Ir para conteúdo

Foto

Virus não-detectado


Este tópico foi arquivado. Isto significa que você não pode mais responder ao tópico.
23 respostas neste tópico

#1
Luanne

Luanne

    Novato

  • Novato
  • Pip
  • 12 posts
Olá! Boa Tarde .. eu baixei um jogo .. e assim q instalei percebi que algo estava estranho ..
 
apareceu varios icones de instalação automatica no canto direito da tela .. e quando passava o mouse todos sumiam, outra que quando baixo um programa e vou executa-lo pra iniciar a instalação a telinha nem aparece .. e quanto aparece só da uma piscada .. e por fim tentei abrir o registo .. e a telinha aparece mas some em seguinda .. cerca de 1 segundo.
 
Já passei o Dr. Web e encontrou 4 ameaças .. limpou .. depois passei de novo e não tinha mais nada .. 
 
Passei o kaspersky virus removal tool e não encontrou nenhum virus ..
 
Mas tudo que estava acontecendo antes .. continua acontecendo .. não sei mais o que fazer ..
 
Meu notebook não tem nem 1 semana de uso .. não quero ter q leva-lo na autorizada ..
 
Grata!


#2
CarlosTurco

CarlosTurco

    Assistente

  • Assistente
  • 24.760 posts

Luanne,

 

Por favor, observe o seguinte:

  • NÃO tente realizar sozinho nenhum procedimento de limpeza. Em especial, não execute por conta própria ferramentas utilizadas no fórum Remoção de Malware. O uso indevido de algumas ferramentas poderá danificar o seu computador ou, no mínimo, remover parcialmente os sinais de uma infecção que serviriam de informação ao analista. A equipe não será responsabilizada por consequências resultantes de uso indevido e/ou não-informado das ferramentas. - Regra nº8 da Remoção de Malwares
  • Não inicie novo tópico sobre esse problema. Poste suas respostas sempre neste tópico.
  • Clique em button_seguir.png (se localiza no canto superior direito do post principal) para que receba notificação por e-mail quando o mesmo for respondido. Você também pode verificar os tópicos assinados usando a opção Conteúdo que sigo acessível através do Painel de Controle do fórum.
  • As análises podem levar algum tempo, portanto seja paciente.
  • As instruções são específicas para o seu computador, e devem ser aplicadas somente nele.
  • Se algo der errado, não importa. Sempre acompanhe seu tópico, informando-me dos resultados, até que seu computador esteja limpo.
  • Aviso: Evite utilizar as tags <QUOTE> ou <CODE> nos logs, isso prejudica a leitura na hora da analise.
  • Não abandone seu tópico. Para nós é importante saber se a remoção foi bem sucedida.
  • Se você não receber uma resposta minha em até 5 dias. Me envie uma MP

Peço que leia as instruções para usar a área Remoção de Vírus:
http://www.linhadefe...mocao-de-virus/

Ao invés de criar um novo tópico, peço que você continue com este e faça uma resposta colocando o log do HijackThis, MbrScan e FSS de acordo com as instruções presentes na página que lhe passei acima.

 

Obs. Caso não consiga executar as ferramentas tente em modo de segurança. http://www.linhadefe...ou-modo-seguro/

Qualquer dúvida é só perguntar.



#3
Luanne

Luanne

    Novato

  • Novato
  • Pip
  • 12 posts

Boa Noite!

 

Tentei executar como administrador o HijackThis, apareceu um telinha e sumiu .. eu dei um print mas nao consigo por a imagem aqui ..

 

 

MbrScan 

 

MBRScan v1.1.1
 
OS             : Windows 7 Service Pack 1 (64 bit)
PROCESSOR      : Intel64 Family 6 Model 58 Stepping 9, GenuineIntel
BOOT           : Normal Boot
DATE           : 2013/07/21 (ISO 8601) at 17:58:36
________________________________________________________________________________
 
DISK           : Device\Harddisk0\DR0 __ST1000LM 024 HN-M101M (2AR1)
BUS_TYPE       : (0x03)  P-ATA
USE_PIO        : NO
MAX_TRANSFER   : 128 Kb
ALIGNMENT_MASK : word aligned
________________________________________________________________________________
 
Device\Harddisk0\DR0 931.5 Go  [Fixed] ==> Unknown MBR Code ==> PARTITION TABLE FAKED !!
 
MBR_MD5   : 25F91298A3FE1C2608A4F21DC2578FE0
MBR_SHA1  : C0A46D61B48BDDE70E02970848D6522BEF34A489
 
________________________________________________________________________________
 
############################### Additional scan ################################
 
DRIVER  : C:\Windows\system32\hal.dll => Invisible on the disk
ADDRESS : 0x03807000
SIZE    : 292.0 Ko
 
DRIVER  : C:\Windows\system32\kdcom.dll => Invisible on the disk
ADDRESS : 0x0402C000
SIZE    : 40.0 Ko
 
DRIVER  : C:\Windows\system32\mcupdate_GenuineIntel.dll => Invisible on the disk
ADDRESS : 0x00C27000
SIZE    : 316.0 Ko
 
DRIVER  : C:\Windows\system32\CLFS.SYS => Invisible on the disk
ADDRESS : 0x00C8A000
SIZE    : 376.0 Ko
 
DRIVER  : C:\Windows\system32\CI.dll => Invisible on the disk
ADDRESS : 0x00CE8000
SIZE    : 768.0 Ko
 
DRIVER  : C:\Windows\system32\drivers\Wdf01000.sys => Invisible on the disk
ADDRESS : 0x00E23000
SIZE    : 776.0 Ko
 
DRIVER  : C:\Windows\system32\drivers\WDFLDR.SYS => Invisible on the disk
ADDRESS : 0x00EE5000
SIZE    : 64.0 Ko
 
DRIVER  : C:\Windows\system32\drivers\ACPI.sys => Invisible on the disk
ADDRESS : 0x00EF5000
SIZE    : 348.0 Ko
 
DRIVER  : C:\Windows\system32\drivers\WMILIB.SYS => Invisible on the disk
ADDRESS : 0x00F4C000
SIZE    : 36.0 Ko
 
DRIVER  : C:\Windows\system32\drivers\msisadrv.sys => Invisible on the disk
ADDRESS : 0x00F55000
SIZE    : 40.0 Ko
 
DRIVER  : C:\Windows\system32\drivers\pci.sys => Invisible on the disk
ADDRESS : 0x00F5F000
SIZE    : 204.0 Ko
 
DRIVER  : C:\Windows\system32\drivers\vdrvroot.sys => Invisible on the disk
ADDRESS : 0x00F92000
SIZE    : 52.0 Ko
 
DRIVER  : C:\Windows\system32\DRIVERS\iusb3hcs.sys => Invisible on the disk
ADDRESS : 0x00F9F000
SIZE    : 36.0 Ko
 
DRIVER  : C:\Windows\System32\drivers\partmgr.sys => Invisible on the disk
ADDRESS : 0x00FA8000
SIZE    : 84.0 Ko
 
DRIVER  : C:\Windows\system32\drivers\compbatt.sys => Invisible on the disk
ADDRESS : 0x00FBD000
SIZE    : 36.0 Ko
 
DRIVER  : C:\Windows\system32\drivers\BATTC.SYS => Invisible on the disk
ADDRESS : 0x00FC6000
SIZE    : 48.0 Ko
 
DRIVER  : C:\Windows\system32\drivers\volmgr.sys => Invisible on the disk
ADDRESS : 0x00FD2000
SIZE    : 84.0 Ko
 
DRIVER  : C:\Windows\System32\drivers\volmgrx.sys => Invisible on the disk
ADDRESS : 0x0109B000
SIZE    : 368.0 Ko
 
DRIVER  : C:\Windows\system32\drivers\pciide.sys => Invisible on the disk
ADDRESS : 0x010F7000
SIZE    : 28.0 Ko
 
DRIVER  : C:\Windows\system32\drivers\PCIIDEX.SYS => Invisible on the disk
ADDRESS : 0x010FE000
SIZE    : 64.0 Ko
 
DRIVER  : C:\Windows\System32\drivers\mountmgr.sys => Invisible on the disk
ADDRESS : 0x0110E000
SIZE    : 104.0 Ko
 
DRIVER  : C:\Windows\system32\DRIVERS\iaStor.sys => Invisible on the disk
ADDRESS : 0x0120D000
SIZE    : 3.64 Mo
 
DRIVER  : C:\Windows\system32\drivers\atapi.sys => Invisible on the disk
ADDRESS : 0x015B1000
SIZE    : 36.0 Ko
 
DRIVER  : C:\Windows\system32\drivers\ataport.SYS => Invisible on the disk
ADDRESS : 0x015BA000
SIZE    : 168.0 Ko
 
DRIVER  : C:\Windows\system32\drivers\msahci.sys => Invisible on the disk
ADDRESS : 0x015E4000
SIZE    : 44.0 Ko
 
DRIVER  : C:\Windows\system32\drivers\amdxata.sys => Invisible on the disk
ADDRESS : 0x015EF000
SIZE    : 44.0 Ko
 
DRIVER  : C:\Windows\system32\drivers\fltmgr.sys => Invisible on the disk
ADDRESS : 0x01128000
SIZE    : 304.0 Ko
 
DRIVER  : C:\Windows\system32\drivers\fileinfo.sys => Invisible on the disk
ADDRESS : 0x01174000
SIZE    : 80.0 Ko
 
DRIVER  : C:\Windows\System32\Drivers\Ntfs.sys => Invisible on the disk
ADDRESS : 0x01642000
SIZE    : 1.63 Mo
 
DRIVER  : C:\Windows\System32\Drivers\msrpc.sys => Invisible on the disk
ADDRESS : 0x01188000
SIZE    : 376.0 Ko
 
DRIVER  : C:\Windows\System32\Drivers\ksecdd.sys => Invisible on the disk
ADDRESS : 0x017E4000
SIZE    : 108.0 Ko
 
DRIVER  : C:\Windows\System32\Drivers\cng.sys => Invisible on the disk
ADDRESS : 0x01000000
SIZE    : 456.0 Ko
 
DRIVER  : C:\Windows\System32\drivers\pcw.sys => Invisible on the disk
ADDRESS : 0x01600000
SIZE    : 68.0 Ko
 
DRIVER  : C:\Windows\System32\Drivers\Fs_Rec.sys => Invisible on the disk
ADDRESS : 0x01611000
SIZE    : 40.0 Ko
 
DRIVER  : C:\Windows\system32\drivers\ndis.sys => Invisible on the disk
ADDRESS : 0x018F9000
SIZE    : 968.0 Ko
 
DRIVER  : C:\Windows\system32\drivers\NETIO.SYS => Invisible on the disk
ADDRESS : 0x01800000
SIZE    : 384.0 Ko
 
DRIVER  : C:\Windows\System32\Drivers\ksecpkg.sys => Invisible on the disk
ADDRESS : 0x01860000
SIZE    : 168.0 Ko
 
DRIVER  : C:\Windows\System32\drivers\tcpip.sys => Invisible on the disk
ADDRESS : 0x01A00000
SIZE    : 2.00 Mo
 
DRIVER  : C:\Windows\System32\drivers\fwpkclnt.sys => Invisible on the disk
ADDRESS : 0x0188A000
SIZE    : 292.0 Ko
 
DRIVER  : C:\Windows\system32\drivers\volsnap.sys => Invisible on the disk
ADDRESS : 0x00DA8000
SIZE    : 304.0 Ko
 
DRIVER  : C:\Windows\System32\Drivers\spldr.sys => Invisible on the disk
ADDRESS : 0x018D3000
SIZE    : 32.0 Ko
 
DRIVER  : C:\Windows\System32\drivers\rdyboost.sys => Invisible on the disk
ADDRESS : 0x01CDE000
SIZE    : 232.0 Ko
 
DRIVER  : C:\Windows\System32\Drivers\mup.sys => Invisible on the disk
ADDRESS : 0x01D18000
SIZE    : 72.0 Ko
 
DRIVER  : C:\Windows\System32\drivers\hwpolicy.sys => Invisible on the disk
ADDRESS : 0x01D2A000
SIZE    : 36.0 Ko
 
DRIVER  : C:\Windows\System32\DRIVERS\fvevol.sys => Invisible on the disk
ADDRESS : 0x01D33000
SIZE    : 232.0 Ko
 
DRIVER  : C:\Windows\system32\drivers\disk.sys => Invisible on the disk
ADDRESS : 0x01D6D000
SIZE    : 88.0 Ko
 
DRIVER  : C:\Windows\system32\drivers\CLASSPNP.SYS => Invisible on the disk
ADDRESS : 0x01D83000
SIZE    : 192.0 Ko
 
DRIVER  : C:\Windows\system32\DRIVERS\30338392.sys => Invisible on the disk
ADDRESS : 0x01DB3000
SIZE    : 56.0 Ko
 
DRIVER  : C:\Windows\system32\DRIVERS\dtsoftbus01.sys => Invisible on the disk
ADDRESS : 0x01C00000
SIZE    : 292.0 Ko
 
DRIVER  : C:\Windows\system32\DRIVERS\cdrom.sys => Invisible on the disk
ADDRESS : 0x04200000
SIZE    : 168.0 Ko
 
DRIVER  : C:\Windows\system32\DRIVERS\3033839.sys => Invisible on the disk
ADDRESS : 0x01C49000
SIZE    : 368.0 Ko
 
DRIVER  : C:\Windows\System32\Drivers\Null.SYS => Invisible on the disk
ADDRESS : 0x0422A000
SIZE    : 36.0 Ko
 
DRIVER  : C:\Windows\System32\Drivers\Beep.SYS => Invisible on the disk
ADDRESS : 0x045F0000
SIZE    : 28.0 Ko
 
DRIVER  : C:\Windows\System32\drivers\vga.sys => Invisible on the disk
ADDRESS : 0x01CA5000
SIZE    : 56.0 Ko
 
DRIVER  : C:\Windows\System32\drivers\VIDEOPRT.SYS => Invisible on the disk
ADDRESS : 0x01CB3000
SIZE    : 148.0 Ko
 
DRIVER  : C:\Windows\System32\drivers\watchdog.sys => Invisible on the disk
ADDRESS : 0x01DCF000
SIZE    : 64.0 Ko
 
DRIVER  : C:\Windows\System32\DRIVERS\RDPCDD.sys => Invisible on the disk
ADDRESS : 0x045F7000
SIZE    : 36.0 Ko
 
DRIVER  : C:\Windows\system32\drivers\rdpencdd.sys => Invisible on the disk
ADDRESS : 0x01DDF000
SIZE    : 36.0 Ko
 
DRIVER  : C:\Windows\system32\drivers\rdprefmp.sys => Invisible on the disk
ADDRESS : 0x01DE8000
SIZE    : 36.0 Ko
 
DRIVER  : C:\Windows\System32\Drivers\Msfs.SYS => Invisible on the disk
ADDRESS : 0x01DF1000
SIZE    : 44.0 Ko
 
DRIVER  : C:\Windows\System32\Drivers\Npfs.SYS => Invisible on the disk
ADDRESS : 0x018DB000
SIZE    : 68.0 Ko
 
DRIVER  : C:\Windows\system32\DRIVERS\tdx.sys => Invisible on the disk
ADDRESS : 0x0161B000
SIZE    : 136.0 Ko
 
DRIVER  : C:\Windows\system32\DRIVERS\TDI.SYS => Invisible on the disk
ADDRESS : 0x018EC000
SIZE    : 52.0 Ko
 
DRIVER  : C:\Windows\system32\drivers\afd.sys => Invisible on the disk
ADDRESS : 0x030EB000
SIZE    : 548.0 Ko
 
DRIVER  : C:\Windows\System32\DRIVERS\netbt.sys => Invisible on the disk
ADDRESS : 0x03174000
SIZE    : 276.0 Ko
 
DRIVER  : C:\Windows\system32\DRIVERS\wfplwf.sys => Invisible on the disk
ADDRESS : 0x031B9000
SIZE    : 36.0 Ko
 
DRIVER  : C:\Windows\system32\DRIVERS\pacer.sys => Invisible on the disk
ADDRESS : 0x031C2000
SIZE    : 152.0 Ko
 
DRIVER  : C:\Windows\system32\DRIVERS\vwififlt.sys => Invisible on the disk
ADDRESS : 0x031E8000
SIZE    : 88.0 Ko
 
DRIVER  : C:\Windows\system32\DRIVERS\netbios.sys => Invisible on the disk
ADDRESS : 0x03000000
SIZE    : 60.0 Ko
 
DRIVER  : C:\Windows\system32\DRIVERS\tmcomm.sys => Invisible on the disk
ADDRESS : 0x0300F000
SIZE    : 184.0 Ko
 
DRIVER  : C:\Windows\system32\DRIVERS\tmevtmgr.sys => Invisible on the disk
ADDRESS : 0x0303D000
SIZE    : 92.0 Ko
 
DRIVER  : C:\Windows\system32\DRIVERS\tmactmon.sys => Invisible on the disk
ADDRESS : 0x03054000
SIZE    : 136.0 Ko
 
DRIVER  : C:\Windows\system32\DRIVERS\wanarp.sys => Invisible on the disk
ADDRESS : 0x03076000
SIZE    : 108.0 Ko
 
DRIVER  : C:\Windows\system32\DRIVERS\tmtdi.sys => Invisible on the disk
ADDRESS : 0x03091000
SIZE    : 112.0 Ko
 
DRIVER  : C:\Windows\system32\DRIVERS\termdd.sys => Invisible on the disk
ADDRESS : 0x030AD000
SIZE    : 80.0 Ko
 
DRIVER  : C:\Windows\system32\DRIVERS\rdbss.sys => Invisible on the disk
ADDRESS : 0x076E3000
SIZE    : 324.0 Ko
 
DRIVER  : C:\Windows\system32\drivers\nsiproxy.sys => Invisible on the disk
ADDRESS : 0x07734000
SIZE    : 48.0 Ko
 
DRIVER  : C:\Windows\system32\DRIVERS\mssmbios.sys => Invisible on the disk
ADDRESS : 0x07740000
SIZE    : 44.0 Ko
 
DRIVER  : C:\Windows\System32\drivers\discache.sys => Invisible on the disk
ADDRESS : 0x0774B000
SIZE    : 60.0 Ko
 
DRIVER  : C:\Windows\System32\Drivers\dfsc.sys => Invisible on the disk
ADDRESS : 0x0775A000
SIZE    : 120.0 Ko
 
DRIVER  : C:\Windows\system32\DRIVERS\blbdrive.sys => Invisible on the disk
ADDRESS : 0x07778000
SIZE    : 68.0 Ko
 
DRIVER  : C:\Windows\system32\DRIVERS\30338391.sys => Invisible on the disk
ADDRESS : 0x07843000
SIZE    : 5.16 Mo
 
DRIVER  : C:\Windows\system32\DRIVERS\tunnel.sys => Invisible on the disk
ADDRESS : 0x07D6C000
SIZE    : 152.0 Ko
 
DRIVER  : C:\Windows\system32\DRIVERS\igdkmd64.sys => Invisible on the disk
ADDRESS : 0x0F4FE000
SIZE    : 14.06 Mo
 
DRIVER  : C:\Windows\System32\drivers\dxgkrnl.sys => Invisible on the disk
ADDRESS : 0x0F400000
SIZE    : 976.0 Ko
 
DRIVER  : C:\Windows\System32\drivers\dxgmms1.sys => Invisible on the disk
ADDRESS : 0x1030E000
SIZE    : 280.0 Ko
 
DRIVER  : C:\Windows\system32\DRIVERS\iusb3xhc.sys => Invisible on the disk
ADDRESS : 0x07600000
SIZE    : 784.0 Ko
 
DRIVER  : C:\Windows\system32\DRIVERS\USBD.SYS => Invisible on the disk
ADDRESS : 0x10357000
SIZE    : 8.0 Ko
 
DRIVER  : C:\Windows\system32\DRIVERS\HECIx64.sys => Invisible on the disk
ADDRESS : 0x10359000
SIZE    : 68.0 Ko
 
DRIVER  : C:\Windows\system32\DRIVERS\usbehci.sys => Invisible on the disk
ADDRESS : 0x1036A000
SIZE    : 68.0 Ko
 
DRIVER  : C:\Windows\system32\DRIVERS\USBPORT.SYS => Invisible on the disk
ADDRESS : 0x1037B000
SIZE    : 344.0 Ko
 
DRIVER  : C:\Windows\system32\DRIVERS\HDAudBus.sys => Invisible on the disk
ADDRESS : 0x103D1000
SIZE    : 144.0 Ko
 
DRIVER  : C:\Windows\system32\DRIVERS\Rt64win7.sys => Invisible on the disk
ADDRESS : 0x07E53000
SIZE    : 640.0 Ko
 
DRIVER  : C:\Windows\system32\DRIVERS\athrx.sys => Invisible on the disk
ADDRESS : 0x0845D000
SIZE    : 2.70 Mo
 
DRIVER  : C:\Windows\system32\DRIVERS\vwifibus.sys => Invisible on the disk
ADDRESS : 0x0870F000
SIZE    : 52.0 Ko
 
DRIVER  : C:\Windows\system32\DRIVERS\i8042prt.sys => Invisible on the disk
ADDRESS : 0x0871C000
SIZE    : 120.0 Ko
 
DRIVER  : C:\Windows\system32\DRIVERS\ETD.sys => Invisible on the disk
ADDRESS : 0x0873A000
SIZE    : 204.0 Ko
 
DRIVER  : C:\Windows\system32\DRIVERS\mouclass.sys => Invisible on the disk
ADDRESS : 0x0876D000
SIZE    : 60.0 Ko
 
DRIVER  : C:\Windows\system32\DRIVERS\kbfiltr.sys => Invisible on the disk
ADDRESS : 0x0877C000
SIZE    : 32.0 Ko
 
DRIVER  : C:\Windows\system32\DRIVERS\kbdclass.sys => Invisible on the disk
ADDRESS : 0x08784000
SIZE    : 60.0 Ko
 
DRIVER  : C:\Windows\system32\DRIVERS\CmBatt.sys => Invisible on the disk
ADDRESS : 0x08793000
SIZE    : 20.0 Ko
 
DRIVER  : C:\Windows\system32\DRIVERS\intelppm.sys => Invisible on the disk
ADDRESS : 0x08798000
SIZE    : 88.0 Ko
 
DRIVER  : C:\Windows\system32\DRIVERS\wmiacpi.sys => Invisible on the disk
ADDRESS : 0x087AE000
SIZE    : 36.0 Ko
 
DRIVER  : C:\Windows\system32\DRIVERS\CompositeBus.sys => Invisible on the disk
ADDRESS : 0x087B7000
SIZE    : 64.0 Ko
 
DRIVER  : C:\Windows\system32\DRIVERS\AgileVpn.sys => Invisible on the disk
ADDRESS : 0x087C7000
SIZE    : 88.0 Ko
 
DRIVER  : C:\Windows\system32\DRIVERS\rasl2tp.sys => Invisible on the disk
ADDRESS : 0x08400000
SIZE    : 144.0 Ko
 
DRIVER  : C:\Windows\system32\DRIVERS\ndistapi.sys => Invisible on the disk
ADDRESS : 0x08424000
SIZE    : 48.0 Ko
 
DRIVER  : C:\Windows\system32\DRIVERS\ndiswan.sys => Invisible on the disk
ADDRESS : 0x07EF3000
SIZE    : 188.0 Ko
 
DRIVER  : C:\Windows\system32\DRIVERS\raspppoe.sys => Invisible on the disk
ADDRESS : 0x08430000
SIZE    : 108.0 Ko
 
DRIVER  : C:\Windows\system32\DRIVERS\raspptp.sys => Invisible on the disk
ADDRESS : 0x087DD000
SIZE    : 132.0 Ko
 
DRIVER  : C:\Windows\system32\DRIVERS\rassstp.sys => Invisible on the disk
ADDRESS : 0x07F22000
SIZE    : 104.0 Ko
 
DRIVER  : C:\Windows\system32\DRIVERS\swenum.sys => Invisible on the disk
ADDRESS : 0x087FE000
SIZE    : 8.0 Ko
 
DRIVER  : C:\Windows\system32\DRIVERS\ks.sys => Invisible on the disk
ADDRESS : 0x07F3C000
SIZE    : 268.0 Ko
 
DRIVER  : C:\Windows\system32\DRIVERS\AsusVBus.sys => Invisible on the disk
ADDRESS : 0x0844B000
SIZE    : 48.0 Ko
 
DRIVER  : C:\Windows\system32\DRIVERS\umbus.sys => Invisible on the disk
ADDRESS : 0x07F7F000
SIZE    : 72.0 Ko
 
DRIVER  : C:\Windows\system32\DRIVERS\usbhub.sys => Invisible on the disk
ADDRESS : 0x07F91000
SIZE    : 360.0 Ko
 
DRIVER  : C:\Windows\System32\Drivers\fastfat.SYS => Invisible on the disk
ADDRESS : 0x07E00000
SIZE    : 216.0 Ko
 
DRIVER  : C:\Windows\System32\Drivers\NDProxy.SYS => Invisible on the disk
ADDRESS : 0x07E36000
SIZE    : 84.0 Ko
 
DRIVER  : C:\Windows\system32\DRIVERS\AsusVTouch.sys => Invisible on the disk
ADDRESS : 0x07FEB000
SIZE    : 40.0 Ko
 
DRIVER  : C:\Windows\System32\drivers\mshidkmdf.sys => Invisible on the disk
ADDRESS : 0x07FF5000
SIZE    : 32.0 Ko
 
DRIVER  : C:\Windows\System32\drivers\HIDCLASS.SYS => Invisible on the disk
ADDRESS : 0x07D92000
SIZE    : 100.0 Ko
 
DRIVER  : C:\Windows\System32\drivers\HIDPARSE.SYS => Invisible on the disk
ADDRESS : 0x103F5000
SIZE    : 36.0 Ko
 
DRIVER  : C:\Windows\system32\DRIVERS\iusb3hub.sys => Invisible on the disk
ADDRESS : 0x07792000
SIZE    : 372.0 Ko
 
