Ir ao conteúdo
  • Cadastre-se
André Souza_708677

Análise dos logs

Recommended Posts

Boa noite pessoal,

 

Peço ajuda para analisar os logs DDS e GMER de meu notebook, conforme seguem abaixo:

 

DDS (Ver_2012-11-20.01) - NTFS_AMD64 
Internet Explorer: 11.0.9600.17280  BrowserJavaVersion: 10.67.2
Run by Samsung Serie5 UBook at 11:48:42 on 2014-09-29
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.55.1046.18.8086.4344 [GMT -3:00]
.
AV: Norton Internet Security *Disabled/Updated* {D87FA2C0-F526-77B1-D6EC-0EDF3936CEDB}
SP: Norton Internet Security *Disabled/Updated* {631E4324-D31C-783F-EC5C-35AD42B18466}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Norton Internet Security *Disabled* {E04423E5-BF49-76E9-FDB3-A7EAC7E589A0}
.
============== Running Processes ===============
.
C:\windows\system32\lsm.exe
C:\windows\system32\svchost.exe -k DcomLaunch
C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe
C:\PROGRA~2\GbPlugin\GbpSv.exe
C:\windows\system32\svchost.exe -k RPCSS
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\windows\system32\svchost.exe -k LocalService
C:\windows\system32\svchost.exe -k netsvcs
C:\windows\system32\svchost.exe -k NetworkService
C:\windows\system32\WLANExt.exe
C:\windows\System32\spoolsv.exe
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\windows\system32\svchost.exe -k bthsvcs
C:\Program Files\EPSON\EpsonCustomerParticipation\EPCP.exe
C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE
C:\Program Files\Intel\WiFi\bin\EvtEng.exe
C:\Program Files\Diskeeper Corporation\ExpressCache\ExpressCache.exe
C:\Program Files (x86)\STMicroelectronics\Accelerometer\InstallFilterService.exe
C:\windows\SysWOW64\irstrtsv.exe
C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe
C:\windows\system32\PrintCtrl.exe
C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
C:\Program Files (x86)\Samsung\Easy Settings\SamsungDeviceConfiguration.exe
C:\windows\system32\svchost.exe -k imgsvc
C:\Program Files (x86)\Diebold\Warsaw\core.exe
C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
C:\windows\system32\wbem\unsecapp.exe
C:\windows\system32\wbem\wmiprvse.exe
C:\windows\system32\EscSvc64.exe
C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\windows\system32\taskhost.exe
C:\windows\system32\taskeng.exe
C:\PROGRA~2\GbPlugin\GbpSv.exe
C:\windows\system32\Dwm.exe
C:\windows\system32\taskeng.exe
C:\windows\system32\SearchIndexer.exe
C:\Program Files (x86)\Samsung\Easy Settings\dmhkcore.exe
C:\Program Files (x86)\Samsung\Easy Settings\SmartSetting.exe
C:\Program Files (x86)\Samsung\Easy Settings\EasySpeedUpManager.exe
C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
C:\windows\System32\svchost.exe -k LocalServicePeerNet
C:\windows\system32\igfxext.exe
C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe
C:\Program Files (x86)\IObit\Advanced SystemCare 7\Monitor.exe
C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
C:\Users\Samsung Serie5 UBook\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files\Samsung\S Agent\CommonAgent.exe
C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe
C:\windows\SysWOW64\rundll32.exe
C:\windows\system32\aetcrss1.exe
C:\Program Files\Elantech\ETDCtrl.exe
C:\windows\system32\rundll32.exe
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\windows\system32\hkcmd.exe
C:\windows\system32\igfxpers.exe
C:\windows\system32\PrintDisp.exe
C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe
C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler.exe
C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler64.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
C:\Program Files (x86)\Norton Internet Security\Engine\21.5.0.19\NIS.exe
C:\windows\system32\svchost.exe -k LocalSystemNetworkRestricted
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files (x86)\Norton Internet Security\Engine\21.5.0.19\NIS.exe
C:\Program Files\Elantech\ETDCtrlHelper.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
C:\windows\explorer.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\windows\system32\SearchProtocolHost.exe
C:\windows\system32\SearchFilterHost.exe
C:\windows\system32\wbem\wmiprvse.exe
C:\windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://samsung.msn.com
BHO: E-Web Print: {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} - C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll
BHO: Lync Browser Helper: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
BHO: Norton Identity Protection: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\21.5.0.19\coieplg.dll
BHO: Norton Vulnerability Protection: {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\21.5.0.19\ips\ipsbho.dll
BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: Evernote extension: {92EF2EAD-A7CE-4424-B0DB-499CF856608E} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL
BHO: Advanced SystemCare Browser Protection: {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - C:\Program Files (x86)\IObit\Surfing Protection\BrowerProtect\ASCPlugin_Protection.dll
BHO: GbIehObj Class: {C41A1C0E-EA6C-11D4-B1B8-444553540000} - C:\Program Files (x86)\GbPlugin\gbieh.dll
BHO: GbIehObj Class: {C41A1C0E-EA6C-11D4-B1B8-444553540008} - C:\Program Files (x86)\GbPlugin\gbiehuni.dll
BHO: Microsoft SkyDrive Pro Browser Helper: {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL
BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
TB: E-Web Print: {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} - C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll
TB: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\21.5.0.19\coieplg.dll
EB: E-Web Print: {A60C1DC7-64B3-4AD9-8E67-035D11B8B2B0} - C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll
uRun: [GoogleChromeAutoLaunch_A785F1C529C6EA62C20FF8645417DB5F] "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window
uRun: [hp officejet pro 8600 (net)] "C:\PROGRAM FILES\HP\HP OFFICEJET PRO 8600\BIN\SCANTOPCACTIVATIONAPP.EXE" -deviceID "cn25lbq0z905kc:nw" -scfn "hp officejet pro 8600 (net)" -AutoStart 1
