Ir ao conteúdo
  • Cadastre-se

Leo03

Membros Plenos
  • Total de itens

    406
  • Registro em

  • Última visita

  • Qualificações

    0%

Reputação

0

Sobre Leo03

  • Data de Nascimento 18-08-1977 (41 anos)

Informações gerais

  • Cidade e Estado
    João Monlevade, MG
  1. Leo03

    Suspeita de Malware

    Logs anexados. Sobre o passo 2, não sei se não habilitei alguma opção que era para habilitar mas o ESET não deletou os arquivos infectados. Devo selecionar a opção e fazê-lo? DIgo, excluir os arquivos infectados? A janela ainda está aberta. eset.txt JRT.txt
  2. Leo03

    Suspeita de Malware

    Verificação efetuada, logs anexados. Log_Malwarebytes2.txt Log_Malwarebytes1.txt
  3. Leo03

    Suspeita de Malware

    Tentei executar o adwcleaner.exe como recomendado, ou seja, clicando com o botão direito e abrindo como Administrador e o programa abria e fechava rapidamente. Desalibitei o anti virus, tentei logando como Admininistrador, pelo modo de segurança, e apresentou a mesma situação. Tentei verificar pelas opções de compatibilidade e também não rodou. Como este programa estava como opção 1 achei melhor escrever antes de rodar a opção 2 (mbam-setup.exe).
  4. Leo03

    Suspeita de Malware

    Feito o scan com o relatório em anexo. Uma dúvida: o programa Malwarebytes havia encontrado 02 arquivos suspeitos/infectados, que não foram removidos. Isto foi feito agora com o Zoek? Ou tudo está sendo feito por etapas: identificação e depois remoção. zoek-results.txt
  5. Leo03

