gsena2005

Members

View Profile See their activity

Posts
1
Joined
August 29, 2013
Last visited
September 4, 2013

Content Type

All Activity

Events

Profiles

Forums

Topics
Posts

Everything posted by gsena2005

uvfllvmiuo.vbs infection

gsena2005 posted a topic in Resolved Malware Removal Logs

I have the same problem, with the same file(uvfllvmiuo..vbs), it appeared recently. And i'm from Brazil, too... Follows the log file from ComboFix: ++++++++++++++++++++++ BEGINNING ++++++++++++++++++++++ ComboFix 13-08-29.01 - Scanner 29/08/2013 9:23.1.2 - x64Microsoft Windows 7 Professional 6.1.7601.1.1252.55.1046.18.3583.2738 [GMT -3:00]Executando de: c:\users\Scanner\Downloads\ComboFix.exeSP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} * Criado um novo ponto de restauração..(((((((((((((((( Arquivos/Ficheiros criados de 2013-07-28 to 2013-08-29 ))))))))))))))))))))))))))))..2013-08-29 12:26 . 2013-08-29 12:26 -------- d-----w- c:\users\Default\AppData\Local\temp2013-08-27 11:21 . 2013-08-06 08:58 9515512 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{1F2B720D-3417-4121-991C-010073FF6294}\mpengine.dll2013-08-27 10:50 . 2013-08-06 23:56 73378 --sha-w- c:\users\Scanner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\uvfllvmiuo..vbs2013-08-14 10:32 . 2013-07-09 05:52 224256 ----a-w- c:\windows\system32\wintrust.dll2013-08-14 10:32 . 2013-07-09 05:46 184320 ----a-w- c:\windows\system32\cryptsvc.dll2013-08-14 10:32 . 2013-07-09 05:46 1472512 ----a-w- c:\windows\system32\crypt32.dll2013-08-14 10:32 . 2013-07-09 05:46 139776 ----a-w- c:\windows\system32\cryptnet.dll2013-08-14 10:32 . 2013-07-09 04:52 175104 ----a-w- c:\windows\SysWow64\wintrust.dll2013-08-14 10:32 . 2013-07-09 04:46 140288 ----a-w- c:\windows\SysWow64\cryptsvc.dll2013-08-14 10:32 . 2013-07-09 04:46 1166848 ----a-w- c:\windows\SysWow64\crypt32.dll2013-08-14 10:32 . 2013-07-09 04:46 103936 ----a-w- c:\windows\SysWow64\cryptnet.dll2013-08-14 10:27 . 2013-07-19 01:58 2048 ----a-w- c:\windows\system32\tzres.dll2013-08-14 10:27 . 2013-07-19 01:41 2048 ----a-w- c:\windows\SysWow64\tzres.dll2013-08-14 10:27 . 2013-07-25 09:25 1888768 ----a-w- c:\windows\system32\WMVDECOD.DLL2013-08-14 10:27 . 2013-07-25 08:57 1620992 ----a-w- c:\windows\SysWow64\WMVDECOD.DLL2013-08-14 10:27 . 2013-07-09 05:51 1217024 ----a-w- c:\windows\system32\rpcrt4.dll2013-08-14 10:27 . 2013-07-09 04:52 663552 ----a-w- c:\windows\SysWow64\rpcrt4.dll2013-08-14 10:25 . 2013-06-15 04:32 39936 ----a-w- c:\windows\system32\drivers\tssecsrv.sys2013-08-14 10:25 . 2013-07-06 06:03 1910208 ----a-w- c:\windows\system32\drivers\tcpip.sys2013-08-13 17:00 . 2013-08-13 17:00 -------- d-----w- c:\programdata\AskPartnerNetwork2013-08-13 17:00 . 2013-08-13 17:00 -------- d-----w- c:\program files (x86)\AskPartnerNetwork2013-08-13 16:59 . 2013-08-13 16:59 -------- d-----w- c:\programdata\APN2013-08-13 16:57 . 2013-08-13 16:57 -------- d-----w- c:\program files (x86)\Common Files\Java2013-08-13 16:57 . 2013-08-13 16:57 867240 ----a-w- c:\windows\SysWow64\npDeployJava1.dll2013-08-13 16:57 . 