Ir ao conteúdo
  • Cadastre-se
manipoa

Ajuda! worm:win32/conficker.b!inf

Recommended Posts

Boa tarde!

 

Recebi o alerta do meu antivírus sobre infecção. O item detectado foi o worm:win32/conficker.b!inf . Gostaria da ajuda de vocês para resolver, já que o antivírus não conseguiu fazer isso. Uso o Microsoft Security Essencial.

 

 

Grato

Compartilhar este post


Link para o post
Compartilhar em outros sites
Olá

 


 

ATENÇÃO 1: Não precisa abrir um novo tópico, coloque os novos logs neste mesmo tópico, obrigado!

ATENÇÃO 2: Não edite seu tópico, use o botão responder, obrigado!

ATENÇÃO 3: Não coloque os logs entre TAGS, obrigado!

ATENÇÃO 4: Não anexe os logs, obrigado!

 

Abraços :D

Compartilhar este post


Link para o post
Compartilhar em outros sites

Segue:

 

DDS (Ver_2012-11-20.01) - NTFS_AMD64 
Internet Explorer: 10.0.9200.16843  BrowserJavaVersion: 10.51.2
Run by Maninho at 15:58:10 on 2014-03-27
Microsoft Windows 7 Home Basic   6.1.7601.1.1252.55.1046.18.3893.2302 [GMT -3:00]
.
AV: Microsoft Security Essentials *Disabled/Updated* {641105E6-77ED-3F35-A304-765193BCB75F}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Microsoft Security Essentials *Disabled/Updated* {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\taskhost.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE
C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
C:\Program Files\Motorola\Bluetooth\devmgrsrv.exe
C:\ProgramData\DatacardService\HWDeviceService64.exe
C:\ProgramData\DatacardService\DCSHelper.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Windows\System32\igfxtray.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
C:\Program Files (x86)\Hotkey\PowerBiosServer.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files (x86)\Hotkey\Hotkey.exe
C:\Program Files (x86)\OEM\LIVE! OSD 1.35\osd.exe
C:\Program Files\SRS Labs\SRS Premium Sound Control Panel\SRSPremiumPanel_64.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\QuickKey\HookKey.exe
C:\Program Files\Motorola\Bluetooth\obexsrv.exe
C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Motorola\Bluetooth\audiosrv.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files\Motorola\Bluetooth\btplayerctrl.exe
C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\system32\igfxsrvc.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxps://www.google.com.br/
uDefault_Page_URL = hxxp://www.positivoinformatica.com.br
mStart Page = hxxp://www.baixaki.com.br/portal/?utm_source=core&utm_medium=ppi&utm_campaign=portal
mWinlogon: Userinit = userinit.exe
BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: Auxiliar de Conexão do Windows Live ID: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Free Download Manager: {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files (x86)\Free Download Manager\iefdm2.dll
BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - 
BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - 
uRun: [Google Update] "C:\Users\Maninho\AppData\Local\Google\Update\GoogleUpdate.exe" /c
uRun: [Facebook Update] "C:\Users\Maninho\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
mRun: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
mRun: [HookKey] C:\Program Files (x86)\QuickKey\HookKey.exe
mRun: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe -r
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\Hotkey.lnk - C:\Program Files (x86)\Hotkey\Hotkey.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\OSD.lnk - C:\Windows\Installer\{73289228-1853-4623-982A-EB17FF0270CA}\_6C478F4E8D2A2AC0FD0413.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\SRSPRE~1.LNK - C:\Program Files\SRS Labs\SRS Premium Sound Control Panel\SRSPremiumPanel_64.exe
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: Baixar com o Free Download Manager - C:\Program Files (x86)\Free Download Manager\dllink.htm
IE: Baixar tudo com o Free Download Manager - C:\Program Files (x86)\Free Download Manager\dlall.htm
IE: Baixar vídeo com o Free Download Manager - C:\Program Files (x86)\Free Download Manager\dlfvideo.htm
