Ir ao conteúdo
  • Cadastre-se
straniero

Virus - Worm HEUER

Recommended Posts


Utilizei meu HD externo em um MAC de um amigo, e ele voltou com um vírus que transformava todos os diretórios em atalhos para os vírus.

Aparentemente resolvi o problema, desfazendo os atalhos, e passando dois anti-virus, o Kaspesrsky e o Malwarebytes no HD externo, no meu PC e e em um pen-drive que acabou sendo contaminado também.

Porém, tenho suspeitas que os vírus não foram totalmente removidos.

Seguem os logs:

DDS (Ver_2012-11-20.01) - NTFS_AMD64

Internet Explorer: 10.0.9200.16635 BrowserJavaVersion: 10.25.2

Run by Manfra at 9:53:31 on 2013-07-15

Microsoft Windows 7 Home Premium 6.1.7601.1.1252.55.1046.18.4094.2334 [GMT -3:00]

.

AV: Kaspersky PURE 3.0 *Disabled/Updated* {C3113FBF-4BCB-4461-D78D-6EDFEC9593E5}

SP: Kaspersky PURE 3.0 *Disabled/Updated* {7870DE5B-6DF1-4BEF-ED3D-55AD9712D958}

SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

FW: Kaspersky PURE 3.0 *Disabled* {FB2ABE9A-01A4-4539-FCD2-C7EA1246D49E}

.

============== Running Processes ===============

.

C:\Windows\system32\lsm.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\system32\nvvsvc.exe

C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe

C:\PROGRA~2\GbPlugin\GbpSv.exe

C:\Windows\system32\svchost.exe -k RPCSS

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k GPSvcGroup

C:\Windows\system32\svchost.exe -k NetworkService

C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe

C:\Windows\system32\nvvsvc.exe

C:\Windows\System32\spoolsv.exe

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\avp.exe

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\Windows\SysWOW64\svchost.exe -k hpdevmgmt

C:\Windows\System32\svchost.exe -k HPZ12

C:\Windows\System32\svchost.exe -k HPZ12

C:\Windows\SysWOW64\PnkBstrA.exe

C:\Windows\system32\svchost.exe -k imgsvc

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

C:\Windows\system32\svchost.exe -k HPService

C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe

C:\Windows\system32\taskhost.exe

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Windows\Philips\SPZ2000\GUCI_AVS.exe

C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe

C:\Windows\SysWOW64\DeltaIITray.exe

C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe

C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\avp.exe

C:\Program Files\NVIDIA Corporation\Display\nvtray.exe

C:\Windows\system32\SearchIndexer.exe

C:\Windows\System32\svchost.exe -k LocalServicePeerNet

C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe

C:\Program Files\Windows Media Player\wmpnetwk.exe

C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe

C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Windows\System32\svchost.exe -k secsvcs

C:\Windows\system32\wuauclt.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Windows\system32\SearchProtocolHost.exe

C:\Windows\system32\SearchFilterHost.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Windows\System32\cscript.exe

.

============== Pseudo HJT Report ===============

.

uStart Page = hxxp://www.cef.gov.br/

uProxyOverride = <local>;*.local

uURLSearchHooks: uTorrentBar_PT Toolbar: {e0301295-ab3e-4af3-979f-3d453c5f9f48} - C:\Program Files (x86)\uTorrentBar_PT\prxtbuTor.dll

mURLSearchHooks: uTorrentBar_PT Toolbar: {e0301295-ab3e-4af3-979f-3d453c5f9f48} - C:\Program Files (x86)\uTorrentBar_PT\prxtbuTor.dll

mWinlogon: Userinit = userinit.exe,

BHO: HP Print Enhancer: {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll

BHO: Kaspersky Passsword Manager Toolbar: {215BA832-75A3-426E-A4FC-7C5B58CE6A10} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\Kaspersky Password Manager\spIEBho.dll

BHO: Content Blocker Plugin: {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\ContentBlocker\ie_content_blocker_plugin.dll

BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL

BHO: Virtual Keyboard Plugin: {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll

BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll

BHO: Auxiliar de Conexão do Windows Live ID: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

BHO: Safe Money Plugin: {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\OnlineBanking\online_banking_bho.dll

BHO: Windows Live Messenger Companion Helper: {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll

BHO: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL

BHO: GbIehObj Class: {C41A1C0E-EA6C-11D4-B1B8-444553540000} - C:\Program Files (x86)\GbPlugin\gbieh.dll

BHO: GbIehObj Class: {C41A1C0E-EA6C-11D4-B1B8-444553540003} - C:\Program Files (x86)\GbPlugin\gbiehcef.dll

BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll

BHO: uTorrentBar_PT Toolbar: {e0301295-ab3e-4af3-979f-3d453c5f9f48} - C:\Program Files (x86)\uTorrentBar_PT\prxtbuTor.dll

BHO: URL Advisor Plugin: {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\UrlAdvisor\klwtbbho.dll

BHO: HP Smart BHO Class: {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll

TB: uTorrentBar_PT Toolbar: {E0301295-AB3E-4AF3-979F-3D453C5F9F48} - C:\Program Files (x86)\uTorrentBar_PT\prxtbuTor.dll

TB: uTorrentBar_PT Toolbar: {e0301295-ab3e-4af3-979f-3d453c5f9f48} - C:\Program Files (x86)\uTorrentBar_PT\prxtbuTor.dll

