Ir ao conteúdo
  • Comunicados

    • diego_moicano

      Gostaria de se tornar um analista em Remoção de Malware?   07-12-2015

      Gostaria de se tornar um analista em Remoção de Malware? O Fórum Clube do Hardware deu início a um programa de treinamento em análises de log. Os interessados deverão enviar um email para aprendizes (arroba) clubedohardware (ponto) com (ponto) br respondendo as seguintes perguntas: Por que você gostaria de aprender a analisar logs? Possui tempo hábil para o treinamento? Tem conhecimentos em informática? Se sim descreva-os. Possui inglês para leitura? Qual seu objetivo após completar o treinamento?   Não se esqueça de incluir no e-mail o seu nome de usuário (fornecer o link também), idade e cidade onde vive. Adicione também qualquer experiência e/ou razão sobre o porquê você seria um bom Analista. É digno de nota que apenas os que forem selecionados receberão resposta por MP (Mensagem Pessoal), não existe um padrão na escolha dos futuros aprendizes, todos os e-mails serão lidos e serão analisados de forma imparcial, portanto não será permitido reclamações neste aspecto. O treinamento é dado no próprio fórum. Quando um aprendiz é selecionado ele é movido para um novo grupo, onde terá acesso a fóruns fechados para os demais usuários onde poderá dar inicio ao seu treinamento. Importante: A cada 30 dias os e-mails não selecionados serão apagados, portanto você pode enviar um novo e-mail após 1 mês, e-mails enviados antes serão desconsiderados.  
    • Gabriel Torres

      Seja um moderador do Clube do Hardware!   12-02-2016

      Prezados membros do Clube do Hardware, Está aberto o processo de seleção de novos moderadores para diversos setores ou áreas do Clube do Hardware. Os requisitos são:   Pelo menos 500 posts e um ano de cadastro; Boa frequência de participação; Ser respeitoso, cordial e educado com os demais membros; Ter bom nível de português; Ter razoável conhecimento da área em que pretende atuar; Saber trabalhar em equipe (com os moderadores, coordenadores e administradores).   Os interessados deverão enviar uma mensagem privada para o usuário @Equipe Clube do Hardware com o título "Candidato a moderador". A mensagem deverá conter respostas às perguntas abaixo:   Qual o seu nome completo? Qual sua data de nascimento? Qual sua formação/profissão? Já atuou como moderador em algo outro fórum, se sim, qual? De forma sucinta, explique o porquê de querer ser moderador do fórum e conte-nos um pouco sobre você.   OBS: Não se trata de função remunerada. Todos que fazem parte do staff são voluntários.
Entre para seguir isso  
fvdentista

Qvo6, não consigo deletar.

Recommended Posts

Bom dia amigos! Tive meu navegador sequestrado pelo Qvo6 e não tive êxito na remoção. Peço a ajuda de vocês, por gentileza. Obrigado!

DDS (Ver_2012-11-20.01) - NTFS_AMD64

Internet Explorer: 9.0.8112.16483 BrowserJavaVersion: 10.21.2

Run by Fabio at 11:31:45 on 2013-06-08

Microsoft Windows 7 Home Premium 6.1.7601.1.1252.55.1046.18.4086.2301 [GMT -3:00]

.

AV: Microsoft Security Essentials *Disabled/Updated* {3F839487-C7A2-C958-E30C-E2825BA31FB5}

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

SP: Microsoft Security Essentials *Disabled/Updated* {84E27563-E198-C6D6-D9BC-D9F020245508}

.

============== Running Processes ===============

.

C:\Windows\system32\lsm.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\PROGRA~2\GbPlugin\GbpSv.exe

C:\Windows\system32\svchost.exe -k RPCSS

c:\Program Files\Microsoft Security Client\MsMpEng.exe

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k NetworkService

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Windows\System32\spoolsv.exe

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Windows\system32\taskhost.exe

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\Windows\SysWOW64\svchost.exe -k hpdevmgmt

C:\Windows\System32\svchost.exe -k HPZ12

C:\Windows\System32\svchost.exe -k HPZ12

C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe

C:\Windows\system32\svchost.exe -k imgsvc

C:\Program Files (x86)\WebCake\WebCakeDesktop.Updater.exe

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe

C:\Windows\System32\alg.exe

C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

C:\Windows\RAVCpl64.exe

C:\Windows\System32\igfxpers.exe

C:\Windows\System32\igfxtray.exe

C:\Windows\System32\hkcmd.exe

C:\Windows\system32\igfxsrvc.exe

C:\Program Files\Microsoft Security Client\msseces.exe

C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe

C:\Users\Fabio\AppData\Roaming\WebCake\WebCakeDesktop.exe

C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe

C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe

C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

C:\Program Files\Synaptics\SynTP\SynTPHelper.exe

C:\Windows\system32\SearchIndexer.exe

C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe

C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe

C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe

C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe

C:\Program Files (x86)\PC Connectivity Solution\Transports\NclUSBSrv64.exe

C:\Program Files (x86)\PC Connectivity Solution\Transports\NclMSBTSrvEx.exe

C:\Windows\system32\svchost.exe -k WindowsMobile

C:\Program Files\Windows Media Player\wmpnetwk.exe

C:\Windows\system32\svchost.exe -k bthsvcs

C:\Windows\system32\svchost.exe -k SDRSVC

C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalServicePeerNet

C:\Program Files (x86)\Nero\Update\NASvc.exe

C:\Program Files (x86)\Nero\Update\NANotify.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Windows\System32\cscript.exe

.