DRIVER  : C:\Windows\system32\drivers\RTKVHD64.sys => Invisible on the disk
ADDRESS : 0x0880A000
SIZE    : 4.50 Mo
 
DRIVER  : C:\Windows\system32\drivers\portcls.sys => Invisible on the disk
ADDRESS : 0x08C8B000
SIZE    : 244.0 Ko
 
DRIVER  : C:\Windows\system32\drivers\drmk.sys => Invisible on the disk
ADDRESS : 0x08CC8000
SIZE    : 136.0 Ko
 
DRIVER  : C:\Windows\system32\drivers\ksthunk.sys => Invisible on the disk
ADDRESS : 0x08CEA000
SIZE    : 24.0 Ko
 
DRIVER  : C:\Windows\system32\DRIVERS\IntcDAud.sys => Invisible on the disk
ADDRESS : 0x08CF0000
SIZE    : 344.0 Ko
 
DRIVER  : C:\Windows\System32\Drivers\crashdmp.sys => Invisible on the disk
ADDRESS : 0x08D46000
SIZE    : 56.0 Ko
 
DRIVER  : C:\Windows\System32\Drivers\dump_iaStor.sys => Invisible on the disk
ADDRESS : 0x04233000
SIZE    : 3.64 Mo
 
DRIVER  : C:\Windows\System32\Drivers\dump_dumpfve.sys => Invisible on the disk
ADDRESS : 0x08D54000
SIZE    : 76.0 Ko
 
DRIVER  : C:\Windows\system32\DRIVERS\usbccgp.sys => Invisible on the disk
ADDRESS : 0x08D67000
SIZE    : 116.0 Ko
 
DRIVER  : C:\Windows\System32\Drivers\usbvideo.sys => Invisible on the disk
ADDRESS : 0x08D84000
SIZE    : 184.0 Ko
 
DRIVER  : C:\Windows\system32\DRIVERS\hidusb.sys => Invisible on the disk
ADDRESS : 0x08DB2000
SIZE    : 56.0 Ko
 
DRIVER  : C:\Windows\System32\win32k.sys => Invisible on the disk
ADDRESS : 0x00090000
SIZE    : 3.09 Mo
 
DRIVER  : C:\Windows\System32\drivers\Dxapi.sys => Invisible on the disk
ADDRESS : 0x08DC0000
SIZE    : 48.0 Ko
 
DRIVER  : C:\Windows\system32\DRIVERS\mouhid.sys => Invisible on the disk
ADDRESS : 0x08DCC000
SIZE    : 52.0 Ko
 
DRIVER  : C:\Windows\system32\DRIVERS\monitor.sys => Invisible on the disk
ADDRESS : 0x08DD9000
SIZE    : 56.0 Ko
 
DRIVER  : C:\Windows\System32\TSDDD.dll => Invisible on the disk
ADDRESS : 0x00560000
SIZE    : 40.0 Ko
 
DRIVER  : C:\Windows\System32\cdd.dll => Invisible on the disk
ADDRESS : 0x00640000
SIZE    : 156.0 Ko
 
DRIVER  : C:\Windows\system32\drivers\luafv.sys => Invisible on the disk
ADDRESS : 0x07800000
SIZE    : 140.0 Ko
 
DRIVER  : C:\Windows\system32\DRIVERS\Sftvollh.sys => Invisible on the disk
ADDRESS : 0x08DE7000
SIZE    : 44.0 Ko
 
DRIVER  : C:\Windows\system32\drivers\WudfPf.sys => Invisible on the disk
ADDRESS : 0x07823000
SIZE    : 100.0 Ko
 
DRIVER  : C:\Windows\system32\drivers\uxpatch.sys => Invisible on the disk
ADDRESS : 0x08DF2000
SIZE    : 40.0 Ko
 
DRIVER  : C:\Windows\system32\DRIVERS\lltdio.sys => Invisible on the disk
ADDRESS : 0x07DAB000
SIZE    : 84.0 Ko
 
DRIVER  : C:\Windows\system32\DRIVERS\nwifi.sys => Invisible on the disk
ADDRESS : 0x02C53000
SIZE    : 332.0 Ko
 
DRIVER  : C:\Windows\system32\DRIVERS\ndisuio.sys => Invisible on the disk
ADDRESS : 0x02CA6000
SIZE    : 76.0 Ko
 
DRIVER  : C:\Windows\system32\DRIVERS\rspndr.sys => Invisible on the disk
ADDRESS : 0x02CB9000
SIZE    : 96.0 Ko
 
DRIVER  : C:\Windows\system32\drivers\HTTP.sys => Invisible on the disk
ADDRESS : 0x02CD9000
SIZE    : 804.0 Ko
 
DRIVER  : C:\Windows\system32\DRIVERS\bowser.sys => Invisible on the disk
ADDRESS : 0x02DA2000
SIZE    : 120.0 Ko
 
DRIVER  : C:\Windows\System32\drivers\mpsdrv.sys => Invisible on the disk
ADDRESS : 0x02DC0000
SIZE    : 96.0 Ko
 
DRIVER  : C:\Windows\system32\DRIVERS\mrxsmb.sys => Invisible on the disk
ADDRESS : 0x02C00000
SIZE    : 180.0 Ko
 
DRIVER  : C:\Windows\system32\DRIVERS\mrxsmb10.sys => Invisible on the disk
ADDRESS : 0x03ECB000
SIZE    : 312.0 Ko
 
DRIVER  : C:\Windows\system32\DRIVERS\mrxsmb20.sys => Invisible on the disk
ADDRESS : 0x03F19000
SIZE    : 144.0 Ko
 
DRIVER  : C:\Windows\system32\drivers\peauth.sys => Invisible on the disk
ADDRESS : 0x03F3D000
SIZE    : 664.0 Ko
 
DRIVER  : C:\Windows\System32\Drivers\secdrv.SYS => Invisible on the disk
ADDRESS : 0x03FE3000
SIZE    : 44.0 Ko
 
DRIVER  : C:\Windows\system32\DRIVERS\Sftfslh.sys => Invisible on the disk
ADDRESS : 0x03E00000
SIZE    : 772.0 Ko
 
DRIVER  : C:\Windows\system32\DRIVERS\Sftplaylh.sys => Invisible on the disk
ADDRESS : 0x08018000
SIZE    : 308.0 Ko
 
DRIVER  : C:\Windows\System32\DRIVERS\srvnet.sys => Invisible on the disk
ADDRESS : 0x08065000
SIZE    : 196.0 Ko
 
DRIVER  : C:\Windows\System32\drivers\tcpipreg.sys => Invisible on the disk
ADDRESS : 0x08096000
SIZE    : 72.0 Ko
 
DRIVER  : C:\Windows\System32\DRIVERS\srv2.sys => Invisible on the disk
ADDRESS : 0x080A8000
SIZE    : 420.0 Ko
 
DRIVER  : C:\Windows\System32\DRIVERS\srv.sys => Invisible on the disk
ADDRESS : 0x08111000
SIZE    : 608.0 Ko
 
DRIVER  : C:\Windows\system32\DRIVERS\Sftredirlh.sys => Invisible on the disk
ADDRESS : 0x081A9000
SIZE    : 44.0 Ko
 
DRIVER  : C:\Windows\system32\drivers\spsys.sys => Invisible on the disk
ADDRESS : 0x0B892000
SIZE    : 452.0 Ko
 
DRIVER  : C:\Windows\System32\smss.exe => Invisible on the disk
ADDRESS : 0x47C60000
SIZE    : 128.0 Ko
 
BCD EmsSettings {0CE4991B-E6B3-4B16-B23C-5E0D9250E5D9} => BcdLibraryBoolean_EmsEnabled (16000020)
 
SystemStartOptions :  NOEXECUTE=OPTIN
 
________________________________________________________________________________
 
_____FAKED   \Device\Harddisk0\DR0  
 
0x00000000   45 46 49 20 50 41 52 54 00 00 01 00 5C 00 00 00   EFI PART....\...
0x00000010   2A ED 03 81 00 00 00 00 01 00 00 00 00 00 00 00   *í..............
0x00000020   AF 6D 70 74 00 00 00 00 22 00 00 00 00 00 00 00   ¯mpt....".......
0x00000030   8E 6D 70 74 00 00 00 00 2A F7 B8 A6 D9 6B EE 4B   .mpt....*÷¸¦ÙkîK
0x00000040   8E 49 C6 92 01 E5 6F 50 02 00 00 00 00 00 00 00   .IÆ..åoP........
0x00000050   80 00 00 00 80 00 00 00 FE C9 B3 5E 00 00 00 00   ........þɳ^....
0x00000060   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x00000070   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x00000080   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x00000090   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x000000A0   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x000000B0   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x000000C0   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x000000D0   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x000000E0   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x000000F0   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x00000100   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x00000110   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x00000120   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x00000130   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x00000140   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x00000150   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x00000160   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x00000170   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x00000180   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x00000190   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x000001A0   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x000001B0   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x000001C0   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x000001D0   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x000001E0   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x000001F0   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
 
__ORIGINAL   \Device\Harddisk0\DR0  
 
0x00000000   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x00000010   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x00000020   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x00000030   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x00000040   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x00000050   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x00000060   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x00000070   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x00000080   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x00000090   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x000000A0   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x000000B0   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x000000C0   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x000000D0   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x000000E0   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x000000F0   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x00000100   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x00000110   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x00000120   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x00000130   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x00000140   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x00000150   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x00000160   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x00000170   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x00000180   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x00000190   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x000001A0   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x000001B0   00 00 00 00 00 00 00 00 E5 64 2A 51 00 00 00 00   ........åd*Q....
0x000001C0   02 00 EE FF FF FF 01 00 00 00 AF 6D 70 74 00 00   ..î.......¯mpt..
0x000001D0   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x000001E0   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x000001F0   00 00 00 00 00 00 00 00 00 00 00 00 00 00 55 AA   ..............Uª


#4
CarlosTurco

CarlosTurco

    Assistente

  • Assistente
  • 24.760 posts

 

Tentei executar como administrador o HijackThis, apareceu um telinha e sumiu .. eu dei um print mas nao consigo por a imagem aqui ..

 

Tentou no modo de segurança?

 

Faltou o log do FSS.



#5
Luanne

Luanne

    Novato

  • Novato
  • Pip
  • 12 posts

FSS 

 

Não consegui executa-lo. APARECE UMA IMAGEM MAS SOME EM SEGUIDA

 

Tentei pelo modo de segurança apertando f8 .. mas não tem essa opção

 

Tentei pela configuração .. mas o virus me impedi de abrir a pasta ..

 

TUDO EM EXECUTEI COMO ADMINISTRADOR .


Meu windows é 7 Home Basic.


Olhei aqui agora .. e está aparecendo varios icones do FSS no canto direito .. e quando passo o mouse eles somem. 



#6
CarlosTurco

CarlosTurco

    Assistente

  • Assistente
  • 24.760 posts

Ok,

 

Execute os procedimentos abaixo:

 

1)

  • Configure seu windows para mostrar todos os Arquivos Ocultos <-link
  • Por favor, clique neste link -> Virustotal
  • Quando a página VirusTotal terminar de carregar, clique no botão 2e19e8h.png
    Na janela para escolher o arquivo, vá ate a sua Area de Trabalho/Desktop e procure pelo arquivo abaixo:
    Dump_Hdd0_DR0.mbr
    Atente para o nome correto do arquivo
  • Após ter carregado o arquivo na caixa de dialogo, clique em 25a43h1.png
  • Note, se o VirusTotal informar que esses arquivos já foram analisados, certifique-se de clicar em z4xn4.png
  • Após o término da análise, copie o link/URL e/ou o Endereço da barra de endereços do Navegador, e cole no Próximo Post.

2)
 

Baixe o RogueKiller e salve no desktop. e salve no desktop.
http://tigzy.geeksto...roguekiller.php

Execute o arquivo RogueKiller.exe.

*** Usuários do Windows Vista ou Windows 7 clique com o direito sobre o arquivo RogueKiller.exe, depois clique em execadmin.png.

Clique no botão Verificar e aguarde o exame finalizar.

Clique no botão Report. Abrirá um bloco de notas com informações.

Este log é salvo no desktop com o nome de RKreport[1].txt.

Selecione, copie e cole o conteúdo deste log na sua próxima resposta.

OBS: não use o botão Deletar pois precisamos avaliar os ítens antes de fazer isso.



#7
Luanne

Luanne

    Novato

  • Novato
  • Pip
  • 12 posts

Meu win é o 7 Home Basic .. nesse primeiro link não tem explicando como fazer no 7 ..


Descarta a ultima coisa que eu disse .. estou fazendo o passo a passo .. não vou poder continuar na internet agora .. vou ter que sair .. mas depois eu voltarei .. e você me responde quando puder .. ok?

 

Muito obrigada pela ajuda .. 

 

Mais Tarde eu volto .. e posto as informações


https://www.virustot...sis/1374441689/

 

RogueKiller 

 

RogueKiller V8.6.3 _x64_ [Jul 17 2013] Por Tigzy

mail : tigzyRK<at>gmail<dot>com
 
Sistema Operacional : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Iniciado em : Modo Normal
Usuario : Luanne [Privilegios de Admnistrador]
Modo : Verificar -- Data : 07/21/2013 18:27:56
| ARK || FAK || MBR |
 
¤¤¤ Entradas ruins : 1 ¤¤¤
[SUSP PATH] UnsignedThemesSvc.exe -- C:\Windows\UnsignedThemesSvc.exe [7] -> FINALIZADO [TermProc]
 
¤¤¤ Entradas do Registro : 14 ¤¤¤
[RUN][SUSP PATH] HKCU\[...]\Run : 1fa0 (C:\Users\Luanne\AppData\Roaming\09b\1fa0.js [-]) -> ENCONTRADO
[RUN][SUSP PATH] HKUS\S-1-5-21-1690779348-2841058940-259882146-1000\[...]\Run : 1fa0 (C:\Users\Luanne\AppData\Roaming\09b\1fa0.js [-]) -> ENCONTRADO
[SERVICE][ROGUE ST] HKLM\[...]\CCSet\[...]\Services : 30338391 (C:\Windows\system32\DRIVERS\30338391.sys [7]) -> ENCONTRADO
[SERVICE][ROGUE ST] HKLM\[...]\CCSet\[...]\Services : 30338392 (C:\Windows\system32\DRIVERS\30338392.sys [7]) -> ENCONTRADO
[SERVICE][ROGUE ST] HKLM\[...]\CCSet\[...]\Services : Fox.cmddrv (C:\Windows\system32\DRIVERS\3033839.sys [7]) -> ENCONTRADO
[SERVICE][ROGUE ST] HKLM\[...]\CS001\[...]\Services : 30338391 (C:\Windows\system32\DRIVERS\30338391.sys [7]) -> ENCONTRADO
[SERVICE][ROGUE ST] HKLM\[...]\CS001\[...]\Services : 30338392 (C:\Windows\system32\DRIVERS\30338392.sys [7]) -> ENCONTRADO
[SERVICE][ROGUE ST] HKLM\[...]\CS001\[...]\Services : Fox.cmddrv (C:\Windows\system32\DRIVERS\3033839.sys [7]) -> ENCONTRADO
[SERVICE][ROGUE ST] HKLM\[...]\CS002\[...]\Services : 30338391 (C:\Windows\system32\DRIVERS\30338391.sys [7]) -> ENCONTRADO
[SERVICE][ROGUE ST] HKLM\[...]\CS002\[...]\Services : 30338392 (C:\Windows\system32\DRIVERS\30338392.sys [7]) -> ENCONTRADO
[SERVICE][ROGUE ST] HKLM\[...]\CS002\[...]\Services : Fox.cmddrv (C:\Windows\system32\DRIVERS\3033839.sys [7]) -> ENCONTRADO
[PROXY IE] HKCU\[...]\Internet Settings : ProxyEnable (0) -> ENCONTRADO
[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> ENCONTRADO
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> ENCONTRADO
 
¤¤¤ As tarefas agendadas : 0 ¤¤¤
 
¤¤¤ entradas de inicialização : 1 ¤¤¤
[Luanne][SUSP PATH] Fox.cmd.lnk : C:\Users\Luanne\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Fox.cmd.lnk @C:\Users\Luanne\Desktop\Virus Removal Tool\Fox.cmd\startup.exe "C:\Users\Luanne\Desktop\Virus Removal Tool\Fox.cmd\Fox.cmd.exe" -gui -bl [-][7][7] -> ENCONTRADO
 
¤¤¤ Os navegadores da Web : 0 ¤¤¤
 
¤¤¤ Arquivos / Pastas Pessoais: ¤¤¤
 
¤¤¤ Driver : [Não Carregado 0x0] ¤¤¤
 
¤¤¤ Hives externas: ¤¤¤
 
¤¤¤ Infecção :  ¤¤¤
 
¤¤¤ Arquivo de Hosts: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts
 
 
 
 
¤¤¤ Verificaçao do MBR: ¤¤¤
 
+++++ PhysicalDrive0: ST1000LM024 HN-M101MBB +++++
--- User ---
[MBR] 24741791312a57b2f80826cac6612f63
[BSP] edd41a3cf4563724fcb7d11b9dee7533 : Empty MBR Code
Partition table:
0 - [XXXXXX] UNKNOWN (0x00) [VISIBLE] Offset (sectors): 1 | Size: 953869 Mo
User = LL1 ... OK!
User = LL2 ... OK!
 
Concluido : << RKreport[0]_S_07212013_182756.txt >>


#8
CarlosTurco

CarlosTurco

    Assistente

  • Assistente
  • 24.760 posts

Baixe o Farbar Recovery Scan  e salve na sua área de trabalho.
 
Dê um duplo-clique para executar a ferramenta. Aceite o contrato e depois clique no botão Scan.
 
Aguarde e ao final, os logs FRST.txt e Addition.txt serão salvos no seu desktop.
 
Selecione, copie e cole o conteúdo do FRST.txt em sua próxima resposta e anexe o Addition.txt.



#9
Luanne

Luanne

    Novato

  • Novato
  • Pip
  • 12 posts

FRST

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 21-07-2013
Ran by Luanne (administrator) on 21-07-2013 18:51:07
Running from C:\Users\Luanne\Desktop
Windows 7 Home Basic Service Pack 1 (X64) OS Language: Portuguese Brazilian
Internet Explorer Version 10
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(ASUSTeK Computer Inc.) C:\Windows\system32\FBAgent.exe
(Microsoft Corporation) C:\Windows\system32\WLANExt.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
(Microsoft Corporation) C:\Windows\SYSTEM32\WISPTIS.EXE
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(Trend Micro Inc.) C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe
(Trend Micro Inc.) C:\Program Files\Trend Micro\UniClient\UiFrmWrk\uiWatchDog.exe
(Trend Micro Inc.) C:\Program Files\Trend Micro\AMSP\coreFrameworkHost.exe
(ASUS) C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnSrv.exe
(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
() C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
(http://winaero.com/) C:\Program Files (x86)\winaero.com\Personalization Panel DWM Controller\persdwmsrv.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(ASUS) C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnWMI.exe
(Microsoft Corporation) C:\Windows\SYSTEM32\WISPTIS.EXE
(ASUS) C:\Program Files\ASUS\P4G\BatteryLife.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Virtual Touch\QuickGesture\x64\QuickGesture64.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Virtual Touch\QuickGesture\x86\QuickGesture.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\FaceLogon\sensorsrv.exe
(ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
(ASUSTeK) C:\Windows\SysWOW64\ACEngSvr.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe
(ASUS) C:\Windows\AsScrPro.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Trend Micro Inc.) C:\Program Files\Trend Micro\UniClient\UiFrmWrk\uiSeAgnt.exe
(Microsoft Corporation) C:\Windows\System32\WScript.exe
(Stardock Corporation) C:\Program Files (x86)\Stardock\CursorFX\CursorFX.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDGesture.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\SeaPort.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\virtualization handler\cvh.exe
() C:\Program Files (x86)\Common Files\microsoft shared\virtualization handler\OfficeVirt.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
==================== Registry (Whitelisted) ==================
 
HKLM\...\Run: [Trend Micro Titanium] - C:\Program Files\Trend Micro\Titanium\UIFramework\uiWinMgr.exe [1304296 2012-12-18] (Trend Micro Inc.)
HKLM\...\Run: [ETDCtrl] - C:\Program Files\Elantech\ETDCtrl.exe [2661672 2012-02-19] (ELAN Microelectronics Corp.)
HKLM\...\Run: [Trend Micro Client Framework] - C:\Program Files\Trend Micro\UniClient\UiFrmWrk\UIWatchDog.exe [213824 2012-02-27] (Trend Micro Inc.)
HKCU\...\Run: [1fa0] - C:\Users\Luanne\AppData\Roaming\09b\1fa0.js [46925 2013-07-21] ()
HKCU\...\Run: [CursorFX] - C:\Program Files (x86)\Stardock\CursorFX\CursorFX.exe [432784 2012-05-09] (Stardock Corporation)
HKCU\...\Run: [DAEMON Tools Lite] - C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3672640 2013-03-14] (Disc Soft Ltd)
MountPoints2: {4c6be91a-f0a3-11e2-975b-dc0ea1c5db44} - F:\LaunchU3.exe -a
HKLM-x32\...\Run: [Adobe ARM] - "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [ASUSPRP] - "C:\Program Files (x86)\ASUS\APRP\APRP.EXE" [3331312 2012-03-09] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [ASUSWebStorage] - C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.108.222\AsusWSPanel.exe /S [737104 2011-07-29] (ecareme)
HKLM-x32\...\Run: [USB3MON] - "C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" [291608 2012-02-27] (Intel Corporation)
HKLM-x32\...\Run: [ATKOSD2] - C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [322176 2012-02-16] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [ATKMEDIA] - C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe [174720 2011-10-24] (ASUS)
HKLM-x32\...\Run: [HControlUser] - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe [105016 2009-06-19] (ASUS)
HKLM-x32\...\Run: [Wireless Console 3] - C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe [2321072 2012-02-02] (ASUSTeK Computer Inc.)
HKLM-x32\...\Run: [RemoteControl10] - "C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe" [87336 2011-03-30] (CyberLink Corp.)
HKLM-x32\...\Run: [HP Software Update] - C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [49208 2011-10-28] (Hewlett-Packard)
HKLM-x32\...\Run: [] -  [x]
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AsusVibeLauncher.lnk
ShortcutTarget: AsusVibeLauncher.lnk -> C:\Program Files (x86)\ASUS\AsusVibe\AsusVibeLauncher.exe (ASUSTeK Computer Inc.)
Startup: C:\Users\Luanne\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\42e2.js ()
Startup: C:\Users\Luanne\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Fox.cmd.lnk
ShortcutTarget: Fox.cmd.lnk -> C:\Users\Luanne\Desktop\Virus Removal Tool\Fox.cmd\startup.exe ()
 
==================== Internet (Whitelisted) ====================
 
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://brasil-pesquisa.pw/r.asp#
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus.msn.com
SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&form=ASUTDF&pc=NP06&src=IE-SearchBox
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&form=ASUTDF&pc=NP06&src=IE-SearchBox
SearchScopes: HKLM-x32 - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&form=ASUTDF&pc=NP06&src=IE-SearchBox
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&form=ASUTDF&pc=NP06&src=IE-SearchBox
SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: TmIEPlugInBHO Class - {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - C:\Program Files\Trend Micro\AMSP\Module\20004\2.0.1361\6.8.1078\TmIEPlg.dll (Trend Micro Inc.)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: TmBpIeBHO Class - {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\Program Files\Trend Micro\AMSP\Module\20002\7.1.1104\7.1.1104\TmBpIe64.dll (Trend Micro Inc.)
BHO-x32: TmIEPlugInBHO Class - {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - C:\Program Files\Trend Micro\AMSP\Module\20004\2.0.1361\6.8.1078\TmIEPlg32.dll (Trend Micro Inc.)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: TmBpIeBHO Class - {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\Program Files\Trend Micro\AMSP\Module\20002\7.1.1104\7.1.1104\TmBpIe32.dll (Trend Micro Inc.)
BHO-x32: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BingExt.dll (Microsoft Corporation.)
BHO-x32: LyricXeeker - {DF89BC70-AC87-4A31-ACD5-7417E2CF1209} - C:\Program Files (x86)\LyriXeeker\116.dll No File
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BingExt.dll (Microsoft Corporation.)
Handler: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\Module\20002\7.1.1104\7.1.1104\TmBpIe64.dll (Trend Micro Inc.)
Handler: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend Micro\AMSP\Module\20004\2.0.1361\6.8.1078\TmIEPlg.dll (Trend Micro Inc.)
Handler-x32: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\Module\20002\7.1.1104\7.1.1104\TmBpIe32.dll (Trend Micro Inc.)
Handler-x32: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend Micro\AMSP\Module\20004\2.0.1361\6.8.1078\TmIEPlg32.dll (Trend Micro Inc.)
Tcpip\Parameters: [DhcpNameServer] 201.17.0.117 201.17.0.77 201.6.4.116
 
Chrome: 
=======
CHR HomePage: hxxp://www.google.com.br/
CHR RestoreOnStartup: "hxxp://www.google.com.br/"
CHR DefaultSearchURL: (Google) - {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
CHR DefaultSuggestURL: (Google) - {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}sugkey={google:suggestAPIKeyParameter}
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.72\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.72\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.72\pdf.dll ()
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll No File
CHR Plugin: (Intel\u00AE Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
CHR Plugin: (Intel\u00AE Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
CHR Plugin: (Silverlight Plug-In) - C:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrl.dll No File
CHR Plugin: (Windows Live\u0099 Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (Shockwave Flash) - C:\Windows\system32\Macromed\Flash\NPSWF32.dll No File
CHR Extension: (Dicion\u00E1rio PT) - C:\Users\Luanne\AppData\Local\Google\Chrome\User Data\Default\Extensions\akfjgdngccocmlibmfifdcogbelkgpel\2.5.1_0
CHR Extension: (Google Docs) - C:\Users\Luanne\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0
CHR Extension: (Google Drive) - C:\Users\Luanne\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0
CHR Extension: (YouTube) - C:\Users\Luanne\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
CHR Extension: (Google Search) - C:\Users\Luanne\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (Desprotetor de Links) - C:\Users\Luanne\AppData\Local\Google\Chrome\User Data\Default\Extensions\imcbnnnoghiihopefblgehihofbfbmei\1.2.17_0
CHR Extension: (BARON UEDA (FR/LAMEMONGER?)) - C:\Users\Luanne\AppData\Local\Google\Chrome\User Data\Default\Extensions\jepnnclcabggchgbkogkjilobomklihn\3_0
CHR Extension: (Evernote Web) - C:\Users\Luanne\AppData\Local\Google\Chrome\User Data\Default\Extensions\lbfehkoinhhcknnbdgnnmjhiladcgbol\1.0.7_0
CHR Extension: (Google Quick Scroll) - C:\Users\Luanne\AppData\Local\Google\Chrome\User Data\Default\Extensions\okanipcmceoeemlbjnmnbdibhgpbllgc\2.1.2_0
CHR Extension: (REC - Rastreamento de Encomendas dos Correios) - C:\Users\Luanne\AppData\Local\Google\Chrome\User Data\Default\Extensions\omhclojepaohhgmelpgpnbekblifihoh\0.3_0
CHR Extension: (Gmail) - C:\Users\Luanne\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0
 
