Análise de Log

Question

Ol&aacute;... Precisaria que algu&eacute;m verificasse o meu tambem...&eacute; possivel?

[SPOILER=ComboFix]ComboFix 15-10-06.01 - S&eacute;rgio 07/10/2015  21:53:45.6.4 - x86
Microsoft Windows 7 Professional   6.1.7601.1.1252.55.1046.18.2933.1349 [GMT -3:00]
Executando de: c:\users\S&Uacute;rgio\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
FW: avast! Antivirus *Disabled* {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}
SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
 ADS - drivers: deleted 310 bytes in 1 streams. 
.
(((((((((((((((((((((((((((((((((((((   Outras Exclus&otilde;es   )))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files\shopperz
c:\program files\shopperz\csrcc.exe
c:\program files\shopperz\grunt.exe
c:\program files\shopperz\krios.dll
c:\program files\shopperz
seven.exe
c:\programdata
tuser.pol
c:\windows\system32\DEBUG.log
.
.
((((((((((((((((   Arquivos/Ficheiros criados de 2015-09-08 to 2015-10-08  ))))))))))))))))))))))))))))
.
.
2015-10-08 01:21 . 2015-10-08 01:22    --------    d-----w-    c:\users\S&eacute;rgio\AppData\Local	emp
2015-10-08 01:21 . 2015-10-08 01:21    --------    d-----w-    c:\users\Public\AppData\Local	emp
2015-10-08 01:21 . 2015-10-08 01:21    --------    d-----w-    c:\users\Leonardo\AppData\Local	emp
2015-10-08 01:21 . 2015-10-08 01:21    --------    d-----w-    c:\users\Intruso\AppData\Local	emp
2015-10-08 01:21 . 2015-10-08 01:21    --------    d-----w-    c:\users\Default\AppData\Local	emp
2015-10-08 01:21 . 2015-10-08 01:21    --------    d-----w-    c:\users\Administrador\AppData\Local	emp
2015-10-02 11:55 . 2015-10-02 11:55    62576    ----a-w-    c:\programdata\Microsoft\Windows Defender\Definition Updates\{47B916F7-73D1-44EE-90C4-4E081D0679B6}\offreg.3132.dll
2015-10-01 18:23 . 2015-10-01 18:23    --------    d-----w-    c:\users\S&eacute;rgio\AppData\Local\CounterPath
2015-10-01 18:20 . 2015-10-01 18:20    --------    d-----w-    c:\program files\CounterPath
2015-10-01 11:05 . 2015-10-01 11:05    313472    ----a-w-    c:\windows\system32\aswBoot.exe
2015-10-01 11:05 . 2015-10-01 11:05    43112    ----a-w-    c:\windows\avastSS.scr
2015-09-24 12:19 . 2015-10-01 00:00    --------    d-----w-    c:\users\S&eacute;rgio\.temp
2015-09-20 04:37 . 2015-09-20 04:37    62576    ----a-w-    c:\programdata\Microsoft\Windows Defender\Definition Updates\{47B916F7-73D1-44EE-90C4-4E081D0679B6}\offreg.3292.dll
2015-09-17 12:06 . 2015-09-17 12:06    62576    ----a-w-    c:\programdata\Microsoft\Windows Defender\Definition Updates\{47B916F7-73D1-44EE-90C4-4E081D0679B6}\offreg.2864.dll
2015-09-10 14:42 . 2015-09-10 14:42    62576    ----a-w-    c:\programdata\Microsoft\Windows Defender\Definition Updates\{47B916F7-73D1-44EE-90C4-4E081D0679B6}\offreg.2976.dll
2015-09-08 20:22 . 2015-09-08 20:22    62576    ----a-w-    c:\programdata\Microsoft\Windows Defender\Definition Updates\{47B916F7-73D1-44EE-90C4-4E081D0679B6}\offreg.2756.dll
2015-09-08 20:12 . 2015-09-08 20:12    --------    d-----w-    c:\programdata\STORAGECLOUD STD
2015-09-08 20:12 . 2015-09-24 12:19    --------    d-----w-    c:\users\S&eacute;rgio\.acb
2015-09-08 20:10 . 2015-09-08 20:11    --------    d-----w-    c:\program files\STORAGECLOUD STD
.
.
.