    Suspeita de Malware

    Olá Carlos, Obrigado pela ajuda. Arquivos anexados P.s.: aproveitei também para colocar o log do GMER que não havia conseguido postar antes. mbar-log-2014-12-13 (11-57-01).txt system-log.txt GMER.txt
  6. Caros colegas, acredito que o meu PC esteja infectado: browsers não funcionam, Avast indica que módulos de proteção bancários são prejuduciais, lentidão anormal, etc. Abaixo os logs: DDS.txt DDS (Ver_2012-11-20.01) - NTFS_x86 Internet Explorer: 8.0.7600.17267 BrowserJavaVersion: 10.67.2 Run by Leonardo at 17:18:05 on 2014-12-07 Microsoft Windows 7 Ultimate 6.1.7600.0.1252.55.1046.18.2997.1529 [GMT -2:00] . AV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B} SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736} . ============== Running Processes ================ . C:\Windows\system32\wininit.exe C:\Windows\system32\lsm.exe C:\PROGRA~1\GbPlugin\GbpSv.exe C:\Program Files\Alwil Software\Avast5\AvastSvc.exe C:\Windows\system32\WLANExt.exe C:\Windows\system32\conhost.exe C:\Windows\System32\spoolsv.exe C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe C:\Program Files\Realtek\Audio\HDA\AERTSrv.exe C:\Program Files\ANSYS Inc\Shared Files\Licensing\win32\ansysli_server.exe C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe C:\Program Files\Rockwell Software\FactoryTalk Activation\Tools\FTActivationBoost.exe C:\ProgramData\DatacardService\HWDeviceService.exe C:\Windows\system32\taskeng.exe C:\Program Files\ANSYS Inc\Shared Files\Licensing\win32\ansysli_monitor.exe C:\Windows\system32\conhost.exe C:\Windows\system32\Dwm.exe C:\Windows\system32\taskhost.exe C:\Windows\Explorer.EXE C:\ProgramData\Mobile Partner\OnlineUpdate\ouc.exe C:\Program Files\Rockwell Software\Emonitor\OLDM_Service.exe C:\Program Files\Google\Update\GoogleUpdate.exe C:\Program Files\Sony\PMB\PMBDeviceInfoProvider.exe c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe C:\Program Files\Common Files\Rockwell\RNADiagnosticsSrv.exe C:\Program Files\Common Files\Rockwell\RsvcHost.exe C:\Program Files\Scpad\scpVista.exe C:\ProgramData\DatacardService\DCSHelper.exe C:\Program Files\Diebold\Warsaw\core.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE C:\Program Files\Intel\WiFi\bin\EvtEng.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe C:\Windows\system32\SearchIndexer.exe C:\Windows\System32\alg.exe C:\Windows\system32\wbem\unsecapp.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe C:\Windows\System32\igfxtray.exe C:\Windows\System32\hkcmd.exe C:\Windows\System32\igfxpers.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe C:\Program Files\Synaptics\SynTP\SynTPHelper.exe C:\Program Files\Dell\QuickSet\quickset.exe C:\Program Files\Sony\PMB\PMBVolumeWatcher.exe C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe C:\Program Files\HP\HP Software Update\hpwuschd2.exe C:\Windows\system32\wbem\unsecapp.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\Alwil Software\Avast5\AvastUI.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\Program Files\DAEMON Tools Lite\DTLite.exe C:\Program Files\iPod\bin\iPodService.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Program Files\Intel\Intel® Management Engine Components\LMS\LMS.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Intel\Intel® Management Engine Components\UNS\UNS.exe C:\Windows\system32\wuauclt.exe C:\Windows\servicing\TrustedInstaller.exe C:\Windows\system32\conhost.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Windows\system32\RunDll32.exe C:\Windows\system32\conhost.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Windows\system32\svchost.exe -k imgsvc C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Windows\System32\svchost.exe -k secsvcs C:\Windows\system32\svchost.exe -k SDRSVC . ============== Pseudo HJT Report =============== . uURLSearchHooks: {b81767e1-672d-4da1-b5cc-d277185815a6} - <orphaned> BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll BHO: ssh2 Class: {2E3C3651-B19C-4DD9-A979-901EC3E930AF} - c:\program files\scpad\scpsssh2.dll BHO: GlobalEnglish: {4d02e7e6-5930-4b51-b9b0-9f21b3789400} - BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll BHO: Windows Live Messenger Companion Helper: {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - c:\program files\windows live\companion\companioncore.dll BHO: Skype Click to Call for Internet Explorer: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - c:\program files\skype\toolbars\internet explorer\SkypeIEPlugin.dll BHO: GbIehObj Class: {C41A1C0E-EA6C-11D4-B1B8-444553540000} - c:\program files\gbplugin\gbieh.dll BHO: GbIehObj Class: {C41A1C0E-EA6C-11D4-B1B8-444553540003} - c:\program files\gbplugin\gbiehcef.dll BHO: GbIehObj Class: {C41A1C0E-EA6C-11D4-B1B8-444553540007} - c:\program files\gbplugin\gbiehabn.dll BHO: GbIehObj Class: {C41A1C0E-EA6C-11D4-B1B8-444553540008} - c:\program files\gbplugin\gbiehuni.dll BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll TB: GlobalEnglish: {4d02e7e6-5930-4b51-b9b0-9f21b3789400} - uRun: [DAEMON Tools Lite] "c:\program files\daemon tools lite\DTLite.exe" -autorun mRun: [RtHDVCpl] c:\program files\realtek\audio\hda\RtHDVCpl.exe -s mRun: [igfxTray] c:\windows\system32\igfxtray.exe mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe mRun: [Persistence] c:\windows\system32\igfxpers.exe mRun: [synTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe mRun: [intelWireless] "c:\program files\common files\intel\wirelesscommon\iFrmewrk.exe" /tf Intel Wireless Tray mRun: [QuickSet] c:\program files\dell\quickset\QuickSet.exe mRun: [Microsoft Default Manager] "c:\program files\microsoft\search enhancement pack\default manager\DefMgr.exe" -resume mRun: [PMBVolumeWatcher] c:\program files\sony\pmb\PMBVolumeWatcher.exe mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe" mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe" mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe" mRun: [AvastUI.exe] "c:\program files\alwil software\avast5\AvastUI.exe" /nogui mRun: [sunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe" uPolicies-Explorer: NoDriveTypeAutoRun = dword:145 mPolicies-System: ConsentPromptBehaviorAdmin = dword:0 mPolicies-System: ConsentPromptBehaviorUser = dword:3 mPolicies-System: EnableLUA = dword:0 mPolicies-System: EnableUIADesktopToggle = dword:0 mPolicies-System: PromptOnSecureDesktop = dword:0 IE: &Enviar para o OneNote - c:\progra~1\mif5ba~1\office14\ONBttnIE.dll/105 IE: &GlobalEnglish-Define - c:\program files\globalenglish\globalenglish lingo\Dictionary.html IE: &GlobalEnglish-Hear/Say - c:\program files\globalenglish\globalenglish lingo\Hear.html IE: &GlobalEnglish-Save Word - c:\program files\globalenglish\globalenglish lingo\Vocab.html IE: &GlobalEnglish-Translate - c:\program files\globalenglish\globalenglish lingo\Translate.html IE: Abrir com o GetRight Browser - c:\progra~1\getright\GRbrowse.htm IE: Download com o GetRight - c:\progra~1\getright\GRdownload.htm IE: E&xportar