Ir ao conteúdo
  • Cadastre-se
Noskam

Problemas com IE

Posts recomendados

Recentemente, meu IE vem apresentando problemas. Ele inicializa junto com o Windows, ainda que eu tente desprogramá-lo com msconfig ou afins; apresenta uma lentidão fora do comum, nem sempre reconhece o Adobe Flash Player instalado, muitas vezes não consigo fechá-lo e sempre aparece uma mensagem informando que houve um erro e que o programa precisa ser fechado. Além disso, eu não consigo instalar nenhum outro navegador. O Chrome, depois da instalação concluída a pasta do navergador é excluída de maneira que o atalho já não consegue encontrar o aplicativo. Tentei o Firefox, este funciona normalmente até eu reinicializar o Windows, depois disso não abre em hipótese alguma.

Já scaneei com Kaspersky e McAfee e eles não encontraram nada.

O que posso tentar ainda?

DDS

.

DDS (Ver_2011-08-26.01) - NTFSAMD64

Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 1.6.0_31

Run by Makson at 8:19:25 on 2012-09-01

Microsoft Windows 7 Home Premium 6.1.7601.1.1252.55.1046.18.4003.2532 [GMT -3:00]

.

AV: McAfee Anti-Virus and Anti-Spyware *Disabled/Updated* {86355677-4064-3EA7-ABB3-1B136EB04637}

SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

SP: McAfee Anti-Virus and Anti-Spyware *Disabled/Updated* {3D54B793-665E-3129-9103-206115370C8A}

FW: McAfee Firewall *Disabled* {BE0ED752-0A0B-3FFF-80EC-B2269063014C}

.

============== Running Processes ===============

.

C:\Windows\system32\wininit.exe

C:\Windows\system32\lsm.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\PROGRA~2\GbPlugin\GbpSv.exe

C:\Windows\system32\svchost.exe -k RPCSS

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k netsvcs

C:\Program Files\IDT\WDM\STacSV64.exe

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\svchost.exe -k NetworkService

C:\Windows\system32\WLANExt.exe

C:\Windows\system32\conhost.exe

C:\Windows\System32\spoolsv.exe

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

C:\Program Files\IDT\WDM\AESTSr64.exe

C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe

C:\Prey\platform\windows\cronsvc.exe

C:\Program Files\Intel\WiFi\bin\EvtEng.exe

C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\kss.exe

C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe

C:\Windows\system32\mfevtps.exe

C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe

C:\Windows\system32\rundll32.exe

C:\Windows\system32\rundll32.exe

C:\Windows\SysWOW64\rundll32.exe

C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE

C:\Windows\system32\svchost.exe -k imgsvc

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe

C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe

C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe

C:\Windows\system32\taskhost.exe

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Program Files\DellTPad\Apoint.exe

C:\Program Files\IDT\WDM\sttray64.exe

C:\Windows\System32\igfxtray.exe

C:\Windows\System32\hkcmd.exe

C:\Windows\System32\igfxpers.exe

C:\Program Files\Dell\QuickSet\quickset.exe

C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe

C:\Windows\System32\rundll32.exe

C:\Users\Makson\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe

C:\Program Files\DellTPad\ApMsgFwd.exe

C:\Program Files (x86)\Internet Explorer\iexplore.exe

C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

C:\Program Files\DellTPad\Apntex.exe

C:\Windows\system32\conhost.exe

C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe

C:\Program Files\DellTPad\HidFind.exe

C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe

C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe

C:\Program Files\McAfee.com\Agent\mcagent.exe

C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe

C:\Program Files (x86)\Dell DataSafe Local Backup\TOASTER.EXE

C:\Program Files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE

C:\Windows\system32\wbem\unsecapp.exe

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\Windows\system32\wbem\unsecapp.exe

C:\Windows\system32\SearchIndexer.exe

C:\Program Files (x86)\Internet Explorer\iexplore.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Program Files\Windows Media Player\wmpnetwk.exe

C:\Windows\system32\svchost.exe -k bthsvcs

C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe

C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe

C:\Program Files (x86)\Internet Explorer\iexplore.exe

C:\Program Files (x86)\Internet Explorer\iexplore.exe

C:\Windows\System32\svchost.exe -k LocalServicePeerNet

C:\Windows\system32\DllHost.exe

C:\Program Files (x86)\Internet Explorer\iexplore.exe

C:\Program Files (x86)\Internet Explorer\iexplore.exe

C:\Windows\SysWOW64\cmd.exe

C:\Windows\system32\conhost.exe

C:\Windows\SysWOW64\cscript.exe

C:\Windows\system32\wbem\wmiprvse.exe

.

============== Pseudo HJT Report ===============

.

uStart Page = https://www.google.com.br/

mWinlogon: Userinit=userinit.exe

BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

BHO: Java Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll

BHO: scriptproxy: {7db2d5a0-7241-4e79-b68d-6309f01c5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20120701164316.dll

BHO: Speckie: {8ce7f568-67fa-4432-ba39-f5afd68e7b8b} - C:\Users\Makson\AppData\Roaming\Speckie\bin32\Speckie32.dll

BHO: Auxiliar de Conexão do Windows Live ID: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

BHO: Skype add-on for Internet Explorer: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

BHO: McAfee SiteAdvisor BHO: {b164e929-a1b6-4a06-b104-2cd0e90a88ff} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll

BHO: Office Document Cache Handler: {b4f3a835-0e21-4959-ba22-42b3008e02ff} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL

BHO: Windows Media Sharing Plugin: {c2ac9443-3de6-4378-abae-3870b886f92d} - C:\ProgramData\Windows\ntfs64.dll

BHO: GbIehObj Class: {c41a1c0e-ea6c-11d4-b1b8-444553540000} - C:\PROGRAM FILES (X86)\GBPLUGIN\gbieh.dll

BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll

TB: McAfee SiteAdvisor Toolbar: {0ebbbe48-bad4-4b4c-8e5a-516abecae064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll

uRun: [skyDrive] "C:\Users\Makson\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe" /background

mRun: [Dell Webcam Central] "C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" /mode2

mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"

mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

mRun: [RoxWatchTray] "C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe"

mRun: [Desktop Disc Tool] "C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe"

mRun: [AccuWeatherWidget] "C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe" "C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\start.umj" --startup

mRun: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey

StartupFolder: C:\Users\Makson\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\INTERN~1.LNK - C:\Program Files (x86)\Internet Explorer\iexplore.exe

StartupFolder: C:\Users\Makson\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\AUTORU~1\INTERN~1.LNK - C:\Program Files (x86)\Internet Explorer\iexplore.exe

mPolicies-explorer: NoActiveDesktop = 1 (0x1)

mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)

mPolicies-system: ConsentPromptBehaviorAdmin = 0 (0x0)

mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)

mPolicies-system: EnableLUA = 0 (0x0)

mPolicies-system: EnableUIADesktopToggle = 0 (0x0)

IE: &Enviar para o OneNote - C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105

IE: E&xportar para o Microsoft Excel - C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000

IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll

IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

IE: {E6846530-6088-4AA3-932F-C6245CE59A4C} - {8CE7F568-67FA-4432-BA39-F5AFD68E7B8B} - C:\Users\Makson\AppData\Roaming\Speckie\bin32\Speckie32.dll

Trusted Zone: bancobrasil.com.br\www

Trusted Zone: bancobrasil.com.br\www14

Trusted Zone: bancobrasil.com.br\www2

Trusted Zone: bb.com.br\www

Trusted Zone: internet

Trusted Zone: mcafee.com

TCP: DhcpNameServer = 192.168.1.1

TCP: Interfaces\{97E4D5D3-AD52-4B4D-86C4-28DAC94E3BC3} : DhcpNameServer = 192.168.1.1

Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\PROGRA~2\McAfee\MSC\McSnIePl.dll

Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL

Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\McAfee\SITEAD~1\McIEPlg.dll

Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\McAfee\SITEAD~1\McIEPlg.dll

Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL

Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

Notify: GbPluginBb - C:\Program Files (x86)\GbPlugin\gbieh.dll

SEH: GbPluginObj Class: {e37cb5f0-51f5-4395-a808-5fa49e399f83} - C:\PROGRAM FILES (X86)\GBPLUGIN\gbieh.dll

{18DF081C-E8AD-4283-A596-FA578C2EBDC3}

{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}

{7DB2D5A0-7241-4E79-B68D-6309F01C5231}

{8CE7F568-67FA-4432-BA39-F5AFD68E7B8B}

{9030D464-4C02-4ABF-8ECC-5164760863C6}

{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}

{B164E929-A1B6-4A06-B104-2CD0E90A88FF}

{B4F3A835-0E21-4959-BA22-42B3008E02FF}

{C2AC9443-3DE6-4378-ABAE-3870B886F92D}

{C41A1C0E-EA6C-11D4-B1B8-444553540000}

{DBC80044-A445-435b-BC74-9C25C1C588A9}

{0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064}

mRun-x64: [Dell Webcam Central] "C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" /mode2

mRun-x64: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"

mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

mRun-x64: [RoxWatchTray] "C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe"

mRun-x64: [Desktop Disc Tool] "C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe"

mRun-x64: [AccuWeatherWidget] "C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe" "C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\start.umj" --startup

mRun-x64: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey

SEH-X64: {E37CB5F0-51F5-4395-A808-5FA49E399F83}: GbPlugin ShlObj

.

============= SERVICES / DRIVERS ===============

.

R0 mfehidk;McAfee Inc. mfehidk;C:\Windows\system32\drivers\mfehidk.sys --> C:\Windows\system32\drivers\mfehidk.sys [?]

R0 mfewfpk;McAfee Inc. mfewfpk;C:\Windows\system32\drivers\mfewfpk.sys --> C:\Windows\system32\drivers\mfewfpk.sys [?]

R0 PxHlpa64;PxHlpa64;C:\Windows\system32\Drivers\PxHlpa64.sys --> C:\Windows\system32\Drivers\PxHlpa64.sys [?]

R1 mfenlfk;McAfee NDIS Light Filter;C:\Windows\system32\DRIVERS\mfenlfk.sys --> C:\Windows\system32\DRIVERS\mfenlfk.sys [?]

R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?]

R2 AdobeARMservice;Adobe Acrobat Update Service;C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-7-27 63960]

R2 AESTFilters;Andrea ST Filters Service;C:\Program Files\IDT\WDM\AESTSr64.exe [2011-7-20 89600]

R2 Bluetooth Device Monitor;Bluetooth Device Monitor;C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe [2010-11-3 897088]

R2 CronService;Cron Service for Prey;C:\Prey\platform\windows\cronsvc.exe [2011-2-15 19968]

R2 GbpSv;Gbp Service;C:\PROGRA~2\GbPlugin\GbpSv.exe [2012-8-20 274024]

R2 KSS;Serviço do Kaspersky Security Scan;C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\kss.exe [2012-4-25 202296]

R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe [2011-12-1 249936]

R2 McMPFSvc;McAfee Personal Firewall Service;C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe [2011-12-1 249936]

R2 McNaiAnn;McAfee VirusScan Announcer;C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe [2011-12-1 249936]

R2 McProxy;McAfee Proxy Service;C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe [2011-12-1 249936]

R2 McShield;McAfee McShield;C:\Program Files\Common Files\mcafee\SystemCore\mcshield.exe [2011-12-1 199272]

R2 mfefire;McAfee Firewall Core Service;C:\Program Files\Common Files\mcafee\SystemCore\mfefire.exe [2011-12-1 210584]

R2 mfevtp;McAfee Validation Trust Protection Service;"C:\Windows\system32\mfevtps.exe" --> C:\Windows\system32\mfevtps.exe [?]

