Ir ao conteúdo
  • Cadastre-se
tobroven

Problemas com internet banking do Santander e BB

Recommended Posts

Oi,

há algum tempo, quando estava tentando acessar o site do Banco do Brasil via Google Chrome, achei estranho que o mesmo estava diferente, pedindo a senha de seis dígitos do cartão, juntamente com a senha da internet. Desconfiei e não preenchi os dados. Rodei o AVG e o Spyboot e algumas ameaças foram removidas. Porém, após este processo não consegui mais acessar o BB pelo Chrome, simplesmente não reconhecia a solução de segurança. Recentemente abri uma conta no Santander e para minha surpresa o internet banking do mesmo não está funcionando em nenhum navegador. Não carrega perfeitamente. Conversei com a assistência do banco e não conseguimos resolver. Penso então que o problema pode ser algum malware atuando sobre meus acessos aos dois internet banking.

Por favor me ajude,

Abaixo os logs do DDS e do GMER:

DDS (Ver_2012-11-20.01) - NTFS_AMD64

Internet Explorer: 9.0.8112.16446 BrowserJavaVersion: 10.25.2

Run by Jo at 22:17:10 on 2013-09-03

Microsoft Windows 7 Ultimate 6.1.7600.0.1252.55.1033.18.3839.2537 [GMT -3:00]

.

AV: AVG Anti-Virus Free Edition 2012 *Enabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}

SP: AVG Anti-Virus Free Edition 2012 *Enabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

============== Running Processes ===============

.

C:\Windows\system32\lsm.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\system32\nvvsvc.exe

C:\PROGRA~2\GbPlugin\GbpSv.exe

C:\Windows\system32\svchost.exe -k RPCSS

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\svchost.exe -k NetworkService

C:\Windows\system32\rundll32.exe

C:\Windows\System32\spoolsv.exe

C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe

C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe

C:\Program Files\Bonjour\mDNSResponder.exe

C:\Windows\System32\svchost.exe -k LocalServiceNoNetwork

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\Windows\system32\svchost.exe -k imgsvc

C:\Windows\system32\taskhost.exe

C:\Windows\system32\sppsvc.exe

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Windows\System32\rundll32.exe

C:\Program Files (x86)\AVG\AVG2012\avgtray.exe

C:\Program Files (x86)\Citrix\ICA Client\concentr.exe

C:\Program Files (x86)\iTunes\iTunesHelper.exe

C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe

C:\Program Files (x86)\Citrix\ICA Client\Receiver\Receiver.exe

C:\Program Files\iPod\bin\iPodService.exe

C:\Windows\system32\SearchIndexer.exe

C:\Program Files (x86)\Citrix\ICA Client\wfcrun32.exe

C:\Program Files\Windows Media Player\wmpnetwk.exe

C:\Users\berneck\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\berneck\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\berneck\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\berneck\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Windows\system32\SearchProtocolHost.exe

C:\Windows\system32\SearchFilterHost.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Windows\System32\cscript.exe

.

============== Pseudo HJT Report ===============

.

mStart Page = about:blank

mDefault_Page_URL = about:blank

BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll

BHO: AVG Do Not Track: {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - C:\Program Files (x86)\AVG\AVG2012\avgdtiex.dll

BHO: AVG Safe Search: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll

BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll

BHO: GbIehObj Class: {C41A1C0E-EA6C-11D4-B1B8-444553540000} - C:\PROGRAM FILES (X86)\GbPlugin\gbieh.dll

BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll

mRun: [AVG_TRAY] "C:\Program Files (x86)\AVG\AVG2012\avgtray.exe"

mRun: [TkBellExe] "C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe" -osboot

mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

mRun: [Aimersoft Helper Compact.exe] C:\Program Files (x86)\Common Files\Aimersoft\Aimersoft Helper Compact\ASHelper.exe

mRun: [ConnectionCenter] "C:\Program Files (x86)\Citrix\ICA Client\concentr.exe" /startup

mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"

mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"

mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

mRun: [ApnTBMon] "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe"

uPolicies-Explorer: NoDriveTypeAutoRun = dword:145

mPolicies-Explorer: NoActiveDesktop = dword:1

mPolicies-Explorer: NoActiveDesktopChanges = dword:1

mPolicies-System: ConsentPromptBehaviorAdmin = dword:5

mPolicies-System: ConsentPromptBehaviorUser = dword:3

mPolicies-System: EnableLUA = dword:0

mPolicies-System: EnableUIADesktopToggle = dword:0

IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000

IE: {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - C:\Program Files (x86)\AVG\AVG2012\avgdtiex.dll

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab

TCP: NameServer = 192.168.0.1

TCP: Interfaces\{076F7D24-AD14-48F1-8F00-0A2D86FF5FDB} : DHCPNameServer = 192.168.0.1

TCP: Interfaces\{98C464F3-5ACE-4825-AED4-BF14AA6C5F9C} : DHCPNameServer = 192.168.0.1

TCP: Interfaces\{98C464F3-5ACE-4825-AED4-BF14AA6C5F9C}\E45647430353 : DHCPNameServer = 192.168.0.1

Filter: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll

Filter: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll

Filter: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll

Filter: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll

Filter: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll

Filter: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll

Filter: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll

Filter: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll

Filter: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll

Filter: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll

Filter: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll

Filter: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll

Filter: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll

Filter: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll

Filter: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll

Filter: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll

Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll

Notify: GbPluginBb - C:\Program Files (x86)\GbPlugin\gbieh.dll

SSODL: WebCheck - <orphaned>

SEH: GbPluginObj Class - {E37CB5F0-51F5-4395-A808-5FA49E399F83} - C:\PROGRAM FILES (X86)\GbPlugin\gbieh.dll

x64-BHO: AVG Do Not Track: {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - C:\Program Files (x86)\AVG\AVG2012\avgdtiea.dll

x64-BHO: AVG Safe Search: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssiea.dll

x64-Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\System32\NvCpl.dll,NvStartup

x64-Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\System32\NvMcTray.dll,NvTaskbarInit

x64-IE: {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - C:\Program Files (x86)\AVG\AVG2012\avgdtiea.dll

x64-Filter: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - <orphaned>

x64-Filter: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - <orphaned>

x64-Filter: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - <orphaned>

x64-Filter: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - <orphaned>

x64-Filter: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - <orphaned>

x64-Filter: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - <orphaned>

x64-Filter: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - <orphaned>

x64-Filter: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - <orphaned>

x64-Filter: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - <orphaned>

x64-Filter: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - <orphaned>

x64-Filter: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - <orphaned>

x64-Filter: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - <orphaned>

x64-Filter: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - <orphaned>

x64-Filter: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - <orphaned>

x64-Filter: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - <orphaned>

x64-Filter: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - <orphaned>

x64-Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgppa.dll

x64-SSODL: WebCheck - <orphaned>

Hosts: 77.95.231.87 www.santandernet.com.br

.

