Ir ao conteúdo
  • Comunicados

    • diego_moicano

      Gostaria de se tornar um analista em Remoção de Malware?   07-12-2015

      Gostaria de se tornar um analista em Remoção de Malware? O Fórum Clube do Hardware deu início a um programa de treinamento em análises de log. Os interessados deverão enviar um email para aprendizes (arroba) clubedohardware (ponto) com (ponto) br respondendo as seguintes perguntas: Por que você gostaria de aprender a analisar logs? Possui tempo hábil para o treinamento? Tem conhecimentos em informática? Se sim descreva-os. Possui inglês para leitura? Qual seu objetivo após completar o treinamento?   Não se esqueça de incluir no e-mail o seu nome de usuário (fornecer o link também), idade e cidade onde vive. Adicione também qualquer experiência e/ou razão sobre o porquê você seria um bom Analista. É digno de nota que apenas os que forem selecionados receberão resposta por MP (Mensagem Pessoal), não existe um padrão na escolha dos futuros aprendizes, todos os e-mails serão lidos e serão analisados de forma imparcial, portanto não será permitido reclamações neste aspecto. O treinamento é dado no próprio fórum. Quando um aprendiz é selecionado ele é movido para um novo grupo, onde terá acesso a fóruns fechados para os demais usuários onde poderá dar inicio ao seu treinamento. Importante: A cada 30 dias os e-mails não selecionados serão apagados, portanto você pode enviar um novo e-mail após 1 mês, e-mails enviados antes serão desconsiderados.  
    • Gabriel Torres

      Seja um moderador do Clube do Hardware!   12-02-2016

      Prezados membros do Clube do Hardware, Está aberto o processo de seleção de novos moderadores para diversos setores ou áreas do Clube do Hardware. Os requisitos são:   Pelo menos 500 posts e um ano de cadastro; Boa frequência de participação; Ser respeitoso, cordial e educado com os demais membros; Ter bom nível de português; Ter razoável conhecimento da área em que pretende atuar; Saber trabalhar em equipe (com os moderadores, coordenadores e administradores).   Os interessados deverão enviar uma mensagem privada para o usuário @Equipe Clube do Hardware com o título "Candidato a moderador". A mensagem deverá conter respostas às perguntas abaixo:   Qual o seu nome completo? Qual sua data de nascimento? Qual sua formação/profissão? Já atuou como moderador em algo outro fórum, se sim, qual? De forma sucinta, explique o porquê de querer ser moderador do fórum e conte-nos um pouco sobre você.   OBS: Não se trata de função remunerada. Todos que fazem parte do staff são voluntários.
jeff23ctba

Pagina falsa do bradesco

Recommended Posts

Ola, recentemente estou com dificuldade de abrir a pagina do bradesco, agora quando tento abrir, ele pede sempre a mesma sequencia numerica,, e dai eu digito uma sequencia errada, e ele aceita e dai pede para cadastrar os dados novamente, entrei em contato com o banco e me falaram q isso nao existe, então deve se tratar de um virus ou algo assim, segue abaixo os log, desde ja agradeco a ajuda:

DDS (Ver_2012-11-20.01) - NTFS_AMD64

Internet Explorer: 10.0.9200.16521 BrowserJavaVersion: 1.6.0_35

Run by jefferson at 13:12:53 on 2013-07-25

Microsoft Windows 7 Home Premium 6.1.7601.1.1252.55.1046.18.3892.2328 [GMT -3:00]

.

AV: ESET Smart Security 6.0 *Disabled/Updated* {77DEAFED-8149-104B-25A1-21771CA47CD1}

SP: ESET Smart Security 6.0 *Disabled/Updated* {CCBF4E09-A773-1FC5-1F11-1A056723366C}

SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

FW: Firewall pessoal da ESET *Disabled* {4FE52EC8-CB26-1113-0EFE-8842E2773BAA}

.

============== Running Processes ===============

.

C:\windows\system32\lsm.exe

C:\windows\system32\svchost.exe -k DcomLaunch

C:\windows\system32\nvvsvc.exe

C:\windows\system32\svchost.exe -k RPCSS

C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\windows\system32\svchost.exe -k LocalService

C:\windows\system32\svchost.exe -k netsvcs

C:\windows\system32\svchost.exe -k GPSvcGroup

C:\windows\system32\svchost.exe -k NetworkService

C:\windows\System32\spoolsv.exe

C:\windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

C:\windows\system32\nvvsvc.exe

C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe

C:\Program Files (x86)\Samsung\USB Drivers\26_VIA_driver2\amd64\VIAService.exe

C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe

C:\ProgramData\DatacardService\HWDeviceService64.exe

C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe

C:\Program Files (x86)\Scpad\scpVista.exe

C:\windows\system32\svchost.exe -k imgsvc

C:\windows\System32\svchost.exe -k secsvcs

C:\windows\system32\SearchIndexer.exe

C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

C:\windows\system32\taskhost.exe

C:\windows\system32\Dwm.exe

C:\windows\Explorer.EXE

C:\ProgramData\DatacardService\DCSHelper.exe

C:\Program Files\ESET\ESET Smart Security\egui.exe

C:\Users\jefferson\AppData\Local\Google\Update\GoogleUpdate.exe

C:\Program Files (x86)\USB Camera2\VM332_STI.EXE

C:\Program Files (x86)\Lenovo\VeriFace\PManage.exe

C:\USBStorage\USBDetector.exe

C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\Program Files\Windows Media Player\wmpnetwk.exe

C:\windows\System32\svchost.exe -k LocalServicePeerNet

C:\windows\system32\taskeng.exe

C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe

C:\windows\system32\wuauclt.exe

C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe

C:\windows\system32\svchost.exe -k SDRSVC

C:\Program Files (x86)\ManyCam\Bin\ManyCam.exe

C:\Users\jefferson\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\jefferson\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\jefferson\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\jefferson\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\jefferson\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\jefferson\AppData\Local\Google\Chrome\Application\chrome.exe

C:\windows\system32\wbem\wmiprvse.exe

C:\windows\System32\cscript.exe

.

