Veja também:
- Não consigo instalar antivirus
- Não consigo instalar o avira no windows 7 - Melhores respostas
- Antivirus não instala - Melhores respostas
- Não consigo instalar antivirus no pc ✓ - Fórum - Segurança
- Não consigo baixar nem instalar nada no PC ✓ - Fórum - Hardware
- Meu PC não instala nenhum antivirus - Fórum - Segurança
- Não consigo instalar antivírus no celular - Fórum - Segurança
- Não consigo instalar antivirus no meu pc - Fórum - Segurança
5 respostas
maria gescima
li o tutorial do combofix e fiquei com receio de fazer esta limpeza, não tenho muito conhecimento de informática e após a instalação do avira, além de não conseguir fazer a varredura no pc ainda aparece a mensagem : pmgui.exe erro de aplicativo , tem algum outro mais simples. por favor me ajudem
JESUS CRISTO
- Posts
- 1591
- Data de inscrição
- segunda 4 de outubro de 2010
- Status
- Contribuinte
- Última visita
- 23 de junho de 2016
HELLO,MARIA
TENTE INSTALAR ESSE: Avira Free Antivirus
LINK: https://www.avira.com/pt-br/free-antivirus-windows
INSTALE ELE E FAÇA UM SCANEAMENTO COMPLETO DO SISTEMA!
TENTE INSTALAR ESSE: Avira Free Antivirus
LINK: https://www.avira.com/pt-br/free-antivirus-windows
INSTALE ELE E FAÇA UM SCANEAMENTO COMPLETO DO SISTEMA!
André
ComboFix 14-03-10.01 - André Mário 12/03/2014 3:26.1.2 - x86
Microsoft Windows 7 Ultimate 6.1.7601.1.1252.55.1046.18.1619.512 [GMT -3:00]
Executando de: d:\downloads\ComboFix.exe
AV: Avira Desktop *Disabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
SP: Avira Desktop *Disabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
[i] ADS - system32: deleted 4 bytes in 2 streams. /i
[i] ADS - drivers: deleted 314 bytes in 1 streams. /i
.
((((((((((((((((((((((((((((((((((((( Outras Exclusões )))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\André Mário\AppData\Roaming\unins000.exe
c:\windows\system32\roboot.exe
D:\Uninstall.exe
D:\WinRAR.exe
.
.
(((((((((((((((( Arquivos/Ficheiros criados de 2014-02-12 to 2014-03-12 ))))))))))))))))))))))))))))
.
.
2014-03-12 06:40 . 2014-03-12 06:40 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-03-12 06:21 . 2014-03-12 06:21 12568 ----a-w- c:\windows\system32\drivers\PROCEXP113.SYS
2014-03-12 05:18 . 2014-03-12 05:18 -------- d-----w- c:\users\Administrador
2014-03-12 02:59 . 2014-03-12 03:58 -------- d-----w- c:\programdata\MFAData
2014-03-12 02:59 . 2014-03-12 02:59 -------- d-----w- c:\users\André Mário\AppData\Local\MFAData
2014-03-03 03:26 . 2014-03-03 03:29 -------- d-----w- c:\users\André Mário\AppData\Local\Genymobile
2014-03-03 02:20 . 2014-03-03 02:20 -------- d--h--w- c:\windows\msdownld.tmp
2014-03-03 02:12 . 2014-03-03 02:12 640512 ----a-w- c:\windows\system32\advapi32.dll
2014-03-03 02:12 . 2014-03-03 02:12 619520 ----a-w- c:\windows\system32\tdh.dll
2014-03-03 02:12 . 2014-03-03 02:12 3969472 ----a-w- c:\windows\system32\ntkrnlpa.exe
2014-03-03 02:12 . 2014-03-03 02:12 3914176 ----a-w- c:\windows\system32\ntoskrnl.exe
2014-03-03 02:12 . 2014-03-03 02:12 1289096 ----a-w- c:\windows\system32\ntdll.dll
2014-03-03 02:11 . 2014-03-03 02:11 338944 ----a-w- c:\windows\system32\drivers\afd.sys
2014-03-03 02:11 . 2014-03-03 02:11 231424 ----a-w- c:\windows\system32\mswsock.dll
2014-03-03 02:11 . 2014-03-03 02:11 1294272 ----a-w- c:\windows\system32\drivers\tcpip.sys
2014-03-03 02:11 . 2014-03-03 02:11 49152 ----a-w- c:\windows\system32\taskhost.exe
2014-03-03 02:08 . 2014-03-03 02:08 1505280 ----a-w- c:\windows\system32\d3d11.dll
2014-03-03 01:38 . 2014-03-12 03:58 -------- d-----w- c:\users\André Mário\AppData\Roaming\Skype
2014-03-03 01:14 . 2014-01-09 11:42 47456 ----a-w- c:\windows\system32\drivers\Bhbase.sys
2014-03-03 01:12 . 2014-03-03 01:12 -------- d-----w- c:\program files\Baidu Security
2014-03-02 04:48 . 2011-02-24 19:50 -------- d---a-w- C:\WIN7
2014-03-02 04:48 . 2011-02-24 19:50 -------- d---a-w- C:\TOOL
2014-03-02 04:48 . 2011-02-24 19:50 -------- d---a-w- C:\ICON
2014-03-02 02:28 . 2014-03-02 02:28 -------- d-----w- c:\windows\system32\SPReview
2014-03-02 00:15 . 2010-11-20 12:21 253952 ----a-w- c:\windows\system32\spwizui.dll
2014-03-02 00:14 . 2010-11-20 12:29 274304 ----a-w- c:\windows\system32\drivers\acpi.sys
2014-03-02 00:13 . 2010-11-20 12:21 202240 ----a-w- c:\windows\system32\unattend.dll
2014-03-02 00:12 . 2010-11-20 12:21 363008 ----a-w- c:\windows\system32\wbemcomn.dll
