Ir ao conteúdo
  • Comunicados

    • diego_moicano

      Gostaria de se tornar um analista em Remoção de Malware?   07-12-2015

      Gostaria de se tornar um analista em Remoção de Malware? O Fórum Clube do Hardware deu início a um programa de treinamento em análises de log. Os interessados deverão enviar um email para aprendizes (arroba) clubedohardware (ponto) com (ponto) br respondendo as seguintes perguntas: Por que você gostaria de aprender a analisar logs? Possui tempo hábil para o treinamento? Tem conhecimentos em informática? Se sim descreva-os. Possui inglês para leitura? Qual seu objetivo após completar o treinamento?   Não se esqueça de incluir no e-mail o seu nome de usuário (fornecer o link também), idade e cidade onde vive. Adicione também qualquer experiência e/ou razão sobre o porquê você seria um bom Analista. É digno de nota que apenas os que forem selecionados receberão resposta por MP (Mensagem Pessoal), não existe um padrão na escolha dos futuros aprendizes, todos os e-mails serão lidos e serão analisados de forma imparcial, portanto não será permitido reclamações neste aspecto. O treinamento é dado no próprio fórum. Quando um aprendiz é selecionado ele é movido para um novo grupo, onde terá acesso a fóruns fechados para os demais usuários onde poderá dar inicio ao seu treinamento. Importante: A cada 30 dias os e-mails não selecionados serão apagados, portanto você pode enviar um novo e-mail após 1 mês, e-mails enviados antes serão desconsiderados.  
    • Gabriel Torres

      Seja um moderador do Clube do Hardware!   12-02-2016

      Prezados membros do Clube do Hardware, Está aberto o processo de seleção de novos moderadores para diversos setores ou áreas do Clube do Hardware. Os requisitos são:   Pelo menos 500 posts e um ano de cadastro; Boa frequência de participação; Ser respeitoso, cordial e educado com os demais membros; Ter bom nível de português; Ter razoável conhecimento da área em que pretende atuar; Saber trabalhar em equipe (com os moderadores, coordenadores e administradores).   Os interessados deverão enviar uma mensagem privada para o usuário @Equipe Clube do Hardware com o título "Candidato a moderador". A mensagem deverá conter respostas às perguntas abaixo:   Qual o seu nome completo? Qual sua data de nascimento? Qual sua formação/profissão? Já atuou como moderador em algo outro fórum, se sim, qual? De forma sucinta, explique o porquê de querer ser moderador do fórum e conte-nos um pouco sobre você.   OBS: Não se trata de função remunerada. Todos que fazem parte do staff são voluntários.
renanrbm

Redirecionamento de Sites

Recommended Posts

Boa noite,

Estou tendo problemas com algum malware redirecionador de páginas. Toda vez que tento entrar em sites de noticias como UOL, G1, Yahoo, Terra etc. Ele redireciona para páginas esquisitas. Já passei o Avira e Malwarebytes e não acham nada. Preciso da ajuda de vocês. Agradeço desde já por este maravilhoso serviço e ajuda.

Seguem os logs:

.

DDS (Ver_2011-06-23.01) - NTFSAMD64

Internet Explorer: 8.0.6001.19154 BrowserJavaVersion: 1.6.0_26

Run by Ighor at 0:06:01 on 2011-10-16

Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.55.1033.18.4057.1383 [GMT -4:00]

.

AV: AntiVir Desktop *Enabled/Updated* {090F9C29-64CE-6C6F-379C-5901B49A85B7}

SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

SP: AntiVir Desktop *Enabled/Updated* {B26E7DCD-42F4-63E1-0D2C-6273CF1DCF0A}

.

============== Running Processes ===============

.

C:\Windows\system32\wininit.exe

C:\Windows\system32\lsm.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\PROGRA~2\GbPlugin\GbpSv.exe

C:\Windows\system32\svchost.exe -k rpcss

C:\Windows\System32\svchost.exe -k secsvcs

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_15f4e438\STacSV64.exe

C:\Windows\system32\svchost.exe -k GPSvcGroup

C:\Windows\system32\SLsvc.exe

C:\Windows\system32\svchost.exe -k LocalService

C:\Program Files\Dell\DellDock\DockLogin.exe

C:\Windows\system32\svchost.exe -k NetworkService

C:\Windows\System32\WLTRYSVC.EXE

C:\Windows\System32\bcmwltry.exe

C:\Windows\System32\spoolsv.exe

C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Windows\system32\taskeng.exe

C:\Program Files\Windows Defender\MSASCui.exe

C:\Program Files\DellTPad\Apoint.exe

C:\Windows\System32\hkcmd.exe

C:\Windows\System32\igfxpers.exe

C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe

C:\Program Files\IDT\WDM\sttray64.exe

C:\Program Files\Windows Sidebar\sidebar.exe

C:\Windows\system32\taskeng.exe

C:\Program Files (x86)\Gadwin Systems\PrintScreen\PrintScreen.exe

C:\Windows\splwow64.exe

C:\Windows\system32\igfxsrvc.exe

C:\Users\Ighor\AppData\Local\Google\Update\1.3.21.69\GoogleCrashHandler.exe

C:\Windows\ehome\ehtray.exe

C:\Program Files (x86)\Dell Video Chat\DellVideoChat.exe

C:\Users\Ighor\AppData\Roaming\Dropbox\bin\Dropbox.exe

C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe

C:\Program Files\DellTPad\ApMsgFwd.exe

C:\Program Files\DellTPad\HidFind.exe

C:\Program Files\DellTPad\Apntex.exe

C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe

C:\Windows\ehome\ehmsas.exe

C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_15f4e438\AESTSr64.exe

C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe

C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe

C:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe

C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe

C:\Program Files (x86)\TIM Communicator\module\devicemon.exe

C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE

C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe

C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe

C:\Windows\system32\svchost.exe -k imgsvc

C:\Windows\System32\svchost.exe -k WerSvcGroup

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

C:\Windows\system32\SearchIndexer.exe

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe

C:\Windows\system32\RUNDLL32.EXE

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\Program Files\Windows Media Player\wmpnscfg.exe