StartupFolder: C:\Users\SAMSUN~1\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Dropbox.lnk - C:\Users\Samsung Serie5 UBook\AppData\Roaming\Dropbox\bin\Dropbox.exe
StartupFolder: C:\Users\SAMSUN~1\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\PUBLIC~1.LNK - C:\Program Files (x86)\Assistente\Assistente.jar
uPolicies-Explorer: NoDrives = dword:0
mPolicies-Explorer: NoDrives = dword:0
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: PromptOnSecureDesktop = dword:0
mPolicies-Windows\System: EnableSmartScreen = dword:0
IE: Capturar esta página - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\Clip.html?clipAction=1
IE: Capturar favorito - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\Clip.html?clipAction=0
IE: Capturar imagem - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\Clip.html?clipAction=4
IE: Capturar seleção - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\Clip.html?clipAction=3
IE: Capturar URL - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=0
IE: Nova nota - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\NewNote.html
IE: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
IE: {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\AddNote.html
Trusted Zone: itau.com.br
TCP: NameServer = 192.168.0.1
TCP: Interfaces\{20A250C6-91EF-4B27-A702-3980F652EFB2} : DHCPNameServer = 192.168.0.1
TCP: Interfaces\{20A250C6-91EF-4B27-A702-3980F652EFB2}\746545D293136334 : DHCPNameServer = 192.168.25.1
Filter: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLL
Notify:  GbPluginBb - C:\Program Files (x86)\GbPlugin\gbieh.dll
Notify:  GbPluginUni - C:\Program Files (x86)\GbPlugin\gbiehUni.dll
SSODL: WebCheck - <orphaned>
SEH: GbPluginObj Class - {E37CB5F0-51F5-4395-A808-5FA49E399008} - C:\Program Files (x86)\GbPlugin\gbiehuni.dll
SEH: GbPluginObj Class - {E37CB5F0-51F5-4395-A808-5FA49E399F83} - C:\Program Files (x86)\GbPlugin\gbieh.dll
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-BHO: ExplorerWnd Helper: {10921475-03CE-4E04-90CE-E2E7EF20C814} - C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer64.dll
x64-BHO: Lync Browser Helper: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office15\OCHelper.dll
x64-BHO: Norton Identity Protection: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine64\21.5.0.19\coieplg.dll
x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL
x64-BHO: Microsoft SkyDrive Pro Browser Helper: {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL
x64-BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
x64-TB: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine64\21.5.0.19\coieplg.dll
x64-IE: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office15\OCHelper.dll
x64-IE: {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\AddNote.html
x64-DPF: {CAFEEFAC-0017-0000-0000-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0-windows-i586.cab
x64-DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0-windows-i586.cab
x64-Filter: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL
x64-Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL
x64-Notify: igfxcui - igfxdev.dll
x64-SSODL: WebCheck - <orphaned>
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Samsung Serie5 UBook\AppData\Roaming\Mozilla\Firefox\Profiles\6m3dexqt.default\
.
---- FIREFOX POLICIES ----
FF - user.js: network.http.pipelining.maxrequests - 8
FF - user.js: network.http.request.max-start-delay - 0
FF - user.js: network.http.max-connections - 48
FF - user.js: network.http.max-connections-per-server - 16
FF - user.js: network.http.max-persistent-connections-per-proxy - 16
FF - user.js: network.http.max-persistent-connections-per-server - 8
FF - user.js: browser.turbo.enabled - true
FF - user.js: browser.display.show_image_placeholders - true
FF - user.js: browser.chrome.favicons - false
FF - user.js: browser.urlbar.autocomplete.enabled - true
FF - user.js: browser.cache.memory.capacity - 65536
FF - user.js: content.notify.ontimer - true
FF - user.js: content.interrupt.parsing - true
FF - user.js: content.max.tokenizing.time - 2250000
FF - user.js: content.switch.threshold - 750000
FF - user.js: plugin.expose_full_path - true
FF - user.js: ui.submenuDelay - 0
.
============= SERVICES / DRIVERS ===============
.
R0 DKDFM;Device Filter Manager Driver;C:\windows\System32\drivers\DKDFM.sys [2014-9-11 40752]
R0 DKTLFSMF;Telemetry File System Mini Filter Driver;C:\windows\System32\drivers\DKTLFSMF.sys [2014-9-11 106832]
R0 excsd;ExpressCache Storage Filter Driver;C:\windows\System32\drivers\excsd.sys [2014-9-11 95024]
R0 stdflt;Disk Filter Driver for Accelerometer;C:\windows\System32\drivers\stdflt.sys [2012-1-30 19504]
R1 excfs;ExpressCache File System Filter Driver;C:\windows\System32\drivers\excfs.sys [2014-9-11 23344]
R1 SABI;SAMSUNG Kernel Driver For Windows 7;C:\windows\System32\drivers\SABI.sys [2012-1-30 13824]
R2 AdvancedSystemCareService7;Advanced SystemCare Service 7;C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe [2014-9-11 893216]
R2 Bluetooth Device Monitor;Bluetooth Device Monitor;C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe [2011-10-18 936272]
R2 Bluetooth OBEX Service;Bluetooth OBEX Service;C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe [2011-10-18 1001808]
R2 EPSON_PM_RPCV4_04;EPSON V3 Service4(04);C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE [2014-3-24 151648]
R2 EpsonCustomerParticipation;EpsonCustomerParticipation;C:\Program Files\EPSON\EpsonCustomerParticipation\EPCP.exe [2013-9-20 654400]
R2 EpsonScanSvc;Epson Scanner Service;C:\windows\System32\escsvc64.exe [2014-3-26 135824]
R2 ExpressCache;ExpressCache;C:\Program Files\Diskeeper Corporation\ExpressCache\ExpressCache.exe [2012-3-30 79664]
R2 GbpSv;Gbp Service;C:\PROGRA~2\GbPlugin\GbpSv.exe [2014-8-18 546104]
R2 InstallFilterService;FF Install Filter Service;C:\Program Files (x86)\STMicroelectronics\Accelerometer\InstallFilterService.exe [2012-1-30 60928]
R2 irstrtsv;Intel® Rapid Start Technology Service;C:\Windows\SysWOW64\irstrtsv.exe [2012-1-31 184320]
R2 jhi_service;Intel® Identity Protection Technology Host Interface Service;C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe [2011-9-28 212944]