============== Pseudo HJT Report ===============

.

uStart Page = hxxp://www.google.com.br/

uDefault_Page_URL = hxxp://www.qvo6.com/?utm_source=b&utm_medium=ild&from=ild&uid=WDCXWD3200BEVT-22ZCT0_WD-WXE309K6C0136C013&ts=1370628145

mStart Page = hxxp://www.qvo6.com/?utm_source=b&utm_medium=ild&from=ild&uid=WDCXWD3200BEVT-22ZCT0_WD-WXE309K6C0136C013&ts=1370628145

mSearch Bar = hxxp://www.google.com

mDefault_Page_URL = hxxp://www.qvo6.com/?utm_source=b&utm_medium=ild&from=ild&uid=WDCXWD3200BEVT-22ZCT0_WD-WXE309K6C0136C013&ts=1370628145

mSearchAssistant = hxxp://search.qvo6.com/web/?utm_source=b&utm_medium=ild&from=ild&uid=WDCXWD3200BEVT-22ZCT0_WD-WXE309K6C0136C013&ts=3211331

mCustomizeSearch = hxxp://search.qvo6.com/web/?utm_source=b&utm_medium=ild&from=ild&uid=WDCXWD3200BEVT-22ZCT0_WD-WXE309K6C0136C013&ts=3211331

uURLSearchHooks: {f999a48b-1950-4d81-9971-79018f807b4b} - <orphaned>

uURLSearchHooks: {4e8f6cb8-79e6-4def-8f44-6ffd56e07774} - <orphaned>

uURLSearchHooks: {df4e216e-948b-43d9-8268-f6e1b73d6c08} - <orphaned>

BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - <orphaned>

BHO: HP Print Enhancer: {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll

BHO: Plus-HD-2.2: {11111111-1111-1111-1111-110311301136} - C:\Program Files (x86)\Plus-HD-2.2\Plus-HD-2.2-bho.dll

BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

BHO: WebCake: {2A5A2A90-3B30-4E6E-A955-2F232C6EF517} - C:\Program Files (x86)\WebCake\WebCakeIEClient.dll

BHO: Search Helper: {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll

BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll

BHO: Auxiliar de Conexão do Windows Live ID: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

BHO: Windows Live Messenger Companion Helper: {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll

BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll

BHO: Google Toolbar Notifier BHO: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll

BHO: GbIehObj Class: {C41A1C0E-EA6C-11D4-B1B8-444553540000} - C:\PROGRAM FILES (X86)\GbPlugin\gbieh.dll

BHO: GbIehObj Class: {C41A1C0E-EA6C-11D4-B1B8-444553540024} - C:\Program Files (x86)\GbPlugin\gbiehtec.dll

BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll

BHO: HP Smart BHO Class: {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll

TB: Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll

TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll

EB: HP Smart Web Printing: {555D4D79-4BD2-4094-A395-CFC534424A05} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_bho.dll

uRun: [iSUSPM Startup] "C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe" -startup

uRun: [ehTray.exe] C:\Windows\ehome\ehTray.exe

uRun: [NokiaSuite.exe] C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe -tray

uRun: [WebCake Desktop] "C:\Users\Fabio\AppData\Roaming\WebCake\WebCakeDesktop.exe"

mRun: [iSUSScheduler] "C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe" -start

mRun: [hpqSRMon] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe

mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"

mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

dRun: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background

dRunOnce: [Del7624093] cmd.exe /Q /D /c del "C:\Windows\TEMP\0.del"

dRunOnce: [Del3754062] cmd.exe /Q /D /c del "C:\Windows\TEMP\0.del"

dRunOnce: [Del5210265] cmd.exe /Q /D /c del "C:\Windows\TEMP\0.del"

StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\HPDIGI~1.LNK - C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe

uPolicies-Explorer: NoDriveTypeAutoRun = dword:149

uPolicies-Explorer: NoDrives = dword:0

mPolicies-Explorer: BindDirectlyToPropertySetStorage = dword:0

mPolicies-Explorer: NoDrives = dword:0

mPolicies-System: ConsentPromptBehaviorAdmin = dword:5

mPolicies-System: ConsentPromptBehaviorUser = dword:3

mPolicies-System: EnableUIADesktopToggle = dword:0

IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll

IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

IE: {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll

IE: {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll

IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}

IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll

DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} - C:\Program Files (x86)\Yahoo!\Common\Yinsthelper.dll

DPF: {D4323BF2-006A-4440-A2F5-27E3E7AB25F8} - hxxp://3dlifeplayer.dl.3dvia.com/player/install/3DVIA_player_installer.exe

DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

TCP: NameServer = 192.168.2.1

TCP: Interfaces\{1135D01D-AADE-4A21-B974-CA1D86482820} : NameServer = 201.10.1.2,201.10.120.3

TCP: Interfaces\{1135D01D-AADE-4A21-B974-CA1D86482820} : DHCPNameServer = 192.168.2.1

TCP: Interfaces\{64AD740B-AD46-4DCB-A6F7-361941CA69E1} : DHCPNameServer = 192.168.2.1

TCP: Interfaces\{64AD740B-AD46-4DCB-A6F7-361941CA69E1}\14E64627F6964684F6473707F64733933363 : DHCPNameServer = 192.168.43.1

TCP: Interfaces\{64AD740B-AD46-4DCB-A6F7-361941CA69E1}\34F6E6563757C602D4F64656C69637D6F6 : DHCPNameServer = 10.1.1.1

TCP: Interfaces\{64AD740B-AD46-4DCB-A6F7-361941CA69E1}\D495D41485136366567336 : DHCPNameServer = 192.168.1.253

Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll

Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

Notify: GbPluginBb - C:\Program Files (x86)\GbPlugin\gbieh.dll

Notify: GbPluginTec - C:\Program Files (x86)\GbPlugin\gbiehTec.dll

SEH: GbPluginObj Class - {E37CB5F0-51F5-4395-A808-5FA49E399F83} - C:\PROGRAM FILES (X86)\GbPlugin\gbieh.dll

SEH: GbPluginObj Class - {E37CB5F0-51F5-4395-A808-5FA49E399024} - C:\Program Files (x86)\GbPlugin\gbiehtec.dll

mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.110\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome

x64-mStart Page = hxxp://www.qvo6.com/?utm_source=b&utm_medium=ild&from=ild&uid=WDCXWD3200BEVT-22ZCT0_WD-WXE309K6C0136C013&ts=1370628145

x64-mDefault_Page_URL = hxxp://www.qvo6.com/?utm_source=b&utm_medium=ild&from=ild&uid=WDCXWD3200BEVT-22ZCT0_WD-WXE309K6C0136C013&ts=1370628145

x64-mSearchAssistant = hxxp://search.qvo6.com/web/?utm_source=b&utm_medium=ild&from=ild&uid=WDCXWD3200BEVT-22ZCT0_WD-WXE309K6C0136C013&ts=3211331

x64-mCustomizeSearch = hxxp://search.qvo6.com/web/?utm_source=b&utm_medium=ild&from=ild&uid=WDCXWD3200BEVT-22ZCT0_WD-WXE309K6C0136C013&ts=3211331

x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

x64-BHO: Google Toolbar Notifier BHO: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg64.dll

x64-BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll

x64-Run: [Windows Mobile Device Center] C:\Windows\WindowsMobile\wmdc.exe

x64-Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

x64-Run: [skytel] Skytel.exe

x64-Run: [RtHDVCpl] RAVCpl64.exe

x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe

x64-Run: [igfxTray] C:\Windows\System32\igfxtray.exe

x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe

x64-Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey

x64-DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab

x64-DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab

x64-DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab

x64-DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab

x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>

x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>

x64-Notify: igfxcui - igfxdev.dll

.

============= SERVICES / DRIVERS ===============

.

R0 MpFilter;Microsoft Malware Protection Driver;C:\Windows\System32\drivers\MpFilter.sys [2013-1-20 230320]

R0 O2MDRDR;O2MDRDR;C:\Windows\System32\drivers\o2mdx64.sys [2009-4-29 48640]

R0 PxHlpa64;PxHlpa64;C:\Windows\System32\drivers\PxHlpa64.sys [2009-7-29 53488]

R2 GbpSv;Gbp Service;C:\PROGRA~2\GbPlugin\GbpSv.exe [2013-5-29 410152]

R2 NAUpdate;Nero Update;C:\Program Files (x86)\Nero\Update\NASvc.exe [2012-7-13 769432]

R2 WebCake Desktop Updater;WebCake Desktop Updater;C:\Program Files (x86)\WebCake\WebCakeDesktop.Updater.exe [2013-6-7 23552]

R3 netw5v64;Driver de adaptador Intel® Wireless WiFi Link 5000 Series para Windows Vista 64 Bits;C:\Windows\System32\drivers\netw5v64.sys [2009-6-10 5434368]

R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2009-3-1 187392]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]

S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]

S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-7-13 160944]

S3 BthAvrcp;Perfil AVRCP do Bluetooth;C:\Windows\System32\drivers\BthAvrcp.sys [2009-8-13 29184]

S3 EverestDriver;Lavalys EVEREST Kernel Driver;C:\Users\Fabio\AppData\Local\Temp\EverestDriver.sys [2012-12-4 25216]

S3 fssfltr;fssfltr;C:\Windows\System32\drivers\fssfltr.sys [2012-4-16 48488]

S3 fsssvc;Windows Live Family Safety Service;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2012-3-8 1492840]

S3 NisDrv;Microsoft Network Inspection System;C:\Windows\System32\drivers\NisDrvWFP.sys [2012-3-20 130008]

S3 NisSrv;Inspeção de Rede da Microsoft;C:\Program Files\Microsoft Security Client\NisSrv.exe [2013-1-27 379360]

S3 nmwcdnsucx64;Nokia USB Flashing Generic;C:\Windows\System32\drivers\nmwcdnsucx64.sys [2012-1-9 12800]

S3 nmwcdnsux64;Nokia USB Flashing Phone Parent;C:\Windows\System32\drivers\nmwcdnsux64.sys [2012-1-9 171008]

S3 RTL8192cu;Realtek RTL8192CU Wireless LAN 802.11n USB 2.0 Network Adapter;C:\Windows\System32\drivers\RTL8192cu.sys [2010-8-12 748648]

S3 s916mdfl;Sony Ericsson Device 916 USB WMC Modem Filter;C:\Windows\System32\drivers\s916mdfl.sys [2009-10-1 19496]

S3 s916mdm;Sony Ericsson Device 916 USB WMC Modem Driver;C:\Windows\System32\drivers\s916mdm.sys [2009-10-1 145448]

S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2011-6-18 59392]

S3 WatAdminSvc;Serviço de Tecnologias de Ativação do Windows;C:\Windows\System32\Wat\WatAdminSvc.exe [2010-5-13 1255736]

S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]

.

=============== File Associations ===============

.

FileExt: .txt: Applications\iexplore.exe="C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" %1 [userChoice]

FileExt: .inf: inffile=C:\Windows\SysWow64\NOTEPAD.EXE %1

FileExt: .vbe: VBEFile=C:\Windows\SysWow64\WScript.exe "%1" %*

FileExt: .vbs: VBSFile=C:\Windows\SysWow64\WScript.exe "%1" %*

FileExt: .js: JSFile=C:\Windows\SysWow64\WScript.exe "%1" %*

.