C:\Program Files\Windows Media Player\wmpnetwk.exe

C:\Windows\system32\wuauclt.exe

C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe

C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe

C:\Program Files (x86)\Mozilla Firefox\firefox.exe

C:\Users\Ighor\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe

C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe

C:\Users\Ighor\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Ighor\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Ighor\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Ighor\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Ighor\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Windows\SysWOW64\rundll32.exe

C:\Users\Ighor\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Ighor\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Windows\system32\SearchProtocolHost.exe

C:\Windows\system32\SearchFilterHost.exe

C:\Windows\SysWOW64\cmd.exe

C:\Windows\SysWOW64\cscript.exe

.

============== Pseudo HJT Report ===============

.

uInternet Settings,ProxyOverride = local

mWinlogon: Userinit=userinit.exe,

BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll

BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

BHO: Windows Live Messenger Companion Helper: {9fdde16b-836f-4806-ab1f-1455cbeff289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll

BHO: Skype Browser Helper: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

BHO: {c41a1c0e-ea6c-11d4-b1b8-444553540000}: G-Buster Browser Defense

BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll"

BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll

TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll"

TB: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File

uRun: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun

uRun: [Gadwin PrintScreen] C:\Program Files (x86)\Gadwin Systems\PrintScreen\PrintScreen.exe /nosplash

uRun: [AdobeBridge]

uRun: [Google Update] "C:\Users\Ighor\AppData\Local\Google\Update\GoogleUpdate.exe" /c

uRun: [ehTray.exe] C:\Windows\ehome\ehTray.exe

uRun: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun

uRun: [sightSpeed] "C:\Program Files (x86)\Dell Video Chat\DellVideoChat.exe" -bootmode

uRun: [Facebook Update] "C:\Users\Ighor\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver

uRunOnce: [FlashPlayerUpdate] C:\Windows\SysWOW64\Macromed\Flash\FlashUtil10x_Plugin.exe -update plugin

mRun: [Dell DataSafe Online] "C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe" /m

mRun: [AdobeCS4ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin

mRun: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"

mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

mRun: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min

StartupFolder: C:\Users\Ighor\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Dropbox.lnk - C:\Users\Ighor\AppData\Roaming\Dropbox\bin\Dropbox.exe

mPolicies-explorer: NoActiveDesktop = 1 (0x1)

mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)

mPolicies-explorer: BindDirectlyToPropertySetStorage = 0 (0x0)

mPolicies-system: EnableLUA = 0 (0x0)

mPolicies-system: EnableUIADesktopToggle = 0 (0x0)

IE: &Enviar para o OneNote - C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105

IE: Download with GetRight - C:\Program Files (x86)\GetRight\GRdownload.htm

IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000

IE: E&xportar para o Microsoft Excel - C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000

IE: Open with GetRight Browser - C:\Program Files (x86)\GetRight\GRbrowse.htm

IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll

IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll

IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL

Trusted Zone: bancobrasil.com.br\www

Trusted Zone: bancobrasil.com.br\www14

Trusted Zone: bancobrasil.com.br\www2

Trusted Zone: bb.com.br\www

DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} - hxxp://messenger.zone.msn.com/binary/SolitaireShowdown.cab56986.cab

DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} - hxxps://h20436.www2.hp.com/ediags/dex/secure/HPDEXAXO.cab

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab

DPF: {C345E174-3E87-4F41-A01C-B066A90A49B4} - hxxp://trial.trymicrosoftoffice.com/trialoaa/buymsoffice_assets/framework//microsoft/wrc32.ocx

DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} - hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab

DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab

DPF: {DB6BF2CD-4F59-4F1C-AA9C-D08C0B61A931} - hxxps://www14.bancobrasil.com.br/plugin/GbpDist.cab

TCP: DhcpNameServer = 10.1.1.1 192.168.0.1

TCP: Interfaces\{1764F5A7-784E-4247-892B-BEAED86D8B31} : DhcpNameServer = 10.1.1.1 192.168.0.1

TCP: Interfaces\{305DB7CC-AA65-427D-AC45-3B6702F4BAAF} : DhcpNameServer = 10.1.1.1

Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll

Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

Notify: GbPluginBb - C:\Program Files (x86)\GbPlugin\gbieh.dll

SEH: GbPluginObj Class: {e37cb5f0-51f5-4395-a808-5fa49e399f83} - C:\PROGRAM FILES (X86)\GBPLUGIN\gbieh.dll

SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll

BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

BHO-X64: AcroIEHelperStub - No File

BHO-X64: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll

BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

BHO-X64: Windows Live Messenger Companion Helper: {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll

BHO-X64: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

BHO-X64: SkypeIEPluginBHO - No File

BHO-X64: G-Buster Browser Defense - No File

BHO-X64: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll"

BHO-X64: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll

TB-X64: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll"

TB-X64: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File

mRun-x64: [Dell DataSafe Online] "C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe" /m

mRun-x64: [AdobeCS4ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin

mRun-x64: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"

mRun-x64: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

mRun-x64: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min

SEH-X64: GbPluginObj Class: {E37CB5F0-51F5-4395-A808-5FA49E399F83} - C:\PROGRAM FILES (X86)\GBPLUGIN\gbieh.dll

SEH-X64: Groove GFS Stub Execution Hook: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll

.