2013-08-13 16:57 789416 ----a-w- c:\windows\SysWow64\deployJava1.dll2013-08-13 16:57 . 2013-08-13 16:57 96168 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll2013-08-13 16:57 . 2013-08-13 16:57 -------- d-----w- c:\program files (x86)\Java2013-08-05 18:04 . 2013-08-05 18:04 -------- d-----w- c:\program files\WinRAR...((((((((((((((((((((((((((((((((((((( Relatório Find3M )))))))))))))))))))))))))))))))))))))))))))))))))))).2013-07-17 06:04 . 2013-07-17 06:04 97280 ----a-w- c:\windows\system32\mshtmled.dll2013-07-17 06:04 . 2013-07-17 06:04 92160 ----a-w- c:\windows\system32\SetIEInstalledDate.exe2013-07-17 06:04 . 2013-07-17 06:04 905728 ----a-w- c:\windows\system32\mshtmlmedia.dll2013-07-17 06:04 . 2013-07-17 06:04 81408 ----a-w- c:\windows\system32\icardie.dll2013-07-17 06:04 . 2013-07-17 06:04 77312 ----a-w- c:\windows\system32\tdc.ocx2013-07-17 06:04 . 2013-07-17 06:04 762368 ----a-w- c:\windows\system32\ieapfltr.dll2013-07-17 06:04 . 2013-07-17 06:04 73728 ----a-w- c:\windows\SysWow64\SetIEInstalledDate.exe2013-07-17 06:04 . 2013-07-17 06:04 719360 ----a-w- c:\windows\SysWow64\mshtmlmedia.dll2013-07-17 06:04 . 2013-07-17 06:04 62976 ----a-w- c:\windows\system32\pngfilt.dll2013-07-17 06:04 . 2013-07-17 06:04 61952 ----a-w- c:\windows\SysWow64\tdc.ocx2013-07-17 06:04 . 2013-07-17 06:04 599552 ----a-w- c:\windows\system32\vbscript.dll2013-07-17 06:04 . 2013-07-17 06:04 523264 ----a-w- c:\windows\SysWow64\vbscript.dll2013-07-17 06:04 . 2013-07-17 06:04 52224 ----a-w- c:\windows\system32\msfeedsbs.dll2013-07-17 06:04 . 2013-07-17 06:04 51200 ----a-w- c:\windows\system32\imgutil.dll2013-07-17 06:04 . 2013-07-17 06:04 48640 ----a-w- c:\windows\SysWow64\mshtmler.dll2013-07-17 06:04 . 2013-07-17 06:04 48640 ----a-w- c:\windows\system32\mshtmler.dll2013-07-17 06:04 . 2013-07-17 06:04 452096 ----a-w- c:\windows\system32\dxtmsft.dll2013-07-17 06:04 . 2013-07-17 06:04 441856 ----a-w- c:\windows\system32\html.iec2013-07-17 06:04 . 2013-07-17 06:04 38400 ----a-w- c:\windows\SysWow64\imgutil.dll2013-07-17 06:04 . 2013-07-17 06:04 361984 ----a-w- c:\windows\SysWow64\html.iec2013-07-17 06:04 . 2013-07-17 06:04 281600 ----a-w- c:\windows\system32\dxtrans.dll2013-07-17 06:04 . 2013-07-17 06:04 27648 ----a-w- c:\windows\system32\licmgr10.dll2013-07-17 06:04 . 2013-07-17 06:04 270848 ----a-w- c:\windows\system32\iedkcs32.dll2013-07-17 06:04 . 2013-07-17 06:04 247296 ----a-w- c:\windows\system32\webcheck.dll2013-07-17 06:04 . 2013-07-17 06:04 235008 ----a-w- c:\windows\system32\url.dll2013-07-17 06:04 . 2013-07-17 06:04 23040 ----a-w- c:\windows\SysWow64\licmgr10.dll2013-07-17 06:04 . 2013-07-17 06:04 226304 ----a-w- c:\windows\system32\elshyph.dll2013-07-17 06:04 . 2013-07-17 06:04 216064 ----a-w- c:\windows\system32\msls31.dll2013-07-17 06:04 . 2013-07-17 06:04 197120 ----a-w- c:\windows\system32\msrating.dll2013-07-17 06:04 . 2013-07-17 06:04 185344 ----a-w- c:\windows\SysWow64\elshyph.dll2013-07-17 06:04 . 2013-07-17 06:04 173568 ----a-w- c:\windows\system32\ieUnatt.exe2013-07-17 06:04 . 2013-07-17 06:04 167424 ----a-w- c:\windows\system32\iexpress.exe2013-07-17 06:04 . 