2014-03-02 00:12 . 2010-11-20 12:21 189952 ----a-w- c:\program files\Windows Portable Devices\sqmapi.dll
2014-03-02 00:12 . 2010-11-20 12:19 606208 ----a-w- c:\windows\system32\wbem\fastprox.dll
2014-03-02 00:12 . 2010-11-20 12:21 189952 ----a-w- c:\windows\system32\sqmapi.dll
2014-02-27 11:36 . 2014-02-27 11:36 -------- d-----w- c:\users\André Mário\AppData\Local\Skype
2014-02-22 02:42 . 2014-02-22 02:42 -------- d-----w- c:\users\André Mário\AppData\Local\Macromedia
2014-02-21 23:57 . 2014-02-21 23:57 -------- d-----w- c:\users\André Mário\AppData\Roaming\Thunderbird
2014-02-21 23:57 . 2014-02-21 23:57 -------- d-----w- c:\users\André Mário\AppData\Local\Thunderbird
2014-02-21 22:05 . 2014-02-22 03:45 -------- d-----w- c:\users\André Mário\AppData\Local\WebPlayer
2014-02-20 17:07 . 2014-03-12 03:58 -------- d-----w- c:\users\André Mário\AppData\Local\Mozilla
2014-02-20 17:07 . 2014-02-22 12:45 -------- d-----w- c:\program files\Mozilla Maintenance Service
2014-02-20 17:07 . 2014-02-13 00:37 272496 ----a-w- c:\program files\Mozilla Firefox\browser\components\browsercomps.dll
2014-02-14 21:54 . 2014-02-14 22:18 -------- d-----w- c:\users\André Mário\AppData\Roaming\TeamViewer
2014-02-13 01:46 . 2013-06-02 06:56 26032 ----a-w- c:\windows\system32\drivers\Apowersoft_AudioDevice.sys
2014-02-11 04:22 . 2014-02-11 04:22 -------- d-----w- c:\users\André Mário\AppData\Roaming\Mirillis
2014-02-11 04:22 . 2014-02-11 04:22 -------- d-----w- c:\programdata\Mirillis
2014-02-11 04:22 . 2013-05-28 20:22 641024 ----a-w- c:\windows\system32\ficvdec_x86.dll
2014-02-11 04:22 . 2014-02-11 04:36 -------- d-----w- c:\users\André Mário\AppData\Local\Mirillis
2014-02-11 03:57 . 2014-02-11 03:57 -------- d-----w- c:\programdata\PlayClaw5
.
.
.
((((((((((((((((((((((((((((((((((((( Relatório Find3M ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-03-12 06:04 . 2014-01-02 12:55 31088 ----a-w- c:\windows\system32\drivers\GbpNdisrd.sys
2014-03-12 05:58 . 2013-12-04 22:05 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2014-03-12 05:58 . 2013-12-04 22:05 692616 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2014-03-02 03:47 . 2009-07-14 02:05 152576 ----a-w- c:\windows\system32\msclmd.dll
2013-12-22 03:26 . 2013-12-22 03:25 36625920 ----a-w- c:\windows\system32\libcef.dll
2013-12-19 00:39 . 2013-12-19 00:39 178304 ------w- c:\windows\system32\drivers\aswVmm.sys
2013-12-19 00:39 . 2013-12-19 00:39 49944 ------w- c:\windows\system32\drivers\aswRvrt.sys
2013-12-19 00:39 . 2013-12-19 00:39 43152 ----a-w- c:\windows\avastSS.scr
2013-12-18 23:10 . 2014-02-04 17:43 94632 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2013-12-13 17:11 . 2013-12-31 05:24 69240 ----a-w- c:\windows\system32\drivers\avnetflt.sys
2013-12-13 17:11 . 2013-12-31 05:24 90400 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2013-12-13 17:11 . 2013-12-31 05:24 37352 ----a-w- c:\windows\system32\drivers\avkmgr.sys
2013-12-13 17:11 . 2013-12-31 05:24 135648 ----a-w- c:\windows\system32\drivers\avipbb.sys
2011-06-01 10:49 . 2013-12-07 01:10 166912 ----a-w- c:\program files\MiniConvert.exe
2011-05-23 09:48 . 2013-12-07 01:10 6150331 ----a-w- c:\program files\autoupdate-windows.exe
2011-05-23 07:46 . 2013-12-07 01:10 144384 ----a-w- c:\program files\xvid_encraw.exe
2011-01-17 19:41 . 2013-12-07 01:10 8192 ----a-w- c:\program files\CheckUpdate.exe
2008-05-25 13:39 . 2013-12-07 01:10 8704 ----a-w- c:\program files\vidccleaner.exe
2008-05-25 13:39 . 2013-12-07 01:10 13824 ----a-w- c:\program files\StatsReader.exe
2008-05-25 13:39 . 2013-12-07 01:10 9216 ----a-w- c:\program files\OGMCalc.exe
2008-05-25 13:39 . 2013-12-07 01:10 6144 ----a-w- c:\program files\AviC.exe
2008-05-25 13:39 . 2013-12-07 01:10 23040 ----a-w- c:\program files\MiniCalc.exe
.
.
------- Sigcheck -------
Note: Unsigned files aren't necessarily malware.
.
[-] 2014-03-02 . 7BD7F45FF37FA0669CD32CA0EF46E22C . 811520 . . [6.1.7601.17514] . . c:\windows\System32\user32.dll
[7] 2010-11-20 . F1DD3ACAEE5E6B4BBC69BC6DF75CEF66 . 811520 . . [6.1.7601.17514] . . c:\windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_cf3fd62ccb9e983d\user32.dll
[7] 2009-07-14 . 34B7E222E81FAFA885F0C5F2CFA56861 . 811520 . . [6.1.7600.16385] . . c:\windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.1.7600.16385_none_cd0ec264ceb014a3\user32.dll
.