================= FIREFOX ===================

.

FF - ProfilePath - C:\Users\Ighor\AppData\Roaming\Mozilla\Firefox\Profiles\q35w61nn.default\

FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2233703&SearchSource=3&q={searchTerms}

FF - prefs.js: browser.startup.homepage - www.uol.com.br

FF - component: C:\Users\Ighor\AppData\Roaming\Mozilla\Firefox\Profiles\q35w61nn.default\extensions\{87F8774F-B485-47E2-A755-A40A8A5E886C}\components\GbMzhBb.dll

FF - plugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll

FF - plugin: C:\Program Files (x86)\Google\Update\1.2.183.39\npGoogleOneClick8.dll

FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.53\npGoogleUpdate3.dll

FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.57\npGoogleUpdate3.dll

FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.65\npGoogleUpdate3.dll

FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.69\npGoogleUpdate3.dll

FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll

FF - plugin: C:\Program Files (x86)\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll

FF - plugin: C:\Program Files (x86)\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll

FF - plugin: C:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrlui.dll

FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll

FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npwachk.dll

FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

FF - plugin: C:\Users\Ighor\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll

FF - plugin: C:\Users\Ighor\AppData\Local\Google\Update\1.3.21.69\npGoogleUpdate3.dll

FF - plugin: C:\Users\Ighor\AppData\Roaming\Mozilla\Firefox\Profiles\q35w61nn.default\extensions\{87F8774F-B485-47E2-A755-A40A8A5E886C}\plugins\npgbfnc_bb.dll

FF - plugin: C:\Users\Ighor\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll

FF - plugin: C:\Users\Ighor\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll

FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll

.

============= SERVICES / DRIVERS ===============

.

R0 PxHlpa64;PxHlpa64;C:\Windows\system32\Drivers\PxHlpa64.sys --> C:\Windows\system32\Drivers\PxHlpa64.sys [?]

R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;C:\Windows\system32\DRIVERS\dtsoftbus01.sys --> C:\Windows\system32\DRIVERS\dtsoftbus01.sys [?]

R1 VBoxDrv;VirtualBox Service;C:\Windows\system32\DRIVERS\VBoxDrv.sys --> C:\Windows\system32\DRIVERS\VBoxDrv.sys [?]

R2 AESTFilters;Andrea ST Filters Service;C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_15f4e438\AESTSr64.exe --> C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_15f4e438\AESTSr64.exe [?]

R2 AntiVirSchedulerService;Avira AntiVir Scheduler;C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [2011-8-27 136360]

R2 AntiVirService;Avira AntiVir Guard;C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [2011-8-27 269480]

R2 avgntflt;avgntflt;C:\Windows\system32\DRIVERS\avgntflt.sys --> C:\Windows\system32\DRIVERS\avgntflt.sys [?]

R2 DockLoginService;Dock Login Service;C:\Program Files\Dell\DellDock\DockLogin.exe [2008-12-18 155648]

R2 FontCache;Windows Font Cache Service;C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2008-1-20 21504]

R2 GbpSv;Gbp Service;C:\PROGRA~2\GbPlugin\GbpSv.exe [2009-11-22 208672]

R2 OrolixDeviceMonitor;Orolix Device Monitor;C:\Program Files (x86)\TIM Communicator\module\devicemon.exe [2010-4-20 27040]

R2 yksvc;Marvell Yukon Service;RUNDLL32.EXE ykx64coinst,serviceStartProc --> RUNDLL32.EXE ykx64coinst,serviceStartProc [?]

R3 CtClsFlt;Creative Camera Class Upper Filter Driver;C:\Windows\system32\DRIVERS\CtClsFlt.sys --> C:\Windows\system32\DRIVERS\CtClsFlt.sys [?]

R3 fssfltr;FssFltr;C:\Windows\system32\DRIVERS\fssfltr.sys --> C:\Windows\system32\DRIVERS\fssfltr.sys [?]

R3 huawei_enumerator;huawei_enumerator;C:\Windows\system32\DRIVERS\ew_jubusenum.sys --> C:\Windows\system32\DRIVERS\ew_jubusenum.sys [?]

R3 OA009Ufd;Creative Camera OA009 Upper Filter Driver;C:\Windows\system32\DRIVERS\OA009Ufd.sys --> C:\Windows\system32\DRIVERS\OA009Ufd.sys [?]

R3 OA009Vid;Creative Camera OA009 Function Driver;C:\Windows\system32\DRIVERS\OA009Vid.sys --> C:\Windows\system32\DRIVERS\OA009Vid.sys [?]

R3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter;C:\Windows\system32\DRIVERS\VBoxNetAdp.sys --> C:\Windows\system32\DRIVERS\VBoxNetAdp.sys [?]

R3 VBoxNetFlt;VBoxNetFlt Service;C:\Windows\system32\DRIVERS\VBoxNetFlt.sys --> C:\Windows\system32\DRIVERS\VBoxNetFlt.sys [?]

