Ir ao conteúdo
  • Cadastre-se
Sainthell

Problema com W7

Recommended Posts

Primeiramente, boa noite, ou bom dia.

Há uma hora atrás meu computador começou a agir estranhamente, começando com o explorer não conseguindo carregar a maioria das pastas (por exemplo, qualquer pasta ficava carregando infinitamente, procurando pelos arquivos nela. ao fechar e abrir o explorer, só apareciam as categorias, como favoritos, bibliotecas, grupos, computador, etc...) e meu skype teve um certo problema e travou, fazendo com que eu tivesse que fechar ele, mas ele não abriu mais quando tentei (embora ele aparecesse na aba de processos do gerenciador de tarefas, e mesmo que eu finalizasse ele e tentasse de novo ele não abria.).

Então reiniciei meu computador, pensando em rodar o CCleaner ou Limpeza de disco. porém, quando eu abria um deles, o uso da minha CPU (que já estava anormalmente alto por algum motivo) ficava em 100%, e a limpeza de disco travava na primeira parte (embora eu tenha usado um fix pra passar isso), e o CCleaner travava brutalmente, deixando ele impossivel de usar. além disso, o pc está brutalmente mais lento.

Como conheço o que irão pedir, eu baixei o Hijackthis portable e rodei aqui. caso seja necessário usar outra versão, eu baixarei ela. Colocarei em spoilers para não deixar o post gigantesco.

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 05:59:07, on 24/07/2013

Platform: Windows 7 SP1 (WinNT 6.00.3505)

MSIE: Internet Explorer v10.0 (10.00.9200.16635)

Boot mode: Normal

Running processes:

C:\ProgramData\DatacardService\DCSHelper.exe

C:\Windows\SysWOW64\rundll32.exe

C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe

C:\Users\Sainthell\AppData\Local\Akamai\netsession_win.exe

C:\Program Files (x86)\Skype\Phone\Skype.exe

C:\Users\Sainthell\AppData\Local\Akamai\netsession_win.exe

C:\Program Files\AVAST Software\Avast\AvastUI.exe

C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

C:\Program Files (x86)\Internet Explorer\IELowutil.exe

C:\Users\Sainthell\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Sainthell\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Sainthell\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Sainthell\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Sainthell\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Sainthell\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Sainthell\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Sainthell\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Sainthell\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Sainthell\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Sainthell\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Sainthell\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Sainthell\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Sainthell\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Sainthell\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Sainthell\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Sainthell\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Sainthell\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Sainthell\Downloads\HiJackThis.exe

F2 - REG:system.ini: UserInit=userinit.exe

O2 - BHO: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files (x86)\McAfee Security Scan\3.0.318\McAfeeMSS_IE.dll

O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MIF5BA~1\Office14\GROOVEEX.DLL

O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll

O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll

O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MIF5BA~1\Office14\URLREDIR.DLL

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll

O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll

O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui

O4 - HKLM\..\Run: [bCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

O4 - HKLM\..\RunOnce: [aswAhAScr.dll] "C:\Program Files\AVAST Software\Avast\aswRegSvr.exe" "C:\Program Files\AVAST Software\Avast\AhAScr.dll"

O4 - HKLM\..\RunOnce: [aswasOutExt.dll] "C:\Program Files\AVAST Software\Avast\aswRegSvr.exe" "C:\Program Files\AVAST Software\Avast\asOutExt.dll"

O4 - HKLM\..\RunOnce: [aswasOutExt64.dll] "C:\Program Files\AVAST Software\Avast\aswRegSvr64.exe" "C:\Program Files\AVAST Software\Avast\asOutExt64.dll"

O4 - HKCU\..\Run: [Pando Media Booster] C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe

O4 - HKCU\..\Run: [Akamai NetSession Interface] "C:\Users\Sainthell\AppData\Local\Akamai\netsession_win.exe"

O4 - HKCU\..\Run: [skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun

O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun

O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')

O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')

O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll

O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll

O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll

O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics

O15 - ESC Trusted Zone: http://*.update.microsoft.com

O16 - DPF: {4A85DBE0-BFB2-4119-8401-186A7C6EB653} - http://messenger.zone.msn.com/MessengerGamesContent/GameContent/pt/mjss/MJSS.cab109791.cab

O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab

O17 - HKLM\System\CCS\Services\Tcpip\..\{964E8685-56FC-4FED-9A8C-71BF6FDE4717}: NameServer = 8.8.8.8,8.8.4.4

O17 - HKLM\System\CCS\Services\Tcpip\..\{E8976CAA-EFAE-4C5A-992A-760040601947}: NameServer = 200.222.0.34 200.202.193.75

O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\MP3 Skype Recorder\Skype4COM.dll

O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL

O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE

O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)

O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe

O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)

O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)

O23 - Service: Servico do Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

O23 - Service: LogMeIn Hamachi Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe

O23 - Service: HWDeviceService64.exe - Unknown owner - C:\ProgramData\DatacardService\HWDeviceService64.exe

O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe

O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)

O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\Windows\system32\GameMon.des.exe (file missing)

O23 - Service: OpenVPN Service (OpenVPNService) - Unknown owner - C:\Program Files (x86)\OpenVPN\bin\openvpnserv.exe

O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)

O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe

O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)

O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)

O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)

O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe

O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)

O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)

O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)

O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)

O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)

O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--

End of file - 11240 bytes

Se puderem me ajudar, ficarei muito grato.

EDIT: Resolvi um problema do HijackThis com o arquivo Hosts.

Compartilhar este post


Link para o post
Compartilhar em outros sites

Leia o tópico "Leia Antes de Postar" e poste os logs solicitados.