2013-07-17 06:04 158720 ----a-w- c:\windows\SysWow64\msls31.dll2013-07-17 06:04 . 2013-07-17 06:04 1509376 ----a-w- c:\windows\system32\inetcpl.cpl2013-07-17 06:04 . 2013-07-17 06:04 150528 ----a-w- c:\windows\SysWow64\iexpress.exe2013-07-17 06:04 . 2013-07-17 06:04 149504 ----a-w- c:\windows\system32\occache.dll2013-07-17 06:04 . 2013-07-17 06:04 144896 ----a-w- c:\windows\system32\wextract.exe2013-07-17 06:04 . 2013-07-17 06:04 1441280 ----a-w- c:\windows\SysWow64\inetcpl.cpl2013-07-17 06:04 . 2013-07-17 06:04 1400416 ----a-w- c:\windows\system32\ieapfltr.dat2013-07-17 06:04 . 2013-07-17 06:04 138752 ----a-w- c:\windows\SysWow64\wextract.exe2013-07-17 06:04 . 2013-07-17 06:04 13824 ----a-w- c:\windows\system32\mshta.exe2013-07-17 06:04 . 2013-07-17 06:04 137216 ----a-w- c:\windows\SysWow64\ieUnatt.exe2013-07-17 06:04 . 2013-07-17 06:04 136192 ----a-w- c:\windows\system32\iepeers.dll2013-07-17 06:04 . 2013-07-17 06:04 135680 ----a-w- c:\windows\system32\IEAdvpack.dll2013-07-17 06:04 . 2013-07-17 06:04 12800 ----a-w- c:\windows\SysWow64\mshta.exe2013-07-17 06:04 . 2013-07-17 06:04 12800 ----a-w- c:\windows\system32\msfeedssync.exe2013-07-17 06:04 . 2013-07-17 06:04 110592 ----a-w- c:\windows\SysWow64\IEAdvpack.dll2013-07-17 06:04 . 2013-07-17 06:04 1054720 ----a-w- c:\windows\system32\MsSpellCheckingFacility.exe2013-07-17 06:04 . 2013-07-17 06:04 102912 ----a-w- c:\windows\system32\inseng.dll2013-07-17 06:03 . 2013-07-17 06:03 9728 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll2013-07-17 06:03 . 2013-07-17 06:03 9728 ---ha-w- c:\windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll2013-07-17 06:03 . 2013-07-17 06:03 648192 ----a-w- c:\windows\system32\d3d10level9.dll2013-07-17 06:03 . 2013-07-17 06:03 604160 ----a-w- c:\windows\SysWow64\d3d10level9.dll2013-07-17 06:03 . 2013-07-17 06:03 5632 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-shlwapi-l2-1-0.dll2013-07-17 06:03 . 2013-07-17 06:03 5632 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-ole32-l1-1-0.dll2013-07-17 06:03 . 2013-07-17 06:03 5632 ---ha-w- c:\windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll2013-07-17 06:03 . 2013-07-17 06:03 5632 ---ha-w- c:\windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll2013-07-17 06:03 . 2013-07-17 06:03 522752 ----a-w- c:\windows\system32\XpsGdiConverter.dll2013-07-17 06:03 . 2013-07-17 06:03 465920 ----a-w- c:\windows\system32\WMPhoto.dll2013-07-17 06:03 . 2013-07-17 06:03 417792 ----a-w- c:\windows\SysWow64\WMPhoto.dll2013-07-17 06:03 . 2013-07-17 06:03 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-user32-l1-1-0.dll2013-07-17 06:03 . 2013-07-17 06:03 4096 ---ha-w- c:\windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll2013-07-17 06:03 . 2013-07-17 06:03 3928064 ----a-w- c:\windows\system32\d2d1.dll2013-07-17 06:03 . 2013-07-17 06:03 364544 ----a-w- c:\windows\SysWow64\XpsGdiConverter.dll2013-07-17 06:03 . 2013-07-17 06:03 363008 ----a-w- c:\windows\system32\dxgi.dll2013-07-17 06:03 . 2013-07-17 06:03 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-advapi32-l2-1-0.dll2013-07-17 06:03 . 