(((((((((((((((((((((((((( Pontos de Carregamento do Registro )))))))))))))))))))))))))))))))))))))))
.
.
*Nota* entradas vazias e legítimas por padrão não são apresentadas.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ AccExtIco1]
@="{AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47}"
[HKEY_CLASSES_ROOT\CLSID\{AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47}]
2013-12-13 14:20 2602864 ----a-w- c:\program files\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x86.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ AccExtIco2]
@="{853B7E05-C47D-4985-909A-D0DC5C6D7303}"
[HKEY_CLASSES_ROOT\CLSID\{853B7E05-C47D-4985-909A-D0DC5C6D7303}]
2013-12-13 14:20 2602864 ----a-w- c:\program files\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x86.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ AccExtIco3]
@="{42D38F2E-98E9-4382-B546-E24E4D6D04BB}"
[HKEY_CLASSES_ROOT\CLSID\{42D38F2E-98E9-4382-B546-E24E4D6D04BB}]
2013-12-13 14:20 2602864 ----a-w- c:\program files\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x86.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"uTorrent"="c:\users\André Mário\AppData\Roaming\uTorrent\uTorrent.exe" [2014-03-05 1450064]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2013-12-13 684600]
"AdobeAAMUpdater-1.0"="c:\program files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2013-12-10 472984]
"AdobeCEPServiceManager"="c:\program files\Common Files\Adobe\CEPServiceManager4\CEPServiceManager.exe" [2013-03-13 1039248]
"QuickTime Task"="D:\QTTask.exe" [2013-05-01 421888]
"Adobe Creative Cloud"="c:\program files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" [2013-12-19 2239376]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2013-07-02 254336]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{E37CB5F0-51F5-4395-A808-5FA49E399008}"= "c:\program files\GbPlugin\gbiehuni.dll" [2013-11-22 1513528]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\ GbPluginCef]
2013-10-16 17:01 1479528 ----a-w- c:\program files\GbPlugin\gbiehcef.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\ GbPluginUni]
2013-11-22 11:45 1513528 ------w- c:\program files\GbPlugin\gbiehuni.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux1"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon]
2013-04-21 23:43 59720 ----a-w- c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
2013-12-25 01:21 116648 ----atw- c:\users\André Mário\AppData\Local\Google\Update\GoogleUpdate.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
2009-02-26 21:36 30040 ----a-w- c:\program files\Microsoft Office\Office12\GrooveMonitor.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2013-05-01 05:59 421888 ----a-w- D:\QTTask.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RtHDVCpl]
2013-10-24 15:57 12017368 ------w- c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\StartCCC]
2013-10-08 11:59 747264 ----a-w- c:\program files\ATI Technologies\ATI.ACE\Core-Static\x86\CLIStart.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2013-07-02 11:16 254336 ----a-w- c:\program files\Common Files\Java\Java Update\jusched.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Xvid]
2011-01-17 19:41 8192 ----a-w- c:\program files\CheckUpdate.exe
.
R1 Bfilter;Baidu Antivirus Minifilter Driver;c:\windows\System32\drivers\Bfilter.sys [x]
R1 Bfmon;Baidu FS Monitor Driver;c:\windows\System32\drivers\Bfmon.sys [x]
R1 Bprotect;Baidu Protect;c:\windows\System32\drivers\Bprotect.sys [x]
R2 AntiVirSchedulerService;Avira Agendamento;c:\program files\Avira\AntiVir Desktop\sched.exe [2013-12-13 440376]
R3 Apowersoft_AudioDevice;Apowersoft_AudioDevice;c:\windows\system32\drivers\Apowersoft_AudioDevice.sys [2013-06-02 26032]
R3 BprotectEx;Baidu ProtectEx;c:\windows\System32\drivers\BprotectEx.sys [x]
R3 EagleXNt;EagleXNt;c:\windows\system32\drivers\EagleXNt.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe [2014-03-03 108032]
R3 ManyCam;ManyCam Virtual Webcam;c:\windows\system32\DRIVERS\mcvidrv.sys [2012-10-11 34432]
R3 mcaudrv_simple;ManyCam Virtual Microphone;c:\windows\system32\drivers\mcaudrv.sys [2013-01-31 22656]
R3 MDA_NTDRV;MDA_NTDRV;c:\windows\system32\MDA_NTDRV.sys [2013-02-25 18136]
R3 Ndisrd;GAS Tecnologia Service;c:\windows\system32\DRIVERS\gbpndisrd.sys [2014-03-12 31088]
R3 PCFApiUtil;PCFApiUtil;c:\program files\Baidu Security\PC Faster\4.0.0.0\PCFApiUtil.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2010-11-20 15872]
R3 SWDUMon;SWDUMon;c:\windows\system32\DRIVERS\SWDUMon.sys [2013-11-19 13464]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 52224]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [x]
R3 VCam_WDM;Fake Webcam 7.2;c:\windows\system32\DRIVERS\VCam_WDM.sys [2012-05-25 101688]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys [x]
R3 WatAdminSvc;Serviço de Tecnologias de Ativação do Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2014-03-02 1343400]
S0 amd_sata;amd_sata;c:\windows\system32\DRIVERS\amd_sata.sys [2011-04-15 66688]
S0 amd_xata;amd_xata;c:\windows\system32\DRIVERS\amd_xata.sys [2011-04-15 33408]
S0 aswRvrt;avast! Revert; [x]
S0 aswVmm;avast! VM Monitor; [x]
S0 Bhbase;Baidu Hook Base;c:\windows\System32\drivers\Bhbase.sys [2014-01-09 47456]
S0 GbpKm;Gbp KernelMode;c:\windows\system32\drivers\gbpkm.sys [2013-11-22 46392]
S1 Avgdiskx;AVG Disk Driver;c:\windows\system32\DRIVERS\avgdiskx.sys [2013-11-05 120600]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys [2013-12-13 37352]
S1 SABI;SAMSUNG Kernel Driver For Windows 7;c:\windows\system32\Drivers\SABI.sys [2010-10-07 10752]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2013-10-08 209408]
S2 AMD FUEL Service;AMD FUEL Service;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2013-10-08 276992]
S2 GbpSv;Gbp Service;c:\progra~1\GbPlugin\GbpSv.exe [2013-11-22 449592]
S2 SavevidService;SavevidService;c:\program files\Savevid\SavevidService.exe [2014-02-05 796152]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW73.sys [2013-07-05 78848]
S3 NdisrdMP;NdisrdMP;c:\windows\system32\DRIVERS\gbpndisrd.sys [2014-03-12 31088]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [2000-01-01 391272]
S3 usbfilter;AMD USB Filter Driver;c:\windows\system32\DRIVERS\usbfilter.sys [2010-12-16 37504]
.