============== Pseudo HJT Report ===============

.

uStart Page = hxxp://www.google.com.br/

uSearch Bar = Preserve

BHO: ssh2 Class: {2E3C3651-B19C-4DD9-A979-901EC3E930AF} - C:\Program Files (x86)\Scpad\scpsssh2.dll

BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - <orphaned>

BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll

BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll

BHO: Auxiliar de Conexão do Windows Live: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL

BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll

uRun: [Google Update] "C:\Users\jefferson\AppData\Local\Google\Update\GoogleUpdate.exe" /c

mRun: [332BigDog] C:\Program Files (x86)\USB Camera2\VM332_STI.EXE

mRun: [VeriFaceManager] C:\Program Files (x86)\Lenovo\VeriFace\PManage.exe

mRun: [uSBDetector] C:\USBStorage\USBDetector.exe

mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

mRun: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"

dRunOnce: [WLStart] "C:\Program Files (x86)\Windows Live\Installer\wlstart.exe" /nosearch /nohomepage

mPolicies-System: ConsentPromptBehaviorAdmin = dword:5

mPolicies-System: ConsentPromptBehaviorUser = dword:3

mPolicies-System: EnableUIADesktopToggle = dword:0

IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll

IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}

IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab

DPF: {9EC30204-384D-11D3-9CA3-00A024F0AF03} - hxxps://cpne.bradesco.com.br/certifexp.cab

DPF: {CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab

DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab

TCP: NameServer = 108.168.162.143 8.8.8.8

TCP: Interfaces\{32492925-49CE-4227-BE43-DFF9988761EF} : DHCPNameServer = 108.168.162.143 8.8.8.8

TCP: Interfaces\{32492925-49CE-4227-BE43-DFF9988761EF}\0514E444F4C464F4 : DHCPNameServer = 192.168.254.254 192.168.254.254

TCP: Interfaces\{32492925-49CE-4227-BE43-DFF9988761EF}\34C696E6963616 : DHCPNameServer = 10.1.1.1 10.1.1.1

TCP: Interfaces\{32492925-49CE-4227-BE43-DFF9988761EF}\E4F4943535 : DHCPNameServer = 192.168.1.1

Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL

Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll

Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll

AppInit_DLLs= C:\Windows\SysWOW64\nvinit.dll

SSODL: CompIBBrd - {A3717295-941D-416F-9384-ED1736729F1C} - C:\Program Files (x86)\Scpad\scpLIB.dll

STS: compIB Class - {A3717295-941D-416F-9384-ED1736729F1C} - C:\Program Files (x86)\Scpad\scpLIB.dll

SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll

x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL

x64-Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice

x64-IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm

x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL

x64-Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - <orphaned>

x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>

x64-Notify: igfxcui - igfxdev.dll

.

================= FIREFOX ===================

.

FF - ProfilePath - C:\Users\jefferson\AppData\Roaming\Mozilla\Firefox\Profiles\7v02snz1.default\

FF - prefs.js: browser.startup.homepage - hxxp://www.google.com.br/

FF - prefs.js: network.proxy.type - 0

FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL

FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL

FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll

FF - plugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll

FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrlui.dll

FF - plugin: C:\Users\jefferson\AppData\Local\Google\Update\1.3.21.135\npGoogleUpdate3.dll

FF - plugin: C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_180.dll

FF - plugin: C:\windows\SysWOW64\npdeployJava1.dll

FF - plugin: C:\windows\SysWOW64\npmproxy.dll

.

---- FIREFOX POLICIES ----

FF - user.js: extensions.autoDisableScopes - 10

============= SERVICES / DRIVERS ===============

.

R0 epfwwfp;epfwwfp;C:\windows\System32\drivers\epfwwfp.sys [2012-11-28 57904]

R0 LHDmgr;LHDmgr;C:\windows\System32\drivers\LhdX64.sys [2010-7-1 39008]

R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;C:\windows\System32\drivers\dtsoftbus01.sys [2012-1-30 283200]

R1 eamonm;eamonm;C:\windows\System32\drivers\eamonm.sys [2012-10-8 211344]

R1 EpfwLWF;Epfw NDIS LightWeight Filter;C:\windows\System32\drivers\EpfwLWF.sys [2012-10-8 59440]

R2 CDMA Device Service;CDMA Device Service;C:\Program Files (x86)\Samsung\USB Drivers\26_VIA_driver2\amd64\VIAService.exe [2011-9-23 159232]

R2 cpuz135;cpuz135;C:\windows\System32\drivers\cpuz135_x64.sys [2012-4-8 21992]

R2 ekrn;ESET Service;C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe [2012-11-26 1329304]

R2 HWDeviceService64.exe;HWDeviceService64.exe;C:\ProgramData\DatacardService\HWDeviceService64.exe -/service --> C:\ProgramData\DatacardService\HWDeviceService64.exe -/service [?]

R2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-7-1 13336]

R2 scpVista;scpVista;C:\Program Files (x86)\Scpad\scpVista.exe [2013-4-24 360624]

R3 ACPIVPC;Lenovo Virtual Power Controller Driver;C:\windows\System32\drivers\AcpiVpc.sys [2010-7-1 28176]

R3 clwvd;CyberLink WebCam Virtual Driver;C:\windows\System32\drivers\clwvd.sys [2011-1-11 31088]

R3 huawei_enumerator;huawei_enumerator;C:\windows\System32\drivers\ew_jubusenum.sys [2011-12-27 86016]

R3 Impcd;Impcd;C:\windows\System32\drivers\Impcd.sys [2010-5-16 158976]

R3 IntcDAud;Áudio do vídeo Intel®;C:\windows\System32\drivers\IntcDAud.sys [2010-5-16 271872]

R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;C:\windows\System32\drivers\L1C62x64.sys [2010-3-2 75304]

R3 ManyCam;ManyCam Virtual Webcam;C:\windows\System32\drivers\mcvidrv_x64.sys [2013-6-1 44928]

R3 mcaudrv_simple;ManyCam Virtual Microphone;C:\windows\System32\drivers\mcaudrv_x64.sys [2012-10-11 28160]

R3 wdmirror;wdmirror;C:\windows\System32\drivers\WDMirror.sys [2010-7-1 11280]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]

S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]

S2 ReadyComm.DirectRouter;ReadyComm.DirectRouter;C:\windows\System32\IgrsSvcs.exe -k IgrsSvcs --> C:\windows\System32\IgrsSvcs.exe -k IgrsSvcs [?]

S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-6-21 162408]

S3 androidusb;SAMSUNG Android Composite ADB Interface Driver;C:\windows\System32\drivers\ssadadb.sys [2011-9-23 36328]

S3 Bridge0;Bridge0;C:\windows\System32\drivers\WDBridge.sys [2010-7-1 79376]

S3 btusbflt;Bluetooth USB Filter;C:\windows\System32\drivers\btusbflt.sys [2010-2-2 53800]

S3 btwl2cap;Bluetooth L2CAP Service;C:\windows\System32\drivers\btwl2cap.sys [2010-7-1 35104]

S3 CoordinatorServiceHost;SW Distributed TS Coordinator Service;C:\Program Files\SolidWorks Corp\SolidWorks\swScheduler\DTSCoordinatorService.exe [2011-9-27 89160]

S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);C:\windows\System32\drivers\ssudbus.sys [2012-9-19 102368]

S3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2012-12-2 1431888]

S3 Futuremark SystemInfo Service;Futuremark SystemInfo Service;C:\Program Files (x86)\Futuremark\Futuremark SystemInfo\FMSISvc.exe [2011-9-21 130976]

S3 huawei_cdcacm;huawei_cdcacm;C:\windows\System32\drivers\ew_jucdcacm.sys [2011-12-27 98816]

S3 IGRS;IGRS;C:\Program Files (x86)\Lenovo\ReadyComm\common\IGRS.exe [2009-7-14 38152]

S3 k57nd60a;Broadcom NetLink Gigabit Ethernet - NDIS 6.0;C:\windows\System32\drivers\k57nd60a.sys [2009-6-10 270848]

S3 Lenovo ReadyComm AppSvc;Lenovo ReadyComm AppSvc;C:\Program Files\Lenovo\ReadyComm\AppSvc.exe [2010-7-1 509192]

S3 Lenovo ReadyComm ConnSvc;Lenovo ReadyComm ConnSvc;C:\Program Files\Lenovo\ReadyComm\ConnSvc.exe [2010-7-1 579400]

S3 netw5v64;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;C:\windows\System32\drivers\netw5v64.sys [2009-6-10 5434368]

S3 PS_MDP;ReadyComm Presentation Space Helper Service;C:\windows\System32\IgrsSvcs.exe -k IgrsSvcs --> C:\windows\System32\IgrsSvcs.exe -k IgrsSvcs [?]