R2 SftService;SoftThinks Agent Service;C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe [2011-7-20 1688384]

R3 Bluetooth Media Service;Bluetooth Media Service;C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe [2010-11-3 1298496]

R3 cfwids;McAfee Inc. cfwids;C:\Windows\system32\drivers\cfwids.sys --> C:\Windows\system32\drivers\cfwids.sys [?]

R3 CtClsFlt;Creative Camera Class Upper Filter Driver;C:\Windows\system32\DRIVERS\CtClsFlt.sys --> C:\Windows\system32\DRIVERS\CtClsFlt.sys [?]

R3 IntcDAud;Áudio do vídeo Intel®;C:\Windows\system32\DRIVERS\IntcDAud.sys --> C:\Windows\system32\DRIVERS\IntcDAud.sys [?]

R3 MEIx64;Intel® Management Engine Interface;C:\Windows\system32\DRIVERS\HECIx64.sys --> C:\Windows\system32\DRIVERS\HECIx64.sys [?]

R3 mfeavfk;McAfee Inc. mfeavfk;C:\Windows\system32\drivers\mfeavfk.sys --> C:\Windows\system32\drivers\mfeavfk.sys [?]

R3 mfefirek;McAfee Inc. mfefirek;C:\Windows\system32\drivers\mfefirek.sys --> C:\Windows\system32\drivers\mfefirek.sys [?]

R3 NETwNs64;___ Driver do adaptador Intel® Wireless WiFi Link Série 5000 para Windows 7 64 bits;C:\Windows\system32\DRIVERS\NETwNs64.sys --> C:\Windows\system32\DRIVERS\NETwNs64.sys [?]

R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;C:\Windows\system32\DRIVERS\nusb3hub.sys --> C:\Windows\system32\DRIVERS\nusb3hub.sys [?]

R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;C:\Windows\system32\DRIVERS\nusb3xhc.sys --> C:\Windows\system32\DRIVERS\nusb3xhc.sys [?]

R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\system32\DRIVERS\Rt64win7.sys --> C:\Windows\system32\DRIVERS\Rt64win7.sys [?]

R3 vwifimp;Microsoft Virtual WiFi Miniport Service;C:\Windows\system32\DRIVERS\vwifimp.sys --> C:\Windows\system32\DRIVERS\vwifimp.sys [?]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]

S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]

S2 RoxWatch12;Roxio Hard Drive Watcher 12;C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe [2010-11-25 219632]

S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-8-28 250568]

S3 btmaux;Intel Bluetooth Auxiliary Service;C:\Windows\system32\DRIVERS\btmaux.sys --> C:\Windows\system32\DRIVERS\btmaux.sys [?]

S3 btmhsf;btmhsf;C:\Windows\system32\DRIVERS\btmhsf.sys --> C:\Windows\system32\DRIVERS\btmhsf.sys [?]

S3 GamesAppService;GamesAppService;C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]

S3 iBtFltCoex;iBtFltCoex;C:\Windows\system32\DRIVERS\iBtFltCoex.sys --> C:\Windows\system32\DRIVERS\iBtFltCoex.sys [?]

S3 mferkdet;McAfee Inc. mferkdet;C:\Windows\system32\drivers\mferkdet.sys --> C:\Windows\system32\drivers\mferkdet.sys [?]

S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2010-12-17 340240]

S3 osppsvc;Office Software Protection Platform;C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-1-9 4925184]

S3 RoxMediaDB12OEM;RoxMediaDB12OEM;C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe [2010-11-25 1116656]

S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\Windows\system32\Drivers\RtsUStor.sys --> C:\Windows\system32\Drivers\RtsUStor.sys [?]

S3 tihub3;TI USB3 Hub Service;C:\Windows\system32\drivers\tihub3.sys --> C:\Windows\system32\drivers\tihub3.sys [?]

S3 tixhci;TI XHCI Service;C:\Windows\system32\drivers\tixhci.sys --> C:\Windows\system32\drivers\tixhci.sys [?]

S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?]

S3 TsUsbGD;%TsUsbGD.DeviceDesc.Generic%;C:\Windows\system32\drivers\TsUsbGD.sys --> C:\Windows\system32\drivers\TsUsbGD.sys [?]

S3 WatAdminSvc;Serviço de Tecnologias de Ativação do Windows;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]

S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]

.

=============== Created Last 30 ================

.

2012-09-01 11:09:11 -------- d-----w- C:\Users\Makson\AppData\Local\{B0D09BB4-F597-40FC-ACAC-3B470759C5D3}

2012-08-31 22:56:58 -------- d-----w- C:\Users\Makson\AppData\Local\{ED4A495C-7ABC-4110-9D20-4787C7D5C402}

2012-08-30 23:55:17 -------- d-----w- C:\Users\Makson\AppData\Local\Apps

2012-08-30 23:55:16 -------- d-----w- C:\Users\Makson\AppData\Local\Deployment

2012-08-30 23:40:07 -------- d-----w- C:\Users\Makson\AppData\Local\{2145F12E-4496-4E4D-B555-4D596E09E2ED}

2012-08-29 23:35:04 -------- d-----w- C:\Users\Makson\AppData\Local\{0BDDAEA8-0FB2-4095-92B6-596ECFA66607}

2012-08-29 02:08:00 73416 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl

2012-08-29 02:08:00 696520 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe

2012-08-28 20:36:19 -------- d-----w- C:\Users\Makson\AppData\Local\{CFF5997D-8A86-46B3-89F3-2903AFB609FB}

2012-08-28 02:03:44 -------- d-----w- C:\Users\Makson\AppData\Local\{A4BB1266-F3A8-4EC5-AA41-1F4136899CE9}

2012-08-27 01:50:22 -------- d-----w- C:\Program Files\CCleaner

2012-08-26 18:46:41 -------- d-----w- C:\Windows\pss

2012-08-26 14:00:00 -------- d-----w- C:\Users\Makson\AppData\Local\{A8AFC01D-F1C5-4960-B72F-38664270D77C}

2012-08-26 01:41:18 -------- d-----w- C:\Users\Makson\AppData\Local\{F9C78402-3B64-45B5-AA16-032A1A7543E7}

2012-08-25 13:59:18 -------- d-----w- C:\ProgramData\Kaspersky Lab

2012-08-25 13:59:18 -------- d-----w- C:\Program Files (x86)\Kaspersky Lab

2012-08-25 11:06:09 -------- d-----w- C:\Users\Makson\AppData\Local\{40A5DD45-1F57-464E-A28B-F7A834DB4BA0}

2012-08-24 23:05:31 -------- d-----w- C:\Users\Makson\AppData\Local\{C3C431D2-3491-4B39-A715-48760064D233}

2012-08-23 22:34:23 -------- d-----w- C:\ProgramData\PC-Doctor for Windows

2012-08-23 22:03:33 -------- d-----w- C:\Users\Makson\AppData\Local\{C756B976-EBF7-46A3-8004-9766BAF0AA41}

2012-08-22 23:39:14 -------- d-----w- C:\Users\Makson\AppData\Local\{70C22CDF-B9B9-4A8A-8200-376242040C5F}

2012-08-21 23:27:29 514560 ----a-w- C:\Windows\SysWow64\qdvd.dll

2012-08-21 23:27:29 366592 ----a-w- C:\Windows\System32\qdvd.dll

2012-08-21 23:22:01 -------- d-----w- C:\Users\Makson\AppData\Local\{F73D8241-978F-43C7-AF86-7DBB27C566B6}

2012-08-21 23:20:06 -------- d-----w- C:\Users\Makson\AppData\Local\{503972C2-3B1D-474F-BBED-1FC341F954C1}

2012-08-20 22:49:35 -------- d-----w- C:\Users\Makson\AppData\Local\{F6399244-1AD7-4FE1-8313-FB5CA2CA35AA}

2012-08-19 16:59:18 -------- d-----w- C:\Users\Makson\AppData\Local\{D0B7CA8B-9235-47AD-A379-25F713E06454}

2012-08-19 16:53:19 -------- d-----w- C:\Users\Makson\AppData\Local\{895F5429-52CD-43C4-B243-78FD6F1B237E}

2012-08-18 11:35:17 -------- d-----w- C:\Users\Makson\AppData\Local\{CB903D09-95FB-44A2-A7E5-F129C1FD0297}

2012-08-18 11:34:52 -------- d-----w- C:\Users\Makson\AppData\Local\{55AD8164-022B-4807-9EC6-F0BD4BC61275}

2012-08-16 23:02:36 -------- d-----w- C:\Users\Makson\AppData\Local\{5E55E86A-4CEF-421A-9723-3EE57FE0E117}

2012-08-16 23:02:12 -------- d-----w- C:\Users\Makson\AppData\Local\{F3F94155-EA3A-4DF3-8543-E135E635E914}

2012-08-16 02:01:39 552960 ----a-w- C:\Windows\System32\drivers\bthport.sys

2012-08-16 01:34:47 503808 ----a-w- C:\Windows\System32\srcore.dll

2012-08-16 01:34:47 43008 ----a-w- C:\Windows\SysWow64\srclient.dll

2012-08-16 01:34:43 751104 ----a-w- C:\Windows\System32\win32spl.dll

2012-08-16 01:34:42 67072 ----a-w- C:\Windows\splwow64.exe

2012-08-16 01:34:42 559104 ----a-w- C:\Windows\System32\spoolsv.exe

2012-08-16 01:34:42 492032 ----a-w- C:\Windows\SysWow64\win32spl.dll

2012-08-16 01:32:20 59392 ----a-w- C:\Windows\System32\browcli.dll

2012-08-16 01:32:20 136704 ----a-w- C:\Windows\System32\browser.dll

2012-08-16 01:32:19 41984 ----a-w- C:\Windows\SysWow64\browcli.dll

2012-08-16 01:32:18 3148800 ----a-w- C:\Windows\System32\win32k.sys

2012-08-16 01:32:16 956928 ----a-w- C:\Windows\System32\localspl.dll

2012-08-15 23:20:23 -------- d-----w- C:\Users\Makson\AppData\Local\{0B5C53B8-C4E5-4025-9050-4D1570349E16}

2012-08-15 23:19:58 -------- d-----w- C:\Users\Makson\AppData\Local\{571CC266-C922-443D-90E7-26C37E01C716}

2012-08-15 00:05:38 -------- d-----w- C:\Users\Makson\AppData\Local\{BF0F7282-2349-4E55-AC21-07BC1AAF353B}

2012-08-15 00:05:10 -------- d-----w- C:\Users\Makson\AppData\Local\{8EBB6959-DCFF-4C34-B95A-98EC82BC550B}

2012-08-14 00:17:36 -------- d-----w- C:\Users\Makson\AppData\Local\{F598EC86-8FF8-4EBB-BA1D-02F8EC4D616F}

2012-08-14 00:17:11 -------- d-----w- C:\Users\Makson\AppData\Local\{968AAE97-3391-4C3E-935F-BF2F939BAB70}

2012-08-11 10:15:03 -------- d-----w- C:\Users\Makson\AppData\Local\{BC36BD48-9E9B-47AE-BBBB-4CE49A5F2F58}

2012-08-11 10:14:39 -------- d-----w- C:\Users\Makson\AppData\Local\{E114B95F-7050-42CA-8865-627D999AD151}

2012-08-11 10:14:19 -------- d-sh--w- C:\Users\Makson\AppData\Roaming\7759abf

2012-08-10 22:09:36 -------- d-----w- C:\Users\Makson\AppData\Local\{A100D7BE-C14B-4D98-8937-9E7284AE2CF0}

