Ir ao conteúdo
  • Cadastre-se
Byannkah Abrão

Suspeita de malware

Recommended Posts

Meu computador está lento e não consigo rodar jogos que antes rodavam. Além disso a minha internet fica desconectanto sozinha e não reconecta mesmo colocando para reconectar automaticamente. Há também aquele problema de abrir propagandas de palavras grifadas e não consigo me livrar disso.

 

Agredeço desde já pela ajuda.

 

GMER 2.1.19357 - http://www.gmer.net
Rootkit scan 2014-04-02 00:15:28
Windows 6.2.9200  x64 \Device\Harddisk0\DR0 -> \Device\00000038 ST1000LM024_HN-M101MBB rev.2AR20004 931,51GB
Running: ucmdd748.exe; Driver: C:\Users\Byannkah\AppData\Local\Temp\pflyqpog.sys


---- Threads - GMER 2.1 ----

Thread  C:\Windows\system32\csrss.exe [428:452]  fffff960008475e8

---- Disk sectors - GMER 2.1 ----

Disk    \Device\Harddisk0\DR0                    unknown MBR code

---- EOF - GMER 2.1 ----
 

 

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 8 Single Language
Boot Device: \Device\HarddiskVolume1
Install Date: 18/08/2013 20:36:41
System Uptime: 30/03/2014 08:58:03 (63 hours ago)
.
Motherboard: Dell Inc. |  | 0VKD5N
Processor: Intel® Core i5-3337U CPU @ 1.80GHz | SOCKET 0 | 800/100mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 921 GiB total, 754,176 GiB free.
D: is CDROM ()
E: is CDROM (CDFS)
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
No restore point in system.
.
==== Installed Programs ======================
.
Adobe Flash Player 12 Plugin
Adobe Reader XI (11.0.06) - Português
µTorrent
Atualizações da NVIDIA 1.15.2
Atualização do produto Microsoft Office Excel 2007 Help (KB963678)
Atualização do produto Microsoft Office Outlook 2007 Help (KB963677)
Atualização do produto Microsoft Office Powerpoint 2007 Help (KB963669)
Atualização do produto Microsoft Office Word 2007 Help (KB963665)
avast! Free Antivirus
BioShock Infinite
Bundled software uninstaller
Canon MOV Decoder
Canon MOV Encoder
Canon MovieEdit Task for ZoomBrowser EX
Canon Utilities Digital Photo Professional 3.10
Canon Utilities EOS Sample Music
Canon Utilities EOS Utility
Canon Utilities EOS Video Snapshot Task for ZoomBrowser EX
Canon Utilities Movie Uploader for YouTube
Canon Utilities PhotoStitch
Canon Utilities Picture Style Editor
Canon Utilities ZoomBrowser EX
Canon ZoomBrowser EX Memory Card Utility
CyberLink LabelPrint 2.5
CyberLink Media Suite 10
CyberLink Media Suite Essentials
CyberLink Power2Go 8
CyberLink PowerDirector 10
CyberLink PowerDVD 10
DAEMON Tools Lite
Dell Backup and Recovery
Dell Backup and Recovery - Support Software
Dell Product Registration
Dell Touchpad
Dell Update
Dell WLAN and Bluetooth Client Installation
DMUninstaller
Dolby Axon - 1.5.1.1
Dropbox
DSC/AA Factory Installer
ffdshow v1.2.4422 [2012-04-09]
Free Media Player 2.0.7
Galeria de Fotos
GBBD Banco do Brasil
GNU Solfege 3.22.0
Google Chrome
Google Update Helper
HP Deskjet 2050 J510 series Software básico do dispositivo
ImgBurn
Intel® Control Center
Intel® Management Engine Components
Intel® Processor Graphics
Intel® Rapid Storage Technology
Intel® Trusted Connect Service Client
IRPF2013 - Declaração de Ajuste Anual, Final de Espólio e Saída Definitiva do País
Java 7 Update 51
Java Auto Updater
League of Legends
Lollipop
Malwarebytes Anti-Malware versão 1.75.0.1300
Microsoft Application Error Reporting
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Access MUI (Portuguese (Brazil)) 2007
Microsoft Office Enterprise 2007
Microsoft Office Excel MUI (Portuguese (Brazil)) 2007
Microsoft Office File Validation Add-In
Microsoft Office Groove MUI (Portuguese (Brazil)) 2007
Microsoft Office InfoPath MUI (Portuguese (Brazil)) 2007
Microsoft Office Office 64-bit Components 2007
Microsoft Office OneNote MUI (Portuguese (Brazil)) 2007
Microsoft Office Outlook MUI (Portuguese (Brazil)) 2007
Microsoft Office PowerPoint MUI (Portuguese (Brazil)) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (Portuguese (Brazil)) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (Portuguese (Brazil)) 2007
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Publisher MUI (Portuguese (Brazil)) 2007
Microsoft Office Shared 64-bit MUI (Portuguese (Brazil)) 2007
Microsoft Office Shared MUI (Portuguese (Brazil)) 2007
Microsoft Office Word MUI (Portuguese (Brazil)) 2007
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2005 Redistributable (x64)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005
Monitor da tecnologia Intel® Turbo Boost 2.6
Movie Maker
Mozilla Firefox 28.0 (x86 pt-BR)
Mozilla Maintenance Service
MSVCRT
MSVCRT110
MSVCRT110_amd64
My Dell
Need for Speed Underground 2
NewPlayer
NVIDIA Driver de gráficos 331.65
NVIDIA Install Application
NVIDIA Optimus 1.15.2
NVIDIA Update Components
Painel de controle da NVIDIA 331.65
Pando Media Booster
PCSX2 - Playstation 2 Emulator
PDF Architect
PDFCreator
Photo Common
Photo Gallery
Plus-HD-7.5
Qualcomm Atheros Bluetooth Suite (64)
Quickset64
Realtek High Definition Audio Driver
Realtek USB 2.0 Card Reader
Receitanet
RIFT
Samsung Kies
SAMSUNG USB Driver for Mobile Phones
Security Update for CAPICOM (KB931906)
Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596825) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2597973) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2687439) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2760411) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2760415) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2760585) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2760591) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2817641) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2827326) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2837615) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2850022) 32-Bit Edition
Security Update for Microsoft Office Excel 2007 (KB2827324) 32-Bit Edition
Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition
Security Update for Microsoft Office Outlook 2007 (KB2825644) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition
Security Update for Microsoft Office Publisher 2007 (KB2597971) 32-Bit Edition
Security Update for Microsoft Office Word 2007 (KB2837617) 32-Bit Edition
Shared C Run-time for x64
Spybot - Search & Destroy
TuneUp Utilities 2014
TuneUp Utilities 2014 (pt-BR)
Unity Web Player
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2878234) 32-Bit Edition
vou Package
Windows 8 Manager
Windows Live Communications Platform
Windows Live Essentials
Windows Live Installer
Windows Live Photo Common
Windows Live PIMT Platform
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live UX Platform
Windows Live UX Platform Language Pack
WinRAR 4.20 (32-bit)
.
==== End Of File ===========================
 

 

 

DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 10.0.9200.16843  BrowserJavaVersion: 10.51.2
Run by Byannkah at 23:39:49 on 2014-04-01
Microsoft Windows 8 Single Language  6.2.9200.0.1252.55.1046.18.6009.4483 [GMT -3:00]
.
AV: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Spybot - Search and Destroy *Disabled/Outdated* {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
.
============== Running Processes ===============
.
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\PROGRA~2\GbPlugin\GbpSv.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\system32\dwm.exe
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\Windows\Explorer.EXE
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\taskhostex.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Common Files\SpeedBit\SBUpdate\sbu.exe
C:\Windows\system32\dashost.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files (x86)\Samsung\Kies\Kies.exe
C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
C:\Program Files (x86)\Microsoft Office\Office12\POWERPNT.EXE
C:\Windows\splwow64.exe
C:\Program Files\My Dell\uaclauncher.exe
C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe
C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_70.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_70.exe
C:\Windows\SysWOW64\ctfmon.exe
C:\Windows\explorer.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://start.pcfaster.com?_bid=3c5e1537c71f23910b6fd462918015fd&_t=hpsf
uSearch Bar = hxxp://www.bing.com/search?q={searchTerms}
uSearch Page = hxxp://www.bing.com/search?q={searchTerms}
uDefault_Page_URL = hxxp://dell13.msn.com
mStart Page = hxxp://start.pcfaster.com?_bid=3c5e1537c71f23910b6fd462918015fd&_t=hpsf
uSearchAssistant = hxxp://www.bing.com/search?q={searchTerms}
mWinlogon: Userinit = userinit.exe,
BHO: PDF Architect Helper: {3A2D5EBA-F86D-4BD3-A177-019765996711} - C:\Program Files (x86)\PDF Architect\PDFIEHelper.dll
BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
BHO: GbIehObj Class: {C41A1C0E-EA6C-11D4-B1B8-444553540000} - C:\Program Files (x86)\GbPlugin\gbieh.dll
BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
TB: PDF Architect Toolbar: {25A3A431-30BB-47C8-AD6A-E1063801134F} - C:\Program Files (x86)\PDF Architect\PDFIEPlugin.dll
TB: avast! Online Security: {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
TB: <No Name>: {ae07101b-46d4-4a98-af68-0333ea26e113} - LocalServer32 - <no file>
uRun: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
uRun: [KiesPreload] C:\Program Files (x86)\Samsung\Kies\Kies.exe /preload
uRun: [KiesAirMessage] C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe -startup
uRun: [AppsHat] C:\Users\Byannkah\AppData\Local\WebPlayer\AppsHat\WebPlayer.exe
mRun: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
mRun: [KiesTrayAgent] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [fst_br_69] <no file>
dRunOnce: [Application Restart #0] C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe /Crashed
mPolicies-System: DisableCAD = dword:1
mPolicies-System: SynchronousMachineGroupPolicy = dword:1
mPolicies-System: SynchronousUserGroupPolicy = dword:1
mPolicies-Windows\System: AllowBlockingAppsAtShutdown = dword:0
IE: &Enviar para o OneNote - C:\PROGRA~1\MICROS~1\Office15\ONBttnIE.dll/105
IE: E&xportar para o Microsoft Excel - C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
.
INFO: HKCU has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
.
INFO: HKLM has more than 50 listed domains.
   If you wish to scan all of them, select the 'Force scan all domains' option.
.
TCP: NameServer = 192.168.25.1
TCP: Interfaces\{1DC92EBA-D613-460E-AA65-5C48AD5DD25B} : DHCPNameServer = 192.168.25.1
TCP: Interfaces\{351DDE05-6EC5-421C-955A-A1869641EE54} : DHCPNameServer = 192.168.25.1
TCP: Interfaces\{351DDE05-6EC5-421C-955A-A1869641EE54}\14E64627F69646140513630393 : DHCPNameServer = 192.168.43.1
TCP: Interfaces\{351DDE05-6EC5-421C-955A-A1869641EE54}\34163716 : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{351DDE05-6EC5-421C-955A-A1869641EE54}\34963736F6F55413230303 : DHCPNameServer = 201.10.128.2 201.10.1.3
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
Notify:  GbPluginBb - C:\Program Files (x86)\GbPlugin\gbieh.dll
Notify: SDWinLogon - SDWinLogon.dll
AppInit_DLLs= c:\progra~3\wincert\win32cert.dll,
SSODL: WebCheck - <orphaned>
SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
SEH: GbPluginObj Class - {E37CB5F0-51F5-4395-A808-5FA49E399F83} - C:\Program Files (x86)\GbPlugin\gbieh.dll
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
mASetup: {A6EADE66-0000-0000-484E-7E8A45000000} - "C:\Windows\SysWOW64\Rundll32.exe" "C:\Program Files (x86)\Adobe\Reader 11.0\Esl\AiodLite.dll",CreateReaderUserSettings
IFEO: installutility.dll - rundll32.exe
x64-BHO: Plus-HD-7.5: {11111111-1111-1111-1111-110511071176} -
x64-BHO: avast! Online Security: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
x64-BHO: CIESpeechBHO Class: {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\IEPlugIn.dll
x64-BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
x64-BHO: IMinent WebBooster (BHO): {A09AB6EB-31B5-454C-97EC-9B294D92EE2A} -
x64-BHO: Discount Dragon BHO: {EA34C851-D481-49F5-A356-3A8B0A8F3B7E} -
x64-TB: avast! Online Security: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
x64-TB: avast! Online Security: {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
x64-TB: <No Name>: {ae07101b-46d4-4a98-af68-0333ea26e113} - LocalServer32 - <no file>
x64-Run: [igfxTray] "C:\Windows\System32\igfxtray.exe"
x64-Run: [HotKeysCmds] "C:\Windows\System32\hkcmd.exe"
x64-Run: [Persistence] "C:\Windows\System32\igfxpers.exe"
x64-mPolicies-System: DisableCAD = dword:1
x64-mPolicies-System: SynchronousMachineGroupPolicy = dword:1
x64-mPolicies-System: SynchronousUserGroupPolicy = dword:1
x64-IE: {7815BE26-237D-41A8-A98F-F7BD75F71086} - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\IEPlugIn.dll
.
INFO: x64-HKLM has more than 50 listed domains.
   If you wish to scan all of them, select the 'Force scan all domains' option.
.
x64-Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - <orphaned>
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-Notify: igfxcui - igfxdev.dll
x64-SSODL: WebCheck - <orphaned>
x64-IFEO: installutility.dll - rundll32.exe
Hosts: 127.0.0.1    www.spywareinfo.com
Hosts: 54.225.95.126    nikdaiaidiiiogaidkkekcmokcgcdeac
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Byannkah\AppData\Roaming\Mozilla\Firefox\Profiles\rjwszd5q.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://start.pcfaster.com?_bid=3c5e1537c71f23910b6fd462918015fd&_t=hpsf
FF - prefs.js: keyword.URL - hxxp://www.google.com/search?rls=org.mozilla:en-US:official&client=firefox-a&q=
FF - plugin: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Free Media Player\npvlc.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll
FF - plugin: C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\Users\Byannkah\AppData\Local\GAS Tecnologia\GBBD\npsf_bb.dll
FF - plugin: C:\Users\Byannkah\AppData\Local\GAS Tecnologia\GBBD\npsf_bb_64.dll
FF - plugin: C:\Users\Byannkah\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_70.dll
.
============= SERVICES / DRIVERS ===============
.
R0 aswRvrt;avast! Revert;C:\Windows\System32\Drivers\aswRvrt.sys [2013-9-28 65776]
R0 aswVmm;avast! VM Monitor;C:\Windows\System32\Drivers\aswVmm.sys [2013-9-28 207904]
R0 iaStorA;iaStorA;C:\Windows\System32\Drivers\iaStorA.sys [2013-7-26 645952]
R0 nvpciflt;nvpciflt;C:\Windows\System32\Drivers\nvpciflt.sys [2013-12-18 32544]
R0 rtcrfilt64;Realtek Turbo Mode Filter Driver;C:\Windows\System32\Drivers\rtcrfilt64.sys [2013-7-26 19600]
R1 aswSnx;aswSnx;C:\Windows\System32\Drivers\aswSnx.sys [2013-9-28 1038072]
R1 aswSP;aswSP;C:\Windows\System32\Drivers\aswSP.sys [2013-9-28 421704]
R1 CLVirtualDrive;CLVirtualDrive;C:\Windows\System32\Drivers\CLVirtualDrive.sys [2013-7-25 92536]
R2 aswMonFlt;aswMonFlt;C:\Windows\System32\Drivers\aswMonFlt.sys [2013-9-28 78648]
R2 avast! Antivirus;avast! Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2014-2-16 50344]
R2 GbpSv;Gbp Service;C:\PROGRA~2\GbPlugin\GbpSv.exe [2014-3-16 519720]
R2 SBUpd;SpeedBit Update;C:\Program Files\Common Files\SpeedBit\SBUpdate\sbu.exe [2014-3-4 2541688]
R2 TurboB;Turbo Boost UI Monitor driver;C:\Windows\System32\Drivers\TurboB.sys [2012-5-30 16168]
R3 AthBTPort;Qualcomm Atheros Virtual Bluetooth Class;C:\Windows\System32\Drivers\btath_flt.sys [2012-8-31 88728]
R3 BTATH_A2DP;Bluetooth A2DP Audio Driver;C:\Windows\System32\Drivers\btath_a2dp.sys [2012-8-31 344216]
R3 btath_avdt;Qualcomm Atheros Bluetooth AVDT Service;C:\Windows\System32\Drivers\btath_avdt.sys [2012-8-31 114840]
R3 BTATH_BUS;Qualcomm Atheros Bluetooth Bus;C:\Windows\System32\Drivers\btath_bus.sys [2012-8-31 33944]
R3 BTATH_HCRP;Bluetooth HCRP Server driver;C:\Windows\System32\Drivers\btath_hcrp.sys [2012-8-31 178840]
R3 BTATH_LWFLT;Bluetooth LWFLT Device;C:\Windows\System32\Drivers\btath_lwflt.sys [2012-8-31 76952]
R3 BTATH_RCP;Bluetooth AVRCP Device;C:\Windows\System32\Drivers\btath_rcp.sys [2012-8-31 135832]
R3 BtFilter;BtFilter;C:\Windows\System32\Drivers\btfilter.sys [2012-8-31 575128]
R3 BthLEEnum;Driver de Baixa Energia do Bluetooth;C:\Windows\System32\Drivers\BthLEEnum.sys [2012-7-25 202752]
R3 IntcDAud;Áudio do vídeo Intel®;C:\Windows\System32\Drivers\IntcDAud.sys [2013-7-26 342528]
R3 RTL8168;Realtek 8168 NT Driver;C:\Windows\System32\Drivers\Rt630x64.sys [2013-7-26 690832]
