Flux 
Social bookmarking
Conservar e compartilhar o endereço de PC Seguro em seu site de social bookmarking
Conservar e compartilhar o endereço de Fórum PC Brasil em seu site de social bookmarking
Estatísticas
Temos 14810 usuários registradosO último membro registrado é Josevinil
Os nossos membros postaram um total de 36047 mensagens em 3685 assuntos
Quem está conectado?
Há 25 usuários online :: 0 registrados, 0 invisíveis e 25 visitantes :: 1 motor de buscaNenhum
O recorde de usuários online foi de 301 em Ter 26 Out 2021, 15:28
Procurar
Top dos mais postadores
| Power Max |
| |||
| joram |
| |||
| Wings [In Memoriam] |
| |||
| caedurodrigues |
| |||
| Amigo Brasileiro |
| |||
| luizvilarinho |
| |||
| Danii |
| |||
| Admin |
| |||
| Danilo Marsaro |
| |||
| Andreata |
|
Fotos Slides Movie nos pendrives e PC
3 participantes
Página 2 de 3
Página 2 de 3 • 
1, 2, 3
Re: Fotos Slides Movie nos pendrives e PC
por Power Max Qui 01 maio 2014, 00:00
Falta só o outro log criado pelo Farbar.
Power Max- Colaborador
- Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009
Fotos Slides Movie nos pendrives e PC
por pabloescobar Qui 01 maio 2014, 00:11
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 01-05-2014
Ran by Pablo (administrator) on PES on 30-04-2014 23:50:15
Running from C:\Users\Pablo\Downloads
Windows 7 Home Basic Service Pack 1 (X64) OS Language: Portuguese Brazilian
Internet Explorer Version 9
Boot Mode: Normal
The only official download link for FRST:
Download link for 32-Bit version: [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Download link for 64-Bit Version: [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
==================== Processes (Whitelisted) =================
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgrsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgcsrva.exe
(The Within Network, LLC) C:\Windows\UnsignedThemesSvc.exe
(Microsoft Corporation) C:\Windows\System32\wisptis.exe
(ASUSTeK Computer Inc.) C:\Windows\System32\FBAgent.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(Microsoft Corporation) C:\Windows\System32\wisptis.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore64.exe
(ASUS) C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnSrv.exe
() C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe
(ASUS) C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnWMI.exe
(ASUS) C:\Program Files\ASUS\P4G\BatteryLife.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\FaceLogon\sensorsrv.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Virtual Touch\QuickGesture\x86\QuickGesture.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Virtual Touch\QuickGesture\x64\QuickGesture64.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(ASUSTeK) C:\Windows\SysWOW64\ACEngSvr.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe
() C:\ProgramData\DatacardService\HWDeviceService64.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
() C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Huawei Technologies Co., Ltd.) C:\ProgramData\DatacardService\DCSHelper.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe
(http://winaero.com/) C:\Program Files (x86)\winaero.com\Personalization Panel DWM Controller\persdwmsrv.exe
(ASUS) C:\Windows\AsScrPro.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgnsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgemca.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe
(Trend Micro Inc.) C:\Program Files\Trend Micro\Titanium\TiMiniService.exe
(Trend Micro Inc.) C:\Program Files\Trend Micro\Titanium\TiResumeSrv.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(SUPERAntiSpyware) C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(MyCity) C:\Program Files (x86)\MCShield\MCShieldRTM.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgui.exe
(Huawei Technologies Co., Ltd.) C:\Users\Pablo\AppData\Roaming\VIVO INTERNET\ouc.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDGesture.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [VizorHtmlDialog.exe] => C:\Program Files\Trend Micro\Titanium\UIFramework\VizorHtmlDialog.exe [1654992 2011-10-26] (Trend Micro Inc.)
HKLM\...\Run: [Trend Micro Client Framework] => C:\Program Files\Trend Micro\UniClient\UiFrmWrk\UIWatchDog.exe [213824 2011-10-04] (Trend Micro Inc.)
HKLM\...\Run: [Trend Micro Titanium] => C:\Program Files\Trend Micro\Titanium\VizorShortCut.exe [416992 2011-08-02] (Trend Micro Inc.)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2661672 2012-02-19] (ELAN Microelectronics Corp.)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291608 2012-02-27] (Intel Corporation)
HKLM-x32\...\Run: [ATKOSD2] => C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [322176 2012-02-16] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [HControlUser] => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe [105016 2009-06-19] (ASUS)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [224128 2014-03-18] (Oracle Corporation)
HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\AVG2014\avgui.exe [5180432 2014-04-06] (AVG Technologies CZ, s.r.o.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-1322692611-2876088620-685211800-1000\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [6563608 2014-03-03] (SUPERAntiSpyware)
HKU\S-1-5-21-1322692611-2876088620-685211800-1000\...\Run: [HW_OPENEYE_OUC_VIVO INTERNET] => C:\Program Files (x86)\VIVO INTERNET\UpdateDog\ouc.exe [110592 2009-07-27] (Huawei Technologies Co., Ltd.)
