Ir ao conteúdo
  • Cadastre-se
Bruna Green

Notebook lento, com links, propagandas e janelas indesejadas

Recommended Posts

Olá, Boa tarde!

Meu notebook está lento e gostaria de fazer uma limpeza e entender melhor o que acontece.

O notebook demora bastante para ligar e ficar pronto para uso. Uso bastante o Firefox e faz um tempo que ele trava quando eu o abro, aí tenho que esperar ele destravar para usá-lo, o que demora mais um tempo. Na internet, como aqui no clube, aparecem links no meio dos textos e propagandas o tempo todo. No Explorer janelas se abrem a cada vez que clico em algum link (mesmo que seja confiável e comum) e eu o uso para acessar o banco. Gostaria de deletar tudo o que não quero nele e torná-lo mais rápido e sem essas ações indesejadas.

Info adicional: Ano passado meu namorado conseguiu minha senha do facebook (hoje em dia nem tenho mais) usando o Keylogger no notebook dele. Depois disso não me sinto mais segura nem usando meu próprio notebook, então baixei os programas ZoneAlarm e Spybot para ver se ele instalou o Keylogger no meu notebook também. Agora estou com anti-vírus demais e vou procurar aprender aqui no clube, no "Segurança da Informação" como manter o notebook seguro de forma simples e eficaz - mas farei isso apenas depois de seguir as instruções que me derem aqui para limpar meu sistema.

Log do DDS:

DDS (Ver_2012-11-20.01) - NTFS_AMD64

Internet Explorer: 10.0.9200.16660 BrowserJavaVersion: 10.9.2

Run by Bruna at 13:38:32 on 2013-08-25

Microsoft Windows 7 Home Basic 6.1.7601.1.1252.55.1046.18.3948.2274 [GMT -3:00]

.

AV: ZoneAlarm Free Firewall Antivirus *Disabled/Updated* {DE038A5B-9EDD-18A9-2361-FF7D98D43730}

SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

SP: Spybot - Search and Destroy *Enabled/Outdated* {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}

SP: ZoneAlarm Free Firewall Anti-Spyware *Disabled/Updated* {65626BBF-B8E7-1727-19D1-C40FE3537D8D}

FW: ZoneAlarm Free Firewall Firewall *Disabled* {E6380B7E-D4B2-19F1-083E-56486607704B}

.

============== Running Processes ===============

.

C:\Windows\system32\lsm.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\system32\svchost.exe -k RPCSS

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k NetworkService

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe

C:\Windows\System32\spoolsv.exe

C:\Windows\system32\taskhost.exe

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

C:\Windows\System32\igfxtray.exe

C:\Windows\System32\hkcmd.exe

C:\Windows\System32\igfxpers.exe

C:\Program Files\Elantech\ETDCtrl.exe

C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe

C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe

C:\Windows\system32\taskeng.exe

C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe

C:\Program Files (x86)\uTorrent\uTorrent.exe

C:\Program Files (x86)\Gadwin Systems\PrintScreen\PrintScreen.exe

C:\Program Files (x86)\Acer\clear.fi\MVP\.\Kernel\DMR\DMREngine.exe

C:\Program Files\HP\HP Deskjet 3510 series\Bin\ScanToPCActivationApp.exe

C:\Program Files\HP\HP Deskjet 3510 series\Bin\ScanToPCActivationApp.exe

C:\Program Files\Windows Sidebar\sidebar.exe

C:\Users\Bruna\AppData\Roaming\DefaultTab\DefaultTab\DTUpdate.exe

C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe

C:\Windows\system32\RunDll32.exe

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\Program Files (x86)\Acer\Registration\GREGsvc.exe

C:\Windows\SysWOW64\svchost.exe -k hpdevmgmt

C:\Program Files\Acer\Acer Updater\UpdaterService.exe

C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe

C:\Dolby PCEE4\pcee4.exe

C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe

C:\Windows\splwow64.exe

C:\Program Files\HP\HP Deskjet 3510 series\Bin\HPNetworkCommunicatorCom.exe

C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

C:\Program Files (x86)\iTunes\iTunesHelper.exe

C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe

C:\Program Files (x86)\Scpad\scpVista.exe

C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe

C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe

C:\Windows\system32\svchost.exe -k imgsvc

C:\Windows\System32\svchost.exe -k WerSvcGroup

C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe

C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe

C:\Program Files\iPod\bin\iPodService.exe

C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

C:\Program Files\Elantech\ETDCtrlHelper.exe

C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe

C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

C:\Windows\System32\svchost.exe -k secsvcs

C:\Program Files\Windows Media Player\wmpnetwk.exe

C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe

C:\Windows\system32\taskeng.exe

C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe

C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe

C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

C:\Windows\system32\wuauclt.exe

C:\Windows\system32\SearchIndexer.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Windows\system32\vssvc.exe

C:\Windows\System32\svchost.exe -k swprv

C:\Windows\system32\SearchProtocolHost.exe

C:\Windows\system32\SearchFilterHost.exe

C:\Windows\system32\igfxsrvc.exe

C:\Windows\System32\cscript.exe

.

============== Pseudo HJT Report ===============

.

uStart Page = hxxp://www.bradescopessoajuridica.com.br/

uDefault_Page_URL = hxxp://acer.msn.com

uURLSearchHooks: {e0301295-ab3e-4af3-979f-3d453c5f9f48} - <orphaned>

mWinlogon: Userinit = userinit.exe

BHO: HP Print Enhancer: {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll

BHO: ssh2 Class: {2E3C3651-B19C-4DD9-A979-901EC3E930AF} - C:\Program Files (x86)\Scpad\scpsssh2.dll

BHO: safe asave: {4D46598F-58A7-97F5-46A2-417A74E38984} - C:\ProgramData\safe asave\51f338efaec2e.dll

BHO: Spybot-S&D IE Protection: {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHelper.dll

BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll

BHO: Funmoods Helper Object: {75EBB0AA-4214-4CB4-90EC-E3E07ECD04F7} -

BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll

BHO: DefaultTab Browser Helper: {7F6AFBF1-E065-4627-A2FD-810366367D01} - C:\Users\Bruna\AppData\Roaming\DefaultTab\DefaultTab\DefaultTabBHO.dll

BHO: ZoneAlarm Security Engine Registrar: {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} - C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\TrustCheckerIEPlugin.dll

BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll

BHO: HP Smart BHO Class: {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll

TB: Funmoods Toolbar: {A4C272EC-ED9E-4ACE-A6F2-9558C7F29EF3} -

TB: ZoneAlarm Security Engine: {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\TrustCheckerIEPlugin.dll

EB: HP Smart Web Printing: {555D4D79-4BD2-4094-A395-CFC534424A05} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_bho.dll

EB: HP Smart Web Printing: {555D4D79-4BD2-4094-A395-CFC534424A05} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_bho.dll

uRun: [AdobeBridge] <no file>

mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

mRun: [backupManagerTray] "C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe" -h -k

mRun: [Dolby Advanced Audio v2] "C:\Dolby PCEE4\pcee4.exe" -autostart

mRun: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"

mRun: [switchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe

mRun: [AdobeCS6ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin

mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime

mRun: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2013\avgui.exe" /TRAYONLY

mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"

mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"

mRun: [sDTray] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"

mRun: [ZoneAlarm] "C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe"

mRun: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe

mRun: [uSB Gamepad] C:\Windows\USB Vibration\dr100&110\USB Gamepad.exe -boot

dRunOnce: [isMyWinLockerReboot] msiexec.exe /qn /x{voidguid}

StartupFolder: C:\Users\Bruna\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\MONITO~2.LNK - C:\Windows\System32\RunDll32.exe

StartupFolder: C:\Users\Bruna\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\MONITO~1.LNK - C:\Windows\System32\RunDll32.exe

uPolicies-Explorer: NoDriveTypeAutoRun = dword:145

mPolicies-Explorer: NoActiveDesktop = dword:1

mPolicies-Explorer: NoActiveDesktopChanges = dword:1

mPolicies-System: ConsentPromptBehaviorAdmin = dword:5

mPolicies-System: ConsentPromptBehaviorUser = dword:3

mPolicies-System: EnableUIADesktopToggle = dword:0

IE: Add to Evernote 4.0 - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204

IE: E&xportar para o Microsoft Excel - C:\PROGRA~2\MICROS~4\Office12\EXCEL.EXE/3000

IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll

IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}

IE: {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204

IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll

IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHelper.dll

.

INFO: HKCU has more than 50 listed domains.

If you wish to scan all of them, select the 'Force scan all domains' option.

.

.

INFO: HKLM has more than 50 listed domains.

If you wish to scan all of them, select the 'Force scan all domains' option.

.

DPF: {9EC30204-384D-11D3-9CA3-00A024F0AF03} - hxxps://cpne.bradesco.com.br/certifexp.cab

TCP: NameServer = 187.3.240.15 187.3.240.16 192.168.0.1

TCP: Interfaces\{4CE2E124-3074-494F-A48A-D8E36E4668CF} : DHCPNameServer = 201.17.0.94 201.17.0.62 201.6.4.116

TCP: Interfaces\{F14AA23F-38BD-425B-83DC-C9961FE5DC40} : DHCPNameServer = 187.3.240.15 187.3.240.16 192.168.0.1

TCP: Interfaces\{F14AA23F-38BD-425B-83DC-C9961FE5DC40}\5446E6569702D20284F6D656 : DHCPNameServer = 192.168.1.1

TCP: Interfaces\{F14AA23F-38BD-425B-83DC-C9961FE5DC40}\C696D60756A716 : DHCPNameServer = 192.168.0.1

Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll

Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll

Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

Notify: SDWinLogon - SDWinLogon.dll

AppInit_DLLs= c:\progra~2\safesa~1\sprote~1.dll

SSODL: WebCheck - <orphaned>

SSODL: CompIBBrd - {A3717295-941D-416F-9384-ED1736729F1C} - C:\Program Files (x86)\Scpad\scpLIB.dll

SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll

mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.57\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome

x64-BHO: ZoneAlarm Security Engine Registrar: {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} - C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll

x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

x64-TB: ZoneAlarm Security Engine: {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll

x64-Run: [igfxTray] C:\Windows\System32\igfxtray.exe

x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe

x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe

x64-Run: [intelTBRunOnce] wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs"

x64-Run: [ETDCtrl] C:\Program Files (x86)\Elantech\ETDCtrl.exe

x64-Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s

x64-Run: [RtHDVBg_Dolby] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /FORPCEE4

x64-Run: [Power Management] C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe

x64-Run: [AdobeAAMUpdater-1.0] "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"

x64-Run: [iSW] <no file>

.

INFO: x64-HKLM has more than 50 listed domains.

If you wish to scan all of them, select the 'Force scan all domains' option.

.

x64-Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - <orphaned>

x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>

x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>

x64-Notify: igfxcui - igfxdev.dll

x64-SSODL: WebCheck - <orphaned>

Hosts: 127.0.0.1 www.spywareinfo.com

.

================= FIREFOX ===================

.

