia\AppData\Roaming\Microsoft\Installer\{C0B7F99C-06FB-4C80-A182-4B1F5FD5E05E}\NewShortcut2_5F2AEFC761A049CE8042C0D6DF628D9C.exe

    2012-12-08 19:15:47 46952 ----a-r- C:\Users\Leticia\AppData\Roaming\Microsoft\Installer\{C0B7F99C-06FB-4C80-A182-4B1F5FD5E05E}\NewShortcut1_8E8CD0EAC9DB4C41ADECF491EC160C0C.exe

    2012-12-08 19:15:47 46952 ----a-r- C:\Users\Leticia\AppData\Roaming\Microsoft\Installer\{C0B7F99C-06FB-4C80-A182-4B1F5FD5E05E}\ARPPRODUCTICON.exe

    2012-12-08 19:15:40 -------- d-----w- C:\ProgramData\Intelligen

    2012-12-08 19:14:47 -------- d-----w- C:\Users\Leticia\AppData\Local\Programs

    2012-12-08 19:12:16 -------- d-----w- C:\Users\Leticia\AppData\Local\Downloaded Installations

    2012-12-08 09:37:17 -------- d-----w- C:\Windows\Internet Logs

    2012-12-08 09:37:17 -------- d-----w- C:\ProgramData\CheckPoint

    2012-12-08 09:36:43 -------- d-----w- C:\Users\Leticia\AppData\Roaming\CheckPoint

    2012-12-08 09:35:49 -------- d-----w- C:\Windows\SysWow64\Zonelabs

    2012-12-08 09:35:47 -------- d-----w- C:\Program Files (x86)\CheckPoint

    2012-12-05 14:56:09 33215 ----a-w- C:\Users\Leticia\mediaenchx325.dll

    2012-12-05 14:55:25 33215 ----a-w- C:\Users\Leticia\mediaenchx324.dll

    2012-12-05 14:53:01 33215 ----a-w- C:\Users\Leticia\mediaenchx323.dll

    2012-12-05 14:52:50 33215 ----a-w- C:\Users\Leticia\mediaenchx322.dll

    2012-11-22 13:09:57 -------- d-----r- C:\Program Files (x86)\Skype

    2012-11-17 17:01:14 -------- d-----w- C:\Users\Leticia\AppData\Local\Adobe

    2012-11-16 02:40:09 9728 ----a-w- C:\Windows\System32\Wdfres.dll

    2012-11-16 02:40:09 785512 ----a-w- C:\Windows\System32\drivers\Wdf01000.sys

    2012-11-16 02:40:09 54376 ----a-w- C:\Windows\System32\drivers\WdfLdr.sys

    2012-11-16 02:40:09 2560 ----a-w- C:\Windows\System32\drivers\pt-PT\wdf01000.sys.mui

    2012-11-16 02:36:21 87040 ----a-w- C:\Windows\System32\drivers\WUDFPf.sys

    2012-11-16 02:36:21 198656 ----a-w- C:\Windows\System32\drivers\WUDFRd.sys

    2012-11-16 02:36:18 84992 ----a-w- C:\Windows\System32\WUDFSvc.dll

    2012-11-16 02:36:18 194048 ----a-w- C:\Windows\System32\WUDFPlatform.dll

    2012-11-16 02:36:17 744448 ----a-w- C:\Windows\System32\WUDFx.dll

    2012-11-16 02:36:17 45056 ----a-w- C:\Windows\System32\WUDFCoinstaller.dll

    2012-11-16 02:36:17 229888 ----a-w- C:\Windows\System32\WUDFHost.exe

    .

    ==================== Find3M ====================

    .

    2012-12-14 18:35:32 45056 ----a-w- C:\Windows\System32\acovcnt.exe

    2012-12-05 14:56:09 33215 ----a-w- C:\Users\Leticia\mediaenchx32.dll

    2012-12-05 14:52:43 33215 ----a-w- C:\Users\Leticia\mediaenchx321.dll

    2012-11-22 03:26:40 3149824 ----a-w- C:\Windows\System32\win32k.sys

    2012-11-14 06:11:44 2312704 ----a-w- C:\Windows\System32\jscript9.dll

    2012-11-14 06:04:11 1392128 ----a-w- C:\Windows\System32\wininet.dll

    2012-11-14 06:02:49 1494528 ----a-w- C:\Windows\System32\inetcpl.cpl

    2012-11-14 05:57:46 599040 ----a-w- C:\Windows\System32\vbscript.dll

    2012-11-14 05:57:35 173056 ----a-w- C:\Windows\System32\ieUnatt.exe

    2012-11-14 05:52:40 2382848 ----a-w- C:\Windows\System32\mshtml.tlb

    2012-11-14 02:09:22 1800704 ----a-w- C:\Windows\SysWow64\jscript9.dll

    2012-11-14 01:58:15 1427968 ----a-w- C:\Windows\SysWow64\inetcpl.cpl

    2012-11-14 01:57:37 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll

    2012-11-14 01:49:25 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe

    2012-11-14 01:48:27 420864 ----a-w- C:\Windows\SysWow64\vbscript.dll

    2012-11-14 01:44:42 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb

    2012-11-12 18:12:05 95208 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll

    2012-11-12 18:12:05 821736 ----a-w- C:\Windows\SysWow64\npDeployJava1.dll

    2012-11-12 18:12:05 746984 ----a-w- C:\Windows\SysWow64\deployJava1.dll

    2012-11-05 21:35:16 46080 ----a-w- C:\Windows\System32\atmlib.dll

    2012-11-05 20:41:32 367616 ----a-w- C:\Windows\System32\atmfd.dll

    2012-11-05 20:32:16 295424 ----a-w- C:\Windows\SysWow64\atmfd.dll

    2012-11-05 20:32:09 34304 ----a-w- C:\Windows\SysWow64\atmlib.dll

    2012-11-02 05:59:11 478208 ----a-w- C:\Windows\System32\dpnet.dll

    2012-11-02 05:11:31 376832 ----a-w- C:\Windows\SysWow64\dpnet.dll

    2012-10-16 08:38:37 135168 ----a-w- C:\Windows\apppatch\AppPatch64\AcXtrnal.dll

    2012-10-16 08:38:34 350208 ----a-w- C:\Windows\apppatch\AppPatch64\AcLayers.dll

    2012-10-16 07:39:52 561664 ----a-w- C:\Windows\apppatch\AcLayers.dll

    2012-10-09 18:17:13 55296 ----a-w- C:\Windows\System32\dhcpcsvc6.dll

    2012-10-09 18:17:13 226816 ----a-w- C:\Windows\System32\dhcpcore6.dll

    2012-10-09 17:40:31 44032 ----a-w- C:\Windows\SysWow64\dhcpcsvc6.dll

    2012-10-09 17:40:31 193536 ----a-w- C:\Windows\SysWow64\dhcpcore6.dll

    2012-10-04 17:46:16 362496 ----a-w- C:\Windows\System32\wow64win.dll

    2012-10-04 17:46:15 243200 ----a-w- C:\Windows\System32\wow64.dll

    2012-10-04 17:46:15 13312 ----a-w- C:\Windows\System32\wow64cpu.dll

    2012-10-04 17:45:55 215040 ----a-w- C:\Windows\System32\winsrv.dll

    2012-10-04 17:43:28 16384 ----a-w- C:\Windows\System32\ntvdm64.dll

    2012-10-04 17:41:16 424960 ----a-w- C:\Windows\System32\KernelBase.dll

    2012-10-04 16:47:41 5120 ----a-w- C:\Windows\SysWow64\wow32.dll

    2012-10-04 16:47:41 274944 ----a-w- C:\Windows\SysWow64\KernelBase.dll

    2012-10-04 15:21:55 338432 ----a-w- C:\Windows\System32\conhost.exe

    2012-10-04 14:46:46 7680 ----a-w- C:\Windows\SysWow64\instnm.exe

    2012-10-04 14:46:46 25600 ----a-w- C:\Windows\SysWow64\setup16.exe

    2012-10-04 14:46:44 14336 ----a-w- C:\Windows\SysWow64\ntvdm64.dll

    2012-10-04 14:46:43 2048 ----a-w- C:\Windows\SysWow64\user.exe

    2012-10-04 14:41:50 6144 ---ha-w- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll

    2012-10-04 14:41:50 4608 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll

    2012-10-04 14:41:50 3584 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll

    2012-10-04 14:41:50 3072 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll

    2012-10-03 17:56:54 1914248 ----a-w- C:\Windows\System32\drivers\tcpip.sys

    2012-10-03 17:44:21 70656 ----a-w- C:\Windows\System32\nlaapi.dll

    2012-10-03 17:44:21 303104 ----a-w- C:\Windows\System32\nlasvc.dll

    2012-10-03 17:44:17 246272 ----a-w- C:\Windows\System32\netcorehc.dll

    2012-10-03 17:44:17 18944 ----a-w- C:\Windows\System32\netevent.dll

    2012-10-03 17:44:16 216576 ----a-w- C:\Windows\System32\ncsi.dll

    2012-10-03 17:42:16 569344 ----a-w- C:\Windows\System32\iphlpsvc.dll

    2012-10-03 16:42:24 18944 ----a-w- C:\Windows\SysWow64\netevent.dll

    2012-10-03 16:42:24 175104 ----a-w- C:\Windows\SysWow64\netcorehc.dll

    2012-10-03 16:42:23 156672 ----a-w- C:\Windows\SysWow64\ncsi.dll

    2012-10-03 16:07:26 45568 ----a-w- C:\Windows\System32\drivers\tcpipreg.sys

    2012-09-25 22:47:43 78336 ----a-w- C:\Windows\SysWow64\synceng.dll

    2012-09-25 22:46:17 95744 ----a-w- C:\Windows\System32\synceng.dll

    .