R3 SBUpdd;SpeedBit UpdateD;C:\Program Files\Common Files\SpeedBit\SBUpdate\sbw.sys [2014-3-4 41368]
R3 SmbDrvI;SmbDrvI;C:\Windows\System32\Drivers\Smb_driver_Intel.sys [2013-7-26 43832]
S3 aswStm;aswStm;C:\Windows\System32\Drivers\aswStm.sys [2014-2-16 80184]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);C:\Windows\System32\Drivers\ssudbus.sys [2013-10-28 107288]
S3 MBAMProtector;MBAMProtector;C:\Windows\System32\Drivers\mbam.sys [2013-12-28 25928]
S3 NvStUSB;NVIDIA Stereoscopic 3D USB driver;C:\Windows\System32\Drivers\nvstusb.sys [2013-7-26 447928]
S3 RSUSBVSTOR;RtsUVStor.Sys Realtek USB Card Reader;C:\Windows\System32\Drivers\RtsUVStor.sys [2013-7-26 317584]
S3 SmbDrv;SmbDrv;C:\Windows\System32\Drivers\Smb_driver_AMDASF.sys [2013-7-26 41272]
S3 ssudmdm;SAMSUNG  Mobile USB Modem Drivers (DEVGURU Ver.);C:\Windows\System32\Drivers\ssudmdm.sys [2013-10-28 204568]
S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesDriver64.sys [2013-8-21 14112]
S3 WSDScan;Suporte para Digitalização WSD;C:\Windows\System32\Drivers\WSDScan.sys [2013-7-26 23552]
S3 WUDFWpdMtp;WUDFWpdMtp;C:\Windows\System32\Drivers\WUDFRd.sys [2012-7-25 198656]
S4 AERTFilters;Andrea RT Filters Service;C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe [2013-7-26 98208]
S4 AtherosSvc;AtherosSvc;C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\AdminService.exe [2012-8-31 216192]
S4 DellUpdate;Dell Update Service;C:\Program Files (x86)\Dell Update\DellUpService.exe [2014-1-14 149496]
S4 IconMan_R;IconMan_R;C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe [2013-7-25 2464400]
S4 jhi_service;Intel® Dynamic Application Loader Host Interface Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe [2013-7-25 166720]
S4 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-12-28 418376]
S4 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2013-12-28 701512]
S4 PDF Architect Helper Service;PDF Architect Helper Service;C:\Program Files (x86)\PDF Architect\HelperService.exe [2013-4-8 1320496]
S4 PDF Architect Service;PDF Architect Service;C:\Program Files (x86)\PDF Architect\ConversionService.exe [2013-4-8 799280]
S4 SDScannerService;Spybot-S&D 2 Scanner Service;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [2013-9-28 1817560]
S4 SDUpdateService;Spybot-S&D 2 Updating Service;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2013-9-28 1033688]
S4 SDWSCService;Spybot-S&D 2 Security Center Service;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [2013-9-28 171928]
S4 SftService;SoftThinks Agent Service;C:\Program Files (x86)\Dell Backup and Recovery\SftService.exe [2013-7-25 1915480]
S4 TurboBoost;Intel® Turbo Boost Technology Monitor 2.6;C:\Program Files\Intel\TurboBoost\TurboBoost.exe [2012-5-30 149544]
S4 UNS;Intel® Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2013-7-25 365376]
.
=============== File Associations ===============
.
FileExt: .txt: txtfile=C:\Windows\System32\NOTEPAD.EXE %1 [userChoice]
.
=============== Created Last 30 ================
.
2014-03-28 14:59:25    --------    d-----w-    C:\ProgramData\Package Cache
2014-03-28 14:59:04    --------    d-----w-    C:\Program Files (x86)\PCSX2 1.2.1
2014-03-28 14:30:42    --------    d-----w-    C:\Windows\SysWow64\NV
2014-03-28 14:30:42    --------    d-----w-    C:\Windows\System32\NV
2014-03-28 14:16:11    63776    ----a-w-    C:\Windows\System32\nvshext.dll
2014-03-22 02:10:19    --------    d-----w-    C:\Users\Byannkah\AppData\Local\Diagnostics
2014-03-22 02:01:43    --------    d-----w-    C:\Program Files (x86)\Common Files\Intel
2014-03-22 01:59:17    2232664    ----a-w-    C:\Windows\System32\drivers\tcpip.sys
2014-03-22 01:59:17    1939288    ----a-w-    C:\Windows\System32\drivers\ntfs.sys
2014-03-22 01:59:14    5979648    ----a-w-    C:\Windows\System32\mstscax.dll
2014-03-22 01:59:11    599040    ----a-w-    C:\Windows\System32\WSDApi.dll
2014-03-22 01:59:11    523264    ----a-w-    C:\Windows\System32\XpsGdiConverter.dll
2014-03-22 01:59:09    485888    ----a-w-    C:\Windows\SysWow64\WSDApi.dll
2014-03-22 01:59:04    5092352    ----a-w-    C:\Windows\SysWow64\mstscax.dll
2014-03-22 01:59:01    365568    ----a-w-    C:\Windows\SysWow64\XpsGdiConverter.dll
2014-03-22 01:58:58    690688    ----a-w-    C:\Windows\System32\WSShared.dll
2014-03-22 01:58:58    278872    ----a-w-    C:\Windows\System32\drivers\msiscsi.sys
2014-03-22 01:58:57    209712    ----a-w-    C:\Windows\System32\NotificationUI.exe
2014-03-22 01:58:56    564736    ----a-w-    C:\Windows\SysWow64\WSShared.dll
2014-03-22 01:58:56    332632    ----a-w-    C:\Windows\System32\drivers\storport.sys
2014-03-22 01:58:56    163840    ----a-w-    C:\Windows\System32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-03-22 01:58:56    143872    ----a-w-    C:\Windows\SysWow64\Windows.ApplicationModel.Store.dll
2014-03-22 01:58:56    124928    ----a-w-    C:\Windows\SysWow64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-03-22 01:58:56    118784    ----a-w-    C:\Windows\System32\drivers\dfsc.sys
2014-03-22 01:52:06    40760    ----a-w-    C:\Windows\System32\TURegOpt.exe
2014-03-22 01:52:04    29496    ----a-w-    C:\Windows\System32\authuitu.dll
2014-03-22 01:52:04    25400    ----a-w-    C:\Windows\SysWow64\authuitu.dll
2014-03-22 01:51:23    --------    d-----w-    C:\Users\Byannkah\AppData\Roaming\TuneUp Software
2014-03-22 01:50:36    --------    d-----w-    C:\Program Files (x86)\TuneUp Utilities 2014
2014-03-22 01:49:59    --------    d-----w-    C:\ProgramData\TuneUp Software
2014-03-22 01:49:54    --------    d-sh--w-    C:\ProgramData\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C}
2014-03-22 01:49:54    --------    d--h--w-    C:\ProgramData\Common Files
2014-03-22 01:44:06    --------    d-----w-    C:\Users\Byannkah\AppData\Roaming\rmi
2014-03-17 00:47:44    78304    ----a-w-    C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2014-03-17 00:47:44    694240    ----a-w-    C:\Windows\SysWow64\FlashPlayerApp.exe
2014-03-17 00:43:59    --------    d-----w-    C:\ProgramData\GbPlugin
2014-03-17 00:43:59    --------    d-----w-    C:\Program Files (x86)\GbPlugin
2014-03-17 00:43:18    720082    ----a-w-    C:\Users\Byannkah\AppData\Roaming\unins000.exe
2014-03-17 00:43:18    --------    d-----w-    C:\Users\Byannkah\AppData\Local\GAS Tecnologia
2014-03-17 00:43:18    --------    d-----w-    C:\ProgramData\GAS Tecnologia
2014-03-17 00:43:18    --------    d-----w-    C:\ProgramData\boost_interprocess
2014-03-12 11:57:57    1628160    ----a-w-    C:\Windows\System32\WindowsCodecs.dll
2014-03-12 11:57:57    1339392    ----a-w-    C:\Windows\SysWow64\WindowsCodecs.dll
2014-03-09 18:28:14    --------    d-----w-    C:\Windows\ACF5FE1B377240688B872D2A6EFD0A05.TMP
2014-03-09 18:28:07    --------    d-----w-    C:\Program Files (x86)\Common Files\Wise Installation Wizard
2014-03-09 16:43:29    --------    d-----w-    C:\Program Files (x86)\Bench
2014-03-09 16:43:15    --------    d-----w-    C:\Program Files (x86)\predm
.
==================== Find3M  ====================
.
2014-02-23 08:13:41    2241536    ----a-w-    C:\Windows\System32\wininet.dll
2014-02-23 08:13:31    915968    ----a-w-    C:\Windows\System32\uxtheme.dll
2014-02-23 08:13:31    53760    ----a-w-    C:\Windows\System32\UXInit.dll
2014-02-23 08:11:59    3960320    ----a-w-    C:\Windows\System32\jscript9.dll
2014-02-23 08:11:52    67072    ----a-w-    C:\Windows\System32\iesetup.dll
2014-02-23 08:11:52    136704    ----a-w-    C:\Windows\System32\iesysprep.dll
2014-02-23 06:54:46    1767936    ----a-w-    C:\Windows\SysWow64\wininet.dll
2014-02-23 06:54:37    44032    ----a-w-    C:\Windows\SysWow64\UXInit.dll
2014-02-23 06:53:22    2877952    ----a-w-    C:\Windows\SysWow64\jscript9.dll
2014-02-23 06:53:18    61440    ----a-w-    C:\Windows\SysWow64\iesetup.dll
2014-02-23 06:53:18    109056    ----a-w-    C:\Windows\SysWow64\iesysprep.dll
2014-02-23 06:35:36    2706432    ----a-w-    C:\Windows\System32\mshtml.tlb
2014-02-23 06:31:25    2706432    ----a-w-    C:\Windows\SysWow64\mshtml.tlb
2014-02-23 04:06:33    534528    ----a-w-    C:\Windows\SysWow64\uxtheme.dll
2014-02-17 00:21:54    80184    ----a-w-    C:\Windows\System32\drivers\aswStm.sys
2014-02-17 00:21:54    207904    ----a-w-    C:\Windows\System32\drivers\aswVmm.sys
2014-02-17 00:21:53    78648    ----a-w-    C:\Windows\System32\drivers\aswMonFlt.sys
2014-02-17 00:21:53    1038072    ----a-w-    C:\Windows\System32\drivers\aswSnx.sys
2014-02-17 00:21:50    43152    ----a-w-    C:\Windows\avastSS.scr
2014-02-08 04:34:42    4036608    ----a-w-    C:\Windows\System32\win32k.sys
2014-02-05 23:41:39    595968    ----a-w-    C:\Windows\System32\qedit.dll
2014-02-05 23:37:51    496640    ----a-w-    C:\Windows\SysWow64\qedit.dll
2014-01-25 05:23:02    733184    ----a-w-    C:\Windows\System32\MetroIntelGenericUIFramework.dll
2014-01-25 05:23:00    64000    ----a-w-    C:\Windows\System32\OpenCL.DLL
2014-01-25 05:23:00    64000    ----a-w-    C:\Windows\System32\Intel_OpenCL_ICD64.dll
2014-01-25 05:23:00    60416    ----a-w-    C:\Windows\SysWow64\OpenCL.DLL
2014-01-25 05:23:00    60416    ----a-w-    C:\Windows\SysWow64\Intel_OpenCL_ICD32.dll
2014-01-12 23:30:39    2032640    ----a-w-    C:\Windows\SysWow64\d3d10warp.dll
2014-01-12 23:30:18    2238976    ----a-w-    C:\Windows\System32\d3d10warp.dll
.
============= FINISH: 23:40:51,38 ===============
 

