Ir ao conteúdo
  • Cadastre-se
NaK

Suspeita de Trojan

Recommended Posts

Preciso saber se meu notebook tem algum trojan espião

Podem me ajudar?

Obrigada

DDS (Ver_2012-11-20.01) - NTFS_x86

Internet Explorer: 9.0.8112.16490

Run by NATALIA at 11:21:30 on 2013-06-20

Microsoft Windows 7 Professional 6.1.7601.1.1252.55.1046.18.3237.1746 [GMT -3:00]

.

AV: Kaspersky Anti-Virus *Disabled/Updated* {C3113FBF-4BCB-4461-D78D-6EDFEC9593E5}

SP: Kaspersky Anti-Virus *Disabled/Updated* {7870DE5B-6DF1-4BEF-ED3D-55AD9712D958}

SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

============== Running Processes ================

.

C:\Windows\system32\wininit.exe

C:\Windows\system32\lsm.exe

C:\Windows\system32\WLANExt.exe

C:\Windows\system32\conhost.exe

C:\Windows\System32\spoolsv.exe

C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe

C:\Program Files\Bonjour\mDNSResponder.exe

C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe

C:\Program Files\Spyware Terminator\st_rsser.exe

C:\Windows\system32\taskhost.exe

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Windows\System32\igfxtray.exe

C:\Windows\System32\hkcmd.exe

C:\Windows\System32\igfxpers.exe

C:\Program Files\USB Disk Security\USBGuard.exe

C:\Windows\system32\SearchIndexer.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe

C:\Windows\system32\NOTEPAD.EXE

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Windows\system32\notepad.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Windows\system32\conhost.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\system32\svchost.exe -k RPCSS

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\svchost.exe -k NetworkService

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\Windows\System32\svchost.exe -k secsvcs

.

============== Pseudo HJT Report ===============

.

uStart Page = hxxp://www.uol.com.br/

BHO: Content Blocker Plugin: {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - c:\program files\kaspersky lab\kaspersky anti-virus 2013\ieext\contentblocker\ie_content_blocker_plugin.dll

BHO: Virtual Keyboard Plugin: {73455575-E40C-433C-9784-C78DC7761455} - c:\program files\kaspersky lab\kaspersky anti-virus 2013\ieext\virtualkeyboard\ie_virtual_keyboard_plugin.dll

BHO: URL Advisor Plugin: {E33CF602-D945-461A-83F0-819F76A199F8} - c:\program files\kaspersky lab\kaspersky anti-virus 2013\ieext\urladvisor\klwtbbho.dll

mRun: [igfxTray] c:\windows\system32\igfxtray.exe

mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe

mRun: [Persistence] c:\windows\system32\igfxpers.exe

mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"

mRun: [AVP] "c:\program files\kaspersky lab\kaspersky anti-virus 2013\avp.exe"

mRun: [spywareTerminatorShield] c:\program files\spyware terminator\SpywareTerminatorShield.exe

mRun: [spywareTerminatorUpdater] c:\program files\spyware terminator\SpywareTerminatorUpdate.exe

mRun: [uSB Security] c:\program files\usb disk security\USBGuard.exe

dRunOnce: [sPReview] "c:\windows\system32\spreview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601

mPolicies-System: ConsentPromptBehaviorAdmin = dword:5

mPolicies-System: ConsentPromptBehaviorUser = dword:3

mPolicies-System: EnableUIADesktopToggle = dword:0

IE: E&xportar para o Microsoft Excel - c:\progra~1\mif5ba~1\office12\EXCEL.EXE/3000

IE: {0C4CC089-D306-440D-9772-464E226F6539} - {0BA14598-4178-4CE5-B1F1-B5C6408A3F2E} - c:\program files\kaspersky lab\kaspersky anti-virus 2013\ieext\virtualkeyboard\ie_virtual_keyboard_plugin.dll

IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}

IE: {CCF151D8-D089-449F-A5A4-D9909053F20F} - {CCF151D8-D089-449F-A5A4-D9909053F20F} - c:\program files\kaspersky lab\kaspersky anti-virus 2013\ieext\urladvisor\klwtbbho.dll

TCP: NameServer = 189.51.128.2 192.168.0.1

TCP: Interfaces\{8A2CE498-B3D4-4850-9305-BCFFE14CB2FA} : DHCPNameServer = 189.51.128.2 192.168.0.1

Notify: igfxcui - igfxdev.dll

SSODL: WebCheck - <orphaned>

mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "c:\program files\google\chrome\application\27.0.1453.116\installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome

.

============= SERVICES / DRIVERS ===============

.

R1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;c:\windows\system32\drivers\klim6.sys [2012-8-2 24408]

R1 kltdi;kltdi;c:\windows\system32\drivers\kltdi.sys [2012-6-8 44000]

R1 kneps;kneps;c:\windows\system32\drivers\kneps.sys [2012-8-13 145040]

R1 sp_rsdrv2;Spyware Terminator 2012 Realtime Shield Driver;c:\windows\system32\drivers\sp_rsdrv2.sys [2013-6-13 32768]

R2 ST2012_Svc;Spyware Terminator 2012 Realtime Shield Service;c:\program files\spyware terminator\st_rsser.exe [2013-6-13 587912]

R3 klkbdflt;Kaspersky Lab KLKBDFLT;c:\windows\system32\drivers\klkbdflt.sys [2012-5-25 25944]

R3 klmouflt;Kaspersky Lab KLMOUFLT;c:\windows\system32\drivers\klmouflt.sys [2012-7-25 25944]

R3 MEI;Intel® Management Engine Interface ;c:\windows\system32\drivers\HECI.sys [2010-10-19 41088]

R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\drivers\Rt86win7.sys [2011-6-10 394856]

R3 RTL8192Ce;Realtek Wireless LAN 802.11n PCI-E NIC Driver;c:\windows\system32\drivers\rtl8192ce.sys [2013-6-9 765072]

S2 AVP;Serviço do Kaspersky Anti-Virus;c:\program files\kaspersky lab\kaspersky anti-virus 2013\avp.exe [2012-8-17 356376]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2012-7-9 104912]

S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-13 229888]

S3 JMCR;JMCR;c:\windows\system32\drivers\jmcr.sys [2011-5-26 144984]

S3 StorSvc;Serviço de Armazenamento;c:\windows\system32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-13 20992]

S3 Te.Service;Te.Service;c:\program files\windows kits\8.0\testing\runtimes\taef\Wex.Services.exe [2012-7-25 94208]

S3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\TsUsbFlt.sys [2013-6-10 52224]

S3 WatAdminSvc;Serviço de Tecnologias de Ativação do Windows;c:\windows\system32\wat\WatAdminSvc.exe [2013-6-10 1343400]

.