==================== Services (Whitelisted) =================
 
R2 ASUS InstantOn; C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnSrv.exe [277120 2012-04-13] (ASUS)
R2 Intel® ME Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe [128280 2012-02-21] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [161560 2012-02-21] (Intel Corporation)
R2 persdwmsrv; C:\Program Files (x86)\winaero.com\Personalization Panel DWM Controller\persdwmsrv.exe [8192 2012-04-07] (http://winaero.com/)
S2 UnsignedThemes; C:\Windows\UnsignedThemesSvc.exe [24168 2009-07-13] (The Within Network, LLC)
R2 Amsp; "C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe" coreFrameworkHost.exe -m=rb -dt=60000 -ad [x]
 
==================== Drivers (Whitelisted) ====================
 
R1 30338391; C:\Windows\System32\DRIVERS\30338391.sys [157712 2009-09-25] (Kaspersky Lab)
R0 30338392; C:\Windows\System32\DRIVERS\30338392.sys [40464 2009-10-22] (Kaspersky Lab)
R3 AiCharger; C:\Windows\SysWow64\DRIVERS\AiCharger.sys [17152 2012-02-29] (ASUSTek Computer Inc.)
R3 AsusVBus; C:\Windows\System32\DRIVERS\AsusVBus.sys [35968 2012-04-11] (Windows ® Win 7 DDK provider)
R3 AsusVTouch; C:\Windows\System32\DRIVERS\AsusVTouch.sys [16512 2012-04-11] (Windows ® Win 7 DDK provider)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2013-07-20] (DT Soft Ltd)
R1 Fox.cmddrv; C:\Windows\System32\DRIVERS\3033839.sys [352784 2009-10-09] (Kaspersky Lab)
R3 kbfiltr; C:\Windows\System32\DRIVERS\kbfiltr.sys [15416 2009-07-20] ( )
R1 tmactmon; C:\Windows\System32\DRIVERS\tmactmon.sys [107048 2012-09-24] (Trend Micro Inc.)
R1 tmcomm; C:\Windows\System32\DRIVERS\tmcomm.sys [173504 2012-09-24] (Trend Micro Inc.)
R1 tmevtmgr; C:\Windows\System32\DRIVERS\tmevtmgr.sys [77184 2012-09-24] (Trend Micro Inc.)
R1 tmtdi; C:\Windows\System32\DRIVERS\tmtdi.sys [105744 2011-09-29] (Trend Micro Inc.)
R2 uxpatch; C:\Windows\system32\drivers\uxpatch.sys [30568 2009-07-13] ()
 