para o Microsoft Excel - c:\progra~1\mif5ba~1\office11\EXCEL.EXE/3000 IE: GlobalEnglish-Define - c:\program files\globalenglish\globalenglish lingo\Dictionary.html IE: GlobalEnglish-Hear/Say - c:\program files\globalenglish\globalenglish lingo\Hear.html IE: GlobalEnglish-Save Word - c:\program files\globalenglish\globalenglish lingo\Vocab.html IE: GlobalEnglish-Translate - c:\program files\globalenglish\globalenglish lingo\Translate.html IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - c:\program files\windows live\companion\companioncore.dll IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\SkypeIEPlugin.dll IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} Trusted Zone: itau.com.br DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_15-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab DPF: {CAFEEFAC-0017-0000-0015-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_15-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab TCP: NameServer = 200.222.123.102 200.165.132.148 TCP: Interfaces\{1A338DB3-37FA-4BBB-9684-17A4C873C511} : DHCPNameServer = 200.222.123.102 200.165.132.148 TCP: Interfaces\{1A338DB3-37FA-4BBB-9684-17A4C873C511}\14E64627F696461405 : DHCPNameServer = 192.168.43.1 TCP: Interfaces\{1A338DB3-37FA-4BBB-9684-17A4C873C511}\3416371602645627D696562757C657960275 : DHCPNameServer = 192.168.2.1 TCP: Interfaces\{1A338DB3-37FA-4BBB-9684-17A4C873C511}\84F64756C6D21446C65627 : DHCPNameServer = 192.168.2.1 TCP: Interfaces\{1A338DB3-37FA-4BBB-9684-17A4C873C511}\D455353555C4F493 : DHCPNameServer = 208.67.222.222 208.67.222.220 4.2.2.1 8.8.8.8 TCP: Interfaces\{1A338DB3-37FA-4BBB-9684-17A4C873C511}\D457C64796C616375627F575350313 : DHCPNameServer = 200.222.123.102 200.165.132.148 TCP: Interfaces\{1A338DB3-37FA-4BBB-9684-17A4C873C511}\D616279656C6C697 : DHCPNameServer = 200.159.205.12 200.159.205.11 192.168.0.1 TCP: Interfaces\{A4719EF8-3659-4E19-B226-E51575BF3469} : DHCPNameServer = 192.168.1.1 TCP: Interfaces\{ACBF21B2-91B8-4D00-9FDD-53E2D0866B43} : NameServer = 193.189.244.206 193.189.244.225 Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\program files\common files\skype\Skype4COM.dll Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\SkypeIEPlugin.dll Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - c:\program files\windows live\photo gallery\AlbumDownloadProtocolHandler.dll Name-Space Handler: ftp\GetRightIEClickCatcher - {73BA8F12-723E-11D1-A9E2-00403320FCF2} - c:\program files\getright\xx2gr.dll Name-Space Handler: http\GetRightIEClickCatcher - {73BA8F12-723E-11D1-A9E2-00403320FCF2} - c:\program files\getright\xx2gr.dll Notify: GbPluginAbn - c:\program files\gbplugin\gbiehAbn.dll Notify: GbPluginBb - c:\program files\gbplugin\gbieh.dll Notify: GbPluginCef - c:\program files\gbplugin\gbiehCef.dll Notify: GbPluginUni - c:\program files\gbplugin\gbiehUni.dll Notify: igfxcui - igfxdev.dll SSODL: WebCheck - <orphaned> SSODL: CompIBBrd - {A3717295-941D-416F-9384-ED1736729F1C} - c:\program files\scpad\scpLIB.dll SEH: GbPluginObj Class - {E37CB5F0-51F5-4395-A808-5FA49E399003} - c:\program files\gbplugin\gbiehcef.dll SEH: GbPluginObj Class - {E37CB5F0-51F5-4395-A808-5FA49E399007} - c:\program files\gbplugin\gbiehabn.dll SEH: GbPluginObj Class - {E37CB5F0-51F5-4395-A808-5FA49E399008} - c:\program files\gbplugin\gbiehuni.dll SEH: GbPluginObj Class - {E37CB5F0-51F5-4395-A808-5FA49E399F83} - c:\program files\gbplugin\gbieh.dll mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "c:\program files\google\chrome\application\39.0.2171.71\installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome . ============= SERVICES / DRIVERS =============== . R0 aswRvrt;avast! Revert;c:\windows\system32\drivers\aswRvrt.sys [2014-6-26 49944] R0 aswVmm;avast! VM Monitor;c:\windows\system32\drivers\aswVmm.sys [2014-6-26 192352] R0 GbpKm;Gbp KernelMode;c:\windows\system32\drivers\gbpkm.sys [2011-3-10 47192] R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswsnx.sys [2012-1-29 779536] R1 aswSP;aswSP;c:\windows\system32\drivers\aswsp.sys [2011-2-6 414520] R1 Ndisrd;GAS Tecnologia Filter Driver;c:\windows\system32\drivers\gbpndisrdn.sys [2014-3-28 29400] R2 AERTFilters;Andrea RT Filters Service;c:\program files\realtek\audio\hda\AERTSrv.exe [2011-2-5 87968] R2 ANSYS, Inc. License Manager;ANSYS, Inc. License Manager;c:\program files\ansys inc\shared files\licensing\win32\ansysli_server.exe [2011-2-27 3326976] R2 aswHwid;avast! HardwareID;c:\windows\system32\drivers\aswHwid.sys [2014-6-26 24184] R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2011-2-6 67824] R2 avast! Antivirus;avast! Antivirus;c:\program files\alwil software\avast5\AvastSvc.exe [2014-10-12 50344] R2 c2cautoupdatesvc;Skype Click to Call Updater;c:\program files\skype\toolbars\autoupdate\SkypeC2CAutoUpdateSvc.exe [2014-7-14 1390176] R2 c2cpnrsvc;Skype Click to Call PNR Service;c:\program files\skype\toolbars\pnrsvc\SkypeC2CPNRSvc.exe [2014-7-14 1767520] R2 FTActivationBoost;FactoryTalk Activation Helper;c:\program files\rockwell software\factorytalk activation\tools\FTActivationBoost.exe [2008-5-22 58664] R2 GbpSv;Gbp Service;c:\progra~1\gbplugin\GbpSv.exe [2014-12-6 546104] R2 HWDeviceService.exe;HWDeviceService.exe;c:\programdata\datacardservice\HWDeviceService.exe [2011-3-14 271712] R2 OLDM_Service;OLDM_Service;c:\program files\rockwell software\emonitor\OLDM_Service.exe [2011-2-9 180309] R2 PMBDeviceInfoProvider;PMBDeviceInfoProvider;c:\program files\sony\pmb\PMBDeviceInfoProvider.exe [2011-3-15 428384] R2 scpVista;scpVista;c:\program files\scpad\scpVista.exe [2012-5-15 368544] R2 UNS;Intel® Management & Security Application User Notification Service;c:\program files\intel\intel® management engine components\uns\UNS.exe [2011-2-5 2533400] R2 Warsaw Technology;Warsaw Technology;c:\program files\diebold\warsaw\core.exe [2014-9-27 518968] R3 huawei_enumerator;huawei_enumerator;c:\windows\system32\drivers\ew_jubusenum.sys [2012-9-6 73216] R3 Impcd;Impcd;c:\windows\system32\drivers\Impcd.sys [2011-2-6 132480] R3 IntcDAud;Áudio do vídeo Intel®;c:\windows\system32\drivers\IntcDAud.sys [2011-2-6 232960] R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\drivers\L1C62x86.sys [2011-2-5 65576] R3 NETw5s32;Driver do adaptador Intel® Wireless WiFi Link Série 5000 para Windows 7 32 bits;c:\windows\system32\drivers\NETw5s32.sys [2010-3-17 6758912] R3 ufldrkog;ufldrkog;C:\ufldrkog.sys [2014-12-7 104960] S2 aswStm;aswStm;c:\windows\system32\drivers\aswstm.sys [2014-6-26 71944] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S2 FactoryTalk Activation Service;FactoryTalk Activation Service;c:\program files\rockwell software\factorytalk activation\lmgrd.exe [2003-11-17 659456] S2 MgAssistService;MgAssist Service;c:\program files\mobogenie\mgassist.exe --> c:\program files\mobogenie\MgAssist.exe [?] S2 Mobile Partner. RunOuc;Mobile Partner. OUC;c:\program files\mobile partner\updatedog\ouc.exe [2012-9-6 246112] S2 SkypeUpdate;Skype Updater;c:\program