=============== Created Last 30 ================

.

2013-06-19 18:01:25 -------- d-----w- c:\users\natalia\appdata\roaming\Zbshareware Lab

2013-06-19 18:01:25 -------- d-----w- c:\programdata\Zbshareware Lab

2013-06-19 18:00:37 -------- d-----w- c:\program files\USB Disk Security

2013-06-18 12:36:24 -------- d--h--w- c:\windows\AxInstSV

2013-06-18 07:38:15 7068072 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{b44e6e55-62c2-4d95-9acf-b526901386e1}\mpengine.dll

2013-06-14 01:42:27 32768 ----a-w- c:\windows\system32\drivers\sp_rsdrv2.sys

2013-06-14 01:42:26 -------- d-----w- c:\users\natalia\appdata\roaming\Spyware Terminator

2013-06-14 01:42:26 -------- d-----w- c:\programdata\Spyware Terminator

2013-06-14 01:42:23 -------- d-----w- c:\program files\Spyware Terminator

2013-06-12 15:21:45 712048 ----a-w- c:\windows\system32\drivers\ndis.sys

2013-06-12 15:21:45 33280 ----a-w- c:\windows\system32\drivers\RNDISMP.sys

2013-06-12 15:20:31 245760 ----a-w- c:\windows\system32\OxpsConverter.exe

2013-06-12 15:20:29 40960 ----a-w- c:\windows\system32\wwanprotdim.dll

2013-06-12 15:20:29 186368 ----a-w- c:\windows\system32\wwansvc.dll

2013-06-12 15:20:25 24576 ----a-w- c:\windows\system32\cryptdlg.dll

2013-06-12 15:20:09 2347520 ----a-w- c:\windows\system32\win32k.sys

2013-06-12 15:20:08 492544 ----a-w- c:\windows\system32\win32spl.dll

2013-06-12 15:20:06 903168 ----a-w- c:\windows\system32\certutil.exe

2013-06-12 15:20:06 43008 ----a-w- c:\windows\system32\certenc.dll

2013-06-12 15:20:06 140288 ----a-w- c:\windows\system32\cryptsvc.dll

2013-06-12 15:20:06 1160192 ----a-w- c:\windows\system32\crypt32.dll

2013-06-12 15:20:06 103936 ----a-w- c:\windows\system32\cryptnet.dll

2013-06-12 15:18:59 1293672 ----a-w- c:\windows\system32\drivers\tcpip.sys

2013-06-12 15:18:58 49152 ----a-w- c:\windows\system32\taskhost.exe

2013-06-12 15:18:50 47104 ----a-w- c:\windows\system32\appinfo.dll

2013-06-12 15:18:50 1796096 ----a-w- c:\windows\system32\authui.dll

2013-06-12 15:18:50 101720 ----a-w- c:\windows\system32\consent.exe

2013-06-12 12:06:09 7016152 ----a-w- c:\programdata\microsoft\windows defender\definition updates\backup\mpengine.dll

2013-06-12 02:37:46 -------- d-----w- c:\windows\system32\SPReview

2013-06-12 00:55:23 -------- d-----w- c:\program files\Microsoft Synchronization Services

2013-06-11 21:06:16 -------- d-----w- c:\windows\PCHEALTH

2013-06-11 21:02:57 -------- d-----w- c:\users\natalia\appdata\local\Microsoft Help

2013-06-11 20:30:12 -------- d-----w- c:\program files\Bonjour

2013-06-11 20:23:27 -------- d-----w- c:\program files\common files\Macrovision Shared

2013-06-11 00:55:27 -------- d-----w- c:\windows\system32\EventProviders

2013-06-10 22:37:26 2477184 ----a-w- c:\programdata\microsoft\visualstudio\11.0\1033\ResourceCache.dll

2013-06-10 22:31:26 -------- d-----w- c:\program files\Microsoft SQL Server Compact Edition

2013-06-10 22:30:43 -------- d-----w- c:\program files\Application Verifier

2013-06-10 22:30:31 -------- d-----w- c:\programdata\Windows App Certification Kit

2013-06-10 22:29:15 -------- d-----w- c:\program files\common files\Microsoft

2013-06-10 22:28:58 -------- d-----w- c:\programdata\PreEmptive Solutions

2013-06-10 22:26:44 -------- d-----w- c:\program files\Microsoft ASP.NET

2013-06-10 22:26:10 -------- d-----w- c:\program files\Microsoft Web Tools

2013-06-10 22:25:59 -------- d-----w- c:\program files\Microsoft

2013-06-10 22:25:47 -------- d-----w- c:\program files\IIS Express

2013-06-10 22:25:10 -------- d-----w- c:\program files\NuGet

2013-06-10 22:25:02 -------- d-----w- c:\program files\Microsoft WCF Data Services

2013-06-10 22:24:48 -------- d-----w- c:\program files\IIS

2013-06-10 22:22:39 1998168 ----a-w- c:\windows\system32\D3DX9_43.dll

2013-06-10 22:22:02 -------- d-----w- c:\program files\Windows Kits

2013-06-10 22:17:58 -------- d-----w- c:\program files\HTML Help Workshop

2013-06-10 22:17:10 -------- d-----w- c:\program files\Microsoft Help Viewer

2013-06-10 22:16:22 -------- d-----w- c:\windows\system32\1033

2013-06-10 22:16:12 -------- d-----w- c:\program files\Microsoft SQL Server

2013-06-10 22:10:43 -------- d-----w- c:\program files\common files\Merge Modules

2013-06-10 20:36:21 -------- d-----w- c:\program files\Microsoft Visual Studio 11.0