IE: Download selecionado pelo Free Download Manager - C:\Program Files (x86)\Free Download Manager\dlselected.htm
IE: E&xportar para o Microsoft Excel - C:\PROGRA~2\MIF5BA~1\Office12\EXCEL.EXE/3000
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
IE: {bd707fe6-39f6-4bda-9265-86a76719bdc5} - C:\Program Files\Motorola\Bluetooth\btmiesend.htm
DPF: {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} - hxxp://content.systemrequirementslab.com/bin/srldetect_intel_4.5.15.0.cab
TCP: NameServer = 192.168.0.1
TCP: Interfaces\{50BB8BAC-EA19-4EDB-8E94-413BFD629E5F} : DHCPNameServer = 192.168.0.1
TCP: Interfaces\{50BB8BAC-EA19-4EDB-8E94-413BFD629E5F}\84F44554C4F514C49414E43414F5130303 : DHCPNameServer = 10.1.1.1 201.10.1.2
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
SSODL: WebCheck - <orphaned>
SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-mStart Page = hxxp://www.baixaki.com.br/portal/?utm_source=core&utm_medium=ppi&utm_campaign=portal
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-Run: [bTMTrayAgent] rundll32.exe "C:\Program Files\Motorola\Bluetooth\btmshell.dll",TrayApp
x64-Run: [synTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe
x64-Run: [igfxTray] C:\Windows\System32\igfxtray.exe
x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe
x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe
x64-Run: [MSC] "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
x64-IE: {bd707fe6-39f6-4bda-9265-86a76719bdc5} - C:\Program Files\Motorola\Bluetooth\btmiesend.htm
x64-Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - <orphaned>
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-Notify: igfxcui - igfxdev.dll
x64-SSODL: WebCheck - <orphaned>
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Maninho\AppData\Roaming\Mozilla\Firefox\Profiles\pugycftg.default\
FF - prefs.js: browser.startup.homepage - hxxps://www.google.com.br/
FF - prefs.js: keyword.URL - hxxp://www.mystart.com/results.php?pr=manycam&id=manycamtb&v=5_2&ent=bs____campaignID___&q=
FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
FF - plugin: C:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\Users\Maninho\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll
FF - plugin: C:\Users\Maninho\AppData\Local\GAS Tecnologia\GBBD\npsf_cef.dll
FF - plugin: C:\Users\Maninho\AppData\Local\GAS Tecnologia\GBBD\npsf_cef_64.dll
FF - plugin: C:\Users\Maninho\AppData\Local\Google\Update\1.3.22.5\npGoogleUpdate3.dll
FF - plugin: C:\Users\Maninho\AppData\Roaming\Mozilla\plugins\np-mswmp.dll
FF - plugin: C:\Users\Maninho\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll
FF - plugin: C:\Users\Maninho\AppData\Roaming\Mozilla\plugins\npo1d.dll
FF - plugin: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1206147.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll
.
---- FIREFOX POLICIES ----
FF - user.js: extensions.delta.tlbrSrchUrl - 
FF - user.js: extensions.delta.id - ea29269d000000000000e09153449525
FF - user.js: extensions.delta.appId - {C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
FF - user.js: extensions.delta.instlDay - 15977
FF - user.js: extensions.delta.vrsn - 1.8.24.6
FF - user.js: extensions.delta.vrsni - 1.8.24.6
FF - user.js: extensions.delta.vrsnTs - 1.8.24.616:13:42
FF - user.js: extensions.delta.prtnrId - delta
FF - user.js: extensions.delta.prdct - delta
FF - user.js: extensions.delta.aflt - babsst
FF - user.js: extensions.delta.smplGrp - none
FF - user.js: extensions.delta.tlbrId - base
FF - user.js: extensions.delta.instlRef - sst
FF - user.js: extensions.delta.dfltLng - pt
FF - user.js: extensions.delta.excTlbr - false
FF - user.js: extensions.delta.ffxUnstlRst - true
FF - user.js: extensions.delta.admin - false
FF - user.js: extensions.delta_i.babTrack - affID=121565&tsp=5020
FF - user.js: extensions.delta_i.babExt - 
FF - user.js: extensions.delta_i.srcExt - ss
FF - user.js: extensions.delta.autoRvrt - false
FF - user.js: extensions.delta.rvrt - false
FF - user.js: extensions.delta.newTab - false
.
============= SERVICES / DRIVERS ===============
.