S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\windows\System32\drivers\rdpvideominiport.sys [2012-12-10 19456]

S3 Remote Solver for Flow Simulation 2012;Remote Solver for Flow Simulation 2012;C:\Program Files\SolidWorks Corp\SolidWorks Flow Simulation\binCFW\StandAloneSlv.exe [2011-8-17 109624]

S3 Revoflt;Revoflt;C:\windows\System32\drivers\revoflt.sys [2012-1-5 31800]

S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\windows\System32\drivers\RtsUStor.sys [2010-7-1 220672]

S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);C:\windows\System32\drivers\ssadbus.sys [2011-9-23 157672]

S3 ssadmdfl;SAMSUNG Android USB Modem (Filter);C:\windows\System32\drivers\ssadmdfl.sys [2011-9-23 16872]

S3 ssadmdm;SAMSUNG Android USB Modem Drivers;C:\windows\System32\drivers\ssadmdm.sys [2011-9-23 177640]

S3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM);C:\windows\System32\drivers\ssadserd.sys [2011-9-23 146920]

S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);C:\windows\System32\drivers\ssudmdm.sys [2012-9-19 203104]

S3 TsUsbFlt;TsUsbFlt;C:\windows\System32\drivers\TsUsbFlt.sys [2012-12-10 57856]

S3 vm332avs;Lenovo Camera2;C:\windows\System32\drivers\vm332avs.sys [2010-7-1 220400]

S3 WatAdminSvc;Serviço de Tecnologias de Ativação do Windows;C:\windows\System32\Wat\WatAdminSvc.exe [2011-9-22 1255736]

S3 wsvd;wsvd;C:\windows\System32\drivers\wsvd.sys [2009-7-21 121840]

.

=============== Created Last 30 ================

.

2013-07-13 12:03:21 -------- d--h--w- C:\Program Files (x86)\InstallJammer Registry

2013-07-13 12:03:17 -------- d-----w- C:\Arquivos de Programas RFB

2013-06-27 13:51:05 -------- d--h--w- C:\Program Files (x86)\Common Files\EAInstaller

2013-06-27 13:00:09 -------- d-----w- C:\Users\jefferson\AppData\Roaming\Origin

2013-06-27 13:00:09 -------- d-----w- C:\Program Files (x86)\Origin Games

2013-06-27 12:59:58 -------- d-----w- C:\Users\jefferson\AppData\Local\Origin

2013-06-27 11:10:28 -------- d-----w- C:\ProgramData\Origin

2013-06-27 11:10:27 -------- d-----w- C:\ProgramData\Electronic Arts

2013-06-27 11:10:16 -------- d-----w- C:\Program Files (x86)\Origin

.

==================== Find3M ====================

.

2013-07-05 13:48:44 71048 ----a-w- C:\windows\SysWow64\FlashPlayerCPLApp.cpl

2013-07-05 13:48:44 692104 ----a-w- C:\windows\SysWow64\FlashPlayerApp.exe

.

============= FINISH: 13:13:46,98 ===============

.

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

.

DDS (Ver_2012-11-20.01)

.

Microsoft Windows 7 Home Premium

Boot Device: \Device\HarddiskVolume1

Install Date: 21/09/2011 13:28:04

System Uptime: 25/07/2013 05:49:33 (8 hours ago)

.

Motherboard: Lenovo | | LL1

Processor: Intel® Core i5 CPU M 480 @ 2.67GHz | CPU 1 | 2373/133mhz

.

==== Disk Partitions =========================

.

C: is FIXED (NTFS) - 420 GiB total, 267,453 GiB free.

D: is FIXED (NTFS) - 30 GiB total, 28,374 GiB free.

F: is CDROM ()

.

==== Disabled Device Manager Items =============

.

Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}

Description: Adaptador de Miniporta WiFi Virtual da Microsoft

Device ID: {5D624F94-8850-40C3-A3FA-A4FD2080BAF3}\VWIFIMP\5&31B5F917&0&01

Manufacturer: Microsoft

Name: Adaptador de Miniporta WiFi Virtual da Microsoft

PNP Device ID: {5D624F94-8850-40C3-A3FA-A4FD2080BAF3}\VWIFIMP\5&31B5F917&0&01

Service: vwifimp

.

Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1}

Description: epfwwfp

Device ID: ROOT\LEGACY_EPFWWFP\0000

Manufacturer:

Name: epfwwfp

PNP Device ID: ROOT\LEGACY_EPFWWFP\0000

Service: epfwwfp

.

Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}

Description: avast! Firewall NDIS Filter Miniport

Device ID: ROOT\SW_ASWNDISMP\0000

Manufacturer: ALWIL Software

Name: avast! Firewall NDIS Filter Miniport

PNP Device ID: ROOT\SW_ASWNDISMP\0000

Service: aswNdis

.

==== System Restore Points ===================

.

RP200: 04/06/2013 21:17:24 - Revo Uninstaller Pro's restore point - Skype™ 6.3

RP201: 04/06/2013 21:18:18 - Removed Skype™ 6.3

RP202: 21/06/2013 12:39:43 - Ponto de Verificação Agendado

RP204: 21/06/2013 14:19:22 - Revo Uninstaller Pro's restore point - Ares Music

RP205: 27/06/2013 10:49:58 - DirectX instalado

RP206: 06/07/2013 14:58:22 - Ponto de Verificação Agendado

RP207: 17/07/2013 12:31:56 - Ponto de Verificação Agendado

.

==== Installed Programs ======================

.