==================== NetSvcs (Whitelisted) ===================
 
 
==================== One Month Created Files and Folders ========
 
2013-07-21 18:49 - 2013-07-21 18:49 - 00024046 _____ C:\Users\Luanne\Desktop\Addition.txt
2013-07-21 18:48 - 2013-07-21 18:48 - 00000000 ____D C:\FRST
2013-07-21 18:47 - 2013-07-21 18:47 - 01779363 _____ (Farbar) C:\Users\Luanne\Desktop\FRST64.exe
2013-07-21 18:27 - 2013-07-21 18:27 - 00003328 _____ C:\Users\Luanne\Desktop\RKreport[0]_S_07212013_182756.txt
2013-07-21 18:25 - 2013-07-21 18:47 - 00000000 ____D C:\Users\Luanne\Desktop\RK_Quarantine
2013-07-21 18:24 - 2013-07-21 18:24 - 03778560 _____ C:\Users\Luanne\Desktop\RogueKillerX64.exe
2013-07-21 17:58 - 2013-07-21 17:58 - 00051988 _____ C:\Users\Luanne\Desktop\MbrScan.log
2013-07-21 17:58 - 2013-07-21 17:58 - 00000512 _____ C:\Users\Luanne\Desktop\Dump_Hdd0_DR0.old
2013-07-21 17:58 - 2013-07-21 17:58 - 00000512 _____ C:\Users\Luanne\Desktop\Dump_Hdd0_DR0.mbr
2013-07-21 17:43 - 2013-07-21 17:43 - 00357077 _____ (Farbar) C:\Users\Luanne\Desktop\FSS.exe
2013-07-21 17:43 - 2013-07-21 17:43 - 00147456 _____ (Eric_71) C:\Users\Luanne\Desktop\MbrScan.exe
2013-07-21 17:38 - 2013-07-21 17:39 - 00000000 ____D C:\Users\Luanne\Desktop\HijackThis
2013-07-21 14:12 - 2013-07-21 14:18 - 222370072 _____ (Kaspersky Lab ZAO) C:\Users\Luanne\Downloads\pure13.0.2.558aEN_4384.exe
2013-07-21 04:30 - 2013-06-24 00:41 - 78185248 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-07-21 04:09 - 2012-07-26 01:55 - 00785512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Wdf01000.sys
2013-07-21 04:09 - 2012-07-26 01:55 - 00054376 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdfLdr.sys
2013-07-21 04:09 - 2012-07-25 23:36 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\Wdfres.dll
2013-07-21 04:09 - 2012-06-02 11:35 - 00000003 _____ C:\Windows\system32\Drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf
2013-07-21 03:44 - 2013-07-21 03:44 - 19238912 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-07-21 03:44 - 2013-07-21 03:44 - 15404032 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-07-21 03:44 - 2013-07-21 03:44 - 14329856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-07-21 03:44 - 2013-07-21 03:44 - 13760512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-07-21 03:44 - 2013-07-21 03:44 - 03958784 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-07-21 03:44 - 2013-07-21 03:44 - 02877440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-07-21 03:44 - 2013-07-21 03:44 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-07-21 03:44 - 2013-07-21 03:44 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-07-21 03:44 - 2013-07-21 03:44 - 02648576 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-07-21 03:44 - 2013-07-21 03:44 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-07-21 03:44 - 2013-07-21 03:44 - 02046976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-07-21 03:44 - 2013-07-21 03:44 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-07-21 03:44 - 2013-07-21 03:44 - 01509376 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-07-21 03:44 - 2013-07-21 03:44 - 01441280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2013-07-21 03:44 - 2013-07-21 03:44 - 01400416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2013-07-21 03:44 - 2013-07-21 03:44 - 01400416 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2013-07-21 03:44 - 2013-07-21 03:44 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-07-21 03:44 - 2013-07-21 03:44 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-07-21 03:44 - 2013-07-21 03:44 - 01054720 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2013-07-21 03:44 - 2013-07-21 03:44 - 00905728 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2013-07-21 03:44 - 2013-07-21 03:44 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-07-21 03:44 - 2013-07-21 03:44 - 00762368 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2013-07-21 03:44 - 2013-07-21 03:44 - 00719360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2013-07-21 03:44 - 2013-07-21 03:44 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-07-21 03:44 - 2013-07-21 03:44 - 00629248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2013-07-21 03:44 - 2013-07-21 03:44 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-07-21 03:44 - 2013-07-21 03:44 - 00599552 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2013-07-21 03:44 - 2013-07-21 03:44 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-07-21 03:44 - 2013-07-21 03:44 - 00523264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2013-07-21 03:44 - 2013-07-21 03:44 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-07-21 03:44 - 2013-07-21 03:44 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2013-07-21 03:44 - 2013-07-21 03:44 - 00441856 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2013-07-21 03:44 - 2013-07-21 03:44 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-07-21 03:44 - 2013-07-21 03:44 - 00361984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2013-07-21 03:44 - 2013-07-21 03:44 - 00357888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2013-07-21 03:44 - 2013-07-21 03:44 - 00281600 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2013-07-21 03:44 - 2013-07-21 03:44 - 00270848 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2013-07-21 03:44 - 2013-07-21 03:44 - 00247296 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2013-07-21 03:44 - 2013-07-21 03:44 - 00242200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2013-07-21 03:44 - 2013-07-21 03:44 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2013-07-21 03:44 - 2013-07-21 03:44 - 00232960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2013-07-21 03:44 - 2013-07-21 03:44 - 00226816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2013-07-21 03:44 - 2013-07-21 03:44 - 00226304 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2013-07-21 03:44 - 2013-07-21 03:44 - 00216064 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2013-07-21 03:44 - 2013-07-21 03:44 - 00204800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2013-07-21 03:44 - 2013-07-21 03:44 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2013-07-21 03:44 - 2013-07-21 03:44 - 00185344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2013-07-21 03:44 - 2013-07-21 03:44 - 00173568 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-07-21 03:44 - 2013-07-21 03:44 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2013-07-21 03:44 - 2013-07-21 03:44 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2013-07-21 03:44 - 2013-07-21 03:44 - 00158720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2013-07-21 03:44 - 2013-07-21 03:44 - 00150528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2013-07-21 03:44 - 2013-07-21 03:44 - 00149504 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2013-07-21 03:44 - 2013-07-21 03:44 - 00144896 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2013-07-21 03:44 - 2013-07-21 03:44 - 00138752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2013-07-21 03:44 - 2013-07-21 03:44 - 00137216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2013-07-21 03:44 - 2013-07-21 03:44 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-07-21 03:44 - 2013-07-21 03:44 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2013-07-21 03:44 - 2013-07-21 03:44 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2013-07-21 03:44 - 2013-07-21 03:44 - 00125440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2013-07-21 03:44 - 2013-07-21 03:44 - 00117248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2013-07-21 03:44 - 2013-07-21 03:44 - 00110592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2013-07-21 03:44 - 2013-07-21 03:44 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-07-21 03:44 - 2013-07-21 03:44 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2013-07-21 03:44 - 2013-07-21 03:44 - 00097280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-07-21 03:44 - 2013-07-21 03:44 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2013-07-21 03:44 - 2013-07-21 03:44 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-07-21 03:44 - 2013-07-21 03:44 - 00082432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2013-07-21 03:44 - 2013-07-21 03:44 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2013-07-21 03:44 - 2013-07-21 03:44 - 00079872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2013-07-21 03:44 - 2013-07-21 03:44 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2013-07-21 03:44 - 2013-07-21 03:44 - 00073728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2013-07-21 03:44 - 2013-07-21 03:44 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-07-21 03:44 - 2013-07-21 03:44 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2013-07-21 03:44 - 2013-07-21 03:44 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-07-21 03:44 - 2013-07-21 03:44 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2013-07-21 03:44 - 2013-07-21 03:44 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2013-07-21 03:44 - 2013-07-21 03:44 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-07-21 03:44 - 2013-07-21 03:44 - 00057344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2013-07-21 03:44 - 2013-07-21 03:44 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-07-21 03:44 - 2013-07-21 03:44 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2013-07-21 03:44 - 2013-07-21 03:44 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-07-21 03:44 - 2013-07-21 03:44 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2013-07-21 03:44 - 2013-07-21 03:44 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2013-07-21 03:44 - 2013-07-21 03:44 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2013-07-21 03:44 - 2013-07-21 03:44 - 00041984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2013-07-21 03:44 - 2013-07-21 03:44 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-07-21 03:44 - 2013-07-21 03:44 - 00039424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-07-21 03:44 - 2013-07-21 03:44 - 00038400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2013-07-21 03:44 - 2013-07-21 03:44 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-07-21 03:44 - 2013-07-21 03:44 - 00027648 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2013-07-21 03:44 - 2013-07-21 03:44 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2013-07-21 03:44 - 2013-07-21 03:44 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2013-07-21 03:44 - 2013-07-21 03:44 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2013-07-21 03:44 - 2013-07-21 03:44 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2013-07-21 03:44 - 2013-07-21 03:44 - 00011776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2013-07-21 03:38 - 2013-07-21 03:38 - 03928064 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2013-07-21 03:38 - 2013-07-21 03:38 - 03419136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2013-07-21 03:38 - 2013-07-21 03:38 - 02776576 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2013-07-21 03:38 - 2013-07-21 03:38 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2013-07-21 03:38 - 2013-07-21 03:38 - 02284544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2013-07-21 03:38 - 2013-07-21 03:38 - 01988096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2013-07-21 03:38 - 2013-07-21 03:38 - 01682432 _____ (Microsoft Corporation) C:\Windows\system32\XpsPrint.dll
2013-07-21 03:38 - 2013-07-21 03:38 - 01643520 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2013-07-21 03:38 - 2013-07-21 03:38 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2013-07-21 03:38 - 2013-07-21 03:38 - 01247744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2013-07-21 03:38 - 2013-07-21 03:38 - 01238528 _____ (Microsoft Corporation) C:\Windows\system32\d3d10.dll
2013-07-21 03:38 - 2013-07-21 03:38 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2013-07-21 03:38 - 2013-07-21 03:38 - 01175552 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2013-07-21 03:38 - 2013-07-21 03:38 - 01158144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsPrint.dll
2013-07-21 03:38 - 2013-07-21 03:38 - 01080832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10.dll
2013-07-21 03:38 - 2013-07-21 03:38 - 00648192 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll
2013-07-21 03:38 - 2013-07-21 03:38 - 00604160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10level9.dll
2013-07-21 03:38 - 2013-07-21 03:38 - 00522752 _____ (Microsoft Corporation) C:\Windows\system32\XpsGdiConverter.dll
2013-07-21 03:38 - 2013-07-21 03:38 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2013-07-21 03:38 - 2013-07-21 03:38 - 00417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2013-07-21 03:38 - 2013-07-21 03:38 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsGdiConverter.dll
2013-07-21 03:38 - 2013-07-21 03:38 - 00363008 _____ (Microsoft Corporation) C:\Windows\system32\dxgi.dll
2013-07-21 03:38 - 2013-07-21 03:38 - 00333312 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1core.dll
2013-07-21 03:38 - 2013-07-21 03:38 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\d3d10core.dll
2013-07-21 03:38 - 2013-07-21 03:38 - 00293376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxgi.dll
2013-07-21 03:38 - 2013-07-21 03:38 - 00249856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1core.dll
2013-07-21 03:38 - 2013-07-21 03:38 - 00245248 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecsExt.dll
2013-07-21 03:38 - 2013-07-21 03:38 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\UIAnimation.dll
2013-07-21 03:38 - 2013-07-21 03:38 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10core.dll
2013-07-21 03:38 - 2013-07-21 03:38 - 00207872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecsExt.dll
2013-07-21 03:38 - 2013-07-21 03:38 - 00194560 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1.dll
2013-07-21 03:38 - 2013-07-21 03:38 - 00187392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIAnimation.dll
2013-07-21 03:38 - 2013-07-21 03:38 - 00161792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1.dll
2013-07-21 03:38 - 2013-07-21 03:38 - 00010752 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-07-21 03:38 - 2013-07-21 03:38 - 00010752 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-07-21 03:38 - 2013-07-21 03:38 - 00009728 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-07-21 03:38 - 2013-07-21 03:38 - 00009728 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-07-21 03:38 - 2013-07-21 03:38 - 00005632 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-07-21 03:38 - 2013-07-21 03:38 - 00005632 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-07-21 03:38 - 2013-07-21 03:38 - 00005632 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-07-21 03:38 - 2013-07-21 03:38 - 00005632 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-07-21 03:38 - 2013-07-21 03:38 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-user32-l1-1-0.dll
2013-07-21 03:38 - 2013-07-21 03:38 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2013-07-21 03:38 - 2013-07-21 03:38 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-07-21 03:38 - 2013-07-21 03:38 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-07-21 03:38 - 2013-07-21 03:38 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-version-l1-1-0.dll
2013-07-21 03:38 - 2013-07-21 03:38 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-07-21 03:38 - 2013-07-21 03:38 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2013-07-21 03:38 - 2013-07-21 03:38 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-07-21 03:38 - 2013-07-21 03:38 - 00002560 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-07-21 03:38 - 2013-07-21 03:38 - 00002560 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-07-21 03:35 - 2013-07-21 04:07 - 00021059 _____ C:\Windows\IE10_main.log
2013-07-21 03:15 - 2012-12-16 14:11 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2013-07-21 03:15 - 2012-12-16 11:45 - 00367616 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2013-07-21 03:15 - 2012-12-16 11:13 - 00295424 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2013-07-21 03:15 - 2012-12-16 11:13 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2013-07-21 03:13 - 2012-07-26 00:08 - 00744448 _____ (Microsoft Corporation) C:\Windows\system32\WUDFx.dll
2013-07-21 03:13 - 2012-07-26 00:08 - 00229888 _____ (Microsoft Corporation) C:\Windows\system32\WUDFHost.exe
2013-07-21 03:13 - 2012-07-26 00:08 - 00194048 _____ (Microsoft Corporation) C:\Windows\system32\WUDFPlatform.dll
2013-07-21 03:13 - 2012-07-26 00:08 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\WUDFSvc.dll
2013-07-21 03:13 - 2012-07-26 00:08 - 00045056 _____ (Microsoft Corporation) C:\Windows\system32\WUDFCoinstaller.dll
2013-07-21 03:13 - 2012-07-25 23:26 - 00198656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFRd.sys
2013-07-21 03:13 - 2012-07-25 23:26 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFPf.sys
2013-07-21 03:13 - 2012-06-02 11:57 - 00000003 _____ C:\Windows\system32\Drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf
2013-07-21 02:59 - 2012-03-01 03:46 - 00023408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fs_rec.sys
2013-07-21 02:59 - 2012-03-01 03:33 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\imagehlp.dll
2013-07-21 02:59 - 2012-03-01 03:28 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\wmi.dll
2013-07-21 02:59 - 2012-03-01 02:33 - 00159232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imagehlp.dll
2013-07-21 02:59 - 2012-03-01 02:29 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmi.dll
2013-07-21 02:58 - 2013-07-21 02:58 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2013-07-21 02:58 - 2013-07-21 02:58 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2013-07-21 02:50 - 2013-07-21 02:50 - 00000227 _____ C:\Users\Luanne\Documents\oi.txt
2013-07-20 17:34 - 2013-07-21 14:42 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2013-07-20 17:33 - 2013-07-21 13:31 - 00000000 ____D C:\Users\Luanne\Desktop\Virus Removal Tool
2013-07-20 17:33 - 2009-10-22 13:54 - 00040464 _____ (Kaspersky Lab) C:\Windows\system32\Drivers\30338392.sys
2013-07-20 17:33 - 2009-10-09 23:30 - 00352784 _____ (Kaspersky Lab) C:\Windows\system32\Drivers\3033839.sys
2013-07-20 17:33 - 2009-09-25 17:59 - 00157712 _____ (Kaspersky Lab) C:\Windows\system32\Drivers\30338391.sys
2013-07-20 17:26 - 2013-07-20 17:31 - 178934656 _____ (                                                            ) C:\Users\Luanne\Downloads\setup_9.0.0.722_20.07.2013_23-26.exe
2013-07-20 16:14 - 2013-07-20 16:35 - 00000000 ____D C:\Users\Luanne\Doctor Web
2013-07-20 15:57 - 2013-07-20 16:01 - 125347656 _____ C:\Users\Luanne\Downloads\Golden.cmd.exe
2013-07-20 15:31 - 2008-08-26 11:50 - 00249856 _____ C:\Users\Luanne\Downloads\Sality_off.exe
2013-07-20 15:20 - 2013-07-20 15:20 - 00659320 _____ C:\Users\Luanne\Downloads\symantec-w32downadup-removal-tool-1105-32-bits.exe
2013-07-20 12:06 - 2013-07-20 15:27 - 00000312 _____ C:\Users\Luanne\Downloads\FixDwndp.log
2013-07-20 11:59 - 2013-07-20 15:21 - 02348928 _____ () C:\Users\Luanne\Downloads\D.exe
2013-07-20 11:40 - 2013-07-20 15:16 - 00000000 ____D C:\32788R22FWJFW
2013-07-20 11:05 - 2013-07-20 11:05 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\Luanne\Downloads\mbam-setup-1.75.0.1300.exe
2013-07-20 10:59 - 2013-07-20 10:59 - 03321289 _____ C:\Users\Luanne\Downloads\winrar-x64-420br.exe
2013-07-20 10:59 - 2013-07-20 10:59 - 00000000 ____D C:\Users\Luanne\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2013-07-20 10:59 - 2013-07-20 10:59 - 00000000 ____D C:\Program Files\WinRAR
2013-07-20 10:58 - 2013-07-20 15:27 - 00000000 ____D C:\Users\Luanne\AppData\Roaming\WinRAR
2013-07-20 04:11 - 2013-07-20 04:11 - 00000000 ____D C:\Program Files (x86)\Microsoft WSE
2013-07-20 04:10 - 2006-09-28 16:05 - 03977496 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_31.dll
2013-07-20 04:10 - 2006-09-28 16:05 - 02414360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_31.dll
2013-07-20 03:58 - 2013-07-20 03:58 - 00000000 _____ C:\Windows\DCEBOOT.LOG
2013-07-20 03:56 - 2013-07-20 03:56 - 00234544 _____ C:\Windows\RegBootClean64.exe
2013-07-20 03:56 - 2013-04-10 03:01 - 00983400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2013-07-20 03:56 - 2013-04-10 03:01 - 00265064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
2013-07-20 03:56 - 2012-10-09 15:17 - 00226816 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcore6.dll
2013-07-20 03:56 - 2012-10-09 15:17 - 00055296 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcsvc6.dll
2013-07-20 03:56 - 2012-10-09 14:40 - 00193536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcore6.dll
2013-07-20 03:56 - 2012-10-09 14:40 - 00044032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcsvc6.dll
2013-07-20 03:56 - 2011-02-03 08:25 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll
2013-07-20 03:55 - 2013-05-08 03:39 - 01910632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2013-07-20 03:55 - 2013-02-15 03:08 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2013-07-20 03:55 - 2013-02-15 03:06 - 03717632 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2013-07-20 03:55 - 2013-02-15 03:02 - 00158720 _____ (Microsoft Corporation) C:\Windows\system32\aaclient.dll
2013-07-20 03:55 - 2013-02-15 01:37 - 03217408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2013-07-20 03:55 - 2013-02-15 01:34 - 00131584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll
2013-07-20 03:55 - 2013-02-15 00:25 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2013-07-20 03:55 - 2013-01-03 03:00 - 00288088 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2013-07-20 03:55 - 2012-11-09 02:45 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2013-07-20 03:55 - 2012-11-09 01:42 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2013-07-20 03:55 - 2012-01-04 07:44 - 00509952 _____ (Microsoft Corporation) C:\Windows\system32\ntshrui.dll
2013-07-20 03:55 - 2012-01-04 05:58 - 00442880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntshrui.dll
2013-07-20 03:54 - 2013-07-20 03:56 - 00022064 _____ C:\Windows\DCEBoot64.exe
2013-07-20 03:54 - 2013-04-12 11:45 - 01656680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2013-07-20 03:54 - 2013-03-19 02:53 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll
2013-07-20 03:54 - 2013-03-19 02:53 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\wwanprotdim.dll
2013-07-20 03:54 - 2013-02-27 03:02 - 00111448 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2013-07-20 03:54 - 2013-02-27 02:52 - 14172672 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2013-07-20 03:54 - 2013-02-27 02:52 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\shdocvw.dll
2013-07-20 03:54 - 2013-02-27 02:48 - 01930752 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2013-07-20 03:54 - 2013-02-27 02:47 - 00070144 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2013-07-20 03:54 - 2013-02-27 01:55 - 12872704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2013-07-20 03:54 - 2013-02-27 01:55 - 00180224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shdocvw.dll
2013-07-20 03:54 - 2013-02-27 01:49 - 01796096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2013-07-20 03:54 - 2013-02-12 01:12 - 00019968 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usb8023.sys
2013-07-20 03:54 - 2012-11-01 02:43 - 02002432 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2013-07-20 03:54 - 2012-11-01 02:43 - 01882624 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2013-07-20 03:54 - 2012-11-01 01:47 - 01389568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2013-07-20 03:54 - 2012-11-01 01:47 - 01236992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2013-07-20 03:54 - 2012-10-03 14:44 - 00303104 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2013-07-20 03:54 - 2012-10-03 14:44 - 00246272 _____ (Microsoft Corporation) C:\Windows\system32\netcorehc.dll
2013-07-20 03:54 - 2012-10-03 14:44 - 00216576 _____ (Microsoft Corporation) C:\Windows\system32\ncsi.dll
2013-07-20 03:54 - 2012-10-03 14:44 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\nlaapi.dll
2013-07-20 03:54 - 2012-10-03 14:44 - 00018944 _____ (Microsoft Corporation) C:\Windows\system32\netevent.dll
2013-07-20 03:54 - 2012-10-03 14:42 - 00569344 _____ (Microsoft Corporation) C:\Windows\system32\iphlpsvc.dll
2013-07-20 03:54 - 2012-10-03 13:42 - 00175104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netcorehc.dll
2013-07-20 03:54 - 2012-10-03 13:42 - 00156672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncsi.dll
2013-07-20 03:54 - 2012-10-03 13:42 - 00018944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netevent.dll
2013-07-20 03:54 - 2012-10-03 13:07 - 00045568 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpipreg.sys
2013-07-20 03:54 - 2012-08-22 15:12 - 00950128 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2013-07-20 03:54 - 2012-08-22 15:12 - 00376688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2013-07-20 03:54 - 2012-07-04 17:26 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\RNDISMP.sys
2013-07-20 03:54 - 2012-06-02 02:50 - 00458704 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2013-07-20 03:54 - 2012-06-02 02:48 - 00151920 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2013-07-20 03:54 - 2012-06-02 02:48 - 00095600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2013-07-20 03:54 - 2012-06-02 02:45 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2013-07-20 03:54 - 2012-06-02 01:40 - 00225280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2013-07-20 03:54 - 2012-06-02 01:40 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2013-07-20 03:54 - 2012-06-02 01:34 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2013-07-20 03:54 - 2012-04-26 02:41 - 00149504 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorekmts.dll
2013-07-20 03:54 - 2012-04-26 02:41 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\rdpwsx.dll
2013-07-20 03:54 - 2012-04-26 02:34 - 00009216 _____ (Microsoft Corporation) C:\Windows\system32\rdrmemptylst.exe
2013-07-20 03:54 - 2012-01-13 04:12 - 00052224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlaapi.dll
2013-07-20 03:54 - 2011-12-30 03:26 - 00515584 _____ (Microsoft Corporation) C:\Windows\system32\timedate.cpl
2013-07-20 03:54 - 2011-12-30 02:27 - 00478720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\timedate.cpl
2013-07-20 03:54 - 2010-06-26 00:55 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2013-07-20 03:54 - 2010-06-26 00:24 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2013-07-20 03:53 - 2013-06-04 03:00 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2013-07-20 03:53 - 2013-06-04 01:53 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2013-07-20 03:53 - 2013-05-06 03:03 - 01887744 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2013-07-20 03:53 - 2013-05-06 01:56 - 01620480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2013-07-20 03:53 - 2013-01-04 02:46 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2013-07-20 03:53 - 2013-01-04 01:51 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2013-07-20 03:53 - 2013-01-03 23:47 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2013-07-20 03:53 - 2013-01-03 23:47 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2013-07-20 03:53 - 2013-01-03 23:47 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2013-07-20 03:53 - 2013-01-03 23:47 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2013-07-20 03:53 - 2012-11-20 02:48 - 00307200 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2013-07-20 03:53 - 2012-11-20 01:51 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2013-07-20 03:53 - 2012-11-02 02:59 - 00478208 _____ (Microsoft Corporation) C:\Windows\system32\dpnet.dll
2013-07-20 03:53 - 2012-11-02 02:11 - 00376832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpnet.dll
2013-07-20 03:53 - 2012-08-24 15:05 - 00220160 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2013-07-20 03:53 - 2012-08-24 13:57 - 00172544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2013-07-20 03:53 - 2012-08-21 18:01 - 00245760 _____ (Microsoft Corporation) C:\Windows\system32\OxpsConverter.exe
2013-07-20 03:53 - 2012-05-01 02:40 - 00209920 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2013-07-20 03:52 - 2012-12-07 10:20 - 00441856 _____ (Microsoft Corporation) C:\Windows\system32\Wpc.dll
2013-07-20 03:52 - 2012-12-07 10:15 - 02746368 _____ (Microsoft Corporation) C:\Windows\system32\gameux.dll
2013-07-20 03:52 - 2012-12-07 09:26 - 00308736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Wpc.dll
2013-07-20 03:52 - 2012-12-07 09:20 - 02576384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gameux.dll
2013-07-20 03:52 - 2012-12-07 08:20 - 00045568 _____ (Microsoft) C:\Windows\system32\oflc-nz.rs
2013-07-20 03:52 - 2012-12-07 08:20 - 00044544 _____ (Microsoft) C:\Windows\system32\pegibbfc.rs
2013-07-20 03:52 - 2012-12-07 08:20 - 00043520 _____ (Microsoft) C:\Windows\system32\csrr.rs
2013-07-20 03:52 - 2012-12-07 08:20 - 00030720 _____ (Microsoft) C:\Windows\system32\usk.rs
2013-07-20 03:52 - 2012-12-07 08:20 - 00023552 _____ (Microsoft) C:\Windows\system32\oflc.rs
2013-07-20 03:52 - 2012-12-07 08:20 - 00020480 _____ (Microsoft) C:\Windows\system32\pegi-pt.rs
2013-07-20 03:52 - 2012-12-07 08:20 - 00020480 _____ (Microsoft) C:\Windows\system32\pegi-fi.rs
2013-07-20 03:52 - 2012-12-07 08:19 - 00055296 _____ (Microsoft) C:\Windows\system32\cero.rs
2013-07-20 03:52 - 2012-12-07 08:19 - 00051712 _____ (Microsoft) C:\Windows\system32\esrb.rs
2013-07-20 03:52 - 2012-12-07 08:19 - 00046592 _____ (Microsoft) C:\Windows\system32\fpb.rs
2013-07-20 03:52 - 2012-12-07 08:19 - 00040960 _____ (Microsoft) C:\Windows\system32\cob-au.rs
2013-07-20 03:52 - 2012-12-07 08:19 - 00021504 _____ (Microsoft) C:\Windows\system32\grb.rs
2013-07-20 03:52 - 2012-12-07 08:19 - 00020480 _____ (Microsoft) C:\Windows\system32\pegi.rs
2013-07-20 03:52 - 2012-12-07 08:19 - 00015360 _____ (Microsoft) C:\Windows\system32\djctq.rs
2013-07-20 03:52 - 2012-12-07 07:46 - 00055296 _____ (Microsoft) C:\Windows\SysWOW64\cero.rs
2013-07-20 03:52 - 2012-12-07 07:46 - 00051712 _____ (Microsoft) C:\Windows\SysWOW64\esrb.rs
2013-07-20 03:52 - 2012-12-07 07:46 - 00046592 _____ (Microsoft) C:\Windows\SysWOW64\fpb.rs
2013-07-20 03:52 - 2012-12-07 07:46 - 00045568 _____ (Microsoft) C:\Windows\SysWOW64\oflc-nz.rs
2013-07-20 03:52 - 2012-12-07 07:46 - 00044544 _____ (Microsoft) C:\Windows\SysWOW64\pegibbfc.rs
2013-07-20 03:52 - 2012-12-07 07:46 - 00043520 _____ (Microsoft) C:\Windows\SysWOW64\csrr.rs
2013-07-20 03:52 - 2012-12-07 07:46 - 00040960 _____ (Microsoft) C:\Windows\SysWOW64\cob-au.rs
2013-07-20 03:52 - 2012-12-07 07:46 - 00030720 _____ (Microsoft) C:\Windows\SysWOW64\usk.rs
2013-07-20 03:52 - 2012-12-07 07:46 - 00023552 _____ (Microsoft) C:\Windows\SysWOW64\oflc.rs
2013-07-20 03:52 - 2012-12-07 07:46 - 00021504 _____ (Microsoft) C:\Windows\SysWOW64\grb.rs
2013-07-20 03:52 - 2012-12-07 07:46 - 00020480 _____ (Microsoft) C:\Windows\SysWOW64\pegi-pt.rs
2013-07-20 03:52 - 2012-12-07 07:46 - 00020480 _____ (Microsoft) C:\Windows\SysWOW64\pegi-fi.rs
2013-07-20 03:52 - 2012-12-07 07:46 - 00020480 _____ (Microsoft) C:\Windows\SysWOW64\pegi.rs
2013-07-20 03:52 - 2012-12-07 07:46 - 00015360 _____ (Microsoft) C:\Windows\SysWOW64\djctq.rs
2013-07-20 03:52 - 2012-11-22 02:44 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2013-07-20 03:52 - 2012-11-22 01:45 - 00626688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2013-07-20 03:52 - 2012-04-28 00:55 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpwd.sys
2013-07-20 03:52 - 2011-12-28 00:59 - 00498688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2013-07-20 03:51 - 2012-11-30 02:45 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2013-07-20 03:51 - 2012-11-30 02:45 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2013-07-20 03:51 - 2012-11-30 02:45 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2013-07-20 03:51 - 2012-11-30 02:43 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2013-07-20 03:51 - 2012-11-30 02:41 - 01161216 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2013-07-20 03:51 - 2012-11-30 02:41 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2013-07-20 03:51 - 2012-11-30 02:38 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2013-07-20 03:51 - 2012-11-30 02:38 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2013-07-20 03:51 - 2012-11-30 02:38 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2013-07-20 03:51 - 2012-11-30 02:38 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2013-07-20 03:51 - 2012-11-30 02:38 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2013-07-20 03:51 - 2012-11-30 02:38 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2013-07-20 03:51 - 2012-11-30 02:38 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2013-07-20 03:51 - 2012-11-30 02:38 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2013-07-20 03:51 - 2012-11-30 02:38 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-07-20 03:51 - 2012-11-30 02:38 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2013-07-20 03:51 - 2012-11-30 02:38 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2013-07-20 03:51 - 2012-11-30 02:38 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2013-07-20 03:51 - 2012-11-30 02:38 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2013-07-20 03:51 - 2012-11-30 02:38 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2013-07-20 03:51 - 2012-11-30 02:38 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2013-07-20 03:51 - 2012-11-30 02:38 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2013-07-20 03:51 - 2012-11-30 02:38 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2013-07-20 03:51 - 2012-11-30 02:38 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2013-07-20 03:51 - 2012-11-30 02:38 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2013-07-20 03:51 - 2012-11-30 02:38 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2013-07-20 03:51 - 2012-11-30 02:38 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2013-07-20 03:51 - 2012-11-30 02:38 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2013-07-20 03:51 - 2012-11-30 02:38 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2013-07-20 03:51 - 2012-11-30 02:38 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2013-07-20 03:51 - 2012-11-30 02:38 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2013-07-20 03:51 - 2012-11-30 02:38 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2013-07-20 03:51 - 2012-11-30 02:38 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2013-07-20 03:51 - 2012-11-30 02:38 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2013-07-20 03:51 - 2012-11-30 01:53 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2013-07-20 03:51 - 2012-11-30 01:53 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2013-07-20 03:51 - 2012-11-30 01:45 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2013-07-20 03:51 - 2012-11-30 01:45 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2013-07-20 03:51 - 2012-11-30 01:45 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2013-07-20 03:51 - 2012-11-30 01:45 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2013-07-20 03:51 - 2012-11-30 01:45 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2013-07-20 03:51 - 2012-11-30 01:45 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2013-07-20 03:51 - 2012-11-30 01:45 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2013-07-20 03:51 - 2012-11-30 01:45 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2013-07-20 03:51 - 2012-11-30 01:45 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2013-07-20 03:51 - 2012-11-30 01:45 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2013-07-20 03:51 - 2012-11-30 01:45 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2013-07-20 03:51 - 2012-11-30 01:45 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2013-07-20 03:51 - 2012-11-30 01:45 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2013-07-20 03:51 - 2012-11-30 01:45 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2013-07-20 03:51 - 2012-11-30 01:45 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-07-20 03:51 - 2012-11-30 01:45 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2013-07-20 03:51 - 2012-11-30 01:45 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2013-07-20 03:51 - 2012-11-30 01:45 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2013-07-20 03:51 - 2012-11-30 01:45 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2013-07-20 03:51 - 2012-11-30 01:45 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2013-07-20 03:51 - 2012-11-30 01:45 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2013-07-20 03:51 - 2012-11-30 01:45 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2013-07-20 03:51 - 2012-11-30 01:45 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2013-07-20 03:51 - 2012-11-30 01:45 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2013-07-20 03:51 - 2012-11-30 00:23 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2013-07-20 03:51 - 2012-11-29 23:38 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2013-07-20 03:51 - 2012-11-29 23:38 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2013-07-20 03:51 - 2012-11-29 23:38 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2013-07-20 03:51 - 2012-11-29 23:38 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2013-07-20 03:51 - 2012-11-29 20:17 - 00420064 _____ C:\Windows\SysWOW64\locale.nls
2013-07-20 03:51 - 2012-11-29 20:15 - 00420064 _____ C:\Windows\system32\locale.nls
2013-07-20 03:51 - 2012-09-25 19:47 - 00078336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\synceng.dll
2013-07-20 03:51 - 2012-09-25 19:46 - 00095744 _____ (Microsoft Corporation) C:\Windows\system32\synceng.dll
2013-07-20 03:51 - 2012-08-10 21:56 - 00715776 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2013-07-20 03:51 - 2012-08-10 20:56 - 00542208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2013-07-20 03:51 - 2012-07-06 17:07 - 00552960 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bthport.sys
2013-07-20 03:51 - 2012-04-07 09:31 - 03216384 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2013-07-20 03:51 - 2012-04-07 08:26 - 02342400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2013-07-20 03:51 - 2012-03-17 04:58 - 00075120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\partmgr.sys
2013-07-20 03:50 - 2013-06-05 00:34 - 03153920 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-07-20 03:50 - 2013-05-13 02:51 - 01464320 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2013-07-20 03:50 - 2013-05-13 02:51 - 00184320 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2013-07-20 03:50 - 2013-05-13 02:51 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2013-07-20 03:50 - 2013-05-13 02:50 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\certenc.dll
2013-07-20 03:50 - 2013-05-13 01:45 - 01160192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2013-07-20 03:50 - 2013-05-13 01:45 - 00140288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2013-07-20 03:50 - 2013-05-13 01:45 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2013-07-20 03:50 - 2013-05-13 00:43 - 01192448 _____ (Microsoft Corporation) C:\Windows\system32\certutil.exe
2013-07-20 03:50 - 2013-05-13 00:08 - 00903168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certutil.exe
2013-07-20 03:50 - 2013-05-13 00:08 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certenc.dll
2013-07-20 03:50 - 2013-05-10 02:49 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\cryptdlg.dll
2013-07-20 03:50 - 2013-05-10 00:20 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptdlg.dll
2013-07-20 03:50 - 2013-04-26 02:51 - 00751104 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2013-07-20 03:50 - 2013-04-26 01:55 - 00492544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32spl.dll
2013-07-20 03:50 - 2013-03-19 03:04 - 05550424 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2013-07-20 03:50 - 2013-03-19 02:46 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2013-07-20 03:50 - 2013-03-19 02:04 - 03968856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2013-07-20 03:50 - 2013-03-19 02:04 - 03913560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2013-07-20 03:50 - 2013-03-19 01:47 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2013-07-20 03:50 - 2013-03-19 00:06 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2013-07-20 03:50 - 2013-01-24 03:01 - 00223752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fvevol.sys
2013-07-20 03:50 - 2012-11-23 00:13 - 00068608 _____ (Microsoft Corporation) C:\Windows\system32\taskhost.exe
2013-07-20 03:50 - 2012-07-04 19:16 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\netapi32.dll
2013-07-20 03:50 - 2012-07-04 19:13 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\browser.dll
2013-07-20 03:50 - 2012-07-04 19:13 - 00059392 _____ (Microsoft Corporation) C:\Windows\system32\browcli.dll
2013-07-20 03:50 - 2012-07-04 18:16 - 00057344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netapi32.dll
2013-07-20 03:50 - 2012-07-04 18:14 - 00041984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\browcli.dll
2013-07-20 03:50 - 2012-05-14 02:26 - 00956928 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2013-07-20 03:50 - 2012-05-05 05:36 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2013-07-20 03:50 - 2012-05-05 04:46 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2013-07-20 03:50 - 2011-12-16 05:46 - 00634880 _____ (Microsoft Corporation) C:\Windows\system32\msvcrt.dll
2013-07-20 03:50 - 2011-12-16 04:52 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcrt.dll
2013-07-20 03:49 - 2013-04-25 20:30 - 01505280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d11.dll
2013-07-20 03:49 - 2013-03-31 19:52 - 01887232 _____ (Microsoft Corporation) C:\Windows\system32\d3d11.dll
2013-07-20 03:49 - 2012-06-06 03:02 - 01133568 _____ (Microsoft Corporation) C:\Windows\system32\cdosys.dll
2013-07-20 03:49 - 2012-06-06 02:03 - 00805376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cdosys.dll
2013-07-20 03:49 - 2012-02-11 03:36 - 00559104 _____ (Microsoft Corporation) C:\Windows\system32\spoolsv.exe
2013-07-20 03:49 - 2012-02-11 03:36 - 00067072 _____ (Microsoft Corporation) C:\Windows\splwow64.exe
2013-07-20 02:50 - 2013-07-20 02:50 - 00000000 ____D C:\Users\Luanne\Downloads\The Sims 2 - Cópia
2013-07-20 02:07 - 2013-07-20 02:29 - 00000000 ____D C:\ProgramData\VirtualizedApplications
2013-07-20 02:02 - 2013-07-20 02:02 - 00000000 __RHD C:\MSOCache
2013-07-20 01:47 - 2013-07-20 01:47 - 00002272 _____ C:\Users\Public\Desktop\The Sims™ 2 Bon Voyage.lnk
2013-07-20 01:04 - 2013-07-20 01:04 - 00002986 _____ C:\Windows\System32\Tasks\{4893D719-5EB5-44D8-B21C-A0350756957A}
2013-07-20 01:04 - 2013-07-20 01:04 - 00002986 _____ C:\Windows\System32\Tasks\{0CBB80D8-0E39-4691-B063-EBA5DCF049CF}
2013-07-20 01:00 - 2013-07-20 02:03 - 00000000 ____D C:\Users\Luanne\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2013-07-20 01:00 - 2013-07-20 01:00 - 00000000 ____D C:\Users\Public\Documents\EA Games
2013-07-20 00:57 - 2013-07-20 03:38 - 00000000 ____D C:\Users\Luanne\Documents\EA Games
2013-07-20 00:54 - 2013-07-20 02:08 - 00000000 ____D C:\Program Files (x86)\EA GAMES
2013-07-20 00:54 - 2004-08-18 05:34 - 00442368 ____R (On2.com) C:\Windows\SysWOW64\vp6vfw.dll
2013-07-20 00:46 - 2013-07-20 00:58 - 00000000 ____D C:\Users\Luanne\Documents\Sims 2
2013-07-20 00:28 - 2013-07-20 00:28 - 00000000 ____D C:\Program Files (x86)\uTorrent
2013-07-20 00:27 - 2013-07-20 03:56 - 00000000 ____D C:\Users\Luanne\AppData\Roaming\uTorrent
2013-07-20 00:24 - 2013-07-20 00:49 - 00000000 ____D C:\Users\Luanne\AppData\Roaming\DAEMON Tools Lite
2013-07-20 00:24 - 2013-07-20 00:49 - 00000000 ____D C:\ProgramData\DAEMON Tools Lite
2013-07-20 00:24 - 2013-07-20 00:24 - 00283200 _____ (DT Soft Ltd) C:\Windows\system32\Drivers\dtsoftbus01.sys
2013-07-20 00:24 - 2013-07-20 00:24 - 00000000 ____D C:\Program Files (x86)\DAEMON Tools Lite
2013-07-20 00:24 - 2013-07-20 00:23 - 13901152 _____ (Disc Soft Ltd) C:\Users\Luanne\Downloads\DTLite4471-0333.exe
2013-07-20 00:22 - 2012-09-02 14:27 - 00896912 _____ (BitTorrent, Inc.) C:\Users\Luanne\Downloads\uTorrent.exe
2013-07-19 17:45 - 2013-07-19 17:45 - 00000000 ____D C:\Users\Luanne\AppData\Local\Adobe
2013-07-19 17:32 - 2013-07-19 17:32 - 00000000 ____D C:\Users\Luanne\AppData\Local\Stardock
2013-07-19 17:30 - 2013-07-19 17:41 - 00000000 ____D C:\Users\Public\Documents\Stardock
2013-07-19 17:30 - 2013-07-19 17:30 - 00000000 ____D C:\Program Files (x86)\Stardock
2013-07-19 16:20 - 2013-07-21 17:43 - 00000000 ____D C:\Users\Luanne\AppData\Roaming\SoftGrid Client
2013-07-19 16:20 - 2013-07-19 16:20 - 00000000 ____D C:\Users\Luanne\AppData\Local\SoftGrid Client
2013-07-19 16:19 - 2013-07-21 03:24 - 00000000 ____D C:\Program Files (x86)\Microsoft Application Virtualization Client
2013-07-19 16:19 - 2013-07-19 16:20 - 00000000 ____D C:\Users\Luanne\AppData\Roaming\TP
2013-07-19 16:19 - 2013-07-19 16:19 - 00000000 ____D C:\Windows\System32\Tasks\OfficeSoftwareProtectionPlatform
2013-07-19 16:19 - 2013-07-19 16:19 - 00000000 ____D C:\Program Files\Microsoft Office
2013-07-19 16:18 - 2013-07-19 16:18 - 00000000 ____D C:\Users\Luanne\Desktop\funcionario
2013-07-19 16:17 - 2013-07-19 16:17 - 00000000 ____D C:\Users\Luanne\Desktop\colecaoset
2013-07-19 16:17 - 2013-07-19 16:17 - 00000000 ____D C:\Users\Luanne\Desktop\arvore nome
2013-07-19 16:16 - 2013-07-19 16:16 - 00000000 ____D C:\Users\Luanne\Desktop\arvorelista
2013-07-19 16:16 - 2013-07-19 16:16 - 00000000 ____D C:\Users\Luanne\Desktop\arvore binaria
2013-07-19 16:07 - 2013-07-19 16:07 - 00000000 ____D C:\Program Files (x86)\Hewlett-Packard
2013-07-19 16:06 - 2013-07-19 16:06 - 00003620 _____ C:\Windows\System32\Tasks\HPCustParticipation HP Deskjet 4610 series
2013-07-19 16:06 - 2013-07-19 16:06 - 00000000 ____D C:\Users\Luanne\AppData\Roaming\HpUpdate
2013-07-19 16:05 - 2013-07-19 16:06 - 00000000 ____D C:\Program Files (x86)\HP
2013-07-19 16:05 - 2013-07-19 16:05 - 00000000 __SHD C:\Users\Luanne\AppData\Roaming\09b
2013-07-19 16:05 - 2013-07-19 16:05 - 00000000 __SHD C:\089
2013-07-19 16:05 - 2013-07-19 16:05 - 00000000 ____D C:\ProgramData\HP
2013-07-19 16:04 - 2013-07-19 16:04 - 00000057 _____ C:\ProgramData\Ament.ini
2013-07-19 16:04 - 2013-07-19 16:04 - 00000000 ____D C:\Program Files\HP
2013-07-19 16:03 - 2013-07-19 16:10 - 00000000 ____D C:\Users\Luanne\AppData\Local\HP
2013-07-19 15:55 - 2013-07-19 17:45 - 00000000 ____D C:\Users\Luanne\Downloads\Tela
2013-07-19 15:52 - 2013-07-19 15:52 - 00000000 ____D C:\Program Files (x86)\winaero.com
2013-07-19 15:52 - 2013-07-19 15:52 - 00000000 ____D C:\Program Files (x86)\Personalization Panel
2013-07-19 15:48 - 2013-07-19 15:48 - 00000000 ____D C:\Users\Luanne\AppData\Local\Power2Go
2013-07-19 15:42 - 2013-07-19 15:42 - 00000000 ____D C:\Users\Luanne\AppData\Roaming\ASUS WebStorage
2013-07-19 15:23 - 2012-02-17 03:38 - 01031680 _____ (Microsoft Corporation) C:\Windows\system32\rdpcore.dll
2013-07-19 15:23 - 2012-02-17 02:34 - 00826880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpcore.dll
2013-07-19 15:23 - 2012-02-17 01:57 - 00023552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdtcp.sys
2013-07-19 15:22 - 2013-07-19 15:23 - 00000000 ____D C:\Users\Luanne\AppData\Local\Google
2013-07-19 15:21 - 2013-07-19 17:45 - 00000000 ____D C:\Users\Luanne\AppData\Roaming\Adobe
2013-07-19 15:21 - 2013-07-19 15:21 - 00000000 ____D C:\Users\Luanne\AppData\Roaming\Macromedia
2013-07-19 15:19 - 2013-07-19 15:19 - 00000000 ____D C:\Users\Luanne\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Trend Micro Titanium Internet Security 2012
2013-07-19 15:18 - 2013-07-21 13:41 - 00001391 _____ C:\Users\Luanne\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-07-19 15:17 - 2013-07-21 18:00 - 00000000 ___RD C:\Users\Luanne\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-07-19 15:17 - 2013-07-21 14:27 - 00058016 _____ C:\Users\Luanne\AppData\Local\GDIPFONTCACHEV1.DAT
2013-07-19 15:17 - 2013-07-21 13:42 - 00000000 ___RD C:\Users\Luanne\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2013-07-19 15:17 - 2013-07-19 15:17 - 00000196 _____ C:\Windows\FixPatch.log
2013-07-19 15:17 - 2013-07-19 15:17 - 00000000 __RSD C:\Users\Public\Desktop\ASUS
2013-07-19 15:17 - 2013-07-19 15:17 - 00000000 ____D C:\ProgramData\FolderView
2013-07-19 15:17 - 2013-07-19 15:17 - 00000000 _____ C:\Users\Luanne\agent.log
2013-07-19 15:16 - 2013-07-21 17:48 - 00000380 _____ C:\Users\Luanne\AppData\Roaming\sp_data.sys
2013-07-19 15:16 - 2013-07-20 16:14 - 00000000 ____D C:\Users\Luanne
2013-07-19 15:16 - 2013-07-20 15:32 - 00000000 ____D C:\Users\Luanne\AppData\Local\VirtualStore
2013-07-19 15:16 - 2013-07-19 15:16 - 00000020 ___SH C:\Users\Luanne\ntuser.ini
2013-07-19 15:16 - 2013-07-19 15:16 - 00000000 _SHDL C:\Users\Luanne\Modelos
2013-07-19 15:16 - 2013-07-19 15:16 - 00000000 _SHDL C:\Users\Luanne\Meus documentos
2013-07-19 15:16 - 2013-07-19 15:16 - 00000000 _SHDL C:\Users\Luanne\Menu Iniciar
2013-07-19 15:16 - 2013-07-19 15:16 - 00000000 _SHDL C:\Users\Luanne\Documents\Minhas músicas
2013-07-19 15:16 - 2013-07-19 15:16 - 00000000 _SHDL C:\Users\Luanne\Documents\Minhas imagens
2013-07-19 15:16 - 2013-07-19 15:16 - 00000000 _SHDL C:\Users\Luanne\Documents\Meus vídeos
2013-07-19 15:16 - 2013-07-19 15:16 - 00000000 _SHDL C:\Users\Luanne\Dados de aplicativos
2013-07-19 15:16 - 2013-07-19 15:16 - 00000000 _SHDL C:\Users\Luanne\Configurações locais
2013-07-19 15:16 - 2013-07-19 15:16 - 00000000 _SHDL C:\Users\Luanne\AppData\Roaming\Microsoft\Windows\Start Menu\Programas
2013-07-19 15:16 - 2013-07-19 15:16 - 00000000 _SHDL C:\Users\Luanne\AppData\Local\Histórico
2013-07-19 15:16 - 2013-07-19 15:16 - 00000000 _SHDL C:\Users\Luanne\AppData\Local\Dados de aplicativos
2013-07-19 15:16 - 2013-07-19 15:16 - 00000000 _SHDL C:\Users\Luanne\Ambiente de rede
2013-07-19 15:16 - 2013-07-19 15:16 - 00000000 _SHDL C:\Users\Luanne\Ambiente de impressão
2013-07-19 15:16 - 2013-07-19 15:16 - 00000000 ____D C:\Users\Luanne\AppData\Local\ASUS
2013-07-19 15:16 - 2012-06-02 19:19 - 02428952 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2013-07-19 15:16 - 2012-06-02 19:19 - 00701976 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2013-07-19 15:16 - 2012-06-02 19:19 - 00057880 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2013-07-19 15:16 - 2012-06-02 19:19 - 00044056 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2013-07-19 15:16 - 2012-06-02 19:19 - 00038424 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2013-07-19 15:16 - 2012-06-02 19:15 - 02622464 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2013-07-19 15:16 - 2012-06-02 19:15 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2013-07-19 15:16 - 2012-06-02 15:19 - 00186752 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2013-07-19 15:16 - 2012-06-02 15:15 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2013-07-19 15:16 - 2009-07-14 01:54 - 00000000 ___RD C:\Users\Luanne\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2013-07-19 15:16 - 2009-07-14 01:49 - 00000000 ___RD C:\Users\Luanne\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
 