TB: Kaspersky Passsword Manager Toolbar: {215BA832-75A3-426E-A4FC-7C5B58CE6A10} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\Kaspersky Password Manager\spIEBho.dll

EB: HP Smart Web Printing: {555D4D79-4BD2-4094-A395-CFC534424A05} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_bho.dll

EB: HP Smart Web Printing: {555D4D79-4BD2-4094-A395-CFC534424A05} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_bho.dll

mRun: [M-Audio Taskbar Icon] C:\Windows\System32\DeltaIITray.exe

mRun: [hpqSRMon] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe

mRun: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe

mRun: [AVP] "C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\avp.exe"

StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\HPDIGI~1.LNK - C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe

mPolicies-Explorer: NoActiveDesktop = dword:1

mPolicies-Explorer: NoActiveDesktopChanges = dword:1

mPolicies-Explorer: NoDriveTypeAutoRun = dword:28

mPolicies-System: ConsentPromptBehaviorAdmin = dword:5

mPolicies-System: ConsentPromptBehaviorUser = dword:3

mPolicies-System: EnableUIADesktopToggle = dword:0

mPolicies-System: PromptOnSecureDesktop = dword:0

IE: &Enviar para o OneNote - C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105

IE: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr/200

IE: Adicionar ao Antibanner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\ie_banner_deny.htm

IE: E&xportar para o Microsoft Excel - C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000

IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll

IE: {0C4CC089-D306-440D-9772-464E226F6539} - {0BA14598-4178-4CE5-B1F1-B5C6408A3F2E} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll

IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll

IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

IE: {CCF151D8-D089-449F-A5A4-D9909053F20F} - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\UrlAdvisor\klwtbbho.dll

IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll

Trusted Zone: caixa.gov.br

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab

TCP: NameServer = 189.4.64.82 189.4.64.87

TCP: Interfaces\{3204C483-60FC-44DC-A0AA-66EB0C493ECE} : DHCPNameServer = 189.4.64.82 189.4.64.87

Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL

Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll

Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

Notify: GbPluginBb - C:\Program Files (x86)\GbPlugin\gbieh.dll

Notify: GbPluginCef - C:\Program Files (x86)\GbPlugin\gbiehCef.dll

SSODL: WebCheck - <orphaned>

SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL

SEH: GbPluginObj Class - {E37CB5F0-51F5-4395-A808-5FA49E399003} - C:\Program Files (x86)\GbPlugin\gbiehcef.dll

SEH: GbPluginObj Class - {E37CB5F0-51F5-4395-A808-5FA49E399F83} - C:\Program Files (x86)\GbPlugin\gbieh.dll

mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.71\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome

x64-mWinlogon: Userinit = C:\Windows\System32\userinit.exe

x64-BHO: Content Blocker Plugin: {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll

x64-BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL

x64-BHO: Virtual Keyboard Plugin: {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll

x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

x64-BHO: Safe Money Plugin: {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\x64\IEExt\OnlineBanking\online_banking_bho.dll

x64-BHO: Skype add-on for Internet Explorer: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll

x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL

x64-BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll

x64-BHO: URL Advisor Plugin: {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\x64\IEExt\UrlAdvisor\klwtbbho.dll

x64-Run: [sPZ2000_Monitor] C:\Windows\Philips\SPZ2000\GUCI_AVS.exe

x64-IE: {0C4CC089-D306-440D-9772-464E226F6539} - {0BA14598-4178-4CE5-B1F1-B5C6408A3F2E} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll

x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll

x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

x64-IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll

x64-IE: {CCF151D8-D089-449F-A5A4-D9909053F20F} - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\x64\IEExt\UrlAdvisor\klwtbbho.dll

x64-DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab

x64-DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab

x64-DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab

x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL

x64-Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll

x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>

x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>

x64-SSODL: WebCheck - <orphaned>

x64-SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL

.

================= FIREFOX ===================

.

FF - ProfilePath - C:\Users\Manfra\AppData\Roaming\Mozilla\Firefox\Profiles\z9hhc36k.default\

FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2851643&SearchSource=3&q={searchTerms}

FF - prefs.js: browser.startup.homepage - hxxp://woobiu.com/

FF - prefs.js: keyword.URL - hxxp://woobiu.com//result.php?Keywords={searchTerms}

FF - plugin: C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL

FF - plugin: C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL

FF - plugin: C:\Program Files (x86)\Battlelog Web Plugins\1.118.0\npesnlaunch.dll

FF - plugin: C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll

FF - plugin: C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll

FF - plugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll

FF - plugin: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll

FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll

FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll

FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrlui.dll

FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll

FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll

FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

FF - plugin: C:\Users\Manfra\AppData\Local\Facebook\Messenger\2.1.4814.0\npFbDesktopPlugin.dll

FF - plugin: C:\Users\Manfra\AppData\Local\Google\Update\1.3.21.145\npGoogleUpdate3.dll

FF - plugin: C:\Users\Manfra\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll

FF - plugin: C:\Users\Manfra\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll

FF - plugin: C:\Users\Manfra\AppData\Roaming\Mozilla\plugins\npo1d.dll

FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll

FF - ExtSQL: 2013-06-21 08:31; {87F8774F-B485-47E2-A755-A40A8A5E886D}; C:\Users\Manfra\AppData\Local\GAS Tecnologia\GBBD\cef\xpi

FF - ExtSQL: !HIDDEN! 2012-05-24 14:40; smartwebprinting@hp.com; C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3

.