HKU\S-1-5-21-1322692611-2876088620-685211800-1000\...\Run: [MCShield Monitor] => C:\Program Files (x86)\MCShield\mcshieldrtm.exe [650816 2014-04-11] (MyCity)
HKU\S-1-5-21-1322692611-2876088620-685211800-1000\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKCU - DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
BHO: TmIEPlugInBHO Class - {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - C:\Program Files\Trend Micro\AMSP\Module\20004\2.0.1313\6.8.1072\TmIEPlg.dll (Trend Micro Inc.)
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre8\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: TmBpIeBHO Class - {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\Program Files\Trend Micro\AMSP\Module\20002\7.0.1081\7.0.1081\TmBpIe64.dll (Trend Micro Inc.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre8\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: TmIEPlugInBHO Class - {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - C:\Program Files\Trend Micro\AMSP\Module\20004\2.0.1313\6.8.1072\TmIEPlg32.dll (Trend Micro Inc.)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: TmBpIeBHO Class - {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\Program Files\Trend Micro\AMSP\Module\20002\7.0.1081\7.0.1081\TmBpIe32.dll (Trend Micro Inc.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Microsoft Web Test Recorder 10.0 Helper - {DDA57003-0068-4ed2-9D32-4D1EC707D94D} - d:\PUC\Visual Studio\Common7\IDE\PrivateAssemblies\Microsoft.VisualStudio.QualityTools.RecorderBarBHO100.dll (Microsoft Corporation)
Handler: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\Module\20002\7.0.1081\7.0.1081\TmBpIe64.dll (Trend Micro Inc.)
Handler: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend Micro\AMSP\Module\20004\2.0.1313\6.8.1072\TmIEPlg.dll (Trend Micro Inc.)
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll No File
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Handler-x32: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\Module\20002\7.0.1081\7.0.1081\TmBpIe32.dll (Trend Micro Inc.)
Handler-x32: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend Micro\AMSP\Module\20004\2.0.1313\6.8.1072\TmIEPlg32.dll (Trend Micro Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
FireFox:
========
FF Plugin: @java.com/DTPlugin,version=11.5.2 - C:\Program Files\Java\jre8\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.5.2 - C:\Program Files\Java\jre8\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32.dll No File
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @real.com/nppl3260;version=6.0.12.450 - C:\Program Files (x86)\Real Alternative\browser\plugins\nppl3260.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpjplug;version=6.0.12.448 - C:\Program Files (x86)\Real Alternative\browser\plugins\nprpjplug.dll (RealNetworks, Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.3 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF HKLM-x32\...\Firefox\Extensions: [{38783831-6098-4faa-A9C9-1EE1E343F4D2}] - C:\Program Files\Trend Micro\AMSP\Module\20002\7.0.1081\7.0.1081\firefoxextension
FF Extension: Trend Micro BEP Firefox Extension - C:\Program Files\Trend Micro\AMSP\Module\20002\7.0.1081\7.0.1081\firefoxextension [2012-03-09]
FF HKLM-x32\...\Firefox\Extensions: [{22C7F6C6-8D67-4534-92B5-529A0EC09405}] - C:\Program Files\Trend Micro\AMSP\module\20004\FxExt\firefoxextension\
FF Extension: Trend Micro NSC Firefox Extension - C:\Program Files\Trend Micro\AMSP\module\20004\FxExt\firefoxextension\ []
Chrome:
=======
CHR HomePage:
CHR DefaultSearchKeyword: google.com.br
CHR Extension: (Google Drive) - C:\Users\Pablo\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-01-06]
CHR Extension: (YouTube) - C:\Users\Pablo\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-01-06]
CHR Extension: (Pesquisa do Google) - C:\Users\Pablo\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-01-06]
CHR Extension: (Google Wallet) - C:\Users\Pablo\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-26]
CHR Extension: (Gmail) - C:\Users\Pablo\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-01-06]
==================== Services (Whitelisted) =================
R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [140672 2012-07-11] (SUPERAntiSpyware.com)
R2 ASUS InstantOn; C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnSrv.exe [277120 2012-04-13] (ASUS)
R2 Autodesk Content Service; C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [18656 2011-02-02] ()
R2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe [3645456 2014-04-18] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe [291912 2014-03-27] (AVG Technologies CZ, s.r.o.)
