Ir ao conteúdo
  • Comunicados

    • diego_moicano

      Gostaria de se tornar um analista em Remoção de Malware?   07-12-2015

      Gostaria de se tornar um analista em Remoção de Malware? O Fórum Clube do Hardware deu início a um programa de treinamento em análises de log. Os interessados deverão enviar um email para aprendizes (arroba) clubedohardware (ponto) com (ponto) br respondendo as seguintes perguntas: Por que você gostaria de aprender a analisar logs? Possui tempo hábil para o treinamento? Tem conhecimentos em informática? Se sim descreva-os. Possui inglês para leitura? Qual seu objetivo após completar o treinamento?   Não se esqueça de incluir no e-mail o seu nome de usuário (fornecer o link também), idade e cidade onde vive. Adicione também qualquer experiência e/ou razão sobre o porquê você seria um bom Analista. É digno de nota que apenas os que forem selecionados receberão resposta por MP (Mensagem Pessoal), não existe um padrão na escolha dos futuros aprendizes, todos os e-mails serão lidos e serão analisados de forma imparcial, portanto não será permitido reclamações neste aspecto. O treinamento é dado no próprio fórum. Quando um aprendiz é selecionado ele é movido para um novo grupo, onde terá acesso a fóruns fechados para os demais usuários onde poderá dar inicio ao seu treinamento. Importante: A cada 30 dias os e-mails não selecionados serão apagados, portanto você pode enviar um novo e-mail após 1 mês, e-mails enviados antes serão desconsiderados.  
    • Gabriel Torres

      Seja um moderador do Clube do Hardware!   12-02-2016

      Prezados membros do Clube do Hardware, Está aberto o processo de seleção de novos moderadores para diversos setores ou áreas do Clube do Hardware. Os requisitos são:   Pelo menos 500 posts e um ano de cadastro; Boa frequência de participação; Ser respeitoso, cordial e educado com os demais membros; Ter bom nível de português; Ter razoável conhecimento da área em que pretende atuar; Saber trabalhar em equipe (com os moderadores, coordenadores e administradores).   Os interessados deverão enviar uma mensagem privada para o usuário @Equipe Clube do Hardware com o título "Candidato a moderador". A mensagem deverá conter respostas às perguntas abaixo:   Qual o seu nome completo? Qual sua data de nascimento? Qual sua formação/profissão? Já atuou como moderador em algo outro fórum, se sim, qual? De forma sucinta, explique o porquê de querer ser moderador do fórum e conte-nos um pouco sobre você.   OBS: Não se trata de função remunerada. Todos que fazem parte do staff são voluntários.
Entre para seguir isso  
mindoo

Internet Explorer abre paginas sozinho

Recommended Posts

Boa noite,

Venho tendo problemas com paginas que se abrem sozinhas no Internet Explorer, sendo estas sempre paginas de publicidades.

Mesmo que eu tenha já um IE aberto, ela se abre numa nova instancia do IE, e ocorre com mais frequência quando tem menor atividade no computador, como por exemplo quando estou lendo email ou textos no word.

Agradeco muito qualquer ajuda que possa me dar.

Segue abaixo os relatórios conforme solicitados.

O gmer ficou muito grande e não conseguia enviar o post com ele.

Desde já meu muito Obrigado

Gustavo

DDS (Ver_2012-11-20.01) - NTFS_AMD64

Internet Explorer: 10.0.9200.16660

Run by LucilaPC at 1:10:13 on 2013-09-05

Microsoft Windows 8 6.2.9200.0.1252.351.2070.18.6043.4059 [GMT 1:00]

.

AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}

AV: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

============== Running Processes ===============

.

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\system32\nvvsvc.exe

C:\Windows\system32\svchost.exe -k RPCSS

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Program Files\IDT\WDM\STacSV64.exe

C:\Windows\system32\Hpservice.exe

C:\Windows\system32\svchost.exe -k NetworkService

C:\Program Files\AVAST Software\Avast\AvastSvc.exe

C:\Windows\System32\spoolsv.exe

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Windows\system32\svchost.exe -k apphost

C:\Program Files (x86)\Bluetooth Suite\adminservice.exe

C:\Windows\SysWOW64\svchost.exe -k hpdevmgmt

C:\Windows\system32\dashost.exe

C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe

C:\Program Files\Intel\iCLS Client\HeciServer.exe

C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe

C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe

C:\Program Files (x86)\Yuna Software\Messenger Plus! for Skype\MsgPlusForSkypeService.exe

C:\Windows\system32\svchost.exe -k imgsvc

C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe

C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe

C:\Windows\system32\svchost.exe -k HPService

C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalServicePeerNet

C:\Windows\system32\SearchIndexer.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Program Files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe

C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe

C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe

C:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPConnectedRemoteService.exe

C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe

C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe

C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe

C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe

C:\Program Files\Windows Media Player\wmpnetwk.exe

C:\Windows\System32\dwm.exe

C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe

C:\Windows\system32\nvvsvc.exe

C:\Windows\system32\taskhostex.exe

C:\Windows\Explorer.EXE

C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

C:\Program Files\NVIDIA Corporation\Display\nvtray.exe

C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe

C:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPConnectedRemoteUser.exe

C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE

C:\Windows\System32\igfxtray.exe

C:\Windows\System32\hkcmd.exe

C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe

C:\Windows\System32\igfxpers.exe

C:\Program Files\IDT\WDM\sttray64.exe

C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe

C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe

C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe

C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\acrotray.exe

C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe

C:\Program Files (x86)\Mozilla Firefox\firefox.exe

C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe

C:\Program Files (x86)\Yuna Software\Messenger Plus!\PlusService.exe

C:\Program Files\AVAST Software\Avast\AvastUI.exe

C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe

C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe

C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe

C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe

C:\Windows\System32\svchost.exe -k HPZ12

C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

C:\Windows\System32\svchost.exe -k HPZ12

C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe

C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_8_800_94.exe

C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_8_800_94.exe

C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

C:\Windows\SysWOW64\ctfmon.exe

C:\Windows\system32\SearchProtocolHost.exe

C:\Windows\system32\SearchFilterHost.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Windows\System32\cscript.exe

.

============== Pseudo HJT Report ===============

.

uStart Page = hxxp://www.uol.com.br/

mWinlogon: Userinit = userinit.exe

BHO: Facilitador de Leitor de Link Adobe PDF: {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - <orphaned>

BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll

BHO: Windows Live Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} -

BHO: Adobe PDF Conversion Toolbar Helper: {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll

BHO: HP Network Check Helper: {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll

TB: Adobe PDF: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll

TB: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll

EB: Adobe PDF: {182EC0BE-5110-49C8-A062-BEB1D02A220B} - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll

uRun: [TomTomHOME.exe] "C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe" -s

mRun: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe

mRun: [HP CoolSense] C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe -byrunkey

mRun: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe

mRun: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe"

mRun: [PlusService] C:\Program Files (x86)\Yuna Software\Messenger Plus!\PlusService.exe

mRun: [MessengerPlusForSkypeService] "C:\Program Files (x86)\Yuna Software\Messenger Plus! for Skype\MsgPlusForSkypeService.exe"

mRun: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui

mRun: [RemoteControl10] "C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe"

mExplorerRun: [btvStack] "C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe"

StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\StartUp\ADOBEA~1.LNK - C:\Windows\Installer\{AC76BA86-1044-7000-7760-000000000003}\_SC_Acrobat.exe

StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\StartUp\ADOBER~1.LNK - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AdobeCollabSync.exe

StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\StartUp\HPDIGI~1.LNK - C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe

mPolicies-System: DisableCAD = dword:1

IE: Anexar para um PDF existente - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html

IE: Converter destino do link em Adobe PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html

IE: Converter destino do link em um PDF existente - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html

IE: Converter em Adobe PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html

IE: Converter links selecionados em Adobe PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html

IE: Converter links selecionados em um PDF existente - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html

IE: Converter seleção em Adobe PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html

IE: Converter seleção em PDF existente - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html

IE: E&xportar para o Microsoft Excel - C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000

IE: {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe

IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}

TCP: NameServer = 212.113.191.129 212.113.164.5

TCP: Interfaces\{46644349-603C-448D-BAFB-E3AFC63170CF} : DHCPNameServer = 10.10.0.1

TCP: Interfaces\{9C6BC3BC-50E9-4323-BD4D-A34B8A1167DB} : DHCPNameServer = 212.113.191.129 212.113.164.5

TCP: Interfaces\{9C6BC3BC-50E9-4323-BD4D-A34B8A1167DB}\0545D275946494 : DHCPNameServer = 88.214.178.1 88.214.178.2

TCP: Interfaces\{9C6BC3BC-50E9-4323-BD4D-A34B8A1167DB}\24162726F63716 : DHCPNameServer = 201.6.2.27 201.6.2.67 201.6.4.116

TCP: Interfaces\{9C6BC3BC-50E9-4323-BD4D-A34B8A1167DB}\6796275737E696E64616 : DHCPNameServer = 192.168.1.1

Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll

AppInit_DLLs= C:\Windows\SysWOW64\nvinit.dll

SSODL: WebCheck - <orphaned>

x64-BHO: avast! Online Security: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll

x64-TB: avast! Online Security: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll

x64-Run: [btPreLoad] "C:\Program Files (x86)\Bluetooth Suite\BtPreLoad.exe"

x64-Run: [synTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe

x64-Run: [igfxTray] C:\Windows\System32\igfxtray.exe

x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe

x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe

x64-Run: [sysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe

x64-ExplorerRun: [btvStack] "C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe"

x64-mPolicies-System: DisableCAD = dword:1

x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>

x64-Notify: igfxcui - igfxdev.dll

x64-SSODL: WebCheck - <orphaned>

.

================= FIREFOX ===================

.

FF - ProfilePath - C:\Users\LucilaPC\AppData\Roaming\Mozilla\Firefox\Profiles\pcyv9o1m.default\

FF - prefs.js: network.proxy.type - 0

FF - plugin: C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll

FF - plugin: C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll

FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrlui.dll

FF - plugin: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1200112.dll

FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll

FF - plugin: C:\Windows\SysWOW64\npDeployJava1.dll

FF - plugin: C:\Windows\SysWOW64\npmproxy.dll

.

============= SERVICES / DRIVERS ===============

.

R0 aswRvrt;aswRvrt;C:\Windows\System32\Drivers\aswRvrt.sys [2013-3-26 65336]

R0 aswVmm;aswVmm;C:\Windows\System32\Drivers\aswVmm.sys [2013-3-26 189936]

R0 iaStorA;iaStorA;C:\Windows\System32\Drivers\iaStorA.sys [2012-9-28 650808]

R0 nvpciflt;nvpciflt;C:\Windows\System32\Drivers\nvpciflt.sys [2013-2-27 30496]

R1 aswSnx;aswSnx;C:\Windows\System32\Drivers\aswSnx.sys [2013-3-26 1030952]

R1 aswSP;aswSP;C:\Windows\System32\Drivers\aswSP.sys [2013-3-26 378944]

R2 aswFsBlk;aswFsBlk;C:\Windows\System32\Drivers\aswFsBlk.sys [2013-3-26 33400]

R2 aswMonFlt;aswMonFlt;C:\Windows\System32\Drivers\aswMonFlt.sys [2013-3-26 80816]

R2 AtherosSvc;AtherosSvc;C:\Program Files (x86)\Bluetooth Suite\AdminService.exe [2012-12-28 226944]

R2 avast! Antivirus;avast! Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2013-5-24 46808]

R2 HP Support Assistant Service;HP Support Assistant Service;C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe [2012-9-27 86528]

R2 HPConnectedRemote;HP Connected Remote Service;C:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPConnectedRemoteService.exe [2012-10-12 35744]

R2 hpsrv;HP Service;C:\Windows\System32\hpservice.exe [2012-9-24 31040]

R2 HPWMISVC;HPWMISVC;C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [2012-9-7 35232]

R2 IAStorDataMgrSvc;Tecnologia de Armazenamento Intel® Rapid;C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2012-11-2 14904]

R2 IconMan_R;IconMan_R;C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2012-11-2 2451456]

R2 Intel® Capability Licensing Service Interface;Intel® Capability Licensing Service Interface;C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-4-20 635104]

R2 Intel® ME Service;Intel® ME Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe [2012-11-2 128896]

R2 jhi_service;Intel® Dynamic Application Loader Host Interface Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe [2012-11-2 165760]

R2 MsgPlusService;Messenger Plus! Service;C:\Program Files (x86)\Yuna Software\Messenger Plus! for Skype\MsgPlusForSkypeService.exe [2013-2-4 128000]

R2 TomTomHOMEService;TomTomHOMEService;C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe [2013-3-22 93072]

R2 UNS;Intel® Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2012-11-2 364416]

R2 ZAtheros Bt and Wlan Coex Agent;ZAtheros Bt and Wlan Coex Agent;C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [2012-12-28 323584]

R3 AthBTPort;Qualcomm Atheros Virtual Bluetooth Class;C:\Windows\System32\Drivers\btath_flt.sys [2013-6-15 89320]

R3 BTATH_A2DP;Bluetooth A2DP Audio Driver;C:\Windows\System32\Drivers\btath_a2dp.sys [2013-6-15 345832]

R3 btath_avdt;Qualcomm Atheros Bluetooth AVDT Service;C:\Windows\System32\Drivers\btath_avdt.sys [2013-6-15 115432]

R3 BTATH_BUS;Qualcomm Atheros Bluetooth Bus;C:\Windows\System32\Drivers\btath_bus.sys [2013-6-15 33944]

R3 BTATH_HCRP;Bluetooth HCRP Server driver;C:\Windows\System32\Drivers\btath_hcrp.sys [2013-6-15 179432]

R3 BTATH_LWFLT;Bluetooth LWFLT Device;C:\Windows\System32\Drivers\btath_lwflt.sys [2013-6-15 77464]

R3 BTATH_RCP;Bluetooth AVRCP Device;C:\Windows\System32\Drivers\btath_rcp.sys [2013-6-15 136424]

R3 BtFilter;BtFilter;C:\Windows\System32\Drivers\btfilter.sys [2013-6-15 578792]

R3 BthLEEnum;Controlador de Bluetooth de Baixo Consumo;C:\Windows\System32\Drivers\BthLEEnum.sys [2012-7-26 202752]

R3 ICCS;Intel® Integrated Clock Controller Service - Intel® ICCS;C:\Program Files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe [2013-3-18 169752]

R3 IntcDAud;Áudio do Monitor Intel®;C:\Windows\System32\Drivers\IntcDAud.sys [2012-6-19 342528]

R3 RTL8168;Realtek 8168 NT Driver;C:\Windows\System32\Drivers\Rt630x64.sys [2012-11-2 690832]

R3 SmbDrvI;SmbDrvI;C:\Windows\System32\Drivers\Smb_driver_Intel.sys [2012-8-25 43832]

R3 WirelessButtonDriver;HP Wireless Button Driver Service;C:\Windows\System32\Drivers\WirelessButtonDriver64.sys [2012-8-31 20800]

S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-6-21 162408]

S3 ATHDFU;Qualcomm Atheros Valkyrie USB BootROM;C:\Windows\System32\Drivers\AthDfu.sys [2012-11-2 55448]

S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);C:\Windows\System32\Drivers\ssudbus.sys [2013-6-4 103448]

S3 GemCCID;GemCCID;C:\Windows\System32\Drivers\GemCCID.sys [2013-4-24 129792]

S3 RSP2STOR;Realtek PCIE CardReader Driver - P2;C:\Windows\System32\Drivers\RtsP2Stor.sys [2012-11-2 269968]

S3 SmbDrv;SmbDrv;C:\Windows\System32\Drivers\Smb_driver_AMDASF.sys [2012-8-25 41272]

S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);C:\Windows\System32\Drivers\ssudmdm.sys [2013-6-4 203672]

.

=============== Created Last 30 ================

.

2013-09-03 22:56:52 270512 ----a-w- C:\ProgramData\Microsoft\Windows\Sqm\Manifest\Sqm10215.bin

2013-08-20 18:00:22 17737608 ----a-w- C:\Windows\SysWow64\FlashPlayerInstaller.exe

2013-08-17 01:04:39 92056 ----a-w- C:\Program Files (x86)\Mozilla Firefox\webapprt-stub.exe

2013-08-14 11:10:23 911032 ----a-w- C:\Program Files\Windows Defender\MpClient.dll

2013-08-14 11:09:26 1314816 ----a-w- C:\Windows\System32\rpcrt4.dll

2013-08-09 17:51:21 -------- d-----w- C:\Program Files\IDT

.

==================== Find3M ====================

.

2013-07-26 05:13:37 2241024 ----a-w- C:\Windows\System32\wininet.dll

2013-07-26 05:13:28 915968 ----a-w- C:\Windows\System32\uxtheme.dll

2013-07-26 05:13:28 53760 ----a-w- C:\Windows\System32\UXInit.dll

2013-07-26 05:12:08 3958784 ----a-w- C:\Windows\System32\jscript9.dll

2013-07-26 05:12:04 136704 ----a-w- C:\Windows\System32\iesysprep.dll

2013-07-26 05:12:03 67072 ----a-w- C:\Windows\System32\iesetup.dll

2013-07-26 03:35:08 2706432 ----a-w- C:\Windows\System32\mshtml.tlb

2013-07-26 03:13:24 1767936 ----a-w- C:\Windows\SysWow64\wininet.dll

2013-07-26 03:13:15 44032 ----a-w- C:\Windows\SysWow64\UXInit.dll

2013-07-26 03:12:04 2877440 ----a-w- C:\Windows\SysWow64\jscript9.dll

2013-07-26 03:12:00 61440 ----a-w- C:\Windows\SysWow64\iesetup.dll

2013-07-26 03:12:00 109056 ----a-w- C:\Windows\SysWow64\iesysprep.dll

2013-07-26 02:49:14 2706432 ----a-w- C:\Windows\SysWow64\mshtml.tlb

2013-07-26 00:54:34 534528 ----a-w- C:\Windows\SysWow64\uxtheme.dll

2013-07-13 06:18:21 337408 ----a-w- C:\Windows\System32\wintrust.dll

2013-07-13 06:16:06 68096 ----a-w- C:\Windows\System32\cryptsvc.dll

2013-07-13 06:16:06 1889280 ----a-w- C:\Windows\System32\crypt32.dll

2013-07-13 06:15:53 98304 ----a-w- C:\Windows\System32\apprepsync.dll

2013-07-13 06:15:53 124416 ----a-w- C:\Windows\System32\apprepapi.dll

2013-07-13 04:24:58 261120 ----a-w- C:\Windows\SysWow64\wintrust.dll

2013-07-13 04:23:11 1568256 ----a-w- C:\Windows\SysWow64\crypt32.dll

2013-07-13 04:23:03 87040 ----a-w- C:\Windows\SysWow64\apprepapi.dll

2013-07-13 04:23:03 74240 ----a-w- C:\Windows\SysWow64\apprepsync.dll

2013-07-09 08:04:07 120144 ----a-w- C:\Windows\System32\drivers\msgpioclx.sys

2013-07-09 06:18:21 439488 ----a-w- C:\Windows\System32\WerFault.exe

2013-07-09 06:07:17 2233168 ----a-w- C:\Windows\System32\drivers\tcpip.sys

2013-07-09 04:25:45 385768 ----a-w- C:\Windows\SysWow64\WerFault.exe

2013-07-09 03:57:19 245760 ----a-w- C:\Windows\SysWow64\LocationApi.dll

2013-07-08 22:46:00 543744 ----a-w- C:\Windows\System32\wwanmm.dll

2013-07-08 22:46:00 414208 ----a-w- C:\Windows\System32\wwanconn.dll

2013-07-08 22:46:00 370688 ----a-w- C:\Windows\System32\Wwanadvui.dll

2013-07-08 22:45:16 312832 ----a-w- C:\Windows\System32\LocationApi.dll

2013-07-06 00:16:17 1025024 ----a-w- C:\Windows\System32\localspl.dll

2013-07-03 00:23:43 391168 ----a-w- C:\Windows\System32\Windows.Networking.BackgroundTransfer.dll

2013-07-03 00:23:12 778752 ----a-w- C:\Windows\System32\oleaut32.dll

2013-07-03 00:22:26 1300480 ----a-w- C:\Windows\System32\gdi32.dll

2013-07-03 00:11:23 268800 ----a-w- C:\Windows\SysWow64\Windows.Networking.BackgroundTransfer.dll