files\skype\updater\Updater.exe [2013-10-23 172192] S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-13 229888] S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\drivers\ssudbus.sys [2013-11-20 84248] S3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device;c:\windows\system32\drivers\ew_hwusbdev.sys [2012-9-6 102784] S3 ewusbmbb;HUAWEI USB-WWAN miniport;c:\windows\system32\drivers\ewusbwwan.sys [2012-9-6 353280] S3 fssfltr;fssfltr;c:\windows\system32\drivers\fssfltr.sys [2012-6-29 39272] S3 fsssvc;Windows Live Family Safety Service;c:\program files\windows live\family safety\fsssvc.exe [2012-3-8 1492840] S3 Gupta SQLBase Resource Manager Server1;Gupta SQLBase Resource Manager Server1;c:\program files\gupta\sqlbase901\SQLBrm.exe [2011-2-9 98304] S3 Gupta SQLBase Server1;Gupta SQLBase Server1;c:\program files\gupta\sqlbase901\dbntsrv.exe [2011-2-9 1138688] S3 mmpDrv;MiniAide Magic Partition Driver;c:\windows\system32\drivers\mmpDrv.sys [2013-5-6 18960] S3 mmpguidrv;MiniAide Magic Partition Gui Driver;c:\windows\system32\drivers\MmpGuiDrv.sys [2013-5-6 11152] S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;c:\program files\intel\wifi\bin\PanDhcpDns.exe [2010-3-5 227600] S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\drivers\RtsUStor.sys [2011-2-5 193056] S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\drivers\ssudmdm.sys [2013-11-20 182680] S3 WatAdminSvc;Serviço de Tecnologias de Ativação do Windows;c:\windows\system32\wat\WatAdminSvc.exe [2011-2-6 1343400] S4 SchedulrSvc;SchedulrSvc;c:\program files\rockwell software\emonitor\SchedulrSvc.exe [2011-2-9 90112] S4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\windows live\mesh\wlcrasvc.exe [2010-9-22 51040] . =============== File Associations =============== . FileExt: .scr: Applications\mhqmmcde.exe="e:\documents\downloads\mhqmmcde.exe" "%1" [userChoice] ShellExec: FOXITR~1.EXE: print="c:\progra~1\foxits~1\foxitr~1\FOXITR~1.EXE"/p "%1" ShellExec: FOXITR~1.EXE: printto="c:\progra~1\foxits~1\foxitr~1\FOXITR~1.EXE"/t "%1" "%2" "%3" "%4" . =============== Created Last 30 ================ . 2014-12-07 19:10:19 104960 ----a-w- C:\ufldrkog.sys 2014-12-07 18:58:40 62576 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{741072e0-d227-4cf1-9e32-e61e98c1dc7e}\offreg.dll 2014-12-07 18:55:18 -------- d-----w- c:\users\leonardo\appdata\local\Apps 2014-12-07 17:49:52 163504 ----a-w- c:\programdata\microsoft\windows\sqm\manifest\Sqm10145.bin 2014-12-07 17:42:01 8941456 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{741072e0-d227-4cf1-9e32-e61e98c1dc7e}\mpengine.dll 2014-12-07 17:20:01 254464 ----a-w- c:\windows\system32\generaltel.dll 2014-12-07 17:20:00 203776 ----a-w- c:\windows\system32\aepdu.dll 2014-12-07 17:19:59 303104 ----a-w- c:\windows\system32\aeinv.dll . ==================== Find3M ==================== . 2014-11-24 16:04:58 229000 ------w- c:\windows\system32\MpSigStub.exe 2014-11-23 20:53:56 779536 ----a-w- c:\windows\system32\drivers\aswsnx.sys 2014-11-19 17:39:06 47192 ----a-w- c:\windows\system32\drivers\gbpkm.sys 2014-10-30 15:29:58 29400 ----a-w- c:\windows\system32\drivers\gbpndisrdn.sys 2014-10-12 14:07:28 71944 ----a-w- c:\windows\system32\drivers\aswstm.sys 2014-10-12 14:07:28 192352 ----a-w- c:\windows\system32\drivers\aswVmm.sys 2014-10-12 14:07:27 81768 ----a-w- c:\windows\system32\drivers\aswRdr2.sys 2014-10-12 14:07:27 67824 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys 2014-10-12 14:07:27 49944 ----a-w- c:\windows\system32\drivers\aswRvrt.sys 2014-10-12 14:07:27 24184 ----a-w- c:\windows\system32\drivers\aswHwid.sys 2014-10-12 14:07:26 43152 ----a-w- c:\windows\avastSS.scr 2014-09-15 00:42:27 2377216 ----a-w- c:\windows\system32\win32k.sys 2010-01-26 13:11:08 444283 ----a-w- c:\program files\common files\WinPcapNmap.exe . ============= FINISH: 17:19:20,92 =============== Attach.txt . UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT . DDS (Ver_2012-11-20.01) . Microsoft Windows 7 Ultimate Boot Device: \Device\HarddiskVolume1 Install Date: 05/02/2011 21:07:44 System Uptime: 07/12/2014 17:03:49 (0 hours ago) . Motherboard: Dell Inc. | | Processor: Intel® Core i3 CPU M 380 @ 2.53GHz | U2E1 | 2533/133mhz . ==== Disk Partitions ========================= . C: is FIXED (NTFS) - 98 GiB total, 14,865 GiB free. D: is FIXED (NTFS) - 20 GiB total, 5,623 GiB free. E: is FIXED (NTFS) - 349 GiB total, 91,599 GiB free. F: is CDROM () I: is CDROM () . ==== Disabled Device Manager Items ============= . ==== System Restore Points =================== . RP413: 07/11/2014 11:30:42 - Windows Update RP414: 09/11/2014 19:01:06 - Backup do Windows RP415: 16/11/2014 19:01:21 - Backup do Windows RP416: 07/12/2014 15:26:19 - Windows Update RP417: 07/12/2014 16:29:56 - Windows Update . ==== Installed Programs ====================== . Adobe Flash Player 12 ActiveX Adobe Reader X (10.1.4) - Português Apple Mobile Device Support Apple Software Update Arquivo do WinRAR Atheros Communications Inc.® AR81Family Gigabit/Fast Ethernet Driver Auto Gordian Knot 2.55 AutoCAD Architecture 2011 - English AutoCAD Architecture 2011 Language Pack - English Autodesk Design Review 2011 Autodesk Material Library 2011 Autodesk Material Library 2011 Base Image library Autodesk Material Library 2011 Medium Image library Avanquest update avast! Free Antivirus AviSynth 2.5 Bonjour CCleaner Compatibility Pack for the 2007 Office system Controle ActiveX do Windows Live Mesh para Conexões Remotas CorelDRAW Graphics Suite 12 CorelDRAW Graphics Suite X4 CorelDRAW Graphics Suite X4 - Capture CorelDRAW Graphics Suite X4 - Content CorelDRAW Graphics Suite X4 - Draw CorelDRAW Graphics Suite X4 - Filters CorelDRAW Graphics Suite X4 - FontNav CorelDRAW Graphics SUite X4 - ICA CorelDRAW Graphics Suite X4 - IPM CorelDRAW Graphics Suite X4 - Lang BR CorelDRAW Graphics Suite X4 - PP CorelDRAW Graphics Suite X4 - VBA CorelDRAW® Graphics Suite X4 CorelDRAW® Graphics Suite X4 - Windows Shell Extension CutePDF Writer 2.8 D3DX10 Emonitor Facebook Video Calling 3.1.0.521 FactoryTalk Activation Server 3.01 (CPR 9 SR 1) FARO LS 1.1.406.58 Foxit Reader Free 3GP Video Converter version 3.7.23.324 Free AVI to WMV Converter Free Screen Video Capture by Topviewsoft 4.1.7 Freemake Video Converter versão 4.1.3 Ganhos de Capital 2012 GetRight GlobalEnglish Learning Technology GlobalEnglish LinGo Google Chrome Google Earth Google Update Helper Gupta SQLBase 9.0.1 Server HASP Device Drivers Hotfix for Microsoft .NET Framework 4 Client Profile (KB2461678) HP Deskjet 2510 series Ajuda HP Deskjet 2510 series Estudo de aprimoramento de produtos HP Deskjet 2510 series Setup Guide HP Deskjet 2510 series Software básico do dispositivo HP Update Intel PROSet Wireless Intel® Graphics Media Accelerator Driver Intel® Management Engine Components IRPF2011 - Declaração de Ajuste Anual, Final de Espólio e Saída Definitiva do País IRPF2012 - Declaração de Ajuste Anual, Final de Espólio e Saída