2013-06-10 20:30:53 -------- d-----w- c:\programdata\regid.1991-06.com.microsoft

2013-06-10 20:30:53 -------- d-----w- c:\programdata\Package Cache

2013-06-10 19:26:59 1828352 ----a-w- c:\windows\system32\d3d9.dll

2013-06-10 19:25:59 2130944 ----a-w- c:\windows\system32\networkmap.dll

2013-06-10 19:24:42 606208 ----a-w- c:\windows\system32\wbem\fastprox.dll

2013-06-10 19:24:42 363008 ----a-w- c:\windows\system32\wbemcomn.dll

2013-06-10 19:24:42 189952 ----a-w- c:\program files\windows portable devices\sqmapi.dll

2013-06-10 19:24:30 189952 ----a-w- c:\windows\system32\sqmapi.dll

2013-06-10 06:16:52 -------- d-----w- c:\windows\system32\Wat

2013-06-10 01:56:44 -------- d-----w- c:\windows\Panther

2013-06-10 00:38:33 -------- d-----w- c:\windows\ELAMBKUP

2013-06-10 00:38:27 -------- d-----w- c:\programdata\Kaspersky Lab

2013-06-10 00:38:27 -------- d-----w- c:\program files\Kaspersky Lab

2013-06-10 00:38:19 74848 ----a-w- c:\windows\system32\drivers\klflt.sys

2013-06-10 00:10:17 -------- d-----w- c:\users\natalia\appdata\local\Adobe

2013-06-09 23:37:00 -------- d-sh--w- c:\windows\Installer

2013-06-09 23:32:31 -------- d-----w- c:\users\natalia\appdata\local\Google

2013-06-09 23:32:15 -------- d-----w- c:\users\natalia\appdata\local\Apps

2013-06-09 23:32:14 -------- d-----w- c:\users\natalia\appdata\local\Deployment

2013-06-09 23:11:31 70656 ----a-w- c:\windows\system32\fontsub.dll

2013-06-09 23:11:31 34304 ----a-w- c:\windows\system32\atmlib.dll

2013-06-09 23:11:31 295424 ----a-w- c:\windows\system32\atmfd.dll

2013-06-09 22:47:49 9728 ----a-w- c:\windows\system32\Wdfres.dll

2013-06-09 22:47:49 526952 ----a-w- c:\windows\system32\drivers\Wdf01000.sys

2013-06-09 22:47:49 47720 ----a-w- c:\windows\system32\drivers\WdfLdr.sys

2013-06-09 22:46:55 73216 ----a-w- c:\windows\system32\WUDFSvc.dll

2013-06-09 22:46:55 66560 ----a-w- c:\windows\system32\drivers\WUDFPf.sys

2013-06-09 22:46:55 613888 ----a-w- c:\windows\system32\WUDFx.dll

2013-06-09 22:46:55 38912 ----a-w- c:\windows\system32\WUDFCoinstaller.dll

2013-06-09 22:46:55 196608 ----a-w- c:\windows\system32\WUDFHost.exe

2013-06-09 22:46:55 172032 ----a-w- c:\windows\system32\WUDFPlatform.dll

2013-06-09 22:46:55 155136 ----a-w- c:\windows\system32\drivers\WUDFRd.sys

2013-06-09 22:45:45 5120 ----a-w- c:\windows\system32\wmi.dll

2013-06-09 22:45:45 19824 ----a-w- c:\windows\system32\drivers\fs_rec.sys

2013-06-09 22:45:45 159232 ----a-w- c:\windows\system32\imagehlp.dll

2013-06-09 22:28:42 3217408 ----a-w- c:\windows\system32\mstscax.dll

2013-06-09 22:28:41 36864 ----a-w- c:\windows\system32\tsgqec.dll

2013-06-09 22:28:41 131584 ----a-w- c:\windows\system32\aaclient.dll

2013-06-09 22:25:36 132608 ----a-w- c:\windows\system32\dnsrslvr.dll

2013-06-09 22:25:35 28672 ----a-w- c:\windows\system32\dnscacheugc.exe

2013-06-09 22:25:32 238872 ------w- c:\windows\system32\MpSigStub.exe

2013-06-09 22:25:18 338944 ----a-w- c:\windows\system32\drivers\afd.sys

2013-06-09 22:25:15 1288472 ----a-w- c:\windows\system32\ntdll.dll

2013-06-09 22:25:08 240496 ----a-w- c:\windows\system32\drivers\netio.sys

2013-06-09 22:25:08 187752 ----a-w- c:\windows\system32\drivers\FWPKCLNT.SYS

2013-06-09 22:25:00 15872 ----a-w- c:\windows\system32\drivers\usb8023.sys

2013-06-09 22:23:51 317440 ----a-w- c:\windows\system32\spoolsv.exe

2013-06-09 22:22:56 400896 ----a-w- c:\windows\system32\srcore.dll

2013-06-09 22:21:37 172544 ----a-w- c:\windows\system32\wintrust.dll

2013-06-09 22:21:35 514560 ----a-w- c:\windows\system32\qdvd.dll

2013-06-09 22:21:35 1328128 ----a-w- c:\windows\system32\quartz.dll

2013-06-09 22:21:32 542208 ----a-w- c:\windows\system32\kerberos.dll

2013-06-09 22:21:30 1389568 ----a-w- c:\windows\system32\msxml6.dll

2013-06-09 22:20:48 490496 ----a-w- c:\windows\system32\d3d10level9.dll

2013-06-09 22:20:44 478720 ----a-w- c:\windows\system32\timedate.cpl

2013-06-09 22:20:42 28672 ----a-w- c:\windows\system32\profprov.dll

2013-06-09 22:20:42 164352 ----a-w- c:\windows\system32\profsvc.dll

2013-06-09 22:13:15 571904 ----a-w- c:\windows\system32\oleaut32.dll

2013-06-09 22:13:15 233472 ----a-w- c:\windows\system32\oleacc.dll

2013-06-09 22:08:32 169984 ----a-w- c:\windows\system32\winsrv.dll

2013-06-09 22:07:14 107520 ----a-w- c:\windows\system32\cdd.dll

2013-06-09 22:06:39 123904 ----a-w- c:\windows\system32\poqexec.exe

2013-06-09 22:02:36 27008 ----a-w- c:\windows\system32\drivers\Diskdump.sys