FF - ProfilePath - C:\Users\Bruna\AppData\Roaming\Mozilla\Firefox\Profiles\18xyjik7.default\

FF - prefs.js: browser.search.defaulturl -

FF - prefs.js: browser.search.selectedEngine -

FF - prefs.js: keyword.URL -

FF - prefs.js: browser.startup.homepage -

FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll

FF - plugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll

FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll

FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll

FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrlui.dll

FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

FF - plugin: C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\npFFApi.dll

FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll

FF - plugin: C:\Windows\SysWOW64\npDeployJava1.dll

FF - plugin: C:\Windows\SysWOW64\npmproxy.dll

FF - ExtSQL: 2013-07-27 10:42; yy8twb@thdio-.com; C:\Users\Bruna\AppData\Roaming\Mozilla\Firefox\Profiles\18xyjik7.default\extensions\yy8twb@thdio-.com

FF - ExtSQL: !HIDDEN! 2012-08-13 12:52; smartwebprinting@hp.com; C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3

.

---- FIREFOX POLICIES ----

FF - user.js: extensions.BabylonToolbar_i.babTrack - affID=113480&tt=2912_5

FF - user.js: extensions.BabylonToolbar_i.babExt -

FF - user.js: extensions.BabylonToolbar_i.srcExt - ss

FF - user.js: extensions.BabylonToolbar_i.id - 3e4515970000000000005cc9d309171c

FF - user.js: extensions.BabylonToolbar_i.hardId - 3e4515970000000000005cc9d309171c

FF - user.js: extensions.BabylonToolbar_i.instlDay - 15541

FF - user.js: extensions.BabylonToolbar_i.vrsn - 1.5.3.17

FF - user.js: extensions.BabylonToolbar_i.vrsni - 1.5.3.17

FF - user.js: extensions.BabylonToolbar_i.vrsnTs - 1.5.3.1722:47:39

FF - user.js: extensions.BabylonToolbar_i.prtnrId - babylon

FF - user.js: extensions.BabylonToolbar_i.prdct - BabylonToolbar

FF - user.js: extensions.BabylonToolbar_i.aflt - babsst

FF - user.js: extensions.BabylonToolbar_i.smplGrp - none

FF - user.js: extensions.BabylonToolbar_i.tlbrId - tb9

FF - user.js: extensions.BabylonToolbar_i.instlRef - sst

FF - user.js: extensions.funmoods.hmpg - true

FF - user.js: extensions.funmoods.hmpgUrl - hxxp://start.funmoods.com/?f=1&a=ironpub&chnl=ironpub&cd=2XzuyEtN2Y1L1Qzu0D0CtD0E0AtC0B0E0C0CyDyBtCyDzyyBtN0D0Tzu0StBtAyBtN1L2XzutBtFtCtFtCtFtAtCtB&cr=1028842916

FF - user.js: extensions.funmoods.dfltSrch - true

FF - user.js: extensions.funmoods.srchPrvdr - Search

FF - user.js: extensions.funmoods.dnsErr - true

FF - user.js: extensions.funmoods_i.newTab - true

FF - user.js: extensions.funmoods.newTabUrl - hxxp://start.funmoods.com/?f=2&a=ironpub&chnl=ironpub&cd=2XzuyEtN2Y1L1Qzu0D0CtD0E0AtC0B0E0C0CyDyBtCyDzyyBtN0D0Tzu0StBtAyBtN1L2XzutBtFtCtFtCtFtAtCtB&cr=1028842916

FF - user.js: extensions.funmoods.tlbrSrchUrl - hxxp://start.funmoods.com/?f=3&a=ironpub&chnl=ironpub&cd=2XzuyEtN2Y1L1Qzu0D0CtD0E0AtC0B0E0C0CyDyBtCyDzyyBtN0D0Tzu0StBtAyBtN1L2XzutBtFtCtFtCtFtAtCtB&cr=1028842916&q=

FF - user.js: extensions.funmoods.id - DC0EA1BECC571597

FF - user.js: extensions.funmoods.instlDay - 15577

FF - user.js: extensions.funmoods.vrsn - 1.5.23.22

FF - user.js: extensions.funmoods.vrsni - 1.5.23.22

FF - user.js: extensions.funmoods_i.vrsnTs - 1.5.23.2210:24:43

FF - user.js: extensions.funmoods.prtnrId - funmoods

FF - user.js: extensions.funmoods.prdct - funmoods

FF - user.js: extensions.funmoods.aflt - ironpub

FF - user.js: extensions.funmoods_i.smplGrp - none

FF - user.js: extensions.funmoods.tlbrId - base

FF - user.js: extensions.funmoods.instlRef - ironpub

FF - user.js: extensions.funmoods.dfltLng -

FF - user.js: extensions.funmoods.excTlbr - false

FF - user.js: extensions.funmoods.autoRvrt - false

FF - user.js: extensions.funmoods.envrmnt - production

FF - user.js: extensions.funmoods.isdcmntcmplt - true

FF - user.js: extensions.funmoods.mntrvrsn - 1.3.0

.

============= SERVICES / DRIVERS ===============

.

R2 DefaultTabUpdate;DefaultTabUpdate;C:\Users\Bruna\AppData\Roaming\DefaultTab\DefaultTab\DTUpdate.exe [2013-3-24 107520]

R2 ePowerSvc;ePower Service;C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe [2012-5-14 872552]

R2 GREGService;GREGService;C:\Program Files (x86)\Acer\Registration\GREGsvc.exe [2011-5-29 36456]

R2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-10-17 13592]

R2 ISWKL;ZoneAlarm LTD Toolbar ISWKL;C:\Program Files\CheckPoint\ZAForceField\ISWKL.sys [2012-11-22 33712]

R2 IswSvc;ZoneAlarm LTD Toolbar IswSvc;C:\Program Files\CheckPoint\ZAForceField\ISWSVC.exe [2012-11-22 828072]

R2 Live Updater Service;Live Updater Service;C:\Program Files\Acer\Acer Updater\UpdaterService.exe [2011-10-17 244624]

R2 LMIRfsDriver;LogMeIn Remote File System Driver;C:\Windows\System32\drivers\LMIRfsDriver.sys [2012-7-20 72216]

R2 NOBU;Norton Online Backup;C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2010-6-1 2804568]

R2 NTI IScheduleSvc;NTI IScheduleSvc;C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [2011-4-23 256832]

R2 scpVista;scpVista;C:\Program Files (x86)\Scpad\scpVista.exe [2013-1-16 360640]

R2 SDScannerService;Spybot-S&D 2 Scanner Service;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [2013-4-16 1103392]

R2 SDUpdateService;Spybot-S&D 2 Updating Service;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2013-4-16 1369624]

R2 SDWSCService;Spybot-S&D 2 Security Center Service;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [2013-4-16 168384]

R2 TurboB;Turbo Boost UI Monitor driver;C:\Windows\System32\drivers\TurboB.sys [2010-11-29 16120]

R2 UNS;Intel® Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2011-10-17 2656280]

R3 b57xdbd;Broadcom xD Picture Bus Driver Service;C:\Windows\System32\drivers\b57xdbd.sys [2011-1-20 67624]

R3 b57xdmp;Broadcom xD Picture vstorp client drv;C:\Windows\System32\drivers\b57xdmp.sys [2011-1-20 19496]

R3 bScsiMSa;bScsiMSa;C:\Windows\System32\drivers\bScsiMSa.sys [2011-5-16 51240]

R3 bScsiSDa;bScsiSDa;C:\Windows\System32\drivers\bScsiSDa.sys [2011-5-6 86056]

R3 ETD;ELAN PS/2 Port Input Device;C:\Windows\System32\drivers\ETD.sys [2011-10-17 142632]

R3 IntcDAud;Áudio do vídeo Intel®;C:\Windows\System32\drivers\IntcDAud.sys [2011-10-17 317440]

R3 k57nd60a;Broadcom NetLink Gigabit Ethernet - NDIS 6.0;C:\Windows\System32\drivers\k57nd60a.sys [2011-5-10 425000]

S2 AVGIDSAgent;AVGIDSAgent;C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe [2012-11-15 5814904]

S2 avgwd;Watchdog do AVG;C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe [2012-10-22 196664]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]

S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]

S2 DefaultTabSearch;DefaultTabSearch;C:\Program Files (x86)\DefaultTab\DefaultTabSearch.exe [2013-2-11 572928]

S2 RelevantKnowledge;RelevantKnowledge;C:\Program Files (x86)\RelevantKnowledge\rlservice.exe /service --> C:\Program Files (x86)\RelevantKnowledge\rlservice.exe [?]

S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-2-28 161384]

S3 androidusb;SAMSUNG Android Composite ADB Interface Driver;C:\Windows\System32\drivers\ssadadb.sys [2011-5-13 36328]

S3 h647906;DragonRise H647906 AMD64 Driver;C:\Windows\System32\drivers\h647906.sys [2013-7-27 63856]

S3 h648101;DragonRise H648101 AMD64 Driver;C:\Windows\System32\drivers\h648101.sys [2013-7-27 65776]

S3 h648103;DragonRise H648103 AMD64 Driver;C:\Windows\System32\drivers\h648103.sys [2013-7-27 62960]

S3 RTL8192su;Realtek RTL8192SU Wireless LAN 802.11n USB 2.0 Network Adapter;C:\Windows\System32\drivers\rtl8192su.sys [2012-11-24 676864]

S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);C:\Windows\System32\drivers\ssadbus.sys [2011-5-13 157672]

S3 ssadmdfl;SAMSUNG Android USB Modem (Filter);C:\Windows\System32\drivers\ssadmdfl.sys [2011-5-13 16872]

S3 ssadmdm;SAMSUNG Android USB Modem Drivers;C:\Windows\System32\drivers\ssadmdm.sys [2011-5-13 177640]

S3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM);C:\Windows\System32\drivers\ssadserd.sys [2011-5-13 146920]

S3 SwitchBoard;Adobe SwitchBoard;C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-2-19 517096]

S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2010-11-21 59392]

S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2010-11-21 31232]

S3 TurboBoost;Intel® Turbo Boost Technology Monitor 2.0;C:\Program Files\Intel\TurboBoost\TurboBoost.exe [2010-11-29 149504]

S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2012-12-13 54784]

S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]

.

=============== Created Last 30 ================

.

