Ir ao conteúdo
  • Cadastre-se
Jorge Fernando Dos Reis

Remoção de Vírus

Recommended Posts

Boa Noite, recentemente meu navegador (Mozila Firefox) e outros programas se tornaram lentos, quando antes eram constantes. Reparei que o uso do cpu aumenta muito quando faço qualquer coisa, as vezes até sem executar nada. Tentei inclusive restaurar o sistema, mas não consegui, quando reinciava falava que não tinha sido possível restaurar.
Enfim, segue os logs de acordo com a instruções do forum.

 

----------DDS.txt----------

 

DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 11.0.9600.17041
Run by Jorge e Priscila at 23:06:03 on 2014-05-21
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.55.1046.18.8103.7002 [GMT -3:00]
.
AV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
.
============== Running Processes ===============
.
C:\windows\system32\lsm.exe
C:\windows\system32\svchost.exe -k DcomLaunch
C:\windows\system32\nvvsvc.exe
C:\windows\system32\svchost.exe -k RPCSS
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\windows\system32\svchost.exe -k LocalService
C:\windows\system32\svchost.exe -k netsvcs
C:\windows\system32\svchost.exe -k NetworkService
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\windows\system32\nvvsvc.exe
C:\windows\system32\WLANExt.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\windows\System32\spoolsv.exe
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe
C:\windows\system32\taskhost.exe
C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
C:\windows\system32\Dwm.exe
C:\windows\Explorer.EXE
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\windows\system32\taskeng.exe
C:\windows\system32\taskeng.exe
C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
C:\Program Files (x86)\Samsung\Easy Display Manager\dmhkcore.exe
C:\Program Files (x86)\Samsung\Easy Display Manager\WifiManager.exe
C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
C:\windows\system32\igfxext.exe
C:\windows\system32\igfxsrvc.exe
C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
C:\Program Files (x86)\CyberLink\Media+Player10\Media+Player10Serv.exe
C:\windows\system32\hkcmd.exe
C:\windows\system32\igfxtray.exe
C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\windows\system32\igfxpers.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\Samsung\SamsungFastStart\SmartRestarter.exe
C:\Program Files (x86)\SAMSUNG\EasySpeedUpManager\EasySpeedUpManager.exe
C:\windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files (x86)\Samsung\Movie Color Enhancer\MovieColorEnhancer.exe
C:\Program Files (x86)\Samsung\Samsung Support Center\SSCKbdHk.exe
C:\Program Files (x86)\Samsung\Samsung Update Plus\SUPBackground.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
C:\windows\system32\svchost.exe -k imgsvc
C:\windows\System32\svchost.exe -k secsvcs
C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
C:\windows\system32\SearchIndexer.exe
C:\windows\system32\wuauclt.exe
C:\windows\system32\wbem\wmiprvse.exe
C:\windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://samsung.msn.com
uDefault_Page_URL = hxxp://samsung.msn.com
uProxyOverride = <local>
mWinlogon: Userinit = userinit.exe
BHO: IEExtension.VDownloaderBHO: {7b523e7c-f096-4e36-a0cb-7efeb5c675c1} -
BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Samsung BHO Class: {AA609D72-8482-4076-8991-8CDAE5B93BCB} - C:\Program Files\Samsung AnyWeb Print\W2PBrowser.dll
uRun: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
uRun: [Google Update] "C:\Users\Jorge e Priscila\AppData\Local\Google\Update\GoogleUpdate.exe" /c
uRun: [uTorrent] "C:\Users\Jorge e Priscila\AppData\Roaming\uTorrent\uTorrent.exe"  /MINIMIZED
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
mRun: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
mRun: [LogMeIn Hamachi Ui] "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: Enviar imagem para Dispositivo &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Enviar página para Dispositivo &Bluetooth ... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print 2.0\smartprintsetup.exe
IE: {328ECD19-C167-40eb-A0C7-16FE7634105E} - {94BB0C4C-B957-479A-85E4-42F53B89F681} - C:\Program Files\Samsung AnyWeb Print\W2PBrowser.dll
IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
TCP: NameServer = 201.17.0.63 201.17.0.93 201.6.4.116
TCP: Interfaces\{C06B7043-8212-47A7-9FFD-4DCB7A491F75} : DHCPNameServer = 201.17.0.63 201.17.0.93 201.6.4.116
TCP: Interfaces\{C06B7043-8212-47A7-9FFD-4DCB7A491F75}\34C414554494F4 : DHCPNameServer = 10.0.0.1
TCP: Interfaces\{C06B7043-8212-47A7-9FFD-4DCB7A491F75}\34C616574696F6 : DHCPNameServer = 192.168.1.1 192.168.1.1
TCP: Interfaces\{C06B7043-8212-47A7-9FFD-4DCB7A491F75}\46C696E6B6 : DHCPNameServer = 10.1.1.1
TCP: Interfaces\{C06B7043-8212-47A7-9FFD-4DCB7A491F75}\7594D2649402554594C4 : DHCPNameServer = 192.168.1.1 192.168.1.1
TCP: Interfaces\{C06B7043-8212-47A7-9FFD-4DCB7A491F75}\C696E6B6379737 : DHCPNameServer = 146.164.3.34 146.164.10.2
TCP: Interfaces\{C06B7043-8212-47A7-9FFD-4DCB7A491F75}\D457C64796C616375627F575350313 : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{C06B7043-8212-47A7-9FFD-4DCB7A491F75}\E43454F5556425A4 : DHCPNameServer = 146.164.10.2 200.20.116.66
TCP: Interfaces\{ED4CA2DB-C2E9-41F9-81B2-A6F71085F4D3} : DHCPNameServer = 10.1.1.1
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
AppInit_DLLs= C:\windows\SysWOW64\nvinit.dll
SSODL: WebCheck - <orphaned>
x64-BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
x64-BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
x64-TB: avast! Online Security: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - LocalServer32 - <no file>
x64-Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
x64-Run: [synTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe
x64-IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-Notify: igfxcui - igfxdev.dll
x64-SSODL: WebCheck - <orphaned>
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Jorge e Priscila\AppData\Roaming\Mozilla\Firefox\Profiles\exomlp9y.default-1400683029636\
FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
FF - plugin: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\Users\Jorge e Priscila\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll
FF - plugin: C:\Users\Jorge e Priscila\AppData\Local\Google\Update\1.3.24.7\npGoogleUpdate3.dll
FF - plugin: C:\windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll
.
============= SERVICES / DRIVERS ===============
.
R0 aswRvrt;avast! Revert;C:\windows\System32\drivers\aswRvrt.sys [2013-5-29 65776]
R0 aswVmm;avast! VM Monitor;C:\windows\System32\drivers\aswVmm.sys [2013-5-29 208416]
R0 nvpciflt;nvpciflt;C:\windows\System32\drivers\nvpciflt.sys [2012-7-7 28992]
R1 aswSnx;aswSnx;C:\windows\System32\drivers\aswsnx.sys [2012-9-5 1039096]
R1 aswSP;aswSP;C:\windows\System32\drivers\aswsp.sys [2012-9-5 423240]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;C:\windows\System32\drivers\dtsoftbus01.sys [2013-8-25 283064]
R1 SABI;SAMSUNG Kernel Driver For Windows 7;C:\windows\System32\drivers\SABI.sys [2011-7-15 13824]
R2 aswHwid;avast! HardwareID;C:\windows\System32\drivers\aswHwid.sys [2014-4-24 29208]
R2 aswMonFlt;aswMonFlt;C:\windows\System32\drivers\aswMonFlt.sys [2012-9-5 79184]
R2 Autodesk Content Service;Autodesk Content Service;C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [2011-2-2 18656]
R2 avast! Antivirus;avast! Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2014-4-24 50344]
R2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe [2014-5-13 2228048]
R2 LMIGuardianSvc;LMIGuardianSvc;C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [2014-4-15 377616]
R2 TurboB;Turbo Boost UI Monitor driver;C:\windows\System32\drivers\TurboB.sys [2010-10-8 19192]
R2 UNS;Intel® Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2011-7-15 2655768]
R3 clwvd;CyberLink WebCam Virtual Driver;C:\windows\System32\drivers\clwvd.sys [2010-11-10 31088]
R3 huawei_enumerator;huawei_enumerator;C:\windows\System32\drivers\ew_jubusenum.sys [2013-3-15 86016]
R3 IntcDAud;Intel® Display Audio;C:\windows\System32\drivers\IntcDAud.sys [2011-7-16 317440]
R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;C:\windows\System32\drivers\nusb3hub.sys [2010-12-3 80384]
R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;C:\windows\System32\drivers\nusb3xhc.sys [2010-12-3 181248]
R3 RTL8167;Realtek 8167 NT Driver;C:\windows\System32\drivers\Rt64win7.sys [2011-7-15 533096]
R3 Sftfs;Sftfs;C:\windows\System32\drivers\Sftfslh.sys [2013-6-26 767144]
R3 Sftplay;Sftplay;C:\windows\System32\drivers\Sftplaylh.sys [2013-6-26 273576]
R3 Sftvol;Sftvol;C:\windows\System32\drivers\Sftvollh.sys [2013-6-26 23208]
R3 sftvsa;Application Virtualization Service Agent;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2013-6-26 207528]
S2 aswStm;aswStm;C:\windows\System32\drivers\aswstm.sys [2014-2-3 85328]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-9-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-9-11 124088]
S2 cvhsvc;Client Virtualization Handler;C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE [2013-4-22 822504]
S2 sftlist;Application Virtualization Client;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2013-6-26 523944]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-9-5 171680]
S3 BprotectEx;Baidu ProtectEx;C:\windows\System32\drivers\BprotectEx.sys [2013-8-25 76096]
S3 BTWAMPFL;BTWAMPFL;C:\windows\System32\drivers\btwampfl.sys [2012-7-6 348712]
S3 btwl2cap;Bluetooth L2CAP Service;C:\windows\System32\drivers\btwl2cap.sys [2012-7-6 39464]
S3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device;C:\windows\System32\drivers\ew_hwusbdev.sys [2013-3-15 117248]
S3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2012-10-20 1431888]
S3 huawei_cdcacm;huawei_cdcacm;C:\windows\System32\drivers\ew_jucdcacm.sys [2013-3-15 98816]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\windows\System32\ieetwcollector.exe [2014-4-13 111616]
S3 npggsvc;nProtect GameGuard Service;C:\windows\System32\GameMon.des -service --> C:\windows\System32\GameMon.des -service [?]
S3 Samsung UPD Service;Samsung UPD Service;C:\windows\System32\SUPDSvc.exe [2011-7-16 166704]
S3 Sftredir;Sftredir;C:\windows\System32\drivers\Sftredirlh.sys [2013-6-26 28840]
S3 TsUsbFlt;TsUsbFlt;C:\windows\System32\drivers\TsUsbFlt.sys [2010-11-21 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\windows\System32\drivers\TsUsbGD.sys [2010-11-21 31232]
S3 TurboBoost;Intel® Turbo Boost Technology Monitor 2.0;C:\Program Files\Intel\TurboBoost\TurboBoost.exe [2010-10-8 150016]
S3 WatAdminSvc;Serviço de Tecnologias de Ativação do Windows;C:\windows\System32\Wat\WatAdminSvc.exe [2012-7-8 1255736]
S3 WSDScan;Suporte de Digitalização WSD via UMB;C:\windows\System32\drivers\WSDScan.sys [2009-7-13 25088]
S4 HWDeviceService64.exe;HWDeviceService64.exe;C:\ProgramData\DatacardService\HWDeviceService64.exe -/service --> C:\ProgramData\DatacardService\HWDeviceService64.exe -/service [?]
S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]
.
=============== File Associations ===============
.
FileExt: .scr: AutoCADScriptFile=C:\windows\System32\notepad.exe "%1"
.
=============== Created Last 30 ================
.
2014-05-21 02:24:29    75888    ----a-w-    C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{CACB3C16-8CBD-4604-B872-609FBCD99DFF}\offreg.dll
2014-05-21 00:21:11    10651704    ----a-w-    C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{CACB3C16-8CBD-4604-B872-609FBCD99DFF}\mpengine.dll
2014-05-18 00:12:24    163504    ----a-w-    C:\ProgramData\Microsoft\Windows\Sqm\Manifest\Sqm10145.bin
2014-05-15 23:19:37    --------    d-----w-    C:\Program Files (x86)\LogMeIn Hamachi
2014-05-14 06:03:36    2724864    ----a-w-    C:\windows\SysWow64\mshtml.tlb
2014-05-14 06:03:36    2724864    ----a-w-    C:\windows\System32\mshtml.tlb
2014-05-14 00:57:05    1460736    ----a-w-    C:\windows\System32\lsasrv.dll
2014-05-14 00:57:03    728064    ----a-w-    C:\windows\System32\kerberos.dll
2014-05-14 00:57:02    550912    ----a-w-    C:\windows\SysWow64\kerberos.dll
2014-05-14 00:57:02    3969984    ----a-w-    C:\windows\SysWow64\ntkrnlpa.exe
2014-05-14 00:57:02    3914176    ----a-w-    C:\windows\SysWow64\ntoskrnl.exe
2014-05-14 00:57:01    722944    ----a-w-    C:\windows\System32\objsel.dll
2014-05-14 00:57:01    455168    ----a-w-    C:\windows\System32\winlogon.exe
2014-05-14 00:57:01    314880    ----a-w-    C:\windows\System32\msv1_0.dll
2014-05-14 00:57:01    259584    ----a-w-    C:\windows\SysWow64\msv1_0.dll
2014-05-14 00:57:00    5550016    ----a-w-    C:\windows\System32\ntoskrnl.exe
2014-05-13 22:39:26    477184    ----a-w-    C:\windows\System32\aepdu.dll
2014-05-13 22:39:24    424448    ----a-w-    C:\windows\System32\aeinv.dll
2014-05-10 14:33:09    965232    ----a-w-    C:\Program Files (x86)\Mozilla Firefox\icuuc52.dll
2014-05-10 14:33:09    1266800    ----a-w-    C:\Program Files (x86)\Mozilla Firefox\icuin52.dll
2014-05-10 14:33:09    10594416    ----a-w-    C:\Program Files (x86)\Mozilla Firefox\icudt52.dll
2014-05-07 05:17:27    --------    d-s---w-    C:\windows\System32\CompatTel
2014-05-06 22:30:09    --------    d-----w-    C:\ProgramData\Malwarebytes
2014-04-24 22:41:35    29208    ----a-w-    C:\windows\System32\drivers\aswHwid.sys
2014-04-24 22:41:33    43152    ----a-w-    C:\windows\avastSS.scr
2014-04-23 18:08:27    81768    ----a-w-    C:\windows\SysWow64\xinput1_3.dll
2014-04-23 18:08:27    107368    ----a-w-    C:\windows\System32\xinput1_3.dll
.
==================== Find3M  ====================
.
2014-05-15 23:23:53    85328    ----a-w-    C:\windows\System32\drivers\aswstm.sys
2014-05-15 23:23:53    1039096    ----a-w-    C:\windows\System32\drivers\aswsnx.sys
2014-05-13 19:52:43    70832    ----a-w-    C:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-05-13 19:52:43    692400    ----a-w-    C:\windows\SysWow64\FlashPlayerApp.exe
2014-04-24 22:41:34    79184    ----a-w-    C:\windows\System32\drivers\aswMonFlt.sys
2014-04-24 22:41:34    65776    ----a-w-    C:\windows\System32\drivers\aswRvrt.sys
2014-04-24 22:41:34    208416    ----a-w-    C:\windows\System32\drivers\aswVmm.sys
2014-04-24 22:41:33    93568    ----a-w-    C:\windows\System32\drivers\aswRdr2.sys
2014-04-12 02:22:05    95680    ----a-w-    C:\windows\System32\drivers\ksecdd.sys
2014-04-12 02:22:05    155072    ----a-w-    C:\windows\System32\drivers\ksecpkg.sys
2014-04-12 02:19:38    29184    ----a-w-    C:\windows\System32\sspisrv.dll
2014-04-12 02:19:38    136192    ----a-w-    C:\windows\System32\sspicli.dll
2014-04-12 02:19:37    28160    ----a-w-    C:\windows\System32\secur32.dll
2014-04-12 02:19:05    31232    ----a-w-    C:\windows\System32\lsass.exe
2014-04-12 02:12:06    22016    ----a-w-    C:\windows\SysWow64\secur32.dll
2014-04-12 02:10:56    96768    ----a-w-    C:\windows\SysWow64\sspicli.dll
2014-03-31 12:35:08    270496    ------w-    C:\windows\System32\MpSigStub.exe
2014-03-06 09:31:33    4096    ----a-w-    C:\windows\System32\ieetwcollectorres.dll
2014-03-06 08:59:04    66048    ----a-w-    C:\windows\System32\iesetup.dll
2014-03-06 08:57:34    548352    ----a-w-    C:\windows\System32\vbscript.dll
2014-03-06 08:57:20    48640    ----a-w-    C:\windows\System32\ieetwproxystub.dll
2014-03-06 08:29:40    139264    ----a-w-    C:\windows\System32\ieUnatt.exe
2014-03-06 08:29:14    111616    ----a-w-    C:\windows\System32\ieetwcollector.exe
2014-03-06 08:28:15    752640    ----a-w-    C:\windows\System32\jscript9diag.dll
2014-03-06 08:15:54    940032    ----a-w-    C:\windows\System32\MsSpellCheckingFacility.exe
2014-03-06 08:11:41    5784064    ----a-w-    C:\windows\System32\jscript9.dll
2014-03-06 08:02:34    61952    ----a-w-    C:\windows\SysWow64\iesetup.dll
2014-03-06 08:02:33    455168    ----a-w-    C:\windows\SysWow64\vbscript.dll
2014-03-06 08:01:01    51200    ----a-w-    C:\windows\SysWow64\ieetwproxystub.dll
2014-03-06 07:56:43    38400    ----a-w-    C:\windows\System32\JavaScriptCollectionAgent.dll
2014-03-06 07:46:36    4254720    ----a-w-    C:\windows\SysWow64\jscript9.dll
2014-03-06 07:38:13    112128    ----a-w-    C:\windows\SysWow64\ieUnatt.exe
2014-03-06 07:36:40    592896    ----a-w-    C:\windows\SysWow64\jscript9diag.dll
2014-03-06 07:13:43    32256    ----a-w-    C:\windows\SysWow64\JavaScriptCollectionAgent.dll
2014-03-06 07:11:15    2043904    ----a-w-    C:\windows\System32\inetcpl.cpl
2014-03-06 06:40:39    1967104    ----a-w-    C:\windows\SysWow64\inetcpl.cpl
2014-03-06 06:22:40    2260480    ----a-w-    C:\windows\System32\wininet.dll
2014-03-06 05:41:49    1789440    ----a-w-    C:\windows\SysWow64\wininet.dll
2014-03-04 09:44:21    362496    ----a-w-    C:\windows\System32\wow64win.dll
2014-03-04 09:44:21    243712    ----a-w-    C:\windows\System32\wow64.dll
2014-03-04 09:44:21    13312    ----a-w-    C:\windows\System32\wow64cpu.dll
2014-03-04 09:44:20    39936    ----a-w-    C:\windows\System32\wincredprovider.dll
2014-03-04 09:44:10    210944    ----a-w-    C:\windows\System32\wdigest.dll
2014-03-04 09:44:08    86528    ----a-w-    C:\windows\System32\TSpkg.dll
2014-03-04 09:44:06    340992    ----a-w-    C:\windows\System32\schannel.dll
2014-03-04 09:44:03    16384    ----a-w-    C:\windows\System32\ntvdm64.dll
2014-03-04 09:44:00    424960    ----a-w-    C:\windows\System32\KernelBase.dll
2014-03-04 09:43:56    57344    ----a-w-    C:\windows\System32\cngprovider.dll
2014-03-04 09:43:56    52736    ----a-w-    C:\windows\System32\dpapiprovider.dll
2014-03-04 09:43:56    44544    ----a-w-    C:\windows\System32\dimsroam.dll
2014-03-04 09:43:56    22016    ----a-w-    C:\windows\System32\credssp.dll
2014-03-04 09:43:55    56832    ----a-w-    C:\windows\System32\adprovider.dll
2014-03-04 09:43:55    53760    ----a-w-    C:\windows\System32\capiprovider.dll
2014-03-04 09:16:54    25600    ----a-w-    C:\windows\SysWow64\setup16.exe
2014-03-04 09:16:18    5120    ----a-w-    C:\windows\SysWow64\wow32.dll
2014-03-04 09:16:18    274944    ----a-w-    C:\windows\SysWow64\KernelBase.dll
2014-03-04 08:09:30    7680    ----a-w-    C:\windows\SysWow64\instnm.exe
2014-03-04 08:09:29    2048    ----a-w-    C:\windows\SysWow64\user.exe
.
============= FINISH: 23:07:50,31 ===============
 