Update for Microsoft Office 2007 (KB2508958)

Adobe Flash Player 11 ActiveX

Adobe Flash Player 11 Plugin

Adobe Reader X (10.1.7)

AIDA64 Extreme Edition v1.70

ALPS Touch Pad Driver

Angry Birds Space

Ares 2.2.4

Assistente de Conexão do Windows Live

Atheros Communications Inc.® AR81Family Gigabit/Fast Ethernet Driver

Atualização do produto Microsoft Office Excel 2007 Help (KB963678)

Atualização do produto Microsoft Office Outlook 2007 Help (KB963677)

Atualização do produto Microsoft Office Powerpoint 2007 Help (KB963669)

Atualização do produto Microsoft Office Word 2007 Help (KB963665)

Audacity 1.3.13 (Unicode)

Camtasia Studio 8

CCleaner

CPUID HWMonitor 1.19

DAEMON Tools Lite

Energy Management

ESET Smart Security

EVEREST Ultimate Edition v5.50

Ferramenta de Carregamento do Windows Live

FormatFactory 3.0.1

Foxit PDF Editor

Fraps (remove only)

Futuremark SystemInfo

Google Chrome

Google SketchUp 8

Intel® Control Center

Intel® Graphics Media Accelerator Driver

Intel® Rapid Storage Technology

IRPF2013 - Declaração de Ajuste Anual, Final de Espólio e Saída Definitiva do País

Java Auto Updater

Java 6 Update 35

Lenovo Bluetooth with Enhanced Data Rate Software

Lenovo DirectShare

Lenovo EasyCamera

Lenovo MuteSync

Lenovo OneKey Recovery

Lenovo ReadyComm 5

Lenovo ReadyComm 5.0 Service

Lenovo YouCam

Lenovo_Wireless_Driver

ManyCam 3.1.53

Messenger Plus!

Microsoft .NET Framework 4 Client Profile

Microsoft .NET Framework 4 Client Profile PTB Language Pack

Microsoft Application Error Reporting

Microsoft Choice Guard

Microsoft Games for Windows - LIVE Redistributable

Microsoft Games for Windows Marketplace

Microsoft Office 2003 Web Components

Microsoft Office 2007 Service Pack 3 (SP3)

Microsoft Office Access MUI (English) 2007

Microsoft Office Access MUI (Portuguese (Brazil)) 2007

Microsoft Office Access Setup Metadata MUI (English) 2007

Microsoft Office Enterprise 2007

Microsoft Office Excel MUI (English) 2007

Microsoft Office Excel MUI (Portuguese (Brazil)) 2007

Microsoft Office Groove MUI (English) 2007

Microsoft Office Groove MUI (Portuguese (Brazil)) 2007

Microsoft Office Groove Setup Metadata MUI (English) 2007

Microsoft Office InfoPath MUI (English) 2007

Microsoft Office InfoPath MUI (Portuguese (Brazil)) 2007

Microsoft Office Language Pack 2007 - Portuguese/Português (Brasil)

Microsoft Office O MUI (Portuguese (Brazil)) 2007

Microsoft Office Office 64-bit Components 2007

Microsoft Office Office 64-bit Components 2010

Microsoft Office OneNote MUI (English) 2007

Microsoft Office OneNote MUI (Portuguese (Brazil)) 2007

Microsoft Office Outlook MUI (English) 2007

Microsoft Office Outlook MUI (Portuguese (Brazil)) 2007

Microsoft Office PowerPoint MUI (English) 2007

Microsoft Office PowerPoint MUI (Portuguese (Brazil)) 2007

Microsoft Office Proof (English) 2007

Microsoft Office Proof (English) 2010

Microsoft Office Proof (French) 2007

Microsoft Office Proof (Portuguese (Brazil)) 2007

Microsoft Office Proof (Portuguese (Brazil)) 2010

Microsoft Office Proof (Spanish) 2007

Microsoft Office Proof (Spanish) 2010

Microsoft Office Proofing (English) 2007

Microsoft Office Proofing (Portuguese (Brazil)) 2007

Microsoft Office Proofing (Portuguese (Brazil)) 2010

Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)

Microsoft Office Publisher MUI (English) 2007

Microsoft Office Publisher MUI (Portuguese (Brazil)) 2007

Microsoft Office ScreenTip Language 2010 - Português

Microsoft Office Shared 64-bit MUI (English) 2007

Microsoft Office Shared 64-bit MUI (Portuguese (Brazil)) 2007

Microsoft Office Shared 64-bit MUI (Portuguese (Brazil)) 2010

Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007

Microsoft Office Shared MUI (English) 2007

Microsoft Office Shared MUI (Portuguese (Brazil)) 2007

Microsoft Office Shared MUI (Portuguese (Brazil)) 2010

Microsoft Office Shared Setup Metadata MUI (English) 2007

Microsoft Office SharePoint Designer 2007 Service Pack 3 (SP3)

Microsoft Office SharePoint Designer MUI (Portuguese (Brazil)) 2007

Microsoft Office Visio 2010

Microsoft Office Visio MUI (Portuguese (Brazil)) 2010

Microsoft Office Word MUI (English) 2007

Microsoft Office Word MUI (Portuguese (Brazil)) 2007

Microsoft Office X MUI (Portuguese (Brazil)) 2007

Microsoft Silverlight

Microsoft Visio Premium 2010

Microsoft Visual C++ 2005 Redistributable

Microsoft Visual C++ 2005 Redistributable (x64)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219

Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219

Microsoft Visual Studio 2005 Remote Debugger Light (x64) - ENU

Microsoft Visual Studio 2005 Tools for Applications - ENU

Mozilla Firefox 19.0 (x86 pt-BR)

Mozilla Maintenance Service

MPC-HC 1.6.6.6957 (3975d54)

MSVCRT

MSXML 4.0 SP2 (KB954430)

MSXML 4.0 SP2 (KB973688)

NVIDIA Drivers

NVIDIA PhysX

NVIDIA Updatus

Onekey Theater

OpenAL

Origin

Pacote de Driver do Windows - Lenovo (ACPIVPC) System (10/19/2009 5.4.0.1)

Pacote de Idiomas do Microsoft .NET Framework 4 Client Profile - Português (Brasil)

Power2Go

Realtek High Definition Audio Driver

Realtek USB 2.0 Card Reader

RealWorld Cursor Editor

Revo Uninstaller Pro 2.5.7

Samsung Kies

SAMSUNG USB Driver for Mobile Phones

Security Update for CAPICOM (KB931906)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)

Security Update for Pacote de Idiomas do Microsoft .NET Framework 4 Client Profile - Português (Brasil) (KB2478663)

Security Update for Pacote de Idiomas do Microsoft .NET Framework 4 Client Profile - Português (Brasil) (KB2518870)

Shine Video To Audio Converter 3.05.16

SimCity™

Simpo PDF to Word

Skype™ 6.6

SolidWorks 2012 x64 Edition SP0

SolidWorks 2012 x64 Portuguese Brazilian Resources

SolidWorks eDrawings 2012 x64 Edition SP0

SolidWorks Explorer 2012 SP0 x64 Edition

SolidWorks Flow Simulation 2012 SP0 x64 Edition

SpeedFan (remove only)

Sweet Home 3D version 3.3

Update for 2007 Microsoft Office System (KB967642)

Update for Microsoft .NET Framework 4 Client Profile (KB2468871)