R0 MpFilter;Microsoft Malware Protection Driver;C:\Windows\System32\drivers\MpFilter.sys [2014-1-25 268512]
R2 BBSvc;Bing Bar Update Service;C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-10-21 196176]
R2 BBUpdate;BBUpdate;C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE [2011-10-13 249648]
R2 Bluetooth OBEX Service;Bluetooth OBEX Service;C:\Program Files\Motorola\Bluetooth\obexsrv.exe [2011-11-19 679176]
R2 HWDeviceService64.exe;HWDeviceService64.exe;C:\ProgramData\DatacardService\HWDeviceService64.exe [2011-3-14 346976]
R2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-11-19 13336]
R2 LiveGpdKBFilter;LiveGpdKBFilter;C:\Windows\System32\drivers\LiveGpdKBFilter.sys [2011-11-19 11168]
R2 LiveIO;LiveIO;C:\Windows\System32\drivers\LiveIO.sys [2011-11-19 14240]
R2 PowerBiosServer;PowerBiosServer;C:\Program Files (x86)\Hotkey\PowerBiosServer.exe [2010-1-22 32256]
R2 UNS;Intel® Management & Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2011-11-19 2320920]
R3 Bluetooth Device Manager;Bluetooth Device Manager;C:\Program Files\Motorola\Bluetooth\devmgrsrv.exe [2011-11-19 4150864]
R3 Bluetooth Media Service;Bluetooth Media Service;C:\Program Files\Motorola\Bluetooth\audiosrv.exe [2011-11-19 1188616]
R3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2011-11-19 1028096]
R3 huawei_enumerator;huawei_enumerator;C:\Windows\System32\drivers\ew_jubusenum.sys [2013-12-8 87040]
R3 Impcd;Impcd;C:\Windows\System32\drivers\Impcd.sys [2010-2-26 158976]
R3 IntcDAud;Áudio do vídeo Intel®;C:\Windows\System32\drivers\IntcDAud.sys [2011-8-23 317440]
R3 Livekbc;Livekbc;C:\Windows\System32\drivers\Livekbc.sys [2011-11-19 11680]
R3 Livemouclass;Livemouclass;C:\Windows\System32\drivers\Livemouclass.sys [2011-11-19 11168]
R3 PositivoAudioDriverWdm;Positivo Audio Driver (WDM);C:\Windows\System32\drivers\pad.sys [2011-11-19 69520]
R3 rtl8192se;Realtek Wireless LAN 802.11n PCI-E NIC NT Driver;C:\Windows\System32\drivers\rtl8192se.sys [2010-4-1 1100320]
R3 VIAHdAudAddService;VIA High Definition Audio Driver Service;C:\Windows\System32\drivers\viahduaa.sys [2013-8-19 1327520]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-7-25 162672]
S3 BTMCOM;Bluetooth Serial Port;C:\Windows\System32\drivers\btmcom.sys [2011-11-19 52736]
S3 BTMHID;BTMHID;C:\Windows\System32\drivers\btmhid.sys [2011-11-19 34176]
S3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device;C:\Windows\System32\drivers\ew_hwusbdev.sys [2013-12-8 117248]
S3 ew_usbenumfilter;huawei_CompositeFilter;C:\Windows\System32\drivers\ew_usbenumfilter.sys [2013-12-8 13952]
S3 fssfltr;fssfltr;C:\Windows\System32\drivers\fssfltr.sys [2011-11-19 48488]
S3 fsssvc;Windows Live Family Safety Service;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2011-5-13 1492840]
S3 huawei_cdcacm;huawei_cdcacm;C:\Windows\System32\drivers\ew_jucdcacm.sys [2013-12-8 98304]
S3 huawei_ext_ctrl;huawei_ext_ctrl;C:\Windows\System32\drivers\ew_juextctrl.sys [2013-12-8 28672]
S3 huawei_wwanecm;huawei_wwanecm;C:\Windows\System32\drivers\ew_juwwanecm.sys [2013-12-8 218624]
S3 JMCR;JMCR;C:\Windows\System32\drivers\jmcr.sys [2013-6-21 144496]
S3 JME;JMicron Ethernet Adapter NDIS6.20 Driver (Amd64 Bits);C:\Windows\System32\drivers\JME.sys [2013-6-21 107120]
S3 ManyCam;ManyCam Virtual Webcam;C:\Windows\System32\drivers\mcvidrv_x64.sys [2013-11-9 44928]
S3 mcaudrv_simple;ManyCam Virtual Microphone;C:\Windows\System32\drivers\mcaudrv_x64.sys [2013-1-31 28160]
S3 NisDrv;Microsoft Network Inspection System;C:\Windows\System32\drivers\NisDrvWFP.sys [2013-6-18 133928]
S3 NisSrv;Inspeção de Rede da Microsoft;C:\Program Files\Microsoft Security Client\NisSrv.exe [2014-3-11 347872]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2013-8-19 19456]
S3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2011-11-19 344680]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2014-3-26 56832]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2013-8-19 30208]
S4 AppManagerService;Serviço do Positivo Experience;C:\Program Files (x86)\Positivo Informática\Positivo Experience\Positivo Experience\PositivoExperienceService.exe [2011-11-19 46592]