Compartilhar este post


Link para o post
Compartilhar em outros sites

Faça o download do Malwarebytes Anti-Malware:

  • Link1
  • Link alternativo
    • Clique duas vezes em mbam-setup.exe, escolha a linguagem e siga as instruções para o software ser instalado.
    • Certifique-se que esteja marcada a caixa Atualizar Malwarebytes Anti-Malware e Executar Malwarebytes Anti-Malware, e clique em concluir.
    • Se existirem atualizações, elas serão baixadas e instaladas.
    • Quando as atualizações terminarem, abrirá uma janela do programa. Marque "Verificação Rápida", e depois clique no botão Verificar.
    • O scan iniciará e poderá ser demorado. Por favor seja paciente.
    • Quando o scan estiver completo, clique em Ok, depois em Mostrar Resultados para ver o log.
    • Se algo for encontrado, certifique-se que tudo está marcado e clique em Remover.
    • Quando a desinfecção terminar, automaticamente um log surgirá aberto num documento do Bloco de Notas e pode ser questionado para reiniciar o PC. (Leia a nota)
    • O log é automaticamente guardado e pode ser consultado clicando na tab Logs do menu principal.
    • Copie e cole o conteúdo desse log na sua próxima resposta.
Nota: Em infecções mais complicadas, poderá haver a necessidade de reiniciar o PC. Caso lhe seja pedido para reiniciar, por favor, faça-o imediatamente.

Depois,

Leia as instruções contidas neste link:

##### "Como usar o ComboFix" #####

Nas instruções contidas no link acima, poderá verificar quais os fóruns onde os Analistas estão devidamente habilitados a utilizar corretamente a ferramenta:"Fóruns para receber ajuda com logs do ComboFix"

  • Faça o download do ComboFix de um dos links oficiais listados abaixo e salve no seu desktop:
  • Temporariamente e durante a execução destas instruções, é muito importante que mantenha desabilitados os seus programas de proteção (Antivirus, Antispyware e Firewall). Reative as proteções após a execução do(s) procedimento(s) abaixo mencionado(s).
  • Duplo clique no icone desktopicon.png que está no desktop.
  • Leia e aceite as condições, digitando 1 e enter.
  • Computadores com Windows XP deverão instalar o Console de Recuperação:
    • Se o seu computador tem instalado o Windows XP e ainda não tem instalado o Console de Recuperação, por favor certifique-se que está conectado à Internet, e clique em "Sim".
    • Clique em "OK" ao EULA.
    • Quando o Console de Recuperação estiver já instalado, clique em "SIM" para continuar.
  • O ComboFix será executado, por favor seja paciente e aguarde.
  • Atenção: Não utilize o mouse nem o teclado enquanto a ferramenta estiver sendo executada, isso pode fazer com que o computador pare.
  • Poderá surgir o aviso que é necessário reiniciar o computador.

    NÃO REINICIE!!! O ComboFix reiniciará o computador automaticamente.

  • Quando a ferramenta terminar de rodar, gerará um log (o arquivo C:\ComboFix.txt). Copie e cole o conteúdo desse arquivo na sua proxima resposta.

NÃO utilize a ferramenta por conta própria. É uma ferramenta poderosa criada pra lidar com infecções sofisticadas e caso não a utilize corretamente poderá danificar o seu computador.

  • Existem vários malwares que impedem a execução correta da ferramenta e com isso danificar gravemente o computador. Analistas habilitados a utilizar o ComboFix conhecem esses casos e sabem lidar com estas situações.
  • Muitos dos Analistas não respondem a topicos em que vejam que o ComboFix foi utilizado sem supervisão.
  • Existem varias ferramentas anti-malware generalistas em que os autores ao elaborarem a programação das mesmas, estão pensando nos usuários finais e para serem usadas sem supervisão. O Combofix não é uma ferramenta desse tipo, e assim sendo e até por respeito ao autor da ferramenta, não utilize sem supervisão.

Compartilhar este post


Link para o post
Compartilhar em outros sites

log do Malwarebytes

 

Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Versão da Base de Dados:  v2014.03.28.05

Windows 8 x64 NTFS
Internet Explorer 10.0.9200.16843
Byannkah :: BYANNKAH [administrador]

05/04/2014 14:49:30
mbam-log-2014-04-05 (14-49-30).txt

Tipo de Verificação:  Verificação Rápida
Opções de verificações ativadas: Memória | Inicialização | Registro | Sistema de arquivos  | Heurística/Extra | Heurística/Shuriken | PUP | PUM
Opções de verificação desativadas: P2P
Objetos escaneados:  282363
Tempo decorrido: 7 minuto(s), 45 segundo(s)

Processos de Memória Detectados: 0
(Não foram detectados ítens maliciosos)

Módulos de Memória Detectados: 0
(Não foram detectados ítens maliciosos)

Chaves de Registro Detectadas: 0
(Não foram detectados ítens maliciosos)

Valores de Registro Detectadas: 0
(Não foram detectados ítens maliciosos)

Itens de Dados no Registro Detectadas: 0
(Não foram detectados ítens maliciosos)

Pastas Detectadas: 0
(Não foram detectados ítens maliciosos)

Arquivos Detectados: 0
(Não foram detectados ítens maliciosos)

(fim)
 

 

log do combofix

 