============= SERVICES / DRIVERS ===============

.

R0 CSCrySec;InfoWatch Encrypt Sector Library driver;C:\Windows\System32\drivers\CSCrySec.sys [2013-7-14 84536]

R1 CSVirtualDiskDrv;InfoWatch Virtual Disk driver;C:\Windows\System32\drivers\CSVirtualDiskDrv.sys [2013-7-14 66616]

R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;C:\Windows\System32\drivers\dtsoftbus01.sys [2013-2-16 283200]

R1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;C:\Windows\System32\drivers\klim6.sys [2012-8-2 28504]

R1 kltdi;kltdi;C:\Windows\System32\drivers\kltdi.sys [2012-10-18 54368]

R1 kneps;kneps;C:\Windows\System32\drivers\kneps.sys [2012-8-13 178448]

R2 AVP;Serviço do Kaspersky Anti-Virus;C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\avp.exe [2012-12-20 356968]

R2 cpuz135;cpuz135;C:\Windows\System32\drivers\cpuz135_x64.sys [2012-5-2 21992]

R2 GbpSv;Gbp Service;C:\PROGRA~2\GbPlugin\GbpSv.exe [2013-6-29 410152]

R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2013-1-18 383264]

R3 DELTAII;Service for M-Audio Delta Driver (WDM);C:\Windows\System32\drivers\MAudioDelta.sys [2012-1-25 339760]

R3 EWC641024;ExtraWebcam 1024x768;C:\Windows\System32\drivers\ExtraWebcam_x64_1024.sys [2012-5-20 25472]

R3 EWC64320;ExtraWebcam 320x240;C:\Windows\System32\drivers\ExtraWebcam_x64_320.sys [2012-5-20 25472]

R3 EWC64640;ExtraWebcam 640x480;C:\Windows\System32\drivers\ExtraWebcam_x64_640.sys [2012-5-20 25472]

R3 GUCI_AVS;Philips SPZ2000 Webcam;C:\Windows\System32\drivers\GUCI_AVS.sys [2012-4-25 646656]

R3 klkbdflt;Kaspersky Lab KLKBDFLT;C:\Windows\System32\drivers\klkbdflt.sys [2012-9-3 29016]

R3 klmouflt;Kaspersky Lab KLMOUFLT;C:\Windows\System32\drivers\klmouflt.sys [2012-9-3 29528]

R3 RTL8023x64;Driver Realtek 10/100 NIC Family NDIS x64;C:\Windows\System32\drivers\Rtnic64.sys [2009-6-10 51712]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]

S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]

S3 ManyCam;ManyCam Virtual Webcam;C:\Windows\System32\drivers\mcvidrv_x64.sys [2012-1-11 34304]

S3 MAUSBFASTTRACKPRO;Service for M-Audio FastTrack Pro;C:\Windows\System32\drivers\MAudioFastTrackPro.sys [2010-12-7 187912]

S3 mcaudrv_simple;ManyCam Virtual Microphone;C:\Windows\System32\drivers\mcaudrv_x64.sys [2012-2-22 28160]

S3 ose64;Office 64 Source Engine;C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-1-9 174440]

S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2012-11-22 19456]

S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2012-11-22 57856]

S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2012-11-22 30208]

S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2012-12-13 54784]

S3 WatAdminSvc;Serviço de Tecnologias de Ativação do Windows;C:\Windows\System32\Wat\WatAdminSvc.exe [2012-4-26 1255736]

S4 ACPService;ACPService;C:\Program Files (x86)\Philips\CamSuite\2.0.15.0\ACPService.exe [2010-8-26 687104]

S4 CSObjectsSrv;CryptoStorage control service;C:\Program Files (x86)\Common Files\InfoWatch\CryptoStorage\ProtectedObjectsSrv.exe [2012-12-21 819040]

S4 Futuremark SystemInfo Service;Futuremark SystemInfo Service;C:\Program Files (x86)\Futuremark\Futuremark SystemInfo\FMSISvc.exe [2012-4-28 135584]

S4 Skype C2C Service;Skype C2C Service;C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2012-10-2 3064000]

S4 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-6-3 162408]

S4 vpnagent;Cisco AnyConnect VPN Agent;C:\Program Files (x86)\Cisco\Cisco AnyConnect VPN Client\vpnagent.exe [2010-12-20 602872]

.

=============== Created Last 30 ================

.

2013-07-14 22:03:36 -------- d-s---w- C:\Windows\SysWow64\Microsoft

2013-07-14 15:46:17 64856 ----a-w- C:\Windows\System32\klfphc.dll

2013-07-14 15:45:29 66616 ----a-w- C:\Windows\System32\drivers\CSVirtualDiskDrv.sys

2013-07-14 15:45:23 84536 ----a-w- C:\Windows\System32\drivers\CSCrySec.sys

2013-07-14 15:44:28 -------- d-----w- C:\Windows\ELAMBKUP

2013-07-14 15:44:19 -------- d-----w- C:\Program Files (x86)\Common Files\InfoWatch

2013-07-14 15:44:17 -------- d-----w- C:\ProgramData\Kaspersky Lab

2013-07-14 15:44:17 -------- d-----w- C:\Program Files (x86)\Kaspersky Lab

2013-07-14 15:43:56 90208 ----a-w- C:\Windows\System32\drivers\klflt.sys

2013-07-12 07:55:04 9552976 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{697350F8-9A54-4DED-8AAB-D9D119C2E748}\mpengine.dll