S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]
.
=============== Created Last 30 ================
.
2014-03-27 01:45:09 10521840 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{C1A7A8F8-AF5B-4CA0-9716-FA14175DD249}\mpengine.dll
2014-03-26 20:56:28 10521840 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2014-03-26 18:27:04 600064 ----a-w- C:\Windows\System32\vbscript.dll
2014-03-26 18:27:04 523776 ----a-w- C:\Windows\SysWow64\vbscript.dll
2014-03-26 18:08:41 3156480 ----a-w- C:\Windows\System32\win32k.sys
2014-03-26 18:07:55 1424384 ----a-w- C:\Windows\System32\WindowsCodecs.dll
2014-03-26 18:07:55 1230336 ----a-w- C:\Windows\SysWow64\WindowsCodecs.dll
2014-03-26 18:06:37 624128 ----a-w- C:\Windows\System32\qedit.dll
2014-03-26 18:06:37 509440 ----a-w- C:\Windows\SysWow64\qedit.dll
2014-03-25 19:30:32 1031560 ------w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{99AA821A-1E22-405D-88F8-0DE73A58C8A7}\gapaengine.dll
2014-03-18 23:42:17 -------- d-----w- C:\Program Files (x86)\VirtualDJ
2014-03-17 05:32:17 65602 ----a-w- C:\Windows\SysWow64\cook3260.dll
2014-03-17 05:32:17 626688 ----a-w- C:\Windows\SysWow64\vp7vfw.dll
2014-03-17 05:32:17 217127 ----a-w- C:\Windows\SysWow64\drv43260.dll
2014-03-17 05:32:17 208935 ----a-w- C:\Windows\SysWow64\drv33260.dll
2014-03-17 05:32:17 176165 ----a-w- C:\Windows\SysWow64\drv23260.dll
2014-03-17 05:32:17 1184984 ----a-w- C:\Windows\SysWow64\wvc1dmod.dll
2014-03-17 05:32:16 1645320 ----a-w- C:\Windows\gdiplus.dll
2014-03-17 05:32:13 -------- d-----w- C:\Program Files (x86)\VSO
2014-03-16 23:08:34 14891928 ----a-w- C:\Users\Maninho\ConvertXtoDvd.exe
2014-03-16 22:47:15 -------- d-----w- C:\ProgramData\VSO
2014-03-15 00:16:59 -------- d-----w- C:\ProgramData\vsosdk
2014-03-13 19:11:56 -------- d-----w- C:\Users\Maninho\AppData\Roaming\Digiarty
2014-03-13 19:11:48 -------- d-----w- C:\Program Files (x86)\Digiarty
2014-03-13 18:43:25 131856 ----a-w- C:\Windows\SysWow64\MSADODC.ocx
2014-03-13 18:29:21 99384 ----a-w- C:\Users\Maninho\AppData\Roaming\inst.exe
2014-03-13 18:29:21 82816 ----a-w- C:\Windows\System32\drivers\pcouffin.sys
2014-03-13 18:29:21 82816 ----a-w- C:\Users\Maninho\AppData\Roaming\pcouffin.sys
2014-03-13 14:25:43 -------- d-----w- C:\Users\Maninho\AppData\Local\FreemakeVideoConverter
2014-03-13 14:24:29 -------- d-----w- C:\ProgramData\Freemake
2014-03-13 14:24:01 -------- d-----w- C:\Program Files (x86)\Freemake
2014-03-13 13:33:56 -------- d-----w- C:\Carnaval Rio 2014 - Série A
2014-03-04 02:08:44 -------- d-----w- C:\Paulo Charmeiro
.
==================== Find3M  ====================
.
2014-03-11 20:44:25 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2014-03-11 20:44:25 692616 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2014-03-11 12:52:30 133928 ----a-w- C:\Windows\System32\drivers\NisDrvWFP.sys
2014-02-23 08:13:41 2241536 ----a-w- C:\Windows\System32\wininet.dll
2014-02-23 08:11:59 3960320 ----a-w- C:\Windows\System32\jscript9.dll
2014-02-23 08:11:52 67072 ----a-w- C:\Windows\System32\iesetup.dll
2014-02-23 08:11:52 136704 ----a-w- C:\Windows\System32\iesysprep.dll
2014-02-23 06:54:46 1767936 ----a-w- C:\Windows\SysWow64\wininet.dll
2014-02-23 06:53:22 2877952 ----a-w- C:\Windows\SysWow64\jscript9.dll
2014-02-23 06:53:18 61440 ----a-w- C:\Windows\SysWow64\iesetup.dll
2014-02-23 06:53:18 109056 ----a-w- C:\Windows\SysWow64\iesysprep.dll
2014-02-23 06:35:36 2706432 ----a-w- C:\Windows\System32\mshtml.tlb
2014-02-23 06:31:25 2706432 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2014-02-23 05:39:39 89600 ----a-w- C:\Windows\System32\RegisterIEPKEYs.exe
2014-02-23 05:35:24 71680 ----a-w- C:\Windows\SysWow64\RegisterIEPKEYs.exe
2014-01-29 02:32:18 484864 ----a-w- C:\Windows\System32\wer.dll
2014-01-29 02:06:47 381440 ----a-w- C:\Windows\SysWow64\wer.dll
2014-01-28 02:32:46 228864 ----a-w- C:\Windows\System32\wwansvc.dll
2014-01-25 04:19:42 268512 ----a-w- C:\Windows\System32\drivers\MpFilter.sys
2014-01-19 07:33:29 270496 ------w- C:\Windows\System32\MpSigStub.exe
.
============= FINISH: 15:58:54,70 ===============
 
