Ir ao conteúdo
  • Comunicados

    • diego_moicano

      Gostaria de se tornar um analista em Remoção de Malware?   07-12-2015

      Gostaria de se tornar um analista em Remoção de Malware? O Fórum Clube do Hardware deu início a um programa de treinamento em análises de log. Os interessados deverão enviar um email para aprendizes (arroba) clubedohardware (ponto) com (ponto) br respondendo as seguintes perguntas: Por que você gostaria de aprender a analisar logs? Possui tempo hábil para o treinamento? Tem conhecimentos em informática? Se sim descreva-os. Possui inglês para leitura? Qual seu objetivo após completar o treinamento?   Não se esqueça de incluir no e-mail o seu nome de usuário (fornecer o link também), idade e cidade onde vive. Adicione também qualquer experiência e/ou razão sobre o porquê você seria um bom Analista. É digno de nota que apenas os que forem selecionados receberão resposta por MP (Mensagem Pessoal), não existe um padrão na escolha dos futuros aprendizes, todos os e-mails serão lidos e serão analisados de forma imparcial, portanto não será permitido reclamações neste aspecto. O treinamento é dado no próprio fórum. Quando um aprendiz é selecionado ele é movido para um novo grupo, onde terá acesso a fóruns fechados para os demais usuários onde poderá dar inicio ao seu treinamento. Importante: A cada 30 dias os e-mails não selecionados serão apagados, portanto você pode enviar um novo e-mail após 1 mês, e-mails enviados antes serão desconsiderados.  
    • Gabriel Torres

      Seja um moderador do Clube do Hardware!   12-02-2016

      Prezados membros do Clube do Hardware, Está aberto o processo de seleção de novos moderadores para diversos setores ou áreas do Clube do Hardware. Os requisitos são:   Pelo menos 500 posts e um ano de cadastro; Boa frequência de participação; Ser respeitoso, cordial e educado com os demais membros; Ter bom nível de português; Ter razoável conhecimento da área em que pretende atuar; Saber trabalhar em equipe (com os moderadores, coordenadores e administradores).   Os interessados deverão enviar uma mensagem privada para o usuário @Equipe Clube do Hardware com o título "Candidato a moderador". A mensagem deverá conter respostas às perguntas abaixo:   Qual o seu nome completo? Qual sua data de nascimento? Qual sua formação/profissão? Já atuou como moderador em algo outro fórum, se sim, qual? De forma sucinta, explique o porquê de querer ser moderador do fórum e conte-nos um pouco sobre você.   OBS: Não se trata de função remunerada. Todos que fazem parte do staff são voluntários.
Entre para seguir isso  
Ravenkrafter

GabPath

Recommended Posts

estou tentando excluir o Gabpath mas aparece sempre que ele está sendo executado por ele mesmo, e meu anti-vírus não consegue detectá-lo. ó que eu devo fazer para deletar ele do meu PC?

log DDS

DDS (Ver_2011-08-26.01) - NTFSAMD64

Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 1.6.0_30

Run by Gustavo at 16:47:29 on 2012-02-13

Microsoft Windows 7 Home Basic 6.1.7601.1.1252.55.1046.18.3839.2113 [GMT -2:00]

.

AV: Norton Internet Security *Disabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}

SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

SP: Norton Internet Security *Enabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}

FW: Norton Internet Security *Disabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}

.

============== Running Processes ===============

.

C:\Windows\system32\wininit.exe

C:\Windows\system32\lsm.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\system32\nvvsvc.exe

C:\PROGRA~2\GbPlugin\GbpSv.exe

C:\Windows\system32\svchost.exe -k RPCSS

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\svchost.exe -k NetworkService

C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe

C:\Windows\system32\nvvsvc.exe

C:\Windows\System32\spoolsv.exe

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\ProgramData\DatacardService\DCService.exe

C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe

C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe

C:\Program Files (x86)\Norton Internet Security\Engine\18.7.0.13\ccSvcHst.exe

C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe

C:\Program Files (x86)\PDF Complete\pdfsvc.exe

C:\Program Files (x86)\Scpad\scpVista.exe

C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe

C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe

C:\Windows\system32\SearchIndexer.exe

C:\Windows\system32\WUDFHost.exe

C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe

C:\Windows\system32\taskhost.exe

C:\Program Files (x86)\Norton Internet Security\Engine\18.7.0.13\ccSvcHst.exe

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\ProgramData\DatacardService\DCSHelper.exe

C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe

C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe

C:\Windows\Philips\SPC230NC\Monitor.exe

C:\Program Files (x86)\Ares\Ares.exe

C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe

C:\Users\Gustavo\AppData\Roaming\GabPath\gabpath.exe

C:\Program Files (x86)\PIXELA\Everio MediaBrowser\MBCameraMonitor.exe

C:\Program Files (x86)\Philips\Philips SPC230NC Webcam\TrayMin230.exe

C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE

C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe

C:\Program Files (x86)\Yuna Software\Messenger Plus!\PlusService.exe

C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe

C:\Nexon\NEXON_EU_Downloader\NEXON_EU_Downloader_Engine.exe

C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe

C:\Program Files\Windows Media Player\wmpnetwk.exe

C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe

C:\Windows\SysWOW64\Macromed\Flash\FlashUtil11e_ActiveX.exe

C:\Program Files (x86)\Internet Explorer\iexplore.exe

C:\Program Files (x86)\Internet Explorer\iexplore.exe

C:\Program Files (x86)\Internet Explorer\iexplore.exe

C:\Windows\system32\SearchProtocolHost.exe

C:\Windows\system32\SearchFilterHost.exe

C:\Windows\system32\DllHost.exe

C:\Windows\system32\DllHost.exe

C:\Windows\SysWOW64\cmd.exe

C:\Windows\system32\conhost.exe

C:\Windows\SysWOW64\cscript.exe

C:\Windows\system32\wbem\wmiprvse.exe

.

============== Pseudo HJT Report ===============

.

uStart Page = hxxp://www.google.com.br/

mWinlogon: Userinit=userinit.exe

BHO: ActiveCollectorPluginBHO Class: {07202b0d-149c-4568-90df-acc2b4057809} - C:\Program Files (x86)\NetNucleous\ActiveCollector\ActiveCollectorPlugin.dll

BHO: QuickStores-Toolbar: {10edb994-47f8-43f7-ae96-f2ea63e9f90f} - mscoree.dll

BHO: ssh2 Class: {2e3c3651-b19c-4dd9-a979-901ec3e930af} - C:\Program Files (x86)\Scpad\scpsssh2.dll

BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll

BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File

BHO: Symantec NCO BHO: {602adb0e-4aff-4217-8aa1-95dac4dfa408} - C:\Program Files (x86)\Norton Internet Security\Engine\18.7.0.13\coIEPlg.dll

BHO: Symantec Intrusion Prevention: {6d53ec84-6aae-4787-aeee-f4628f01010c} - C:\Program Files (x86)\Norton Internet Security\Engine\18.7.0.13\IPS\IPSBHO.DLL

BHO: Java Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll

BHO: Auxiliar de Conexão do Windows Live: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