R2 NIS;Norton Internet Security;C:\Program Files (x86)\Norton Internet Security\Engine\21.5.0.19\nis.exe [2014-8-11 276376]
R2 Printer Control;Printer Control;C:\windows\System32\PrintCtrl.exe [2014-3-23 77824]
R2 SamsungDeviceConfigurationWinService;SamsungDeviceConfiguration;C:\Program Files (x86)\Samsung\Easy Settings\SamsungDeviceConfiguration.exe [2014-3-25 31624]
R2 SGDrv;SGDrv;C:\windows\System32\drivers\SGDrv64.sys [2012-1-30 7680]
R2 UNS;Intel® Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2012-1-30 2656536]
R2 Warsaw Technology;Warsaw Technology;C:\Program Files (x86)\Diebold\Warsaw\core.exe [2014-9-21 518968]
R2 ZeroConfigService;Intel® PROSet/Wireless Zero Configuration Service;C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [2012-8-23 3342640]
R3 asmthub3;ASMedia USB3 Hub Service;C:\windows\System32\drivers\asmthub3.sys [2011-11-3 130536]
R3 asmtxhci;ASMEDIA XHCI Service;C:\windows\System32\drivers\asmtxhci.sys [2011-11-3 395752]
R3 BHDrvx64;BHDrvx64;C:\Program Files (x86)\Norton Internet Security\NortonData\21.4.0.13\Definitions\BASHDefs\20140912.003\BHDrvx64.sys [2014-9-12 1586904]
R3 Bluetooth Media Service;Bluetooth Media Service;C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe [2011-10-18 1354064]
R3 btmaudio;Intel Bluetooth Audio Service;C:\windows\System32\drivers\btmaud.sys [2011-5-19 51712]
R3 btmaux;Intel Bluetooth Auxiliary Service;C:\windows\System32\drivers\btmaux.sys [2011-8-29 53760]
R3 btmhsf;btmhsf;C:\windows\System32\drivers\btmhsf.sys [2011-10-10 288768]
R3 ccSet_NIS;NIS Settings Manager;C:\windows\System32\drivers\NISx64\1505000.013\ccsetx64.sys [2014-8-11 162392]
R3 clwvd;CyberLink WebCam Virtual Driver;C:\windows\System32\drivers\clwvd.sys [2011-8-17 31216]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2014-9-10 142640]
R3 ETD;ELAN PS/2 Port Input Device;C:\windows\System32\drivers\ETD.sys [2011-8-31 197416]
R3 iBtFltCoex;iBtFltCoex;C:\windows\System32\drivers\iBtFltCoex.sys [2011-10-11 59904]
R3 IDSVia64;IDSVia64;C:\Program Files (x86)\Norton Internet Security\NortonData\21.4.0.13\Definitions\IPSDefs\20140926.003\IDSviA64.sys [2014-9-27 633560]
R3 IntcDAud;Áudio do vídeo Intel®;C:\windows\System32\drivers\IntcDAud.sys [2014-9-10 452088]
R3 iwdbus;IWD Bus Enumerator;C:\windows\System32\drivers\iwdbus.sys [2012-11-29 25528]
R3 SymDS;Symantec Data Store;C:\windows\System32\drivers\NISx64\1505000.013\symds64.sys [2014-8-11 493656]
R3 SymEFA;Symantec Extended File Attributes;C:\windows\System32\drivers\NISx64\1505000.013\symefa64.sys [2014-8-11 1148120]
R3 SymIRON;Symantec Iron Driver;C:\windows\System32\drivers\NISx64\1505000.013\ironx64.sys [2014-8-11 264280]
R3 SymNetS;Symantec Network Security WFP Driver;C:\windows\System32\drivers\NISx64\1505000.013\symnets.sys [2014-8-11 593112]
R3 usb3Hub;USB-IF USB 3.0 Hub;C:\windows\System32\drivers\usb3Hub.sys [2012-11-29 47072]
R3 WSDScan;Suporte de Digitalização WSD via UMB;C:\windows\System32\drivers\WSDScan.sys [2009-7-13 25088]
R3 XHCIPort;USB-IF xHCI USB Host Controller;C:\windows\System32\drivers\xHCIPort.sys [2012-10-9 188896]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-9-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-9-11 124088]
S2 LiveUpdateSvc;LiveUpdate;C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2014-9-10 2282272]
S3 AMPPAL;Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Virtual Adapter;C:\windows\System32\drivers\AmpPal.sys [2011-9-14 299008]
S3 DKRtWrt;DKRtWrt;C:\windows\System32\drivers\DKRtWrt.sys [2014-9-11 52048]
S3 GemCCID;GemCCID;C:\windows\System32\drivers\GemCCID.sys [2014-3-14 130688]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\windows\System32\ieetwcollector.exe [2014-9-11 111616]
S3 intaud_WaveExtensible;Intel WiDi Audio Device;C:\windows\System32\drivers\intelaud.sys [2012-11-29 35256]
S3 irstrtdv;Intel® Rapid Start Technology Driver;C:\windows\System32\drivers\irstrtdv.sys [2014-9-10 43800]
S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2012-8-23 272688]
S3 ose64;Office 64 Source Engine;C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2014-1-23 178760]
S3 RTL8167;Realtek 8167 NT Driver;C:\windows\System32\drivers\Rt64win7.sys [2012-1-30 533096]
S3 TsUsbFlt;TsUsbFlt;C:\windows\System32\drivers\TsUsbFlt.sys [2010-11-21 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\windows\System32\drivers\TsUsbGD.sys [2010-11-21 31232]
S3 USBAAPL64;Apple Mobile USB Driver;C:\windows\System32\drivers\usbaapl64.sys [2013-3-18 54784]
S3 usbrndis6;Adaptador USB RNDIS6;C:\windows\System32\drivers\usb80236.sys [2014-3-23 19968]
S3 WatAdminSvc;Serviço de Tecnologias de Ativação do Windows;C:\windows\System32\Wat\WatAdminSvc.exe [2014-3-25 1255736]
S4 AllShare Framework DMS;AllShare Framework DMS;C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AllShareFrameworkManagerDMS.exe [2013-12-21 404360]
S4 IObitUnlocker;IObitUnlocker;C:\Program Files (x86)\IObit\IObit Unlocker\IObitUnlocker.sys [2014-9-10 36568]
S4 Samsung Link Service;Samsung Link Service;C:\Program Files\Samsung\Samsung Link\Samsung Link.exe [2014-7-15 604512]
S4 SWUpdateService;SW Update Service;C:\ProgramData\SAMSUNG\SW Update Service\SWMAgent.exe [2014-4-4 3020632]
.
=============== File Associations ===============
.
FileExt: .txt: Applications\WINWORD.EXE="C:\Program Files\Microsoft Office\Office15\WINWORD.EXE" /n "%1" [userChoice] [default=edit - 'Open' doesn't exist]
.
=============== Created Last 30 ================
.
2014-09-29 14:24:18 -------- d-----w- C:\$RECYCLE.BIN
2014-09-29 14:09:58 98816 ----a-w- C:\windows\sed.exe
2014-09-29 14:09:58 256000 ----a-w- C:\windows\PEV.exe
2014-09-29 14:09:58 208896 ----a-w- C:\windows\MBR.exe
2014-09-23 18:52:34 2048 ----a-w- C:\windows\SysWow64\tzres.dll
2014-09-23 18:52:34 2048 ----a-w- C:\windows\System32\tzres.dll
2014-09-21 22:42:48 -------- d-----w- C:\ProgramData\Package Cache
2014-09-21 22:42:01 -------- d--h--w- C:\Program Files (x86)\GAS Tecnologia
2014-09-21 22:42:01 -------- d-----w- C:\Program Files (x86)\Diebold