==================== One Month Modified Files and Folders =======
 
2013-07-21 18:49 - 2013-07-21 18:49 - 00024046 _____ C:\Users\Luanne\Desktop\Addition.txt
2013-07-21 18:48 - 2013-07-21 18:48 - 00000000 ____D C:\FRST
2013-07-21 18:47 - 2013-07-21 18:47 - 01779363 _____ (Farbar) C:\Users\Luanne\Desktop\FRST64.exe
2013-07-21 18:47 - 2013-07-21 18:25 - 00000000 ____D C:\Users\Luanne\Desktop\RK_Quarantine
2013-07-21 18:39 - 2012-03-09 16:29 - 00001082 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-07-21 18:27 - 2013-07-21 18:27 - 00003328 _____ C:\Users\Luanne\Desktop\RKreport[0]_S_07212013_182756.txt
2013-07-21 18:26 - 2012-08-28 16:55 - 01831587 _____ C:\Windows\WindowsUpdate.log
2013-07-21 18:24 - 2013-07-21 18:24 - 03778560 _____ C:\Users\Luanne\Desktop\RogueKillerX64.exe
2013-07-21 18:22 - 2009-07-14 01:45 - 00009696 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-07-21 18:22 - 2009-07-14 01:45 - 00009696 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-07-21 18:00 - 2013-07-19 15:17 - 00000000 ___RD C:\Users\Luanne\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-07-21 17:58 - 2013-07-21 17:58 - 00051988 _____ C:\Users\Luanne\Desktop\MbrScan.log
2013-07-21 17:58 - 2013-07-21 17:58 - 00000512 _____ C:\Users\Luanne\Desktop\Dump_Hdd0_DR0.old
2013-07-21 17:58 - 2013-07-21 17:58 - 00000512 _____ C:\Users\Luanne\Desktop\Dump_Hdd0_DR0.mbr
2013-07-21 17:48 - 2013-07-19 15:16 - 00000380 _____ C:\Users\Luanne\AppData\Roaming\sp_data.sys
2013-07-21 17:47 - 2012-08-28 17:00 - 00000828 _____ C:\Windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job
2013-07-21 17:47 - 2012-03-09 16:29 - 00001078 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-07-21 17:47 - 2009-07-14 02:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-07-21 17:47 - 2009-07-14 01:51 - 00050339 _____ C:\Windows\setupact.log
2013-07-21 17:43 - 2013-07-21 17:43 - 00357077 _____ (Farbar) C:\Users\Luanne\Desktop\FSS.exe
2013-07-21 17:43 - 2013-07-21 17:43 - 00147456 _____ (Eric_71) C:\Users\Luanne\Desktop\MbrScan.exe
2013-07-21 17:43 - 2013-07-19 16:20 - 00000000 ____D C:\Users\Luanne\AppData\Roaming\SoftGrid Client
2013-07-21 17:39 - 2013-07-21 17:38 - 00000000 ____D C:\Users\Luanne\Desktop\HijackThis
2013-07-21 14:54 - 2012-08-28 17:00 - 00000830 _____ C:\Windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job
2013-07-21 14:42 - 2013-07-20 17:34 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2013-07-21 14:27 - 2013-07-19 15:17 - 00058016 _____ C:\Users\Luanne\AppData\Local\GDIPFONTCACHEV1.DAT
2013-07-21 14:18 - 2013-07-21 14:12 - 222370072 _____ (Kaspersky Lab ZAO) C:\Users\Luanne\Downloads\pure13.0.2.558aEN_4384.exe
2013-07-21 13:46 - 2011-02-18 23:42 - 00386770 _____ C:\Windows\system32\prfh0804.dat
2013-07-21 13:46 - 2011-02-18 23:42 - 00122886 _____ C:\Windows\system32\prfc0804.dat
2013-07-21 13:46 - 2011-02-18 23:36 - 00403872 _____ C:\Windows\system32\prfh0404.dat
2013-07-21 13:46 - 2011-02-18 23:36 - 00117972 _____ C:\Windows\system32\prfc0404.dat
2013-07-21 13:46 - 2011-02-18 23:27 - 00746964 _____ C:\Windows\system32\perfh00A.dat
2013-07-21 13:46 - 2011-02-18 23:27 - 00161156 _____ C:\Windows\system32\perfc00A.dat
2013-07-21 13:46 - 2011-02-18 23:16 - 00658418 _____ C:\Windows\system32\perfh01F.dat
2013-07-21 13:46 - 2011-02-18 23:16 - 00142710 _____ C:\Windows\system32\perfc01F.dat
2013-07-21 13:46 - 2011-02-18 23:12 - 00747120 _____ C:\Windows\system32\perfh00C.dat
2013-07-21 13:46 - 2011-02-18 23:12 - 00480882 _____ C:\Windows\system32\perfh001.dat
2013-07-21 13:46 - 2011-02-18 23:12 - 00152124 _____ C:\Windows\system32\perfc00C.dat
2013-07-21 13:46 - 2011-02-18 23:12 - 00097622 _____ C:\Windows\system32\perfc001.dat
2013-07-21 13:46 - 2011-02-18 23:06 - 00715444 _____ C:\Windows\system32\prfh0416.dat
2013-07-21 13:46 - 2011-02-18 23:06 - 00150312 _____ C:\Windows\system32\prfc0416.dat
2013-07-21 13:46 - 2009-07-14 02:13 - 05874520 _____ C:\Windows\system32\PerfStringBackup.INI
2013-07-21 13:42 - 2013-07-19 15:17 - 00000000 ___RD C:\Users\Luanne\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2013-07-21 13:41 - 2013-07-19 15:18 - 00001391 _____ C:\Users\Luanne\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-07-21 13:41 - 2012-08-28 17:03 - 00001920 _____ C:\Windows\system32\AutoRunFilter.ini
2013-07-21 13:39 - 2009-07-14 01:45 - 00267752 _____ C:\Windows\system32\FNTCACHE.DAT
2013-07-21 13:35 - 2011-02-18 23:16 - 00000000 ____D C:\Windows\system32\Drivers\tr-TR
2013-07-21 13:35 - 2011-02-18 23:11 - 00000000 ____D C:\Windows\system32\Drivers\ar-SA
2013-07-21 13:35 - 2009-07-14 02:32 - 00000000 ____D C:\Program Files\Windows Defender
2013-07-21 13:35 - 2009-07-14 02:32 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2013-07-21 13:35 - 2009-07-14 00:20 - 00000000 ____D C:\Windows\SysWOW64\zh-HK
2013-07-21 13:35 - 2009-07-14 00:20 - 00000000 ____D C:\Windows\SysWOW64\tr-TR
2013-07-21 13:35 - 2009-07-14 00:20 - 00000000 ____D C:\Windows\SysWOW64\th-TH
2013-07-21 13:35 - 2009-07-14 00:20 - 00000000 ____D C:\Windows\SysWOW64\ar-SA
2013-07-21 13:35 - 2009-07-14 00:20 - 00000000 ____D C:\Windows\system32\zh-HK
2013-07-21 13:35 - 2009-07-14 00:20 - 00000000 ____D C:\Windows\system32\tr-TR
2013-07-21 13:35 - 2009-07-14 00:20 - 00000000 ____D C:\Windows\system32\th-TH
2013-07-21 13:35 - 2009-07-14 00:20 - 00000000 ____D C:\Windows\system32\ar-SA
2013-07-21 13:35 - 2009-07-14 00:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2013-07-21 13:35 - 2009-07-14 00:20 - 00000000 ____D C:\Program Files\Common Files\System
2013-07-21 13:31 - 2013-07-20 17:33 - 00000000 ____D C:\Users\Luanne\Desktop\Virus Removal Tool
2013-07-21 13:31 - 2012-03-09 15:57 - 00085006 _____ C:\Windows\PFRO.log
2013-07-21 04:53 - 2012-03-09 16:28 - 05767484 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2013-07-21 04:07 - 2013-07-21 03:35 - 00021059 _____ C:\Windows\IE10_main.log
2013-07-21 03:44 - 2013-07-21 03:44 - 19238912 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-07-21 03:44 - 2013-07-21 03:44 - 15404032 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-07-21 03:44 - 2013-07-21 03:44 - 14329856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-07-21 03:44 - 2013-07-21 03:44 - 13760512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-07-21 03:44 - 2013-07-21 03:44 - 03958784 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-07-21 03:44 - 2013-07-21 03:44 - 02877440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-07-21 03:44 - 2013-07-21 03:44 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-07-21 03:44 - 2013-07-21 03:44 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-07-21 03:44 - 2013-07-21 03:44 - 02648576 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-07-21 03:44 - 2013-07-21 03:44 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-07-21 03:44 - 2013-07-21 03:44 - 02046976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-07-21 03:44 - 2013-07-21 03:44 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-07-21 03:44 - 2013-07-21 03:44 - 01509376 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-07-21 03:44 - 2013-07-21 03:44 - 01441280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2013-07-21 03:44 - 2013-07-21 03:44 - 01400416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2013-07-21 03:44 - 2013-07-21 03:44 - 01400416 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2013-07-21 03:44 - 2013-07-21 03:44 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-07-21 03:44 - 2013-07-21 03:44 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-07-21 03:44 - 2013-07-21 03:44 - 01054720 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2013-07-21 03:44 - 2013-07-21 03:44 - 00905728 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2013-07-21 03:44 - 2013-07-21 03:44 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-07-21 03:44 - 2013-07-21 03:44 - 00762368 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2013-07-21 03:44 - 2013-07-21 03:44 - 00719360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2013-07-21 03:44 - 2013-07-21 03:44 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-07-21 03:44 - 2013-07-21 03:44 - 00629248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2013-07-21 03:44 - 2013-07-21 03:44 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-07-21 03:44 - 2013-07-21 03:44 - 00599552 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2013-07-21 03:44 - 2013-07-21 03:44 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-07-21 03:44 - 2013-07-21 03:44 - 00523264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll

CONTINUAÇÃO

2013-07-21 03:44 - 2013-07-21 03:44 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-07-21 03:44 - 2013-07-21 03:44 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2013-07-21 03:44 - 2013-07-21 03:44 - 00441856 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2013-07-21 03:44 - 2013-07-21 03:44 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-07-21 03:44 - 2013-07-21 03:44 - 00361984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2013-07-21 03:44 - 2013-07-21 03:44 - 00357888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2013-07-21 03:44 - 2013-07-21 03:44 - 00281600 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2013-07-21 03:44 - 2013-07-21 03:44 - 00270848 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2013-07-21 03:44 - 2013-07-21 03:44 - 00247296 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2013-07-21 03:44 - 2013-07-21 03:44 - 00242200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2013-07-21 03:44 - 2013-07-21 03:44 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2013-07-21 03:44 - 2013-07-21 03:44 - 00232960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2013-07-21 03:44 - 2013-07-21 03:44 - 00226816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2013-07-21 03:44 - 2013-07-21 03:44 - 00226304 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2013-07-21 03:44 - 2013-07-21 03:44 - 00216064 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2013-07-21 03:44 - 2013-07-21 03:44 - 00204800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2013-07-21 03:44 - 2013-07-21 03:44 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2013-07-21 03:44 - 2013-07-21 03:44 - 00185344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2013-07-21 03:44 - 2013-07-21 03:44 - 00173568 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-07-21 03:44 - 2013-07-21 03:44 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2013-07-21 03:44 - 2013-07-21 03:44 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2013-07-21 03:44 - 2013-07-21 03:44 - 00158720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2013-07-21 03:44 - 2013-07-21 03:44 - 00150528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2013-07-21 03:44 - 2013-07-21 03:44 - 00149504 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2013-07-21 03:44 - 2013-07-21 03:44 - 00144896 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2013-07-21 03:44 - 2013-07-21 03:44 - 00138752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2013-07-21 03:44 - 2013-07-21 03:44 - 00137216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2013-07-21 03:44 - 2013-07-21 03:44 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-07-21 03:44 - 2013-07-21 03:44 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2013-07-21 03:44 - 2013-07-21 03:44 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2013-07-21 03:44 - 2013-07-21 03:44 - 00125440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2013-07-21 03:44 - 2013-07-21 03:44 - 00117248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2013-07-21 03:44 - 2013-07-21 03:44 - 00110592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2013-07-21 03:44 - 2013-07-21 03:44 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-07-21 03:44 - 2013-07-21 03:44 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2013-07-21 03:44 - 2013-07-21 03:44 - 00097280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-07-21 03:44 - 2013-07-21 03:44 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2013-07-21 03:44 - 2013-07-21 03:44 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-07-21 03:44 - 2013-07-21 03:44 - 00082432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2013-07-21 03:44 - 2013-07-21 03:44 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2013-07-21 03:44 - 2013-07-21 03:44 - 00079872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2013-07-21 03:44 - 2013-07-21 03:44 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2013-07-21 03:44 - 2013-07-21 03:44 - 00073728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2013-07-21 03:44 - 2013-07-21 03:44 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-07-21 03:44 - 2013-07-21 03:44 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2013-07-21 03:44 - 2013-07-21 03:44 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-07-21 03:44 - 2013-07-21 03:44 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2013-07-21 03:44 - 2013-07-21 03:44 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2013-07-21 03:44 - 2013-07-21 03:44 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-07-21 03:44 - 2013-07-21 03:44 - 00057344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2013-07-21 03:44 - 2013-07-21 03:44 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-07-21 03:44 - 2013-07-21 03:44 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2013-07-21 03:44 - 2013-07-21 03:44 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-07-21 03:44 - 2013-07-21 03:44 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2013-07-21 03:44 - 2013-07-21 03:44 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2013-07-21 03:44 - 2013-07-21 03:44 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2013-07-21 03:44 - 2013-07-21 03:44 - 00041984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2013-07-21 03:44 - 2013-07-21 03:44 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-07-21 03:44 - 2013-07-21 03:44 - 00039424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-07-21 03:44 - 2013-07-21 03:44 - 00038400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2013-07-21 03:44 - 2013-07-21 03:44 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-07-21 03:44 - 2013-07-21 03:44 - 00027648 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2013-07-21 03:44 - 2013-07-21 03:44 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2013-07-21 03:44 - 2013-07-21 03:44 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2013-07-21 03:44 - 2013-07-21 03:44 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2013-07-21 03:44 - 2013-07-21 03:44 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2013-07-21 03:44 - 2013-07-21 03:44 - 00011776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2013-07-21 03:38 - 2013-07-21 03:38 - 03928064 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2013-07-21 03:38 - 2013-07-21 03:38 - 03419136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2013-07-21 03:38 - 2013-07-21 03:38 - 02776576 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2013-07-21 03:38 - 2013-07-21 03:38 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2013-07-21 03:38 - 2013-07-21 03:38 - 02284544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2013-07-21 03:38 - 2013-07-21 03:38 - 01988096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2013-07-21 03:38 - 2013-07-21 03:38 - 01682432 _____ (Microsoft Corporation) C:\Windows\system32\XpsPrint.dll
2013-07-21 03:38 - 2013-07-21 03:38 - 01643520 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2013-07-21 03:38 - 2013-07-21 03:38 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2013-07-21 03:38 - 2013-07-21 03:38 - 01247744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2013-07-21 03:38 - 2013-07-21 03:38 - 01238528 _____ (Microsoft Corporation) C:\Windows\system32\d3d10.dll
2013-07-21 03:38 - 2013-07-21 03:38 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2013-07-21 03:38 - 2013-07-21 03:38 - 01175552 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2013-07-21 03:38 - 2013-07-21 03:38 - 01158144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsPrint.dll
2013-07-21 03:38 - 2013-07-21 03:38 - 01080832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10.dll
2013-07-21 03:38 - 2013-07-21 03:38 - 00648192 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll
2013-07-21 03:38 - 2013-07-21 03:38 - 00604160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10level9.dll
2013-07-21 03:38 - 2013-07-21 03:38 - 00522752 _____ (Microsoft Corporation) C:\Windows\system32\XpsGdiConverter.dll
2013-07-21 03:38 - 2013-07-21 03:38 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2013-07-21 03:38 - 2013-07-21 03:38 - 00417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2013-07-21 03:38 - 2013-07-21 03:38 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsGdiConverter.dll
2013-07-21 03:38 - 2013-07-21 03:38 - 00363008 _____ (Microsoft Corporation) C:\Windows\system32\dxgi.dll
2013-07-21 03:38 - 2013-07-21 03:38 - 00333312 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1core.dll
2013-07-21 03:38 - 2013-07-21 03:38 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\d3d10core.dll
2013-07-21 03:38 - 2013-07-21 03:38 - 00293376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxgi.dll
2013-07-21 03:38 - 2013-07-21 03:38 - 00249856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1core.dll
2013-07-21 03:38 - 2013-07-21 03:38 - 00245248 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecsExt.dll
2013-07-21 03:38 - 2013-07-21 03:38 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\UIAnimation.dll
2013-07-21 03:38 - 2013-07-21 03:38 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10core.dll
2013-07-21 03:38 - 2013-07-21 03:38 - 00207872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecsExt.dll
2013-07-21 03:38 - 2013-07-21 03:38 - 00194560 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1.dll
2013-07-21 03:38 - 2013-07-21 03:38 - 00187392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIAnimation.dll
2013-07-21 03:38 - 2013-07-21 03:38 - 00161792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1.dll
2013-07-21 03:38 - 2013-07-21 03:38 - 00010752 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-07-21 03:38 - 2013-07-21 03:38 - 00010752 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-07-21 03:38 - 2013-07-21 03:38 - 00009728 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-07-21 03:38 - 2013-07-21 03:38 - 00009728 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-07-21 03:38 - 2013-07-21 03:38 - 00005632 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-07-21 03:38 - 2013-07-21 03:38 - 00005632 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-07-21 03:38 - 2013-07-21 03:38 - 00005632 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-07-21 03:38 - 2013-07-21 03:38 - 00005632 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-07-21 03:38 - 2013-07-21 03:38 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-user32-l1-1-0.dll
2013-07-21 03:38 - 2013-07-21 03:38 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2013-07-21 03:38 - 2013-07-21 03:38 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-07-21 03:38 - 2013-07-21 03:38 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-07-21 03:38 - 2013-07-21 03:38 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-version-l1-1-0.dll
2013-07-21 03:38 - 2013-07-21 03:38 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-07-21 03:38 - 2013-07-21 03:38 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2013-07-21 03:38 - 2013-07-21 03:38 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-07-21 03:38 - 2013-07-21 03:38 - 00002560 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-07-21 03:38 - 2013-07-21 03:38 - 00002560 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-07-21 03:24 - 2013-07-19 16:19 - 00000000 ____D C:\Program Files (x86)\Microsoft Application Virtualization Client
2013-07-21 02:58 - 2013-07-21 02:58 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2013-07-21 02:58 - 2013-07-21 02:58 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2013-07-21 02:50 - 2013-07-21 02:50 - 00000227 _____ C:\Users\Luanne\Documents\oi.txt
2013-07-20 17:31 - 2013-07-20 17:26 - 178934656 _____ (                                                            ) C:\Users\Luanne\Downloads\setup_9.0.0.722_20.07.2013_23-26.exe
2013-07-20 16:35 - 2013-07-20 16:14 - 00000000 ____D C:\Users\Luanne\Doctor Web
2013-07-20 16:14 - 2013-07-19 15:16 - 00000000 ____D C:\Users\Luanne
2013-07-20 16:01 - 2013-07-20 15:57 - 125347656 _____ C:\Users\Luanne\Downloads\Golden.cmd.exe
2013-07-20 15:32 - 2013-07-19 15:16 - 00000000 ____D C:\Users\Luanne\AppData\Local\VirtualStore
2013-07-20 15:27 - 2013-07-20 12:06 - 00000312 _____ C:\Users\Luanne\Downloads\FixDwndp.log
2013-07-20 15:27 - 2013-07-20 10:58 - 00000000 ____D C:\Users\Luanne\AppData\Roaming\WinRAR
2013-07-20 15:21 - 2013-07-20 11:59 - 02348928 _____ () C:\Users\Luanne\Downloads\D.exe
2013-07-20 15:20 - 2013-07-20 15:20 - 00659320 _____ C:\Users\Luanne\Downloads\symantec-w32downadup-removal-tool-1105-32-bits.exe
2013-07-20 15:16 - 2013-07-20 11:40 - 00000000 ____D C:\32788R22FWJFW
2013-07-20 11:05 - 2013-07-20 11:05 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\Luanne\Downloads\mbam-setup-1.75.0.1300.exe
2013-07-20 10:59 - 2013-07-20 10:59 - 03321289 _____ C:\Users\Luanne\Downloads\winrar-x64-420br.exe
2013-07-20 10:59 - 2013-07-20 10:59 - 00000000 ____D C:\Users\Luanne\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2013-07-20 10:59 - 2013-07-20 10:59 - 00000000 ____D C:\Program Files\WinRAR
2013-07-20 10:39 - 2012-08-28 17:00 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2013-07-20 04:11 - 2013-07-20 04:11 - 00000000 ____D C:\Program Files (x86)\Microsoft WSE
2013-07-20 04:10 - 2012-03-09 16:31 - 00000396 _____ C:\Windows\DirectX.log
2013-07-20 03:58 - 2013-07-20 03:58 - 00000000 _____ C:\Windows\DCEBOOT.LOG
2013-07-20 03:56 - 2013-07-20 03:56 - 00234544 _____ C:\Windows\RegBootClean64.exe
2013-07-20 03:56 - 2013-07-20 03:54 - 00022064 _____ C:\Windows\DCEBoot64.exe
2013-07-20 03:56 - 2013-07-20 00:27 - 00000000 ____D C:\Users\Luanne\AppData\Roaming\uTorrent
2013-07-20 03:38 - 2013-07-20 00:57 - 00000000 ____D C:\Users\Luanne\Documents\EA Games
2013-07-20 02:50 - 2013-07-20 02:50 - 00000000 ____D C:\Users\Luanne\Downloads\The Sims 2 - Cópia
2013-07-20 02:29 - 2013-07-20 02:07 - 00000000 ____D C:\ProgramData\VirtualizedApplications
2013-07-20 02:08 - 2013-07-20 00:54 - 00000000 ____D C:\Program Files (x86)\EA GAMES
2013-07-20 02:03 - 2013-07-20 01:00 - 00000000 ____D C:\Users\Luanne\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2013-07-20 02:02 - 2013-07-20 02:02 - 00000000 __RHD C:\MSOCache
2013-07-20 01:47 - 2013-07-20 01:47 - 00002272 _____ C:\Users\Public\Desktop\The Sims™ 2 Bon Voyage.lnk
2013-07-20 01:04 - 2013-07-20 01:04 - 00002986 _____ C:\Windows\System32\Tasks\{4893D719-5EB5-44D8-B21C-A0350756957A}
2013-07-20 01:04 - 2013-07-20 01:04 - 00002986 _____ C:\Windows\System32\Tasks\{0CBB80D8-0E39-4691-B063-EBA5DCF049CF}
2013-07-20 01:00 - 2013-07-20 01:00 - 00000000 ____D C:\Users\Public\Documents\EA Games
2013-07-20 00:58 - 2013-07-20 00:46 - 00000000 ____D C:\Users\Luanne\Documents\Sims 2
2013-07-20 00:49 - 2013-07-20 00:24 - 00000000 ____D C:\Users\Luanne\AppData\Roaming\DAEMON Tools Lite
2013-07-20 00:49 - 2013-07-20 00:24 - 00000000 ____D C:\ProgramData\DAEMON Tools Lite
2013-07-20 00:28 - 2013-07-20 00:28 - 00000000 ____D C:\Program Files (x86)\uTorrent
2013-07-20 00:24 - 2013-07-20 00:24 - 00283200 _____ (DT Soft Ltd) C:\Windows\system32\Drivers\dtsoftbus01.sys
2013-07-20 00:24 - 2013-07-20 00:24 - 00000000 ____D C:\Program Files (x86)\DAEMON Tools Lite
2013-07-20 00:23 - 2013-07-20 00:24 - 13901152 _____ (Disc Soft Ltd) C:\Users\Luanne\Downloads\DTLite4471-0333.exe
2013-07-19 23:57 - 2012-08-28 17:03 - 00001290 _____ C:\Windows\system32\ServiceFilter.ini
2013-07-19 19:13 - 2009-07-14 00:20 - 00000000 ____D C:\Windows\rescache
2013-07-19 18:19 - 2012-03-09 16:29 - 00000000 ____D C:\ProgramData\Adobe
2013-07-19 17:45 - 2013-07-19 17:45 - 00000000 ____D C:\Users\Luanne\AppData\Local\Adobe
2013-07-19 17:45 - 2013-07-19 15:55 - 00000000 ____D C:\Users\Luanne\Downloads\Tela
2013-07-19 17:45 - 2013-07-19 15:21 - 00000000 ____D C:\Users\Luanne\AppData\Roaming\Adobe
2013-07-19 17:41 - 2013-07-19 17:30 - 00000000 ____D C:\Users\Public\Documents\Stardock
2013-07-19 17:32 - 2013-07-19 17:32 - 00000000 ____D C:\Users\Luanne\AppData\Local\Stardock
2013-07-19 17:30 - 2013-07-19 17:30 - 00000000 ____D C:\Program Files (x86)\Stardock
2013-07-19 16:20 - 2013-07-19 16:20 - 00000000 ____D C:\Users\Luanne\AppData\Local\SoftGrid Client
2013-07-19 16:20 - 2013-07-19 16:19 - 00000000 ____D C:\Users\Luanne\AppData\Roaming\TP
2013-07-19 16:19 - 2013-07-19 16:19 - 00000000 ____D C:\Windows\System32\Tasks\OfficeSoftwareProtectionPlatform
2013-07-19 16:19 - 2013-07-19 16:19 - 00000000 ____D C:\Program Files\Microsoft Office
2013-07-19 16:19 - 2012-03-09 16:20 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2013-07-19 16:19 - 2009-07-14 00:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared
2013-07-19 16:18 - 2013-07-19 16:18 - 00000000 ____D C:\Users\Luanne\Desktop\funcionario
2013-07-19 16:17 - 2013-07-19 16:17 - 00000000 ____D C:\Users\Luanne\Desktop\colecaoset
2013-07-19 16:17 - 2013-07-19 16:17 - 00000000 ____D C:\Users\Luanne\Desktop\arvore nome
2013-07-19 16:16 - 2013-07-19 16:16 - 00000000 ____D C:\Users\Luanne\Desktop\arvorelista
2013-07-19 16:16 - 2013-07-19 16:16 - 00000000 ____D C:\Users\Luanne\Desktop\arvore binaria
2013-07-19 16:10 - 2013-07-19 16:03 - 00000000 ____D C:\Users\Luanne\AppData\Local\HP
2013-07-19 16:07 - 2013-07-19 16:07 - 00000000 ____D C:\Program Files (x86)\Hewlett-Packard
2013-07-19 16:06 - 2013-07-19 16:06 - 00003620 _____ C:\Windows\System32\Tasks\HPCustParticipation HP Deskjet 4610 series
2013-07-19 16:06 - 2013-07-19 16:06 - 00000000 ____D C:\Users\Luanne\AppData\Roaming\HpUpdate
2013-07-19 16:06 - 2013-07-19 16:05 - 00000000 ____D C:\Program Files (x86)\HP
2013-07-19 16:06 - 2012-03-09 16:41 - 00000000 ____D C:\Program Files (x86)\ASUS
2013-07-19 16:05 - 2013-07-19 16:05 - 00000000 __SHD C:\Users\Luanne\AppData\Roaming\09b
2013-07-19 16:05 - 2013-07-19 16:05 - 00000000 __SHD C:\089
2013-07-19 16:05 - 2013-07-19 16:05 - 00000000 ____D C:\ProgramData\HP
2013-07-19 16:04 - 2013-07-19 16:04 - 00000057 _____ C:\ProgramData\Ament.ini
2013-07-19 16:04 - 2013-07-19 16:04 - 00000000 ____D C:\Program Files\HP
2013-07-19 15:52 - 2013-07-19 15:52 - 00000000 ____D C:\Program Files (x86)\winaero.com
2013-07-19 15:52 - 2013-07-19 15:52 - 00000000 ____D C:\Program Files (x86)\Personalization Panel
2013-07-19 15:48 - 2013-07-19 15:48 - 00000000 ____D C:\Users\Luanne\AppData\Local\Power2Go
2013-07-19 15:48 - 2009-07-14 02:09 - 00000000 ____D C:\Windows\System32\Tasks\WPD
2013-07-19 15:42 - 2013-07-19 15:42 - 00000000 ____D C:\Users\Luanne\AppData\Roaming\ASUS WebStorage
2013-07-19 15:38 - 2012-03-09 16:52 - 00000000 ____D C:\ProgramData\Trend Micro
2013-07-19 15:34 - 2012-03-09 16:29 - 00004078 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2013-07-19 15:34 - 2012-03-09 16:29 - 00003826 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2013-07-19 15:23 - 2013-07-19 15:22 - 00000000 ____D C:\Users\Luanne\AppData\Local\Google
2013-07-19 15:21 - 2013-07-19 15:21 - 00000000 ____D C:\Users\Luanne\AppData\Roaming\Macromedia
2013-07-19 15:19 - 2013-07-19 15:19 - 00000000 ____D C:\Users\Luanne\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Trend Micro Titanium Internet Security 2012
2013-07-19 15:17 - 2013-07-19 15:17 - 00000196 _____ C:\Windows\FixPatch.log
2013-07-19 15:17 - 2013-07-19 15:17 - 00000000 __RSD C:\Users\Public\Desktop\ASUS
2013-07-19 15:17 - 2013-07-19 15:17 - 00000000 ____D C:\ProgramData\FolderView
2013-07-19 15:17 - 2013-07-19 15:17 - 00000000 _____ C:\Users\Luanne\agent.log
2013-07-19 15:17 - 2012-03-09 16:50 - 00000000 ____D C:\ProgramData\ChangeFolderView
2013-07-19 15:17 - 2012-03-09 16:29 - 03008174 _____ C:\Windows\AsDebug.log
2013-07-19 15:17 - 2012-03-09 16:19 - 00003088 _____ C:\Windows\PQArecord.log
2013-07-19 15:17 - 2011-02-18 15:51 - 00348646 _____ C:\Windows\AsCDProc.log
2013-07-19 15:17 - 2009-07-29 01:17 - 00000000 ____D C:\Windows\Log
2013-07-19 15:16 - 2013-07-19 15:16 - 00000020 ___SH C:\Users\Luanne\ntuser.ini
2013-07-19 15:16 - 2013-07-19 15:16 - 00000000 _SHDL C:\Users\Luanne\Modelos
2013-07-19 15:16 - 2013-07-19 15:16 - 00000000 _SHDL C:\Users\Luanne\Meus documentos
2013-07-19 15:16 - 2013-07-19 15:16 - 00000000 _SHDL C:\Users\Luanne\Menu Iniciar
2013-07-19 15:16 - 2013-07-19 15:16 - 00000000 _SHDL C:\Users\Luanne\Documents\Minhas músicas
2013-07-19 15:16 - 2013-07-19 15:16 - 00000000 _SHDL C:\Users\Luanne\Documents\Minhas imagens
2013-07-19 15:16 - 2013-07-19 15:16 - 00000000 _SHDL C:\Users\Luanne\Documents\Meus vídeos
2013-07-19 15:16 - 2013-07-19 15:16 - 00000000 _SHDL C:\Users\Luanne\Dados de aplicativos
2013-07-19 15:16 - 2013-07-19 15:16 - 00000000 _SHDL C:\Users\Luanne\Configurações locais
2013-07-19 15:16 - 2013-07-19 15:16 - 00000000 _SHDL C:\Users\Luanne\AppData\Roaming\Microsoft\Windows\Start Menu\Programas
2013-07-19 15:16 - 2013-07-19 15:16 - 00000000 _SHDL C:\Users\Luanne\AppData\Local\Histórico
2013-07-19 15:16 - 2013-07-19 15:16 - 00000000 _SHDL C:\Users\Luanne\AppData\Local\Dados de aplicativos
2013-07-19 15:16 - 2013-07-19 15:16 - 00000000 _SHDL C:\Users\Luanne\Ambiente de rede
2013-07-19 15:16 - 2013-07-19 15:16 - 00000000 _SHDL C:\Users\Luanne\Ambiente de impressão
2013-07-19 15:16 - 2013-07-19 15:16 - 00000000 ____D C:\Users\Luanne\AppData\Local\ASUS
2013-07-19 15:16 - 2012-08-28 17:03 - 00000080 _____ C:\Windows\system32\Defrag.ini
2013-07-19 15:16 - 2012-03-09 16:52 - 00000286 __RSH C:\ProgramData\ntuser.pol
2013-07-19 15:15 - 2009-07-14 02:32 - 00000000 ____D C:\Windows\system32\restore
2013-06-24 00:41 - 2013-07-21 04:30 - 78185248 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
 