Definitiva do País IRPF2013 - Declaração de Ajuste Anual, Final de Espólio e Saída Definitiva do País IRPF2014 - Declaração de Ajuste Anual, Final de Espólio e Saída Definitiva do País iTunes Java 7 Update 67 Java Auto Updater Java 6 Update 18 Java 6 Update 31 JavaFX 2.1.1 Junk Mail filter update K-Lite Mega Codec Pack 5.0.5 KT400 Replay Longman Dictionary of Contemporary English 5th Edition Módulo de Segurança - Banco do Brasil MATLAB R2010b ME'scopeVES 5.1.2010.1215 Mesh Runtime Messenger Companion Microsoft .NET Framework 1.1 Microsoft .NET Framework 4 Client Profile Microsoft .NET Framework 4 Client Profile PTB Language Pack Microsoft Application Error Reporting Microsoft Default Manager Microsoft Office Professional Edição 2003 Microsoft Silverlight Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft SQL Server Compact 3.5 SP2 ENU Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 MiniAide Fat32 Formatter Home Edition version 1.05 Mobile Partner MSVCRT MSXML 4.0 SP3 Parser MSXML 4.0 SP3 Parser (KB2721691) MSXML 4.0 SP3 Parser (KB2758694) MSXML 4.0 SP3 Parser (KB973685) MyFreeCodec Need for Speed Hot Pursuit Nero Lite 9.2.6.0 Build.2.2 Pacote de Idiomas do Microsoft .NET Framework 4 Client Profile - Português (Brasil) PDFCreator PMB QuickSet32 QuickTime Realtek High Definition Audio Driver Realtek USB 2.0 Card Reader Receitanet Recuva Rockwell Windows Firewall Configuration Utility 1.00.03 Samsung Kies SAMSUNG USB Driver for Mobile Phones Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708) Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663) Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636) Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078) Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121) Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405) Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827) Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449) Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019) Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595) Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642) Security Update for Pacote de Idiomas do Microsoft .NET Framework 4 Client Profile - Português (Brasil) (KB2478663) Security Update for Pacote de Idiomas do Microsoft .NET Framework 4 Client Profile - Português (Brasil) (KB2518870) Skype Click to Call Skype™ 6.11 Software Intel® PROSet/Wireless WiFi Sony Ericsson PC Suite 3.204.00 Suporte para Aplicativos Apple swMSM Synaptics Pointing Device Driver UltraISO Premium V9.36 Uninstall 1.0.0.1 Update for Microsoft .NET Framework 4 Client Profile (KB2468871) Update for Microsoft .NET Framework 4 Client Profile (KB2533523) Update for Microsoft .NET Framework 4 Client Profile (KB2600217) VDownloader 3.9.1326 Visual Basic for Applications ® Core Visual Basic for Applications ® Core - English VobSub v2.23 (Remove Only) Warsaw 1.3.1 Windows Live Communications Platform Windows Live Essentials Windows Live Family Safety Windows Live Galeria de Fotos Windows Live ID Sign-in Assistant Windows Live Installer Windows Live Mail Windows Live Mesh Windows Live Messenger Windows Live Messenger Companion Core Windows Live MIME IFilter Windows Live Movie Maker Windows Live Photo Common Windows Live Photo Gallery Windows Live PIMT Platform Windows Live Remote Client Windows Live Remote Client Resources Windows Live Remote Service Windows Live Remote Service Resources Windows Live SOXE Windows Live SOXE Definitions Windows Live Sync ActiveX Control for Remote Connections Windows Live UX Platform Windows Live UX Platform Language Pack Windows Live Writer Windows Live Writer Resources WinPcap 4.1.1 XviD MPEG4 Video Codec (remove only) . ==== End Of File ===========================
  7. Se optar pelo redimensionamento e instalação em nova partição, será que o notebook perde a garantia?
  8. Comprei um Inspiron 14R de 500GB de HD e Win7 Home basic. Tenho um programa que só roda em WinXP que precisarei usar no notebook. O que é melhor ou mais indicado fazer: 1-Instalar o WinXP em nova partição criada (utilizando programa específico para redimensionar o espaço em disco)? Se fizer isto, será que perco a garantia? 2-Instalar o WinXP em máquina virtual? Nunca vi funcionar, se rá que dá certo?
  9. Sobre os arquivos listados no post 11 pelo Kaspersky Removal Tool, já removi todos. Vou verificar a situação dos travamentos, mas pelo que vejo já não mais tem haver com esta sessão do fórum. Agradeço imensamente pela ajuda!!
  10. he, he, heOk, ok, desculpe pela vergonha que passei!!! Mas dei o exemplo da música para tentar expressar o que está ocorrendo com o pc (sobre as "pausas" ou "travadas" ou sei lá como se chamam!). De qualquer forma vou tentar rodar o CCleaner, mas meu pc está precisando mesmo é de um upgrade ou pelo menos ser formatado. Sobre a infecção do pc, pergunto: 1-O log agora está limpo? 2-Os spywares (ou outro nome para os "infectores") eram do tipo que confiscam senhas e afins? (para saber se preciso tomar outra medida tipo entrar em contato com meu banco, porque já vi você recomendando isto em outro tópico).
  11. Bem, sobre o computador, ainda acho que tem algum problema: por exemplo, se executo um arquivo de audio, ele fica dando "pausas". Mas não é só com arquivos de audio. Em geral como no exemplo do arquivo de audio, o computador parece sempre estar com alguma coisa sendo executada que trava, e neste momento o led que indica o processamento fica sempre aceso. Não sei se me expressei bem mas é isto.
  12. Fiz executei o programa duas vezes. Na primeira, ele encontrou 11 objetos. e da segunda nenhum. Autoscan: malfunction (events: 11, objects: 0, time: Unknown) 27/5/2010 23:20:11 Task started 28/5/2010 00:38:00 Detected: Trojan-Dropper.Win32.Delf.eex F:\Back-up\Leonardo\pendrive 26.09\TRASFORMAR_TEXTO_EM_AUDIO(1).rar/BY -Cachorro louco-----TRASFORMAR TEXTO EM AUDIO/TextAloud 2.221.exe/data0000/ASPack 28/5/2010 00:57:54 Detected: Trojan.Win32.Vapsup.wgj F:\Programas\Fase II\Crack's\VistaActivator.exe 28/5/2010 01:01:36 Detected: Trojan.Win32.StartPage.adn F:\Programas\Fase II\Foto-Audio-Video\AnyDVD 3.2.1.1 + CloneDVD 1.3.11.2 + CloneCD 4.3.1.9 + Virtual CD + ClonyXXL v2015 + Profiler v12.rar/AnyDVD et CloneDVD et CloneCD et Profiler et ClonyXXL/CloneCD Fr v4319/keygen.exe/ExeStealth/ASPack 28/5/2010 06:20:24 Deleted: Trojan-Dropper.Win32.Delf.eex F:\Back-up\Leonardo\pendrive 26.09\TRASFORMAR_TEXTO_EM_AUDIO(1).rar 28/5/2010 06:20:30 Deleted: Trojan.Win32.StartPage.adn F:\Programas\Fase II\Foto-Audio-Video\AnyDVD 3.2.1.1 + CloneDVD 1.3.11.2 + CloneCD 4.3.1.9 + Virtual CD + ClonyXXL v2015 + Profiler v12.rar/AnyDVD et CloneDVD et CloneCD et Profiler et ClonyXXL/CloneCD Fr v4319/keygen.exe 28/5/2010 06:20:32 Deleted: Trojan.Win32.Vapsup.wgj F:\Programas\Fase II\Crack's\VistaActivator.exe 28/5/2010 06:20:38 Detected: not-a-virus:AdWare.Win32.CommonName.aq F:\Programas\Fase II\Foto-Audio-Video\AnyDVD 3.2.1.1 + CloneDVD 1.3.11.2 + CloneCD 4.3.1.9 + Virtual CD + ClonyXXL v2015 + Profiler v12.rar/AnyDVD et CloneDVD et CloneCD et Profiler et ClonyXXL/CloneDVD 1.3.11.2/SetupCloneDVD.exe 28/5/2010 06:20:52 Deleted: not-a-virus:AdWare.Win32.CommonName.aq F:\Programas\Fase II\Foto-Audio-Video\AnyDVD 3.2.1.1 + CloneDVD 1.3.11.2 + CloneCD 4.3.1.9 + Virtual CD + ClonyXXL v2015 + Profiler v12.rar/AnyDVD et CloneDVD et CloneCD et Profiler et ClonyXXL/CloneDVD 1.3.11.2/SetupCloneDVD.exe 28/5/2010 06:51:44 Detected: not-a-virus:AdWare.Win32.Dap.f F:\Programas\Fase II\Utilitários 2\Cracks\Download[1].Accelerator.Plus.v7.2.0.0.rar/DAP.exe 28/5/2010 06:58:21 Detected: not-a-virus:AdWare.Win32.NavExcel.d F:\Programas\Fase II\Utilitários 2\Retirar Audio de DVD\Zilla CD-DVD Rip N' Burn 5.0.0.3\zrnb5003.exe/data0001/NHInstall.exe Autoscan: completed 1 hour ago (events: 2, objects: 841170, time: 05:25:33) 5/6/2010 11:03:04 Task started 5/6/2010 16:28:37 Task completed