BHO: Office Document Cache Handler: {b4f3a835-0e21-4959-ba22-42b3008e02ff} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL

BHO: GbIehObj Class: {c41a1c0e-ea6c-11d4-b1b8-444553540003} - C:\Program Files (x86)\GbPlugin\gbiehcef.dll

BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll

TB: Norton Toolbar: {7febefe3-6b19-4349-98d2-ffb09d4b49ca} - C:\Program Files (x86)\Norton Internet Security\Engine\18.7.0.13\coIEPlg.dll

TB: QuickStores-Toolbar: {10edb994-47f8-43f7-ae96-f2ea63e9f90f} - mscoree.dll

uRun: [HPAdvisorDock] C:\Program Files (x86)\Hewlett-Packard\HP Advisor\DOCK\HPAdvisorDock.exe

uRun: [ares] "C:\Program Files (x86)\Ares\Ares.exe" -h

uRun: [Philips Intelligent Agent] "C:\Program Files (x86)\Philips\Intelligent Agent\Philips Intelligent Agent.exe" /SILENT

uRun: [MessengerPlus3] "C:\Program Files (x86)\MessengerPlus! 3\MsgPlus.exe" /WinStart

uRun: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background

uRun: [GabPath] C:\Users\Gustavo\AppData\Roaming\GabPath\gabpath.exe

uRun: [ActiveCollector] C:\Program Files\NetNucleous\ActiveCollector\ActiveCollector.exe

uRun: [KPeerNexonEU] C:\Nexon\NEXON_EU_Downloader\nxEULauncher.exe

mRun: [PDF Complete] C:\Program Files (x86)\PDF Complete\pdfsty.exe

mRun: [HP Software Update] c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe

mRun: [<NO NAME>]

mRun: [Norton Online Backup] C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe

mRun: [PlusService] C:\Program Files (x86)\Yuna Software\Messenger Plus!\PlusService.exe

mRun: [TkBellExe] "c:\program files (x86)\real\realplayer\Update\realsched.exe" -osboot

mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime

mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"

mRun: [LogMeIn Hamachi Ui] "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start

StartupFolder: C:\Users\Gustavo\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\ONENOT~1.LNK - C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE

StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\MBCAME~1.LNK - C:\Program Files (x86)\PIXELA\Everio MediaBrowser\MBCameraMonitor.exe

StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\TRAYMI~1.LNK - C:\Program Files (x86)\Philips\Philips SPC230NC Webcam\TrayMin230.exe

mPolicies-explorer: NoActiveDesktop = 1 (0x1)

mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)

mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)

mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)

mPolicies-system: EnableUIADesktopToggle = 0 (0x0)

IE: &Enviar para o OneNote - C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105

IE: E&xportar para o Microsoft Excel - C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000

IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll

IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

Trusted Zone: caixa.gov.br

Trusted Zone: clonewarsadventures.com

Trusted Zone: freerealms.com

Trusted Zone: soe.com

Trusted Zone: sony.com

DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab

DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} - hxxp://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab

DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} - hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab

DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab

DPF: {D27CDB6E-AE6D-11CF-96B8-444552440000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab

TCP: DhcpNameServer = 201.76.16.58 201.76.16.59 192.168.0.1

TCP: Interfaces\{3324A0FD-9568-4D8D-8C5F-A2AFE53FE13E} : DhcpNameServer = 201.76.16.58 201.76.16.59 192.168.0.1

Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL

Notify: GbPluginCef - C:\Program Files (x86)\GbPlugin\gbiehCef.dll

SSODL: CompIBBrd - {A3717295-941D-416F-9384-ED1736729F1C} - C:\Program Files (x86)\Scpad\scpLIB.dll

SEH: GbPluginObj Class: {e37cb5f0-51f5-4395-a808-5fa49e399003} - C:\Program Files (x86)\GbPlugin\gbiehcef.dll

{07202B0D-149C-4568-90DF-ACC2B4057809}

{10EDB994-47F8-43F7-AE96-F2EA63E9F90F}

{2E3C3651-B19C-4DD9-A979-901EC3E930AF}

{3049C3E9-B461-4BC5-8870-4C09146192CA}

BHO-X64: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File

{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}

{6D53EC84-6AAE-4787-AEEE-F4628F01010C}

{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}

{9030D464-4C02-4ABF-8ECC-5164760863C6}

{B4F3A835-0E21-4959-BA22-42B3008E02FF}

{C41A1C0E-EA6C-11D4-B1B8-444553540003}

{DBC80044-A445-435b-BC74-9C25C1C588A9}

{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA}

{10EDB994-47F8-43F7-AE96-F2EA63E9F90F}

mRun-x64: [PDF Complete] C:\Program Files (x86)\PDF Complete\pdfsty.exe

mRun-x64: [HP Software Update] c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe

mRun-x64: [(padrÆo)]

mRun-x64: [Norton Online Backup] C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe

mRun-x64: [PlusService] C:\Program Files (x86)\Yuna Software\Messenger Plus!\PlusService.exe

mRun-x64: [TkBellExe] "c:\program files (x86)\real\realplayer\Update\realsched.exe" -osboot

mRun-x64: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime

mRun-x64: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"

mRun-x64: [LogMeIn Hamachi Ui] "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start

SSODL-X64: CompIBBrd - {A3717295-941D-416F-9384-ED1736729F1C} - C:\Program Files (x86)\Scpad\scpLIB.dll

SEH-X64: {E37CB5F0-51F5-4395-A808-5FA49E399003}: GbPlugin ShlObj

.

================= FIREFOX ===================

.

FF - ProfilePath - C:\Users\Gustavo\AppData\Roaming\Mozilla\Firefox\Profiles\m5pid7y7.default\

FF - prefs.js: browser.startup.homepage - hxxp://www.google.com.br/

FF - prefs.js: keyword.URL - hxxp://www.queryscan.com/?tmp=nemo_results_removelink&prt=QryscanNN&keywords=

FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL

FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL

FF - plugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll

FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.99\npGoogleUpdate3.dll

FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll

FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrlui.dll

FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll

FF - plugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll

FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

FF - plugin: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll

FF - plugin: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll

FF - plugin: C:\Users\Gustavo\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll

FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll

.

============= SERVICES / DRIVERS ===============

.

R0 SymDS;Symantec Data Store;C:\Windows\system32\drivers\NISx64\1207000.00D\SYMDS64.SYS --> C:\Windows\system32\drivers\NISx64\1207000.00D\SYMDS64.SYS [?]

R0 SymEFA;Symantec Extended File Attributes;C:\Windows\system32\drivers\NISx64\1207000.00D\SYMEFA64.SYS --> C:\Windows\system32\drivers\NISx64\1207000.00D\SYMEFA64.SYS [?]

R1 BHDrvx64;BHDrvx64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.0.0.128\Definitions\BASHDefs\20120207.003_c15\BHDrvx64.sys [2012-2-7 1157240]

R1 IDSVia64;IDSVia64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.0.0.128\Definitions\IPSDefs\20120210.002\IDSviA64.sys [2012-2-11 488568]

R1 SymIRON;Symantec Iron Driver;C:\Windows\system32\drivers\NISx64\1207000.00D\Ironx64.SYS --> C:\Windows\system32\drivers\NISx64\1207000.00D\Ironx64.SYS [?]