    ============= FINISH: 14:51:48,21 ===============

    GMER.txt:

    GMER 1.0.15.15641 - http://www.gmer.net

    Rootkit scan 2012-12-15 15:20:09

    Windows 6.1.7601 Service Pack 1

    Running: gmer.exe

    ---- Registry - GMER 1.0.15 ----

    Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\0025d3b2962e

    Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\0025d3b2962e (not active ControlSet)

    ---- EOF - GMER 1.0.15 ----

    Obrigada!

    Compartilhar este post


    Link para o post
    Compartilhar em outros sites

    Desculpe a demora, o Diego está com problemas pessoais. Poste novo log do DDS.

    Obs: nestas festas de fim de ano nossa participação será menor.

    • Curtir 1

    Compartilhar este post


    Link para o post
    Compartilhar em outros sites
  • Autor do tópico
  • Olá, desculpe a demora, estava de férias.

    Boa sorte ao Diego e obrigada por assumir este post :)

    Aqui está o novo dds:

    DDS (Ver_2012-11-20.01)

    .

    Microsoft Windows 7 Home Premium

    Boot Device: \Device\HarddiskVolume2

    Install Date: 08-09-2012 13:25:37

    System Uptime: 13-01-2013 15:51:31 (1 hours ago)

    .

    Motherboard: ASUSTeK Computer Inc. | | U41SV

    Processor: Intel® Core i7-2620M CPU @ 2.70GHz | CPU 1 | 783/100mhz

    .

    ==== Disk Partitions =========================

    .

    C: is FIXED (NTFS) - 186 GiB total, 129,338 GiB free.

    D: is FIXED (NTFS) - 254 GiB total, 254,042 GiB free.

    E: is CDROM ()

    .

    ==== Disabled Device Manager Items =============

    .

    ==== System Restore Points ===================

    .

    RP45: 12-12-2012 15:06:59 - avast! Free Antivirus Instalação

    RP46: 12-12-2012 22:47:06 - Operação de Restauro

    RP47: 12-12-2012 23:26:30 - Removed Microsoft Office Professional Plus 2010

    RP48: 13-12-2012 02:47:23 - Windows Update

    RP49: 22-12-2012 02:17:11 - Windows Update

    RP50: 04-01-2013 12:36:03 - Ponto de Verificação Agendado

    RP51: 09-01-2013 14:53:36 - Windows Update

    .

    ==== Installed Programs ======================

    .

    ??? ActiveX ?? Windows Live Mesh ???? ??????? ???????

    ???? ??? Windows Live

    ???? ???? ActiveX ????? ?? Windows Live Mesh ????????? ???????

    ???? Windows Live

    ????? Windows Live

    ?????? ??????? ?? Windows Live

    ??????? ?????????? Windows Live Mesh ActiveX ??? ????????? ???????????

    ??????? Windows Live Mesh ActiveX ???

    ???????? ?????????? Windows Live

    ?????????? Windows Live

    Adobe Flash Player 10 ActiveX

    Adobe Flash Player 10 Plugin

    Adobe Reader XI (11.0.01)

    Alcor Micro USB Card Reader

    ASUS AI Recovery

    ASUS FancyStart

    ASUS LifeFrame3

    ASUS Live Update

    ASUS Power4Gear Hybrid

    ASUS Secure Delete

    ASUS SmartLogon

    ASUS Splendid Video Enhancement Technology

    ASUS Virtual Camera

    ASUS WebStorage

    AsusScr_U Series_ENG

    AsusVibe2.0

    ATK Package

    avast! Free Antivirus

    Babylon toolbar on IE

    Browser Manager

    Check Point VPN

    Contrôle ActiveX Windows Live Mesh pour connexions à distance

    Control ActiveX de Windows Live Mesh para conexiones remotas

    Controlo ActiveX do Windows Live Mesh para Ligações Remotas

    CyberLink LabelPrint

    CyberLink Power2Go

    D3DX10

    Dropbox

    ExpressGateCloud

    Fast Boot

    Galeria de Fotografias do Windows Live

    Galerie de photos Windows Live

    Galería fotográfica de Windows Live

    Game Park Console

    Google Chrome

    Governor of Poker

    Intel® Control Center

    Intel® Management Engine Components

    Intel® Processor Graphics

    Intel® Turbo Boost Technology Monitor

    Java 7 Update 9

    Java Auto Updater

    Junk Mail filter update

    Mahjongg dimensions

    Mesh Runtime

    Microsoft .NET Framework 4 Client Profile

    Microsoft .NET Framework 4 Client Profile PTG Language Pack

    Microsoft Application Error Reporting

    Microsoft Office 2010

    Microsoft Office Clique-e-Use 2010

    Microsoft Office Starter 2010 - Português

    Microsoft Silverlight

    Microsoft SQL Server 2005 Compact Edition [ENU]

    Microsoft Visual C++ 2005 Redistributable

    Microsoft Visual C++ 2005 Redistributable (x64)

    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161

    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

    MSVCRT

    MSVCRT_amd64

    Nuance PDF Reader

    NVIDIA Control Panel 267.54

    NVIDIA Graphics Driver 267.54

    NVIDIA Install Application

    NVIDIA Optimus 1.0.21

    NVIDIA Update Components

    OpenOffice.org 3.4.1

    Raccolta foto di Windows Live

    Realtek High Definition Audio Driver

    S?????? f?t???af??? t?? Windows Live

    SceneSwitch

    SecureW2 EAP Suite 1.1.2 for Windows

    Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)

    Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)

    Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)

    Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)

    Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)

    Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)

    Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)

    Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)

    Skype™ 6.0

    Sonic Focus

    St???e?? e?????? ActiveX t?? Windows Live Mesh ??a ap?µa???sµ??e? s??d?se??

    SuperPro Designer v8.5 (Eval. Ed.)

    Synaptics Pointing Device Driver

    syncables desktop SE

    Trend Micro Titanium Internet Security

    Update for Microsoft .NET Framework 4 Client Profile (KB2468871)

    Update for Microsoft .NET Framework 4 Client Profile (KB2533523)

    Update for Microsoft .NET Framework 4 Client Profile (KB2600217)

    Windows Live

    Windows Live ???

    Windows Live ????

    Windows Live Communications Platform

    Windows Live Essentials

    Windows Live Family Safety

    Windows Live Fotogalerie

    Windows Live ID Sign-in Assistant

    Windows Live Installer

    Windows Live Language Selector

    Windows Live Mail

    Windows Live Mesh

    Windows Live Mesh - ActiveX-besturingselement voor externe verbindingen

    Windows Live Mesh ActiveX Control for Remote Connections

    Windows Live Messenger

    Windows Live MIME IFilter

    Windows Live Movie Maker

    Windows Live Photo Common

    Windows Live Photo Gallery

    Windows Live PIMT Platform

    Windows Live Remote Client

    Windows Live Remote Client Resources

    Windows Live Remote Service

    Windows Live Remote Service Resources

    Windows Live SOXE

    Windows Live SOXE Definitions

    Windows Live UX Platform

    Windows Live UX Platform Language Pack

    Windows Live Writer

    Windows Live Writer Resources

    WinFlash

    WinRAR 4.20 (32-bit)

    Wireless Console 3

    .

    ==== End Of File ===========================

    DDS (Ver_2012-11-20.01) - NTFS_AMD64

    Internet Explorer: 9.0.8112.16457

    Run by Leticia at 16:36:54 on 2013-01-13

    Microsoft Windows 7 Home Premium 6.1.7601.1.1252.351.2070.18.6056.4269 [GMT 0:00]

    .

    AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}

    AV: Trend Micro Titanium Internet Security *Disabled/Updated* {68F968AC-2AA0-091D-848C-803E83E35902}

    SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}

    SP: Trend Micro Titanium Internet Security *Disabled/Updated* {D3988948-0C9A-0693-BE3C-BB4CF86413BF}

    SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

    .

    ============== Running Processes ===============

    .

    C:\Windows\system32\lsm.exe

    C:\Windows\system32\svchost.exe -k DcomLaunch

    C:\Windows\system32\nvvsvc.exe

    C:\Windows\system32\svchost.exe -k RPCSS

    C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

    C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

    C:\Windows\system32\svchost.exe -k netsvcs

    C:\Windows\system32\svchost.exe -k LocalService

    C:\Windows\system32\svchost.exe -k NetworkService

    C:\Windows\system32\FBAgent.exe

    C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe

    C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe

    C:\Program Files\AVAST Software\Avast\AvastSvc.exe

    C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe

    C:\Windows\system32\nvvsvc.exe

    C:\Windows\system32\taskeng.exe

    C:\Windows\System32\spoolsv.exe

    C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

    C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

    C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe

    C:\Windows\system32\svchost.exe -k imgsvc

    C:\Program Files\Trend Micro\Titanium\TiMiniService.exe

    C:\Program Files\Trend Micro\Titanium\TiResumeSrv.exe

    C:\Program Files\Intel\TurboBoost\TurboBoost.exe

    C:\ExpressGateUtil\VAWinService.exe

    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

    C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe

    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe

    C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE

    C:\Windows\system32\taskhost.exe

    C:\Windows\system32\taskeng.exe

    C:\Windows\system32\Dwm.exe

    C:\Program Files (x86)\ASUS\Splendid\ACMON.exe

    C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe

    C:\Program Files\P4G\BatteryLife.exe

    C:\Program Files\ASUS\ASUS Secure Delete\ADDEL.exe

    C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe

    C:\Windows\system32\taskeng.exe

    C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe

    C:\Windows\SysWOW64\ACEngSvr.exe

    C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

    C:\Windows\AsScrPro.exe

    C:\Users\Leticia\AppData\Roaming\Dropbox\bin\Dropbox.exe

    C:\Program Files (x86)\CheckPoint\Endpoint Connect\TrGUI.exe

    C:\Program Files\AVAST Software\Avast\AvastUI.exe

    C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe

    C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe

    C:\Windows\system32\SearchIndexer.exe

    C:\Program Files\Windows Media Player\wmpnetwk.exe

    C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

    C:\Users\Leticia\AppData\Local\Google\Chrome\Application\chrome.exe

    C:\Users\Leticia\AppData\Local\Google\Chrome\Application\chrome.exe

    C:\Users\Leticia\AppData\Local\Google\Chrome\Application\chrome.exe

    C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

    C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe

    C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe

    C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe

    C:\Windows\system32\wuauclt.exe

    C:\Program Files (x86)\Skype\Phone\Skype.exe

    C:\Windows\explorer.exe

    C:\Users\Leticia\AppData\Local\Google\Chrome\Application\chrome.exe

    C:\Users\Leticia\AppData\Local\Google\Chrome\Application\chrome.exe

    C:\Windows\system32\wbem\wmiprvse.exe

    C:\Windows\System32\cscript.exe

    .

    ============== Pseudo HJT Report ===============

    .

    uStart Page = hxxp://asus.msn.com

    uDefault_Page_URL = hxxp://asus.msn.com

    mStart Page = hxxp://asus.msn.com

    mWinlogon: Userinit = userinit.exe

    BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

    BHO: TmIEPlugInBHO Class: {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - C:\Program Files\Trend Micro\AMSP\module\20004\1.5.1381\6.5.1234\TmIEPlg32.dll

    BHO: Babylon toolbar helper: {2EECD738-5844-4a99-B4B6-146BF802613B} - C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.6.9.12\bh\BabylonToolbar.dll

    BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll

    BHO: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll

    BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

    BHO: TmBpIeBHO Class: {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\Program Files\Trend Micro\AMSP\module\20002\6.5.1234\6.5.1234\TmBpIe32.dll

    BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll

    TB: Babylon Toolbar: {98889811-442D-49dd-99D7-DC866BE87DBC} - C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.6.9.12\BabylonToolbarTlbr.dll

    TB: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll

    uRun: [Google Update] "C:\Users\Leticia\AppData\Local\Google\Update\GoogleUpdate.exe" /c

    mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

    mRun: [Check Point Endpoint Security] "C:\Program Files (x86)\CheckPoint\Endpoint Connect\TrGUI.exe"

    mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

    mRun: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui

    StartupFolder: C:\Users\Leticia\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Dropbox.lnk - C:\Users\Leticia\AppData\Roaming\Dropbox\bin\Dropbox.exe

    mPolicies-Explorer: NoActiveDesktop = dword:1

    mPolicies-Explorer: NoActiveDesktopChanges = dword:1

    mPolicies-System: ConsentPromptBehaviorAdmin = dword:5

    mPolicies-System: ConsentPromptBehaviorUser = dword:3

    mPolicies-System: EnableUIADesktopToggle = dword:0

    IE: &Enviar para o OneNote - C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105

    IE: E&xportar para o Microsoft Excel - C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000

    IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

    TCP: NameServer = 212.55.154.174 212.55.154.190

    TCP: Interfaces\{920F3980-83E9-49EF-B5C7-EB4A6E44F23A} : DHCPNameServer = 193.136.28.10 193.136.28.9

    TCP: Interfaces\{CA2C1452-67C6-41B7-81F3-4BF87EAC6300} : DHCPNameServer = 212.55.154.174 212.55.154.190

    Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll

    Handler: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\module\20002\6.5.1234\6.5.1234\TmBpIe32.dll

    Handler: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend Micro\AMSP\module\20004\1.5.1381\6.5.1234\TmIEPlg32.dll

    Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

    AppInit_DLLs= c:\progra~3\browse~1\23787~1.43\{16cdf~1\browse~1.dll c:\progra~3\browse~1\22630~1.40\{16cdf~1\browse~1.dll c:\windows\syswow64\nvinit.dll

    SSODL: WebCheck - <orphaned>

    x64-mStart Page = hxxp://asus.msn.com

    x64-BHO: TmIEPlugInBHO Class: {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - C:\Program Files\Trend Micro\AMSP\module\20004\1.5.1381\6.5.1234\TmIEPlg.dll

    x64-BHO: avast! WebRep: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll

    x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

    x64-BHO: TmBpIeBHO Class: {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\Program Files\Trend Micro\AMSP\module\20002\6.5.1234\6.5.1234\TmBpIe64.dll

    x64-TB: avast! WebRep: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll

    x64-Run: [Trend Micro Client Framework] "C:\Program Files\Trend Micro\UniClient\UiFrmWrk\UIWatchDog.exe"

    x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>

    x64-Handler: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\module\20002\6.5.1234\6.5.1234\TmBpIe64.dll

    x64-Handler: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend Micro\AMSP\module\20004\1.5.1381\6.5.1234\TmIEPlg.dll

    x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>

    x64-Notify: igfxcui - igfxdev.dll

    x64-SSODL: WebCheck - <orphaned>

    .

    ============= SERVICES / DRIVERS ===============

    .

    R0 assd;assd;C:\Windows\System32\drivers\assd.sys [2011-10-28 27264]

    R0 nvpciflt;nvpciflt;C:\Windows\System32\drivers\nvpciflt.sys [2011-10-28 25960]

    R1 aswSnx;aswSnx;C:\Windows\System32\drivers\aswSnx.sys [2012-12-12 984144]

    R1 aswSP;aswSP;C:\Windows\System32\drivers\aswSP.sys [2012-12-12 370288]

    R1 ATKWMIACPIIO;ATKWMIACPI Driver;C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [2010-7-26 17024]

    R2 AFBAgent;AFBAgent;C:\Windows\System32\FBAgent.exe [2011-10-28 377264]

    R2 ASMMAP64;ASMMAP64;C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-7-3 15416]

    R2 aswFsBlk;aswFsBlk;C:\Windows\System32\drivers\aswFsBlk.sys [2012-12-12 25232]

    R2 aswMonFlt;aswMonFlt;C:\Windows\System32\drivers\aswMonFlt.sys [2012-12-12 71600]

    R2 avast! Antivirus;avast! Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2012-12-12 44808]

    R2 cvhsvc;Client Virtualization Handler;C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE [2012-1-4 822624]

    R2 sftlist;Application Virtualization Client;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-1 508776]

    R2 TiMiniService;TiMiniService;C:\Program Files\Trend Micro\Titanium\TiMiniService.exe [2010-10-27 241488]