2013-07-03 00:11:02 551424 ----a-w- C:\Windows\SysWow64\oleaut32.dll

2013-07-02 23:51:03 4039680 ----a-w- C:\Windows\System32\win32k.sys

2013-07-02 00:44:14 36288 ----a-w- C:\Windows\System32\drivers\WdBoot.sys

2013-07-01 22:08:49 247216 ----a-w- C:\Windows\System32\drivers\WdFilter.sys

2013-06-30 22:30:14 67072 ----a-w- C:\Windows\SysWow64\openfiles.exe

2013-06-30 22:29:22 77312 ----a-w- C:\Windows\System32\openfiles.exe

2013-06-29 06:15:54 195416 ----a-w- C:\Windows\System32\drivers\sdbus.sys

2013-06-29 06:15:47 125784 ----a-w- C:\Windows\System32\drivers\dumpsd.sys

2013-06-29 05:43:16 327512 ----a-w- C:\Windows\System32\drivers\Classpnp.sys

2013-06-29 01:12:01 1022464 ----a-w- C:\Windows\SysWow64\gdi32.dll

2013-06-28 10:25:36 189936 ----a-w- C:\Windows\System32\drivers\aswVmm.sys

2013-06-28 10:25:35 1030952 ----a-w- C:\Windows\System32\drivers\aswSnx.sys

2013-06-27 22:04:51 78200 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl

2013-06-27 22:04:51 693112 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe

2013-06-26 03:01:38 321536 ----a-w- C:\Windows\System32\drivers\udfs.sys

2013-06-26 02:59:34 341504 ----a-w- C:\Windows\System32\drivers\HdAudio.sys

2013-06-24 22:54:52 447488 ----a-w- C:\Windows\System32\wwansvc.dll

2013-06-24 22:54:45 74240 ----a-w- C:\Windows\System32\wcmcsp.dll

2013-06-24 22:54:45 263680 ----a-w- C:\Windows\System32\wcmsvc.dll

2013-06-19 05:36:21 183808 ----a-w- C:\Windows\System32\winmmbase.dll

2013-06-19 05:36:21 115712 ----a-w- C:\Windows\System32\winmm.dll

2013-06-18 22:38:00 160256 ----a-w- C:\Windows\SysWow64\winmmbase.dll

2013-06-18 22:38:00 125440 ----a-w- C:\Windows\SysWow64\winmm.dll

2013-06-16 22:41:31 997632 ----a-w- C:\Windows\System32\drivers\ndis.sys

2013-06-15 01:20:04 499712 ----a-w- C:\Windows\SysWow64\msvcp71.dll

2013-06-15 01:20:04 348160 ----a-w- C:\Windows\SysWow64\msvcr71.dll

2013-06-15 01:20:04 29480 ----a-w- C:\Windows\SysWow64\msxml3a.dll

2013-06-12 20:48:23 867240 ----a-w- C:\Windows\SysWow64\npDeployJava1.dll

2013-06-12 20:48:17 789416 ----a-w- C:\Windows\SysWow64\deployJava1.dll

2013-06-11 23:43:37 154112 ----a-w- C:\Windows\SysWow64\WinSCard.dll

2013-06-11 23:26:20 230912 ----a-w- C:\Windows\System32\WinSCard.dll

2013-06-10 21:17:46 96512 ----a-w- C:\Windows\System32\drivers\wfplwfs.sys

2013-06-10 19:16:07 888832 ----a-w- C:\Windows\System32\nshwfp.dll

2013-06-10 19:15:42 1156096 ----a-w- C:\Windows\System32\IKEEXT.DLL

2013-06-10 19:15:38 381952 ----a-w- C:\Windows\System32\FWPUCLNT.DLL

2013-06-10 19:15:25 723968 ----a-w- C:\Windows\System32\BFE.DLL

2013-06-10 19:10:58 702464 ----a-w- C:\Windows\SysWow64\nshwfp.dll

2013-06-10 19:10:37 245248 ----a-w- C:\Windows\SysWow64\FWPUCLNT.DLL

.

============= FINISH: 1:11:22,93 ===============

.

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

.

DDS (Ver_2012-11-20.01)

.

Microsoft Windows 8

Boot Device: \Device\HarddiskVolume2

Install Date: 31/01/2013 22:27:07

System Uptime: 03/09/2013 09:04:18 (40 hours ago)

.

Motherboard: Hewlett-Packard | | 18FD

Processor: Intel® Core i5-3337U CPU @ 1.80GHz | U3E1 | 1801/100mhz

.

==== Disk Partitions =========================

.

C: is FIXED (NTFS) - 448 GiB total, 361,264 GiB free.

D: is FIXED (NTFS) - 17 GiB total, 2,157 GiB free.

.

==== Disabled Device Manager Items =============

.

Class GUID: {4d36e971-e325-11ce-bfc1-08002be10318}

Description: Photosmart B110 series

Device ID: ROOT\MULTIFUNCTION\0000

Manufacturer: HP

Name: Photosmart B110 series

PNP Device ID: ROOT\MULTIFUNCTION\0000

Service:

.

Class GUID: {6bdd1fc6-810f-11d0-bec7-08002be2092f}

Description: Dispositivo de vídeo USB

Device ID: USB\VID_05C8&PID_0355&MI_00\7&1233FBB1&0&0000

Manufacturer: Microsoft

Name: HP Truevision HD

PNP Device ID: USB\VID_05C8&PID_0355&MI_00\7&1233FBB1&0&0000

Service: usbvideo

.

==== System Restore Points ===================

.

RP31: 30/08/2013 19:55:56 - Ponto de Verificação Agendado

.

==== Installed Programs ======================

.

64 Bit HP CIO Components Installer

Actualizações da NVIDIA 1.11.3

Adobe Acrobat 8 Professional - Norsk, Português

Adobe Flash Player 11 Plugin

Adobe Shockwave Player 12.0

µTorrent

Atualização do produto Microsoft Office Excel 2007 Help (KB963678)

Atualização do produto Microsoft Office Outlook 2007 Help (KB963677)

Atualização do produto Microsoft Office Powerpoint 2007 Help (KB963669)

Atualização do produto Microsoft Office Word 2007 Help (KB963665)

aTube Catcher

avast! Free Antivirus

B110

BufferChm

Connected Music powered by Universal Music Group version 1.0

CyberLink Media Suite 10

CyberLink PhotoDirector

CyberLink PowerDirector 10

CyberLink PowerDVD

CyberLink YouCam

Destinations

DeviceDiscovery

Dungeons & Dragons Online v01.21.01.8029

Energy Star

ERS Aplicação Cartão Cidadão

Ferramenta de Carregamento do Windows Live

GPBaseService2

Hewlett-Packard ACLM.NET v1.2.1.1

HP 3D DriveGuard

HP Connected Music (Meridian - installer)

HP Connected Remote

HP CoolSense

HP Customer Experience Enhancements

HP Customer Participation Program 14.0

HP Documentation

HP Imaging Device Functions 14.0

HP Photosmart Wireless B110 All-In-One Driver Software 14.0 Rel. 6

HP Postscript Converter

HP Quick Launch

HP Recovery Manager

HP Registration Service

HP Solution Center 14.0

HP Support Assistant

HP Update

HP Utility Center

HP Wireless Button Driver

HPAppStudio

HPDiagnosticAlert

HPPhotoGadget

HPProductAssistant

HPSSupply

IDT Audio

Intel® Control Center

Intel® Management Engine Components

Intel® Processor Graphics

Intel® Rapid Storage Technology

Intel® SDK for OpenCL - CPU Only Runtime Package

Intel® Trusted Connect Service Client

K-Lite Codec Pack 9.8.5 (Standard)

MarketResearch

Messenger Plus!

Messenger Plus! for Skype

Microsoft .NET Framework 1.1

Microsoft Application Error Reporting

Microsoft Choice Guard

Microsoft Office

Microsoft Office 2007 Service Pack 3 (SP3)

Microsoft Office Access MUI (Portuguese (Brazil)) 2007

Microsoft Office Enterprise 2007

Microsoft Office Excel MUI (Portuguese (Brazil)) 2007

Microsoft Office File Validation Add-In

Microsoft Office Groove MUI (Portuguese (Brazil)) 2007

Microsoft Office InfoPath MUI (Portuguese (Brazil)) 2007

Microsoft Office Office 64-bit Components 2007

Microsoft Office OneNote MUI (Portuguese (Brazil)) 2007

Microsoft Office Outlook MUI (Portuguese (Brazil)) 2007

Microsoft Office PowerPoint MUI (Portuguese (Brazil)) 2007

Microsoft Office Proof (English) 2007

Microsoft Office Proof (Portuguese (Brazil)) 2007

Microsoft Office Proof (Spanish) 2007

Microsoft Office Proofing (Portuguese (Brazil)) 2007

Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)

Microsoft Office Publisher MUI (Portuguese (Brazil)) 2007

Microsoft Office Shared 64-bit MUI (Portuguese (Brazil)) 2007

Microsoft Office Shared MUI (Portuguese (Brazil)) 2007

Microsoft Office Word MUI (Portuguese (Brazil)) 2007

Microsoft Silverlight

Microsoft Visual C++ 2005 Redistributable

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219

Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219

Mozilla Firefox 23.0.1 (x86 pt-PT)

Mozilla Maintenance Service

MSVCRT

MSXML 4.0 SP3 Parser

MSXML 4.0 SP3 Parser (KB2758694)

My MedicineOne

Network64

NVIDIA Controlador gráfico 311.00

NVIDIA Install Application

NVIDIA Optimus 1.11.3

NVIDIA Update Components

Painel de controlo da NVIDIA 311.00

PS_AIO_07_B110_SW_Min

Qualcomm Atheros Bluetooth Suite (64)

Qualcomm Atheros Driver Installation Program

QuickTransfer

Realtek Ethernet Controller Driver

Realtek PCIE Card Reader

Scan

Security Update for Microsoft Office 2007 suites (KB2596615) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2687309) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2687311) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2687439) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2760416) 32-Bit Edition

Security Update for Microsoft Office Excel 2007 (KB2687307) 32-Bit Edition

Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition

Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition

Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition

Security Update for Microsoft Office Publisher 2007 (KB2597971) 32-Bit Edition

Security Update for Microsoft Office Word 2007 (KB2760421) 32-Bit Edition

Shop for HP Supplies

Skype™ 6.6

SolutionCenter

Status

swMSM

Synaptics Pointing Device Driver

TomTom HOME

TomTom HOME Visual Studio Merge Modules

Toolbox

TrayApp

Update for 2007 Microsoft Office System (KB967642)

Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition

Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition

Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition

Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition

Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition

Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition

Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition

Update for Microsoft Office Outlook 2007 (KB2768023) 32-Bit Edition

Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2817642) 32-Bit Edition

WebReg

Windows Live Call

Windows Live Communications Platform

Windows Live Essentials

Windows Live Messenger

WinRAR 4.20 (32-bit)

.

==== End Of File ===========================

Compartilhar este post


Link para o post
Compartilhar em outros sites

Olá

Desculpe a demora :)

Se ainda precisa de ajuda refaça os logs, pois preciso dos mesmos com datas atualizadas: Leia Antes de Postar - Criando um novo Tópico

ATENÇÃO 1: Não precisa abrir um novo tópico, coloque os novos logs neste mesmo tópico, obrigado!

ATENÇÃO 2: Não edite seu tópico, use o botão responder, obrigado!

ATENÇÃO 3: Não coloque os logs entre TAGS, obrigado!

ATENÇÃO 4: Não anexe os logs, obrigado!

Abraços :D

Compartilhar este post


Link para o post
Compartilhar em outros sites
  • Autor do tópico
  • Boa tarde Diego.

    Obrigado pela ajuda, ainda preciso solucionar o problema sim.

    Segue abaixo os 2 logs. Apenas não consigo colocar o gmer junto pois a mensagem não é enviada.

    Obrigado

    DDS (Ver_2012-11-20.01) - NTFS_AMD64

    Internet Explorer: 10.0.9200.16660

    Run by LucilaPC at 17:43:28 on 2013-09-07

    Microsoft Windows 8 6.2.9200.0.1252.351.2070.18.6043.4129 [GMT 1:00]

    .

    AV: avast! Antivirus *Enabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}

    AV: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

    SP: avast! Antivirus *Enabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}

    SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

    .

    ============== Running Processes ===============

    .

    C:\Windows\system32\svchost.exe -k DcomLaunch

    C:\Windows\system32\nvvsvc.exe

    C:\Windows\system32\svchost.exe -k RPCSS

    C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

    C:\Windows\system32\svchost.exe -k netsvcs

    C:\Windows\system32\svchost.exe -k LocalService

    C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

    C:\Program Files\IDT\WDM\STacSV64.exe

    C:\Windows\system32\Hpservice.exe

    C:\Windows\system32\svchost.exe -k NetworkService

    C:\Windows\System32\spoolsv.exe

    C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

    C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

    C:\Windows\system32\svchost.exe -k apphost

    C:\Program Files (x86)\Bluetooth Suite\adminservice.exe

    C:\Windows\SysWOW64\svchost.exe -k hpdevmgmt

    C:\Windows\system32\dashost.exe

    C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe

    C:\Program Files\Intel\iCLS Client\HeciServer.exe

    C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe

    C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe

    C:\Program Files (x86)\Yuna Software\Messenger Plus! for Skype\MsgPlusForSkypeService.exe

    C:\Windows\system32\svchost.exe -k imgsvc

    C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe

    C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe

    C:\Windows\system32\svchost.exe -k HPService

    C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

    C:\Windows\System32\svchost.exe -k LocalServicePeerNet

    C:\Windows\system32\SearchIndexer.exe

    C:\Windows\system32\wbem\wmiprvse.exe

    C:\Program Files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe

    C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe

    C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe

    C:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPConnectedRemoteService.exe

    C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe

    C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe

    C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe

    C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

    C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe

    C:\Program Files\Windows Media Player\wmpnetwk.exe

    C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe

    C:\Windows\System32\dwm.exe

    C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe

    C:\Windows\system32\nvvsvc.exe

    C:\Program Files\AVAST Software\Avast\AvastSvc.exe

    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

    C:\Windows\system32\taskhostex.exe

    C:\Windows\Explorer.EXE

    C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE

    C:\Program Files\NVIDIA Corporation\Display\nvtray.exe

    C:\Windows\system32\SearchProtocolHost.exe

    C:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPConnectedRemoteUser.exe

    C:\Program Files (x86)\Mozilla Firefox\firefox.exe

    C:\Windows\system32\SearchFilterHost.exe

    C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe

    C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe

    C:\Windows\System32\igfxtray.exe

    C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe

    C:\Windows\System32\hkcmd.exe

    C:\Windows\System32\igfxpers.exe

    C:\Program Files\IDT\WDM\sttray64.exe

    C:\Windows\sysWow64\SearchProtocolHost.exe

    C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe

    C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe

    C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe

    C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\acrobat_sl.exe

    C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\acrotray.exe

    C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe

    C:\Program Files (x86)\Yuna Software\Messenger Plus!\PlusService.exe

    C:\Program Files\AVAST Software\Avast\AvastUI.exe

    C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe

    C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe

    C:\Windows\system32\wbem\wmiprvse.exe

    C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe

    C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe

    C:\Windows\System32\svchost.exe -k HPZ12

    C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe

    C:\Windows\System32\svchost.exe -k HPZ12

    C:\Program Files\Internet Explorer\iexplore.exe

    C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

    C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

    C:\Windows\servicing\TrustedInstaller.exe

    C:\Windows\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.2.9200.16613_none_6273bd8950d6cae2\TiWorker.exe

    C:\Windows\system32\msiexec.exe

    C:\Windows\system32\taskhost.exe

    C:\Windows\System32\cscript.exe

    .

    ============== Pseudo HJT Report ===============

    .

    uStart Page = hxxp://www.uol.com.br/

    mWinlogon: Userinit = userinit.exe

    BHO: Facilitador de Leitor de Link Adobe PDF: {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

    BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - <orphaned>

    BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll

    BHO: Windows Live Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} -

    BHO: Adobe PDF Conversion Toolbar Helper: {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll

    BHO: HP Network Check Helper: {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll

    TB: Adobe PDF: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll

    TB: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll

    EB: Adobe PDF: {182EC0BE-5110-49C8-A062-BEB1D02A220B} - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll

    uRun: [TomTomHOME.exe] "C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe" -s

    mRun: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe

    mRun: [HP CoolSense] C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe -byrunkey

    mRun: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe

    mRun: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe"

    mRun: [PlusService] C:\Program Files (x86)\Yuna Software\Messenger Plus!\PlusService.exe

    mRun: [MessengerPlusForSkypeService] "C:\Program Files (x86)\Yuna Software\Messenger Plus! for Skype\MsgPlusForSkypeService.exe"

    mRun: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui

    mRun: [RemoteControl10] "C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe"

    mExplorerRun: [btvStack] "C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe"

    StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\StartUp\ADOBEA~1.LNK - C:\Windows\Installer\{AC76BA86-1044-7000-7760-000000000003}\_SC_Acrobat.exe

    StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\StartUp\ADOBER~1.LNK - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AdobeCollabSync.exe

    StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\StartUp\HPDIGI~1.LNK - C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe

    mPolicies-System: DisableCAD = dword:1

    IE: Anexar para um PDF existente - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html

    IE: Converter destino do link em Adobe PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html

    IE: Converter destino do link em um PDF existente - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html

    IE: Converter em Adobe PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html

    IE: Converter links selecionados em Adobe PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html

    IE: Converter links selecionados em um PDF existente - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html

    IE: Converter seleção em Adobe PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html

    IE: Converter seleção em PDF existente - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html

    IE: E&xportar para o Microsoft Excel - C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000

    IE: {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe

    IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}

    TCP: NameServer = 212.113.191.129 212.113.164.5

    TCP: Interfaces\{46644349-603C-448D-BAFB-E3AFC63170CF} : DHCPNameServer = 10.10.0.1

    TCP: Interfaces\{9C6BC3BC-50E9-4323-BD4D-A34B8A1167DB} : DHCPNameServer = 212.113.191.129 212.113.164.5

    TCP: Interfaces\{9C6BC3BC-50E9-4323-BD4D-A34B8A1167DB}\0545D275946494 : DHCPNameServer = 88.214.178.1 88.214.178.2

    TCP: Interfaces\{9C6BC3BC-50E9-4323-BD4D-A34B8A1167DB}\24162726F63716 : DHCPNameServer = 201.6.2.27 201.6.2.67 201.6.4.116

    TCP: Interfaces\{9C6BC3BC-50E9-4323-BD4D-A34B8A1167DB}\6796275737E696E64616 : DHCPNameServer = 192.168.1.1

    Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll

    AppInit_DLLs= C:\Windows\SysWOW64\nvinit.dll

    SSODL: WebCheck - <orphaned>

    x64-BHO: avast! Online Security: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll

    x64-TB: avast! Online Security: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll

    x64-Run: [btPreLoad] "C:\Program Files (x86)\Bluetooth Suite\BtPreLoad.exe"

    x64-Run: [synTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe

    x64-Run: [igfxTray] C:\Windows\System32\igfxtray.exe

    x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe

    x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe

    x64-Run: [sysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe

    x64-ExplorerRun: [btvStack] "C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe"

    x64-mPolicies-System: DisableCAD = dword:1

    x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>

    x64-Notify: igfxcui - igfxdev.dll

    x64-SSODL: WebCheck - <orphaned>

    .

    ================= FIREFOX ===================

    .

    FF - ProfilePath - C:\Users\LucilaPC\AppData\Roaming\Mozilla\Firefox\Profiles\pcyv9o1m.default\

    FF - prefs.js: network.proxy.type - 0

    FF - plugin: C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll

    FF - plugin: C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll

    FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrlui.dll

    FF - plugin: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1200112.dll

    FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll

    FF - plugin: C:\Windows\SysWOW64\npDeployJava1.dll

    FF - plugin: C:\Windows\SysWOW64\npmproxy.dll

    .

    ============= SERVICES / DRIVERS ===============

    .