2013-07-11 17:31:32 31088 ----a-w- C:\Windows\SysWow64\drivers\gbpndisrd.sys

2013-07-10 13:04:31 571904 ----a-w- C:\Program Files\Windows Defender\MpClient.dll

2013-07-10 13:04:31 392704 ----a-w- C:\Program Files (x86)\Windows Defender\MpClient.dll

2013-07-10 13:04:31 314880 ----a-w- C:\Program Files\Windows Defender\MpCommu.dll

2013-07-10 13:04:31 1011712 ----a-w- C:\Program Files\Windows Defender\MpSvc.dll

2013-07-10 13:04:30 9216 ----a-w- C:\Program Files (x86)\Windows Defender\MpAsDesc.dll

2013-07-10 13:04:30 54784 ----a-w- C:\Program Files (x86)\Windows Defender\MpOAV.dll

2013-07-10 13:04:30 4608 ----a-w- C:\Program Files (x86)\Windows Defender\MsMpLics.dll

2013-07-10 13:04:24 624128 ----a-w- C:\Windows\System32\qedit.dll

2013-07-10 13:04:23 509440 ----a-w- C:\Windows\SysWow64\qedit.dll

2013-07-10 13:04:22 1887744 ----a-w- C:\Windows\System32\WMVDECOD.DLL

2013-07-10 13:04:22 1620480 ----a-w- C:\Windows\SysWow64\WMVDECOD.DLL

2013-07-10 13:03:51 3153920 ----a-w- C:\Windows\System32\win32k.sys

2013-07-10 13:03:46 1732608 ----a-w- C:\Program Files\Windows Journal\NBDoc.DLL

2013-07-10 13:03:46 1367040 ----a-w- C:\Program Files\Common Files\Microsoft Shared\ink\journal.dll

2013-07-10 13:03:45 1393152 ----a-w- C:\Program Files\Windows Journal\JNTFiltr.dll

2013-07-10 13:03:44 936448 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\ink\journal.dll

2013-07-10 13:03:44 1402880 ----a-w- C:\Program Files\Windows Journal\JNWDRV.dll

2013-07-10 13:02:46 1643520 ----a-w- C:\Windows\System32\DWrite.dll

2013-07-10 13:02:45 1247744 ----a-w- C:\Windows\SysWow64\DWrite.dll

2013-07-09 17:44:49 -------- d-sh--w- C:\Users\Manfra\AppData\Roaming\99

2013-07-09 17:44:49 -------- d-sh--w- C:\98d

2013-07-09 00:08:05 -------- d-----w- C:\Users\Manfra\AppData\Local\{D4808D68-8A1B-42F7-85F5-3C6FE7DD8AFB}

2013-06-21 11:35:34 96168 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll

2013-06-21 11:31:50 720594 ----a-w- C:\Users\Manfra\AppData\Roaming\unins000.exe

2013-06-21 11:31:50 -------- d-----w- C:\Users\Manfra\AppData\Local\GAS Tecnologia

2013-06-21 11:31:50 -------- d-----w- C:\ProgramData\GAS Tecnologia

.

==================== Find3M ====================

.

2013-07-15 12:33:54 178448 ----a-w- C:\Windows\System32\drivers\kneps.sys

2013-07-15 12:33:53 54368 ----a-w- C:\Windows\System32\drivers\kltdi.sys

2013-06-13 00:48:23 867240 ----a-w- C:\Windows\SysWow64\npDeployJava1.dll

2013-06-13 00:48:17 789416 ----a-w- C:\Windows\SysWow64\deployJava1.dll

2013-06-12 13:45:16 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl

2013-06-12 13:45:16 692104 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe

