Ir ao conteúdo
  • Cadastre-se
hellbutcher

Suspeita de Adware

Recommended Posts

Salve, salve...

Estou com a suspeita de adware, pois sempre se abrem abas no Google Chrome com propagandas, e aparecem popup's no canto da tela. Acontece as vezes também da máquina travar, ou ficar mais lenta.

No gerenciador de tarefas, inclusive, encontrei um processo chamado winlogon.exe que não sei se é legítimo.

Se puderem analisar meus logs...

.

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

.

DDS (Ver_2012-11-20.01)

.

Microsoft Windows 7 Ultimate

Boot Device: \Device\HarddiskVolume1

Install Date: 01/07/2011 11:57:17

System Uptime: 03/07/2013 10:25:23 (0 hours ago)

.

Motherboard: ASUSTeK Computer INC. | | P7P55D PRO

Processor: Intel® Core i7 CPU 860 @ 2.80GHz | LGA1156 | 1176/133mhz

.

==== Disk Partitions =========================

.

C: is FIXED (NTFS) - 244 GiB total, 55,753 GiB free.

D: is FIXED (NTFS) - 687 GiB total, 180,317 GiB free.

E: is CDROM ()

.

==== Disabled Device Manager Items =============

.

==== System Restore Points ===================

.

RP303: 16/06/2013 02:11:51 - Windows Update

RP304: 20/06/2013 03:34:31 - Windows Update

RP305: 24/06/2013 02:50:59 - Windows Update

RP306: 27/06/2013 14:52:25 - Windows Update

RP307: 30/06/2013 21:18:18 - Windows Update

RP308: 03/07/2013 10:16:29 - Windows Update

.

==== Installed Programs ======================

.

7-Zip 9.21beta

Adobe After Effects CS5 Third Party Content

Adobe After Effects CS5 Third Party Royalty Content

Adobe AIR

Adobe Audition CS5.5

Adobe Community Help

Adobe Creative Suite 5 Master Collection

Adobe Download Assistant

Adobe Encore CS5 Third Party Royalty Content

Adobe Flash Player 11 ActiveX

Adobe Flash Player 11 Plugin

Adobe Media Encoder CS5 Dolby X64

Adobe Media Encoder CS5 PCI X64

Adobe Media Player

Adobe Premiere Pro CS5 Third Party Royalty Content

Adobe Reader X (10.1.7) - Português

Adobe Shockwave Player 12.0

Allok MOV Converter 4.4.0609

Apple Software Update

µTorrent

Atualizações da NVIDIA 4.11.9

aTube Catcher

CBReader

CCleaner

Celtx (2.9.1)

Cheat Engine 6.2

Combined Community Codec Pack 2011-11-11

Complitly

CoreFLAC Audio Decoder+Source Filter (remove only)

Curriculum 3.1 versão 3.1.0.6

CutePDF Writer 2.8

D3DX10

Dealply

DealPly (remove only)