------------------Attach.txt----------------------

 

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 7 Home Premium
Boot Device: \Device\HarddiskVolume1
Install Date: 06/07/2012 19:48:48
System Uptime: 20/05/2014 23:03:02 (24 hours ago)
.
Motherboard: SAMSUNG ELECTRONICS CO., LTD. |  | RF511/RF411/RF711
Processor: Intel® Core i5-2450M CPU @ 2.50GHz | CPU 1 | 775/100mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 178 GiB total, 59,032 GiB free.
D: is FIXED (NTFS) - 266 GiB total, 92,285 GiB free.
E: is CDROM ()
F: is CDROM (UDF)
.
==== Disabled Device Manager Items =============
.
Class GUID: {e0cbf06c-cd8b-4647-bb8a-263b43f0f974}
Description: Broadcom BCM2070 Bluetooth 3.0 + HS USB Device
Device ID: USB\VID_0A5C&PID_219C\90A4DEE491F1
Manufacturer: Broadcom
Name: Broadcom BCM2070 Bluetooth 3.0 + HS USB Device
PNP Device ID: USB\VID_0A5C&PID_219C\90A4DEE491F1
Service: BTHUSB
.
Class GUID: {4d36e97d-e325-11ce-bfc1-08002be10318}
Description: Controlador de High Definition Audio
Device ID: PCI\VEN_10DE&DEV_0BEA&SUBSYS_00000000&REV_A1\4&21A9360A&0&0108
Manufacturer: Microsoft
Name: Controlador de High Definition Audio
PNP Device ID: PCI\VEN_10DE&DEV_0BEA&SUBSYS_00000000&REV_A1\4&21A9360A&0&0108
Service: HDAudBus
.
==== System Restore Points ===================
.
RP275: 06/05/2014 18:54:41 - Windows Update
RP276: 07/05/2014 01:08:44 - Operação de restauração
RP277: 07/05/2014 01:14:11 - avast! antivirus system restore point
RP278: 07/05/2014 01:23:24 - Windows Update
RP279: 07/05/2014 01:24:55 - Operação de restauração
RP280: 07/05/2014 01:30:50 - avast! antivirus system restore point
RP281: 07/05/2014 01:36:46 - Windows Update
RP282: 07/05/2014 15:07:50 - Removed NCsoft Launcher
RP283: 07/05/2014 15:09:24 - Removed Lineage II
RP284: 07/05/2014 15:10:18 - Removed Python 3.3.2
RP285: 07/05/2014 15:24:25 - Removed Samsung Recovery Solution 5
RP286: 13/05/2014 18:28:38 - Windows Update
RP287: 14/05/2014 03:00:23 - Windows Update
RP288: 20/05/2014 21:20:12 - Windows Update
.
==== Installed Programs ======================
.
???? ??? Windows Live
???? Windows Live
????? Windows Live
?????? ??????? ?? Windows Live
???????? ?????????? Windows Live
?????????? Windows Live
??????????? ?? Windows Live
Adobe AIR
Adobe Flash Player 13 ActiveX
Adobe Flash Player 13 Plugin
Adobe Reader XI (11.0.06) - Português
Agatha Christie - Death on the Nile
µTorrent
Atualizações da NVIDIA 1.8.15
AutoCAD 2012 - English
AutoCAD 2012 Language Pack - English
Autodesk Content Service
Autodesk Inventor Fusion 2012
Autodesk Inventor Fusion 2012 Language Pack
Autodesk Inventor Fusion plug-in for AutoCAD 2012
Autodesk Inventor Fusion plug-in language pack for AutoCAD 2012
Autodesk Material Library 2012
Autodesk Material Library Base Resolution Image Library 2012
avast! Free Antivirus
„Windows Live Essentials“
„Windows Live Mail“
„Windows Live Messenger“
„Windows Live“ fotogalerija
BatteryLifeExtender
Bejeweled 2 Deluxe
Broadcom 802.11 Network Adapter
Build-a-lot
ChargeableUSB
Chuzzle Deluxe
CyberLink Media Suite
CyberLink Media+ Player10
CyberLink MediaShow
CyberLink Power2Go
CyberLink PowerDirector
CyberLink YouCam
D3DX10
DAEMON Tools Lite
Diner Dash 2 Restaurant Rescue
Easy Content Share
Easy Display Manager
Easy Migration
Easy Network Manager
Easy SpeedUp Manager
EasyBatteryManager
EasyFileShare
Facebook Video Calling 2.0.0.447
Farm Frenzy
Fast Start
Fotogalerija Windows Live
Galeria de Fotografias do Windows Live
Galeria fotografii uslugi Windows Live
Galerie de photos Windows Live
Galerie foto Windows Live
Galería fotográfica de Windows Live
Google Chrome
HP Deskjet 4620 series Ajuda
HP Deskjet 4620 series Estudo de aprimoramento de produtos
HP Deskjet 4620 series Software básico do dispositivo
HP Update
I.R.I.S. OCR
Insaniquarium Deluxe
Intel® Control Center
Intel® Management Engine Components
Intel® Processor Graphics
Intel® Rapid Storage Technology
Java 7 Update 17 (64-bit)
John Deere Drive Green
Junk Mail filter update
LogMeIn Hamachi
Mesh Runtime
Microsoft .NET Framework 4.5.1
Microsoft .NET Framework 4.5.1 (Português do Brasil)
Microsoft .NET Framework 4.5.1 (PTB)
Microsoft Application Error Reporting
Microsoft Office 2010
Microsoft Office com Clique para Executar 2010
Microsoft Office Starter 2010 - Português (Brasil)
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
Monitor da tecnologia Intel® Turbo Boost 2.0
Movie Color Enhancer
Mozilla Firefox 18.0 (x86 pt-BR)
Mozilla Maintenance Service
MPC-HC 1.6.2.4902
MSVCRT
MSVCRT_amd64
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MSXML4 Parser
Multimedia POP
NVIDIA Driver de gráficos 301.42
NVIDIA Install Application
NVIDIA Optimus 1.8.15
NVIDIA PhysX
NVIDIA Software do sistema PhysX 9.12.0213
NVIDIA Update Components
Painel de controle da NVIDIA 301.42
Pando Media Booster
Peggle
Penguins!
Plants vs. Zombies
Poczta uslugi Windows Live
Podstawowe programy Windows Live
Polar Golfer
Pošta Windows Live
Raccolta foto di Windows Live
Realtek Ethernet Controller Driver
Realtek High Definition Audio Driver
Renesas Electronics USB 3.0 Host Controller Driver
S?????? f?t???af??? t?? Windows Live
Samsung AnyWeb Print
Samsung Printer Live Update
Samsung Support Center
Samsung Universal Print Driver
Samsung Universal Scan Driver
Samsung Update Plus
Security Update for Microsoft .NET Framework 4.5.1 (KB2898869)
Security Update for Microsoft .NET Framework 4.5.1 (KB2901126)
Security Update for Microsoft .NET Framework 4.5.1 (KB2931368)
Skype™ 6.11
Synaptics Pointing Device Driver
User Guide
Visualizador do Microsoft PowerPoint
VIVO INTERNET
WIDCOMM Bluetooth Software
WildTangent Games
WildTangent ORB Game Console
Windows Live
Windows Live ??
Windows Live ?? ???
Windows Live ???
Windows Live ????
Windows Live Communications Platform
Windows Live Essentials
Windows Live Fotótár
Windows Live Foto-galerija
Windows Live fotoattelu galerija
Windows Live Fotogalerie
Windows Live Fotogalleri
Windows Live Fotogaléria
Windows Live Fotograf Galerisi
Windows Live Galeria de Fotos
Windows Live Galerija fotografija
Windows Live ID Sign-in Assistant
Windows Live Installer
Windows Live Language Selector
Windows Live Mail
Windows Live Mesh
Windows Live Messenger
Windows Live MIME IFilter
Windows Live Movie Maker
Windows Live Photo Common
Windows Live Photo Gallery
Windows Live PIMT Platform
Windows Live Pošta
Windows Live Remote Client
Windows Live Remote Client Resources
Windows Live Remote Service
Windows Live Remote Service Resources
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live Temel Parçalar
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Live Writer
Windows Live Writer Resources
Windows Liven asennustyökalu
Windows Liven sähköposti
Windows Liven valokuvavalikoima
WinRAR 4.20 (32-bit)
Zuma Deluxe
.
==== End Of File ===========================
 

 

--------------GMER------------GMER.txt

 

 

Agradeço desde já.
Abraços.

Compartilhar este post


Link para o post
Compartilhar em outros sites
Olá

 

Desculpe a demora :)

 

Se ainda precisa de ajuda refaça os logs, pois preciso dos mesmos com datas atualizadas: Leia Antes de Postar - Criando um novo Tópico

 

ATENÇÃO 1: Não precisa abrir um novo tópico, coloque os novos logs neste mesmo tópico, obrigado!

ATENÇÃO 2: Não edite seu tópico, use o botão responder, obrigado!

ATENÇÃO 3: Não coloque os logs entre TAGS, obrigado!

ATENÇÃO 4: Não anexe os logs, obrigado!

 

Abraços :D

  • Curtir 1

Compartilhar este post


Link para o post
Compartilhar em outros sites

Boa noite, desculpe a demora, ainda preciso de ajuda sim.
Segue os logs atualizados, realizados agora.
 