=============== Created Last 30 ================

.

2013-06-08 13:50:50 -------- d-----w- C:\Program Files (x86)\Nero

2013-06-08 13:49:09 248672 ----a-w- C:\Windows\SysWow64\d3dx11_43.dll

2013-06-07 23:20:55 470880 ----a-w- C:\Windows\SysWow64\d3dx10_43.dll

2013-06-07 23:20:16 1998168 ----a-w- C:\Windows\SysWow64\D3DX9_43.dll

2013-06-07 23:19:35 1868128 ----a-w- C:\Windows\SysWow64\d3dcsx_43.dll

2013-06-07 23:18:59 2106216 ----a-w- C:\Windows\SysWow64\D3DCompiler_43.dll

2013-06-07 22:22:28 -------- d-----w- C:\Users\Fabio\AppData\Roaming\ProgSense

2013-06-07 22:22:28 -------- d-----w- C:\Downloads

2013-06-07 22:20:40 -------- d-----w- C:\Users\Fabio\AppData\Roaming\WebCake

2013-06-07 20:36:29 -------- d-----w- C:\Program Files (x86)\Free DVD to AVI MP4 WMV MPEG 3GP FLV Converter

2013-06-07 18:44:41 -------- d-----w- C:\Program Files (x86)\Conduit

2013-06-07 18:42:34 -------- d-----w- C:\Users\Fabio\AppData\Roaming\Free DVD to AVI MP4 WMV MPEG 3GP FLV Converter

2013-06-07 18:00:54 -------- d-----w- C:\Users\Fabio\AppData\Roaming\eIntaller

2013-06-07 18:00:36 -------- d-----w- C:\Program Files (x86)\WebCake

2013-06-07 18:00:17 -------- d-----w- C:\ProgramData\Tarma Installer

2013-06-07 17:59:18 -------- d-----w- C:\Program Files (x86)\Plus-HD-2.2

2013-06-07 17:57:59 -------- d-----w- C:\Users\Fabio\AppData\Local\PutLockerDownloader

2013-06-07 17:51:09 -------- d-----w- C:\Users\Fabio\AppData\Local\Aiseesoft Studio

2013-06-07 00:48:43 -------- d-----w- C:\Users\Fabio\AppData\Local\{D5A01D8B-932E-428B-840B-C5F827D2285C}

2013-06-06 22:51:16 9460464 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{69DB8842-BB4C-45A4-A581-501B358209A4}\mpengine.dll

2013-06-06 15:37:45 -------- d-----w- C:\Users\Fabio\AppData\Local\{23ACE311-0432-45A1-8481-F180314187B9}

2013-06-05 16:56:01 9460464 ------w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll

2013-06-03 22:36:46 -------- d-----w- C:\Users\Fabio\AppData\Local\{E2E5DD1C-E99A-48FC-8A6E-036A0054A931}

2013-06-02 23:03:20 -------- d-----w- C:\Users\Fabio\AppData\Local\{AF967C25-5AAE-48FB-9CEC-A8E8D1FD4F91}

2013-05-29 23:30:23 -------- d-----w- C:\Users\Fabio\AppData\Local\{3EF40827-24CA-4D42-8D9E-DB57FA3CDD74}

2013-05-29 16:40:52 -------- d-----w- C:\Users\Fabio\AppData\Local\{0016E4D2-BE02-446A-8F59-EC995C2DDB22}

2013-05-26 23:44:42 -------- d-----w- C:\Users\Fabio\AppData\Local\{FDA428C9-39BB-4660-A98C-C9F50E632450}

2013-05-25 12:59:47 -------- d-----w- C:\Users\Fabio\AppData\Local\{AD35CFD8-0E60-4C55-94A1-68FCC94C0A29}

2013-05-23 23:24:36 -------- d-----w- C:\Users\Fabio\AppData\Local\{E3EE549A-4083-44E3-A35D-33FC052232C9}

2013-05-22 16:38:46 -------- d-----w- C:\Users\Fabio\AppData\Local\{FF01502D-C7E2-4F2A-ACE3-740608FE1FD2}

2013-05-21 13:54:35 964552 ------w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{09E88B74-78F3-455E-B3DE-DA59C0AD803B}\gapaengine.dll

2013-05-19 18:59:50 -------- d-----w- C:\Users\Fabio\AppData\Local\{49588E6E-605C-4F4B-AD6B-A4298584CA18}

2013-05-16 22:22:54 2382848 ----a-w- C:\Windows\System32\mshtml.tlb

2013-05-16 22:22:53 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb

2013-05-15 14:00:38 983400 ----a-w- C:\Windows\System32\drivers\dxgkrnl.sys

2013-05-15 14:00:38 265064 ----a-w- C:\Windows\System32\drivers\dxgmms1.sys

2013-05-15 14:00:38 144384 ----a-w- C:\Windows\System32\cdd.dll

2013-05-15 14:00:09 1930752 ----a-w- C:\Windows\System32\authui.dll

2013-05-15 14:00:07 1796096 ----a-w- C:\Windows\SysWow64\authui.dll

2013-05-15 14:00:07 111448 ----a-w- C:\Windows\System32\consent.exe

2013-05-15 14:00:06 70144 ----a-w- C:\Windows\System32\appinfo.dll

2013-05-15 13:59:53 48640 ----a-w- C:\Windows\System32\wwanprotdim.dll

2013-05-15 13:59:53 230400 ----a-w- C:\Windows\System32\wwansvc.dll

2013-05-15 13:59:52 3153920 ----a-w- C:\Windows\System32\win32k.sys

2013-05-13 00:23:57 -------- d-----w- C:\Users\Fabio\AppData\Local\{67EBE8B5-D1CF-4778-B51A-44898B50B700}

2013-05-09 23:40:56 -------- d-----w- C:\Users\Fabio\AppData\Local\{B03C3581-FAAC-491B-8A91-645016312504}

.