2013-06-11 23:43:37 1767936 ----a-w- C:\Windows\SysWow64\wininet.dll

2013-06-11 23:43:00 2877440 ----a-w- C:\Windows\SysWow64\jscript9.dll

2013-06-11 23:42:58 61440 ----a-w- C:\Windows\SysWow64\iesetup.dll

2013-06-11 23:42:58 109056 ----a-w- C:\Windows\SysWow64\iesysprep.dll

2013-06-11 23:26:20 2241024 ----a-w- C:\Windows\System32\wininet.dll

2013-06-11 23:25:16 3958784 ----a-w- C:\Windows\System32\jscript9.dll

2013-06-11 23:25:13 67072 ----a-w- C:\Windows\System32\iesetup.dll

2013-06-11 23:25:13 136704 ----a-w- C:\Windows\System32\iesysprep.dll

2013-06-11 22:51:45 71680 ----a-w- C:\Windows\SysWow64\RegisterIEPKEYs.exe

2013-06-11 22:50:58 89600 ----a-w- C:\Windows\System32\RegisterIEPKEYs.exe

2013-06-07 03:22:18 2706432 ----a-w- C:\Windows\System32\mshtml.tlb

2013-06-07 02:37:52 2706432 ----a-w- C:\Windows\SysWow64\mshtml.tlb

2013-05-13 05:51:01 184320 ----a-w- C:\Windows\System32\cryptsvc.dll

2013-05-13 05:51:00 1464320 ----a-w- C:\Windows\System32\crypt32.dll

2013-05-13 05:51:00 139776 ----a-w- C:\Windows\System32\cryptnet.dll

2013-05-13 05:50:40 52224 ----a-w- C:\Windows\System32\certenc.dll

2013-05-13 04:45:55 140288 ----a-w- C:\Windows\SysWow64\cryptsvc.dll

2013-05-13 04:45:55 1160192 ----a-w- C:\Windows\SysWow64\crypt32.dll

2013-05-13 04:45:55 103936 ----a-w- C:\Windows\SysWow64\cryptnet.dll

2013-05-13 03:43:55 1192448 ----a-w- C:\Windows\System32\certutil.exe

2013-05-13 03:08:10 903168 ----a-w- C:\Windows\SysWow64\certutil.exe

2013-05-13 03:08:06 43008 ----a-w- C:\Windows\SysWow64\certenc.dll

2013-05-10 05:49:27 30720 ----a-w- C:\Windows\System32\cryptdlg.dll

2013-05-10 03:20:54 24576 ----a-w- C:\Windows\SysWow64\cryptdlg.dll

2013-05-08 06:39:01 1910632 ----a-w- C:\Windows\System32\drivers\tcpip.sys

2013-05-02 05:06:08 278800 ------w- C:\Windows\System32\MpSigStub.exe

2013-05-01 06:59:12 94208 ----a-w- C:\Windows\SysWow64\QuickTimeVR.qtx

2013-05-01 06:59:12 69632 ----a-w- C:\Windows\SysWow64\QuickTime.qts

2013-04-26 05:51:36 751104 ----a-w- C:\Windows\System32\win32spl.dll

2013-04-26 04:55:21 492544 ----a-w- C:\Windows\SysWow64\win32spl.dll

2013-04-25 23:30:32 1505280 ----a-w- C:\Windows\SysWow64\d3d11.dll

2013-04-17 07:02:06 1230336 ----a-w- C:\Windows\SysWow64\WindowsCodecs.dll

2013-04-17 06:24:46 1424384 ----a-w- C:\Windows\System32\WindowsCodecs.dll

.

============= FINISH: 9:54:10,63 ===============

ATTACH:

.

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

.

DDS (Ver_2012-11-20.01)

.

Microsoft Windows 7 Home Premium

Boot Device: \Device\HarddiskVolume1

Install Date: 24/04/2012 22:54:48

System Uptime: 15/07/2013 09:42:18 (0 hours ago)

.

Motherboard: ASUSTeK Computer INC. | | P5N-E SLI

Processor: Intel® Core2 Quad CPU @ 2.40GHz | Socket 775 | 2400/266mhz

.

==== Disk Partitions =========================

.

A: is Removable

C: is FIXED (NTFS) - 233 GiB total, 49,786 GiB free.

D: is CDROM (CDFS)

E: is CDROM ()

.

==== Disabled Device Manager Items =============

.

Class GUID: {4d36e96c-e325-11ce-bfc1-08002be10318}

Description: NVIDIA High Definition Audio

Device ID: HDAUDIO\FUNC_01&VEN_10DE&DEV_0016&SUBSYS_10DE0101&REV_1001\5&14D1A7B7&0&0001

Manufacturer: NVIDIA

Name: NVIDIA High Definition Audio

PNP Device ID: HDAUDIO\FUNC_01&VEN_10DE&DEV_0016&SUBSYS_10DE0101&REV_1001\5&14D1A7B7&0&0001

Service: NVHDA

.

Class GUID: {4d36e96c-e325-11ce-bfc1-08002be10318}

Description: NVIDIA High Definition Audio

Device ID: HDAUDIO\FUNC_01&VEN_10DE&DEV_0016&SUBSYS_10DE0101&REV_1001\5&14D1A7B7&0&0101

Manufacturer: NVIDIA

Name: NVIDIA High Definition Audio

PNP Device ID: HDAUDIO\FUNC_01&VEN_10DE&DEV_0016&SUBSYS_10DE0101&REV_1001\5&14D1A7B7&0&0101

Service: NVHDA

.

Class GUID: {4d36e96c-e325-11ce-bfc1-08002be10318}

Description: NVIDIA High Definition Audio

Device ID: HDAUDIO\FUNC_01&VEN_10DE&DEV_0016&SUBSYS_10DE0101&REV_1001\5&14D1A7B7&0&0201

Manufacturer: NVIDIA

Name: NVIDIA High Definition Audio

PNP Device ID: HDAUDIO\FUNC_01&VEN_10DE&DEV_0016&SUBSYS_10DE0101&REV_1001\5&14D1A7B7&0&0201

Service: NVHDA

.

Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}

Description: Cisco AnyConnect VPN Virtual Miniport Adapter for Windows x64

Device ID: ROOT\NET\0000

Manufacturer: Cisco Systems

Name: Cisco AnyConnect VPN Virtual Miniport Adapter for Windows x64

PNP Device ID: ROOT\NET\0000

Service: vpnva

.

Class GUID: {4d36e96c-e325-11ce-bfc1-08002be10318}

Description: NVIDIA High Definition Audio

Device ID: HDAUDIO\FUNC_01&VEN_10DE&DEV_0016&SUBSYS_10DE0101&REV_1001\5&14D1A7B7&0&0301

Manufacturer: NVIDIA

Name: NVIDIA High Definition Audio

PNP Device ID: HDAUDIO\FUNC_01&VEN_10DE&DEV_0016&SUBSYS_10DE0101&REV_1001\5&14D1A7B7&0&0301

Service: NVHDA

.