.
--- =Outros Serviços/Drivers Na Memória ---
.
*NewlyCreated* - RDLNXVGH
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-03-04 14:42 1150280 ----a-w- c:\program files\Google\Chrome\Application\33.0.1750.146\Installer\chrmstp.exe
.
Conteúdo da pasta 'Tarefas Agendadas'
.
2014-03-12 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-12-04 05:58]
.
2014-03-12 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2013-11-18 15:09]
.
2014-03-12 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2013-11-18 15:09]
.
.
------- Scan Suplementar -------
.
Trusted Zone: caixa.gov.br\imagem
Trusted Zone: caixa.gov.br\internetbanking
Trusted Zone: caixa.gov.br\internetbankingpf
Trusted Zone: caixa.gov.br\www
Trusted Zone: itau.com.br\bankline
Trusted Zone: itau.com.br\clickbanking
Trusted Zone: itau.com.br\guardiao
Trusted Zone: itau.com.br\www
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath - c:\users\André Mário\AppData\Roaming\Mozilla\Firefox\Profiles\2op6u6u2.default\
.
- - - - ORFÃOS REMOVIDOS - - - -
.
BHO-{EAD01C40-BBE6-4E7D-2739-684499F3C862} - c:\program files\YoutubeAdblocker\z.dll
ShellIconOverlayIdentifiers-{472083B0-C522-11CF-8763-00608CC02F24} - (no file)
ShellIconOverlayIdentifiers-{83BEA36E-7680-4598-A4DF-994426F6E78D} - c:\users\André Mário\AppData\Roaming\Copy\overlay\CopyShExt.dll
ShellIconOverlayIdentifiers-{845B7388-6F85-4F32-9FD5-F02DC7882B89} - c:\users\André Mário\AppData\Roaming\Copy\overlay\CopyShExt.dll
ShellIconOverlayIdentifiers-{F6378A7A-F753-449B-AE1B-997A96132E61} - c:\users\André Mário\AppData\Roaming\Copy\overlay\CopyShExt.dll
ShellIconOverlayIdentifiers-{3A511828-777D-46F8-82F4-5B530C1B3D9E} - c:\users\André Mário\AppData\Roaming\Copy\overlay\CopyShExt.dll
ShellIconOverlayIdentifiers-{C8C88204-5B14-40EC-BA72-8AEBC762047E} - c:\users\André Mário\AppData\Roaming\Copy\overlay\CopyShExt.dll
ShellIconOverlayIdentifiers-{ACFF45C3-3EEB-4351-86C2-6696BA264239} - c:\users\André Mário\AppData\Roaming\Copy\overlay\CopyShExt.dll
ShellIconOverlayIdentifiers-{29AF997F-488B-46F0-AE78-7146F1B89CC3} - c:\users\André Mário\AppData\Roaming\Copy\overlay\CopyShExt.dll
ShellIconOverlayIdentifiers-{03F9AD29-1C78-4B66-8890-B177B5430C53} - c:\users\André Mário\AppData\Roaming\Copy\overlay\CopyShExt.dll
HKCU-Run-AdobeBridge - (no file)
HKLM-Run-AvastUI.exe - D:\AvastUI.exe
HKLM-Run-EaseUS EPM tray - c:\program files\EaseUS\EaseUS Partition Master 9.3.0\bin\EpmNews.exe
HKU-Default-Run-Copy - c:\users\André Mário\AppData\Roaming\Copy\CopyAgent.exe
MSConfigStartUp-Adobe ARM - c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
MSConfigStartUp-EaseUS EPM tray - d:\easeus partition master 9.2.2\bin\EpmNews.exe
MSConfigStartUp-mobilegeni daemon - c:\program files\Mobogenie\DaemonProcess.exe
AddRemove-Xvid Video Codec 1.3.2 - c:\program files\uninstall.exe
AddRemove-{5d01f486-f32d-462e-8830-cc1d116e8ece}_is1 - c:\users\André Mário\AppData\Roaming\unins000.exe
.
.
.
--------------------- CHAVES DO REGISTRO BLOQUEADAS ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Tempo para conclusão: 2014-03-12 03:43:51
ComboFix-quarantined-files.txt 2014-03-12 06:43
.
Pré-execução: 68.728.393.728 bytes disponíveis
Pós execução: 68.772.098.048 bytes disponíveis
.
- - End Of File - - D1E798DF6DACA6B397AA9BA9D1E29B31
A36C5E4F47E84449FF07ED3517B43A31
Microsoft Windows 7 Ultimate 6.1.7601.1.1252.55.1046.18.1619.512 [GMT -3:00]
Executando de: d:\downloads\ComboFix.exe
AV: Avira Desktop *Disabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
SP: Avira Desktop *Disabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
[i] ADS - system32: deleted 4 bytes in 2 streams. /i
[i] ADS - drivers: deleted 314 bytes in 1 streams. /i
.