2012-08-10 22:09:12 -------- d-----w- C:\Users\Makson\AppData\Local\{6C9F5FD7-4A97-4651-B4A8-DD14CEB8C1DA}

2012-08-09 23:30:25 117248 ----a-w- C:\Windows\SysWow64\libgcc_s_dw2-1.dll

2012-08-09 23:30:25 117248 ----a-w- C:\Program Files (x86)\Internet Explorer\libgcc_s_dw2-1.dll

2012-08-09 23:29:01 -------- d-----w- C:\ProgramData\Windows

2012-08-09 23:29:01 -------- d-----w- C:\ProgramData\Codecentrix

2012-08-09 23:26:15 -------- d-----w- C:\Users\Makson\AppData\Local\{FCEC7234-F585-4F52-AAAA-C008318DE1BD}

2012-08-09 23:25:50 -------- d-----w- C:\Users\Makson\AppData\Local\{78526F09-979F-481A-949D-78637B6E5C74}

2012-08-08 23:07:06 -------- d-----w- C:\Users\Makson\AppData\Local\{90A1B73D-AC67-4D51-803A-82CA612AEF1E}

2012-08-08 23:06:42 -------- d-----w- C:\Users\Makson\AppData\Local\{01288A94-7D60-40AA-84E7-5CDB73A9ACC1}

2012-08-07 22:04:30 -------- d-----w- C:\Users\Makson\AppData\Local\{28C3E306-B687-4AB1-81E3-79839E5F531D}

2012-08-07 22:04:06 -------- d-----w- C:\Users\Makson\AppData\Local\{9C6718EE-710F-46AE-B2E5-D5B00982FAF8}

2012-08-06 22:22:13 -------- d--h--w- C:\SkyDriveTemp

2012-08-06 22:20:20 -------- d-----w- C:\Program Files (x86)\Microsoft SkyDrive

2012-08-06 22:20:19 -------- d-----r- C:\Users\Makson\SkyDrive

2012-08-06 22:20:04 -------- d-----w- C:\ProgramData\Microsoft SkyDrive

2012-08-06 21:41:53 -------- d-----w- C:\Users\Makson\AppData\Local\{40D0BBC6-3B4B-47B5-A6CF-9279C8AA078A}

2012-08-06 21:41:30 -------- d-----w- C:\Users\Makson\AppData\Local\{79EAF5A5-7DBA-4BC3-925B-65C8F2619ADB}

2012-08-06 01:10:23 -------- d-----w- C:\Users\Makson\AppData\Local\{212E7B38-7D60-4D65-847A-EE37AAF23A32}

2012-08-06 01:10:00 -------- d-----w- C:\Users\Makson\AppData\Local\{E89A0728-C79B-4F1C-8C2B-2A7E734E25FF}

2012-08-05 13:09:15 -------- d-----w- C:\Users\Makson\AppData\Local\{B023C85C-C7BA-4316-8D86-C1FC06519887}

2012-08-05 13:08:52 -------- d-----w- C:\Users\Makson\AppData\Local\{B700F408-9F9B-4DC5-B3B3-F4705C43F5FF}

2012-08-05 01:08:26 -------- d-----w- C:\Users\Makson\AppData\Local\{5044AEE7-652B-44E9-9B66-433CC7D0093B}

2012-08-05 01:08:03 -------- d-----w- C:\Users\Makson\AppData\Local\{9197F97E-3030-4A88-9CED-7DAA0A57B72B}

2012-08-04 09:39:22 -------- d-----w- C:\Users\Makson\AppData\Local\{A1682E83-4F9F-4750-8C85-25AD2FF689FF}

2012-08-04 09:38:59 -------- d-----w- C:\Users\Makson\AppData\Local\{F386C59E-7655-4FBA-8D04-A9C8089B948C}

2012-08-03 21:38:00 -------- d-----w- C:\Users\Makson\AppData\Local\{DB7B0AD2-DAC7-4C6A-9E0E-B5FE31702302}

2012-08-03 21:37:38 -------- d-----w- C:\Users\Makson\AppData\Local\{3E58B4E2-7F59-45DC-BA85-8969605821AC}

2012-08-02 22:12:43 -------- d-----w- C:\Users\Makson\AppData\Local\{0C5F850E-D667-47B0-ADCC-CA39F0A7CE6B}

2012-08-02 22:12:14 -------- d-----w- C:\Users\Makson\AppData\Local\{B21E27FF-C565-435E-9D2F-5289BB4FFD21}

.

==================== Find3M ====================

.

2012-09-01 11:15:09 29 ----a-w- C:\Windows\SysWow64\TempWmicBatchFile.bat

2012-06-29 03:56:34 2312704 ----a-w- C:\Windows\System32\jscript9.dll

2012-06-29 03:49:11 1392128 ----a-w- C:\Windows\System32\wininet.dll

2012-06-29 03:48:07 1494528 ----a-w- C:\Windows\System32\inetcpl.cpl

2012-06-29 03:43:49 173056 ----a-w- C:\Windows\System32\ieUnatt.exe

2012-06-29 03:39:48 2382848 ----a-w- C:\Windows\System32\mshtml.tlb

2012-06-29 00:16:58 1800704 ----a-w- C:\Windows\SysWow64\jscript9.dll

2012-06-29 00:09:01 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll

2012-06-29 00:08:59 1427968 ----a-w- C:\Windows\SysWow64\inetcpl.cpl

2012-06-29 00:04:43 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe

2012-06-29 00:00:45 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb

2012-06-06 11:49:52 1070152 ----a-w- C:\Windows\SysWow64\MSCOMCTL.OCX

2012-06-06 06:06:16 2004480 ----a-w- C:\Windows\System32\msxml6.dll

2012-06-06 06:06:16 1881600 ----a-w- C:\Windows\System32\msxml3.dll

2012-06-06 06:02:54 1133568 ----a-w- C:\Windows\System32\cdosys.dll

2012-06-06 05:05:52 1390080 ----a-w- C:\Windows\SysWow64\msxml6.dll

2012-06-06 05:05:52 1236992 ----a-w- C:\Windows\SysWow64\msxml3.dll

2012-06-06 05:03:06 805376 ----a-w- C:\Windows\SysWow64\cdosys.dll

.

============= FINISH: 8:20:25,43 ===============

Attach

.

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

.

DDS (Ver_2011-08-26.01)

.

Microsoft Windows 7 Home Premium

Boot Device: \Device\HarddiskVolume2

Install Date: 26/07/2011 08:41:41

System Uptime: 01/09/2012 08:04:42 (0 hours ago)

.

Motherboard: Dell Inc. | | 08FDW5

Processor: Intel® Core i3-2310M CPU @ 2.10GHz | CPU 1 | 2100/100mhz

.

==== Disk Partitions =========================

.

C: is FIXED (NTFS) - 452 GiB total, 335,185 GiB free.

D: is CDROM ()

.

==== Disabled Device Manager Items =============

.

==== System Restore Points ===================

.

RP98: 26/08/2012 11:07:52 - Removed pdfforge Toolbar v4.7.

.

==== Installed Programs ======================

.

Adobe Flash Player 11 ActiveX

Adobe Reader X (10.1.4) MUI

Advanced Audio FX Engine

aTube Catcher

Audacity 1.3.13 (Unicode)

AviSynth 2.5

Bejeweled 2 Deluxe

Build-a-lot 2

Cake Mania

Chuzzle Deluxe

Controle ActiveX do Windows Live Mesh para Conexões Remotas

D3DX10

Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition

Dell DataSafe Local Backup

Dell DataSafe Local Backup - Support Software

Dell Getting Started Guide

Dell PhotoStage

Dell VideoStage

Dell Webcam Central

Diner Dash 2 Restaurant Rescue

DirectX 9 Runtime

Dora's World Adventure

Escape Whisper Valley

Farm Frenzy

FATE

Final Drive Fury

Final Drive Nitro

FormatFactory 2.70

Intel® Processor Graphics

Java Auto Updater

Java 6 Update 31

Jewel Quest

Jewel Quest Solitaire 2

Jogos da WildTangent

Junk Mail filter update

K-Lite Codec Pack 5.9.0 (Basic)

Kaspersky Security Scan

LAME v3.98.3 for Audacity

Luxor

McAfee SecurityCenter

Mesh Runtime

Microsoft Office 2010 Service Pack 1 (SP1)

Microsoft Office Access MUI (Portuguese (Brazil)) 2010

Microsoft Office Excel MUI (Portuguese (Brazil)) 2010

Microsoft Office Home and Student 2010

Microsoft Office OneNote MUI (Portuguese (Brazil)) 2010

Microsoft Office Outlook MUI (Portuguese (Brazil)) 2010

Microsoft Office PowerPoint MUI (Portuguese (Brazil)) 2010

Microsoft Office Proof (English) 2010

Microsoft Office Proof (Portuguese (Brazil)) 2010

Microsoft Office Proof (Spanish) 2010

Microsoft Office Proofing (Portuguese (Brazil)) 2010

Microsoft Office Publisher MUI (Portuguese (Brazil)) 2010

Microsoft Office Shared MUI (Portuguese (Brazil)) 2010

Microsoft Office Single Image 2010

Microsoft Office Word MUI (Portuguese (Brazil)) 2010

Microsoft SkyDrive

Microsoft SQL Server 2005 Compact Edition [ENU]

Microsoft Visual C++ 2005 Redistributable

Microsoft Visual C++ 2005 Redistributable - KB2467175

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319

MSVCRT

MSVCRT_amd64

MSXML 4.0 SP2 (KB954430)

MSXML 4.0 SP2 (KB973688)

Namco All-Stars PAC-MAN

Palco de Música da Dell

Palco Dell

PDFCreator

Penguins!

PhotoFiltre Studio X

PhotoShowExpress

Plants vs. Zombies - Game of the Year

Polar Bowler

Polar Golfer

Roxio Activation Module

Roxio BackOnTrack

Roxio Burn

Roxio Creator Starter

Roxio Express Labeler 3

Samantha Swift

Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)

Security Update for Microsoft .NET Framework 4 Extended (KB2416472)

Security Update for Microsoft .NET Framework 4 Extended (KB2487367)

Security Update for Microsoft .NET Framework 4 Extended (KB2656351)

Security Update for Microsoft Excel 2010 (KB2597166) 32-Bit Edition

Security Update for Microsoft InfoPath 2010 (KB2553322) 32-Bit Edition

Security Update for Microsoft Office 2010 (KB2553091)

Security Update for Microsoft Office 2010 (KB2553096)

Security Update for Microsoft Office 2010 (KB2553260) 32-Bit Edition

Security Update for Microsoft Office 2010 (KB2553371) 32-Bit Edition

Security Update for Microsoft Office 2010 (KB2553447) 32-Bit Edition

Security Update for Microsoft Office 2010 (KB2589320) 32-Bit Edition

Security Update for Microsoft Office 2010 (KB2589322) 32-Bit Edition

Security Update for Microsoft Office 2010 (KB2597986) 32-Bit Edition

Security Update for Microsoft Office 2010 (KB2598243) 32-Bit Edition

Security Update for Microsoft PowerPoint 2010 (KB2553185) 32-Bit Edition

Security Update for Microsoft SharePoint Workspace 2010 (KB2566445)

Security Update for Microsoft Visio Viewer 2010 (KB2598287) 32-Bit Edition

Skype Toolbars

Skype™ 4.2

Sonic CinePlayer Decoder Pack

Update for Microsoft .NET Framework 4 Client Profile (KB2468871)

Update for Microsoft .NET Framework 4 Client Profile (KB2473228)

Update for Microsoft .NET Framework 4 Client Profile (KB2533523)

Update for Microsoft .NET Framework 4 Client Profile (KB2600217)

Update for Microsoft .NET Framework 4 Extended (KB2468871)

Update for Microsoft .NET Framework 4 Extended (KB2533523)

Update for Microsoft .NET Framework 4 Extended (KB2600217)

Update for Microsoft Office 2010 (KB2494150)

Update for Microsoft Office 2010 (KB2553065)

Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition

Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition

Update for Microsoft Office 2010 (KB2553270) 32-Bit Edition

Update for Microsoft Office 2010 (KB2553272) 32-Bit Edition

Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition

Update for Microsoft Office 2010 (KB2566458)

Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition

Update for Microsoft Office 2010 (KB2598289) 32-Bit Edition

Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition

Update for Microsoft OneNote 2010 (KB2589345) 32-Bit Edition

Update for Microsoft Outlook 2010 (KB2553248) 32-Bit Edition

Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition

Update Installer for WildTangent Games App

Watchtower Library 2011 - Português

Wedding Dash - Ready, Aim, Love!