2013-06-09 22:02:32 2048 ----a-w- c:\windows\system32\tzres.dll

2013-06-09 21:53:10 2422272 ----a-w- c:\windows\system32\wucltux.dll

2013-06-09 21:53:02 88576 ----a-w- c:\windows\system32\wudriver.dll

2013-06-09 21:52:54 33792 ----a-w- c:\windows\system32\wuapp.exe

2013-06-09 21:52:54 171904 ----a-w- c:\windows\system32\wuwebv.dll

2013-06-09 21:47:53 999568 ----a-w- c:\windows\system32\drivers\rtwlane.sys

2013-06-09 21:47:53 765072 ----a-w- c:\windows\system32\drivers\rtl8192ce.sys

2013-06-09 21:47:53 559208 ----a-w- c:\windows\system32\drivers\rtl819xp.sys

2013-06-09 21:47:53 535040 ----a-w- c:\windows\system32\Rtlihvs.dll

2013-06-09 21:47:53 379904 ----a-w- c:\windows\system32\drivers\rtl8187B.sys

2013-06-09 21:47:53 376320 ----a-w- c:\windows\system32\drivers\rtl8187Se.sys

2013-06-09 21:47:53 1237648 ----a-w- c:\windows\system32\drivers\rtl8188ee.sys

2013-06-09 21:47:53 1117800 ----a-w- c:\windows\system32\drivers\rtl8192se.sys

2013-06-09 21:47:52 451072 ----a-w- c:\windows\system32\ISSRemoveSP.exe

2013-06-09 21:47:52 -------- d-----w- c:\program files\Realtek WLAN Driver

2013-06-09 21:47:24 -------- d-----w- c:\users\natalia\appdata\roaming\WinBatch

2013-06-09 21:19:00 -------- d-----w- c:\windows\system32\wbem\Performance

2013-05-30 20:04:28 -------- d-----w- C:\Intel

2013-05-30 17:37:25 -------- d-sh--we C:\Arquivos de Programas

2013-05-30 17:37:25 -------- d-sh--w- C:\Recovery

.

==================== Find3M ====================

.

2013-06-19 22:06:59 44000 ----a-w- c:\windows\system32\drivers\kltdi.sys

2013-06-12 02:44:52 152576 ----a-w- c:\windows\system32\msclmd.dll

2013-06-10 02:00:51 145040 ----a-w- c:\windows\system32\drivers\kneps.sys

2013-06-10 02:00:48 25944 ----a-w- c:\windows\system32\drivers\klmouflt.sys

2013-06-10 02:00:45 25944 ----a-w- c:\windows\system32\drivers\klkbdflt.sys

2013-05-16 22:39:39 1800704 ----a-w- c:\windows\system32\jscript9.dll

2013-05-16 22:28:26 1129472 ----a-w- c:\windows\system32\wininet.dll

2013-05-16 22:27:30 1427968 ----a-w- c:\windows\system32\inetcpl.cpl

2013-05-16 22:21:37 142848 ----a-w- c:\windows\system32\ieUnatt.exe

2013-05-16 22:20:30 420864 ----a-w- c:\windows\system32\vbscript.dll

2013-05-16 22:16:57 2382848 ----a-w- c:\windows\system32\mshtml.tlb

2013-05-06 05:06:47 3968872 ----a-w- c:\windows\system32\ntkrnlpa.exe

2013-05-06 05:06:47 3913576 ----a-w- c:\windows\system32\ntoskrnl.exe

2013-04-13 04:45:16 474624 ----a-w- c:\windows\apppatch\AcSpecfc.dll

2013-04-13 04:45:15 2176512 ----a-w- c:\windows\apppatch\AcGenral.dll

2013-04-12 13:45:29 1211752 ----a-w- c:\windows\system32\drivers\ntfs.sys

2013-04-10 05:18:40 728424 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys

2013-04-10 05:18:40 218984 ----a-w- c:\windows\system32\drivers\dxgmms1.sys

.

============= FINISH: 11:22:32,52 ===============

.

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

.

DDS (Ver_2012-11-20.01)

.

Microsoft Windows 7 Professional

Boot Device: \Device\HarddiskVolume1

Install Date: 09/06/2013 18:15:25

System Uptime: 20/06/2013 09:55:53 (2 hours ago)

.

Motherboard: TOSHIBA | | PEQAA

Processor: Intel® Core i7-2670QM CPU @ 2.20GHz | CPU 1 | 2201/400mhz

.

==== Disk Partitions =========================

.

C: is FIXED (NTFS) - 205 GiB total, 100,192 GiB free.

D: is FIXED (NTFS) - 391 GiB total, 390,351 GiB free.

E: is CDROM ()

F: is FIXED (NTFS) - 0 GiB total, 0,07 GiB free.

.

==== Disabled Device Manager Items =============

.

Class GUID:

Description: Controlador USB (Universal Serial Bus)

Device ID: PCI\VEN_1033&DEV_0194&SUBSYS_FC301179&REV_04\4&31F6DD7F&0&00E5

Manufacturer:

Name: Controlador USB (Universal Serial Bus)

PNP Device ID: PCI\VEN_1033&DEV_0194&SUBSYS_FC301179&REV_04\4&31F6DD7F&0&00E5

Service:

.

Class GUID:

Description:

Device ID: ACPI\TOS620A\2&DABA3FF&1

Manufacturer:

Name:

PNP Device ID: ACPI\TOS620A\2&DABA3FF&1

Service:

.

Class GUID:

Description: Controlador de barramento SM

Device ID: PCI\VEN_8086&DEV_1C22&SUBSYS_FC301179&REV_04\3&11583659&0&FB

Manufacturer:

Name: Controlador de barramento SM

PNP Device ID: PCI\VEN_8086&DEV_1C22&SUBSYS_FC301179&REV_04\3&11583659&0&FB

Service:

.

==== System Restore Points ===================

.

RP16: 11/06/2013 23:37:40 - Windows 7 Service Pack 1

RP17: 13/06/2013 09:18:53 - Windows Update

RP18: 16/06/2013 03:00:10 - Windows Update

RP19: 19/06/2013 00:53:18 - Windows Update

.