((((((((((((((((((((((((((((((((((((( Outras Exclusões )))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\André Mário\AppData\Roaming\unins000.exe
c:\windows\system32\roboot.exe
D:\Uninstall.exe
D:\WinRAR.exe
.
.
(((((((((((((((( Arquivos/Ficheiros criados de 2014-02-12 to 2014-03-12 ))))))))))))))))))))))))))))
.
.
2014-03-12 06:40 . 2014-03-12 06:40 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-03-12 06:21 . 2014-03-12 06:21 12568 ----a-w- c:\windows\system32\drivers\PROCEXP113.SYS
2014-03-12 05:18 . 2014-03-12 05:18 -------- d-----w- c:\users\Administrador
2014-03-12 02:59 . 2014-03-12 03:58 -------- d-----w- c:\programdata\MFAData
2014-03-12 02:59 . 2014-03-12 02:59 -------- d-----w- c:\users\André Mário\AppData\Local\MFAData
2014-03-03 03:26 . 2014-03-03 03:29 -------- d-----w- c:\users\André Mário\AppData\Local\Genymobile
2014-03-03 02:20 . 2014-03-03 02:20 -------- d--h--w- c:\windows\msdownld.tmp
2014-03-03 02:12 . 2014-03-03 02:12 640512 ----a-w- c:\windows\system32\advapi32.dll
2014-03-03 02:12 . 2014-03-03 02:12 619520 ----a-w- c:\windows\system32\tdh.dll
2014-03-03 02:12 . 2014-03-03 02:12 3969472 ----a-w- c:\windows\system32\ntkrnlpa.exe
2014-03-03 02:12 . 2014-03-03 02:12 3914176 ----a-w- c:\windows\system32\ntoskrnl.exe
2014-03-03 02:12 . 2014-03-03 02:12 1289096 ----a-w- c:\windows\system32\ntdll.dll
2014-03-03 02:11 . 2014-03-03 02:11 338944 ----a-w- c:\windows\system32\drivers\afd.sys
2014-03-03 02:11 . 2014-03-03 02:11 231424 ----a-w- c:\windows\system32\mswsock.dll
2014-03-03 02:11 . 2014-03-03 02:11 1294272 ----a-w- c:\windows\system32\drivers\tcpip.sys
2014-03-03 02:11 . 2014-03-03 02:11 49152 ----a-w- c:\windows\system32\taskhost.exe
2014-03-03 02:08 . 2014-03-03 02:08 1505280 ----a-w- c:\windows\system32\d3d11.dll
2014-03-03 01:38 . 2014-03-12 03:58 -------- d-----w- c:\users\André Mário\AppData\Roaming\Skype
2014-03-03 01:14 . 2014-01-09 11:42 47456 ----a-w- c:\windows\system32\drivers\Bhbase.sys
2014-03-03 01:12 . 2014-03-03 01:12 -------- d-----w- c:\program files\Baidu Security
2014-03-02 04:48 . 2011-02-24 19:50 -------- d---a-w- C:\WIN7
2014-03-02 04:48 . 2011-02-24 19:50 -------- d---a-w- C:\TOOL
2014-03-02 04:48 . 2011-02-24 19:50 -------- d---a-w- C:\ICON
2014-03-02 02:28 . 2014-03-02 02:28 -------- d-----w- c:\windows\system32\SPReview
2014-03-02 00:15 . 2010-11-20 12:21 253952 ----a-w- c:\windows\system32\spwizui.dll
2014-03-02 00:14 . 2010-11-20 12:29 274304 ----a-w- c:\windows\system32\drivers\acpi.sys
2014-03-02 00:13 . 2010-11-20 12:21 202240 ----a-w- c:\windows\system32\unattend.dll
2014-03-02 00:12 . 2010-11-20 12:21 363008 ----a-w- c:\windows\system32\wbemcomn.dll
2014-03-02 00:12 . 2010-11-20 12:21 189952 ----a-w- c:\program files\Windows Portable Devices\sqmapi.dll
2014-03-02 00:12 . 2010-11-20 12:19 606208 ----a-w- c:\windows\system32\wbem\fastprox.dll
2014-03-02 00:12 . 2010-11-20 12:21 189952 ----a-w- c:\windows\system32\sqmapi.dll
2014-02-27 11:36 . 2014-02-27 11:36 -------- d-----w- c:\users\André Mário\AppData\Local\Skype
2014-02-22 02:42 . 2014-02-22 02:42 -------- d-----w- c:\users\André Mário\AppData\Local\Macromedia
2014-02-21 23:57 . 2014-02-21 23:57 -------- d-----w- c:\users\André Mário\AppData\Roaming\Thunderbird
2014-02-21 23:57 . 2014-02-21 23:57 -------- d-----w- c:\users\André Mário\AppData\Local\Thunderbird
2014-02-21 22:05 . 2014-02-22 03:45 -------- d-----w- c:\users\André Mário\AppData\Local\WebPlayer
2014-02-20 17:07 . 2014-03-12 03:58 -------- d-----w- c:\users\André Mário\AppData\Local\Mozilla
2014-02-20 17:07 . 2014-02-22 12:45 -------- d-----w- c:\program files\Mozilla Maintenance Service
2014-02-20 17:07 . 2014-02-13 00:37 272496 ----a-w- c:\program files\Mozilla Firefox\browser\components\browsercomps.dll
2014-02-14 21:54 . 2014-02-14 22:18 -------- d-----w- c:\users\André Mário\AppData\Roaming\TeamViewer
2014-02-13 01:46 . 2013-06-02 06:56 26032 ----a-w- c:\windows\system32\drivers\Apowersoft_AudioDevice.sys
2014-02-11 04:22 . 2014-02-11 04:22 -------- d-----w- c:\users\André Mário\AppData\Roaming\Mirillis
2014-02-11 04:22 . 2014-02-11 04:22 -------- d-----w- c:\programdata\Mirillis
2014-02-11 04:22 . 2013-05-28 20:22 641024 ----a-w- c:\windows\system32\ficvdec_x86.dll
2014-02-11 04:22 . 2014-02-11 04:36 -------- d-----w- c:\users\André Mário\AppData\Local\Mirillis
2014-02-11 03:57 . 2014-02-11 03:57 -------- d-----w- c:\programdata\PlayClaw5
.