ComboFix 14-04-05.01 - Byannkah 05/04/2014  14:20:49.1.4 - x64
Microsoft Windows 8 Single Language  6.2.9200.0.1252.55.1046.18.6009.4615 [GMT -3:00]
Executando de: c:\users\Byannkah\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AV: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: Spybot - Search and Destroy *Disabled/Outdated* {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 * Criado um novo ponto de restauração
.
.
(((((((((((((((((((((((((((((((((((((   Outras Exclusões   )))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\install.exe
c:\programdata\PCDr\6426\AddOnDownloaded\51fdf16e-ecb9-4fa4-8469-76fc9a22293b.dll
c:\programdata\PCDr\6426\AddOnDownloaded\57d7325c-8462-4866-a9ca-3f9228775fed.dll
c:\programdata\PCDr\6426\AddOnDownloaded\9a23b885-84bf-4844-bc8c-e1f4c568d95a.dll
c:\programdata\PCDr\6426\AddOnDownloaded\9a4d2a9e-ce47-421d-bbd6-98fd72255fed.dll
c:\programdata\PCDr\6426\AddOnDownloaded\b1cd2350-1a70-4fd2-9b75-98208aace99a.dll
c:\users\Byannkah\AppData\Roaming\unins000.exe
c:\windows\PFRO.log
c:\windows\SysWow64\Packet.dll
c:\windows\SysWow64\pthreadVC.dll
c:\windows\SysWow64\wpcap.dll
.
.
(((((((((((((((((((((((((((((((((((((((   Drivers/Serviços   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_NPF
.
.
((((((((((((((((   Arquivos/Ficheiros criados de 2014-03-05 to 2014-04-05  ))))))))))))))))))))))))))))
.
.
2014-04-05 17:31 . 2014-04-05 17:34    --------    d-----w-    c:\users\Byannkah\AppData\Local\temp
2014-04-05 17:31 . 2014-04-05 17:31    --------    d-----w-    c:\users\Default\AppData\Local\temp
2014-04-05 00:19 . 2014-04-05 00:19    --------    d-----w-    c:\program files\Realtek
2014-04-05 00:17 . 2013-10-09 23:12    14152960    ----a-w-    c:\windows\system32\MaxxAudioRealtek64.dll
2014-04-05 00:16 . 2013-09-13 21:44    2080472    ----a-w-    c:\windows\RtlExUpd.dll
2014-04-05 00:16 . 2014-04-05 00:16    --------    d-----w-    c:\program files (x86)\Common Files\InstallShield
2014-04-05 00:11 . 2014-04-05 00:20    --------    d--h--w-    c:\program files (x86)\Temp
2014-03-28 14:59 . 2014-03-28 14:59    --------    d-----w-    c:\programdata\Package Cache
2014-03-28 14:59 . 2014-03-28 15:00    --------    d-----w-    c:\program files (x86)\PCSX2 1.2.1
2014-03-28 14:30 . 2014-03-28 14:30    --------    d-----w-    c:\windows\SysWow64\NV
2014-03-28 14:30 . 2014-03-28 14:30    --------    d-----w-    c:\windows\system32\NV
2014-03-28 14:16 . 2013-10-23 08:20    63776    ----a-w-    c:\windows\system32\nvshext.dll
2014-03-22 18:23 . 2014-03-22 18:23    --------    d-----w-    c:\windows\ServiceProfiles\LocalService\winhttp
2014-03-22 02:10 . 2014-03-22 02:10    --------    d-----w-    c:\users\Byannkah\AppData\Local\Diagnostics
2014-03-22 02:01 . 2014-03-22 02:01    --------    d-----w-    c:\program files (x86)\Common Files\Intel
2014-03-22 01:59 . 2014-01-27 00:31    19752448    ----a-w-    c:\windows\system32\shell32.dll
2014-03-22 01:59 . 2014-01-27 03:42    2232664    ----a-w-    c:\windows\system32\drivers\tcpip.sys
2014-03-22 01:59 . 2014-01-27 03:39    1939288    ----a-w-    c:\windows\system32\drivers\ntfs.sys
2014-03-22 01:59 . 2014-01-11 06:48    5979648    ----a-w-    c:\windows\system32\mstscax.dll
2014-03-22 01:59 . 2014-01-31 00:06    599040    ----a-w-    c:\windows\system32\WSDApi.dll
2014-03-22 01:59 . 2014-01-02 23:32    523264    ----a-w-    c:\windows\system32\XpsGdiConverter.dll
2014-03-22 01:59 . 2014-01-31 00:48    485888    ----a-w-    c:\windows\SysWow64\WSDApi.dll
2014-03-22 01:59 . 2014-01-11 05:06    5092352    ----a-w-    c:\windows\SysWow64\mstscax.dll
2014-03-22 01:59 . 2014-01-02 23:35    365568    ----a-w-    c:\windows\SysWow64\XpsGdiConverter.dll
2014-03-22 01:58 . 2014-02-03 23:56    278872    ----a-w-    c:\windows\system32\drivers\msiscsi.sys
2014-03-22 01:58 . 2014-01-31 00:06    690688    ----a-w-    c:\windows\system32\WSShared.dll
2014-03-22 01:58 . 2014-01-31 03:55    209712    ----a-w-    c:\windows\system32\NotificationUI.exe
2014-03-22 01:58 . 2014-02-03 23:56    332632    ----a-w-    c:\windows\system32\drivers\storport.sys
2014-03-22 01:58 . 2014-01-31 00:48    564736    ----a-w-    c:\windows\SysWow64\WSShared.dll
2014-03-22 01:58 . 2014-01-31 00:48    143872    ----a-w-    c:\windows\SysWow64\Windows.ApplicationModel.Store.dll
2014-03-22 01:58 . 2014-01-31 00:48    124928    ----a-w-    c:\windows\SysWow64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-03-22 01:58 . 2014-01-31 00:06    163840    ----a-w-    c:\windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-03-22 01:58 . 2014-01-15 23:42    118784    ----a-w-    c:\windows\system32\drivers\dfsc.sys
2014-03-22 01:56 . 2014-03-22 01:57    --------    d-----w-    c:\users\Byannkah\AppData\Roaming\ImgBurn
2014-03-22 01:52 . 2014-03-22 01:52    --------    d-----w-    c:\program files (x86)\Windows Sidebar
2014-03-22 01:52 . 2013-08-30 13:45    40760    ----a-w-    c:\windows\system32\TURegOpt.exe
2014-03-22 01:52 . 2013-08-30 13:44    29496    ----a-w-    c:\windows\system32\authuitu.dll
2014-03-22 01:52 . 2013-08-30 13:44    25400    ----a-w-    c:\windows\SysWow64\authuitu.dll
2014-03-22 01:51 . 2014-03-22 01:51    --------    d-----w-    c:\users\Byannkah\AppData\Roaming\TuneUp Software
2014-03-22 01:50 . 2014-03-22 01:51    --------    d-----w-    c:\program files (x86)\TuneUp Utilities 2014
2014-03-22 01:49 . 2014-03-22 01:52    --------    d-----w-    c:\programdata\TuneUp Software
2014-03-22 01:49 . 2014-03-22 01:49    --------    d-sh--w-    c:\programdata\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C}
2014-03-22 01:49 . 2014-03-22 01:49    --------    d--h--w-    c:\programdata\Common Files
2014-03-22 01:46 . 2014-03-22 01:46    --------    d-----w-    c:\program files (x86)\ImgBurn
2014-03-22 01:44 . 2014-03-28 15:28    --------    d-----w-    c:\users\Byannkah\AppData\Roaming\rmi
2014-03-17 00:47 . 2014-03-04 22:52    78304    ----a-w-    c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-03-17 00:47 . 2014-03-04 22:52    694240    ----a-w-    c:\windows\SysWow64\FlashPlayerApp.exe
2014-03-17 00:43 . 2014-03-17 00:44    --------    d-----w-    c:\programdata\GbPlugin
2014-03-17 00:43 . 2014-03-17 00:44    --------    d-----w-    c:\program files (x86)\GbPlugin
2014-03-17 00:43 . 2014-04-05 01:34    --------    d-----w-    c:\programdata\GAS Tecnologia
2014-03-17 00:43 . 2014-03-17 23:06    --------    d-----w-    c:\programdata\boost_interprocess
2014-03-17 00:43 . 2014-03-17 00:43    --------    d-----w-    c:\users\Byannkah\AppData\Local\GAS Tecnologia
2014-03-12 11:57 . 2014-01-31 00:48    1339392    ----a-w-    c:\windows\SysWow64\WindowsCodecs.dll
2014-03-12 11:57 . 2014-01-31 00:06    1628160    ----a-w-    c:\windows\system32\WindowsCodecs.dll
2014-03-12 11:20 . 2014-02-23 08:12    19273216    ----a-w-    c:\windows\system32\mshtml.dll
2014-03-09 18:28 . 2014-03-09 18:30    --------    d-----w-    c:\windows\ACF5FE1B377240688B872D2A6EFD0A05.TMP
2014-03-09 18:28 . 2014-03-09 18:28    --------    d-----w-    c:\program files (x86)\Common Files\Wise Installation Wizard
2014-03-09 16:43 . 2014-03-21 13:59    --------    d-----w-    c:\program files (x86)\Bench
2014-03-09 16:43 . 2014-03-09 16:43    --------    d-----w-    c:\program files (x86)\predm
2014-03-08 11:35 . 2014-03-08 11:36    --------    d-----w-    c:\users\Convidado
.
.
.
(((((((((((((((((((((((((((((((((((((   Relatório Find3M   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-03-19 18:02 . 2013-08-19 00:43    90015360    ----a-w-    c:\windows\system32\MRT.exe
2014-02-17 00:21 . 2014-02-17 00:22    80184    ----a-w-    c:\windows\system32\drivers\aswStm.sys
2014-02-17 00:21 . 2013-09-29 02:24    207904    ----a-w-    c:\windows\system32\drivers\aswVmm.sys
2014-02-17 00:21 . 2013-09-29 02:24    421704    ----a-w-    c:\windows\system32\drivers\aswSP.sys
2014-02-17 00:21 . 2013-09-29 02:24    1038072    ----a-w-    c:\windows\system32\drivers\aswSnx.sys
2014-02-17 00:21 . 2013-09-29 02:24    78648    ----a-w-    c:\windows\system32\drivers\aswMonFlt.sys
2014-02-17 00:21 . 2013-09-29 02:24    334136    ----a-w-    c:\windows\system32\aswBoot.exe
2014-02-17 00:21 . 2014-02-17 00:21    43152    ----a-w-    c:\windows\avastSS.scr
2014-01-25 05:23 . 2014-01-25 05:23    733184    ----a-w-    c:\windows\system32\MetroIntelGenericUIFramework.dll
2014-01-25 05:23 . 2014-01-25 05:23    64000    ----a-w-    c:\windows\system32\Intel_OpenCL_ICD64.dll
2014-01-25 05:23 . 2014-01-25 05:23    60416    ----a-w-    c:\windows\SysWow64\Intel_OpenCL_ICD32.dll
2014-01-25 05:23 . 2013-07-26 00:34    64000    ----a-w-    c:\windows\system32\OpenCL.DLL
2014-01-25 05:23 . 2013-07-26 00:34    60416    ----a-w-    c:\windows\SysWow64\OpenCL.DLL
2014-01-25 05:22 . 2014-01-25 05:22    320512    ----a-w-    c:\windows\system32\IntelOpenCL64.dll
2014-01-25 05:22 . 2014-01-25 05:22    279000    ----a-w-    c:\windows\SysWow64\IntelCpHeciSvc.exe
2014-01-25 05:22 . 2014-01-25 05:22    265216    ----a-w-    c:\windows\SysWow64\IntelOpenCL32.dll
2014-01-25 05:22 . 2014-01-25 05:22    182784    ----a-w-    c:\windows\system32\igfxCoIn_v3412.dll
2014-01-25 05:22 . 2014-01-25 05:22    1127424    ----a-w-    c:\windows\system32\iglhsip64.dll
2014-01-25 05:22 . 2014-01-25 05:22    1123328    ----a-w-    c:\windows\SysWow64\iglhsip32.dll
2014-01-25 05:22 . 2014-01-25 05:22    906200    ----a-w-    c:\windows\system32\igfxstarter.exe
2014-01-25 05:22 . 2014-01-25 05:22    845272    ----a-w-    c:\windows\system32\igfxsrvc.exe
2014-01-25 05:22 . 2014-01-25 05:22    66560    ----a-w-    c:\windows\system32\igfxsrvc.dll
2014-01-25 05:22 . 2014-01-25 05:22    526848    ----a-w-    c:\windows\system32\igfxrrus.lrc
2014-01-25 05:22 . 2014-01-25 05:22    526336    ----a-w-    c:\windows\system32\igfxrrom.lrc
2014-01-25 05:22 . 2014-01-25 05:22    525824    ----a-w-    c:\windows\system32\igfxrsky.lrc
2014-01-25 05:22 . 2014-01-25 05:22    525824    ----a-w-    c:\windows\system32\igfxrptg.lrc
2014-01-25 05:22 . 2014-01-25 05:22    525312    ----a-w-    c:\windows\system32\igfxrsve.lrc
2014-01-25 05:22 . 2014-01-25 05:22    525312    ----a-w-    c:\windows\system32\igfxrslv.lrc
2014-01-25 05:22 . 2014-01-25 05:22    524800    ----a-w-    c:\windows\system32\igfxrtrk.lrc
2014-01-25 05:22 . 2014-01-25 05:22    523776    ----a-w-    c:\windows\system32\igfxrtha.lrc
2014-01-25 05:22 . 2014-01-25 05:22    391128    ----a-w-    c:\windows\system32\igfxtray.exe
2014-01-25 05:22 . 2014-01-25 05:22    346624    ----a-w-    c:\windows\system32\igfxTMM.dll