2013-08-25 16:20:50 656048 ----a-w- C:\ProgramData\uninstall1250424.exe

2013-08-25 16:20:08 656048 ----a-w- C:\ProgramData\uninstall1208415.exe

2013-08-25 16:16:36 76232 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{F2CE476F-C056-46A5-BFC9-8B1D8C4BCEEA}\offreg.dll

2013-08-23 19:23:34 9515512 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{F2CE476F-C056-46A5-BFC9-8B1D8C4BCEEA}\mpengine.dll

2013-08-21 23:31:14 17737608 ----a-w- C:\Windows\SysWow64\FlashPlayerInstaller.exe

2013-08-15 13:54:04 1217024 ----a-w- C:\Windows\System32\rpcrt4.dll

2013-08-15 13:54:02 663552 ----a-w- C:\Windows\SysWow64\rpcrt4.dll

2013-08-15 13:53:57 1472512 ----a-w- C:\Windows\System32\crypt32.dll

2013-08-15 13:53:56 224256 ----a-w- C:\Windows\System32\wintrust.dll

2013-08-15 13:53:56 184320 ----a-w- C:\Windows\System32\cryptsvc.dll

2013-08-15 13:53:56 175104 ----a-w- C:\Windows\SysWow64\wintrust.dll

2013-08-15 13:53:56 140288 ----a-w- C:\Windows\SysWow64\cryptsvc.dll

2013-08-15 13:53:56 139776 ----a-w- C:\Windows\System32\cryptnet.dll

2013-08-15 13:53:56 1166848 ----a-w- C:\Windows\SysWow64\crypt32.dll

2013-08-15 13:53:56 103936 ----a-w- C:\Windows\SysWow64\cryptnet.dll

2013-08-15 13:49:01 2048 ----a-w- C:\Windows\SysWow64\tzres.dll

2013-08-15 13:49:01 2048 ----a-w- C:\Windows\System32\tzres.dll

2013-08-13 16:13:15 -------- d-----w- C:\log

2013-07-29 14:40:37 -------- d-----w- C:\Windows\System32\MRT

2013-07-27 03:10:48 -------- d--h--w- C:\Windows\msdownld.tmp

2013-07-27 03:10:38 -------- d-----w- C:\Windows\SysWow64\directx

2013-07-27 03:09:01 62960 ----a-w- C:\Windows\System32\drivers\h648103.sys

2013-07-27 03:07:05 -------- d-----w- C:\ProgramData\StarApp

2013-07-27 03:05:35 -------- d-----w- C:\Program Files (x86)\SafeSaver

2013-07-27 03:05:26 -------- d-----w- C:\ProgramData\safe asave

2013-07-27 03:04:09 -------- d-----w- C:\ProgramData\InstallMate

2013-07-27 02:48:02 -------- d-----w- C:\Program Files\VID_0E8F&PID_0012

2013-07-27 02:48:02 -------- d-----w- C:\Program Files (x86)\VID_0E8F&PID_0012

2013-07-27 02:47:06 63488 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\ISBEW64.exe

2013-07-27 02:47:06 184320 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\iuser.dll

2013-07-27 02:47:05 753664 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\iKernel.dll

2013-07-27 02:47:05 69714 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\ctor.dll

2013-07-27 02:47:05 5632 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\DotNetInstaller.exe

2013-07-27 02:47:05 274432 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\iscript.dll

2013-07-27 02:47:05 200836 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\iGdi.dll

2013-07-27 02:47:04 331908 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\setup.dll

2013-07-27 02:21:08 -------- d-----w- C:\Users\Bruna\AppData\Roaming\GetRightToGo

.

==================== Find3M ====================

.

2013-08-21 23:31:22 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl

2013-08-21 23:31:22 692104 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe

2013-07-26 05:13:37 2241024 ----a-w- C:\Windows\System32\wininet.dll

2013-07-26 05:12:08 3958784 ----a-w- C:\Windows\System32\jscript9.dll

2013-07-26 05:12:04 136704 ----a-w- C:\Windows\System32\iesysprep.dll

2013-07-26 05:12:03 67072 ----a-w- C:\Windows\System32\iesetup.dll

2013-07-26 03:35:08 2706432 ----a-w- C:\Windows\System32\mshtml.tlb

2013-07-26 03:13:24 1767936 ----a-w- C:\Windows\SysWow64\wininet.dll

2013-07-26 03:12:04 2877440 ----a-w- C:\Windows\SysWow64\jscript9.dll

2013-07-26 03:12:00 61440 ----a-w- C:\Windows\SysWow64\iesetup.dll

2013-07-26 03:12:00 109056 ----a-w- C:\Windows\SysWow64\iesysprep.dll

2013-07-26 02:49:14 2706432 ----a-w- C:\Windows\SysWow64\mshtml.tlb

2013-07-26 02:39:38 89600 ----a-w- C:\Windows\System32\RegisterIEPKEYs.exe

2013-07-26 01:59:38 71680 ----a-w- C:\Windows\SysWow64\RegisterIEPKEYs.exe

2013-07-25 09:25:54 1888768 ----a-w- C:\Windows\System32\WMVDECOD.DLL

2013-07-25 08:57:27 1620992 ----a-w- C:\Windows\SysWow64\WMVDECOD.DLL

2013-07-09 06:03:30 5550528 ----a-w- C:\Windows\System32\ntoskrnl.exe

2013-07-09 05:54:22 1732032 ----a-w- C:\Windows\System32\ntdll.dll

2013-07-09 05:53:12 243712 ----a-w- C:\Windows\System32\wow64.dll

2013-07-09 05:03:34 3968960 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe

2013-07-09 05:03:34 3913664 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe

2013-07-09 04:53:47 1292192 ----a-w- C:\Windows\SysWow64\ntdll.dll

2013-07-09 04:52:33 5120 ----a-w- C:\Windows\SysWow64\wow32.dll

2013-07-09 04:45:07 44032 ----a-w- C:\Windows\apppatch\acwow64.dll

2013-07-09 02:49:42 25600 ----a-w- C:\Windows\SysWow64\setup16.exe

2013-07-09 02:49:41 7680 ----a-w- C:\Windows\SysWow64\instnm.exe

2013-07-09 02:49:39 14336 ----a-w- C:\Windows\SysWow64\ntvdm64.dll

2013-07-09 02:49:38 2048 ----a-w- C:\Windows\SysWow64\user.exe

2013-07-06 06:03:53 1910208 ----a-w- C:\Windows\System32\drivers\tcpip.sys

2013-06-19 20:44:16 2526056 ----a-w- C:\Windows\System32\D3DCompiler_43.dll

2013-06-19 20:44:16 2401112 ----a-w- C:\Windows\System32\d3dx9_43.dll

2013-06-19 20:44:16 2106216 ----a-w- C:\Windows\SysWow64\D3DCompiler_43.dll

2013-06-19 20:44:16 1998168 ----a-w- C:\Windows\SysWow64\d3dx9_43.dll

2013-06-15 04:32:16 39936 ----a-w- C:\Windows\System32\drivers\tssecsrv.sys

2013-06-08 15:51:25 107368 ----a-w- C:\Windows\System32\LMIRfsClientNP.dll

2013-06-08 15:51:23 35656 ----a-w- C:\Windows\System32\LMIport.dll

2013-06-08 15:51:23 100680 ----a-w- C:\Windows\System32\LMIinit.dll

2013-06-05 03:34:27 3153920 ----a-w- C:\Windows\System32\win32k.sys

2013-06-04 06:00:13 624128 ----a-w- C:\Windows\System32\qedit.dll

2013-06-04 04:53:07 509440 ----a-w- C:\Windows\SysWow64\qedit.dll

2013-05-30 15:25:46 107368 ----a-w- C:\Windows\System32\LMIRfsClientNP.dll.000.bak

.

============= FINISH: 13:38:45,50 ===============

Attach:

.

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

.

DDS (Ver_2012-11-20.01)

.

Microsoft Windows 7 Home Basic

Boot Device: \Device\HarddiskVolume2

Install Date: 13/07/2012 23:21:19

System Uptime: 25/08/2013 11:40:37 (2 hours ago)

.

Motherboard: Acer | | JE50_HR

Processor: Intel® Core i5-2450M CPU @ 2.50GHz | CPU1 | 2501/1333mhz

.

==== Disk Partitions =========================

.

C: is FIXED (NTFS) - 448 GiB total, 65,479 GiB free.

D: is CDROM (CDFS)

.

==== Disabled Device Manager Items =============

.

==== System Restore Points ===================

.

RP143: 15/08/2013 17:45:38 - Windows Update

RP144: 20/08/2013 10:37:31 - Windows Update

RP145: 23/08/2013 16:21:57 - Windows Update

RP146: 25/08/2013 12:40:33 - Windows Update

RP147: 25/08/2013 12:43:08 - Removido Ac Ordem Oficina

RP148: 25/08/2013 12:45:22 - Removed Bonjour

RP149: 25/08/2013 12:51:26 - Windows Update

RP150: 25/08/2013 13:23:20 - Removed LogMeIn

RP151: 25/08/2013 13:24:27 - Removed Microsoft Silverlight

RP152: 25/08/2013 13:26:16 - Removed newsXpresso

.

==== Installed Programs ======================

.

???? ??? Windows Live

???? Windows Live

????? Windows Live

?????? ??????? ?? Windows Live

???????? ?????????? Windows Live

?????????? Windows Live

??????????? ?? Windows Live

365PowerOff version 2.8

7-Zip 9.20 (x64 edition)

Acer Backup Manager

Acer Crystal Eye Webcam

Acer ePower Management

Acer eRecovery Management

Acer Games

Acer Registration

Acer ScreenSaver

Acer Updater

Adobe AIR

Adobe Flash Player 11 ActiveX

Adobe Flash Player 11 Plugin

Adobe Photoshop CS6

Adobe Reader X (10.1.7) MUI

Animated Wallpaper - Hyperspace 3D

Apple Mobile Device Support

Apple Software Update

µTorrent

Atualização do produto Microsoft Office Excel 2007 Help (KB963678)

Atualização do produto Microsoft Office Outlook 2007 Help (KB963677)

Atualização do produto Microsoft Office Powerpoint 2007 Help (KB963669)

Atualização do produto Microsoft Office Word 2007 Help (KB963665)

Aulete digital

AVG 2013

Backup Manager V3

Broadcom Card Reader Driver Installer

Broadcom NetLink Controller

BufferChm

clear.fi

clear.fi Client

Cobrança CAIXA

D1500

D3DX10

DefaultTab

DeviceDiscovery

DJ_SF_03_D1500_Software_Min

Dolby Advanced Audio v2

ETDWare PS/2-X64 8.0.6.3_WHQL

Evernote v. 4.5.1

Fooz Kids Platform

Fotogalerija Windows Live

Gadwin PrintScreen

Galeria de Fotografias do Windows Live

Galeria fotografii uslugi Windows Live

Galeria fotogràfica del Windows Live

Galerie de photos Windows Live

Galerie foto Windows Live

Galería fotográfica de Windows Live

Google Chrome

Google Earth

Google Update Helper

GPBaseService2

HP Customer Participation Program 13.0

HP Deskjet 3510 series Ajuda

HP Deskjet 3510 series Estudo de aprimoramento de produtos

HP Deskjet 3510 series Software básico do dispositivo

HP Deskjet D1500 Printer Driver Software 13.0 Rel. 3

HP FWUpdateEDO2

HP Imaging Device Functions 13.0

HP Photo Creations

HP Smart Web Printing 4.51

HP Solution Center 13.0

HP Update

HPDiagnosticAlert

HPPhotoGadget

HPPhotosmartEssential

HPProductAssistant

HPSSupply

Identity Card

Intel® Control Center

Intel® Management Engine Components

Intel® Processor Graphics

Intel® Rapid Storage Technology

iTunes

Java 7 Update 9

Java Auto Updater

JavaFX 2.1.1

Junk Mail filter update

MarketResearch

Mesh Runtime

Microsoft .NET Framework 4 Client Profile

Microsoft .NET Framework 4 Client Profile PTB Language Pack

Microsoft .NET Framework 4 Extended

Microsoft Application Error Reporting

Microsoft Office 2007 Service Pack 3 (SP3)