Divulga versão 12.14.4

EverestPoker.com

Facebook Video Calling 1.2.0.287

FinanceDesktop

Google Chrome

Google Earth Plug-in

Google Talk Plugin

Google Update Helper

GTA San Andreas

Guitar Pro 6

Instant Eyedropper 1.75

Java 7 Update 21

Java Auto Updater

JMicron JMB36X Driver

Junk Mail filter update

Malwarebytes Anti-Malware versão 1.75.0.1300

McAfee Security Scan Plus

Microsoft .NET Framework 4 Client Profile

Microsoft .NET Framework 4 Client Profile PTB Language Pack

Microsoft .NET Framework 4 Extended

Microsoft .NET Framework 4 Extended PTB Language Pack

Microsoft Antimalware Service PT-BR Language Pack

Microsoft Application Error Reporting

Microsoft Office XP Professional com FrontPage

Microsoft Security Client

Microsoft Security Client PT-BR Language Pack

Microsoft Security Essentials

Microsoft Silverlight

Microsoft Visual C++ 2005 Redistributable

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219

Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219

Microsoft_VC80_ATL_x86

Microsoft_VC80_ATL_x86_x64

Microsoft_VC80_CRT_x86

Microsoft_VC80_CRT_x86_x64

Microsoft_VC80_MFC_x86

Microsoft_VC80_MFC_x86_x64

Microsoft_VC80_MFCLOC_x86

Microsoft_VC80_MFCLOC_x86_x64

Microsoft_VC90_ATL_x86

Microsoft_VC90_ATL_x86_x64

Microsoft_VC90_CRT_x86

Microsoft_VC90_CRT_x86_x64

Microsoft_VC90_MFC_x86

Microsoft_VC90_MFC_x86_x64

Microsoft_VC90_MFCLOC_x86

Mozilla Firefox 5.0.1 (x86 pt-BR)

MSVCRT

MSVCRT Redists

MSVCRT_amd64

MSVCRT110

MSVCRT110_amd64

MSXML 4.0 SP2 (KB973688)

Naviextras Toolbox

Naviextras Toolbox Prerequesities

Nero 11 Mini Repack

Nero Backup Drivers

Nikon Message Center 2

Nikon Movie Editor

Noise Reduction Plug-in 2.0i

NVIDIA Driver de controle do 3D Vision 320.18

NVIDIA Driver de gráficos 320.18

NVIDIA Driver de áudio HD 1.3.24.2

NVIDIA Driver do 3D Vision 320.18

NVIDIA GeForce Experience 1.5

NVIDIA Install Application

NVIDIA PhysX

NVIDIA Software do sistema PhysX 9.12.1031

NVIDIA Stereoscopic 3D Driver

NVIDIA Update Components

Pacote de Compatibilidade para o sistema Office 2007

Pacote de Idiomas do Microsoft .NET Framework 4 Client Profile - Português (Brasil)

Pacote de Idiomas do Microsoft .NET Framework 4 Extended - Português (Brasil)

Painel de controle da NVIDIA 320.18

Paltalk Messenger

PDF Settings CS5

Photo Common

PhotoScape

Picture Control Utility x64

Platform

PokerStars

Project64 1.6

PxMergeModule

QuickTime

RealDownloader

RealNetworks - Microsoft Visual C++ 2008 Runtime

RealNetworks - Microsoft Visual C++ 2010 Runtime

RealPlayer

Realtek 8136 8168 8169 Ethernet Driver

RealUpgrade 1.1

RIFAZ 1.0

Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2736428)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2804576)

Security Update for Microsoft .NET Framework 4 Extended (KB2487367)

Security Update for Microsoft .NET Framework 4 Extended (KB2656351)

Security Update for Microsoft .NET Framework 4 Extended (KB2736428)

Security Update for Microsoft .NET Framework 4 Extended (KB2742595)

SimCity 4

Skype™ 6.1

Sony PC Companion 2.10.094

Sound Forge Pro 10.0

Suporte para Aplicativos Apple

swMSM

Unity Web Player

Update for Microsoft .NET Framework 4 Client Profile (KB2468871)

Update for Microsoft .NET Framework 4 Client Profile (KB2533523)

Update for Microsoft .NET Framework 4 Client Profile (KB2600217)

Update for Microsoft .NET Framework 4 Client Profile (KB2836939)

Update for Microsoft .NET Framework 4 Extended (KB2468871)

Update for Microsoft .NET Framework 4 Extended (KB2533523)

Update for Microsoft .NET Framework 4 Extended (KB2600217)

Update for Microsoft .NET Framework 4 Extended (KB2836939)

Update for Video Converter

VDownloader 3.6.924

Vegas Pro 10.0 (64-bit)

Vegas Pro 11.0 (64-bit)

VIA Gerenciador de dispositivo de plataforma

Video Converter Packages

ViewNX 2

Virtual DJ Pro Full - Atomix Productions

VobSub v2.23 (Remove Only)

Windows Live Communications Platform

Windows Live Essentials

Windows Live ID Sign-in Assistant

Windows Live Installer

Windows Live Mail

Windows Live Messenger

Windows Live MIME IFilter

Windows Live Photo Common

Windows Live PIMT Platform

Windows Live SOXE

Windows Live SOXE Definitions

Windows Live UX Platform

Windows Live UX Platform Language Pack

Windows Live Writer

Windows Live Writer Resources

Windows Media Player Firefox Plugin

WinPcap 4.1.1

WinRAR 4.01 (64-bit)

.