  • Curtir 1

Compartilhar este post


Link para o post
Compartilhar em outros sites

Estou fazendo esse post pois estou tendo problemas em colocar os resultados aqui. tentarei editar esse post e colocar os logs, e caso falhe, tentarei anexar os arquivos.

EDIT: como não consigo postar o log aqui (erro 500), zipei ele e coloquei no Mediafire. caso não seja permitido isso, me desculpem, mas sinceramente tentei postar em todos os meus navegadores, e deu erro em todos.

Aqui está o link: http://www.mediafire.com/?u5xp482mcczm5e4

Compartilhar este post


Link para o post
Compartilhar em outros sites

O log do GMER deve estar muito grande, poste apenas o do DDS.

Compartilhar este post


Link para o post
Compartilhar em outros sites

Ok.

DDS (Ver_2012-11-20.01) - NTFS_AMD64

Internet Explorer: 10.0.9200.16635 BrowserJavaVersion: 10.25.2

Run by Sainthell at 11:26:30 on 2013-07-26

Microsoft Windows 7 Ultimate 6.1.7601.1.949.82.1033.18.3062.1279 [GMT -3:00]

.

AV: avast! Antivirus *Enabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}

SP: avast! Antivirus *Enabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}

SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

============== Running Processes ===============

.

C:\Windows\system32\lsm.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\system32\svchost.exe -k RPCSS

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k NetworkService

C:\Windows\System32\spoolsv.exe

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE

C:\Windows\system32\taskhost.exe

C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe

C:\Windows\system32\taskeng.exe

C:\Windows\system32\taskeng.exe

C:\Windows\SysWOW64\rundll32.exe

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\ProgramData\DatacardService\HWDeviceService64.exe

C:\ProgramData\DatacardService\DCSHelper.exe

C:\Program Files (x86)\Panda USB Vaccine\USBVaccine.exe

C:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe

C:\Windows\System32\hkcmd.exe

C:\Windows\System32\igfxpers.exe

C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe

C:\Windows\system32\igfxsrvc.exe

C:\Users\Sainthell\AppData\Local\Akamai\netsession_win.exe

C:\Program Files\Windows Sidebar\sidebar.exe

C:\Users\Sainthell\AppData\Local\Akamai\netsession_win.exe

C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe

C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe

C:\Windows\system32\svchost.exe -k imgsvc

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

C:\Program Files\AVAST Software\Avast\AvastUI.exe

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe

C:\Windows\system32\SearchIndexer.exe

C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\Program Files\Windows Media Player\wmpnetwk.exe

C:\Windows\System32\WUDFHost.exe

C:\Program Files\AVAST Software\Avast\AvastSvc.exe

C:\Windows\System32\svchost.exe -k LocalServicePeerNet

C:\Windows\System32\svchost.exe -k secsvcs

C:\Users\Sainthell\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Sainthell\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Sainthell\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Sainthell\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Sainthell\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Sainthell\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Sainthell\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Windows\servicing\TrustedInstaller.exe

C:\Users\Sainthell\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Sainthell\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Windows\System32\cscript.exe

.

============== Pseudo HJT Report ===============

.

uStart Page = hxxp://www.baixaki.com.br/portal/?utm_source=core&utm_medium=ppi&utm_campaign=portal

uSearch Bar = Preserve

uSearch Page = hxxp://search.b1.org/?bsrc=4hixr&chid=c167991

mStart Page = hxxp://www.baixaki.com.br/portal/?utm_source=core&utm_medium=ppi&utm_campaign=portal

uProxyOverride = <local>

mWinlogon: Userinit = userinit.exe

BHO: MSS+ Identifier: {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files (x86)\McAfee Security Scan\3.0.318\McAfeeMSS_IE.dll

BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL

BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll

BHO: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll

BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

BHO: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL

BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll

TB: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll

uRun: [Pando Media Booster] C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe

uRun: [Akamai NetSession Interface] "C:\Users\Sainthell\AppData\Local\Akamai\netsession_win.exe"

uRun: [skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun

uRun: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun

mRun: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui

mRun: [bCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices

mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jaureg.exe" -u auto-update

mPolicies-Explorer: NoActiveDesktop = dword:1

mPolicies-Explorer: NoActiveDesktopChanges = dword:1

mPolicies-System: ConsentPromptBehaviorAdmin = dword:5

mPolicies-System: ConsentPromptBehaviorUser = dword:3

mPolicies-System: EnableUIADesktopToggle = dword:0

IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll

IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

DPF: {4A85DBE0-BFB2-4119-8401-186A7C6EB653} - hxxp://messenger.zone.msn.com/MessengerGamesContent/GameContent/pt/mjss/MJSS.cab109791.cab

DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} - hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab

DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab

TCP: Interfaces\{964E8685-56FC-4FED-9A8C-71BF6FDE4717} : NameServer = 8.8.8.8,8.8.4.4

TCP: Interfaces\{E8976CAA-EFAE-4C5A-992A-760040601947} : NameServer = 200.222.0.34 200.202.193.75

Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL

Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\MP3 Skype Recorder\Skype4COM.dll

Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

SSODL: WebCheck - <orphaned>

SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL

x64-mStart Page = hxxp://www.baixaki.com.br/portal/?utm_source=core&utm_medium=ppi&utm_campaign=portal

x64-BHO: avast! WebRep: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll

x64-BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL

x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

x64-BHO: Skype add-on for Internet Explorer: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll

x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL

x64-TB: avast! WebRep: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll

x64-Run: [igfxTray] C:\Windows\System32\igfxtray.exe

x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe

x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe

x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll

x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

x64-IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll

x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL

x64-Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll

x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>

x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>

x64-Notify: igfxcui - igfxdev.dll

x64-SSODL: WebCheck - <orphaned>

x64-SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL

.