    R0 aswRvrt;aswRvrt;C:\Windows\System32\Drivers\aswRvrt.sys [2013-3-26 65336]

    R0 aswVmm;aswVmm;C:\Windows\System32\Drivers\aswVmm.sys [2013-3-26 189936]

    R0 iaStorA;iaStorA;C:\Windows\System32\Drivers\iaStorA.sys [2012-9-28 650808]

    R0 nvpciflt;nvpciflt;C:\Windows\System32\Drivers\nvpciflt.sys [2013-2-27 30496]

    R1 aswSnx;aswSnx;C:\Windows\System32\Drivers\aswSnx.sys [2013-3-26 1030952]

    R1 aswSP;aswSP;C:\Windows\System32\Drivers\aswSP.sys [2013-3-26 378944]

    R2 aswFsBlk;aswFsBlk;C:\Windows\System32\Drivers\aswFsBlk.sys [2013-3-26 33400]

    R2 aswMonFlt;aswMonFlt;C:\Windows\System32\Drivers\aswMonFlt.sys [2013-3-26 80816]

    R2 AtherosSvc;AtherosSvc;C:\Program Files (x86)\Bluetooth Suite\AdminService.exe [2012-12-28 226944]

    R2 avast! Antivirus;avast! Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2013-5-24 46808]

    R2 HP Support Assistant Service;HP Support Assistant Service;C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe [2012-9-27 86528]

    R2 HPConnectedRemote;HP Connected Remote Service;C:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPConnectedRemoteService.exe [2012-10-12 35744]

    R2 hpsrv;HP Service;C:\Windows\System32\hpservice.exe [2012-9-24 31040]

    R2 HPWMISVC;HPWMISVC;C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [2012-9-7 35232]

    R2 IAStorDataMgrSvc;Tecnologia de Armazenamento Intel® Rapid;C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2012-11-2 14904]

    R2 IconMan_R;IconMan_R;C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2012-11-2 2451456]

    R2 Intel® Capability Licensing Service Interface;Intel® Capability Licensing Service Interface;C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-4-20 635104]

    R2 Intel® ME Service;Intel® ME Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe [2012-11-2 128896]

    R2 jhi_service;Intel® Dynamic Application Loader Host Interface Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe [2012-11-2 165760]

    R2 MsgPlusService;Messenger Plus! Service;C:\Program Files (x86)\Yuna Software\Messenger Plus! for Skype\MsgPlusForSkypeService.exe [2013-2-4 128000]

    R2 TomTomHOMEService;TomTomHOMEService;C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe [2013-3-22 93072]

    R2 UNS;Intel® Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2012-11-2 364416]

    R2 ZAtheros Bt and Wlan Coex Agent;ZAtheros Bt and Wlan Coex Agent;C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [2012-12-28 323584]

    R3 AthBTPort;Qualcomm Atheros Virtual Bluetooth Class;C:\Windows\System32\Drivers\btath_flt.sys [2013-6-15 89320]

    R3 BTATH_A2DP;Bluetooth A2DP Audio Driver;C:\Windows\System32\Drivers\btath_a2dp.sys [2013-6-15 345832]

    R3 btath_avdt;Qualcomm Atheros Bluetooth AVDT Service;C:\Windows\System32\Drivers\btath_avdt.sys [2013-6-15 115432]

    R3 BTATH_BUS;Qualcomm Atheros Bluetooth Bus;C:\Windows\System32\Drivers\btath_bus.sys [2013-6-15 33944]

    R3 BTATH_HCRP;Bluetooth HCRP Server driver;C:\Windows\System32\Drivers\btath_hcrp.sys [2013-6-15 179432]

    R3 BTATH_LWFLT;Bluetooth LWFLT Device;C:\Windows\System32\Drivers\btath_lwflt.sys [2013-6-15 77464]

    R3 BTATH_RCP;Bluetooth AVRCP Device;C:\Windows\System32\Drivers\btath_rcp.sys [2013-6-15 136424]

    R3 BtFilter;BtFilter;C:\Windows\System32\Drivers\btfilter.sys [2013-6-15 578792]

    R3 BthLEEnum;Controlador de Bluetooth de Baixo Consumo;C:\Windows\System32\Drivers\BthLEEnum.sys [2012-7-26 202752]

    R3 ICCS;Intel® Integrated Clock Controller Service - Intel® ICCS;C:\Program Files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe [2013-3-18 169752]

    R3 IntcDAud;Áudio do Monitor Intel®;C:\Windows\System32\Drivers\IntcDAud.sys [2012-6-19 342528]

    R3 RTL8168;Realtek 8168 NT Driver;C:\Windows\System32\Drivers\Rt630x64.sys [2012-11-2 690832]

    R3 SmbDrvI;SmbDrvI;C:\Windows\System32\Drivers\Smb_driver_Intel.sys [2012-8-25 43832]

    R3 WirelessButtonDriver;HP Wireless Button Driver Service;C:\Windows\System32\Drivers\WirelessButtonDriver64.sys [2012-8-31 20800]

    S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-6-21 162408]

    S3 ATHDFU;Qualcomm Atheros Valkyrie USB BootROM;C:\Windows\System32\Drivers\AthDfu.sys [2012-11-2 55448]

    S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);C:\Windows\System32\Drivers\ssudbus.sys [2013-6-4 103448]

    S3 GemCCID;GemCCID;C:\Windows\System32\Drivers\GemCCID.sys [2013-4-24 129792]

    S3 RSP2STOR;Realtek PCIE CardReader Driver - P2;C:\Windows\System32\Drivers\RtsP2Stor.sys [2012-11-2 269968]

    S3 SmbDrv;SmbDrv;C:\Windows\System32\Drivers\Smb_driver_AMDASF.sys [2012-8-25 41272]

    S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);C:\Windows\System32\Drivers\ssudmdm.sys [2013-6-4 203672]

    .

    =============== Created Last 30 ================

    .

    2013-09-03 22:56:52 270512 ----a-w- C:\ProgramData\Microsoft\Windows\Sqm\Manifest\Sqm10215.bin

    2013-08-20 18:00:22 17737608 ----a-w- C:\Windows\SysWow64\FlashPlayerInstaller.exe

    2013-08-17 01:04:39 92056 ----a-w- C:\Program Files (x86)\Mozilla Firefox\webapprt-stub.exe

    2013-08-14 11:10:23 911032 ----a-w- C:\Program Files\Windows Defender\MpClient.dll

    2013-08-14 11:09:26 1314816 ----a-w- C:\Windows\System32\rpcrt4.dll

    2013-08-09 17:51:21 -------- d-----w- C:\Program Files\IDT

    .

    ==================== Find3M ====================

    .

    2013-07-26 05:13:37 2241024 ----a-w- C:\Windows\System32\wininet.dll

    2013-07-26 05:13:28 915968 ----a-w- C:\Windows\System32\uxtheme.dll

    2013-07-26 05:13:28 53760 ----a-w- C:\Windows\System32\UXInit.dll

    2013-07-26 05:12:08 3958784 ----a-w- C:\Windows\System32\jscript9.dll

    2013-07-26 05:12:04 136704 ----a-w- C:\Windows\System32\iesysprep.dll

    2013-07-26 05:12:03 67072 ----a-w- C:\Windows\System32\iesetup.dll

    2013-07-26 03:35:08 2706432 ----a-w- C:\Windows\System32\mshtml.tlb

    2013-07-26 03:13:24 1767936 ----a-w- C:\Windows\SysWow64\wininet.dll

    2013-07-26 03:13:15 44032 ----a-w- C:\Windows\SysWow64\UXInit.dll

    2013-07-26 03:12:04 2877440 ----a-w- C:\Windows\SysWow64\jscript9.dll

    2013-07-26 03:12:00 61440 ----a-w- C:\Windows\SysWow64\iesetup.dll

    2013-07-26 03:12:00 109056 ----a-w- C:\Windows\SysWow64\iesysprep.dll

    2013-07-26 02:49:14 2706432 ----a-w- C:\Windows\SysWow64\mshtml.tlb

    2013-07-26 00:54:34 534528 ----a-w- C:\Windows\SysWow64\uxtheme.dll

    2013-07-13 06:18:21 337408 ----a-w- C:\Windows\System32\wintrust.dll

    2013-07-13 06:16:06 68096 ----a-w- C:\Windows\System32\cryptsvc.dll

    2013-07-13 06:16:06 1889280 ----a-w- C:\Windows\System32\crypt32.dll

    2013-07-13 06:15:53 98304 ----a-w- C:\Windows\System32\apprepsync.dll

    2013-07-13 06:15:53 124416 ----a-w- C:\Windows\System32\apprepapi.dll

    2013-07-13 04:24:58 261120 ----a-w- C:\Windows\SysWow64\wintrust.dll

    2013-07-13 04:23:11 1568256 ----a-w- C:\Windows\SysWow64\crypt32.dll

    2013-07-13 04:23:03 87040 ----a-w- C:\Windows\SysWow64\apprepapi.dll

    2013-07-13 04:23:03 74240 ----a-w- C:\Windows\SysWow64\apprepsync.dll

    2013-07-09 08:04:07 120144 ----a-w- C:\Windows\System32\drivers\msgpioclx.sys

    2013-07-09 06:18:21 439488 ----a-w- C:\Windows\System32\WerFault.exe

    2013-07-09 06:07:17 2233168 ----a-w- C:\Windows\System32\drivers\tcpip.sys

    2013-07-09 04:25:45 385768 ----a-w- C:\Windows\SysWow64\WerFault.exe

    2013-07-09 03:57:19 245760 ----a-w- C:\Windows\SysWow64\LocationApi.dll

    2013-07-08 22:46:00 543744 ----a-w- C:\Windows\System32\wwanmm.dll

    2013-07-08 22:46:00 414208 ----a-w- C:\Windows\System32\wwanconn.dll

    2013-07-08 22:46:00 370688 ----a-w- C:\Windows\System32\Wwanadvui.dll

    2013-07-08 22:45:16 312832 ----a-w- C:\Windows\System32\LocationApi.dll

    2013-07-06 00:16:17 1025024 ----a-w- C:\Windows\System32\localspl.dll

    2013-07-03 00:23:43 391168 ----a-w- C:\Windows\System32\Windows.Networking.BackgroundTransfer.dll

    2013-07-03 00:23:12 778752 ----a-w- C:\Windows\System32\oleaut32.dll

    2013-07-03 00:22:26 1300480 ----a-w- C:\Windows\System32\gdi32.dll

    2013-07-03 00:11:23 268800 ----a-w- C:\Windows\SysWow64\Windows.Networking.BackgroundTransfer.dll

    2013-07-03 00:11:02 551424 ----a-w- C:\Windows\SysWow64\oleaut32.dll

    2013-07-02 23:51:03 4039680 ----a-w- C:\Windows\System32\win32k.sys

    2013-07-02 00:44:14 36288 ----a-w- C:\Windows\System32\drivers\WdBoot.sys

    2013-07-01 22:08:49 247216 ----a-w- C:\Windows\System32\drivers\WdFilter.sys

    2013-06-30 22:30:14 67072 ----a-w- C:\Windows\SysWow64\openfiles.exe

    2013-06-30 22:29:22 77312 ----a-w- C:\Windows\System32\openfiles.exe

    2013-06-29 06:15:54 195416 ----a-w- C:\Windows\System32\drivers\sdbus.sys

    2013-06-29 06:15:47 125784 ----a-w- C:\Windows\System32\drivers\dumpsd.sys

    2013-06-29 05:43:16 327512 ----a-w- C:\Windows\System32\drivers\Classpnp.sys

    2013-06-29 01:12:01 1022464 ----a-w- C:\Windows\SysWow64\gdi32.dll

    2013-06-28 10:25:36 189936 ----a-w- C:\Windows\System32\drivers\aswVmm.sys

    2013-06-28 10:25:35 1030952 ----a-w- C:\Windows\System32\drivers\aswSnx.sys

    2013-06-27 22:04:51 78200 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl

    2013-06-27 22:04:51 693112 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe

    2013-06-26 03:01:38 321536 ----a-w- C:\Windows\System32\drivers\udfs.sys

    2013-06-26 02:59:34 341504 ----a-w- C:\Windows\System32\drivers\HdAudio.sys

    2013-06-24 22:54:52 447488 ----a-w- C:\Windows\System32\wwansvc.dll

    2013-06-24 22:54:45 74240 ----a-w- C:\Windows\System32\wcmcsp.dll

    2013-06-24 22:54:45 263680 ----a-w- C:\Windows\System32\wcmsvc.dll

    2013-06-19 05:36:21 183808 ----a-w- C:\Windows\System32\winmmbase.dll

    2013-06-19 05:36:21 115712 ----a-w- C:\Windows\System32\winmm.dll

    2013-06-18 22:38:00 160256 ----a-w- C:\Windows\SysWow64\winmmbase.dll

    2013-06-18 22:38:00 125440 ----a-w- C:\Windows\SysWow64\winmm.dll

    2013-06-16 22:41:31 997632 ----a-w- C:\Windows\System32\drivers\ndis.sys

    2013-06-15 01:20:04 499712 ----a-w- C:\Windows\SysWow64\msvcp71.dll

    2013-06-15 01:20:04 348160 ----a-w- C:\Windows\SysWow64\msvcr71.dll

    2013-06-15 01:20:04 29480 ----a-w- C:\Windows\SysWow64\msxml3a.dll

    2013-06-12 20:48:23 867240 ----a-w- C:\Windows\SysWow64\npDeployJava1.dll

    2013-06-12 20:48:17 789416 ----a-w- C:\Windows\SysWow64\deployJava1.dll

    2013-06-11 23:43:37 154112 ----a-w- C:\Windows\SysWow64\WinSCard.dll

    2013-06-11 23:26:20 230912 ----a-w- C:\Windows\System32\WinSCard.dll

    2013-06-10 21:17:46 96512 ----a-w- C:\Windows\System32\drivers\wfplwfs.sys

    2013-06-10 19:16:07 888832 ----a-w- C:\Windows\System32\nshwfp.dll

    2013-06-10 19:15:42 1156096 ----a-w- C:\Windows\System32\IKEEXT.DLL

    2013-06-10 19:15:38 381952 ----a-w- C:\Windows\System32\FWPUCLNT.DLL

    2013-06-10 19:15:25 723968 ----a-w- C:\Windows\System32\BFE.DLL

    2013-06-10 19:10:58 702464 ----a-w- C:\Windows\SysWow64\nshwfp.dll

    2013-06-10 19:10:37 245248 ----a-w- C:\Windows\SysWow64\FWPUCLNT.DLL

    .

    ============= FINISH: 17:45:09,55 ===============

    .

    UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

    IF REQUESTED, ZIP IT UP & ATTACH IT

    .

    DDS (Ver_2012-11-20.01)

    .

    Microsoft Windows 8

    Boot Device: \Device\HarddiskVolume2

    Install Date: 31/01/2013 22:27:07

    System Uptime: 06/09/2013 14:14:02 (27 hours ago)

    .

    Motherboard: Hewlett-Packard | | 18FD

    Processor: Intel® Core i5-3337U CPU @ 1.80GHz | U3E1 | 1801/100mhz

    .

    ==== Disk Partitions =========================

    .

    C: is FIXED (NTFS) - 448 GiB total, 360,151 GiB free.

    D: is FIXED (NTFS) - 17 GiB total, 2,157 GiB free.

    .

    ==== Disabled Device Manager Items =============

    .

    Class GUID: {4d36e971-e325-11ce-bfc1-08002be10318}

    Description: Photosmart B110 series

    Device ID: ROOT\MULTIFUNCTION\0000

    Manufacturer: HP

    Name: Photosmart B110 series

    PNP Device ID: ROOT\MULTIFUNCTION\0000

    Service:

    .

    Class GUID: {6bdd1fc6-810f-11d0-bec7-08002be2092f}

    Description: Dispositivo de vídeo USB

    Device ID: USB\VID_05C8&PID_0355&MI_00\7&1233FBB1&0&0000

    Manufacturer: Microsoft

    Name: HP Truevision HD

    PNP Device ID: USB\VID_05C8&PID_0355&MI_00\7&1233FBB1&0&0000

    Service: usbvideo

    .

    ==== System Restore Points ===================

    .

    RP31: 30/08/2013 19:55:56 - Ponto de Verificação Agendado

    .

    ==== Installed Programs ======================

    .

    64 Bit HP CIO Components Installer

    Actualizações da NVIDIA 1.11.3

    Adobe Acrobat 8 Professional - Norsk, Português

    Adobe Flash Player 11 Plugin

    Adobe Shockwave Player 12.0

    µTorrent

    Atualização do produto Microsoft Office Excel 2007 Help (KB963678)

    Atualização do produto Microsoft Office Outlook 2007 Help (KB963677)

    Atualização do produto Microsoft Office Powerpoint 2007 Help (KB963669)

    Atualização do produto Microsoft Office Word 2007 Help (KB963665)

    aTube Catcher

    avast! Free Antivirus

    B110

    BufferChm

    Connected Music powered by Universal Music Group version 1.0

    CyberLink Media Suite 10

    CyberLink PhotoDirector

    CyberLink PowerDirector 10

    CyberLink PowerDVD

    CyberLink YouCam

    Destinations

    DeviceDiscovery

    Dungeons & Dragons Online v01.21.01.8029

    Energy Star

    ERS Aplicação Cartão Cidadão

    Ferramenta de Carregamento do Windows Live

    GPBaseService2

    Hewlett-Packard ACLM.NET v1.2.1.1

    HP 3D DriveGuard

    HP Connected Music (Meridian - installer)

    HP Connected Remote

    HP CoolSense

    HP Customer Experience Enhancements

    HP Customer Participation Program 14.0

    HP Documentation

    HP Imaging Device Functions 14.0

    HP Photosmart Wireless B110 All-In-One Driver Software 14.0 Rel. 6

    HP Postscript Converter

    HP Quick Launch

    HP Recovery Manager

    HP Registration Service

    HP Solution Center 14.0

    HP Support Assistant

    HP Update

    HP Utility Center

    HP Wireless Button Driver

    HPAppStudio

    HPDiagnosticAlert

    HPPhotoGadget

    HPProductAssistant

    HPSSupply

    IDT Audio

    Intel® Control Center

    Intel® Management Engine Components

    Intel® Processor Graphics

    Intel® Rapid Storage Technology

    Intel® SDK for OpenCL - CPU Only Runtime Package

    Intel® Trusted Connect Service Client

    K-Lite Codec Pack 9.8.5 (Standard)

    MarketResearch

    Messenger Plus!

    Messenger Plus! for Skype

    Microsoft .NET Framework 1.1

    Microsoft Application Error Reporting

    Microsoft Choice Guard

    Microsoft Office

    Microsoft Office 2007 Service Pack 3 (SP3)

    Microsoft Office Access MUI (Portuguese (Brazil)) 2007

    Microsoft Office Enterprise 2007

    Microsoft Office Excel MUI (Portuguese (Brazil)) 2007

    Microsoft Office File Validation Add-In

    Microsoft Office Groove MUI (Portuguese (Brazil)) 2007

    Microsoft Office InfoPath MUI (Portuguese (Brazil)) 2007

    Microsoft Office Office 64-bit Components 2007

    Microsoft Office OneNote MUI (Portuguese (Brazil)) 2007

    Microsoft Office Outlook MUI (Portuguese (Brazil)) 2007

    Microsoft Office PowerPoint MUI (Portuguese (Brazil)) 2007

    Microsoft Office Proof (English) 2007

    Microsoft Office Proof (Portuguese (Brazil)) 2007

    Microsoft Office Proof (Spanish) 2007

    Microsoft Office Proofing (Portuguese (Brazil)) 2007

    Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)

    Microsoft Office Publisher MUI (Portuguese (Brazil)) 2007

    Microsoft Office Shared 64-bit MUI (Portuguese (Brazil)) 2007

    Microsoft Office Shared MUI (Portuguese (Brazil)) 2007

    Microsoft Office Word MUI (Portuguese (Brazil)) 2007

    Microsoft Silverlight

    Microsoft Visual C++ 2005 Redistributable

    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148

    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161

    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

    Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219

    Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219

    Mozilla Firefox 23.0.1 (x86 pt-PT)

    Mozilla Maintenance Service

    MSVCRT

    MSXML 4.0 SP3 Parser

    MSXML 4.0 SP3 Parser (KB2758694)

    My MedicineOne

    Network64

    NVIDIA Controlador gráfico 311.00

    NVIDIA Install Application

    NVIDIA Optimus 1.11.3

    NVIDIA Update Components

    Painel de controlo da NVIDIA 311.00

    PS_AIO_07_B110_SW_Min

    Qualcomm Atheros Bluetooth Suite (64)

    Qualcomm Atheros Driver Installation Program

    QuickTransfer

    Realtek Ethernet Controller Driver

    Realtek PCIE Card Reader

    Scan

    Security Update for Microsoft Office 2007 suites (KB2596615) 32-Bit Edition

    Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition

    Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition

    Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition

    Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition

    Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition

    Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition

    Security Update for Microsoft Office 2007 suites (KB2687309) 32-Bit Edition

    Security Update for Microsoft Office 2007 suites (KB2687311) 32-Bit Edition

    Security Update for Microsoft Office 2007 suites (KB2687439) 32-Bit Edition

    Security Update for Microsoft Office 2007 suites (KB2760416) 32-Bit Edition

    Security Update for Microsoft Office Excel 2007 (KB2687307) 32-Bit Edition

    Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition

    Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition

    Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition

    Security Update for Microsoft Office Publisher 2007 (KB2597971) 32-Bit Edition

    Security Update for Microsoft Office Word 2007 (KB2760421) 32-Bit Edition

    Shop for HP Supplies

    Skype™ 6.6

    SolutionCenter

    Status

    swMSM

    Synaptics Pointing Device Driver

    TomTom HOME

    TomTom HOME Visual Studio Merge Modules

    Toolbox

    TrayApp

    Update for 2007 Microsoft Office System (KB967642)

    Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition

    Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition

    Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition

    Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition

    Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition

    Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition

    Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition

    Update for Microsoft Office Outlook 2007 (KB2768023) 32-Bit Edition

    Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2817642) 32-Bit Edition

    WebReg

    Windows Live Call

    Windows Live Communications Platform

    Windows Live Essentials

    Windows Live Messenger

    WinRAR 4.20 (32-bit)

    .