Microsoft Office Access MUI (Portuguese (Brazil)) 2007

Microsoft Office Enterprise 2007

Microsoft Office Excel MUI (Portuguese (Brazil)) 2007

Microsoft Office File Validation Add-In

Microsoft Office Groove MUI (Portuguese (Brazil)) 2007

Microsoft Office InfoPath MUI (Portuguese (Brazil)) 2007

Microsoft Office Office 64-bit Components 2007

Microsoft Office OneNote MUI (Portuguese (Brazil)) 2007

Microsoft Office Outlook MUI (Portuguese (Brazil)) 2007

Microsoft Office PowerPoint MUI (Portuguese (Brazil)) 2007

Microsoft Office Proof (English) 2007

Microsoft Office Proof (Portuguese (Brazil)) 2007

Microsoft Office Proof (Spanish) 2007

Microsoft Office Proofing (Portuguese (Brazil)) 2007

Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)

Microsoft Office Publisher MUI (Portuguese (Brazil)) 2007

Microsoft Office Shared 64-bit MUI (Portuguese (Brazil)) 2007

Microsoft Office Shared MUI (Portuguese (Brazil)) 2007

Microsoft Office Word MUI (Portuguese (Brazil)) 2007

Microsoft SQL Server 2005 Compact Edition [ENU]

Microsoft Visual C++ 2005 Redistributable

Microsoft Visual C++ 2005 Redistributable (x64)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219

Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219

Microsoft_VC80_CRT_x86

Microsoft_VC90_CRT_x86

Monitor da tecnologia Intel® Turbo Boost 2.0

Mozilla Firefox 23.0.1 (x86 pt-BR)

Mozilla Maintenance Service

MPC-HC 1.6.5.6366

MSVCRT

MSVCRT_amd64

MSXML 4.0 SP2 (KB954430)

MSXML 4.0 SP2 (KB973688)

Nikon Message Center 2

Nikon Movie Editor

Norton Online Backup

NTI Media Maker 9

OpenAL

Opera 12.15

Pacote de Idiomas do Microsoft .NET Framework 4 Client Profile - Português (Brasil)

PDF Settings CS6

Picture Control Utility

Poczta uslugi Windows Live

Podstawowe programy Windows Live

Pošta Windows Live

QuickTime

Raccolta foto di Windows Live

Real Alternative 2.0.2

Really Slick Screensavers 0.2

Realtek High Definition Audio Driver

Revo Uninstaller 1.94

S?????? f?t???af??? t?? Windows Live

safe asave

SafeSaver 1.74

SE-ScreenSavers 1.12.1.80

Secret Notes version 1.2.1

Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2736428)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2804576)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2835393)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628v2)

Security Update for Microsoft .NET Framework 4 Extended (KB2487367)

Security Update for Microsoft .NET Framework 4 Extended (KB2656351)

Security Update for Microsoft .NET Framework 4 Extended (KB2736428)

Security Update for Microsoft .NET Framework 4 Extended (KB2742595)

Security Update for Microsoft Office 2007 suites (KB2596615) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2687309) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2687311) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2687439) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2760416) 32-Bit Edition

Security Update for Microsoft Office Excel 2007 (KB2687307) 32-Bit Edition

Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition

Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition

Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition

Security Update for Microsoft Office Publisher 2007 (KB2597971) 32-Bit Edition

Security Update for Microsoft Office Word 2007 (KB2760421) 32-Bit Edition

Shop for HP Supplies

Short Movie Creator

SketchUp 2013

Skype™ 6.3

SmartWebPrinting

SolutionCenter

Spybot - Search & Destroy

Status

Suporte para Aplicativos Apple

Toolbox

TrayApp

UnloadSupport

Update for 2007 Microsoft Office System (KB967642)

Update for Microsoft .NET Framework 4 Client Profile (KB2468871)

Update for Microsoft .NET Framework 4 Client Profile (KB2533523)

Update for Microsoft .NET Framework 4 Client Profile (KB2600217)

Update for Microsoft .NET Framework 4 Client Profile (KB2836939)

Update for Microsoft .NET Framework 4 Extended (KB2468871)

Update for Microsoft .NET Framework 4 Extended (KB2533523)

Update for Microsoft .NET Framework 4 Extended (KB2600217)

Update for Microsoft .NET Framework 4 Extended (KB2836939)

Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition

Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition

Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition

Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition

Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition

Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition

Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition

Update for Microsoft Office Outlook 2007 (KB2768023) 32-Bit Edition

Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2817642) 32-Bit Edition

USB Dual Vibration Joystick

USB Network Driver

ViewNX 2

Visual Studio 2010 x64 Redistributables

WebReg

Weeny Free Audio Recorder 1.3

Welcome Center

WhiteCap

Windows Live

Windows Live ???

Windows Live ????

Windows Live Communications Platform

Windows Live Essentials

Windows Live Fotótár

Windows Live Fotogalerie

Windows Live Fotogalleri

Windows Live Fotogaléria

Windows Live Fotograf Galerisi

Windows Live Galeria de Fotos

Windows Live Galerija fotografija

Windows Live ID Sign-in Assistant

Windows Live Installer

Windows Live Language Selector

Windows Live Mail

Windows Live Mesh

Windows Live Messenger

Windows Live MIME IFilter

Windows Live Movie Maker

Windows Live Photo Common

Windows Live Photo Gallery

Windows Live PIMT Platform

Windows Live Remote Client

Windows Live Remote Client Resources

Windows Live Remote Service

Windows Live Remote Service Resources

Windows Live SOXE

Windows Live SOXE Definitions

Windows Live Temel Parçalar

Windows Live UX Platform

Windows Live UX Platform Language Pack

Windows Live Writer

Windows Live Writer Resources

Windows Liven asennustyökalu

Windows Liven sähköposti

Windows Liven valokuvavalikoima

WinRAR 4.20 (32-bit)

ZoneAlarm Antivirus

ZoneAlarm Firewall

ZoneAlarm Free Firewall

ZoneAlarm LTD Toolbar

ZoneAlarm Security

.

==== End Of File ===========================

Compartilhar este post


Link para o post
Compartilhar em outros sites

Baixe o Kaspersky AVP Tool de um desses 2 links:

http://devbuilds.kaspersky-labs.com/devbuilds/AVPTool/

http://dnl-us6.kaspersky-labs.com/devbuilds/AVPTool/

Você será conduzido a uma página da Kaspersky, solicitando um email para cadastro, nome e sobrenome. Somente o campo "email" é obrigatório.

Informe seu email depois clique no botão Submit Form.

A página será recarregada. Clique no botão Download

Salve-o em sua área de trabalho.

Execute o arquivo e aguarde a instalação.

** Usuários do Windows Vista e Windows 7:

Clique com o direito sobre o arquivo, depois clique em Executar como administrador

Na tela do contrato de licença, marque a opção I accept the license agreement e depois clique no botão Start. Aparentemente o programa congela e nada acontece. É normal, apenas aguarde até aparecer a tela inicial do programa, e então clique no ícone Settings:

KRT_settings.png

Nesta tela, marque a caixa ao lado de:

  • Meu Computador
  • Disco local (C:)

Marque também todas as unidades que aparecem abaixo de Disco Local, caso houverem. Depois clique na aba Automatic Scan

KRT_install2_.png

De volta à tela inicial do programa, clique no botão Start scanning

Tenha paciência, é um pouco demorado.

Quando terminar, caso tenha detectado algo, o programa irá lhe perguntar o que fazer.

Marque o quadradinho ao lado de Apply to all objects e depois clique em Skip (queremos apenas o log).

KRT_detection_.png

Enquanto durar o exame, a tela inicial exibirá uma barra de progresso. Quando terminar, o programa exibirá o status concluído e um botão que ficará na cor laranja, caso nada tenha sido detectado, e na cor vermelha, caso tenha encontrado algo.

Caso tenha detectado algo, o programa também exibirá uma tela de alerta, avisando que o seu sistema está desprotegido e sugerindo um produto da Kaspersky. Clique no botão No, thanks.

De volta à tela principal, caso tenha sido detectado algo, então salve o log. Se você fechar o programa e esquecer de salvar o log, terá que repetir todo o scan novamente.

Para salvar o log, clique no ícone Reports (ao lado do ícone "Settings"). Na próxima janela, clique em Detected Threats, depois clique no ícone de disquete para salvar o log.

Escolha um local de fácil acesso e salve como log.txt

Copie todo o conteúdo desse bloco de notas e cole na sua próxima resposta.

Se nada for detectado, então não precisa salvar o log. Apenas poste aqui avisando.

Para sair do programa, basta clicar no X no canto superior direito.

Compartilhar este post


Link para o post
Compartilhar em outros sites

Obrigada por me ajudar, Renato! ^_^

O programa Kaspersky detectou ameaças.

Tudo o que é do usuário "Convidado", que não for do próprio sistema, não é usado por mim.

Este é o log:

Status: Detected (events: 11)

28/08/2013 11:39:53 Detected adware not-a-virus:AdWare.Win32.Agent.aeph C:\Documents and Settings\All Users\InstallMate\{DD04E638-4923-4046-A2AD-010106E7C4CE}\Custom.dll Medium

28/08/2013 12:37:09 Detected adware not-a-virus:AdWare.Win32.Agent.aeph C:\Documents and Settings\Bruna\Downloads\DownloadManager.exe//data0005 Medium

28/08/2013 13:08:34 Detected Trojan program Trojan-Banker.Win32.Agent.qav C:\Documents and Settings\Convidado\Downloads\Comprovante (1).zip/Comprovante Financeiro.cpl High

28/08/2013 13:09:31 Detected Trojan program Trojan-Banker.Win32.Agent.qav C:\Documents and Settings\Convidado\Downloads\Comprovante.zip/Comprovante Financeiro.cpl High

28/08/2013 13:14:03 Detected adware not-a-virus:AdWare.Win32.Agent.aeph C:\Documents and Settings\Todos os Usuários\InstallMate\{DD04E638-4923-4046-A2AD-010106E7C4CE}\Custom.dll Medium

28/08/2013 13:52:36 Detected adware not-a-virus:AdWare.Win32.Agent.aeph C:\ProgramData\InstallMate\{DD04E638-4923-4046-A2AD-010106E7C4CE}\Custom.dll Medium

28/08/2013 13:59:44 Detected adware not-a-virus:AdWare.Win32.Agent.aeph C:\Users\All Users\InstallMate\{DD04E638-4923-4046-A2AD-010106E7C4CE}\Custom.dll Medium

28/08/2013 14:48:47 Detected adware not-a-virus:AdWare.Win32.Agent.aeph C:\Users\Bruna\Downloads\DownloadManager.exe//data0005 Medium

28/08/2013 15:18:50 Detected Trojan program Trojan-Banker.Win32.Agent.qav C:\Users\Convidado\Downloads\Comprovante (1).zip/Comprovante Financeiro.cpl High

28/08/2013 15:18:50 Detected Trojan program Trojan-Banker.Win32.Agent.qav C:\Users\Convidado\Downloads\Comprovante.zip/Comprovante Financeiro.cpl High

28/08/2013 15:23:39 Detected adware not-a-virus:AdWare.Win32.Agent.aeph C:\Users\Todos os Usuários\InstallMate\{DD04E638-4923-4046-A2AD-010106E7C4CE}\Custom.dll Medium

O que faço agora?