==================== Find3M ====================

.

2013-05-14 23:33:56 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl

2013-05-14 23:33:56 692104 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe

2013-05-04 15:53:06 95648 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll

2013-05-04 15:53:00 866720 ----a-w- C:\Windows\SysWow64\npDeployJava1.dll

2013-05-04 15:53:00 788896 ----a-w- C:\Windows\SysWow64\deployJava1.dll

2013-05-02 15:29:56 278800 ------w- C:\Windows\System32\MpSigStub.exe

2013-04-13 05:49:23 135168 ----a-w- C:\Windows\apppatch\AppPatch64\AcXtrnal.dll

2013-04-13 05:49:19 350208 ----a-w- C:\Windows\apppatch\AppPatch64\AcLayers.dll

2013-04-13 05:49:19 308736 ----a-w- C:\Windows\apppatch\AppPatch64\AcGenral.dll

2013-04-13 05:49:19 111104 ----a-w- C:\Windows\apppatch\AppPatch64\acspecfc.dll

2013-04-13 04:45:16 474624 ----a-w- C:\Windows\apppatch\AcSpecfc.dll

2013-04-13 04:45:15 2176512 ----a-w- C:\Windows\apppatch\AcGenral.dll

2013-04-12 14:45:08 1656680 ----a-w- C:\Windows\System32\drivers\ntfs.sys

2013-04-05 01:08:44 2312704 ----a-w- C:\Windows\System32\jscript9.dll

2013-04-05 01:00:30 1392128 ----a-w- C:\Windows\System32\wininet.dll

2013-04-05 00:59:24 1494528 ----a-w- C:\Windows\System32\inetcpl.cpl

2013-04-05 00:56:16 173056 ----a-w- C:\Windows\System32\ieUnatt.exe

2013-04-05 00:55:47 599040 ----a-w- C:\Windows\System32\vbscript.dll

2013-04-04 22:11:34 1800704 ----a-w- C:\Windows\SysWow64\jscript9.dll

2013-04-04 22:02:59 1427968 ----a-w- C:\Windows\SysWow64\inetcpl.cpl

2013-04-04 22:02:17 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll

2013-04-04 21:58:51 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe

2013-04-04 21:57:45 420864 ----a-w- C:\Windows\SysWow64\vbscript.dll

2013-04-04 17:50:32 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys

2013-03-19 06:04:06 5550424 ----a-w- C:\Windows\System32\ntoskrnl.exe

2013-03-19 05:46:56 43520 ----a-w- C:\Windows\System32\csrsrv.dll

2013-03-19 05:04:13 3968856 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe

2013-03-19 05:04:10 3913560 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe

2013-03-19 04:47:50 6656 ----a-w- C:\Windows\SysWow64\apisetschema.dll

2013-03-19 03:06:33 112640 ----a-w- C:\Windows\System32\smss.exe

.

============= FINISH: 11:33:20,45 ===============

.

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

.

DDS (Ver_2012-11-20.01)

.

Microsoft Windows 7 Home Premium

Boot Device: \Device\HarddiskVolume1

Install Date: 11/05/2010 19:01:16

System Uptime: 08/06/2013 09:24:28 (2 hours ago)

.

Motherboard: Intel Corp. | | Base Board Product Name

Processor: Intel® Core2 Duo CPU T6400 @ 2.00GHz | CPU | 2000/800mhz

.

==== Disk Partitions =========================

.

C: is FIXED (NTFS) - 298 GiB total, 132,123 GiB free.

D: is CDROM ()

.

==== Disabled Device Manager Items =============

.

Class GUID: {6bdd1fc6-810f-11d0-bec7-08002be2092f}

Description: Lexmark X422

Device ID: ROOT\IMAGE\0000

Manufacturer: Lexmark

Name: Lexmark X422

PNP Device ID: ROOT\IMAGE\0000

Service: usbscan

.

==== System Restore Points ===================

.

RP655: 29/05/2013 13:17:19 - Windows Update

RP656: 02/06/2013 20:20:30 - Windows Update

RP657: 06/06/2013 19:50:20 - Windows Update

RP658: 07/06/2013 18:13:23 - Installed Nero 9 Lite 4.4.9.0

RP659: 07/06/2013 18:17:37 - Removed Nero 9 Lite 4.4.9.0

RP660: 07/06/2013 20:18:18 - DirectX instalado

RP661: 07/06/2013 20:19:07 - DirectX instalado

RP662: 07/06/2013 20:19:41 - DirectX instalado

RP663: 07/06/2013 20:20:20 - DirectX instalado

RP664: 08/06/2013 10:48:24 - DirectX instalado

RP665: 08/06/2013 10:50:15 - Installed Nero 12.

RP666: 08/06/2013 11:05:31 - Installed Nero 12 Content Pack.

.

==== Installed Programs ======================

.