(((((((((((((((((((((((((((((((((((((   Relat&oacute;rio Find3M   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-10-01 11:05 . 2014-05-08 12:21    115640    ----a-w-    c:\windows\system32\drivers\aswStm.sys
2015-10-01 11:05 . 2014-05-08 12:21    24016    ----a-w-    c:\windows\system32\drivers\aswHwid.sys
2015-10-01 11:05 . 2013-05-28 13:23    434184    ----a-w-    c:\windows\system32\drivers\aswSP.sys
2015-10-01 11:05 . 2013-05-28 13:23    81728    ----a-w-    c:\windows\system32\drivers\aswRdr2.sys
2015-10-01 11:05 . 2013-05-28 13:22    208664    ----a-w-    c:\windows\system32\drivers\aswVmm.sys
2015-10-01 11:05 . 2013-05-28 13:22    49776    ----a-w-    c:\windows\system32\drivers\aswRvrt.sys
2015-10-01 11:05 . 2013-05-28 13:22    76000    ----a-w-    c:\windows\system32\drivers\aswMonFlt.sys
2015-10-01 11:05 . 2013-05-28 13:22    789296    ----a-w-    c:\windows\system32\drivers\aswSnx.sys
2015-10-01 11:05 . 2015-07-31 23:49    107984    ----a-w-    c:\windows\system32\drivers
gvss.sys
2015-09-25 15:53 . 2012-11-01 11:42    780488    ----a-w-    c:\windows\system32\FlashPlayerApp.exe
2015-09-25 15:53 . 2012-11-01 11:42    142536    ----a-w-    c:\windows\system32\FlashPlayerCPLApp.cpl
2015-08-28 22:08 . 2015-08-28 22:08    62576    ----a-w-    c:\programdata\Microsoft\Windows Defender\Definition Updates\{47B916F7-73D1-44EE-90C4-4E081D0679B6}\offreg.2308.dll
2015-08-26 17:35 . 2012-12-29 12:10    49496    ----a-w-    c:\windows\system32\drivers\GbpKm.sys
2015-08-20 17:16 . 2015-08-20 17:16    62576    ----a-w-    c:\programdata\Microsoft\Windows Defender\Definition Updates\{47B916F7-73D1-44EE-90C4-4E081D0679B6}\offreg.2452.dll
2015-08-19 10:44 . 2015-08-19 10:44    62576    ----a-w-    c:\programdata\Microsoft\Windows Defender\Definition Updates\{47B916F7-73D1-44EE-90C4-4E081D0679B6}\offreg.2624.dll
2015-08-17 18:56 . 2015-08-17 18:56    62576    ----a-w-    c:\programdata\Microsoft\Windows Defender\Definition Updates\{47B916F7-73D1-44EE-90C4-4E081D0679B6}\offreg.2660.dll
2015-08-12 13:35 . 2015-08-12 13:35    62576    ----a-w-    c:\programdata\Microsoft\Windows Defender\Definition Updates\{47B916F7-73D1-44EE-90C4-4E081D0679B6}\offreg.2212.dll
2015-08-11 06:47 . 2015-08-11 06:47    62576    ----a-w-    c:\programdata\Microsoft\Windows Defender\Definition Updates\{47B916F7-73D1-44EE-90C4-4E081D0679B6}\offreg.3256.dll
2015-08-05 11:13 . 2015-08-05 11:13    716551    ----a-w-    c:\windows\unins000.exe
2015-07-27 13:23 . 2014-07-28 12:14    96352    ----a-w-    c:\windows\system32\WindowsAccessBridge.dll
2015-07-21 10:25 . 2015-08-11 06:45    9252608    ----a-w-    c:\programdata\Microsoft\Windows Defender\Definition Updates\{47B916F7-73D1-44EE-90C4-4E081D0679B6}\mpengine.dll
.
.
((((((((((((((((((((((((((   Pontos de Carregamento do Registro   )))))))))))))))))))))))))))))))))))))))
.
.
*Nota* entradas vazias e leg&iacute;timas por padr&atilde;o n&atilde;o s&atilde;o apresentadas.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\  GoogleDriveBlacklisted]
@={81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}]
2015-09-11 15:56    576840    ----a-w-    c:\program files\Google\Drive\googledrivesync32.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\  GoogleDriveSynced]
@={81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}]