Compartilhar este post


Link para o post
Compartilhar em outros sites

Leia as instruções contidas neste link:

Nas instruções contidas no link acima, poderá verificar quais os fóruns onde os Analistas estão devidamente habilitados a utilizar corretamente a ferramenta:"Fóruns para receber ajuda com logs do ComboFix"

  1. Faça o download do ComboFix de um dos links oficiais listados abaixo e salve no seu desktop:

[*]Temporariamente e durante a execução destas instruções, é muito importante que mantenha desabilitados os seus programas de proteção (Antivirus, Antispyware e Firewall). Reative as proteções após a execução do(s) procedimento(s) abaixo mencionado(s).[*]Duplo clique no icone desktopicon.png que está no desktop.[*]Leia e aceite as condições, digitando 1 e enter.[*]Computadores com Windows XP deverão instalar o Console de Recuperação:

  • Se o seu computador tem instalado o Windows XP e ainda não tem instalado o Console de Recuperação, por favor certifique-se que está conectado à Internet, e clique em "Sim".
  • Clique em "OK" ao EULA.
  • Quando o Console de Recuperação estiver já instalado, clique em "SIM" para continuar.

[*]O ComboFix será executado, por favor seja paciente e aguarde. [*]Atenção: Não utilize o mouse nem o teclado enquanto a ferramenta estiver sendo executada, isso pode fazer com que o computador pare.[*]Poderá surgir o aviso que é necessário reiniciar o computador.

NÃO REINICIE!!! O ComboFix reiniciará o computador automaticamente.[*]Quando a ferramenta terminar de rodar, gerará um log (o arquivo C:\ComboFix.txt). Copie e cole o conteúdo desse arquivo na sua proxima resposta.

NÃO utilize a ferramenta por conta própria. É uma ferramenta poderosa criada pra lidar com infecções sofisticadas e caso não a utilize corretamente poderá danificar o seu computador.

  • Existem vários malwares que impedem a execução correta da ferramenta e com isso danificar gravemente o computador. Analistas habilitados a utilizar o ComboFix conhecem esses casos e sabem lidar com estas situações.
  • Muitos dos Analistas não respondem a topicos em que vejam que o ComboFix foi utilizado sem supervisão.
  • Existem varias ferramentas anti-malware generalistas em que os autores ao elaborarem a programação das mesmas, estão pensando nos usuários finais e para serem usadas sem supervisão. O Combofix não é uma ferramenta desse tipo, e assim sendo e até por respeito ao autor da ferramenta, não utilize sem supervisão.

Compartilhar este post


Link para o post
Compartilhar em outros sites

Olá!

Desculpe a demora, estava de mudança e com muita coisa para resolver, acabei adiando um pouco o cuidado com o pc.

Tive que desinstalar o programa Spybot, pois mesmo após fechá-lo o Combofix avisou que estava ativo e não consegui descobrir uma forma de desativá-lo.

Agora que terminei de seguir as instruções e usar o Combofix o rolamento do meu touchpad parou de funcionar, bem como o atalho nele mesmo para aumentar e diminuir zoom das páginas.

Segue o log:

log do Combofix:

ComboFix 13-09-17.01 - Bruna 17/09/2013 10:53:05.1.4 - x64

Microsoft Windows 7 Home Basic 6.1.7601.1.1252.55.1046.18.3948.2056 [GMT -3:00]

Executando de: c:\users\Bruna\Desktop\ComboFix.exe

AV: ZoneAlarm Free Firewall Antivirus *Disabled/Updated* {DE038A5B-9EDD-18A9-2361-FF7D98D43730}

FW: ZoneAlarm Free Firewall Firewall *Disabled* {E6380B7E-D4B2-19F1-083E-56486607704B}

SP: Spybot - Search and Destroy *Disabled/Outdated* {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}

SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

SP: ZoneAlarm Free Firewall Anti-Spyware *Disabled/Updated* {65626BBF-B8E7-1727-19D1-C40FE3537D8D}

.

.

((((((((((((((((((((((((((((((((((((( Outras Exclusões )))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

c:\program files (x86)\DefaultTab

c:\program files (x86)\DefaultTab\DefaultTab.crx

c:\program files (x86)\DefaultTab\DefaultTabSearch.exe

c:\program files (x86)\DefaultTab\uid

c:\program files (x86)\DefaultTab\uninstaller.exe

c:\programdata\logs

c:\programdata\Microsoft\Windows\Start Menu\Programs\safe asave

c:\programdata\Microsoft\Windows\Start Menu\Programs\safe asave\safe asave.lnk

c:\programdata\Microsoft\Windows\Start Menu\Programs\safe asave\Uninstall.lnk

c:\programdata\ntuser.dat

c:\programdata\safe asave

c:\programdata\safe asave\51f338efaec2e.dll

c:\programdata\safe asave\51f338efaec2e.tlb

c:\programdata\safe asave\data\safe asave.dat

c:\programdata\safe asave\settings.ini

c:\programdata\safe asave\uninstall.exe

c:\users\Bruna\AppData\Local\Google\Chrome\User Data\Default\Extensions\obpdncghdkjmbajbpjjfgnlnkfcepbbl

c:\users\Bruna\AppData\Local\Google\Chrome\User Data\Default\Extensions\obpdncghdkjmbajbpjjfgnlnkfcepbbl\1\51f338efae9e96.17898719.js

c:\users\Bruna\AppData\Local\Google\Chrome\User Data\Default\Extensions\obpdncghdkjmbajbpjjfgnlnkfcepbbl\1\background.html

c:\users\Bruna\AppData\Local\Google\Chrome\User Data\Default\Extensions\obpdncghdkjmbajbpjjfgnlnkfcepbbl\1\content.js

c:\users\Bruna\AppData\Local\Google\Chrome\User Data\Default\Extensions\obpdncghdkjmbajbpjjfgnlnkfcepbbl\1\lsdb.js

c:\users\Bruna\AppData\Local\Google\Chrome\User Data\Default\Extensions\obpdncghdkjmbajbpjjfgnlnkfcepbbl\1\manifest.json

c:\users\Bruna\AppData\Local\Google\Chrome\User Data\Default\Extensions\obpdncghdkjmbajbpjjfgnlnkfcepbbl\1\sqlite.js

c:\users\Bruna\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_obpdncghdkjmbajbpjjfgnlnkfcepbbl_0.localstorage-journal

c:\users\Bruna\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_obpdncghdkjmbajbpjjfgnlnkfcepbbl_0.localstorage

c:\users\Bruna\AppData\Local\Google\Chrome\User Data\Default\Preferences

c:\users\Bruna\AppData\Roaming\DefaultTab\DefaultTab

c:\users\Bruna\AppData\Roaming\DefaultTab\DefaultTab\addon.ico

c:\users\Bruna\AppData\Roaming\DefaultTab\DefaultTab\amazon_ie.ico

c:\users\Bruna\AppData\Roaming\DefaultTab\DefaultTab\DefaultTabBHO.cfg

c:\users\Bruna\AppData\Roaming\DefaultTab\DefaultTab\DefaultTabBHO.dll

c:\users\Bruna\AppData\Roaming\DefaultTab\DefaultTab\DefaultTabStart.exe

c:\users\Bruna\AppData\Roaming\DefaultTab\DefaultTab\DefaultTabStart64.exe

c:\users\Bruna\AppData\Roaming\DefaultTab\DefaultTab\DefaultTabUninstaller.exe

c:\users\Bruna\AppData\Roaming\DefaultTab\DefaultTab\DefaultTabWrap.dll

c:\users\Bruna\AppData\Roaming\DefaultTab\DefaultTab\DefaultTabWrap64.dll

c:\users\Bruna\AppData\Roaming\DefaultTab\DefaultTab\DT.ico

c:\users\Bruna\AppData\Roaming\DefaultTab\DefaultTab\DTUpdate.exe

c:\users\Bruna\AppData\Roaming\DefaultTab\DefaultTab\facebook_ie.ico

c:\users\Bruna\AppData\Roaming\DefaultTab\DefaultTab\search_here_ie.ico

c:\users\Bruna\AppData\Roaming\DefaultTab\DefaultTab\searchhere.ico

c:\users\Bruna\AppData\Roaming\DefaultTab\DefaultTab\twitter_ie.ico

c:\users\Bruna\AppData\Roaming\DefaultTab\DefaultTab\uninstalldt.exe

c:\users\Bruna\AppData\Roaming\DefaultTab\DefaultTab\update.exe

c:\users\Bruna\AppData\Roaming\DefaultTab\DefaultTab\wikipedia_ie.ico

c:\users\Bruna\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Monitorar alertas de tinta - .lnk

c:\users\Bruna\AppData\Roaming\Mozilla\Firefox\Profiles\18xyjik7.default\extensions\ffxtlbr@funmoods.com

c:\users\Bruna\AppData\Roaming\Mozilla\Firefox\Profiles\18xyjik7.default\extensions\ffxtlbr@funmoods.com\chrome.manifest

c:\users\Bruna\AppData\Roaming\Mozilla\Firefox\Profiles\18xyjik7.default\extensions\ffxtlbr@funmoods.com\content\funmoods.css

c:\users\Bruna\AppData\Roaming\Mozilla\Firefox\Profiles\18xyjik7.default\extensions\ffxtlbr@funmoods.com\content\funmoods.xul

c:\users\Bruna\AppData\Roaming\Mozilla\Firefox\Profiles\18xyjik7.default\extensions\ffxtlbr@funmoods.com\content\images\pref.jpg

c:\users\Bruna\AppData\Roaming\Mozilla\Firefox\Profiles\18xyjik7.default\extensions\ffxtlbr@funmoods.com\content\imgs\arwDwn.gif

c:\users\Bruna\AppData\Roaming\Mozilla\Firefox\Profiles\18xyjik7.default\extensions\ffxtlbr@funmoods.com\content\imgs\flgs\ae.png

c:\users\Bruna\AppData\Roaming\Mozilla\Firefox\Profiles\18xyjik7.default\extensions\ffxtlbr@funmoods.com\content\imgs\flgs\bg.png

c:\users\Bruna\AppData\Roaming\Mozilla\Firefox\Profiles\18xyjik7.default\extensions\ffxtlbr@funmoods.com\content\imgs\flgs\ch.png

c:\users\Bruna\AppData\Roaming\Mozilla\Firefox\Profiles\18xyjik7.default\extensions\ffxtlbr@funmoods.com\content\imgs\flgs\cn.png

c:\users\Bruna\AppData\Roaming\Mozilla\Firefox\Profiles\18xyjik7.default\extensions\ffxtlbr@funmoods.com\content\imgs\flgs\cz.png