Files to move or delete:
====================
C:\ProgramData\FullRemove.exe
 
==================== Bamital & volsnap Check =================
 
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
 
 
LastRegBack: 2009-07-29 01:10
 
==================== End Of Log ============================

ADDITION 

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 21-07-2013
Ran by Luanne at 2013-07-21 18:56:59
Running from C:\Users\Luanne\Desktop
Boot Mode: Normal
==========================================================
 
 
==================== Installed Programs =======================
 
   
µTorrent (x32 Version: 3.2.0)
Adobe Flash Player 10 ActiveX (x32 Version: 10.1.85.3)
Adobe Flash Player 10 Plugin (x32 Version: 10.0.32.18)
Adobe Reader X (10.1.7) MUI (x32 Version: 10.1.7)
ASUS AI Recovery (x32 Version: 1.0.24)
ASUS FaceLogon (x32 Version: 1.0.0014)
ASUS Instant Connect (x32 Version: 1.2.2)
ASUS K45_K75_K95_Screensaver (x32 Version: 1.0.0001)
ASUS LifeFrame3 (x32 Version: 3.1.1)
ASUS Power4Gear Hybrid (Version: 1.2.1)
ASUS Splendid Video Enhancement Technology (x32 Version: 1.02.0041)
ASUS USB Charger Plus (x32 Version: 2.0.9)
ASUS Virtual Camera (x32 Version: 1.0.25)
ASUS Virtual Touch (x32 Version: 1.0.11)
ASUS WebStorage (x32 Version: 3.0.108.222)
ASUSDVD (x32 Version: 10.0.3622.52)
AsusVibe2.0 (x32 Version: 2.0.9.157)
ATK Package (x32 Version: 1.0.0016)
Bing Bar (x32 Version: 7.1.391.0)
Bubbletown (x32)
Control ActiveX de Windows Live Mesh para conexiones remotas (x32 Version: 15.4.5722.2)
Controle ActiveX do Windows Live Mesh para Conexões Remotas (x32 Version: 15.4.5722.2)
Contrôle ActiveX Windows Live Mesh pour connexions à distance (x32 Version: 15.4.5722.2)
CursorFX (x32 Version: 2.13)
CyberLink LabelPrint (x32 Version: 2.5.3624)
CyberLink Media Suite (x32 Version: 8.0.2926)
CyberLink Power2Go (x32 Version: 7.0.0.1126)
D3DX10 (x32 Version: 15.4.2368.0902)
DAEMON Tools Lite (x32 Version: 4.47.1.0333)
Deadtime Stories (x32)
Dream Day First Home (x32)
Dream Vacation Solitaire (x32)
Farm Frenzy 3 - Madagascar (x32)
Fast Boot (Version: 1.0.10)
Galapago (x32)
Galería fotográfica de Windows Live (x32 Version: 15.4.3502.0922)
Galerie de photos Windows Live (x32 Version: 15.4.3502.0922)
Game Park Console (x32 Version: 1.2.4.431)
Go Go Gourmet Chef of the Year (x32)
Google Chrome (x32 Version: 28.0.1500.72)
Google Update Helper (x32 Version: 1.3.21.153)
HP Deskjet 4610 series Ajuda (x32 Version: 6.0.0)
HP Deskjet 4610 series Estudo de aprimoramento de produtos (Version: 28.0.1313.0)
HP Deskjet 4610 series Software básico do dispositivo (Version: 28.0.1313.0)
HP Update (x32 Version: 5.003.003.001)
I.R.I.S. OCR (x32 Version: 12.3.4.0)
InstantOn for NB (x32 Version: 2.3.1)
Intel® Manageability Engine Firmware Recovery Agent (x32 Version: 1.0.0.35342)
Intel® Management Engine Components (x32 Version: 8.0.3.1427)
Intel® OpenCL CPU Runtime (x32)
Intel® Processor Graphics (x32 Version: 8.15.10.2669)
Intel® USB 3.0 eXtensible Host Controller Driver (x32 Version: 1.0.4.220)
Intel® Trusted Connect Service Client (Version: 1.23.605.1)
Junk Mail filter update (x32 Version: 15.4.3502.0922)
Mahjong Memoirs (x32)
Mesh Runtime (x32 Version: 15.4.5722.2)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Office 2010 (x32 Version: 14.0.4763.1000)
Microsoft Office com Clique para Executar 2010 (Version: 14.0.4763.1000)
Microsoft Office com Clique para Executar 2010 (x32 Version: 14.0.4763.1000)
Microsoft Office Starter 2010 - Português (Brasil) (x32 Version: 14.0.4763.1000)
Microsoft Silverlight (Version: 5.1.20513.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (x32 Version: 3.1.0000)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219)
Microsoft WSE 3.0 Runtime (x32 Version: 3.0.5305.0)
MSVCRT (x32 Version: 15.4.2862.0708)
MSVCRT_amd64 (x32 Version: 15.4.2862.0708)
myBitCast 1.0.0.3 (Version: 1.0.0.3)
Personalization Panel (x32 Version: 2.5)
Personalization Panel DWM Controller  (x32 Version: 2.5)
Plants vs Zombies (x32)
Qualcomm Atheros WiFi Driver Installation (x32 Version: 9.2)
Realtek Ethernet Controller Driver (x32 Version: 7.49.927.2011)
Realtek High Definition Audio Driver (x32 Version: 6.0.1.6537)
Realtek USB 2.0 Card Reader (x32 Version: 6.1.7601.30130)
SceneSwitch (x32 Version: 1.0.12)
The Sims 2 (x32)
The Sims 2: Vida Noturna (x32)
The Sims™ 2 Bichos de Estimação (x32)
The Sims™ 2 Bon Voyage (x32)
The Sims™ 2 Quatro Estações (x32)
Trend Micro Titanium (Version: 5.00)
Trend Micro Titanium Internet Security 2012 (Version: 5.4)
Turbo Fiesta (x32)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (x32 Version: 1)
UxStyle Core Beta (Version: 0.2.1.1)
Uzak Bağlantılar İçin Windows Live Mesh ActiveX Denetimi (x32 Version: 15.4.5722.2)
Ware PS/2-X64 10.5.9.0 (Version: 10.5.9.0)
Windows Live Communications Platform (x32 Version: 15.4.3502.0922)
Windows Live Essentials (x32 Version: 15.4.3502.0922)
Windows Live Family Safety (Version: 15.4.3538.0513)
Windows Live Fotoğraf Galerisi (x32 Version: 15.4.3502.0922)
Windows Live Galeria de Fotos (x32 Version: 15.4.3502.0922)
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0)
Windows Live Installer (x32 Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3538.0513)
Windows Live Mail (x32 Version: 15.4.3502.0922)
Windows Live Mesh (x32 Version: 15.4.3502.0922)
Windows Live Mesh ActiveX Control for Remote Connections (x32 Version: 15.4.5722.2)
Windows Live Messenger (x32 Version: 15.4.3538.0513)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (x32 Version: 15.4.3502.0922)
Windows Live Photo Common (x32 Version: 15.4.3502.0922)
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922)
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109)
Windows Live Remote Client (Version: 15.4.5722.2)
Windows Live Remote Client Resources (Version: 15.4.5722.2)
Windows Live Remote Service (Version: 15.4.5722.2)
Windows Live Remote Service Resources (Version: 15.4.5722.2)
Windows Live SOXE (x32 Version: 15.4.3502.0922)
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922)
Windows Live Temel Parçalar (x32 Version: 15.4.3502.0922)
Windows Live UX Platform (x32 Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109)
Windows Live Writer (x32 Version: 15.4.3502.0922)
Windows Live Writer Resources (x32 Version: 15.4.3502.0922)
Windows Live 影像中心 (x32 Version: 15.4.3502.0922)
Windows Live 照片库 (x32 Version: 15.4.3502.0922)
Windows Live 程式集 (x32 Version: 15.4.3502.0922)
Windows Live 程式集 (x32 Version: 15.4.3538.0513)
Windows Live 软件包 (x32 Version: 15.4.3502.0922)
WinFlash (x32 Version: 2.41.0)
WinRAR 4.20 (64-bit) (Version: 4.20.0)
Wireless Console 3 (x32 Version: 3.0.27)
World of Goo (x32)
بريد Windows Live (x32 Version: 15.4.3502.0922)
عنصر تحكم ActiveX الخاص بـ Windows Live Mesh للاتصالات البعيدة (x32 Version: 15.4.5722.2)
معرض صور Windows Live (x32 Version: 15.4.3502.0922)
ตัวควบคุม ActiveX ใน Windows Live Mesh สำหรับการเชื่อมต่อระยะไกล (ไทย) (x32 Version: 15.4.5722.2)
用于远程连接的 Windows Live Mesh ActiveX 控件(简体中文) (x32 Version: 15.4.5722.2)
適用遠端連線的 Windows Live Mesh ActiveX 控制項 (x32 Version: 15.4.5722.2)
 
==================== Restore Points  =========================
 
21-07-2013 17:40:47 antivirus
 
==================== Hosts content: ==========================
 
2009-07-13 23:34 - 2009-06-10 18:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
 
==================== Scheduled Tasks (whitelisted) =============
 
Task: {08BF7B96-4C3F-49EE-8E4A-E0059B9549FC} - System32\Tasks\{4893D719-5EB5-44D8-B21C-A0350756957A} => C:\Program Files (x86)\EA GAMES\The Sims 2\TSBin\Sims2.exe [2005-01-20] (Maxis, a division of Electronic Arts Inc.)
Task: {1A4727EE-C5BE-4217-BDA8-8755A8D4CBC1} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-03-09] (Google Inc.)
Task: {20EC1BE2-1400-4C8B-84F0-8BA00C88E9DE} - System32\Tasks\HPCustParticipation HP Deskjet 4610 series => C:\Program Files\HP\HP Deskjet 4610 series\Bin\HPCustPartic.exe [2012-10-02] (Hewlett-Packard Co.)
Task: {2239A9F9-70F8-46D0-901C-68D77F8FBDE7} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task
Task: {22769208-09B3-443E-9866-4B7D1E361F89} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon => C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\Bootstrap.exe [2011-11-25] (Intel Corporation)
Task: {2345C071-8324-4934-AFC9-7C3B3847B001} - System32\Tasks\ASUS Quick Gesture (x64) => C:\Program Files (x86)\ASUS\ASUS Virtual Touch\QuickGesture\x64\QuickGesture64.exe [2012-04-11] (ASUSTeK Computer Inc.)
Task: {32A4DB9E-1B09-405D-B240-0B12FDB952DC} - System32\Tasks\ASUS Quick Gesture => C:\Program Files (x86)\ASUS\ASUS Virtual Touch\QuickGesture\x86\QuickGesture.exe [2012-04-11] (ASUSTeK Computer Inc.)
Task: {919F07BA-3AFC-4889-BBC9-8F0D9555B706} - System32\Tasks\ASUS P4G => C:\Program Files\ASUS\P4G\BatteryLife.exe [2012-02-15] (ASUS)
Task: {9E6B67EE-8824-4B73-97E3-7ECB6BB96A91} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-03-09] (Google Inc.)
Task: {A895E698-0254-4076-AC33-C9A78CED41DF} - System32\Tasks\ATKOSD2 => C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [2012-02-16] (ASUSTek Computer Inc.)
Task: {C6BCA1BD-9483-472C-BEB4-8F4238ACA8B1} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d => C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\Bootstrap.exe [2011-11-25] (Intel Corporation)
Task: {CF5323AD-40FA-4973-B81C-E72BB45FB340} - System32\Tasks\ASUS USB Charger Plus => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [2012-02-29] (ASUSTek Computer Inc.)
Task: {D9FBCCCE-39F1-4CD3-AADD-69F5CD48E7B2} - System32\Tasks\ASUS SmartLogon Console Sensor => C:\Program Files (x86)\ASUS\FaceLogon\sensorsrv.exe [2012-02-16] (ASUSTek Computer Inc.)
Task: {E0E3922C-FD7D-4BF8-89FF-39EBA466CA1D} - System32\Tasks\{0CBB80D8-0E39-4691-B063-EBA5DCF049CF} => C:\Program Files (x86)\EA GAMES\The Sims 2\TSBin\Sims2.exe [2005-01-20] (Maxis, a division of Electronic Arts Inc.)
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job => C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\Bootstrap.exe
Task: C:\Windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job => C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\Bootstrap.exe
 
==================== Faulty Device Manager Devices =============
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (07/21/2013 01:40:35 PM) (Source: .NET Runtime Optimization Service) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_32) - Failed to execute command from the offline queue: uninstall "System.Web, Version=2.0.0.0, Culture=Neutral, PublicKeyToken=b03f5f7f11d50a3a, processorArchitecture=x86" /NoDependencies .  The error returned was Error: The specified assembly is not installed.
.
 
Error: (07/21/2013 01:40:34 PM) (Source: .NET Runtime Optimization Service) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_32) - Failed to execute command from the offline queue: uninstall "System.DirectoryServices, Version=2.0.0.0, Culture=Neutral, PublicKeyToken=b03f5f7f11d50a3a, processorArchitecture=msil" /NoDependencies .  The error returned was Error: The specified assembly is not installed.
.
 
Error: (07/21/2013 01:40:34 PM) (Source: .NET Runtime Optimization Service) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_32) - Failed to execute command from the offline queue: uninstall "System.DirectoryServices.Protocols, Version=2.0.0.0, Culture=Neutral, PublicKeyToken=b03f5f7f11d50a3a, processorArchitecture=msil" /NoDependencies .  The error returned was Error: The specified assembly is not installed.
.
 
Error: (07/21/2013 01:40:34 PM) (Source: .NET Runtime Optimization Service) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_32) - Failed to execute command from the offline queue: uninstall "System.Security, Version=2.0.0.0, Culture=Neutral, PublicKeyToken=b03f5f7f11d50a3a, processorArchitecture=msil" /NoDependencies .  The error returned was Error: The specified assembly is not installed.
.
 
Error: (07/21/2013 01:40:34 PM) (Source: .NET Runtime Optimization Service) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_32) - Failed to execute command from the offline queue: uninstall "System.Configuration, Version=2.0.0.0, Culture=Neutral, PublicKeyToken=b03f5f7f11d50a3a, processorArchitecture=msil" /NoDependencies .  The error returned was Error: The specified assembly is not installed.
.
 
Error: (07/21/2013 04:21:02 AM) (Source: MsiInstaller) (User: AUTORIDADE NT)
Description: Product: Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 -- Error 1935.An error occurred during the installation of assembly 'Microsoft.VC90.ATL,version="9.0.30729.6161",publicKeyToken="1fc8b3b9a1e18e3b",processorArchitecture="amd64",type="win32"'. Please refer to Help and Support for more information. HRESULT: 0x80070BC9. assembly interface: IAssemblyCacheItem, function: Commit, component: {74C57B6B-FF6E-3825-BED2-78E14E3E0E3C}
 
Error: (07/20/2013 04:31:31 AM) (Source: Application Hang) (User: )
Description: O programa TS3.exe versão 0.0.0.11195 parou de interagir com o Windows e foi fechado. Para ver se há mais informações disponíveis sobre o problema, verifique o histórico de problemas no painel de controle da Central de Ações.
 
ID de Processo: 2fc
 
Hora de Início: 01ce851a461ff625
 
Hora de Término: 16
 
Caminho do Aplicativo: C:\Program Files (x86)\Electronic Arts\The Sims 3\Game\Bin\TS3.exe
 
Id do Relatório:
 
Error: (07/20/2013 04:24:59 AM) (Source: Application Hang) (User: )
Description: O programa TS3.exe versão 0.0.0.11195 parou de interagir com o Windows e foi fechado. Para ver se há mais informações disponíveis sobre o problema, verifique o histórico de problemas no painel de controle da Central de Ações.
 
ID de Processo: 670
 
Hora de Início: 01ce8518c4637332
 
Hora de Término: 44
 
Caminho do Aplicativo: C:\Program Files (x86)\Electronic Arts\The Sims 3\Game\Bin\TS3.exe
 
Id do Relatório:
 
Error: (07/20/2013 03:37:06 AM) (Source: Application Error) (User: )
Description: Nome de aplicativo com falha: ETDCtrl.exe, versão: 10.0.0.13, carimbo de hora: 0x4f3b4b12
Nome do módulo de falhas: KERNELBASE.dll, versão: 6.1.7601.17651, carimbo de hora: 0x4e21213c
Código de exceção: 0xc00000fd
Deslocamento com falha: 0x0000000000013fbd
Identificação do processo com falha: 0xe24
Hora de início do aplicativo com falha: 0xETDCtrl.exe0
Caminho do aplicativo com falha: ETDCtrl.exe1
FCaminho do módulo de falhas: ETDCtrl.exe2
Identificação do Relatório: ETDCtrl.exe3
 
Error: (07/20/2013 03:31:13 AM) (Source: Application Error) (User: )
Description: Nome de aplicativo com falha: Explorer.EXE, versão: 6.1.7601.17567, carimbo de hora: 0x4d672ee4
Nome do módulo de falhas: KERNELBASE.dll, versão: 6.1.7601.17651, carimbo de hora: 0x4e21213c
Código de exceção: 0xc00000fd
Deslocamento com falha: 0x0000000000013fbd
Identificação do processo com falha: 0x%9
Hora de início do aplicativo com falha: 0xExplorer.EXE0
Caminho do aplicativo com falha: Explorer.EXE1
FCaminho do módulo de falhas: Explorer.EXE2
Identificação do Relatório: Explorer.EXE3
 
 
System errors:
=============
Error: (07/21/2013 06:25:09 PM) (Source: Service Control Manager) (User: )
Description: O serviço Unsigned Themes foi encerrado inesperadamente.  Isso aconteceu 1 vez(es).
 