R2 HWDeviceService64.exe; C:\ProgramData\DatacardService\HWDeviceService64.exe [339456 2010-11-16] ()
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [128280 2012-02-21] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [161560 2012-02-21] (Intel Corporation)
R2 MSSQL$SQLEXPRESS; C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [57617752 2009-03-30] (Microsoft Corporation)
R2 persdwmsrv; C:\Program Files (x86)\winaero.com\Personalization Panel DWM Controller\persdwmsrv.exe [8192 2012-04-07] (http://winaero.com/)
S4 SQLAgent$SQLEXPRESS; C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [427880 2009-03-30] (Microsoft Corporation)
R3 TiMiniService; C:\Program Files\Trend Micro\Titanium\TiMiniService.exe [247072 2011-08-02] (Trend Micro Inc.)
R2 UnsignedThemes; C:\Windows\UnsignedThemesSvc.exe [24168 2009-07-13] (The Within Network, LLC)
S3 Amsp; "C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe" coreFrameworkHost.exe -m=rb -dt=60000 -ad [X]
==================== Drivers (Whitelisted) ====================
R3 AiCharger; C:\Windows\SysWOW64\DRIVERS\AiCharger.sys [17152 2012-02-29] (ASUSTek Computer Inc.)
R3 AsusVBus; C:\Windows\System32\DRIVERS\AsusVBus.sys [35968 2012-04-11] (Windows (R) Win 7 DDK provider)
R3 AsusVTouch; C:\Windows\System32\DRIVERS\AsusVTouch.sys [16512 2012-04-11] (Windows (R) Win 7 DDK provider)
R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [153368 2014-03-27] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [237336 2014-04-18] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [192792 2014-03-27] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [236824 2014-03-27] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [324376 2014-03-27] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [130840 2014-03-31] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [32536 2014-03-27] (AVG Technologies CZ, s.r.o.)
R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [274200 2014-03-31] (AVG Technologies CZ, s.r.o.)
R3 kbfiltr; C:\Windows\System32\DRIVERS\kbfiltr.sys [15416 2009-07-20] ( )
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
S3 Serial; C:\Windows\system32\drivers\serial.sys [94208 2009-07-13] (Brother Industries Ltd.)
R1 tmactmon; C:\Windows\System32\DRIVERS\tmactmon.sys [91920 2011-08-11] (Trend Micro Inc.)
R1 tmcomm; C:\Windows\System32\DRIVERS\tmcomm.sys [167696 2011-08-11] (Trend Micro Inc.)
R1 tmevtmgr; C:\Windows\System32\DRIVERS\tmevtmgr.sys [70928 2011-08-11] (Trend Micro Inc.)
R1 tmtdi; C:\Windows\System32\DRIVERS\tmtdi.sys [105744 2011-09-29] (Trend Micro Inc.)
U5 UnlockerDriver5; C:\Program Files\Unlocker\UnlockerDriver5.sys [12352 2010-07-01] () <===== ATTENTION Necurs Rootkit?
R2 uxpatch; C:\Windows\system32\drivers\uxpatch.sys [30568 2009-07-13] ()
S3 VSPerfDrv100; d:\PUC\Visual Studio\Team Tools\Performance Tools\x64\VSPerfDrv100.sys [68440 2010-03-17] (Microsoft Corporation)
S3 BdApiUtil; \??\C:\Program Files (x86)\Baidu Security\Baidu Antivirus\BdApiUtil64.sys [X]
S3 BdCameraProtect; \??\C:\Program Files (x86)\Baidu Security\Baidu Antivirus\BdCameraProtect64.sys [X]
S3 BprotectEx; \??\C:\Windows\System32\drivers\BprotectEx.sys [X]
S3 GGSAFERDriver; \??\D:\WC3\GarenaPlus\Garena Plus\Room\safedrv.sys [X]
S3 hwusbdev; system32\DRIVERS\ewusbdev.sys [X]
S3 PCFApiUtil; \??\C:\Program Files (x86)\Baidu Security\PC Faster\4.0.0.0\PCFApiUtil64.sys [X]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-04-30 23:50 - 2014-04-30 23:50 - 00021080 _____ () C:\Users\Pablo\Downloads\FRST.txt
2014-04-30 23:50 - 2014-04-30 23:50 - 00000000 ____D () C:\FRST
2014-04-30 23:49 - 2014-04-30 23:49 - 02061824 _____ (Farbar) C:\Users\Pablo\Downloads\FRST64.exe
2014-04-30 23:39 - 2014-04-30 23:39 - 00001221 _____ () C:\Users\Pablo\Desktop\ZHPFixReport.txt
2014-04-30 23:30 - 2010-06-02 04:55 - 00527192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_7.dll
2014-04-30 23:30 - 2010-06-02 04:55 - 00518488 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_7.dll
2014-04-30 23:30 - 2010-06-02 04:55 - 00239960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_7.dll
2014-04-30 23:30 - 2010-06-02 04:55 - 00176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_7.dll
2014-04-30 23:30 - 2010-06-02 04:55 - 00077656 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_5.dll
2014-04-30 23:30 - 2010-06-02 04:55 - 00074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_5.dll
2014-04-30 23:30 - 2010-05-26 11:41 - 02526056 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_43.dll
2014-04-30 23:30 - 2010-05-26 11:41 - 02401112 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_43.dll
2014-04-30 23:30 - 2010-05-26 11:41 - 02106216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_43.dll
2014-04-30 23:30 - 2010-05-26 11:41 - 01998168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_43.dll
2014-04-30 23:30 - 2010-05-26 11:41 - 01907552 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_43.dll