2014-01-25 05:22 . 2014-01-25 05:22    214528    ----a-w-    c:\windows\system32\iglhcp64.dll
2014-01-25 05:22 . 2014-01-25 05:22    179712    ----a-w-    c:\windows\SysWow64\iglhcp32.dll
2014-01-25 05:22 . 2014-01-25 05:22    9081856    ----a-w-    c:\windows\system32\igfxress.dll
2014-01-25 05:22 . 2014-01-25 05:22    527360    ----a-w-    c:\windows\system32\igfxrplk.lrc
2014-01-25 05:22 . 2014-01-25 05:22    527360    ----a-w-    c:\windows\system32\igfxrfra.lrc
2014-01-25 05:22 . 2014-01-25 05:22    526336    ----a-w-    c:\windows\system32\igfxrnld.lrc
2014-01-25 05:22 . 2014-01-25 05:22    526336    ----a-w-    c:\windows\system32\igfxrita.lrc
2014-01-25 05:22 . 2014-01-25 05:22    525824    ----a-w-    c:\windows\system32\igfxrhun.lrc
2014-01-25 05:22 . 2014-01-25 05:22    525824    ----a-w-    c:\windows\system32\igfxrhrv.lrc
2014-01-25 05:22 . 2014-01-25 05:22    525312    ----a-w-    c:\windows\system32\igfxrfin.lrc
2014-01-25 05:22 . 2014-01-25 05:22    524800    ----a-w-    c:\windows\system32\igfxrptb.lrc
2014-01-25 05:22 . 2014-01-25 05:22    524288    ----a-w-    c:\windows\system32\igfxrnor.lrc
2014-01-25 05:22 . 2014-01-25 05:22    522240    ----a-w-    c:\windows\system32\igfxrheb.lrc
2014-01-25 05:22 . 2014-01-25 05:22    517632    ----a-w-    c:\windows\system32\igfxrjpn.lrc
2014-01-25 05:22 . 2014-01-25 05:22    516096    ----a-w-    c:\windows\system32\igfxrkor.lrc
2014-01-25 05:22 . 2014-01-25 05:22    770520    ----a-w-    c:\windows\system32\igfxpers.exe
2014-01-25 05:22 . 2014-01-25 05:22    548864    ----a-w-    c:\windows\system32\igfxpph.dll
2014-01-25 05:22 . 2014-01-25 05:22    527872    ----a-w-    c:\windows\system32\igfxrell.lrc
2014-01-25 05:22 . 2014-01-25 05:22    527360    ----a-w-    c:\windows\system32\igfxresn.lrc
2014-01-25 05:22 . 2014-01-25 05:22    526848    ----a-w-    c:\windows\system32\igfxrdeu.lrc
2014-01-25 05:22 . 2014-01-25 05:22    525824    ----a-w-    c:\windows\system32\igfxrcsy.lrc
2014-01-25 05:22 . 2014-01-25 05:22    524288    ----a-w-    c:\windows\system32\igfxrdan.lrc
2014-01-25 05:22 . 2014-01-25 05:22    521728    ----a-w-    c:\windows\system32\igfxrara.lrc
2014-01-25 05:22 . 2014-01-25 05:22    514048    ----a-w-    c:\windows\system32\igfxrcht.lrc
2014-01-25 05:22 . 2014-01-25 05:22    513536    ----a-w-    c:\windows\system32\igfxrchs.lrc
2014-01-25 05:22 . 2014-01-25 05:22    493056    ----a-w-    c:\windows\SysWow64\igfxdv32.dll
2014-01-25 05:22 . 2014-01-25 05:22    397784    ----a-w-    c:\windows\system32\igfxext.exe
2014-01-25 05:22 . 2014-01-25 05:22    371200    ----a-w-    c:\windows\system32\igfxrenu.lrc
2014-01-25 05:22 . 2014-01-25 05:22    29696    ----a-w-    c:\windows\system32\igfxexps.dll
2014-01-25 05:22 . 2014-01-25 05:22    25600    ----a-w-    c:\windows\SysWow64\igfxexps32.dll
2014-01-25 05:22 . 2014-01-25 05:22    624640    ----a-w-    c:\windows\system32\igfxdev.dll
2014-01-25 05:22 . 2014-01-25 05:22    4474368    ----a-w-    c:\windows\system32\igdusc64.dll
2014-01-25 05:22 . 2014-01-25 05:22    3558912    ----a-w-    c:\windows\SysWow64\igdusc32.dll
2014-01-25 05:22 . 2014-01-25 05:22    279040    ----a-w-    c:\windows\system32\igfxcpl.cpl
2014-01-25 05:22 . 2014-01-25 05:22    243712    ----a-w-    c:\windows\system32\igfxdo.dll
2014-01-25 05:22 . 2014-01-25 05:22    2065920    ----a-w-    c:\windows\system32\igfxcmjit64.dll
2014-01-25 05:22 . 2014-01-25 05:22    1815040    ----a-w-    c:\windows\SysWow64\igfxcmjit32.dll
2014-01-25 05:22 . 2014-01-25 05:22    163328    ----a-w-    c:\windows\system32\igfxcmrt64.dll
2014-01-25 05:22 . 2014-01-25 05:22    155136    ----a-w-    c:\windows\system32\igfx11cmrt64.dll
2014-01-25 05:22 . 2014-01-25 05:22    137728    ----a-w-    c:\windows\SysWow64\igfxcmrt32.dll
2014-01-25 05:22 . 2014-01-25 05:22    133120    ----a-w-    c:\windows\SysWow64\igfx11cmrt32.dll
2014-01-25 05:22 . 2014-01-25 05:22    12288    ----a-w-    c:\windows\system32\IGFXDEVLib.dll
2014-01-25 05:22 . 2014-01-25 05:22    19380224    ----a-w-    c:\windows\system32\igdumdim64.dll
2014-01-25 05:22 . 2014-01-25 05:22    18629632    ----a-w-    c:\windows\SysWow64\igdumdim32.dll
2014-01-25 05:22 . 2014-01-25 05:22    4221440    ----a-w-    c:\windows\system32\drivers\igdkmd64.sys
2014-01-25 05:22 . 2014-01-25 05:22    373760    ----a-w-    c:\windows\system32\igdmd64.dll
2014-01-25 05:22 . 2014-01-25 05:22    3224064    ----a-w-    c:\windows\system32\igdrcl64.dll
2014-01-25 05:22 . 2014-01-25 05:22    299520    ----a-w-    c:\windows\SysWow64\igdmd32.dll
2014-01-25 05:22 . 2014-01-25 05:22    2896384    ----a-w-    c:\windows\SysWow64\igdrcl32.dll
2014-01-25 05:22 . 2014-01-25 05:22    25971712    ----a-w-    c:\windows\system32\igdfcl64.dll
2014-01-25 05:22 . 2014-01-25 05:22    20954112    ----a-w-    c:\windows\SysWow64\igdfcl32.dll
2014-01-25 05:22 . 2014-01-25 05:22    329216    ----a-w-    c:\windows\system32\igdbcl64.dll
2014-01-25 05:22 . 2014-01-25 05:22    290816    ----a-w-    c:\windows\SysWow64\igdbcl32.dll
2014-01-25 05:22 . 2014-01-25 05:22    222208    ----a-w-    c:\windows\system32\igdde64.dll
2014-01-25 05:22 . 2014-01-25 05:22    182272    ----a-w-    c:\windows\SysWow64\igdde32.dll
2014-01-25 05:22 . 2014-01-25 05:22    160256    ----a-w-    c:\windows\system32\igdail64.dll
2014-01-25 05:22 . 2014-01-25 05:22    142848    ----a-w-    c:\windows\SysWow64\igdail32.dll
2014-01-25 05:22 . 2014-01-25 05:22    21088256    ----a-w-    c:\windows\system32\igd10iumd64.dll
2014-01-25 05:22 . 2014-01-25 05:22    20433408    ----a-w-    c:\windows\SysWow64\igd10iumd32.dll
2014-01-25 05:22 . 2014-01-25 05:22    7885824    ----a-w-    c:\windows\system32\ig7icd64.dll
2014-01-25 05:22 . 2014-01-25 05:22    6216192    ----a-w-    c:\windows\SysWow64\ig7icd32.dll
2014-01-25 05:22 . 2014-01-25 05:22    771544    ----a-w-    c:\windows\system32\hkcmd.exe
2014-01-25 05:22 . 2014-01-25 05:22    7597016    ----a-w-    c:\windows\system32\GfxUIEx.exe
2014-01-25 05:22 . 2014-01-25 05:22    755160    ----a-w-    c:\windows\system32\GfxUIHotKeyMenu.exe
2014-01-25 05:22 . 2014-01-25 05:22    224256    ----a-w-    c:\windows\system32\hccutils.dll
2014-01-25 05:22 . 2014-01-25 05:22    194560    ----a-w-    c:\windows\system32\gfxSrvc.dll
2014-01-25 05:22 . 2014-01-25 05:22    530904    ----a-w-    c:\windows\system32\DPTopologyApp.exe
2014-01-25 05:22 . 2014-01-25 05:22    2384896    ----a-w-    c:\windows\system32\GfxRes.dll
.
.
((((((((((((((((((((((((((   Pontos de Carregamento do Registro   )))))))))))))))))))))))))))))))))))))))
.
.
*Nota* entradas vazias e legítimas por padrão não são apresentadas.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09    131248    ----a-w-    c:\users\Byannkah\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09    131248    ----a-w-    c:\users\Byannkah\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09    131248    ----a-w-    c:\users\Byannkah\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2013-10-28 3675352]
"KiesPreload"="c:\program files (x86)\Samsung\Kies\Kies.exe" [2013-12-11 1564528]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2014-02-17 3767096]
"KiesTrayAgent"="c:\program files (x86)\Samsung\Kies\KiesTrayAgent.exe" [2013-12-11 311152]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-11-21 959904]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-07-02 254336]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"Application Restart 0"="c:\program files\Common Files\microsoft shared\ink\TabTip.exe" [2013-07-26 393416]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"EnableUIADesktopToggle"= 0 (0x0)
"EnableCursorSuppression"= 1 (0x1)
"ConsentPromptBehaviorUser"= 3 (0x3)
"DisableCAD"= 1 (0x1)
"SynchronousMachineGroupPolicy"= 1 (0x1)
"SynchronousUserGroupPolicy"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\ GbPluginBb]
2014-02-21 19:13    1582632    ----a-w-    c:\program files (x86)\GbPlugin\gbieh.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute    REG_MULTI_SZ       autocheck autochk *\0sdnclean64.exe
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
"IAStorIcon"=c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIconLaunch.exe "c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe" 60
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe"
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AutoUpdateDisableNotify"=dword:00000001
.
R1 Bfilter;Baidu Antivirus Minifilter Driver;c:\windows\System32\drivers\Bfilter.sys;c:\windows\SYSNATIVE\drivers\Bfilter.sys [x]
R1 Bfmon;Baidu FS Monitor Driver;c:\windows\System32\drivers\Bfmon.sys;c:\windows\SYSNATIVE\drivers\Bfmon.sys [x]
R1 Bprotect;Baidu Protect;c:\windows\System32\drivers\Bprotect.sys;c:\windows\SYSNATIVE\drivers\Bprotect.sys [x]
R3 aswStm;aswStm;c:\windows\system32\drivers\aswStm.sys;c:\windows\SYSNATIVE\drivers\aswStm.sys [x]
R3 BdApiUtil;BdApiUtil;c:\program files (x86)\Baidu Security\Baidu Antivirus\BdApiUtil64.sys;c:\program files (x86)\Baidu Security\Baidu Antivirus\BdApiUtil64.sys [x]
R3 BdCameraProtect;BdCameraProtect;c:\program files (x86)\Baidu Security\Baidu Antivirus\BdCameraProtect64.sys;c:\program files (x86)\Baidu Security\Baidu Antivirus\BdCameraProtect64.sys [x]
R3 BprotectEx;Baidu ProtectEx;c:\windows\System32\drivers\BprotectEx.sys;c:\windows\SYSNATIVE\drivers\BprotectEx.sys [x]
R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys;c:\windows\SYSNATIVE\DRIVERS\ssudbus.sys [x]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
R3 NvStUSB;NVIDIA Stereoscopic 3D USB driver;c:\windows\System32\drivers\nvstusb.sys;c:\windows\SYSNATIVE\drivers\nvstusb.sys [x]
R3 PCFApiUtil;PCFApiUtil;c:\program files (x86)\Baidu Security\PC Faster\4.0.0.0\PCFApiUtil64.sys;c:\program files (x86)\Baidu Security\PC Faster\4.0.0.0\PCFApiUtil64.sys [x]
R3 RSUSBVSTOR;RtsUVStor.Sys Realtek USB Card Reader;c:\windows\System32\Drivers\RtsUVStor.sys;c:\windows\SYSNATIVE\Drivers\RtsUVStor.sys [x]
R3 SmbDrv;SmbDrv;c:\windows\System32\drivers\Smb_driver_AMDASF.sys;c:\windows\SYSNATIVE\drivers\Smb_driver_AMDASF.sys [x]
R3 ssudmdm;SAMSUNG  Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudmdm.sys;c:\windows\SYSNATIVE\DRIVERS\ssudmdm.sys [x]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesDriver64.sys;c:\program files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesDriver64.sys [x]
R3 WSDScan;Suporte para Digitalização WSD;c:\windows\system32\DRIVERS\WSDScan.sys;c:\windows\SYSNATIVE\DRIVERS\WSDScan.sys [x]
R3 WUDFWpdMtp;WUDFWpdMtp;c:\windows\system32\DRIVERS\WUDFRd.sys;c:\windows\SYSNATIVE\DRIVERS\WUDFRd.sys [x]