c:\users\Bruna\AppData\Roaming\Mozilla\Firefox\Profiles\18xyjik7.default\extensions\ffxtlbr@funmoods.com\content\imgs\flgs\de.png

c:\users\Bruna\AppData\Roaming\Mozilla\Firefox\Profiles\18xyjik7.default\extensions\ffxtlbr@funmoods.com\content\imgs\flgs\eg.png

c:\users\Bruna\AppData\Roaming\Mozilla\Firefox\Profiles\18xyjik7.default\extensions\ffxtlbr@funmoods.com\content\imgs\flgs\en.png

c:\users\Bruna\AppData\Roaming\Mozilla\Firefox\Profiles\18xyjik7.default\extensions\ffxtlbr@funmoods.com\content\imgs\flgs\es.png

c:\users\Bruna\AppData\Roaming\Mozilla\Firefox\Profiles\18xyjik7.default\extensions\ffxtlbr@funmoods.com\content\imgs\flgs\fr.png

c:\users\Bruna\AppData\Roaming\Mozilla\Firefox\Profiles\18xyjik7.default\extensions\ffxtlbr@funmoods.com\content\imgs\flgs\gr.png

c:\users\Bruna\AppData\Roaming\Mozilla\Firefox\Profiles\18xyjik7.default\extensions\ffxtlbr@funmoods.com\content\imgs\flgs\he.png

c:\users\Bruna\AppData\Roaming\Mozilla\Firefox\Profiles\18xyjik7.default\extensions\ffxtlbr@funmoods.com\content\imgs\flgs\il.png

c:\users\Bruna\AppData\Roaming\Mozilla\Firefox\Profiles\18xyjik7.default\extensions\ffxtlbr@funmoods.com\content\imgs\flgs\it.png

c:\users\Bruna\AppData\Roaming\Mozilla\Firefox\Profiles\18xyjik7.default\extensions\ffxtlbr@funmoods.com\content\imgs\flgs\ja.png

c:\users\Bruna\AppData\Roaming\Mozilla\Firefox\Profiles\18xyjik7.default\extensions\ffxtlbr@funmoods.com\content\imgs\flgs\jp.png

c:\users\Bruna\AppData\Roaming\Mozilla\Firefox\Profiles\18xyjik7.default\extensions\ffxtlbr@funmoods.com\content\imgs\flgs\nl.png

c:\users\Bruna\AppData\Roaming\Mozilla\Firefox\Profiles\18xyjik7.default\extensions\ffxtlbr@funmoods.com\content\imgs\flgs\no.png

c:\users\Bruna\AppData\Roaming\Mozilla\Firefox\Profiles\18xyjik7.default\extensions\ffxtlbr@funmoods.com\content\imgs\flgs\pl.png

c:\users\Bruna\AppData\Roaming\Mozilla\Firefox\Profiles\18xyjik7.default\extensions\ffxtlbr@funmoods.com\content\imgs\flgs\pt.png

c:\users\Bruna\AppData\Roaming\Mozilla\Firefox\Profiles\18xyjik7.default\extensions\ffxtlbr@funmoods.com\content\imgs\flgs\ro.png

c:\users\Bruna\AppData\Roaming\Mozilla\Firefox\Profiles\18xyjik7.default\extensions\ffxtlbr@funmoods.com\content\imgs\flgs\ru.png

c:\users\Bruna\AppData\Roaming\Mozilla\Firefox\Profiles\18xyjik7.default\extensions\ffxtlbr@funmoods.com\content\imgs\flgs\sa.png

c:\users\Bruna\AppData\Roaming\Mozilla\Firefox\Profiles\18xyjik7.default\extensions\ffxtlbr@funmoods.com\content\imgs\flgs\se.png

c:\users\Bruna\AppData\Roaming\Mozilla\Firefox\Profiles\18xyjik7.default\extensions\ffxtlbr@funmoods.com\content\imgs\flgs\sv.png

c:\users\Bruna\AppData\Roaming\Mozilla\Firefox\Profiles\18xyjik7.default\extensions\ffxtlbr@funmoods.com\content\imgs\flgs\tr.png

c:\users\Bruna\AppData\Roaming\Mozilla\Firefox\Profiles\18xyjik7.default\extensions\ffxtlbr@funmoods.com\content\imgs\flgs\ua.png

c:\users\Bruna\AppData\Roaming\Mozilla\Firefox\Profiles\18xyjik7.default\extensions\ffxtlbr@funmoods.com\content\imgs\flgs\us.png

c:\users\Bruna\AppData\Roaming\Mozilla\Firefox\Profiles\18xyjik7.default\extensions\ffxtlbr@funmoods.com\content\imgs\help_16.gif

c:\users\Bruna\AppData\Roaming\Mozilla\Firefox\Profiles\18xyjik7.default\extensions\ffxtlbr@funmoods.com\content\imgs\home.gif

c:\users\Bruna\AppData\Roaming\Mozilla\Firefox\Profiles\18xyjik7.default\extensions\ffxtlbr@funmoods.com\content\imgs\logo.png

c:\users\Bruna\AppData\Roaming\Mozilla\Firefox\Profiles\18xyjik7.default\extensions\ffxtlbr@funmoods.com\content\imgs\privecy_16_hot.gif

c:\users\Bruna\AppData\Roaming\Mozilla\Firefox\Profiles\18xyjik7.default\extensions\ffxtlbr@funmoods.com\content\imgs\tellafriend.gif

c:\users\Bruna\AppData\Roaming\Mozilla\Firefox\Profiles\18xyjik7.default\extensions\ffxtlbr@funmoods.com\content\loader.xul

c:\users\Bruna\AppData\Roaming\Mozilla\Firefox\Profiles\18xyjik7.default\extensions\ffxtlbr@funmoods.com\content\mtstart.js

c:\users\Bruna\AppData\Roaming\Mozilla\Firefox\Profiles\18xyjik7.default\extensions\ffxtlbr@funmoods.com\content\preferences.xul

c:\users\Bruna\AppData\Roaming\Mozilla\Firefox\Profiles\18xyjik7.default\extensions\ffxtlbr@funmoods.com\content\tmplt.js

c:\users\Bruna\AppData\Roaming\Mozilla\Firefox\Profiles\18xyjik7.default\extensions\ffxtlbr@funmoods.com\install.rdf

c:\users\Bruna\AppData\Roaming\Mozilla\Firefox\Profiles\18xyjik7.default\extensions\ffxtlbr@funmoods.com\META-INF\le_c6a58f26_4d2d_4341_b387_c4f2289b6170.rsa

c:\users\Bruna\AppData\Roaming\Mozilla\Firefox\Profiles\18xyjik7.default\extensions\ffxtlbr@funmoods.com\META-INF\le_c6a58f26_4d2d_4341_b387_c4f2289b6170.sf

c:\users\Bruna\AppData\Roaming\Mozilla\Firefox\Profiles\18xyjik7.default\extensions\ffxtlbr@funmoods.com\META-INF\manifest.mf

c:\users\Bruna\AppData\Roaming\Mozilla\Firefox\Profiles\18xyjik7.default\extensions\yy8twb@thdio-.com

c:\users\Bruna\AppData\Roaming\Mozilla\Firefox\Profiles\18xyjik7.default\extensions\yy8twb@thdio-.com\bootstrap.js

c:\users\Bruna\AppData\Roaming\Mozilla\Firefox\Profiles\18xyjik7.default\extensions\yy8twb@thdio-.com\chrome.manifest

c:\users\Bruna\AppData\Roaming\Mozilla\Firefox\Profiles\18xyjik7.default\extensions\yy8twb@thdio-.com\install.rdf

c:\users\Convidado\AppData\Local\Google\Chrome\User Data\Default\Preferences

c:\windows\SysWow64\DEBUG.log

c:\windows\SysWow64\Logof.dll

c:\windows\wininit.ini

.

.

((((((((((((((((((((((((((((((((((((((( Drivers/Serviços )))))))))))))))))))))))))))))))))))))))))))))))))

.

.

-------\Service_DefaultTabSearch

-------\Service_RelevantKnowledge

-------\Service_DefaultTabUpdate

-------\Service_DefaultTabUpdate

.

.

(((((((((((((((( Arquivos/Ficheiros criados de 2013-08-17 to 2013-09-17 ))))))))))))))))))))))))))))

.

.

2013-09-17 12:32 . 2013-09-05 05:32 9694160 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{1FEF66ED-3CBA-449E-A391-48E73496E6B8}\mpengine.dll

2013-09-13 19:29 . 2013-09-13 19:29 4751752 ----a-w- c:\windows\SysWow64\FlashPlayerInstaller.exe

2013-09-12 21:21 . 2013-08-10 05:21 603136 ----a-w- c:\windows\system32\msfeeds.dll

2013-09-12 18:06 . 2013-08-05 02:25 155584 ----a-w- c:\windows\system32\drivers\ataport.sys

2013-09-12 18:05 . 2013-08-08 01:20 3155456 ----a-w- c:\windows\system32\win32k.sys

2013-09-12 18:05 . 2013-07-26 02:24 14172672 ----a-w- c:\windows\system32\shell32.dll

2013-09-12 18:05 . 2013-07-26 02:24 197120 ----a-w- c:\windows\system32\shdocvw.dll

2013-09-05 04:10 . 2013-09-05 04:10 -------- d-----w- c:\users\Bruna\AppData\Local\Steppschuh

2013-08-28 14:19 . 2013-08-28 14:19 -------- d-----w- c:\programdata\Kaspersky Lab

.

.

.

((((((((((((((((((((((((((((((((((((( Relatório Find3M ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2013-09-13 19:29 . 2012-07-19 21:48 692616 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe

2013-09-13 19:29 . 2011-10-17 07:44 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl

2013-09-12 21:19 . 2012-07-20 19:31 79143768 ----a-w- c:\windows\system32\MRT.exe

2013-08-07 07:22 . 2010-11-21 03:27 278800 ------w- c:\windows\system32\MpSigStub.exe

2013-08-02 01:48 . 2013-09-12 18:06 44032 ----a-w- c:\windows\apppatch\acwow64.dll

2013-07-25 09:25 . 2013-08-15 13:48 1888768 ----a-w- c:\windows\system32\WMVDECOD.DLL

2013-07-25 08:57 . 2013-08-15 13:48 1620992 ----a-w- c:\windows\SysWow64\WMVDECOD.DLL

2013-07-19 01:58 . 2013-08-15 13:49 2048 ----a-w- c:\windows\system32\tzres.dll

2013-07-19 01:41 . 2013-08-15 13:49 2048 ----a-w- c:\windows\SysWow64\tzres.dll

2013-07-09 05:52 . 2013-08-15 13:53 224256 ----a-w- c:\windows\system32\wintrust.dll

2013-07-09 05:51 . 2013-08-15 13:54 1217024 ----a-w- c:\windows\system32\rpcrt4.dll

2013-07-09 05:46 . 2013-08-15 13:53 1472512 ----a-w- c:\windows\system32\crypt32.dll

2013-07-09 05:46 . 2013-08-15 13:53 184320 ----a-w- c:\windows\system32\cryptsvc.dll

2013-07-09 05:46 . 2013-08-15 13:53 139776 ----a-w- c:\windows\system32\cryptnet.dll

2013-07-09 04:52 . 2013-08-15 13:54 663552 ----a-w- c:\windows\SysWow64\rpcrt4.dll

2013-07-09 04:52 . 2013-08-15 13:53 175104 ----a-w- c:\windows\SysWow64\wintrust.dll

2013-07-09 04:46 . 2013-08-15 13:53 140288 ----a-w- c:\windows\SysWow64\cryptsvc.dll

2013-07-09 04:46 . 2013-08-15 13:53 1166848 ----a-w- c:\windows\SysWow64\crypt32.dll

2013-07-09 04:46 . 2013-08-15 13:53 103936 ----a-w- c:\windows\SysWow64\cryptnet.dll

2013-07-06 06:03 . 2013-08-15 13:48 1910208 ----a-w- c:\windows\system32\drivers\tcpip.sys

2013-06-19 20:44 . 2013-06-19 20:44 2526056 ----a-w- c:\windows\system32\D3DCompiler_43.dll

2013-06-19 20:44 . 2013-06-19 20:44 2401112 ----a-w- c:\windows\system32\d3dx9_43.dll

2013-06-19 20:44 . 2013-06-19 20:44 2106216 ----a-w- c:\windows\SysWow64\D3DCompiler_43.dll

2013-06-19 20:44 . 2013-06-19 20:44 1998168 ----a-w- c:\windows\SysWow64\d3dx9_43.dll

.