==== Installed Programs ======================

.

Tools for .Net 3.5

Adobe Anchor Service CS3

Adobe Asset Services CS3

Adobe Bridge CS3

Adobe Bridge Start Meeting

Adobe Camera Raw 4.0

Adobe CMaps

Adobe Color - Photoshop Specific

Adobe Color Common Settings

Adobe Color EU Extra Settings

Adobe Color JA Extra Settings

Adobe Color NA Recommended Settings

Adobe Default Language CS3

Adobe Device Central CS3

Adobe ExtendScript Toolkit 2

Adobe Fonts All

Adobe Help Viewer CS3

Adobe Linguistics CS3

Adobe PDF Library Files

Adobe Photoshop CS3

Adobe Reader XI (11.0.03) - Português

Adobe Setup

Adobe Stock Photos CS3

Adobe Type Support

Adobe Update Manager CS3

Adobe Version Cue CS3 Client

Adobe WinSoft Linguistics Plugin

Adobe XMP Panels CS3

Blend for Visual Studio 2012

Blend for Visual Studio 2012 ENU resources

Dotfuscator and Analytics Community Edition

Entity Framework Designer for Visual Studio 2012 - enu

Google Chrome

Google Update Helper

IIS 8.0 Express

IIS Express Application Compatibility Database for x86

Kaspersky Anti-Virus 2013

LocalESPC

LocalESPCui for en-us

Microsoft .NET Framework 4 Client Profile PTB Language Pack

Microsoft .NET Framework 4 Multi-Targeting Pack

Microsoft .NET Framework 4.5

Microsoft .NET Framework 4.5 Multi-Targeting Pack

Microsoft .NET Framework 4.5 SDK

Microsoft ASP.NET MVC 3

Microsoft ASP.NET MVC 3 - Visual Studio 2012 Tools Update

Microsoft ASP.NET MVC 4 - Visual Studio 2012 Tools

Microsoft ASP.NET MVC 4 Runtime

Microsoft ASP.NET Web Pages

Microsoft ASP.NET Web Pages - Visual Studio 2012 Tools

Microsoft ASP.NET Web Pages 2 - Visual Studio 2012 Tools

Microsoft ASP.NET Web Pages 2 Runtime

Microsoft Help Viewer 2.0

Microsoft LightSwitch for Visual Studio 2012 Core

Microsoft LightSwitch for Visual Studio 2012 CoreRes - ENU

Microsoft NuGet - Visual Studio 2012

Microsoft Office Access MUI (Portuguese (Brazil)) 2007

Microsoft Office Enterprise 2007

Microsoft Office Excel MUI (Portuguese (Brazil)) 2007

Microsoft Office Groove MUI (Portuguese (Brazil)) 2007

Microsoft Office InfoPath MUI (Portuguese (Brazil)) 2007

Microsoft Office OneNote MUI (Portuguese (Brazil)) 2007

Microsoft Office Outlook MUI (Portuguese (Brazil)) 2007

Microsoft Office PowerPoint MUI (Portuguese (Brazil)) 2007

Microsoft Office Proof (English) 2007

Microsoft Office Proof (Portuguese (Brazil)) 2007

Microsoft Office Proof (Spanish) 2007

Microsoft Office Proofing (Portuguese (Brazil)) 2007

Microsoft Office Publisher MUI (Portuguese (Brazil)) 2007

Microsoft Office Shared MUI (Portuguese (Brazil)) 2007

Microsoft Office Word MUI (Portuguese (Brazil)) 2007

Microsoft Portable Library Multi-Targeting Pack

Microsoft Portable Library Multi-Targeting Pack Language Pack - enu

Microsoft Report Viewer Add-On for Visual Studio 2012

Microsoft Silverlight

Microsoft Silverlight 4 SDK

Microsoft Silverlight 5 SDK

Microsoft SQL Server 2012 Command Line Utilities

Microsoft SQL Server 2012 Data-Tier App Framework

Microsoft SQL Server 2012 Express LocalDB

Microsoft SQL Server 2012 Management Objects

Microsoft SQL Server 2012 Native Client

Microsoft SQL Server 2012 T-SQL Language Service

Microsoft SQL Server 2012 Transact-SQL Compiler Service

Microsoft SQL Server 2012 Transact-SQL ScriptDom

Microsoft SQL Server Compact 3.5 Design Tools ENU

Microsoft SQL Server Compact 3.5 ENU

Microsoft SQL Server Compact 4.0 SP1 ENU

Microsoft SQL Server Data Tools - enu (11.1.20627.00)

Microsoft SQL Server Data Tools Build Utilities - enu (11.1.20627.00)

Microsoft SQL Server System CLR Types

Microsoft System CLR Types for SQL Server 2012

Microsoft Visual Basic 2008 Express Edition - ENU

Microsoft Visual C++ 2012 Compilers

Microsoft Visual C++ 2012 Compilers - ENU Resources

Microsoft Visual C++ 2012 Core Libraries

Microsoft Visual C++ 2012 Extended Libraries

Microsoft Visual C++ 2012 Microsoft Foundation Class Libraries

Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727

Microsoft Visual C++ 2012 x86 Debug Runtime - 11.0.50727

Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727

Microsoft Visual Studio 2010 Office Developer Tools (x86)

Microsoft Visual Studio 2010 Tools for Office Runtime (x86)

Microsoft Visual Studio 2012 Devenv

Microsoft Visual Studio 2012 Devenv Resources

Microsoft Visual Studio 2012 Performance Collection Tools

Microsoft Visual Studio 2012 Performance Collection Tools - ENU

Microsoft Visual Studio 2012 Preparation

Microsoft Visual Studio 2012 SharePoint Developer Tools

Microsoft Visual Studio 2012 SharePoint Developer Tools ENU Language Pack

Microsoft Visual Studio 2012 Shell (Minimum)

Microsoft Visual Studio 2012 Shell (Minimum) Interop Assemblies

Microsoft Visual Studio 2012 Shell (Minimum) Resources

Microsoft Visual Studio 2012 Tools for SQL Server Compact 4.0 SP1 ENU

Microsoft Visual Studio Professional 2012

Microsoft Visual Studio Professional 2012 - ENU

Microsoft Visual Studio Team Foundation Server 2012 Object Model

Microsoft Visual Studio Team Foundation Server 2012 Object Model Language Pack - ENU