================= FIREFOX ===================

.

FF - ProfilePath - C:\Users\Jo\AppData\Roaming\Mozilla\Firefox\Profiles\ufcv5b50.default\

FF - prefs.js: browser.search.selectedEngine - Ask Search

FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll

FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll

FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npicaN.dll

FF - plugin: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll

FF - plugin: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll

FF - plugin: C:\Users\Jo\AppData\Local\GAS Tecnologia\GBBD\npsf_bb.dll

FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_233.dll

FF - plugin: C:\Windows\SysWOW64\npDeployJava1.dll

FF - plugin: C:\Windows\SysWOW64\npmproxy.dll

FF - ExtSQL: 2013-09-02 20:39; {87F8774F-B485-47E2-A755-A40A8A5E886C}; C:\Users\Jo\AppData\Local\GAS Tecnologia\GBBD\bb\xpi

FF - ExtSQL: 2013-09-03 21:19; toolbar_ORJ-V7@apn.ask.com; C:\Users\Jo\AppData\Roaming\Mozilla\Firefox\Profiles\ufcv5b50.default\extensions\toolbar_ORJ-V7@apn.ask.com.xpi

.

============= SERVICES / DRIVERS ===============

.

R0 AVGIDSHA;AVGIDSHA;C:\Windows\System32\drivers\avgidsha.sys [2012-4-19 28480]

R0 Avgrkx64;AVG Anti-Rootkit Driver;C:\Windows\System32\drivers\avgrkx64.sys [2012-1-31 36944]

R1 Avgldx64;AVG AVI Loader Driver;C:\Windows\System32\drivers\avgldx64.sys [2012-11-8 307040]

R1 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;C:\Windows\System32\drivers\avgmfx64.sys [2011-12-23 47696]

R1 Avgtdia;AVG TDI Driver;C:\Windows\System32\drivers\avgtdia.sys [2013-4-11 384800]

R1 ctxusbm;Citrix USB Monitor Driver;C:\Windows\System32\drivers\ctxusbm.sys [2011-6-13 91864]

R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;C:\Windows\System32\drivers\dtsoftbus01.sys [2013-5-20 283200]

R2 APNMCP;Ask Update Service;C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe [2013-8-5 164816]

R2 avgwd;Watchdog do AVG;C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe [2012-2-14 193288]

R2 GbpSv;Gbp Service;C:\PROGRA~2\GbPlugin\GbpSv.exe [2013-9-2 409640]

R3 AVGIDSDriver;AVGIDSDriver;C:\Windows\System32\drivers\avgidsdrivera.sys [2012-12-10 127328]

R3 AVGIDSFilter;AVGIDSFilter;C:\Windows\System32\drivers\avgidsfiltera.sys [2011-12-23 29776]

S2 AVGIDSAgent;AVGIDSAgent;C:\Program Files (x86)\AVG\AVG2012\avgidsagent.exe [2012-11-2 5174392]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]

S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]

S3 SrvHsfHDA;SrvHsfHDA;C:\Windows\System32\drivers\VSTAZL6.SYS [2009-7-13 292864]

S3 SrvHsfV92;SrvHsfV92;C:\Windows\System32\drivers\VSTDPV6.SYS [2009-7-13 1485312]

S3 SrvHsfWinac;SrvHsfWinac;C:\Windows\System32\drivers\VSTCNXT6.SYS [2009-7-13 740864]

S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2012-12-13 54784]

S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\WAT\WatAdminSvc.exe [2011-10-17 1255736]

.

=============== Created Last 30 ================

.

2013-09-04 00:46:39 -------- d-----w- C:\Users\Jo\AppData\Local\Google

2013-09-04 00:19:30 -------- d-----w- C:\ProgramData\AskPartnerNetwork

2013-09-04 00:19:30 -------- d-----w- C:\Program Files (x86)\AskPartnerNetwork

2013-09-04 00:19:21 -------- d-----w- C:\ProgramData\APN

2013-09-04 00:16:52 96168 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll

2013-09-02 23:58:40 -------- d-----w- C:\Users\Jo\AppData\Local\Adobe

2013-09-02 23:48:22 -------- d-----w- C:\ProgramData\boost_interprocess

2013-09-02 23:41:17 31088 ----a-w- C:\Windows\SysWow64\drivers\gbpndisrd.sys

2013-09-02 23:39:29 717985 ----a-w- C:\Users\Jo\AppData\Roaming\unins000.exe

2013-09-02 23:39:29 -------- d-----w- C:\Users\Jo\AppData\Local\GAS Tecnologia

2013-09-02 23:39:29 -------- d-----w- C:\ProgramData\GAS Tecnologia

2013-09-02 23:39:28 -------- d-----w- C:\Users\Jo\AppData\Local\Programs

2013-09-02 23:19:53 -------- d-----w- C:\Users\Jo\AppData\Local\Microsoft Help

2013-08-31 15:50:17 -------- d-----w- C:\Users\Jo\AppData\Local\Mozilla

2013-08-31 00:48:14 -------- d-----w- C:\ProgramData\Astroburn Lite

2013-08-31 00:48:14 -------- d-----w- C:\Program Files (x86)\Astroburn Lite

2013-08-30 12:27:36 33240 ----a-w- C:\Windows\System32\drivers\GEARAspiWDM.sys

2013-08-30 12:26:44 -------- d-----w- C:\Program Files\iPod

2013-08-30 12:26:43 -------- d-----w- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69

2013-08-30 12:26:43 -------- d-----w- C:\Program Files\iTunes

2013-08-30 12:26:43 -------- d-----w- C:\Program Files (x86)\iTunes

2013-08-30 12:25:27 -------- d-----w- C:\Program Files\Bonjour

2013-08-30 12:25:27 -------- d-----w- C:\Program Files (x86)\Bonjour

.

==================== Find3M ====================

.

2013-09-04 00:16:43 867240 ----a-w- C:\Windows\SysWow64\npDeployJava1.dll

2013-09-04 00:16:43 789416 ----a-w- C:\Windows\SysWow64\deployJava1.dll

.

============= FINISH: 22:17:29,20 ===============

.

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

.

DDS (Ver_2012-11-20.01)

.

Microsoft Windows 7 Ultimate

Boot Device: \Device\HarddiskVolume1

Install Date: 15/10/2011 13:31:32

System Uptime: 03/09/2013 21:32:26 (1 hours ago)

.