R4 AtherosSvc;AtherosSvc;c:\program files (x86)\Dell Wireless\Bluetooth Suite\adminservice.exe;c:\program files (x86)\Dell Wireless\Bluetooth Suite\adminservice.exe [x]
R4 DellUpdate;Dell Update Service;c:\program files (x86)\Dell Update\DellUpService.exe;c:\program files (x86)\Dell Update\DellUpService.exe [x]
R4 IconMan_R;IconMan_R;c:\program files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe;c:\program files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe [x]
R4 jhi_service;Intel® Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe;c:\program files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [x]
R4 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [x]
R4 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [x]
R4 PDF Architect Helper Service;PDF Architect Helper Service;c:\program files (x86)\PDF Architect\HelperService.exe;c:\program files (x86)\PDF Architect\HelperService.exe [x]
R4 PDF Architect Service;PDF Architect Service;c:\program files (x86)\PDF Architect\ConversionService.exe;c:\program files (x86)\PDF Architect\ConversionService.exe [x]
R4 SDScannerService;Spybot-S&D 2 Scanner Service;c:\program files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe;c:\program files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [x]
R4 SDUpdateService;Spybot-S&D 2 Updating Service;c:\program files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe;c:\program files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [x]
R4 SDWSCService;Spybot-S&D 2 Security Center Service;c:\program files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe;c:\program files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [x]
R4 SftService;SoftThinks Agent Service;c:\program files (x86)\Dell Backup and Recovery\SftService.exe;c:\program files (x86)\Dell Backup and Recovery\SftService.exe [x]
R4 TurboBoost;Intel® Turbo Boost Technology Monitor 2.6;c:\program files\Intel\TurboBoost\TurboBoost.exe;c:\program files\Intel\TurboBoost\TurboBoost.exe [x]
R4 UNS;Intel® Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [x]
S0 aswRvrt;avast! Revert; [x]
S0 aswVmm;avast! VM Monitor; [x]
S0 iaStorA;iaStorA;c:\windows\System32\drivers\iaStorA.sys;c:\windows\SYSNATIVE\drivers\iaStorA.sys [x]
S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys;c:\windows\SYSNATIVE\DRIVERS\nvpciflt.sys [x]
S0 rtcrfilt64;Realtek Turbo Mode Filter Driver;c:\windows\System32\drivers\rtcrfilt64.sys;c:\windows\SYSNATIVE\drivers\rtcrfilt64.sys [x]
S0 sptd;sptd;c:\windows\\SystemRoot\System32\Drivers\sptd.sys;c:\windows\\SystemRoot\System32\Drivers\sptd.sys [x]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys;c:\windows\SYSNATIVE\drivers\aswSnx.sys [x]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys;c:\windows\SYSNATIVE\drivers\aswSP.sys [x]
S1 CLVirtualDrive;CLVirtualDrive;c:\windows\system32\DRIVERS\CLVirtualDrive.sys;c:\windows\SYSNATIVE\DRIVERS\CLVirtualDrive.sys [x]
S2 AERTFilters;Andrea RT Filters Service;c:\program files\Realtek\Audio\HDA\AERTSr64.exe;c:\program files\Realtek\Audio\HDA\AERTSr64.exe [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
S2 GbpSv;Gbp Service;c:\progra~2\GbPlugin\GbpSv.exe;c:\progra~2\GbPlugin\GbpSv.exe [x]
S2 RtkAudioService;Realtek Audio Service;c:\program files\Realtek\Audio\HDA\RtkAudioService64.exe;c:\program files\Realtek\Audio\HDA\RtkAudioService64.exe [x]
S2 SBUpd;SpeedBit Update;c:\program files\Common Files\SpeedBit\SBUpdate\sbu.exe;c:\program files\Common Files\SpeedBit\SBUpdate\sbu.exe [x]
S2 TurboB;Turbo Boost UI Monitor driver;c:\windows\system32\DRIVERS\TurboB.sys;c:\windows\SYSNATIVE\DRIVERS\TurboB.sys [x]
S3 AthBTPort;Qualcomm Atheros Virtual Bluetooth Class;c:\windows\system32\DRIVERS\btath_flt.sys;c:\windows\SYSNATIVE\DRIVERS\btath_flt.sys [x]
S3 BTATH_A2DP;Bluetooth A2DP Audio Driver;c:\windows\system32\drivers\btath_a2dp.sys;c:\windows\SYSNATIVE\drivers\btath_a2dp.sys [x]
S3 btath_avdt;Qualcomm Atheros Bluetooth AVDT Service;c:\windows\system32\drivers\btath_avdt.sys;c:\windows\SYSNATIVE\drivers\btath_avdt.sys [x]
S3 BTATH_BUS;Qualcomm Atheros Bluetooth Bus;c:\windows\System32\drivers\btath_bus.sys;c:\windows\SYSNATIVE\drivers\btath_bus.sys [x]
S3 BTATH_HCRP;Bluetooth HCRP Server driver;c:\windows\System32\drivers\btath_hcrp.sys;c:\windows\SYSNATIVE\drivers\btath_hcrp.sys [x]
S3 BTATH_LWFLT;Bluetooth LWFLT Device;c:\windows\system32\DRIVERS\btath_lwflt.sys;c:\windows\SYSNATIVE\DRIVERS\btath_lwflt.sys [x]
S3 BTATH_RCP;Bluetooth AVRCP Device;c:\windows\System32\drivers\btath_rcp.sys;c:\windows\SYSNATIVE\drivers\btath_rcp.sys [x]
S3 BtFilter;BtFilter;c:\windows\system32\DRIVERS\btfilter.sys;c:\windows\SYSNATIVE\DRIVERS\btfilter.sys [x]
S3 BthLEEnum;Driver de Baixa Energia do Bluetooth;c:\windows\system32\DRIVERS\BthLEEnum.sys;c:\windows\SYSNATIVE\DRIVERS\BthLEEnum.sys [x]
S3 IntcDAud;Áudio do vídeo Intel®;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
S3 RTL8168;Realtek 8168 NT Driver;c:\windows\system32\DRIVERS\Rt630x64.sys;c:\windows\SYSNATIVE\DRIVERS\Rt630x64.sys [x]
S3 SBUpdd;SpeedBit UpdateD;c:\program files\Common Files\SpeedBit\SBUpdate\sbw.sys;c:\program files\Common Files\SpeedBit\SBUpdate\sbw.sys [x]
S3 SmbDrvI;SmbDrvI;c:\windows\System32\drivers\Smb_driver_Intel.sys;c:\windows\SYSNATIVE\drivers\Smb_driver_Intel.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-03-16 14:11    1150280    ----a-w-    c:\program files (x86)\Google\Chrome\Application\33.0.1750.154\Installer\chrmstp.exe
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{A6EADE66-0000-0000-484E-7E8A45000000}]
2013-09-05 14:04    215416    ----a-w-    c:\program files (x86)\Adobe\Reader 11.0\Esl\AiodLite.dll
.
Conteúdo da pasta 'Tarefas Agendadas'
.
2014-04-05 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-08-19 00:02]
.
2014-04-05 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-08-18 23:50]
.
2014-04-05 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-08-18 23:50]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2014-02-17 00:21    287280    ----a-w-    c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DBARFileBackuped]
@="{831cebdd-6baf-4432-be76-9e0989c14aef}"
[HKEY_CLASSES_ROOT\CLSID\{831cebdd-6baf-4432-be76-9e0989c14aef}]
2012-06-02 20:25    445512    ----a-w-    c:\windows\System32\mscoree.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DBARFileNotBackuped]
@="{275e4fd7-21ef-45cf-a836-832e5d2cc1b3}"
[HKEY_CLASSES_ROOT\CLSID\{275e4fd7-21ef-45cf-a836-832e5d2cc1b3}]
2012-06-02 20:25    445512    ----a-w-    c:\windows\System32\mscoree.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09    164016    ----a-w-    c:\users\Byannkah\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09    164016    ----a-w-    c:\users\Byannkah\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09    164016    ----a-w-    c:\users\Byannkah\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09    164016    ----a-w-    c:\users\Byannkah\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2014-01-25 391128]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2014-01-25 771544]
"Persistence"="c:\windows\system32\igfxpers.exe" [2014-01-25 770520]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RtkNGUI64.exe" [2013-11-04 7204568]
"RtHDVBg"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2013-11-05 1361112]
"RtHDVBg_PushButton"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2013-11-05 1361112]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=c:\windows\System32\nvinitx.dll
.
------- Scan Suplementar -------
.
uStart Page = hxxp://start.pcfaster.com?_bid=3c5e1537c71f23910b6fd462918015fd&_t=hpsf
mStart Page = hxxp://start.pcfaster.com?_bid=3c5e1537c71f23910b6fd462918015fd&_t=hpsf
uSearchAssistant = hxxp://www.bing.com/search?q={searchTerms}
IE: &Enviar para o OneNote - c:\progra~1\MICROS~1\Office15\ONBttnIE.dll/105
IE: E&xportar para o Microsoft Excel - c:\progra~2\MICROS~2\Office12\EXCEL.EXE/3000
Trusted Zone: bancobrasil.com.br\www
Trusted Zone: bancobrasil.com.br\www14
Trusted Zone: bancobrasil.com.br\www2
Trusted Zone: bb.com.br\www
TCP: DhcpNameServer = 192.168.25.1
FF - ProfilePath - c:\users\Byannkah\AppData\Roaming\Mozilla\Firefox\Profiles\rjwszd5q.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://start.pcfaster.com?_bid=3c5e1537c71f23910b6fd462918015fd&_t=hpsf
FF - prefs.js: keyword.URL - hxxp://www.google.com/search?rls=org.mozilla:en-US:official&client=firefox-a&q=
.
- - - - ORFÃOS REMOVIDOS - - - -
.
Toolbar-Locked - (no file)
Toolbar-10 - (no file)
Wow6432Node-HKCU-Run-KiesAirMessage - c:\program files (x86)\Samsung\Kies\KiesAirMessage.exe
Wow6432Node-HKLM-Run-fst_br_69 - (no file)
Notify-SDWinLogon - SDWinLogon.dll
BHO-{11111111-1111-1111-1111-110511071176} - c:\program files (x86)\Plus-HD-7.5\Plus-HD-7.5-bho64.dll
BHO-{EA34C851-D481-49F5-A356-3A8B0A8F3B7E} - c:\program files (x86)\Discount Dragon\FrameworkBHO64.dll
Toolbar-Locked - (no file)
Toolbar-10 - (no file)
AddRemove-Plus-HD-7.5 - c:\program files (x86)\Plus-HD-7.5\Uninstall.exe
AddRemove-{36386dc9-8543-4b12-ae6b-220fd52f19f3}_is1 - c:\users\Byannkah\AppData\Roaming\unins000.exe
.
.
.
--------------------- CHAVES DO REGISTRO BLOQUEADAS ---------------------
.
[HKEY_USERS\S-1-5-21-2611327476-469100910-658951733-1002CsiTool-CreateHive-{00000000-0000-0000-0000-000000000000}\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pdf]
@DACL=(02 0000)
@SACL=
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*]
@="?????????????????? v1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*\CLSID]
@="{E23FE9C6-778E-49D4-B537-38FCDE4887D8}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*]
@="?????????????????? v2"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*\CLSID]
@="{9BE31822-FDAD-461B-AD51-BE1D1C159921}"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4d36e96d-e325-11ce-bfc1-08002be10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
@SACL=(02 0000)
.
------------------------ Outros Processos em Execução ------------------------
.
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\program files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe
c:\program files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
.
**************************************************************************
.
Tempo para conclusão: 2014-04-05  14:42:11 - Máquina reiniciou
ComboFix-quarantined-files.txt  2014-04-05 17:42
.
Pré-execução: 809.943.437.312 bytes disponíveis
Pós execução: 811.448.893.440 bytes disponíveis
.
- - End Of File - - D6CEE5731273A86F9A6598DF0A5C316E