    R2 tmevtmgr;tmevtmgr;C:\Windows\System32\drivers\tmevtmgr.sys [2011-4-13 67664]

    R2 TurboB;Turbo Boost UI Monitor driver;C:\Windows\System32\drivers\TurboB.sys [2010-4-16 13832]

    R2 TurboBoost;Intel® Turbo Boost Technology Monitor;C:\Program Files\Intel\TurboBoost\TurboBoost.exe [2010-4-16 134928]

    R2 UNS;Intel® Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2011-10-28 2655768]

    R2 VideAceWindowsService;VideAceWindowsService;C:\ExpressGateUtil\VAWinService.exe [2011-3-26 91464]

    R3 IntcDAud;Intel® Display Audio;C:\Windows\System32\drivers\IntcDAud.sys [2011-8-12 317440]

    R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;C:\Windows\System32\drivers\L1C62x64.sys [2011-8-12 169584]

    R3 Sftfs;Sftfs;C:\Windows\System32\drivers\Sftfslh.sys [2011-10-1 764264]

    R3 Sftplay;Sftplay;C:\Windows\System32\drivers\Sftplaylh.sys [2011-10-1 268648]

    R3 Sftredir;Sftredir;C:\Windows\System32\drivers\Sftredirlh.sys [2011-10-1 25960]

    R3 Sftvol;Sftvol;C:\Windows\System32\drivers\Sftvollh.sys [2011-10-1 22376]

    R3 sftvsa;Application Virtualization Service Agent;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-1 219496]

    R3 vna_ap;Check Point Virtual Network Adapter - Apollo;C:\Windows\System32\drivers\vnaap.sys [2011-3-1 161256]

    S2 Browser Manager;Browser Manager;C:\ProgramData\Browser Manager\2.3.787.43\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.exe [2012-10-10 2309656]

    S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]

    S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]

    S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-11-9 160944]

    S2 TracSrvWrapper;Check Point Endpoint Security VPN;C:\Program Files (x86)\CheckPoint\Endpoint Connect\TracSrvWrapper.exe [2011-3-1 4306448]

    S3 Amsp;Trend Micro Solution Platform;C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe [2011-4-13 267480]

    S3 fssfltr;fssfltr;C:\Windows\System32\drivers\fssfltr.sys [2011-4-13 48488]

    S3 fsssvc;Windows Live Family Safety Service;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2010-9-23 1493352]

    S3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;C:\Windows\System32\drivers\SiSG664.sys [2009-6-10 56832]

    S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2011-2-18 59392]

    S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2011-2-18 31232]

    S3 WatAdminSvc;Serviço de Tecnologias de Activação do Windows;C:\Windows\System32\Wat\WatAdminSvc.exe [2012-9-10 1255736]

    S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-23 57184]

    .

    =============== Created Last 30 ================

    .

    2013-01-10 23:16:45 -------- d-----w- C:\Users\Leticia\AppData\Local\{4BB6246A-D797-453B-BB16-821A0FB27E79}

    2013-01-09 14:51:11 750592 ----a-w- C:\Windows\System32\win32spl.dll

    2013-01-09 14:51:11 492032 ----a-w- C:\Windows\SysWow64\win32spl.dll

    2013-01-09 14:49:23 424448 ----a-w- C:\Windows\System32\KernelBase.dll

    2013-01-09 14:48:47 68608 ----a-w- C:\Windows\System32\taskhost.exe

    2013-01-09 14:48:45 3149824 ----a-w- C:\Windows\System32\win32k.sys

    2013-01-08 01:24:35 -------- d-----w- C:\Users\Leticia\AppData\Local\{F92C76E6-ECA7-42A0-8BB3-FA018ED5A160}

    2012-12-30 01:02:31 -------- d-----w- C:\Users\Leticia\AppData\Local\{AD074FB7-31EB-447E-97FC-3E558BAAA752}

    2012-12-27 14:13:09 105984 ----a-w- C:\Users\Leticia\mediaenchx326.dll

    2012-12-23 00:19:32 -------- d-----w- C:\Users\Leticia\AppData\Local\{3E5E6B84-8F43-4D1F-9FD8-3666EE0F84F5}

    2012-12-22 02:18:04 46080 ----a-w- C:\Windows\System32\atmlib.dll

    2012-12-22 02:18:04 34304 ----a-w- C:\Windows\SysWow64\atmlib.dll

    2012-12-22 02:18:02 367616 ----a-w- C:\Windows\System32\atmfd.dll

    2012-12-22 02:18:00 295424 ----a-w- C:\Windows\SysWow64\atmfd.dll

    2012-12-21 21:03:37 -------- d-----w- C:\Users\Leticia\AppData\Local\{EFA6E80F-3C93-4358-B0DA-3BAA40B1969F}

    2012-12-19 01:59:38 -------- d-----w- C:\Users\Leticia\AppData\Local\{F16AE3A8-4F0E-4C16-A2F6-D68D31FED3E6}

    .

    ==================== Find3M ====================

    .

    2013-01-13 15:52:14 45056 ----a-w- C:\Windows\System32\acovcnt.exe

    2012-12-27 14:08:35 105984 ----a-w- C:\Users\Leticia\mediaenchx325.dll

    2012-12-27 14:06:30 105984 ----a-w- C:\Users\Leticia\mediaenchx324.dll

    2012-12-21 18:54:30 105984 ----a-w- C:\Users\Leticia\mediaenchx323.dll

    2012-12-21 18:54:11 105984 ----a-w- C:\Users\Leticia\mediaenchx322.dll

    2012-12-21 18:54:11 105984 ----a-w- C:\Users\Leticia\mediaenchx321.dll

    2012-12-21 18:54:11 105984 ----a-w- C:\Users\Leticia\mediaenchx32.dll

    2012-12-07 13:20:16 441856 ----a-w- C:\Windows\System32\Wpc.dll

    2012-12-07 13:15:31 2746368 ----a-w- C:\Windows\System32\gameux.dll

    2012-12-07 12:26:17 308736 ----a-w- C:\Windows\SysWow64\Wpc.dll

    2012-12-07 12:20:43 2576384 ----a-w- C:\Windows\SysWow64\gameux.dll

    2012-12-07 11:20:04 30720 ----a-w- C:\Windows\System32\usk.rs

    2012-12-07 11:20:03 43520 ----a-w- C:\Windows\System32\csrr.rs

    2012-12-07 11:20:03 23552 ----a-w- C:\Windows\System32\oflc.rs

    2012-12-07 11:20:01 45568 ----a-w- C:\Windows\System32\oflc-nz.rs

    2012-12-07 11:20:01 44544 ----a-w- C:\Windows\System32\pegibbfc.rs

    2012-12-07 11:20:01 20480 ----a-w- C:\Windows\System32\pegi-fi.rs

    2012-12-07 11:20:00 20480 ----a-w- C:\Windows\System32\pegi-pt.rs

    2012-12-07 11:19:59 20480 ----a-w- C:\Windows\System32\pegi.rs

    2012-12-07 11:19:58 46592 ----a-w- C:\Windows\System32\fpb.rs

    2012-12-07 11:19:57 40960 ----a-w- C:\Windows\System32\cob-au.rs

    2012-12-07 11:19:57 21504 ----a-w- C:\Windows\System32\grb.rs

    2012-12-07 11:19:57 15360 ----a-w- C:\Windows\System32\djctq.rs

    2012-12-07 11:19:56 55296 ----a-w- C:\Windows\System32\cero.rs

    2012-12-07 11:19:55 51712 ----a-w- C:\Windows\System32\esrb.rs

    2012-11-30 05:45:35 362496 ----a-w- C:\Windows\System32\wow64win.dll

    2012-11-30 05:45:35 243200 ----a-w- C:\Windows\System32\wow64.dll

    2012-11-30 05:45:35 13312 ----a-w- C:\Windows\System32\wow64cpu.dll

    2012-11-30 05:45:14 215040 ----a-w- C:\Windows\System32\winsrv.dll

    2012-11-30 05:43:12 16384 ----a-w- C:\Windows\System32\ntvdm64.dll

    2012-11-30 04:54:00 5120 ----a-w- C:\Windows\SysWow64\wow32.dll

    2012-11-30 04:53:59 274944 ----a-w- C:\Windows\SysWow64\KernelBase.dll

    2012-11-30 03:23:48 338432 ----a-w- C:\Windows\System32\conhost.exe

    2012-11-30 02:44:06 25600 ----a-w- C:\Windows\SysWow64\setup16.exe

    2012-11-30 02:44:04 7680 ----a-w- C:\Windows\SysWow64\instnm.exe

    2012-11-30 02:44:04 14336 ----a-w- C:\Windows\SysWow64\ntvdm64.dll

    2012-11-30 02:44:03 2048 ----a-w- C:\Windows\SysWow64\user.exe

    2012-11-30 02:38:59 6144 ---ha-w- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll

    2012-11-30 02:38:59 4608 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll

    2012-11-30 02:38:59 3584 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll

    2012-11-30 02:38:59 3072 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll

    2012-11-22 05:44:23 800768 ----a-w- C:\Windows\System32\usp10.dll

    2012-11-22 04:45:03 626688 ----a-w- C:\Windows\SysWow64\usp10.dll

    2012-11-20 05:48:49 307200 ----a-w- C:\Windows\System32\ncrypt.dll

    2012-11-20 04:51:09 220160 ----a-w- C:\Windows\SysWow64\ncrypt.dll

    2012-11-14 06:11:44 2312704 ----a-w- C:\Windows\System32\jscript9.dll

    2012-11-14 06:04:11 1392128 ----a-w- C:\Windows\System32\wininet.dll

    2012-11-14 06:02:49 1494528 ----a-w- C:\Windows\System32\inetcpl.cpl

    2012-11-14 05:57:46 599040 ----a-w- C:\Windows\System32\vbscript.dll

    2012-11-14 05:57:35 173056 ----a-w- C:\Windows\System32\ieUnatt.exe

    2012-11-14 05:52:40 2382848 ----a-w- C:\Windows\System32\mshtml.tlb

    2012-11-14 02:09:22 1800704 ----a-w- C:\Windows\SysWow64\jscript9.dll

    2012-11-14 01:58:15 1427968 ----a-w- C:\Windows\SysWow64\inetcpl.cpl

    2012-11-14 01:57:37 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll

    2012-11-14 01:49:25 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe

    2012-11-14 01:48:27 420864 ----a-w- C:\Windows\SysWow64\vbscript.dll

    2012-11-14 01:44:42 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb

    2012-11-12 18:12:05 95208 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll

    2012-11-12 18:12:05 821736 ----a-w- C:\Windows\SysWow64\npDeployJava1.dll

    2012-11-12 18:12:05 746984 ----a-w- C:\Windows\SysWow64\deployJava1.dll

    2012-11-09 05:45:09 2048 ----a-w- C:\Windows\System32\tzres.dll

    2012-11-09 04:42:49 2048 ----a-w- C:\Windows\SysWow64\tzres.dll

    2012-11-02 05:59:11 478208 ----a-w- C:\Windows\System32\dpnet.dll

    2012-11-02 05:11:31 376832 ----a-w- C:\Windows\SysWow64\dpnet.dll

    2012-11-01 05:43:42 2002432 ----a-w- C:\Windows\System32\msxml6.dll

    2012-11-01 05:43:42 1882624 ----a-w- C:\Windows\System32\msxml3.dll

    2012-11-01 04:47:54 1389568 ----a-w- C:\Windows\SysWow64\msxml6.dll

    2012-11-01 04:47:54 1236992 ----a-w- C:\Windows\SysWow64\msxml3.dll

    2012-10-30 22:51:55 984144 ----a-w- C:\Windows\System32\drivers\aswSnx.sys

    2012-10-30 22:51:55 71600 ----a-w- C:\Windows\System32\drivers\aswMonFlt.sys

    2012-10-30 22:51:07 41224 ----a-w- C:\Windows\avastSS.scr

    2012-10-16 08:38:37 135168 ----a-w- C:\Windows\apppatch\AppPatch64\AcXtrnal.dll

    2012-10-16 08:38:34 350208 ----a-w- C:\Windows\apppatch\AppPatch64\AcLayers.dll

    2012-10-16 07:39:52 561664 ----a-w- C:\Windows\apppatch\AcLayers.dll

    2012-10-15 16:59:28 54072 ----a-w- C:\Windows\System32\drivers\aswRdr2.sys

    .

    ============= FINISH: 16:38:01,99 ===============

    Compartilhar este post


    Link para o post
    Compartilhar em outros sites

    Você tem dois antivírus instalados, comece desinstalando um e depois poste novo log do DDS.

    • Curtir 1

    Compartilhar este post


    Link para o post
    Compartilhar em outros sites
  • Autor do tópico
  • Certo, desinstalei o avast, que é o que eu havia instalado, o outro deve ter vindo com o note.

    Aqui estão os novos dados do dds:

    DDS (Ver_2012-11-20.01)

    .

    Microsoft Windows 7 Home Premium

    Boot Device: \Device\HarddiskVolume2

    Install Date: 08-09-2012 13:25:37

    System Uptime: 15-01-2013 19:23:04 (0 hours ago)

    .

    Motherboard: ASUSTeK Computer Inc. | | U41SV

    Processor: Intel® Core i7-2620M CPU @ 2.70GHz | CPU 1 | 783/100mhz

    .

    ==== Disk Partitions =========================

    .

    C: is FIXED (NTFS) - 186 GiB total, 134,43 GiB free.

    D: is FIXED (NTFS) - 254 GiB total, 254,042 GiB free.

    E: is CDROM ()

    .

    ==== Disabled Device Manager Items =============

    .

    ==== System Restore Points ===================

    .

    RP49: 22-12-2012 02:17:11 - Windows Update

    RP50: 04-01-2013 12:36:03 - Ponto de Verificação Agendado

    RP51: 09-01-2013 14:53:36 - Windows Update

    RP52: 15-01-2013 19:20:16 - avast! Free Antivirus Instalação

    .

    ==== Installed Programs ======================

    .

    ??? ActiveX ?? Windows Live Mesh ???? ??????? ???????

    ???? ??? Windows Live

    ???? ???? ActiveX ????? ?? Windows Live Mesh ????????? ???????

    ???? Windows Live

    ????? Windows Live

    ?????? ??????? ?? Windows Live

    ??????? ?????????? Windows Live Mesh ActiveX ??? ????????? ???????????

    ??????? Windows Live Mesh ActiveX ???

    ???????? ?????????? Windows Live

    ?????????? Windows Live

    Adobe Flash Player 10 ActiveX

    Adobe Flash Player 10 Plugin

    Adobe Reader XI (11.0.01)

    Alcor Micro USB Card Reader

    ASUS AI Recovery

    ASUS FancyStart

    ASUS LifeFrame3

    ASUS Live Update

    ASUS Power4Gear Hybrid

    ASUS Secure Delete

    ASUS SmartLogon

    ASUS Splendid Video Enhancement Technology

    ASUS Virtual Camera

    ASUS WebStorage

    AsusScr_U Series_ENG

    AsusVibe2.0

    ATK Package

    Babylon toolbar on IE

    Browser Manager

    Check Point VPN

    Contrôle ActiveX Windows Live Mesh pour connexions à distance

    Control ActiveX de Windows Live Mesh para conexiones remotas

    Controlo ActiveX do Windows Live Mesh para Ligações Remotas

    CyberLink LabelPrint

    CyberLink Power2Go

    D3DX10

    Dropbox

    ExpressGateCloud

    Fast Boot

    Galeria de Fotografias do Windows Live

    Galerie de photos Windows Live

    Galería fotográfica de Windows Live

    Game Park Console

    Google Chrome

    Governor of Poker

    Intel® Control Center

    Intel® Management Engine Components

    Intel® Processor Graphics

    Intel® Turbo Boost Technology Monitor

    Java 7 Update 9

    Java Auto Updater

    Junk Mail filter update

    Mahjongg dimensions

    Mesh Runtime

    Microsoft .NET Framework 4 Client Profile

    Microsoft .NET Framework 4 Client Profile PTG Language Pack

    Microsoft Application Error Reporting

    Microsoft Office 2010

    Microsoft Office Clique-e-Use 2010

    Microsoft Office Starter 2010 - Português

    Microsoft Silverlight

    Microsoft SQL Server 2005 Compact Edition [ENU]

    Microsoft Visual C++ 2005 Redistributable

    Microsoft Visual C++ 2005 Redistributable (x64)

    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161

    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

    MSVCRT

    MSVCRT_amd64

    Nuance PDF Reader

    NVIDIA Control Panel 267.54

    NVIDIA Graphics Driver 267.54

    NVIDIA Install Application

    NVIDIA Optimus 1.0.21

    NVIDIA Update Components

    OpenOffice.org 3.4.1

    Raccolta foto di Windows Live

    Realtek High Definition Audio Driver

    S?????? f?t???af??? t?? Windows Live

    SceneSwitch

    SecureW2 EAP Suite 1.1.2 for Windows

    Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)

    Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)

    Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)

    Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)

    Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)

    Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)

    Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)

    Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)

    Skype™ 6.0

    Sonic Focus

    St???e?? e?????? ActiveX t?? Windows Live Mesh ??a ap?µa???sµ??e? s??d?se??

