Ir ao conteúdo
  • Cadastre-se
KAODIVERSO

Ameaça no Ntuser.dat

Recommended Posts

O Avasta esta sempre identificando a ameaça Win32:Dowloader-SPA[Adw], mas não consegue limpar, apenas mover para quarentena o que altera todo o meu perfil.

Envio somente o Log do DDS, pois o GMER ficou imenso.

.

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

.

DDS (Ver_2012-11-20.01)

.

Microsoft Windows 7 Ultimate

Boot Device: \Device\HarddiskVolume1

Install Date: 20/01/2012 15:56:55

System Uptime: 13/07/2013 19:23:53 (27 hours ago)

.

Motherboard: PHILCO | | 14A5

Processor: Intel® Core i5-2410M CPU @ 2.30GHz | CPU 1 | 2301/400mhz

.

==== Disk Partitions =========================

.

C: is FIXED (NTFS) - 466 GiB total, 76,958 GiB free.

D: is CDROM ()

E: is Removable

F: is CDROM ()

.

==== Disabled Device Manager Items =============

.

Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}

Description: Adaptador de Miniporta WiFi Virtual da Microsoft

Device ID: {5D624F94-8850-40C3-A3FA-A4FD2080BAF3}\VWIFIMP\5&2342E077&0&01

Manufacturer: Microsoft

Name: Adaptador de Miniporta WiFi Virtual da Microsoft

PNP Device ID: {5D624F94-8850-40C3-A3FA-A4FD2080BAF3}\VWIFIMP\5&2342E077&0&01

Service: vwifimp

.

==== System Restore Points ===================

.

RP265: 05/07/2013 05:57:10 - Windows Update

RP266: 09/07/2013 03:28:18 - Windows Update

RP267: 10/07/2013 03:00:29 - Windows Update

RP268: 12/07/2013 11:48:09 - Removed Samsung Kies

.

==== Installed Programs ======================

.

Update for Microsoft Office 2007 (KB2508958)

Adobe Flash Player 11 ActiveX

Adobe Flash Player 11 Plugin

Adobe Reader X (10.1.7) - Português

ArcSoft Panorama Maker 6

Articulate Studio '09 Pro

µTorrent

Atualização de Driver do Windows Mobile Device Center

Atualização do produto Microsoft Office Excel 2007 Help (KB963678)

Atualização do produto Microsoft Office Outlook 2007 Help (KB963677)

Atualização do produto Microsoft Office Powerpoint 2007 Help (KB963669)

Atualização do produto Microsoft Office Word 2007 Help (KB963665)

avast! Free Antivirus

B1 Free Archiver

bcWebCam

CCleaner

Cisco EAP-FAST Module

Cisco LEAP Module

Cisco PEAP Module

ConvertXtoDVD 4.1.19.365

DAP Plug-in for 64 Bit IE

DealPly

doPDF 7.3 printer

Download Accelerator Plus (DAP)

Driver 1.3

DVDFab 8.0.5.6 (05/12/2010)

Facebook Messenger 2.1.4814.0

Facebook Video Calling 1.2.0.287

FileViewPro

FormatFactory 3.0.1

Free Easy Burner V 5.1

Google Chrome

Google Earth

Google Update Helper

Hotfix for Microsoft .NET Framework 4 Client Profile (KB2461678)

I-PowerGate v1.0

IDT Audio

Intel® Management Engine Components

Intel® OpenCL CPU Runtime

Intel® Processor Graphics

IRPF2012 - Declaração de Ajuste Anual, Final de Espólio e Saída Definitiva do País

IRPF2013 - Declaração de Ajuste Anual, Final de Espólio e Saída Definitiva do País

Java 7 Update 25

Java Auto Updater

JavaFX 2.1.1

JDownloader 0.9

JMicron Ethernet Adapter NDIS Driver

JMicron Flash Media Controller Driver

K-Lite Codec Pack 8.1.0 (Full)

L&H TTS3000 Português (Brasil)

Legendas 2.29

Lexmark 1200 Series

Módulo de Segurança - Banco do Brasil

Malwarebytes Anti-Malware versão 1.75.0.1300

Microsoft .NET Framework 4 Client Profile

Microsoft .NET Framework 4 Client Profile PTB Language Pack

Microsoft Office 2007 Service Pack 3 (SP3)