---------------------------------------DDS.txt---------------------------------------------
DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 11.0.9600.17041
Run by Jorge e Priscila at 0:52:50 on 2014-05-30
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.55.1046.18.8103.6810 [GMT -3:00]
.
AV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
.
============== Running Processes ===============
.
C:\windows\system32\lsm.exe
C:\windows\system32\svchost.exe -k DcomLaunch
C:\windows\system32\nvvsvc.exe
C:\windows\system32\svchost.exe -k RPCSS
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\windows\system32\svchost.exe -k LocalService
C:\windows\system32\svchost.exe -k netsvcs
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\windows\system32\nvvsvc.exe
C:\windows\system32\svchost.exe -k NetworkService
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\windows\system32\WLANExt.exe
C:\windows\System32\spoolsv.exe
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe
C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\windows\system32\taskhost.exe
C:\windows\system32\Dwm.exe
C:\windows\Explorer.EXE
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
C:\windows\system32\SearchIndexer.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\windows\System32\svchost.exe -k LocalServicePeerNet
C:\windows\system32\wbem\unsecapp.exe
C:\windows\system32\taskeng.exe
C:\windows\system32\wbem\wmiprvse.exe
C:\windows\system32\taskeng.exe
C:\Program Files (x86)\Samsung\Easy Display Manager\dmhkcore.exe
C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
C:\Program Files (x86)\Samsung\Easy Display Manager\WifiManager.exe
C:\windows\system32\igfxext.exe
C:\windows\system32\igfxsrvc.exe
C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
C:\Program Files (x86)\CyberLink\Media+Player10\Media+Player10Serv.exe
C:\windows\system32\hkcmd.exe
C:\windows\system32\igfxtray.exe
C:\windows\system32\igfxpers.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
C:\windows\system32\svchost.exe -k imgsvc
C:\windows\System32\svchost.exe -k secsvcs
C:\Program Files (x86)\SAMSUNG\EasySpeedUpManager\EasySpeedUpManager.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
C:\windows\system32\wuauclt.exe
C:\Program Files\Samsung\SamsungFastStart\SmartRestarter.exe
C:\Program Files (x86)\Samsung\Movie Color Enhancer\MovieColorEnhancer.exe
C:\Program Files (x86)\Samsung\Samsung Support Center\SSCKbdHk.exe
C:\Program Files (x86)\Samsung\Samsung Update Plus\SUPBackground.exe
C:\Program Files (x86)\Common Files\microsoft shared\virtualization handler\cvh.exe
C:\Program Files (x86)\Common Files\microsoft shared\virtualization handler\OfficeVirt.exe
C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
C:\windows\system32\taskeng.exe
C:\windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://samsung.msn.com
uDefault_Page_URL = hxxp://samsung.msn.com
uProxyOverride = <local>
mWinlogon: Userinit = userinit.exe
BHO: IEExtension.VDownloaderBHO: {7b523e7c-f096-4e36-a0cb-7efeb5c675c1} -
BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Samsung BHO Class: {AA609D72-8482-4076-8991-8CDAE5B93BCB} - C:\Program Files\Samsung AnyWeb Print\W2PBrowser.dll
uRun: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
uRun: [Google Update] "C:\Users\Jorge e Priscila\AppData\Local\Google\Update\GoogleUpdate.exe" /c
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
mRun: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
mRun: [LogMeIn Hamachi Ui] "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
mRunOnce: [20140526] C:\Program Files\AVAST Software\Avast\setup\emupdate\0a1ab2c3-a124-4920-bd4a-8e6539e59cc9.exe /check
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: Enviar imagem para Dispositivo &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Enviar página para Dispositivo &Bluetooth ... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print 2.0\smartprintsetup.exe
IE: {328ECD19-C167-40eb-A0C7-16FE7634105E} - {94BB0C4C-B957-479A-85E4-42F53B89F681} - C:\Program Files\Samsung AnyWeb Print\W2PBrowser.dll
IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
TCP: NameServer = 201.17.0.63 201.17.0.93 201.6.4.116
TCP: Interfaces\{C06B7043-8212-47A7-9FFD-4DCB7A491F75} : DHCPNameServer = 201.17.0.63 201.17.0.93 201.6.4.116
TCP: Interfaces\{C06B7043-8212-47A7-9FFD-4DCB7A491F75}\34C414554494F4 : DHCPNameServer = 10.0.0.1
TCP: Interfaces\{C06B7043-8212-47A7-9FFD-4DCB7A491F75}\34C616574696F6 : DHCPNameServer = 192.168.1.1 192.168.1.1
TCP: Interfaces\{C06B7043-8212-47A7-9FFD-4DCB7A491F75}\46C696E6B6 : DHCPNameServer = 10.1.1.1
TCP: Interfaces\{C06B7043-8212-47A7-9FFD-4DCB7A491F75}\7594D2649402554594C4 : DHCPNameServer = 192.168.1.1 192.168.1.1
TCP: Interfaces\{C06B7043-8212-47A7-9FFD-4DCB7A491F75}\C696E6B6379737 : DHCPNameServer = 146.164.3.34 146.164.10.2
TCP: Interfaces\{C06B7043-8212-47A7-9FFD-4DCB7A491F75}\D457C64796C616375627F575350313 : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{C06B7043-8212-47A7-9FFD-4DCB7A491F75}\E43454F5556425A4 : DHCPNameServer = 146.164.10.2 200.20.116.66
TCP: Interfaces\{ED4CA2DB-C2E9-41F9-81B2-A6F71085F4D3} : DHCPNameServer = 10.1.1.1
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
AppInit_DLLs= C:\windows\SysWOW64\nvinit.dll
SSODL: WebCheck - <orphaned>
x64-BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
x64-BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
x64-TB: avast! Online Security: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - LocalServer32 - <no file>
x64-Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
x64-Run: [synTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe
x64-IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-Notify: igfxcui - igfxdev.dll
x64-SSODL: WebCheck - <orphaned>
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Jorge e Priscila\AppData\Roaming\Mozilla\Firefox\Profiles\exomlp9y.default-1400683029636\
FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
FF - plugin: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\Users\Jorge e Priscila\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll
FF - plugin: C:\Users\Jorge e Priscila\AppData\Local\Google\Update\1.3.24.7\npGoogleUpdate3.dll
FF - plugin: C:\windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll
.
============= SERVICES / DRIVERS ===============
.
R0 aswRvrt;avast! Revert;C:\windows\System32\drivers\aswRvrt.sys [2013-5-29 65776]
R0 aswVmm;avast! VM Monitor;C:\windows\System32\drivers\aswVmm.sys [2013-5-29 208416]
R0 nvpciflt;nvpciflt;C:\windows\System32\drivers\nvpciflt.sys [2012-7-7 28992]
R1 aswSnx;aswSnx;C:\windows\System32\drivers\aswsnx.sys [2012-9-5 1039096]
R1 aswSP;aswSP;C:\windows\System32\drivers\aswsp.sys [2012-9-5 423240]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;C:\windows\System32\drivers\dtsoftbus01.sys [2013-8-25 283064]
R1 SABI;SAMSUNG Kernel Driver For Windows 7;C:\windows\System32\drivers\SABI.sys [2011-7-15 13824]
R2 aswHwid;avast! HardwareID;C:\windows\System32\drivers\aswHwid.sys [2014-4-24 29208]
R2 aswMonFlt;aswMonFlt;C:\windows\System32\drivers\aswMonFlt.sys [2012-9-5 79184]
R2 Autodesk Content Service;Autodesk Content Service;C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [2011-2-2 18656]
R2 avast! Antivirus;avast! Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2014-4-24 50344]
R2 cvhsvc;Client Virtualization Handler;C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE [2013-4-22 822504]
R2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe [2014-5-13 2228048]
R2 LMIGuardianSvc;LMIGuardianSvc;C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [2014-4-15 377616]
R2 sftlist;Application Virtualization Client;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2013-6-26 523944]
R2 TurboB;Turbo Boost UI Monitor driver;C:\windows\System32\drivers\TurboB.sys [2010-10-8 19192]
R2 UNS;Intel® Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2011-7-15 2655768]
R3 clwvd;CyberLink WebCam Virtual Driver;C:\windows\System32\drivers\clwvd.sys [2010-11-10 31088]
R3 huawei_enumerator;huawei_enumerator;C:\windows\System32\drivers\ew_jubusenum.sys [2013-3-15 86016]
R3 IntcDAud;Intel® Display Audio;C:\windows\System32\drivers\IntcDAud.sys [2011-7-16 317440]
R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;C:\windows\System32\drivers\nusb3hub.sys [2010-12-3 80384]
R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;C:\windows\System32\drivers\nusb3xhc.sys [2010-12-3 181248]
R3 RTL8167;Realtek 8167 NT Driver;C:\windows\System32\drivers\Rt64win7.sys [2011-7-15 533096]
R3 Sftfs;Sftfs;C:\windows\System32\drivers\Sftfslh.sys [2013-6-26 767144]
R3 Sftplay;Sftplay;C:\windows\System32\drivers\Sftplaylh.sys [2013-6-26 273576]
R3 Sftredir;Sftredir;C:\windows\System32\drivers\Sftredirlh.sys [2013-6-26 28840]
R3 Sftvol;Sftvol;C:\windows\System32\drivers\Sftvollh.sys [2013-6-26 23208]
R3 sftvsa;Application Virtualization Service Agent;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2013-6-26 207528]
S2 aswStm;aswStm;C:\windows\System32\drivers\aswstm.sys [2014-2-3 85328]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-9-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-9-11 124088]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-9-5 171680]
S3 BprotectEx;Baidu ProtectEx;C:\windows\System32\drivers\BprotectEx.sys [2013-8-25 76096]
S3 BTWAMPFL;BTWAMPFL;C:\windows\System32\drivers\btwampfl.sys [2012-7-6 348712]
S3 btwl2cap;Bluetooth L2CAP Service;C:\windows\System32\drivers\btwl2cap.sys [2012-7-6 39464]
S3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device;C:\windows\System32\drivers\ew_hwusbdev.sys [2013-3-15 117248]
S3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2012-10-20 1431888]
S3 huawei_cdcacm;huawei_cdcacm;C:\windows\System32\drivers\ew_jucdcacm.sys [2013-3-15 98816]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\windows\System32\ieetwcollector.exe [2014-4-13 111616]
S3 npggsvc;nProtect GameGuard Service;C:\windows\System32\GameMon.des -service --> C:\windows\System32\GameMon.des -service [?]
S3 Samsung UPD Service;Samsung UPD Service;C:\windows\System32\SUPDSvc.exe [2011-7-16 166704]
S3 TsUsbFlt;TsUsbFlt;C:\windows\System32\drivers\TsUsbFlt.sys [2010-11-21 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\windows\System32\drivers\TsUsbGD.sys [2010-11-21 31232]
S3 TurboBoost;Intel® Turbo Boost Technology Monitor 2.0;C:\Program Files\Intel\TurboBoost\TurboBoost.exe [2010-10-8 150016]
S3 WatAdminSvc;Serviço de Tecnologias de Ativação do Windows;C:\windows\System32\Wat\WatAdminSvc.exe [2012-7-8 1255736]
S3 WSDScan;Suporte de Digitalização WSD via UMB;C:\windows\System32\drivers\WSDScan.sys [2009-7-13 25088]
S4 HWDeviceService64.exe;HWDeviceService64.exe;C:\ProgramData\DatacardService\HWDeviceService64.exe -/service --> C:\ProgramData\DatacardService\HWDeviceService64.exe -/service [?]
S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]
.
=============== File Associations ===============
.
FileExt: .scr: AutoCADScriptFile=C:\windows\System32\notepad.exe "%1"
.
=============== Created Last 30 ================
.
2014-05-29 03:51:52    75888    ----a-w-    C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{4EA716B3-CACE-4E03-A58F-1C46539BC579}\offreg.dll
2014-05-28 13:55:42    163504    ----a-w-    C:\ProgramData\Microsoft\Windows\Sqm\Manifest\Sqm10145.bin
2014-05-27 01:34:14    --------    d-----w-    C:\Users\Jorge e Priscila\AppData\Roaming\LibreOffice
2014-05-27 01:31:49    --------    d-----w-    C:\Program Files (x86)\LibreOffice 4
2014-05-23 16:49:17    10702536    ----a-w-    C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{4EA716B3-CACE-4E03-A58F-1C46539BC579}\mpengine.dll
2014-05-15 23:19:37    --------    d-----w-    C:\Program Files (x86)\LogMeIn Hamachi
2014-05-14 06:03:36    2724864    ----a-w-    C:\windows\SysWow64\mshtml.tlb
2014-05-14 06:03:36    2724864    ----a-w-    C:\windows\System32\mshtml.tlb
2014-05-14 00:57:05    1460736    ----a-w-    C:\windows\System32\lsasrv.dll
2014-05-14 00:57:03    728064    ----a-w-    C:\windows\System32\kerberos.dll
2014-05-14 00:57:02    550912    ----a-w-    C:\windows\SysWow64\kerberos.dll
2014-05-14 00:57:02    3969984    ----a-w-    C:\windows\SysWow64\ntkrnlpa.exe
2014-05-14 00:57:02    3914176    ----a-w-    C:\windows\SysWow64\ntoskrnl.exe
2014-05-14 00:57:01    722944    ----a-w-    C:\windows\System32\objsel.dll
2014-05-14 00:57:01    455168    ----a-w-    C:\windows\System32\winlogon.exe
2014-05-14 00:57:01    314880    ----a-w-    C:\windows\System32\msv1_0.dll
2014-05-14 00:57:01    259584    ----a-w-    C:\windows\SysWow64\msv1_0.dll
2014-05-14 00:57:00    5550016    ----a-w-    C:\windows\System32\ntoskrnl.exe
2014-05-13 22:39:26    477184    ----a-w-    C:\windows\System32\aepdu.dll
2014-05-13 22:39:24    424448    ----a-w-    C:\windows\System32\aeinv.dll
2014-05-10 14:33:09    965232    ----a-w-    C:\Program Files (x86)\Mozilla Firefox\icuuc52.dll
2014-05-10 14:33:09    1266800    ----a-w-    C:\Program Files (x86)\Mozilla Firefox\icuin52.dll
2014-05-10 14:33:09    10594416    ----a-w-    C:\Program Files (x86)\Mozilla Firefox\icudt52.dll
2014-05-07 05:17:27    --------    d-s---w-    C:\windows\System32\CompatTel
2014-05-06 22:30:09    --------    d-----w-    C:\ProgramData\Malwarebytes
.
==================== Find3M  ====================
.
2014-05-15 23:23:53    85328    ----a-w-    C:\windows\System32\drivers\aswstm.sys
2014-05-15 23:23:53    1039096    ----a-w-    C:\windows\System32\drivers\aswsnx.sys
2014-05-13 19:52:43    70832    ----a-w-    C:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-05-13 19:52:43    692400    ----a-w-    C:\windows\SysWow64\FlashPlayerApp.exe
2014-04-24 22:41:34    79184    ----a-w-    C:\windows\System32\drivers\aswMonFlt.sys
2014-04-24 22:41:34    65776    ----a-w-    C:\windows\System32\drivers\aswRvrt.sys
2014-04-24 22:41:34    29208    ----a-w-    C:\windows\System32\drivers\aswHwid.sys
2014-04-24 22:41:34    208416    ----a-w-    C:\windows\System32\drivers\aswVmm.sys
2014-04-24 22:41:33    93568    ----a-w-    C:\windows\System32\drivers\aswRdr2.sys
2014-04-24 22:41:33    43152    ----a-w-    C:\windows\avastSS.scr
2014-04-12 02:22:05    95680    ----a-w-    C:\windows\System32\drivers\ksecdd.sys
2014-04-12 02:22:05    155072    ----a-w-    C:\windows\System32\drivers\ksecpkg.sys
2014-04-12 02:19:38    29184    ----a-w-    C:\windows\System32\sspisrv.dll
2014-04-12 02:19:38    136192    ----a-w-    C:\windows\System32\sspicli.dll
2014-04-12 02:19:37    28160    ----a-w-    C:\windows\System32\secur32.dll
2014-04-12 02:19:05    31232    ----a-w-    C:\windows\System32\lsass.exe
2014-04-12 02:12:06    22016    ----a-w-    C:\windows\SysWow64\secur32.dll
2014-04-12 02:10:56    96768    ----a-w-    C:\windows\SysWow64\sspicli.dll
2014-03-31 12:35:08    270496    ------w-    C:\windows\System32\MpSigStub.exe
2014-03-06 09:31:33    4096    ----a-w-    C:\windows\System32\ieetwcollectorres.dll
2014-03-06 08:59:04    66048    ----a-w-    C:\windows\System32\iesetup.dll
2014-03-06 08:57:34    548352    ----a-w-    C:\windows\System32\vbscript.dll
2014-03-06 08:57:20    48640    ----a-w-    C:\windows\System32\ieetwproxystub.dll
2014-03-06 08:29:40    139264    ----a-w-    C:\windows\System32\ieUnatt.exe
2014-03-06 08:29:14    111616    ----a-w-    C:\windows\System32\ieetwcollector.exe
2014-03-06 08:28:15    752640    ----a-w-    C:\windows\System32\jscript9diag.dll
2014-03-06 08:15:54    940032    ----a-w-    C:\windows\System32\MsSpellCheckingFacility.exe
2014-03-06 08:11:41    5784064    ----a-w-    C:\windows\System32\jscript9.dll
2014-03-06 08:02:34    61952    ----a-w-    C:\windows\SysWow64\iesetup.dll
2014-03-06 08:02:33    455168    ----a-w-    C:\windows\SysWow64\vbscript.dll
2014-03-06 08:01:01    51200    ----a-w-    C:\windows\SysWow64\ieetwproxystub.dll
2014-03-06 07:56:43    38400    ----a-w-    C:\windows\System32\JavaScriptCollectionAgent.dll
2014-03-06 07:46:36    4254720    ----a-w-    C:\windows\SysWow64\jscript9.dll
2014-03-06 07:38:13    112128    ----a-w-    C:\windows\SysWow64\ieUnatt.exe
2014-03-06 07:36:40    592896    ----a-w-    C:\windows\SysWow64\jscript9diag.dll
2014-03-06 07:13:43    32256    ----a-w-    C:\windows\SysWow64\JavaScriptCollectionAgent.dll
2014-03-06 07:11:15    2043904    ----a-w-    C:\windows\System32\inetcpl.cpl
2014-03-06 06:40:39    1967104    ----a-w-    C:\windows\SysWow64\inetcpl.cpl
2014-03-06 06:22:40    2260480    ----a-w-    C:\windows\System32\wininet.dll
2014-03-06 05:41:49    1789440    ----a-w-    C:\windows\SysWow64\wininet.dll
2014-03-04 09:44:21    362496    ----a-w-    C:\windows\System32\wow64win.dll
2014-03-04 09:44:21    243712    ----a-w-    C:\windows\System32\wow64.dll
2014-03-04 09:44:21    13312    ----a-w-    C:\windows\System32\wow64cpu.dll
2014-03-04 09:44:20    39936    ----a-w-    C:\windows\System32\wincredprovider.dll
2014-03-04 09:44:10    210944    ----a-w-    C:\windows\System32\wdigest.dll
2014-03-04 09:44:08    86528    ----a-w-    C:\windows\System32\TSpkg.dll
2014-03-04 09:44:06    340992    ----a-w-    C:\windows\System32\schannel.dll
2014-03-04 09:44:03    16384    ----a-w-    C:\windows\System32\ntvdm64.dll
2014-03-04 09:44:00    424960    ----a-w-    C:\windows\System32\KernelBase.dll
2014-03-04 09:43:56    57344    ----a-w-    C:\windows\System32\cngprovider.dll
2014-03-04 09:43:56    52736    ----a-w-    C:\windows\System32\dpapiprovider.dll
2014-03-04 09:43:56    44544    ----a-w-    C:\windows\System32\dimsroam.dll
2014-03-04 09:43:56    22016    ----a-w-    C:\windows\System32\credssp.dll
2014-03-04 09:43:55    56832    ----a-w-    C:\windows\System32\adprovider.dll
2014-03-04 09:43:55    53760    ----a-w-    C:\windows\System32\capiprovider.dll
2014-03-04 09:16:54    25600    ----a-w-    C:\windows\SysWow64\setup16.exe
2014-03-04 09:16:18    5120    ----a-w-    C:\windows\SysWow64\wow32.dll
2014-03-04 09:16:18    274944    ----a-w-    C:\windows\SysWow64\KernelBase.dll
2014-03-04 08:09:30    7680    ----a-w-    C:\windows\SysWow64\instnm.exe
2014-03-04 08:09:29    2048    ----a-w-    C:\windows\SysWow64\user.exe
.
============= FINISH:  0:53:46,56 ===============
 
 
-------------------------------attach.txt-------------------------------------
 
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 7 Home Premium
Boot Device: \Device\HarddiskVolume1
Install Date: 06/07/2012 19:48:48
System Uptime: 27/05/2014 18:05:41 (54 hours ago)
.
Motherboard: SAMSUNG ELECTRONICS CO., LTD. |  | RF511/RF411/RF711
Processor: Intel® Core i5-2450M CPU @ 2.50GHz | CPU 1 | 775/100mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 178 GiB total, 55,728 GiB free.
D: is FIXED (NTFS) - 266 GiB total, 92,284 GiB free.
E: is CDROM ()
F: is CDROM (UDF)
.
==== Disabled Device Manager Items =============
.
Class GUID: {e0cbf06c-cd8b-4647-bb8a-263b43f0f974}
Description: Broadcom BCM2070 Bluetooth 3.0 + HS USB Device
Device ID: USB\VID_0A5C&PID_219C\90A4DEE491F1
Manufacturer: Broadcom
Name: Broadcom BCM2070 Bluetooth 3.0 + HS USB Device
PNP Device ID: USB\VID_0A5C&PID_219C\90A4DEE491F1
Service: BTHUSB
.
Class GUID: {4d36e97d-e325-11ce-bfc1-08002be10318}
Description: Controlador de High Definition Audio
Device ID: PCI\VEN_10DE&DEV_0BEA&SUBSYS_00000000&REV_A1\4&21A9360A&0&0108
Manufacturer: Microsoft
Name: Controlador de High Definition Audio
PNP Device ID: PCI\VEN_10DE&DEV_0BEA&SUBSYS_00000000&REV_A1\4&21A9360A&0&0108
Service: HDAudBus
.
==== System Restore Points ===================
.
RP279: 07/05/2014 01:24:55 - Operação de restauração
RP280: 07/05/2014 01:30:50 - avast! antivirus system restore point
RP281: 07/05/2014 01:36:46 - Windows Update
RP282: 07/05/2014 15:07:50 - Removed NCsoft Launcher
RP283: 07/05/2014 15:09:24 - Removed Lineage II
RP284: 07/05/2014 15:10:18 - Removed Python 3.3.2
RP285: 07/05/2014 15:24:25 - Removed Samsung Recovery Solution 5
RP286: 13/05/2014 18:28:38 - Windows Update
RP287: 14/05/2014 03:00:23 - Windows Update
RP288: 20/05/2014 21:20:12 - Windows Update
RP289: 26/05/2014 22:30:17 - Installed LibreOffice 4.2.4.2
.
==== Installed Programs ======================
.
???? ??? Windows Live
???? Windows Live
????? Windows Live
?????? ??????? ?? Windows Live
???????? ?????????? Windows Live
?????????? Windows Live
??????????? ?? Windows Live
Adobe AIR
Adobe Flash Player 13 ActiveX
Adobe Flash Player 13 Plugin
Adobe Reader XI (11.0.07) - Português
Agatha Christie - Death on the Nile
Atualizações da NVIDIA 1.8.15
AutoCAD 2012 - English
AutoCAD 2012 Language Pack - English
Autodesk Content Service
Autodesk Inventor Fusion 2012
Autodesk Inventor Fusion 2012 Language Pack
Autodesk Inventor Fusion plug-in for AutoCAD 2012
Autodesk Inventor Fusion plug-in language pack for AutoCAD 2012
Autodesk Material Library 2012
Autodesk Material Library Base Resolution Image Library 2012
avast! Free Antivirus
„Windows Live Essentials“
„Windows Live Mail“
„Windows Live Messenger“
„Windows Live“ fotogalerija
BatteryLifeExtender
Bejeweled 2 Deluxe
Broadcom 802.11 Network Adapter
Build-a-lot
ChargeableUSB
Chuzzle Deluxe
CyberLink Media Suite
CyberLink Media+ Player10
CyberLink MediaShow
CyberLink Power2Go
CyberLink PowerDirector
CyberLink YouCam
D3DX10
DAEMON Tools Lite
Diner Dash 2 Restaurant Rescue
Easy Content Share
Easy Display Manager
Easy Migration
Easy Network Manager
Easy SpeedUp Manager
EasyBatteryManager
EasyFileShare
Facebook Video Calling 2.0.0.447
Farm Frenzy
Fast Start
Fotogalerija Windows Live
Galeria de Fotografias do Windows Live
Galeria fotografii uslugi Windows Live
Galerie de photos Windows Live
Galerie foto Windows Live
Galería fotográfica de Windows Live
Google Chrome
HP Deskjet 4620 series Ajuda
HP Deskjet 4620 series Estudo de aprimoramento de produtos
HP Deskjet 4620 series Software básico do dispositivo
HP Update
I.R.I.S. OCR
Insaniquarium Deluxe
Intel® Control Center
Intel® Management Engine Components
Intel® Processor Graphics
Intel® Rapid Storage Technology
Java 7 Update 17 (64-bit)
John Deere Drive Green
Junk Mail filter update
LibreOffice 4.2.4.2
LogMeIn Hamachi
Mesh Runtime
Microsoft .NET Framework 4.5.1
Microsoft .NET Framework 4.5.1 (Português do Brasil)
Microsoft .NET Framework 4.5.1 (PTB)
Microsoft Application Error Reporting
Microsoft Office 2010
Microsoft Office com Clique para Executar 2010
Microsoft Office Starter 2010 - Português (Brasil)
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
Monitor da tecnologia Intel® Turbo Boost 2.0
Movie Color Enhancer
Mozilla Firefox 18.0 (x86 pt-BR)
Mozilla Maintenance Service
MPC-HC 1.6.2.4902
MSVCRT
MSVCRT_amd64
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MSXML4 Parser
Multimedia POP
NVIDIA Driver de gráficos 301.42
NVIDIA Install Application
NVIDIA Optimus 1.8.15
NVIDIA PhysX
NVIDIA Software do sistema PhysX 9.12.0213
NVIDIA Update Components
Painel de controle da NVIDIA 301.42
Pando Media Booster
Peggle
Penguins!
Plants vs. Zombies
Poczta uslugi Windows Live
Podstawowe programy Windows Live
Polar Golfer
Pošta Windows Live
Raccolta foto di Windows Live
Realtek Ethernet Controller Driver
Realtek High Definition Audio Driver
Renesas Electronics USB 3.0 Host Controller Driver
S?????? f?t???af??? t?? Windows Live
Samsung AnyWeb Print
Samsung Printer Live Update
Samsung Support Center
Samsung Universal Print Driver
Samsung Universal Scan Driver
Samsung Update Plus
Security Update for Microsoft .NET Framework 4.5.1 (KB2898869)
Security Update for Microsoft .NET Framework 4.5.1 (KB2901126)
Security Update for Microsoft .NET Framework 4.5.1 (KB2931368)
Skype™ 6.11
Synaptics Pointing Device Driver
User Guide
Visualizador do Microsoft PowerPoint
VIVO INTERNET
WIDCOMM Bluetooth Software
WildTangent Games
WildTangent ORB Game Console
Windows Live
Windows Live ??
Windows Live ?? ???
Windows Live ???
Windows Live ????
Windows Live Communications Platform
Windows Live Essentials
Windows Live Fotótár
Windows Live Foto-galerija
Windows Live fotoattelu galerija
Windows Live Fotogalerie
Windows Live Fotogalleri
Windows Live Fotogaléria
Windows Live Fotograf Galerisi
Windows Live Galeria de Fotos
Windows Live Galerija fotografija
Windows Live ID Sign-in Assistant
Windows Live Installer
Windows Live Language Selector
Windows Live Mail
Windows Live Mesh
Windows Live Messenger
Windows Live MIME IFilter
Windows Live Movie Maker
Windows Live Photo Common
Windows Live Photo Gallery
Windows Live PIMT Platform
Windows Live Pošta
Windows Live Remote Client
Windows Live Remote Client Resources
Windows Live Remote Service
Windows Live Remote Service Resources
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live Temel Parçalar
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Live Writer
Windows Live Writer Resources
Windows Liven asennustyökalu
Windows Liven sähköposti
Windows Liven valokuvavalikoima
WinRAR 4.20 (32-bit)
Zuma Deluxe
.
==== End Of File ===========================
 
GMER.txt ficou muito grande, logo segue em anexo: GMER.txt

Compartilhar este post


Link para o post
Compartilhar em outros sites

Caro Jorge Fernando Dos Reis

 

Recomendo que salve este tópico em seus Favoritos para facilitar na hora de encontrá-lo.
 
Por favor, atente para o seguinte:
  • Caso fique sem resposta durante 3 dias, me envie uma Mensagem Privada (MP);
O que será passado aqui, somente será com relação ao problema do seu computador portanto, não faça mais em nenhum outro;
Siga, por favor, atentamente as instruções passadas e em caso de dúvidas não hesite em perguntá-las;
Sempre coloque suas respostas neste tópico... Não abra outro!
Procure sempre me manter informado, durante a remoção, sobre o que acontece com seu computador.
Respeite a ordem das instruções passadas.
Observação: Não tome outra medida além das passadas aqui; atente para que, caso peça ajuda em outro fórum, não deixe de nos informar, sob risco de desconfigurar seu computador!