 
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 7 Home Basic 
Boot Device: \Device\HarddiskVolume1
Install Date: 17/08/2013 16:44:41
System Uptime: 27/03/2014 15:43:09 (0 hours ago)
.
Motherboard: CLEVO Co.                        |  | E412X                           
Processor: Intel® Core i3 CPU       M 380  @ 2.53GHz | CPU 1 | 2533/133mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 150 GiB total, 30,408 GiB free.
D: is FIXED (NTFS) - 301 GiB total, 137,289 GiB free.
E: is CDROM ()
.
==== Disabled Device Manager Items =============
.
Class GUID: 
Description: 
Device ID: PCI\VEN_8086&DEV_3B64&SUBSYS_41201558&REV_06\3&11583659&0&B0
Manufacturer: 
Name: 
PNP Device ID: PCI\VEN_8086&DEV_3B64&SUBSYS_41201558&REV_06\3&11583659&0&B0
Service: 
.
==== System Restore Points ===================
.
RP88: 17/03/2014 03:25:14 - Removed VirtualDJ LE (DDJ-WeGO)
RP89: 17/03/2014 03:28:45 - Removed VirtualDJ Home FREE
RP90: 17/03/2014 15:32:39 - Windows Update
RP91: 18/03/2014 20:41:34 - Installed VirtualDJ Home FREE
RP92: 20/03/2014 18:42:31 - Windows Update
RP93: 24/03/2014 02:45:58 - Windows Update
RP94: 25/03/2014 05:49:29 - Removed Adobe Flash Media Live Encoder 3.2.
RP95: 26/03/2014 15:09:35 - Windows Update
.
==== Installed Programs ======================
.
123 Free Solitaire 2009 v7.2
2007 Microsoft Office Suite Service Pack 3 (SP3)
Adobe Flash Player 12 ActiveX
Adobe Flash Player 12 Plugin
Adobe Reader X (10.1.9) - Português
Adobe Shockwave Player 12.0
µTorrent
aTube Catcher
Audio Recorder for Free v13.0.2
AVG 2013
Bejeweled® 3 (remove only)
Bing Bar
CCleaner
CDBurnerXP
Cisco EAP-FAST Module
Cisco LEAP Module
Cisco PEAP Module
Claro
Controle ActiveX do Windows Live Mesh para Conexões Remotas
ConvertXtoDVD 3.1.0.18
D3DX10
DJ Intro version 1.1.2
Facebook Video Calling 2.0.0.447
Free Download Manager 3.9.3
GBBD Caixa Economica Federal
Gerenciador de Inicialização Positivo
Google Chrome
Google Talk Plugin
Google Update Helper
Hotkey 3.2003
Intel® Control Center
Intel® Management Engine Components
Intel® Processor Graphics
Intel® Rapid Storage Technology
Java 7 Update 51
Java Auto Updater
JMicron Ethernet Adapter NDIS Driver
JMicron JMB38X Flash Media Controller
Junk Mail filter update
K-Lite Mega Codec Pack 10.0.0
LIVE! Control Center 1.11(X64)
LIVE! OSD 1.35
Mesh Runtime
Microsoft .NET Framework 4 Client Profile
Microsoft .NET Framework 4 Extended
Microsoft Application Error Reporting
Microsoft Office 2010
Microsoft Office Access MUI (Portuguese (Brazil)) 2007
Microsoft Office Enterprise 2007
Microsoft Office Excel MUI (Portuguese (Brazil)) 2007
Microsoft Office File Validation Add-In
Microsoft Office Groove MUI (Portuguese (Brazil)) 2007
Microsoft Office InfoPath MUI (Portuguese (Brazil)) 2007
Microsoft Office Office 64-bit Components 2007
Microsoft Office OneNote MUI (Portuguese (Brazil)) 2007
Microsoft Office Outlook MUI (Portuguese (Brazil)) 2007
Microsoft Office PowerPoint MUI (Portuguese (Brazil)) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (Portuguese (Brazil)) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (Portuguese (Brazil)) 2007
Microsoft Office Publisher MUI (Portuguese (Brazil)) 2007
Microsoft Office Shared 64-bit MUI (Portuguese (Brazil)) 2007
Microsoft Office Shared MUI (Portuguese (Brazil)) 2007
Microsoft Office Word MUI (Portuguese (Brazil)) 2007
Microsoft Security Client
Microsoft Security Essentials
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
Microsoft XNA Framework Redistributable 4.0
Motorola Bluetooth
Mozilla Firefox 27.0.1 (x86 pt-BR)
Mozilla Maintenance Service
MSVCRT
MSVCRT_amd64
Pioneer DDJ_WeGO Driver
Plantas vs Zumbis (remove only)
Platform
Positivo Áudio
Positivo 3D Incrível
Positivo Backup