Update for Microsoft .NET Framework 4 Client Profile (KB2533523)

Update for Microsoft .NET Framework 4 Client Profile (KB2600217)

Update for Microsoft Office 2007 Help for Common Features (KB963673)

Update for Microsoft Office Access 2007 Help (KB963663)

Update for Microsoft Office Excel 2007 Help (KB963678)

Update for Microsoft Office Infopath 2007 Help (KB963662)

Update for Microsoft Office OneNote 2007 Help (KB963670)

Update for Microsoft Office Outlook 2007 Help (KB963677)

Update for Microsoft Office Powerpoint 2007 Help (KB963669)

Update for Microsoft Office Publisher 2007 Help (KB963667)

Update for Microsoft Office Script Editor Help (KB963671)

Update for Microsoft Office Word 2007 Help (KB963665)

Update for Outlook 2007 Junk Email Filter (KB2596560)

Update Manager for SweetPacks 1.1

VeriFace

Vivo - Guia Vivo Internet versão 1.0

VIVO INTERNET

Windows Driver Package - Broadcom Bluetooth (07/30/2009 6.2.0.9405)

Windows Driver Package - Broadcom Bluetooth (12/01/2009 6.2.0.9411)

Windows Driver Package - Broadcom HIDClass (07/28/2009 6.2.0.9800)

Windows Live Call

Windows Live Communications Platform

Windows Live Essentials

Windows Live Messenger

WinRAR 4.00 (64-bit)

WinRAR 4.01 (32-bit)

.

==== End Of File ===========================

GMER 2.1.19163 - http://www.gmer.net

Rootkit scan 2013-07-25 14:00:58

Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-0 rev. 0,00MB

Running: gmer.exe; Driver: C:\Users\JEFFER~1\AppData\Local\Temp\kftdauob.sys

---- User code sections - GMER 2.1 ----

.text C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe[1752] C:\windows\syswow64\kernel32.dll!SetUnhandledExceptionFilter 00000000755f87b1 4 bytes [C2, 04, 00, 00]

.text C:\Users\jefferson\AppData\Local\Google\Chrome\Application\chrome.exe[5032] C:\windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000075dc1465 2 bytes [DC, 75]

.text C:\Users\jefferson\AppData\Local\Google\Chrome\Application\chrome.exe[5032] C:\windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 0000000075dc14bb 2 bytes [DC, 75]

.text ... * 2

? C:\windows\system32\mssprxy.dll [5032] entry point in ".rdata" section 00000000708d71e6

.text C:\Users\jefferson\AppData\Local\Google\Chrome\Application\chrome.exe[4996] C:\windows\SysWOW64\ntdll.dll!NtSetInformationThread + 5 00000000773df991 7 bytes {MOV EDX, 0xd90a28; JMP RDX}

.text C:\Users\jefferson\AppData\Local\Google\Chrome\Application\chrome.exe[4996] C:\windows\SysWOW64\ntdll.dll!NtOpenThreadToken + 5 00000000773dfbd5 7 bytes {MOV EDX, 0xd90a68; JMP RDX}

.text C:\Users\jefferson\AppData\Local\Google\Chrome\Application\chrome.exe[4996] C:\windows\SysWOW64\ntdll.dll!NtOpenProcess + 5 00000000773dfc05 7 bytes {MOV EDX, 0xd909a8; JMP RDX}

.text C:\Users\jefferson\AppData\Local\Google\Chrome\Application\chrome.exe[4996] C:\windows\SysWOW64\ntdll.dll!NtSetInformationFile + 5 00000000773dfc1d 7 bytes {MOV EDX, 0xd90928; JMP RDX}

.text C:\Users\jefferson\AppData\Local\Google\Chrome\Application\chrome.exe[4996] C:\windows\SysWOW64\ntdll.dll!NtMapViewOfSection + 5 00000000773dfc35 7 bytes {MOV EDX, 0xd90b28; JMP RDX}

.text C:\Users\jefferson\AppData\Local\Google\Chrome\Application\chrome.exe[4996] C:\windows\SysWOW64\ntdll.dll!NtUnmapViewOfSection + 5 00000000773dfc65 7 bytes {MOV EDX, 0xd90b68; JMP RDX}

.text C:\Users\jefferson\AppData\Local\Google\Chrome\Application\chrome.exe[4996] C:\windows\SysWOW64\ntdll.dll!NtOpenThreadTokenEx + 5 00000000773dfce5 7 bytes {MOV EDX, 0xd90ae8; JMP RDX}

.text C:\Users\jefferson\AppData\Local\Google\Chrome\Application\chrome.exe[4996] C:\windows\SysWOW64\ntdll.dll!NtOpenProcessTokenEx + 5 00000000773dfcfd 7 bytes {MOV EDX, 0xd90aa8; JMP RDX}

.text C:\Users\jefferson\AppData\Local\Google\Chrome\Application\chrome.exe[4996] C:\windows\SysWOW64\ntdll.dll!NtOpenFile + 5 00000000773dfd49 7 bytes {MOV EDX, 0xd90868; JMP RDX}

.text C:\Users\jefferson\AppData\Local\Google\Chrome\Application\chrome.exe[4996] C:\windows\SysWOW64\ntdll.dll!NtQueryAttributesFile + 5 00000000773dfe41 7 bytes {MOV EDX, 0xd908a8; JMP RDX}

.text C:\Users\jefferson\AppData\Local\Google\Chrome\Application\chrome.exe[4996] C:\windows\SysWOW64\ntdll.dll!NtCreateFile + 5 00000000773e0099 7 bytes {MOV EDX, 0xd90828; JMP RDX}

.text C:\Users\jefferson\AppData\Local\Google\Chrome\Application\chrome.exe[4996] C:\windows\SysWOW64\ntdll.dll!NtOpenProcessToken + 5 00000000773e10a5 7 bytes {MOV EDX, 0xd909e8; JMP RDX}

.text C:\Users\jefferson\AppData\Local\Google\Chrome\Application\chrome.exe[4996] C:\windows\SysWOW64\ntdll.dll!NtOpenThread + 5 00000000773e111d 7 bytes {MOV EDX, 0xd90968; JMP RDX}

.text C:\Users\jefferson\AppData\Local\Google\Chrome\Application\chrome.exe[4996] C:\windows\SysWOW64\ntdll.dll!NtQueryFullAttributesFile + 5 00000000773e1321 7 bytes {MOV EDX, 0xd908e8; JMP RDX}

.text C:\Users\jefferson\AppData\Local\Google\Chrome\Application\chrome.exe[4996] C:\windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000075dc1465 2 bytes [DC, 75]

.text C:\Users\jefferson\AppData\Local\Google\Chrome\Application\chrome.exe[4996] C:\windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 0000000075dc14bb 2 bytes [DC, 75]

.text ... * 2

.text C:\Users\jefferson\AppData\Local\Google\Chrome\Application\chrome.exe[4468] C:\windows\SysWOW64\ntdll.dll!NtSetInformationThread + 5 00000000773df991 7 bytes {MOV EDX, 0xb92228; JMP RDX}