2015-09-11 15:56    576840    ----a-w-    c:\program files\Google\Drive\googledrivesync32.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\  GoogleDriveSyncing]
@={81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}]
2015-09-11 15:56    576840    ----a-w-    c:\program files\Google\Drive\googledrivesync32.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt1]
@={FB314ED9-A251-47B7-93E1-CDD82E34AF8B}
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2015-10-01 23:08    194824    ----a-w-    c:\users\S&eacute;rgio\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt2]
@={FB314EDA-A251-47B7-93E1-CDD82E34AF8B}
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2015-10-01 23:08    194824    ----a-w-    c:\users\S&eacute;rgio\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt3]
@={FB314EDD-A251-47B7-93E1-CDD82E34AF8B}
[HKEY_CLASSES_ROOT\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}]
2015-10-01 23:08    194824    ----a-w-    c:\users\S&eacute;rgio\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt4]
@={FB314EDE-A251-47B7-93E1-CDD82E34AF8B}
[HKEY_CLASSES_ROOT\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}]
2015-10-01 23:08    194824    ----a-w-    c:\users\S&eacute;rgio\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt5]
@={FB314EDB-A251-47B7-93E1-CDD82E34AF8B}
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2015-10-01 23:08    194824    ----a-w-    c:\users\S&eacute;rgio\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt6]
@={FB314EDF-A251-47B7-93E1-CDD82E34AF8B}
[HKEY_CLASSES_ROOT\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}]
2015-10-01 23:08    194824    ----a-w-    c:\users\S&eacute;rgio\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt7]
@={FB314EDC-A251-47B7-93E1-CDD82E34AF8B}
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2015-10-01 23:08    194824    ----a-w-    c:\users\S&eacute;rgio\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt8]
@={FB314EE0-A251-47B7-93E1-CDD82E34AF8B}
[HKEY_CLASSES_ROOT\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}]
2015-10-01 23:08    194824    ----a-w-    c:\users\S&eacute;rgio\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@={472083B0-C522-11CF-8763-00608CC02F24}
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2015-10-01 11:05    696120    ----a-w-    c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\BaiduAntivirusIconLock]
@={0A93904A-BB1E-4a0c-9753-B57B9AE272CC}
[HKEY_CLASSES_ROOT\CLSID\{0A93904A-BB1E-4a0c-9753-B57B9AE272CC}]
c:\program files\Baidu Security\Baidu Antivirus\BavShx.dll [BU]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
iCloudServices=c:\program files\Common Files\Apple\Internet Services\iCloudServices.exe [2014-10-17 43816]
ApplePhotoStreams=c:\program files\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [2014-10-17 43816]
Dropbox Update=c:\users\S&eacute;rgio\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-15 134512]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
AvastUI.exe=c:\program files\AVAST Software\Avast\AvastUI.exe [2015-10-01 6134544]
Diebold - Warsaw=c:\program files\Diebold\Warsaw\core.exe [2015-06-25 509752]
GrooveMonitor=c:\program files\Microsoft Office\Office12\GrooveMonitor.exe [2006-10-27 31016]
SunJavaUpdateSched=c:\program files\Common Files\Java\Java Update\jusched.exe [2015-06-08 334896]