Positivo Conversor 3D
Positivo Experience
Positivo Roteador
Positivo Sincronize
Positivo Tutorial Bluetooth
Positivo WebCam
QuickKey 1.00
Realtek Ethernet Controller Driver For Windows 7
REALTEK Wireless LAN Driver
Recuva
Sally's Studio (remove only)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2736428)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2804576)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2835393)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2898855v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2901110v2)
Security Update for Microsoft .NET Framework 4 Extended (KB2487367)
Security Update for Microsoft .NET Framework 4 Extended (KB2656351)
Security Update for Microsoft .NET Framework 4 Extended (KB2736428)
Security Update for Microsoft .NET Framework 4 Extended (KB2742595)
Security Update for Microsoft .NET Framework 4 Extended (KB2901110v2)
Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition 
Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition 
Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596825) 32-Bit Edition 
Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2597973) 32-Bit Edition 
Security Update for Microsoft Office 2007 suites (KB2687309) 32-Bit Edition 
Security Update for Microsoft Office 2007 suites (KB2687439) 32-Bit Edition 
Security Update for Microsoft Office 2007 suites (KB2687441) 32-Bit Edition 
Security Update for Microsoft Office 2007 suites (KB2760411) 32-Bit Edition 
Security Update for Microsoft Office 2007 suites (KB2760415) 32-Bit Edition 
Security Update for Microsoft Office 2007 suites (KB2760585) 32-Bit Edition 
Security Update for Microsoft Office 2007 suites (KB2760591) 32-Bit Edition 
Security Update for Microsoft Office 2007 suites (KB2827326) 32-Bit Edition 
Security Update for Microsoft Office 2007 suites (KB2837615) 32-Bit Edition 
Security Update for Microsoft Office Excel 2007 (KB2827324) 32-Bit Edition 
Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition 
Security Update for Microsoft Office Outlook 2007 (KB2825644) 32-Bit Edition 
Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition
Security Update for Microsoft Office Publisher 2007 (KB2597971) 32-Bit Edition 
Security Update for Microsoft Office Word 2007 (KB2837617) 32-Bit Edition 
Skype™ 6.7
Software de Cadastro Positivo 6.0
SRS Premium Sound Control Panel
Super Tela
swMSM
Synaptics Pointing Device Driver
System Requirements Lab for Intel
TagScanner 5.1.638
Tutorial 1.0
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939)
Update for Microsoft .NET Framework 4 Extended (KB2468871)
Update for Microsoft .NET Framework 4 Extended (KB2533523)
Update for Microsoft .NET Framework 4 Extended (KB2600217)
Update for Microsoft .NET Framework 4 Extended (KB2836939)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2878234) 32-Bit Edition
VIA Gerenciador de dispositivo de plataforma
VirtualDJ Home FREE
Visual Studio 2010 x64 Redistributables
VLC media player 1.1.10
VSO ConvertXToDVD
Webcam 1.5
Windows Live Communications Platform
Windows Live Essentials
Windows Live Family Safety
Windows Live Galeria de Fotos
Windows Live ID Sign-in Assistant
Windows Live Installer
Windows Live Language Selector
Windows Live Mail
Windows Live Mesh
Windows Live Messenger
Windows Live MIME IFilter
Windows Live Movie Maker
Windows Live Photo Common
Windows Live Photo Gallery
Windows Live PIMT Platform
Windows Live Remote Client
Windows Live Remote Client Resources
Windows Live Remote Service
Windows Live Remote Service Resources
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Live Writer
Windows Live Writer Resources
WinRAR 4.20 (64-bit)
.
==== End Of File ===========================
 