Compartilhar este post


Link para o post
Compartilhar em outros sites

Baixe o Kaspersky AVP Tool de um desses 2 links:

http://devbuilds.kaspersky-labs.com/devbuilds/AVPTool/

http://dnl-us6.kaspersky-labs.com/devbuilds/AVPTool/

Você será conduzido a uma página da Kaspersky, solicitando um email para cadastro, nome e sobrenome. Somente o campo "email" é obrigatório.

Informe seu email depois clique no botão Submit Form.

A página será recarregada. Clique no botão Download

Salve-o em sua área de trabalho.

Execute o arquivo e aguarde a instalação.

** Usuários do Windows Vista e Windows 7:

Clique com o direito sobre o arquivo, depois clique em Executar como administrador

Na tela do contrato de licença, marque a opção I accept the license agreement e depois clique no botão Start. Aparentemente o programa congela e nada acontece. É normal, apenas aguarde até aparecer a tela inicial do programa, e então clique no ícone Settings:

KRT_settings.png

Nesta tela, marque a caixa ao lado de:

  • Meu Computador
  • Disco local (C:)
Marque também todas as unidades que aparecem abaixo de Disco Local, caso houverem. Depois clique na aba Automatic Scan

KRT_install2_.png

De volta à tela inicial do programa, clique no botão Start scanning

Tenha paciência, é um pouco demorado.

Quando terminar, caso tenha detectado algo, o programa irá lhe perguntar o que fazer.

Marque o quadradinho ao lado de Apply to all objects e depois clique em Skip (queremos apenas o log).

KRT_detection_.png

Enquanto durar o exame, a tela inicial exibirá uma barra de progresso. Quando terminar, o programa exibirá o status concluído e um botão que ficará na cor laranja, caso nada tenha sido detectado, e na cor vermelha, caso tenha encontrado algo.

Caso tenha detectado algo, o programa também exibirá uma tela de alerta, avisando que o seu sistema está desprotegido e sugerindo um produto da Kaspersky. Clique no botão No, thanks.

De volta à tela principal, caso tenha sido detectado algo, então salve o log. Se você fechar o programa e esquecer de salvar o log, terá que repetir todo o scan novamente.

Para salvar o log, clique no ícone Reports (ao lado do ícone "Settings"). Na próxima janela, clique em Detected Threats, depois clique no ícone de disquete para salvar o log.

Escolha um local de fácil acesso e salve como log.txt

Copie todo o conteúdo desse bloco de notas e cole na sua próxima resposta.

Se nada for detectado, então não precisa salvar o log. Apenas poste aqui avisando.

Para sair do programa, basta clicar no X no canto superior direito.

Compartilhar este post


Link para o post
Compartilhar em outros sites





Sobre o Clube do Hardware

No ar desde 1996, o Clube do Hardware é uma das maiores, mais antigas e mais respeitadas publicações sobre tecnologia do Brasil. Leia mais

Direitos autorais

Não permitimos a cópia ou reprodução do conteúdo do nosso site, fórum, newsletters e redes sociais, mesmo citando-se a fonte. Leia mais

×