# Etapa nº 1 #

 
Faça o download Junkware Removal Tool e salve em seu Desktop.
  • Desative seus programas de proteção (antivírus etc) para evitar qualquer conflito.
  • Clique duas vezes JRT.exe
    • Se seu sistema for Windows Vista ou Windows 7 ou Windows 8, clique com o botão direito do mouse e peça para Executar como Administrador.

    [*]Seja paciente e aguarde o scan terminar.[*]Abra o log JRT.txt que está em seu Desktop.[*]Copie todo conteúdo e cole em sua próximo mensagem.

 
# Etapa nº 2 #
 

  • Clique duas vezes no adwcleaner.exe
  • Atenção: Usuários Windows Vista, 7 e 8, cliquem com o botão direito do mouse e escolha: execadmin.png

  • Clique em Pesquisar
No final do scan será aberto um log com o resultado.
Caso algo seja detectado, clique então no botão Remover.
Novamente, no final do scan será aberto um log com o resultado.
Copie todo seu conteúdo e cole em sua próxima resposta.

 
# Etapa nº 3 #
 
Leia as instruções contidas neste link:
 
 
Nas instruções contidas no link acima, poderá verificar quais os fóruns onde os Analistas estão devidamente habilitados a utilizar corretamente a ferramenta:"Fóruns para receber ajuda com logs do ComboFix"
Faça o download do ComboFix de um dos links oficiais listados abaixo e salve no seu desktop:

[*]Temporariamente e durante a execução destas instruções, é muito importante que mantenha desabilitados os seus programas de proteção (Antivirus, Antispyware e Firewall). Reative as proteções após a execução do(s) procedimento(s) abaixo mencionado(s).
[*]Duplo clique no icone desktopicon.png que está no desktop.
[*]Leia e aceite as condições, digitando 1 e enter.
[*]Computadores com Windows XP deverão instalar o Console de Recuperação:
Se o seu computador tem instalado o Windows XP e ainda não tem instalado o Console de Recuperação, por favor certifique-se que está conectado à Internet, e clique em "Sim".
Clique em "OK" ao EULA.
Quando o Console de Recuperação estiver já instalado, clique em "SIM" para continuar.

[*]O ComboFix será executado, por favor seja paciente e aguarde.
[*]Atenção: Não utilize o mouse nem o teclado enquanto a ferramenta estiver sendo executada, isso pode fazer com que o computador pare.
[*]Poderá surgir o aviso que é necessário reiniciar o computador.
NÃO REINICIE!!! O ComboFix reiniciará o computador automaticamente.
[*]Quando a ferramenta terminar de rodar, gerará um log (o arquivo C:\ComboFix.txt). Copie e cole o conteúdo desse arquivo na sua proxima resposta.


NÃO utilize a ferramenta por conta própria. É uma ferramenta poderosa criada pra lidar com infecções sofisticadas e caso não a utilize corretamente poderá danificar o seu computador.
Existem vários malwares que impedem a execução correta da ferramenta e com isso danificar gravemente o computador. Analistas habilitados a utilizar o ComboFix conhecem esses casos e sabem lidar com estas situações.
Muitos dos Analistas não respondem a topicos em que vejam que o ComboFix foi utilizado sem supervisão.
Existem varias ferramentas anti-malware generalistas em que os autores ao elaborarem a programação das mesmas, estão pensando nos usuários finais e para serem usadas sem supervisão. O Combofix não é uma ferramenta desse tipo, e assim sendo e até por respeito ao autor da ferramenta, não utilize sem supervisão.

Abraços :D

Compartilhar este post


Link para o post
Compartilhar em outros sites

Segue os logs das instruções.

Aparentemente a incicialização ficou um pouco mais rápida. Mas tanto o navegador, quanto outros programas quando estão sendo usados ficam lentos, como se fossem pesados e sempre consomem muito do processador, de acordo com o gerenciador de tarefas. Começo a pensar na possibilidade de ser hardware. Enfim estou aguardando sua avaliação.

 

Etapa nº 1 - Junkware Removal Tool

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 7 Home Premium x64
Ran by Jorge e Priscila on 31/05/2014 at  0:58:09,85
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\installcore
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\softonic
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\startsearch
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\sweetim
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-1513193997-3538550247-1406820036-1001\Software\sweetim
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\sweetim
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\au__rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\au__rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\sweetim_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\sweetim_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\sweetpacksupdatemanager_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\sweetpacksupdatemanager_rasmancs



~~~ Files

Successfully deleted: [File] C:\windows\syswow64\sho3BCA.tmp
Successfully deleted: [File] C:\windows\syswow64\sho8FC8.tmp
Successfully deleted: [File] C:\windows\syswow64\shoBD6A.tmp