    ==== End Of File ===========================

    Compartilhar este post


    Link para o post
    Compartilhar em outros sites

    Caro mindoo

    Recomendo que salve este tópico em seus Favoritos para facilitar na hora de encontrá-lo.

    Por favor, atente para o seguinte:

    • Caso fique sem resposta durante 3 dias, me envie uma Mensagem Privada (MP);
    • O que será passado aqui, somente será com relação ao problema do seu computador portanto, não faça mais em nenhum outro;
    • Siga, por favor, atentamente as instruções passadas e em caso de dúvidas não hesite em perguntá-las;
    • Sempre coloque suas respostas neste tópico... Não abra outro!
    • Procure sempre me manter informado, durante a remoção, sobre o que acontece com seu computador.
    • Respeite a ordem das instruções passadas.
    • Observação: Não tome outra medida além das passadas aqui; atente para que, caso peça ajuda em outro fórum, não deixe de nos informar, sob risco de desconfigurar seu computador!

    # Etapa nº 1 #

    Encontra-se instalado em sistema dois antivírus e dois antispyware, o recomendado é somente um de cada. Escolha um deles, desinstale o outro para podermos dar continuidade.

    AV: avast! Antivirus

    AV: Windows Defender

    SP: avast! Antivirus

    SP: Windows Defender

    Abraços :D

    Compartilhar este post


    Link para o post
    Compartilhar em outros sites
  • Autor do tópico
  • Boa tarde Diego.

    Nem sabia que possuía o Windows defender.

    Eu já o desabilitei, como aqui é Windows 8 não consegui desinstalar mesmo.

    Se caso houver alguma maneira de o desinstalar me avise.

    Obrigado

    Compartilhar este post


    Link para o post
    Compartilhar em outros sites

    Caro mindoo

    Recomendo que salve este tópico em seus Favoritos para facilitar na hora de encontrá-lo.

    Por favor, atente para o seguinte:

    • Caso fique sem resposta durante 3 dias, me envie uma Mensagem Privada (MP);
    • O que será passado aqui, somente será com relação ao problema do seu computador portanto, não faça mais em nenhum outro;
    • Siga, por favor, atentamente as instruções passadas e em caso de dúvidas não hesite em perguntá-las;
    • Sempre coloque suas respostas neste tópico... Não abra outro!
    • Procure sempre me manter informado, durante a remoção, sobre o que acontece com seu computador.
    • Respeite a ordem das instruções passadas.
    • Observação: Não tome outra medida além das passadas aqui; atente para que, caso peça ajuda em outro fórum, não deixe de nos informar, sob risco de desconfigurar seu computador!

    # Etapa nº 1 #

    Faça o download Junkware Removal Tool e salve em seu Desktop.

    • Desative seus programas de proteção (antivírus etc) para evitar qualquer conflito.
    • Clique duas vezes JRT.exe
      • Se seu sistema for Windows Vista ou Windows 7 ou Windows 8, clique com o botão direito do mouse e peça para Executar como Administrador.

      [*]Seja paciente e aguarde o scan terminar.[*]Abra o log JRT.txt que está em seu Desktop.[*]Copie todo conteúdo e cole em sua próximo mensagem.

    # Etapa nº 2 #

    • Clique duas vezes no adwcleaner.exe
      • Atenção: Usuários Windows Vista, 7 e 8, cliquem com o botão direito do mouse e escolha: execadmin.png

    • Clique em Pesquisar
    • No final do scan será aberto um log com o resultado.
    • Caso algo seja detectado, clique então no botão Remover.
    • Novamente, no final do scan será aberto um log com o resultado.
    • Copie todo seu conteúdo e cole em sua próxima resposta.

    # Etapa nº 3 #

    Leia as instruções contidas neste link:

    Nas instruções contidas no link acima, poderá verificar quais os fóruns onde os Analistas estão devidamente habilitados a utilizar corretamente a ferramenta:"Fóruns para receber ajuda com logs do ComboFix"

    1. Faça o download do ComboFix de um dos links oficiais listados abaixo e salve no seu desktop:

    [*]Temporariamente e durante a execução destas instruções, é muito importante que mantenha desabilitados os seus programas de proteção (Antivirus, Antispyware e Firewall). Reative as proteções após a execução do(s) procedimento(s) abaixo mencionado(s).[*]Duplo clique no icone desktopicon.png que está no desktop.[*]Leia e aceite as condições, digitando 1 e enter.[*]Computadores com Windows XP deverão instalar o Console de Recuperação:

    • Se o seu computador tem instalado o Windows XP e ainda não tem instalado o Console de Recuperação, por favor certifique-se que está conectado à Internet, e clique em "Sim".
    • Clique em "OK" ao EULA.
    • Quando o Console de Recuperação estiver já instalado, clique em "SIM" para continuar.

    [*]O ComboFix será executado, por favor seja paciente e aguarde. [*]Atenção: Não utilize o mouse nem o teclado enquanto a ferramenta estiver sendo executada, isso pode fazer com que o computador pare.[*]Poderá surgir o aviso que é necessário reiniciar o computador.

    NÃO REINICIE!!! O ComboFix reiniciará o computador automaticamente.[*]Quando a ferramenta terminar de rodar, gerará um log (o arquivo C:\ComboFix.txt). Copie e cole o conteúdo desse arquivo na sua proxima resposta.

    NÃO utilize a ferramenta por conta própria. É uma ferramenta poderosa criada pra lidar com infecções sofisticadas e caso não a utilize corretamente poderá danificar o seu computador.

    • Existem vários malwares que impedem a execução correta da ferramenta e com isso danificar gravemente o computador. Analistas habilitados a utilizar o ComboFix conhecem esses casos e sabem lidar com estas situações.
    • Muitos dos Analistas não respondem a topicos em que vejam que o ComboFix foi utilizado sem supervisão.
    • Existem varias ferramentas anti-malware generalistas em que os autores ao elaborarem a programação das mesmas, estão pensando nos usuários finais e para serem usadas sem supervisão. O Combofix não é uma ferramenta desse tipo, e assim sendo e até por respeito ao autor da ferramenta, não utilize sem supervisão.

    Abraços :D

    Compartilhar este post


    Link para o post
    Compartilhar em outros sites
  • Autor do tópico
  • Boa noite Diego.

    Tudo bem?

    Rodei os 3 programas e segue abaixo os relatórios.

    Mais uma vez obrigado pelo auxilio.

    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

    Junkware Removal Tool (JRT) by Thisisu

    Version: 6.0.0 (09.12.2013:1)

    OS: Windows 8 x64

    Ran by LucilaPC on 13/09/2013 at 1:01:48,98

    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

    ~~~ Services

    Successfully stopped: [service] MsgPlusService

    Successfully deleted: [service] MsgPlusService

    ~~~ Registry Values

    Successfully deleted: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\messengerplusforskypeservice

    Successfully deleted: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\plusservice

    ~~~ Registry Keys

    Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{37211D63-CCE9-4780-B182-96538CFC6FED}

    Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{8B9C4F32-044E-491C-893E-362CB8A679D5}

    Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{CBC3E05C-F841-452A-A600-E8D8BBEA63D9}

    Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{CBC3E05D-F841-452A-A600-E8D8BBEA63DA}

    Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{CF2BF214-9D1E-4803-9AEB-38552615FD40}

    Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{2CE4D4CF-B278-4126-AD1E-B622DA2E8339}

    Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\conduit

    Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\softonic

    Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\yuna software

    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\yuna software

    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\msgplusforskype.animationpackage

    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\msgplusforskype.skinpack

    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\messenger plus! for skype

    Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{360F7562-0C73-488F-BD9A-5DDF2DC9CC6E}

    Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{4327FABE-3C22-4689-8DBF-D226CF777FE9}

    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{360F7562-0C73-488F-BD9A-5DDF2DC9CC6E}

    Successfully deleted: [Registry Key] "hkey_current_user\software\apn pip"

    ~~~ Files

    ~~~ Folders

    Successfully deleted: [Folder] "C:\ProgramData\apn"

    Successfully deleted: [Folder] "C:\ProgramData\messenger plus! for skype"

    Successfully deleted: [Folder] "C:\Program Files (x86)\yuna software"

    ~~~ FireFox

    Emptied folder: C:\Users\LucilaPC\AppData\Roaming\mozilla\firefox\profiles\pcyv9o1m.default\minidumps [14 files]

    ~~~ Event Viewer Logs were cleared

    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

    Scan was completed on 13/09/2013 at 1:14:52,40

    End of JRT log

    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

    # AdwCleaner v3.003 - Report created 13/09/2013 at 01:17:46

    # Updated 07/09/2013 by Xplode

    # Operating System : Windows 8 (64 bits)

    # Username : LucilaPC - MINDOO

    # Running from : C:\Users\LucilaPC\Desktop\AdwCleaner.exe

    # Option : Clean

    ***** [ Services ] *****

    ***** [ Files / Folders ] *****

    Folder Deleted : C:\Users\LucilaPC\AppData\Local\PackageAware

    Folder Deleted : C:\Users\LucilaPC\AppData\Local\Temp\apn

    ***** [ Shortcuts ] *****

    ***** [ Registry ] *****

    Key Deleted : HKLM\Software\PIP

    ***** [ Browsers ] *****

    -\\ Internet Explorer v10.0.9200.16660

    -\\ Mozilla Firefox v23.0.1 (pt-PT)

    [ File : C:\Users\LucilaPC\AppData\Roaming\Mozilla\Firefox\Profiles\pcyv9o1m.default\prefs.js ]

    [ File : C:\Users\Lucila\AppData\Roaming\Mozilla\Firefox\Profiles\gwpl7exn.default\prefs.js ]

    *************************

    AdwCleaner[R0].txt - [997 octets] - [13/09/2013 01:16:26]

    AdwCleaner[s0].txt - [929 octets] - [13/09/2013 01:17:46]

    ########## EOF - C:\AdwCleaner\AdwCleaner[s0].txt - [988 octets] ##########

    ComboFix 13-09-12.01 - LucilaPC 13/09/2013 1:27.1.4 - x64

    Microsoft Windows 8 6.2.9200.0.1252.351.2070.18.6043.4536 [GMT 1:00]

    Executando de: c:\users\LucilaPC\Desktop\ComboFix.exe

    AV: avast! Antivirus *Enabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}

    AV: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

    SP: avast! Antivirus *Enabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}

    SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

    * Criado um novo ponto de restauração

    .

    .

    ((((((((((((((((((((((((((((((((((((( Outras Exclusões )))))))))))))))))))))))))))))))))))))))))))))))))))

    .

    .

    c:\users\Lucila\AppData\Local\assembly\tmp

    c:\users\LucilaPC\AppData\Local\assembly\tmp

    c:\users\LucilaPC\AppData\Local\Microsoft\Windows\Temporary Internet Files\184SERP.png

    c:\users\LucilaPC\AppData\Local\Microsoft\Windows\Temporary Internet Files\184vio.png

    c:\windows\SysWow64\pt

    c:\windows\SysWow64\pt\AuthFWSnapIn.Resources.dll

    c:\windows\SysWow64\pt\AuthFWWizFwk.Resources.dll

    .

    .

    (((((((((((((((( Arquivos/Ficheiros criados de 2013-08-13 to 2013-09-13 ))))))))))))))))))))))))))))

    .

    .

    2013-09-13 00:35 . 2013-09-13 00:35 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp

    2013-09-13 00:15 . 2013-09-13 00:17 -------- d-----w- C:\AdwCleaner

    2013-09-13 00:01 . 2013-09-13 00:01 -------- d-----w- c:\windows\ERUNT

    2013-09-12 02:28 . 2013-09-12 02:28 265392 ----a-w- c:\programdata\Microsoft\Windows\Sqm\Manifest\Sqm10216.bin

    2013-09-06 13:14 . 2013-09-06 13:14 -------- d-----w- c:\windows\ServiceProfiles\LocalService\winhttp

    2013-08-30 19:47 . 2013-08-30 19:47 -------- d-----w- c:\users\Lucila\AppData\Local\Mozilla

    2013-08-14 11:09 . 2013-05-23 23:02 1314816 ----a-w- c:\windows\system32\rpcrt4.dll

    2013-08-14 11:08 . 2013-07-26 05:12 2647040 ----a-w- c:\windows\system32\iertutil.dll

    .

    .

    .

    ((((((((((((((((((((((((((((((((((((( Relatório Find3M ))))))))))))))))))))))))))))))))))))))))))))))))))))

    .

    2013-08-14 11:13 . 2013-02-01 20:07 78161360 ----a-w- c:\windows\system32\MRT.exe

    2013-06-28 10:25 . 2013-03-26 20:35 378944 ----a-w- c:\windows\system32\drivers\aswSP.sys

    2013-06-28 10:25 . 2013-03-26 20:35 189936 ----a-w- c:\windows\system32\drivers\aswVmm.sys

    2013-06-28 10:25 . 2013-03-26 20:35 1030952 ----a-w- c:\windows\system32\drivers\aswSnx.sys

    2013-06-27 22:04 . 2013-07-10 02:17 78200 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl

    2013-06-27 22:04 . 2013-07-10 02:17 693112 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe

    2013-06-16 22:41 . 2013-07-10 01:54 997632 ----a-w- c:\windows\system32\drivers\ndis.sys

    2013-06-15 01:20 . 2012-11-02 12:54 499712 ----a-w- c:\windows\SysWow64\msvcp71.dll

    2013-06-15 01:20 . 2012-11-02 12:54 348160 ----a-w- c:\windows\SysWow64\msvcr71.dll

    2013-06-15 01:20 . 2012-11-02 12:54 29480 ----a-w- c:\windows\SysWow64\msxml3a.dll

    .

    .

    (((((((((((((((((((((((((( Pontos de Carregamento do Registro )))))))))))))))))))))))))))))))))))))))

    .

    .

    *Nota* entradas vazias e legítimas por padrão não são apresentadas.

    REGEDIT4

    .

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

    "TomTomHOME.exe"="c:\program files (x86)\TomTom HOME 2\TomTomHOMERunner.exe" [2013-03-22 248208]

    .

    [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]

    "HP Quick Launch"="c:\program files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe" [2012-09-07 581024]

    "HP CoolSense"="c:\program files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe" [2012-09-14 1342008]

    "HP Software Update"="c:\program files (x86)\HP\HP Software Update\HPWuSchd2.exe" [2010-06-09 49208]

    "Acrobat Assistant 8.0"="c:\program files (x86)\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe" [2006-10-22 620152]

    "avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2013-05-09 4858968]

    "RemoteControl10"="c:\program files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe" [2012-03-28 91432]

    .

    c:\programdata\Microsoft\Windows\Start Menu\Programs\StartUp\

    Adobe Acrobat Speed Launcher.lnk - c:\windows\Installer\{AC76BA86-1044-7000-7760-000000000003}\_SC_Acrobat.exe [2013-2-1 295606]

    Adobe Reader Synchronizer.lnk - c:\program files (x86)\Adobe\Acrobat 8.0\Acrobat\AdobeCollabSync.exe [2006-10-23 734872]

    HP Digital Imaging Monitor.lnk - c:\program files (x86)\HP\Digital Imaging\bin\hpqtra08.exe [2011-4-29 276328]

    .

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

    "ConsentPromptBehaviorAdmin"= 5 (0x5)

    "EnableUIADesktopToggle"= 0 (0x0)

    "EnableCursorSuppression"= 1 (0x1)

    "ConsentPromptBehaviorUser"= 3 (0x3)

    "DisableCAD"= 1 (0x1)

    .

    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]

    "LoadAppInit_DLLs"=1 (0x1)

    "AppInit_DLLs"=c:\windows\SysWOW64\nvinit.dll

    .

    R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]

    R3 ATHDFU;Qualcomm Atheros Valkyrie USB BootROM;c:\windows\System32\Drivers\AthDfu.sys;c:\windows\SYSNATIVE\Drivers\AthDfu.sys [x]

    R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys;c:\windows\SYSNATIVE\DRIVERS\ssudbus.sys [x]

    R3 GemCCID;GemCCID;c:\windows\system32\DRIVERS\GemCCID.sys;c:\windows\SYSNATIVE\DRIVERS\GemCCID.sys [x]

    R3 MotDev;Motorola Inc. USB Device;c:\windows\system32\DRIVERS\motodrv.sys;c:\windows\SYSNATIVE\DRIVERS\motodrv.sys [x]

    R3 RSP2STOR;Realtek PCIE CardReader Driver - P2;c:\windows\system32\DRIVERS\RtsP2Stor.sys;c:\windows\SYSNATIVE\DRIVERS\RtsP2Stor.sys [x]

    R3 SmbDrv;SmbDrv;c:\windows\System32\drivers\Smb_driver_AMDASF.sys;c:\windows\SYSNATIVE\drivers\Smb_driver_AMDASF.sys [x]

    R3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudmdm.sys;c:\windows\SYSNATIVE\DRIVERS\ssudmdm.sys [x]

    S0 aswRvrt;aswRvrt; [x]

    S0 aswVmm;aswVmm; [x]

    S0 iaStorA;iaStorA;c:\windows\System32\drivers\iaStorA.sys;c:\windows\SYSNATIVE\drivers\iaStorA.sys [x]

    S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys;c:\windows\SYSNATIVE\DRIVERS\nvpciflt.sys [x]

    S1 aswSnx;aswSnx; [x]

    S1 aswSP;aswSP; [x]

    S2 aswFsBlk;aswFsBlk; [x]

    S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]

    S2 AtherosSvc;AtherosSvc;c:\program files (x86)\Bluetooth Suite\adminservice.exe;c:\program files (x86)\Bluetooth Suite\adminservice.exe [x]

    S2 HP Support Assistant Service;HP Support Assistant Service;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [x]

    S2 HPConnectedRemote;HP Connected Remote Service;c:\program files (x86)\Hewlett-Packard\HP Connected Remote\HPConnectedRemoteService.exe;c:\program files (x86)\Hewlett-Packard\HP Connected Remote\HPConnectedRemoteService.exe [x]

    S2 hpsrv;HP Service;c:\windows\system32\Hpservice.exe;c:\windows\SYSNATIVE\Hpservice.exe [x]

    S2 HPWMISVC;HPWMISVC;c:\program files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe;c:\program files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [x]

    S2 IAStorDataMgrSvc;Tecnologia de Armazenamento Intel® Rapid;c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [x]

    S2 IconMan_R;IconMan_R;c:\program files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe;c:\program files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [x]

    S2 Intel® Capability Licensing Service Interface;Intel® Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe;c:\program files\Intel\iCLS Client\HeciServer.exe [x]

    S2 Intel® ME Service;Intel® ME Service;c:\program files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe;c:\program files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe [x]

    S2 jhi_service;Intel® Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe;c:\program files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [x]

    S2 TomTomHOMEService;TomTomHOMEService;c:\program files (x86)\TomTom HOME 2\TomTomHOMEService.exe;c:\program files (x86)\TomTom HOME 2\TomTomHOMEService.exe [x]

    S2 UNS;Intel® Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [x]

    S2 ZAtheros Bt and Wlan Coex Agent;ZAtheros Bt and Wlan Coex Agent;c:\program files (x86)\Bluetooth Suite\Ath_CoexAgent.exe;c:\program files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [x]

    S3 AthBTPort;Qualcomm Atheros Virtual Bluetooth Class;c:\windows\system32\DRIVERS\btath_flt.sys;c:\windows\SYSNATIVE\DRIVERS\btath_flt.sys [x]

    S3 BTATH_A2DP;Bluetooth A2DP Audio Driver;c:\windows\system32\drivers\btath_a2dp.sys;c:\windows\SYSNATIVE\drivers\btath_a2dp.sys [x]

    S3 btath_avdt;Qualcomm Atheros Bluetooth AVDT Service;c:\windows\system32\drivers\btath_avdt.sys;c:\windows\SYSNATIVE\drivers\btath_avdt.sys [x]

    S3 BTATH_BUS;Qualcomm Atheros Bluetooth Bus;c:\windows\System32\drivers\btath_bus.sys;c:\windows\SYSNATIVE\drivers\btath_bus.sys [x]

    S3 BTATH_HCRP;Bluetooth HCRP Server driver;c:\windows\System32\drivers\btath_hcrp.sys;c:\windows\SYSNATIVE\drivers\btath_hcrp.sys [x]

    S3 BTATH_LWFLT;Bluetooth LWFLT Device;c:\windows\system32\DRIVERS\btath_lwflt.sys;c:\windows\SYSNATIVE\DRIVERS\btath_lwflt.sys [x]

    S3 BTATH_RCP;Bluetooth AVRCP Device;c:\windows\System32\drivers\btath_rcp.sys;c:\windows\SYSNATIVE\drivers\btath_rcp.sys [x]

    S3 BtFilter;BtFilter;c:\windows\system32\DRIVERS\btfilter.sys;c:\windows\SYSNATIVE\DRIVERS\btfilter.sys [x]

    S3 BthLEEnum;Controlador de Bluetooth de Baixo Consumo;c:\windows\system32\DRIVERS\BthLEEnum.sys;c:\windows\SYSNATIVE\DRIVERS\BthLEEnum.sys [x]

    S3 ICCS;Intel® Integrated Clock Controller Service - Intel® ICCS;c:\program files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe;c:\program files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe [x]

    S3 IntcDAud;Áudio do Monitor Intel®;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]

    S3 RTL8168;Realtek 8168 NT Driver;c:\windows\system32\DRIVERS\Rt630x64.sys;c:\windows\SYSNATIVE\DRIVERS\Rt630x64.sys [x]

    S3 SmbDrvI;SmbDrvI;c:\windows\system32\DRIVERS\Smb_driver_Intel.sys;c:\windows\SYSNATIVE\DRIVERS\Smb_driver_Intel.sys [x]

    S3 WirelessButtonDriver;HP Wireless Button Driver Service;c:\windows\System32\drivers\WirelessButtonDriver64.sys;c:\windows\SYSNATIVE\drivers\WirelessButtonDriver64.sys [x]

    .