R1 SymNetS;Symantec Network Security WFP Driver;C:\Windows\system32\Drivers\NISx64\1207000.00D\SYMNETS.SYS --> C:\Windows\system32\Drivers\NISx64\1207000.00D\SYMNETS.SYS [?]

R2 DCService.exe;DCService.exe;C:\ProgramData\DatacardService\DCService.exe [2010-5-8 229376]

R2 GbpSv;Gbp Service;C:\PROGRA~2\GbPlugin\GbpSv.exe [2012-1-13 208328]

R2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe [2012-2-7 2343816]

R2 HP Support Assistant Service;HP Support Assistant Service;C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe [2011-9-9 86072]

R2 HPDrvMntSvc.exe;HP Quick Synchronization Service;C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2011-3-28 94264]

R2 NIS;Norton Internet Security;C:\Program Files (x86)\Norton Internet Security\Engine\18.7.0.13\ccsvchst.exe [2012-1-31 130008]

R2 NOBU;Norton Online Backup;C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2010-6-1 2804568]

R2 pdfcDispatcher;PDF Document Manager;C:\Program Files (x86)\PDF Complete\pdfsvc.exe [2010-10-9 635416]

R2 scpVista;scpVista;C:\Program Files (x86)\Scpad\scpVista.exe [2010-12-20 136496]

R3 EraserUtilRebootDrv;EraserUtilRebootDrv;C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2012-2-4 138360]

R3 huawei_enumerator;huawei_enumerator;C:\Windows\system32\DRIVERS\ew_jubusenum.sys --> C:\Windows\system32\DRIVERS\ew_jubusenum.sys [?]

R3 PAEAFLT.sys;USB Composite Device;C:\Windows\system32\DRIVERS\PAEAFLT.sys --> C:\Windows\system32\DRIVERS\PAEAFLT.sys [?]

R3 SPC230NC;Philips SPC230NC Webcam;C:\Windows\system32\DRIVERS\SPC230NC.SYS --> C:\Windows\system32\DRIVERS\SPC230NC.SYS [?]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]

S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]

S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-2-2 136176]

S2 QueryScan Service;QueryScan Service;C:\ProgramData\QueryScan\queryscan123.exe [2011-6-3 40960]

S3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device;C:\Windows\system32\DRIVERS\ew_hwusbdev.sys --> C:\Windows\system32\DRIVERS\ew_hwusbdev.sys [?]

S3 gupdatem;Serviço do Google Update (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-2-2 136176]

S3 Mkd2Nadr;Mkd2Nadr;C:\Windows\System32\drivers\Mkd2Nadr.sys [2010-12-19 106040]

S3 Mkd3kfNt;Mkd3kfNt;C:\Windows\system32\drivers\Mkd3kfNt.sys --> C:\Windows\system32\drivers\Mkd3kfNt.sys [?]

S3 nmwcdnsux64;Nokia USB Flashing Phone Parent;C:\Windows\system32\drivers\nmwcdnsux64.sys --> C:\Windows\system32\drivers\nmwcdnsux64.sys [?]

S3 npggsvc;nProtect GameGuard Service;C:\Windows\system32\GameMon.des -service --> C:\Windows\system32\GameMon.des -service [?]

S3 osppsvc;Office Software Protection Platform;C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-1-9 4925184]

S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?]

.

=============== Created Last 30 ================

.

2012-02-10 22:23:28 -------- d-----w- C:\Program Files (x86)\LogMeIn Hamachi

2012-02-06 20:29:46 -------- d-----w- C:\ProgramData\{A8DA1505-E615-42BB-BB77-74D5CC91FE7E}

2012-02-06 15:52:38 33856 ---ha-w- C:\Windows\System32\hamachi.sys

2012-01-31 15:39:09 912504 ----a-w- C:\Windows\System32\drivers\NISx64\1207000.00D\symefa64.sys

2012-01-31 15:39:09 386168 ----a-w- C:\Windows\System32\drivers\NISx64\1207000.00D\symnets.sys

2012-01-31 15:39:08 744568 ----a-w- C:\Windows\System32\drivers\NISx64\1207000.00D\srtsp64.sys

2012-01-31 15:39:08 450680 ----a-w- C:\Windows\System32\drivers\NISx64\1207000.00D\symds64.sys

2012-01-31 15:39:08 40568 ----a-w- C:\Windows\System32\drivers\NISx64\1207000.00D\srtspx64.sys

2012-01-31 15:39:08 171128 ----a-w- C:\Windows\System32\drivers\NISx64\1207000.00D\ironx64.sys

2012-01-31 15:38:54 -------- d-----w- C:\Windows\System32\drivers\NISx64\1207000.00D

2012-01-18 23:42:45 -------- d-----w- C:\Users\Gustavo\AppData\Roaming\AnvSoft

2012-01-15 19:47:56 525544 ----a-w- C:\Windows\System32\deployJava1.dll

2012-01-15 19:40:23 472808 ----a-w- C:\Windows\SysWow64\deployJava1.dll

.

==================== Find3M ====================

.

2011-12-12 11:20:52 414368 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl

2011-12-01 10:52:02 235 ----a-w- C:\Windows\SysWow64\nxEuUninstall.bat

2011-12-01 10:51:58 446464 ----a-w- C:\Windows\NEXON_EU_DownloaderUpdater.exe

2011-11-24 04:52:09 3145216 ----a-w- C:\Windows\System32\win32k.sys

2011-11-19 14:58:00 77312 ----a-w- C:\Windows\System32\packager.dll

2011-11-19 14:01:00 67072 ----a-w- C:\Windows\SysWow64\packager.dll

2011-11-17 06:49:14 95600 ----a-w- C:\Windows\System32\drivers\ksecdd.sys

2011-11-17 06:49:14 152432 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys

2011-11-17 06:44:43 459232 ----a-w- C:\Windows\System32\drivers\cng.sys

2011-11-17 06:41:18 1731920 ----a-w- C:\Windows\System32\ntdll.dll

2011-11-17 06:35:28 395776 ----a-w- C:\Windows\System32\webio.dll

2011-11-17 06:35:26 29184 ----a-w- C:\Windows\System32\sspisrv.dll

2011-11-17 06:35:26 136192 ----a-w- C:\Windows\System32\sspicli.dll

2011-11-17 06:35:25 340992 ----a-w- C:\Windows\System32\schannel.dll

2011-11-17 06:35:25 28160 ----a-w- C:\Windows\System32\secur32.dll

2011-11-17 06:35:19 1447936 ----a-w- C:\Windows\System32\lsasrv.dll

2011-11-17 06:33:55 31232 ----a-w- C:\Windows\System32\lsass.exe

2011-11-17 05:38:39 1292080 ----a-w- C:\Windows\SysWow64\ntdll.dll

2011-11-17 05:35:02 314880 ----a-w- C:\Windows\SysWow64\webio.dll

2011-11-17 05:34:52 224768 ----a-w- C:\Windows\SysWow64\schannel.dll

2011-11-17 05:34:52 22016 ----a-w- C:\Windows\SysWow64\secur32.dll

2011-11-17 05:28:48 96768 ----a-w- C:\Windows\SysWow64\sspicli.dll

.