.
.
((((((((((((((((((((((((((((((((((((( Relatório Find3M ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-03-12 06:04 . 2014-01-02 12:55 31088 ----a-w- c:\windows\system32\drivers\GbpNdisrd.sys
2014-03-12 05:58 . 2013-12-04 22:05 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2014-03-12 05:58 . 2013-12-04 22:05 692616 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2014-03-02 03:47 . 2009-07-14 02:05 152576 ----a-w- c:\windows\system32\msclmd.dll
2013-12-22 03:26 . 2013-12-22 03:25 36625920 ----a-w- c:\windows\system32\libcef.dll
2013-12-19 00:39 . 2013-12-19 00:39 178304 ------w- c:\windows\system32\drivers\aswVmm.sys
2013-12-19 00:39 . 2013-12-19 00:39 49944 ------w- c:\windows\system32\drivers\aswRvrt.sys
2013-12-19 00:39 . 2013-12-19 00:39 43152 ----a-w- c:\windows\avastSS.scr
2013-12-18 23:10 . 2014-02-04 17:43 94632 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2013-12-13 17:11 . 2013-12-31 05:24 69240 ----a-w- c:\windows\system32\drivers\avnetflt.sys
2013-12-13 17:11 . 2013-12-31 05:24 90400 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2013-12-13 17:11 . 2013-12-31 05:24 37352 ----a-w- c:\windows\system32\drivers\avkmgr.sys
2013-12-13 17:11 . 2013-12-31 05:24 135648 ----a-w- c:\windows\system32\drivers\avipbb.sys
2011-06-01 10:49 . 2013-12-07 01:10 166912 ----a-w- c:\program files\MiniConvert.exe
2011-05-23 09:48 . 2013-12-07 01:10 6150331 ----a-w- c:\program files\autoupdate-windows.exe
2011-05-23 07:46 . 2013-12-07 01:10 144384 ----a-w- c:\program files\xvid_encraw.exe
2011-01-17 19:41 . 2013-12-07 01:10 8192 ----a-w- c:\program files\CheckUpdate.exe
2008-05-25 13:39 . 2013-12-07 01:10 8704 ----a-w- c:\program files\vidccleaner.exe
2008-05-25 13:39 . 2013-12-07 01:10 13824 ----a-w- c:\program files\StatsReader.exe
2008-05-25 13:39 . 2013-12-07 01:10 9216 ----a-w- c:\program files\OGMCalc.exe
2008-05-25 13:39 . 2013-12-07 01:10 6144 ----a-w- c:\program files\AviC.exe
2008-05-25 13:39 . 2013-12-07 01:10 23040 ----a-w- c:\program files\MiniCalc.exe
.
.
------- Sigcheck -------
Note: Unsigned files aren't necessarily malware.
.
[-] 2014-03-02 . 7BD7F45FF37FA0669CD32CA0EF46E22C . 811520 . . [6.1.7601.17514] . . c:\windows\System32\user32.dll
[7] 2010-11-20 . F1DD3ACAEE5E6B4BBC69BC6DF75CEF66 . 811520 . . [6.1.7601.17514] . . c:\windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_cf3fd62ccb9e983d\user32.dll
[7] 2009-07-14 . 34B7E222E81FAFA885F0C5F2CFA56861 . 811520 . . [6.1.7600.16385] . . c:\windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.1.7600.16385_none_cd0ec264ceb014a3\user32.dll
.
(((((((((((((((((((((((((( Pontos de Carregamento do Registro )))))))))))))))))))))))))))))))))))))))
.
.
*Nota* entradas vazias e legítimas por padrão não são apresentadas.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ AccExtIco1]
@="{AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47}"
[HKEY_CLASSES_ROOT\CLSID\{AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47}]
2013-12-13 14:20 2602864 ----a-w- c:\program files\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x86.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ AccExtIco2]
@="{853B7E05-C47D-4985-909A-D0DC5C6D7303}"
[HKEY_CLASSES_ROOT\CLSID\{853B7E05-C47D-4985-909A-D0DC5C6D7303}]
2013-12-13 14:20 2602864 ----a-w- c:\program files\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x86.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ AccExtIco3]
@="{42D38F2E-98E9-4382-B546-E24E4D6D04BB}"
[HKEY_CLASSES_ROOT\CLSID\{42D38F2E-98E9-4382-B546-E24E4D6D04BB}]
2013-12-13 14:20 2602864 ----a-w- c:\program files\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x86.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"uTorrent"="c:\users\André Mário\AppData\Roaming\uTorrent\uTorrent.exe" [2014-03-05 1450064]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2013-12-13 684600]
"AdobeAAMUpdater-1.0"="c:\program files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2013-12-10 472984]
"AdobeCEPServiceManager"="c:\program files\Common Files\Adobe\CEPServiceManager4\CEPServiceManager.exe" [2013-03-13 1039248]
"QuickTime Task"="D:\QTTask.exe" [2013-05-01 421888]
"Adobe Creative Cloud"="c:\program files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" [2013-12-19 2239376]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2013-07-02 254336]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{E37CB5F0-51F5-4395-A808-5FA49E399008}"= "c:\program files\GbPlugin\gbiehuni.dll" [2013-11-22 1513528]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\ GbPluginCef]
2013-10-16 17:01 1479528 ----a-w- c:\program files\GbPlugin\gbiehcef.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\ GbPluginUni]
2013-11-22 11:45 1513528 ------w- c:\program files\GbPlugin\gbiehuni.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux1"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon]
2013-04-21 23:43 59720 ----a-w- c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
2013-12-25 01:21 116648 ----atw- c:\users\André Mário\AppData\Local\Google\Update\GoogleUpdate.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
2009-02-26 21:36 30040 ----a-w- c:\program files\Microsoft Office\Office12\GrooveMonitor.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2013-05-01 05:59 421888 ----a-w- D:\QTTask.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RtHDVCpl]
2013-10-24 15:57 12017368 ------w- c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\StartCCC]
2013-10-08 11:59 747264 ----a-w- c:\program files\ATI Technologies\ATI.ACE\Core-Static\x86\CLIStart.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2013-07-02 11:16 254336 ----a-w- c:\program files\Common Files\Java\Java Update\jusched.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Xvid]
2011-01-17 19:41 8192 ----a-w- c:\program files\CheckUpdate.exe
.