================= FIREFOX ===================

.

FF - ProfilePath - C:\Users\Sainthell\AppData\Roaming\Mozilla\Firefox\Profiles\k9i3iig2.default-1367042992907\

FF - plugin: C:\PROGRA~2\MIF5BA~1\Office14\NPAUTHZ.DLL

FF - plugin: C:\PROGRA~2\MIF5BA~1\Office14\NPSPWRAP.DLL

FF - plugin: C:\Program Files (x86)\BYOND\bin\npbyond.dll

FF - plugin: C:\Program Files (x86)\Garena Plus\bbtalk\plugins\npPlugin\npGarenaTalkPlugin.dll

FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll

FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll

FF - plugin: C:\Program Files (x86)\McAfee Security Scan\3.0.318\npMcAfeeMSS.dll

FF - plugin: C:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrlui.dll

FF - plugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll

FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

FF - plugin: C:\Users\Sainthell\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll

FF - plugin: C:\Users\Sainthell\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll

FF - plugin: C:\Windows\System32\npDeployJava1.dll

FF - plugin: C:\Windows\System32\npmproxy.dll

FF - plugin: C:\Windows\System32\npOGPPlugin.dll

FF - plugin: C:\Windows\System32\Wat\npWatWeb.dll

FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll

FF - plugin: C:\Windows\SysWOW64\npDeployJava1.dll

FF - plugin: C:\Windows\SysWOW64\npmproxy.dll

FF - plugin: C:\Windows\SysWOW64\npOGPPlugin.dll

FF - ExtSQL: 2013-06-24 06:30; {82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}; C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}

.

============= SERVICES / DRIVERS ===============

.

R0 aswRvrt;aswRvrt;C:\Windows\System32\drivers\aswRvrt.sys [2013-7-24 65336]

R0 aswVmm;aswVmm;C:\Windows\System32\drivers\aswVmm.sys [2013-7-24 189936]

R1 aswKbd;aswKbd;C:\Windows\System32\drivers\aswKbd.sys [2012-3-5 28504]

R1 aswSnx;aswSnx;C:\Windows\System32\drivers\aswSnx.sys [2012-2-12 1030952]

R1 aswSP;aswSP;C:\Windows\System32\drivers\aswSP.sys [2012-2-12 378944]

R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;C:\Windows\System32\drivers\dtsoftbus01.sys [2013-2-19 283200]

R1 SASDIFSV;SASDIFSV;C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys [2011-7-22 14928]

R1 SASKUTIL;SASKUTIL;C:\Program Files\SUPERAntiSpyware\saskutil64.sys [2011-7-12 12368]

R2 !SASCORE;SAS Core Service;C:\Program Files\SUPERAntiSpyware\SASCore64.exe [2012-7-11 140672]

R2 aswFsBlk;aswFsBlk;C:\Windows\System32\drivers\aswFsBlk.sys [2012-2-12 33400]

R2 aswMonFlt;aswMonFlt;C:\Windows\System32\drivers\aswMonFlt.sys [2012-2-12 80816]

R2 avast! Antivirus;avast! Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2013-7-24 46808]

R2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe [2013-6-28 2470736]

R2 HWDeviceService64.exe;HWDeviceService64.exe;C:\ProgramData\DatacardService\HWDeviceService64.exe -/service --> C:\ProgramData\DatacardService\HWDeviceService64.exe -/service [?]

R3 AtcL001;NDIS Miniport Driver for Atheros L1 Gigabit Ethernet Controller;C:\Windows\System32\drivers\l160x64.sys [2009-10-13 61440]

R3 CAXHWBS2;CAXHWBS2;C:\Windows\System32\drivers\CAXHWBS2.sys [2009-6-30 411136]

R3 huawei_enumerator;huawei_enumerator;C:\Windows\System32\drivers\ew_jubusenum.sys [2012-2-10 85504]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2012-7-9 104912]

S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2012-7-8 123856]

S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-6-3 162408]

S3 cpuz134;cpuz134;C:\Program Files (x86)\CPUID\PC Wizard 2010\pcwiz_x64.sys [2012-2-13 21480]

S3 dmvsc;dmvsc;C:\Windows\System32\drivers\dmvsc.sys [2011-4-12 71168]

S3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device;C:\Windows\System32\drivers\ew_hwusbdev.sys [2012-2-10 117248]

S3 huawei_cdcacm;huawei_cdcacm;C:\Windows\System32\drivers\ew_jucdcacm.sys [2012-2-10 93696]

S3 npggsvc;nProtect GameGuard Service;C:\Windows\System32\GameMon.des -service --> C:\Windows\System32\GameMon.des -service [?]

S3 PSSDK42;PSSDK42;C:\Windows\System32\drivers\pssdk42.sys [2013-3-9 53312]

S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2010-11-21 20992]

S3 ScreamBAudioSvc;ScreamBee Audio;C:\Windows\System32\drivers\ScreamingBAudio64.sys [2009-3-27 27160]

S3 SrvHsfPCI;SrvHsfPCI;C:\Windows\System32\drivers\VSTBS26.SYS [2009-7-13 411136]

S3 SrvHsfV92;SrvHsfV92;C:\Windows\System32\drivers\VSTDPV6.SYS [2009-7-13 1485312]

S3 SrvHsfWinac;SrvHsfWinac;C:\Windows\System32\drivers\VSTCNXT6.SYS [2009-7-13 740864]

S3 Synth3dVsc;Synth3dVsc;C:\Windows\System32\drivers\Synth3dVsc.sys [2011-4-12 88960]

S3 terminpt;Microsoft Remote Desktop Input Driver;C:\Windows\System32\drivers\terminpt.sys [2011-4-12 34816]

S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2010-11-21 59392]

S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2010-11-21 31232]

S3 usbUDisc;usbUDisc;C:\Windows\System32\drivers\USBDrv_AMD64.sys [2012-9-1 17280]

S3 WatAdminSvc;Servico de Tecnologias de Ativacao do Windows;C:\Windows\System32\Wat\WatAdminSvc.exe [2012-3-12 1255736]

S3 WinRing0_1_2_0;WinRing0_1_2_0;C:\Program Files (x86)\IObit\Game Booster 3\Driver\WinRing0x64.sys [2013-7-11 14544]

S4 McComponentHostService;McAfee Security Scan Component Host Service;C:\Program Files (x86)\McAfee Security Scan\3.0.318\McCHSvc.exe [2013-2-5 235216]

SUnknown tsusbhub;tsusbhub; [x]

.