Microsoft Office Access MUI (Portuguese (Brazil)) 2007

Microsoft Office Enterprise 2007

Microsoft Office Excel MUI (Portuguese (Brazil)) 2007

Microsoft Office File Validation Add-In

Microsoft Office Groove MUI (Portuguese (Brazil)) 2007

Microsoft Office InfoPath MUI (Portuguese (Brazil)) 2007

Microsoft Office Office 64-bit Components 2007

Microsoft Office OneNote MUI (Portuguese (Brazil)) 2007

Microsoft Office Outlook MUI (Portuguese (Brazil)) 2007

Microsoft Office PowerPoint MUI (Portuguese (Brazil)) 2007

Microsoft Office Proof (English) 2007

Microsoft Office Proof (Portuguese (Brazil)) 2007

Microsoft Office Proof (Spanish) 2007

Microsoft Office Proofing (Portuguese (Brazil)) 2007

Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)

Microsoft Office Publisher MUI (Portuguese (Brazil)) 2007

Microsoft Office Shared 64-bit MUI (Portuguese (Brazil)) 2007

Microsoft Office Shared MUI (Portuguese (Brazil)) 2007

Microsoft Office Word MUI (Portuguese (Brazil)) 2007

Microsoft Silverlight

Microsoft Visual C++ 2005 Redistributable

Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219

Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219

Mozilla Maintenance Service

Mozilla Thunderbird 17.0 (x86 pt-BR)

MSXML 4.0 SP2 (KB954430)

MSXML 4.0 SP2 (KB973688)

MyFreeCodec

Nikon Message Center 2

Nikon Movie Editor

NTRU TCG Software Stack

Nuvoton SafeKeeper TPM Software

Pacote de Idiomas do Microsoft .NET Framework 4 Client Profile - Português (Brasil)

Picture Control Utility x64

REALTEK Wireless LAN Driver

Receitanet

Samsung Mobile phone USB driver Drive Software

Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2804576)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2835393)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628)

Security Update for Microsoft Office 2007 suites (KB2596615) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2687309) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2687311) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2687439) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2687499) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2760416) 32-Bit Edition

Security Update for Microsoft Office Excel 2007 (KB2687307) 32-Bit Edition

Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition

Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition

Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition

Security Update for Microsoft Office Publisher 2007 (KB2597971) 32-Bit Edition

Security Update for Microsoft Office Word 2007 (KB2760421) 32-Bit Edition

Security Update for Pacote de Idiomas do Microsoft .NET Framework 4 Client Profile - Português (Brasil) (KB2518870)

Skype Click to Call

Skype™ 5.10

System Requirements Lab for Intel

Torrent Episode Downloader

Update for 2007 Microsoft Office System (KB967642)

Update for Microsoft .NET Framework 4 Client Profile (KB2468871)

Update for Microsoft .NET Framework 4 Client Profile (KB2533523)

Update for Microsoft .NET Framework 4 Client Profile (KB2600217)

Update for Microsoft .NET Framework 4 Client Profile (KB2836939)

Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition

Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition

Update for Microsoft Office 2007 suites (KB2596802) 32-Bit Edition

Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition

Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition

Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition

Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition

Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2817563) 32-Bit Edition

USB PC Camera VC305

ViewNX 2

Vimicro USB PC Camera(VC0305)

Webcam 1.5

WinASO RegDefrag 2.6

WinDirStat 1.1.2

Windows Media Player Firefox Plugin

Windows Mobile Device Center

WinRAR 4.10 (64-bit)

.

==== End Of File ===========================

Obrigado

Compartilhar este post


Link para o post
Compartilhar em outros sites

Onde está o log dds.txt? Você postou apenas o attach.txt

Compartilhar este post


Link para o post
Compartilhar em outros sites

OOPPPSSS!

Gerei um novo:

DDS (Ver_2012-11-20.01) - NTFS_AMD64

Internet Explorer: 10.0.9200.16635 BrowserJavaVersion: 10.25.2

Run by Paulo Ricardo at 19:58:31 on 2013-07-15

Microsoft Windows 7 Ultimate 6.1.7601.1.1252.55.1046.18.8103.6151 [GMT -3:00]

.

AV: avast! Antivirus *Enabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}

SP: avast! Antivirus *Enabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}

SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

============== Running Processes ===============

.