Error: (07/21/2013 05:48:24 PM) (Source: DCOM) (User: )
Description: {995C996E-D918-4A8C-A302-45719A6F4EA7}
 
Error: (07/21/2013 01:44:28 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: AUTORIDADE NT)
Description: Falha na Instalação: o Windows não pôde instalar a seguinte atualização com o erro 0x80242016: Atualização de segurança cumulativa do Internet Explorer 9 para Windows 7 para sistemas baseados em x64 (KB2846071).
 
Error: (07/21/2013 01:36:24 PM) (Source: Service Control Manager) (User: )
Description: O serviço Spooler de Impressão foi finalizado inesperadamente. Isto aconteceu 2 vez(es). A seguinte ação corretiva será tomada em 60000 milissegundos: Reiniciar o serviço.
 
Error: (07/21/2013 01:33:22 PM) (Source: Service Control Manager) (User: )
Description: O serviço Spooler de Impressão foi finalizado inesperadamente. Isto aconteceu 1 vez(es). A seguinte ação corretiva será tomada em 60000 milissegundos: Reiniciar o serviço.
 
Error: (07/21/2013 04:28:25 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: AUTORIDADE NT)
Description: Falha na Instalação: o Windows não pôde instalar a seguinte atualização com o erro 0x80070643: Atualização de segurança para o Pacote Redistribuível do Microsoft Visual C++ 2008 Service Pack 1 (KB2538243).
 
Error: (07/20/2013 01:43:36 PM) (Source: NetBT) (User: )
Description: O nome "LUANNE-PC      :0" não pôde ser registrado na interface com o endereço IP 192.168.0.7.
O computador de endereço IP 192.168.0.5 não permitiu que o nome fosse reivindicado por
este computador.
 
Error: (07/20/2013 01:43:36 PM) (Source: NetBT) (User: )
Description: O nome "LUANNE-PC      :20" não pôde ser registrado na interface com o endereço IP 192.168.0.7.
O computador de endereço IP 192.168.0.5 não permitiu que o nome fosse reivindicado por
este computador.
 
Error: (07/20/2013 01:43:36 PM) (Source: Server) (User: )
Description: O servidor não pôde ligar-se com o transporte \Device\NetBT_Tcpip_{792F94DA-001B-4185-BA88-3DA737B6FED2} porque outro computador na rede tem o mesmo nome. Não foi possível iniciar o servidor.
 
Error: (07/20/2013 01:43:10 PM) (Source: NetBT) (User: )
Description: O nome "LUANNE-PC      :0" não pôde ser registrado na interface com o endereço IP 192.168.0.7.
O computador de endereço IP 192.168.0.5 não permitiu que o nome fosse reivindicado por
este computador.
 
 
Microsoft Office Sessions:
=========================
Error: (07/21/2013 01:40:35 PM) (Source: .NET Runtime Optimization Service)(User: )
Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_32) - Failed to execute command from the offline queue: uninstall "System.Web, Version=2.0.0.0, Culture=Neutral, PublicKeyToken=b03f5f7f11d50a3a, processorArchitecture=x86" /NoDependencies .  The error returned was Error: The specified assembly is not installed.
.
 
Error: (07/21/2013 01:40:34 PM) (Source: .NET Runtime Optimization Service)(User: )
Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_32) - Failed to execute command from the offline queue: uninstall "System.DirectoryServices, Version=2.0.0.0, Culture=Neutral, PublicKeyToken=b03f5f7f11d50a3a, processorArchitecture=msil" /NoDependencies .  The error returned was Error: The specified assembly is not installed.
.
 
Error: (07/21/2013 01:40:34 PM) (Source: .NET Runtime Optimization Service)(User: )
Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_32) - Failed to execute command from the offline queue: uninstall "System.DirectoryServices.Protocols, Version=2.0.0.0, Culture=Neutral, PublicKeyToken=b03f5f7f11d50a3a, processorArchitecture=msil" /NoDependencies .  The error returned was Error: The specified assembly is not installed.
.
 
Error: (07/21/2013 01:40:34 PM) (Source: .NET Runtime Optimization Service)(User: )
Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_32) - Failed to execute command from the offline queue: uninstall "System.Security, Version=2.0.0.0, Culture=Neutral, PublicKeyToken=b03f5f7f11d50a3a, processorArchitecture=msil" /NoDependencies .  The error returned was Error: The specified assembly is not installed.
.
 
Error: (07/21/2013 01:40:34 PM) (Source: .NET Runtime Optimization Service)(User: )
Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_32) - Failed to execute command from the offline queue: uninstall "System.Configuration, Version=2.0.0.0, Culture=Neutral, PublicKeyToken=b03f5f7f11d50a3a, processorArchitecture=msil" /NoDependencies .  The error returned was Error: The specified assembly is not installed.
.
 
Error: (07/21/2013 04:21:02 AM) (Source: MsiInstaller)(User: AUTORIDADE NT)
Description: Product: Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 -- Error 1935.An error occurred during the installation of assembly 'Microsoft.VC90.ATL,version="9.0.30729.6161",publicKeyToken="1fc8b3b9a1e18e3b",processorArchitecture="amd64",type="win32"'. Please refer to Help and Support for more information. HRESULT: 0x80070BC9. assembly interface: IAssemblyCacheItem, function: Commit, component: {74C57B6B-FF6E-3825-BED2-78E14E3E0E3C}(NULL)(NULL)(NULL)(NULL)(NULL)
 
Error: (07/20/2013 04:31:31 AM) (Source: Application Hang)(User: )
Description: TS3.exe0.0.0.111952fc01ce851a461ff62516C:\Program Files (x86)\Electronic Arts\The Sims 3\Game\Bin\TS3.exe
 
Error: (07/20/2013 04:24:59 AM) (Source: Application Hang)(User: )
Description: TS3.exe0.0.0.1119567001ce8518c463733244C:\Program Files (x86)\Electronic Arts\The Sims 3\Game\Bin\TS3.exe
 
Error: (07/20/2013 03:37:06 AM) (Source: Application Error)(User: )
Description: ETDCtrl.exe10.0.0.134f3b4b12KERNELBASE.dll6.1.7601.176514e21213cc00000fd0000000000013fbde2401ce84f4e47c43f5C:\Program Files\Elantech\ETDCtrl.exeC:\Windows\system32\KERNELBASE.dllcafba3b4-f106-11e2-bd40-dc0ea1c5db44
 
Error: (07/20/2013 03:31:13 AM) (Source: Application Error)(User: )
Description: Explorer.EXE6.1.7601.175674d672ee4KERNELBASE.dll6.1.7601.176514e21213cc00000fd0000000000013fbd
 
 
==================== Memory info =========================== 
 
Percentage of memory in use: 33%
Total physical RAM: 6030.29 MB
Available physical RAM: 4030.26 MB
Total Pagefile: 12058.76 MB
Available Pagefile: 9620.59 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB
 
==================== Drives ================================
 
Drive c: (OS) (Fixed) (Total:400.55 GB) (Free:345.11 GB) NTFS (Disk=0 Partition=3) ==>[System with boot components (obtained from reading drive)]
Drive d: (DATA) (Fixed) (Total:505.64 GB) (Free:505.54 GB) NTFS (Disk=0 Partition=4)
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (Size: 932 GB) (Disk ID: 512A64E5)
 
Partition: GPT Partition Type
==================== End Of Log ============================


#10
CarlosTurco

CarlosTurco

    Assistente

  • Assistente
  • 24.760 posts

Boa noite.

 

1)

 

Selecione e copie o texto dentro do CODE. Abra o Bloco de notas e cole o que copiou. Salve então no desktop com o nome de fixlist.txt
 

start
HKCU\...\Run: [1fa0] - C:\Users\Luanne\AppData\Roaming\09b\1fa0.js [46925 2013-07-21] ()
MountPoints2: {4c6be91a-f0a3-11e2-975b-dc0ea1c5db44} - F:\LaunchU3.exe -a
ShortcutTarget: Fox.cmd.lnk -> C:\Users\Luanne\Desktop\Virus Removal Tool\Fox.cmd\startup.exe ()
Startup: C:\Users\Luanne\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\42e2.js ()
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://brasil-pesquisa.pw/r.asp#
HKCU\[...]\Internet Settings : ProxyEnable (0)
SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&form=ASUTDF&pc=NP06&src=IE-SearchBox
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&form=ASUTDF&pc=NP06&src=IE-SearchBox
SearchScopes: HKLM-x32 - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&form=ASUTDF&pc=NP06&src=IE-SearchBox
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&form=ASUTDF&pc=NP06&src=IE-SearchBox
SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO-x32: LyricXeeker - {DF89BC70-AC87-4A31-ACD5-7417E2CF1209} - C:\Program Files (x86)\LyriXeeker\116.dll No File
2013-07-19 16:05 - 2013-07-19 16:05 - 00000000 __SHD C:\Users\Luanne\AppData\Roaming\09b
2013-07-19 16:05 - 2013-07-19 16:05 - 00000000 __SHD C:\089
C:\ProgramData\FullRemove.exe
end

 
Execute o FRST64 Clique no botão Fix.

Aguarde e ao final, o log Fixlog.txt será salvo no seu desktop.
 
Selecione, copie e cole o conteúdo deste log em sua próxima resposta.

 

2)

 

Baixe o AdwCleaner e salve no desktop.
http://general-chang...de/2-adwcleaner

 

Execute o arquivo adwcleaner.exe

*** Usuários do Windows Vista ou Windows 7 clique com o direito sobre o arquivo adwcleaner.exe, depois clique em execadmin.png.

Clique em Remover.

Abrirá um bloco de notas com o resultado. Selecione, copie e cole o seu conteúdo na próxima resposta.

3)

 

Conecte todos os dispositivos de armazenamento removível nas portas USBs.

 

Desative temporariamente seu antivirus, antispywares e firewall, para não causar conflitos.

Faça o download do ComboFix
http://www.bleepingc...nload/combofix/

Salve-o na sua área de trabalho.

  • Feche todas as janelas e programas. Rode o ComboFix.
  • Dê um duplo-clique no combofix.exe e tecle "Sim" para prosseguir.
  • Quando perguntado se deseja instalar o Console de Recuperação, clique em Sim e agüarde.
  • Clique em OK para aceitar o EULA, e depois clique em Sim para continuar a busca por malwares.

Não clique em nada e não aperte nenhuma tecla durante o exame, pois a ferramenta não funcionará corretamente.

Quando a ferramenta terminar de rodar, gerará um log. Poste o conteúdo do arquivo C:\ComboFix.txt na sua próxima resposta.

Importante:

  • É necessário estar conectado durante o procedimento com o ComboFix;
  • É preciso estar logado no sistema com privilégios de administrador.
  • Baixe e SALVE o ComboFix. Na janela de download, onde aparecem as opções Executar / Salvar, clique em Salvar. Não execute o ComboFix na janela do seu navegador.
  • Mantenha seu antivirus, antispywares e firewall desativados durante os procedimentos com o ComboFix. Torne a ativá-los quando terminar tudo.
  • Caso você já tenha usado o Combofix anteriormente, então delete-o e baixe-o novamente.
  • Caso o Console de Recuperação já esteja instalado nesta máquina, o ComboFix não irá lhe sugerir a instalação.
  • Não rode o ComboFix mais do que uma vez. Isso irá sobreescrever o log e atrasará a remoção do(s) malware(s)
  • O ComboFix é uma ferramenta que pode danificar o sistema se for usada incorretamente. Use-o apenas sob supervisão de um analista de malwares.


#11
Luanne

Luanne

    Novato

  • Novato
  • Pip
  • 12 posts

1- start

HKCU\...\Run: [1fa0] - C:\Users\Luanne\AppData\Roaming\09b\1fa0.js [46925 2013-07-21] ()
MountPoints2: {4c6be91a-f0a3-11e2-975b-dc0ea1c5db44} - F:\LaunchU3.exe -a
ShortcutTarget: Fox.cmd.lnk -> C:\Users\Luanne\Desktop\Virus Removal Tool\Fox.cmd\startup.exe ()
Startup: C:\Users\Luanne\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\42e2.js ()
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://brasil-pesquisa.pw/r.asp#
HKCU\[...]\Internet Settings : ProxyEnable (0)
SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&form=ASUTDF&pc=NP06&src=IE-SearchBox
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&form=ASUTDF&pc=NP06&src=IE-SearchBox
SearchScopes: HKLM-x32 - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&form=ASUTDF&pc=NP06&src=IE-SearchBox
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&form=ASUTDF&pc=NP06&src=IE-SearchBox
SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO-x32: LyricXeeker - {DF89BC70-AC87-4A31-ACD5-7417E2CF1209} - C:\Program Files (x86)\LyriXeeker\116.dll No File
2013-07-19 16:05 - 2013-07-19 16:05 - 00000000 __SHD C:\Users\Luanne\AppData\Roaming\09b
2013-07-19 16:05 - 2013-07-19 16:05 - 00000000 __SHD C:\089
C:\ProgramData\FullRemove.exe
end

 

 

O numero 2 e 3 .. abre mais fecha em seguida .. não consigo clicar em nda. =/



#12
Luanne

Luanne

    Novato

  • Novato
  • Pip
  • 12 posts

Querido .. liguei o note hoje .. e consegui fazer tudo que não conseguia antes .. rodei o symantecw32 e não achou nenhum virus .. 

 

Antes não conseguia entrar no registro e estou conseguindo

não conseguia ativar o modo de segurança e estou conseguindo

não conseguia instalar alguns programas e estou conseguindo

não conseguia fazer atualizações do proprio windows e estou conseguindo ..

 

não sei oq eu fiz .. srsrs

mas acho q já esta tudo normal ..

 

aqui no meu registro CURRENTE_USER tem na pasta USER dentro do CURRENTVERSION 

 

nome: 1fa0 que esta dentro da pas APPDATA/ROAMING/09B/1FA0.JS



#13
CarlosTurco

CarlosTurco

    Assistente

  • Assistente
  • 24.760 posts

Luanne,

 

Seu computador ainda está infectado.

 

Você não seguiu corretamente a instrução do FRST (primeiro procedimento). Repita novamente.

 

http://www.linhadefe...do/#entry828948



#14
Luanne

Luanne

    Novato

  • Novato
  • Pip
  • 12 posts

serio? mesmo eu podendo fazer isso tudo? 

 

o q eu entendi que era pra copiar esse codigo que você colocou .. por no bloco de notas e abrir no programa

 

O log o você pediu 

 

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 21-07-2013
Ran by Luanne at 2013-07-23 00:12:22 Run:2
Running from C:\Users\Luanne\Desktop
Boot Mode: Normal
==============================================
 
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\1fa0 => Value not found.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{4c6be91a-f0a3-11e2-975b-dc0ea1c5db44} => Key not found.
HKCR\CLSID\{4c6be91a-f0a3-11e2-975b-dc0ea1c5db44} => Key not found.
C:\Users\Luanne\Desktop\Virus Removal Tool\Fox.cmd\startup.exe => Moved successfully.
C:\Users\Luanne\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\42e2.js not found.
HKCU\Software\Microsoft\Internet Explorer\Main\\Start Page => Value deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => Key not found.
HKCR\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => Key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => Key not found.
HKCR\Wow6432Node\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DF89BC70-AC87-4A31-ACD5-7417E2CF1209} => Key not found.
HKCR\Wow6432Node\CLSID\{DF89BC70-AC87-4A31-ACD5-7417E2CF1209} => Key not found.
C:\Users\Luanne\AppData\Roaming\09b => Moved successfully.
C:\089 => Moved successfully.
"C:\ProgramData\FullRemove.exe" => File/Directory not found.
 
==== End of Fixlog ====

Conteúdo do PASSO 2 

 

# AdwCleaner v2.306 - Relatório criado em 23/07/2013 às 00:14:56
# Atualizado em 19/07/2013 por Xplode
# Sistema Operacional : Windows 7 Home Basic Service Pack 1 (64 bits)
# Usuário : Luanne - LUANNE-PC
# Modo de Boot : Normal
# Executado de : C:\Users\Luanne\Desktop\adwcleaner.exe
# Opção [Remover]
 
 
***** [Serviços] *****
 
 
***** [Arquivos/Pastas] *****
 
 
***** [Registro] *****
 
Chave Removida : HKCU\Software\InstallCore
Chave Removida : HKLM\Software\Classes\Installer\Features\90C64EA18BA25EE488BF80DCF07F2FFD
Chave Removida : HKLM\Software\Classes\Installer\Products\90C64EA18BA25EE488BF80DCF07F2FFD
Chave Removida : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{1AE46C09-2AB8-4EE5-88FB-08CD0FF7F2DF}
 
***** [Navegadores] *****
 
-\\ Internet Explorer v10.0.9200.16635
 
[OK] Registro está limpo.
 
-\\ Google Chrome v28.0.1500.72
 
Arquivo : C:\Users\Luanne\AppData\Local\Google\Chrome\User Data\Default\Preferences
 
[OK] Arquivo está limpo.
 
*************************
 
AdwCleaner[S1].txt - [1037 octets] - [23/07/2013 00:14:56]
 
########## EOF - C:\AdwCleaner[S1].txt - [1097 octets] ##########

Vou esperar você responder pra rodar o ComboFix.



#15
CarlosTurco

CarlosTurco

    Assistente

  • Assistente
  • 24.760 posts

 

Vou esperar você responder pra rodar o ComboFix.

 

Ok,

 

Pode prosseguir. :D



#16
Luanne

Luanne

    Novato

  • Novato
  • Pip
  • 12 posts

Combo Fix 

 