WildTangent Games App (Dell Games)

Windows Live Communications Platform

Windows Live Essentials

Windows Live Galeria de Fotos

Windows Live Installer

Windows Live Mail

Windows Live Mesh

Windows Live Messenger

Windows Live Movie Maker

Windows Live Photo Common

Windows Live Photo Gallery

Windows Live PIMT Platform

Windows Live SOXE

Windows Live SOXE Definitions

Windows Live UX Platform

Windows Live UX Platform Language Pack

Windows Live Writer

Windows Live Writer Resources

XP Codec Pack

Zuma Deluxe

.

==== End Of File ===========================

Gmer

GMER 1.0.15.15641 - http://www.gmer.net

Rootkit scan 2012-09-01 08:42:58

Windows 6.1.7601 Service Pack 1

Running: gmer.exe

---- Registry - GMER 1.0.15 ----

Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\bc7737681ab3

Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\bc7737681ab3 (not active ControlSet)

---- EOF - GMER 1.0.15 ----

Compartilhar este post


Link para o post
Compartilhar em outros sites

Poste novo log do DDS, por gentileza.

Compartilhar este post


Link para o post
Compartilhar em outros sites
Poste novo log do DDS, por gentileza.

Renato, obrigado por responder ao meu tópico.

Ontem instalei o Spybot e ele localizou alguns arquivos maliciosos, mas não sei ainda se resolveu o problema. Até então está tudo normal. De toda sorte segue o log solicitado.

.

DDS (Ver_2011-08-26.01) - NTFSAMD64

Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 1.6.0_31

Run by Makson at 20:28:03 on 2012-09-06

Microsoft Windows 7 Home Premium 6.1.7601.1.1252.55.1046.18.4003.2530 [GMT -3:00]

.

AV: McAfee Anti-Virus and Anti-Spyware *Disabled/Updated* {86355677-4064-3EA7-ABB3-1B136EB04637}

SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

SP: McAfee Anti-Virus and Anti-Spyware *Disabled/Updated* {3D54B793-665E-3129-9103-206115370C8A}

FW: McAfee Firewall *Disabled* {BE0ED752-0A0B-3FFF-80EC-B2269063014C}

.

============== Running Processes ===============

.

C:\Windows\system32\wininit.exe

C:\Windows\system32\lsm.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\PROGRA~2\GbPlugin\GbpSv.exe

C:\Windows\system32\svchost.exe -k RPCSS

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k netsvcs

C:\Program Files\IDT\WDM\STacSV64.exe

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\svchost.exe -k NetworkService

C:\Windows\system32\WLANExt.exe

C:\Windows\system32\conhost.exe

C:\Windows\System32\spoolsv.exe

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

C:\Program Files\IDT\WDM\AESTSr64.exe

C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe

C:\Prey\platform\windows\cronsvc.exe

C:\Program Files\Intel\WiFi\bin\EvtEng.exe

C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\kss.exe

C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe

C:\Windows\system32\mfevtps.exe

C:\Windows\system32\taskhost.exe

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Windows\system32\rundll32.exe

C:\Windows\system32\rundll32.exe

C:\Windows\SysWOW64\rundll32.exe

C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe

C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE

C:\Windows\system32\svchost.exe -k imgsvc

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe

C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe

C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe

C:\Windows\system32\wbem\unsecapp.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Program Files (x86)\Dell DataSafe Local Backup\TOASTER.EXE

C:\Program Files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE

C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

C:\Program Files\DellTPad\Apoint.exe

C:\Program Files\IDT\WDM\sttray64.exe

C:\Windows\System32\igfxtray.exe

C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe

C:\Windows\System32\hkcmd.exe

C:\Windows\System32\igfxpers.exe

C:\Program Files\Dell\QuickSet\quickset.exe

C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe

C:\Windows\System32\rundll32.exe

C:\Windows\system32\SearchIndexer.exe

C:\Users\Makson\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe

C:\Program Files\DellTPad\ApMsgFwd.exe

C:\Windows\system32\svchost.exe -k bthsvcs

C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe

C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe

C:\Program Files\DellTPad\Apntex.exe

C:\Windows\system32\conhost.exe

C:\Program Files\Windows Media Player\wmpnetwk.exe

C:\Program Files\DellTPad\HidFind.exe

C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe

C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe

C:\Program Files\McAfee.com\Agent\mcagent.exe

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe

C:\Windows\system32\wbem\unsecapp.exe

C:\Windows\System32\svchost.exe -k LocalServicePeerNet

C:\Windows\system32\DllHost.exe

C:\Windows\servicing\TrustedInstaller.exe

C:\Windows\system32\taskeng.exe

C:\Program Files\Dell Support Center\uaclauncher.exe

C:\Windows\System32\svchost.exe -k WerSvcGroup

C:\Program Files\Common Files\McAfee\Core\mchost.exe

C:\Windows\system32\DllHost.exe

C:\Windows\system32\DllHost.exe

C:\Windows\SysWOW64\cmd.exe

C:\Windows\system32\conhost.exe

C:\Windows\SysWOW64\cscript.exe

C:\Windows\system32\wbem\wmiprvse.exe

.

============== Pseudo HJT Report ===============

.

uStart Page = https://www.google.com.br/

mWinlogon: Userinit=userinit.exe

BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll

BHO: Java Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll

BHO: scriptproxy: {7db2d5a0-7241-4e79-b68d-6309f01c5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20120701164316.dll

BHO: Speckie: {8ce7f568-67fa-4432-ba39-f5afd68e7b8b} - C:\Users\Makson\AppData\Roaming\Speckie\bin32\Speckie32.dll

BHO: Auxiliar de Conexão do Windows Live ID: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

BHO: Skype add-on for Internet Explorer: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

BHO: McAfee SiteAdvisor BHO: {b164e929-a1b6-4a06-b104-2cd0e90a88ff} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll

BHO: Office Document Cache Handler: {b4f3a835-0e21-4959-ba22-42b3008e02ff} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL

BHO: GbIehObj Class: {c41a1c0e-ea6c-11d4-b1b8-444553540000} - C:\PROGRAM FILES (X86)\GBPLUGIN\gbieh.dll

BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll

TB: McAfee SiteAdvisor Toolbar: {0ebbbe48-bad4-4b4c-8e5a-516abecae064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll

uRun: [skyDrive] "C:\Users\Makson\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe" /background

uRun: [spybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe

mRun: [Dell Webcam Central] "C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" /mode2

mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"

mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

mRun: [RoxWatchTray] "C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe"

mRun: [Desktop Disc Tool] "C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe"

mRun: [AccuWeatherWidget] "C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe" "C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\start.umj" --startup

mRun: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey

StartupFolder: C:\Users\Makson\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\AUTORU~1\INTERN~1.LNK - C:\Program Files (x86)\Internet Explorer\iexplore.exe

mPolicies-explorer: NoActiveDesktop = 1 (0x1)

mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)

mPolicies-system: ConsentPromptBehaviorAdmin = 1 (0x1)

mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)

mPolicies-system: EnableUIADesktopToggle = 0 (0x0)

IE: &Enviar para o OneNote - C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105

IE: E&xportar para o Microsoft Excel - C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000

IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll

IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll

IE: {E6846530-6088-4AA3-932F-C6245CE59A4C} - {8CE7F568-67FA-4432-BA39-F5AFD68E7B8B} - C:\Users\Makson\AppData\Roaming\Speckie\bin32\Speckie32.dll

Trusted Zone: bancobrasil.com.br\www

Trusted Zone: bancobrasil.com.br\www14

Trusted Zone: bancobrasil.com.br\www2

Trusted Zone: bb.com.br\www

Trusted Zone: internet

Trusted Zone: mcafee.com

TCP: DhcpNameServer = 192.168.1.1

TCP: Interfaces\{97E4D5D3-AD52-4B4D-86C4-28DAC94E3BC3} : DhcpNameServer = 192.168.1.1

Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\PROGRA~2\McAfee\MSC\McSnIePl.dll

Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL

Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\McAfee\SITEAD~1\McIEPlg.dll

Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\McAfee\SITEAD~1\McIEPlg.dll

Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL

Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

Notify: GbPluginBb - C:\Program Files (x86)\GbPlugin\gbieh.dll

SEH: GbPluginObj Class: {e37cb5f0-51f5-4395-a808-5fa49e399f83} - C:\PROGRAM FILES (X86)\GBPLUGIN\gbieh.dll

{18DF081C-E8AD-4283-A596-FA578C2EBDC3}

{53707962-6F74-2D53-2644-206D7942484F}

{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}

{7DB2D5A0-7241-4E79-B68D-6309F01C5231}

{8CE7F568-67FA-4432-BA39-F5AFD68E7B8B}

{9030D464-4C02-4ABF-8ECC-5164760863C6}

{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}

{B164E929-A1B6-4A06-B104-2CD0E90A88FF}

{B4F3A835-0E21-4959-BA22-42B3008E02FF}

{C41A1C0E-EA6C-11D4-B1B8-444553540000}

{DBC80044-A445-435b-BC74-9C25C1C588A9}

{0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064}

mRun-x64: [Dell Webcam Central] "C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" /mode2

mRun-x64: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"

mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

mRun-x64: [RoxWatchTray] "C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe"

mRun-x64: [Desktop Disc Tool] "C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe"

mRun-x64: [AccuWeatherWidget] "C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe" "C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\start.umj" --startup

mRun-x64: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey

SEH-X64: {E37CB5F0-51F5-4395-A808-5FA49E399F83}: GbPlugin ShlObj

Hosts: 127.0.0.1 www.spywareinfo.com

.

============= SERVICES / DRIVERS ===============

.

R0 mfehidk;McAfee Inc. mfehidk;C:\Windows\system32\drivers\mfehidk.sys --> C:\Windows\system32\drivers\mfehidk.sys [?]

R0 mfewfpk;McAfee Inc. mfewfpk;C:\Windows\system32\drivers\mfewfpk.sys --> C:\Windows\system32\drivers\mfewfpk.sys [?]

R0 PxHlpa64;PxHlpa64;C:\Windows\system32\Drivers\PxHlpa64.sys --> C:\Windows\system32\Drivers\PxHlpa64.sys [?]

R1 mfenlfk;McAfee NDIS Light Filter;C:\Windows\system32\DRIVERS\mfenlfk.sys --> C:\Windows\system32\DRIVERS\mfenlfk.sys [?]

R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?]