Motherboard: Quanta | | 30CF

Processor: AMD Turion 64 X2 Mobile Technology TL-58 | Socket S1 | 1900/200mhz

.

==== Disk Partitions =========================

.

C: is FIXED (NTFS) - 298 GiB total, 254,682 GiB free.

D: is CDROM ()

E: is CDROM ()

.

==== Disabled Device Manager Items =============

.

Class GUID: {a0a588a4-c46f-4b37-b7ea-c82fe89870c6}

Description: SDA Standard Compliant SD Host Controller

Device ID: PCI\VEN_0180&DEV_0822&SUBSYS_30CF003C&REV_22\4&2A4C3A5&0&2940

Manufacturer: SDA Standard Compliant SD Host Controller Vendor

Name: SDA Standard Compliant SD Host Controller

PNP Device ID: PCI\VEN_0180&DEV_0822&SUBSYS_30CF003C&REV_22\4&2A4C3A5&0&2940

Service: sdbus

.

Class GUID:

Description: IEEE 1394 Controller

Device ID: PCI\VEN_0180&DEV_0832&SUBSYS_30CF003C&REV_05\4&2A4C3A5&0&2840

Manufacturer:

Name: IEEE 1394 Controller

PNP Device ID: PCI\VEN_0180&DEV_0832&SUBSYS_30CF003C&REV_05\4&2A4C3A5&0&2840

Service:

.

Class GUID:

Description: Base System Device

Device ID: PCI\VEN_0180&DEV_0843&SUBSYS_30CF003C&REV_12\4&2A4C3A5&0&2A40

Manufacturer:

Name: Base System Device

PNP Device ID: PCI\VEN_0180&DEV_0843&SUBSYS_30CF003C&REV_12\4&2A4C3A5&0&2A40

Service:

.

Class GUID:

Description: Base System Device

Device ID: PCI\VEN_0180&DEV_0852&SUBSYS_30CF003C&REV_12\4&2A4C3A5&0&2C40

Manufacturer:

Name: Base System Device

PNP Device ID: PCI\VEN_0180&DEV_0852&SUBSYS_30CF003C&REV_12\4&2A4C3A5&0&2C40

Service:

.

Class GUID:

Description: Coprocessor

Device ID: PCI\VEN_10DE&DEV_0543&SUBSYS_30CF103C&REV_A2\3&2411E6FE&1&0B

Manufacturer:

Name: Coprocessor

PNP Device ID: PCI\VEN_10DE&DEV_0543&SUBSYS_30CF103C&REV_A2\3&2411E6FE&1&0B

Service:

.

Class GUID:

Description:

Device ID: ACPI\HPQ0006\2&DABA3FF&1

Manufacturer:

Name:

PNP Device ID: ACPI\HPQ0006\2&DABA3FF&1

Service:

.

Class GUID:

Description: Base System Device

Device ID: PCI\VEN_0180&DEV_0592&SUBSYS_30CF003C&REV_12\4&2A4C3A5&0&2B40

Manufacturer:

Name: Base System Device

PNP Device ID: PCI\VEN_0180&DEV_0592&SUBSYS_30CF003C&REV_12\4&2A4C3A5&0&2B40

Service:

.

==== System Restore Points ===================

.

RP105: 29/08/2013 12:10:43 - Scheduled Checkpoint

RP106: 29/08/2013 20:59:16 - Removed 3DVH

RP107: 29/08/2013 21:00:24 - Removed Facebook Video Calling 1.2.0.159

RP108: 29/08/2013 21:00:46 - Removed HP Deskjet 3050 J610 series Basic Device Software

RP109: 29/08/2013 21:02:14 - Removed SNC Patient

RP110: 29/08/2013 21:04:17 - Removed Windows Movie Maker 2.6

RP111: 30/08/2013 09:26:06 - Installed iTunes

RP112: 03/09/2013 21:15:59 - Installed Java 7 Update 25

.

==== Installed Programs ======================

.

A-PDF Number freeware 1.3

Adobe Flash Player 11 ActiveX 64-bit

Adobe Flash Player 11 Plugin 64-bit

Adobe Reader X (10.1.7) - Português

Adobe Shockwave Player 11.6

Aimersoft Video Converter Ultimate(Build 5.0.1.0)

Apple Mobile Device Support

Apple Software Update

Ask Toolbar

Astroburn Lite

µTorrent

AVG 2012

Bonjour

Citrix Presentation Server Client

Citrix Receiver

Citrix Receiver (HDX Flash Redirection)

Citrix Receiver Inside

Citrix Receiver(Aero)

Citrix Receiver(DV)

Citrix Receiver(USB)

DAEMON Tools Lite

GBBD Banco do Brasil

HP Deskjet 3050 J610 series Help

IRPF2012 - Declaração de Ajuste Anual, Final de Espólio e Saída Definitiva do País

iTunes

Java 7 Update 25

Java Auto Updater

Java 6 Update 31

K-Lite Mega Codec Pack 7.8.0

Microsoft .NET Framework 4 Client Profile

Microsoft .NET Framework 4 Extended

Microsoft Office Access MUI (English) 2007

Microsoft Office Access Setup Metadata MUI (English) 2007

Microsoft Office Enterprise 2007

Microsoft Office Excel MUI (English) 2007

Microsoft Office Groove MUI (English) 2007

Microsoft Office Groove Setup Metadata MUI (English) 2007

Microsoft Office InfoPath MUI (English) 2007

Microsoft Office Office 64-bit Components 2007

Microsoft Office OneNote MUI (English) 2007

Microsoft Office Outlook MUI (English) 2007

Microsoft Office PowerPoint MUI (English) 2007

Microsoft Office Proof (English) 2007

Microsoft Office Proof (French) 2007

Microsoft Office Proof (Spanish) 2007

Microsoft Office Proofing (English) 2007

Microsoft Office Publisher MUI (English) 2007

Microsoft Office Shared 64-bit MUI (English) 2007

Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007

Microsoft Office Shared MUI (English) 2007

Microsoft Office Shared Setup Metadata MUI (English) 2007

Microsoft Office Word MUI (English) 2007

Microsoft Visual C++ 2005 Redistributable

Microsoft Visual C++ 2005 Redistributable (x64)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

Mozilla Firefox 12.0 (x86 pt-BR)

Mozilla Maintenance Service

MSXML 4.0 SP2 (KB954430)

MSXML 4.0 SP2 (KB973688)

NVIDIA Drivers

NVIDIA PhysX

Online Plug-in

PDFCreator

RealNetworks - Microsoft Visual C++ 2008 Runtime

RealPlayer

Realtek High Definition Audio Driver

RealUpgrade 1.1

Receitanet

Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)

Security Update for Microsoft .NET Framework 4 Extended (KB2416472)

Security Update for Microsoft .NET Framework 4 Extended (KB2487367)

Security Update for Microsoft .NET Framework 4 Extended (KB2656351)

Spybot - Search & Destroy

Suporte para Aplicativos Apple

swMSM

Update for Microsoft .NET Framework 4 Client Profile (KB2473228)

Visual Studio 2008 x64 Redistributables

WinPcap 4.1.1

WinRAR 4.01 (32-bit)

.