2014-09-11 22:18:22 27456 ----a-w- C:\windows\System32\RegistryDefragBootTime.exe
2014-09-11 20:31:05 2777088 ----a-w- C:\windows\System32\msmpeg2vdec.dll
2014-09-11 20:31:05 2285056 ----a-w- C:\windows\SysWow64\msmpeg2vdec.dll
2014-09-11 13:02:29 23344 ----a-w- C:\windows\System32\drivers\excfs.sys
2014-09-11 13:02:24 95024 ----a-w- C:\windows\System32\drivers\excsd.sys
2014-09-11 12:43:43 -------- d-----w- C:\Users\Samsung Serie5 UBook\AppData\Roaming\Condusiv_Technologies
2014-09-11 12:43:43 -------- d-----w- C:\Users\Samsung Serie5 UBook\AppData\Local\Condusiv_Technologies
2014-09-11 12:41:13 106832 ----a-w- C:\windows\System32\drivers\DKTLFSMF.sys
2014-09-11 12:41:12 52048 ----a-w- C:\windows\System32\drivers\DKRtWrt.sys
2014-09-11 12:41:09 -------- d-----w- C:\ProgramData\Condusiv Technologies
2014-09-11 12:41:08 -------- d-----w- C:\Program Files\Condusiv Technologies
2014-09-11 12:39:55 -------- d-----w- C:\Program Files (x86)\Diskeeper Setup Files
2014-09-11 12:16:50 40752 ----a-w- C:\windows\System32\drivers\DKDFM.sys
2014-09-11 11:56:29 -------- d-----w- C:\ProgramData\{3C5CBD7B-3D1D-411E-96C2-513FFCA84D2D}
2014-09-10 12:06:20 2101848 ----a-w- C:\windows\System32\WavesGUILib64.dll
2014-09-10 12:02:43 11527888 ----a-w- C:\windows\System32\drivers\NETwsw00.sys
2014-09-10 12:00:17 43800 ----a-w- C:\windows\System32\drivers\irstrtdv.sys
2014-09-10 11:49:10 1795952 ----a-w- C:\windows\System32\WdfCoInstaller01011.dll
2014-09-10 11:49:10 100312 ----a-w- C:\windows\System32\drivers\TeeDriverx64.sys
2014-09-10 11:47:24 793600 ----a-w- C:\windows\SysWow64\TSWorkspace.dll
2014-09-10 11:47:24 1031168 ----a-w- C:\windows\System32\TSWorkspace.dll
2014-09-10 11:47:01 2565120 ----a-w- C:\windows\System32\d3d10warp.dll
2014-09-10 11:47:01 1987584 ----a-w- C:\windows\SysWow64\d3d10warp.dll
2014-09-10 11:46:21 96768 ----a-w- C:\windows\SysWow64\sspicli.dll
2014-09-10 11:46:21 728064 ----a-w- C:\windows\System32\kerberos.dll
2014-09-10 11:46:21 550912 ----a-w- C:\windows\SysWow64\kerberos.dll
2014-09-10 11:46:21 22016 ----a-w- C:\windows\SysWow64\secur32.dll
2014-09-10 11:46:21 1460736 ----a-w- C:\windows\System32\lsasrv.dll
2014-09-10 11:46:15 578048 ----a-w- C:\windows\System32\aepdu.dll
2014-09-10 11:46:15 424448 ----a-w- C:\windows\System32\aeinv.dll
2014-09-10 11:45:35 452088 ----a-w- C:\windows\System32\drivers\IntcDAud.sys
2014-09-10 11:21:23 -------- d-----w- C:\Users\Samsung Serie5 UBook\AppData\Roaming\ProductData
2014-09-10 11:19:41 -------- d-----w- C:\ProgramData\ProductData
2014-09-10 11:19:35 -------- d-----w- C:\ProgramData\{D76294E6-03B8-4971-AF2E-3F846161A690}
2014-09-10 11:19:34 -------- d-----w- C:\ProgramData\{E1ED556E-3EA0-4F44-8BE7-CC5FB0F4B424}
2014-09-10 11:19:33 -------- d-----w- C:\ProgramData\IObit
2014-09-10 11:19:23 -------- d-----w- C:\Users\Samsung Serie5 UBook\AppData\Roaming\IObit
2014-09-10 11:19:09 -------- d-----w- C:\Program Files (x86)\IObit
2014-09-08 22:45:26 -------- d-----w- C:\Users\Samsung Serie5 UBook\AppData\Local\Spotify
2014-09-08 22:44:37 -------- d-----w- C:\Users\Samsung Serie5 UBook\AppData\Roaming\Spotify
.
==================== Find3M  ====================
.
2014-09-11 11:56:36 71344 ----a-w- C:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-09-11 11:56:36 701104 ----a-w- C:\windows\SysWow64\FlashPlayerApp.exe
2014-09-10 12:06:19 948952 ----a-w- C:\windows\System32\RCoInstII64.dll
2014-08-26 14:40:46 1998168 ----a-w- C:\windows\SysWow64\D3DX9_43.dll
2014-08-23 02:07:00 404480 ----a-w- C:\windows\System32\gdi32.dll
2014-08-23 01:45:55 311808 ----a-w- C:\windows\SysWow64\gdi32.dll
2014-08-23 00:59:01 3163648 ----a-w- C:\windows\System32\win32k.sys
2014-08-18 22:29:49 2724864 ----a-w- C:\windows\System32\mshtml.tlb
2014-08-18 22:29:35 4096 ----a-w- C:\windows\System32\ieetwcollectorres.dll
2014-08-18 22:19:53 5833728 ----a-w- C:\windows\System32\jscript9.dll
2014-08-18 22:15:34 547328 ----a-w- C:\windows\System32\vbscript.dll
2014-08-18 22:15:09 66048 ----a-w- C:\windows\System32\iesetup.dll
2014-08-18 22:14:38 48640 ----a-w- C:\windows\System32\ieetwproxystub.dll
2014-08-18 22:14:10 83968 ----a-w- C:\windows\System32\MshtmlDac.dll
2014-08-18 22:08:55 4232704 ----a-w- C:\windows\SysWow64\jscript9.dll
2014-08-18 22:03:47 139264 ----a-w- C:\windows\System32\ieUnatt.exe
2014-08-18 22:03:37 111616 ----a-w- C:\windows\System32\ieetwcollector.exe
2014-08-18 22:03:01 758272 ----a-w- C:\windows\System32\jscript9diag.dll
2014-08-18 21:57:44 2724864 ----a-w- C:\windows\SysWow64\mshtml.tlb
2014-08-18 21:56:17 940032 ----a-w- C:\windows\System32\MsSpellCheckingFacility.exe
2014-08-18 21:46:26 454656 ----a-w- C:\windows\SysWow64\vbscript.dll
2014-08-18 21:45:23 61952 ----a-w- C:\windows\SysWow64\iesetup.dll
2014-08-18 21:45:12 72704 ----a-w- C:\windows\System32\JavaScriptCollectionAgent.dll
2014-08-18 21:44:44 51200 ----a-w- C:\windows\SysWow64\ieetwproxystub.dll
2014-08-18 21:44:09 61952 ----a-w- C:\windows\SysWow64\MshtmlDac.dll
2014-08-18 21:36:07 112128 ----a-w- C:\windows\SysWow64\ieUnatt.exe
2014-08-18 21:35:24 597504 ----a-w- C:\windows\SysWow64\jscript9diag.dll
2014-08-18 21:23:17 2104832 ----a-w- C:\windows\System32\inetcpl.cpl
2014-08-18 21:23:16 1249280 ----a-w- C:\windows\System32\mshtmlmedia.dll
2014-08-18 21:22:48 60416 ----a-w- C:\windows\SysWow64\JavaScriptCollectionAgent.dll
2014-08-18 21:15:13 2310656 ----a-w- C:\windows\System32\wininet.dll
2014-08-18 21:08:54 2014208 ----a-w- C:\windows\SysWow64\inetcpl.cpl
2014-08-18 21:07:44 1068032 ----a-w- C:\windows\SysWow64\mshtmlmedia.dll
2014-08-18 20:46:48 1812992 ----a-w- C:\windows\SysWow64\wininet.dll
2014-08-18 01:46:20 98216 ----a-w- C:\windows\SysWow64\WindowsAccessBridge-32.dll
2014-07-28 14:49:50 177752 ----a-w- C:\windows\System32\drivers\SYMEVENT64x86.SYS
2014-07-25 05:35:46 875688 ----a-w- C:\windows\SysWow64\msvcr120_clr0400.dll
2014-07-25 02:47:06 869544 ----a-w- C:\windows\System32\msvcr120_clr0400.dll
2014-07-14 02:02:45 1216000 ----a-w- C:\windows\System32\rpcrt4.dll
2014-07-14 01:40:58 664064 ----a-w- C:\windows\SysWow64\rpcrt4.dll
.
============= FINISH: 11:49:00,30 ===============
 