R2 AdobeARMservice;Adobe Acrobat Update Service;C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-7-27 63960]

R2 AESTFilters;Andrea ST Filters Service;C:\Program Files\IDT\WDM\AESTSr64.exe [2011-7-20 89600]

R2 Bluetooth Device Monitor;Bluetooth Device Monitor;C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe [2010-11-3 897088]

R2 CronService;Cron Service for Prey;C:\Prey\platform\windows\cronsvc.exe [2011-2-15 19968]

R2 GbpSv;Gbp Service;C:\PROGRA~2\GbPlugin\GbpSv.exe [2012-8-20 274024]

R2 KSS;Serviço do Kaspersky Security Scan;C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\kss.exe [2012-4-25 202296]

R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe [2011-12-1 249936]

R2 McMPFSvc;McAfee Personal Firewall Service;C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe [2011-12-1 249936]

R2 McNaiAnn;McAfee VirusScan Announcer;C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe [2011-12-1 249936]

R2 McProxy;McAfee Proxy Service;C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe [2011-12-1 249936]

R2 McShield;McAfee McShield;C:\Program Files\Common Files\mcafee\SystemCore\mcshield.exe [2011-12-1 199272]

R2 mfefire;McAfee Firewall Core Service;C:\Program Files\Common Files\mcafee\SystemCore\mfefire.exe [2011-12-1 210584]

R2 mfevtp;McAfee Validation Trust Protection Service;"C:\Windows\system32\mfevtps.exe" --> C:\Windows\system32\mfevtps.exe [?]

R2 SBSDWSCService;SBSD Security Center Service;C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2012-9-5 1153368]

R2 SftService;SoftThinks Agent Service;C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe [2011-7-20 1688384]

R3 Bluetooth Media Service;Bluetooth Media Service;C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe [2010-11-3 1298496]

R3 cfwids;McAfee Inc. cfwids;C:\Windows\system32\drivers\cfwids.sys --> C:\Windows\system32\drivers\cfwids.sys [?]

R3 CtClsFlt;Creative Camera Class Upper Filter Driver;C:\Windows\system32\DRIVERS\CtClsFlt.sys --> C:\Windows\system32\DRIVERS\CtClsFlt.sys [?]

R3 IntcDAud;Áudio do vídeo Intel®;C:\Windows\system32\DRIVERS\IntcDAud.sys --> C:\Windows\system32\DRIVERS\IntcDAud.sys [?]

R3 MEIx64;Intel® Management Engine Interface;C:\Windows\system32\DRIVERS\HECIx64.sys --> C:\Windows\system32\DRIVERS\HECIx64.sys [?]

R3 mfeavfk;McAfee Inc. mfeavfk;C:\Windows\system32\drivers\mfeavfk.sys --> C:\Windows\system32\drivers\mfeavfk.sys [?]

R3 mfefirek;McAfee Inc. mfefirek;C:\Windows\system32\drivers\mfefirek.sys --> C:\Windows\system32\drivers\mfefirek.sys [?]

R3 NETwNs64;___ Driver do adaptador Intel® Wireless WiFi Link Série 5000 para Windows 7 64 bits;C:\Windows\system32\DRIVERS\NETwNs64.sys --> C:\Windows\system32\DRIVERS\NETwNs64.sys [?]

R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;C:\Windows\system32\DRIVERS\nusb3hub.sys --> C:\Windows\system32\DRIVERS\nusb3hub.sys [?]

R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;C:\Windows\system32\DRIVERS\nusb3xhc.sys --> C:\Windows\system32\DRIVERS\nusb3xhc.sys [?]

R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\system32\DRIVERS\Rt64win7.sys --> C:\Windows\system32\DRIVERS\Rt64win7.sys [?]

R3 vwifimp;Microsoft Virtual WiFi Miniport Service;C:\Windows\system32\DRIVERS\vwifimp.sys --> C:\Windows\system32\DRIVERS\vwifimp.sys [?]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]

S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]

S2 RoxWatch12;Roxio Hard Drive Watcher 12;C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe [2010-11-25 219632]

S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-8-28 250568]

S3 btmaux;Intel Bluetooth Auxiliary Service;C:\Windows\system32\DRIVERS\btmaux.sys --> C:\Windows\system32\DRIVERS\btmaux.sys [?]

S3 btmhsf;btmhsf;C:\Windows\system32\DRIVERS\btmhsf.sys --> C:\Windows\system32\DRIVERS\btmhsf.sys [?]

S3 GamesAppService;GamesAppService;C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]

S3 iBtFltCoex;iBtFltCoex;C:\Windows\system32\DRIVERS\iBtFltCoex.sys --> C:\Windows\system32\DRIVERS\iBtFltCoex.sys [?]

S3 mferkdet;McAfee Inc. mferkdet;C:\Windows\system32\drivers\mferkdet.sys --> C:\Windows\system32\drivers\mferkdet.sys [?]

S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2010-12-17 340240]

S3 osppsvc;Office Software Protection Platform;C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-1-9 4925184]

S3 RoxMediaDB12OEM;RoxMediaDB12OEM;C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe [2010-11-25 1116656]

S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\Windows\system32\Drivers\RtsUStor.sys --> C:\Windows\system32\Drivers\RtsUStor.sys [?]

S3 tihub3;TI USB3 Hub Service;C:\Windows\system32\drivers\tihub3.sys --> C:\Windows\system32\drivers\tihub3.sys [?]

S3 tixhci;TI XHCI Service;C:\Windows\system32\drivers\tixhci.sys --> C:\Windows\system32\drivers\tixhci.sys [?]

S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?]

S3 TsUsbGD;%TsUsbGD.DeviceDesc.Generic%;C:\Windows\system32\drivers\TsUsbGD.sys --> C:\Windows\system32\drivers\TsUsbGD.sys [?]

S3 WatAdminSvc;Serviço de Tecnologias de Ativação do Windows;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]

S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]

.

=============== Created Last 30 ================

.

2012-09-06 23:25:32 -------- d-----w- C:\Users\Makson\AppData\Local\{478CEC36-6857-4146-9685-761E1D35BFDE}

2012-09-05 23:49:12 -------- d-----w- C:\ProgramData\Spybot - Search & Destroy

2012-09-05 23:49:12 -------- d-----w- C:\Program Files (x86)\Spybot - Search & Destroy

2012-09-05 23:46:06 -------- d-----w- C:\Users\Makson\AppData\Roaming\Ad-Aware Antivirus

2012-09-05 20:10:27 -------- d-----w- C:\Users\Makson\AppData\Local\{1C3A72CF-EF6F-47A1-BCC0-B8D024F0B922}

2012-09-04 18:58:16 -------- d-----w- C:\Users\Makson\AppData\Local\{4842F3BD-0042-4B3F-B550-C500CF58797D}

2012-09-03 22:23:04 -------- d-----w- C:\Users\Makson\AppData\Local\{E9455B06-BD83-4D35-83B5-0C2103B3D263}

2012-09-02 20:12:19 -------- d-----w- C:\Users\Makson\AppData\Local\{22F36ADD-5119-4546-A537-A1B03CD160F3}

2012-09-02 17:25:59 -------- d-----w- C:\Users\Makson\AppData\Local\{4C518256-1CE4-43C4-9BE5-5372057B0211}

2012-09-01 23:11:53 -------- d-----w- C:\Users\Makson\AppData\Local\{6BACDE1E-FB6F-41EF-8312-FD515FBA6CF8}

2012-09-01 11:09:11 -------- d-----w- C:\Users\Makson\AppData\Local\{B0D09BB4-F597-40FC-ACAC-3B470759C5D3}

2012-08-31 22:56:58 -------- d-----w- C:\Users\Makson\AppData\Local\{ED4A495C-7ABC-4110-9D20-4787C7D5C402}

2012-08-30 23:55:17 -------- d-----w- C:\Users\Makson\AppData\Local\Apps

2012-08-30 23:55:16 -------- d-----w- C:\Users\Makson\AppData\Local\Deployment

2012-08-30 23:40:07 -------- d-----w- C:\Users\Makson\AppData\Local\{2145F12E-4496-4E4D-B555-4D596E09E2ED}

2012-08-29 23:35:04 -------- d-----w- C:\Users\Makson\AppData\Local\{0BDDAEA8-0FB2-4095-92B6-596ECFA66607}

2012-08-29 02:08:00 73416 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl

2012-08-29 02:08:00 696520 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe

2012-08-28 20:36:19 -------- d-----w- C:\Users\Makson\AppData\Local\{CFF5997D-8A86-46B3-89F3-2903AFB609FB}

2012-08-28 02:03:44 -------- d-----w- C:\Users\Makson\AppData\Local\{A4BB1266-F3A8-4EC5-AA41-1F4136899CE9}

2012-08-27 01:50:22 -------- d-----w- C:\Program Files\CCleaner

2012-08-26 18:46:41 -------- d-----w- C:\Windows\pss

2012-08-26 14:00:00 -------- d-----w- C:\Users\Makson\AppData\Local\{A8AFC01D-F1C5-4960-B72F-38664270D77C}

2012-08-26 01:41:18 -------- d-----w- C:\Users\Makson\AppData\Local\{F9C78402-3B64-45B5-AA16-032A1A7543E7}

2012-08-25 13:59:18 -------- d-----w- C:\ProgramData\Kaspersky Lab

2012-08-25 13:59:18 -------- d-----w- C:\Program Files (x86)\Kaspersky Lab

2012-08-25 11:06:09 -------- d-----w- C:\Users\Makson\AppData\Local\{40A5DD45-1F57-464E-A28B-F7A834DB4BA0}

2012-08-24 23:05:31 -------- d-----w- C:\Users\Makson\AppData\Local\{C3C431D2-3491-4B39-A715-48760064D233}

2012-08-23 22:34:23 -------- d-----w- C:\ProgramData\PC-Doctor for Windows

2012-08-23 22:03:33 -------- d-----w- C:\Users\Makson\AppData\Local\{C756B976-EBF7-46A3-8004-9766BAF0AA41}

2012-08-22 23:39:14 -------- d-----w- C:\Users\Makson\AppData\Local\{70C22CDF-B9B9-4A8A-8200-376242040C5F}

2012-08-21 23:27:29 514560 ----a-w- C:\Windows\SysWow64\qdvd.dll

2012-08-21 23:27:29 366592 ----a-w- C:\Windows\System32\qdvd.dll

2012-08-21 23:22:01 -------- d-----w- C:\Users\Makson\AppData\Local\{F73D8241-978F-43C7-AF86-7DBB27C566B6}

2012-08-21 23:20:06 -------- d-----w- C:\Users\Makson\AppData\Local\{503972C2-3B1D-474F-BBED-1FC341F954C1}

2012-08-20 22:49:35 -------- d-----w- C:\Users\Makson\AppData\Local\{F6399244-1AD7-4FE1-8313-FB5CA2CA35AA}

2012-08-19 16:59:18 -------- d-----w- C:\Users\Makson\AppData\Local\{D0B7CA8B-9235-47AD-A379-25F713E06454}

2012-08-19 16:53:19 -------- d-----w- C:\Users\Makson\AppData\Local\{895F5429-52CD-43C4-B243-78FD6F1B237E}

2012-08-18 11:35:17 -------- d-----w- C:\Users\Makson\AppData\Local\{CB903D09-95FB-44A2-A7E5-F129C1FD0297}

2012-08-18 11:34:52 -------- d-----w- C:\Users\Makson\AppData\Local\{55AD8164-022B-4807-9EC6-F0BD4BC61275}

2012-08-16 23:02:36 -------- d-----w- C:\Users\Makson\AppData\Local\{5E55E86A-4CEF-421A-9723-3EE57FE0E117}

2012-08-16 23:02:12 -------- d-----w- C:\Users\Makson\AppData\Local\{F3F94155-EA3A-4DF3-8543-E135E635E914}