~~~ Folders

Successfully deleted: [Empty Folder] C:\Users\Jorge e Priscila\appdata\local\{00452917-D5E9-4493-91FD-7764527DA962}
Successfully deleted: [Empty Folder] C:\Users\Jorge e Priscila\appdata\local\{018E7AFC-2503-4A6C-B48C-509421AE5E05}
Successfully deleted: [Empty Folder] C:\Users\Jorge e Priscila\appdata\local\{02517EA8-B3CE-4419-BDAD-C01272B89116}
Successfully deleted: [Empty Folder] C:\Users\Jorge e Priscila\appdata\local\{02BA885B-DB73-43E4-9E81-E6397E2729E5}
Successfully deleted: [Empty Folder] C:\Users\Jorge e Priscila\appdata\local\{02F109F4-35D4-4A13-8028-CF903BB6F47F}
Successfully deleted: [Empty Folder] C:\Users\Jorge e Priscila\appdata\local\{03F65EF3-73C7-4866-8DBF-12F4CD043432}
Successfully deleted: [Empty Folder] C:\Users\Jorge e Priscila\appdata\local\{0492A741-1D2F-4153-BD1F-5AA662A03BAA}
Successfully deleted: [Empty Folder] C:\Users\Jorge e Priscila\appdata\local\{071ADBCF-D21B-451B-AC87-542092DE3F1D}
Successfully deleted: [Empty Folder] C:\Users\Jorge e Priscila\appdata\local\{07FC55D9-E7FC-44EC-A3AD-5EC425B3AD58}
Successfully deleted: [Empty Folder] C:\Users\Jorge e Priscila\appdata\local\{08523C40-4E0E-4AD9-9D2A-2ACD5A45CB82}
Successfully deleted: [Empty Folder] C:\Users\Jorge e Priscila\appdata\local\{090B3BAB-B2C4-40CE-8D6E-A3C551DACD2D}
Successfully deleted: [Empty Folder] C:\Users\Jorge e Priscila\appdata\local\{09744D0A-815C-48F4-B006-A9D5E8DE4DB6}
Successfully deleted: [Empty Folder] C:\Users\Jorge e Priscila\appdata\local\{0A1CAD49-4AEA-4ECC-908F-EAF69CAA6021}
Successfully deleted: [Empty Folder] C:\Users\Jorge e Priscila\appdata\local\{0C3384CD-D496-47DC-94F2-4A29FAF8C9D1}
Successfully deleted: [Empty Folder] C:\Users\Jorge e Priscila\appdata\local\{0C772DD1-6A34-49D9-BB47-7D982F5E522E}
Successfully deleted: [Empty Folder] C:\Users\Jorge e Priscila\appdata\local\{0D212642-10D2-448F-9B3C-149B3F1154BA}
Successfully deleted: [Empty Folder] C:\Users\Jorge e Priscila\appdata\local\{0E91CE97-39B4-4ABE-9595-E9336C76CECE}
Successfully deleted: [Empty Folder] C:\Users\Jorge e Priscila\appdata\local\{107EAFB6-F6F0-4F8E-9798-43476DB98E94}
Successfully deleted: [Empty Folder] C:\Users\Jorge e Priscila\appdata\local\{120025FA-46A2-4157-AEA7-97EEC1A8E1A7}
Successfully deleted: [Empty Folder] C:\Users\Jorge e Priscila\appdata\local\{1416A80C-D467-4BBF-B137-D2318B0D9CEF}
Successfully deleted: [Empty Folder] C:\Users\Jorge e Priscila\appdata\local\{1418A25C-84FE-45AF-B3BC-255C235C1B8B}
Successfully deleted: [Empty Folder] C:\Users\Jorge e Priscila\appdata\local\{1497B431-12DE-4E09-9699-A4AFF83D4C3B}
Successfully deleted: [Empty Folder] C:\Users\Jorge e Priscila\appdata\local\{152CF36D-0D71-4B51-AA95-4F2A9FFBAC7F}
Successfully deleted: [Empty Folder] C:\Users\Jorge e Priscila\appdata\local\{1667D4E9-F2C8-4F2E-8EFE-B70EBD418D72}
Successfully deleted: [Empty Folder] C:\Users\Jorge e Priscila\appdata\local\{173329E7-DE04-468F-A142-C1626F55EC37}
Successfully deleted: [Empty Folder] C:\Users\Jorge e Priscila\appdata\local\{1792E669-85D2-4A63-96CB-C5368BCE76D5}
Successfully deleted: [Empty Folder] C:\Users\Jorge e Priscila\appdata\local\{1A160FDF-6EBD-4939-B49A-892003D26F35}
Successfully deleted: [Empty Folder] C:\Users\Jorge e Priscila\appdata\local\{1A54EF7E-BE34-4709-8F09-48F0DB6C1521}
Successfully deleted: [Empty Folder] C:\Users\Jorge e Priscila\appdata\local\{1A97E50D-EAC6-4DE6-B76C-9F63B3926950}
Successfully deleted: [Empty Folder] C:\Users\Jorge e Priscila\appdata\local\{1ACFF5CC-AB43-4BFC-BB5F-821A3B4E6CFD}
Successfully deleted: [Empty Folder] C:\Users\Jorge e Priscila\appdata\local\{1B1A6FB5-F048-4536-B0CC-BAA3C9C90339}
Successfully deleted: [Empty Folder] C:\Users\Jorge e Priscila\appdata\local\{2019B810-FEE5-48EE-BD17-D62DD978AE65}
Successfully deleted: [Empty Folder] C:\Users\Jorge e Priscila\appdata\local\{20C42224-8132-4BF3-899A-9C28FF1A5281}
Successfully deleted: [Empty Folder] C:\Users\Jorge e Priscila\appdata\local\{227CDE95-3B65-4D07-8225-BDE2B28CACDE}
Successfully deleted: [Empty Folder] C:\Users\Jorge e Priscila\appdata\local\{2339CFD8-66AD-4016-907A-DBA73957C22F}
Successfully deleted: [Empty Folder] C:\Users\Jorge e Priscila\appdata\local\{23FE520F-8F40-48D1-86A7-9D23B2ED4572}
Successfully deleted: [Empty Folder] C:\Users\Jorge e Priscila\appdata\local\{24715CEB-133A-4FB4-AE87-3F784A39B681}
Successfully deleted: [Empty Folder] C:\Users\Jorge e Priscila\appdata\local\{25893F5C-113A-41ED-9891-F5129554BD0B}
Successfully deleted: [Empty Folder] C:\Users\Jorge e Priscila\appdata\local\{25DB46DD-4B93-4FDE-96E5-B608EDA9A8D7}
Successfully deleted: [Empty Folder] C:\Users\Jorge e Priscila\appdata\local\{25E15857-60D4-4512-9155-24D6AECEB123}
Successfully deleted: [Empty Folder] C:\Users\Jorge e Priscila\appdata\local\{25FBD7E1-EB8F-49AF-8785-85A66D6E910E}
Successfully deleted: [Empty Folder] C:\Users\Jorge e Priscila\appdata\local\{28510887-A9F6-4F7F-8E16-EFC8324A0D7B}
Successfully deleted: [Empty Folder] C:\Users\Jorge e Priscila\appdata\local\{2A38F33E-B8C4-47B4-AB6A-940F9730C50E}
Successfully deleted: [Empty Folder] C:\Users\Jorge e Priscila\appdata\local\{2BB67D6F-9588-482A-BC1E-22241FB81980}
Successfully deleted: [Empty Folder] C:\Users\Jorge e Priscila\appdata\local\{2CB9E82E-7204-4006-8D9B-6B6831D2113C}
Successfully deleted: [Empty Folder] C:\Users\Jorge e Priscila\appdata\local\{2EF5F262-5020-45BF-A333-20835B03C039}
Successfully deleted: [Empty Folder] C:\Users\Jorge e Priscila\appdata\local\{30791A2F-E588-4496-B1FC-7CE8E75F1E00}
Successfully deleted: [Empty Folder] C:\Users\Jorge e Priscila\appdata\local\{328B22EE-EA0F-4102-AAF4-2B76775CEF80}
Successfully deleted: [Empty Folder] C:\Users\Jorge e Priscila\appdata\local\{32B35E6E-29B7-4176-A4E7-27D9B66FF0F9}
Successfully deleted: [Empty Folder] C:\Users\Jorge e Priscila\appdata\local\{32C383CC-8CC5-4896-87B3-027DAD4B0D8B}
Successfully deleted: [Empty Folder] C:\Users\Jorge e Priscila\appdata\local\{34C73E98-EF77-4D2D-B169-26B9FAC28B46}
Successfully deleted: [Empty Folder] C:\Users\Jorge e Priscila\appdata\local\{34E64BBD-B501-4766-8213-8495F37120A7}
Successfully deleted: [Empty Folder] C:\Users\Jorge e Priscila\appdata\local\{35A28F1E-496C-4ECA-9567-5815E47D0EF3}
Successfully deleted: [Empty Folder] C:\Users\Jorge e Priscila\appdata\local\{35F45810-61D4-44D1-A62B-34CC1ED294C1}
Successfully deleted: [Empty Folder] C:\Users\Jorge e Priscila\appdata\local\{3914DCEE-4352-4CC5-B7BE-AA23ADCD02F6}
Successfully deleted: [Empty Folder] C:\Users\Jorge e Priscila\appdata\local\{3A49293C-77BE-4CCB-B941-4F1B4B403749}
Successfully deleted: [Empty Folder] C:\Users\Jorge e Priscila\appdata\local\{3B05841E-ADFC-42A5-AE59-E7882E967DFE}
Successfully deleted: [Empty Folder] C:\Users\Jorge e Priscila\appdata\local\{3B49190A-C5D7-4BE0-B187-68777F02C8F8}
Successfully deleted: [Empty Folder] C:\Users\Jorge e Priscila\appdata\local\{3DFE1749-790A-475C-B291-29A2204B4D20}
Successfully deleted: [Empty Folder] C:\Users\Jorge e Priscila\appdata\local\{3FD3AC5D-0B83-4206-856E-325C849CA9FB}
Successfully deleted: [Empty Folder] C:\Users\Jorge e Priscila\appdata\local\{4173B1CB-08B5-4A07-AE36-53FBD027B8DF}
Successfully deleted: [Empty Folder] C:\Users\Jorge e Priscila\appdata\local\{456FE7E3-E2A4-4597-8219-68A320F85F17}
Successfully deleted: [Empty Folder] C:\Users\Jorge e Priscila\appdata\local\{47AF17A4-727B-4A2C-8110-B2631E475CB4}
Successfully deleted: [Empty Folder] C:\Users\Jorge e Priscila\appdata\local\{48152D7B-47F1-4B50-89ED-64727D7D15C1}
Successfully deleted: [Empty Folder] C:\Users\Jorge e Priscila\appdata\local\{48BF6DB8-1A11-490B-9FDC-034CA7269738}
Successfully deleted: [Empty Folder] C:\Users\Jorge e Priscila\appdata\local\{49334A47-9E6A-4E3F-99E6-24FF757B9D89}
Successfully deleted: [Empty Folder] C:\Users\Jorge e Priscila\appdata\local\{4A32AF5E-F4A3-47D9-B4B7-63B151ECF507}
Successfully deleted: [Empty Folder] C:\Users\Jorge e Priscila\appdata\local\{4A92B32D-5024-4B1B-8C1C-C2E6498D1A67}
Successfully deleted: [Empty Folder] C:\Users\Jorge e Priscila\appdata\local\{4AE233B2-B85D-4A26-B921-666A2178610D}
Successfully deleted: [Empty Folder] C:\Users\Jorge e Priscila\appdata\local\{4B774472-EB56-4EDD-BF5B-37E82367E5A3}
Successfully deleted: [Empty Folder] C:\Users\Jorge e Priscila\appdata\local\{4D07C13A-7C11-464B-B168-97F4ECE602C1}
Successfully deleted: [Empty Folder] C:\Users\Jorge e Priscila\appdata\local\{4E3C97FA-0569-47C7-A9F8-A5131E02D798}
Successfully deleted: [Empty Folder] C:\Users\Jorge e Priscila\appdata\local\{50AB1F78-0763-4702-9800-4FB6E0C8A80A}
Successfully deleted: [Empty Folder] C:\Users\Jorge e Priscila\appdata\local\{50C354B2-BC30-45B3-B874-7D2585F9202C}
Successfully deleted: [Empty Folder] C:\Users\Jorge e Priscila\appdata\local\{51181D3A-AAEE-4F3E-A0E3-707D8AC00F2D}
Successfully deleted: [Empty Folder] C:\Users\Jorge e Priscila\appdata\local\{5158F0A6-CB34-4CD0-95DD-53AAE49DA3B0}
Successfully deleted: [Empty Folder] C:\Users\Jorge e Priscila\appdata\local\{5306A129-AE28-4542-9584-E278677A1E86}
Successfully deleted: [Empty Folder] C:\Users\Jorge e Priscila\appdata\local\{5438F733-7A54-400A-B5B8-6F7D10A2E4C6}
Successfully deleted: [Empty Folder] C:\Users\Jorge e Priscila\appdata\local\{543B9EFE-BD14-48ED-840D-1A40958BEDFF}
Successfully deleted: [Empty Folder] C:\Users\Jorge e Priscila\appdata\local\{55A78C17-5056-415F-A533-DAC44C9E2EB9}
Successfully deleted: [Empty Folder] C:\Users\Jorge e Priscila\appdata\local\{58787C8C-E193-4275-8798-6E8695FC8859}
Successfully deleted: [Empty Folder] C:\Users\Jorge e Priscila\appdata\local\{5E95DB78-5C41-4036-BA85-4F68E9906836}
Successfully deleted: [Empty Folder] C:\Users\Jorge e Priscila\appdata\local\{5F44727E-1A84-4A6B-BA83-E19467FCB8D5}
Successfully deleted: [Empty Folder] C:\Users\Jorge e Priscila\appdata\local\{6085953A-4DD5-4A7D-87AC-7BCE52428567}
Successfully deleted: [Empty Folder] C:\Users\Jorge e Priscila\appdata\local\{60BA89A9-E872-4BD4-9643-C9E9BDD10872}
Successfully deleted: [Empty Folder] C:\Users\Jorge e Priscila\appdata\local\{636D7F8E-913D-4170-9AF2-60C8154F0B4F}
Successfully deleted: [Empty Folder] C:\Users\Jorge e Priscila\appdata\local\{63899D44-6EC3-4417-963E-E12D0410E84B}
Successfully deleted: [Empty Folder] C:\Users\Jorge e Priscila\appdata\local\{63D1EBFF-53F9-4746-8F1A-2AC387ADF088}
Successfully deleted: [Empty Folder] C:\Users\Jorge e Priscila\appdata\local\{6521540A-D368-45D9-BC34-82E2674DE277}
Successfully deleted: [Empty Folder] C:\Users\Jorge e Priscila\appdata\local\{65B47DF1-F530-442C-813F-1674E0DC3F0F}
Successfully deleted: [Empty Folder] C:\Users\Jorge e Priscila\appdata\local\{65D77586-4C10-4753-8E12-BF15FBABB487}
Successfully deleted: [Empty Folder] C:\Users\Jorge e Priscila\appdata\local\{6849D2A1-160D-4A26-9D47-3F442BEEAFFC}
Successfully deleted: [Empty Folder] C:\Users\Jorge e Priscila\appdata\local\{68CA5052-5E68-4B44-8BAD-B84C6C6E9687}
Successfully deleted: [Empty Folder] C:\Users\Jorge e Priscila\appdata\local\{68E29CED-1EBB-4DFA-BB8A-08C292A6EFF0}
Successfully deleted: [Empty Folder] C:\Users\Jorge e Priscila\appdata\local\{69AA319E-2D42-4FE4-8CBB-A2C918B2BD25}
Successfully deleted: [Empty Folder] C:\Users\Jorge e Priscila\appdata\local\{6AA0C09A-1360-4388-948A-E0FAE35AF2A0}
Successfully deleted: [Empty Folder] C:\Users\Jorge e Priscila\appdata\local\{6C689287-89C3-49E7-9D38-6C57BBE871D9}
Successfully deleted: [Empty Folder] C:\Users\Jorge e Priscila\appdata\local\{6E9BFC26-FFB0-400F-BDFF-51D6DCABC220}
Successfully deleted: [Empty Folder] C:\Users\Jorge e Priscila\appdata\local\{6FEED472-AA51-4E3C-83FB-2FA5DB828209}
Successfully deleted: [Empty Folder] C:\Users\Jorge e Priscila\appdata\local\{708FA64A-848D-41EC-93B6-3B7D96A61639}
Successfully deleted: [Empty Folder] C:\Users\Jorge e Priscila\appdata\local\{72FB5B07-41C3-4996-A82D-86898FE7EFA3}
Successfully deleted: [Empty Folder] C:\Users\Jorge e Priscila\appdata\local\{75E3EB52-DC01-49EC-8481-72E43A92CDBA}
Successfully deleted: [Empty Folder] C:\Users\Jorge e Priscila\appdata\local\{762ED2F0-1012-4105-8976-976784E3E352}
Successfully deleted: [Empty Folder] C:\Users\Jorge e Priscila\appdata\local\{763DFEF6-F118-49BB-8A4F-42ADA3BF5CB6}
Successfully deleted: [Empty Folder] C:\Users\Jorge e Priscila\appdata\local\{765B35B1-3AB0-463A-BADA-3E70C0E9F6D6}
Successfully deleted: [Empty Folder] C:\Users\Jorge e Priscila\appdata\local\{76A9D62B-5F72-4F2C-8A25-5911AF1E98AE}
Successfully deleted: [Empty Folder] C:\Users\Jorge e Priscila\appdata\local\{7761DD47-B851-4FC7-AFF1-D3B575A7C725}
Successfully deleted: [Empty Folder] C:\Users\Jorge e Priscila\appdata\local\{77C4D583-5679-4CFC-A8A9-00499DE2CFE3}
Successfully deleted: [Empty Folder] C:\Users\Jorge e Priscila\appdata\local\{7A7F013B-3A01-4F43-B732-5F2601C258F9}
Successfully deleted: [Empty Folder] C:\Users\Jorge e Priscila\appdata\local\{7A853A6F-DC8D-4EFE-B7E4-F32DBAE5A0B0}
Successfully deleted: [Empty Folder] C:\Users\Jorge e Priscila\appdata\local\{7D56CBA0-2E0F-400A-A4D3-A15DE9980FE4}
Successfully deleted: [Empty Folder] C:\Users\Jorge e Priscila\appdata\local\{7E48B0C9-605A-46E2-BCA5-1F1FBA3117C6}
Successfully deleted: [Empty Folder] C:\Users\Jorge e Priscila\appdata\local\{7E62D07D-72EE-473A-BC39-E8ABE5F05A52}
Successfully deleted: [Empty Folder] C:\Users\Jorge e Priscila\appdata\local\{7FD252CC-4C40-4749-BE5B-4F18A01176B5}
Successfully deleted: [Empty Folder] C:\Users\Jorge e Priscila\appdata\local\{809042B8-AD12-4301-96A5-C2978FC68B8A}
Successfully deleted: [Empty Folder] C:\Users\Jorge e Priscila\appdata\local\{81E58CA2-2567-4FE8-A715-C84E24776BAA}
Successfully deleted: [Empty Folder] C:\Users\Jorge e Priscila\appdata\local\{83486462-5CE6-4C95-9D93-D1A432E9059D}
Successfully deleted: [Empty Folder] C:\Users\Jorge e Priscila\appdata\local\{8367ED0A-D0BA-49D6-8B7F-6981EC8ABD5A}
Successfully deleted: [Empty Folder] C:\Users\Jorge e Priscila\appdata\local\{84DDDFF3-C7F7-4315-AF84-8AE8F43AE5FA}
Successfully deleted: [Empty Folder] C:\Users\Jorge e Priscila\appdata\local\{85FD7050-C746-4408-830F-CD1884D8DF05}
Successfully deleted: [Empty Folder] C:\Users\Jorge e Priscila\appdata\local\{8662C13B-C511-4DE7-B22E-82750668E530}
Successfully deleted: [Empty Folder] C:\Users\Jorge e Priscila\appdata\local\{868CE975-2D13-4B50-93AE-45D00AC84B63}
Successfully deleted: [Empty Folder] C:\Users\Jorge e Priscila\appdata\local\{86BD4239-C439-4844-923C-0F8CD74DE6B5}
Successfully deleted: [Empty Folder] C:\Users\Jorge e Priscila\appdata\local\{873982BE-3093-4241-9FD3-4608C95A26E8}
Successfully deleted: [Empty Folder] C:\Users\Jorge e Priscila\appdata\local\{8787CDD1-1771-44F6-A968-25072233C56C}
Successfully deleted: [Empty Folder] C:\Users\Jorge e Priscila\appdata\local\{87B1808D-C6FB-414C-9283-BAA6926C8148}
Successfully deleted: [Empty Folder] C:\Users\Jorge e Priscila\appdata\local\{88986EE6-1482-427F-B8DD-2D640FE39C6B}
Successfully deleted: [Empty Folder] C:\Users\Jorge e Priscila\appdata\local\{88D838FB-456A-4D11-ACBB-C0C5B601E80A}
Successfully deleted: [Empty Folder] C:\Users\Jorge e Priscila\appdata\local\{8A388866-F9C2-4999-A614-09963FFCB8A1}
Successfully deleted: [Empty Folder] C:\Users\Jorge e Priscila\appdata\local\{8AC73A04-2D0D-47C9-9866-B8EA49480DA4}
Successfully deleted: [Empty Folder] C:\Users\Jorge e Priscila\appdata\local\{8B4E773C-C2D2-4E6D-9082-BF4C306E01CE}
Successfully deleted: [Empty Folder] C:\Users\Jorge e Priscila\appdata\local\{8BADD663-D7FA-42BD-83AF-4466D1BCCACF}
Successfully deleted: [Empty Folder] C:\Users\Jorge e Priscila\appdata\local\{8C391BD6-C363-4ACE-9A6B-25A83B8127B1}
Successfully deleted: [Empty Folder] C:\Users\Jorge e Priscila\appdata\local\{8D60D868-26F2-4BE0-8EDF-866F9F5CAE0F}
Successfully deleted: [Empty Folder] C:\Users\Jorge e Priscila\appdata\local\{8E2992B4-383C-4C29-B49F-F72541168BE6}
Successfully deleted: [Empty Folder] C:\Users\Jorge e Priscila\appdata\local\{8E685AA7-CFF0-4AF4-992D-E5932A22854B}
Successfully deleted: [Empty Folder] C:\Users\Jorge e Priscila\appdata\local\{8EE2F0F0-F969-4A18-A045-6F109C4029E8}
Successfully deleted: [Empty Folder] C:\Users\Jorge e Priscila\appdata\local\{8EF49B0A-D932-4425-BFEC-7A1EC3EDC6D2}
Successfully deleted: [Empty Folder] C:\Users\Jorge e Priscila\appdata\local\{90AB63DF-A8E1-47D7-90AB-C38C459068FB}
Successfully deleted: [Empty Folder] C:\Users\Jorge e Priscila\appdata\local\{913C7FD6-7762-403E-A12D-D5249B1FAFFF}
Successfully deleted: [Empty Folder] C:\Users\Jorge e Priscila\appdata\local\{928BC6A6-1390-4E09-898E-49AD830BD443}
Successfully deleted: [Empty Folder] C:\Users\Jorge e Priscila\appdata\local\{92C19EA8-707A-4F73-989F-CE8BD5377D6E}
Successfully deleted: [Empty Folder] C:\Users\Jorge e Priscila\appdata\local\{93F835DE-F1F3-4465-A100-3259A6574EB3}
Successfully deleted: [Empty Folder] C:\Users\Jorge e Priscila\appdata\local\{9497C2D9-30CF-4AD7-B548-2746B8221DB4}
Successfully deleted: [Empty Folder] C:\Users\Jorge e Priscila\appdata\local\{9618B6B0-E769-40AB-B9BF-73882BF6EDB6}
Successfully deleted: [Empty Folder] C:\Users\Jorge e Priscila\appdata\local\{9AC8F7C4-5ACF-4F50-913B-EBC7335B87D7}
Successfully deleted: [Empty Folder] C:\Users\Jorge e Priscila\appdata\local\{9C432546-4FA9-4207-BFFA-F99948254EF0}
Successfully deleted: [Empty Folder] C:\Users\Jorge e Priscila\appdata\local\{9D31B588-B514-4F29-A555-41F09BA1D645}
Successfully deleted: [Empty Folder] C:\Users\Jorge e Priscila\appdata\local\{9D719CD1-82E0-457C-B992-C680451DC342}
Successfully deleted: [Empty Folder] C:\Users\Jorge e Priscila\appdata\local\{9D7B4BCB-1DF4-40A0-9496-B9D5DB14D8BC}
Successfully deleted: [Empty Folder] C:\Users\Jorge e Priscila\appdata\local\{9DF6481F-EA06-42C1-BFB6-16D4C735294B}
Successfully deleted: [Empty Folder] C:\Users\Jorge e Priscila\appdata\local\{9E55F0AC-3FD3-4DF2-B953-EF5A8017E8B3}
Successfully deleted: [Empty Folder] C:\Users\Jorge e Priscila\appdata\local\{9E6C9FD2-1538-4122-8519-F80EF9D929E0}
Successfully deleted: [Empty Folder] C:\Users\Jorge e Priscila\appdata\local\{9EF6FDDC-EEF7-4C4D-9956-2999F2F6EC3A}
Successfully deleted: [Empty Folder] C:\Users\Jorge e Priscila\appdata\local\{9F235B66-613E-4FEE-A275-CC77D116E058}
Successfully deleted: [Empty Folder] C:\Users\Jorge e Priscila\appdata\local\{A0A259A7-7171-4D5F-9920-5E77D3B8B9C6}
Successfully deleted: [Empty Folder] C:\Users\Jorge e Priscila\appdata\local\{A25C0651-3487-41A5-BEAC-04BE5D7310C7}
Successfully deleted: [Empty Folder] C:\Users\Jorge e Priscila\appdata\local\{A27D9FAF-7027-46D5-8846-908A97E97C89}
Successfully deleted: [Empty Folder] C:\Users\Jorge e Priscila\appdata\local\{A2B51C31-3F85-4E33-95B9-C64911449620}
Successfully deleted: [Empty Folder] C:\Users\Jorge e Priscila\appdata\local\{A46B2841-91C6-4C5A-9B99-45348E46F07B}
Successfully deleted: [Empty Folder] C:\Users\Jorge e Priscila\appdata\local\{A59F926A-4A36-401B-AC89-74AB0F7FB772}
Successfully deleted: [Empty Folder] C:\Users\Jorge e Priscila\appdata\local\{A6C49880-A76C-4FFB-A79A-3C7D1DC006BF}
Successfully deleted: [Empty Folder] C:\Users\Jorge e Priscila\appdata\local\{A7028AE2-CB54-4483-890E-9387BA35A43D}
Successfully deleted: [Empty Folder] C:\Users\Jorge e Priscila\appdata\local\{A75D9141-C290-4B03-A15A-AE7106D52587}
Successfully deleted: [Empty Folder] C:\Users\Jorge e Priscila\appdata\local\{A79AC96D-3156-445E-B88C-A68A9FA072E6}
Successfully deleted: [Empty Folder] C:\Users\Jorge e Priscila\appdata\local\{A9D9ADB9-9F10-4BF7-A88F-F7F049EE8621}
Successfully deleted: [Empty Folder] C:\Users\Jorge e Priscila\appdata\local\{AA1517FA-0D25-48D9-8EA3-CB58DD4B6FB3}
Successfully deleted: [Empty Folder] C:\Users\Jorge e Priscila\appdata\local\{AADC792D-500B-492D-BC9C-4E76EED9B98E}
Successfully deleted: [Empty Folder] C:\Users\Jorge e Priscila\appdata\local\{AC887EF8-8C39-4525-8566-8CBCD330826F}
Successfully deleted: [Empty Folder] C:\Users\Jorge e Priscila\appdata\local\{AE369DF8-D4A0-4F82-AD8E-B5ED5D187053}
Successfully deleted: [Empty Folder] C:\Users\Jorge e Priscila\appdata\local\{AEB6BB7B-38BE-4943-91EF-45DCC8ED3F6A}
Successfully deleted: [Empty Folder] C:\Users\Jorge e Priscila\appdata\local\{AF64100A-131C-4475-8F96-0B5EF3D713CD}
Successfully deleted: [Empty Folder] C:\Users\Jorge e Priscila\appdata\local\{B05FB5C2-CEC6-4BB9-A8C4-26AD4A6EDEF9}
Successfully deleted: [Empty Folder] C:\Users\Jorge e Priscila\appdata\local\{B26415FE-11E3-403F-BE5B-DD23E4F5CA47}
Successfully deleted: [Empty Folder] C:\Users\Jorge e Priscila\appdata\local\{B3CA9E6B-0BCB-473E-BDB2-02A2D423D148}
Successfully deleted: [Empty Folder] C:\Users\Jorge e Priscila\appdata\local\{B4F184F2-D68D-4DAD-94F8-CC628D21327E}
Successfully deleted: [Empty Folder] C:\Users\Jorge e Priscila\appdata\local\{B5BFD8CC-9227-430E-AA91-52F252381DEB}
Successfully deleted: [Empty Folder] C:\Users\Jorge e Priscila\appdata\local\{B64D9F57-4091-437C-8831-AB00D5097FBF}
Successfully deleted: [Empty Folder] C:\Users\Jorge e Priscila\appdata\local\{BB1A6DD2-14DA-4C5B-9425-E471BAE4DF39}
Successfully deleted: [Empty Folder] C:\Users\Jorge e Priscila\appdata\local\{BB28BEAC-9963-491D-A470-88D8E74FB23D}
Successfully deleted: [Empty Folder] C:\Users\Jorge e Priscila\appdata\local\{BDEDAF36-E57C-4A7A-8947-27B65BF23CF8}
Successfully deleted: [Empty Folder] C:\Users\Jorge e Priscila\appdata\local\{BFA02C12-217C-4EF4-9A76-A941F8C1A9F3}
Successfully deleted: [Empty Folder] C:\Users\Jorge e Priscila\appdata\local\{C0BBF75C-05CF-4E4D-8972-23F1DBDBED7D}
Successfully deleted: [Empty Folder] C:\Users\Jorge e Priscila\appdata\local\{C13B59B5-B447-412B-A203-CD772ADD9263}
Successfully deleted: [Empty Folder] C:\Users\Jorge e Priscila\appdata\local\{C3004F21-F6C3-4ACC-9391-DC4C535DCF99}
Successfully deleted: [Empty Folder] C:\Users\Jorge e Priscila\appdata\local\{C30124FF-8E5C-4D75-990C-ADB720439638}
Successfully deleted: [Empty Folder] C:\Users\Jorge e Priscila\appdata\local\{C5AF3296-511A-4C82-8EEC-B4F4E50950B8}
Successfully deleted: [Empty Folder] C:\Users\Jorge e Priscila\appdata\local\{C605E8A4-8A72-44BF-B520-66838AE4C9B7}
Successfully deleted: [Empty Folder] C:\Users\Jorge e Priscila\appdata\local\{C636A0B0-1C1B-4005-BE88-FC8C708394CC}
Successfully deleted: [Empty Folder] C:\Users\Jorge e Priscila\appdata\local\{C69F6CCC-FFC2-4200-930B-B3E314EB36A5}
Successfully deleted: [Empty Folder] C:\Users\Jorge e Priscila\appdata\local\{C899AAE4-CDC3-4C9E-9A75-6A837C06456B}
Successfully deleted: [Empty Folder] C:\Users\Jorge e Priscila\appdata\local\{CB9C04C8-9269-4E2A-A090-9C76B1B270CC}
Successfully deleted: [Empty Folder] C:\Users\Jorge e Priscila\appdata\local\{CBB40F61-6B4E-4DAF-AAA5-B6E3F79A3003}
Successfully deleted: [Empty Folder] C:\Users\Jorge e Priscila\appdata\local\{CD064710-7C1C-4AB2-A54B-E303264AE2B9}
Successfully deleted: [Empty Folder] C:\Users\Jorge e Priscila\appdata\local\{CD21B89A-61BB-481A-8FC1-21D3AAAD9E5A}
Successfully deleted: [Empty Folder] C:\Users\Jorge e Priscila\appdata\local\{CF1EC9D4-EDE9-49AF-A914-36D96D852D38}
Successfully deleted: [Empty Folder] C:\Users\Jorge e Priscila\appdata\local\{CFDD22E8-9EAF-4633-9A5F-6C6865AAE5C2}
Successfully deleted: [Empty Folder] C:\Users\Jorge e Priscila\appdata\local\{D1250BB8-23FC-4E2A-A03E-8AE3D026DA26}
Successfully deleted: [Empty Folder] C:\Users\Jorge e Priscila\appdata\local\{D2BE0A63-CB50-42CF-9F2E-AE3E00799C7D}
Successfully deleted: [Empty Folder] C:\Users\Jorge e Priscila\appdata\local\{D3140A59-1189-4E37-B2C2-57B2A2A32BD2}
Successfully deleted: [Empty Folder] C:\Users\Jorge e Priscila\appdata\local\{D44BE22A-44E8-4D90-BFA3-185D15DAB642}
Successfully deleted: [Empty Folder] C:\Users\Jorge e Priscila\appdata\local\{D4AAB1B0-5E95-4E08-BB98-97D7C459D486}
Successfully deleted: [Empty Folder] C:\Users\Jorge e Priscila\appdata\local\{D545C309-6A8A-413E-8717-006BD125EA4D}
Successfully deleted: [Empty Folder] C:\Users\Jorge e Priscila\appdata\local\{D57330CB-3E57-4333-A46D-5003EADB7574}
Successfully deleted: [Empty Folder] C:\Users\Jorge e Priscila\appdata\local\{D6B76592-529C-4270-93FB-C72D646CC424}
Successfully deleted: [Empty Folder] C:\Users\Jorge e Priscila\appdata\local\{D781199C-7D1D-4007-BE81-05AACBB26151}
Successfully deleted: [Empty Folder] C:\Users\Jorge e Priscila\appdata\local\{D7A75E1B-1848-411B-B8AA-09B288CDE46A}
Successfully deleted: [Empty Folder] C:\Users\Jorge e Priscila\appdata\local\{D8DAA872-1831-49FC-B4F0-4660EFFEA375}
Successfully deleted: [Empty Folder] C:\Users\Jorge e Priscila\appdata\local\{D8EE89B6-D0C9-422E-AB78-AEA611B9DF3A}
Successfully deleted: [Empty Folder] C:\Users\Jorge e Priscila\appdata\local\{D9EBFB82-FE82-48AC-9D37-EB8A868E790E}
Successfully deleted: [Empty Folder] C:\Users\Jorge e Priscila\appdata\local\{DA8E73ED-CB6D-400D-93E0-BB6A9FDF3AAE}
Successfully deleted: [Empty Folder] C:\Users\Jorge e Priscila\appdata\local\{DB3B9737-0940-4702-8CBF-A92B9A3AC50F}
Successfully deleted: [Empty Folder] C:\Users\Jorge e Priscila\appdata\local\{DB553CC3-49F3-4358-AB10-893949A895A6}
Successfully deleted: [Empty Folder] C:\Users\Jorge e Priscila\appdata\local\{DD0B13F2-D9E7-4105-B77C-2D9BE4BBCD2D}