3DVIA player 5.0

64 Bit HP CIO Components Installer

Adobe Flash Player 11 ActiveX

Adobe Reader 9.5.4 - Português

Ares 2.1.2

Arquivo do WinRAR

Ashampoo Burning Studio 2012 v10.0.15

Ashampoo Slideshow Studio 2010

aTube Catcher

Audacity 1.3.12 (Unicode)

Bluetooth Stack for Windows by Toshiba

BR

BufferChm

CCleaner

Chicken Invaders v1.30

Controle ActiveX do Windows Live Mesh para Conexões Remotas

Copy

CorelDRAW Graphics Suite X3

CustomerResearchQFolder

D3DX10

Destination Component

DeviceDiscovery

DeviceManagementQFolder

DJ_AIO_03_F4200_ProductContext

DJ_AIO_03_F4200_Software

DJ_AIO_03_F4200_Software_Min

DVD Shrink 3.2

eSupportQFolder

F4200

F4200_Help

FontNav

Fotosizer 1.32

Free DVD to AVI MP4 WMV MPEG 3GP FLV Converter 2.8.9

Google Chrome

Google SketchUp 8

Google Toolbar for Internet Explorer

Google Update Helper

GPBaseService

GPBaseService2

HP Customer Participation Program 10.0

HP Deskjet F4200 All-In-One Driver Software 10.0 Rel .3

HP Imaging Device Functions 10.0

HP Photosmart Essential 2.5

HP Smart Web Printing 4.60

HP Solution Center 13.0

HP Update

HPProductAssistant

HPSSupply

Intel® Graphics Media Accelerator Driver

Java 7 Update 21

Java Auto Updater

Java 6 Update 29 (64-bit)

Junk Mail filter update

K-Lite Codec Pack 5.2.0 (Full)

LAME v3.98.2 for Audacity

Malwarebytes Anti-Malware versão 1.75.0.1300

MarketResearch

Mesh Runtime

Messenger Companion

Microsoft .NET Framework 4 Client Profile

Microsoft .NET Framework 4 Client Profile PTB Language Pack

Microsoft Application Error Reporting

Microsoft Office File Validation Add-In

Microsoft Office Outlook Connector

Microsoft Office Professional Edição 2003

Microsoft Search Enhancement Pack

Microsoft Security Client

Microsoft Security Essentials

Microsoft Silverlight

Microsoft SQL Server 2005 Compact Edition [ENU]

Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053

Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053

Microsoft Visual C++ 2005 Redistributable

Microsoft Visual C++ 2005 Redistributable (x64)

Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175

Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219

Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219

Microsoft_VC100_CRT_SP1_x64

Microsoft_VC100_CRT_SP1_x86

MSVC80_x64_v2

MSVC80_x86_v2

MSVC90_x64

MSVC90_x86

MSVCRT

MSVCRT_amd64

MSVCSetup

MSXML 4.0 SP2 (KB954430)

MSXML 4.0 SP2 (KB973688)

Nero 12

Nero 12 Content Pack

Nero Abstract Themes

Nero Audio Pack 1

Nero BackItUp

Nero BackItUp Help (CHM)

Nero Blu-ray Player

Nero Blu-ray Player Help (CHM)

Nero Burning ROM

Nero Burning ROM Help (CHM)

Nero Cliparts

Nero ControlCenter

Nero ControlCenter Help (CHM)

Nero Core Components

Nero Disc Menus 1

Nero Disc Menus 2

Nero Disc Menus 3

Nero Disc Menus Basic

Nero Effects Basic

Nero Express

Nero Express Help (CHM)

Nero Family and Events Themes

Nero Football (Soccer) Themes

Nero Holiday and Sports Themes

Nero Image Samples

Nero Kwik Media

Nero Kwik Media Help (CHM)

Nero Kwik Themes Basic

Nero PiP Effects 1

Nero PiP Effects Basic

Nero Platinum Effects 12

Nero Recode

Nero Recode Help (CHM)

Nero RescueAgent

Nero RescueAgent Help (CHM)

Nero Retro Film Themes

Nero SharedVideoCodecs

Nero Update

Nero Video

Nero Video Help (CHM)

Nero Video Samples

Nero Video Transitions 1

neroxml

Nokia Connectivity Cable Driver

Nokia Suite

Pacote de Compatibilidade para o sistema Office 2007

Pacote de Driver do Windows - Nokia pccsmcfd LegacyDriver (05/31/2012 7.1.2.0)

Pacote de Idiomas do Microsoft .NET Framework 3.5 SP1 - PTB

Pacote de Idiomas do Microsoft .NET Framework 4 Client Profile - Português (Brasil)

PC Connectivity Solution

PDFTK Builder 3.5.3

Plus-HD-2.2

Prerequisite installer

Primo

PSSWCORE

Realtek 8169 PCI, 8168 and 8101E PCIe Ethernet Network Card Driver for Windows Vista

Realtek High Definition Audio Driver

Runtime

Scan

Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2804576)

Security Update for Pacote de Idiomas do Microsoft .NET Framework 4 Client Profile - Português (Brasil) (KB2478663)

Security Update for Pacote de Idiomas do Microsoft .NET Framework 4 Client Profile - Português (Brasil) (KB2518870)

Shop for HP Supplies

Skype™ 5.10

SmartWebPrinting

SolutionCenter

Status

Synaptics Pointing Device Driver

Toolbox

TrayApp

Tux Paint (remove only)

Uninstall 1.0.0.1

Unity Web Player

UnloadSupport

Update for Microsoft .NET Framework 4 Client Profile (KB2468871)

Update for Microsoft .NET Framework 4 Client Profile (KB2473228)

Update for Microsoft .NET Framework 4 Client Profile (KB2533523)

Update for Microsoft .NET Framework 4 Client Profile (KB2600217)

Update Manager

VBA

VideoToolkit01

Visual C++ 8.0 CRT (x86) WinSXS mesmo

WebCake 3.00

WebReg

Welcome App (Start-up experience)

Windows Live Communications Platform

Windows Live Essentials

Windows Live Family Safety

Windows Live Galeria de Fotos

Windows Live ID Sign-in Assistant

Windows Live Installer

Windows Live Language Selector

Windows Live Mail

Windows Live Mesh

Windows Live Messenger

Windows Live Messenger Companion Core

Windows Live MIME IFilter

Windows Live Movie Maker

Windows Live Photo Common

Windows Live Photo Gallery

Windows Live PIMT Platform

Windows Live Remote Client

Windows Live Remote Client Resources

Windows Live Remote Service

Windows Live Remote Service Resources

Windows Live SOXE

Windows Live SOXE Definitions

Windows Live Sync

Windows Live UX Platform

Windows Live UX Platform Language Pack

Windows Live Writer

Windows Live Writer Resources

Windows Mobile Device Center

Windows Movie Maker 2.6

Yahoo! Install Manager

Youtube To MP3 4.15

.