2012-08-16 02:01:39 552960 ----a-w- C:\Windows\System32\drivers\bthport.sys

2012-08-16 01:34:47 503808 ----a-w- C:\Windows\System32\srcore.dll

2012-08-16 01:34:47 43008 ----a-w- C:\Windows\SysWow64\srclient.dll

2012-08-16 01:34:43 751104 ----a-w- C:\Windows\System32\win32spl.dll

2012-08-16 01:34:42 67072 ----a-w- C:\Windows\splwow64.exe

2012-08-16 01:34:42 559104 ----a-w- C:\Windows\System32\spoolsv.exe

2012-08-16 01:34:42 492032 ----a-w- C:\Windows\SysWow64\win32spl.dll

2012-08-16 01:32:20 59392 ----a-w- C:\Windows\System32\browcli.dll

2012-08-16 01:32:20 136704 ----a-w- C:\Windows\System32\browser.dll

2012-08-16 01:32:19 41984 ----a-w- C:\Windows\SysWow64\browcli.dll

2012-08-16 01:32:18 3148800 ----a-w- C:\Windows\System32\win32k.sys

2012-08-16 01:32:16 956928 ----a-w- C:\Windows\System32\localspl.dll

2012-08-15 23:20:23 -------- d-----w- C:\Users\Makson\AppData\Local\{0B5C53B8-C4E5-4025-9050-4D1570349E16}

2012-08-15 23:19:58 -------- d-----w- C:\Users\Makson\AppData\Local\{571CC266-C922-443D-90E7-26C37E01C716}

2012-08-15 00:05:38 -------- d-----w- C:\Users\Makson\AppData\Local\{BF0F7282-2349-4E55-AC21-07BC1AAF353B}

2012-08-15 00:05:10 -------- d-----w- C:\Users\Makson\AppData\Local\{8EBB6959-DCFF-4C34-B95A-98EC82BC550B}

2012-08-14 00:17:36 -------- d-----w- C:\Users\Makson\AppData\Local\{F598EC86-8FF8-4EBB-BA1D-02F8EC4D616F}

2012-08-14 00:17:11 -------- d-----w- C:\Users\Makson\AppData\Local\{968AAE97-3391-4C3E-935F-BF2F939BAB70}

2012-08-11 10:15:03 -------- d-----w- C:\Users\Makson\AppData\Local\{BC36BD48-9E9B-47AE-BBBB-4CE49A5F2F58}

2012-08-11 10:14:39 -------- d-----w- C:\Users\Makson\AppData\Local\{E114B95F-7050-42CA-8865-627D999AD151}

2012-08-11 10:14:19 -------- d-sh--w- C:\Users\Makson\AppData\Roaming\7759abf

2012-08-10 22:09:36 -------- d-----w- C:\Users\Makson\AppData\Local\{A100D7BE-C14B-4D98-8937-9E7284AE2CF0}

2012-08-10 22:09:12 -------- d-----w- C:\Users\Makson\AppData\Local\{6C9F5FD7-4A97-4651-B4A8-DD14CEB8C1DA}

2012-08-09 23:30:25 117248 ----a-w- C:\Windows\SysWow64\libgcc_s_dw2-1.dll

2012-08-09 23:30:25 117248 ----a-w- C:\Program Files (x86)\Internet Explorer\libgcc_s_dw2-1.dll

2012-08-09 23:29:01 -------- d-----w- C:\ProgramData\Windows

2012-08-09 23:29:01 -------- d-----w- C:\ProgramData\Codecentrix

2012-08-09 23:26:15 -------- d-----w- C:\Users\Makson\AppData\Local\{FCEC7234-F585-4F52-AAAA-C008318DE1BD}

2012-08-09 23:25:50 -------- d-----w- C:\Users\Makson\AppData\Local\{78526F09-979F-481A-949D-78637B6E5C74}

2012-08-08 23:07:06 -------- d-----w- C:\Users\Makson\AppData\Local\{90A1B73D-AC67-4D51-803A-82CA612AEF1E}

2012-08-08 23:06:42 -------- d-----w- C:\Users\Makson\AppData\Local\{01288A94-7D60-40AA-84E7-5CDB73A9ACC1}

.

==================== Find3M ====================

.

2012-09-06 23:25:00 29 ----a-w- C:\Windows\SysWow64\TempWmicBatchFile.bat

2012-06-29 03:56:34 2312704 ----a-w- C:\Windows\System32\jscript9.dll

2012-06-29 03:49:11 1392128 ----a-w- C:\Windows\System32\wininet.dll

2012-06-29 03:48:07 1494528 ----a-w- C:\Windows\System32\inetcpl.cpl

2012-06-29 03:43:49 173056 ----a-w- C:\Windows\System32\ieUnatt.exe

2012-06-29 03:39:48 2382848 ----a-w- C:\Windows\System32\mshtml.tlb

2012-06-29 00:16:58 1800704 ----a-w- C:\Windows\SysWow64\jscript9.dll

2012-06-29 00:09:01 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll

2012-06-29 00:08:59 1427968 ----a-w- C:\Windows\SysWow64\inetcpl.cpl

2012-06-29 00:04:43 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe

2012-06-29 00:00:45 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb

.

============= FINISH: 20:28:43,12 ===============

.

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

.

DDS (Ver_2011-08-26.01)

.

Microsoft Windows 7 Home Premium

Boot Device: \Device\HarddiskVolume2

Install Date: 26/07/2011 08:41:41

System Uptime: 06/09/2012 20:14:33 (0 hours ago)

.

Motherboard: Dell Inc. | | 08FDW5

Processor: Intel® Core i3-2310M CPU @ 2.10GHz | CPU 1 | 2100/100mhz

.

==== Disk Partitions =========================

.

C: is FIXED (NTFS) - 452 GiB total, 334,083 GiB free.

D: is CDROM ()

.

==== Disabled Device Manager Items =============

.

==== System Restore Points ===================

.

RP98: 26/08/2012 11:07:52 - Removed pdfforge Toolbar v4.7.

RP99: 03/09/2012 20:10:02 - Ponto de Verificação Agendado

.

==== Installed Programs ======================

.

Adobe Flash Player 11 ActiveX

Adobe Reader X (10.1.4) MUI

Advanced Audio FX Engine

aTube Catcher

Audacity 1.3.13 (Unicode)

AviSynth 2.5

Bejeweled 2 Deluxe

Build-a-lot 2

Cake Mania

Chuzzle Deluxe

Controle ActiveX do Windows Live Mesh para Conexões Remotas

D3DX10

Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition

Dell DataSafe Local Backup

Dell DataSafe Local Backup - Support Software

Dell Getting Started Guide

Dell PhotoStage

Dell VideoStage

Dell Webcam Central

Diner Dash 2 Restaurant Rescue

DirectX 9 Runtime

Dora's World Adventure

Escape Whisper Valley

Farm Frenzy

FATE

Final Drive Fury

Final Drive Nitro

FormatFactory 2.70

Intel® Processor Graphics

Java Auto Updater

Java 6 Update 31

Jewel Quest

Jewel Quest Solitaire 2

Jogos da WildTangent

Junk Mail filter update

K-Lite Codec Pack 5.9.0 (Basic)

Kaspersky Security Scan

LAME v3.98.3 for Audacity

Luxor

McAfee SecurityCenter

Mesh Runtime

Microsoft Office 2010 Service Pack 1 (SP1)

Microsoft Office Access MUI (Portuguese (Brazil)) 2010

Microsoft Office Excel MUI (Portuguese (Brazil)) 2010

Microsoft Office Home and Student 2010

Microsoft Office OneNote MUI (Portuguese (Brazil)) 2010

Microsoft Office Outlook MUI (Portuguese (Brazil)) 2010

Microsoft Office PowerPoint MUI (Portuguese (Brazil)) 2010

Microsoft Office Proof (English) 2010

Microsoft Office Proof (Portuguese (Brazil)) 2010

Microsoft Office Proof (Spanish) 2010

Microsoft Office Proofing (Portuguese (Brazil)) 2010

Microsoft Office Publisher MUI (Portuguese (Brazil)) 2010

Microsoft Office Shared MUI (Portuguese (Brazil)) 2010

Microsoft Office Single Image 2010

Microsoft Office Word MUI (Portuguese (Brazil)) 2010

Microsoft SkyDrive

Microsoft SQL Server 2005 Compact Edition [ENU]

Microsoft Visual C++ 2005 Redistributable

Microsoft Visual C++ 2005 Redistributable - KB2467175

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319

MSVCRT

MSVCRT_amd64

MSXML 4.0 SP2 (KB954430)

MSXML 4.0 SP2 (KB973688)

Namco All-Stars PAC-MAN

Palco de Música da Dell

Palco Dell

PDFCreator

Penguins!

PhotoFiltre Studio X

PhotoShowExpress

Plants vs. Zombies - Game of the Year

Polar Bowler

Polar Golfer

Roxio Activation Module

Roxio BackOnTrack

Roxio Burn

Roxio Creator Starter

Roxio Express Labeler 3

Samantha Swift

Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)

Security Update for Microsoft .NET Framework 4 Extended (KB2416472)

Security Update for Microsoft .NET Framework 4 Extended (KB2487367)

Security Update for Microsoft .NET Framework 4 Extended (KB2656351)

Security Update for Microsoft Excel 2010 (KB2597166) 32-Bit Edition

Security Update for Microsoft InfoPath 2010 (KB2553322) 32-Bit Edition

Security Update for Microsoft Office 2010 (KB2553091)

Security Update for Microsoft Office 2010 (KB2553096)

Security Update for Microsoft Office 2010 (KB2553260) 32-Bit Edition

Security Update for Microsoft Office 2010 (KB2553371) 32-Bit Edition

Security Update for Microsoft Office 2010 (KB2553447) 32-Bit Edition

Security Update for Microsoft Office 2010 (KB2589320) 32-Bit Edition

Security Update for Microsoft Office 2010 (KB2589322) 32-Bit Edition

Security Update for Microsoft Office 2010 (KB2597986) 32-Bit Edition

Security Update for Microsoft Office 2010 (KB2598243) 32-Bit Edition

Security Update for Microsoft PowerPoint 2010 (KB2553185) 32-Bit Edition

Security Update for Microsoft SharePoint Workspace 2010 (KB2566445)

Security Update for Microsoft Visio Viewer 2010 (KB2598287) 32-Bit Edition

Skype Toolbars

Skype™ 4.2

Sonic CinePlayer Decoder Pack

Spybot - Search & Destroy

Update for Microsoft .NET Framework 4 Client Profile (KB2468871)

Update for Microsoft .NET Framework 4 Client Profile (KB2473228)

Update for Microsoft .NET Framework 4 Client Profile (KB2533523)

Update for Microsoft .NET Framework 4 Client Profile (KB2600217)

Update for Microsoft .NET Framework 4 Extended (KB2468871)

Update for Microsoft .NET Framework 4 Extended (KB2533523)

Update for Microsoft .NET Framework 4 Extended (KB2600217)

Update for Microsoft Office 2010 (KB2494150)

Update for Microsoft Office 2010 (KB2553065)

Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition

Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition

Update for Microsoft Office 2010 (KB2553270) 32-Bit Edition

Update for Microsoft Office 2010 (KB2553272) 32-Bit Edition

Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition

Update for Microsoft Office 2010 (KB2566458)

Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition

Update for Microsoft Office 2010 (KB2598289) 32-Bit Edition

Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition

Update for Microsoft OneNote 2010 (KB2589345) 32-Bit Edition

Update for Microsoft Outlook 2010 (KB2553248) 32-Bit Edition

Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition

Update Installer for WildTangent Games App

Watchtower Library 2011 - Português

Wedding Dash - Ready, Aim, Love!