=============== Created Last 30 ================

.

2013-07-26 14:24:41 9460976 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{EFEEDF44-BD52-4715-9BC8-11D8C1D8E85B}\mpengine.dll

2013-07-24 19:09:58 96168 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll

2013-07-24 08:19:28 189936 ----a-w- C:\Windows\System32\drivers\aswVmm.sys

2013-07-24 08:19:27 65336 ----a-w- C:\Windows\System32\drivers\aswRvrt.sys

2013-07-22 03:14:23 -------- d-----w- C:\Users\Sainthell\AppData\Local\{D4047363-950C-4FDF-AB36-76A036C17310}

2013-07-15 03:02:24 -------- d-----w- C:\Users\Sainthell\AppData\Local\{C5C56BDE-FD07-47CB-BEB0-67867D659201}

2013-07-11 06:38:29 571904 ----a-w- C:\Program Files\Windows Defender\MpClient.dll

2013-07-11 06:38:29 54784 ----a-w- C:\Program Files (x86)\Windows Defender\MpOAV.dll

2013-07-11 06:38:29 392704 ----a-w- C:\Program Files (x86)\Windows Defender\MpClient.dll

2013-07-11 06:38:29 314880 ----a-w- C:\Program Files\Windows Defender\MpCommu.dll

2013-07-11 06:38:29 1011712 ----a-w- C:\Program Files\Windows Defender\MpSvc.dll

2013-07-11 06:38:28 9216 ----a-w- C:\Program Files (x86)\Windows Defender\MpAsDesc.dll

2013-07-11 06:38:28 4608 ----a-w- C:\Program Files (x86)\Windows Defender\MsMpLics.dll

2013-07-11 06:38:27 624128 ----a-w- C:\Windows\System32\qedit.dll

2013-07-11 06:38:27 509440 ----a-w- C:\Windows\SysWow64\qedit.dll

2013-07-11 06:38:25 1887744 ----a-w- C:\Windows\System32\WMVDECOD.DLL

2013-07-11 06:38:24 1620480 ----a-w- C:\Windows\SysWow64\WMVDECOD.DLL

2013-07-11 06:36:56 1643520 ----a-w- C:\Windows\System32\DWrite.dll

2013-07-11 06:36:54 1247744 ----a-w- C:\Windows\SysWow64\DWrite.dll

2013-07-11 06:09:11 3153920 ----a-w- C:\Windows\System32\win32k.sys

2013-07-11 06:09:09 1732608 ----a-w- C:\Program Files\Windows Journal\NBDoc.DLL

2013-07-11 06:09:09 1393152 ----a-w- C:\Program Files\Windows Journal\JNTFiltr.dll

2013-07-11 06:09:09 1367040 ----a-w- C:\Program Files\Common Files\Microsoft Shared\ink\journal.dll

2013-07-11 06:09:08 936448 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\ink\journal.dll

2013-07-11 06:09:08 1402880 ----a-w- C:\Program Files\Windows Journal\JNWDRV.dll

2013-07-11 04:02:07 85504 ----a-w- C:\Windows\SysWow64\ff_vfw.dll

2013-07-11 04:01:56 -------- d-----w- C:\Program Files (x86)\ffdshow

2013-07-11 04:01:53 -------- d-----w- C:\ProgramData\IObit

2013-07-11 04:01:53 -------- d-----w- C:\Program Files (x86)\IObit

2013-07-11 02:30:10 -------- d-----w- C:\Users\Sainthell\AppData\Local\PointBlank

2013-07-09 18:05:22 176128 ----a-w- C:\Windows\SysWow64\RemoteControl.dll

2013-07-09 18:05:22 -------- d-----w- C:\Users\Sainthell\AppData\Roaming\Pamela

2013-07-09 18:05:20 -------- d-----w- C:\Program Files (x86)\Pamela

2013-07-09 18:02:25 -------- d-----w- C:\Users\Sainthell\AppData\Roaming\MP3SkypeRecorder

2013-07-09 18:02:25 -------- d-----w- C:\Users\Sainthell\AppData\Local\Alexander_Nikiforov

2013-07-09 18:02:02 -------- d-----w- C:\Program Files (x86)\MP3 Skype Recorder

2013-07-09 17:03:22 -------- d-----w- C:\ProgramData\MXSkypeRecorder

2013-07-09 16:50:48 -------- d-----w- C:\Users\Sainthell\AppData\Roaming\MXSkypeRec

2013-07-09 07:14:57 -------- d-----w- C:\.minecraft

2013-07-09 04:45:47 -------- d-----w- C:\Users\Sainthell\minecraft

2013-07-07 03:22:06 -------- d-----w- C:\Users\Sainthell\AppData\Roaming\.mono

2013-07-07 03:22:06 -------- d-----w- C:\ProgramData\.mono

2013-07-07 03:05:11 -------- d-----w- C:\Users\Sainthell\AppData\Roaming\Pok?mon Trading Card Game Online