    .

    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]

    apphost REG_MULTI_SZ apphostsvc

    iissvcs REG_MULTI_SZ w3svc was

    hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc

    .

    Conteúdo da pasta 'Tarefas Agendadas'

    .

    2013-09-13 c:\windows\Tasks\Adobe Flash Player Updater.job

    - c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-02-01 11:00]

    .

    2013-09-13 c:\windows\Tasks\HPCeeScheduleForLucilaPC.job

    - c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-13 21:15]

    .

    .

    --------- X64 Entries -----------

    .

    .

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]

    @="{472083B0-C522-11CF-8763-00608CC02F24}"

    [HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]

    2013-05-09 08:58 133840 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll

    .

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

    "BtPreLoad"="c:\program files (x86)\Bluetooth Suite\BtPreLoad.exe" [2012-12-28 64640]

    "IgfxTray"="c:\windows\system32\igfxtray.exe" [2013-01-08 172016]

    "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2013-01-08 399856]

    "Persistence"="c:\windows\system32\igfxpers.exe" [2013-01-08 441840]

    "SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2012-08-20 1664000]

    .

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]

    "AppInit_DLLs"=c:\windows\System32\nvinitx.dll

    .

    ------- Scan Suplementar -------

    .

    uStart Page = hxxp://www.uol.com.br/

    uLocal Page = c:\windows\system32\blank.htm

    mLocal Page = c:\windows\SysWOW64\blank.htm

    IE: Anexar para um PDF existente - c:\program files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html

    IE: Converter destino do link em Adobe PDF - c:\program files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html

    IE: Converter destino do link em um PDF existente - c:\program files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html

    IE: Converter em Adobe PDF - c:\program files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html

    IE: Converter links selecionados em Adobe PDF - c:\program files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html

    IE: Converter links selecionados em um PDF existente - c:\program files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html

    IE: Converter seleção em Adobe PDF - c:\program files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html

    IE: Converter seleção em PDF existente - c:\program files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html

    IE: E&xportar para o Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000

    Trusted Zone: ers.pt\www2

    TCP: DhcpNameServer = 212.113.191.129 212.113.164.5

    FF - ProfilePath - c:\users\LucilaPC\AppData\Roaming\Mozilla\Firefox\Profiles\pcyv9o1m.default\

    FF - prefs.js: network.proxy.type - 0

    .

    - - - - ORFÃOS REMOVIDOS - - - -

    .

    ShellIconOverlayIdentifiers-{F241C880-6982-4CE5-8CF7-7085BA96DA5A} - (no file)

    ShellIconOverlayIdentifiers-{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} - (no file)

    ShellIconOverlayIdentifiers-{BBACC218-34EA-4666-9D7A-C78F2274A524} - (no file)

    Wow6432Node-HKLM-Run-<NO NAME> - (no file)

    ShellIconOverlayIdentifiers-{F241C880-6982-4CE5-8CF7-7085BA96DA5A} - (no file)

    ShellIconOverlayIdentifiers-{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} - (no file)

    ShellIconOverlayIdentifiers-{BBACC218-34EA-4666-9D7A-C78F2274A524} - (no file)

    HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe

    AddRemove-Messenger Plus! - c:\program files (x86)\Yuna Software\Messenger Plus!\Uninstall.exe

    AddRemove-{EE202411-2C26-49E8-9784-1BC1DBF7DE96} - c:\program files (x86)\InstallShield Installation Information\{EE202411-2C26-49E8-9784-1BC1DBF7DE96}\setup.exe

    .

    .

    .

    --------------------- CHAVES DO REGISTRO BLOQUEADAS ---------------------

    .

    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4d36e96d-e325-11ce-bfc1-08002be10318}\0000\AllUserSettings]

    @Denied: (A) (Users)

    @Denied: (A) (Everyone)

    @Allowed: (B 1 2 3 4 5) (S-1-5-20)

    "BlindDial"=dword:00000000

    .

    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]

    @Denied: (Full) (Everyone)

    @SACL=(02 0000)

    .

    Tempo para conclusão: 2013-09-13 01:38:27

    ComboFix-quarantined-files.txt 2013-09-13 00:38

    .

    Pré-execução: 385 471 692 800 bytes free

    Pós execução: 389 035 384 832 bytes free

    .

    - - End Of File - - 7DC565EF3569D2324B564DE2A33F9542

    Compartilhar este post


    Link para o post
    Compartilhar em outros sites

    Caro mindoo

    Temporariamente e durante a execução destas instruções, é muito importante que mantenha desabilitados os seus programas de proteção (Antivirus, Antispyware e Firewall). Reative as proteções após a execução do(s) procedimento(s) abaixo mencionado(s).

    • Abra o seu Bloco de Notas, copie (control + c) e cole (control + v) todo o texto que está dentro do "Código":

    Reglock::
    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4d36e96d-e325-11ce-bfc1-08002be10318}\0000\AllUserSettings]


    • Salve este arquivo como: CFScript.txt
    • Tal com exemplificado na animação abaixo, arraste o arquivo CFScript.txt para dentro do ComboFix.exe. Quando a ferramenta terminar de rodar, gerará um log. Poste esse arquivo C:\ComboFix.txt.

    2872959479_997d4500c4_o.gif

    Abraços :D

    Compartilhar este post


    Link para o post
    Compartilhar em outros sites
  • Autor do tópico
  • Boa noite Diego.

    Obrigado mais uma vez pela atenção.

    Conforme solicitado segue abaixo o relatório do combofix apos ter arrastado as instruções para dentro do programa.

    Tenho sempre desabilitado o avasta durante os scans.

    Obrigado

    Gustavo

    ComboFix 13-09-16.01 - LucilaPC 16/09/2013 23:49:56.2.4 - x64

    Microsoft Windows 8 6.2.9200.0.1252.351.2070.18.6043.4432 [GMT 1:00]

    Executando de: C:\Users\LucilaPC\Desktop\ComboFix.exe

    Comandos utilizados :: C:\Users\LucilaPC\Desktop\CFScript.txt

    AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}

    AV: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

    SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}

    SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

    * Criado um novo ponto de restauração

    (((((((((((((((( Arquivos/Ficheiros criados de 2013-08-16 to 2013-09-16 ))))))))))))))))))))))))))))

    2013-09-16 22:56:26 . 2013-09-16 22:56:26 -------- d-----w- C:\Users\UpdatusUser\AppData\Local\temp

    2013-09-16 22:56:26 . 2013-09-16 22:56:26 -------- d-----w- C:\Users\LucilaPC\AppData\Local\temp

    2013-09-16 22:56:26 . 2013-09-16 22:56:26 -------- d-----w- C:\Users\Lucila\AppData\Local\temp

    2013-09-16 22:56:26 . 2013-09-16 22:56:26 -------- d-----w- C:\Users\Default\AppData\Local\temp

    2013-09-13 00:15:54 . 2013-09-13 00:17:48 -------- d-----w- C:\AdwCleaner

    2013-09-13 00:01:39 . 2013-09-13 00:01:39 -------- d-----w- C:\Windows\ERUNT

    2013-09-12 02:28:15 . 2013-09-12 02:28:15 265392 ----a-w- C:\ProgramData\Microsoft\Windows\Sqm\Manifest\Sqm10216.bin

    2013-08-30 19:47:22 . 2013-08-30 19:47:22 -------- d-----w- C:\Users\Lucila\AppData\Local\Mozilla

    .

    ((((((((((((((((((((((((((((((((((((( Relatório Find3M ))))))))))))))))))))))))))))))))))))))))))))))))))))

    2013-08-14 11:13:10 . 2013-02-01 20:07:37 78161360 ----a-w- C:\Windows\system32\MRT.exe

    2013-07-26 05:13:58 . 2013-08-14 11:09:11 51712 ----a-w- C:\Windows\system32\ie4uinit.exe

    2013-07-26 05:13:37 . 2013-08-14 11:09:08 2241024 ----a-w- C:\Windows\system32\wininet.dll

    2013-07-26 05:13:28 . 2013-08-14 11:09:16 53760 ----a-w- C:\Windows\system32\UXInit.dll

    2013-07-26 05:13:28 . 2013-08-14 11:09:15 915968 ----a-w- C:\Windows\system32\uxtheme.dll

    2013-07-26 05:13:28 . 2013-08-14 11:09:10 1365504 ----a-w- C:\Windows\system32\urlmon.dll

    2013-07-26 05:12:31 . 2013-08-14 11:09:04 19239424 ----a-w- C:\Windows\system32\mshtml.dll

    2013-07-26 05:12:27 . 2013-08-14 11:09:10 603136 ----a-w- C:\Windows\system32\msfeeds.dll

    2013-07-26 05:12:08 . 2013-08-14 11:09:11 53760 ----a-w- C:\Windows\system32\jsproxy.dll

    2013-07-26 05:12:08 . 2013-08-14 11:09:05 855552 ----a-w- C:\Windows\system32\jscript.dll

    2013-07-26 05:12:08 . 2013-08-14 11:08:54 3958784 ----a-w- C:\Windows\system32\jscript9.dll

    2013-07-26 05:12:04 . 2013-08-14 11:09:09 136704 ----a-w- C:\Windows\system32\iesysprep.dll

    2013-07-26 05:12:03 . 2013-08-14 11:09:11 39936 ----a-w- C:\Windows\system32\iernonce.dll

    2013-07-26 05:12:03 . 2013-08-14 11:09:09 67072 ----a-w- C:\Windows\system32\iesetup.dll

    2013-07-26 05:12:03 . 2013-08-14 11:09:07 15405056 ----a-w- C:\Windows\system32\ieframe.dll

    2013-07-26 05:12:03 . 2013-08-14 11:08:55 2647040 ----a-w- C:\Windows\system32\iertutil.dll

    2013-07-26 03:35:08 . 2013-08-14 11:09:14 2706432 ----a-w- C:\Windows\system32\mshtml.tlb

    2013-07-26 03:13:24 . 2013-08-14 11:09:11 1767936 ----a-w- C:\Windows\SysWow64\wininet.dll

    2013-07-26 03:13:15 . 2013-08-14 11:09:15 44032 ----a-w- C:\Windows\SysWow64\UXInit.dll

    2013-07-26 03:12:04 . 2013-08-14 11:08:48 2877440 ----a-w- C:\Windows\SysWow64\jscript9.dll

    2013-07-26 03:12:00 . 2013-08-14 11:09:15 61440 ----a-w- C:\Windows\SysWow64\iesetup.dll

    2013-07-26 03:12:00 . 2013-08-14 11:09:11 109056 ----a-w- C:\Windows\SysWow64\iesysprep.dll

    2013-07-26 02:49:14 . 2013-08-14 11:09:13 2706432 ----a-w- C:\Windows\SysWow64\mshtml.tlb

    2013-07-26 00:54:34 . 2013-08-14 11:09:14 534528 ----a-w- C:\Windows\SysWow64\uxtheme.dll

    2013-07-13 06:18:21 . 2013-08-14 11:08:26 337408 ----a-w- C:\Windows\system32\wintrust.dll

    2013-07-13 06:16:06 . 2013-08-14 11:08:26 1889280 ----a-w- C:\Windows\system32\crypt32.dll

    2013-07-13 06:16:06 . 2013-08-14 11:08:24 68096 ----a-w- C:\Windows\system32\cryptsvc.dll

    2013-07-13 06:15:53 . 2013-08-14 11:08:25 124416 ----a-w- C:\Windows\system32\apprepapi.dll

    2013-07-13 06:15:53 . 2013-08-14 11:08:24 98304 ----a-w- C:\Windows\system32\apprepsync.dll

    2013-07-13 04:24:58 . 2013-08-14 11:08:26 261120 ----a-w- C:\Windows\SysWow64\wintrust.dll

    2013-07-13 04:23:11 . 2013-08-14 11:08:26 1568256 ----a-w- C:\Windows\SysWow64\crypt32.dll

    2013-07-13 04:23:03 . 2013-08-14 11:08:24 87040 ----a-w- C:\Windows\SysWow64\apprepapi.dll

    2013-07-13 04:23:03 . 2013-08-14 11:08:24 74240 ----a-w- C:\Windows\SysWow64\apprepsync.dll

    2013-07-09 08:04:07 . 2013-08-17 01:34:05 120144 ----a-w- C:\Windows\system32\drivers\msgpioclx.sys

    2013-07-09 06:18:21 . 2013-08-17 01:34:07 439488 ----a-w- C:\Windows\system32\WerFault.exe

    2013-07-09 06:07:17 . 2013-08-14 11:09:19 2233168 ----a-w- C:\Windows\system32\drivers\tcpip.sys

    2013-07-09 04:25:45 . 2013-08-17 01:34:06 385768 ----a-w- C:\Windows\SysWow64\WerFault.exe

    2013-07-09 03:57:19 . 2013-08-17 01:34:02 245760 ----a-w- C:\Windows\SysWow64\LocationApi.dll

    2013-07-08 22:46:00 . 2013-08-17 01:34:07 414208 ----a-w- C:\Windows\system32\wwanconn.dll

    2013-07-08 22:46:00 . 2013-08-17 01:34:03 370688 ----a-w- C:\Windows\system32\Wwanadvui.dll

    2013-07-08 22:46:00 . 2013-08-17 01:34:02 543744 ----a-w- C:\Windows\system32\wwanmm.dll

    2013-07-08 22:45:16 . 2013-08-17 01:34:02 312832 ----a-w- C:\Windows\system32\LocationApi.dll

    2013-07-06 00:16:17 . 2013-08-17 01:34:08 1025024 ----a-w- C:\Windows\system32\localspl.dll

    2013-07-03 00:23:43 . 2013-08-17 01:34:02 391168 ----a-w- C:\Windows\system32\Windows.Networking.BackgroundTransfer.dll

    2013-07-03 00:23:12 . 2013-08-17 01:34:08 778752 ----a-w- C:\Windows\system32\oleaut32.dll

    2013-07-03 00:22:47 . 2013-08-17 01:34:10 2839552 ----a-w- C:\Windows\system32\msftedit.dll

    2013-07-03 00:22:26 . 2013-08-17 01:34:08 1300480 ----a-w- C:\Windows\system32\gdi32.dll

    2013-07-03 00:11:23 . 2013-08-17 01:34:03 268800 ----a-w- C:\Windows\SysWow64\Windows.Networking.BackgroundTransfer.dll

    2013-07-03 00:11:02 . 2013-08-17 01:34:08 551424 ----a-w- C:\Windows\SysWow64\oleaut32.dll

    2013-07-02 23:51:03 . 2013-08-17 01:34:09 4039680 ----a-w- C:\Windows\system32\win32k.sys

    2013-07-02 00:44:14 . 2013-08-14 11:10:18 36288 ----a-w- C:\Windows\system32\drivers\WdBoot.sys

    2013-07-01 22:08:49 . 2013-08-14 11:10:19 247216 ----a-w- C:\Windows\system32\drivers\WdFilter.sys

    2013-06-30 22:30:14 . 2013-08-17 01:34:02 67072 ----a-w- C:\Windows\SysWow64\openfiles.exe

    2013-06-30 22:29:22 . 2013-08-17 01:34:02 77312 ----a-w- C:\Windows\system32\openfiles.exe

    2013-06-29 06:15:54 . 2013-08-17 01:34:04 195416 ----a-w- C:\Windows\system32\drivers\sdbus.sys

    2013-06-29 06:15:47 . 2013-08-17 01:34:05 125784 ----a-w- C:\Windows\system32\drivers\dumpsd.sys

    2013-06-29 05:43:16 . 2013-08-17 01:34:07 327512 ----a-w- C:\Windows\system32\drivers\Classpnp.sys

    2013-06-29 01:12:01 . 2013-08-17 01:34:02 1022464 ----a-w- C:\Windows\SysWow64\gdi32.dll

    2013-06-28 10:25:36 . 2013-03-26 20:35:38 378944 ----a-w- C:\Windows\system32\drivers\aswSP.sys

    2013-06-28 10:25:36 . 2013-03-26 20:35:19 189936 ----a-w- C:\Windows\system32\drivers\aswVmm.sys

    2013-06-28 10:25:35 . 2013-03-26 20:35:19 1030952 ----a-w- C:\Windows\system32\drivers\aswSnx.sys

    2013-06-27 22:04:51 . 2013-07-10 02:17:30 78200 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl

    2013-06-27 22:04:51 . 2013-07-10 02:17:30 693112 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe

    2013-06-26 03:01:38 . 2013-08-17 01:34:02 321536 ----a-w- C:\Windows\system32\drivers\udfs.sys

    2013-06-26 02:59:34 . 2013-08-17 01:34:04 341504 ----a-w- C:\Windows\system32\drivers\HdAudio.sys

    2013-06-24 22:54:52 . 2013-08-17 01:34:06 447488 ----a-w- C:\Windows\system32\wwansvc.dll

    2013-06-24 22:54:45 . 2013-08-17 01:34:06 263680 ----a-w- C:\Windows\system32\wcmsvc.dll

    2013-06-24 22:54:45 . 2013-08-17 01:34:03 74240 ----a-w- C:\Windows\system32\wcmcsp.dll

    2013-06-19 05:36:21 . 2013-08-17 01:34:06 183808 ----a-w- C:\Windows\system32\winmmbase.dll

    2013-06-19 05:36:21 . 2013-08-17 01:34:06 115712 ----a-w- C:\Windows\system32\winmm.dll

    (((((((((((((((((((((((((( Pontos de Carregamento do Registro )))))))))))))))))))))))))))))))))))))))

    *Nota* entradas vazias e legítimas por padrão não são apresentadas.