WildTangent Games App (Dell Games)

Windows Live Communications Platform

Windows Live Essentials

Windows Live Galeria de Fotos

Windows Live Installer

Windows Live Mail

Windows Live Mesh

Windows Live Messenger

Windows Live Movie Maker

Windows Live Photo Common

Windows Live Photo Gallery

Windows Live PIMT Platform

Windows Live SOXE

Windows Live SOXE Definitions

Windows Live UX Platform

Windows Live UX Platform Language Pack

Windows Live Writer

Windows Live Writer Resources

XP Codec Pack

Zuma Deluxe

.

==== End Of File ===========================

Compartilhar este post


Link para o post
Compartilhar em outros sites

Poste o log gerado pelo Spybot.

Compartilhar este post


Link para o post
Compartilhar em outros sites

Seguem abaixo os logs gerados.

05.09.2012 20:59:21 - ##### check started #####

05.09.2012 20:59:21 - ### Version: 1.6.2

05.09.2012 20:59:21 - ### Date: 05/09/2012 20:59:21

05.09.2012 20:59:24 - ##### checking bots #####

05.09.2012 21:10:38 - found: Banload Biblioteca

05.09.2012 21:10:38 - found: Banload Link

05.09.2012 21:10:38 - found: Banload Configurações do usuário

05.09.2012 21:10:38 - found: Banload Configurações do usuário

05.09.2012 21:10:38 - found: Banload Configurações

05.09.2012 21:10:38 - found: Banload Configurações

05.09.2012 21:10:38 - found: Banload Configurações

05.09.2012 21:10:38 - found: Banload Configurações

05.09.2012 21:10:38 - found: Banload Root class

05.09.2012 21:10:38 - found: Banload Class ID

05.09.2012 21:10:38 - found: Banload Browser helper object

05.09.2012 21:10:38 - found: Banload Root class

05.09.2012 21:10:38 - found: Banload Root class

05.09.2012 21:10:38 - found: Banload Root class

05.09.2012 21:19:03 - found: DoubleClick Cookie de rastreamento (Internet Explorer: Makson)

05.09.2012 21:19:03 - found: MediaPlex Cookie de rastreamento (Internet Explorer: Makson)

05.09.2012 21:19:03 - found: MediaPlex Cookie de rastreamento (Internet Explorer: Makson)

05.09.2012 21:19:05 - ##### check finished #####

_______________________________________________________________

--- Report generated: 2012-09-05 21:19 ---

Banload: [sBI $B60867D7] Biblioteca (Arquivo, nothing done)

C:\ProgramData\Windows\ntfs64.dll

Properties.size=9868800

Properties.md5=7725908FF93004F078A602CFFF94A32F

Properties.filedate=1346234101

Properties.filedatetext=2012-08-29 06:55:00

Banload: [sBI $2A920F06] Link (Arquivo, nothing done)

C:\Users\Makson\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Internet Explorer.lnk

Properties.size=1114

Properties.md5=B32914FE4AADB3C64125DA2FAC83CED5

Properties.filedate=1346890575

Properties.filedatetext=2012-09-05 21:16:15

Banload: [sBI $A3E44CF9] Configurações do usuário (Modificação no registro, nothing done)

HKEY_USERS\S-1-5-21-2843063288-2219436273-2221666036-1000\Software\Microsoft\Internet Explorer\BrowserEmulation\TLDUpdates

Banload: [sBI $A8A136F1] Configurações do usuário (Modificação no registro, nothing done)

HKEY_USERS\S-1-5-21-2843063288-2219436273-2221666036-1000\Software\Microsoft\Internet Explorer\IETld\StaleIETldCache

Banload: [sBI $BB5A4AD4] Configurações (Modificação no registro, nothing done)

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\ConsentPromptBehaviorAdmin

Banload: [sBI $BB5A4AD4] Configurações (Modificação no registro, nothing done)

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\ConsentPromptBehaviorAdmin

Banload: [sBI $CC268CF6] Configurações (Modificação no registro, nothing done)

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\EnableLUA

Banload: [sBI $CC268CF6] Configurações (Modificação no registro, nothing done)

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\EnableLUA

Banload: [sBI $5CA33A7C] Root class (Chave do registro, nothing done)

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ntfs64.WmpShrPl.IEAddon

Banload: [sBI $5CA33A7C] Class ID (Chave do registro, nothing done)

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{C2AC9443-3DE6-4378-ABAE-3870B886F92D}

Banload: [sBI $5CA33A7C] Browser helper object (Chave do registro, nothing done)

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C2AC9443-3DE6-4378-ABAE-3870B886F92D}

Banload: [sBI $5CA33A7C] Root class (Chave do registro, nothing done)

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ntfs64.WmpShrPl.IEAddon

Banload: [sBI $A994F797] Root class (Chave do registro, nothing done)

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WmpShrPl.IEAddon

Banload: [sBI $A994F797] Root class (Chave do registro, nothing done)

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WmpShrPl.IEAddon

DoubleClick: Cookie de rastreamento (Internet Explorer: Makson) (Cookie, nothing done)

MediaPlex: Cookie de rastreamento (Internet Explorer: Makson) (Cookie, nothing done)

MediaPlex: Cookie de rastreamento (Internet Explorer: Makson) (Cookie, nothing done)

--- Spybot - Search & Destroy version: 1.6.2 (build: 20090126) ---

2009-01-26 blindman.exe (1.0.0.8)

2009-01-26 SDFiles.exe (1.6.1.7)

2009-01-26 SDMain.exe (1.0.0.6)

2009-01-26 SDShred.exe (1.0.2.5)

2009-01-26 SDUpdate.exe (1.6.0.12)

2009-01-26 SDWinSec.exe (1.0.0.12)

2009-01-26 SpybotSD.exe (1.6.2.46)

2009-03-05 TeaTimer.exe (1.6.6.32)

2012-09-05 unins000.exe (51.49.0.0)

2009-01-26 Update.exe (1.6.0.7)

2009-11-04 advcheck.dll (1.6.5.20)

2007-04-02 aports.dll (2.1.0.0)

2008-06-14 DelZip179.dll (1.79.11.1)

2009-01-26 SDHelper.dll (1.6.2.14)

2008-06-19 sqlite3.dll

2009-01-26 Tools.dll (2.1.6.10)

2009-01-16 UninsSrv.dll (1.0.0.0)

2012-04-04 Includes\Adware.sbi (*)

2012-09-03 Includes\AdwareC.sbi (*)

2010-08-13 Includes\Cookies.sbi (*)

2010-12-14 Includes\Dialer.sbi (*)

2011-11-29 Includes\DialerC.sbi (*)

2012-01-31 Includes\HeavyDuty.sbi (*)

2012-06-19 Includes\Hijackers.sbi (*)

2012-07-31 Includes\HijackersC.sbi (*)

2010-09-15 Includes\iPhone.sbi (*)

2012-03-13 Includes\Keyloggers.sbi (*)

2012-03-13 Includes\KeyloggersC.sbi (*)

2004-11-29 Includes\LSP.sbi (*)

2012-08-28 Includes\Malware.sbi (*)

2012-09-04 Includes\MalwareC.sbi (*)

2011-02-24 Includes\PUPS.sbi (*)

2012-08-21 Includes\PUPSC.sbi (*)

2010-01-25 Includes\Revision.sbi (*)

2012-06-19 Includes\Security.sbi (*)

2011-12-13 Includes\SecurityC.sbi (*)

2008-06-03 Includes\Spybots.sbi (*)

2008-06-03 Includes\SpybotsC.sbi (*)

2012-09-05 Includes\Spyware.sbi (*)

2012-09-04 Includes\SpywareC.sbi (*)

2010-03-08 Includes\Tracks.uti

2011-09-28 Includes\Trojans.sbi (*)

2012-09-04 Includes\TrojansC-02.sbi (*)

2012-08-30 Includes\TrojansC-03.sbi (*)

2012-08-28 Includes\TrojansC-04.sbi (*)

2012-08-31 Includes\TrojansC-05.sbi (*)

2012-08-27 Includes\TrojansC.sbi (*)

2008-03-04 Plugins\Chai.dll

2008-03-05 Plugins\Fennel.dll

2008-02-26 Plugins\Mate.dll

2007-12-24 Plugins\TCPIPAddress.dll

__________________________________________

05.09.2012 21:22:42 - ##### check started #####

05.09.2012 21:22:42 - ### Version: 1.6.2

05.09.2012 21:22:42 - ### Date: 05/09/2012 21:22:42

05.09.2012 21:22:44 - ##### checking bots #####

05.09.2012 22:54:13 - ##### check finished #####

____________________________________

--- Report generated: 2012-09-05 22:54 ---

Parabéns!: Nenhuma ameaça imediata foi encontrada. (Status)

--- Spybot - Search & Destroy version: 1.6.2 (build: 20090126) ---

2009-01-26 blindman.exe (1.0.0.8)

2009-01-26 SDFiles.exe (1.6.1.7)

2009-01-26 SDMain.exe (1.0.0.6)

2009-01-26 SDShred.exe (1.0.2.5)

2009-01-26 SDUpdate.exe (1.6.0.12)

2009-01-26 SDWinSec.exe (1.0.0.12)

2009-01-26 SpybotSD.exe (1.6.2.46)

2009-03-05 TeaTimer.exe (1.6.6.32)

2012-09-05 unins000.exe (51.49.0.0)

2009-01-26 Update.exe (1.6.0.7)

2009-11-04 advcheck.dll (1.6.5.20)

2007-04-02 aports.dll (2.1.0.0)

2008-06-14 DelZip179.dll (1.79.11.1)

2009-01-26 SDHelper.dll (1.6.2.14)

2008-06-19 sqlite3.dll

2009-01-26 Tools.dll (2.1.6.10)

2009-01-16 UninsSrv.dll (1.0.0.0)

2012-04-04 Includes\Adware.sbi (*)

2012-09-03 Includes\AdwareC.sbi (*)

2010-08-13 Includes\Cookies.sbi (*)

2010-12-14 Includes\Dialer.sbi (*)

2011-11-29 Includes\DialerC.sbi (*)

2012-01-31 Includes\HeavyDuty.sbi (*)

2012-06-19 Includes\Hijackers.sbi (*)

2012-07-31 Includes\HijackersC.sbi (*)

2010-09-15 Includes\iPhone.sbi (*)

2012-03-13 Includes\Keyloggers.sbi (*)

2012-03-13 Includes\KeyloggersC.sbi (*)

2004-11-29 Includes\LSP.sbi (*)

2012-08-28 Includes\Malware.sbi (*)

2012-09-04 Includes\MalwareC.sbi (*)

2011-02-24 Includes\PUPS.sbi (*)

2012-08-21 Includes\PUPSC.sbi (*)

2010-01-25 Includes\Revision.sbi (*)

2012-06-19 Includes\Security.sbi (*)

2011-12-13 Includes\SecurityC.sbi (*)

2008-06-03 Includes\Spybots.sbi (*)

2008-06-03 Includes\SpybotsC.sbi (*)

2012-09-05 Includes\Spyware.sbi (*)

2012-09-04 Includes\SpywareC.sbi (*)

2010-03-08 Includes\Tracks.uti

2011-09-28 Includes\Trojans.sbi (*)

2012-09-04 Includes\TrojansC-02.sbi (*)

2012-08-30 Includes\TrojansC-03.sbi (*)

2012-08-28 Includes\TrojansC-04.sbi (*)

2012-08-31 Includes\TrojansC-05.sbi (*)

2012-08-27 Includes\TrojansC.sbi (*)

2008-03-04 Plugins\Chai.dll

2008-03-05 Plugins\Fennel.dll

2008-02-26 Plugins\Mate.dll

2007-12-24 Plugins\TCPIPAddress.dll

Compartilhar este post


Link para o post
Compartilhar em outros sites

Leia as instruções contidas neste link:

Nas instruções contidas no link acima, poderá verificar quais os fóruns onde os Analistas estão devidamente habilitados a utilizar corretamente a ferramenta:"Fóruns para receber ajuda com logs do ComboFix"

  1. Faça o download do ComboFix de um dos links oficiais listados abaixo e salve no seu desktop:

[*]Temporariamente e durante a execução destas instruções, é muito importante que mantenha desabilitados os seus programas de proteção (Antivirus, Antispyware e Firewall). Reative as proteções após a execução do(s) procedimento(s) abaixo mencionado(s).[*]Duplo clique no icone desktopicon.png que está no desktop.[*]Leia e aceite as condições, digitando 1 e enter.[*]Computadores com Windows XP deverão instalar o Console de Recuperação:

  • Se o seu computador tem instalado o Windows XP e ainda não tem instalado o Console de Recuperação, por favor certifique-se que está conectado à Internet, e clique em "Sim".
  • Clique em "OK" ao EULA.
  • Quando o Console de Recuperação estiver já instalado, clique em "SIM" para continuar.