============= FINISH: 16:48:03,55 ===============

.

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

.

DDS (Ver_2011-08-26.01)

.

Microsoft Windows 7 Home Basic

Boot Device: \Device\HarddiskVolume1

Install Date: 18/12/2010 00:40:35

System Uptime: 13/02/2012 13:46:42 (3 hours ago)

.

Motherboard: PEGATRON CORPORATION | | 2A99

Processor: AMD Athlon II X2 220 Processor | CPU 1 | 2800/200mhz

.

==== Disk Partitions =========================

.

C: is FIXED (NTFS) - 453 GiB total, 370,275 GiB free.

D: is FIXED (NTFS) - 13 GiB total, 1,555 GiB free.

E: is CDROM ()

F: is Removable

.

==== Disabled Device Manager Items =============

.

==== System Restore Points ===================

.

RP174: 27/01/2012 01:17:33 - Ponto de Verificação Agendado

RP175: 05/02/2012 21:41:25 - Ponto de Verificação Agendado

RP176: 06/02/2012 18:29:59 - Installed HP Support Assistant

RP177: 06/02/2012 18:35:13 - Instalador de Módulos do Windows

RP178: 06/02/2012 18:36:13 - Instalador de Módulos do Windows

RP179: 09/02/2012 21:22:13 - Instalador de Módulos do Windows

RP180: 09/02/2012 21:23:04 - Instalador de Módulos do Windows

.

==== Installed Programs ======================

.

7 Wonders - Treasures of Seven

911 Screensaver 1.0

ActiveCollector

Adobe Shockwave Player 11.6

Apple Application Support

Apple Software Update

Ares 2.1.7

Arquivo do WinRAR

Assistente de Conexão do Windows Live

Bejeweled 2 Deluxe

BestPractice (remove only)

Chocolatier

Chuzzle Deluxe

Claro

Controle ActiveX do Windows Live Mesh para Conexões Remotas

Counter-Strike 2D 0.1.1.9

Counter-Strike CP

CyberLink DVD Suite Deluxe

Definition update for Microsoft Office 2010 (KB982726) 32-Bit Edition

Digital Photo Navigator 1.5

Diner Dash 2 Restaurant Rescue

Dream Chronicles

DVD Menu Pack for HP MediaSmart Video

Easy Driver Pro

Europe MapleStory

Everio MediaBrowser

FATE

Ferramenta de Carregamento do Windows Live

Google Earth Plug-in

Google Update Helper

Hewlett-Packard ACLM.NET v1.1.2.0

HP Advisor

HP Customer Experience Enhancements

HP Game Console

HP Games

HP MediaSmart DVD

HP MediaSmart Music

HP MediaSmart Photo

HP MediaSmart Video

HP Odometer

HP Setup

HP Support Assistant

HP Support Information

HP Update

Insaniquarium Deluxe

IRPF2011 - Declaração de Ajuste Anual, Final de Espólio e Saída Definitiva do País

Java Auto Updater

Java 6 Update 30

Jewel Quest II

Jewel Quest Solitaire

LabelPrint

LogMeIn Hamachi

Mahjongg Artifacts

Messenger Plus!

Messenger Plus! 3

Microsoft .NET Framework 1.1

Microsoft Choice Guard

Microsoft Office 2010 Service Pack 1 (SP1)

Microsoft Office Access MUI (Portuguese (Brazil)) 2010

Microsoft Office Excel MUI (Portuguese (Brazil)) 2010

Microsoft Office Home and Student 2010

Microsoft Office OneNote MUI (Portuguese (Brazil)) 2010

Microsoft Office Outlook Connector

Microsoft Office Outlook MUI (Portuguese (Brazil)) 2010

Microsoft Office PowerPoint MUI (Portuguese (Brazil)) 2010

Microsoft Office Proof (English) 2010

Microsoft Office Proof (Portuguese (Brazil)) 2010

Microsoft Office Proof (Spanish) 2010

Microsoft Office Proofing (Portuguese (Brazil)) 2010

Microsoft Office Publisher MUI (Portuguese (Brazil)) 2010

Microsoft Office Shared MUI (Portuguese (Brazil)) 2010

Microsoft Office Single Image 2010

Microsoft Office Word MUI (Portuguese (Brazil)) 2010

Microsoft Outlook Social Connector Provider for Windows Live Messenger 32-bit

Microsoft Silverlight

Microsoft SQL Server 2005 Compact Edition [ENU]

Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053

Microsoft Visual C++ 2005 Redistributable

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

Microsoft XNA Framework Redistributable 4.0

Movie Theme Pack for HP MediaSmart Video

Mozilla Firefox 9.0.1 (x86 pt-BR)

MSVCRT

MSXML 4.0 SP2 (KB954430)

MSXML 4.0 SP2 (KB973688)

MusicStation

Norton Internet Security

Norton Online Backup

NVIDIA ForceWare Network Access Manager

Paparazzi

PC Connectivity Solution

PDF Complete Special Edition

Penguins!

Philips Intelligent Agent

Philips SPC230NC Webcam

PhotoNow!

Plants vs. Zombies

PointBlank

Polar Bowler

Power2Go

PowerDirector

QueryScan 1.0 build 123 powered by FIRST SEARCHBAR

QuickStores-Toolbar 1.1.0

QuickTime

RealNetworks - Microsoft Visual C++ 2008 Runtime

RealPlayer

Realtek High Definition Audio Driver

RealUpgrade 1.1

Receitanet Java 2010.02d

Recovery Manager

Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)

Security Update for Microsoft .NET Framework 4 Extended (KB2416472)

Security Update for Microsoft .NET Framework 4 Extended (KB2487367)

Security Update for Microsoft .NET Framework 4 Extended (KB2656351)

Security Update for Microsoft Office 2010 (KB2553091)

Security Update for Microsoft Office 2010 (KB2553096)

Security Update for Microsoft Office 2010 (KB2553353) 32-Bit Edition

Security Update for Microsoft Office 2010 (KB2589320) 32-Bit Edition

Security Update for Microsoft PowerPoint 2010 (KB2553185) 32-Bit Edition

Security Update for Microsoft SharePoint Workspace 2010 (KB2566445)

Skype™ 5.5

Slingo Deluxe

StarCraft

StarCraft II

swMSM

System Requirements Lab

Tibia

Unity Web Player

Update for Microsoft .NET Framework 4 Client Profile (KB2468871)

Update for Microsoft .NET Framework 4 Client Profile (KB2473228)

Update for Microsoft .NET Framework 4 Client Profile (KB2533523)

Update for Microsoft .NET Framework 4 Extended (KB2468871)

Update for Microsoft .NET Framework 4 Extended (KB2533523)

Update for Microsoft Excel 2010 (KB2553439) 32-Bit Edition

Update for Microsoft Office 2010 (KB2494150)

Update for Microsoft Office 2010 (KB2553065)

Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition

Update for Microsoft Office 2010 (KB2553270) 32-Bit Edition

Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition

Update for Microsoft Office 2010 (KB2553385) 32-Bit Edition

Update for Microsoft Office 2010 (KB2553455) 32-Bit Edition

Update for Microsoft Office 2010 (KB2566458)

Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition

Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition

Update for Microsoft Outlook 2010 (KB2553323) 32-Bit Edition

Update for Microsoft Outlook Social Connector (KB2583935)

Virtual Villagers - The Secret City

Visualizador

Visualizador - Java Web Start

Webcam Video Viewer

Wedding Dash

Westward

Windows Live Call

Windows Live Communications Platform

Windows Live Essentials

Windows Live Galeria de Fotos

Windows Live Mesh ActiveX Control for Remote Connections

Windows Live Messenger

Windows Live Movie Maker

Windows Live Sync

Windows Media Player Firefox Plugin

Zuma Deluxe

.