 
 
 
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 7 Home Premium 
Boot Device: \Device\HarddiskVolume1
Install Date: 22/03/2014 10:48:46
System Uptime: 29/09/2014 11:23:07 (0 hours ago)
.
Motherboard: SAMSUNG ELECTRONICS CO., LTD. |  | 530U3BI/530U4BI/530U4BH
Processor: Intel® Core i5-2467M CPU @ 1.60GHz | CPU | 1601/100mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 445 GiB total, 318,851 GiB free.
.
==== Disabled Device Manager Items =============
.
Class GUID: 
Description: Dispositivo Periférico Bluetooth
Device ID: BTHENUM\{00001132-0000-1000-8000-00805F9B34FB}_VID&00010075_PID&0100\8&4B3A81A&0&1883310ED5BF_C00000000
Manufacturer: 
Name: Dispositivo Periférico Bluetooth
PNP Device ID: BTHENUM\{00001132-0000-1000-8000-00805F9B34FB}_VID&00010075_PID&0100\8&4B3A81A&0&1883310ED5BF_C00000000
Service: 
.
Class GUID: 
Description: Dispositivo Periférico Bluetooth
Device ID: BTHENUM\{00001801-0000-1000-8000-00805F9B34FB}_VID&00010075_PID&0100\8&4B3A81A&0&BC72B187B667_C00000000
Manufacturer: 
Name: Dispositivo Periférico Bluetooth
PNP Device ID: BTHENUM\{00001801-0000-1000-8000-00805F9B34FB}_VID&00010075_PID&0100\8&4B3A81A&0&BC72B187B667_C00000000
Service: 
.
Class GUID: 
Description: Dispositivo Periférico Bluetooth
Device ID: BTHENUM\{00001132-0000-1000-8000-00805F9B34FB}_VID&00010075_PID&0100\8&4B3A81A&0&BC72B187B667_C00000000
Manufacturer: 
Name: Dispositivo Periférico Bluetooth
PNP Device ID: BTHENUM\{00001132-0000-1000-8000-00805F9B34FB}_VID&00010075_PID&0100\8&4B3A81A&0&BC72B187B667_C00000000
Service: 
.
Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
Description: Adaptador de Miniporta WiFi Virtual da Microsoft
Device ID: {5D624F94-8850-40C3-A3FA-A4FD2080BAF3}\VWIFIMP\5&306A2AB8&0&01
Manufacturer: Microsoft
Name: Adaptador de Miniporta WiFi Virtual da Microsoft
PNP Device ID: {5D624F94-8850-40C3-A3FA-A4FD2080BAF3}\VWIFIMP\5&306A2AB8&0&01
Service: vwifimp
.
Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
Description: Adaptador de Miniporta WiFi Virtual da Microsoft
Device ID: {5D624F94-8850-40C3-A3FA-A4FD2080BAF3}\VWIFIMP\5&306A2AB8&0&02
Manufacturer: Microsoft
Name: Microsoft Virtual WiFi Miniport Adapter #2
PNP Device ID: {5D624F94-8850-40C3-A3FA-A4FD2080BAF3}\VWIFIMP\5&306A2AB8&0&02
Service: vwifimp
.
Class GUID: 
Description: Dispositivo Periférico Bluetooth
Device ID: BTHENUM\{00001800-0000-1000-8000-00805F9B34FB}_VID&00010075_PID&0100\8&4B3A81A&0&1883310ED5BF_C00000000
Manufacturer: 
Name: Dispositivo Periférico Bluetooth
PNP Device ID: BTHENUM\{00001800-0000-1000-8000-00805F9B34FB}_VID&00010075_PID&0100\8&4B3A81A&0&1883310ED5BF_C00000000
Service: 
.
Class GUID: 
Description: Dispositivo Periférico Bluetooth
Device ID: BTHENUM\{00001800-0000-1000-8000-00805F9B34FB}_VID&00010075_PID&0100\8&4B3A81A&0&BC72B187B667_C00000000
Manufacturer: 
Name: Dispositivo Periférico Bluetooth
PNP Device ID: BTHENUM\{00001800-0000-1000-8000-00805F9B34FB}_VID&00010075_PID&0100\8&4B3A81A&0&BC72B187B667_C00000000
Service: 
.
Class GUID: 
Description: Dispositivo Periférico Bluetooth
Device ID: BTHENUM\{FBE4BE12-374A-486B-A473-24E39408A24D}_VID&00010075_PID&0100\8&4B3A81A&0&1883310ED5BF_C00000000
Manufacturer: 
Name: Dispositivo Periférico Bluetooth
PNP Device ID: BTHENUM\{FBE4BE12-374A-486B-A473-24E39408A24D}_VID&00010075_PID&0100\8&4B3A81A&0&1883310ED5BF_C00000000
Service: 
.
Class GUID: 
Description: Dispositivo Periférico Bluetooth
Device ID: BTHENUM\{00001801-0000-1000-8000-00805F9B34FB}_VID&00010075_PID&0100\8&4B3A81A&0&1883310ED5BF_C00000000
Manufacturer: 
Name: Dispositivo Periférico Bluetooth
PNP Device ID: BTHENUM\{00001801-0000-1000-8000-00805F9B34FB}_VID&00010075_PID&0100\8&4B3A81A&0&1883310ED5BF_C00000000
Service: 
.
Class GUID: 
Description: Dispositivo Periférico Bluetooth
Device ID: BTHENUM\{FBE4BE12-374A-486B-A473-24E39408A24D}_VID&00010075_PID&0100\8&4B3A81A&0&BC72B187B667_C00000000
Manufacturer: 
Name: Dispositivo Periférico Bluetooth
PNP Device ID: BTHENUM\{FBE4BE12-374A-486B-A473-24E39408A24D}_VID&00010075_PID&0100\8&4B3A81A&0&BC72B187B667_C00000000
Service: 
.
==== System Restore Points ===================
.
RP144: 21/09/2014 19:42:06 - Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005
RP145: 23/09/2014 08:05:00 - Windows Update
RP146: 25/09/2014 21:51:49 - Windows Update
RP147: 29/09/2014 11:10:04 - ComboFix created restore point
.
==== Installed Programs ======================
.
Accelerometer
Adobe Flash Player 15 ActiveX
Adobe Flash Player 15 Plugin
Adobe Shockwave Player 12.1
Advanced SystemCare 7
AllShare Framework DMS
AP+ 2.3.0
Apple Mobile Device Support
Apple Software Update
Asmedia ASM104x USB 3.0 Host Controller Driver
Assistente de Instalação OAB
Assistente de Intimações versão 2.04
BitTorrent
Bonjour
BS.Player FREE
CCleaner
CyberLink YouCam
Definition Update for Microsoft Office 2013 (KB2760587) 64-Bit Edition
Diskeeper 12 Professional
Driver Booster
DriverToolkit version 8.3.0.0
Dropbox
Easy Migration
Easy Settings
Epson Connect Printer Setup