2013-07-05 23:06:43 -------- d-----w- C:\Users\Sainthell\AppData\Roaming\.minecraft

2013-07-03 20:42:12 -------- d-----w- C:\Program Files\CCleaner

2013-07-03 20:41:45 -------- d-----w- C:\ProgramData\Tarma Installer

2013-07-03 19:50:51 -------- d-----w- C:\Users\Sainthell\AppData\Local\{D231D6AC-C4A8-43BA-85E0-1EBB64DC0BAE}

2013-07-02 19:05:47 -------- d-----w- C:\Program Files (x86)\LogMeIn Hamachi

2013-07-02 19:02:25 -------- d-----w- C:\Users\Sainthell\AppData\Local\{9643A3F1-319D-44FB-B1D7-5DD6F81BFBE5}

2013-07-01 09:57:09 -------- d-----w- C:\Users\Sainthell\AppData\Local\{A54934EA-8584-4847-9742-4DF6CF605150}

2013-06-30 20:24:47 -------- d-----w- C:\Users\Sainthell\AppData\Local\{0C103966-7E8F-4949-9902-DD65F58287E8}

2013-06-30 16:18:20 -------- d-----w- C:\Users\Sainthell\AppData\Local\{A1FE5EC7-2104-4F06-AFF0-E53A98DAEBE4}

2013-06-29 17:44:46 -------- d-----w- C:\Users\Sainthell\AppData\Local\{EE721FF0-F29A-4F57-BBAE-A149672883D6}

2013-06-29 03:30:03 -------- d-sh--w- C:\Windows\SysWow64\AI_RecycleBin

2013-06-29 01:13:32 -------- d-----w- C:\Users\Sainthell\AppData\Roaming\GarenaPlus

2013-06-29 01:12:53 -------- d-----w- C:\Program Files (x86)\Garena Plus

2013-06-29 01:12:48 -------- d-----w- C:\ProgramData\GarenaMessenger

2013-06-28 16:24:56 -------- d-----w- C:\Users\Sainthell\AppData\Local\{BB0C49C7-2EB0-4930-BC17-AD3F06687026}

2013-06-27 17:32:38 -------- d-----w- C:\Users\Sainthell\AppData\Local\{A51B5D99-9715-411A-92E8-2B9877D1733F}

2013-06-26 17:17:04 -------- d-----w- C:\Users\Sainthell\AppData\Local\{44DC2C90-CC87-4734-A0B5-4CECBF616FC3}

.

==================== Find3M ====================

.

2013-07-24 19:09:32 867240 ----a-w- C:\Windows\SysWow64\npDeployJava1.dll

2013-07-24 19:09:32 789416 ----a-w- C:\Windows\SysWow64\deployJava1.dll

2013-07-24 19:02:52 692104 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe

2013-07-24 19:02:51 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl

2013-07-24 08:21:00 1030952 ----a-w- C:\Windows\System32\drivers\aswSnx.sys

2013-07-24 07:54:24 53312 ----a-w- C:\Windows\System32\drivers\pssdk42.sys

2013-06-22 20:57:35 466456 ----a-w- C:\Windows\System32\wrap_oal.dll

2013-06-22 20:57:35 122904 ----a-w- C:\Windows\System32\OpenAL32.dll

2013-06-22 20:57:34 444952 ----a-w- C:\Windows\SysWow64\wrap_oal.dll

2013-06-22 20:57:33 109080 ----a-w- C:\Windows\SysWow64\OpenAL32.dll

2013-06-12 04:31:09 9089416 ----a-w- C:\Windows\SysWow64\FlashPlayerInstaller.exe