  13. Olá, Então, acho que o problema é com a Sky mesmo. No aparelho de DVD, que está conectado à tv pela entrada de video componete e o audio conectado ao som, não vejo nenhum delay. Para testar, conectei o DVD na conexão de AVI, mantendo o audio no aparelho de som e também não observei nenhum delay. Na Sky, com o audio conectado à tv, o problema diminui, mas se observar bem ainda tem um delay, mas menor. E não são com todos os canais. Ainda não tive tempo de ligar na Sky, mas vou fazer isto. De toda forma, com os testes feitos no DVD posso concluir que a tv não é o problema. Logo que fazer o contato na Sky posto posto o feedback a este respeito.
  14. Testei o DVD pela conexão AVI e não observei o delay no audio como com a Sky, ou seja posso agora pressupor que a tv está normal. Com isto aparentemente não é um problema da tv (de suas entradas AVI). Também seria muito estranho a tv dar um problema só nestas entradas. Testei outro aparelho da Sky (tenho 2 pontos) e não vi diferença. Como comentei, ligando o audio da AVI da Sky na tv não vejo o delay, somente em alguns canais. Comprei junto com esta tv uma outra LG 26LH20R e nela não observo o delay (o audio e video estão ligados diretos na tv). Vou fazer outros testes antes de tomar qualquer decisão, mas acho mesmo que a tv está normal... O processamento da imagem na tv 47LH50YD é mais lento que na 26LH20R? Porque como comentei, o audio da Sky está ligado nestas duas tv pelas conexões AVI, e mesmo assim vejo delay em alguns canais na tv de 47", o que não ocorre na tv de 26" (comparando os mesmos canais). Com o audio ligado no som na tv de 47" o delay é maior. Vou fazer teste ligando o audio da tv de 26" no som. De toda forma, o delay só está ocorrendo na Sky, logo posso definir que a tv 47LH50YD não possui defeito, certo?
  15. Fiz novo scaner com o ComboFix com o pendrive conectado (post do do log abaixo). Novamente o pc não reiniciou, tendo que fazê-lo manualmente. Log ComboFix: ComboFix 10-05-24.03 - Leonardo 26/05/2010 18:44:11.2.1 - x86 Microsoft Windows XP Professional 5.1.2600.3.1252.55.1046.18.1023.599 [GMT -3:00] Executando de: c:\documents and settings\Leonardo\Desktop\ComboFix.exe AV: avast! Antivirus *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D} . (((((((((((((((( Arquivos/Ficheiros criados de 2010-04-26 to 2010-05-26 )))))))))))))))))))))))))))) . 2010-05-23 13:45 . 2010-05-23 13:45 503808 ----a-w- c:\documents and settings\Administrador\Dados de aplicativos\Sun\Java\Deployment\cache\6.0\46\f84c6ae-2c5c2d4c-n\msvcp71.dll 2010-05-23 13:45 . 2010-05-23 13:45 348160 ----a-w- c:\documents and settings\Administrador\Dados de aplicativos\Sun\Java\Deployment\cache\6.0\46\f84c6ae-2c5c2d4c-n\msvcr71.dll 2010-05-23 13:45 . 2010-05-23 13:45 499712 ----a-w- c:\documents and settings\Administrador\Dados de aplicativos\Sun\Java\Deployment\cache\6.0\46\f84c6ae-2c5c2d4c-n\jmc.dll 2010-05-23 13:44 . 2010-05-23 13:44 -------- d-----w- c:\documents and settings\Administrador\Dados de aplicativos\Corel 2010-05-23 13:40 . 2010-05-23 13:40 -------- d-----w- c:\documents and settings\Administrador\Tracing 2010-05-19 21:12 . 2010-05-06 20:39 46672 ----a-w- c:\windows\system32\drivers\aswTdi.sys 2010-05-19 21:12 . 2010-05-06 20:39 164048 ----a-w- c:\windows\system32\drivers\aswSP.sys 2010-05-19 21:12 . 2010-05-06 20:34 23376 ----a-w- c:\windows\system32\drivers\aswRdr.sys 2010-05-19 21:12 . 2010-05-06 20:33 100432 ----a-w- c:\windows\system32\drivers\aswmon2.sys 2010-05-19 21:12 . 2010-05-06 20:33 94800 ----a-w- c:\windows\system32\drivers\aswmon.sys 2010-05-19 21:12 . 2010-05-06 20:33 19024 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys 2010-05-19 21:12 . 2010-05-06 20:33 28880 ----a-w- c:\windows\system32\drivers\aavmker4.sys 2010-05-19 21:12 . 2010-05-06 20:59 38848 ----a-w- c:\windows\system32\avastSS.scr 2010-05-19 21:12 . 2010-05-06 20:59 165032 ----a-w- c:\windows\system32\aswBoot.exe 2010-05-19 21:12 . 2010-05-19 21:12 -------- d-----w- c:\documents and settings\All Users\Dados de aplicativos\Alwil Software 2010-05-19 21:12 . 2010-05-19 21:12 -------- d-----w- c:\arquivos de programas\Alwil Software 2010-05-03 14:48 . 2010-05-03 14:48 -------- d-----w- c:\documents and settings\Leonardo\.Spring 2010-05-03 14:44 . 2010-05-03 15:07 -------- d-----w- c:\arquivos de programas\Spring515_Portugues_x86 2010-04-26 23:33 . 2010-04-26 23:34 -------- d-----w- c:\arquivos de programas\QuickTime 2010-04-26 23:33 . 2010-04-26 23:33 -------- d-----w- c:\documents and settings\All Users\Dados de aplicativos\Apple Computer 2010-04-26 23:32 . 2010-04-26 23:32 -------- d-----w- c:\arquivos de programas\Arquivos comuns\Apple 2010-04-26 22:40 . 2010-04-26 22:40 -------- d-----w- c:\arquivos de programas\GlobalEnglish 2010-04-26 22:40 . 2010-04-26 22:40 -------- d-----w- c:\windows\Downloaded Installations 2010-04-26 22:19 . 2010-04-26 22:23 -------- d-----w- c:\windows\speech . ((((((((((((((((((((((((((((((((((((( Relatório Find3M )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2010-05-26 02:22 . 2009-02-23 12:32 -------- d-----w- c:\documents and settings\All Users\Dados de aplicativos\Google Updater 2010-05-20 20:33 . 2002-12-30 01:01 -------- d---a-w- c:\documents and settings\All Users\Dados de aplicativos\TEMP 2010-05-19 21:01 . 2008-09-28 19:58 -------- d-----w- c:\arquivos de programas\GetRight 2010-05-17 16:53 . 2008-09-28 17:33 -------- d-----w- c:\documents and settings\All Users\Dados de aplicativos\DVD Shrink 2010-05-16 13:37 . 2009-02-22 23:16 -------- d-----w- c:\arquivos de programas\Google 2010-05-12 14:21 . 2009-10-12 11:25 221568 ------w- c:\windows\system32\MpSigStub.exe 2010-04-17 03:04 . 2010-04-17 03:04 -------- d-----w- c:\documents and settings\All Users\Dados de aplicativos\BVRP Software 2010-04-17 03:02 . 2010-04-17 03:02 -------- d-----w- c:\documents and settings\All Users\Dados de aplicativos\Sony Ericsson 2010-04-17 03:02 . 2009-01-07 01:14 -------- d-----w- c:\arquivos de programas\Sony Ericsson 2010-04-17 03:02 . 