==== End Of File ===========================

o log do GMER não consigo postar, porque ele diz que não tem nenhum alteração, e também nao consigo clicar em algumas das caixinhas da direita onde está escrito system,sections etc.

Compartilhar este post


Link para o post
Compartilhar em outros sites

Leia as instruções contidas neste link:

Nas instruções contidas no link acima, poderá verificar quais os fóruns onde os Analistas estão devidamente habilitados a utilizar corretamente a ferramenta:"Fóruns para receber ajuda com logs do ComboFix"

  1. Faça o download do ComboFix de um dos links oficiais listados abaixo e salve no seu desktop:

[*]Temporariamente e durante a execução destas instruções, é muito importante que mantenha desabilitados os seus programas de proteção (Antivirus, Antispyware e Firewall). Reative as proteções após a execução do(s) procedimento(s) abaixo mencionado(s).[*]Duplo clique no icone desktopicon.png que está no desktop.[*]Leia e aceite as condições, digitando 1 e enter.[*]Computadores com Windows XP deverão instalar o Console de Recuperação:

  • Se o seu computador tem instalado o Windows XP e ainda não tem instalado o Console de Recuperação, por favor certifique-se que está conectado à Internet, e clique em "Sim".
  • Clique em "OK" ao EULA.
  • Quando o Console de Recuperação estiver já instalado, clique em "SIM" para continuar.

[*]O ComboFix será executado, por favor seja paciente e aguarde. [*]Atenção: Não utilize o mouse nem o teclado enquanto a ferramenta estiver sendo executada, isso pode fazer com que o computador pare.[*]Poderá surgir o aviso que é necessário reiniciar o computador.

NÃO REINICIE!!! O ComboFix reiniciará o computador automaticamente.[*]Quando a ferramenta terminar de rodar, gerará um log (o arquivo C:\ComboFix.txt). Copie e cole o conteúdo desse arquivo na sua proxima resposta.

NÃO utilize a ferramenta por conta própria. É uma ferramenta poderosa criada pra lidar com infecções sofisticadas e caso não a utilize corretamente poderá danificar o seu computador.

  • Existem vários malwares que impedem a execução correta da ferramenta e com isso danificar gravemente o computador. Analistas habilitados a utilizar o ComboFix conhecem esses casos e sabem lidar com estas situações.
  • Muitos dos Analistas não respondem a topicos em que vejam que o ComboFix foi utilizado sem supervisão.
  • Existem varias ferramentas anti-malware generalistas em que os autores ao elaborarem a programação das mesmas, estão pensando nos usuários finais e para serem usadas sem supervisão. O Combofix não é uma ferramenta desse tipo, e assim sendo e até por respeito ao autor da ferramenta, não utilize sem supervisão.

Compartilhar este post


Link para o post
Compartilhar em outros sites
  • Autor do tópico
  • aqui o log do combofix

    ComboFix 12-02-19.02 - Gustavo 20/02/2012 16:29:28.1.2 - x64

    Microsoft Windows 7 Home Basic 6.1.7601.1.1252.55.1046.18.3839.2454 [GMT -2:00]

    Executando de: c:\users\Gustavo\Downloads\ComboFix.exe

    AV: Norton Internet Security *Disabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}

    FW: Norton Internet Security *Disabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}

    SP: Norton Internet Security *Disabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}

    SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

    * Criado um novo ponto de restauração

    .

    ADS - drivers: deleted 208 bytes in 1 streams.

    .

    ((((((((((((((((((((((((((((((((((((( Outras Exclusões )))))))))))))))))))))))))))))))))))))))))))))))))))

    .

    .

    c:\program files (x86)\Mozilla Firefox\extensions\{67E7F3E5-8B3A-4219-B92B-47F9E05F5F4A}

    c:\program files (x86)\Mozilla Firefox\extensions\{67E7F3E5-8B3A-4219-B92B-47F9E05F5F4A}\defaults\preferences\prefs.js

    c:\program files (x86)\Mozilla Firefox\extensions\{67E7F3E5-8B3A-4219-B92B-47F9E05F5F4A}\install.rdf

    c:\program files (x86)\Mozilla Firefox\searchplugins\search.xml

    c:\program files (x86)\MPAccess

    c:\program files (x86)\MPAccess\100.exe

    c:\program files (x86)\MPAccess\windowsh.exe

    c:\program files (x86)\NetNucleous

    c:\program files (x86)\NetNucleous\ActiveCollector\ActiveCollectorPlugin.dll

    c:\program files (x86)\QueryScan

    c:\program files (x86)\QueryScan\queryscan.exe

    c:\programdata\QueryScan

    c:\programdata\QueryScan\queryscan123.exe

    c:\users\Gustavo\AppData\Roaming\GabPath

    c:\users\Gustavo\AppData\Roaming\GabPath\config.cfg

    c:\users\Gustavo\AppData\Roaming\GabPath\gabpath.exe

    c:\users\Gustavo\AppData\Roaming\NetNucleous

    c:\users\Gustavo\AppData\Roaming\NetNucleous\ActiveCollector\CS\CollectorServer.disco

    c:\windows\IsUn0816.exe

    .

    .

    ((((((((((((((((((((((((((((((((((((((( Drivers/Serviços )))))))))))))))))))))))))))))))))))))))))))))))))

    .

    .

    -------\Service_QueryScan Service

    .

    .

    (((((((((((((((( Arquivos/Ficheiros criados de 2012-01-20 to 2012-02-20 ))))))))))))))))))))))))))))

    .

    .