 
GMER 2.1.19357 - http://www.gmer.net
Rootkit scan 2014-03-27 16:29:41
Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1 WDC_WD50 rev.01.0 465,76GB
Running: gmer.exe; Driver: C:\Users\Maninho\AppData\Local\Temp\pfliapoc.sys
 
 
---- User code sections - GMER 2.1 ----
 
.text  C:\Program Files (x86)\OEM\LIVE! OSD 1.35\osd.exe[2452] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69                                0000000075321465 2 bytes [32, 75]
.text  C:\Program Files (x86)\OEM\LIVE! OSD 1.35\osd.exe[2452] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155                               00000000753214bb 2 bytes [32, 75]
.text  ...                                                                                                                                            * 2
.text  C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe[3436] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69   0000000075321465 2 bytes [32, 75]
.text  C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe[3436] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155  00000000753214bb 2 bytes [32, 75]
.text  ...                                                                                                                                            * 2
 
---- EOF - GMER 2.1 ----
 

Compartilhar este post


Link para o post
Compartilhar em outros sites
Caro manipoa

 

Recomendo que salve este tópico em seus Favoritos para facilitar na hora de encontrá-lo.

 

Por favor, atente para o seguinte:
  • Caso fique sem resposta durante 3 dias, me envie uma Mensagem Privada (MP);

O que será passado aqui, somente será com relação ao problema do seu computador portanto, não faça mais em nenhum outro;

Siga, por favor, atentamente as instruções passadas e em caso de dúvidas não hesite em perguntá-las;

Sempre coloque suas respostas neste tópico... Não abra outro!

Procure sempre me manter informado, durante a remoção, sobre o que acontece com seu computador.

Respeite a ordem das instruções passadas.

Observação: Não tome outra medida além das passadas aqui; atente para que, caso peça ajuda em outro fórum, não deixe de nos informar, sob risco de desconfigurar seu computador!

# Etapa nº 1 #


 

Tem mais algum computador conectado na mesma rede? Caso sim, desconecte-o e não mais conecte-o até terminarmos aqui ;)

 

Faça o donwload do W32.Downadup Removal Tool e salve no Desktop. Execute a ferramenta como Administrador, e poste o resultado.

 

Abraços :D

Compartilhar este post


Link para o post
Compartilhar em outros sites

Diego, boa tarde!

 

Não tem outro computador ligado na rede... Mas não consegui colar o log aqui.. Dá a mensagem de erro que o texto é muito longo..

Compartilhar este post


Link para o post
Compartilhar em outros sites
Ola meu caro,

 

Me desculpe pelo sumiço mas não teve jeito, fiquei doente (dengue) e tive que repousar esses dias. :roll:

 

Preciso saber se ainda precisa de ajuda.

 

Abraços :D

Compartilhar este post


Link para o post
Compartilhar em outros sites





Sobre o Clube do Hardware

No ar desde 1996, o Clube do Hardware é uma das maiores, mais antigas e mais respeitadas publicações sobre tecnologia do Brasil. Leia mais

Direitos autorais

Não permitimos a cópia ou reprodução do conteúdo do nosso site, fórum, newsletters e redes sociais, mesmo citando-se a fonte. Leia mais

×