C:\Windows\system32\lsm.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\PROGRA~2\GbPlugin\GbpSv.exe

C:\Windows\system32\svchost.exe -k RPCSS

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\svchost.exe -k netsvcs

C:\Program Files\IDT\WDM\STacSV64.exe

C:\Windows\system32\svchost.exe -k GPSvcGroup

C:\Windows\system32\svchost.exe -k NetworkService

C:\Program Files\AVAST Software\Avast\AvastSvc.exe

C:\ProgramData\eSafe\eSafeSvc.exe

C:\ProgramData\eSafe\eGdpSvc.exe

C:\Windows\System32\spoolsv.exe

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

C:\Windows\system32\lxczcoms.exe

C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe

C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe

C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\Windows\system32\svchost.exe -k bthsvcs

C:\Windows\System32\svchost.exe -k secsvcs

C:\Windows\System32\WUDFHost.exe

C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

C:\Program Files (x86)\Google\Update\1.3.21.153\GoogleCrashHandler.exe

C:\Program Files (x86)\Google\Update\1.3.21.153\GoogleCrashHandler64.exe

C:\Windows\system32\svchost.exe -k WindowsMobile

C:\Program Files\Windows Media Player\wmpnetwk.exe

C:\Windows\system32\SearchIndexer.exe

C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe

C:\Windows\system32\taskhost.exe

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe

C:\Program Files\IDT\WDM\sttray64.exe

C:\Program Files (x86)\Lexmark 1200 Series\LXCZbmgr.exe

C:\Windows\System32\igfxtray.exe

C:\Program Files (x86)\Lexmark 1200 Series\lxczbmon.exe

C:\Windows\System32\hkcmd.exe

C:\Windows\system32\taskeng.exe

C:\Windows\System32\igfxpers.exe

C:\Windows\WindowsMobile\wmdc.exe

C:\Program Files\AVAST Software\Avast\AvastUI.exe

C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

C:\Windows\vm305_sti.exe

C:\Windows\System32\svchost.exe -k LocalServicePeerNet

C:\Program Files (x86)\Common Files\Speedbit\SbUpdate\SBUpdate.exe

C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE

C:\Windows\system32\taskeng.exe

C:\Windows\sysWow64\SearchProtocolHost.exe

C:\Windows\system32\SearchFilterHost.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Windows\System32\cscript.exe

.

============== Pseudo HJT Report ===============

.

uStart Page = hxxp://www.bing.com

uSearch Bar = hxxp://www.bing.com

uDefault_Page_URL = hxxp://www.delta-homes.com/?utm_source=b&utm_medium=newgdp&from=newgdp&uid=WDCXWD5000BPVT-00HXZT3_WD-WX81A81W2758W2758&ts=1373038498

mStart Page = hxxp://www.delta-homes.com/?utm_source=b&utm_medium=newgdp&from=newgdp&uid=WDCXWD5000BPVT-00HXZT3_WD-WX81A81W2758W2758&ts=1373038498

mDefault_Page_URL = hxxp://www.delta-homes.com/?utm_source=b&utm_medium=newgdp&from=newgdp&uid=WDCXWD5000BPVT-00HXZT3_WD-WX81A81W2758W2758&ts=1373038498

mWinlogon: Userinit = userinit.exe,

BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll

BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll

BHO: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll

BHO: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

BHO: GbIehObj Class: {C41A1C0E-EA6C-11D4-B1B8-444553540000} - C:\PROGRAM FILES (X86)\GbPlugin\gbieh.dll

BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll

TB: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll

uRun: [Facebook Update] "C:\Users\Paulo Ricardo\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver

uRun: [Google Update] "C:\Users\Paulo Ricardo\AppData\Local\Google\Update\GoogleUpdate.exe" /c

uRun: [AlcoholAutomount] "C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe" -automount

uRun: [] C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe

uRun: [uTorrent] "C:\Program Files (x86)\uTorrent\uTorrent.exe" /MINIMIZED

mRun: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"

mRun: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui

mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

mRun: [Nikon Message Center 2] C:\Program Files (x86)\Nikon\Nikon Message Center 2\NkMC2.exe -s

mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

mRun: [bigDog305] C:\Windows\VM305_STI.EXE USB PC Camera VC305

StartupFolder: C:\Users\PAULOR~1\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\ROLLER~1.LNK - C:\Users\Paulo Ricardo\AppData\Local\Temp\{F6F13D66-123D-49F0-ACBF-8CD327FD812F}\{907B4640-266B-4A21-92FB-CD1A86CD0F63}\ATR1.exe

mPolicies-Explorer: NoActiveDesktop = dword:1

mPolicies-Explorer: NoActiveDesktopChanges = dword:1

mPolicies-System: ConsentPromptBehaviorAdmin = dword:5

mPolicies-System: ConsentPromptBehaviorUser = dword:3

mPolicies-System: EnableUIADesktopToggle = dword:0

IE: &Clean Traces - C:\Program Files (x86)\DAP\Privacy Package\dapcleanerie.htm

IE: &Download with &DAP - C:\Program Files (x86)\DAP\dapextie.htm

IE: Download &all with DAP - C:\Program Files (x86)\DAP\dapextie2.htm

IE: Download with &Media Finder - C:\Program Files (x86)\Media Finder\hook.html

IE: E&xportar para o Microsoft Excel - C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000

IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll

IE: {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll

IE: {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll

IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_21-windows-i586.cab

DPF: {CAFEEFAC-0017-0000-0015-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_15-windows-i586.cab

DPF: {CAFEEFAC-0017-0000-0021-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_21-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_21-windows-i586.cab

DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab

TCP: NameServer = 192.168.254.254 192.168.0.1

TCP: Interfaces\{9B36C3D1-A647-4732-B899-E5F4C3792160} : DHCPNameServer = 192.168.254.254

TCP: Interfaces\{B6BB5175-CACD-4F59-9F49-C6CDA148D86B} : DHCPNameServer = 192.168.254.254 192.168.0.1

TCP: Interfaces\{B6BB5175-CACD-4F59-9F49-C6CDA148D86B}\259636162746F613 : DHCPNameServer = 192.168.254.254

TCP: Interfaces\{B6BB5175-CACD-4F59-9F49-C6CDA148D86B}\46C696E6B6 : DHCPNameServer = 192.168.0.1

Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll

Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll

Name-Space Handler: ftp\ZDA - {5BFA1DAF-5EDC-11D2-959E-00C00C02DA5E} - C:\Program Files (x86)\DAP\dapie.dll

Name-Space Handler: http\ZDA - {5BFA1DAF-5EDC-11D2-959E-00C00C02DA5E} - C:\Program Files (x86)\DAP\dapie.dll

Notify: GbPluginBb - C:\Program Files (x86)\GbPlugin\gbieh.dll

SSODL: WebCheck - <orphaned>

SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll

SEH: GbPluginObj Class - {E37CB5F0-51F5-4395-A808-5FA49E399F83} - C:\PROGRAM FILES (X86)\GbPlugin\gbieh.dll

x64-mStart Page = hxxp://www.delta-homes.com/?utm_source=b&utm_medium=newgdp&from=newgdp&uid=WDCXWD5000BPVT-00HXZT3_WD-WX81A81W2758W2758&ts=1373038498

x64-mDefault_Page_URL = hxxp://www.delta-homes.com/?utm_source=b&utm_medium=newgdp&from=newgdp&uid=WDCXWD5000BPVT-00HXZT3_WD-WX81A81W2758W2758&ts=1373038498

x64-BHO: avast! WebRep: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll

x64-TB: avast! WebRep: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll

x64-Run: [sysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe

x64-Run: [lxczbmgr.exe] "C:\Program Files (x86)\Lexmark 1200 Series\lxczbmgr.exe"

x64-Run: [igfxTray] C:\Windows\System32\igfxtray.exe

x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe

x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe

x64-Run: [Windows Mobile Device Center] C:\Windows\WindowsMobile\wmdc.exe

x64-Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - <orphaned>

x64-Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - <orphaned>

x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>

x64-Name-Space Handler: ftp\ZDA - {5BFA1DAF-5EDC-11D2-959E-00C00C02DA5E} - C:\Program Files (x86)\DAP\dapie64.dll

x64-Name-Space Handler: http\ZDA - {5BFA1DAF-5EDC-11D2-959E-00C00C02DA5E} - C:\Program Files (x86)\DAP\dapie64.dll

x64-Notify: igfxcui - igfxdev.dll

x64-SSODL: WebCheck - <orphaned>

.

============= SERVICES / DRIVERS ===============

.

R0 aswRvrt;aswRvrt;C:\Windows\System32\drivers\aswRvrt.sys [2013-3-18 65336]

R0 aswVmm;aswVmm;C:\Windows\System32\drivers\aswVmm.sys [2013-3-18 189936]

R1 aswSnx;aswSnx;C:\Windows\System32\drivers\aswSnx.sys [2012-1-20 1030952]

R1 aswSP;aswSP;C:\Windows\System32\drivers\aswSP.sys [2012-1-20 378944]

R2 aswFsBlk;aswFsBlk;C:\Windows\System32\drivers\aswFsBlk.sys [2012-1-20 33400]