==== End Of File ===========================

DDS (Ver_2012-11-20.01) - NTFS_AMD64

Internet Explorer: 9.0.8112.16490 BrowserJavaVersion: 10.21.2

Run by Mike at 10:43:23 on 2013-07-03

Microsoft Windows 7 Ultimate 6.1.7601.1.1252.55.1046.18.2039.338 [GMT -3:00]

.

AV: Microsoft Security Essentials *Disabled/Updated* {3F839487-C7A2-C958-E30C-E2825BA31FB5}

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

SP: Microsoft Security Essentials *Disabled/Updated* {84E27563-E198-C6D6-D9BC-D9F020245508}

.

============== Running Processes ===============

.

C:\Windows\system32\lsm.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\system32\nvvsvc.exe

C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe

C:\Windows\system32\svchost.exe -k RPCSS

C:\Program Files\Microsoft Security Client\MsMpEng.exe

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\AUDIODG.EXE

C:\Windows\system32\svchost.exe -k NetworkService

C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe

C:\Windows\system32\nvvsvc.exe

C:\Windows\System32\spoolsv.exe

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe

C:\Windows\system32\taskhost.exe

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe

C:\Windows\system32\svchost.exe -k imgsvc

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

C:\Program Files\Microsoft Security Client\msseces.exe

C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe

C:\Program Files (x86)\uTorrent\uTorrent.exe

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe

C:\Users\Mike\AppData\Local\Facebook\Update\FacebookUpdate.exe

C:\Program Files\Windows Sidebar\sidebar.exe

C:\Windows\system32\SearchIndexer.exe

C:\Program Files\NVIDIA Corporation\Display\nvtray.exe

C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe

C:\Program Files (x86)\McAfee Security Scan\3.0.318\SSScheduler.exe

C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe

C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalServicePeerNet

C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

C:\Program Files\Windows Media Player\wmpnetwk.exe

C:\Users\Mike\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Mike\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe

C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe

C:\Users\Mike\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Internet Explorer\IELowutil.exe

C:\Program Files (x86)\Windows Media Player\wmplayer.exe

C:\Windows\servicing\TrustedInstaller.exe

C:\Users\Mike\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Mike\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Mike\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Windows Live\Mail\wlmail.exe

C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\GFExperience.exe

C:\Windows\system32\taskeng.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Windows\System32\cscript.exe

.

============== Pseudo HJT Report ===============

.

uStart Page = hxxp://google.com/

mWinlogon: Userinit = userinit.exe,

BHO: ContributeBHO Class: {074C1DC5-9320-4A9A-947D-C042949C6216} - C:\Program Files (x86)\Adobe\Adobe Contribute CS5\Plugins\IEPlugin\contributeieplugin.dll

BHO: MSS+ Identifier: {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files (x86)\McAfee Security Scan\3.0.318\McAfeeMSS_IE.dll

BHO: AC-Pro: {0FB6A909-6086-458F-BD92-1F8EE10042A0} - C:\Users\Mike\AppData\Roaming\Complitly\AutocompletePro.dll

BHO: RealNetworks Download and Record Plugin for Internet Explorer: {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll

BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll

BHO: Auxiliar de Conexão de Conta da Microsoft: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

BHO: DealPly Shopping: {a6c63b7f-2171-47fa-ab34-e64c4737169d} - C:\Program Files (x86)\DealPly\DealPlyIE.dll

BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll

TB: Contribute Toolbar: {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files (x86)\Adobe\Adobe Contribute CS5\Plugins\IEPlugin\contributeieplugin.dll

uRun: [AdobeBridge] <no file>

mRun: [JMB36X IDE Setup] C:\Windows\RaidTool\xInsIDE.exe

mRun: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe -r

mRun: [AdobeCS5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin

mRun: [switchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe

mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"

mRun: [TkBellExe] "C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe" -osboot

mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime

mRun: [Nikon Message Center 2] C:\Program Files (x86)\Nikon\Nikon Message Center 2\NkMC2.exe -s

mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\MCAFEE~1.LNK - C:\Program Files (x86)\McAfee Security Scan\3.0.318\SSScheduler.exe

StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\MICROS~1.LNK - C:\Program Files (x86)\Microsoft Office\Office10\OSA.EXE

mPolicies-Explorer: NoActiveDesktop = dword:1

mPolicies-Explorer: NoActiveDesktopChanges = dword:1

mPolicies-System: ConsentPromptBehaviorAdmin = dword:5

mPolicies-System: ConsentPromptBehaviorUser = dword:3

mPolicies-System: EnableUIADesktopToggle = dword:0

IE: E&xportar para o Microsoft Excel - C:\PROGRA~2\MICROS~3\Office10\EXCEL.EXE/3000

IE: {4EAFEF58-EEFA-4116-983D-03B49BCBFFFE} - C:\Program Files (x86)\Paltalk Messenger\Paltalk.exe

DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} - hxxp://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab

DPF: {233C1507-6A77-46A4-9443-F871F945D258} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab

DPF: {5D6F45B3-9043-443D-A792-115447494D24} - hxxp://messenger.zone.msn.com/MessengerGamesContent/GameContent/pt/uno1/GAME_UNO1.cab

DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} - hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab

DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab

DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} - hxxp://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab

TCP: NameServer = 192.168.1.1

TCP: Interfaces\{C93CBE76-A12C-47BF-BED5-4AEDB191BE23} : DHCPNameServer = 192.168.1.1

Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll

SSODL: WebCheck - <orphaned>

x64-BHO: AC-Pro: {0FB6A909-6086-458F-BD92-1F8EE10042A0} - C:\Users\Mike\AppData\Roaming\Complitly\64\AutocompletePro64.dll

x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

x64-Run: [AdobeAAMUpdater-1.0] "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"

x64-Run: [MSC] "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey

x64-Run: [Nvtmru] "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe"

x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>

x64-SSODL: WebCheck - <orphaned>

.

================= FIREFOX ===================

.

FF - ProfilePath - C:\Users\Mike\AppData\Roaming\Mozilla\Firefox\Profiles\3tp7w3uf.default\

FF - prefs.js: browser.search.selectedEngine -

FF - prefs.js: network.proxy.type - 0

FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll

FF - plugin: C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll

FF - plugin: C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll

FF - plugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll

FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll

FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll

FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll

FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll

FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll

FF - plugin: C:\Program Files (x86)\McAfee Security Scan\3.0.318\npMcAfeeMSS.dll

FF - plugin: C:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrlui.dll

FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\nprpplugin.dll

FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll

FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll

FF - plugin: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpplugin.dll

FF - plugin: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll

FF - plugin: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll

FF - plugin: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll

FF - plugin: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll

FF - plugin: C:\Users\Mike\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll

FF - plugin: C:\Users\Mike\AppData\Local\Google\Update\1.3.21.145\npGoogleUpdate3.dll

FF - plugin: C:\Users\Mike\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll

FF - plugin: C:\Users\Mike\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll

FF - plugin: C:\Users\Mike\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll

FF - plugin: C:\Users\Mike\AppData\Roaming\Mozilla\plugins\npo1d.dll

FF - plugin: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1200112.dll

FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll

FF - ExtSQL: 2013-05-22 01:06; {42e0ced7-806f-4983-af54-92bdeefee519}; C:\Users\Mike\AppData\Roaming\Mozilla\Firefox\Profiles\3tp7w3uf.default\extensions\{42e0ced7-806f-4983-af54-92bdeefee519}

.