2014-04-30 23:30 - 2010-05-26 11:41 - 01868128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_43.dll
2014-04-30 23:30 - 2010-05-26 11:41 - 00511328 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_43.dll
2014-04-30 23:30 - 2010-05-26 11:41 - 00470880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_43.dll
2014-04-30 23:30 - 2010-05-26 11:41 - 00276832 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_43.dll
2014-04-30 23:30 - 2010-05-26 11:41 - 00248672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_43.dll
2014-04-30 23:30 - 2010-02-04 10:01 - 00530776 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_6.dll
2014-04-30 23:30 - 2010-02-04 10:01 - 00528216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_6.dll
2014-04-30 23:30 - 2010-02-04 10:01 - 00238936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_6.dll
2014-04-30 23:30 - 2010-02-04 10:01 - 00176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_6.dll
2014-04-30 23:30 - 2010-02-04 10:01 - 00078680 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_4.dll
2014-04-30 23:30 - 2010-02-04 10:01 - 00074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_4.dll
2014-04-30 23:30 - 2010-02-04 10:01 - 00024920 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_7.dll
2014-04-30 23:30 - 2010-02-04 10:01 - 00022360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_7.dll
2014-04-30 23:30 - 2009-09-04 17:44 - 00517960 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_5.dll
2014-04-30 23:30 - 2009-09-04 17:44 - 00238936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_5.dll
2014-04-30 23:30 - 2009-09-04 17:44 - 00176968 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_5.dll
2014-04-30 23:30 - 2009-09-04 17:29 - 05554512 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_42.dll
2014-04-30 23:30 - 2009-09-04 17:29 - 05501792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_42.dll
2014-04-30 23:29 - 2014-04-30 23:29 - 00010357 _____ () C:\Windows\DirectX.log
Ran by Pablo (administrator) on PES on 30-04-2014 23:50:15
Running from C:\Users\Pablo\Downloads
Windows 7 Home Basic Service Pack 1 (X64) OS Language: Portuguese Brazilian
Internet Explorer Version 9
Boot Mode: Normal
The only official download link for FRST:
Download link for 32-Bit version: [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Download link for 64-Bit Version: [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
==================== Processes (Whitelisted) =================
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgrsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgcsrva.exe
(The Within Network, LLC) C:\Windows\UnsignedThemesSvc.exe
(Microsoft Corporation) C:\Windows\System32\wisptis.exe
(ASUSTeK Computer Inc.) C:\Windows\System32\FBAgent.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(Microsoft Corporation) C:\Windows\System32\wisptis.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore64.exe
(ASUS) C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnSrv.exe
() C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe
(ASUS) C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnWMI.exe
(ASUS) C:\Program Files\ASUS\P4G\BatteryLife.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\FaceLogon\sensorsrv.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Virtual Touch\QuickGesture\x86\QuickGesture.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Virtual Touch\QuickGesture\x64\QuickGesture64.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(ASUSTeK) C:\Windows\SysWOW64\ACEngSvr.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe
() C:\ProgramData\DatacardService\HWDeviceService64.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
() C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Huawei Technologies Co., Ltd.) C:\ProgramData\DatacardService\DCSHelper.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe
(http://winaero.com/) C:\Program Files (x86)\winaero.com\Personalization Panel DWM Controller\persdwmsrv.exe
(ASUS) C:\Windows\AsScrPro.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgnsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgemca.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe
(Trend Micro Inc.) C:\Program Files\Trend Micro\Titanium\TiMiniService.exe
(Trend Micro Inc.) C:\Program Files\Trend Micro\Titanium\TiResumeSrv.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(SUPERAntiSpyware) C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(MyCity) C:\Program Files (x86)\MCShield\MCShieldRTM.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgui.exe
(Huawei Technologies Co., Ltd.) C:\Users\Pablo\AppData\Roaming\VIVO INTERNET\ouc.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDGesture.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [VizorHtmlDialog.exe] => C:\Program Files\Trend Micro\Titanium\UIFramework\VizorHtmlDialog.exe [1654992 2011-10-26] (Trend Micro Inc.)