Microsoft Visual Studio Team Foundation Server 2012 Team Explorer

Microsoft Visual Studio Team Foundation Server 2012 Team Explorer Language Pack - ENU

Microsoft Visual Studio Ultimate 2012 XAML UI Designer Core

Microsoft Visual Studio Ultimate 2012 XAML UI Designer enu Resources

Microsoft Web Deploy 3.0

Microsoft Web Deploy dbSqlPackage Provider - enu

Microsoft Web Developer Tools - Visual Studio 2012

Microsoft Web Platform Installer 4.0

Microsoft Windows SDK for Visual Studio 2008 Express Tools for .NET Framework

Microsoft Windows SDK for Visual Studio 2008 Express Tools for Win32

Notepad++

Pacote de Idiomas do Microsoft .NET Framework 4 Client Profile - Português (Brasil)

PDF Settings

PreEmptive Analytics Visual Studio Components

Prerequisites for SSDT

Realtek WLAN Driver

Security Update for Microsoft .NET Framework 4.5 (KB2737083)

Security Update for Microsoft .NET Framework 4.5 (KB2742613)

Security Update for Microsoft .NET Framework 4.5 (KB2789648)

Security Update for Microsoft .NET Framework 4.5 (KB2804582)

Spyware Terminator 2012

Update for (KB2504637)

Update for Microsoft .NET Framework 4.5 (KB2750147)

Update for Microsoft .NET Framework 4.5 (KB2805221)

Update for Microsoft .NET Framework 4.5 (KB2805226)

USB Disk Security

você Runtimes MSI

Visual Studio Extensions for Windows Library for JavaScript

WCF Data Services 5.0 (for OData v3) Primary Components

WCF Data Services Tools for Microsoft Visual Studio 2012

WCF RIA Services V1.0 SP2

Windows App Certification Kit Native Components

Windows App Certification Kit x86

Windows Runtime Intellisense Content - en-us

Windows Software Development Kit

Windows Software Development Kit DirectX x86 Remote

Windows Software Development Kit for Windows Store Apps

Windows Software Development Kit for Windows Store Apps DirectX x86 Remote

WinRAR 4.20 (32-bit)

.

==== End Of File ===========================

GMER 2.1.19163 - http://www.gmer.net

Rootkit scan 2013-06-20 12:26:23

Windows 6.1.7601 Service Pack 1 \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0 TOSHIBA_MK6475GSX rev.GT001M 596,17GB

Running: gmer.exe; Driver: C:\Users\NATALIA\AppData\Local\Temp\pxliyfow.sys

---- System - GMER 2.1 ----

SSDT \SystemRoot\system32\DRIVERS\klif.sys ZwAdjustPrivilegesToken [0x9169B6BA]

SSDT \SystemRoot\system32\DRIVERS\klif.sys ZwAlpcConnectPort [0x9164EC02]

SSDT \SystemRoot\system32\DRIVERS\klif.sys ZwAlpcCreatePort [0x9164EF4A]

SSDT \SystemRoot\system32\DRIVERS\klif.sys ZwAlpcSendWaitReceivePort [0x9164F390]

SSDT \??\C:\Windows\system32\drivers\sp_rsdrv2.sys ZwClose [0x83BC6444]

SSDT \SystemRoot\system32\DRIVERS\klif.sys ZwConnectPort [0x9164E8DC]

SSDT \SystemRoot\system32\DRIVERS\klif.sys ZwCreateEvent [0x91637804]

SSDT \??\C:\Windows\system32\drivers\sp_rsdrv2.sys ZwCreateFile [0x83BC5C8A]

SSDT \??\C:\Windows\system32\drivers\sp_rsdrv2.sys ZwCreateKey [0x83BC5958]

SSDT \SystemRoot\system32\DRIVERS\klif.sys ZwCreateMutant [0x916376EA]

SSDT \SystemRoot\system32\DRIVERS\klif.sys ZwCreatePort [0x9164EDAE]

SSDT \??\C:\Windows\system32\drivers\sp_rsdrv2.sys ZwCreateSection [0x83BC7520]

SSDT \SystemRoot\system32\DRIVERS\klif.sys ZwCreateSemaphore [0x91637924]

SSDT \SystemRoot\system32\DRIVERS\klif.sys ZwCreateThread [0x9169D9BC]

SSDT \SystemRoot\system32\DRIVERS\klif.sys ZwCreateThreadEx [0x9169DBFC]

SSDT \SystemRoot\system32\DRIVERS\klif.sys ZwCreateUserProcess [0x9169D660]

SSDT \SystemRoot\system32\DRIVERS\klif.sys ZwCreateWaitablePort [0x9164EE7C]

SSDT \SystemRoot\system32\DRIVERS\klif.sys ZwDebugActiveProcess [0x9169D506]

SSDT \??\C:\Windows\system32\drivers\sp_rsdrv2.sys ZwDeleteKey [0x83BC5A68]

SSDT \??\C:\Windows\system32\drivers\sp_rsdrv2.sys ZwDeleteValueKey [0x83BC5B5A]

SSDT \SystemRoot\system32\DRIVERS\klif.sys ZwDeviceIoControlFile [0x916372D0]

SSDT \SystemRoot\system32\DRIVERS\klif.sys ZwDuplicateObject [0x9169B7FC]

SSDT \??\C:\Windows\system32\drivers\sp_rsdrv2.sys ZwLoadDriver [0x83BC6780]

SSDT \SystemRoot\system32\DRIVERS\klif.sys ZwMapViewOfSection [0x9169E320]

SSDT \SystemRoot\system32\DRIVERS\klif.sys ZwNotifyChangeKey [0x9164D06C]

SSDT \SystemRoot\system32\DRIVERS\klif.sys ZwOpenEvent [0x9163789A]

SSDT \??\C:\Windows\system32\drivers\sp_rsdrv2.sys ZwOpenFile [0x83BC5F9C]

SSDT \SystemRoot\system32\DRIVERS\klif.sys ZwOpenMutant [0x9163777A]