Epson Customer Participation
Epson E-Web Print
EPSON Printer Finder
EPSON Scan
EPSON XP-400 Series Printer Uninstall
EpsonNet Print
ETDWare PS/2-X64 10.0.7.3_WHQL
Evernote v. 5.6.4
ExpressCache
Fast Flash Sleep Resume
Foxit PhantomPDF
GadgetWide Cloud Control Service
Google Chrome
Google Update Helper
Guardião - Itaú 30 horas
HP FWUpdateEDO2
HP Officejet Pro 8600 Estudo de aprimoramento de produtos
HP Officejet Pro 8600 Software básico do dispositivo
HP Update
I.R.I.S. OCR
Intel PROSet Wireless
Intel® Control Center
Intel® Identity Protection Technology 1.2.22.0
Intel® Management Engine Components
Intel® Processor Graphics
Intel® PROSet/Wireless Software for Bluetooth® Technology
Intel® Rapid Start Technology
Intel® Rapid Storage Technology
Intel® WiDi
Intel® Wireless Display
IObit Uninstaller
IObit Unlocker
IRPF2014 - Declaração de Ajuste Anual, Final de Espólio e Saída Definitiva do País
iTunes
Java 7 Update 67
Java Auto Updater
Java SE Development Kit 7 Update 45
Java 7 (64-bit)
K-Lite Codec Pack 9.3.0 (Basic)
KMSpico v9.1.3
Módulo de Segurança - Banco do Brasil
Microsoft .NET Framework 4.5.1
Microsoft Access MUI (Portuguese (Brazil)) 2013
Microsoft DCF MUI (Portuguese (Brazil)) 2013
Microsoft Excel MUI (Portuguese (Brazil)) 2013
Microsoft Groove MUI (Portuguese (Brazil)) 2013
Microsoft InfoPath MUI (Portuguese (Brazil)) 2013
Microsoft Lync MUI (Portuguese (Brazil)) 2013
Microsoft Office 32-bit Components 2013
Microsoft Office OSM MUI (Portuguese (Brazil)) 2013
Microsoft Office OSM UX MUI (Portuguese (Brazil)) 2013
Microsoft Office Professional Plus 2013
Microsoft Office Proofing (Portuguese (Brazil)) 2013
Microsoft Office Proofing Tools 2013 - English
Microsoft Office Proofing Tools 2013 - Español
Microsoft Office Shared 32-bit MUI (Portuguese (Brazil)) 2013
Microsoft Office Shared MUI (Portuguese (Brazil)) 2013
Microsoft OneNote MUI (Portuguese (Brazil)) 2013
Microsoft Outlook MUI (Portuguese (Brazil)) 2013
Microsoft PowerPoint MUI (Portuguese (Brazil)) 2013
Microsoft Publisher MUI (Portuguese (Brazil)) 2013
Microsoft Silverlight
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005
Microsoft Word MUI (Portuguese (Brazil)) 2013
Mozilla Firefox 31.0 (x86 pt-BR)
Mozilla Maintenance Service
Norton Internet Security
PC-CCID
Priston Tale Brasil 
Realtek Ethernet Controller Driver
Realtek High Definition Audio Driver
Receitanet
Revisores de Texto do Microsoft Office 2013 – Português do Brasil
S Agent
SafeSign 64-bits
Samsung Link 2.0.0.1408131423
Samsung Recovery Solution 5
Security Update for Microsoft .NET Framework 4.5.1 (KB2894854v2)
Security Update for Microsoft .NET Framework 4.5.1 (KB2898869)
Security Update for Microsoft .NET Framework 4.5.1 (KB2901126)
Security Update for Microsoft .NET Framework 4.5.1 (KB2931368)
Security Update for Microsoft .NET Framework 4.5.1 (KB2972216)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition
Software Intel® PROSet/Wireless WiFi
Software Updater
Spotify
Suporte para Aplicativos Apple
Surfing Protection
SW Update
swMSM
Tag&Rename 3.6.6
Update for Microsoft Excel 2013 (KB2889861) 64-Bit Edition
Update for Microsoft Lync 2013 (KB2881083) 64-Bit Edition
Update for Microsoft Lync 2013 (KB2889860) 64-Bit Edition
Update for Microsoft Office 2013 (KB2760249) 64-Bit Edition
Update for Microsoft Office 2013 (KB2760344) 64-Bit Edition
Update for Microsoft Office 2013 (KB2760544) 64-Bit Edition
Update for Microsoft Office 2013 (KB2768012) 64-Bit Edition
Update for Microsoft Office 2013 (KB2817302) 64-Bit Edition
Update for Microsoft Office 2013 (KB2837644) 64-Bit Edition
Update for Microsoft Office 2013 (KB2863843) 64-Bit Edition
Update for Microsoft Office 2013 (KB2880462) 64-Bit Edition
Update for Microsoft Office 2013 (KB2880478) 64-Bit Edition
Update for Microsoft Office 2013 (KB2881001) 64-Bit Edition
Update for Microsoft Office 2013 (KB2881009) 64-Bit Edition
Update for Microsoft Office 2013 (KB2881035) 64-Bit Edition
Update for Microsoft Office 2013 (KB2881039) 64-Bit Edition
Update for Microsoft Office 2013 (KB2881081) 64-Bit Edition
Update for Microsoft Office 2013 (KB2883036) 64-Bit Edition
Update for Microsoft Office 2013 (KB2883049) 64-Bit Edition
Update for Microsoft Office 2013 (KB2883060) 64-Bit Edition
Update for Microsoft Office 2013 (KB2889848) 64-Bit Edition
Update for Microsoft Office 2013 (KB2889862) 64-Bit Edition
Update for Microsoft OneDrive for Business (KB2883066) 64-Bit Edition
Update for Microsoft OneNote 2013 (KB2881082) 64-Bit Edition
Update for Microsoft Outlook 2013 (KB2880470) 64-Bit Edition
Update for Microsoft PowerPoint 2013 (KB2889847) 64-Bit Edition
Update for Microsoft Publisher 2013 (KB2880999) 64-Bit Edition
Update for Microsoft Visio Viewer 2013 (KB2817301) 64-Bit Edition
Update for Microsoft Word 2013 (KB2878319) 64-Bit Edition
Update for Microsoft Word 2013 (KB2889852) 64-Bit Edition
User Guide
Warsaw 1.3.1
WinRAR 5.01 (64-bit)
WinSCP 5.1.7
.
==== End Of File ===========================
 