CertificateRegistration=aetcrss1.exe [2013-12-18 18944]
DoroServer=c:\program files\DoroPDFWriter\DoroServer.exe [2015-06-09 208896]
OBASystemTray=c:\program files\STORAGECLOUD STD\bin\SystemTray.exe [2015-07-28 375184]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
SPReview=c:\windows\System32\SPReview\SPReview.exe [2013-05-01 280576]
.
c:\users\S&eacute;rgio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dropbox.lnk - c:\users\S&eacute;rgio\AppData\Roaming\Dropbox\bin\Dropbox.exe /systemstartup [2015-5-5 36710768]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
ConsentPromptBehaviorAdmin= 0 (0x0)
ConsentPromptBehaviorUser= 3 (0x3)
EnableLUA= 0 (0x0)
EnableUIADesktopToggle= 0 (0x0)
PromptOnSecureDesktop= 0 (0x0)
SoftwareSASGeneration= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon
otify\ GbPluginBb]
2015-08-19 17:36    1896320    ----a-w-    c:\program files\GbPlugin\gbieh.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon
otify\ GbPluginCef]
2015-09-01 17:33    1867432    ----a-w-    c:\program files\GbPlugin\gbiehcef.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2015-07-07 23:12    998104    ----a-w-    c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ApplePhotoStreams]
2014-10-17 17:24    43816    ----a-w-    c:\program files\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon]
2014-10-11 16:05    60712    ----a-w-    c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BoBrowser]
c:\users\S&eacute;rgio\AppData\Local\BoBrowser\Application\bobrowser.exe [BU]
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CCleaner]
2013-09-19 16:01    3905304    ----a-w-    c:\program files\CCleaner\CCleaner.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DoroServer]
2015-06-09 22:13    208896    ----a-w-    c:\program files\DoroPDFWriter\DoroServer.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Facebook Update]
2014-01-28 13:05    138096    ----atw-    c:\users\S&eacute;rgio\AppData\Local\Facebook\Update\FacebookUpdate.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iCloudDrive]
2014-10-20 19:52    43816    ----a-w-    c:\program files\Common Files\Apple\Internet Services\iCloudDrive.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iCloudServices]
2014-10-17 17:24    43816    ----a-w-    c:\program files\Common Files\Apple\Internet Services\iCloudServices.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\mobilegeni daemon]
c:\program files\Mobogenie\DaemonProcess.exe [BU]
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SkyDrive]
c:\users\S&eacute;rgio\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe [BU]
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2015-06-08 22:08    334896    ----a-w-    c:\program files\Common Files\Java\Java Update\jusched.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\uTorrent]
c:\users\S&eacute;rgio\AppData\Roaming\uTorrent\uTorrent.exe [BU]
.
R1 cherimoya;cherimoya;c:\windows\system32\drivers\cherimoya.sys [x]
R1 qknfd;qknfd;c:\windows\system32\drivers\qknfd.sys [x]
R1 wpnfd_1_10_0_4;wpnfd_1_10_0_4;c:\windows\system32\drivers\wpnfd_1_10_0_4.sys [x]
R2 aswStm;aswStm;c:\windows\system32\drivers\aswStm.sys [2015-10-01 115640]
R2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [2015-07-09 327296]