============= SERVICES / DRIVERS ===============

.

R0 MpFilter;Microsoft Malware Protection Driver;C:\Windows\System32\drivers\MpFilter.sys [2013-1-20 230320]

R0 NBVol;Nero Backup Volume Filter Driver;C:\Windows\System32\drivers\NBVol.sys [2012-10-11 72240]

R0 NBVolUp;Nero Backup Volume Upper Filter Driver;C:\Windows\System32\drivers\NBVolUp.sys [2012-10-11 15920]

R0 PxHlpa64;PxHlpa64;C:\Windows\System32\drivers\PxHlpa64.sys [2011-7-2 55280]

R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]

R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]

R2 RealNetworks Downloader Resolver Service;RealNetworks Downloader Resolver Service;C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [2012-11-29 38608]

R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2013-5-12 413472]

R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2010-6-23 344680]

R3 VIAHdAudAddService;VIA High Definition Audio Driver Service;C:\Windows\System32\drivers\viahduaa.sys [2011-7-1 1222144]

S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-1-8 161536]

S3 McComponentHostService;McAfee Security Scan Component Host Service;C:\Program Files (x86)\McAfee Security Scan\3.0.318\McCHSvc.exe [2013-2-5 235216]

S3 NisDrv;Microsoft Network Inspection System;C:\Windows\System32\drivers\NisDrvWFP.sys [2011-4-27 130008]

S3 NisSrv;Inspeção de Rede da Microsoft;C:\Program Files\Microsoft Security Client\NisSrv.exe [2013-1-27 379360]

S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2011-7-2 20992]

S3 s916bus;Sony Ericsson Device 916 driver (WDM);C:\Windows\System32\drivers\s916bus.sys [2007-11-2 108072]

S3 s916mdfl;Sony Ericsson Device 916 USB WMC Modem Filter;C:\Windows\System32\drivers\s916mdfl.sys [2007-11-2 19496]

S3 s916mdm;Sony Ericsson Device 916 USB WMC Modem Driver;C:\Windows\System32\drivers\s916mdm.sys [2007-11-2 145448]

S3 s916mgmt;Sony Ericsson Device 916 USB WMC Device Management Drivers (WDM);C:\Windows\System32\drivers\s916mgmt.sys [2007-11-2 130088]

S3 s916obex;Sony Ericsson Device 916 USB WMC OBEX Interface;C:\Windows\System32\drivers\s916obex.sys [2007-11-2 124968]

S3 Sony PC Companion;Sony PC Companion;C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe [2011-7-18 155320]

S3 SwitchBoard;SwitchBoard;C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-2-19 517096]

S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2011-7-2 59392]

.

=============== File Associations ===============

.

FileExt: .js: jsfile="C:\Program Files (x86)\Adobe\Adobe Dreamweaver CS5\Dreamweaver.exe","%1"

ShellExec: dreamweaver.exe: Open="C:\Program Files (x86)\Adobe\Adobe Dreamweaver CS5\dreamweaver.exe", "%1"

.

=============== Created Last 30 ================

.