HKLM\...\Run: [Trend Micro Client Framework] => C:\Program Files\Trend Micro\UniClient\UiFrmWrk\UIWatchDog.exe [213824 2011-10-04] (Trend Micro Inc.)
HKLM\...\Run: [Trend Micro Titanium] => C:\Program Files\Trend Micro\Titanium\VizorShortCut.exe [416992 2011-08-02] (Trend Micro Inc.)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2661672 2012-02-19] (ELAN Microelectronics Corp.)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291608 2012-02-27] (Intel Corporation)
HKLM-x32\...\Run: [ATKOSD2] => C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [322176 2012-02-16] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [HControlUser] => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe [105016 2009-06-19] (ASUS)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [224128 2014-03-18] (Oracle Corporation)
HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\AVG2014\avgui.exe [5180432 2014-04-06] (AVG Technologies CZ, s.r.o.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-1322692611-2876088620-685211800-1000\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [6563608 2014-03-03] (SUPERAntiSpyware)
HKU\S-1-5-21-1322692611-2876088620-685211800-1000\...\Run: [HW_OPENEYE_OUC_VIVO INTERNET] => C:\Program Files (x86)\VIVO INTERNET\UpdateDog\ouc.exe [110592 2009-07-27] (Huawei Technologies Co., Ltd.)
HKU\S-1-5-21-1322692611-2876088620-685211800-1000\...\Run: [MCShield Monitor] => C:\Program Files (x86)\MCShield\mcshieldrtm.exe [650816 2014-04-11] (MyCity)
HKU\S-1-5-21-1322692611-2876088620-685211800-1000\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKCU - DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
BHO: TmIEPlugInBHO Class - {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - C:\Program Files\Trend Micro\AMSP\Module\20004\2.0.1313\6.8.1072\TmIEPlg.dll (Trend Micro Inc.)
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre8\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: TmBpIeBHO Class - {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\Program Files\Trend Micro\AMSP\Module\20002\7.0.1081\7.0.1081\TmBpIe64.dll (Trend Micro Inc.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre8\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: TmIEPlugInBHO Class - {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - C:\Program Files\Trend Micro\AMSP\Module\20004\2.0.1313\6.8.1072\TmIEPlg32.dll (Trend Micro Inc.)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: TmBpIeBHO Class - {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\Program Files\Trend Micro\AMSP\Module\20002\7.0.1081\7.0.1081\TmBpIe32.dll (Trend Micro Inc.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Microsoft Web Test Recorder 10.0 Helper - {DDA57003-0068-4ed2-9D32-4D1EC707D94D} - d:\PUC\Visual Studio\Common7\IDE\PrivateAssemblies\Microsoft.VisualStudio.QualityTools.RecorderBarBHO100.dll (Microsoft Corporation)
Handler: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\Module\20002\7.0.1081\7.0.1081\TmBpIe64.dll (Trend Micro Inc.)
Handler: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend Micro\AMSP\Module\20004\2.0.1313\6.8.1072\TmIEPlg.dll (Trend Micro Inc.)
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll No File
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Handler-x32: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\Module\20002\7.0.1081\7.0.1081\TmBpIe32.dll (Trend Micro Inc.)
Handler-x32: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend Micro\AMSP\Module\20004\2.0.1313\6.8.1072\TmIEPlg32.dll (Trend Micro Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
FireFox:
========
FF Plugin: @java.com/DTPlugin,version=11.5.2 - C:\Program Files\Java\jre8\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.5.2 - C:\Program Files\Java\jre8\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32.dll No File
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @real.com/nppl3260;version=6.0.12.450 - C:\Program Files (x86)\Real Alternative\browser\plugins\nppl3260.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpjplug;version=6.0.12.448 - C:\Program Files (x86)\Real Alternative\browser\plugins\nprpjplug.dll (RealNetworks, Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.3 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF HKLM-x32\...\Firefox\Extensions: [{38783831-6098-4faa-A9C9-1EE1E343F4D2}] - C:\Program Files\Trend Micro\AMSP\Module\20002\7.0.1081\7.0.1081\firefoxextension
FF Extension: Trend Micro BEP Firefox Extension - C:\Program Files\Trend Micro\AMSP\Module\20002\7.0.1081\7.0.1081\firefoxextension [2012-03-09]
FF HKLM-x32\...\Firefox\Extensions: [{22C7F6C6-8D67-4534-92B5-529A0EC09405}] - C:\Program Files\Trend Micro\AMSP\module\20004\FxExt\firefoxextension\
FF Extension: Trend Micro NSC Firefox Extension - C:\Program Files\Trend Micro\AMSP\module\20004\FxExt\firefoxextension\ []
Chrome:
=======
CHR HomePage:
CHR DefaultSearchKeyword: google.com.br
CHR Extension: (Google Drive) - C:\Users\Pablo\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-01-06]
CHR Extension: (YouTube) - C:\Users\Pablo\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-01-06]
CHR Extension: (Pesquisa do Google) - C:\Users\Pablo\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-01-06]
CHR Extension: (Google Wallet) - C:\Users\Pablo\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-26]
CHR Extension: (Gmail) - C:\Users\Pablo\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-01-06]
==================== Services (Whitelisted) =================
R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [140672 2012-07-11] (SUPERAntiSpyware.com)
R2 ASUS InstantOn; C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnSrv.exe [277120 2012-04-13] (ASUS)
R2 Autodesk Content Service; C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [18656 2011-02-02] ()
R2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe [3645456 2014-04-18] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe [291912 2014-03-27] (AVG Technologies CZ, s.r.o.)