==== Event Viewer Messages From Past Week ========

.

31/08/2013 02:53:32, Error: Microsoft-Windows-HAL [12] - The platform firmware has corrupted memory across the previous system power transition. Please check for updated firmware for your system.

30/08/2013 09:49:02, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x00000124 (0x0000000000000000, 0xfffffa8004cb58f8, 0x0000000000000000, 0x0000000000000000). A dump was saved in: C:\Windows\Minidump\083013-50466-01.dmp. Report Id: 083013-50466-01.

29/08/2013 09:26:52, Error: Service Control Manager [7024] - The HomeGroup Listener service terminated with service-specific error %%-2147023143.

03/09/2013 21:34:13, Error: Microsoft-Windows-DistributedCOM [10016] - The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID {C97FCC79-E628-407D-AE68-A06AD6D8B4D1} and APPID {344ED43D-D086-4961-86A6-1106F4ACAD9B} to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.

03/09/2013 21:33:11, Error: Microsoft-Windows-WHEA-Logger [18] - A fatal hardware error has occurred. Reported by component: Processor Core Error Source: Machine Check Exception Error Type: Unknown Error Processor ID: 1 The details view of this entry contains further information.

03/09/2013 21:33:10, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: gbmr

03/09/2013 21:33:07, Error: Service Control Manager [7003] - The IPsec Policy Agent service depends the following service: BFE. This service might not be installed.

03/09/2013 21:33:07, Error: Service Control Manager [7003] - The IKE and AuthIP IPsec Keying Modules service depends the following service: BFE. This service might not be installed.

03/09/2013 21:33:06, Error: Service Control Manager [7023] - The Computer Browser service terminated with the following error: The specified service does not exist as an installed service.

03/09/2013 20:27:46, Error: Microsoft-Windows-WHEA-Logger [18] - A fatal hardware error has occurred. Reported by component: Processor Core Error Source: Machine Check Exception Error Type: Internal Unclassified Error Processor ID: 1 The details view of this entry contains further information.

02/09/2013 20:41:24, Error: Microsoft-Windows-WHEA-Logger [18] - A fatal hardware error has occurred. Reported by component: Processor Core Error Source: Machine Check Exception Error Type: Cache Hierarchy Error Processor ID: 1 The details view of this entry contains further information.

02/09/2013 19:34:19, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x00000124 (0x0000000000000000, 0xfffffa8004cde8f8, 0x0000000000000000, 0x0000000000000000). A dump was saved in: C:\Windows\Minidump\090213-39624-01.dmp. Report Id: 090213-39624-01.

.

==== End Of File ===========================

GMER 2.1.19163 - http://www.gmer.net

Rootkit scan 2013-09-03 22:42:48

Windows 6.1.7600 x64 \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP2T0L0-3 SAMSUNG_HM320HJ rev.2AK10002 298,09GB

Running: gmer.exe; Driver: C:\Users\Jo\AppData\Local\Temp\uwdiyfog.sys

---- User code sections - GMER 2.1 ----

.text C:\PROGRA~2\GbPlugin\GbpSv.exe[988] C:\Windows\syswow64\kernel32.dll!FreeLibrary 0000000076251de2 5 bytes JMP 000000013b0ae02d

.text C:\PROGRA~2\GbPlugin\GbpSv.exe[988] C:\Windows\syswow64\kernel32.dll!FreeLibraryAndExitThread 000000007626c835 5 bytes JMP 000000013b0adfa5

.text C:\PROGRA~2\GbPlugin\GbpSv.exe[988] C:\Windows\syswow64\psapi.dll!GetModuleInformation + 69 0000000076201465 2 bytes [20, 76]

.text C:\PROGRA~2\GbPlugin\GbpSv.exe[988] C:\Windows\syswow64\psapi.dll!GetModuleInformation + 155 00000000762014bb 2 bytes [20, 76]

.text ... * 2

.text C:\Program Files (x86)\Citrix\ICA Client\concentr.exe[2680] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000076201465 2 bytes [20, 76]

.text C:\Program Files (x86)\Citrix\ICA Client\concentr.exe[2680] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000762014bb 2 bytes [20, 76]

.text ... * 2

.text C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe[2272] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000076201465 2 bytes [20, 76]

.text C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe[2272] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000762014bb 2 bytes [20, 76]

.text ... * 2

.text C:\Program Files (x86)\Citrix\ICA Client\Receiver\Receiver.exe[2636] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000076201465 2 bytes [20, 76]

.text C:\Program Files (x86)\Citrix\ICA Client\Receiver\Receiver.exe[2636] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000762014bb 2 bytes [20, 76]

.text ... * 2

.text C:\Program Files (x86)\Citrix\ICA Client\wfcrun32.exe[3192] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000076201465 2 bytes [20, 76]

.text C:\Program Files (x86)\Citrix\ICA Client\wfcrun32.exe[3192] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000762014bb 2 bytes [20, 76]

.text ... * 2

---- EOF - GMER 2.1 ----

Compartilhar este post


Link para o post
Compartilhar em outros sites

Olá

Desculpe a demora :)

Se ainda precisa de ajuda refaça os logs, pois preciso dos mesmos com datas atualizadas: Leia Antes de Postar - Criando um novo Tópico

ATENÇÃO 1: Não precisa abrir um novo tópico, coloque os novos logs neste mesmo tópico, obrigado!

ATENÇÃO 2: Não edite seu tópico, use o botão responder, obrigado!

ATENÇÃO 3: Não coloque os logs entre TAGS, obrigado!

ATENÇÃO 4: Não anexe os logs, obrigado!

Abraços :D

Compartilhar este post


Link para o post
Compartilhar em outros sites

Os arquivos de LOG que mandei eram de três dias atrás, não estafam defasados, mas como você me pediu novos aí estão:

DDS (Ver_2012-11-20.01) - NTFS_AMD64

Internet Explorer: 9.0.8112.16446 BrowserJavaVersion: 10.25.2

Run by Jo at 15:14:23 on 2013-09-06

Microsoft Windows 7 Ultimate 6.1.7600.0.1252.55.1033.18.3839.3083 [GMT -3:00]

.