Successfully deleted: [Empty Folder] C:\Users\Jorge e Priscila\appdata\local\{DD5465E2-6983-4B01-A976-C0079A3845E3}
Successfully deleted: [Empty Folder] C:\Users\Jorge e Priscila\appdata\local\{DDBF3710-D4A6-47EB-8DFE-460E7F06228E}
Successfully deleted: [Empty Folder] C:\Users\Jorge e Priscila\appdata\local\{DF6FCE5D-F715-42A7-AE67-2DC83786A088}
Successfully deleted: [Empty Folder] C:\Users\Jorge e Priscila\appdata\local\{DFBC2471-E993-411E-BF77-483816F5ABBD}
Successfully deleted: [Empty Folder] C:\Users\Jorge e Priscila\appdata\local\{E005CAC0-5AD5-4FBB-9ACC-08E347553102}
Successfully deleted: [Empty Folder] C:\Users\Jorge e Priscila\appdata\local\{E08D6FA4-438A-457B-BEFB-7AEF8731C384}
Successfully deleted: [Empty Folder] C:\Users\Jorge e Priscila\appdata\local\{E096AA40-6A48-4B3B-BBDD-99735D007E8E}
Successfully deleted: [Empty Folder] C:\Users\Jorge e Priscila\appdata\local\{E2181E6D-7E25-4794-8231-398E39AA3DF4}
Successfully deleted: [Empty Folder] C:\Users\Jorge e Priscila\appdata\local\{E4D55624-747B-4A67-8A51-5DBF7AFEFE5E}
Successfully deleted: [Empty Folder] C:\Users\Jorge e Priscila\appdata\local\{E5F05E9F-0A85-4BAA-94E3-D8FD276AD56B}
Successfully deleted: [Empty Folder] C:\Users\Jorge e Priscila\appdata\local\{EAC982A0-98A6-4E3E-9FE6-C1B6DD7CDD06}
Successfully deleted: [Empty Folder] C:\Users\Jorge e Priscila\appdata\local\{ECD40E93-25D1-493E-BB73-F1421E9ED0BE}
Successfully deleted: [Empty Folder] C:\Users\Jorge e Priscila\appdata\local\{EE742435-F5B9-43C9-9021-4C23283E6466}
Successfully deleted: [Empty Folder] C:\Users\Jorge e Priscila\appdata\local\{EEC679C0-37AF-4CDF-9A81-339330A45B67}
Successfully deleted: [Empty Folder] C:\Users\Jorge e Priscila\appdata\local\{EF390F2C-5163-46C8-BBD6-EA1DDBBBE1C7}
Successfully deleted: [Empty Folder] C:\Users\Jorge e Priscila\appdata\local\{F046B90B-8028-4D69-8817-4259AD28EDDA}
Successfully deleted: [Empty Folder] C:\Users\Jorge e Priscila\appdata\local\{F0EDE9D0-5EDB-43A1-84E5-635E9AB5EC43}
Successfully deleted: [Empty Folder] C:\Users\Jorge e Priscila\appdata\local\{F1F96A1A-0232-4E6D-B9AD-35EA4EE7460C}
Successfully deleted: [Empty Folder] C:\Users\Jorge e Priscila\appdata\local\{F2D3B804-3DAA-4C5E-A901-4E0D139256AC}
Successfully deleted: [Empty Folder] C:\Users\Jorge e Priscila\appdata\local\{F3A45D36-6CDE-4661-A6CA-6DAB205430FD}
Successfully deleted: [Empty Folder] C:\Users\Jorge e Priscila\appdata\local\{F4388C7C-DF3C-4DC1-BA5C-E06A38FA6FA0}
Successfully deleted: [Empty Folder] C:\Users\Jorge e Priscila\appdata\local\{F4D4105A-61D2-4D95-93A1-6D8E3A45950A}
Successfully deleted: [Empty Folder] C:\Users\Jorge e Priscila\appdata\local\{F50C8467-3D24-4D0A-88E9-D3265F89A19C}
Successfully deleted: [Empty Folder] C:\Users\Jorge e Priscila\appdata\local\{F5F98375-CB37-4F25-B4FF-85A25C1DC33E}
Successfully deleted: [Empty Folder] C:\Users\Jorge e Priscila\appdata\local\{F6652C2B-83B4-476B-B465-E85DF72CD6B7}
Successfully deleted: [Empty Folder] C:\Users\Jorge e Priscila\appdata\local\{F6B28547-082C-4334-AE2E-339CE8D0D7AF}
Successfully deleted: [Empty Folder] C:\Users\Jorge e Priscila\appdata\local\{F70DE551-4006-4EF1-A3C7-55CD6DE6DB3D}
Successfully deleted: [Empty Folder] C:\Users\Jorge e Priscila\appdata\local\{F8CB218F-AD26-4181-B582-24F54CFAE009}
Successfully deleted: [Empty Folder] C:\Users\Jorge e Priscila\appdata\local\{F92E2541-30D1-4570-96BF-69F6F7F6336A}
Successfully deleted: [Empty Folder] C:\Users\Jorge e Priscila\appdata\local\{FA344408-E632-4B46-94CA-1653DB942D1B}
Successfully deleted: [Empty Folder] C:\Users\Jorge e Priscila\appdata\local\{FC7654BC-1EF0-45CD-88FC-C4FBB199D366}
Successfully deleted: [Empty Folder] C:\Users\Jorge e Priscila\appdata\local\{FC9D41C9-5399-4B1F-9FA7-33A7D566284C}
Successfully deleted: [Empty Folder] C:\Users\Jorge e Priscila\appdata\local\{FCEEB8A7-51B9-429A-8CCF-E2EBB3C6262C}
Successfully deleted: [Empty Folder] C:\Users\Jorge e Priscila\appdata\local\{FF780F8E-40F1-4118-9B05-BE555273384E}
Successfully deleted: [Empty Folder] C:\Users\Jorge e Priscila\appdata\local\{FF9FB5DA-D5E0-4C5A-9E34-29280A9665F5}



~~~ Chrome

Successfully deleted: [Folder] C:\Users\Jorge e Priscila\appdata\local\Google\Chrome\User Data\Default\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 31/05/2014 at  1:26:41,98
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~


Continuando..

 

Etapa nº 2 - adwcleaner

 

# AdwCleaner v3.211 - Relatório criado 31/05/2014 às 01:32:45
# Atualizado 26/05/2014 por Xplode
# Sistema Operacional : Windows 7 Home Premium Service Pack 1 (64 bits)
# Usuário : Jorge e Priscila - JORGEEPRISCILA
# Executando de : C:\Users\Jorge e Priscila\Desktop\adwcleaner_3.211.exe
# Opção : Limpar

***** [ Serviços ] *****


***** [ Arquivos / Pastas ] *****

Pasta Deletada : C:\Users\Jorge e Priscila\AppData\Roaming\UpdaterEX
Pasta Deletada : C:\Users\Jorge e Priscila\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogccgbmabaphcakpiclgcnmcnimhokcj

***** [ Atalhos ] *****


***** [ Registro ] *****

Chave Deletedo : HKLM\SOFTWARE\Google\Chrome\Extensions\ogccgbmabaphcakpiclgcnmcnimhokcj
Chave Deletedo : HKCU\Software\UpdaterEX
Chave Deletedo : HKCU\Software\WEDLMNGR
Chave Deletedo : HKCU\Software\AppDataLow\Software
Chave Deletedo : HKLM\Software\Vittalia

***** [ Navegadores ] *****

-\\ Internet Explorer v11.0.9600.17041


-\\ Mozilla Firefox v18.0 (pt-BR)

[ Arquivo : C:\Users\Jorge e Priscila\AppData\Roaming\Mozilla\Firefox\Profiles\exomlp9y.default-1400683029636\prefs.js ]


-\\ Google Chrome v

[ Arquivo : C:\Users\Jorge e Priscila\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Deletedo [startup_urls] : hxxp://home.sweetim.com/?crg=3.27010003&st=12&barid={074716E2-23D1-11E2-BB9A-E8039A048C9D}
Deletedo [Homepage] : hxxp://home.sweetim.com/?crg=3.27010003&st=12&barid={074716E2-23D1-11E2-BB9A-E8039A048C9D}
Deletedo [Extension] : jcdgjdiieiljkfkdcloehkohchhpekkn
Deletedo [Extension] : ogccgbmabaphcakpiclgcnmcnimhokcj

*************************

AdwCleaner[R0].txt - [1913 octets] - [31/05/2014 01:30:02]
AdwCleaner[s0].txt - [1710 octets] - [31/05/2014 01:32:45]

########## EOF - C:\AdwCleaner\AdwCleaner[s0].txt - [1770 octets] ##########
 

Etapa nº 3 - ComboFix

 

ComboFix 14-05-29.01 - Jorge e Priscila 31/05/2014   1:44.1.4 - x64
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.55.1046.18.8104.6163 [GMT -3:00]
Executando de: c:\users\Jorge e Priscila\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((((   Outras Exclusões   )))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Jorge e Priscila\AppData\Local\assembly\tmp
.
.
((((((((((((((((   Arquivos/Ficheiros criados de 2014-04-28 to 2014-05-31  ))))))))))))))))))))))))))))
.
.
2014-05-31 05:01 . 2014-05-31 05:01    --------    d-----w-    c:\users\UpdatusUser\AppData\Local\temp
2014-05-31 05:01 . 2014-05-31 05:01    --------    d-----w-    c:\users\Default\AppData\Local\temp
2014-05-31 04:48 . 2014-05-31 04:48    75888    ----a-w-    c:\programdata\Microsoft\Windows Defender\Definition Updates\{033717A6-4AF1-4C73-8C92-A45A6C3B8379}\offreg.dll
2014-05-31 04:29 . 2014-05-31 04:33    --------    d-----w-    C:\AdwCleaner
2014-05-31 03:58 . 2014-05-31 03:58    --------    d-----w-    c:\windows\ERUNT
2014-05-31 02:07 . 2014-04-30 23:20    10702536    ----a-w-    c:\programdata\Microsoft\Windows Defender\Definition Updates\{033717A6-4AF1-4C73-8C92-A45A6C3B8379}\mpengine.dll
2014-05-28 13:55 . 2014-05-31 02:59    163504    ----a-w-    c:\programdata\Microsoft\Windows\Sqm\Manifest\Sqm10145.bin
2014-05-27 01:34 . 2014-05-27 01:34    --------    d-----w-    c:\users\Jorge e Priscila\AppData\Roaming\LibreOffice
2014-05-27 01:31 . 2014-05-27 01:33    --------    d-----w-    c:\program files (x86)\LibreOffice 4
2014-05-15 23:19 . 2014-05-15 23:19    --------    d-----w-    c:\program files (x86)\LogMeIn Hamachi
2014-05-14 06:03 . 2014-05-06 04:40    23544320    ----a-w-    c:\windows\system32\mshtml.dll
2014-05-14 06:03 . 2014-05-06 03:00    84992    ----a-w-    c:\windows\system32\mshtmled.dll
2014-05-14 06:03 . 2014-05-06 04:17    2724864    ----a-w-    c:\windows\system32\mshtml.tlb
2014-05-14 06:03 . 2014-05-06 03:07    2724864    ----a-w-    c:\windows\SysWow64\mshtml.tlb
2014-05-14 00:57 . 2014-04-12 02:19    1460736    ----a-w-    c:\windows\system32\lsasrv.dll
2014-05-14 00:57 . 2014-03-04 09:44    728064    ----a-w-    c:\windows\system32\kerberos.dll
2014-05-14 00:57 . 2014-03-04 09:20    3969984    ----a-w-    c:\windows\SysWow64\ntkrnlpa.exe
2014-05-14 00:57 . 2014-03-04 09:20    3914176    ----a-w-    c:\windows\SysWow64\ntoskrnl.exe
2014-05-14 00:57 . 2014-03-04 09:17    550912    ----a-w-    c:\windows\SysWow64\kerberos.dll
2014-05-14 00:57 . 2014-03-04 09:44    722944    ----a-w-    c:\windows\system32\objsel.dll
2014-05-14 00:57 . 2014-03-04 09:44    314880    ----a-w-    c:\windows\system32\msv1_0.dll
2014-05-14 00:57 . 2014-03-04 09:43    455168    ----a-w-    c:\windows\system32\winlogon.exe
2014-05-14 00:57 . 2014-03-04 09:17    259584    ----a-w-    c:\windows\SysWow64\msv1_0.dll
2014-05-14 00:57 . 2014-03-04 09:47    5550016    ----a-w-    c:\windows\system32\ntoskrnl.exe
2014-05-13 22:39 . 2014-05-09 06:14    477184    ----a-w-    c:\windows\system32\aepdu.dll
2014-05-13 22:39 . 2014-05-09 06:11    424448    ----a-w-    c:\windows\system32\aeinv.dll
2014-05-13 22:23 . 2014-03-25 02:43    14175744    ----a-w-    c:\windows\system32\shell32.dll
2014-05-10 14:33 . 2014-05-10 14:33    10594416    ----a-w-    c:\program files (x86)\Mozilla Firefox\icudt52.dll
2014-05-10 14:33 . 2014-05-10 14:33    965232    ----a-w-    c:\program files (x86)\Mozilla Firefox\icuuc52.dll
2014-05-10 14:33 . 2014-05-10 14:33    1266800    ----a-w-    c:\program files (x86)\Mozilla Firefox\icuin52.dll
2014-05-07 05:17 . 2014-05-14 06:28    --------    d-s---w-    c:\windows\system32\CompatTel
2014-05-06 22:30 . 2014-05-06 22:30    --------    d-----w-    c:\programdata\Malwarebytes
.
.
.
(((((((((((((((((((((((((((((((((((((   Relatório Find3M   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-05-15 23:23 . 2014-02-03 09:56    85328    ----a-w-    c:\windows\system32\drivers\aswstm.sys
2014-05-15 23:23 . 2012-09-05 14:44    423240    ----a-w-    c:\windows\system32\drivers\aswsp.sys
2014-05-15 23:23 . 2012-09-05 14:44    1039096    ----a-w-    c:\windows\system32\drivers\aswsnx.sys
2014-05-13 19:52 . 2012-07-07 19:21    70832    ----a-w-    c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-05-13 19:52 . 2012-07-07 19:21    692400    ----a-w-    c:\windows\SysWow64\FlashPlayerApp.exe
2014-04-24 22:41 . 2014-04-24 22:41    29208    ----a-w-    c:\windows\system32\drivers\aswHwid.sys
2014-04-24 22:41 . 2013-05-29 19:00    65776    ----a-w-    c:\windows\system32\drivers\aswRvrt.sys
2014-04-24 22:41 . 2013-05-29 19:00    208416    ----a-w-    c:\windows\system32\drivers\aswVmm.sys
2014-04-24 22:41 . 2012-09-05 14:44    79184    ----a-w-    c:\windows\system32\drivers\aswMonFlt.sys
2014-04-24 22:41 . 2012-09-05 14:44    334648    ----a-w-    c:\windows\system32\aswBoot.exe
2014-04-24 22:41 . 2014-04-24 22:41    43152    ----a-w-    c:\windows\avastSS.scr
2014-04-24 22:41 . 2012-09-05 15:30    93568    ----a-w-    c:\windows\system32\drivers\aswRdr2.sys
2014-03-31 12:35 . 2010-11-21 03:27    270496    ------w-    c:\windows\system32\MpSigStub.exe
2014-03-06 09:31 . 2014-04-13 13:36    4096    ----a-w-    c:\windows\system32\ieetwcollectorres.dll
2014-03-06 08:59 . 2014-04-13 13:36    66048    ----a-w-    c:\windows\system32\iesetup.dll
2014-03-06 08:57 . 2014-04-13 13:36    548352    ----a-w-    c:\windows\system32\vbscript.dll
2014-03-06 08:57 . 2014-04-13 13:36    48640    ----a-w-    c:\windows\system32\ieetwproxystub.dll
2014-03-06 08:53 . 2014-04-13 13:36    2767360    ----a-w-    c:\windows\system32\iertutil.dll
2014-03-06 08:40 . 2014-04-13 13:36    51200    ----a-w-    c:\windows\system32\jsproxy.dll
2014-03-06 08:39 . 2014-04-13 13:36    33792    ----a-w-    c:\windows\system32\iernonce.dll
2014-03-06 08:32 . 2014-04-13 13:37    574976    ----a-w-    c:\windows\system32\ieui.dll
2014-03-06 08:29 . 2014-04-13 13:36    139264    ----a-w-    c:\windows\system32\ieUnatt.exe
2014-03-06 08:29 . 2014-04-13 13:36    111616    ----a-w-    c:\windows\system32\ieetwcollector.exe
2014-03-06 08:28 . 2014-04-13 13:36    752640    ----a-w-    c:\windows\system32\jscript9diag.dll
2014-03-06 08:15 . 2014-04-13 13:36    940032    ----a-w-    c:\windows\system32\MsSpellCheckingFacility.exe
2014-03-06 08:11 . 2014-04-13 13:36    5784064    ----a-w-    c:\windows\system32\jscript9.dll
2014-03-06 08:09 . 2014-04-13 13:36    453120    ----a-w-    c:\windows\system32\dxtmsft.dll
2014-03-06 08:03 . 2014-04-13 13:36    586240    ----a-w-    c:\windows\system32\ie4uinit.exe
2014-03-06 08:02 . 2014-04-13 13:36    61952    ----a-w-    c:\windows\SysWow64\iesetup.dll
2014-03-06 08:02 . 2014-04-13 13:36    455168    ----a-w-    c:\windows\SysWow64\vbscript.dll
2014-03-06 08:01 . 2014-04-13 13:36    51200    ----a-w-    c:\windows\SysWow64\ieetwproxystub.dll
2014-03-06 07:56 . 2014-04-13 13:36    38400    ----a-w-    c:\windows\system32\JavaScriptCollectionAgent.dll
2014-03-06 07:48 . 2014-04-13 13:36    195584    ----a-w-    c:\windows\system32\msrating.dll
2014-03-06 07:46 . 2014-04-13 13:36    4254720    ----a-w-    c:\windows\SysWow64\jscript9.dll
2014-03-06 07:42 . 2014-04-13 13:36    296960    ----a-w-    c:\windows\system32\dxtrans.dll
2014-03-06 07:38 . 2014-04-13 13:36    112128    ----a-w-    c:\windows\SysWow64\ieUnatt.exe
2014-03-06 07:36 . 2014-04-13 13:36    592896    ----a-w-    c:\windows\SysWow64\jscript9diag.dll
2014-03-06 07:21 . 2014-04-13 13:36    628736    ----a-w-    c:\windows\system32\msfeeds.dll
2014-03-06 07:13 . 2014-04-13 13:36    32256    ----a-w-    c:\windows\SysWow64\JavaScriptCollectionAgent.dll
2014-03-06 07:11 . 2014-04-13 13:36    2043904    ----a-w-    c:\windows\system32\inetcpl.cpl
2014-03-06 06:53 . 2014-04-13 13:36    13551104    ----a-w-    c:\windows\system32\ieframe.dll
2014-03-06 06:40 . 2014-04-13 13:36    1967104    ----a-w-    c:\windows\SysWow64\inetcpl.cpl
2014-03-06 06:22 . 2014-04-13 13:36    2260480    ----a-w-    c:\windows\system32\wininet.dll
2014-03-06 05:58 . 2014-04-13 13:36    1400832    ----a-w-    c:\windows\system32\urlmon.dll
2014-03-06 05:50 . 2014-04-13 13:36    846336    ----a-w-    c:\windows\system32\ieapfltr.dll
2014-03-06 05:41 . 2014-04-13 13:36    1789440    ----a-w-    c:\windows\SysWow64\wininet.dll
2014-03-04 09:44 . 2014-04-08 22:16    243712    ----a-w-    c:\windows\system32\wow64.dll
2014-03-04 09:44 . 2014-04-08 22:16    362496    ----a-w-    c:\windows\system32\wow64win.dll
2014-03-04 09:44 . 2014-04-08 22:16    13312    ----a-w-    c:\windows\system32\wow64cpu.dll
2014-03-04 09:44 . 2014-04-08 22:16    16384    ----a-w-    c:\windows\system32\ntvdm64.dll
2014-03-04 09:44 . 2014-04-08 22:16    1163264    ----a-w-    c:\windows\system32\kernel32.dll
2014-03-04 09:17 . 2014-04-08 22:16    14336    ----a-w-    c:\windows\SysWow64\ntvdm64.dll
2014-03-04 09:17 . 2014-04-08 22:16    44032    ----a-w-    c:\windows\apppatch\acwow64.dll
2014-03-04 09:16 . 2014-04-08 22:16    25600    ----a-w-    c:\windows\SysWow64\setup16.exe
2014-03-04 09:16 . 2014-04-08 22:16    5120    ----a-w-    c:\windows\SysWow64\wow32.dll
2014-03-04 08:09 . 2014-04-08 22:16    7680    ----a-w-    c:\windows\SysWow64\instnm.exe
2014-03-04 08:09 . 2014-04-08 22:16    2048    ----a-w-    c:\windows\SysWow64\user.exe
.
.
((((((((((((((((((((((((((   Pontos de Carregamento do Registro   )))))))))))))))))))))))))))))))))))))))
.
.
*Nota* entradas vazias e legítimas por padrão não são apresentadas.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2013-08-01 3673696]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-11-21 959904]
"HP Software Update"="c:\program files (x86)\Hp\HP Software Update\HPWuSchd2.exe" [2011-10-28 49208]
"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2014-05-23 3888648]
"LogMeIn Hamachi Ui"="c:\program files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" [2014-05-13 3814736]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
"AppInit_DLLs"=c:\windows\SysWOW64\nvinit.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AutoUpdateDisableNotify"=dword:00000001
.
R2 aswStm;aswStm;c:\windows\system32\drivers\aswStm.sys;c:\windows\SYSNATIVE\drivers\aswStm.sys [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 BprotectEx;Baidu ProtectEx;c:\windows\System32\drivers\BprotectEx.sys;c:\windows\SYSNATIVE\drivers\BprotectEx.sys [x]
R3 BTWAMPFL;BTWAMPFL;c:\windows\system32\DRIVERS\btwampfl.sys;c:\windows\SYSNATIVE\DRIVERS\btwampfl.sys [x]
R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys;c:\windows\SYSNATIVE\DRIVERS\btwl2cap.sys [x]
R3 EagleX64;EagleX64;c:\windows\system32\drivers\EagleX64.sys;c:\windows\SYSNATIVE\drivers\EagleX64.sys [x]
R3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device;c:\windows\system32\DRIVERS\ew_hwusbdev.sys;c:\windows\SYSNATIVE\DRIVERS\ew_hwusbdev.sys [x]
R3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [x]
R3 huawei_cdcacm;huawei_cdcacm;c:\windows\system32\DRIVERS\ew_jucdcacm.sys;c:\windows\SYSNATIVE\DRIVERS\ew_jucdcacm.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 npggsvc;nProtect GameGuard Service;c:\windows\system32\GameMon.des;c:\windows\SYSNATIVE\GameMon.des [x]
R3 Samsung UPD Service;Samsung UPD Service;c:\windows\System32\SUPDSvc.exe;c:\windows\SYSNATIVE\SUPDSvc.exe [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 TurboBoost;Intel® Turbo Boost Technology Monitor 2.0;c:\program files\Intel\TurboBoost\TurboBoost.exe;c:\program files\Intel\TurboBoost\TurboBoost.exe [x]
R3 WatAdminSvc;Serviço de Tecnologias de Ativação do Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R3 WSDScan;Suporte de Digitalização WSD via UMB;c:\windows\system32\drivers\WSDScan.sys;c:\windows\SYSNATIVE\drivers\WSDScan.sys [x]
R4 HWDeviceService64.exe;HWDeviceService64.exe;c:\programdata\DatacardService\HWDeviceService64.exe;c:\programdata\DatacardService\HWDeviceService64.exe [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe;c:\program files\Windows Live\Mesh\wlcrasvc.exe [x]
S0 aswRvrt;avast! Revert; [x]
S0 aswVmm;avast! VM Monitor; [x]
S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys;c:\windows\SYSNATIVE\DRIVERS\nvpciflt.sys [x]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys;c:\windows\SYSNATIVE\drivers\aswSnx.sys [x]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys;c:\windows\SYSNATIVE\drivers\aswSP.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S1 SABI;SAMSUNG Kernel Driver For Windows 7;c:\windows\system32\Drivers\SABI.sys;c:\windows\SYSNATIVE\Drivers\SABI.sys [x]
S2 aswHwid;avast! HardwareID;c:\windows\system32\drivers\aswHwid.sys;c:\windows\SYSNATIVE\drivers\aswHwid.sys [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
S2 Autodesk Content Service;Autodesk Content Service;c:\program files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe;c:\program files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [x]
S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [x]
S2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;c:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe;c:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe [x]
S2 LMIGuardianSvc;LMIGuardianSvc;c:\program files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe;c:\program files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [x]
S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [x]
S2 TurboB;Turbo Boost UI Monitor driver;c:\windows\system32\DRIVERS\TurboB.sys;c:\windows\SYSNATIVE\DRIVERS\TurboB.sys [x]
S2 UNS;Intel® Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [x]
S3 clwvd;CyberLink WebCam Virtual Driver;c:\windows\system32\DRIVERS\clwvd.sys;c:\windows\SYSNATIVE\DRIVERS\clwvd.sys [x]
S3 huawei_enumerator;huawei_enumerator;c:\windows\system32\DRIVERS\ew_jubusenum.sys;c:\windows\SYSNATIVE\DRIVERS\ew_jubusenum.sys [x]
S3 IntcDAud;Intel® Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\nusb3hub.sys [x]
S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\nusb3xhc.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftfslh.sys [x]
S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftplaylh.sys [x]
S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftredirlh.sys [x]
S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftvollh.sys [x]
S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [x]
.
.
Conteúdo da pasta 'Tarefas Agendadas'
.
2014-05-31 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-07-07 19:52]
.
2014-05-31 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1513193997-3538550247-1406820036-1001Core.job
- c:\users\Jorge e Priscila\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-08-17 02:58]
.
2014-05-31 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1513193997-3538550247-1406820036-1001UA.job
- c:\users\Jorge e Priscila\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-08-17 02:58]
.
2014-05-30 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1513193997-3538550247-1406820036-1001Core.job
- c:\users\Jorge e Priscila\AppData\Local\Google\Update\GoogleUpdate.exe [2012-07-06 23:46]
.
2014-05-31 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1513193997-3538550247-1406820036-1001UA.job
- c:\users\Jorge e Priscila\AppData\Local\Google\Update\GoogleUpdate.exe [2012-07-06 23:46]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2014-04-24 22:41    290888    ----a-w-    c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2011-06-25 11895400]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=c:\windows\System32\nvinitx.dll
.
------- Scan Suplementar -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://samsung.msn.com
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = <local>
IE: Enviar imagem para Dispositivo &Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Enviar página para Dispositivo &Bluetooth ... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
TCP: DhcpNameServer = 201.17.0.63 201.17.0.93 201.6.4.116
FF - ProfilePath - c:\users\Jorge e Priscila\AppData\Roaming\Mozilla\Firefox\Profiles\exomlp9y.default-1400683029636\
.
- - - - ORFÃOS REMOVIDOS - - - -
.
Toolbar-Locked - (no file)
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
Toolbar-Locked - (no file)
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
.
.
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\npggsvc]
"ImagePath"="c:\windows\system32\GameMon.des -service"
.
--------------------- CHAVES DO REGISTRO BLOQUEADAS ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\windows\\system32\\Macromed\\Flash\\FlashUtil64_13_0_0_214_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\windows\\system32\\Macromed\\Flash\\FlashUtil64_13_0_0_214_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_13_0_0_214_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_13_0_0_214_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_13_0_0_214.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.13"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_13_0_0_214.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_13_0_0_214.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_13_0_0_214.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Tempo para conclusão: 2014-05-31  02:07:12
ComboFix-quarantined-files.txt  2014-05-31 05:07
.
Pré-execução: 61.135.237.120 bytes disponíveis
Pós execução: 61.087.662.080 bytes disponíveis
.
- - End Of File - - 9930B19D2C381F2941AA16AEBB33425F

Compartilhar este post


Link para o post
Compartilhar em outros sites

Caro Jorge Fernando Dos Reis

 

Começo a pensar na possibilidade de ser hardware.

 

 

Pode ser, vamos terminar ainda e ver o que acontece ;)

 

Temporariamente e durante a execução destas instruções, é muito importante que mantenha desabilitados os seus programas de proteção (Antivirus, Antispyware e Firewall). Reative as proteções após a execução do(s) procedimento(s) abaixo mencionado(s).
  • Abra o seu Bloco de Notas, copie (control + c) e cole (control + v) todo o texto que está dentro do "Código":
File::c:\windows\System32\drivers\BprotectEx.sys Driver::BprotectEx RegLock::[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings][HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings][HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings][HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
  • Salve este arquivo como: CFScript.txt
Tal com exemplificado na animação abaixo, arraste o arquivo CFScript.txt para dentro do ComboFix.exe. Quando a ferramenta terminar de rodar, gerará um log. Poste esse arquivo C:\ComboFix.txt.

2872959479_997d4500c4_o.gif
 
Abraços :D

Compartilhar este post


Link para o post
Compartilhar em outros sites

Segue o log da instrução anterior.

 