R2 HWDeviceService64.exe; C:\ProgramData\DatacardService\HWDeviceService64.exe [339456 2010-11-16] ()
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [128280 2012-02-21] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [161560 2012-02-21] (Intel Corporation)
R2 MSSQL$SQLEXPRESS; C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [57617752 2009-03-30] (Microsoft Corporation)
R2 persdwmsrv; C:\Program Files (x86)\winaero.com\Personalization Panel DWM Controller\persdwmsrv.exe [8192 2012-04-07] (http://winaero.com/)
S4 SQLAgent$SQLEXPRESS; C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [427880 2009-03-30] (Microsoft Corporation)
R3 TiMiniService; C:\Program Files\Trend Micro\Titanium\TiMiniService.exe [247072 2011-08-02] (Trend Micro Inc.)
R2 UnsignedThemes; C:\Windows\UnsignedThemesSvc.exe [24168 2009-07-13] (The Within Network, LLC)
S3 Amsp; "C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe" coreFrameworkHost.exe -m=rb -dt=60000 -ad [X]
==================== Drivers (Whitelisted) ====================
R3 AiCharger; C:\Windows\SysWOW64\DRIVERS\AiCharger.sys [17152 2012-02-29] (ASUSTek Computer Inc.)
R3 AsusVBus; C:\Windows\System32\DRIVERS\AsusVBus.sys [35968 2012-04-11] (Windows (R) Win 7 DDK provider)
R3 AsusVTouch; C:\Windows\System32\DRIVERS\AsusVTouch.sys [16512 2012-04-11] (Windows (R) Win 7 DDK provider)
R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [153368 2014-03-27] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [237336 2014-04-18] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [192792 2014-03-27] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [236824 2014-03-27] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [324376 2014-03-27] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [130840 2014-03-31] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [32536 2014-03-27] (AVG Technologies CZ, s.r.o.)
R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [274200 2014-03-31] (AVG Technologies CZ, s.r.o.)
R3 kbfiltr; C:\Windows\System32\DRIVERS\kbfiltr.sys [15416 2009-07-20] ( )
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
S3 Serial; C:\Windows\system32\drivers\serial.sys [94208 2009-07-13] (Brother Industries Ltd.)
R1 tmactmon; C:\Windows\System32\DRIVERS\tmactmon.sys [91920 2011-08-11] (Trend Micro Inc.)
R1 tmcomm; C:\Windows\System32\DRIVERS\tmcomm.sys [167696 2011-08-11] (Trend Micro Inc.)
R1 tmevtmgr; C:\Windows\System32\DRIVERS\tmevtmgr.sys [70928 2011-08-11] (Trend Micro Inc.)
R1 tmtdi; C:\Windows\System32\DRIVERS\tmtdi.sys [105744 2011-09-29] (Trend Micro Inc.)
U5 UnlockerDriver5; C:\Program Files\Unlocker\UnlockerDriver5.sys [12352 2010-07-01] () <===== ATTENTION Necurs Rootkit?