R3 yukonx64;NDIS6.0 Miniport Driver for Marvell Yukon Ethernet Controller;C:\Windows\system32\DRIVERS\yk60x64.sys --> C:\Windows\system32\DRIVERS\yk60x64.sys [?]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]

S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]

S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-12-7 136176]

S3 BBSvc;Bing Bar Update Service;C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-4-1 183560]

S3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device;C:\Windows\system32\DRIVERS\ew_hwusbdev.sys --> C:\Windows\system32\DRIVERS\ew_hwusbdev.sys [?]

S3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2010-10-20 1038088]

S3 fsssvc;Windows Live Family Safety Service;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2011-5-13 1492840]

S3 gupdatem;Serviço do Google Update (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-12-7 136176]

S3 huawei_cdcacm;huawei_cdcacm;C:\Windows\system32\DRIVERS\ew_jucdcacm.sys --> C:\Windows\system32\DRIVERS\ew_jucdcacm.sys [?]

S3 PerfHost;Performance Counter DLL Host;C:\Windows\SysWOW64\perfhost.exe [2008-1-20 19968]

S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-3-18 1020768]

S4 clr_optimization_v2.0.50727_64;Microsoft .NET Framework NGEN v2.0.50727_X64;C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe [2010-5-1 89920]

S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]

.

=============== File Associations ===============

.

JSEFile=C:\Windows\SysWOW64\WScript.exe "%1" %*

.

=============== Created Last 30 ================

.

2011-10-16 03:34:05 -------- d-----w- C:\LinhaDefensiva

2011-10-15 15:42:18 -------- d-----w- C:\Users\Ighor\AppData\Local\{D47450E1-5E7E-42F3-BA9E-01A6E815FD09}

2011-10-15 15:41:55 -------- d-----w- C:\Users\Ighor\AppData\Local\{90F2AA54-3FAB-40FF-81E7-2A3D629AA421}

2011-10-15 02:24:20 -------- d-----w- C:\Users\Ighor\AppData\Local\{F758F742-E3C5-4C9C-8AB2-C24ADD7D938C}

2011-10-15 02:23:56 -------- d-----w- C:\Users\Ighor\AppData\Local\{C4543A0E-E778-4F4A-927A-AB737F9F0D62}

2011-10-15 01:23:56 69000 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{DEC8ED20-4FFB-4111-92AD-6803A90F8DAD}\offreg.dll

2011-10-14 15:00:47 9049936 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{DEC8ED20-4FFB-4111-92AD-6803A90F8DAD}\mpengine.dll

2011-10-13 20:32:44 2764288 ----a-w- C:\Windows\System32\win32k.sys

2011-10-13 20:28:17 332288 ----a-w- C:\Windows\System32\oleacc.dll

2011-10-13 20:28:17 238080 ----a-w- C:\Windows\SysWow64\oleacc.dll

2011-10-13 20:28:16 847360 ----a-w- C:\Windows\System32\oleaut32.dll

2011-10-13 20:28:16 735744 ----a-w- C:\Windows\System32\UIAutomationCore.dll

2011-10-13 20:28:16 563712 ----a-w- C:\Windows\SysWow64\oleaut32.dll

2011-10-13 20:28:16 555520 ----a-w- C:\Windows\SysWow64\UIAutomationCore.dll

2011-10-13 20:28:16 4096 ----a-w- C:\Windows\SysWow64\oleaccrc.dll

2011-10-13 20:28:16 4096 ----a-w- C:\Windows\System32\oleaccrc.dll

2011-10-13 20:28:08 2409784 ----a-w- C:\Program Files\Windows Mail\OESpamFilter.dat

2011-10-13 20:28:08 2409784 ----a-w- C:\Program Files (x86)\Windows Mail\OESpamFilter.dat

2011-10-13 20:26:59 69632 ----a-w- C:\Windows\SysWow64\Mpeg2Data.ax

2011-10-13 20:26:59 375808 ----a-w- C:\Windows\System32\psisdecd.dll

2011-10-13 20:26:59 293376 ----a-w- C:\Windows\SysWow64\psisdecd.dll

2011-10-13 20:26:59 289792 ----a-w- C:\Windows\System32\psisrndr.ax

2011-10-13 20:26:59 217088 ----a-w- C:\Windows\SysWow64\psisrndr.ax

2011-10-13 20:26:59 100352 ----a-w- C:\Windows\System32\Mpeg2Data.ax

2011-10-13 20:26:58 73216 ----a-w- C:\Windows\System32\MSDvbNP.ax

2011-10-13 20:26:58 57856 ----a-w- C:\Windows\SysWow64\MSDvbNP.ax

2011-10-12 17:46:04 -------- d-----w- C:\Users\Ighor\AppData\Local\{2D2C248A-D9E7-4943-BC61-284BEEF85FB4}

2011-10-12 17:45:40 -------- d-----w- C:\Users\Ighor\AppData\Local\{CF7F5BF1-46D9-49A3-B3E0-4A6DA41947F5}

2011-10-11 19:58:38 -------- d-----w- C:\Users\Ighor\AppData\Local\{09C5CF63-0CFE-41DA-BFE7-8EB461275EC0}

2011-10-11 19:58:26 -------- d-----w- C:\Users\Ighor\AppData\Local\{BE79236F-B4B8-4F36-9FF6-B1C1B8516BB9}

2011-10-10 20:50:07 -------- d-----w- C:\Users\Ighor\AppData\Local\{E8E49DAF-A685-4C7A-B934-96204F7BD6C8}