Class GUID: {4d36e96c-e325-11ce-bfc1-08002be10318}

Description: Dispositivo de High Definition Audio

Device ID: HDAUDIO\FUNC_01&VEN_10EC&DEV_0883&SUBSYS_10438249&REV_1000\4&36D3315D&0&0001

Manufacturer: Microsoft

Name: Dispositivo de High Definition Audio

PNP Device ID: HDAUDIO\FUNC_01&VEN_10EC&DEV_0883&SUBSYS_10438249&REV_1000\4&36D3315D&0&0001

Service: HdAudAddService

.

==== System Restore Points ===================

.

RP184: 14/07/2013 18:54:29 - Removed Facebook Messenger 2.1.4814.0

RP185: 14/07/2013 18:56:33 - Removed Project64 1.6

RP186: 14/07/2013 18:58:10 - Revo Uninstaller's restore point - Akamai NetSession Interface

.

==== Installed Programs ======================

.

3DMark 11

64 Bit HP CIO Components Installer

Adobe Flash Player 11 ActiveX

Adobe Flash Player 11 Plugin

AIDA64 Extreme Edition v2.30

AIO_CDB_ProductContext

AIO_CDB_Software

AIO_Scan

Any Video Converter 3.3.0

Apple Mobile Device Support

Apple Software Update

µTorrent

Atualizações da NVIDIA 1.11.3

Battlelog Web Plugins

Bonjour

Box Sync (64 bit)

BufferChm

Canon MOV Decoder

Canon MOV Encoder

Canon MovieEdit Task for ZoomBrowser EX

Canon Utilities CameraWindow

Canon Utilities Digital Photo Professional 3.7

Canon Utilities EOS Utility

Canon Utilities MyCamera

Canon Utilities PhotoStitch

Canon Utilities Picture Style Editor

Canon Utilities WFT Utility

Canon Utilities ZoomBrowser EX

Canon ZoomBrowser EX Memory Card Utility

Cisco AnyConnect VPN Client

Copy

CPUID HWMonitor 1.19

D3DX10

DAEMON Tools Lite

Definition Update for Microsoft Office 2010 (KB982726) 64-Bit Edition

Destinations

DeviceDiscovery

DocProc

Dropbox

ESN Sonar

Expstudio Audio Editor FREE

ExtraWebcam 3.0.1.250

F300

F300_Help

F300Trb

Fax

foobar2000 v1.2.3

FormatFactory 2.95

Foxit Reader

Futuremark SystemInfo

Google Chrome

Google Earth

Google Talk Plugin

Google Update Helper

GPBaseService2

Guitar Pro 5.2

Hewlett-Packard ACLM.NET v1.1.0.0

HP Customer Participation Program 13.0

HP Imaging Device Functions 13.0

HP Photosmart Essential 3.5

HP Photosmart Officejet and Deskjet All-In-One Driver Software 13.0 Rel. B

HP Product Detection

HP Smart Web Printing 4.51

HP Solution Center 13.0

HP Update

HPDiagnosticAlert

HPPhotoGadget

HPPhotoSmartDiscLabelContent1

HPPhotosmartEssential

HPProductAssistant

iCloud

iPhone Folders

IRPF2013 - Declaração de Ajuste Anual, Final de Espólio e Saída Definitiva do País

iTunes

Java 7 Update 25

Java Auto Updater

Java 6 Update 29 (64-bit)

Java 6 Update 31

JavaFX 2.1.1

Junk Mail filter update

K-Lite Mega Codec Pack 8.8.0

Kaspersky PURE 3.0

Last.fm Scrobbler 2.1.35

M-Audio Delta 6.0.8 (x64)

M-Audio FastTrackPro Driver 6.0.7 (x64)

Módulo Adicional de Segurança CAIXA

Malwarebytes Anti-Malware versão 1.75.0.1300

MarketResearch

Messenger Companion

Microsoft .NET Framework 4 Client Profile

Microsoft .NET Framework 4 Client Profile PTB Language Pack

Microsoft Application Error Reporting

Microsoft Games for Windows - LIVE Redistributable

Microsoft Games for Windows Marketplace

Microsoft Office 2010 Service Pack 1 (SP1)

Microsoft Office Access MUI (Portuguese (Brazil)) 2010

Microsoft Office Excel MUI (Portuguese (Brazil)) 2010

Microsoft Office Groove MUI (Portuguese (Brazil)) 2010

Microsoft Office InfoPath MUI (Portuguese (Brazil)) 2010

Microsoft Office Office 32-bit Components 2010

Microsoft Office OneNote MUI (Portuguese (Brazil)) 2010

Microsoft Office Outlook MUI (Portuguese (Brazil)) 2010

Microsoft Office PowerPoint MUI (Portuguese (Brazil)) 2010

Microsoft Office Professional Plus 2010

Microsoft Office Proof (English) 2010

Microsoft Office Proof (Portuguese (Brazil)) 2010

Microsoft Office Proof (Spanish) 2010

Microsoft Office Proofing (Portuguese (Brazil)) 2010

Microsoft Office Publisher MUI (Portuguese (Brazil)) 2010

Microsoft Office Shared 32-bit MUI (Portuguese (Brazil)) 2010

Microsoft Office Shared MUI (Portuguese (Brazil)) 2010

Microsoft Office Word MUI (Portuguese (Brazil)) 2010

Microsoft Silverlight

Microsoft SQL Server 2005 Compact Edition [ENU]