R3 BprotectEx;Baidu ProtectEx;c:\windows\System32\drivers\BprotectEx.sys [x]
R3 easytether;easytether;c:\windows\system32\DRIVERS\easytthr.sys [x]
R3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device;c:\windows\system32\DRIVERS\ew_hwusbdev.sys [x]
R3 ew_usbenumfilter;huawei_CompositeFilter;c:\windows\system32\DRIVERS\ew_usbenumfilter.sys [x]
R3 huawei_cdcacm;huawei_cdcacm;c:\windows\system32\DRIVERS\ew_jucdcacm.sys [x]
R3 huawei_enumerator;huawei_enumerator;c:\windows\system32\DRIVERS\ew_jubusenum.sys [x]
R3 huawei_ext_ctrl;huawei_ext_ctrl;c:\windows\system32\DRIVERS\ew_juextctrl.sys [x]
R3 huawei_wwanecm;huawei_wwanecm;c:\windows\system32\DRIVERS\ew_juwwanecm.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe [2015-01-12 102912]
R3 massfilter;MBB Mass Storage Filter Driver;c:\windows\system32\DRIVERS\ztembbmassfilter.sys [2012-11-22 11776]
R3 mtkmbim6.2;M Platform MBN 6.2 Miniport;c:\windows\system32\DRIVERS\mtkmbim7.sys [2012-12-03 173056]
R3 NdisrdMP;NdisrdMP;c:\windows\system32\DRIVERS\gbpndisrd.sys [x]
R3 Netaapl;Apple Mobile Device Ethernet Service;c:\windows\system32\DRIVERS
etaapl.sys [2013-07-25 18944]
R3 nmwcdnsu;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers
mwcdnsu.sys [2011-08-17 137472]
R3 PCFApiUtil;PCFApiUtil;c:\program files\Baidu Security\PC Faster\4.0.0.0\PCFApiUtil.sys [x]
R3 PPEMSCAN;Protector Plus Email Scan Driver;c:\protector plus\PPEMSCAN.sys [x]
R3 PPFWVST;Protector Plus FireWall Vista Driver;c:\protector plus\PPFWVST.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers	susbflt.sys [2010-11-20 52224]
R3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter;c:\windows\system32\DRIVERS\VBoxNetAdp.sys [2013-02-20 104720]
R3 VBoxNetFlt;VirtualBox Bridged Networking Service;c:\windows\system32\DRIVERS\VBoxNetFlt.sys [x]
R3 VBoxUSB;VirtualBox USB;c:\windows\system32\Drivers\VBoxUSB.sys [2013-02-20 84752]
R3 WatAdminSvc;Servi&ccedil;o de Tecnologias de Ativa&ccedil;&atilde;o do Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2012-11-03 1343400]
R3 wdf_usb;wdf_usb;c:\windows\system32\DRIVERS\usb2ser.sys [2012-11-29 69120]
S0 aswRvrt;avast! Revert; [x]
S0 aswVmm;avast! VM Monitor; [x]
S0 GbpKm;Gbp KernelMode;c:\windows\system32\drivers\gbpkm.sys [2015-08-26 49496]
S0 ngvss;ngvss; [x]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2015-10-01 789296]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2015-10-01 434184]
S1 EfiMon;EfiSystemMon;c:\windows\system32\Drivers\Efimon.sys [2014-01-14 23624]
S1 Ndisrd;GAS Tecnologia Filter Driver;c:\windows\system32\DRIVERS\gbpndisrdn.sys [2014-04-01 29400]
S2 aswHwid;avast! HardwareID;c:\windows\system32\drivers\aswHwid.sys [2015-10-01 24016]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2015-10-01 76000]
S2 GbpSv;Gbp Service;c:\progra~1\GbPlugin\GbpSv.exe [2015-08-12 587576]
S2 MyLocalService;Net.Tcp Service Handler;c:\windows\system32\NetService
etservice.exe [2015-01-20 226888]
S2 OBAAutoUpdate;AutoUpdateAgent (STORAGECLOUD STD);c:\program files\STORAGECLOUD STD\aua\bin\Aua.exe [2015-07-28 182672]
S2 OBACDPService;Continuous Data Protection (STORAGECLOUD STD);c:\program files\STORAGECLOUD STD\bin\CDPService.exe [2015-07-28 268720]
S2 OBAScheduler;Online Backup Scheduler (STORAGECLOUD STD);c:\program files\STORAGECLOUD STD\bin\Scheduler.exe [2015-07-28 84368]