omboFix 13-07-23.01 - Luanne 23/07/2013  21:17:18.1.4 - x64
Microsoft Windows 7 Home Basic   6.1.7601.1.1252.55.1046.18.6030.4603 [GMT -3:00]
Executando de: c:\users\Luanne\Downloads\ComboFix.exe
AV: Trend Micro Titanium Internet Security 2012 *Disabled/Updated* {B7599298-8445-728A-A5C7-A26A082C8BDA}
SP: Trend Micro Titanium Internet Security 2012 *Disabled/Updated* {0C38737C-A27F-7D04-9F77-991873ABC167}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((   Arquivos/Ficheiros criados de 2013-06-24 to 2013-07-24  ))))))))))))))))))))))))))))
.
.
2013-07-24 00:25 . 2013-07-24 00:25 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-07-23 04:19 . 2013-07-23 04:19 -------- d-----w- c:\programdata\Baidu Security
2013-07-23 04:18 . 2013-07-23 04:18 -------- d-----w- c:\programdata\Baidu
2013-07-23 04:10 . 2013-07-23 04:18 -------- d-----w- c:\program files (x86)\Baidu Security
2013-07-22 19:39 . 2013-07-22 19:39 -------- d-----w- c:\program files\CCleaner
2013-07-22 18:52 . 2013-07-22 18:52 -------- d-----w- c:\programdata\Malwarebytes
2013-07-22 18:52 . 2013-07-22 18:52 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2013-07-22 18:52 . 2013-04-04 17:50 25928 ----a-w- c:\windows\system32\drivers\mbam.sys
2013-07-22 16:53 . 2013-07-22 16:58 -------- d-----w- c:\windows\system32\MRT
2013-07-21 21:48 . 2013-07-21 21:48 -------- d-----w- C:\FRST
2013-07-21 16:53 . 2013-04-17 07:02 1230336 ----a-w- c:\windows\SysWow64\WindowsCodecs.dll
2013-07-21 16:53 . 2013-04-17 06:24 1424384 ----a-w- c:\windows\system32\WindowsCodecs.dll
2013-07-21 16:53 . 2013-04-09 23:34 1247744 ----a-w- c:\windows\SysWow64\DWrite.dll
2013-07-21 16:53 . 2013-04-02 22:51 1643520 ----a-w- c:\windows\system32\DWrite.dll
2013-07-21 07:09 . 2012-07-26 05:05 2560 ----a-w- c:\windows\system32\drivers\es-ES\wdf01000.sys.mui
2013-07-21 07:09 . 2012-07-26 07:56 2560 ----a-w- c:\windows\system32\drivers\pt-BR\wdf01000.sys.mui
2013-07-21 07:09 . 2012-07-26 07:48 2560 ----a-w- c:\windows\system32\drivers\ar-SA\wdf01000.sys.mui
2013-07-21 07:09 . 2012-07-26 05:39 2560 ----a-w- c:\windows\system32\drivers\tr-TR\wdf01000.sys.mui
2013-07-21 07:09 . 2012-07-26 05:18 2560 ----a-w- c:\windows\system32\drivers\zh-TW\wdf01000.sys.mui
2013-07-21 07:09 . 2012-07-26 05:04 2560 ----a-w- c:\windows\system32\drivers\fr-FR\wdf01000.sys.mui
2013-07-21 07:09 . 2012-07-26 04:47 2560 ----a-w- c:\windows\system32\drivers\en-US\wdf01000.sys.mui
2013-07-21 07:09 . 2012-07-26 07:37 2560 ----a-w- c:\windows\system32\drivers\zh-CN\wdf01000.sys.mui
2013-07-21 07:09 . 2012-07-26 04:55 785512 ----a-w- c:\windows\system32\drivers\Wdf01000.sys
2013-07-21 07:09 . 2012-07-26 04:55 54376 ----a-w- c:\windows\system32\drivers\WdfLdr.sys
2013-07-21 07:09 . 2012-07-26 02:36 9728 ----a-w- c:\windows\system32\Wdfres.dll
2013-07-21 06:38 . 2013-07-21 06:38 9728 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-07-21 06:15 . 2012-12-16 17:11 46080 ----a-w- c:\windows\system32\atmlib.dll
2013-07-21 06:15 . 2012-12-16 14:13 34304 ----a-w- c:\windows\SysWow64\atmlib.dll
2013-07-21 06:15 . 2012-12-16 14:45 367616 ----a-w- c:\windows\system32\atmfd.dll
2013-07-21 06:15 . 2012-12-16 14:13 295424 ----a-w- c:\windows\SysWow64\atmfd.dll
2013-07-21 06:13 . 2012-07-26 02:26 87040 ----a-w- c:\windows\system32\drivers\WUDFPf.sys
2013-07-21 06:13 . 2012-07-26 02:26 198656 ----a-w- c:\windows\system32\drivers\WUDFRd.sys
2013-07-21 06:13 . 2012-07-26 03:08 84992 ----a-w- c:\windows\system32\WUDFSvc.dll
2013-07-21 06:13 . 2012-07-26 03:08 194048 ----a-w- c:\windows\system32\WUDFPlatform.dll
2013-07-21 06:13 . 2012-07-26 03:08 229888 ----a-w- c:\windows\system32\WUDFHost.exe
2013-07-21 06:13 . 2012-07-26 03:08 744448 ----a-w- c:\windows\system32\WUDFx.dll
2013-07-21 06:13 . 2012-07-26 03:08 45056 ----a-w- c:\windows\system32\WUDFCoinstaller.dll
2013-07-21 05:59 . 2012-03-01 06:46 23408 ----a-w- c:\windows\system32\drivers\fs_rec.sys
2013-07-21 05:59 . 2012-03-01 06:33 81408 ----a-w- c:\windows\system32\imagehlp.dll
2013-07-21 05:59 . 2012-03-01 05:33 159232 ----a-w- c:\windows\SysWow64\imagehlp.dll
2013-07-21 05:59 . 2012-03-01 06:28 5120 ----a-w- c:\windows\system32\wmi.dll
2013-07-21 05:59 . 2012-03-01 05:29 5120 ----a-w- c:\windows\SysWow64\wmi.dll
2013-07-21 05:58 . 2013-07-21 05:58 -------- d-----w- c:\program files\Microsoft Silverlight
2013-07-21 05:58 . 2013-07-21 05:58 -------- d-----w- c:\program files (x86)\Microsoft Silverlight
2013-07-20 20:34 . 2013-07-22 16:44 -------- d-----w- c:\programdata\Kaspersky Lab
2013-07-20 20:33 . 2009-10-22 16:54 40464 ----a-w- c:\windows\system32\drivers\30338392.sys
2013-07-20 20:33 . 2009-10-10 02:30 352784 ----a-w- c:\windows\system32\drivers\3033839.sys
2013-07-20 20:33 . 2009-09-25 20:59 157712 ----a-w- c:\windows\system32\drivers\30338391.sys
2013-07-20 13:59 . 2013-07-20 13:59 -------- d-----w- c:\program files\WinRAR
2013-07-20 07:11 . 2013-07-20 07:11 -------- d-----w- c:\program files (x86)\Microsoft WSE
2013-07-20 07:10 . 2006-09-28 19:05 3977496 ----a-w- c:\windows\system32\d3dx9_31.dll
2013-07-20 07:10 . 2006-09-28 19:05 2414360 ----a-w- c:\windows\SysWow64\d3dx9_31.dll
2013-07-20 06:56 . 2013-07-20 06:56 234544 ----a-w- c:\windows\RegBootClean64.exe
2013-07-20 06:56 . 2013-04-10 06:01 265064 ----a-w- c:\windows\system32\drivers\dxgmms1.sys
2013-07-20 06:56 . 2013-04-10 06:01 983400 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys
2013-07-20 06:56 . 2011-02-03 11:25 144384 ----a-w- c:\windows\system32\cdd.dll
2013-07-20 06:56 . 2011-10-01 05:45 886784 ----a-w- c:\program files\Common Files\System\wab32.dll
2013-07-20 06:56 . 2011-10-01 04:37 708608 ----a-w- c:\program files (x86)\Common Files\System\wab32.dll
2013-07-20 06:56 . 2012-10-09 18:17 55296 ----a-w- c:\windows\system32\dhcpcsvc6.dll
2013-07-20 06:56 . 2012-10-09 18:17 226816 ----a-w- c:\windows\system32\dhcpcore6.dll
2013-07-20 06:56 . 2012-10-09 17:40 44032 ----a-w- c:\windows\SysWow64\dhcpcsvc6.dll
2013-07-20 06:56 . 2012-10-09 17:40 193536 ----a-w- c:\windows\SysWow64\dhcpcore6.dll
2013-07-20 06:55 . 2013-02-15 06:06 3717632 ----a-w- c:\windows\system32\mstscax.dll
2013-07-20 06:55 . 2013-02-15 06:02 158720 ----a-w- c:\windows\system32\aaclient.dll
2013-07-20 06:55 . 2013-02-15 04:37 3217408 ----a-w- c:\windows\SysWow64\mstscax.dll
2013-07-20 06:55 . 2013-02-15 04:34 131584 ----a-w- c:\windows\SysWow64\aaclient.dll
2013-07-20 06:55 . 2013-02-15 06:08 44032 ----a-w- c:\windows\system32\tsgqec.dll
2013-07-20 06:55 . 2013-02-15 03:25 36864 ----a-w- c:\windows\SysWow64\tsgqec.dll
2013-07-20 06:55 . 2013-05-08 06:39 1910632 ----a-w- c:\windows\system32\drivers\tcpip.sys
2013-07-20 06:55 . 2013-01-03 06:00 288088 ----a-w- c:\windows\system32\drivers\FWPKCLNT.SYS
2013-07-20 06:55 . 2012-11-09 05:45 2048 ----a-w- c:\windows\system32\tzres.dll
2013-07-20 06:55 . 2012-11-09 04:42 2048 ----a-w- c:\windows\SysWow64\tzres.dll
2013-07-20 06:55 . 2012-01-04 10:44 509952 ----a-w- c:\windows\system32\ntshrui.dll
2013-07-20 06:55 . 2012-01-04 08:58 442880 ----a-w- c:\windows\SysWow64\ntshrui.dll
2013-07-20 06:53 . 2012-05-01 05:40 209920 ----a-w- c:\windows\system32\profsvc.dll
2013-07-20 06:52 . 2012-11-22 05:44 800768 ----a-w- c:\windows\system32\usp10.dll
2013-07-20 06:51 . 2012-03-17 07:58 75120 ----a-w- c:\windows\system32\drivers\partmgr.sys
2013-07-20 06:50 . 2013-06-05 03:34 3153920 ----a-w- c:\windows\system32\win32k.sys
2013-07-20 06:49 . 2012-06-06 06:05 495616 ----a-w- c:\program files\Common Files\System\ado\msadox.dll
2013-07-20 05:07 . 2013-07-20 05:29 -------- d-----w- c:\programdata\VirtualizedApplications
2013-07-20 05:02 . 2013-07-20 05:02 -------- d-----r- C:\MSOCache
2013-07-20 03:54 . 2013-07-20 05:08 -------- d-----w- c:\program files (x86)\EA GAMES
2013-07-20 03:54 . 2004-08-18 08:34 442368 ----a-r- c:\windows\SysWow64\vp6vfw.dll
2013-07-20 03:28 . 2013-07-20 03:28 -------- d-----w- c:\program files (x86)\uTorrent
2013-07-20 03:24 . 2013-07-20 03:24 283200 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys
2013-07-20 03:24 . 2013-07-20 03:24 -------- d-----w- c:\program files (x86)\DAEMON Tools Lite
2013-07-20 03:24 . 2013-07-20 03:49 -------- d-----w- c:\programdata\DAEMON Tools Lite
2013-07-19 20:30 . 2013-07-19 20:30 -------- d-----w- c:\program files (x86)\Stardock
2013-07-19 19:19 . 2013-07-21 06:24 -------- d-----w- c:\program files (x86)\Microsoft Application Virtualization Client
2013-07-19 19:19 . 2013-07-19 19:19 -------- d-----w- c:\program files\Microsoft Office
2013-07-19 19:07 . 2013-07-19 19:07 -------- d-----w- c:\program files (x86)\Hewlett-Packard
2013-07-19 19:05 . 2013-07-19 19:05 -------- d-----w- c:\programdata\HP
2013-07-19 19:05 . 2013-07-19 19:06 -------- d-----w- c:\program files (x86)\HP
2013-07-19 19:04 . 2013-07-19 19:04 -------- d-----w- c:\program files\HP
2013-07-19 18:52 . 2013-07-19 18:52 -------- d-----w- c:\program files (x86)\winaero.com
2013-07-19 18:52 . 2013-07-19 18:52 -------- d-----w- c:\program files (x86)\Personalization Panel
2013-07-19 18:27 . 2013-07-19 18:28 8282192 ----a-w- c:\programdata\Microsoft\BingBar\BBSvc\7.1.391.0oemBingBarSetup-Partner.EXE
2013-07-19 18:23 . 2012-02-17 06:38 1031680 ----a-w- c:\windows\system32\rdpcore.dll
2013-07-19 18:23 . 2012-02-17 05:34 826880 ----a-w- c:\windows\SysWow64\rdpcore.dll
2013-07-19 18:23 . 2012-02-17 04:57 23552 ----a-w- c:\windows\system32\drivers\tdtcp.sys
2013-07-19 18:17 . 2013-07-19 18:17 -------- d-----w- c:\programdata\FolderView
2013-07-19 18:16 . 2012-06-02 22:19 57880 ----a-w- c:\windows\system32\wuauclt.exe
2013-07-19 18:16 . 2012-06-02 22:19 44056 ----a-w- c:\windows\system32\wups2.dll
2013-07-19 18:16 . 2012-06-02 22:19 2428952 ----a-w- c:\windows\system32\wuaueng.dll
2013-07-19 18:16 . 2012-06-02 22:15 2622464 ----a-w- c:\windows\system32\wucltux.dll
2013-07-19 18:16 . 2012-06-02 22:19 38424 ----a-w- c:\windows\system32\wups.dll
2013-07-19 18:16 . 2012-06-02 22:19 701976 ----a-w- c:\windows\system32\wuapi.dll
2013-07-19 18:16 . 2012-06-02 22:15 99840 ----a-w- c:\windows\system32\wudriver.dll
2013-07-19 18:16 . 2013-07-20 19:14 -------- d-----w- c:\users\Luanne
2013-07-19 18:16 . 2012-06-02 18:19 186752 ----a-w- c:\windows\system32\wuwebv.dll
2013-07-19 18:16 . 2012-06-02 18:15 36864 ----a-w- c:\windows\system32\wuapp.exe
.
.
.
(((((((((((((((((((((((((((((((((((((   Relatório Find3M   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-07-19 18:17 . 2011-03-29 02:36 22240 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
.
.
((((((((((((((((((((((((((   Pontos de Carregamento do Registro   )))))))))))))))))))))))))))))))))))))))
.
.
*Nota* entradas vazias e legítimas por padrão não são apresentadas. 
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CursorFX"="c:\program files (x86)\Stardock\CursorFX\CursorFX.exe" [2012-05-10 432784]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"USB3MON"="c:\program files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" [2012-02-27 291608]
"ATKOSD2"="c:\program files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe" [2012-02-16 322176]
"HControlUser"="c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe" [2009-06-19 105016]
.
c:\users\Luanne\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Baidu PC Faster Uninstall 3.5.0.2.lnk - c:\windows\System32\rundll32.exe "c:\users\Luanne\AppData\Roaming\Baidu Security\PC App Store\3.5.0.2\Uninstall\Baidu PC Faster Uninstall\0\InstallUtility.dll", _OpenUrl -run "Baidu PC Faster Uninstall" -ini "OpenUrl.ini" [2009-7-13 45568]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
AsusVibeLauncher.lnk - c:\program files (x86)\ASUS\AsusVibe\AsusVibeLauncher.exe /start [2012-3-9 549040]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux1"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AutoUpdateDisableNotify"=dword:00000001
.
R2 Amsp;Trend Micro Solution Platform;c:\program files\Trend Micro\AMSP\coreServiceShell.exe coreFrameworkHost.exe;c:\program files\Trend Micro\AMSP\coreServiceShell.exe coreFrameworkHost.exe [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R3 L1C;NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller (NDIS 6.20);c:\windows\system32\DRIVERS\L1C62x64.sys;c:\windows\SYSNATIVE\DRIVERS\L1C62x64.sys [x]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys;c:\windows\SYSNATIVE\Drivers\RtsUStor.sys [x]
R3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;c:\windows\system32\DRIVERS\SiSG664.sys;c:\windows\SYSNATIVE\DRIVERS\SiSG664.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
S0 30338392;30338392 Boot Guard Driver;c:\windows\system32\DRIVERS\30338392.sys;c:\windows\SYSNATIVE\DRIVERS\30338392.sys [x]
S0 iusb3hcs;Intel® USB 3.0 Host Controller Switch Driver;c:\windows\system32\DRIVERS\iusb3hcs.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hcs.sys [x]
S1 30338391;30338391;c:\windows\system32\DRIVERS\30338391.sys;c:\windows\SYSNATIVE\DRIVERS\30338391.sys [x]
S1 ATKWMIACPIIO;ATKWMIACPI Driver;c:\program files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys;c:\program files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S1 Fox.cmddrv;Fox.cmddrv;c:\windows\system32\DRIVERS\3033839.sys;c:\windows\SYSNATIVE\DRIVERS\3033839.sys [x]
S1 tmevtmgr;tmevtmgr;c:\windows\system32\DRIVERS\tmevtmgr.sys;c:\windows\SYSNATIVE\DRIVERS\tmevtmgr.sys [x]
S2 AFBAgent;AFBAgent;c:\windows\system32\FBAgent.exe;c:\windows\SYSNATIVE\FBAgent.exe [x]
S2 ASMMAP64;ASMMAP64;c:\program files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys;c:\program files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [x]
S2 ASUS InstantOn;ASUS InstantOn Service;c:\program files (x86)\ASUS\InstantOn for NB\InsOnSrv.exe;c:\program files (x86)\ASUS\InstantOn for NB\InsOnSrv.exe [x]
S2 BAVSvc;Baidu Antivirus Service;c:\program files (x86)\Baidu Security\Cloud Security\BAVSvc.exe;c:\program files (x86)\Baidu Security\Cloud Security\BAVSvc.exe [x]
S2 BBSvc;BingBar Service;c:\program files (x86)\Microsoft\BingBar\7.1.391.0\BBSvc.exe;c:\program files (x86)\Microsoft\BingBar\7.1.391.0\BBSvc.exe [x]
S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [x]
S2 Intel® Capability Licensing Service Interface;Intel® Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe;c:\program files\Intel\iCLS Client\HeciServer.exe [x]
S2 Intel® ME Service;Intel® ME Service;c:\program files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe;c:\program files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe [x]
S2 jhi_service;Intel® Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe;c:\program files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [x]
S2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [x]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [x]
S2 PCFasterSvc_{PCFaster_3.6.0.33146};Baidu PC Faster Service 3.6.0.33146;c:\program files (x86)\Baidu Security\PC Faster\3.6.0.33146\PCFasterSvc.exe;c:\program files (x86)\Baidu Security\PC Faster\3.6.0.33146\PCFasterSvc.exe [x]
S2 persdwmsrv;Personalization Panel DWM controller;c:\program files (x86)\winaero.com\Personalization Panel DWM Controller\persdwmsrv.exe;c:\program files (x86)\winaero.com\Personalization Panel DWM Controller\persdwmsrv.exe [x]
S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [x]
S2 UNS;Intel® Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [x]
S2 UnsignedThemes;Unsigned Themes;c:\windows\UnsignedThemesSvc.exe;c:\windows\UnsignedThemesSvc.exe [x]
S2 uxpatch;uxpatch;c:\windows\system32\drivers\uxpatch.sys;c:\windows\SYSNATIVE\drivers\uxpatch.sys [x]
S3 AiCharger;ASUS Charger Driver;c:\windows\system32\DRIVERS\AiCharger.sys;c:\windows\SYSNATIVE\DRIVERS\AiCharger.sys [x]
S3 AsusVBus;AsusVBus;c:\windows\system32\DRIVERS\AsusVBus.sys;c:\windows\SYSNATIVE\DRIVERS\AsusVBus.sys [x]
S3 AsusVTouch;AsusVTouch;c:\windows\system32\DRIVERS\AsusVTouch.sys;c:\windows\SYSNATIVE\DRIVERS\AsusVTouch.sys [x]
S3 BBUpdate;BBUpdate;c:\program files (x86)\Microsoft\BingBar\7.1.391.0\SeaPort.exe;c:\program files (x86)\Microsoft\BingBar\7.1.391.0\SeaPort.exe [x]
S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys;c:\windows\SYSNATIVE\DRIVERS\ETD.sys [x]
S3 IntcDAud;Intel® Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
S3 iusb3hub;Intel® USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\iusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hub.sys [x]
S3 iusb3xhc;Intel® USB 3.0 eXtensible Host Controller Driver;c:\windows\system32\DRIVERS\iusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3xhc.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftfslh.sys [x]
S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftplaylh.sys [x]
S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftredirlh.sys [x]
S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftvollh.sys [x]
S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-07-19 18:22 1173456 ----a-w- c:\program files (x86)\Google\Chrome\Application\28.0.1500.72\Installer\chrmstp.exe
.
Conteúdo da pasta 'Tarefas Agendadas'
.
2013-07-24 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-03-09 19:29]
.
2013-07-23 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-03-09 19:29]
.
2013-07-24 c:\windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job
- c:\program files (x86)\Intel\Intel® ME FW Recovery Agent\bin\Bootstrap.exe [2011-11-25 20:41]
.
2013-07-23 c:\windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job
- c:\program files (x86)\Intel\Intel® ME FW Recovery Agent\bin\Bootstrap.exe [2011-11-25 20:41]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_B]
@="{6D4133E5-0742-4ADC-8A8C-9303440F7190}"
[HKEY_CLASSES_ROOT\CLSID\{6D4133E5-0742-4ADC-8A8C-9303440F7190}]
2011-05-25 07:09 227840 ----a-w- c:\program files (x86)\ASUS\ASUS WebStorage\3.0.108.222\AsusWSShellExt64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_O]
@="{64174815-8D98-4CE6-8646-4C039977D808}"
[HKEY_CLASSES_ROOT\CLSID\{64174815-8D98-4CE6-8646-4C039977D808}]
2011-05-25 07:09 227840 ----a-w- c:\program files (x86)\ASUS\ASUS WebStorage\3.0.108.222\AsusWSShellExt64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Trend Micro Titanium"="c:\program files\Trend Micro\Titanium\UIFramework\uiWinMgr.exe" [2012-12-18 1304296]
"Trend Micro Client Framework"="c:\program files\Trend Micro\UniClient\UiFrmWrk\UIWatchDog.exe" [2012-02-27 213824]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2012-12-14 172144]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2012-12-14 399984]
"Persistence"="c:\windows\system32\igfxpers.exe" [2012-12-14 441968]
.
------- Scan Suplementar -------
.
uLocal Page = c:\windows\system32\blank.htm
mStart Page = hxxp://www.baixaki.com.br/portal/?utm_source=core&utm_medium=ppi&utm_campaign=portal
mLocal Page = c:\windows\SysWOW64\blank.htm
TCP: DhcpNameServer = 201.17.0.117 201.17.0.77 201.6.4.116
.
- - - - ORFÃOS REMOVIDOS - - - -
.
Toolbar-Locked - (no file)
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
Toolbar-Locked - (no file)
HKLM-Run-ETDCtrl - c:\program files (x86)\Elantech\ETDCtrl.exe
.
.
.
--------------------- CHAVES DO REGISTRO BLOQUEADAS ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10k_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10k_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10k.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10k.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10k.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10k.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Tempo para conclusão: 2013-07-23  21:28:49
ComboFix-quarantined-files.txt  2013-07-24 00:28
.
Pré-execução: 368.692.535.296 bytes disponíveis
Pós execução: 368.341.766.144 bytes disponíveis
.
- - End Of File - - 91ED80A8676455F31BA3398907C1B90F
D41D8CD98F00B204E9800998ECF8427E


#17
CarlosTurco

CarlosTurco

    Assistente

  • Assistente
  • 24.760 posts

Luanne,

 

Desinstale o programa Baidu Security.

 

Faça o download do Windows Repair Portable.

http://www.tweaking....all_in_one.html

 

Escolha a opção: Portable (3.12 MB)

tweaking_download.gif - Direct Download


Instale o programa e execute-o.

Clique na aba Step 4 > Clique em Create para criar um ponto de restauração e em seguida em Backup para fazer backup do registro.
dFaOZ.png

Clique em Next em seguida Start.

Clique no botão 5wyy38.png para desmarcar todas as opções. Então marque:

Reset Registry Permissions
Reset File Permissions
Register System Files

Repair WMI
Remove Policies Set By Infections
Repair Windows Firewall
Repair Internet Explorer

Remove Policies Set By Infections
Repair Icons
Repair Winsock & DNS Cache
Remove Temp Files
Repair Proxy Settings
Repair Windows Updates

Repair Volume Shadow Copy Service
Restore Important Windows Services
Set Windows Services To Default Startup
Repair MSI (Windows Installer)
Repair File Associations

Em seguida deixe marcado como está na imagem e dê o Start:

2hcjhvc.png

Aguarde e ao término o PC será reiniciado.

 

Poste um novo log do HijackThis.



#18
Luanne

Luanne

    Novato

  • Novato
  • Pip
  • 12 posts

DEPOIS QUE RODEI ESSE PROGRAMA MEU WINDOWS NÃO RECONHECE MAIS O MEU ANTIVIRUS .. O QUE EU FAÇO AGORA .. E FICOU MAIS LENTO .. PAGINAS DEMORANDO PRA ABRIR

 

É NECESSÁRIO FAZER ISSO AINDA .. ENTREI NO REGISTRO E NÃO VI NADA DE ANORMAL

 

O LOG QUE você PEDIU

 

Logfile of HijackThis v1.99.1
Scan saved at 00:50:52, on 25/07/2013
Platform: Unknown Windows (WinNT 6.01.3505 SP1)
MSIE: Internet Explorer v10.0 (10.00.9200.16635)
 
Running processes:
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
C:\Windows\AsScrPro.exe
C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
C:\Windows\SysWOW64\ACEngSvr.exe
C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
C:\Program Files (x86)\Stardock\CursorFX\CursorFX.exe
C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\Luanne\Desktop\HijackThis\HijackThis.exe
 
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = 
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft..../?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.baixaki.c...campaign=portal
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
O2 - BHO: Trend Micro NSC BHO - {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - C:\Program Files\Trend Micro\AMSP\Module\20004\2.0.1361\6.8.1078\TmIEPlg32.dll
O2 - BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: TmBpIeBHO - {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\Program Files\Trend Micro\AMSP\Module\20002\7.1.1104\7.1.1104\TmBpIe32.dll
O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BingExt.dll
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BingExt.dll" (file missing)
O4 - HKLM\..\Run: [USB3MON] "C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
O4 - HKLM\..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
O4 - HKLM\..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [CursorFX] "C:\Program Files (x86)\Stardock\CursorFX\CursorFX.exe"
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - Startup: Baidu PC Faster Uninstall 3.5.0.2.lnk = C:\Windows\System32\rundll32.exe
O4 - Global Startup: AsusVibeLauncher.lnk = C:\Program Files (x86)\ASUS\AsusVibe\AsusVibeLauncher.exe
O9 - Extra button: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print 2.0\smartprintsetup.exe
O9 - Extra 'Tools' menuitem: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print 2.0\smartprintsetup.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nlaapi.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\napinsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O11 - Options group: [INTERNATIONAL] International
O13 - Gopher Prefix: 
O18 - Protocol: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\Module\20002\7.1.1104\7.1.1104\TmBpIe32.dll
O18 - Protocol: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend Micro\AMSP\Module\20004\2.0.1361\6.8.1078\TmIEPlg32.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: AFBAgent - Unknown owner - C:\Windows\system32\FBAgent.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Trend Micro Solution Platform (Amsp) - Unknown owner - C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe" coreFrameworkHost.exe (file missing)
O23 - Service: ASLDR Service (ASLDRService) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
O23 - Service: ASUS InstantOn Service (ASUS InstantOn) - ASUS - C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnSrv.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
O23 - Service: Intel® Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Google Update Service (gupdate) (gupdate) - Unknown owner - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /svc (file missing)
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Unknown owner - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /medsvc (file missing)
O23 - Service: Intel® Capability Licensing Service Interface - Intel® Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel® ME Service - Unknown owner - C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe
O23 - Service: Intel® Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195 (NetMsmqActivator) - Unknown owner - C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe" -NetMsmqActivator (file missing)
O23 - Service: Personalization Panel DWM controller (persdwmsrv) - http://winaero.com/ - C:\Program Files (x86)\winaero.com\Personalization Panel DWM Controller\persdwmsrv.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\qwave.dll,-1 (QWAVE) - Unknown owner - %windir%\system32\svchost.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\seclogon.dll,-7001 (seclogon) - Unknown owner - %windir%\system32\svchost.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel® Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
O23 - Service: Unsigned Themes (UnsignedThemes) - The Within Network, LLC - C:\Windows\UnsignedThemesSvc.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - %PROGRAMFILES%\Windows Media Player\wmpnetwk.exe (file missing)


#19
CarlosTurco

CarlosTurco

    Assistente

  • Assistente
  • 24.760 posts

Ok,

 

Desative temporiariamente seu AntiVirus  

  • Segure o botão Ctrl e clique neste link para abrir o ESET Online Scanner em uma nova janela.
  • Clique neste botão: j9Byf.png?1
  • Para navegadores alternativos: (Caso use o Internet Explorer, pule esta etapa)esetsmartinstaller_enu.png
    • Clique em esetsmartinstaller_enu.exe para baixar o ESET Smart Intaller. Salve-o em seu desktop.
    • Duplo clique no ícone em seu desktop.
  • Marque "YES, I accept the Terms of Use."
  • Clique em Start.
  • Aceite qualquer aviso de segurança de seu browser.
  • Em scan settings, marque "Scan Archives" e "Remove found threats"
  • Clique em Advanced settings e marque o seguinte:
    • Scan potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • Ele vai atualizar por conta própria, e escanear o computador. Tenha paciência, o processo pode demorar horas.
  • Quando o scan terminar, clique em List Threats
  • Copie e cole o conteúdo em sua próxima resposta. Obs: Se nada for encontrado, nenhum log será gerado.
  • Clique em Back.
  • Clique em Finish.

Poste também um novo log do HijackThis.



#20
Luanne

Luanne

    Novato

  • Novato
  • Pip
  • 12 posts

1:

 

C:\FRST\Quarantine\09b\1fa0.js JS/Kryptik.ALL trojan cleaned by deleting - quarantined
C:\Users\Luanne\Downloads\DTLite4471-0333.exe Win32/OpenCandy application cleaned by deleting - quarantined
 

 

 

2:

 

Logfile of HijackThis v1.99.1
Scan saved at 17:07:10, on 27/07/2013
Platform: Unknown Windows (WinNT 6.01.3505 SP1)
MSIE: Internet Explorer v10.0 (10.00.9200.16635)
 
Running processes:
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
C:\Windows\SysWOW64\ACEngSvr.exe
C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
C:\Windows\AsScrPro.exe
C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
C:\Program Files (x86)\Stardock\CursorFX\CursorFX.exe
C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\EA GAMES\The Sims 2 Tempo Livre\TSBin\Sims2EP7.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\Luanne\Desktop\HijackThis\HijackThis.exe
 
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = 
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft..../?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.baixaki.c...campaign=portal
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
O2 - BHO: Trend Micro NSC BHO - {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - C:\Program Files\Trend Micro\AMSP\Module\20004\2.0.1361\6.8.1078\TmIEPlg32.dll
O2 - BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: TmBpIeBHO - {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\Program Files\Trend Micro\AMSP\Module\20002\7.1.1104\7.1.1104\TmBpIe32.dll
O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BingExt.dll
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BingExt.dll" (file missing)
O4 - HKLM\..\Run: [USB3MON] "C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
O4 - HKLM\..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
O4 - HKLM\..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [CursorFX] "C:\Program Files (x86)\Stardock\CursorFX\CursorFX.exe"
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - Startup: Baidu PC Faster Uninstall 3.5.0.2.lnk = C:\Windows\System32\rundll32.exe
O4 - Global Startup: AsusVibeLauncher.lnk = C:\Program Files (x86)\ASUS\AsusVibe\AsusVibeLauncher.exe
O9 - Extra button: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print 2.0\smartprintsetup.exe
O9 - Extra 'Tools' menuitem: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print 2.0\smartprintsetup.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nlaapi.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\napinsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O11 - Options group: [INTERNATIONAL] International
O13 - Gopher Prefix: 
O18 - Protocol: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\Module\20002\7.1.1104\7.1.1104\TmBpIe32.dll
O18 - Protocol: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend Micro\AMSP\Module\20004\2.0.1361\6.8.1078\TmIEPlg32.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: AFBAgent - Unknown owner - C:\Windows\system32\FBAgent.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Trend Micro Solution Platform (Amsp) - Unknown owner - C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe" coreFrameworkHost.exe (file missing)
O23 - Service: ASLDR Service (ASLDRService) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
O23 - Service: ASUS InstantOn Service (ASUS InstantOn) - ASUS - C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnSrv.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
O23 - Service: Intel® Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Google Update Service (gupdate) (gupdate) - Unknown owner - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /svc (file missing)
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Unknown owner - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /medsvc (file missing)
O23 - Service: Intel® Capability Licensing Service Interface - Intel® Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel® ME Service - Unknown owner - C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe
O23 - Service: Intel® Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195 (NetMsmqActivator) - Unknown owner - C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe" -NetMsmqActivator (file missing)
O23 - Service: Personalization Panel DWM controller (persdwmsrv) - http://winaero.com/ - C:\Program Files (x86)\winaero.com\Personalization Panel DWM Controller\persdwmsrv.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\qwave.dll,-1 (QWAVE) - Unknown owner - %windir%\system32\svchost.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\seclogon.dll,-7001 (seclogon) - Unknown owner - %windir%\system32\svchost.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel® Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
O23 - Service: Unsigned Themes (UnsignedThemes) - The Within Network, LLC - C:\Windows\UnsignedThemesSvc.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - %PROGRAMFILES%\Windows Media Player\wmpnetwk.exe (file missing)