Microsoft Visual C++ 2005 Redistributable

Microsoft Visual C++ 2005 Redistributable (x64)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219

Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219

Mozilla Firefox 21.0 (x86 pt-BR)

Mozilla Maintenance Service

MSVCRT

MSVCRT_amd64

MSXML 4.0 SP2 (KB954430)

MSXML 4.0 SP2 (KB973688)

Network64

NVIDIA 3D Vision Controller Driver

NVIDIA Driver de controle do 3D Vision 306.23

NVIDIA Driver de gráficos 311.06

NVIDIA Driver de áudio HD 1.3.18.0

NVIDIA Driver do 3D Vision 311.06

NVIDIA Drivers

NVIDIA Install Application

NVIDIA PhysX

NVIDIA Software do sistema PhysX 9.12.0604

NVIDIA Stereoscopic 3D Driver

NVIDIA Update Components

OCR Software by I.R.I.S. 13.0

Pacote de Idiomas do Microsoft .NET Framework 4 Client Profile - Português (Brasil)

Painel de controle da NVIDIA 311.06

Philips CamSuite

Philips Intelligent Agent

Philips SPZ2500, SPZ2000 WebCam

Picasa 3

QuickTime

Rapture3D 2.4.9 Game

Receitanet

Revo Uninstaller 1.93

Scan

SEA-MTE

Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2804576)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2835393)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628)

Security Update for Microsoft Excel 2010 (KB2597126) 64-Bit Edition

Security Update for Microsoft Filter Pack 2.0 (KB2553501) 64-Bit Edition

Security Update for Microsoft InfoPath 2010 (KB2687422) 64-Bit Edition

Security Update for Microsoft InfoPath 2010 (KB2760406) 64-Bit Edition

Security Update for Microsoft Office 2010 (KB2553091)

Security Update for Microsoft Office 2010 (KB2553096)

Security Update for Microsoft Office 2010 (KB2553371) 64-Bit Edition

Security Update for Microsoft Office 2010 (KB2553447) 64-Bit Edition

Security Update for Microsoft Office 2010 (KB2589320) 64-Bit Edition

Security Update for Microsoft Office 2010 (KB2598243) 64-Bit Edition

Security Update for Microsoft Office 2010 (KB2687276) 64-Bit Edition

Security Update for Microsoft Office 2010 (KB2687501) 64-Bit Edition

Security Update for Microsoft Office 2010 (KB2687510) 64-Bit Edition

Security Update for Microsoft OneNote 2010 (KB2760600) 64-Bit Edition

Security Update for Microsoft Publisher 2010 (KB2553147) 64-Bit Edition

Security Update for Microsoft Visio 2010 (KB2810068) 64-Bit Edition

Security Update for Microsoft Visio Viewer 2010 (KB2687505) 64-Bit Edition

Security Update for Microsoft Word 2010 (KB2760410) 64-Bit Edition

Security Update for Pacote de Idiomas do Microsoft .NET Framework 4 Client Profile - Português (Brasil) (KB2518870)

Sistema Auditor

Skype Click to Call

Skype™ 6.5

SmartWebPrinting

SolutionCenter

SONAR 7 Producer Edition

Sony Noise Reduction Plug-In 2.0e

Sony Sound Forge 9.0

Status

Subtitle Workshop 2.51

Suporte para Aplicativos Apple

Toolbox

TrayApp

UnloadSupport

Update for Microsoft .NET Framework 4 Client Profile (KB2468871)

Update for Microsoft .NET Framework 4 Client Profile (KB2533523)

Update for Microsoft .NET Framework 4 Client Profile (KB2600217)

Update for Microsoft Office 2010 (KB2553065)

Update for Microsoft Office 2010 (KB2553092)

Update for Microsoft Office 2010 (KB2553181) 64-Bit Edition

Update for Microsoft Office 2010 (KB2553267) 64-Bit Edition

Update for Microsoft Office 2010 (KB2553270) 64-Bit Edition

Update for Microsoft Office 2010 (KB2553310) 64-Bit Edition

Update for Microsoft Office 2010 (KB2553378) 64-Bit Edition

Update for Microsoft Office 2010 (KB2566458)

Update for Microsoft Office 2010 (KB2598242) 64-Bit Edition

Update for Microsoft Office 2010 (KB2687509) 64-Bit Edition

Update for Microsoft Office 2010 (KB2760631) 64-Bit Edition

Update for Microsoft Office 2010 (KB2767886) 64-Bit Edition

Update for Microsoft OneNote 2010 (KB2553290) 64-Bit Edition

Update for Microsoft Outlook 2010 (KB2597090) 64-Bit Edition

Update for Microsoft Outlook 2010 (KB2687623) 64-Bit Edition

Update for Microsoft Outlook Social Connector 2010 (KB2553406) 64-Bit Edition

Update for Microsoft PowerPoint 2010 (KB2598240) 64-Bit Edition

Update for Microsoft SharePoint Workspace 2010 (KB2589371) 64-Bit Edition

uTorrentBar_PT Toolbar

Vegas Movie Studio 9.0

WebReg

Windows Live Communications Platform

Windows Live Essentials

Windows Live Galeria de Fotos

Windows Live ID Sign-in Assistant

Windows Live Installer

Windows Live Language Selector

Windows Live Mail

Windows Live Messenger

Windows Live Messenger Companion Core

Windows Live MIME IFilter

Windows Live Movie Maker

Windows Live Photo Common

Windows Live Photo Gallery

Windows Live PIMT Platform

Windows Live SOXE

Windows Live SOXE Definitions

Windows Live UX Platform

Windows Live UX Platform Language Pack

Windows Live Writer

Windows Live Writer Resources

Windows Media Player Firefox Plugin

WinRAR 4.11 (64-bit)

YoutubeMovieMaker

.