    REGEDIT4

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

    "TomTomHOME.exe"="C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe" [2013-03-22 05:07:16 248208]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]

    "HP Quick Launch"="C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe" [2012-09-07 16:33:08 581024]

    "HP CoolSense"="C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe" [2012-09-14 17:42:14 1342008]

    "HP Software Update"="C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe" [2010-06-09 20:55:54 49208]

    "Acrobat Assistant 8.0"="C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe" [2006-10-22 23:24:02 620152]

    "avast"="C:\Program Files\AVAST Software\Avast\avastUI.exe" [2013-05-09 08:58:30 4858968]

    "RemoteControl10"="C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe" [2012-03-28 17:34:30 91432]

    C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StartUp\

    Adobe Acrobat Speed Launcher.lnk - C:\Windows\Installer\{AC76BA86-1044-7000-7760-000000000003}\_SC_Acrobat.exe [2013-2-1 295606]

    Adobe Reader Synchronizer.lnk - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AdobeCollabSync.exe [2006-10-23 734872]

    HP Digital Imaging Monitor.lnk - C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe [2011-4-29 276328]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

    "ConsentPromptBehaviorAdmin"= 5 (0x5)

    "EnableUIADesktopToggle"= 0 (0x0)

    "EnableCursorSuppression"= 1 (0x1)

    "ConsentPromptBehaviorUser"= 3 (0x3)

    "DisableCAD"= 1 (0x1)

    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]

    "LoadAppInit_DLLs"=1 (0x1)

    "AppInit_DLLs"=C:\Windows\SysWOW64\nvinit.dll

    R2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe;C:\Program Files (x86)\Skype\Updater\Updater.exe [x]

    R3 ATHDFU;Qualcomm Atheros Valkyrie USB BootROM;C:\Windows\System32\Drivers\AthDfu.sys;C:\Windows\SYSNATIVE\Drivers\AthDfu.sys [x]

    R3 GemCCID;GemCCID;C:\Windows\system32\DRIVERS\GemCCID.sys;C:\Windows\SYSNATIVE\DRIVERS\GemCCID.sys [x]

    R3 MotDev;Motorola Inc. USB Device;C:\Windows\system32\DRIVERS\motodrv.sys;C:\Windows\SYSNATIVE\DRIVERS\motodrv.sys [x]

    R3 RSP2STOR;Realtek PCIE CardReader Driver - P2;C:\Windows\system32\DRIVERS\RtsP2Stor.sys;C:\Windows\SYSNATIVE\DRIVERS\RtsP2Stor.sys [x]

    R3 SmbDrv;SmbDrv;C:\Windows\System32\drivers\Smb_driver_AMDASF.sys;C:\Windows\SYSNATIVE\drivers\Smb_driver_AMDASF.sys [x]

    S0 aswRvrt;aswRvrt; [x]

    S0 aswVmm;aswVmm; [x]

    S0 iaStorA;iaStorA;C:\Windows\System32\drivers\iaStorA.sys;C:\Windows\SYSNATIVE\drivers\iaStorA.sys [x]

    S0 nvpciflt;nvpciflt;C:\Windows\system32\DRIVERS\nvpciflt.sys;C:\Windows\SYSNATIVE\DRIVERS\nvpciflt.sys [x]

    S1 aswSnx;aswSnx; [x]

    S1 aswSP;aswSP; [x]

    S2 aswFsBlk;aswFsBlk; [x]

    S2 aswMonFlt;aswMonFlt;C:\Windows\system32\drivers\aswMonFlt.sys;C:\Windows\SYSNATIVE\drivers\aswMonFlt.sys [x]

    S2 AtherosSvc;AtherosSvc;C:\Program Files (x86)\Bluetooth Suite\adminservice.exe;C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [x]

    S2 HP Support Assistant Service;HP Support Assistant Service;C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe;C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [x]

    S2 HPConnectedRemote;HP Connected Remote Service;C:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPConnectedRemoteService.exe;C:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPConnectedRemoteService.exe [x]

    S2 hpsrv;HP Service;C:\Windows\system32\Hpservice.exe;C:\Windows\SYSNATIVE\Hpservice.exe [x]

    S2 HPWMISVC;HPWMISVC;C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe;C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [x]

    S2 IAStorDataMgrSvc;Tecnologia de Armazenamento Intel® Rapid;C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe;C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [x]

    S2 IconMan_R;IconMan_R;C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe;C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [x]

    S2 Intel® Capability Licensing Service Interface;Intel® Capability Licensing Service Interface;C:\Program Files\Intel\iCLS Client\HeciServer.exe;C:\Program Files\Intel\iCLS Client\HeciServer.exe [x]

    S2 Intel® ME Service;Intel® ME Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe;C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe [x]

    S2 jhi_service;Intel® Dynamic Application Loader Host Interface Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe;C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [x]

    S2 TomTomHOMEService;TomTomHOMEService;C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe;C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe [x]

    S2 UNS;Intel® Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [x]

    S2 ZAtheros Bt and Wlan Coex Agent;ZAtheros Bt and Wlan Coex Agent;C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe;C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [x]

    S3 AthBTPort;Qualcomm Atheros Virtual Bluetooth Class;C:\Windows\system32\DRIVERS\btath_flt.sys;C:\Windows\SYSNATIVE\DRIVERS\btath_flt.sys [x]

    S3 BTATH_A2DP;Bluetooth A2DP Audio Driver;C:\Windows\system32\drivers\btath_a2dp.sys;C:\Windows\SYSNATIVE\drivers\btath_a2dp.sys [x]

    S3 btath_avdt;Qualcomm Atheros Bluetooth AVDT Service;C:\Windows\system32\drivers\btath_avdt.sys;C:\Windows\SYSNATIVE\drivers\btath_avdt.sys [x]

    S3 BTATH_BUS;Qualcomm Atheros Bluetooth Bus;C:\Windows\System32\drivers\btath_bus.sys;C:\Windows\SYSNATIVE\drivers\btath_bus.sys [x]

    S3 BTATH_HCRP;Bluetooth HCRP Server driver;C:\Windows\System32\drivers\btath_hcrp.sys;C:\Windows\SYSNATIVE\drivers\btath_hcrp.sys [x]

    S3 BTATH_LWFLT;Bluetooth LWFLT Device;C:\Windows\system32\DRIVERS\btath_lwflt.sys;C:\Windows\SYSNATIVE\DRIVERS\btath_lwflt.sys [x]

    S3 BTATH_RCP;Bluetooth AVRCP Device;C:\Windows\System32\drivers\btath_rcp.sys;C:\Windows\SYSNATIVE\drivers\btath_rcp.sys [x]

    S3 BtFilter;BtFilter;C:\Windows\system32\DRIVERS\btfilter.sys;C:\Windows\SYSNATIVE\DRIVERS\btfilter.sys [x]

    S3 BthLEEnum;Controlador de Bluetooth de Baixo Consumo;C:\Windows\system32\DRIVERS\BthLEEnum.sys;C:\Windows\SYSNATIVE\DRIVERS\BthLEEnum.sys [x]

    S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);C:\Windows\system32\DRIVERS\ssudbus.sys;C:\Windows\SYSNATIVE\DRIVERS\ssudbus.sys [x]

    S3 ICCS;Intel® Integrated Clock Controller Service - Intel® ICCS;C:\Program Files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe;C:\Program Files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe [x]

    S3 IntcDAud;Áudio do Monitor Intel®;C:\Windows\system32\DRIVERS\IntcDAud.sys;C:\Windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]

    S3 RTL8168;Realtek 8168 NT Driver;C:\Windows\system32\DRIVERS\Rt630x64.sys;C:\Windows\SYSNATIVE\DRIVERS\Rt630x64.sys [x]

    S3 SmbDrvI;SmbDrvI;C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys;C:\Windows\SYSNATIVE\DRIVERS\Smb_driver_Intel.sys [x]

    S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);C:\Windows\system32\DRIVERS\ssudmdm.sys;C:\Windows\SYSNATIVE\DRIVERS\ssudmdm.sys [x]

    S3 WirelessButtonDriver;HP Wireless Button Driver Service;C:\Windows\System32\drivers\WirelessButtonDriver64.sys;C:\Windows\SYSNATIVE\drivers\WirelessButtonDriver64.sys [x]

    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]

    apphost REG_MULTI_SZ apphostsvc

    iissvcs REG_MULTI_SZ w3svc was

    hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc

    Conteúdo da pasta 'Tarefas Agendadas'

    2013-09-16 C:\Windows\Tasks\Adobe Flash Player Updater.job

    - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-02-01 20:19:55 . 2013-09-11 11:00:15]

    2013-09-15 C:\Windows\Tasks\HPCeeScheduleForLucilaPC.job

    - C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-13 21:15:40 . 2010-09-13 21:15:40]

    --------- X64 Entries -----------

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]

    @="{472083B0-C522-11CF-8763-00608CC02F24}"

    [HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]

    2013-05-09 08:58:09 133840 ----a-w- C:\Program Files\AVAST Software\Avast\ashShA64.dll

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

    "BtPreLoad"="C:\Program Files (x86)\Bluetooth Suite\BtPreLoad.exe" [2012-12-28 11:09:54 64640]

    "SynTPEnh"="C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe" [bU]

    "IgfxTray"="C:\Windows\system32\igfxtray.exe" [2013-01-08 17:23:48 172016]

    "HotKeysCmds"="C:\Windows\system32\hkcmd.exe" [2013-01-08 17:23:46 399856]

    "Persistence"="C:\Windows\system32\igfxpers.exe" [2013-01-08 17:23:46 441840]

    "SysTrayApp"="C:\Program Files\IDT\WDM\sttray64.exe" [2012-08-20 05:45:20 1664000]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]

    "AppInit_DLLs"=C:\Windows\System32\nvinitx.dll

    ------- Scan Suplementar -------

    uStart Page = hxxp://www.uol.com.br/

    uLocal Page = C:\Windows\system32\blank.htm

    mLocal Page = C:\Windows\SysWOW64\blank.htm

    IE: Anexar para um PDF existente - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html

    IE: Converter destino do link em Adobe PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html

    IE: Converter destino do link em um PDF existente - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html

    IE: Converter em Adobe PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html

    IE: Converter links selecionados em Adobe PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html

    IE: Converter links selecionados em um PDF existente - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html

    IE: Converter seleção em Adobe PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html

    IE: Converter seleção em PDF existente - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html

    IE: E&xportar para o Microsoft Excel - C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000

    Trusted Zone: ers.pt\www2

    TCP: DhcpNameServer = 212.113.191.129 212.113.164.5

    FF - ProfilePath - C:\Users\LucilaPC\AppData\Roaming\Mozilla\Firefox\Profiles\pcyv9o1m.default\

    FF - prefs.js: network.proxy.type - 0

    - - - - ORFÃOS REMOVIDOS - - - -

    Wow6432Node-HKLM-Run-<NO NAME> - (no file)

    ShellIconOverlayIdentifiers-{F241C880-6982-4CE5-8CF7-7085BA96DA5A} - (no file)

    ShellIconOverlayIdentifiers-{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} - (no file)

    ShellIconOverlayIdentifiers-{BBACC218-34EA-4666-9D7A-C78F2274A524} - (no file)

    AddRemove-Messenger Plus! - C:\Program Files (x86)\Yuna Software\Messenger Plus!\Uninstall.exe

    AddRemove-{EE202411-2C26-49E8-9784-1BC1DBF7DE96} - C:\Program Files (x86)\InstallShield Installation Information\{EE202411-2C26-49E8-9784-1BC1DBF7DE96}\setup.exe

    Compartilhar este post


    Link para o post
    Compartilhar em outros sites
  • Autor do tópico
  • Ola Diego, boa noite.

    Fui conferir o que eu havia postado do logo do combofix e o arquivo txt que eu tenho aqui termina nesta linha mesmo:

    AddRemove-{EE202411-2C26-49E8-9784-1BC1DBF7DE96} - C:\Program Files (x86)\InstallShield Installation Information\{EE202411-2C26-49E8-9784-1BC1DBF7DE96}\setup.exe

    Não sei se posso executar o combo novamente por isso ainda não o fiz, mas se for o caso eu rodo ele novamente ou posso enviar o próprio arquivo "ComboFix.txt"

    Obrigado pela ajuda

    Gustavo

    Compartilhar este post


    Link para o post
    Compartilhar em outros sites

    Caro mindoo

    Faça o download do Malwarebytes Anti-Malware:

    • Link1
    • Link alternativo
      • Clique duas vezes em mbam-setup.exe, escolha a linguagem e siga as instruções para o software ser instalado.
      • Certifique-se que esteja marcada a caixa Atualizar Malwarebytes Anti-Malware e Executar Malwarebytes Anti-Malware, e clique em concluir.
      • Se existirem atualizações, elas serão baixadas e instaladas.
      • Quando as atualizações terminarem, abrirá uma janela do programa. Marque "Verificação Rápida", e depois clique no botão Verificar.
      • O scan iniciará e poderá ser demorado. Por favor seja paciente.
      • Quando o scan estiver completo, clique em Ok, depois em Mostrar Resultados para ver o log.
      • Se algo for encontrado, certifique-se que tudo está marcado e clique em Remover.
      • Quando a desinfecção terminar, automaticamente um log surgirá aberto num documento do Bloco de Notas e pode ser questionado para reiniciar o PC. (Leia a nota)
      • O log é automaticamente guardado e pode ser consultado clicando na tab Logs do menu principal.
      • Copie e cole o conteúdo desse log na sua próxima resposta.

    Nota: Em infecções mais complicadas, poderá haver a necessidade de reiniciar o PC. Caso lhe seja pedido para reiniciar, por favor, faça-o imediatamente.

    Abraços :D

    Compartilhar este post


    Link para o post
    Compartilhar em outros sites
  • Autor do tópico
  • Ola Diego, boa tarde.

    Segue abaixo o ultimo log do Malwarebytes Anti-Malware

    Conforme solicitado, o pc foi reiniciado apos a verificação.

    Obrigado.

    Malwarebytes Anti-Malware 1.75.0.1300

    www.malwarebytes.org

    Versão da Base de Dados: v2013.09.22.04

    Windows 8 x64 NTFS

    Internet Explorer 10.0.9200.16660

    LucilaPC :: MINDOO [administrador]

    22/09/2013 18:16:48

    mbam-log-2013-09-22 (18-16-48).txt

    Tipo de Verificação: Verificação Rápida

    Opções de verificações ativadas: Memória | Inicialização | Registro | Sistema de arquivos | Heurística/Extra | Heurística/Shuriken | PUP | PUM

    Opções de verificação desativadas: P2P

    Objetos escaneados: 248067

    Tempo decorrido: 9 minuto(s), 28 segundo(s)

    Processos de Memória Detectados: 0

    (Não foram detectados ítens maliciosos)

    Módulos de Memória Detectados: 0

    (Não foram detectados ítens maliciosos)

    Chaves de Registro Detectadas: 0

    (Não foram detectados ítens maliciosos)

    Valores de Registro Detectadas: 0

    (Não foram detectados ítens maliciosos)

    Itens de Dados no Registro Detectadas: 0

    (Não foram detectados ítens maliciosos)

    Pastas Detectadas: 0

    (Não foram detectados ítens maliciosos)

    Arquivos Detectados: 1

    C:\Users\LucilaPC\AppData\Roaming\uTorrent\ism.exe (PUP.Optional.Conduit.A) -> Enviado para a Quarentena e deletado com sucesso.

    (fim)

    Compartilhar este post


    Link para o post
    Compartilhar em outros sites

    Caro mindoo

    Faça o download do Kaspersky AVP Tool de um desses links:

    Alternativa 1

    Alternativa 2

    • Você será direcionado a uma página da Kaspersky, solicitando um email para cadastro, nome e sobrenome.
    • Somente o campo "email" é obrigatório.
    • Informe seu email depois clique no botão Submit Form.
    • A página será recarregada. Clique no botão Download
    • Salve-o em sua área de trabalho (Desktop).
    • Execute o arquivo e aguarde a instalação.
      • ** Usuários do Windows Vista e Windows 7: Clique com o direito sobre o arquivo, depois clique em Executar como administrador

    • Na tela do contrato de licença, marque a opção I accept the license agreement e depois clique no botão Start.
    • Aparentemente o programa congela e nada acontece. É normal, apenas aguarde até aparecer a tela inicial do programa, e então clique no ícone Settings:

    KRT_settings.png

    Nesta tela, marque a caixa ao lado de:

    • Meu Computador;
    • Disco local (C:);
    • Marque também todas as unidades que aparecem abaixo de Disco Local, caso houverem;
    • Depois clique na aba Automatic Scan.

    KRT_install2_.png

    • De volta à tela inicial do programa, clique no botão Start scanning;
    • Tenha paciência, é um pouco demorado;
    • Quando terminar, caso tenha detectado algo, o programa irá lhe perguntar o que fazer;
    • Marque o quadradinho ao lado de Apply to all objects e depois clique em Skip (queremos apenas o log).

    KRT_detection_.png

    Uma vez finalizado o scan, proceda da seguinte forma:

    1. Na tela principal, caso tenha sido detectado algo, então salve o log.
    2. Se você fechar o programa e esquecer de salvar o log, terá que repetir todo o scan novamente.
    3. Para salvar o log, clique no ícone Reports (ao lado do ícone "Settings").
    4. Na próxima janela, clique em Detected Threats, depois clique no ícone de disquete para salvar o log.
    5. Escolha um local de fácil acesso e salve como log.txt
    6. Copie todo o conteúdo desse bloco de notas e cole em sua próxima resposta.
    7. Se nada for detectado, então não precisa salvar o log, apenas avise.
    8. Para sair do programa, basta clicar no X no canto superior direito.

    Observações:
    Enquanto durar o scan, a tela inicial exibirá uma barra de progresso. Quando terminar, o programa exibirá o status concluído e um botão que ficará na cor
    laranja
    , caso nada tenha sido detectado; e na cor
    vermelha
    , caso tenha encontrado algo. Caso tenha detectado algo, o programa também exibirá uma tela de alerta, avisando que o seu sistema está desprotegido e sugerindo um produto da Kaspersky. Clique no botão
    No, thanks
    .

    Abraços :D

    Compartilhar este post


    Link para o post
    Compartilhar em outros sites
  • Autor do tópico
  • Boa tarde Diego.

    Segui as instruções conforme foram dadas, porém não consigo realizar o scan com o kapersky.

    Como o scan aparenta ser muito demorado, deixei em funcionamento e desativei as opções para o desligamento automático do pc quando inativo e em todas as tentativas quando voltava ao pc acusava erro. Não consigo copiar a mensagem, porém fiz algumas fotos se caso ajudar.

    Obrigado. =)

    Compartilhar este post


    Link para o post
    Compartilhar em outros sites
  • Autor do tópico
  • Ola Diego...

    Eu fiz o procedimento do kapersky conforme indicado.

    Ele inicia o scan, e depois de algum tempo aparece a blue screen com um erro qualquer e reinicia o pc, portanto não consigo terminar o scan.

    Depois desse ocorrido, agora toda inicialização do pc automaticamente inicia o kapersky.

    Compartilhar este post


    Link para o post
    Compartilhar em outros sites

    Caro mindoo

    >>> Desinstale o Kaspersky ;)

    Faça o download do SUPERAntiSpyware e salve em seu Desktop

    • Clique duas vezes no SUPERAntiSpyware.exe
      • Atenção: Usuários Windows Vista, 7 e 8, cliquem com o botão direito do mouse e escolha: execadmin.png

    • Clique em Express Install e depois em Start Trial
    • À direita clique no botão Check for Updates, aguarde e OK
    • Deixe marcado Quick Scan e clique em Scan Your Computer
    • Quando o scan terminar clique em Continue
    • Para remover as ameaças encontradas clique no botão Remove Threats
    • Clique em OK, depois em Finished e View Scan Logs
    • Selecione o log e clique no botão View Selected Log
    • Copie todo seu conteúdo e cole em sua próxima resposta

    Abraços :D

    Compartilhar este post


    Link para o post
    Compartilhar em outros sites
  • Autor do tópico
  • Ola Diego, boa noite.

    Fiz a scan com o superantispyware, e logo abaixo segue o log.

    Entretanto não consigo desinstalar o Kapersky, e agora toda vez que o Windows é iniciado aparece a seguinte mensagem:

    "O Windows não consegue localizar '3262350.exe'. Certifique-se que escreveu o nome corretamente e, em seguida, tente de novo."

    Obrigado pela paciencia.