ComboFix 14-05-29.01 - Jorge e Priscila 31/05/2014  23:45:19.2.4 - x64
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.55.1046.18.8103.6550 [GMT -3:00]
Executando de: c:\users\Jorge e Priscila\Desktop\ComboFix.exe
Comandos utilizados :: c:\users\Jorge e Priscila\Desktop\CFScript.txt
AV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
FILE ::
"c:\windows\System32\drivers\BprotectEx.sys"
.
.
(((((((((((((((((((((((((((((((((((((   Outras Exclusões   )))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
.
(((((((((((((((((((((((((((((((((((((((   Drivers/Serviços   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_BPROTECTEX
-------\Service_BprotectEx
.
.
((((((((((((((((   Arquivos/Ficheiros criados de 2014-05-01 to 2014-06-01  ))))))))))))))))))))))))))))
.
.
2014-06-01 03:01 . 2014-06-01 03:01    --------    d-----w-    c:\users\UpdatusUser\AppData\Local\temp
2014-06-01 03:01 . 2014-06-01 03:01    --------    d-----w-    c:\users\Default\AppData\Local\temp
2014-05-31 04:29 . 2014-05-31 04:33    --------    d-----w-    C:\AdwCleaner
2014-05-31 03:58 . 2014-05-31 03:58    --------    d-----w-    c:\windows\ERUNT
2014-05-31 02:07 . 2014-04-30 23:20    10702536    ----a-w-    c:\programdata\Microsoft\Windows Defender\Definition Updates\{033717A6-4AF1-4C73-8C92-A45A6C3B8379}\mpengine.dll
2014-05-28 13:55 . 2014-05-31 17:13    163504    ----a-w-    c:\programdata\Microsoft\Windows\Sqm\Manifest\Sqm10145.bin
2014-05-27 01:34 . 2014-05-27 01:34    --------    d-----w-    c:\users\Jorge e Priscila\AppData\Roaming\LibreOffice
2014-05-27 01:31 . 2014-05-27 01:33    --------    d-----w-    c:\program files (x86)\LibreOffice 4
2014-05-15 23:19 . 2014-05-15 23:19    --------    d-----w-    c:\program files (x86)\LogMeIn Hamachi
2014-05-14 06:03 . 2014-05-06 04:40    23544320    ----a-w-    c:\windows\system32\mshtml.dll
2014-05-14 06:03 . 2014-05-06 03:00    84992    ----a-w-    c:\windows\system32\mshtmled.dll
2014-05-14 06:03 . 2014-05-06 04:17    2724864    ----a-w-    c:\windows\system32\mshtml.tlb
2014-05-14 06:03 . 2014-05-06 03:07    2724864    ----a-w-    c:\windows\SysWow64\mshtml.tlb
2014-05-14 00:57 . 2014-04-12 02:19    1460736    ----a-w-    c:\windows\system32\lsasrv.dll
2014-05-14 00:57 . 2014-03-04 09:44    728064    ----a-w-    c:\windows\system32\kerberos.dll
2014-05-14 00:57 . 2014-03-04 09:20    3969984    ----a-w-    c:\windows\SysWow64\ntkrnlpa.exe
2014-05-14 00:57 . 2014-03-04 09:20    3914176    ----a-w-    c:\windows\SysWow64\ntoskrnl.exe
2014-05-14 00:57 . 2014-03-04 09:17    550912    ----a-w-    c:\windows\SysWow64\kerberos.dll
2014-05-14 00:57 . 2014-03-04 09:44    722944    ----a-w-    c:\windows\system32\objsel.dll
2014-05-14 00:57 . 2014-03-04 09:44    314880    ----a-w-    c:\windows\system32\msv1_0.dll
2014-05-14 00:57 . 2014-03-04 09:43    455168    ----a-w-    c:\windows\system32\winlogon.exe
2014-05-14 00:57 . 2014-03-04 09:17    259584    ----a-w-    c:\windows\SysWow64\msv1_0.dll
2014-05-14 00:57 . 2014-03-04 09:47    5550016    ----a-w-    c:\windows\system32\ntoskrnl.exe
2014-05-13 22:39 . 2014-05-09 06:14    477184    ----a-w-    c:\windows\system32\aepdu.dll
2014-05-13 22:39 . 2014-05-09 06:11    424448    ----a-w-    c:\windows\system32\aeinv.dll
2014-05-13 22:23 . 2014-03-25 02:43    14175744    ----a-w-    c:\windows\system32\shell32.dll
2014-05-10 14:33 . 2014-05-10 14:33    10594416    ----a-w-    c:\program files (x86)\Mozilla Firefox\icudt52.dll
2014-05-10 14:33 . 2014-05-10 14:33    965232    ----a-w-    c:\program files (x86)\Mozilla Firefox\icuuc52.dll
2014-05-10 14:33 . 2014-05-10 14:33    1266800    ----a-w-    c:\program files (x86)\Mozilla Firefox\icuin52.dll
2014-05-07 05:17 . 2014-05-14 06:28    --------    d-s---w-    c:\windows\system32\CompatTel
2014-05-06 22:30 . 2014-05-06 22:30    --------    d-----w-    c:\programdata\Malwarebytes
.
.
.
(((((((((((((((((((((((((((((((((((((   Relatório Find3M   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-05-15 23:23 . 2014-02-03 09:56    85328    ----a-w-    c:\windows\system32\drivers\aswstm.sys
2014-05-15 23:23 . 2012-09-05 14:44    423240    ----a-w-    c:\windows\system32\drivers\aswsp.sys
2014-05-15 23:23 . 2012-09-05 14:44    1039096    ----a-w-    c:\windows\system32\drivers\aswsnx.sys
2014-05-13 19:52 . 2012-07-07 19:21    70832    ----a-w-    c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-05-13 19:52 . 2012-07-07 19:21    692400    ----a-w-    c:\windows\SysWow64\FlashPlayerApp.exe
2014-04-24 22:41 . 2014-04-24 22:41    29208    ----a-w-    c:\windows\system32\drivers\aswHwid.sys
2014-04-24 22:41 . 2013-05-29 19:00    65776    ----a-w-    c:\windows\system32\drivers\aswRvrt.sys
2014-04-24 22:41 . 2013-05-29 19:00    208416    ----a-w-    c:\windows\system32\drivers\aswVmm.sys
2014-04-24 22:41 . 2012-09-05 14:44    79184    ----a-w-    c:\windows\system32\drivers\aswMonFlt.sys
2014-04-24 22:41 . 2012-09-05 14:44    334648    ----a-w-    c:\windows\system32\aswBoot.exe
2014-04-24 22:41 . 2014-04-24 22:41    43152    ----a-w-    c:\windows\avastSS.scr
2014-04-24 22:41 . 2012-09-05 15:30    93568    ----a-w-    c:\windows\system32\drivers\aswRdr2.sys
2014-03-31 12:35 . 2010-11-21 03:27    270496    ------w-    c:\windows\system32\MpSigStub.exe
2014-03-06 09:31 . 2014-04-13 13:36    4096    ----a-w-    c:\windows\system32\ieetwcollectorres.dll
2014-03-06 08:59 . 2014-04-13 13:36    66048    ----a-w-    c:\windows\system32\iesetup.dll
2014-03-06 08:57 . 2014-04-13 13:36    548352    ----a-w-    c:\windows\system32\vbscript.dll
2014-03-06 08:57 . 2014-04-13 13:36    48640    ----a-w-    c:\windows\system32\ieetwproxystub.dll
2014-03-06 08:53 . 2014-04-13 13:36    2767360    ----a-w-    c:\windows\system32\iertutil.dll
2014-03-06 08:40 . 2014-04-13 13:36    51200    ----a-w-    c:\windows\system32\jsproxy.dll
2014-03-06 08:39 . 2014-04-13 13:36    33792    ----a-w-    c:\windows\system32\iernonce.dll
2014-03-06 08:32 . 2014-04-13 13:37    574976    ----a-w-    c:\windows\system32\ieui.dll
2014-03-06 08:29 . 2014-04-13 13:36    139264    ----a-w-    c:\windows\system32\ieUnatt.exe
2014-03-06 08:29 . 2014-04-13 13:36    111616    ----a-w-    c:\windows\system32\ieetwcollector.exe
2014-03-06 08:28 . 2014-04-13 13:36    752640    ----a-w-    c:\windows\system32\jscript9diag.dll
2014-03-06 08:15 . 2014-04-13 13:36    940032    ----a-w-    c:\windows\system32\MsSpellCheckingFacility.exe
2014-03-06 08:11 . 2014-04-13 13:36    5784064    ----a-w-    c:\windows\system32\jscript9.dll
2014-03-06 08:09 . 2014-04-13 13:36    453120    ----a-w-    c:\windows\system32\dxtmsft.dll
2014-03-06 08:03 . 2014-04-13 13:36    586240    ----a-w-    c:\windows\system32\ie4uinit.exe
2014-03-06 08:02 . 2014-04-13 13:36    61952    ----a-w-    c:\windows\SysWow64\iesetup.dll
2014-03-06 08:02 . 2014-04-13 13:36    455168    ----a-w-    c:\windows\SysWow64\vbscript.dll
2014-03-06 08:01 . 2014-04-13 13:36    51200    ----a-w-    c:\windows\SysWow64\ieetwproxystub.dll
2014-03-06 07:56 . 2014-04-13 13:36    38400    ----a-w-    c:\windows\system32\JavaScriptCollectionAgent.dll
2014-03-06 07:48 . 2014-04-13 13:36    195584    ----a-w-    c:\windows\system32\msrating.dll
2014-03-06 07:46 . 2014-04-13 13:36    4254720    ----a-w-    c:\windows\SysWow64\jscript9.dll
2014-03-06 07:42 . 2014-04-13 13:36    296960    ----a-w-    c:\windows\system32\dxtrans.dll
2014-03-06 07:38 . 2014-04-13 13:36    112128    ----a-w-    c:\windows\SysWow64\ieUnatt.exe
2014-03-06 07:36 . 2014-04-13 13:36    592896    ----a-w-    c:\windows\SysWow64\jscript9diag.dll
2014-03-06 07:21 . 2014-04-13 13:36    628736    ----a-w-    c:\windows\system32\msfeeds.dll
2014-03-06 07:13 . 2014-04-13 13:36    32256    ----a-w-    c:\windows\SysWow64\JavaScriptCollectionAgent.dll
2014-03-06 07:11 . 2014-04-13 13:36    2043904    ----a-w-    c:\windows\system32\inetcpl.cpl
2014-03-06 06:53 . 2014-04-13 13:36    13551104    ----a-w-    c:\windows\system32\ieframe.dll
2014-03-06 06:40 . 2014-04-13 13:36    1967104    ----a-w-    c:\windows\SysWow64\inetcpl.cpl
2014-03-06 06:22 . 2014-04-13 13:36    2260480    ----a-w-    c:\windows\system32\wininet.dll
2014-03-06 05:58 . 2014-04-13 13:36    1400832    ----a-w-    c:\windows\system32\urlmon.dll
2014-03-06 05:50 . 2014-04-13 13:36    846336    ----a-w-    c:\windows\system32\ieapfltr.dll
2014-03-06 05:41 . 2014-04-13 13:36    1789440    ----a-w-    c:\windows\SysWow64\wininet.dll
2014-03-04 09:44 . 2014-04-08 22:16    243712    ----a-w-    c:\windows\system32\wow64.dll
2014-03-04 09:44 . 2014-04-08 22:16    362496    ----a-w-    c:\windows\system32\wow64win.dll
2014-03-04 09:44 . 2014-04-08 22:16    13312    ----a-w-    c:\windows\system32\wow64cpu.dll
2014-03-04 09:44 . 2014-04-08 22:16    16384    ----a-w-    c:\windows\system32\ntvdm64.dll
2014-03-04 09:44 . 2014-04-08 22:16    1163264    ----a-w-    c:\windows\system32\kernel32.dll
2014-03-04 09:17 . 2014-04-08 22:16    14336    ----a-w-    c:\windows\SysWow64\ntvdm64.dll
2014-03-04 09:17 . 2014-04-08 22:16    44032    ----a-w-    c:\windows\apppatch\acwow64.dll
2014-03-04 09:16 . 2014-04-08 22:16    25600    ----a-w-    c:\windows\SysWow64\setup16.exe
2014-03-04 09:16 . 2014-04-08 22:16    5120    ----a-w-    c:\windows\SysWow64\wow32.dll
2014-03-04 08:09 . 2014-04-08 22:16    7680    ----a-w-    c:\windows\SysWow64\instnm.exe
2014-03-04 08:09 . 2014-04-08 22:16    2048    ----a-w-    c:\windows\SysWow64\user.exe
.
.
((((((((((((((((((((((((((   Pontos de Carregamento do Registro   )))))))))))))))))))))))))))))))))))))))
.
.
*Nota* entradas vazias e legítimas por padrão não são apresentadas.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2013-08-01 3673696]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-11-21 959904]
"HP Software Update"="c:\program files (x86)\Hp\HP Software Update\HPWuSchd2.exe" [2011-10-28 49208]
"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2014-05-23 3888648]
"LogMeIn Hamachi Ui"="c:\program files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" [2014-05-13 3814736]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
"AppInit_DLLs"=c:\windows\SysWOW64\nvinit.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AutoUpdateDisableNotify"=dword:00000001
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 BTWAMPFL;BTWAMPFL;c:\windows\system32\DRIVERS\btwampfl.sys;c:\windows\SYSNATIVE\DRIVERS\btwampfl.sys [x]
R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys;c:\windows\SYSNATIVE\DRIVERS\btwl2cap.sys [x]
R3 EagleX64;EagleX64;c:\windows\system32\drivers\EagleX64.sys;c:\windows\SYSNATIVE\drivers\EagleX64.sys [x]
R3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device;c:\windows\system32\DRIVERS\ew_hwusbdev.sys;c:\windows\SYSNATIVE\DRIVERS\ew_hwusbdev.sys [x]
R3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [x]
R3 huawei_cdcacm;huawei_cdcacm;c:\windows\system32\DRIVERS\ew_jucdcacm.sys;c:\windows\SYSNATIVE\DRIVERS\ew_jucdcacm.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 npggsvc;nProtect GameGuard Service;c:\windows\system32\GameMon.des;c:\windows\SYSNATIVE\GameMon.des [x]
R3 Samsung UPD Service;Samsung UPD Service;c:\windows\System32\SUPDSvc.exe;c:\windows\SYSNATIVE\SUPDSvc.exe [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 TurboBoost;Intel® Turbo Boost Technology Monitor 2.0;c:\program files\Intel\TurboBoost\TurboBoost.exe;c:\program files\Intel\TurboBoost\TurboBoost.exe [x]
R3 WatAdminSvc;Serviço de Tecnologias de Ativação do Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R3 WSDScan;Suporte de Digitalização WSD via UMB;c:\windows\system32\drivers\WSDScan.sys;c:\windows\SYSNATIVE\drivers\WSDScan.sys [x]
R4 HWDeviceService64.exe;HWDeviceService64.exe;c:\programdata\DatacardService\HWDeviceService64.exe;c:\programdata\DatacardService\HWDeviceService64.exe [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe;c:\program files\Windows Live\Mesh\wlcrasvc.exe [x]
S0 aswRvrt;avast! Revert; [x]
S0 aswVmm;avast! VM Monitor; [x]
S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys;c:\windows\SYSNATIVE\DRIVERS\nvpciflt.sys [x]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys;c:\windows\SYSNATIVE\drivers\aswSnx.sys [x]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys;c:\windows\SYSNATIVE\drivers\aswSP.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S1 SABI;SAMSUNG Kernel Driver For Windows 7;c:\windows\system32\Drivers\SABI.sys;c:\windows\SYSNATIVE\Drivers\SABI.sys [x]
S2 aswHwid;avast! HardwareID;c:\windows\system32\drivers\aswHwid.sys;c:\windows\SYSNATIVE\drivers\aswHwid.sys [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
S2 aswStm;aswStm;c:\windows\system32\drivers\aswStm.sys;c:\windows\SYSNATIVE\drivers\aswStm.sys [x]
S2 Autodesk Content Service;Autodesk Content Service;c:\program files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe;c:\program files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [x]
S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [x]
S2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;c:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe;c:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe [x]
S2 LMIGuardianSvc;LMIGuardianSvc;c:\program files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe;c:\program files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [x]
S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [x]
S2 TurboB;Turbo Boost UI Monitor driver;c:\windows\system32\DRIVERS\TurboB.sys;c:\windows\SYSNATIVE\DRIVERS\TurboB.sys [x]
S2 UNS;Intel® Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [x]
S3 clwvd;CyberLink WebCam Virtual Driver;c:\windows\system32\DRIVERS\clwvd.sys;c:\windows\SYSNATIVE\DRIVERS\clwvd.sys [x]
S3 huawei_enumerator;huawei_enumerator;c:\windows\system32\DRIVERS\ew_jubusenum.sys;c:\windows\SYSNATIVE\DRIVERS\ew_jubusenum.sys [x]
S3 IntcDAud;Intel® Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\nusb3hub.sys [x]
S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\nusb3xhc.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftfslh.sys [x]
S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftplaylh.sys [x]
S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftredirlh.sys [x]
S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftvollh.sys [x]
S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [x]
.
.
Conteúdo da pasta 'Tarefas Agendadas'
.
2014-06-01 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-07-07 19:52]
.
2014-05-31 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1513193997-3538550247-1406820036-1001Core.job
- c:\users\Jorge e Priscila\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-08-17 02:58]
.
2014-05-31 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1513193997-3538550247-1406820036-1001UA.job
- c:\users\Jorge e Priscila\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-08-17 02:58]
.
2014-05-30 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1513193997-3538550247-1406820036-1001Core.job
- c:\users\Jorge e Priscila\AppData\Local\Google\Update\GoogleUpdate.exe [2012-07-06 23:46]
.
2014-06-01 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1513193997-3538550247-1406820036-1001UA.job
- c:\users\Jorge e Priscila\AppData\Local\Google\Update\GoogleUpdate.exe [2012-07-06 23:46]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2014-04-24 22:41    290888    ----a-w-    c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2011-06-25 11895400]
"SynTPEnh"="c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe" [bU]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=c:\windows\System32\nvinitx.dll
.
------- Scan Suplementar -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://samsung.msn.com
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = <local>
IE: Enviar imagem para Dispositivo &Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Enviar página para Dispositivo &Bluetooth ... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
TCP: DhcpNameServer = 201.17.0.63 201.17.0.93 201.6.4.116
FF - ProfilePath - c:\users\Jorge e Priscila\AppData\Roaming\Mozilla\Firefox\Profiles\exomlp9y.default-1400683029636\
.
- - - - ORFÃOS REMOVIDOS - - - -
.
Toolbar-Locked - (no file)
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
.
.
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\npggsvc]
"ImagePath"="c:\windows\system32\GameMon.des -service"
.
--------------------- CHAVES DO REGISTRO BLOQUEADAS ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\windows\\system32\\Macromed\\Flash\\FlashUtil64_13_0_0_214_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\windows\\system32\\Macromed\\Flash\\FlashUtil64_13_0_0_214_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_13_0_0_214_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_13_0_0_214_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_13_0_0_214.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.13"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_13_0_0_214.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_13_0_0_214.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_13_0_0_214.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Outros Processos em Execução ------------------------
.
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\CyberLink\Shared files\RichVideo.exe
c:\program files (x86)\Samsung\Easy Display Manager\WifiManager.exe
c:\program files (x86)\CyberLink\YouCam\YCMMirage.exe
c:\program files (x86)\SAMSUNG\EasySpeedUpManager\EasySpeedUpManager.exe
c:\program files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
c:\program files (x86)\Samsung\Movie Color Enhancer\MovieColorEnhancer.exe
c:\program files (x86)\Samsung\Samsung Support Center\SSCKbdHk.exe
c:\program files (x86)\Samsung\Samsung Update Plus\SUPBackground.exe
.
**************************************************************************
.
Tempo para conclusão: 2014-06-01  00:12:33 - Máquina reiniciou
ComboFix-quarantined-files.txt  2014-06-01 03:12
ComboFix2.txt  2014-05-31 05:07
.
Pré-execução: 60.970.840.064 bytes disponíveis
Pós execução: 60.662.505.472 bytes disponíveis
.
- - End Of File - - 892697E068B05EB9ED139648795448F5

Abraço.

Compartilhar este post


Link para o post
Compartilhar em outros sites

Caro Jorge Fernando Dos Reis

 

Faça o download do Malwarebytes Anti-Malware:

  • Link1
  • Link alternativo
    • Clique duas vezes em mbam-setup.exe, escolha a linguagem e siga as instruções para o software ser instalado.
    • Certifique-se que esteja marcada a caixa Atualizar Malwarebytes Anti-Malware e Executar Malwarebytes Anti-Malware, e clique em concluir.
    • Se existirem atualizações, elas serão baixadas e instaladas.
    • Quando as atualizações terminarem, abrirá uma janela do programa. Marque "Verificação Rápida", e depois clique no botão Verificar.
    • O scan iniciará e poderá ser demorado. Por favor seja paciente.
    • Quando o scan estiver completo, clique em Ok, depois em Mostrar Resultados para ver o log.
    • Se algo for encontrado, certifique-se que tudo está marcado e clique em Remover.
    • Quando a desinfecção terminar, automaticamente um log surgirá aberto num documento do Bloco de Notas e pode ser questionado para reiniciar o PC. (Leia a nota)
    • O log é automaticamente guardado e pode ser consultado clicando na tab Logs do menu principal.
    • Copie e cole o conteúdo desse log na sua próxima resposta.

Nota: Em infecções mais complicadas, poderá haver a necessidade de reiniciar o PC. Caso lhe seja pedido para reiniciar, por favor, faça-o imediatamente.

 

Abraços :D

Compartilhar este post


Link para o post
Compartilhar em outros sites

Desculpe a demora pra responder.

Segue o log do procedimento requerido.

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 03/06/2014
Scan Time: 22:28:38
Logfile: antimalware-log.txt
Administrator: Yes

Version: 2.00.2.1012
Malware Database: v2014.06.04.01
Rootkit Database: v2014.06.02.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled

OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: Jorge e Priscila

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 320320
Time Elapsed: 17 min, 58 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 0
(No malicious items detected)

Registry Values: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Folders: 1
PUP.Optional.WhiteSmoke.A, C:\Users\Jorge e Priscila\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogccgbmabaphcakpiclgcnmcnimhokcj, , [0e63c7ad57245ed8e48f275e2bd7ee12],

Files: 1
PUP.Optional.Softonic.A, C:\Users\Jorge e Priscila\Downloads\SoftonicDownloader_para_libreoffice-portable.exe, , [2e43c2b24f2ca096caf7bf6232cf9e62],

Physical Sectors: 0
(No malicious items detected)


(end)

Abraço.

Compartilhar este post


Link para o post
Compartilhar em outros sites

Caro Jorge Fernando Dos Reis

 

# Etapa nº 1 #
 
Faça o download do Kaspersky AVP Tool de um desses links:
 
Você será direcionado a uma página da Kaspersky, solicitando um email para cadastro, nome e sobrenome. 
Somente o campo "email" é obrigatório.
Informe seu email depois clique no botão Submit Form.
A página será recarregada. Clique no botão Download
Salve-o em sua área de trabalho (Desktop).
Execute o arquivo e aguarde a instalação.
  • ** Usuários do Windows Vista e Windows 7: Clique com o direito sobre o arquivo, depois clique em Executar como administrador

  • Na tela do contrato de licença, marque a opção I accept the license agreement e depois clique no botão Start.
Aparentemente o programa congela e nada acontece. É normal, apenas aguarde até aparecer a tela inicial do programa, e então clique no ícone Settings:

 
KRT_settings.png
 
Nesta tela, marque a caixa ao lado de:
Meu Computador; 
Disco local (C:);
Marque também todas as unidades que aparecem abaixo de Disco Local, caso houverem;
Depois clique na aba Automatic Scan.

 
KRT_install2_.png
 
De volta à tela inicial do programa, clique no botão Start scanning;
Tenha paciência, é um pouco demorado;
Quando terminar, caso tenha detectado algo, o programa irá lhe perguntar o que fazer;
Marque o quadradinho ao lado de Apply to all objects e depois clique em Skip (queremos apenas o log).

 
KRT_detection_.png
 
Uma vez finalizado o scan, proceda da seguinte forma:
Na tela principal, caso tenha sido detectado algo, então salve o log
Se você fechar o programa e esquecer de salvar o log, terá que repetir todo o scan novamente.
Para salvar o log, clique no ícone Reports (ao lado do ícone "Settings"). 
Na próxima janela, clique em Detected Threats, depois clique no ícone de disquete para salvar o log.
Escolha um local de fácil acesso e salve como log.txt
Copie todo o conteúdo desse bloco de notas e cole em sua próxima resposta.
Se nada for detectado, então não precisa salvar o log, apenas avise.
Para sair do programa, basta clicar no X no canto superior direito.

 

Observações:
Enquanto durar o scan, a tela inicial exibirá uma barra de progresso. Quando terminar, o programa exibirá o status concluído e um botão que ficará na cor
laranja
, caso nada tenha sido detectado; e na cor
vermelha
, caso tenha encontrado algo. Caso tenha detectado algo, o programa também exibirá uma tela de alerta, avisando que o seu sistema está desprotegido e sugerindo um produto da Kaspersky. Clique no botão
No, thanks
.

 
# Etapa nº 2 #
 
Faça o download do SecurityCheck e salve em seu Desktop
 
Clique duas vezes no SecurityCheck.exe
  • Atenção: Usuários Windows Vista, 7 e 8, cliquem com o botão direito do mouse e escolha: execadmin.png

Pressione qualquer tecla para continuar... será aberto um relatório
Copie todo seu conteúdo e cole em sua próxima resposta

Abraços :D

Compartilhar este post


Link para o post
Compartilhar em outros sites

Desculpa a demora, andei muito sem tempo esses dias e também tive um probleminha com o kaspersky, que demorou umas boas horas, e da primeira vez ele parou de funcionar quando tava pra mais de 70%, ai repeti, mas de todo jeito não encontrou nada.

Já sobre o segundo procedimento, quando eu executei ele, logo no início deu um erro:
"Line -1

Error: The requested action with this object has failed"
 

Marquei ok na janela do erro, continuou rodando e gerou o seguinte log:

 

 Results of screen317's Security Check version 0.99.83  
 Windows 7 Service Pack 1 x64 (UAC is enabled)  
 Internet Explorer 11  
``````````````Antivirus/Firewall Check:``````````````
avast! Antivirus   
 Antivirus up to date!   
`````````Anti-malware/Other Utilities Check:`````````
 Adobe Flash Player 13.0.0.214  
 Adobe Reader XI  
 Mozilla Firefox 18.0 Firefox out of Date!  
 Google Chrome 34.0.1847.137  
 Google Chrome 35.0.1916.114  
````````Process Check: objlist.exe by Laurent````````  
`````````````````System Health check`````````````````
 Total Fragmentation on Drive C: =
````````````````````End of Log``````````````````````