AV: AVG Anti-Virus Free Edition 2012 *Enabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}

SP: AVG Anti-Virus Free Edition 2012 *Enabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

============== Running Processes ===============

.

C:\Windows\system32\lsm.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\system32\nvvsvc.exe

C:\PROGRA~2\GbPlugin\GbpSv.exe

C:\Windows\system32\svchost.exe -k RPCSS

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\rundll32.exe

C:\Windows\system32\svchost.exe -k NetworkService

C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe

C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe

C:\Program Files\Bonjour\mDNSResponder.exe

C:\Windows\System32\svchost.exe -k LocalServiceNoNetwork

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\Windows\system32\svchost.exe -k imgsvc

C:\Windows\system32\taskhost.exe

C:\Windows\system32\sppsvc.exe

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Windows\System32\rundll32.exe

C:\Program Files (x86)\AVG\AVG2012\avgtray.exe

C:\Program Files (x86)\Citrix\ICA Client\concentr.exe

C:\Program Files (x86)\iTunes\iTunesHelper.exe

C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe

C:\Program Files (x86)\Citrix\ICA Client\Receiver\Receiver.exe

C:\Program Files\iPod\bin\iPodService.exe

C:\Program Files (x86)\Citrix\ICA Client\wfcrun32.exe

C:\Windows\system32\SearchIndexer.exe

C:\Program Files\Windows Media Player\wmpnetwk.exe

C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE

C:\Windows\system32\wbem\wmiprvse.exe

C:\Windows\System32\cscript.exe

.

============== Pseudo HJT Report ===============

.

mStart Page = about:blank

mDefault_Page_URL = about:blank

BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll

BHO: AVG Do Not Track: {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - C:\Program Files (x86)\AVG\AVG2012\avgdtiex.dll

BHO: AVG Safe Search: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll

BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll

BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL

BHO: GbIehObj Class: {C41A1C0E-EA6C-11D4-B1B8-444553540000} - C:\PROGRAM FILES (X86)\GbPlugin\gbieh.dll

BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll

mRun: [AVG_TRAY] "C:\Program Files (x86)\AVG\AVG2012\avgtray.exe"

mRun: [TkBellExe] "C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe" -osboot

mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

mRun: [Aimersoft Helper Compact.exe] C:\Program Files (x86)\Common Files\Aimersoft\Aimersoft Helper Compact\ASHelper.exe

mRun: [ConnectionCenter] "C:\Program Files (x86)\Citrix\ICA Client\concentr.exe" /startup

mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"

mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"

mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

mRun: [ApnTBMon] "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe"

uPolicies-Explorer: NoDriveTypeAutoRun = dword:145

mPolicies-Explorer: NoActiveDesktop = dword:1

mPolicies-Explorer: NoActiveDesktopChanges = dword:1

mPolicies-System: ConsentPromptBehaviorAdmin = dword:5

mPolicies-System: ConsentPromptBehaviorUser = dword:3

mPolicies-System: EnableLUA = dword:0

mPolicies-System: EnableUIADesktopToggle = dword:0

IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000

IE: E&xportar para o Microsoft Excel - C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000

IE: {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - C:\Program Files (x86)\AVG\AVG2012\avgdtiex.dll

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab

TCP: NameServer = 201.17.128.78 201.17.128.73 201.6.4.116

TCP: Interfaces\{076F7D24-AD14-48F1-8F00-0A2D86FF5FDB} : DHCPNameServer = 192.168.0.1

TCP: Interfaces\{98C464F3-5ACE-4825-AED4-BF14AA6C5F9C} : DHCPNameServer = 201.17.128.78 201.17.128.73 201.6.4.116

TCP: Interfaces\{98C464F3-5ACE-4825-AED4-BF14AA6C5F9C}\659465F402D457D69637 : DHCPNameServer = 192.168.0.1

TCP: Interfaces\{98C464F3-5ACE-4825-AED4-BF14AA6C5F9C}\E45647430353 : DHCPNameServer = 192.168.0.1

Filter: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll

Filter: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll

Filter: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll

Filter: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll

Filter: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll

Filter: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll

Filter: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll

Filter: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll

Filter: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll

Filter: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll

Filter: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll

Filter: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll

Filter: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll

Filter: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll

Filter: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll

Filter: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll

Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL

Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll

Notify: GbPluginBb - C:\Program Files (x86)\GbPlugin\gbieh.dll

SSODL: WebCheck - <orphaned>

SEH: GbPluginObj Class - {E37CB5F0-51F5-4395-A808-5FA49E399F83} - C:\PROGRAM FILES (X86)\GbPlugin\gbieh.dll

x64-BHO: AVG Do Not Track: {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - C:\Program Files (x86)\AVG\AVG2012\avgdtiea.dll

x64-BHO: AVG Safe Search: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssiea.dll

x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL

x64-Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\System32\NvCpl.dll,NvStartup

x64-Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\System32\NvMcTray.dll,NvTaskbarInit

x64-Run: [bCSSync] "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices

x64-IE: {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - C:\Program Files (x86)\AVG\AVG2012\avgdtiea.dll

x64-Filter: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - <orphaned>

x64-Filter: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - <orphaned>

x64-Filter: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - <orphaned>

x64-Filter: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - <orphaned>

x64-Filter: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - <orphaned>

x64-Filter: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - <orphaned>

x64-Filter: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - <orphaned>

x64-Filter: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - <orphaned>

x64-Filter: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - <orphaned>

x64-Filter: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - <orphaned>

x64-Filter: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - <orphaned>

x64-Filter: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - <orphaned>

x64-Filter: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - <orphaned>

x64-Filter: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - <orphaned>

x64-Filter: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - <orphaned>

x64-Filter: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - <orphaned>

x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL

x64-Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgppa.dll

x64-SSODL: WebCheck - <orphaned>

Hosts: 77.95.231.87 www.santandernet.com.br

.

================= FIREFOX ===================

.

FF - ProfilePath - C:\Users\Jo\AppData\Roaming\Mozilla\Firefox\Profiles\ufcv5b50.default\

FF - prefs.js: browser.search.selectedEngine - Ask Search

FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll

FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll

FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npicaN.dll

FF - plugin: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll

FF - plugin: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll

FF - plugin: C:\Users\Jo\AppData\Local\GAS Tecnologia\GBBD\npsf_bb.dll

FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_233.dll

FF - plugin: C:\Windows\SysWOW64\npDeployJava1.dll

FF - plugin: C:\Windows\SysWOW64\npmproxy.dll

FF - ExtSQL: 2013-09-02 20:39; {87F8774F-B485-47E2-A755-A40A8A5E886C}; C:\Users\Jo\AppData\Local\GAS Tecnologia\GBBD\bb\xpi

FF - ExtSQL: 2013-09-03 21:19; toolbar_ORJ-V7@apn.ask.com; C:\Users\Jo\AppData\Roaming\Mozilla\Firefox\Profiles\ufcv5b50.default\extensions\toolbar_ORJ-V7@apn.ask.com.xpi

.