.

(((((((((((((((((((((((((( Pontos de Carregamento do Registro )))))))))))))))))))))))))))))))))))))))

.

.

*Nota* entradas vazias e legítimas por padrão não são apresentadas.

REGEDIT4

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"uTorrent"="c:\program files (x86)\uTorrent\uTorrent.exe" [2012-07-20 895376]

"Gadwin PrintScreen"="c:\program files (x86)\Gadwin Systems\PrintScreen\PrintScreen.exe" [2012-05-30 1842384]

"HP Deskjet 3510 series (NET)"="c:\program files\HP\HP Deskjet 3510 series\Bin\ScanToPCActivationApp.exe" [2012-10-17 2573416]

"HP Deskjet 3510 series (NET) 4190104D8EE83AFB09EB9DA31E7CB6D5470D5E21084C330A8E8F9A2B"="c:\program files\HP\HP Deskjet 3510 series\Bin\ScanToPCActivationApp.exe" [2012-10-17 2573416]

"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-21 1475584]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]

"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-04-04 958576]

"BackupManagerTray"="c:\program files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe" [2011-04-24 297280]

"Dolby Advanced Audio v2"="c:\dolby pcee4\pcee4.exe" [2011-06-01 506712]

"GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040]

"SwitchBoard"="c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]

"AdobeCS6ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" [2012-03-09 1073312]

"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2010-11-29 421888]

"AVG_UI"="c:\program files (x86)\AVG\AVG2013\avgui.exe" [2012-12-11 3147384]

"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848]

"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2013-01-28 59720]

"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2013-02-20 152392]

"ZoneAlarm"="c:\program files (x86)\CheckPoint\ZoneAlarm\zatray.exe" [2013-03-27 73832]

"HP Software Update"="c:\program files (x86)\HP\HP Software Update\HPWuSchd2.exe" [2011-10-28 49208]

.

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]

"IsMyWinLockerReboot"="msiexec.exe" [2010-11-21 73216]

.

c:\users\Bruna\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\

Monitorar alertas de tinta - HP Deskjet 3510 series (Rede).lnk - c:\windows\system32\RunDll32.exe "c:\program files\HP\HP Deskjet 3510 series\bin\HPStatusBL.dll",RunDLLEntry SERIALNUMBER=BR353FD37H05Y8;CONNECTION=NW;MONITOR=1; [2009-7-13 45568]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"ConsentPromptBehaviorAdmin"= 5 (0x5)

"ConsentPromptBehaviorUser"= 3 (0x3)

"EnableUIADesktopToggle"= 0 (0x0)

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]

"LoadAppInit_DLLs"=1 (0x1)

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]

"aux"=wdmaud.drv

.

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]

BootExecute REG_MULTI_SZ autocheck autochk *\0\0sdnclean64.exe

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

@=""

.

R2 AVGIDSAgent;AVGIDSAgent;c:\program files (x86)\AVG\AVG2013\avgidsagent.exe;c:\program files (x86)\AVG\AVG2013\avgidsagent.exe [x]

R2 avgwd;Watchdog do AVG;c:\program files (x86)\AVG\AVG2013\avgwdsvc.exe;c:\program files (x86)\AVG\AVG2013\avgwdsvc.exe [x]

R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]

R2 LMIInfo;LogMeIn Kernel Information Provider;c:\program files (x86)\LogMeIn\x64\RaInfo.sys;c:\program files (x86)\LogMeIn\x64\RaInfo.sys [x]

R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]

R3 androidusb;SAMSUNG Android Composite ADB Interface Driver;c:\windows\system32\Drivers\ssadadb.sys;c:\windows\SYSNATIVE\Drivers\ssadadb.sys [x]

R3 h647906;DragonRise H647906 AMD64 Driver;c:\windows\system32\drivers\h647906.sys;c:\windows\SYSNATIVE\drivers\h647906.sys [x]

R3 h648101;DragonRise H648101 AMD64 Driver;c:\windows\system32\drivers\h648101.sys;c:\windows\SYSNATIVE\drivers\h648101.sys [x]

R3 h648103;DragonRise H648103 AMD64 Driver;c:\windows\system32\drivers\h648103.sys;c:\windows\SYSNATIVE\drivers\h648103.sys [x]

R3 hid7906;hid7906;c:\windows\system32\drivers\hid7906.sys;c:\windows\SYSNATIVE\drivers\hid7906.sys [x]

R3 hid8101;hid8101;c:\windows\system32\drivers\hid8101.sys;c:\windows\SYSNATIVE\drivers\hid8101.sys [x]

R3 hid8103;hid8103;c:\windows\system32\drivers\hid8103.sys;c:\windows\SYSNATIVE\drivers\hid8103.sys [x]

R3 RTL8192su;Realtek RTL8192SU Wireless LAN 802.11n USB 2.0 Network Adapter;c:\windows\system32\DRIVERS\RTL8192su.sys;c:\windows\SYSNATIVE\DRIVERS\RTL8192su.sys [x]

R3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);c:\windows\system32\DRIVERS\ssadbus.sys;c:\windows\SYSNATIVE\DRIVERS\ssadbus.sys [x]

R3 ssadmdfl;SAMSUNG Android USB Modem (Filter);c:\windows\system32\DRIVERS\ssadmdfl.sys;c:\windows\SYSNATIVE\DRIVERS\ssadmdfl.sys [x]

R3 ssadmdm;SAMSUNG Android USB Modem Drivers;c:\windows\system32\DRIVERS\ssadmdm.sys;c:\windows\SYSNATIVE\DRIVERS\ssadmdm.sys [x]

R3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM);c:\windows\system32\DRIVERS\ssadserd.sys;c:\windows\SYSNATIVE\DRIVERS\ssadserd.sys [x]

R3 SwitchBoard;Adobe SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [x]

R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]

R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]

R3 TurboBoost;Intel® Turbo Boost Technology Monitor 2.0;c:\program files\Intel\TurboBoost\TurboBoost.exe;c:\program files\Intel\TurboBoost\TurboBoost.exe [x]

R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]

R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe;c:\program files\Windows Live\Mesh\wlcrasvc.exe [x]

S2 ePowerSvc;ePower Service;c:\program files\Acer\Acer ePower Management\ePowerSvc.exe;c:\program files\Acer\Acer ePower Management\ePowerSvc.exe [x]

S2 GREGService;GREGService;c:\program files (x86)\Acer\Registration\GREGsvc.exe;c:\program files (x86)\Acer\Registration\GREGsvc.exe [x]

S2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [x]

S2 ISWKL;ZoneAlarm LTD Toolbar ISWKL;c:\program files\CheckPoint\ZAForceField\ISWKL.sys;c:\program files\CheckPoint\ZAForceField\ISWKL.sys [x]

S2 IswSvc;ZoneAlarm LTD Toolbar IswSvc;c:\program files\CheckPoint\ZAForceField\IswSvc.exe;c:\program files\CheckPoint\ZAForceField\IswSvc.exe [x]

S2 Live Updater Service;Live Updater Service;c:\program files\Acer\Acer Updater\UpdaterService.exe;c:\program files\Acer\Acer Updater\UpdaterService.exe [x]

S2 NOBU;Norton Online Backup;c:\program files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe SERVICE;c:\program files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe SERVICE [x]

S2 NTI IScheduleSvc;NTI IScheduleSvc;c:\program files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe;c:\program files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [x]

S2 scpVista;scpVista;c:\program files (x86)\Scpad\scpVista.exe;c:\program files (x86)\Scpad\scpVista.exe [x]

S2 TurboB;Turbo Boost UI Monitor driver;c:\windows\system32\DRIVERS\TurboB.sys;c:\windows\SYSNATIVE\DRIVERS\TurboB.sys [x]

S2 UNS;Intel® Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [x]

S3 b57xdbd;Broadcom xD Picture Bus Driver Service;c:\windows\system32\DRIVERS\b57xdbd.sys;c:\windows\SYSNATIVE\DRIVERS\b57xdbd.sys [x]

S3 b57xdmp;Broadcom xD Picture vstorp client drv;c:\windows\system32\DRIVERS\b57xdmp.sys;c:\windows\SYSNATIVE\DRIVERS\b57xdmp.sys [x]

S3 bScsiMSa;bScsiMSa;c:\windows\system32\DRIVERS\bScsiMSa.sys;c:\windows\SYSNATIVE\DRIVERS\bScsiMSa.sys [x]

S3 bScsiSDa;bScsiSDa;c:\windows\system32\DRIVERS\bScsiSDa.sys;c:\windows\SYSNATIVE\DRIVERS\bScsiSDa.sys [x]

S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys;c:\windows\SYSNATIVE\DRIVERS\ETD.sys [x]

S3 IntcDAud;Áudio do vídeo Intel®;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]

S3 k57nd60a;Broadcom NetLink Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\k57nd60a.sys;c:\windows\SYSNATIVE\DRIVERS\k57nd60a.sys [x]

.

.

--- =Outros Serviços/Drivers Na Memória ---

.

*NewlyCreated* - WS2IFSL

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]

hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]

2013-09-04 02:03 1177552 ----a-w- c:\program files (x86)\Google\Chrome\Application\29.0.1547.66\Installer\chrmstp.exe

.

Conteúdo da pasta 'Tarefas Agendadas'

.

2013-09-17 c:\windows\Tasks\Adobe Flash Player Updater.job

- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-07-19 19:29]

.

2013-09-17 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job

- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-07-21 03:12]

.

2013-09-17 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-07-21 03:12]

.

.

--------- X64 Entries -----------

.