    2012-02-20 18:44 . 2012-02-20 18:44 -------- d-----w- c:\users\Default\AppData\Local\temp

    2012-02-17 23:53 . 2012-02-17 23:53 -------- d-----w- c:\users\Gustavo\AppData\Roaming\Norton Utilities

    2012-02-17 23:49 . 2012-02-17 23:49 -------- d-----w- c:\programdata\Norton Installer

    2012-02-17 23:49 . 2011-12-23 13:20 191232 ----a-w- c:\windows\system32\drivers\SymDSMon.sys

    2012-02-17 23:49 . 2011-12-23 13:20 163384 ----a-w- c:\windows\system32\drivers\SymSpeedDisk.sys

    2012-02-17 23:49 . 2011-12-23 13:20 108800 ----a-w- c:\windows\SysWow64\drivers\SymSpeedDisk.sys

    2012-02-17 23:49 . 2012-02-17 23:49 -------- d-----w- c:\program files (x86)\Common Files\Symantec

    2012-02-17 23:49 . 2011-12-23 13:20 880640 ----a-w- c:\windows\SysWow64\UniBox10.ocx

    2012-02-17 23:49 . 2011-12-23 13:20 658432 ----a-w- c:\windows\SysWow64\MSCOMCT2.OCX

    2012-02-17 23:49 . 2011-12-23 13:20 506368 ----a-w- c:\windows\SysWow64\msxml.dll

    2012-02-17 23:49 . 2011-12-23 13:20 212992 ----a-w- c:\windows\SysWow64\UniBoxVB12.ocx

    2012-02-17 23:49 . 2011-12-23 13:20 1101824 ----a-w- c:\windows\SysWow64\UniBox210.ocx

    2012-02-17 23:49 . 2011-12-23 13:17 39784 ----a-w- c:\windows\system32\CleanMFT64.exe

    2012-02-17 23:49 . 2012-02-17 23:50 -------- d-----w- c:\program files (x86)\Norton Utilities 15

    2012-02-17 23:47 . 2012-02-17 23:48 -------- d-----w- c:\users\Gustavo\AppData\Roaming\Download Manager

    2012-02-15 22:06 . 2012-01-04 10:44 509952 ----a-w- c:\windows\system32\ntshrui.dll

    2012-02-15 22:06 . 2012-01-04 08:58 442880 ----a-w- c:\windows\SysWow64\ntshrui.dll

    2012-02-15 21:35 . 2011-12-30 06:26 515584 ----a-w- c:\windows\system32\timedate.cpl

    2012-02-15 21:35 . 2011-12-30 05:27 478720 ----a-w- c:\windows\SysWow64\timedate.cpl

    2012-02-15 21:35 . 2012-01-14 04:06 3145728 ----a-w- c:\windows\system32\win32k.sys

    2012-02-15 21:29 . 2011-12-28 03:59 498688 ----a-w- c:\windows\system32\drivers\afd.sys

    2012-02-15 21:26 . 2011-12-16 08:46 634880 ----a-w- c:\windows\system32\msvcrt.dll

    2012-02-15 21:26 . 2011-12-16 07:52 690688 ----a-w- c:\windows\SysWow64\msvcrt.dll

    2012-02-10 22:23 . 2012-02-10 22:23 -------- d-----w- c:\program files (x86)\LogMeIn Hamachi

    2012-02-06 20:29 . 2012-02-06 20:29 -------- d-----w- c:\programdata\{A8DA1505-E615-42BB-BB77-74D5CC91FE7E}

    2012-02-06 15:52 . 2009-03-18 18:35 33856 ---ha-w- c:\windows\system32\hamachi.sys

    2012-01-31 15:38 . 2012-02-10 08:13 -------- d-----w- c:\windows\system32\drivers\NISx64\1207000.00D

    .

    .

    .

    ((((((((((((((((((((((((((((((((((((( Relatório Find3M ))))))))))))))))))))))))))))))))))))))))))))))))))))

    .

    2012-01-15 20:06 . 2012-01-15 19:47 525544 ----a-w- c:\windows\system32\deployJava1.dll

    2012-01-15 19:40 . 2012-01-15 19:40 472808 ----a-w- c:\windows\SysWow64\deployJava1.dll

    2012-01-11 17:04 . 2010-12-20 13:36 42584 ----a-w- c:\windows\SysWow64\drivers\gbpkm.sys

    2011-12-12 11:20 . 2011-05-16 16:43 414368 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl

    2011-12-01 10:52 . 2011-12-01 10:52 235 ----a-w- c:\windows\SysWow64\nxEuUninstall.bat

    2011-12-01 10:51 . 2011-12-01 10:51 446464 ----a-w- c:\windows\NEXON_EU_DownloaderUpdater.exe

    .

    .

    (((((((((((((((((((((((((( Pontos de Carregamento do Registro )))))))))))))))))))))))))))))))))))))))

    .

    .

    *Nota* entradas vazias e legítimas por padrão não são apresentadas.

    REGEDIT4

    .

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

    "HPAdvisorDock"="c:\program files (x86)\Hewlett-Packard\HP Advisor\DOCK\HPAdvisorDock.exe" [2010-09-28 1715768]

    "ares"="c:\program files (x86)\Ares\Ares.exe" [2010-10-27 1015808]

    "Philips Intelligent Agent"="c:\program files (x86)\Philips\Intelligent Agent\Philips Intelligent Agent.exe" [2008-02-21 613792]

    "MessengerPlus3"="c:\program files (x86)\MessengerPlus! 3\MsgPlus.exe" [2011-02-27 190024]

    "KPeerNexonEU"="c:\nexon\NEXON_EU_Downloader\nxEULauncher.exe" [2011-12-01 438272]

    .

    [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]

    "PDF Complete"="c:\program files (x86)\PDF Complete\pdfsty.exe" [2009-10-14 563736]

    "HP Software Update"="c:\program files (x86)\HP\HP Software Update\HPWuSchd2.exe" [2008-12-08 54576]

    "Norton Online Backup"="c:\program files (x86)\Symantec\Norton Online Backup\NOBuClient.exe" [2010-06-01 1155928]

    "PlusService"="c:\program files (x86)\Yuna Software\Messenger Plus!\PlusService.exe" [2011-10-24 801792]

    "TkBellExe"="c:\program files (x86)\real\realplayer\Update\realsched.exe" [2011-10-24 273528]

    "QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2011-10-24 421888]

    "APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2011-09-27 59240]

    "LogMeIn Hamachi Ui"="c:\program files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" [2012-02-07 1987976]

    .

    c:\users\Gustavo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\

    OneNote 2010 Screen Clipper and Launcher.lnk - c:\program files (x86)\Microsoft Office\Office14\ONENOTEM.EXE [2011-9-2 227712]

    .

    c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\

    MBCameraMonitor.lnk - c:\program files (x86)\PIXELA\Everio MediaBrowser\MBCameraMonitor.exe [2011-6-23 541976]

    TrayMin230.lnk - c:\program files (x86)\Philips\Philips SPC230NC Webcam\TrayMin230.exe [2010-12-23 241664]

    .

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

    "ConsentPromptBehaviorAdmin"= 5 (0x5)

    "ConsentPromptBehaviorUser"= 3 (0x3)

    "EnableUIADesktopToggle"= 0 (0x0)

    .

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\ GbPluginCef]

    2012-01-11 17:01 726360 ----a-w- c:\program files (x86)\GbPlugin\gbiehcef.dll

    .

    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]

    "aux"=wdmaud.drv

    .