==== End Of File ===========================

GMER 2.1.19163 - http://www.gmer.net

Rootkit scan 2013-06-09 11:38:23

Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP2T0L0-4 WDC_WD3200BEVT-22ZCT0 rev.11.01A11 298,09GB

Running: gmer.exe; Driver: C:\Users\Fabio\AppData\Local\Temp\uwtoypog.sys

---- Kernel code sections - GMER 2.1 ----

.text C:\Windows\system32\DRIVERS\USBPORT.SYS!DllUnload fffff88002e28d64 12 bytes {MOV RAX, 0xfffffa80051592a0; JMP RAX}

---- User code sections - GMER 2.1 ----

.text C:\PROGRA~2\GbPlugin\GbpSv.exe[776] C:\Windows\syswow64\kernel32.dll!FreeLibrary 00000000757434a8 5 bytes JMP 000000013f898135

.text C:\PROGRA~2\GbPlugin\GbpSv.exe[776] C:\Windows\syswow64\kernel32.dll!FreeLibraryAndExitThread 000000007575d56a 5 bytes JMP 000000013f8980ad

.text C:\PROGRA~2\GbPlugin\GbpSv.exe[776] C:\Windows\syswow64\psapi.dll!GetModuleInformation + 69 0000000076bd1465 2 bytes [bD, 76]

.text C:\PROGRA~2\GbPlugin\GbpSv.exe[776] C:\Windows\syswow64\psapi.dll!GetModuleInformation + 155 0000000076bd14bb 2 bytes [bD, 76]

.text ... * 2

.text C:\Users\Fabio\AppData\Roaming\WebCake\WebCakeDesktop.exe[2264] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000076bd1465 2 bytes [bD, 76]

.text C:\Users\Fabio\AppData\Roaming\WebCake\WebCakeDesktop.exe[2264] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 0000000076bd14bb 2 bytes [bD, 76]

.text ... * 2

.text C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe[2896] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000076bd1465 2 bytes [bD, 76]

.text C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe[2896] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 0000000076bd14bb 2 bytes [bD, 76]

.text ... * 2

.text c:\program files (x86)\common files\installshield\updateservice\isuspm.exe[3176] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000076bd1465 2 bytes [bD, 76]

.text c:\program files (x86)\common files\installshield\updateservice\isuspm.exe[3176] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 0000000076bd14bb 2 bytes [bD, 76]

.text ... * 2

---- Kernel IAT/EAT - GMER 2.1 ----

IAT C:\Windows\system32\drivers\atapi.sys[ataport.SYS!AtaPortReadPortBufferUshort] [fffff880010ac0c0] \SystemRoot\System32\Drivers\sptd.sys [.text]

IAT C:\Windows\system32\drivers\atapi.sys[ataport.SYS!AtaPortReadPortUchar] [fffff880010abe4c] \SystemRoot\System32\Drivers\sptd.sys [.text]

IAT C:\Windows\system32\drivers\atapi.sys[ataport.SYS!AtaPortWritePortUchar] [fffff880010ac838] \SystemRoot\System32\Drivers\sptd.sys [.text]

IAT C:\Windows\system32\drivers\atapi.sys[ataport.SYS!AtaPortWritePortUlong] [fffff880010ab600] \SystemRoot\System32\Drivers\sptd.sys [.text]

IAT C:\Windows\system32\drivers\atapi.sys[ataport.SYS!AtaPortWritePortBufferUshort] [fffff880010aca8c] \SystemRoot\System32\Drivers\sptd.sys [.text]

---- Devices - GMER 2.1 ----

Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-0 fffffa8003cb02c0

Device \Driver\atapi \Device\Ide\IdePort4 fffffa8003cb02c0

Device \Driver\atapi \Device\Ide\IdePort0 fffffa8003cb02c0

Device \Driver\atapi \Device\Ide\IdePort1 fffffa8003cb02c0

Device \Driver\atapi \Device\Ide\IdePort2 fffffa8003cb02c0

Device \Driver\atapi \Device\Ide\IdeDeviceP2T0L0-4 fffffa8003cb02c0

Device \Driver\atapi \Device\Ide\IdePort3 fffffa8003cb02c0

Device \FileSystem\Ntfs \Ntfs fffffa80045e42c0

Device \Driver\usbuhci \Device\USBPDO-5 fffffa800511f2c0

Device \Driver\usbuhci \Device\USBFDO-3 fffffa800511f2c0

Device \Driver\usbuhci \Device\USBPDO-1 fffffa800511f2c0

Device \Driver\NetBT \Device\NetBT_Tcpip_{1135D01D-AADE-4A21-B974-CA1D86482820} fffffa800509a2c0

Device \Driver\cdrom \Device\CdRom0 fffffa8004c6c2c0

Device \Driver\NetBT \Device\NetBT_Tcpip_{64AD740B-AD46-4DCB-A6F7-361941CA69E1} fffffa800509a2c0