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-06-21 167704]

"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-06-21 392472]

"Persistence"="c:\windows\system32\igfxpers.exe" [2011-06-21 416024]

"IntelTBRunOnce"="wscript.exe" [2009-07-14 168960]

"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2011-08-16 12673128]

"RtHDVBg_Dolby"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2011-08-16 2277480]

"Power Management"="c:\program files\Acer\Acer ePower Management\ePowerTray.exe" [2011-08-02 1831016]

"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2012-04-04 446392]

.

------- Scan Suplementar -------

.

uStart Page = hxxp://www.bradescopessoajuridica.com.br/

uLocal Page = c:\windows\system32\blank.htm

mLocal Page = c:\windows\SysWOW64\blank.htm

IE: Add to Evernote 4.0 - c:\program files (x86)\Evernote\Evernote\EvernoteIE.dll/204

IE: E&xportar para o Microsoft Excel - c:\progra~2\MICROS~4\Office12\EXCEL.EXE/3000

TCP: DhcpNameServer = 201.17.0.118 192.168.0.1

DPF: {9EC30204-384D-11D3-9CA3-00A024F0AF03} - hxxps://cpne.bradesco.com.br/certifexp.cab

FF - ProfilePath - c:\users\Bruna\AppData\Roaming\Mozilla\Firefox\Profiles\18xyjik7.default\

FF - prefs.js: browser.search.defaulturl -

FF - prefs.js: browser.search.selectedEngine -

FF - prefs.js: keyword.URL -

FF - prefs.js: browser.startup.homepage -

FF - ExtSQL: 2013-07-27 10:42; yy8twb@thdio-.com; c:\users\Bruna\AppData\Roaming\Mozilla\Firefox\Profiles\18xyjik7.default\extensions\yy8twb@thdio-.com

FF - ExtSQL: !HIDDEN! 2012-08-13 12:52; smartwebprinting@hp.com; c:\program files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3

FF - user.js: extensions.BabylonToolbar_i.babTrack - affID=113480&tt=2912_5

FF - user.js: extensions.BabylonToolbar_i.babExt -

FF - user.js: extensions.BabylonToolbar_i.srcExt - ss

FF - user.js: extensions.BabylonToolbar_i.id - 3e4515970000000000005cc9d309171c

FF - user.js: extensions.BabylonToolbar_i.hardId - 3e4515970000000000005cc9d309171c

FF - user.js: extensions.BabylonToolbar_i.instlDay - 15541

FF - user.js: extensions.BabylonToolbar_i.vrsn - 1.5.3.17

FF - user.js: extensions.BabylonToolbar_i.vrsni - 1.5.3.17

FF - user.js: extensions.BabylonToolbar_i.vrsnTs - 1.5.3.1722:47

FF - user.js: extensions.BabylonToolbar_i.prtnrId - babylon

FF - user.js: extensions.BabylonToolbar_i.prdct - BabylonToolbar

FF - user.js: extensions.BabylonToolbar_i.aflt - babsst

FF - user.js: extensions.BabylonToolbar_i.smplGrp - none

FF - user.js: extensions.BabylonToolbar_i.tlbrId - tb9

FF - user.js: extensions.BabylonToolbar_i.instlRef - sst

FF - user.js: extensions.funmoods.hmpg - true

FF - user.js: extensions.funmoods.hmpgUrl - hxxp://start.funmoods.com/?f=1&a=ironpub&chnl=ironpub&cd=2XzuyEtN2Y1L1Qzu0D0CtD0E0AtC0B0E0C0CyDyBtCyDzyyBtN0D0Tzu0StBtAyBtN1L2XzutBtFtCtFtCtFtAtCtB&cr=1028842916

FF - user.js: extensions.funmoods.dfltSrch - true

FF - user.js: extensions.funmoods.srchPrvdr - Search

FF - user.js: extensions.funmoods.dnsErr - true

FF - user.js: extensions.funmoods_i.newTab - true

FF - user.js: extensions.funmoods.newTabUrl - hxxp://start.funmoods.com/?f=2&a=ironpub&chnl=ironpub&cd=2XzuyEtN2Y1L1Qzu0D0CtD0E0AtC0B0E0C0CyDyBtCyDzyyBtN0D0Tzu0StBtAyBtN1L2XzutBtFtCtFtCtFtAtCtB&cr=1028842916

FF - user.js: extensions.funmoods.tlbrSrchUrl - hxxp://start.funmoods.com/?f=3&a=ironpub&chnl=ironpub&cd=2XzuyEtN2Y1L1Qzu0D0CtD0E0AtC0B0E0C0CyDyBtCyDzyyBtN0D0Tzu0StBtAyBtN1L2XzutBtFtCtFtCtFtAtCtB&cr=1028842916&q=

FF - user.js: extensions.funmoods.id - DC0EA1BECC571597

FF - user.js: extensions.funmoods.instlDay - 15577

FF - user.js: extensions.funmoods.vrsn - 1.5.23.22

FF - user.js: extensions.funmoods.vrsni - 1.5.23.22

FF - user.js: extensions.funmoods_i.vrsnTs - 1.5.23.2210:24

FF - user.js: extensions.funmoods.prtnrId - funmoods

FF - user.js: extensions.funmoods.prdct - funmoods

FF - user.js: extensions.funmoods.aflt - ironpub

FF - user.js: extensions.funmoods_i.smplGrp - none

FF - user.js: extensions.funmoods.tlbrId - base

FF - user.js: extensions.funmoods.instlRef - ironpub

FF - user.js: extensions.funmoods.dfltLng -

FF - user.js: extensions.funmoods.excTlbr - false

FF - user.js: extensions.funmoods.autoRvrt - false

FF - user.js: extensions.funmoods.envrmnt - production

FF - user.js: extensions.funmoods.isdcmntcmplt - true

FF - user.js: extensions.funmoods.mntrvrsn - 1.3.0

.

- - - - ORFÃOS REMOVIDOS - - - -

.

URLSearchHooks-{e0301295-ab3e-4af3-979f-3d453c5f9f48} - (no file)

BHO-{4D46598F-58A7-97F5-46A2-417A74E38984} - c:\programdata\safe asave\51f338efaec2e.dll

BHO-{75EBB0AA-4214-4CB4-90EC-E3E07ECD04F7} - c:\progra~2\Funmoods\1.5.23.22\bh\escort.dll

BHO-{7F6AFBF1-E065-4627-A2FD-810366367D01} - c:\users\Bruna\AppData\Roaming\DefaultTab\DefaultTab\DefaultTabBHO.dll

Toolbar-Locked - (no file)

Toolbar-{A4C272EC-ED9E-4ACE-A6F2-9558C7F29EF3} - c:\progra~2\Funmoods\1.5.23.22\escorTlbr.dll

Wow6432Node-HKCU-Run-AdobeBridge - (no file)

Wow6432Node-HKCU-Run-DesktopCal - c:\program files (x86)\DesktopCal\desktopcal.exe

Wow6432Node-HKLM-Run-<NO NAME> - (no file)

Wow6432Node-HKLM-Run-USB Gamepad - c:\windows\USB Vibration\dr100&110\USB Gamepad.exe

HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start

Toolbar-Locked - (no file)

WebBrowser-{E0301295-AB3E-4AF3-979F-3D453C5F9F48} - (no file)

HKLM-Run-ETDCtrl - c:\program files (x86)\Elantech\ETDCtrl.exe

HKLM-Run-ISW - (no file)

HKLM-Run-LogMeIn GUI - c:\program files (x86)\LogMeIn\x64\LogMeInSystray.exe

AddRemove-DefaultTab - c:\users\Bruna\AppData\Roaming\DefaultTab\DefaultTab\uninstalldt.exe

AddRemove-DefaultTab Chrome - c:\program files (x86)\DefaultTab\uninstaller.exe

AddRemove-{924C3DC2-8E4E-432E-F973-9A2174A39774} - c:\programdata\safe asave\uninstall.exe

.

.

.

--------------------- CHAVES DO REGISTRO BLOQUEADAS ---------------------

.

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_8_800_174_ActiveX.exe,-101"

.

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]

"Enabled"=dword:00000001

.

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]

@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_8_800_174_ActiveX.exe"

.

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

.

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="IFlashBroker5"

.

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

.

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_8_800_174_ActiveX.exe,-101"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]

"Enabled"=dword:00000001

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_8_800_174_ActiveX.exe"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Shockwave Flash Object"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_8_800_174.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]

@="0"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]

@="ShockwaveFlash.ShockwaveFlash.11"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_8_800_174.ocx, 1"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="ShockwaveFlash.ShockwaveFlash"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Macromedia Flash Factory Object"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_8_800_174.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]

@="FlashFactory.FlashFactory.1"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_8_800_174.ocx, 1"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="FlashFactory.FlashFactory"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="IFlashBroker5"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

.

[HKEY_LOCAL_MACHINE\software\McAfee]

"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,

00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\

.

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

.

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]

@Denied: (Full) (Everyone)

.

------------------------ Outros Processos em Execução ------------------------

.

c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

c:\program files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe

c:\program files (x86)\Acer\clear.fi\MVP\.\Kernel\DMR\DMREngine.exe

c:\program files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

.

**************************************************************************

.

Tempo para conclusão: 2013-09-17 11:12:31 - Máquina reiniciou

ComboFix-quarantined-files.txt 2013-09-17 14:12

.

Pré-execução: 105.806.053.376 bytes disponíveis

Pós execução: 105.394.532.352 bytes disponíveis

.

- - End Of File - - AEC6F93C78963FE1AE4CAABE62423EC2

Compartilhar este post


Link para o post
Compartilhar em outros sites

Você tem os drivers do notebook? Talvez seja necessário reinstalar alguns drivers.

O problema inicial persiste?

Compartilhar este post


Link para o post
Compartilhar em outros sites

Se você está falando do problema de ficar lerdo, o firefox travar sempre ao iniciar, demorar pra ligar, sim, persiste sim.

Eu arrumei o touchpad e ele voltou a funcionar sem problemas.

Não tenho drivers não. Por que teria que reinstalar?

Não devo deletar programas que não uso e fazer uma limpeza geral?

Compartilhar este post


Link para o post
Compartilhar em outros sites

O driver era para caso precisassemos arrumar o touch, mas como você já arrumou, sem problemas.

Já tentou reinstalar o FireFox?

Compartilhar este post


Link para o post
Compartilhar em outros sites

Poxa, eu arrumei o touch porque não podia ficar sem, mas não fiz mais nada. Estou só esperando instruções. As intruções vão vir ou não?

Compartilhar este post


Link para o post
Compartilhar em outros sites

Não entendi.

Leu minha última pergunta sobre o FireFox?

Compartilhar este post


Link para o post
Compartilhar em outros sites

Eu faria para testar.

Compartilhar este post


Link para o post
Compartilhar em outros sites





Sobre o Clube do Hardware

No ar desde 1996, o Clube do Hardware é uma das maiores, mais antigas e mais respeitadas publicações sobre tecnologia do Brasil. Leia mais

Direitos autorais

Não permitimos a cópia ou reprodução do conteúdo do nosso site, fórum, newsletters e redes sociais, mesmo citando-se a fonte. Leia mais

×