 
 
 
GMER 2.1.19357 - http://www.gmer.net
Rootkit scan 2014-09-29 13:35:49
Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-0 Hitachi_ rev.GG2O 465,76GB
Running: iexplore.exe; Driver: C:\Users\SAMSUN~1\AppData\Local\Temp\kgndruoc.sys
 
 
---- Registry - GMER 2.1 ----
 
Reg   HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\00dbdf0393bd                      
Reg   HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\00dbdf0393bd@bc72b187b667         0x82 0x18 0x4A 0xB3 ...
Reg   HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\00dbdf0393bd@1883310ed5bf         0xBB 0x66 0xA2 0x57 ...
Reg   HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\00dbdf0393bd (not active ControlSet)  
Reg   HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\00dbdf0393bd@bc72b187b667             0x82 0x18 0x4A 0xB3 ...
Reg   HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\00dbdf0393bd@1883310ed5bf             0xBB 0x66 0xA2 0x57 ...
 
---- Disk sectors - GMER 2.1 ----
 
Disk  \Device\Harddisk0\DR0                                                                            unknown MBR code
 
---- EOF - GMER 2.1 ----
 
 

Compartilhar este post


Link para o post
Compartilhar em outros sites

Olá André Souza_708677,

 

Recomendo que salve este tópico em seus Favoritos para facilitar na hora de encontrá-lo.
 
Por favor, atente para o seguinte:
  • Caso fique sem resposta durante 3 dias, me envie uma Mensagem Privada (MP);
  • O que será passado aqui, somente será com relação ao problema do seu computador portanto, não faça mais em nenhum outro;
  • Siga, por favor, atentamente as instruções passadas e em caso de dúvidas não hesite em perguntá-las;
  • Procure sempre me manter informado, durante a remoção, sobre o que acontece com seu computador.
  • Respeite a ordem das instruções passadas.
  • Observação: Não tome outra medida além das passadas aqui; atente para que, caso peça ajuda em outro fórum, não deixe de nos informar, sob risco de desconfigurar seu computador!

 

Baixe o 51a5f31352b88-icon_MBAR.pngMalwarebytes Anti-Rootkit (MBAR)

Extraia o arquivos para sua área de trabalho

  • Acesse a pasta mbar e execute o arquivo mbar.exe
  • Clique no botão Next, depois em Update,
  • Clique novamente em Next, e em seguida em Scan.
  • Ao final, Não clique no Cleanup, basta apenas sair do programa.
  • Poste os logs mbar-log.txt e system-log.txt , localizado na pasta mbar .
  • Curtir 1

Compartilhar este post


Link para o post
Compartilhar em outros sites

Bom dia. Muito obrigado pela ajuda!

 

Segue abaixo o system-log. O outro arquivo de log não foi gerado.

 

---------------------------------------
Malwarebytes Anti-Rootkit BETA 1.07.0.1012
 
© Malwarebytes Corporation 2011-2012
 
OS version: 6.1.7601 Windows 7 Service Pack 1 x64
 
Account is Administrative
 
Internet Explorer version: 11.0.9600.17280
 
File system is: NTFS
Disk drives: C:\ DRIVE_FIXED
CPU speed: 1.596000 GHz
Memory total: 8479031296, free: 3757182976
 
Downloaded database version: v2014.10.02.10
Downloaded database version: v2014.09.19.01
=======================================
Initializing...
Done!
Scanning drivers directory: C:\WINDOWS\SYSTEM32\drivers...
Done!
Drive 0
This is a System drive
Scanning MBR on drive 0...
Inspecting partition table:
MBR Signature: 55AA
Disk Signature: 6EECD555
 
Partition information:
 
    Partition 0 type is Primary (0x7)
    Partition is ACTIVE.
    Partition starts at LBA: 2048  Numsec = 204800
    Partition file system is NTFS
    Partition is bootable
 
    Partition 1 type is Primary (0x7)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 206848  Numsec = 932982784
 
    Partition 2 type is Other (0x27)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 933189632  Numsec = 43579392
 
    Partition 3 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0
 
Disk Size: 500107862016 bytes
Sector size: 512 bytes
 
Scanning physical sectors of unpartitioned space on drive 0 (1-2047-976753168-976773168)...
Done!
Drive 1
Scanning MBR on drive 1...
Inspecting partition table:
MBR Signature: 55AA
Disk Signature: 74F02DEA
 
Partition information:
 
    Partition 0 type is Other (0x73)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 2048  Numsec = 13869056
 
    Partition 1 type is Other (0x6)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 13871104  Numsec = 17391616
 
    Partition 2 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0
 
    Partition 3 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0
 
Disk Size: 16013942784 bytes
Sector size: 512 bytes
 
Done!
Scan finished

Compartilhar este post


Link para o post
Compartilhar em outros sites

Ok,

 

1)

 

Baixe o AdwCleaner e salve no desktop.
https://toolslib.net/downloads/finish/1/

Execute o arquivo adwcleaner.exe

*** Usuários do Windows Vista ou Windows 7 clique com o direito sobre o arquivo adwcleaner.exe, depois clique em execadmin.png.

Clique no botão Examinar e aguarde o exame finalizar.

Clique no botão Limpar.

Abrirá um bloco de notas com o resultado. Anexe o log na sua próxima resposta.

NOTA: Se o AdwCleaner encontrar arquivos que não consiga remover, poderá ter de reiniciar o PC. Faça isso imediatamente, ao ser perguntado se quer reiniciar o PC.
 

2)

 

Desative temporariamente seu antivirus, antispywares e firewall, para não causar conflitos.

Baixe 1268r49.png e salve no desktop. Dê um duplo-clique para executar o Junkware Removal Tool (JRT).

* No Windows Vista e Windows 7:

Clique com o direito sobre o JRT.exe e selecione run_as_adm1.png

A ferramenta começara o exame do seu sistema. Tenha paciência pois pode demorar um pouco dependendo da quantidades de itens a examinar.

Ao final, um log se abrirá. É salvo no desktop com o nome de JRT.txt.

Anexe o log na sua próxima resposta.

3)

 

Baixe o Malwarebytes' Anti-Malware (MBAM)
http://malwarebytes....am-download.php

Dê um duplo-clique no mbam-setup.exe, para a instalação.