SSDT \SystemRoot\system32\DRIVERS\klif.sys ZwOpenProcess [0x9169D0AE]

SSDT \SystemRoot\system32\DRIVERS\klif.sys ZwOpenSection [0x9169E7D4]

SSDT \SystemRoot\system32\DRIVERS\klif.sys ZwOpenSemaphore [0x916379BA]

SSDT \SystemRoot\system32\DRIVERS\klif.sys ZwOpenThread [0x9169D718]

SSDT \SystemRoot\system32\DRIVERS\klif.sys ZwQueryDirectoryObject [0x91637A44]

SSDT \SystemRoot\system32\DRIVERS\klif.sys ZwQueryObject [0x9164D27A]

SSDT \SystemRoot\system32\DRIVERS\klif.sys ZwQueueApcThread [0x9169E1D4]

SSDT \SystemRoot\system32\DRIVERS\klif.sys ZwReplyPort [0x9164F174]

SSDT \SystemRoot\system32\DRIVERS\klif.sys ZwReplyWaitReceivePort [0x9164F002]

SSDT \SystemRoot\system32\DRIVERS\klif.sys ZwReplyWaitReceivePortEx [0x9164F0B8]

SSDT \SystemRoot\system32\DRIVERS\klif.sys ZwRequestWaitReplyPort [0x9164F1E4]

SSDT \SystemRoot\system32\DRIVERS\klif.sys ZwResumeThread [0x9169DEFE]

SSDT \SystemRoot\system32\DRIVERS\klif.sys ZwSecureConnectPort [0x9164EA6A]

SSDT \SystemRoot\system32\DRIVERS\klif.sys ZwSetContextThread [0x9169E05C]

SSDT \??\C:\Windows\system32\drivers\sp_rsdrv2.sys ZwSetInformationFile [0x83BC60D2]

SSDT \SystemRoot\system32\DRIVERS\klif.sys ZwSetInformationToken [0x91637AE6]

SSDT \SystemRoot\system32\DRIVERS\klif.sys ZwSetSystemInformation [0x9169B56E]

SSDT \??\C:\Windows\system32\drivers\sp_rsdrv2.sys ZwSetValueKey [0x83BC577E]

SSDT \SystemRoot\system32\DRIVERS\klif.sys ZwSuspendProcess [0x9169D24E]

SSDT \SystemRoot\system32\DRIVERS\klif.sys ZwSuspendThread [0x9169DDA6]

SSDT \SystemRoot\system32\DRIVERS\klif.sys ZwSystemDebugControl [0x91637AF8]

SSDT \??\C:\Windows\system32\drivers\sp_rsdrv2.sys ZwTerminateProcess [0x83BC66C8]

SSDT \SystemRoot\system32\DRIVERS\klif.sys ZwTerminateThread [0x9169D8B8]

SSDT \SystemRoot\system32\DRIVERS\klif.sys ZwUnmapViewOfSection [0x9169E93C]

SSDT \??\C:\Windows\system32\drivers\sp_rsdrv2.sys ZwWriteFile [0x83BC62BC]

SSDT \SystemRoot\system32\DRIVERS\klif.sys ZwWriteVirtualMemory [0x9169E666]

---- Kernel code sections - GMER 2.1 ----

.text ntkrnlpa.exe!ZwRollbackEnlistment + 140D 82A809F5 1 Byte [06]

.text ntkrnlpa.exe!KiDispatchInterrupt + 5A2 82ABA1F2 19 Bytes [E0, 0F, BA, F0, 07, 73, 09, ...] {LOOPNZ 0x11; MOV EDX, 0x97307f0; MOV CR4, EAX; OR AL, 0x80; MOV CR4, EAX; RET ; MOV ECX, CR3}

.text ntkrnlpa.exe!KeRemoveQueueEx + 10D7 82AC141C 4 Bytes [bA, B6, 69, 91]

.text ntkrnlpa.exe!KeRemoveQueueEx + 10FF 82AC1444 8 Bytes [02, EC, 64, 91, 4A, EF, 64, ...] {ADD CH, AH; XCHG ECX, EAX; DEC EDX; OUT DX, EAX; XCHG ECX, EAX}

.text ntkrnlpa.exe!KeRemoveQueueEx + 1143 82AC1488 4 Bytes [90, F3, 64, 91] {NOP ; XCHG ECX, EAX}

.text ntkrnlpa.exe!KeRemoveQueueEx + 116F 82AC14B4 4 Bytes [44, 64, BC, 83]

.text ntkrnlpa.exe!KeRemoveQueueEx + 1193 82AC14D8 4 Bytes CALL C54CA641

.text ...

? C:\Users\NATALIA\AppData\Local\Temp\mbr.sys O sistema não pode encontrar o arquivo especificado. !

---- Devices - GMER 2.1 ----

AttachedDevice \Driver\tdx \Device\Tcp kltdi.sys

AttachedDevice \Driver\tdx \Device\Udp kltdi.sys

AttachedDevice \Driver\tdx \Device\RawIp kltdi.sys

---- EOF - GMER 2.1 ----

Compartilhar este post


Link para o post
Compartilhar em outros sites

Cara NaK

Recomendo que salve este tópico em seus Favoritos para facilitar na hora de encontrá-lo.

Por favor, atente para o seguinte:

  • Caso fique sem resposta durante 3 dias, me envie uma Mensagem Privada (MP);
  • O que será passado aqui, somente será com relação ao problema do seu computador portanto, não faça mais em nenhum outro;
  • Siga, por favor, atentamente as instruções passadas e em caso de dúvidas não hesite em perguntá-las;
  • Sempre coloque suas respostas neste tópico... Não abra outro!
  • Procure sempre me manter informado, durante a remoção, sobre o que acontece com seu computador.
  • Respeite a ordem das instruções passadas.
  • Observação: Não tome outra medida além das passadas aqui; atente para que, caso peça ajuda em outro fórum, não deixe de nos informar, sob risco de desconfigurar seu computador!