R2 uxpatch; C:\Windows\system32\drivers\uxpatch.sys [30568 2009-07-13] ()
S3 VSPerfDrv100; d:\PUC\Visual Studio\Team Tools\Performance Tools\x64\VSPerfDrv100.sys [68440 2010-03-17] (Microsoft Corporation)
S3 BdApiUtil; \??\C:\Program Files (x86)\Baidu Security\Baidu Antivirus\BdApiUtil64.sys [X]
S3 BdCameraProtect; \??\C:\Program Files (x86)\Baidu Security\Baidu Antivirus\BdCameraProtect64.sys [X]
S3 BprotectEx; \??\C:\Windows\System32\drivers\BprotectEx.sys [X]
S3 GGSAFERDriver; \??\D:\WC3\GarenaPlus\Garena Plus\Room\safedrv.sys [X]
S3 hwusbdev; system32\DRIVERS\ewusbdev.sys [X]
S3 PCFApiUtil; \??\C:\Program Files (x86)\Baidu Security\PC Faster\4.0.0.0\PCFApiUtil64.sys [X]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-04-30 23:50 - 2014-04-30 23:50 - 00021080 _____ () C:\Users\Pablo\Downloads\FRST.txt
2014-04-30 23:50 - 2014-04-30 23:50 - 00000000 ____D () C:\FRST
2014-04-30 23:49 - 2014-04-30 23:49 - 02061824 _____ (Farbar) C:\Users\Pablo\Downloads\FRST64.exe
2014-04-30 23:39 - 2014-04-30 23:39 - 00001221 _____ () C:\Users\Pablo\Desktop\ZHPFixReport.txt
2014-04-30 23:30 - 2010-06-02 04:55 - 00527192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_7.dll
2014-04-30 23:30 - 2010-06-02 04:55 - 00518488 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_7.dll
2014-04-30 23:30 - 2010-06-02 04:55 - 00239960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_7.dll
2014-04-30 23:30 - 2010-06-02 04:55 - 00176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_7.dll
2014-04-30 23:30 - 2010-06-02 04:55 - 00077656 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_5.dll
2014-04-30 23:30 - 2010-06-02 04:55 - 00074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_5.dll
2014-04-30 23:30 - 2010-05-26 11:41 - 02526056 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_43.dll
2014-04-30 23:30 - 2010-05-26 11:41 - 02401112 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_43.dll
2014-04-30 23:30 - 2010-05-26 11:41 - 02106216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_43.dll
2014-04-30 23:30 - 2010-05-26 11:41 - 01998168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_43.dll
2014-04-30 23:30 - 2010-05-26 11:41 - 01907552 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_43.dll
2014-04-30 23:30 - 2010-05-26 11:41 - 01868128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_43.dll
2014-04-30 23:30 - 2010-05-26 11:41 - 00511328 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_43.dll
2014-04-30 23:30 - 2010-05-26 11:41 - 00470880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_43.dll
2014-04-30 23:30 - 2010-05-26 11:41 - 00276832 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_43.dll
2014-04-30 23:30 - 2010-05-26 11:41 - 00248672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_43.dll
2014-04-30 23:30 - 2010-02-04 10:01 - 00530776 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_6.dll
2014-04-30 23:30 - 2010-02-04 10:01 - 00528216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_6.dll
2014-04-30 23:30 - 2010-02-04 10:01 - 00238936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_6.dll
2014-04-30 23:30 - 2010-02-04 10:01 - 00176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_6.dll
2014-04-30 23:30 - 2010-02-04 10:01 - 00078680 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_4.dll
2014-04-30 23:30 - 2010-02-04 10:01 - 00074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_4.dll
2014-04-30 23:30 - 2010-02-04 10:01 - 00024920 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_7.dll
2014-04-30 23:30 - 2010-02-04 10:01 - 00022360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_7.dll
2014-04-30 23:30 - 2009-09-04 17:44 - 00517960 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_5.dll
2014-04-30 23:30 - 2009-09-04 17:44 - 00238936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_5.dll
2014-04-30 23:30 - 2009-09-04 17:44 - 00176968 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_5.dll
2014-04-30 23:30 - 2009-09-04 17:29 - 05554512 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_42.dll
2014-04-30 23:30 - 2009-09-04 17:29 - 05501792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_42.dll
2014-04-30 23:29 - 2014-04-30 23:29 - 00010357 _____ () C:\Windows\DirectX.log
pabloescobar- Membro
- Mensagens : 68
Reputação : 0
Data de inscrição : 17/04/2014
Localização : Minas Gerais
Fotos Slides Movie nos pendrives e PC
por pabloescobar Qui 01 maio 2014, 00:11
2014-04-30 23:29 - 2009-09-04 17:44 - 00073544 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_3.dll
2014-04-30 23:29 - 2009-03-16 14:18 - 00521560 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_4.dll
2014-04-30 23:29 - 2009-03-16 14:18 - 00517448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_4.dll
2014-04-30 23:29 - 2009-03-16 14:18 - 00235352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_4.dll
2014-04-30 23:29 - 2009-03-16 14:18 - 00174936 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_4.dll
2014-04-30 23:29 - 2009-03-16 14:18 - 00024920 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_6.dll
2014-04-30 23:29 - 2009-03-16 14:18 - 00022360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_6.dll
2014-04-30 23:29 - 2009-03-09 15:27 - 05425496 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_41.dll
2014-04-30 23:29 - 2009-03-09 15:27 - 04178264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_41.dll
2014-04-30 23:29 - 2009-03-09 15:27 - 02430312 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_41.dll