    SuperPro Designer v8.5 (Eval. Ed.)

    Synaptics Pointing Device Driver

    syncables desktop SE

    Trend Micro Titanium Internet Security

    Update for Microsoft .NET Framework 4 Client Profile (KB2468871)

    Update for Microsoft .NET Framework 4 Client Profile (KB2533523)

    Update for Microsoft .NET Framework 4 Client Profile (KB2600217)

    Windows Live

    Windows Live ???

    Windows Live ????

    Windows Live Communications Platform

    Windows Live Essentials

    Windows Live Family Safety

    Windows Live Fotogalerie

    Windows Live ID Sign-in Assistant

    Windows Live Installer

    Windows Live Language Selector

    Windows Live Mail

    Windows Live Mesh

    Windows Live Mesh - ActiveX-besturingselement voor externe verbindingen

    Windows Live Mesh ActiveX Control for Remote Connections

    Windows Live Messenger

    Windows Live MIME IFilter

    Windows Live Movie Maker

    Windows Live Photo Common

    Windows Live Photo Gallery

    Windows Live PIMT Platform

    Windows Live Remote Client

    Windows Live Remote Client Resources

    Windows Live Remote Service

    Windows Live Remote Service Resources

    Windows Live SOXE

    Windows Live SOXE Definitions

    Windows Live UX Platform

    Windows Live UX Platform Language Pack

    Windows Live Writer

    Windows Live Writer Resources

    WinFlash

    WinRAR 4.20 (32-bit)

    Wireless Console 3

    .

    ==== End Of File ===========================

    DDS (Ver_2012-11-20.01) - NTFS_AMD64

    Internet Explorer: 9.0.8112.16457

    Run by Leticia at 19:27:22 on 2013-01-15

    Microsoft Windows 7 Home Premium 6.1.7601.1.1252.351.2070.18.6056.4465 [GMT 0:00]

    .

    AV: Trend Micro Titanium Internet Security *Disabled/Updated* {68F968AC-2AA0-091D-848C-803E83E35902}

    SP: Trend Micro Titanium Internet Security *Disabled/Updated* {D3988948-0C9A-0693-BE3C-BB4CF86413BF}

    SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

    .

    ============== Running Processes ===============

    .

    C:\Windows\system32\lsm.exe

    C:\Windows\system32\svchost.exe -k DcomLaunch

    C:\Windows\system32\nvvsvc.exe

    C:\Windows\system32\svchost.exe -k RPCSS

    C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

    C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

    C:\Windows\system32\svchost.exe -k netsvcs

    C:\Windows\system32\svchost.exe -k LocalService

    C:\Windows\system32\svchost.exe -k NetworkService

    C:\Windows\system32\FBAgent.exe

    C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe

    C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe

    C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe

    C:\Windows\system32\nvvsvc.exe

    C:\Windows\system32\taskeng.exe

    C:\Windows\System32\spoolsv.exe

    C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

    C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

    C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe

    C:\Windows\system32\svchost.exe -k imgsvc

    C:\Program Files\Trend Micro\Titanium\TiMiniService.exe

    C:\Program Files\Trend Micro\Titanium\TiResumeSrv.exe

    C:\Program Files\Intel\TurboBoost\TurboBoost.exe

    C:\ExpressGateUtil\VAWinService.exe

    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

    C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe

    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe

    C:\Windows\system32\taskhost.exe

    C:\Windows\system32\taskeng.exe

    C:\Windows\system32\Dwm.exe

    C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe

    C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe

    C:\Program Files\ASUS\ASUS Secure Delete\ADDEL.exe

    C:\Windows\system32\taskeng.exe

    C:\Program Files\P4G\BatteryLife.exe

    C:\Windows\Explorer.EXE

    C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE

    C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe

    C:\Program Files (x86)\ASUS\Splendid\ACMON.exe

    C:\Windows\SysWOW64\ACEngSvr.exe

    C:\Windows\servicing\TrustedInstaller.exe

    C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

    C:\Program Files (x86)\CheckPoint\Endpoint Connect\TrGUI.exe

    C:\Windows\AsScrPro.exe

    C:\Users\Leticia\AppData\Roaming\Dropbox\bin\Dropbox.exe

    C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe

    C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe

    C:\Windows\system32\SearchIndexer.exe

    C:\Program Files\Windows Media Player\wmpnetwk.exe

    C:\Windows\system32\SearchProtocolHost.exe

    C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

    C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

    C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe

    C:\Windows\system32\sppsvc.exe

    C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe

    C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe

    C:\Windows\system32\wbem\wmiprvse.exe

    C:\Windows\system32\wuauclt.exe

    C:\Windows\system32\SearchFilterHost.exe

    C:\Windows\System32\cscript.exe

    .

    ============== Pseudo HJT Report ===============

    .

    uStart Page = hxxp://asus.msn.com

    uDefault_Page_URL = hxxp://asus.msn.com

    mStart Page = hxxp://asus.msn.com

    mWinlogon: Userinit = userinit.exe

    BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

    BHO: TmIEPlugInBHO Class: {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - C:\Program Files\Trend Micro\AMSP\module\20004\1.5.1381\6.5.1234\TmIEPlg32.dll

    BHO: Babylon toolbar helper: {2EECD738-5844-4a99-B4B6-146BF802613B} - C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.6.9.12\bh\BabylonToolbar.dll

    BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll

    BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

    BHO: TmBpIeBHO Class: {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\Program Files\Trend Micro\AMSP\module\20002\6.5.1234\6.5.1234\TmBpIe32.dll

    BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll

    TB: Babylon Toolbar: {98889811-442D-49dd-99D7-DC866BE87DBC} - C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.6.9.12\BabylonToolbarTlbr.dll

    uRun: [Google Update] "C:\Users\Leticia\AppData\Local\Google\Update\GoogleUpdate.exe" /c

    mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

    mRun: [Check Point Endpoint Security] "C:\Program Files (x86)\CheckPoint\Endpoint Connect\TrGUI.exe"

    mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

    StartupFolder: C:\Users\Leticia\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Dropbox.lnk - C:\Users\Leticia\AppData\Roaming\Dropbox\bin\Dropbox.exe

    mPolicies-Explorer: NoActiveDesktop = dword:1

    mPolicies-Explorer: NoActiveDesktopChanges = dword:1

    mPolicies-System: ConsentPromptBehaviorAdmin = dword:5

    mPolicies-System: ConsentPromptBehaviorUser = dword:3

    mPolicies-System: EnableUIADesktopToggle = dword:0

    IE: &Enviar para o OneNote - C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105

    IE: E&xportar para o Microsoft Excel - C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000

    IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

    TCP: NameServer = 212.55.154.174 212.55.154.190

    TCP: Interfaces\{920F3980-83E9-49EF-B5C7-EB4A6E44F23A} : DHCPNameServer = 193.136.28.10 193.136.28.9

    TCP: Interfaces\{CA2C1452-67C6-41B7-81F3-4BF87EAC6300} : DHCPNameServer = 212.55.154.174 212.55.154.190

    Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll

    Handler: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\module\20002\6.5.1234\6.5.1234\TmBpIe32.dll

    Handler: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend Micro\AMSP\module\20004\1.5.1381\6.5.1234\TmIEPlg32.dll

    Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

    AppInit_DLLs= c:\progra~3\browse~1\23787~1.43\{16cdf~1\browse~1.dll c:\progra~3\browse~1\22630~1.40\{16cdf~1\browse~1.dll c:\windows\syswow64\nvinit.dll

    SSODL: WebCheck - <orphaned>

    x64-mStart Page = hxxp://asus.msn.com

    x64-BHO: TmIEPlugInBHO Class: {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - C:\Program Files\Trend Micro\AMSP\module\20004\1.5.1381\6.5.1234\TmIEPlg.dll

    x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

    x64-BHO: TmBpIeBHO Class: {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\Program Files\Trend Micro\AMSP\module\20002\6.5.1234\6.5.1234\TmBpIe64.dll

    x64-Run: [Trend Micro Client Framework] "C:\Program Files\Trend Micro\UniClient\UiFrmWrk\UIWatchDog.exe"

    x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>

    x64-Handler: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\module\20002\6.5.1234\6.5.1234\TmBpIe64.dll

    x64-Handler: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend Micro\AMSP\module\20004\1.5.1381\6.5.1234\TmIEPlg.dll

    x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>

    x64-Notify: igfxcui - igfxdev.dll

    x64-SSODL: WebCheck - <orphaned>

    .

    ============= SERVICES / DRIVERS ===============

    .