2013-06-11 23:43:37 1767936 ----a-w- C:\Windows\SysWow64\wininet.dll

2013-06-11 23:43:00 2877440 ----a-w- C:\Windows\SysWow64\jscript9.dll

2013-06-11 23:42:58 61440 ----a-w- C:\Windows\SysWow64\iesetup.dll

2013-06-11 23:42:58 109056 ----a-w- C:\Windows\SysWow64\iesysprep.dll

2013-06-11 23:26:20 2241024 ----a-w- C:\Windows\System32\wininet.dll

2013-06-11 23:25:16 3958784 ----a-w- C:\Windows\System32\jscript9.dll

2013-06-11 23:25:13 67072 ----a-w- C:\Windows\System32\iesetup.dll

2013-06-11 23:25:13 136704 ----a-w- C:\Windows\System32\iesysprep.dll

2013-06-11 22:51:45 71680 ----a-w- C:\Windows\SysWow64\RegisterIEPKEYs.exe

2013-06-11 22:50:58 89600 ----a-w- C:\Windows\System32\RegisterIEPKEYs.exe

2013-06-07 03:22:18 2706432 ----a-w- C:\Windows\System32\mshtml.tlb

2013-06-07 02:37:52 2706432 ----a-w- C:\Windows\SysWow64\mshtml.tlb

2013-05-13 05:51:01 184320 ----a-w- C:\Windows\System32\cryptsvc.dll

2013-05-13 05:51:00 1464320 ----a-w- C:\Windows\System32\crypt32.dll

2013-05-13 05:51:00 139776 ----a-w- C:\Windows\System32\cryptnet.dll

2013-05-13 05:50:40 52224 ----a-w- C:\Windows\System32\certenc.dll

2013-05-13 04:45:55 140288 ----a-w- C:\Windows\SysWow64\cryptsvc.dll

2013-05-13 04:45:55 1160192 ----a-w- C:\Windows\SysWow64\crypt32.dll

2013-05-13 04:45:55 103936 ----a-w- C:\Windows\SysWow64\cryptnet.dll

2013-05-13 03:43:55 1192448 ----a-w- C:\Windows\System32\certutil.exe

2013-05-13 03:08:10 903168 ----a-w- C:\Windows\SysWow64\certutil.exe

2013-05-13 03:08:06 43008 ----a-w- C:\Windows\SysWow64\certenc.dll

2013-05-10 05:49:27 30720 ----a-w- C:\Windows\System32\cryptdlg.dll

2013-05-10 03:20:54 24576 ----a-w- C:\Windows\SysWow64\cryptdlg.dll

2013-05-09 08:59:07 72016 ----a-w- C:\Windows\System32\drivers\aswRdr2.sys

2013-05-09 08:59:06 80816 ----a-w- C:\Windows\System32\drivers\aswMonFlt.sys

2013-05-09 08:58:37 41664 ----a-w- C:\Windows\avastSS.scr

2013-05-08 06:39:01 1910632 ----a-w- C:\Windows\System32\drivers\tcpip.sys

2013-05-02 05:06:08 278800 ------w- C:\Windows\System32\MpSigStub.exe

.

============= FINISH: 11:28:10,54 ===============

.

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

.

DDS (Ver_2012-11-20.01)

.

Microsoft Windows 7 Ultimate

Boot Device: \Device\HarddiskVolume1

Install Date: 10/02/2012 22:22:35

System Uptime: 26/07/2013 11:16:02 (0 hours ago)

.

Motherboard: Positivo Informatica SA | | POS-AG31AP

Processor: Pentium® Dual-Core CPU E5400 @ 2.70GHz |

Socket 775 | 2700/200mhz

.

==== Disk Partitions =========================

.

C: is FIXED (NTFS) - 466 GiB total, 338,988 GiB free.

D: is CDROM ()

E: is Removable

F: is CDROM ()

H: is CDROM ()

I: is FIXED (NTFS) - 596 GiB total, 520,852 GiB free.

.

==== Disabled Device Manager Items =============

.

Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}

Description: VirtualBox Host-Only Ethernet Adapter

Device ID: ROOT\NET\0000

Manufacturer: Oracle Corporation

Name: VirtualBox Host-Only Ethernet Adapter

PNP Device ID: ROOT\NET\0000

Service: VBoxNetAdp

.

Class GUID:

Description:

Device ID: ROOT\NET\0002

Manufacturer:

Name:

PNP Device ID: ROOT\NET\0002

Service:

.

Class GUID: {36fc9e60-c465-11cf-8056-444553540000}

Description: USB Device(VID_1f3a_PID_efe8)

Device ID: ROOT\USB\0001

Manufacturer: USB Devices

Name: USB Device(VID_1f3a_PID_efe8)

PNP Device ID: ROOT\USB\0001

Service: usbUDisc

.

==== System Restore Points ===================

.

RP296: 16/07/2013 21:23:08 - Windows Update

RP297: 23/07/2013 20:08:26 - Windows Update

RP298: 24/07/2013 15:32:17 - Windows Update

RP299: 24/07/2013 15:40:39 - Removed Crystal Reports Basic

Runtime for Visual Studio 2008 (x64)

RP300: 24/07/2013 15:41:55 - Removed Windows Mobile 5.0 SDK R2

for Smartphone

RP301: 24/07/2013 16:00:45 - Installed Java 7 Update 25

.

==== Installed Programs ======================

.

7-Zip 9.20

Adobe Flash Player 11 ActiveX

Adobe Flash Player 11 Plugin

Akamai NetSession Interface

aTube Catcher

avast! Free Antivirus

BitTorrent

BYOND

CCleaner

Cisco Packet Tracer 5.3.3

Claro

Crystal Reports Basic for Visual Studio 2008

D3DX10

DAEMON Tools Lite

Definition Update for Microsoft Office 2010 (KB982726) 32-Bit

Edition

Discador Oi

Ferramentas do Visual Studio 2005 para Office Second Edition

Runtime

ffdshow [rev 3154] [2009-12-09]

FLAC 1.2.1b (remove only)

Foxit Reader

Galactic Voices

Game Booster 3

GameRanger

Garena Plus

Google Chrome

Google Update Helper

Google YouTube SDK for .NET

Haali Media Splitter

Hotfix for Microsoft Visual Studio 2008 Professional Edition -

ENU (KB971091)

Hotfix for Microsoft Visual Studio 2008 Professional Edition -

ENU (KB973674)

Intel® Graphics Media Accelerator Driver

Java 7 Update 25

Java Auto Updater

JavaFX 2.1.1

League of Legends

LogMeIn Hamachi

Lua for Windows 5.1.4-46

Magic Workstation 0.94f

McAfee Security Scan Plus

Media Player Classic - Home Cinema 1.6.1.4235 x64

MediaFire Express

Microsoft .NET Compact Framework 2.0 SP2

Microsoft .NET Compact Framework 3.5

Microsoft .NET Framework 4.5

Microsoft .NET Framework 4.5 PTB Language Pack

Microsoft Application Error Reporting

Microsoft AppLocale

Microsoft Device Emulator (64 bit) version 3.0 - ENU

Microsoft Document Explorer 2008

Microsoft Games for Windows - LIVE Redistributable

Microsoft Office 2007 Service Pack 3 (SP3)

Microsoft Office 2010 Language Pack Service Pack 1 (SP1)

Microsoft Office 2010 Service Pack 1 (SP1)