.text C:\Users\jefferson\AppData\Local\Google\Chrome\Application\chrome.exe[4468] C:\windows\SysWOW64\ntdll.dll!NtOpenThreadToken + 5 00000000773dfbd5 7 bytes {MOV EDX, 0xb92268; JMP RDX}

.text C:\Users\jefferson\AppData\Local\Google\Chrome\Application\chrome.exe[4468] C:\windows\SysWOW64\ntdll.dll!NtOpenProcess + 5 00000000773dfc05 7 bytes {MOV EDX, 0xb921a8; JMP RDX}

.text C:\Users\jefferson\AppData\Local\Google\Chrome\Application\chrome.exe[4468] C:\windows\SysWOW64\ntdll.dll!NtSetInformationFile + 5 00000000773dfc1d 7 bytes {MOV EDX, 0xb92128; JMP RDX}

.text C:\Users\jefferson\AppData\Local\Google\Chrome\Application\chrome.exe[4468] C:\windows\SysWOW64\ntdll.dll!NtMapViewOfSection + 5 00000000773dfc35 7 bytes {MOV EDX, 0xb92328; JMP RDX}

.text C:\Users\jefferson\AppData\Local\Google\Chrome\Application\chrome.exe[4468] C:\windows\SysWOW64\ntdll.dll!NtUnmapViewOfSection + 5 00000000773dfc65 7 bytes {MOV EDX, 0xb92368; JMP RDX}

.text C:\Users\jefferson\AppData\Local\Google\Chrome\Application\chrome.exe[4468] C:\windows\SysWOW64\ntdll.dll!NtOpenThreadTokenEx + 5 00000000773dfce5 7 bytes {MOV EDX, 0xb922e8; JMP RDX}

.text C:\Users\jefferson\AppData\Local\Google\Chrome\Application\chrome.exe[4468] C:\windows\SysWOW64\ntdll.dll!NtOpenProcessTokenEx + 5 00000000773dfcfd 7 bytes {MOV EDX, 0xb922a8; JMP RDX}

.text C:\Users\jefferson\AppData\Local\Google\Chrome\Application\chrome.exe[4468] C:\windows\SysWOW64\ntdll.dll!NtOpenFile + 5 00000000773dfd49 7 bytes {MOV EDX, 0xb92068; JMP RDX}

.text C:\Users\jefferson\AppData\Local\Google\Chrome\Application\chrome.exe[4468] C:\windows\SysWOW64\ntdll.dll!NtQueryAttributesFile + 5 00000000773dfe41 7 bytes {MOV EDX, 0xb920a8; JMP RDX}

.text C:\Users\jefferson\AppData\Local\Google\Chrome\Application\chrome.exe[4468] C:\windows\SysWOW64\ntdll.dll!NtCreateFile + 5 00000000773e0099 7 bytes {MOV EDX, 0xb92028; JMP RDX}

.text C:\Users\jefferson\AppData\Local\Google\Chrome\Application\chrome.exe[4468] C:\windows\SysWOW64\ntdll.dll!NtOpenProcessToken + 5 00000000773e10a5 7 bytes {MOV EDX, 0xb921e8; JMP RDX}

.text C:\Users\jefferson\AppData\Local\Google\Chrome\Application\chrome.exe[4468] C:\windows\SysWOW64\ntdll.dll!NtOpenThread + 5 00000000773e111d 7 bytes {MOV EDX, 0xb92168; JMP RDX}

.text C:\Users\jefferson\AppData\Local\Google\Chrome\Application\chrome.exe[4468] C:\windows\SysWOW64\ntdll.dll!NtQueryFullAttributesFile + 5 00000000773e1321 7 bytes {MOV EDX, 0xb920e8; JMP RDX}

.text C:\Users\jefferson\AppData\Local\Google\Chrome\Application\chrome.exe[4468] C:\windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000075dc1465 2 bytes [DC, 75]

.text C:\Users\jefferson\AppData\Local\Google\Chrome\Application\chrome.exe[4468] C:\windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 0000000075dc14bb 2 bytes [DC, 75]

.text ... * 2

.text C:\Users\jefferson\AppData\Local\Google\Chrome\Application\chrome.exe[3136] C:\windows\SysWOW64\ntdll.dll!NtSetInformationThread + 5 00000000773df991 7 bytes {MOV EDX, 0xd1a628; JMP RDX}

.text C:\Users\jefferson\AppData\Local\Google\Chrome\Application\chrome.exe[3136] C:\windows\SysWOW64\ntdll.dll!NtOpenThreadToken + 5 00000000773dfbd5 7 bytes {MOV EDX, 0xd1a668; JMP RDX}

.text C:\Users\jefferson\AppData\Local\Google\Chrome\Application\chrome.exe[3136] C:\windows\SysWOW64\ntdll.dll!NtOpenProcess + 5 00000000773dfc05 7 bytes {MOV EDX, 0xd1a5a8; JMP RDX}

.text C:\Users\jefferson\AppData\Local\Google\Chrome\Application\chrome.exe[3136] C:\windows\SysWOW64\ntdll.dll!NtSetInformationFile + 5 00000000773dfc1d 7 bytes {MOV EDX, 0xd1a528; JMP RDX}

.text C:\Users\jefferson\AppData\Local\Google\Chrome\Application\chrome.exe[3136] C:\windows\SysWOW64\ntdll.dll!NtMapViewOfSection + 5 00000000773dfc35 7 bytes {MOV EDX, 0xd1a728; JMP RDX}

.text C:\Users\jefferson\AppData\Local\Google\Chrome\Application\chrome.exe[3136] C:\windows\SysWOW64\ntdll.dll!NtUnmapViewOfSection + 5 00000000773dfc65 7 bytes {MOV EDX, 0xd1a768; JMP RDX}

.text C:\Users\jefferson\AppData\Local\Google\Chrome\Application\chrome.exe[3136] C:\windows\SysWOW64\ntdll.dll!NtOpenThreadTokenEx + 5 00000000773dfce5 7 bytes {MOV EDX, 0xd1a6e8; JMP RDX}

.text C:\Users\jefferson\AppData\Local\Google\Chrome\Application\chrome.exe[3136] C:\windows\SysWOW64\ntdll.dll!NtOpenProcessTokenEx + 5 00000000773dfcfd 7 bytes {MOV EDX, 0xd1a6a8; JMP RDX}

.text C:\Users\jefferson\AppData\Local\Google\Chrome\Application\chrome.exe[3136] C:\windows\SysWOW64\ntdll.dll!NtOpenFile + 5 00000000773dfd49 7 bytes {MOV EDX, 0xd1a468; JMP RDX}

.text C:\Users\jefferson\AppData\Local\Google\Chrome\Application\chrome.exe[3136] C:\windows\SysWOW64\ntdll.dll!NtQueryAttributesFile + 5 00000000773dfe41 7 bytes {MOV EDX, 0xd1a4a8; JMP RDX}