    R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]

    R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]

    R2 gupdate;Google Update Service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-02-02 136176]

    R2 HP Support Assistant Service;HP Support Assistant Service;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [2011-09-09 86072]

    R3 dump_wmimmc;dump_wmimmc;c:\program files (x86)\LeveUp! Games\RagnarokOnline\GameGuard\dump_wmimmc.sys [x]

    R3 EagleX64;EagleX64;c:\windows\system32\drivers\EagleX64.sys [x]

    R3 EraserUtilDrvI10;EraserUtilDrvI10;c:\program files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilDrvI10.sys [x]

    R3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device;c:\windows\system32\DRIVERS\ew_hwusbdev.sys [x]

    R3 gupdatem;Serviço do Google Update (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-02-02 136176]

    R3 Mkd2Nadr;Mkd2Nadr;c:\windows\system32\drivers\Mkd2Nadr.sys [2008-10-17 106040]

    R3 Mkd3kfNt;Mkd3kfNt;c:\windows\system32\drivers\Mkd3kfNt.sys [x]

    R3 nmwcdnsux64;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsux64.sys [x]

    R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]

    R3 SymDSMon;SymDSMon;c:\windows\system32\drivers\SymDSMon.sys [x]

    R3 SYMSpeedDisk;SYMSpeedDisk;c:\windows\system32\drivers\SymSpeedDisk.sys [2011-12-23 163384]

    R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]

    R3 X6va003;X6va003;c:\users\Gustavo\AppData\Local\Temp\0035C56.tmp [x]

    R3 X6va005;X6va005;c:\users\Gustavo\AppData\Local\Temp\005713C.tmp [x]

    R3 X6va006;X6va006;c:\users\Gustavo\AppData\Local\Temp\0063602.tmp [x]

    S0 SymDS;Symantec Data Store;c:\windows\system32\drivers\NISx64\1207000.00D\SYMDS64.SYS [x]

    S0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\NISx64\1207000.00D\SYMEFA64.SYS [x]

    S1 BHDrvx64;BHDrvx64;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.0.0.128\Definitions\BASHDefs\20120215.001\BHDrvx64.sys [2012-02-07 1157240]

    S1 IDSVia64;IDSVia64;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.0.0.128\Definitions\IPSDefs\20120217.003\IDSvia64.sys [2012-02-08 488568]

    S1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\NISx64\1207000.00D\Ironx64.SYS [x]

    S1 SymNetS;Symantec Network Security WFP Driver;c:\windows\System32\Drivers\NISx64\1207000.00D\SYMNETS.SYS [x]

    S2 DCService.exe;DCService.exe;c:\programdata\DatacardService\DCService.exe [2010-05-08 229376]

    S2 DiskDoctorService;Norton Disk Doctor Service;c:\program files (x86)\Norton Utilities 15\Tools\Disk Doctor\DiskDoctorSrv.exe [2011-12-23 1029480]

    S2 GbpSv;Gbp Service;c:\progra~2\GbPlugin\GbpSv.exe [2012-01-11 194904]

    S2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;c:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe [2012-02-07 2343816]

    S2 HPDrvMntSvc.exe;HP Quick Synchronization Service;c:\program files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2011-03-28 94264]

    S2 NIS;Norton Internet Security;c:\program files (x86)\Norton Internet Security\Engine\18.7.0.13\ccSvcHst.exe [2011-04-17 130008]

    S2 NOBU;Norton Online Backup;c:\program files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe SERVICE [x]

    S2 pdfcDispatcher;PDF Document Manager;c:\program files (x86)\PDF Complete\pdfsvc.exe [2009-10-14 635416]

    S2 scpVista;scpVista;c:\program files (x86)\Scpad\scpVista.exe [2009-07-10 136496]

    S2 SpeedDiskService;Norton SpeedDisk Service;c:\program files (x86)\Norton Utilities 15\Tools\SpeedDisk\SpeedDiskSrv.exe [2011-12-23 1037672]

    S3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2012-02-04 138360]

    S3 huawei_enumerator;huawei_enumerator;c:\windows\system32\DRIVERS\ew_jubusenum.sys [x]

    S3 PAEAFLT.sys;USB Composite Device;c:\windows\system32\DRIVERS\PAEAFLT.sys [x]

    S3 SPC230NC;Philips SPC230NC Webcam;c:\windows\system32\DRIVERS\SPC230NC.SYS [x]

    .

    .

    --- =Outros Serviços/Drivers Na Memória ---

    .

    *NewlyCreated* - WS2IFSL

    .

    Conteúdo da pasta 'Tarefas Agendadas'

    .

    2012-02-20 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job

    - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-02-02 17:55]

    .

    2012-02-20 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

    - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-02-02 17:55]

    .

    2012-02-19 c:\windows\Tasks\HPCeeScheduleForGustavo.job

    - c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-01-05 06:53]

    .

    2012-02-19 c:\windows\Tasks\NUSchedule.job

    - c:\program files (x86)\Norton Utilities 15\nu.exe [2012-02-17 13:17]

    .

    .

    --------- x86-64 -----------

    .

    .

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

    "hpsysdrv"="c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe" [2008-11-20 62768]

    "SmartMenu"="c:\program files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe" [2010-01-18 568888]

    "SPC230NC_Monitor"="c:\windows\Philips\SPC230NC\Monitor.exe" [2007-12-10 323584]

    "SPC_Monitor"="c:\windows\Philips\SPC230NC\Monitor.exe" [2007-12-10 323584]

    "combofix"="c:\combofix\CF28928.3XE" [2010-11-20 345088]

    .

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]

    "LoadAppInit_DLLs"=0x0

    .

    ------- Scan Suplementar -------

    .

    uStart Page = hxxp://www.google.com.br/

    uLocal Page = c:\windows\system32\blank.htm

    mLocal Page = c:\windows\SysWOW64\blank.htm

    IE: &Enviar para o OneNote - c:\progra~2\MICROS~1\Office14\ONBttnIE.dll/105

    IE: E&xportar para o Microsoft Excel - c:\progra~2\MICROS~1\Office14\EXCEL.EXE/3000

    Trusted Zone: caixa.gov.br

    Trusted Zone: clonewarsadventures.com

    Trusted Zone: freerealms.com

    Trusted Zone: soe.com

    Trusted Zone: sony.com

    TCP: DhcpNameServer = 201.76.16.58 201.76.16.59 192.168.0.1

    FF - ProfilePath - c:\users\Gustavo\AppData\Roaming\Mozilla\Firefox\Profiles\m5pid7y7.default\

    FF - prefs.js: browser.startup.homepage - hxxp://www.google.com.br/

    FF - prefs.js: keyword.URL - hxxp://www.queryscan.com/?tmp=nemo_results_removelink&prt=QryscanNN&keywords=

    .

    - - - - ORFÃOS REMOVIDOS - - - -

    .

    Wow6432Node-HKCU-Run-GabPath - c:\users\Gustavo\AppData\Roaming\GabPath\gabpath.exe

    BHO-{F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - c:\program files (x86)\Hotspot Shield\HssIE\HssIE_64.dll

    AddRemove-Adobe Shockwave Player - c:\windows\system32\Adobe\Shockwave 11\uninstaller.exe

    AddRemove-PointBlank - g:\pointblank\PBUnInst.exe

    AddRemove-Visualizador - Java Web Start - c:\windows\system32\javaws.exe

    .