2008-09-28 17:35 -------- d--h--w- c:\arquivos de programas\InstallShield Installation Information 2010-04-17 02:53 . 2010-04-17 02:53 -------- d-----w- c:\arquivos de programas\XP Codec Pack 2010-04-15 20:27 . 2002-12-30 01:21 -------- d-----w- c:\arquivos de programas\K-Lite Codec Pack 2010-04-13 23:56 . 2009-11-14 07:47 79488 ----a-w- c:\documents and settings\Leonardo\Dados de aplicativos\Sun\Java\jre1.6.0_17\gtapi.dll 2010-03-31 01:59 . 2010-03-31 01:59 -------- d-----w- c:\arquivos de programas\Macmillan 2010-03-26 03:09 . 2010-03-26 03:10 737280 ----a-w- c:\windows\iun6002.exe 2010-03-22 00:19 . 2009-11-13 12:26 79488 ----a-w- c:\documents and settings\Juliana\Dados de aplicativos\Sun\Java\jre1.6.0_17\gtapi.dll 2010-03-11 12:32 . 2004-08-04 03:45 832512 ----a-w- c:\windows\system32\wininet.dll 2010-03-11 12:32 . 2004-08-04 03:45 78336 ----a-w- c:\windows\system32\ieencode.dll 2010-03-11 12:31 . 2004-08-04 03:45 17408 ----a-w- c:\windows\system32\corpol.dll 2010-03-09 11:10 . 2004-08-04 03:45 430080 ----a-w- c:\windows\system32\vbscript.dll . ((((((((((((((((((((((((((((( SnapShot@2010-05-25_03.13.11 ))))))))))))))))))))))))))))))))))))))))) . + 2010-05-26 19:59 . 2010-05-26 19:59 16384 c:\windows\Temp\Perflib_Perfdata_278.dat . (((((((((((((((((((((((((( Pontos de Carregamento do Registro ))))))))))))))))))))))))))))))))))))))) . . *Nota* entradas vazias e legítimas por defeito não são mostradas. REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "msnmsgr"="c:\arquivos de programas\Windows Live\Messenger\msnmsgr.exe" [2009-07-26 3883840] "Sony Ericsson PC Suite"="c:\arquivos de programas\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe" [2009-11-20 434176] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "USRpdA"="c:\windows\SYSTEM32\USRmlnkA.exe RunServices \Device\3cpipe-USRpdA" [X] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2005-08-02 7110656] "nwiz"="nwiz.exe" [2005-08-02 1519616] "NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2005-08-02 86016] "ASUS Probe"="c:\program files\ASUS\Probe\AsusProb.exe" [2002-12-06 617984] "Windows Defender"="c:\arquivos de programas\Windows Defender\MSASCui.exe" [2006-11-03 866584] "SNPSTD2"="c:\windows\vsnpstd2.exe" [2004-01-05 40960] "AdaptecDirectCD"="c:\arquivos de programas\Adaptec\Easy CD Creator 5\DirectCD\DirectCD.exe" [2009-01-19 684032] "SunJavaUpdateSched"="c:\arquivos de programas\Java\jre6\bin\jusched.exe" [2009-03-09 148888] "Acrobat Assistant 7.0"="c:\arquivos de programas\Adobe\Acrobat 7.0\Distillr\Acrotray.exe" [2004-12-14 483328] "Adobe Reader Speed Launcher"="c:\arquivos de programas\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-10-03 35696] "Adobe ARM"="c:\arquivos de programas\Arquivos comuns\Adobe\ARM\1.0\AdobeARM.exe" [2010-03-24 952768] "NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-09 155648] "QuickTime Task"="c:\arquivos de programas\QuickTime\QTTask.exe" [2010-03-18 421888] "avast5"="c:\arquiv~1\ALWILS~1\Avast5\avastUI.exe" [2010-05-06 2815192] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-13 15360] c:\documents and settings\Juliana\Menu Iniciar\Programas\Inicializar\ Ferramenta de Verifica‡Æo de M¡dia do Picture Motion Browser.lnk - c:\arquivos de programas\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe [2008-10-5 344064] c:\documents and settings\Leonardo\Menu Iniciar\Programas\Inicializar\ Ferramenta de Verifica‡Æo de M¡dia do Picture Motion Browser.lnk - c:\arquivos de programas\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe [2008-10-5 344064] c:\documents and settings\All Users\Menu Iniciar\Programas\Inicializar\ Adobe Acrobat Speed Launcher.lnk - c:\windows\Installer\{AC76BA86-1034-4700-7760-000000000002}\SC_Acrobat.exe [2009-12-13 25214] AutoCAD Startup Accelerator.lnk - c:\arquivos de programas\Arquivos comuns\Autodesk Shared\acstart16.exe [2005-3-5 10872] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice] @="Service" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys] @="Driver" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend] @="Service" [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Iniciar^Programas^Inicializar^KYESCAN.lnk] backup=c:\windows\pss\KYESCAN.lnkCommon Startup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\USRpdA] c:\windows\SYSTEM32\USRmlnkA.exe RunServices \Device\3cpipe-USRpdA [X] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CloneCDTray] 2001-12-19 15:59 49152 ----a-w- c:\arquivos de programas\Elaborate Bytes\CloneCD\CloneCDTray.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ElbyCheckElbyCDFL] 2001-12-06 16:09 45056 ----a-w- c:\arquivos de programas\Elaborate Bytes\CloneCD\ElbyCheck.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task] 2010-03-18 00:53 421888 ----a-w- c:\arquivos de programas\QuickTime\QTTask.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sony Ericsson PC Suite] 2009-11-20 13:17 434176 ----a-w- c:\arquivos de programas\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "c:\\Arquivos de programas\\Windows Live\\Messenger\\msnmsgr.exe"= "c:\\Arquivos de programas\\Sony Ericsson\\Sony Ericsson PC Suite\\SEPCSuite.exe"= "c:\\Arquivos de programas\\Java\\jre6\\bin\\javaw.exe"= R0 Si3112r;Silicon Image SiI 3112 SATARaid Controller;c:\windows\system32\drivers\SI3112r.sys [20/1/2006 05:10 97408] R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [19/5/2010 18:12 164048] R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [19/5/2010 18:12 19024] R2 SCNDRVP;SCNDRVP;c:\windows\system32\drivers\SCNDRVP.SYS [10/11/2008 22:25 64302] R2 WinDefend;Windows Defender;c:\arquivos de programas\Windows Defender\MsMpEng.exe [3/11/2006 19:19 13592] R3 seehcri;Sony Ericsson seehcri Device Driver;c:\windows\system32\drivers\seehcri.sys [16/4/2010 23:27 27632] S2 CX88XBAR;Conexant 2388x Crossbar;c:\windows\system32\drivers\cx88xbar.sys [11/6/2003 12:47 18176] S2 gupdate1c995b4108104b4;Google Update Service (gupdate1c995b4108104b4);c:\arquivos de programas\Google\Update\GoogleUpdate.exe [23/2/2009 09:41 133104] S2 OMSI download service;Sony Ericsson OMSI download service;c:\arquivos de programas\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe [17/4/2010 00:02 90112] S3 ggflt;SEMC USB Flash Driver Filter;c:\windows\system32\drivers\ggflt.sys [25/1/2009 21:19 13224] S3 HPx9G+;HPx9G+ Device USB Driver;c:\windows\system32\drivers\HPx9G2k.sys [1/11/2008 09:31 12658] S3 RTL85n86;Realtek 8180/8185 Extensible 802.11 Wireless Device Driver;c:\windows\system32\drivers\RTL85n86.sys [16/3/2010 17:43 354816] S3 s0016bus;Sony Ericsson Device 0016 driver (WDM);c:\windows\system32\drivers\s0016bus.sys [17/4/2010 00:03 89256] S3 s0016mdfl;Sony Ericsson Device 0016 USB WMC Modem Filter;c:\windows\system32\drivers\s0016mdfl.sys [17/4/2010 00:03 15016] S3 s0016mdm;Sony Ericsson Device 0016 USB WMC Modem Driver;c:\windows\system32\drivers\s0016mdm.sys [17/4/2010 00:03 120744] S3 s0016mgmt;Sony Ericsson Device 0016 USB WMC Device Management Drivers (WDM);c:\windows\system32\drivers\s0016mgmt.sys [17/4/2010 00:03 114216] S3 s0016nd5;Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (NDIS);c:\windows\system32\drivers\s0016nd5.sys [17/4/2010 00:03 25512] S3 s0016obex;Sony Ericsson Device 0016 USB WMC OBEX Interface;c:\windows\system32\drivers\s0016obex.sys [17/4/2010 00:03 110632] S3 s0016unic;Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (WDM);c:\windows\system32\drivers\s0016unic.sys [17/4/2010 00:03 115752] S3 s0017bus;Sony Ericsson Device 0017 driver (WDM);c:\windows\system32\drivers\s0017bus.sys [4/2/2009 17:22 86824] S3 s0017mdfl;Sony Ericsson Device 0017 USB WMC Modem Filter;c:\windows\system32\drivers\s0017mdfl.sys [4/2/2009 17:22 15016] S3 s0017mdm;Sony Ericsson Device 0017 USB WMC Modem Driver;c:\windows\system32\drivers\s0017mdm.sys [4/2/2009 17:22 114600] S3 s0017mgmt;Sony Ericsson Device 0017 USB WMC Device Management Drivers (WDM);c:\windows\system32\drivers\s0017mgmt.sys [4/2/2009 17:22 108328] S3 s0017nd5;Sony Ericsson Device 0017 USB Ethernet Emulation SEMC0017 (NDIS);c:\windows\system32\drivers\s0017nd5.sys [4/2/2009 17:22 26024] S3 s0017obex;Sony Ericsson Device 0017 USB WMC OBEX Interface;c:\windows\system32\drivers\s0017obex.sys [4/2/2009 17:22 104616] S3 s0017unic;Sony Ericsson Device 0017 USB Ethernet Emulation SEMC0017 (WDM);c:\windows\system32\drivers\s0017unic.sys [4/2/2009 17:22 109736] S3 s916bus;Sony Ericsson Device 916 driver (WDM);c:\windows\system32\drivers\s916bus.sys [6/1/2009 22:12 83496] S3 s916mdfl;Sony Ericsson Device 916 USB WMC Modem Filter;c:\windows\system32\drivers\s916mdfl.sys [6/1/2009 22:13 15016] S3 s916mdm;Sony Ericsson Device 916 USB WMC Modem Driver;c:\windows\system32\drivers\s916mdm.sys [6/1/2009 22:13 109992] S3 s916mgmt;Sony Ericsson Device 916 USB WMC Device Management Drivers (WDM);c:\windows\system32\drivers\s916mgmt.sys [6/1/2009 22:13 103976] S3 s916obex;Sony Ericsson Device 916 USB WMC OBEX Interface;c:\windows\system32\drivers\s916obex.sys [6/1/2009 22:13 100008] S3 SE31mgmt;Sony Ericsson Device 049 USB WMC Device Management Drivers (WDM);c:\windows\system32\drivers\SE31mgmt.sys [11/6/2009 20:50 88688] S3 se31nd5;Sony Ericsson Device 049 USB Ethernet Emulation SEMC49 (NDIS);c:\windows\system32\drivers\se31nd5.sys [11/6/2009 20:51 18704] S3 se31unic;Sony Ericsson Device 049 USB Ethernet Emulation SEMC49 (WDM);c:\windows\system32\drivers\se31unic.sys [11/6/2009 20:51 90800] . Conteúdo da pasta 'Tarefas Agendadas' 2010-04-02 c:\windows\Tasks\AppleSoftwareUpdate.job - c:\arquivos de programas\Apple Software Update\SoftwareUpdate.exe [2008-07-30 14:34] 2010-05-26 c:\windows\Tasks\Google Software Updater.job - c:\arquivos de programas\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-02-23 12:37] 2010-05-26 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\arquivos de programas\Google\Update\GoogleUpdate.exe [2009-02-23 12:41] 2010-05-26 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\arquivos de programas\Google\Update\GoogleUpdate.exe [2009-02-23 12:41] 2010-05-26 c:\windows\Tasks\MP Scheduled Scan.job - c:\arquivos de programas\Windows Defender\MpCmdRun.exe [2006-11-03 22:20] . . ------- Scan Suplementar ------- . uStart Page = hxxp://webmail.bms.com.br/ uSearchURL,(Default) = hxxp://www.google.com/keyword/%s IE: &Windows Live Search IE: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx IE: Converter destino de link em Adobe PDF IE: Converter destino de link em PDF existente IE: Converter em Adobe PDF - c:\arquivos de programas\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html IE: Converter em PDF existente IE: Converter links selecionados em Adobe PDF - c:\arquivos de programas\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html IE: Converter links selecionados em PDF existente IE: Converter seleção em Adobe PDF - c:\arquivos de programas\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html IE: Converter seleção em PDF existente - c:\arquivos de programas\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html IE: E&xportar para o Microsoft Excel - c:\arquiv~1\MICROS~1\OFFICE11\EXCEL.EXE/3000 Name-Space Handler: ftp\GetRightIEClickCatcher - {73BA8F12-723E-11D1-A9E2-00403320FCF2} - c:\arquiv~1\GetRight\xx2gr.dll Name-Space Handler: http\GetRightIEClickCatcher - {73BA8F12-723E-11D1-A9E2-00403320FCF2} - c:\arquiv~1\GetRight\xx2gr.dll FF - ProfilePath - c:\documents and settings\Leonardo\Dados de aplicativos\Mozilla\Firefox\Profiles\emts7e9n.default\ FF - prefs.js: browser.search.selectedEngine - Google FF - prefs.js: browser.startup.homepage - hxxp://www.google.com.br/webhp?hl=pt-BR FF - component: c:\arquivos de programas\GlobalEnglish\Firefox\Version3\webcomponent@globalenglish.com\components\geWebComponent.dll FF - plugin: c:\arquivos de programas\Google\Google Earth\plugin\npgeplugin.dll FF - plugin: c:\arquivos de programas\Google\Google Updater\2.4.1536.6592\npCIDetect13.dll FF - plugin: c:\arquivos de programas\Google\Update\1.2.183.23\npGoogleOneClick8.dll FF - plugin: c:\arquivos de programas\Microsoft\Office Live\npOLW.dll FF - plugin: c:\arquivos de programas\Mozilla Firefox\plugins\np-mswmp.dll FF - plugin: c:\arquivos de programas\Unity\WebPlayer\loader\npUnity3D32.dll FF - plugin: c:\arquivos de programas\Windows Live\Photo Gallery\NPWLPG.dll FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ ---- FIREFOX POLICIES ---- c:\arquivos de programas\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".com.br"); . ************************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2010-05-26 18:49 Windows 5.1.2600 Service Pack 3 NTFS Procurando processos ocultos ... Procurando entradas auto inicializáveis ocultas ... Procurando ficheiros/arquivos ocultos ... Varredura completada com sucesso arquivos/ficheiros ocultos: 0 ************************************************************************** . --------------------- CHAVES DO REGISTRO BLOQUEADAS --------------------- [HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\h–€|ÿÿÿÿ¤•€|ù•6~*] "6140110900063D11C8EF10054038389C"="C?\\WINDOWS\\system32\\FM20ENU.DLL" . --------------------- DLLs Carregadas Sob os Processos em Execução --------------------- - - - - - - - > 'explorer.exe'(1692) c:\windows\system32\WININET.dll c:\windows\system32\WPDShServiceObj.dll c:\windows\system32\PortableDeviceTypes.dll c:\windows\system32\PortableDeviceApi.dll . Tempo para conclusão: 2010-05-26 18:51:37 ComboFix-quarantined-files.txt 2010-05-26 21:51 ComboFix2.txt 2010-05-25 03:14 Pré-execução: 4.570.554.368 bytes disponíveis Pós execução: 4.529.176.576 bytes disponíveis - - End Of File - - 7053FEF011F5C2567B23BA75849FED03

Sobre o Clube do Hardware

No ar desde 1996, o Clube do Hardware é uma das maiores, mais antigas e mais respeitadas publicações sobre tecnologia do Brasil. Leia mais

Direitos autorais

Não permitimos a cópia ou reprodução do conteúdo do nosso site, fórum, newsletters e redes sociais, mesmo citando-se a fonte. Leia mais

×