# Etapa nº 1 #

Faça o download do Malwarebytes Anti-Malware:

  • Link1
  • Link alternativo
    • Clique duas vezes em mbam-setup.exe, escolha a linguagem e siga as instruções para o software ser instalado.
    • Certifique-se que esteja marcada a caixa Atualizar Malwarebytes Anti-Malware e Executar Malwarebytes Anti-Malware, e clique em concluir.
    • Se existirem atualizações, elas serão baixadas e instaladas.
    • Quando as atualizações terminarem, abrirá uma janela do programa. Marque "Verificação Rápida", e depois clique no botão Verificar.
    • O scan iniciará e poderá ser demorado. Por favor seja paciente.
    • Quando o scan estiver completo, clique em Ok, depois em Mostrar Resultados para ver o log.
    • Se algo for encontrado, certifique-se que tudo está marcado e clique em Remover.
    • Quando a desinfecção terminar, automaticamente um log surgirá aberto num documento do Bloco de Notas e pode ser questionado para reiniciar o PC. (Leia a nota)
    • O log é automaticamente guardado e pode ser consultado clicando na tab Logs do menu principal.
    • Copie e cole o conteúdo desse log na sua próxima resposta.

Nota: Em infecções mais complicadas, poderá haver a necessidade de reiniciar o PC. Caso lhe seja pedido para reiniciar, por favor, faça-o imediatamente.

Abraços :D

  • Curtir 1

Compartilhar este post


Link para o post
Compartilhar em outros sites

Oi, obrigada pela ajuda Instalei o Malwarebytes, foi encontrada 1 infecção PUP.HackTool.H

Malwarebytes Anti-Malware (Trial) 1.75.0.1300

www.malwarebytes.org

Versão da Base de Dados: v2013.06.21.04

Windows 7 Service Pack 1 x86 NTFS

Internet Explorer 9.0.8112.16421

NATALIA :: NATALIA-PC [administrador]

Proteção: Permitir

21/06/2013 12:40:07

mbam-log-2013-06-21 (12-40-07).txt

Tipo de Verificação: Verificação Rápida

Opções de verificações ativadas: Memória | Inicialização | Registro | Sistema de arquivos | Heurística/Extra | Heurística/Shuriken | PUP | PUM

Opções de verificação desativadas: P2P

Objetos escaneados: 225577

Tempo decorrido: 6 minuto(s), 45 segundo(s)

Processos de Memória Detectados: 0

(Não foram detectados ítens maliciosos)

Módulos de Memória Detectados: 0

(Não foram detectados ítens maliciosos)

Chaves de Registro Detectadas: 0

(Não foram detectados ítens maliciosos)

Valores de Registro Detectadas: 0

(Não foram detectados ítens maliciosos)

Itens de Dados no Registro Detectadas: 0

(Não foram detectados ítens maliciosos)

Pastas Detectadas: 0

(Não foram detectados ítens maliciosos)

Arquivos Detectados: 1

C:\Users\NATALIA\AppData\Local\Temp\Rar$EXa0.005\Windows Loader v2.1.7\Windows Loader.exe (PUP.HackTool.H) -> Enviado para a Quarentena e deletado com sucesso.

(fim)

Compartilhar este post


Link para o post
Compartilhar em outros sites

Cara NaK

Faça o download do Kaspersky AVP Tool de um desses links:

Alternativa 1

Alternativa 2

  • Você será direcionado a uma página da Kaspersky, solicitando um email para cadastro, nome e sobrenome.
  • Somente o campo "email" é obrigatório.
  • Informe seu email depois clique no botão Submit Form.
  • A página será recarregada. Clique no botão Download
  • Salve-o em sua área de trabalho (Desktop).
  • Execute o arquivo e aguarde a instalação.
    • ** Usuários do Windows Vista e Windows 7: Clique com o direito sobre o arquivo, depois clique em Executar como administrador

  • Na tela do contrato de licença, marque a opção I accept the license agreement e depois clique no botão Start.
  • Aparentemente o programa congela e nada acontece. É normal, apenas aguarde até aparecer a tela inicial do programa, e então clique no ícone Settings:

KRT_settings.png

Nesta tela, marque a caixa ao lado de:

  • Meu Computador;
  • Disco local (C:);
  • Marque também todas as unidades que aparecem abaixo de Disco Local, caso houverem;
  • Depois clique na aba Automatic Scan.

KRT_install2_.png

  • De volta à tela inicial do programa, clique no botão Start scanning;
  • Tenha paciência, é um pouco demorado;
  • Quando terminar, caso tenha detectado algo, o programa irá lhe perguntar o que fazer;
  • Marque o quadradinho ao lado de Apply to all objects e depois clique em Skip (queremos apenas o log).

KRT_detection_.png

Uma vez finalizado o scan, proceda da seguinte forma:

  1. Na tela principal, caso tenha sido detectado algo, então salve o log.
  2. Se você fechar o programa e esquecer de salvar o log, terá que repetir todo o scan novamente.
  3. Para salvar o log, clique no ícone Reports (ao lado do ícone "Settings").
  4. Na próxima janela, clique em Detected Threats, depois clique no ícone de disquete para salvar o log.
  5. Escolha um local de fácil acesso e salve como log.txt
  6. Copie todo o conteúdo desse bloco de notas e cole em sua próxima resposta.
  7. Se nada for detectado, então não precisa salvar o log, apenas avise.
  8. Para sair do programa, basta clicar no X no canto superior direito.

Observações:
Enquanto durar o scan, a tela inicial exibirá uma barra de progresso. Quando terminar, o programa exibirá o status concluído e um botão que ficará na cor
laranja
, caso nada tenha sido detectado; e na cor
vermelha
, caso tenha encontrado algo. Caso tenha detectado algo, o programa também exibirá uma tela de alerta, avisando que o seu sistema está desprotegido e sugerindo um produto da Kaspersky. Clique no botão
No, thanks
.

Abraços :D

Compartilhar este post


Link para o post
Compartilhar em outros sites





Sobre o Clube do Hardware

No ar desde 1996, o Clube do Hardware é uma das maiores, mais antigas e mais respeitadas publicações sobre tecnologia do Brasil. Leia mais

Direitos autorais

Não permitimos a cópia ou reprodução do conteúdo do nosso site, fórum, newsletters e redes sociais, mesmo citando-se a fonte. Leia mais

×