2013-07-17 06:03 3584 ---ha-w- c:\windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll2013-07-17 06:03 . 2013-07-17 06:03 3419136 ----a-w- c:\windows\SysWow64\d2d1.dll2013-07-17 06:03 . 2013-07-17 06:03 333312 ----a-w- c:\windows\system32\d3d10_1core.dll2013-07-17 06:03 . 2013-07-17 06:03 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-version-l1-1-0.dll2013-07-17 06:03 . 2013-07-17 06:03 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-shell32-l1-1-0.dll2013-07-17 06:03 . 2013-07-17 06:03 3072 ---ha-w- c:\windows\system32\api-ms-win-downlevel-version-l1-1-0.dll2013-07-17 06:03 . 2013-07-17 06:03 3072 ---ha-w- c:\windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll2013-07-17 06:03 . 2013-07-17 06:03 296960 ----a-w- c:\windows\system32\d3d10core.dll2013-07-17 06:03 . 2013-07-17 06:03 293376 ----a-w- c:\windows\SysWow64\dxgi.dll2013-07-17 06:03 . 2013-07-17 06:03 2776576 ----a-w- c:\windows\system32\msmpeg2vdec.dll2013-07-17 06:03 . 2013-07-17 06:03 2565120 ----a-w- c:\windows\system32\d3d10warp.dll2013-07-17 06:03 . 2013-07-17 06:03 2560 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-normaliz-l1-1-0.dll2013-07-17 06:03 . 2013-07-17 06:03 2560 ---ha-w- c:\windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll2013-07-17 06:03 . 2013-07-17 06:03 249856 ----a-w- c:\windows\SysWow64\d3d10_1core.dll2013-07-17 06:03 . 2013-07-17 06:03 245248 ----a-w- c:\windows\system32\WindowsCodecsExt.dll2013-07-17 06:03 . 2013-07-17 06:03 2284544 ----a-w- c:\windows\SysWow64\msmpeg2vdec.dll2013-07-17 06:03 . 2013-07-17 06:03 221184 ----a-w- c:\windows\system32\UIAnimation.dll2013-07-17 06:03 . 2013-07-17 06:03 220160 ----a-w- c:\windows\SysWow64\d3d10core.dll2013-07-17 06:03 . 2013-07-17 06:03 207872 ----a-w- c:\windows\SysWow64\WindowsCodecsExt.dll2013-07-17 06:03 . 2013-07-17 06:03 1988096 ----a-w- c:\windows\SysWow64\d3d10warp.dll2013-07-17 06:03 . 2013-07-17 06:03 194560 ----a-w- c:\windows\system32\d3d10_1.dll2013-07-17 06:03 . 2013-07-17 06:03 1887232 ----a-w- c:\windows\system32\d3d11.dll2013-07-17 06:03 . 2013-07-17 06:03 187392 ----a-w- c:\windows\SysWow64\UIAnimation.dll2013-07-17 06:03 . 2013-07-17 06:03 1682432 ----a-w- c:\windows\system32\XpsPrint.dll2013-07-17 06:03 . 2013-07-17 06:03 161792 ----a-w- c:\windows\SysWow64\d3d10_1.dll2013-07-17 06:03 . 2013-07-17 06:03 1504768 ----a-w- c:\windows\SysWow64\d3d11.dll2013-07-17 06:03 . 2013-07-17 06:03 1424384 ----a-w- c:\windows\system32\WindowsCodecs.dll2013-07-17 06:03 . 2013-07-17 06:03 1238528 ----a-w- c:\windows\system32\d3d10.dll2013-07-17 06:03 . 2013-07-17 06:03 1230336 ----a-w- c:\windows\SysWow64\WindowsCodecs.dll2013-07-17 06:03 . 2013-07-17 06:03 1175552 ----a-w- c:\windows\system32\FntCache.dll2013-07-17 06:03 . 2013-07-17 06:03 1158144 ----a-w- c:\windows\SysWow64\XpsPrint.dll2013-07-17 06:03 . 2013-07-17 06:03 1080832 ----a-w- c:\windows\SysWow64\d3d10.dll2013-07-17 06:03 . 2013-07-17 06:03 10752 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-advapi32-l1-1-0.dll2013-07-17 06:03 . 