[*]O ComboFix será executado, por favor seja paciente e aguarde. [*]Atenção: Não utilize o mouse nem o teclado enquanto a ferramenta estiver sendo executada, isso pode fazer com que o computador pare.[*]Poderá surgir o aviso que é necessário reiniciar o computador.

NÃO REINICIE!!! O ComboFix reiniciará o computador automaticamente.[*]Quando a ferramenta terminar de rodar, gerará um log (o arquivo C:\ComboFix.txt). Copie e cole o conteúdo desse arquivo na sua proxima resposta.

NÃO utilize a ferramenta por conta própria. É uma ferramenta poderosa criada pra lidar com infecções sofisticadas e caso não a utilize corretamente poderá danificar o seu computador.

  • Existem vários malwares que impedem a execução correta da ferramenta e com isso danificar gravemente o computador. Analistas habilitados a utilizar o ComboFix conhecem esses casos e sabem lidar com estas situações.
  • Muitos dos Analistas não respondem a topicos em que vejam que o ComboFix foi utilizado sem supervisão.
  • Existem varias ferramentas anti-malware generalistas em que os autores ao elaborarem a programação das mesmas, estão pensando nos usuários finais e para serem usadas sem supervisão. O Combofix não é uma ferramenta desse tipo, e assim sendo e até por respeito ao autor da ferramenta, não utilize sem supervisão.

Compartilhar este post


Link para o post
Compartilhar em outros sites

Renato,

Fiz exatmanente como descrito nas instruções.

Ao reiniciar, o SO apresentou "tela azul" de erro do Windows. Isso é normal?

Quanto ao log, o único arquivo ComboFix.txt gerado pelo programa que eu encontrei contém a seguinte informação:

ComboFix 12-09-14.03 - Makson 15/09/2012 10:28:53.1.4 - x64

Microsoft Windows 7 Home Premium 6.1.7601.1.1252.55.1046.18.4003.2237 [GMT -3:00]

Executando de: C:\Users\Makson\Desktop\ComboFix.exe

AV: McAfee Anti-Virus and Anti-Spyware *Disabled/Updated* {86355677-4064-3EA7-ABB3-1B136EB04637}

FW: McAfee Firewall *Disabled* {BE0ED752-0A0B-3FFF-80EC-B2269063014C}

SP: McAfee Anti-Virus and Anti-Spyware *Disabled/Updated* {3D54B793-665E-3129-9103-206115370C8A}

SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

* Criado um novo ponto de restauração

ADS - drivers: deleted 208 bytes in 1 streams.

Compartilhar este post


Link para o post
Compartilhar em outros sites

Você desativou o antivírus antes de executar o ComboFix?

Compartilhar este post


Link para o post
Compartilhar em outros sites

Sim, sim...

Houve algo de errado?

Compartilhar este post


Link para o post
Compartilhar em outros sites

O ComboFix teve uma interrupção abrupta, isso geralmente é causado por antivírus.

Reinicie em Modo de Segurança (Pressione intermitentemente F8 durante a inicialização, no menu que aparecer escolha através da seta de navegação, Modo Seguro).

Tente executar novamente o ComboFix desta maneira.

Compartilhar este post


Link para o post
Compartilhar em outros sites

Acabei de tentar pelo modo de segurança, mas o Combofix não funcionou.

Primeiro acusou a falta de alguns arquivos, cliquei em "next" diversas vezes e por fim ele informa que o anti-virus e anti-spyware estão ativos, ainda que em modo de segurança!

Reinicie no modo normal e agora não consigo ativar nenhum firewall, nem do Windows nem do McAfee.

Compartilhar este post


Link para o post
Compartilhar em outros sites

Faça o download do Malwarebytes Anti-Malware:

  • Link1
  • Link alternativo
    • Clique duas vezes em mbam-setup.exe, escolha a linguagem e siga as instruções para o software ser instalado.
    • Certifique-se que esteja marcada a caixa Atualizar Malwarebytes Anti-Malware e Executar Malwarebytes Anti-Malware, e clique em concluir.
    • Se existirem atualizações, elas serão baixadas e instaladas.
    • Quando as atualizações terminarem, abrirá uma janela do programa. Marque "Verificação Rápida", e depois clique no botão Verificar.
    • O scan iniciará e poderá ser demorado. Por favor seja paciente.
    • Quando o scan estiver completo, clique em Ok, depois em Mostrar Resultados para ver o log.
    • Se algo for encontrado, certifique-se que tudo está marcado e clique em Remover.
    • Quando a desinfecção terminar, automaticamente um log surgirá aberto num documento do Bloco de Notas e pode ser questionado para reiniciar o PC. (Leia a nota)
    • O log é automaticamente guardado e pode ser consultado clicando na tab Logs do menu principal.
    • Copie e cole o conteúdo desse log na sua próxima resposta.

Nota: Em infecções mais complicadas, poderá haver a necessidade de reiniciar o PC. Caso lhe seja pedido para reiniciar, por favor, faça-o imediatamente.

Compartilhar este post


Link para o post
Compartilhar em outros sites

Renato, segue o log.

Malwarebytes Anti-Malware (Trial) 1.65.0.1400

www.malwarebytes.org

Versão da Base de Dados: v2012.09.18.08

Windows 7 Service Pack 1 x64 NTFS

Internet Explorer 9.0.8112.16421

Makson :: MAKSON-PC [administrador]

Proteção: Permitir

18/09/2012 18:08:57

mbam-log-2012-09-18 (18-15-42).txt

Tipo de Verificação: Verificação Rápida

Opções de verificações ativadas: Memória | Inicialização | Registro | Sistema de arquivos | Heurística/Extra | Heurística/Shuriken | PUP | PUM

Opções de verificação desativadas: P2P

Objetos escaneados: 199748

Tempo decorrido: 6 minuto(s), 3 segundo(s)

Processos de Memória Detectados: 0

(Não foram detectados ítens maliciosos)

Módulos de Memória Detectados: 0

(Não foram detectados ítens maliciosos)

Chaves de Registro Detectadas: 0

(Não foram detectados ítens maliciosos)

Valores de Registro Detectadas: 1

HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings|AutoConfigURL (Hijack.Autoconfig) -> Data: http://www.portalnadal.com.br/t.pac -> Nenhuma ação foi feita.

Itens de Dados no Registro Detectadas: 0

(Não foram detectados ítens maliciosos)

Pastas Detectadas: 0

(Não foram detectados ítens maliciosos)

Arquivos Detectados: 0

(Não foram detectados ítens maliciosos)

(fim)

Compartilhar este post


Link para o post
Compartilhar em outros sites

Faça novo scan e mande excluir essa entrada de registro.

Baixe o Kaspersky AVP Tool de um desses 2 links:

http://devbuilds.kaspersky-labs.com/devbuilds/AVPTool/

http://dnl-us6.kaspersky-labs.com/devbuilds/AVPTool/

Você será conduzido a uma página da Kaspersky, solicitando um email para cadastro, nome e sobrenome. Somente o campo "email" é obrigatório.

Informe seu email depois clique no botão Submit Form.

A página será recarregada. Clique no botão Download

Salve-o em sua área de trabalho.

Execute o arquivo e aguarde a instalação.

** Usuários do Windows Vista e Windows 7:

Clique com o direito sobre o arquivo, depois clique em Executar como administrador

Na tela do contrato de licença, marque a opção I accept the license agreement e depois clique no botão Start. Aparentemente o programa congela e nada acontece. É normal, apenas aguarde até aparecer a tela inicial do programa, e então clique no ícone Settings:

KRT_settings.png

Nesta tela, marque a caixa ao lado de:

  • Meu Computador
  • Disco local (C:)

Marque também todas as unidades que aparecem abaixo de Disco Local, caso houverem. Depois clique na aba Automatic Scan

KRT_install2_.png

De volta à tela inicial do programa, clique no botão Start scanning

Tenha paciência, é um pouco demorado.

Quando terminar, caso tenha detectado algo, o programa irá lhe perguntar o que fazer.

Marque o quadradinho ao lado de Apply to all objects e depois clique em Skip (queremos apenas o log).

KRT_detection_.png

Enquanto durar o exame, a tela inicial exibirá uma barra de progresso. Quando terminar, o programa exibirá o status concluído e um botão que ficará na cor laranja, caso nada tenha sido detectado, e na cor vermelha, caso tenha encontrado algo.

Caso tenha detectado algo, o programa também exibirá uma tela de alerta, avisando que o seu sistema está desprotegido e sugerindo um produto da Kaspersky. Clique no botão No, thanks.

De volta à tela principal, caso tenha sido detectado algo, então salve o log. Se você fechar o programa e esquecer de salvar o log, terá que repetir todo o scan novamente.

Para salvar o log, clique no ícone Reports (ao lado do ícone "Settings"). Na próxima janela, clique em Detected Threats, depois clique no ícone de disquete para salvar o log.

Escolha um local de fácil acesso e salve como log.txt

Copie todo o conteúdo desse bloco de notas e cole na sua próxima resposta.

Se nada for detectado, então não precisa salvar o log. Apenas poste aqui avisando.

Para sair do programa, basta clicar no X no canto superior direito.

Compartilhar este post


Link para o post
Compartilhar em outros sites

Renato,

Fiz o scan e foram detectados duas ameaças; porém o arquivo de log está muito grande (128MB) e não estou conseguindo colar no post. O que faço?

Compartilhar este post


Link para o post
Compartilhar em outros sites

Poste apenas o que foi detectado.

Compartilhar este post


Link para o post
Compartilhar em outros sites





Sobre o Clube do Hardware

No ar desde 1996, o Clube do Hardware é uma das maiores, mais antigas e mais respeitadas publicações sobre tecnologia do Brasil. Leia mais

Direitos autorais

Não permitimos a cópia ou reprodução do conteúdo do nosso site, fórum, newsletters e redes sociais, mesmo citando-se a fonte. Leia mais

×
×
  • Criar novo...

GRÁTIS: minicurso “Como ganhar dinheiro montando computadores”

Gabriel TorresGabriel Torres, fundador e editor executivo do Clube do Hardware, acaba de lançar um minicurso totalmente gratuito: "Como ganhar dinheiro montando computadores".

Você aprenderá sobre o quanto pode ganhar, como cobrar, como lidar com a concorrência, como se tornar um profissional altamente qualificado e muito mais!

Inscreva-se agora!