Device \Driver\usbehci \Device\USBPDO-6 fffffa8004e6f2c0

Device \Driver\usbuhci \Device\USBFDO-4 fffffa800511f2c0

Device \Driver\usbehci \Device\USBPDO-2 fffffa8004e6f2c0

Device \Driver\usbuhci \Device\USBFDO-0 fffffa800511f2c0

Device \Driver\usbuhci \Device\USBFDO-5 fffffa800511f2c0

Device \Driver\usbuhci \Device\USBPDO-3 fffffa800511f2c0

Device \Driver\usbuhci \Device\USBFDO-1 fffffa800511f2c0

Device \Driver\NetBT \Device\NetBt_Wins_Export fffffa800509a2c0

Device \Driver\usbehci \Device\USBFDO-6 fffffa8004e6f2c0

Device \Driver\usbuhci \Device\USBPDO-4 fffffa800511f2c0

Device \Driver\atapi \Device\ScsiPort0 fffffa8003cb02c0

Device \Driver\usbehci \Device\USBFDO-2 fffffa8004e6f2c0

Device \Driver\usbuhci \Device\USBPDO-0 fffffa800511f2c0

Device \Driver\atapi \Device\ScsiPort1 fffffa8003cb02c0

Device \Driver\atapi \Device\ScsiPort2 fffffa8003cb02c0

Device \Driver\atapi \Device\ScsiPort3 fffffa8003cb02c0

Device \Driver\atapi \Device\ScsiPort4 fffffa8003cb02c0

---- Trace I/O - GMER 2.1 ----

Trace ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys >>UNKNOWN [0xfffffa8003cb02c0]<< sptd.sys ataport.SYS PCIIDEX.SYS hal.dll msahci.sys fffffa8003cb02c0

Trace 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8004c50060] fffffa8004c50060

Trace 3 CLASSPNP.SYS[fffff88001b4543f] -> nt!IofCallDriver -> [0xfffffa8004a7e520] fffffa8004a7e520

Trace 5 ACPI.sys[fffff88000efb7a1] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP2T0L0-4[0xfffffa8004a7f680] fffffa8004a7f680

Trace \Driver\atapi[0xfffffa8004a678a0] -> IRP_MJ_CREATE -> 0xfffffa8003cb02c0 fffffa8003cb02c0

---- Registry - GMER 2.1 ----

Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\001e37feae95

Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\001e37feae95@00219e9d37f2 0x9A 0xB8 0x1B 0xF1 ...

Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\001e37feae95@44f45972ac7e 0xB7 0xE8 0x9C 0x83 ...

Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\001e37feae95@19d0a2906601 0xDA 0x88 0xF4 0xB6 ...

Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\001e37feae95@96b44666113f 0x82 0x6D 0x5A 0xAE ...

Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Upgrade\LocalRadioSettings

Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg@s1 771343423

Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg@s2 285507792

Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg@h0 2

Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04

Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@h0 1

Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@ujdew 0x70 0x28 0xA5 0xFE ...

Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC

Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@u0 0x00 0x00 0x00 0x00 ...

Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0 0

Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0x81 0xAB 0xAF 0xA6 ...

Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\001e37feae95 (not active ControlSet)

Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\001e37feae95@00219e9d37f2 0x9A 0xB8 0x1B 0xF1 ...

Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\001e37feae95@44f45972ac7e 0xB7 0xE8 0x9C 0x83 ...

Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\001e37feae95@19d0a2906601 0xDA 0x88 0xF4 0xB6 ...

Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\001e37feae95@96b44666113f 0x82 0x6D 0x5A 0xAE ...

Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Upgrade\LocalRadioSettings (not active ControlSet)

Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04 (not active ControlSet)

Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@h0 1

Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@ujdew 0x70 0x28 0xA5 0xFE ...

Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC (not active ControlSet)

Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@u0 0x00 0x00 0x00 0x00 ...

Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0 0

Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0x81 0xAB 0xAF 0xA6 ...

Reg HKCU\Software\Microsoft\Windows Live\Companion\si.vivian@hotmail.com@1f808746ce73a575a1323e17e48a9e64\r\n 0x1D 0xBC 0xB0 0xBA ...

---- Files - GMER 2.1 ----

File C:\$WINDOWS.~Q\DATA\Users\Fabio\AppData\Roaming\Microsoft\Windows\hyuioç.,m nbfdre4567uikjmnbfdfe345trhfhhgtyhgftyhgujhfyujvghjj hhbghbbbbkjtgyhujiklç;hhuiopç;.,mnhgty67uk,mnbfrumnbbvdftyumnbbgtykm vfgtyjmn nnbghtyukn\desktop.ini 432 bytes

---- EOF - GMER 2.1 ----

Compartilhar este post


Link para o post
Compartilhar em outros sites

Tente primeiro isso:

http://www.qvo6.com/uninstall.html

Compartilhar este post


Link para o post
Compartilhar em outros sites

Removido com software anti spyware. Obrigado. Fechar tópico.

Compartilhar este post


Link para o post
Compartilhar em outros sites

Caso o autor do tópico necessite, o mesmo será reaberto, para isso deverá entrar em contato com a moderação solicitando o desbloqueio.

Compartilhar este post


Link para o post
Compartilhar em outros sites
Visitante
Este tópico está impedido de receber novos posts.
Entre para seguir isso  





Sobre o Clube do Hardware

No ar desde 1996, o Clube do Hardware é uma das maiores, mais antigas e mais respeitadas publicações sobre tecnologia do Brasil. Leia mais

Direitos autorais

Não permitimos a cópia ou reprodução do conteúdo do nosso site, fórum, newsletters e redes sociais, mesmo citando-se a fonte. Leia mais

×