    R0 assd;assd;C:\Windows\System32\drivers\assd.sys [2011-10-28 27264]

    R0 nvpciflt;nvpciflt;C:\Windows\System32\drivers\nvpciflt.sys [2011-10-28 25960]

    R1 ATKWMIACPIIO;ATKWMIACPI Driver;C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [2010-7-26 17024]

    R2 AFBAgent;AFBAgent;C:\Windows\System32\FBAgent.exe [2011-10-28 377264]

    R2 ASMMAP64;ASMMAP64;C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-7-3 15416]

    R2 cvhsvc;Client Virtualization Handler;C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE [2012-1-4 822624]

    R2 sftlist;Application Virtualization Client;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-1 508776]

    R2 TiMiniService;TiMiniService;C:\Program Files\Trend Micro\Titanium\TiMiniService.exe [2010-10-27 241488]

    R2 tmevtmgr;tmevtmgr;C:\Windows\System32\drivers\tmevtmgr.sys [2011-4-13 67664]

    R2 TurboB;Turbo Boost UI Monitor driver;C:\Windows\System32\drivers\TurboB.sys [2010-4-16 13832]

    R2 TurboBoost;Intel® Turbo Boost Technology Monitor;C:\Program Files\Intel\TurboBoost\TurboBoost.exe [2010-4-16 134928]

    R2 UNS;Intel® Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2011-10-28 2655768]

    R2 VideAceWindowsService;VideAceWindowsService;C:\ExpressGateUtil\VAWinService.exe [2011-3-26 91464]

    R3 IntcDAud;Intel® Display Audio;C:\Windows\System32\drivers\IntcDAud.sys [2011-8-12 317440]

    R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;C:\Windows\System32\drivers\L1C62x64.sys [2011-8-12 169584]

    R3 Sftfs;Sftfs;C:\Windows\System32\drivers\Sftfslh.sys [2011-10-1 764264]

    R3 Sftplay;Sftplay;C:\Windows\System32\drivers\Sftplaylh.sys [2011-10-1 268648]

    R3 Sftredir;Sftredir;C:\Windows\System32\drivers\Sftredirlh.sys [2011-10-1 25960]

    R3 Sftvol;Sftvol;C:\Windows\System32\drivers\Sftvollh.sys [2011-10-1 22376]

    R3 sftvsa;Application Virtualization Service Agent;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-1 219496]

    R3 vna_ap;Check Point Virtual Network Adapter - Apollo;C:\Windows\System32\drivers\vnaap.sys [2011-3-1 161256]

    S2 Browser Manager;Browser Manager;C:\ProgramData\Browser Manager\2.3.787.43\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.exe [2012-10-10 2309656]

    S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]

    S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]

    S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-11-9 160944]

    S2 TracSrvWrapper;Check Point Endpoint Security VPN;C:\Program Files (x86)\CheckPoint\Endpoint Connect\TracSrvWrapper.exe [2011-3-1 4306448]

    S3 Amsp;Trend Micro Solution Platform;C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe [2011-4-13 267480]

    S3 fssfltr;fssfltr;C:\Windows\System32\drivers\fssfltr.sys [2011-4-13 48488]

    S3 fsssvc;Windows Live Family Safety Service;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2010-9-23 1493352]

    S3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;C:\Windows\System32\drivers\SiSG664.sys [2009-6-10 56832]

    S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2011-2-18 59392]

    S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2011-2-18 31232]

    S3 WatAdminSvc;Serviço de Tecnologias de Activação do Windows;C:\Windows\System32\Wat\WatAdminSvc.exe [2012-9-10 1255736]

    S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-23 57184]

    .

    =============== Created Last 30 ================

    .

    2013-01-10 23:16:45 -------- d-----w- C:\Users\Leticia\AppData\Local\{4BB6246A-D797-453B-BB16-821A0FB27E79}

    2013-01-09 14:51:11 750592 ----a-w- C:\Windows\System32\win32spl.dll

    2013-01-09 14:51:11 492032 ----a-w- C:\Windows\SysWow64\win32spl.dll

    2013-01-09 14:49:23 424448 ----a-w- C:\Windows\System32\KernelBase.dll

    2013-01-09 14:48:47 68608 ----a-w- C:\Windows\System32\taskhost.exe

    2013-01-09 14:48:45 3149824 ----a-w- C:\Windows\System32\win32k.sys

    2013-01-08 01:24:35 -------- d-----w- C:\Users\Leticia\AppData\Local\{F92C76E6-ECA7-42A0-8BB3-FA018ED5A160}

    2012-12-30 01:02:31 -------- d-----w- C:\Users\Leticia\AppData\Local\{AD074FB7-31EB-447E-97FC-3E558BAAA752}

    2012-12-27 14:13:09 105984 ----a-w- C:\Users\Leticia\mediaenchx326.dll

    2012-12-23 00:19:32 -------- d-----w- C:\Users\Leticia\AppData\Local\{3E5E6B84-8F43-4D1F-9FD8-3666EE0F84F5}

    2012-12-22 02:18:04 46080 ----a-w- C:\Windows\System32\atmlib.dll

    2012-12-22 02:18:04 34304 ----a-w- C:\Windows\SysWow64\atmlib.dll

    2012-12-22 02:18:02 367616 ----a-w- C:\Windows\System32\atmfd.dll

    2012-12-22 02:18:00 295424 ----a-w- C:\Windows\SysWow64\atmfd.dll

    2012-12-21 21:03:37 -------- d-----w- C:\Users\Leticia\AppData\Local\{EFA6E80F-3C93-4358-B0DA-3BAA40B1969F}

    2012-12-19 01:59:38 -------- d-----w- C:\Users\Leticia\AppData\Local\{F16AE3A8-4F0E-4C16-A2F6-D68D31FED3E6}

    .

    ==================== Find3M ====================

    .

    2013-01-15 19:23:51 45056 ----a-w- C:\Windows\System32\acovcnt.exe

    2012-12-27 14:08:35 105984 ----a-w- C:\Users\Leticia\mediaenchx325.dll

    2012-12-27 14:06:30 105984 ----a-w- C:\Users\Leticia\mediaenchx324.dll

    2012-12-21 18:54:30 105984 ----a-w- C:\Users\Leticia\mediaenchx323.dll

    2012-12-21 18:54:11 105984 ----a-w- C:\Users\Leticia\mediaenchx322.dll

    2012-12-21 18:54:11 105984 ----a-w- C:\Users\Leticia\mediaenchx321.dll

    2012-12-21 18:54:11 105984 ----a-w- C:\Users\Leticia\mediaenchx32.dll

    2012-12-07 13:20:16 441856 ----a-w- C:\Windows\System32\Wpc.dll

    2012-12-07 13:15:31 2746368 ----a-w- C:\Windows\System32\gameux.dll

    2012-12-07 12:26:17 308736 ----a-w- C:\Windows\SysWow64\Wpc.dll

    2012-12-07 12:20:43 2576384 ----a-w- C:\Windows\SysWow64\gameux.dll

    2012-12-07 11:20:04 30720 ----a-w- C:\Windows\System32\usk.rs

    2012-12-07 11:20:03 43520 ----a-w- C:\Windows\System32\csrr.rs

    2012-12-07 11:20:03 23552 ----a-w- C:\Windows\System32\oflc.rs

    2012-12-07 11:20:01 45568 ----a-w- C:\Windows\System32\oflc-nz.rs

    2012-12-07 11:20:01 44544 ----a-w- C:\Windows\System32\pegibbfc.rs

    2012-12-07 11:20:01 20480 ----a-w- C:\Windows\System32\pegi-fi.rs

    2012-12-07 11:20:00 20480 ----a-w- C:\Windows\System32\pegi-pt.rs

    2012-12-07 11:19:59 20480 ----a-w- C:\Windows\System32\pegi.rs

    2012-12-07 11:19:58 46592 ----a-w- C:\Windows\System32\fpb.rs

    2012-12-07 11:19:57 40960 ----a-w- C:\Windows\System32\cob-au.rs

    2012-12-07 11:19:57 21504 ----a-w- C:\Windows\System32\grb.rs

    2012-12-07 11:19:57 15360 ----a-w- C:\Windows\System32\djctq.rs

    2012-12-07 11:19:56 55296 ----a-w- C:\Windows\System32\cero.rs

    2012-12-07 11:19:55 51712 ----a-w- C:\Windows\System32\esrb.rs

    2012-11-30 05:45:35 362496 ----a-w- C:\Windows\System32\wow64win.dll

    2012-11-30 05:45:35 243200 ----a-w- C:\Windows\System32\wow64.dll

    2012-11-30 05:45:35 13312 ----a-w- C:\Windows\System32\wow64cpu.dll

    2012-11-30 05:45:14 215040 ----a-w- C:\Windows\System32\winsrv.dll

    2012-11-30 05:43:12 16384 ----a-w- C:\Windows\System32\ntvdm64.dll

    2012-11-30 04:54:00 5120 ----a-w- C:\Windows\SysWow64\wow32.dll

    2012-11-30 04:53:59 274944 ----a-w- C:\Windows\SysWow64\KernelBase.dll

    2012-11-30 03:23:48 338432 ----a-w- C:\Windows\System32\conhost.exe

    2012-11-30 02:44:06 25600 ----a-w- C:\Windows\SysWow64\setup16.exe

    2012-11-30 02:44:04 7680 ----a-w- C:\Windows\SysWow64\instnm.exe

    2012-11-30 02:44:04 14336 ----a-w- C:\Windows\SysWow64\ntvdm64.dll

    2012-11-30 02:44:03 2048 ----a-w- C:\Windows\SysWow64\user.exe

    2012-11-30 02:38:59 6144 ---ha-w- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll

    2012-11-30 02:38:59 4608 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll

    2012-11-30 02:38:59 3584 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll

    2012-11-30 02:38:59 3072 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll

    2012-11-22 05:44:23 800768 ----a-w- C:\Windows\System32\usp10.dll

    2012-11-22 04:45:03 626688 ----a-w- C:\Windows\SysWow64\usp10.dll

    2012-11-20 05:48:49 307200 ----a-w- C:\Windows\System32\ncrypt.dll

    2012-11-20 04:51:09 220160 ----a-w- C:\Windows\SysWow64\ncrypt.dll

    2012-11-14 06:11:44 2312704 ----a-w- C:\Windows\System32\jscript9.dll

    2012-11-14 06:04:11 1392128 ----a-w- C:\Windows\System32\wininet.dll

    2012-11-14 06:02:49 1494528 ----a-w- C:\Windows\System32\inetcpl.cpl

    2012-11-14 05:57:46 599040 ----a-w- C:\Windows\System32\vbscript.dll

    2012-11-14 05:57:35 173056 ----a-w- C:\Windows\System32\ieUnatt.exe

    2012-11-14 05:52:40 2382848 ----a-w- C:\Windows\System32\mshtml.tlb

    2012-11-14 02:09:22 1800704 ----a-w- C:\Windows\SysWow64\jscript9.dll

    2012-11-14 01:58:15 1427968 ----a-w- C:\Windows\SysWow64\inetcpl.cpl

    2012-11-14 01:57:37 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll

    2012-11-14 01:49:25 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe

    2012-11-14 01:48:27 420864 ----a-w- C:\Windows\SysWow64\vbscript.dll

    2012-11-14 01:44:42 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb

    2012-11-12 18:12:05 95208 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll

    2012-11-12 18:12:05 821736 ----a-w- C:\Windows\SysWow64\npDeployJava1.dll

    2012-11-12 18:12:05 746984 ----a-w- C:\Windows\SysWow64\deployJava1.dll

    2012-11-09 05:45:09 2048 ----a-w- C:\Windows\System32\tzres.dll

    2012-11-09 04:42:49 2048 ----a-w- C:\Windows\SysWow64\tzres.dll

    2012-11-02 05:59:11 478208 ----a-w- C:\Windows\System32\dpnet.dll

    2012-11-02 05:11:31 376832 ----a-w- C:\Windows\SysWow64\dpnet.dll

    2012-11-01 05:43:42 2002432 ----a-w- C:\Windows\System32\msxml6.dll

    2012-11-01 05:43:42 1882624 ----a-w- C:\Windows\System32\msxml3.dll

    2012-11-01 04:47:54 1389568 ----a-w- C:\Windows\SysWow64\msxml6.dll

    2012-11-01 04:47:54 1236992 ----a-w- C:\Windows\SysWow64\msxml3.dll

    .

    ============= FINISH: 19:28:34,00 ===============

    Obrigada

    Compartilhar este post


    Link para o post
    Compartilhar em outros sites

    Baixe o Kaspersky AVP Tool de um desses 2 links:

    http://devbuilds.kaspersky-labs.com/devbuilds/AVPTool/

    http://dnl-us6.kaspersky-labs.com/devbuilds/AVPTool/

    Você será conduzido a uma página da Kaspersky, solicitando um email para cadastro, nome e sobrenome. Somente o campo "email" é obrigatório.

    Informe seu email depois clique no botão Submit Form.

    A página será recarregada. Clique no botão Download

    Salve-o em sua área de trabalho.

    Execute o arquivo e aguarde a instalação.

    ** Usuários do Windows Vista e Windows 7:

    Clique com o direito sobre o arquivo, depois clique em Executar como administrador

    Na tela do contrato de licença, marque a opção I accept the license agreement e depois clique no botão Start. Aparentemente o programa congela e nada acontece. É normal, apenas aguarde até aparecer a tela inicial do programa, e então clique no ícone Settings:

    KRT_settings.png

    Nesta tela, marque a caixa ao lado de:

    • Meu Computador
    • Disco local (C:)

    Marque também todas as unidades que aparecem abaixo de Disco Local, caso houverem. Depois clique na aba Automatic Scan

    KRT_install2_.png

    De volta à tela inicial do programa, clique no botão Start scanning

    Tenha paciência, é um pouco demorado.

    Quando terminar, caso tenha detectado algo, o programa irá lhe perguntar o que fazer.

    Marque o quadradinho ao lado de Apply to all objects e depois clique em Skip (queremos apenas o log).

    KRT_detection_.png

    Enquanto durar o exame, a tela inicial exibirá uma barra de progresso. Quando terminar, o programa exibirá o status concluído e um botão que ficará na cor laranja, caso nada tenha sido detectado, e na cor vermelha, caso tenha encontrado algo.

    Caso tenha detectado algo, o programa também exibirá uma tela de alerta, avisando que o seu sistema está desprotegido e sugerindo um produto da Kaspersky. Clique no botão No, thanks.

    De volta à tela principal, caso tenha sido detectado algo, então salve o log. Se você fechar o programa e esquecer de salvar o log, terá que repetir todo o scan novamente.

    Para salvar o log, clique no ícone Reports (ao lado do ícone "Settings"). Na próxima janela, clique em Detected Threats, depois clique no ícone de disquete para salvar o log.

    Escolha um local de fácil acesso e salve como log.txt

    Copie todo o conteúdo desse bloco de notas e cole na sua próxima resposta.

    Se nada for detectado, então não precisa salvar o log. Apenas poste aqui avisando.

    Para sair do programa, basta clicar no X no canto superior direito.

    • Curtir 1

    Compartilhar este post


    Link para o post
    Compartilhar em outros sites
  • Autor do tópico
  • Olá,

    obrigada pela resposta rápida e clara :)

    Foi detectado algo, aqui está o log:

    Status: Detected (events: 1)

    17-01-2013 00:57:19 Detected Trojan program Trojan-Downloader.MSIL.Adload.a C:\$Recycle.Bin\S-1-5-21-4291494362-3841884207-1307558562-1001\$RNSZKLZ.exe High

    Compartilhar este post


    Link para o post
    Compartilhar em outros sites

    Está na lixeira.

    O problema inicial persiste?

    • Curtir 1

    Compartilhar este post


    Link para o post
    Compartilhar em outros sites
  • Autor do tópico
  • Sim, o problema persiste, isto ocorre quando estou navegando pela biblioteca do laptop (imagens, documentos, músicas). As teclas de acesso rápido (fn + algo) para aumentar ou diminuir o volume, por exemplo, também pararam de funcionar semana passada.

    Compartilhar este post


    Link para o post
    Compartilhar em outros sites

    Isso não tem relação com malware. Veja os drivers que acompanham o notebook e reinstale. Caso o problema persista, recomendo que poste em Notebooks.

    • Curtir 1

    Compartilhar este post


    Link para o post
    Compartilhar em outros sites
  • Autor do tópico
  • Certo, realmente achei que fosse pois começou de repente, muito obrigada pela ajuda de qualquer forma :)

    Compartilhar este post


    Link para o post
    Compartilhar em outros sites

    Caso o autor do tópico necessite, o mesmo será reaberto, para isso deverá entrar em contato com a moderação solicitando o desbloqueio.

    Compartilhar este post


    Link para o post
    Compartilhar em outros sites
    Visitante
    Este tópico está impedido de receber novos posts.
    Entre para seguir isso  





    Sobre o Clube do Hardware

    No ar desde 1996, o Clube do Hardware é uma das maiores, mais antigas e mais respeitadas publicações sobre tecnologia do Brasil. Leia mais

    Direitos autorais

    Não permitimos a cópia ou reprodução do conteúdo do nosso site, fórum, newsletters e redes sociais, mesmo citando-se a fonte. Leia mais

    ×