Microsoft Office Access MUI (English) 2010

Microsoft Office Access Setup Metadata MUI (English) 2010

Microsoft Office Excel MUI (English) 2010

Microsoft Office Groove MUI (English) 2010

Microsoft Office InfoPath MUI (English) 2010

Microsoft Office Office 64-bit Components 2010

Microsoft Office OneNote MUI (English) 2010

Microsoft Office Outlook MUI (English) 2010

Microsoft Office PowerPoint MUI (English) 2010

Microsoft Office Professional Plus 2010

Microsoft Office Proof (English) 2010

Microsoft Office Proof (French) 2010

Microsoft Office Proof (Portuguese (Portugal)) 2010

Microsoft Office Proof (Spanish) 2010

Microsoft Office Proofing (English) 2010

Microsoft Office Proofing (Portuguese (Portugal)) 2010

Microsoft Office Publisher MUI (English) 2010

Microsoft Office Shared 64-bit MUI (English) 2010

Microsoft Office Shared 64-bit MUI (Portuguese (Portugal))

2010

Microsoft Office Shared 64-bit Setup Metadata MUI (English)

2010

Microsoft Office Shared MUI (English) 2007

Microsoft Office Shared MUI (English) 2010

Microsoft Office Shared MUI (Portuguese (Portugal)) 2010

Microsoft Office Shared Setup Metadata MUI (English) 2007

Microsoft Office Shared Setup Metadata MUI (English) 2010

Microsoft Office SharePoint Designer 2007 Service Pack 3 (SP3)

Microsoft Office Visio 2010

Microsoft Office Visio MUI (Portuguese (Portugal)) 2010

Microsoft Office Visual Web Developer 2007

Microsoft Office Visual Web Developer MUI (English) 2007

Microsoft Office Word MUI (English) 2010

Microsoft Silverlight

Microsoft SQL Server 2005

Microsoft SQL Server 2005 Compact Edition [ENU]

Microsoft SQL Server 2005 Express Edition (SQLEXPRESS)

Microsoft SQL Server 2005 Tools Express Edition

Microsoft SQL Server Compact 3.5 Design Tools ENU

Microsoft SQL Server Compact 3.5 ENU

Microsoft SQL Server Compact 3.5 for Devices ENU

Microsoft SQL Server Database Publishing Wizard 1.2

Microsoft SQL Server Native Client

Microsoft SQL Server Setup Support Files (English)

Microsoft SQL Server VSS Writer

Microsoft Visio 2010 Service Pack 1 (SP1)

Microsoft Visio Premium 2010

Microsoft Visual C# 2008 Express Edition - ENU

Microsoft Visual C++ 2005 Redistributable

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219

Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219

Microsoft Visual Studio 2005 Tools for Office Runtime

Microsoft Visual Studio 2008 Professional Edition - ENU

Microsoft Visual Studio 2008 Remote Debugger - ENU

Microsoft Visual Studio 2008 Remote Debugger Light (x64) - ENU

Microsoft Visual Studio Web Authoring Component

Microsoft Windows Application Compatibility Database

Microsoft Windows SDK for Visual Studio 2008 .NET Framework

Tools

Microsoft Windows SDK for Visual Studio 2008 Express Tools for

.NET Framework

Microsoft Windows SDK for Visual Studio 2008 Express Tools for

Win32

Microsoft Windows SDK for Visual Studio 2008 Headers and

Libraries

Microsoft Windows SDK for Visual Studio 2008 SDK Reference

Assemblies and IntelliSense

Microsoft Windows SDK for Visual Studio 2008 Tools

Microsoft Windows SDK for Visual Studio 2008 Win32 Tools

Microsoft XNA Framework Redistributable 4.0

Minecraft

Mobile Partner

Mozilla Firefox 22.0 (x86 pt-BR)

Mozilla Maintenance Service

MP3 Skype Recorder

MSDN Library for Microsoft Visual Studio 2008 Express Editions

MSVCRT

MX Skype Recorder v3.5.2

Oblivion

Omnitool versao 14

OpenAL

OpenVPN 2.2.2

Oracle VM VirtualBox 4.1.8

Pacote de Idiomas do Microsoft .NET Framework 4.5 - Portugues

(Brasil)

Paint.NET v3.5.10

Pamela Basic 4.8

Panda USB Vaccine 1.0.1.4

Pando Media Booster

PC Wizard 2010.1.96

PCI SoftV92 Modem

PointBlank

Pokemon Online 2.0.06

Pokemon Trading Card Game Online

Pokemon World Online version 1.83

Realtek High Definition Audio Driver

Revo Uninstaller 1.93

Sci-Fi Voice Pack

SD Gundam Online SEA

Security Update for 2007 Microsoft Office System (KB2288621)

Security Update for Microsoft .NET Framework 4.5 (KB2737083)

Security Update for Microsoft .NET Framework 4.5 (KB2742613)

Security Update for Microsoft .NET Framework 4.5 (KB2789648)

Security Update for Microsoft .NET Framework 4.5 (KB2804582)

Security Update for Microsoft .NET Framework 4.5 (KB2833957)

Security Update for Microsoft .NET Framework 4.5 (KB2840642)

Security Update for Microsoft Filter Pack 2.0 (KB2553501) 32-

Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596615)

32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596785)

32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2687309)

32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2687499)

32-Bit Edition

Security Update for Microsoft Office 2010 (KB2553091)

Security Update for Microsoft Office 2010 (KB2553447) 32-Bit

Edition

Security Update for Microsoft Office 2010 (KB2589320) 32-Bit

Edition

Security Update for Microsoft Office 2010 (KB2598243) 32-Bit

Edition

Security Update for Microsoft Office 2010 (KB2687276) 32-Bit

Edition

Security Update for Microsoft Office 2010 (KB2687501) 32-Bit

Edition

Security Update for Microsoft Office 2010 (KB2687510) 32-Bit

Edition

Security Update for Microsoft Office system 2007 (KB974234)

Security Update for Microsoft Visio 2010 (KB2810068) 32-Bit

Edition

Skype Click to Call

Skype™ 6.5

Steam

SUPERAntiSpyware

tConfig version 0.34.1b

Tenable Nessus (x64)