.text C:\Users\jefferson\AppData\Local\Google\Chrome\Application\chrome.exe[3136] C:\windows\SysWOW64\ntdll.dll!NtCreateFile + 5 00000000773e0099 7 bytes {MOV EDX, 0xd1a428; JMP RDX}

.text C:\Users\jefferson\AppData\Local\Google\Chrome\Application\chrome.exe[3136] C:\windows\SysWOW64\ntdll.dll!NtOpenProcessToken + 5 00000000773e10a5 7 bytes {MOV EDX, 0xd1a5e8; JMP RDX}

.text C:\Users\jefferson\AppData\Local\Google\Chrome\Application\chrome.exe[3136] C:\windows\SysWOW64\ntdll.dll!NtOpenThread + 5 00000000773e111d 7 bytes {MOV EDX, 0xd1a568; JMP RDX}

.text C:\Users\jefferson\AppData\Local\Google\Chrome\Application\chrome.exe[3136] C:\windows\SysWOW64\ntdll.dll!NtQueryFullAttributesFile + 5 00000000773e1321 7 bytes {MOV EDX, 0xd1a4e8; JMP RDX}

.text C:\Users\jefferson\AppData\Local\Google\Chrome\Application\chrome.exe[3136] C:\windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000075dc1465 2 bytes [DC, 75]

.text C:\Users\jefferson\AppData\Local\Google\Chrome\Application\chrome.exe[3136] C:\windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 0000000075dc14bb 2 bytes [DC, 75]

.text ... * 2

.text C:\Users\jefferson\AppData\Local\Google\Chrome\Application\chrome.exe[4320] C:\windows\SysWOW64\ntdll.dll!NtSetInformationThread + 5 00000000773df991 7 bytes {MOV EDX, 0x46ae28; JMP RDX}

.text C:\Users\jefferson\AppData\Local\Google\Chrome\Application\chrome.exe[4320] C:\windows\SysWOW64\ntdll.dll!NtOpenThreadToken + 5 00000000773dfbd5 7 bytes {MOV EDX, 0x46ae68; JMP RDX}

.text C:\Users\jefferson\AppData\Local\Google\Chrome\Application\chrome.exe[4320] C:\windows\SysWOW64\ntdll.dll!NtOpenProcess + 5 00000000773dfc05 7 bytes {MOV EDX, 0x46ada8; JMP RDX}

.text C:\Users\jefferson\AppData\Local\Google\Chrome\Application\chrome.exe[4320] C:\windows\SysWOW64\ntdll.dll!NtSetInformationFile + 5 00000000773dfc1d 7 bytes {MOV EDX, 0x46ad28; JMP RDX}

.text C:\Users\jefferson\AppData\Local\Google\Chrome\Application\chrome.exe[4320] C:\windows\SysWOW64\ntdll.dll!NtMapViewOfSection + 5 00000000773dfc35 7 bytes {MOV EDX, 0x46af28; JMP RDX}

.text C:\Users\jefferson\AppData\Local\Google\Chrome\Application\chrome.exe[4320] C:\windows\SysWOW64\ntdll.dll!NtUnmapViewOfSection + 5 00000000773dfc65 7 bytes {MOV EDX, 0x46af68; JMP RDX}

.text C:\Users\jefferson\AppData\Local\Google\Chrome\Application\chrome.exe[4320] C:\windows\SysWOW64\ntdll.dll!NtOpenThreadTokenEx + 5 00000000773dfce5 7 bytes {MOV EDX, 0x46aee8; JMP RDX}

.text C:\Users\jefferson\AppData\Local\Google\Chrome\Application\chrome.exe[4320] C:\windows\SysWOW64\ntdll.dll!NtOpenProcessTokenEx + 5 00000000773dfcfd 7 bytes {MOV EDX, 0x46aea8; JMP RDX}

.text C:\Users\jefferson\AppData\Local\Google\Chrome\Application\chrome.exe[4320] C:\windows\SysWOW64\ntdll.dll!NtOpenFile + 5 00000000773dfd49 7 bytes {MOV EDX, 0x46ac68; JMP RDX}

.text C:\Users\jefferson\AppData\Local\Google\Chrome\Application\chrome.exe[4320] C:\windows\SysWOW64\ntdll.dll!NtQueryAttributesFile + 5 00000000773dfe41 7 bytes {MOV EDX, 0x46aca8; JMP RDX}

.text C:\Users\jefferson\AppData\Local\Google\Chrome\Application\chrome.exe[4320] C:\windows\SysWOW64\ntdll.dll!NtCreateFile + 5 00000000773e0099 7 bytes {MOV EDX, 0x46ac28; JMP RDX}

.text C:\Users\jefferson\AppData\Local\Google\Chrome\Application\chrome.exe[4320] C:\windows\SysWOW64\ntdll.dll!NtOpenProcessToken + 5 00000000773e10a5 7 bytes {MOV EDX, 0x46ade8; JMP RDX}

.text C:\Users\jefferson\AppData\Local\Google\Chrome\Application\chrome.exe[4320] C:\windows\SysWOW64\ntdll.dll!NtOpenThread + 5 00000000773e111d 7 bytes {MOV EDX, 0x46ad68; JMP RDX}

.text C:\Users\jefferson\AppData\Local\Google\Chrome\Application\chrome.exe[4320] C:\windows\SysWOW64\ntdll.dll!NtQueryFullAttributesFile + 5 00000000773e1321 7 bytes {MOV EDX, 0x46ace8; JMP RDX}

.text C:\Users\jefferson\AppData\Local\Google\Chrome\Application\chrome.exe[4320] C:\windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000075dc1465 2 bytes [DC, 75]

.text C:\Users\jefferson\AppData\Local\Google\Chrome\Application\chrome.exe[4320] C:\windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 0000000075dc14bb 2 bytes [DC, 75]

.text ... * 2

.text C:\Users\jefferson\AppData\Local\Google\Chrome\Application\chrome.exe[4268] C:\windows\SysWOW64\ntdll.dll!NtSetInformationThread + 5 00000000773df991 7 bytes {MOV EDX, 0x796228; JMP RDX}

.text C:\Users\jefferson\AppData\Local\Google\Chrome\Application\chrome.exe[4268] C:\windows\SysWOW64\ntdll.dll!NtOpenThreadToken + 5 00000000773dfbd5 7 bytes {MOV EDX, 0x796268; JMP RDX}

.text C:\Users\jefferson\AppData\Local\Google\Chrome\Application\chrome.exe[4268] C:\windows\SysWOW64\ntdll.dll!NtOpenProcess + 5 00000000773dfc05 7 bytes {MOV EDX, 0x7961a8; JMP RDX}

.text C:\Users\jefferson\AppData\Local\Google\Chrome\Application\chrome.exe[4268] C:\windows\SysWOW64\ntdll.dll!NtSetInformationFile + 5 00000000773dfc1d 7 bytes {MOV EDX, 0x796128; JMP RDX}