R2 aswMonFlt;aswMonFlt;C:\Windows\System32\drivers\aswMonFlt.sys [2012-1-20 80816]

R2 avast! Antivirus;avast! Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2013-5-15 46808]

R2 eSafeSvc;eSafe Service;C:\ProgramData\eSafe\eSafeSvc.exe [2013-6-5 360512]

R2 GbpSv;Gbp Service;C:\PROGRA~2\GbPlugin\GbpSv.exe [2013-6-1 410152]

R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-1-21 418376]

R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2013-1-21 701512]

R2 SoilIO;SoilIO;C:\Windows\System32\drivers\SoilIO.sys [2009-12-11 17912]

R2 StarWindServiceAE;StarWind AE Service;C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [2009-12-23 370688]

R2 UNS;Intel® Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2012-1-20 2655768]

R2 WsysSvc;Wsys Service;C:\ProgramData\eSafe\eGdpSvc.exe [2013-7-5 386112]

R3 IntcDAud;Áudio do vídeo Intel®;C:\Windows\System32\drivers\IntcDAud.sys [2011-12-6 331264]

R3 JMCR;JMCR;C:\Windows\System32\drivers\jmcr.sys [2010-11-29 173656]

R3 JME;JMicron Ethernet Adapter NDIS6.20 Driver (Amd64 Bits);C:\Windows\System32\drivers\JME.sys [2010-11-10 131600]

R3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2013-1-21 25928]

R3 rtl8192se;Realtek Wireless LAN 802.11n PCI-E NIC NT Driver;C:\Windows\System32\drivers\rtl8192se.sys [2010-5-21 1108000]

R3 soilkbc;soilkbc;C:\Windows\System32\drivers\Soilkbc.sys [2009-12-3 13816]

R3 SoilMC;SoilMC;C:\Windows\System32\drivers\SoilMC.sys [2009-12-3 13304]

S2 AxAutoMntSrv;Alcohol Virtual Drive Auto-mount Service;C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe [2012-1-5 75624]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]

S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]

S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-7-13 160944]

S3 dmvsc;dmvsc;C:\Windows\System32\drivers\dmvsc.sys [2010-11-21 71168]

S3 FsUsbExDisk;FsUsbExDisk;C:\Windows\SysWOW64\FsUsbExDisk.Sys [2013-2-17 37344]

S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2013-6-5 19456]

S3 Synth3dVsc;Synth3dVsc;C:\Windows\System32\drivers\Synth3dVsc.sys [2010-11-21 88960]

S3 terminpt;Microsoft Remote Desktop Input Driver;C:\Windows\System32\drivers\terminpt.sys [2013-6-5 29696]

S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2013-6-5 57856]

S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2013-6-5 30208]

S3 tsusbhub;tsusbhub;C:\Windows\System32\drivers\tsusbhub.sys [2010-11-21 117248]

S3 vvftav;vvftav;C:\Windows\System32\drivers\vvftav.sys [2013-6-6 300800]

S3 WatAdminSvc;Serviço de Tecnologias de Ativação do Windows;C:\Windows\System32\Wat\WatAdminSvc.exe [2012-1-20 1255736]

S3 ZSMC0305;USB PC Camera VC305;C:\Windows\System32\drivers\usbVM305.sys [2013-6-6 1541120]

.

=============== Created Last 30 ================

.

2013-07-15 08:17:45 76232 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{E0BDAB92-5F43-4069-BAA4-B0FA64DDD489}\offreg.dll

2013-07-15 02:45:22 -------- dc----w- C:\Windows\System32\MRT

2013-07-12 22:33:48 9552976 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{E0BDAB92-5F43-4069-BAA4-B0FA64DDD489}\mpengine.dll

2013-07-12 19:40:09 31088 -c--a-w- C:\Windows\SysWow64\drivers\gbpndisrd.sys

2013-07-09 21:50:23 571904 ----a-w- C:\Program Files\Windows Defender\MpClient.dll

2013-07-09 21:50:23 392704 ----a-w- C:\Program Files (x86)\Windows Defender\MpClient.dll

2013-07-09 21:50:23 314880 ----a-w- C:\Program Files\Windows Defender\MpCommu.dll

2013-07-09 21:50:23 1011712 ----a-w- C:\Program Files\Windows Defender\MpSvc.dll

2013-07-09 21:50:22 9216 ----a-w- C:\Program Files (x86)\Windows Defender\MpAsDesc.dll

2013-07-09 21:50:22 54784 ----a-w- C:\Program Files (x86)\Windows Defender\MpOAV.dll