R1 Bfilter;Baidu Antivirus Minifilter Driver;c:\windows\System32\drivers\Bfilter.sys [x]
R1 Bfmon;Baidu FS Monitor Driver;c:\windows\System32\drivers\Bfmon.sys [x]
R1 Bprotect;Baidu Protect;c:\windows\System32\drivers\Bprotect.sys [x]
R2 AntiVirSchedulerService;Avira Agendamento;c:\program files\Avira\AntiVir Desktop\sched.exe [2013-12-13 440376]
R3 Apowersoft_AudioDevice;Apowersoft_AudioDevice;c:\windows\system32\drivers\Apowersoft_AudioDevice.sys [2013-06-02 26032]
R3 BprotectEx;Baidu ProtectEx;c:\windows\System32\drivers\BprotectEx.sys [x]
R3 EagleXNt;EagleXNt;c:\windows\system32\drivers\EagleXNt.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe [2014-03-03 108032]
R3 ManyCam;ManyCam Virtual Webcam;c:\windows\system32\DRIVERS\mcvidrv.sys [2012-10-11 34432]
R3 mcaudrv_simple;ManyCam Virtual Microphone;c:\windows\system32\drivers\mcaudrv.sys [2013-01-31 22656]
R3 MDA_NTDRV;MDA_NTDRV;c:\windows\system32\MDA_NTDRV.sys [2013-02-25 18136]
R3 Ndisrd;GAS Tecnologia Service;c:\windows\system32\DRIVERS\gbpndisrd.sys [2014-03-12 31088]
R3 PCFApiUtil;PCFApiUtil;c:\program files\Baidu Security\PC Faster\4.0.0.0\PCFApiUtil.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2010-11-20 15872]
R3 SWDUMon;SWDUMon;c:\windows\system32\DRIVERS\SWDUMon.sys [2013-11-19 13464]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 52224]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [x]
R3 VCam_WDM;Fake Webcam 7.2;c:\windows\system32\DRIVERS\VCam_WDM.sys [2012-05-25 101688]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys [x]
R3 WatAdminSvc;Serviço de Tecnologias de Ativação do Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2014-03-02 1343400]
S0 amd_sata;amd_sata;c:\windows\system32\DRIVERS\amd_sata.sys [2011-04-15 66688]
S0 amd_xata;amd_xata;c:\windows\system32\DRIVERS\amd_xata.sys [2011-04-15 33408]
S0 aswRvrt;avast! Revert; [x]
S0 aswVmm;avast! VM Monitor; [x]
S0 Bhbase;Baidu Hook Base;c:\windows\System32\drivers\Bhbase.sys [2014-01-09 47456]
S0 GbpKm;Gbp KernelMode;c:\windows\system32\drivers\gbpkm.sys [2013-11-22 46392]
S1 Avgdiskx;AVG Disk Driver;c:\windows\system32\DRIVERS\avgdiskx.sys [2013-11-05 120600]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys [2013-12-13 37352]
S1 SABI;SAMSUNG Kernel Driver For Windows 7;c:\windows\system32\Drivers\SABI.sys [2010-10-07 10752]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2013-10-08 209408]
S2 AMD FUEL Service;AMD FUEL Service;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2013-10-08 276992]
S2 GbpSv;Gbp Service;c:\progra~1\GbPlugin\GbpSv.exe [2013-11-22 449592]
S2 SavevidService;SavevidService;c:\program files\Savevid\SavevidService.exe [2014-02-05 796152]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW73.sys [2013-07-05 78848]
S3 NdisrdMP;NdisrdMP;c:\windows\system32\DRIVERS\gbpndisrd.sys [2014-03-12 31088]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [2000-01-01 391272]
S3 usbfilter;AMD USB Filter Driver;c:\windows\system32\DRIVERS\usbfilter.sys [2010-12-16 37504]
.
.
--- =Outros Serviços/Drivers Na Memória ---
.
*NewlyCreated* - RDLNXVGH
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-03-04 14:42 1150280 ----a-w- c:\program files\Google\Chrome\Application\33.0.1750.146\Installer\chrmstp.exe
.
Conteúdo da pasta 'Tarefas Agendadas'
.
2014-03-12 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-12-04 05:58]
.
2014-03-12 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2013-11-18 15:09]
.
2014-03-12 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2013-11-18 15:09]
.
.
------- Scan Suplementar -------
.
Trusted Zone: caixa.gov.br\imagem
Trusted Zone: caixa.gov.br\internetbanking
Trusted Zone: caixa.gov.br\internetbankingpf
Trusted Zone: caixa.gov.br\www
Trusted Zone: itau.com.br\bankline
Trusted Zone: itau.com.br\clickbanking
Trusted Zone: itau.com.br\guardiao
Trusted Zone: itau.com.br\www
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath - c:\users\André Mário\AppData\Roaming\Mozilla\Firefox\Profiles\2op6u6u2.default\
.
- - - - ORFÃOS REMOVIDOS - - - -
.