============= SERVICES / DRIVERS ===============

.

R0 AVGIDSHA;AVGIDSHA;C:\Windows\System32\drivers\avgidsha.sys [2012-4-19 28480]

R0 Avgrkx64;AVG Anti-Rootkit Driver;C:\Windows\System32\drivers\avgrkx64.sys [2012-1-31 36944]

R1 Avgldx64;AVG AVI Loader Driver;C:\Windows\System32\drivers\avgldx64.sys [2012-11-8 307040]

R1 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;C:\Windows\System32\drivers\avgmfx64.sys [2011-12-23 47696]

R1 Avgtdia;AVG TDI Driver;C:\Windows\System32\drivers\avgtdia.sys [2013-4-11 384800]

R1 ctxusbm;Citrix USB Monitor Driver;C:\Windows\System32\drivers\ctxusbm.sys [2011-6-13 91864]

R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;C:\Windows\System32\drivers\dtsoftbus01.sys [2013-5-20 283200]

R2 APNMCP;Ask Update Service;C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe [2013-8-5 164816]

R2 avgwd;Watchdog do AVG;C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe [2012-2-14 193288]

R2 GbpSv;Gbp Service;C:\PROGRA~2\GbPlugin\GbpSv.exe [2013-9-2 409640]

R3 AVGIDSDriver;AVGIDSDriver;C:\Windows\System32\drivers\avgidsdrivera.sys [2012-12-10 127328]

R3 AVGIDSFilter;AVGIDSFilter;C:\Windows\System32\drivers\avgidsfiltera.sys [2011-12-23 29776]

S2 AVGIDSAgent;AVGIDSAgent;C:\Program Files (x86)\AVG\AVG2012\avgidsagent.exe [2012-11-2 5174392]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]

S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]

S3 ose64;Office 64 Source Engine;C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-1-9 174440]

S3 SrvHsfHDA;SrvHsfHDA;C:\Windows\System32\drivers\VSTAZL6.SYS [2009-7-13 292864]

S3 SrvHsfV92;SrvHsfV92;C:\Windows\System32\drivers\VSTDPV6.SYS [2009-7-13 1485312]

S3 SrvHsfWinac;SrvHsfWinac;C:\Windows\System32\drivers\VSTCNXT6.SYS [2009-7-13 740864]

S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2012-12-13 54784]

S3 WatAdminSvc;Serviço de Tecnologias de Ativação do Windows;C:\Windows\System32\WAT\WatAdminSvc.exe [2011-10-17 1255736]

.

=============== Created Last 30 ================

.

2013-09-04 22:16:15 -------- d-----w- C:\Windows\pt-BR

2013-09-04 22:16:12 -------- d-----w- C:\Windows\SysWow64\XPSViewer

2013-09-04 22:16:12 -------- d-----w- C:\Windows\SysWow64\wbem\pt-BR

2013-09-04 22:16:12 -------- d-----w- C:\Windows\SysWow64\drivers\pt-BR

2013-09-04 22:16:05 -------- d-----w- C:\Windows\System32\drivers\UMDF\pt-BR

2013-09-04 22:16:05 -------- d-----w- C:\Windows\System32\drivers\pt-BR

2013-09-04 22:16:02 -------- d-----w- C:\Windows\System32\wbem\pt-BR

2013-09-04 22:09:59 69120 ----a-w- C:\Windows\System32\drivers\pt-BR\ntfs.sys.mui

2013-09-04 18:31:48 614400 ----a-w- C:\Windows\AutoKMS.exe

2013-09-04 18:23:58 -------- d-----w- C:\Program Files\Microsoft Synchronization Services

2013-09-04 18:23:41 -------- d-----w- C:\Windows\PCHEALTH

2013-09-04 18:23:41 -------- d-----w- C:\Program Files\Microsoft SQL Server Compact Edition

2013-09-04 18:21:45 -------- d-----w- C:\Program Files\Microsoft Analysis Services

2013-09-04 18:21:45 -------- d-----w- C:\Program Files (x86)\Microsoft Analysis Services

2013-09-04 18:19:01 -------- d-----w- C:\Users\Jo\AppData\Roaming\DAEMON Tools Lite

2013-09-04 15:02:35 -------- d-----w- C:\Users\Jo\AppData\Local\ElevatedDiagnostics

2013-09-04 00:46:39 -------- d-----w- C:\Users\Jo\AppData\Local\Google

2013-09-04 00:19:30 -------- d-----w- C:\ProgramData\AskPartnerNetwork

2013-09-04 00:19:30 -------- d-----w- C:\Program Files (x86)\AskPartnerNetwork

2013-09-04 00:19:21 -------- d-----w- C:\ProgramData\APN

2013-09-04 00:16:52 96168 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll

2013-09-02 23:58:40 -------- d-----w- C:\Users\Jo\AppData\Local\Adobe

2013-09-02 23:48:22 -------- d-----w- C:\ProgramData\boost_interprocess

2013-09-02 23:41:17 31088 ----a-w- C:\Windows\SysWow64\drivers\gbpndisrd.sys

2013-09-02 23:39:29 717985 ----a-w- C:\Users\Jo\AppData\Roaming\unins000.exe

2013-09-02 23:39:29 -------- d-----w- C:\Users\Jo\AppData\Local\GAS Tecnologia

2013-09-02 23:39:29 -------- d-----w- C:\ProgramData\GAS Tecnologia

2013-09-02 23:39:28 -------- d-----w- C:\Users\Jo\AppData\Local\Programs

2013-09-02 23:19:53 -------- d-----w- C:\Users\Jo\AppData\Local\Microsoft Help

2013-08-31 15:50:17 -------- d-----w- C:\Users\Jo\AppData\Local\Mozilla

2013-08-31 00:48:14 -------- d-----w- C:\ProgramData\Astroburn Lite

2013-08-31 00:48:14 -------- d-----w- C:\Program Files (x86)\Astroburn Lite

2013-08-30 12:27:36 33240 ----a-w- C:\Windows\System32\drivers\GEARAspiWDM.sys

2013-08-30 12:26:44 -------- d-----w- C:\Program Files\iPod

2013-08-30 12:26:43 -------- d-----w- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69

2013-08-30 12:26:43 -------- d-----w- C:\Program Files\iTunes

2013-08-30 12:26:43 -------- d-----w- C:\Program Files (x86)\iTunes

2013-08-30 12:25:27 -------- d-----w- C:\Program Files\Bonjour

2013-08-30 12:25:27 -------- d-----w- C:\Program Files (x86)\Bonjour

.