2011-10-10 20:49:44 -------- d-----w- C:\Users\Ighor\AppData\Local\{21CE5774-C3BD-4A0C-A295-0A0CE842F2D2}

2011-10-10 15:09:40 4550304 ----a-w- C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}\components\SkypeFfComponent.dll

2011-10-09 18:37:53 -------- d-----w- C:\Users\Ighor\AppData\Local\{5559FD20-6514-488E-8454-8349D8C5280E}

2011-10-09 18:37:29 -------- d-----w- C:\Users\Ighor\AppData\Local\{5EEDC2FF-053D-460B-8956-AA2A5F972D87}

2011-10-08 12:52:44 -------- d-----w- C:\Users\Ighor\AppData\Local\{F8C2F820-918F-4085-90E7-CC76CE72BAF0}

2011-10-08 12:52:20 -------- d-----w- C:\Users\Ighor\AppData\Local\{881557B7-73AF-4A56-9557-36EA876FF5DD}

2011-10-03 01:42:26 -------- d-----w- C:\Users\Ighor\AppData\Local\{AEE9A088-DAAC-4757-AF0C-E693268C146D}

2011-10-03 01:41:17 -------- d-----w- C:\Users\Ighor\AppData\Local\{143113E3-75EB-4B1C-BF92-5200D25BA124}

2011-10-01 00:25:28 -------- d-----w- C:\Users\Ighor\AppData\Local\{D6932E23-2C3B-42C9-89F1-7D548899C633}

2011-10-01 00:25:02 -------- d-----w- C:\Users\Ighor\AppData\Local\{535BB678-7CE2-4983-BF23-3F7D77D945D7}

2011-09-24 14:42:06 -------- d-----w- C:\Users\Ighor\AppData\Roaming\calibre

2011-09-24 14:02:33 -------- d-----w- C:\Program Files (x86)\Hamster Soft

2011-09-24 13:13:54 -------- d-----w- C:\Users\Ighor\AppData\Local\{9A76C79D-48DB-4877-9B25-AEDB8A3AB110}

2011-09-24 13:13:30 -------- d-----w- C:\Users\Ighor\AppData\Local\{A0BA11FA-84CA-4E10-A055-76A877879E0C}

2011-09-22 20:38:06 -------- d-----w- C:\Program Files (x86)\Sony

2011-09-22 19:42:20 -------- d-----w- C:\Users\Ighor\AppData\Local\{DF46055E-CCE1-4BDF-B6F9-3474D0FC3FD3}

2011-09-22 19:41:44 -------- d-----w- C:\Users\Ighor\AppData\Local\{2B13F81E-1F93-42BB-A432-7153D56F69C6}

2011-09-21 05:02:12 -------- d-----w- C:\Program Files (x86)\trend micro

2011-09-17 20:01:01 -------- d-----w- C:\9249d64b0bf39918cd0e09

2011-09-17 16:49:34 -------- d-----w- C:\Program Files (x86)\Orçamento Pessoal 2011

2011-09-17 16:49:26 937984 ------w- C:\Windows\Setup1.exe

2011-09-17 16:49:24 73216 ----a-w- C:\Windows\ST6UNST.EXE

2011-09-17 15:08:46 -------- d-----r- C:\Users\Ighor\Dropbox

2011-09-17 15:04:52 -------- d-----w- C:\Users\Ighor\AppData\Roaming\Dropbox

2011-09-17 02:42:01 -------- d-----w- C:\Users\Ighor\AppData\Local\{953E03FF-F3E1-4792-B960-38708FDD26D8}

2011-09-17 02:41:37 -------- d-----w- C:\Users\Ighor\AppData\Local\{1B73D23D-A057-4239-AFF1-F722A59D9C64}

.

==================== Find3M ====================

.

2011-09-30 23:25:35 1147904 ----a-w- C:\Windows\System32\wininet.dll

2011-09-30 23:21:20 56832 ----a-w- C:\Windows\System32\licmgr10.dll

2011-09-30 23:21:00 1538560 ----a-w- C:\Windows\System32\inetcpl.cpl

2011-09-30 23:20:40 132096 ----a-w- C:\Windows\System32\iesysprep.dll

2011-09-30 23:20:39 77312 ----a-w- C:\Windows\System32\iesetup.dll

2011-09-30 23:06:24 916480 ----a-w- C:\Windows\SysWow64\wininet.dll

2011-09-30 23:02:06 43520 ----a-w- C:\Windows\SysWow64\licmgr10.dll

2011-09-30 23:01:51 1469440 ----a-w- C:\Windows\SysWow64\inetcpl.cpl

2011-09-30 23:01:34 71680 ----a-w- C:\Windows\SysWow64\iesetup.dll

2011-09-30 23:01:34 109056 ----a-w- C:\Windows\SysWow64\iesysprep.dll

2011-09-30 22:29:23 479232 ----a-w- C:\Windows\System32\html.iec

2011-09-30 22:07:25 385024 ----a-w- C:\Windows\SysWow64\html.iec

2011-09-30 21:48:19 162816 ----a-w- C:\Windows\System32\ieUnatt.exe

2011-09-30 21:47:04 1638912 ----a-w- C:\Windows\System32\mshtml.tlb

2011-09-30 21:29:54 133632 ----a-w- C:\Windows\SysWow64\ieUnatt.exe

2011-09-30 21:28:36 1638912 ----a-w- C:\Windows\SysWow64\mshtml.tlb

2011-09-30 01:14:22 404640 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl

2011-08-31 21:00:50 25416 ----a-w- C:\Windows\System32\drivers\mbam.sys

2011-08-08 15:23:42 44064 ----a-w- C:\Windows\SysWow64\drivers\gbpkm.sys

2011-07-21 16:15:15 88288 ----a-w- C:\Windows\System32\drivers\avgntflt.sys

2011-07-07 22:45:58 494032 ----a-w- C:\Program Files (x86)\FacebookVideoCallSetup_v1.2.199.0.exe

2011-06-06 23:00:28 57477248 ----a-w- C:\Program Files (x86)\Evernote_4.3.1.4479.exe

2011-04-21 18:07:04 884512 ----a-w- C:\Program Files (x86)\chromeinstall-6u24 (1).exe

2011-01-18 12:58:37 2976440 ----a-w- C:\Program Files (x86)\ccsetup302.exe

2011-01-18 12:23:02 1288552 ----a-w- C:\Program Files (x86)\wlsetup-web (1).exe

2011-01-17 17:37:47 293208 ----a-w- C:\Program Files (x86)\SoftonicDownloader_para_msn-messenger-2011-windows-live-messenger.exe

2011-01-08 12:20:41 11138368 ----a-w- C:\Program Files (x86)\DTLite4401-0127.exe

2009-10-26 01:05:51 646656 ----a-w- C:\Program Files (x86)\MediaSub.exe

.

============= FINISH: 0:07:11,84 ===============

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

.

DDS (Ver_2011-06-23.01)

.

Microsoft® Windows Vista™ Home Premium

Boot Device: \Device\HarddiskVolume3

Install Date: 28/06/2009 20:27:00

System Uptime: 15/10/2011 12:22:17 (12 hours ago)

.

Motherboard: Dell Inc. | | 0G848F

Processor: Pentium® Dual-Core CPU T4200 @ 2.00GHz | Microprocessor | 2000/200mhz

.

==== Disk Partitions =========================

.

C: is FIXED (NTFS) - 283 GiB total, 131,533 GiB free.

D: is FIXED (NTFS) - 15 GiB total, 14,543 GiB free.

E: is CDROM ()

G: is CDROM ()

.

==== Disabled Device Manager Items =============

.

==== System Restore Points ===================

.

.

==== Installed Programs ======================

.

Update for Microsoft Office 2007 (KB2508958)

50 FREE MP3s +1 Free Audiobook!

abgx360 v1.0.2

Acrobat.com

Adobe AIR

Adobe Anchor Service CS4

Adobe Bridge CS4

Adobe CMaps CS4

Adobe Color - Photoshop Specific CS4

Adobe Color EU Recommended Settings CS4

Adobe Color JA Extra Settings CS4

Adobe Color NA Extra Settings CS4

Adobe Color Video Profiles CS CS4

Adobe CSI CS4

Adobe Default Language CS4

Adobe Device Central CS4

Adobe Drive CS4

Adobe ExtendScript Toolkit CS4

Adobe Extension Manager CS4

Adobe Flash Player 10 ActiveX

Adobe Flash Player 10 Plugin

Adobe Fonts All

Adobe Linguistics CS4

Adobe Media Player

Adobe Output Module

Adobe PDF Library Files CS4

Adobe Photoshop CS4

Adobe Photoshop CS4 Support

Adobe Reader 9.3.4

Adobe Search for Help

Adobe Service Manager Extension

Adobe Setup

Adobe Type Support CS4

Adobe Update Manager CS4

Adobe WinSoft Linguistics Plugin

Adobe XMP Panels CS4

AdobeColorCommonSetCMYK

AdobeColorCommonSetRGB

Advanced Audio FX Engine

Arquivo do WinRAR

µTorrent

Atualização do produto Microsoft Office Excel 2007 Help (KB963678)

Atualização do produto Microsoft Office Outlook 2007 Help (KB963677)

Atualização do produto Microsoft Office Powerpoint 2007 Help (KB963669)

Atualização do produto Microsoft Office Word 2007 Help (KB963665)

Avira AntiVir Personal - Free Antivirus

Bing Bar

Cisco EAP-FAST Module

Cisco LEAP Module

Cisco PEAP Module

Connect

Controle ActiveX do Windows Live Mesh para Conexões Remotas

D3DX10

DAEMON Tools Lite

Dell DataSafe Online

Dell Getting Started Guide

Dell Video Chat

Dell Webcam Central

DivXLand Media Subtitler

Dropbox

Facebook Video Calling 1.0.0.8714

ffdshow [rev 2583] [2009-01-05]

FormatFactory 2.50

Gadwin PrintScreen

Gestão do Relacionamento com Clientes - CRM 2.10

GetRight

Google Chrome

Google Earth Plug-in

Google Talk Plugin

Google Update Helper

GrapherOC 1.06

Hamster Free EbookConverter

Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)

Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)

ImgBurn

Java Auto Updater

Java 6 Update 26

Junk Mail filter update

K-Lite Mega Codec Pack 5.8.3

kuler

Live! Cam Avatar Creator

Malwarebytes' Anti-Malware versão 1.51.2.1300

Medieval - Total War - Gold Edition

Medieval II Total War

Medieval II Total War : Kingdoms : Americas

Medieval II Total War : Kingdoms : Britannia

Medieval II Total War : Kingdoms : Crusades

Medieval II Total War : Kingdoms : Teutonic

Mesh Runtime

Messenger Companion

Microsoft .NET Framework 1.1

Microsoft .NET Framework 1.1 Security Update (KB2572067)

Microsoft .NET Framework 1.1 Security Update (KB979906)