S2 VBoxAswDrv;VBoxAsw Support Driver;c:\program files\AVAST Software\Avast
g\vbox\VBoxAswDrv.sys [2015-10-01 220752]
S2 Warsaw Technology;Warsaw Technology;c:\program files\Diebold\Warsaw\core.exe [2015-06-25 509752]
S3 AvastVBoxSvc;AvastVBox COM Service;c:\program files\AVAST Software\Avast
g\vbox\AvastVBoxSVC.exe [2015-10-01 3219136]
S4 WinDivert1.1;WinDivert1.1;c:\program files\Diebold\Warsaw\WinDivert32.sys [2015-05-04 31448]
.
.
--- =Outros Servi&ccedil;os/Drivers Na Mem&oacute;ria ---
.
*Deregistered* - GbFtIn
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2015-09-25 10:42    997704    ----a-w-    c:\program files\Google\Chrome\Application\45.0.2454.101\Installer\chrmstp.exe
.
Conte&uacute;do da pasta 'Tarefas Agendadas'
.
2015-10-08 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-11-01 15:53]
.
2015-10-08 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2013-05-06 17:29]
.
2015-10-08 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2013-05-06 17:29]
.
.
------- Scan Suplementar -------
.
uStart Page = www.123rede.com?oem=ver1&uid=S26VJ9AB302867_SAMSUNGHM321HI&tm=1431383415
mStart Page = www.123rede.com?oem=ver1&uid=S26VJ9AB302867_SAMSUNGHM321HI&tm=1431383415
uInternet Settings,ProxyOverride = 192.168.*
uInternet Settings,ProxyServer = proxycsf:8080
IE: E&xportar para o Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
Trusted Zone: bancobrasil.com.br\www
Trusted Zone: bancobrasil.com.br\www14
Trusted Zone: bancobrasil.com.br\www2
Trusted Zone: bb.com.br\seg
Trusted Zone: bb.com.br\www
Trusted Zone: caixa.gov.br\imagem
Trusted Zone: caixa.gov.br\imagem2
Trusted Zone: caixa.gov.br\internetbanking
Trusted Zone: caixa.gov.br\internetbankingpf
Trusted Zone: caixa.gov.br\www
TCP: DhcpNameServer = 192.168.1.1
.
- - - - ORF&Atilde;OS REMOVIDOS - - - -
.
MSConfigStartUp-iTunesHelper - c:\program files\iTunes\iTunesHelper.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Warsaw Technology]
ImagePath=c:\program files\Diebold\Warsaw\core.exe
.
--------------------- CHAVES DO REGISTRO BLOQUEADAS ---------------------
.
[HKEY_USERS\S-1-5-21-3167678981-3342567638-1061191628-1005_Classes\CLSID\{547be5b2-749b-46f5-bf9e-8379a3804e08}]
@Denied: (Full) (Everyone)
[USER=257352]@Allowed[/USER]: (Read) (RestrictedCode)
Model=dword:00000070
Therad=dword:00000016
.
[HKEY_USERS\S-1-5-21-3167678981-3342567638-1061191628-1005_Classes\CLSID\{5ED60779-4DE2-4E07-B862-974CA4FF2E9C}]
@Denied: (Full) (Everyone)
[USER=257352]@Allowed[/USER]: (Read) (RestrictedCode)
scansk=hex(0):3a,6b,a9,10,44,54,9b,51,77,8e,c8,ba,06,c2,05,f1,11,15,a5,15,cf,
   88,86,3e,d5,d6,a3,f9,c2,7c,e9,d7,ae,36,08,eb,44,0f,b2,29,00,00,00,00,00,00,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
[USER=257352]@Allowed[/USER]: (B 1 2 3 4 5) (S-1-5-20)
BlindDial=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Tempo para conclus&atilde;o: 2015-10-07  22:31:15
ComboFix-quarantined-files.txt  2015-10-08 01:31
ComboFix2.txt  2015-08-28 23:31
ComboFix3.txt  2015-08-11 11:17
ComboFix4.txt  2015-02-11 12:58
ComboFix5.txt  2015-10-08 00:43
.
Pr&eacute;-execu&ccedil;&atilde;o: 20.320.428.032 bytes dispon&iacute;veis
P&oacute;s execu&ccedil;&atilde;o: 22.944.731.136 bytes dispon&iacute;veis
.
- - End Of File - - 867F409618F7243AE03E1DC6B9D2EE0A
A36C5E4F47E84449FF07ED3517B43A31[/SPOILER]