2013-07-03 13:40:33 -------- d-----w- C:\Users\Mike\AppData\Local\NVIDIA

2013-07-03 13:37:06 9552976 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{C37E20D4-A889-4D06-925B-7B61EA7B507A}\mpengine.dll

2013-07-02 03:36:50 9552976 ------w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll

2013-06-21 10:36:11 964552 ------w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{0CB68B51-A9CE-48EF-ACBC-CB9B60082C1A}\gapaengine.dll

2013-06-12 12:01:41 1910632 ----a-w- C:\Windows\System32\drivers\tcpip.sys

2013-06-12 12:01:10 751104 ----a-w- C:\Windows\System32\win32spl.dll

2013-06-12 12:01:09 492544 ----a-w- C:\Windows\SysWow64\win32spl.dll

2013-06-12 12:01:08 30720 ----a-w- C:\Windows\System32\cryptdlg.dll

2013-06-12 12:01:08 24576 ----a-w- C:\Windows\SysWow64\cryptdlg.dll

2013-06-12 12:01:05 1424384 ----a-w- C:\Windows\System32\WindowsCodecs.dll

2013-06-12 12:01:04 1230336 ----a-w- C:\Windows\SysWow64\WindowsCodecs.dll

2013-06-12 12:00:57 1192448 ----a-w- C:\Windows\System32\certutil.exe

2013-06-12 12:00:56 903168 ----a-w- C:\Windows\SysWow64\certutil.exe

2013-06-12 12:00:56 1464320 ----a-w- C:\Windows\System32\crypt32.dll

2013-06-12 12:00:56 1160192 ----a-w- C:\Windows\SysWow64\crypt32.dll

2013-06-12 12:00:55 52224 ----a-w- C:\Windows\System32\certenc.dll

2013-06-12 12:00:55 43008 ----a-w- C:\Windows\SysWow64\certenc.dll

2013-06-12 12:00:55 184320 ----a-w- C:\Windows\System32\cryptsvc.dll

2013-06-12 12:00:55 140288 ----a-w- C:\Windows\SysWow64\cryptsvc.dll

2013-06-12 12:00:55 139776 ----a-w- C:\Windows\System32\cryptnet.dll

2013-06-12 12:00:55 103936 ----a-w- C:\Windows\SysWow64\cryptnet.dll

2013-06-12 12:00:50 1887232 ----a-w- C:\Windows\System32\d3d11.dll

2013-06-12 12:00:50 1505280 ----a-w- C:\Windows\SysWow64\d3d11.dll

.

==================== Find3M ====================

.

2013-06-12 17:07:40 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl

2013-06-12 17:07:40 692104 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe

2013-05-17 03:09:56 2312704 ----a-w- C:\Windows\System32\jscript9.dll

2013-05-17 03:02:29 1392128 ----a-w- C:\Windows\System32\wininet.dll

2013-05-17 03:01:13 1494528 ----a-w- C:\Windows\System32\inetcpl.cpl

2013-05-17 02:56:09 173056 ----a-w- C:\Windows\System32\ieUnatt.exe

2013-05-17 02:56:00 599040 ----a-w- C:\Windows\System32\vbscript.dll

2013-05-17 02:51:27 2382848 ----a-w- C:\Windows\System32\mshtml.tlb

2013-05-16 22:39:39 1800704 ----a-w- C:\Windows\SysWow64\jscript9.dll

2013-05-16 22:28:26 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll

2013-05-16 22:27:30 1427968 ----a-w- C:\Windows\SysWow64\inetcpl.cpl

2013-05-16 22:21:37 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe

2013-05-16 22:20:30 420864 ----a-w- C:\Windows\SysWow64\vbscript.dll

2013-05-16 22:16:57 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb

2013-05-12 20:34:14 6491936 ----a-w- C:\Windows\System32\nvcpl.dll

2013-05-12 20:34:14 3514656 ----a-w- C:\Windows\System32\nvsvc64.dll

2013-05-12 20:34:12 884512 ----a-w- C:\Windows\System32\nvvsvc.exe

2013-05-12 20:34:12 63776 ----a-w- C:\Windows\System32\nvshext.dll

2013-05-12 20:34:12 2555680 ----a-w- C:\Windows\System32\nvsvcr.dll

2013-05-12 20:34:11 237856 ----a-w- C:\Windows\System32\nvmctray.dll

2013-05-12 18:43:36 566048 ----a-w- C:\Windows\SysWow64\nvStreaming.exe

2013-05-02 15:29:56 278800 ------w- C:\Windows\System32\MpSigStub.exe

2013-04-13 05:49:23 135168 ----a-w- C:\Windows\apppatch\AppPatch64\AcXtrnal.dll

2013-04-13 05:49:19 350208 ----a-w- C:\Windows\apppatch\AppPatch64\AcLayers.dll

2013-04-13 05:49:19 308736 ----a-w- C:\Windows\apppatch\AppPatch64\AcGenral.dll

2013-04-13 05:49:19 111104 ----a-w- C:\Windows\apppatch\AppPatch64\acspecfc.dll

2013-04-13 04:45:16 474624 ----a-w- C:\Windows\apppatch\AcSpecfc.dll

2013-04-13 04:45:15 2176512 ----a-w- C:\Windows\apppatch\AcGenral.dll

2013-04-12 14:45:08 1656680 ----a-w- C:\Windows\System32\drivers\ntfs.sys

2013-04-10 06:01:54 265064 ----a-w- C:\Windows\System32\drivers\dxgmms1.sys

2013-04-10 06:01:53 983400 ----a-w- C:\Windows\System32\drivers\dxgkrnl.sys

2013-04-10 03:30:50 3153920 ----a-w- C:\Windows\System32\win32k.sys

2013-04-04 17:50:32 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys

2011-06-09 15:03:40 3486088 ----a-w- C:\Program Files (x86)\Common Files\ApnToolbarInstaller.exe

2011-06-09 15:03:40 143240 ----a-w- C:\Program Files (x86)\Common Files\ApnStub.exe

2011-02-27 15:42:00 571328 ----a-w- C:\Program Files (x86)\Common Files\AutoCompleteInstaller-VD.exe

2010-01-26 14:11:08 444283 ----a-w- C:\Program Files (x86)\Common Files\WinPcapNmap.exe

.

============= FINISH: 10:44:33,77 ===============

Ps.: Não ficou claro se eu posto o log do gmer já na próxima resposta, ou se eu anexo o arquivo.

Desde já, muito obrigado.

Compartilhar este post


Link para o post
Compartilhar em outros sites

Faça o download do Malwarebytes Anti-Malware:

  • Link1
  • Link alternativo
    • Clique duas vezes em mbam-setup.exe, escolha a linguagem e siga as instruções para o software ser instalado.
    • Certifique-se que esteja marcada a caixa Atualizar Malwarebytes Anti-Malware e Executar Malwarebytes Anti-Malware, e clique em concluir.
    • Se existirem atualizações, elas serão baixadas e instaladas.
    • Quando as atualizações terminarem, abrirá uma janela do programa. Marque "Verificação Rápida", e depois clique no botão Verificar.
    • O scan iniciará e poderá ser demorado. Por favor seja paciente.
    • Quando o scan estiver completo, clique em Ok, depois em Mostrar Resultados para ver o log.
    • Se algo for encontrado, certifique-se que tudo está marcado e clique em Remover.
    • Quando a desinfecção terminar, automaticamente um log surgirá aberto num documento do Bloco de Notas e pode ser questionado para reiniciar o PC. (Leia a nota)
    • O log é automaticamente guardado e pode ser consultado clicando na tab Logs do menu principal.
    • Copie e cole o conteúdo desse log na sua próxima resposta.

Nota: Em infecções mais complicadas, poderá haver a necessidade de reiniciar o PC. Caso lhe seja pedido para reiniciar, por favor, faça-o imediatamente.

Compartilhar este post


Link para o post
Compartilhar em outros sites





Sobre o Clube do Hardware

No ar desde 1996, o Clube do Hardware é uma das maiores, mais antigas e mais respeitadas publicações sobre tecnologia do Brasil. Leia mais

Direitos autorais

Não permitimos a cópia ou reprodução do conteúdo do nosso site, fórum, newsletters e redes sociais, mesmo citando-se a fonte. Leia mais

×