==== End Of File ===========================

GMER 2.1.19163 - http://www.gmer.net

Rootkit scan 2013-07-15 13:25:58

Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk0\DR0 -> \Device\00000068 SAMSUNG_ rev.VT10 232,89GB

Running: 2b27m43q.exe; Driver: C:\Users\Manfra\AppData\Local\Temp\kwdiypob.sys

---- Kernel code sections - GMER 2.1 ----

INITKDBG C:\Windows\system32\ntoskrnl.exe!ExDeleteNPagedLookasideList + 560 fffff800031f1000 63 bytes [00, 00, 15, 02, 46, 69, 6C, ...]

INITKDBG C:\Windows\system32\ntoskrnl.exe!ExDeleteNPagedLookasideList + 624 fffff800031f1040 1 byte [01]

---- User code sections - GMER 2.1 ----

.text C:\PROGRA~2\GbPlugin\GbpSv.exe[932] C:\Windows\syswow64\kernel32.dll!FreeLibrary 0000000076db34a8 5 bytes JMP 000000013b6a7121

.text C:\PROGRA~2\GbPlugin\GbpSv.exe[932] C:\Windows\syswow64\kernel32.dll!FreeLibraryAndExitThread 0000000076dcd56a 5 bytes JMP 000000013b6a7099

.text C:\PROGRA~2\GbPlugin\GbpSv.exe[932] C:\Windows\syswow64\KERNELBASE.dll!LoadLibraryExW + 493 0000000074fa2c91 4 bytes CALL 71af0000

.text C:\PROGRA~2\GbPlugin\GbpSv.exe[932] C:\Windows\syswow64\ole32.dll!CoUnmarshalInterface 000000007645f150 6 bytes JMP 71ab000a

.text C:\PROGRA~2\GbPlugin\GbpSv.exe[932] C:\Windows\syswow64\psapi.dll!GetModuleInformation + 69 0000000075f71465 2 bytes [F7, 75]

.text C:\PROGRA~2\GbPlugin\GbpSv.exe[932] C:\Windows\syswow64\psapi.dll!GetModuleInformation + 155 0000000075f714bb 2 bytes [F7, 75]

.text ... * 2

.text C:\Windows\SysWOW64\PnkBstrA.exe[1920] C:\Windows\SysWOW64\WSOCK32.dll!setsockopt + 322 0000000072631a22 2 bytes [63, 72]

.text C:\Windows\SysWOW64\PnkBstrA.exe[1920] C:\Windows\SysWOW64\WSOCK32.dll!setsockopt + 496 0000000072631ad0 2 bytes [63, 72]

.text C:\Windows\SysWOW64\PnkBstrA.exe[1920] C:\Windows\SysWOW64\WSOCK32.dll!setsockopt + 552 0000000072631b08 2 bytes [63, 72]

.text C:\Windows\SysWOW64\PnkBstrA.exe[1920] C:\Windows\SysWOW64\WSOCK32.dll!setsockopt + 730 0000000072631bba 2 bytes [63, 72]

.text C:\Windows\SysWOW64\PnkBstrA.exe[1920] C:\Windows\SysWOW64\WSOCK32.dll!setsockopt + 762 0000000072631bda 2 bytes [63, 72]

.text C:\Program Files (x86)\Last.fm\Last.fm Scrobbler.exe[1816] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000075f71465 2 bytes [F7, 75]

.text C:\Program Files (x86)\Last.fm\Last.fm Scrobbler.exe[1816] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 0000000075f714bb 2 bytes [F7, 75]

.text ... * 2

---- Kernel IAT/EAT - GMER 2.1 ----

IAT C:\Windows\System32\win32k.sys[ntoskrnl.exe!KeUserModeCallback] [fffff88007542d18] \SystemRoot\system32\DRIVERS\klif.sys


---- Threads - GMER 2.1 ----

Thread C:\Windows\Explorer.EXE [2916:3356] 000007feede32118

Thread C:\Windows\Explorer.EXE [2916:4556] 000007feeee2a18c

---- EOF - GMER 2.1 ----

Compartilhar este post


Link para o post
Compartilhar em outros sites

Quais os motivos das suas suspeitas? Algum comportamento anormal?

Compartilhar este post


Link para o post
Compartilhar em outros sites

É que eu já passei o antivirus no HD externo e no pen-drive, e na segunda vez que passei encontrou vírus novamente. Então eu suspeito que os anti-vírus não estão apagando totalmente os vírus também do meu PC.

Aparentemente não há comportamento estranho.

Compartilhar este post


Link para o post
Compartilhar em outros sites

Se você mandar verificar agora, acusará novamente o vírus?

Compartilhar este post


Link para o post
Compartilhar em outros sites





Sobre o Clube do Hardware

No ar desde 1996, o Clube do Hardware é uma das maiores, mais antigas e mais respeitadas publicações sobre tecnologia do Brasil. Leia mais

Direitos autorais

Não permitimos a cópia ou reprodução do conteúdo do nosso site, fórum, newsletters e redes sociais, mesmo citando-se a fonte. Leia mais

×