2013-07-17 06:03 10752 ---ha-w- c:\windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll..(((((((((((((((((((((((((( Pontos de Carregamento do Registro )))))))))))))))))))))))))))))))))))))))..*Nota* entradas vazias e legítimas por padrão não são apresentadas. REGEDIT4.[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]"{D8278076-BC68-4484-9233-6E7F1628B56C}"= "c:\program files (x86)\AskPartnerNetwork\Toolbar\searchhook.dll" [2013-08-05 129488].[HKEY_CLASSES_ROOT\clsid\{d8278076-bc68-4484-9233-6e7f1628b56c}][HKEY_CLASSES_ROOT\TypeLib\{7C4EE486-5EA5-4683-8C23-BF520933BB5E}].[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{4F524A2D-5637-006A-76A7-7A786E7484D7}]2013-08-05 23:29 12240 ----a-w- c:\program files (x86)\AskPartnerNetwork\Toolbar\ORJ-V7\Passport.dll.[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]"{4F524A2D-5637-006A-76A7-7A786E7484D7}"= "c:\program files (x86)\AskPartnerNetwork\Toolbar\ORJ-V7\Passport.dll" [2013-08-05 12240].[HKEY_CLASSES_ROOT\clsid\{4f524a2d-5637-006a-76a7-7a786e7484d7}].[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]"uvfllvmiuo"="wscript.exe" [2009-07-14 141824].[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]"PDF Complete"="c:\program files (x86)\PDF Complete\pdfsty.exe" [2011-05-05 658424]"EEventManager"="c:\progra~2\EPSONS~1\EVENTM~1\EEventManager.exe" [2009-04-07 673616]"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-04-04 958576]"GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040]"Samsung PanelMgr"="c:\windows\Samsung\PanelMgr\SSMMgr.exe" [2010-11-12 626688]"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-03-12 253816]"ApnTBMon"="c:\program files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe" [2013-08-05 1601488].c:\users\Scanner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\uvfllvmiuo..vbs [2013-8-6 73378].[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]"ConsentPromptBehaviorAdmin"= 0 (0x0)"ConsentPromptBehaviorUser"= 3 (0x3)"EnableLUA"= 0 (0x0)"EnableUIADesktopToggle"= 0 (0x0)"PromptOnSecureDesktop"= 0 (0x0).R2 BBSvc;BingBar Service;c:\program files (x86)\Microsoft\BingBar\7.1.391.0\BBSvc.exe;c:\program files (x86)\Microsoft\BingBar\7.1.391.0\BBSvc.exe [x]R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]R2 SSPORT;SSPORT;c:\windows\system32\Drivers\SSPORT.sys;c:\windows\SYSNATIVE\Drivers\SSPORT.sys [x]R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys;c:\windows\SYSNATIVE\drivers\dmvsc.sys [x]R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]R3 WatAdminSvc;Serviço de Tecnologias de Ativação do Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]S0 amd_sata;amd_sata;c:\windows\system32\drivers\amd_sata.sys;c:\windows\SYSNATIVE\drivers\amd_sata.sys [x]S0 amd_xata;amd_xata;c:\windows\system32\drivers\amd_xata.sys;c:\windows\SYSNATIVE\drivers\amd_xata.sys [x]S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]S2 APNMCP;Serviço de atualização Ask;c:\program files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe;c:\program files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe [x]S2 BrcmMgmtAgent;Broadcom