==================== Find3M ====================

.

2013-09-04 00:16:43 867240 ----a-w- C:\Windows\SysWow64\npDeployJava1.dll

2013-09-04 00:16:43 789416 ----a-w- C:\Windows\SysWow64\deployJava1.dll

.

============= FINISH: 15:15:00,82 ===============

.

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

.

DDS (Ver_2012-11-20.01)

.

Microsoft Windows 7 Ultimate

Boot Device: \Device\HarddiskVolume1

Install Date: 15/10/2011 13:31:32

System Uptime: 06/09/2013 09:40:19 (6 hours ago)

.

Motherboard: Quanta | | 30CF

Processor: AMD Turion 64 X2 Mobile Technology TL-58 | Socket S1 | 1786/200mhz

.

==== Disk Partitions =========================

.

C: is FIXED (NTFS) - 298 GiB total, 250,615 GiB free.

D: is CDROM ()

E: is CDROM ()

.

==== Disabled Device Manager Items =============

.

Class GUID:

Description: Dispositivo do sistema básico

Device ID: PCI\VEN_1180&DEV_0843&SUBSYS_30CF103C&REV_12\4&2A4C3A5&0&2A40

Manufacturer:

Name: Dispositivo do sistema básico

PNP Device ID: PCI\VEN_1180&DEV_0843&SUBSYS_30CF103C&REV_12\4&2A4C3A5&0&2A40

Service:

.

Class GUID:

Description: Dispositivo do sistema básico

Device ID: PCI\VEN_1180&DEV_0592&SUBSYS_30CF103C&REV_12\4&2A4C3A5&0&2B40

Manufacturer:

Name: Dispositivo do sistema básico

PNP Device ID: PCI\VEN_1180&DEV_0592&SUBSYS_30CF103C&REV_12\4&2A4C3A5&0&2B40

Service:

.

Class GUID:

Description: Dispositivo do sistema básico

Device ID: PCI\VEN_1180&DEV_0852&SUBSYS_30CF103C&REV_12\4&2A4C3A5&0&2C40

Manufacturer:

Name: Dispositivo do sistema básico

PNP Device ID: PCI\VEN_1180&DEV_0852&SUBSYS_30CF103C&REV_12\4&2A4C3A5&0&2C40

Service:

.

Class GUID:

Description: Co-processador

Device ID: PCI\VEN_10DE&DEV_0543&SUBSYS_30CF103C&REV_A2\3&2411E6FE&1&0B

Manufacturer:

Name: Co-processador

PNP Device ID: PCI\VEN_10DE&DEV_0543&SUBSYS_30CF103C&REV_A2\3&2411E6FE&1&0B

Service:

.

Class GUID:

Description:

Device ID: ACPI\HPQ0006\2&DABA3FF&1

Manufacturer:

Name:

PNP Device ID: ACPI\HPQ0006\2&DABA3FF&1

Service:

.

==== System Restore Points ===================

.

RP111: 30/08/2013 09:26:06 - Installed iTunes

RP112: 03/09/2013 21:15:59 - Installed Java 7 Update 25

RP113: 04/09/2013 15:11:12 - Removed Microsoft Office Enterprise 2007

RP114: 04/09/2013 15:20:34 - Installed Microsoft Office Professional Plus 2010

RP115: 04/09/2013 15:52:15 - Language Pack Installation

RP116: 04/09/2013 19:08:09 - Language Pack Installation

.

==== Installed Programs ======================

.

A-PDF Number freeware 1.3

Adobe Flash Player 11 ActiveX 64-bit

Adobe Flash Player 11 Plugin 64-bit

Adobe Reader X (10.1.7) - Português

Adobe Shockwave Player 11.6

Aimersoft Video Converter Ultimate(Build 5.0.1.0)

Apple Mobile Device Support

Apple Software Update

Ask Toolbar

Astroburn Lite

µTorrent

AVG 2012

Bonjour

Citrix Presentation Server Client

Citrix Receiver

Citrix Receiver (HDX Flash Redirection)

Citrix Receiver Inside

Citrix Receiver(Aero)

Citrix Receiver(DV)

Citrix Receiver(USB)

DAEMON Tools Lite

GBBD Banco do Brasil

HP Deskjet 3050 J610 series Help

IRPF2012 - Declaração de Ajuste Anual, Final de Espólio e Saída Definitiva do País

iTunes

Java 7 Update 25

Java Auto Updater

Java 6 Update 31

K-Lite Mega Codec Pack 7.8.0

Microsoft .NET Framework 4 Client Profile

Microsoft .NET Framework 4 Extended

Microsoft Office Access MUI (Portuguese (Brazil)) 2010

Microsoft Office Excel MUI (Portuguese (Brazil)) 2010

Microsoft Office Groove MUI (Portuguese (Brazil)) 2010

Microsoft Office InfoPath MUI (Portuguese (Brazil)) 2010

Microsoft Office Office 32-bit Components 2010

Microsoft Office OneNote MUI (Portuguese (Brazil)) 2010

Microsoft Office Outlook MUI (Portuguese (Brazil)) 2010

Microsoft Office PowerPoint MUI (Portuguese (Brazil)) 2010

Microsoft Office Professional Plus 2010

Microsoft Office Proof (English) 2010

Microsoft Office Proof (Portuguese (Brazil)) 2010

Microsoft Office Proof (Spanish) 2010

Microsoft Office Proofing (Portuguese (Brazil)) 2010

Microsoft Office Publisher MUI (Portuguese (Brazil)) 2010

Microsoft Office Shared 32-bit MUI (Portuguese (Brazil)) 2010

Microsoft Office Shared MUI (Portuguese (Brazil)) 2010

Microsoft Office Word MUI (Portuguese (Brazil)) 2010

Microsoft Visual C++ 2005 Redistributable

Microsoft Visual C++ 2005 Redistributable (x64)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

Mozilla Firefox 12.0 (x86 pt-BR)

Mozilla Maintenance Service

MSXML 4.0 SP2 (KB954430)

MSXML 4.0 SP2 (KB973688)

NVIDIA Drivers

NVIDIA PhysX

Online Plug-in

PDFCreator

RealNetworks - Microsoft Visual C++ 2008 Runtime

RealPlayer

Realtek High Definition Audio Driver

RealUpgrade 1.1

Receitanet

Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)

Security Update for Microsoft .NET Framework 4 Extended (KB2416472)

Security Update for Microsoft .NET Framework 4 Extended (KB2487367)

Security Update for Microsoft .NET Framework 4 Extended (KB2656351)

Spybot - Search & Destroy

Suporte para Aplicativos Apple

swMSM

Update for Microsoft .NET Framework 4 Client Profile (KB2473228)

Visual Studio 2008 x64 Redistributables

WinPcap 4.1.1

WinRAR 4.01 (32-bit)

.