Microsoft Office 2007 Service Pack 2 (SP2)

Microsoft Office Access MUI (Portuguese (Brazil)) 2007

Microsoft Office Enterprise 2007

Microsoft Office Excel MUI (Portuguese (Brazil)) 2007

Microsoft Office Groove MUI (Portuguese (Brazil)) 2007

Microsoft Office InfoPath MUI (Portuguese (Brazil)) 2007

Microsoft Office OneNote MUI (Portuguese (Brazil)) 2007

Microsoft Office Outlook Connector

Microsoft Office Outlook MUI (Portuguese (Brazil)) 2007

Microsoft Office PowerPoint MUI (Portuguese (Brazil)) 2007

Microsoft Office Proof (English) 2007

Microsoft Office Proof (Portuguese (Brazil)) 2007

Microsoft Office Proof (Spanish) 2007

Microsoft Office Proofing (Portuguese (Brazil)) 2007

Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)

Microsoft Office Publisher MUI (Portuguese (Brazil)) 2007

Microsoft Office Shared MUI (Portuguese (Brazil)) 2007

Microsoft Office Word MUI (Portuguese (Brazil)) 2007

Microsoft Silverlight

Microsoft SQL Server 2005

Microsoft SQL Server 2005 Compact Edition [ENU]

Microsoft SQL Server 2005 Express Edition (SQLEXPRESS)

Microsoft SQL Server 2005 Tools Express Edition

Microsoft SQL Server Setup Support Files (English)

Microsoft Visual C++ 2005 Redistributable

Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

Microsoft Visual J# .NET Redistributable Package 1.1

Microsoft Works

Mozilla Firefox 7.0.1 (x86 pt-BR)

MSVCRT

MSVCRT Redists

MSVCRT_amd64

MSXML 4.0 SP2 (KB954430)

MSXML 4.0 SP2 (KB973688)

Neotriad Organiza

neroxml

Noise Reduction Plug-in 2.0i

Orçamento Pessoal 2011

PDF Settings CS4

Photoshop Camera Raw

Pimaco

PowerDVD DX

Roxio Creator Audio

Roxio Creator Copy

Roxio Creator Data

Roxio Creator DE

Roxio Creator Tools

Roxio Express Labeler 3

Roxio Update Manager

Security Update for 2007 Microsoft Office System (KB2288621)

Security Update for 2007 Microsoft Office System (KB2288931)

Security Update for 2007 Microsoft Office System (KB2345043)

Security Update for 2007 Microsoft Office System (KB2553074)

Security Update for 2007 Microsoft Office System (KB2553089)

Security Update for 2007 Microsoft Office System (KB2553090)

Security Update for 2007 Microsoft Office System (KB2584063)

Security Update for 2007 Microsoft Office System (KB969559)

Security Update for 2007 Microsoft Office System (KB976321)

Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)

Security Update for Microsoft Office Access 2007 (KB979440)

Security Update for Microsoft Office Excel 2007 (KB2553073)

Security Update for Microsoft Office Groove 2007 (KB2552997)

Security Update for Microsoft Office InfoPath 2007 (KB2510061)

Security Update for Microsoft Office InfoPath 2007 (KB979441)

Security Update for Microsoft Office PowerPoint 2007 (KB2535818)

Security Update for Microsoft Office PowerPoint Viewer 2007 (KB2464623)

Security Update for Microsoft Office Publisher 2007 (KB2284697)

Security Update for Microsoft Office system 2007 (972581)

Security Update for Microsoft Office system 2007 (KB974234)

Security Update for Microsoft Office Visio Viewer 2007 (KB973709)

Security Update for Microsoft Office Word 2007 (KB2344993)

Segoe UI

Skype Click to Call

Skype™ 5.5

Sothink Movie DVD Maker

Sound Forge Pro 10.0

Subtitle Workshop 2.51

Suite Shared Configuration CS4

TIM Communicator

Update for 2007 Microsoft Office System (KB2284654)

Update for 2007 Microsoft Office System (KB967642)

Update for Microsoft .NET Framework 3.5 SP1 (KB963707)

Update for Microsoft .NET Framework 4 Client Profile (KB2468871)

Update for Microsoft .NET Framework 4 Client Profile (KB2473228)

Update for Microsoft .NET Framework 4 Client Profile (KB2533523)

Update for Microsoft Office 2007 System (KB2539530)

Update for Microsoft Office OneNote 2007 (KB980729)

Update for Microsoft Office Outlook 2007 (KB2583910)

Update for Outlook 2007 Junk Email Filter (KB2596560)

Winamp

Winamp Detectar Aplicação

Windows Live Communications Platform

Windows Live Essentials

Windows Live Galeria de Fotos

Windows Live Installer

Windows Live Mail

Windows Live Mesh

Windows Live Mesh ActiveX Control for Remote Connections

Windows Live Messenger

Windows Live Messenger Companion Core

Windows Live Movie Maker

Windows Live Photo Common

Windows Live Photo Gallery

Windows Live PIMT Platform

Windows Live SOXE

Windows Live SOXE Definitions

Windows Live Sync

Windows Live UX Platform

Windows Live UX Platform Language Pack

Windows Live Writer

Windows Live Writer Resources

Windows Media Player Firefox Plugin

ZD Soft Screen Recorder 4.1.3.0

.

==== Event Viewer Messages From Past Week ========

.

14/10/2011 21:25:29, Error: Service Control Manager [7000] - The Intel® PRO/1000 PCI Express Network Connection Driver service failed to start due to the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.