Management Agent;c:\program files\Broadcom\MgmtAgent\BrcmMgmtAgent.exe;c:\program files\Broadcom\MgmtAgent\BrcmMgmtAgent.exe [x]S2 HPDrvMntSvc.exe;HP Quick Synchronization Service;c:\program files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe;c:\program files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [x]S2 pdfcDispatcher;PDF Document Manager;c:\program files (x86)\PDF Complete\pdfsvc.exe;c:\program files (x86)\PDF Complete\pdfsvc.exe [x]S3 BBUpdate;BBUpdate;c:\program files (x86)\Microsoft\BingBar\7.1.391.0\SeaPort.exe;c:\program files (x86)\Microsoft\BingBar\7.1.391.0\SeaPort.exe [x]S3 netr28x;Driver Ralink 802.11n Wireless para Windows Vista;c:\windows\system32\DRIVERS\netr28x.sys;c:\windows\SYSNATIVE\DRIVERS\netr28x.sys [x]..Conteúdo da pasta 'Tarefas Agendadas'.2013-08-28 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3478885939-36106900-2760483083-1000Core.job- c:\users\Scanner\AppData\Local\Google\Update\GoogleUpdate.exe [2013-04-24 12:03].2013-08-29 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3478885939-36106900-2760483083-1000UA.job- c:\users\Scanner\AppData\Local\Google\Update\GoogleUpdate.exe [2013-04-24 12:03]..--------- X64 Entries -----------..[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2009-07-03 7938080]"uvfllvmiuo"="wscript.exe" [2009-07-14 168960].------- Scan Suplementar -------.uLocal Page = c:\windows\system32\blank.htmmLocal Page = c:\windows\SysWOW64\blank.htmIE: E&xportar para o Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000TCP: DhcpNameServer = 10.110.0.254.- - - - ORFÃOS REMOVIDOS - - - -.c:\users\Scanner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Epson scanner Registration.lnk - e:\common\EpsonReg\GTS50\Ereg.exe /remind /language=PTB /PRNM="00864"HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - startAddRemove-{B1A4A13D-4665-4ED3-9DFE-F845725FBBD8} - c:\program files (x86)\InstallShield Installation Information\{B1A4A13D-4665-4ED3-9DFE-F845725FBBD8}\setup.exe...[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\pdfcDispatcher]"ImagePath"="c:\program files (x86)\PDF Complete\pdfsvc.exe /startedbyscm:66B66708-40E2BE4D-pdfcService".--------------------- CHAVES DO REGISTRO BLOQUEADAS ---------------------.[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]@Denied: (Full) (Everyone).Tempo para conclusão: 2013-08-29 09:28:36ComboFix-quarantined-files.txt 2013-08-29 12:28.Pré-execução: 443.929.788.416 bytes disponíveisPós execução: 443.887.566.848 bytes disponíveis.- - End Of File - - AB65F14400F7FCAC6BCF3A5A2407C001A36C5E4F47E84449FF07ED3517B43A31 ++++++++++++++++++++++ END ++++++++++++++++++++++ I hope u can help me, cause i'm getting crazy with this damn script. Thanks!
- August 29, 2013
- 2 replies

Sign In

gsena2005

Posts

Joined

Last visited

Content Type

Events

Profiles

Forums

Everything posted by gsena2005

uvfllvmiuo.vbs infection

Browse

Activity

Personal

Business

Business Modules

Partners

Learn

Start here

Type of malware/attacks

How does it get on my computer?

Scams and grifts

Support

Important Information