Terraria Game Launcher GUI version 1.3

Terraria Game Launcher version 3.0

Translator Fun Voice Pack

Trojan Remover 6.8.5

TSLRCM 1.8.1

Unity Web Player

Update for 2007 Microsoft Office System (KB967642)

Update for Microsoft .NET Framework 4.5 (KB2750147)

Update for Microsoft .NET Framework 4.5 (KB2805221)

Update for Microsoft .NET Framework 4.5 (KB2805226)

Update for Microsoft Office 2007 Help for Common Features

(KB963673)

Update for Microsoft Office 2007 suites (KB2596620) 32-Bit

Edition

Update for Microsoft Office 2007 System (KB2539530)

Update for Microsoft Office 2010 (KB2494150)

Update for Microsoft Office 2010 (KB2553092)

Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition

Update for Microsoft Office 2010 (KB2553270) 32-Bit Edition

Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition

Update for Microsoft Office 2010 (KB2553378) 32-Bit Edition

Update for Microsoft Office 2010 (KB2566458)

Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition

Update for Microsoft Office 2010 (KB2687503) 32-Bit Edition

Update for Microsoft Office 2010 (KB2687509) 32-Bit Edition

Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition

Update for Microsoft Office Script Editor Help (KB963671)

Update for Microsoft Visual Studio 2008 Professional Edition -

ENU (KB972221)

você Runtimes MSI

Visual Studio .NET Prerequisites - English

Visual Studio Tools for the Office system 3.0 Runtime

Vivo 3G

Winamp

Winamp Detectar Aplicacao

Windows Live Communications Platform

Windows Live Essentials

Windows Live Galeria de Fotos

Windows Live ID Sign-in Assistant

Windows Live Installer

Windows Live Language Selector

Windows Live Messenger

Windows Live Movie Maker

Windows Live Photo Common

Windows Live Photo Gallery

Windows Live PIMT Platform

Windows Live SOXE

Windows Live SOXE Definitions

Windows Live UX Platform

Windows Live UX Platform Language Pack

Windows Mobile 5.0 SDK R2 for Pocket PC

WinDS PRO 2013.6.0

WinRAR 4.11 (32-bit)

Word Reader 6.24

.

==== End Of File ===========================

Compartilhar este post


Link para o post
Compartilhar em outros sites

Você descreve problemas típicos com sistema operacional, não creio que tenha relação com malware, vou recomendar uma ferramenta que demorará para executar, mas nos dará uma visão se seu computador está infectado ou não.

Baixe o Kaspersky AVP Tool de um desses 2 links:

http://devbuilds.kaspersky-labs.com/devbuilds/AVPTool/

http://dnl-us6.kaspersky-labs.com/devbuilds/AVPTool/

Você será conduzido a uma página da Kaspersky, solicitando um email para cadastro, nome e sobrenome. Somente o campo "email" é obrigatório.

Informe seu email depois clique no botão Submit Form.

A página será recarregada. Clique no botão Download

Salve-o em sua área de trabalho.

Execute o arquivo e aguarde a instalação.

** Usuários do Windows Vista e Windows 7:

Clique com o direito sobre o arquivo, depois clique em Executar como administrador

Na tela do contrato de licença, marque a opção I accept the license agreement e depois clique no botão Start. Aparentemente o programa congela e nada acontece. É normal, apenas aguarde até aparecer a tela inicial do programa, e então clique no ícone Settings:

KRT_settings.png

Nesta tela, marque a caixa ao lado de:

  • Meu Computador
  • Disco local (C:)

Marque também todas as unidades que aparecem abaixo de Disco Local, caso houverem. Depois clique na aba Automatic Scan

KRT_install2_.png

De volta à tela inicial do programa, clique no botão Start scanning

Tenha paciência, é um pouco demorado.

Quando terminar, caso tenha detectado algo, o programa irá lhe perguntar o que fazer.

Marque o quadradinho ao lado de Apply to all objects e depois clique em Skip (queremos apenas o log).

KRT_detection_.png

Enquanto durar o exame, a tela inicial exibirá uma barra de progresso. Quando terminar, o programa exibirá o status concluído e um botão que ficará na cor laranja, caso nada tenha sido detectado, e na cor vermelha, caso tenha encontrado algo.

Caso tenha detectado algo, o programa também exibirá uma tela de alerta, avisando que o seu sistema está desprotegido e sugerindo um produto da Kaspersky. Clique no botão No, thanks.

De volta à tela principal, caso tenha sido detectado algo, então salve o log. Se você fechar o programa e esquecer de salvar o log, terá que repetir todo o scan novamente.

Para salvar o log, clique no ícone Reports (ao lado do ícone "Settings"). Na próxima janela, clique em Detected Threats, depois clique no ícone de disquete para salvar o log.

Escolha um local de fácil acesso e salve como log.txt

Copie todo o conteúdo desse bloco de notas e cole na sua próxima resposta.

Se nada for detectado, então não precisa salvar o log. Apenas poste aqui avisando.

Para sair do programa, basta clicar no X no canto superior direito.

  • Curtir 1

Compartilhar este post


Link para o post
Compartilhar em outros sites

Conforme disse, nada nos leva a crer que seu computador esteja infectado. Você pode tentar a ferramenta FixIT da Microsoft, já vi bons resultados com ela.

Caso ainda tenha dúvidas, recomendo que poste em sistemas operacionais.

Compartilhar este post


Link para o post
Compartilhar em outros sites





Sobre o Clube do Hardware

No ar desde 1996, o Clube do Hardware é uma das maiores, mais antigas e mais respeitadas publicações sobre tecnologia do Brasil. Leia mais

Direitos autorais

Não permitimos a cópia ou reprodução do conteúdo do nosso site, fórum, newsletters e redes sociais, mesmo citando-se a fonte. Leia mais

×