    O log do spyware:

    SUPERAntiSpyware Scan Log

    http://www.superantispyware.com

    Generated 09/30/2013 at 10:43 PM

    Application Version : 5.6.1032

    Core Rules Database Version : 10801

    Trace Rules Database Version: 8613

    Scan type : Quick Scan

    Total Scan Time : 00:09:24

    Operating System Information

    65 Edition 64-bit (Build 6.02.9200)

    UAC On - Administrator

    Memory items scanned : 804

    Memory threats detected : 0

    Registry items scanned : 58729

    Registry threats detected : 0

    File items scanned : 14277

    File threats detected : 49

    Adware.Tracking Cookie

    C:\Users\LucilaPC\AppData\Roaming\Microsoft\Windows\Cookies\9FLM5OY5.txt [ /clicksor.com ]

    C:\Users\LucilaPC\AppData\Roaming\Microsoft\Windows\Cookies\EJ4EZT0E.txt [ /media6degrees.com ]

    C:\Users\LucilaPC\AppData\Roaming\Microsoft\Windows\Cookies\Z6HWKPRV.txt [ /kontera.com ]

    C:\Users\LucilaPC\AppData\Roaming\Microsoft\Windows\Cookies\Z4FHD56T.txt [ /collective-media.net ]

    C:\Users\LucilaPC\AppData\Roaming\Microsoft\Windows\Cookies\70L0FJ5F.txt [ /ads.xtargeting.com ]

    C:\Users\LucilaPC\AppData\Roaming\Microsoft\Windows\Cookies\4EIQ20KS.txt [ /track.adform.net ]

    C:\Users\LucilaPC\AppData\Roaming\Microsoft\Windows\Cookies\CBYG6YQS.txt [ /serving-sys.com ]

    C:\Users\LucilaPC\AppData\Roaming\Microsoft\Windows\Cookies\AVZ91665.txt [ /mediaplex.com ]

    C:\Users\LucilaPC\AppData\Roaming\Microsoft\Windows\Cookies\N9PO9B9Y.txt [ /ads2.globo.com ]

    C:\Users\LucilaPC\AppData\Roaming\Microsoft\Windows\Cookies\AOC4UTT4.txt [ /h.atdmt.com ]

    C:\Users\LucilaPC\AppData\Roaming\Microsoft\Windows\Cookies\DLXLGE95.txt [ /ru4.com ]

    C:\Users\LucilaPC\AppData\Roaming\Microsoft\Windows\Cookies\S4QYNEBZ.txt [ /imrworldwide.com ]

    C:\Users\LucilaPC\AppData\Roaming\Microsoft\Windows\Cookies\WD64WSG6.txt [ /fastclick.net ]

    C:\Users\LucilaPC\AppData\Roaming\Microsoft\Windows\Cookies\CL7KJWLP.txt [ /realmedia.co.kr ]

    C:\Users\LucilaPC\AppData\Roaming\Microsoft\Windows\Cookies\22AHMG9Z.txt [ /kaspersky.122.2o7.net ]

    C:\Users\LucilaPC\AppData\Roaming\Microsoft\Windows\Cookies\5DYVJSXP.txt [ /invitemedia.com ]

    C:\Users\LucilaPC\AppData\Roaming\Microsoft\Windows\Cookies\6WTLNUD2.txt [ /c.atdmt.com ]

    C:\Users\LucilaPC\AppData\Roaming\Microsoft\Windows\Cookies\2JEZOVV3.txt [ /ad.360yield.com ]

    C:\Users\LucilaPC\AppData\Roaming\Microsoft\Windows\Cookies\WANOAMTX.txt [ /nhl.112.2o7.net ]

    C:\Users\LucilaPC\AppData\Roaming\Microsoft\Windows\Cookies\FYWZL1R8.txt [ /myroitracking.com ]

    C:\Users\LucilaPC\AppData\Roaming\Microsoft\Windows\Cookies\QHH2192F.txt [ /citiintl.122.2o7.net ]

    C:\Users\LucilaPC\AppData\Roaming\Microsoft\Windows\Cookies\Q4QHTMA1.txt [ /statcounter.com ]

    C:\Users\LucilaPC\AppData\Roaming\Microsoft\Windows\Cookies\T6V10IOJ.txt [ /www.googleadservices.com ]

    C:\Users\LucilaPC\AppData\Roaming\Microsoft\Windows\Cookies\ASJH8Y7U.txt [ /www.googleadservices.com ]

    C:\Users\LucilaPC\AppData\Roaming\Microsoft\Windows\Cookies\XEZNPUAS.txt [ /www.googleadservices.com ]

    C:\Users\LucilaPC\AppData\Roaming\Microsoft\Windows\Cookies\57P0867A.txt [ /www.googleadservices.com ]

    C:\Users\LucilaPC\AppData\Roaming\Microsoft\Windows\Cookies\79F1Q9V2.txt [ /tribalfusion.com ]

    C:\Users\LucilaPC\AppData\Roaming\Microsoft\Windows\Cookies\B28ZBD6W.txt [ /ad.yieldmanager.com ]

    C:\Users\LucilaPC\AppData\Roaming\Microsoft\Windows\Cookies\ELTA2E4Z.txt [ /ad.adserver01.de ]

    C:\Users\LucilaPC\AppData\Roaming\Microsoft\Windows\Cookies\259WT5F2.txt [ /yadro.ru ]

    C:\Users\LucilaPC\AppData\Roaming\Microsoft\Windows\Cookies\DGZZMZ17.txt [ /zedo.com ]

    C:\Users\LucilaPC\AppData\Roaming\Microsoft\Windows\Cookies\RWZMJANS.txt [ /stats.paypal.com ]

    C:\Users\LucilaPC\AppData\Roaming\Microsoft\Windows\Cookies\VJJ8XM5I.txt [ /insightexpressai.com ]

    C:\Users\LucilaPC\AppData\Roaming\Microsoft\Windows\Cookies\HXSTHF55.txt [ /doubleclick.net ]

    C:\Users\LucilaPC\AppData\Roaming\Microsoft\Windows\Cookies\IKILREW8.txt [ /vodafonegroup.122.2o7.net ]

    C:\Users\LucilaPC\AppData\Roaming\Microsoft\Windows\Cookies\915NNPMK.txt [ /apmebf.com ]

    C:\Users\LucilaPC\AppData\Roaming\Microsoft\Windows\Cookies\NF2E0G3N.txt [ /7.rotator.wigetmedia.com ]

    C:\Users\LucilaPC\AppData\Roaming\Microsoft\Windows\Cookies\Q8M9XWI8.txt [ /premiumtv.122.2o7.net ]

    C:\Users\LucilaPC\AppData\Roaming\Microsoft\Windows\Cookies\T78DDQQ7.txt [ /adform.net ]

    C:\Users\LucilaPC\AppData\Roaming\Microsoft\Windows\Cookies\4H0BJL5Y.txt [ /atdmt.com ]

    C:\Users\LucilaPC\AppData\Roaming\Microsoft\Windows\Cookies\ZVVK5DGM.txt [ /aimfar.solution.weborama.fr ]

    C:\Users\LucilaPC\AppData\Roaming\Microsoft\Windows\Cookies\ZANFTUMJ.txt [ /casalemedia.com ]

    C:\Users\LucilaPC\AppData\Roaming\Microsoft\Windows\Cookies\1A3WDVM6.txt [ /weborama.fr ]

    C:\Users\LucilaPC\AppData\Roaming\Microsoft\Windows\Cookies\5E0RMOGA.txt [ /bs.serving-sys.com ]

    C:\Users\LucilaPC\AppData\Roaming\Microsoft\Windows\Cookies\Z470ZC5W.txt [ /lucidmedia.com ]

    C:\Users\LucilaPC\AppData\Roaming\Microsoft\Windows\Cookies\UX7XJPQ5.txt [ /ads.adk2.com ]

    C:\Users\LucilaPC\AppData\Roaming\Microsoft\Windows\Cookies\4Q3PMAJL.txt [ /ads.cpmpipe.com ]

    C:\Users\LucilaPC\AppData\Roaming\Microsoft\Windows\Cookies\S09SSEN6.txt [ /specificclick.net ]

    C:\Users\LucilaPC\AppData\Roaming\Microsoft\Windows\Cookies\Low\OTKS3886.txt [ /clickjogos.uol.com.br ]

    Compartilhar este post


    Link para o post
    Compartilhar em outros sites
  • Autor do tópico
  • Boa tarde Diego...

    Conforme solicitado passei novamente o DDS.

    Deixo abaixo os 2 logs que ele fornece.

    Obrigado

    DDS (Ver_2012-11-20.01) - NTFS_AMD64

    Internet Explorer: 10.0.9200.16688

    Run by LucilaPC at 18:45:14 on 2013-10-03

    Microsoft Windows 8 6.2.9200.0.1252.351.2070.18.6043.4309 [GMT 1:00]

    .

    AV: avast! Antivirus *Enabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}

    AV: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

    SP: avast! Antivirus *Enabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}

    SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

    .

    ============== Running Processes ===============

    .

    C:\Windows\system32\svchost.exe -k DcomLaunch

    C:\Windows\system32\nvvsvc.exe

    C:\Windows\system32\svchost.exe -k RPCSS

    C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

    C:\Windows\system32\svchost.exe -k netsvcs

    C:\Windows\system32\svchost.exe -k LocalService

    C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

    C:\Program Files\IDT\WDM\STacSV64.exe

    C:\Windows\system32\Hpservice.exe

    C:\Windows\system32\svchost.exe -k NetworkService

    C:\Windows\System32\spoolsv.exe

    C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

    C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

    C:\Windows\system32\svchost.exe -k apphost

    C:\Program Files (x86)\Bluetooth Suite\adminservice.exe

    C:\Windows\SysWOW64\svchost.exe -k hpdevmgmt

    C:\Windows\system32\dashost.exe

    C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe

    C:\Program Files\Intel\iCLS Client\HeciServer.exe

    C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe

    C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe

    C:\Windows\system32\svchost.exe -k imgsvc

    C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe

    C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe

    C:\Windows\system32\svchost.exe -k HPService

    C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

    C:\Windows\System32\svchost.exe -k LocalServicePeerNet

    C:\Windows\system32\SearchIndexer.exe

    C:\Windows\system32\wbem\wmiprvse.exe

    C:\Program Files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe

    C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe

    C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe

    C:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPConnectedRemoteService.exe

    C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe

    C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe

    C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe

    C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

    C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe

    C:\Program Files\Windows Media Player\wmpnetwk.exe

    C:\Program Files\AVAST Software\Avast\AvastSvc.exe

    C:\Windows\System32\dwm.exe

    C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe

    C:\Windows\system32\nvvsvc.exe

    C:\Windows\system32\taskhostex.exe

    C:\Windows\Explorer.EXE

    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

    C:\Program Files\NVIDIA Corporation\Display\nvtray.exe

    C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE

    C:\Windows\System32\igfxtray.exe

    C:\Windows\System32\hkcmd.exe

    C:\Windows\System32\igfxpers.exe

    C:\Program Files\IDT\WDM\sttray64.exe

    C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe

    C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe

    C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe

    C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe

    C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\acrotray.exe

    C:\Program Files\AVAST Software\Avast\AvastUI.exe

    C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe

    C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe

    C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe

    C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe

    C:\Windows\System32\svchost.exe -k HPZ12

    C:\Program Files\Internet Explorer\iexplore.exe

    C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe

    C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

    C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe

    C:\Windows\System32\svchost.exe -k HPZ12

    C:\Windows\system32\SearchProtocolHost.exe

    C:\Windows\system32\SearchFilterHost.exe

    C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

    C:\Windows\system32\wbem\wmiprvse.exe

    C:\Windows\System32\cscript.exe

    .

    ============== Pseudo HJT Report ===============

    .

    uStart Page = hxxp://www.uol.com.br/

    BHO: Facilitador de Leitor de Link Adobe PDF: {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

    BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - <orphaned>

    BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll

    BHO: Windows Live Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} -

    BHO: Adobe PDF Conversion Toolbar Helper: {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll

    BHO: HP Network Check Helper: {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll

    TB: Adobe PDF: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll

    TB: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll

    EB: Adobe PDF: {182EC0BE-5110-49C8-A062-BEB1D02A220B} - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll

    uRun: [TomTomHOME.exe] "C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe" -s

    mRun: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe

    mRun: [HP CoolSense] C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe -byrunkey

    mRun: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe

    mRun: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe"

    mRun: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui

    mRun: [RemoteControl10] "C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe"

    StartupFolder: C:\Users\LucilaPC\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\_UNINS~1.LNK - C:\Users\LucilaPC\AppData\Local\temp\_uninst_65912015.bat

    StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\StartUp\ADOBEA~1.LNK - C:\Windows\Installer\{AC76BA86-1044-7000-7760-000000000003}\_SC_Acrobat.exe

    StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\StartUp\ADOBER~1.LNK - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AdobeCollabSync.exe

    StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\StartUp\HPDIGI~1.LNK - C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe

    uPolicies-Explorer: NoDrives = dword:0

    mPolicies-Explorer: NoDrives = dword:0

    mPolicies-System: DisableCAD = dword:1

    IE: Anexar para um PDF existente - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html

    IE: Converter destino do link em Adobe PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html

    IE: Converter destino do link em um PDF existente - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html

    IE: Converter em Adobe PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html

    IE: Converter links selecionados em Adobe PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html

    IE: Converter links selecionados em um PDF existente - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html

    IE: Converter seleção em Adobe PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html

    IE: Converter seleção em PDF existente - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html

    IE: E&xportar para o Microsoft Excel - C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000

    IE: {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe

    IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}

    TCP: NameServer = 212.113.191.129 212.113.164.5

    TCP: Interfaces\{46644349-603C-448D-BAFB-E3AFC63170CF} : DHCPNameServer = 10.10.0.1

    TCP: Interfaces\{9C6BC3BC-50E9-4323-BD4D-A34B8A1167DB} : DHCPNameServer = 212.113.191.129 212.113.164.5

    TCP: Interfaces\{9C6BC3BC-50E9-4323-BD4D-A34B8A1167DB}\0545D275946494 : DHCPNameServer = 88.214.178.1 88.214.178.2

    TCP: Interfaces\{9C6BC3BC-50E9-4323-BD4D-A34B8A1167DB}\24162726F63716 : DHCPNameServer = 201.6.2.27 201.6.2.67 201.6.4.116

    TCP: Interfaces\{9C6BC3BC-50E9-4323-BD4D-A34B8A1167DB}\6796275737E696E64616 : DHCPNameServer = 192.168.1.1

    Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll

    AppInit_DLLs= C:\Windows\SysWOW64\nvinit.dll

    SSODL: WebCheck - <orphaned>

    x64-BHO: avast! Online Security: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll

    x64-TB: avast! Online Security: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll

    x64-Run: [btPreLoad] "C:\Program Files (x86)\Bluetooth Suite\BtPreLoad.exe"

    x64-Run: [synTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe

    x64-Run: [igfxTray] C:\Windows\System32\igfxtray.exe

    x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe

    x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe

    x64-Run: [sysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe

    x64-mPolicies-Explorer: NoDrives = dword:0

    x64-mPolicies-System: DisableCAD = dword:1

    x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>

    x64-Notify: igfxcui - igfxdev.dll

    x64-SSODL: WebCheck - <orphaned>

    .

    ================= FIREFOX ===================

    .

    FF - ProfilePath -

    .

    ============= SERVICES / DRIVERS ===============

    .

    R0 aswRvrt;aswRvrt;C:\Windows\System32\Drivers\aswRvrt.sys [2013-3-26 65336]

    R0 aswVmm;aswVmm;C:\Windows\System32\Drivers\aswVmm.sys [2013-3-26 204880]

    R0 iaStorA;iaStorA;C:\Windows\System32\Drivers\iaStorA.sys [2012-9-28 650808]

    R0 nvpciflt;nvpciflt;C:\Windows\System32\Drivers\nvpciflt.sys [2013-2-27 30496]

    R1 aswSnx;aswSnx;C:\Windows\System32\Drivers\aswSnx.sys [2013-3-26 1030952]

    R1 aswSP;aswSP;C:\Windows\System32\Drivers\aswSP.sys [2013-3-26 378944]

    R2 aswFsBlk;aswFsBlk;C:\Windows\System32\Drivers\aswFsBlk.sys [2013-3-26 33400]

    R2 aswMonFlt;aswMonFlt;C:\Windows\System32\Drivers\aswMonFlt.sys [2013-3-26 80816]

    R2 AtherosSvc;AtherosSvc;C:\Program Files (x86)\Bluetooth Suite\AdminService.exe [2012-12-28 226944]

    R2 avast! Antivirus;avast! Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2013-9-17 46808]

    R2 HP Support Assistant Service;HP Support Assistant Service;C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe [2012-9-27 86528]

    R2 HPConnectedRemote;HP Connected Remote Service;C:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPConnectedRemoteService.exe [2012-10-12 35744]

    R2 hpsrv;HP Service;C:\Windows\System32\hpservice.exe [2012-9-24 31040]

    R2 HPWMISVC;HPWMISVC;C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [2012-9-7 35232]

    R2 IAStorDataMgrSvc;Tecnologia de Armazenamento Intel® Rapid;C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2012-11-2 14904]

    R2 IconMan_R;IconMan_R;C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2012-11-2 2451456]

    R2 Intel® Capability Licensing Service Interface;Intel® Capability Licensing Service Interface;C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-4-20 635104]

    R2 Intel® ME Service;Intel® ME Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe [2012-11-2 128896]

    R2 jhi_service;Intel® Dynamic Application Loader Host Interface Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe [2012-11-2 165760]

    R2 TomTomHOMEService;TomTomHOMEService;C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe [2013-3-22 93072]

    R2 UNS;Intel® Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2012-11-2 364416]

    R2 ZAtheros Bt and Wlan Coex Agent;ZAtheros Bt and Wlan Coex Agent;C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [2012-12-28 323584]

    R3 AthBTPort;Qualcomm Atheros Virtual Bluetooth Class;C:\Windows\System32\Drivers\btath_flt.sys [2013-6-15 89320]

    R3 BTATH_A2DP;Bluetooth A2DP Audio Driver;C:\Windows\System32\Drivers\btath_a2dp.sys [2013-6-15 345832]

    R3 btath_avdt;Qualcomm Atheros Bluetooth AVDT Service;C:\Windows\System32\Drivers\btath_avdt.sys [2013-6-15 115432]

    R3 BTATH_BUS;Qualcomm Atheros Bluetooth Bus;C:\Windows\System32\Drivers\btath_bus.sys [2013-6-15 33944]

    R3 BTATH_HCRP;Bluetooth HCRP Server driver;C:\Windows\System32\Drivers\btath_hcrp.sys [2013-6-15 179432]

    R3 BTATH_LWFLT;Bluetooth LWFLT Device;C:\Windows\System32\Drivers\btath_lwflt.sys [2013-6-15 77464]

    R3 BTATH_RCP;Bluetooth AVRCP Device;C:\Windows\System32\Drivers\btath_rcp.sys [2013-6-15 136424]

    R3 BtFilter;BtFilter;C:\Windows\System32\Drivers\btfilter.sys [2013-6-15 578792]

    R3 BthLEEnum;Controlador de Bluetooth de Baixo Consumo;C:\Windows\System32\Drivers\BthLEEnum.sys [2012-7-26 202752]

    R3 ICCS;Intel® Integrated Clock Controller Service - Intel® ICCS;C:\Program Files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe [2013-3-18 169752]

    R3 IntcDAud;Áudio do Monitor Intel®;C:\Windows\System32\Drivers\IntcDAud.sys [2012-6-19 342528]

    R3 RTL8168;Realtek 8168 NT Driver;C:\Windows\System32\Drivers\Rt630x64.sys [2012-11-2 690832]

    R3 SmbDrvI;SmbDrvI;C:\Windows\System32\Drivers\Smb_driver_Intel.sys [2012-8-25 43832]

    R3 WirelessButtonDriver;HP Wireless Button Driver Service;C:\Windows\System32\Drivers\WirelessButtonDriver64.sys [2012-8-31 20800]

    RUnknown 95605421;95605421; [x]

    RUnknown SASKUTIL;SASKUTIL; [x]

    S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-6-21 162408]

    S3 ATHDFU;Qualcomm Atheros Valkyrie USB BootROM;C:\Windows\System32\Drivers\AthDfu.sys [2012-11-2 55448]

    S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);C:\Windows\System32\Drivers\ssudbus.sys [2013-6-4 103448]

    S3 GemCCID;GemCCID;C:\Windows\System32\Drivers\GemCCID.sys [2013-4-24 129792]

    S3 RSP2STOR;Realtek PCIE CardReader Driver - P2;C:\Windows\System32\Drivers\RtsP2Stor.sys [2012-11-2 269968]

    S3 SmbDrv;SmbDrv;C:\Windows\System32\Drivers\Smb_driver_AMDASF.sys [2012-8-25 41272]

    S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);C:\Windows\System32\Drivers\ssudmdm.sys [2013-6-4 203672]

    .

    =============== Created Last 30 ================

    .