14/10/2011 21:25:29, Error: Service Control Manager [7000] - The Intel® PRO/1000 NDIS 6 Adapter Driver service failed to start due to the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.

14/10/2011 12:28:49, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netprofm with arguments "" in order to run the server: {A47979D2-C419-11D9-A5B4-001185AD2B89}

14/10/2011 12:28:49, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netman with arguments "" in order to run the server: {BA126AD1-2166-11D1-B1D0-00805FC1270E}

14/10/2011 12:28:49, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service fdPHost with arguments "" in order to run the server: {145B4335-FE2A-4927-A040-7C35AD3180EF}

14/10/2011 12:28:46, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}

14/10/2011 12:28:37, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC}

14/10/2011 12:28:24, Error: Microsoft-Windows-TerminalServices-LocalSessionManager [1048] - Terminal Service start failed. The relevant status code was This service cannot be started in Safe Mode .

14/10/2011 12:28:24, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service TermService with arguments "" in order to run the server: {F9A874B6-F8A8-4D73-B5A8-AB610816828B}

13/10/2011 18:09:42, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Windows Search service to connect.

13/10/2011 18:09:42, Error: Service Control Manager [7000] - The Windows Search service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.

13/10/2011 18:09:42, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1053" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}

13/10/2011 16:05:49, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the AntiVirSchedulerService service.

10/10/2011 15:59:36, Error: EventLog [6008] - The previous system shutdown at 15:56:46 on 10/10/2011 was unexpected.

09/10/2011 10:38:53, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the LanmanWorkstation service.

.

==== End Of File ===========================

GMER 1.0.15.15641 - http://www.gmer.net

Rootkit scan 2011-10-16 00:44:25

Windows 6.0.6002 Service Pack 2

Running: gmer.exe

---- Registry - GMER 1.0.15 ----

Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@s1 771343423

Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@s2 285507792

Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@h0 1

Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC

Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0 0

Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0xCA 0x6B 0x25 0x57 ...

Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC (not active ControlSet)

Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0 0

Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0xCA 0x6B 0x25 0x57 ...

---- EOF - GMER 1.0.15 ----

Compartilhar este post


Link para o post
Compartilhar em outros sites
 

GVT.

Mas o que isso se relaciona com o malware?

Compartilhar este post


Link para o post
Compartilhar em outros sites

Você não é a única pessoa a ter esse problema. Quando se vê vários casos iguais a primeira coisa que suspeito é do provedor porque ele usa um DNS e se tiver algo errado no DNS do provedor, várias pessoas serão afetadas.

Recomendo que altere o seu DNS para o do Google. Caso não saiba fazer isso, uma simples consulta no Google o ajudará:

http://www.google.com.br/#sclient=psy-ab&hl=pt-BR&source=hp&q=alterar+DNS+google&pbx=1&o que=alterar+DNS+google&aq=f&aqi=g1&aql=1&gs_sm=e&gs_upl=610l5418l0l5553l24l13l1l2l2l3l953l6333l2-2.2.3.2.3l14l0&bav=on.2,or.r_gc.r_pw.,cf.osb&fp=aa151a29d476e27c&biw=1024&bih=609

Compartilhar este post


Link para o post
Compartilhar em outros sites
 

Certo, vou fazer isto mas acha que não precisa passar mais nada não tem mais nada?

Compartilhar este post


Link para o post
Compartilhar em outros sites
 

Peço a sua ajuda, já mudei de DNS e nada. Agora para piorar e ficar sem todos sites de noticia, acabei de perder tudo relacionado ao Google e o Facebook e quando tento entrar no site do Facebook me aparece um negocio para fazer download do Facebook.defense, logico que é fria eu nao baixei mas nao sei se minha mae resolveu baixar esta porcaria. Resumindo a historia dentro de poucos dias se continuar assim nao terei acesso a simplesmente mais nada inclusive a esse site por isso peço imensamente sua ajuda! Obrigado desde ja.

A msg que aparece quando tento pesquisar algo no google.

"The requested URL /search was not found on this server.

Apache/2.0.53 (Fedora) Server at www.google.com.br Port 80"

Compartilhar este post


Link para o post
Compartilhar em outros sites

Configure o Windows para mostrar todos os arquivos

Acesse este site: http://virustotal.com/

Em File to upload coloque: C:\Users\Ighor\AppData\Local\Facebook\Update\FacebookUpdate.exe

Em seguida clique em Submit

Copie e poste o resultado deste exame.

Compartilhar este post


Link para o post
Compartilhar em outros sites
 

File already submitted: The file sent has already been analysed by VirusTotal in the past. This is same basic info regarding the sample itself and its last analysis:

MD5: fcc7c432fbf465c38fd5d940580ef9b7

Date first seen: 2011-07-14 02:32:46 (UTC)

Date last seen: 2011-10-23 17:13:34 (UTC)

Detection ratio: 0/43

What do you wish to do?

Compartilhar este post


Link para o post
Compartilhar em outros sites

O arquivo é apontado como legítimo, ele é do seu conhecimento? Sabe o que faz?

Poste um novo log do DDS.

Compartilhar este post


Link para o post
Compartilhar em outros sites





Sobre o Clube do Hardware

No ar desde 1996, o Clube do Hardware é uma das maiores, mais antigas e mais respeitadas publicações sobre tecnologia do Brasil. Leia mais

Direitos autorais

Não permitimos a cópia ou reprodução do conteúdo do nosso site, fórum, newsletters e redes sociais, mesmo citando-se a fonte. Leia mais

×