2013-07-09 21:50:22 4608 ----a-w- C:\Program Files (x86)\Windows Defender\MsMpLics.dll

2013-07-09 21:50:20 624128 ----a-w- C:\Windows\System32\qedit.dll

2013-07-09 21:50:20 509440 ----a-w- C:\Windows\SysWow64\qedit.dll

2013-07-09 21:50:19 1887744 ----a-w- C:\Windows\System32\WMVDECOD.DLL

2013-07-09 21:50:19 1620480 ----a-w- C:\Windows\SysWow64\WMVDECOD.DLL

2013-07-09 21:47:43 3153920 ----a-w- C:\Windows\System32\win32k.sys

2013-07-09 21:47:41 1732608 ----a-w- C:\Program Files\Windows Journal\NBDoc.DLL

2013-07-09 21:47:41 1393152 ----a-w- C:\Program Files\Windows Journal\JNTFiltr.dll

2013-07-09 21:47:41 1367040 ----a-w- C:\Program Files\Common Files\Microsoft Shared\ink\journal.dll

2013-07-09 21:47:40 936448 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\ink\journal.dll

2013-07-09 21:47:40 1402880 ----a-w- C:\Program Files\Windows Journal\JNWDRV.dll

2013-07-09 21:45:18 1643520 ----a-w- C:\Windows\System32\DWrite.dll

2013-07-09 21:45:18 1247744 ----a-w- C:\Windows\SysWow64\DWrite.dll

2013-07-09 21:42:58 -------- dc----w- C:\ProgramData\boost_interprocess

2013-07-09 21:39:17 720082 -c--a-w- C:\Users\Paulo Ricardo\AppData\Roaming\unins000.exe

2013-07-09 21:39:17 -------- dc----w- C:\Users\Paulo Ricardo\AppData\Local\GAS Tecnologia

2013-07-09 21:39:17 -------- dc----w- C:\ProgramData\GAS Tecnologia

2013-06-19 21:00:18 96168 -c--a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll

.

==================== Find3M ====================

.

2013-07-12 21:20:56 71048 -c--a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl

2013-07-12 21:20:56 692104 -c--a-w- C:\Windows\SysWow64\FlashPlayerApp.exe

2013-07-10 06:09:48 89600 ----a-w- C:\Windows\System32\RegisterIEPKEYs.exe

2013-07-10 06:09:48 71680 ----a-w- C:\Windows\SysWow64\RegisterIEPKEYs.exe

2013-07-10 06:09:48 67072 ----a-w- C:\Windows\System32\iesetup.dll

2013-07-10 06:09:48 61440 ----a-w- C:\Windows\SysWow64\iesetup.dll

2013-07-10 06:09:48 3958784 ----a-w- C:\Windows\System32\jscript9.dll

2013-07-10 06:09:48 2877440 ----a-w- C:\Windows\SysWow64\jscript9.dll

2013-07-10 06:09:48 2706432 ----a-w- C:\Windows\SysWow64\mshtml.tlb

2013-07-10 06:09:48 2706432 ----a-w- C:\Windows\System32\mshtml.tlb

2013-07-10 06:09:48 2241024 ----a-w- C:\Windows\System32\wininet.dll

2013-07-10 06:09:48 1767936 ----a-w- C:\Windows\SysWow64\wininet.dll

2013-07-10 06:09:48 136704 ----a-w- C:\Windows\System32\iesysprep.dll

2013-07-10 06:09:48 109056 ----a-w- C:\Windows\SysWow64\iesysprep.dll

2013-06-27 19:54:14 189936 -c--a-w- C:\Windows\System32\drivers\aswVmm.sys

2013-06-27 19:54:14 1030952 ----a-w- C:\Windows\System32\drivers\aswSnx.sys

2013-06-13 01:39:57 1910632 ----a-w- C:\Windows\System32\drivers\tcpip.sys

2013-06-13 01:37:18 751104 ----a-w- C:\Windows\System32\win32spl.dll

2013-06-13 01:37:18 492544 ----a-w- C:\Windows\SysWow64\win32spl.dll

2013-06-13 01:37:14 30720 ----a-w- C:\Windows\System32\cryptdlg.dll

2013-06-13 01:37:14 24576 ----a-w- C:\Windows\SysWow64\cryptdlg.dll

2013-06-13 01:37:04 1424384 ----a-w- C:\Windows\System32\WindowsCodecs.dll

2013-06-13 01:37:04 1230336 ----a-w- C:\Windows\SysWow64\WindowsCodecs.dll

2013-06-13 01:36:56 903168 ----a-w- C:\Windows\SysWow64\certutil.exe

2013-06-13 01:36:56 52224 ----a-w- C:\Windows\System32\certenc.dll

2013-06-13 01:36:56 43008 ----a-w- C:\Windows\SysWow64\certenc.dll

2013-06-13 01:36:56 184320 ----a-w- C:\Windows\System32\cryptsvc.dll

2013-06-13 01:36:56 1464320 ----a-w- C:\Windows\System32\crypt32.dll

2013-06-13 01:36:56 140288 ----a-w- C:\Windows\SysWow64\cryptsvc.dll

2013-06-13 01:36:56 139776 ----a-w- C:\Windows\System32\cryptnet.dll

2013-06-13 01:36:56 1192448 ----a-w- C:\Windows\System32\certutil.exe

2013-06-13 01:36:56 1160192 ----a-w- C:\Windows\SysWow64\crypt32.dll

2013-06-13 01:36:56 103936 ----a-w- C:\Windows\SysWow64\cryptnet.dll

2013-06-13 01:36:30 1887232 ----a-w- C:\Windows\System32\d3d11.dll

2013-06-13 01:36:30 1505280 ----a-w- C:\Windows\SysWow64\d3d11.dll

2013-06-13 00:48:23 867240 -c--a-w- C:\Windows\SysWow64\npDeployJava1.dll

2013-06-13 00:48:17 789416 -c--a-w- C:\Windows\SysWow64\deployJava1.dll

2013-06-06 01:24:00 773712 -c--a-w- C:\Windows\SysWow64\msvcr100.dll

2013-06-06 01:24:00 420944 -c--a-w- C:\Windows\SysWow64\msvcp100.dll

2013-06-04 04:18:13 73728 ----a-w- C:\Windows\SysWow64\SetIEInstalledDate.exe

2013-06-04 04:16:32 9728 ---ha-w- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll

2013-05-27 00:10:41 106496 -c--a-w- C:\Windows\SysWow64\ATL71.DLL

2013-05-18 06:34:29 70144 ----a-w- C:\Windows\System32\appinfo.dll

2013-05-18 06:34:29 1930752 ----a-w- C:\Windows\System32\authui.dll

2013-05-18 06:34:29 1796096 ----a-w- C:\Windows\SysWow64\authui.dll

2013-05-18 06:34:29 111448 ----a-w- C:\Windows\System32\consent.exe

2013-05-17 00:16:47 983400 ----a-w- C:\Windows\System32\drivers\dxgkrnl.sys

2013-05-17 00:16:47 265064 ----a-w- C:\Windows\System32\drivers\dxgmms1.sys

2013-05-17 00:16:47 144384 ----a-w- C:\Windows\System32\cdd.dll

2013-05-17 00:16:38 474624 ----a-w- C:\Windows\apppatch\AcSpecfc.dll

2013-05-17 00:16:38 350208 ----a-w- C:\Windows\apppatch\AppPatch64\AcLayers.dll

2013-05-17 00:16:38 308736 ----a-w- C:\Windows\apppatch\AppPatch64\AcGenral.dll

2013-05-17 00:16:38 2176512 ----a-w- C:\Windows\apppatch\AcGenral.dll

2013-05-17 00:16:38 135168 ----a-w- C:\Windows\apppatch\AppPatch64\AcXtrnal.dll

2013-05-17 00:16:38 111104 ----a-w- C:\Windows\apppatch\AppPatch64\acspecfc.dll

2013-05-17 00:16:30 48640 ----a-w- C:\Windows\System32\wwanprotdim.dll

2013-05-17 00:16:30 230400 ----a-w- C:\Windows\System32\wwansvc.dll

2013-05-16 00:36:00 4096000 -c--a-w- C:\Program Files (x86)\GUT8567.tmp

2013-05-09 08:59:07 72016 ----a-w- C:\Windows\System32\drivers\aswRdr2.sys

2013-05-09 08:59:07 65336 -c--a-w- C:\Windows\System32\drivers\aswRvrt.sys

2013-05-09 08:59:06 80816 ----a-w- C:\Windows\System32\drivers\aswMonFlt.sys

2013-05-09 08:58:37 41664 -c--a-w- C:\Windows\avastSS.scr

2013-05-08 12:52:48 49536 -c--a-w- C:\Windows\SysWow64\drivers\gbpkm.sys

2013-05-02 05:06:08 278800 -c----w- C:\Windows\System32\MpSigStub.exe

2013-04-29 06:00:38 1656680 ----a-w- C:\Windows\System32\drivers\ntfs.sys

2013-04-18 06:00:37 223752 ----a-w- C:\Windows\System32\drivers\fvevol.sys

2013-04-18 06:00:28 6656 ----a-w- C:\Windows\SysWow64\apisetschema.dll

2013-04-18 06:00:28 5550424 ----a-w- C:\Windows\System32\ntoskrnl.exe

2013-04-18 06:00:28 43520 ----a-w- C:\Windows\System32\csrsrv.dll

2013-04-18 06:00:28 3968856 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe

2013-04-18 06:00:28 3913560 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe

2013-04-18 06:00:28 112640 ----a-w- C:\Windows\System32\smss.exe

.

============= FINISH: 19:59:25,18 ===============

[ ]'s

Compartilhar este post


Link para o post
Compartilhar em outros sites

Configure o Windows para mostrar todos os arquivos

Acesse este site: http://virustotal.com/

Em Choose File coloque: C:\Windows\vm305_sti.exe

Em seguida clique em Submit

Copie e poste o resultado deste exame.

Compartilhar este post


Link para o post
Compartilhar em outros sites

Amigo, existe muita informação mas nenhum link para copiá-las?!!??!

Como deverei fazê-lo?

Obs.: este arquivo tem haver com uma Webcam USB que precisei instalar no Laptop.

[ ]'s

Compartilhar este post


Link para o post
Compartilhar em outros sites

Baixe o Kaspersky AVP Tool de um desses 2 links:

http://devbuilds.kaspersky-labs.com/devbuilds/AVPTool/

http://dnl-us6.kaspersky-labs.com/devbuilds/AVPTool/

Você será conduzido a uma página da Kaspersky, solicitando um email para cadastro, nome e sobrenome. Somente o campo "email" é obrigatório.

Informe seu email depois clique no botão Submit Form.

A página será recarregada. Clique no botão Download

Salve-o em sua área de trabalho.

Execute o arquivo e aguarde a instalação.

** Usuários do Windows Vista e Windows 7:

Clique com o direito sobre o arquivo, depois clique em Executar como administrador

Na tela do contrato de licença, marque a opção I accept the license agreement e depois clique no botão Start. Aparentemente o programa congela e nada acontece. É normal, apenas aguarde até aparecer a tela inicial do programa, e então clique no ícone Settings:

KRT_settings.png

Nesta tela, marque a caixa ao lado de:

  • Meu Computador
  • Disco local (C:)

Marque também todas as unidades que aparecem abaixo de Disco Local, caso houverem. Depois clique na aba Automatic Scan

KRT_install2_.png

De volta à tela inicial do programa, clique no botão Start scanning

Tenha paciência, é um pouco demorado.

Quando terminar, caso tenha detectado algo, o programa irá lhe perguntar o que fazer.

Marque o quadradinho ao lado de Apply to all objects e depois clique em Skip (queremos apenas o log).

KRT_detection_.png

Enquanto durar o exame, a tela inicial exibirá uma barra de progresso. Quando terminar, o programa exibirá o status concluído e um botão que ficará na cor laranja, caso nada tenha sido detectado, e na cor vermelha, caso tenha encontrado algo.

Caso tenha detectado algo, o programa também exibirá uma tela de alerta, avisando que o seu sistema está desprotegido e sugerindo um produto da Kaspersky. Clique no botão No, thanks.

De volta à tela principal, caso tenha sido detectado algo, então salve o log. Se você fechar o programa e esquecer de salvar o log, terá que repetir todo o scan novamente.

Para salvar o log, clique no ícone Reports (ao lado do ícone "Settings"). Na próxima janela, clique em Detected Threats, depois clique no ícone de disquete para salvar o log.

Escolha um local de fácil acesso e salve como log.txt

Copie todo o conteúdo desse bloco de notas e cole na sua próxima resposta.

Se nada for detectado, então não precisa salvar o log. Apenas poste aqui avisando.

Para sair do programa, basta clicar no X no canto superior direito.

Compartilhar este post


Link para o post
Compartilhar em outros sites





Sobre o Clube do Hardware

No ar desde 1996, o Clube do Hardware é uma das maiores, mais antigas e mais respeitadas publicações sobre tecnologia do Brasil. Leia mais

Direitos autorais

Não permitimos a cópia ou reprodução do conteúdo do nosso site, fórum, newsletters e redes sociais, mesmo citando-se a fonte. Leia mais

×