    2013-09-30 21:33:01 -------- d-----w- C:\Users\LucilaPC\AppData\Roaming\SUPERAntiSpyware.com

    2013-09-30 21:32:55 -------- d-----w- C:\ProgramData\SUPERAntiSpyware.com

    2013-09-26 09:37:54 460888 ----a-w- C:\Windows\System32\drivers\65912015.sys

    2013-09-25 23:43:54 304816 ----a-w- C:\ProgramData\Microsoft\Windows\Sqm\Manifest\Sqm10218.bin

    2013-09-25 23:34:38 -------- d-----w- C:\ProgramData\Kaspersky Lab

    2013-09-25 11:35:56 78296 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl

    2013-09-25 11:35:55 694232 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe

    2013-09-25 11:09:06 4917760 ----a-w- C:\Windows\System32\sppsvc.exe

    2013-09-25 11:05:52 4038144 ----a-w- C:\Windows\System32\win32k.sys

    2013-09-25 11:05:48 144896 ----a-w- C:\Windows\System32\tssdisai.dll

    2013-09-22 16:57:35 -------- d-----w- C:\Users\LucilaPC\AppData\Roaming\Malwarebytes

    2013-09-22 16:57:19 -------- d-----w- C:\ProgramData\Malwarebytes

    2013-09-22 16:57:17 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware

    2013-09-16 23:56:32 -------- d-----w- C:\Program Files (x86)\Mozilla Maintenance Service

    2013-09-16 22:58:38 -------- d-sh--w- C:\$RECYCLE.BIN

    2013-09-16 22:56:26 -------- d-----w- C:\Users\LucilaPC\AppData\Local\temp

    2013-09-16 22:48:09 -------- d-----w- C:\ComboFix

    2013-09-13 00:24:32 98816 ----a-w- C:\Windows\sed.exe

    2013-09-13 00:24:32 256000 ----a-w- C:\Windows\PEV.exe

    2013-09-13 00:24:32 208896 ----a-w- C:\Windows\MBR.exe

    2013-09-13 00:15:54 -------- d-----w- C:\AdwCleaner

    2013-09-13 00:01:39 -------- d-----w- C:\Windows\ERUNT

    .

    ==================== Find3M ====================

    .

    2013-08-30 07:48:10 72016 ----a-w- C:\Windows\System32\drivers\aswRdr2.sys

    2013-08-30 07:48:10 65336 ----a-w- C:\Windows\System32\drivers\aswRvrt.sys

    2013-08-30 07:48:10 204880 ----a-w- C:\Windows\System32\drivers\aswVmm.sys

    2013-08-30 07:48:10 1030952 ----a-w- C:\Windows\System32\drivers\aswSnx.sys

    2013-08-30 07:48:09 80816 ----a-w- C:\Windows\System32\drivers\aswMonFlt.sys

    2013-08-30 07:47:40 41664 ----a-w- C:\Windows\avastSS.scr

    2013-08-21 04:12:06 2241024 ----a-w- C:\Windows\System32\wininet.dll

    2013-08-21 04:11:59 915968 ----a-w- C:\Windows\System32\uxtheme.dll

    2013-08-21 04:11:59 53760 ----a-w- C:\Windows\System32\UXInit.dll

    2013-08-21 04:11:07 3959296 ----a-w- C:\Windows\System32\jscript9.dll

    2013-08-21 04:11:04 67072 ----a-w- C:\Windows\System32\iesetup.dll

    2013-08-21 04:11:04 136704 ----a-w- C:\Windows\System32\iesysprep.dll

    2013-08-21 02:34:51 2706432 ----a-w- C:\Windows\System32\mshtml.tlb

    2013-08-21 02:06:11 1767936 ----a-w- C:\Windows\SysWow64\wininet.dll

    2013-08-21 02:06:06 44032 ----a-w- C:\Windows\SysWow64\UXInit.dll

    2013-08-21 02:05:28 2876928 ----a-w- C:\Windows\SysWow64\jscript9.dll

    2013-08-21 02:05:25 61440 ----a-w- C:\Windows\SysWow64\iesetup.dll

    2013-08-21 02:05:25 109056 ----a-w- C:\Windows\SysWow64\iesysprep.dll

    2013-08-21 01:43:54 2706432 ----a-w- C:\Windows\SysWow64\mshtml.tlb

    2013-08-20 23:52:56 534528 ----a-w- C:\Windows\SysWow64\uxtheme.dll

    2013-08-20 06:02:14 708168 ----a-w- C:\Windows\System32\WinUSBCoInstaller.dll

    2013-08-20 06:02:14 1490656 ----a-w- C:\Windows\System32\WdfCoInstaller01007.dll

    2013-08-16 05:41:13 58200 ----a-w- C:\Windows\System32\drivers\dam.sys

    2013-08-16 05:39:26 2371728 ----a-w- C:\Windows\System32\WSService.dll

    2013-08-16 05:32:48 209200 ----a-w- C:\Windows\System32\NotificationUI.exe

    2013-08-16 05:22:22 40448 ----a-w- C:\Windows\System32\wuapp.exe

    2013-08-16 05:20:30 105984 ----a-w- C:\Windows\System32\WinSetupUI.dll

    2013-08-15 22:43:21 35328 ----a-w- C:\Windows\SysWow64\wuapp.exe

    2013-08-15 22:43:07 84992 ----a-w- C:\Windows\SysWow64\wudriver.dll

    2013-08-15 22:43:07 126976 ----a-w- C:\Windows\SysWow64\wuwebv.dll

    2013-08-15 22:43:03 562688 ----a-w- C:\Windows\SysWow64\WSShared.dll

    2013-08-15 22:43:03 159232 ----a-w- C:\Windows\SysWow64\WSSync.dll

    2013-08-15 22:43:02 83968 ----a-w- C:\Windows\SysWow64\OEMLicense.dll

    2013-08-15 22:43:02 167424 ----a-w- C:\Windows\SysWow64\WSClient.dll

    2013-08-15 22:43:02 143872 ----a-w- C:\Windows\SysWow64\Windows.ApplicationModel.Store.dll

    2013-08-15 22:43:02 124928 ----a-w- C:\Windows\SysWow64\Windows.ApplicationModel.Store.TestingFramework.dll

    2013-08-15 22:42:52 76800 ----a-w- C:\Windows\SysWow64\setupcln.dll

    2013-08-15 22:42:47 91648 ----a-w- C:\Windows\SysWow64\sppc.dll

    2013-08-10 05:21:51 448512 ----a-w- C:\Windows\System32\SettingSync.dll

    2013-08-10 05:21:51 128512 ----a-w- C:\Windows\System32\SettingSyncInfo.dll

    2013-08-10 03:58:51 356352 ----a-w- C:\Windows\SysWow64\SettingSync.dll

    2013-08-03 06:40:49 462336 ----a-w- C:\Windows\System32\sysmon.ocx

    2013-08-03 06:40:17 566784 ----a-w- C:\Windows\System32\wvc.dll

    2013-08-03 06:40:01 1374208 ----a-w- C:\Windows\System32\wdc.dll

    2013-08-03 05:14:15 399360 ----a-w- C:\Windows\SysWow64\sysmon.ocx

    2013-08-03 05:13:57 437248 ----a-w- C:\Windows\SysWow64\wvc.dll

    2013-08-03 05:13:43 1245696 ----a-w- C:\Windows\SysWow64\wdc.dll

    2013-08-02 06:28:29 10116608 ----a-w- C:\Windows\System32\twinui.dll

    2013-08-02 06:26:53 2304512 ----a-w- C:\Windows\System32\authui.dll

    2013-08-02 05:08:18 8858112 ----a-w- C:\Windows\SysWow64\twinui.dll

    2013-08-02 05:06:50 2035712 ----a-w- C:\Windows\SysWow64\authui.dll

    2013-08-01 10:41:31 2233688 ----a-w- C:\Windows\System32\drivers\tcpip.sys

    2013-07-27 03:58:39 2207232 ----a-w- C:\Windows\SysWow64\PrintConfig.dll

    2013-07-24 23:10:08 158208 ----a-w- C:\Windows\SysWow64\mbsmsapi.dll

    2013-07-24 23:06:39 225280 ----a-w- C:\Windows\System32\mbsmsapi.dll

    2013-07-13 06:18:21 337408 ----a-w- C:\Windows\System32\wintrust.dll

    2013-07-13 06:16:06 68096 ----a-w- C:\Windows\System32\cryptsvc.dll

    2013-07-13 06:16:06 1889280 ----a-w- C:\Windows\System32\crypt32.dll

    2013-07-13 06:15:53 98304 ----a-w- C:\Windows\System32\apprepsync.dll

    2013-07-13 06:15:53 124416 ----a-w- C:\Windows\System32\apprepapi.dll

    2013-07-13 04:24:58 261120 ----a-w- C:\Windows\SysWow64\wintrust.dll

    2013-07-13 04:23:11 1568256 ----a-w- C:\Windows\SysWow64\crypt32.dll

    2013-07-13 04:23:03 87040 ----a-w- C:\Windows\SysWow64\apprepapi.dll

    2013-07-13 04:23:03 74240 ----a-w- C:\Windows\SysWow64\apprepsync.dll

    2013-07-09 08:04:07 120144 ----a-w- C:\Windows\System32\drivers\msgpioclx.sys

    2013-07-09 06:18:21 439488 ----a-w- C:\Windows\System32\WerFault.exe

    2013-07-09 04:25:45 385768 ----a-w- C:\Windows\SysWow64\WerFault.exe

    2013-07-09 03:57:19 245760 ----a-w- C:\Windows\SysWow64\LocationApi.dll

    2013-07-08 22:46:00 543744 ----a-w- C:\Windows\System32\wwanmm.dll

    2013-07-08 22:46:00 414208 ----a-w- C:\Windows\System32\wwanconn.dll

    2013-07-08 22:46:00 370688 ----a-w- C:\Windows\System32\Wwanadvui.dll

    2013-07-08 22:45:16 312832 ----a-w- C:\Windows\System32\LocationApi.dll

    2013-07-06 00:16:17 1025024 ----a-w- C:\Windows\System32\localspl.dll

    .

    ============= FINISH: 18:46:20,11 ===============

    .

    UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

    IF REQUESTED, ZIP IT UP & ATTACH IT

    .

    DDS (Ver_2012-11-20.01)

    .

    Microsoft Windows 8

    Boot Device: \Device\HarddiskVolume2

    Install Date: 31/01/2013 22:27:07

    System Uptime: 30/09/2013 22:46:22 (68 hours ago)

    .

    Motherboard: Hewlett-Packard | | 18FD

    Processor: Intel® Core i5-3337U CPU @ 1.80GHz | U3E1 | 1801/100mhz

    .

    ==== Disk Partitions =========================

    .

    C: is FIXED (NTFS) - 448 GiB total, 338,677 GiB free.

    D: is FIXED (NTFS) - 17 GiB total, 2,157 GiB free.

    .

    ==== Disabled Device Manager Items =============

    .

    Class GUID: {4d36e971-e325-11ce-bfc1-08002be10318}

    Description: Photosmart B110 series

    Device ID: ROOT\MULTIFUNCTION\0000

    Manufacturer: HP

    Name: Photosmart B110 series

    PNP Device ID: ROOT\MULTIFUNCTION\0000

    Service:

    .

    Class GUID: {6bdd1fc6-810f-11d0-bec7-08002be2092f}

    Description: Dispositivo de vídeo USB

    Device ID: USB\VID_05C8&PID_0355&MI_00\7&1233FBB1&0&0000

    Manufacturer: Microsoft

    Name: HP Truevision HD

    PNP Device ID: USB\VID_05C8&PID_0355&MI_00\7&1233FBB1&0&0000

    Service: usbvideo

    .

    ==== System Restore Points ===================

    .

    RP32: 13/09/2013 01:24:41 - ComboFix created restore point

    RP33: 16/09/2013 23:48:22 - ComboFix created restore point

    RP34: 25/09/2013 12:09:32 - Windows Update

    .

    ==== Installed Programs ======================

    .

    64 Bit HP CIO Components Installer

    Actualizações da NVIDIA 1.11.3

    Adobe Acrobat 8 Professional - Norsk, Português

    Adobe Flash Player 11 Plugin

    Adobe Shockwave Player 12.0

    µTorrent

    Atualização do produto Microsoft Office Excel 2007 Help (KB963678)

    Atualização do produto Microsoft Office Outlook 2007 Help (KB963677)

    Atualização do produto Microsoft Office Powerpoint 2007 Help (KB963669)

    Atualização do produto Microsoft Office Word 2007 Help (KB963665)

    aTube Catcher

    avast! Free Antivirus

    B110

    BufferChm

    Connected Music powered by Universal Music Group version 1.0

    CyberLink Media Suite 10

    CyberLink PhotoDirector

    CyberLink PowerDirector 10

    CyberLink PowerDVD

    CyberLink YouCam

    Destinations

    DeviceDiscovery

    Dungeons & Dragons Online v01.21.01.8029

    Energy Star

    ERS Aplicação Cartão Cidadão

    Ferramenta de Carregamento do Windows Live

    GPBaseService2

    Hewlett-Packard ACLM.NET v1.2.1.1

    HP 3D DriveGuard

    HP Connected Music (Meridian - installer)

    HP Connected Remote

    HP CoolSense

    HP Customer Experience Enhancements

    HP Customer Participation Program 14.0

    HP Documentation

    HP Imaging Device Functions 14.0

    HP Photosmart Wireless B110 All-In-One Driver Software 14.0 Rel. 6

    HP Postscript Converter

    HP Quick Launch

    HP Recovery Manager

    HP Registration Service

    HP Solution Center 14.0

    HP Support Assistant

    HP Update

    HP Utility Center

    HP Wireless Button Driver

    HPAppStudio

    HPDiagnosticAlert

    HPPhotoGadget

    HPProductAssistant

    HPSSupply

    IDT Audio

    Intel® Control Center

    Intel® Management Engine Components

    Intel® Processor Graphics

    Intel® Rapid Storage Technology

    Intel® SDK for OpenCL - CPU Only Runtime Package

    Intel® Trusted Connect Service Client

    K-Lite Codec Pack 9.8.5 (Standard)

    MarketResearch

    Messenger Plus!

    Microsoft .NET Framework 1.1

    Microsoft Application Error Reporting

    Microsoft Choice Guard

    Microsoft Office

    Microsoft Office 2007 Service Pack 3 (SP3)

    Microsoft Office Access MUI (Portuguese (Brazil)) 2007

    Microsoft Office Enterprise 2007

    Microsoft Office Excel MUI (Portuguese (Brazil)) 2007

    Microsoft Office File Validation Add-In

    Microsoft Office Groove MUI (Portuguese (Brazil)) 2007

    Microsoft Office InfoPath MUI (Portuguese (Brazil)) 2007

    Microsoft Office Office 64-bit Components 2007

    Microsoft Office OneNote MUI (Portuguese (Brazil)) 2007

    Microsoft Office Outlook MUI (Portuguese (Brazil)) 2007

    Microsoft Office PowerPoint MUI (Portuguese (Brazil)) 2007

    Microsoft Office Proof (English) 2007

    Microsoft Office Proof (Portuguese (Brazil)) 2007

    Microsoft Office Proof (Spanish) 2007

    Microsoft Office Proofing (Portuguese (Brazil)) 2007

    Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)

    Microsoft Office Publisher MUI (Portuguese (Brazil)) 2007

    Microsoft Office Shared 64-bit MUI (Portuguese (Brazil)) 2007

    Microsoft Office Shared MUI (Portuguese (Brazil)) 2007

    Microsoft Office Word MUI (Portuguese (Brazil)) 2007

    Microsoft Silverlight

    Microsoft Visual C++ 2005 Redistributable

    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148

    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161

    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

    Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219

    Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219

    Mozilla Firefox 24.0 (x86 pt-BR)

    Mozilla Maintenance Service

    MSVCRT

    MSXML 4.0 SP3 Parser

    MSXML 4.0 SP3 Parser (KB2758694)

    My MedicineOne

    Network64

    NVIDIA Controlador gráfico 311.00

    NVIDIA Install Application

    NVIDIA Optimus 1.11.3

    NVIDIA Update Components

    Painel de controlo da NVIDIA 311.00

    PS_AIO_07_B110_SW_Min

    Qualcomm Atheros Bluetooth Suite (64)

    Qualcomm Atheros Driver Installation Program

    QuickTransfer

    Realtek Ethernet Controller Driver

    Realtek PCIE Card Reader

    Scan

    Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition

    Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition

    Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition

    Security Update for Microsoft Office 2007 suites (KB2596825) 32-Bit Edition

    Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition

    Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition

    Security Update for Microsoft Office 2007 suites (KB2597973) 32-Bit Edition

    Security Update for Microsoft Office 2007 suites (KB2687309) 32-Bit Edition

    Security Update for Microsoft Office 2007 suites (KB2687439) 32-Bit Edition

    Security Update for Microsoft Office 2007 suites (KB2760411) 32-Bit Edition

    Security Update for Microsoft Office 2007 suites (KB2760588) 32-Bit Edition

    Security Update for Microsoft Office 2007 suites (KB2760823) 32-Bit Edition

    Security Update for Microsoft Office Excel 2007 (KB2760583) 32-Bit Edition

    Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition

    Security Update for Microsoft Office Outlook 2007 (KB2825999) 32-Bit Edition

    Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition

    Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition

    Security Update for Microsoft Office Publisher 2007 (KB2597971) 32-Bit Edition

    Security Update for Microsoft Office Word 2007 (KB2767773) 32-Bit Edition

    Shop for HP Supplies

    Skype™ 6.6

    SolutionCenter

    Status

    swMSM

    Synaptics Pointing Device Driver

    TomTom HOME

    TomTom HOME Visual Studio Merge Modules

    Toolbox

    TrayApp

    Update for 2007 Microsoft Office System (KB967642)

    Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition

    Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition

    Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition

    Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition

    Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition

    Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition

    Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition

    Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2825641) 32-Bit Edition

    WebReg

    Windows Live Call

    Windows Live Communications Platform

    Windows Live Essentials

    Windows Live Messenger

    WinRAR 4.20 (32-bit)

    .

    ==== End Of File ===========================

    Compartilhar este post


    Link para o post
    Compartilhar em outros sites

    Caro mindoo

    Faça o download do SystemLook em seu desktop.

    Link Alternativo

    • Clique duas vezes no ícone 4119586963_6274067071_o.gif
    • Clique em executar;
    • Copie (ctrl+c) conteúdo abaixo:

    :filefind
    *3262350.exe

    E cole (ctrl+v) no espaço indicado na imagem:

    4120361504_f66dd92e95_o.jpg

    • Clique em 4119586997_32a5666660_o.jpg
    • Aguarde;
    • Ao término será aberto o log do scan;
    • Clique em 4120361454_3c264d5fca_o.jpg
    • Poste todo o conteúdo em sua próxima resposta.

    Note:
    O log também pode ser encontrado no desktop com o nome:
    SystemLook.
    txt

    Abraços :D

    Compartilhar este post


    Link para o post
    Compartilhar em outros sites
  • Autor do tópico
  • Boa tarde Diego, blzinha.

    Este foi o log do SystemLook

    Origado

    Abs

    SystemLook 30.07.11 by jpshortstuff

    Log created at 15:30 on 06/10/2013 by LucilaPC

    Administrator - Elevation successful

    WARNING: SystemLook running under WOW64. Use SystemLook_x64 for accurate results.

    ========== filefind ==========

    Searching for "*3262350.exe"

    C:\Users\LucilaPC\AppData\Local\temp\5183863\3262350.exe --a---- 457520 bytes [09:38 26/09/2013] [19:35 22/09/2013] 935EEC3709805B2E8A3463D891900EC9

    -= EOF =-

    Compartilhar este post


    Link para o post
    Compartilhar em outros sites

    Caro mindoo

    Delete as duas pastas abaixo:

    C:\Users\LucilaPC\AppData\Local\temp\5183863

    C:\ProgramData\Kaspersky Lab

    Talvez você tenha que fazer isso em Modo Seguro ;)

    Depois reinicie o computador e veja se a mensagem ainda aparece.

    Abraços :D

    Compartilhar este post


    Link para o post
    Compartilhar em outros sites
  • Autor do tópico
  • Muito obrigado pelo auxilio Diego.

    Fiz o que havia me dito e ao reiniciar realmente já não aparece mais a mensagem.

    As paginas que antes abriam do nada também não tem mais aberto.

    A única coisa que aconteceu foi ter aparecido aquela tela azul de erro por 3 vezes. Não sei se por coincidência, mas foi também depois do kapersky.

    Por enquanto agora não tem acontecido nada de anormal.

    Fico no aguardo de novas instruções.

    Obrigado mais uma vez.

    Compartilhar este post


    Link para o post
    Compartilhar em outros sites
    Visitante
    Este tópico está impedido de receber novos posts.
    Entre para seguir isso  





    Sobre o Clube do Hardware

    No ar desde 1996, o Clube do Hardware é uma das maiores, mais antigas e mais respeitadas publicações sobre tecnologia do Brasil. Leia mais

    Direitos autorais

    Não permitimos a cópia ou reprodução do conteúdo do nosso site, fórum, newsletters e redes sociais, mesmo citando-se a fonte. Leia mais

    ×