BHO-{EAD01C40-BBE6-4E7D-2739-684499F3C862} - c:\program files\YoutubeAdblocker\z.dll
ShellIconOverlayIdentifiers-{472083B0-C522-11CF-8763-00608CC02F24} - (no file)
ShellIconOverlayIdentifiers-{83BEA36E-7680-4598-A4DF-994426F6E78D} - c:\users\André Mário\AppData\Roaming\Copy\overlay\CopyShExt.dll
ShellIconOverlayIdentifiers-{845B7388-6F85-4F32-9FD5-F02DC7882B89} - c:\users\André Mário\AppData\Roaming\Copy\overlay\CopyShExt.dll
ShellIconOverlayIdentifiers-{F6378A7A-F753-449B-AE1B-997A96132E61} - c:\users\André Mário\AppData\Roaming\Copy\overlay\CopyShExt.dll
ShellIconOverlayIdentifiers-{3A511828-777D-46F8-82F4-5B530C1B3D9E} - c:\users\André Mário\AppData\Roaming\Copy\overlay\CopyShExt.dll
ShellIconOverlayIdentifiers-{C8C88204-5B14-40EC-BA72-8AEBC762047E} - c:\users\André Mário\AppData\Roaming\Copy\overlay\CopyShExt.dll
ShellIconOverlayIdentifiers-{ACFF45C3-3EEB-4351-86C2-6696BA264239} - c:\users\André Mário\AppData\Roaming\Copy\overlay\CopyShExt.dll
ShellIconOverlayIdentifiers-{29AF997F-488B-46F0-AE78-7146F1B89CC3} - c:\users\André Mário\AppData\Roaming\Copy\overlay\CopyShExt.dll
ShellIconOverlayIdentifiers-{03F9AD29-1C78-4B66-8890-B177B5430C53} - c:\users\André Mário\AppData\Roaming\Copy\overlay\CopyShExt.dll
HKCU-Run-AdobeBridge - (no file)
HKLM-Run-AvastUI.exe - D:\AvastUI.exe
HKLM-Run-EaseUS EPM tray - c:\program files\EaseUS\EaseUS Partition Master 9.3.0\bin\EpmNews.exe
HKU-Default-Run-Copy - c:\users\André Mário\AppData\Roaming\Copy\CopyAgent.exe
MSConfigStartUp-Adobe ARM - c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
MSConfigStartUp-EaseUS EPM tray - d:\easeus partition master 9.2.2\bin\EpmNews.exe
MSConfigStartUp-mobilegeni daemon - c:\program files\Mobogenie\DaemonProcess.exe
AddRemove-Xvid Video Codec 1.3.2 - c:\program files\uninstall.exe
AddRemove-{5d01f486-f32d-462e-8830-cc1d116e8ece}_is1 - c:\users\André Mário\AppData\Roaming\unins000.exe
.
.
.
--------------------- CHAVES DO REGISTRO BLOQUEADAS ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Tempo para conclusão: 2014-03-12 03:43:51
ComboFix-quarantined-files.txt 2014-03-12 06:43
.
Pré-execução: 68.728.393.728 bytes disponíveis
Pós execução: 68.772.098.048 bytes disponíveis
.
- - End Of File - - D1E798DF6DACA6B397AA9BA9D1E29B31
A36C5E4F47E84449FF07ED3517B43A31
maria gescima goncalves
- Posts
- 2
- Data de inscrição
- quarta 28 de agosto de 2013
- Status
- Membro
- Última visita
- 29 de agosto de 2013
consegui instalar o avira, mas quando peço uma varredura no pc aparece a mensagem:
avscan.exe-erro de aplicativo
o aplicativo não pode ser inicializado corretamente(0xc0000005)
o que eu faço ?
avscan.exe-erro de aplicativo
o aplicativo não pode ser inicializado corretamente(0xc0000005)
o que eu faço ?
JESUS CRISTO
- Posts
- 1591
- Data de inscrição
- segunda 4 de outubro de 2010
- Status
- Contribuinte
- Última visita
- 23 de junho de 2016
@MARIA
PODE SER QUE SEU SISTEMA ESTEJA INFECTADO!
EXPERIMENTE PASSAR ESSE PROGRAMA PORTATIL DE LIMPEZA!
LINK: https://www.bleepingcomputer.com/download/combofix/dl/12/
LEIA ESSE TUTORIAL DE COMO USAR:
LINK: https://www.bleepingcomputer.com/combofix/pt/como-usar-o-combofix
FAÇA UM SCANEAMENTO E POSTE AQUI O RESULTADO!
PODE SER QUE SEU SISTEMA ESTEJA INFECTADO!
EXPERIMENTE PASSAR ESSE PROGRAMA PORTATIL DE LIMPEZA!
LINK: https://www.bleepingcomputer.com/download/combofix/dl/12/
LEIA ESSE TUTORIAL DE COMO USAR:
LINK: https://www.bleepingcomputer.com/combofix/pt/como-usar-o-combofix
FAÇA UM SCANEAMENTO E POSTE AQUI O RESULTADO!
Assine nossa newsletter!
- Posts
-
1591
- Data de inscrição
- segunda 4 de outubro de 2010
- Status
- Contribuinte
- Última visita
- 23 de junho de 2016
3.045PODE USAR O COMBOFIX SEM MEDO!
ELE FUNCIONA 99% DE FORMA AUTOMÁTICA OU SEJA SUA INTERFERÊNCIA É MINIMA!
MAS SE VC QUISER TESTAR OUTRO: TENTE ESSE ROGUEKILLER!
LINK: http://www.geekstogo.com/forum/files/file/413-roguekiller/
ESSE PROGRAMA TAMBEM É PORTATIL OU SEJA SALVE ELE NO SEU DESKTOP E EXECUTE!
ELE É BEM INTUITIVO OU SEJA,ABRA ELE E CLICK EM VERIFICAR E APÓS ELE FAZER O SCANEAMENTO FAÇA AS REMOÇÕES NECESSÁRIAS!