Answer

Ol&aacute; si_lima.

Baixe o programa Adwcleaner clicando no link abaixo e depois clique no bot&atilde;o Download Now @BleepingComputer:
http://www.bleepingcomputer.com/download/adwcleaner/

Para executar corretamente o AdwCleaner &eacute; s&oacute; seguir as dicas deste tutorial:

[color=blue]Remova adwares e toolbars maliciosas com o Adwcleaner[/color]

* Na sua pr&oacute;xima resposta poste o log (relat&oacute;rio) do Adwcleaner que estar&aacute; em C:\AdwCleaner\AdwCleaner[C1].txt

Ficamos na espera.

Answer

Oi...Fiz o procedimento. Segue em arquivo, pois o log &eacute; muito grande. Ap&oacute;s ter feito isso. Meu computador apareceu uma tela azul e reiniciou sozinho.

Answer

Baixe o programa Junkware Removal Tool no link abaixo:
http://thisisudax.org/downloads/JRT.exe

Para executar corretamente o programa acima &eacute; s&oacute; seguir as dicas deste tutorial:

[color=blue]Tutorial do Junkware Removal Tool[/color]

* Na sua pr&oacute;xima resposta poste o log (relat&oacute;rio) do Junkware Removal Tool que estar&aacute; salvo em sua &aacute;rea de trabalho com o nome de JRT.txt

Ficamos na espera.

Answer

[QUOTE=Power Max, post: 7268372, member: 572569]Baixe o programa Junkware Removal Tool no link abaixo:
http://thisisudax.org/downloads/JRT.exe

Para executar corretamente o programa acima &eacute; s&oacute; seguir as dicas deste tutorial:

[COLOR=blue]Tutorial do Junkware Removal Tool[/COLOR]

* Na sua pr&oacute;xima resposta poste o log (relat&oacute;rio) do Junkware Removal Tool que estar&aacute; salvo em sua &aacute;rea de trabalho com o nome de JRT.txt

Ficamos na espera.[/QUOTE]

Rodei o programa logo ap&oacute;s vc ter me indicado, e ele ficou por todo o dia na mesma tela, achei que poderia ser porque eu estaria usando o computador junto com ele. Decidi deixar rodando a noite. Ao ver agora pela manha, ele continua na mesma tela que ficou quando eu tentei rodar durante o dia.Em arquivo. Pode me ajudar?

Answer

Vamos ent&atilde;o para a pr&oacute;xima op&ccedil;&atilde;o:

Desative temporariamente seu antiv&iacute;rus para evitar conflitos.

* Acesse este link abaixo e clique no primeiro bot&atilde;o da esquerda que &eacute; o bot&atilde;o Download Zoek.exe:
http://www.hijackthis.nl/smeenk/

Salve-o no Desktop (&Aacute;rea de Trabalho).

Para execut&aacute;-lo corretamente siga as dicas deste tutorial:

[color=blue]Exclua adwares e outras amea&ccedil;as de seu PC e browsers com o aplicativo Zoek[/color]

* Assim que ele concluir a limpeza dos problemas acesse o log (relat&oacute;rio) do Zoek que estar&aacute; em C:\zoek-results.txt e copie todo seu conte&uacute;do e poste em sua pr&oacute;xima resposta.

Ferramentas

Mover Tópico