.text C:\Users\jefferson\AppData\Local\Google\Chrome\Application\chrome.exe[4268] C:\windows\SysWOW64\ntdll.dll!NtMapViewOfSection + 5 00000000773dfc35 7 bytes {MOV EDX, 0x796328; JMP RDX}

.text C:\Users\jefferson\AppData\Local\Google\Chrome\Application\chrome.exe[4268] C:\windows\SysWOW64\ntdll.dll!NtUnmapViewOfSection + 5 00000000773dfc65 7 bytes {MOV EDX, 0x796368; JMP RDX}

.text C:\Users\jefferson\AppData\Local\Google\Chrome\Application\chrome.exe[4268] C:\windows\SysWOW64\ntdll.dll!NtOpenThreadTokenEx + 5 00000000773dfce5 7 bytes {MOV EDX, 0x7962e8; JMP RDX}

.text C:\Users\jefferson\AppData\Local\Google\Chrome\Application\chrome.exe[4268] C:\windows\SysWOW64\ntdll.dll!NtOpenProcessTokenEx + 5 00000000773dfcfd 7 bytes {MOV EDX, 0x7962a8; JMP RDX}

.text C:\Users\jefferson\AppData\Local\Google\Chrome\Application\chrome.exe[4268] C:\windows\SysWOW64\ntdll.dll!NtOpenFile + 5 00000000773dfd49 7 bytes {MOV EDX, 0x796068; JMP RDX}

.text C:\Users\jefferson\AppData\Local\Google\Chrome\Application\chrome.exe[4268] C:\windows\SysWOW64\ntdll.dll!NtQueryAttributesFile + 5 00000000773dfe41 7 bytes {MOV EDX, 0x7960a8; JMP RDX}

.text C:\Users\jefferson\AppData\Local\Google\Chrome\Application\chrome.exe[4268] C:\windows\SysWOW64\ntdll.dll!NtCreateFile + 5 00000000773e0099 7 bytes {MOV EDX, 0x796028; JMP RDX}

.text C:\Users\jefferson\AppData\Local\Google\Chrome\Application\chrome.exe[4268] C:\windows\SysWOW64\ntdll.dll!NtOpenProcessToken + 5 00000000773e10a5 7 bytes {MOV EDX, 0x7961e8; JMP RDX}

.text C:\Users\jefferson\AppData\Local\Google\Chrome\Application\chrome.exe[4268] C:\windows\SysWOW64\ntdll.dll!NtOpenThread + 5 00000000773e111d 7 bytes {MOV EDX, 0x796168; JMP RDX}

.text C:\Users\jefferson\AppData\Local\Google\Chrome\Application\chrome.exe[4268] C:\windows\SysWOW64\ntdll.dll!NtQueryFullAttributesFile + 5 00000000773e1321 7 bytes {MOV EDX, 0x7960e8; JMP RDX}

.text C:\Users\jefferson\AppData\Local\Google\Chrome\Application\chrome.exe[4268] C:\windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000075dc1465 2 bytes [DC, 75]

.text C:\Users\jefferson\AppData\Local\Google\Chrome\Application\chrome.exe[4268] C:\windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 0000000075dc14bb 2 bytes [DC, 75]

.text ... * 2

---- Threads - GMER 2.1 ----

Thread C:\windows\system32\svchost.exe [1028:1596] 000007fefaf58274

Thread C:\windows\system32\svchost.exe [1028:2524] 000007fefaf58274

Thread C:\windows\System32\spoolsv.exe [1344:2644] 000007fef5a310c8

Thread C:\windows\System32\spoolsv.exe [1344:2900] 000007fef59f6144

Thread C:\windows\System32\spoolsv.exe [1344:2904] 000007fef57a5fd0

Thread C:\windows\System32\spoolsv.exe [1344:2908] 000007fef5783438

Thread C:\windows\System32\spoolsv.exe [1344:2912] 000007fef57a63ec

Thread C:\windows\System32\spoolsv.exe [1344:2920] 000007fef5ac5e5c

Thread C:\windows\System32\spoolsv.exe [1344:1796] 000007fef5af5074

Thread C:\windows\System32\svchost.exe [1272:2956] 000007fef7b59688

Thread C:\windows\system32\taskhost.exe [2488:3436] 000007fef84e5170

---- Registry - GMER 2.1 ----

Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\002269ec2d88

Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\70f39533ceee

Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\70f3953f2fa6

Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\70f3953f2fa6@5ce8ebc42a1e 0xEF 0x4F 0x6B 0xA2 ...

Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\002269ec2d88 (not active ControlSet)

Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\70f39533ceee (not active ControlSet)

Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\70f3953f2fa6 (not active ControlSet)

Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\70f3953f2fa6@5ce8ebc42a1e 0xEF 0x4F 0x6B 0xA2 ...

---- Disk sectors - GMER 2.1 ----

Disk \Device\Harddisk0\DR0 sector 0: rootkit-like behavior

---- EOF - GMER 2.1 ----

Compartilhar este post


Link para o post
Compartilhar em outros sites

Por gentileza, copie e cole aqui o link que te aparece ao abrir a página do banco, mas antes, certifique-se de substituir o "http" por "hxxp", isso evitará que usuários incautos cliquem no link.

Compartilhar este post


Link para o post
Compartilhar em outros sites

Ola amigo, desculpe a demora,estava viajando, segue abaixo o link q você me pediu ,, coloquei umas fotos tambem do que aparece,, nao sei se pode ,,mas ta ai , achei importante,,, desde ja agradeco a ajuda.

hxxp://www.bradesco.com.br/html/classic/dentro.php

p><p><img src= Uploaded with ImageShack.us

<a  href=%7Boption%7Dhttp://img703.imageshack.us/img703/4118/4gpb.jpg' alt='4gpb.jpg'> Uploaded with ImageShack.us

Editado por jeff23ctba

Compartilhar este post


Link para o post
Compartilhar em outros sites

Como funciona sua conexão com a internet? Qual modem/roteador (marca/modelo) você usa?

Compartilhar este post


Link para o post
Compartilhar em outros sites

Ola amigo, tenho conexao de 2 megas, pela empresa oi,,,,o modem é um TP-LINK -TD-W8901G....54M WIRELESS ADLS2+ MODEM ROUTER

Compartilhar este post


Link para o post
Compartilhar em outros sites

Tem acesso às configurações do modem, preciso saber o DNS configurado nele.

Compartilhar este post


Link para o post
Compartilhar em outros sites





Sobre o Clube do Hardware

No ar desde 1996, o Clube do Hardware é uma das maiores, mais antigas e mais respeitadas publicações sobre tecnologia do Brasil. Leia mais

Direitos autorais

Não permitimos a cópia ou reprodução do conteúdo do nosso site, fórum, newsletters e redes sociais, mesmo citando-se a fonte. Leia mais

×