Falou.

Compartilhar este post


Link para o post
Compartilhar em outros sites

Caro Jorge Fernando Dos Reis

 

Atualize o Firefox ;)

 

>>>> Como está o computador?
 
# Etapa nº 1 #
 
Vamos desinstalar o ComboFix:
 
Renomeie o combofix.exe para uninstall.exe, clique duas vezes nele e aguarde o programa ser removido. 
 
Ou se preferir vá em,
 
iniciar > executar e digite  Combofix /Uninstall e clique OK, na janela que aparecer clique em executar e aguarde o programa ser removido.
 
# Etapa nº 2 #
 
Faça download do OTC by OldTimer e salve em seu desktop.
  • Clique duas vezes no ícone 4142006426_4719050954_o.gif
  • Clique em executar;
  • Clique em seu único botão (imagem abaixo):
4141259853_5a542d5908_o.jpgPermita que seu computador seja reiniciado.

 
# Etapa nº 3 #
 
  • Novamente: clique duas vezes no adwcleaner.exe
    • Atenção: Usuários Windows Vista, 7 e 8, cliquem com o botão direito do mouse e escolha: execadmin.png

  • Clique em Desinstalar
  • Clique em Sim, aguarde.
 
# Etapa nº 4 #
 
<<@>> Instale o CCleaner
 
O CCleaner é um excelente utilitário de limpeza para o computador, que lhe ajudará no desempenho do computador. Faça o download dele aqui CCleaner
IMPORTANTE: Após a instalação vá até o local onde o programa foi instalado, C:\Arquivos de programas\CCleaner, clique duas vezes na pasta, numa área vazia desta janela, clique com o botão direito do mouse e escolha Novo > pasta e crie uma nova pasta; coloque o nome de backups!
Abra o programa e clique em Executar Limpeza;
clique no botão Registro > Procurar Erros > Corrigir erro(s) seleciona(s)...
 
Obs: Não se esqueça de aceitar o backup das correções, e salvá-los nas pasta criada acima!

<<@>> Mantenha sempre seu Windows atualizado; mantenha uma vigilância constante com o firewall e antivírus e por fim, lembre-se que, a melhor forma de prevenir começa pelas nossas atitudes!
 
Abraços :D

Compartilhar este post


Link para o post
Compartilhar em outros sites





Sobre o Clube do Hardware

No ar desde 1996, o Clube do Hardware é uma das maiores, mais antigas e mais respeitadas publicações sobre tecnologia do Brasil. Leia mais

Direitos autorais

Não permitimos a cópia ou reprodução do conteúdo do nosso site, fórum, newsletters e redes sociais, mesmo citando-se a fonte. Leia mais

×