    .

    .

    [HKEY_LOCAL_MACHINE\system\ControlSet001\services\NIS]

    "ImagePath"="\"c:\program files (x86)\Norton Internet Security\Engine\18.7.0.13\ccSvcHst.exe\" /s \"NIS\" /m \"c:\program files (x86)\Norton Internet Security\Engine\18.7.0.13\diMaster.dll\" /prefetch:1"

    --

    .

    [HKEY_LOCAL_MACHINE\system\ControlSet001\services\pdfcDispatcher]

    "ImagePath"="c:\program files (x86)\PDF Complete\pdfsvc.exe /startedbyscm:66B66708-40E2BE4D-pdfcService"

    .

    [HKEY_LOCAL_MACHINE\system\ControlSet001\services\npggsvc]

    "ImagePath"="c:\windows\system32\GameMon.des -service"

    .

    [HKEY_LOCAL_MACHINE\system\ControlSet001\services\X6va003]

    "ImagePath"="\??\c:\users\Gustavo\AppData\Local\Temp\0035C56.tmp"

    .

    [HKEY_LOCAL_MACHINE\system\ControlSet001\services\X6va005]

    "ImagePath"="\??\c:\users\Gustavo\AppData\Local\Temp\005713C.tmp"

    .

    [HKEY_LOCAL_MACHINE\system\ControlSet001\services\X6va006]

    "ImagePath"="\??\c:\users\Gustavo\AppData\Local\Temp\0063602.tmp"

    .

    --------------------- CHAVES DO REGISTRO BLOQUEADAS ---------------------

    .

    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]

    @Denied: (A 2) (Everyone)

    @="FlashBroker"

    "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11e_ActiveX.exe,-101"

    .

    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]

    "Enabled"=dword:00000001

    .

    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]

    @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11e_ActiveX.exe"

    .

    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]

    @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

    .

    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]

    @Denied: (A 2) (Everyone)

    @="Shockwave Flash Object"

    .

    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]

    @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx"

    "ThreadingModel"="Apartment"

    .

    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]

    @="0"

    .

    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]

    @="ShockwaveFlash.ShockwaveFlash.10"

    .

    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

    @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx, 1"

    .

    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]

    @="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

    .

    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]

    @="1.0"

    .

    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

    @="ShockwaveFlash.ShockwaveFlash"

    .

    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]

    @Denied: (A 2) (Everyone)

    @="Macromedia Flash Factory Object"

    .

    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]

    @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx"

    "ThreadingModel"="Apartment"

    .

    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]

    @="FlashFactory.FlashFactory.1"

    .

    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

    @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx, 1"

    .

    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]

    @="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

    .

    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]

    @="1.0"

    .

    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

    @="FlashFactory.FlashFactory"

    .

    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]

    @Denied: (A 2) (Everyone)

    @="IFlashBroker4"

    .

    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]

    @="{00020424-0000-0000-C000-000000000046}"

    .

    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]

    @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

    "Version"="1.0"

    .

    [HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]

    @Denied: (A) (Everyone)

    "Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"

    .

    [HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3]

    @Denied: (A) (Everyone)

    .

    [HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]

    "Key"="ActionsPane3"

    "Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"

    .

    [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]

    @Denied: (A) (Users)

    @Denied: (A) (Everyone)

    @Allowed: (B 1 2 3 4 5) (S-1-5-20)

    "BlindDial"=dword:00000000

    .

    [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]

    @Denied: (A) (Users)

    @Denied: (A) (Everyone)

    @Allowed: (B 1 2 3 4 5) (S-1-5-20)

    "BlindDial"=dword:00000000

    .

    [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]

    @Denied: (Full) (Everyone)

    .

    ------------------------ Outros Processos em Execução ------------------------

    .

    c:\program files (x86)\Norton Utilities 15\Tools\Disk Doctor\DiskDoctorSrvProxy.exe

    c:\program files (x86)\Norton Utilities 15\Tools\SpeedDisk\SpeedDiskSrvProxy.exe

    .

    **************************************************************************

    .

    Tempo para conclusão: 2012-02-20 17:02:29 - Máquina reiniciou

    ComboFix-quarantined-files.txt 2012-02-20 19:02

    .

    Pré-execução: 397.872.353.280 bytes disponíveis

    Pós execução: 399.249.772.544 bytes disponíveis

    .

    - - End Of File - - B364DA986D282B79B08802F7576783F

    Compartilhar este post


    Link para o post
    Compartilhar em outros sites

    O trojan em questão foi excluído com sucesso. Seu computador tem apresentado algum outro tipo de sintoma?

    Compartilhar este post


    Link para o post
    Compartilhar em outros sites
  • Autor do tópico
  • valeu pela ajuda, obrigado meeeesmo, mas já que você perguntou as vezes aparece uns avisos falando sobre um tal de HKEY_LOCAL_MACHINE e HKEY_CURRENT_USER

    eu coloco pra reparar, mas sempre aparece de novo, tem algo a ver com o gabpath?

    Compartilhar este post


    Link para o post
    Compartilhar em outros sites

    Amigo, poderia ser mais específico? Transcreva EXATAMENTE o que aparece no aviso do antivírus.

    Compartilhar este post


    Link para o post
    Compartilhar em outros sites

    O aviso são de valores faltantes no registro, nada com o que se preocupar.

    Mais alguma dúvida?

    Compartilhar este post


    Link para o post
    Compartilhar em outros sites

    Parabéns, seu log está limpo.

    De agora em diante fique ALERTA!

    Para finalizar faça o seguinte:

    Vá em Iniciar > Executar e digite ComboFix /Uninstall . Isso desinstalará o ComboFix de sua máquina.

    Faça download do OTC

    • Salve no seu desktop (área/ambiente de trabalho).
    • Duplo-clique no icone do OTC.
    • Clique no botão "Cleanup" 8gehxg0.gif
    • Permita que o seu computador seja reiniciado.

    Sugiro que rode o CCleaner para fazer uma limpeza em sua máquina. Faça o download dele aqui CCleaner

    • Abra o programa e clique em Executar Limpeza;
    • Após isto, clique em Erros >> Procurar erros >> Corrigir Erros

    Sugiro também que consulte este artigo: Proteja seu PC

    Mais algum problema com o computador?

    Compartilhar este post


    Link para o post
    Compartilhar em outros sites

    Caso o autor do tópico necessite, o mesmo será reaberto, para isso deverá entrar em contato com a moderação solicitando o desbloqueio.

    Compartilhar este post


    Link para o post
    Compartilhar em outros sites
    Visitante
    Este tópico está impedido de receber novos posts.
    Entre para seguir isso  





    Sobre o Clube do Hardware

    No ar desde 1996, o Clube do Hardware é uma das maiores, mais antigas e mais respeitadas publicações sobre tecnologia do Brasil. Leia mais

    Direitos autorais

    Não permitimos a cópia ou reprodução do conteúdo do nosso site, fórum, newsletters e redes sociais, mesmo citando-se a fonte. Leia mais

    ×