  • Desmarque a caixa Ativar trial gratuito do MalwareBytes Anti-Malware PRO.
  • Verifique se as caixas Atualizar Malwarebytes Anti-Malware (se houver) e Executar Malwarebytes Anti-Malware estão marcadas e clique então, em Concluir.
  • Se houver atualizações a serem feitas, serão baixadas e instaladas.
  • Ao final da atualização, caso o programa tenha sido instalado em Inglês, com o programa aberto, clique em Settings e no campo Language mude para Portuguese (Brasil).
  • Ainda na tela de Configurações, clique em Detecção e proteção, marque Verificar por Rootkits. Em Detecções PUP (programas potencialmente indesejados):, selecione Tratar detecções como malware.
  • Clique em Verificar em seguida Verificar ameaça por fim clique em Verificar agora.
  • Começará então o exame. Aguarde, pois pode demorar.
  • Ao acabar o exame, se houver ítens encontrados, clique no botão Mover todos para a Quarentena..
  • Clique em Aplicar ações.
  • Ao final da desinfecção, poderá aparecer um aviso se quer reiniciar o PC. (Ver Nota abaixo)
  • O log é automaticamente salvo pelo MBAM e para vê-lo, clique na aba Histórico -> Logs de aplicativos na janela principal do programa. Utilize o formato .txt para exportar o log.
  • Anexe o log na sua próxima resposta..

NOTA: Se o MBAM encontrar arquivos que não consiga remover, poderá ter de reiniciar o PC (talvez mais de uma vez). Faça isso imediatamente, ao ser perguntado se quer reiniciar o PC.

Compartilhar este post


Link para o post
Compartilhar em outros sites

Desative temporariamente seu antivírus, antispywares e firewall, para não causar conflitos.
 
Baixe 51a612a8b27e2-Zoek.png Zoek.exe (por Smeenk) e salve na sua área de trabalho.
 
Execute o arquivo Zoek.exe

*** Usuários do Windows Vista ou Windows 7 clique com o direito sobre o arquivo Zoek.exe, depois clique em execadmin.png.

Selecione estas linhas dentro do CODE, clique com o direito sobre a seleção e escolha a opção copiar. emptyclsid;
 

emptyclsid;msconfigcheck;shortcutfix;systemspecs;chrdefaults;ffdedaults;autoclean;

 
Clique com o direito em qualquer parte branca do Zoek e escolha a opção colar

Nota: Esse script foi elaborado somente para este computador, de acordo com os arquivos e chaves presentes.

Aos visitantes: Se estiverem com um problema semelhante, não utilizem esse script, pois o uso sem supervisão pode causar danos ao sistema.


Clique [Run Script]

Aguarde o scan. Ao final abrirá o bloco de notas com o relatório.

Uma cópia também será salva no seu disco local com o nome zoek-results.txt

Anexe o zoek-results.txt na sua próxima resposta.

Compartilhar este post


Link para o post
Compartilhar em outros sites

Boa noite.

 

Desative temporiariamente seu AntiVirus

  • Segure o botão Ctrl e clique neste link para abrir o ESET Online Scanner em uma nova janela.
  • Clique neste botão: j9Byf.png?1
  • Para navegadores alternativos: (Caso use o Internet Explorer, pule esta etapa)esetsmartinstaller_enu.png
    • Clique em esetsmartinstaller_enu.exe para baixar o ESET Smart Intaller. Salve-o em seu desktop.
    • Duplo clique no ícone em seu desktop.
  • Marque "YES, I accept the Terms of Use."
  • Clique em Start.
  • Aceite qualquer aviso de segurança de seu browser.
  • Marque a caixa 'Enable detection of potentially unwanted applications"
  • Em scan settings, marque "Scan Archives" e "Remove found threats"
  • Clique em Advanced settings e marque também as caixas :
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • Clique Change e marque também a caixa Computador.
  • Clique em Start.
  • Ele vai atualizar por conta própria, e escanear o computador. Tenha paciência, o processo pode demorar horas.
  • Quando o scan terminar, clique em List of found threats
  • Clique em Export to text file e salve o log na sua área de trabalho.
  • Clique em Back.
  • Clique em Finish.
  • Anexe o log Salvo.
  • Curtir 1

Compartilhar este post


Link para o post
Compartilhar em outros sites

Ok,

 

Para finalizar:
 
# Etapa nº 1 #


Baixe o Delfix by Xplode e salve na sua área de trabalho.

Dê dois cliques no delfix.exe para executá-lo. Marque as caixas conforme imagem.

** Usuários do Windows Vista ou Windows 7 clique com o direito sobre o arquivo delfix.exe, depois clique em execadmin.png.

2mez6ld.png

Clique no botão Executar.

Ao final será gerado um log, mas não é necessário postar.

 

# Etapa nº 2 #

 

Atualize o Java.
 
Atenção: Desinstale TODAS as versões antigas do Java.

  • Feche todos os programas especialmente o seu Navegador (IE, Firefox etc).
  • Acesse o site Java para Windows
  • Clique em 4531602912_e9606174d3_o.gif
  • Na janela que surgir clique em Executar;
  • Siga os procedimentos de instalação.

 
# Etapa nº 3 #
 
<<@>> Instale o CCleaner
 
O CCleaner é um excelente utilitário de limpeza para o computador, que lhe ajudará no desempenho do computador. Faça o download dele aqui CCleaner

 

IMPORTANTE: Após a instalação vá até o local onde o programa foi instalado, C:\Arquivos de programas\CCleaner, clique duas vezes na pasta, numa área vazia desta janela, clique com o botão direito do mouse e escolha Novo > pasta e crie uma nova pasta; coloque o nome de backups!

  • Abra o programa e clique em Executar Limpeza;
  • clique no botão Registro > Procurar Erros > Corrigir erro(s) seleciona(s)...

Obs: Não se esqueça de aceitar o backup das correções, e salvá-los nas pasta criada acima!
<<@>> Mantenha sempre seu Windows atualizado; mantenha uma vigilância constante com o firewall e antivírus e por fim, lembre-se que, a melhor forma de prevenir começa pelas nossas atitudes!
 
Abraços. thumbsup.gif

Compartilhar este post


Link para o post
Compartilhar em outros sites

Carlos,

 

Efetuei todas as etapas exatamente como indicado neste último tópico, foram removidas as ferramentas de desinfecção e demais passos.

 

Muito obrigado pela enorme paciência e por toda ajuda nestes vários dias.

 

Instalei o Norton Internet Security e  vou ter mais cuidado com  manuseio do conteúdo no meu  notebook.

 

Mais uma vez o meu muitíssimo obrigado pelo seu conhecimento!  :D

Compartilhar este post


Link para o post
Compartilhar em outros sites

Caso o autor necessite, o mesmo será reaberto, para isso deverá entrar em contato com a moderação solicitando o desbloqueio.

Compartilhar este post


Link para o post
Compartilhar em outros sites
Visitante
Este tópico está impedido de receber novos posts.





Sobre o Clube do Hardware

No ar desde 1996, o Clube do Hardware é uma das maiores, mais antigas e mais respeitadas publicações sobre tecnologia do Brasil. Leia mais

Direitos autorais

Não permitimos a cópia ou reprodução do conteúdo do nosso site, fórum, newsletters e redes sociais, mesmo citando-se a fonte. Leia mais

×