==== End Of File ===========================

GMER 2.1.19163 - http://www.gmer.net

Rootkit scan 2013-09-06 15:43:50

Windows 6.1.7600 x64 \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP2T0L0-3 SAMSUNG_HM320HJ rev.2AK10002 298,09GB

Running: gmer.exe; Driver: C:\Users\Jo\AppData\Local\Temp\uwdiyfog.sys

---- User code sections - GMER 2.1 ----

.text C:\PROGRA~2\GbPlugin\GbpSv.exe[952] C:\Windows\syswow64\kernel32.dll!FreeLibrary 0000000077091de2 5 bytes JMP 000000013b0ae02d

.text C:\PROGRA~2\GbPlugin\GbpSv.exe[952] C:\Windows\syswow64\kernel32.dll!FreeLibraryAndExitThread 00000000770ac835 5 bytes JMP 000000013b0adfa5

---- Threads - GMER 2.1 ----

Thread C:\Windows\system32\taskhost.exe [2780:2852] 000007fef84e2740

Thread C:\Windows\system32\taskhost.exe [2780:2868] 000007fefadc1010

Thread C:\Windows\system32\taskhost.exe [2780:2900] 000007fef8491f38

Thread C:\Windows\system32\taskhost.exe [2780:2904] 000007fef84a3d08

Thread C:\Program Files\Windows Media Player\wmpnetwk.exe [3792:3912] 000007fef7b32a88

---- EOF - GMER 2.1 ----

Compartilhar este post


Link para o post
Compartilhar em outros sites

Caro tobroven

Recomendo que salve este tópico em seus Favoritos para facilitar na hora de encontrá-lo.

Por favor, atente para o seguinte:

  • Caso fique sem resposta durante 3 dias, me envie uma Mensagem Privada (MP);
  • O que será passado aqui, somente será com relação ao problema do seu computador portanto, não faça mais em nenhum outro;
  • Siga, por favor, atentamente as instruções passadas e em caso de dúvidas não hesite em perguntá-las;
  • Sempre coloque suas respostas neste tópico... Não abra outro!
  • Procure sempre me manter informado, durante a remoção, sobre o que acontece com seu computador.
  • Respeite a ordem das instruções passadas.
  • Observação: Não tome outra medida além das passadas aqui; atente para que, caso peça ajuda em outro fórum, não deixe de nos informar, sob risco de desconfigurar seu computador!

# Etapa nº 1 #

Faça o download Junkware Removal Tool e salve em seu Desktop.

  • Desative seus programas de proteção (antivírus etc) para evitar qualquer conflito.
  • Clique duas vezes JRT.exe
    • Se seu sistema for Windows Vista ou Windows 7 ou Windows 8, clique com o botão direito do mouse e peça para Executar como Administrador.

    [*]Seja paciente e aguarde o scan terminar.[*]Abra o log JRT.txt que está em seu Desktop.[*]Copie todo conteúdo e cole em sua próximo mensagem.

# Etapa nº 2 #

  • Clique duas vezes no adwcleaner.exe
    • Atenção: Usuários Windows Vista, 7 e 8, cliquem com o botão direito do mouse e escolha: execadmin.png

  • Clique em Pesquisar
  • No final do scan será aberto um log com o resultado.
  • Caso algo seja detectado, clique então no botão Remover.
  • Novamente, no final do scan será aberto um log com o resultado.
  • Copie todo seu conteúdo e cole em sua próxima resposta.

# Etapa nº 3 #

Leia as instruções contidas neste link:

Nas instruções contidas no link acima, poderá verificar quais os fóruns onde os Analistas estão devidamente habilitados a utilizar corretamente a ferramenta:"Fóruns para receber ajuda com logs do ComboFix"

  1. Faça o download do ComboFix de um dos links oficiais listados abaixo e salve no seu desktop:

[*]Temporariamente e durante a execução destas instruções, é muito importante que mantenha desabilitados os seus programas de proteção (Antivirus, Antispyware e Firewall). Reative as proteções após a execução do(s) procedimento(s) abaixo mencionado(s).[*]Duplo clique no icone desktopicon.png que está no desktop.[*]Leia e aceite as condições, digitando 1 e enter.[*]Computadores com Windows XP deverão instalar o Console de Recuperação:

  • Se o seu computador tem instalado o Windows XP e ainda não tem instalado o Console de Recuperação, por favor certifique-se que está conectado à Internet, e clique em "Sim".
  • Clique em "OK" ao EULA.
  • Quando o Console de Recuperação estiver já instalado, clique em "SIM" para continuar.

[*]O ComboFix será executado, por favor seja paciente e aguarde. [*]Atenção: Não utilize o mouse nem o teclado enquanto a ferramenta estiver sendo executada, isso pode fazer com que o computador pare.[*]Poderá surgir o aviso que é necessário reiniciar o computador.

NÃO REINICIE!!! O ComboFix reiniciará o computador automaticamente.[*]Quando a ferramenta terminar de rodar, gerará um log (o arquivo C:\ComboFix.txt). Copie e cole o conteúdo desse arquivo na sua proxima resposta.

NÃO utilize a ferramenta por conta própria. É uma ferramenta poderosa criada pra lidar com infecções sofisticadas e caso não a utilize corretamente poderá danificar o seu computador.

  • Existem vários malwares que impedem a execução correta da ferramenta e com isso danificar gravemente o computador. Analistas habilitados a utilizar o ComboFix conhecem esses casos e sabem lidar com estas situações.
  • Muitos dos Analistas não respondem a topicos em que vejam que o ComboFix foi utilizado sem supervisão.
  • Existem varias ferramentas anti-malware generalistas em que os autores ao elaborarem a programação das mesmas, estão pensando nos usuários finais e para serem usadas sem supervisão. O Combofix não é uma ferramenta desse tipo, e assim sendo e até por respeito ao autor da ferramenta, não utilize sem supervisão.

Abraços :D

Compartilhar este post


Link para o post
Compartilhar em outros sites





Sobre o Clube do Hardware

No ar desde 1996, o Clube do Hardware é uma das maiores, mais antigas e mais respeitadas publicações sobre tecnologia do Brasil. Leia mais

Direitos autorais

Não permitimos a cópia ou reprodução do conteúdo do nosso site, fórum, newsletters e redes sociais, mesmo citando-se a fonte. Leia mais

×