2014-04-30 23:29 - 2009-03-09 15:27 - 00520544 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_41.dll
2014-04-30 23:29 - 2008-10-27 10:04 - 00518480 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_3.dll
2014-04-30 23:29 - 2008-10-27 10:04 - 00514384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_3.dll
2014-04-30 23:29 - 2008-10-27 10:04 - 00235856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_3.dll
2014-04-30 23:29 - 2008-10-27 10:04 - 00175440 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_3.dll
2014-04-30 23:29 - 2008-10-27 10:04 - 00074576 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_2.dll
2014-04-30 23:29 - 2008-10-27 10:04 - 00070992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_2.dll
2014-04-30 23:29 - 2008-10-27 10:04 - 00025936 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_5.dll
2014-04-30 23:29 - 2008-10-27 10:04 - 00023376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_5.dll
2014-04-30 23:29 - 2008-10-15 06:22 - 05631312 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_40.dll
2014-04-30 23:29 - 2008-10-15 06:22 - 04379984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_40.dll
2014-04-30 23:29 - 2008-10-15 06:22 - 02605920 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_40.dll
2014-04-30 23:29 - 2008-10-15 06:22 - 02036576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_40.dll
2014-04-30 23:29 - 2008-10-15 06:22 - 00519000 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_40.dll
2014-04-30 23:29 - 2008-10-15 06:22 - 00452440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_40.dll
2014-04-30 23:29 - 2008-07-31 10:41 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_2.dll
2014-04-30 23:29 - 2008-07-31 10:41 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_2.dll
2014-04-30 23:29 - 2008-07-31 10:41 - 00072200 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_1.dll
2014-04-30 23:29 - 2008-07-31 10:41 - 00068616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_1.dll
2014-04-30 23:29 - 2008-07-31 10:40 - 00513544 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_2.dll
2014-04-30 23:29 - 2008-07-31 10:40 - 00509448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_2.dll
2014-04-30 23:29 - 2008-07-10 11:01 - 00467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_39.dll
2014-04-30 23:29 - 2008-07-10 11:00 - 04992520 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_39.dll
2014-04-30 23:29 - 2008-07-10 11:00 - 03851784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_39.dll
2014-04-30 23:29 - 2008-07-10 11:00 - 01942552 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_39.dll
2014-04-30 23:29 - 2008-07-10 11:00 - 01493528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_39.dll
2014-04-30 23:29 - 2008-07-10 11:00 - 00540688 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_39.dll
2014-04-30 23:29 - 2008-05-30 14:19 - 00511496 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_1.dll
2014-04-30 23:29 - 2008-05-30 14:19 - 00507400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_1.dll
2014-04-30 23:29 - 2008-05-30 14:18 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_1.dll
2014-04-30 23:29 - 2008-05-30 14:18 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_1.dll
2014-04-30 23:29 - 2008-05-30 14:17 - 00068104 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_0.dll
2014-04-30 23:29 - 2008-05-30 14:17 - 00065032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_0.dll
2014-04-30 23:29 - 2008-05-30 14:17 - 00025608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_4.dll
2014-04-30 23:29 - 2008-05-30 14:16 - 00028168 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_4.dll
2014-04-30 23:29 - 2008-05-30 14:11 - 04991496 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_38.dll
2014-04-30 23:29 - 2008-05-30 14:11 - 03850760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_38.dll
2014-04-30 23:29 - 2008-05-30 14:11 - 01941528 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_38.dll
2014-04-30 23:29 - 2008-05-30 14:11 - 01491992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_38.dll
2014-04-30 23:29 - 2008-05-30 14:11 - 00540688 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_38.dll
2014-04-30 23:29 - 2008-05-30 14:11 - 00467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_38.dll
2014-04-30 23:29 - 2008-03-05 16:04 - 00489480 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_0.dll
2014-04-30 23:29 - 2008-03-05 16:03 - 00479752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_0.dll
2014-04-30 23:29 - 2008-03-05 16:03 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_0.dll
2014-04-30 23:29 - 2008-03-05 16:03 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_0.dll
2014-04-30 23:29 - 2008-03-05 16:00 - 00028168 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_3.dll
2014-04-30 23:29 - 2008-03-05 16:00 - 00025608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_3.dll
2014-04-30 23:29 - 2008-03-05 15:56 - 04910088 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_37.dll
2014-04-30 23:29 - 2008-03-05 15:56 - 03786760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_37.dll
2014-04-30 23:29 - 2008-03-05 15:56 - 01860120 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_37.dll
2014-04-30 23:29 - 2008-03-05 15:56 - 01420824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_37.dll
2014-04-30 23:29 - 2008-02-05 23:07 - 00529424 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_37.dll
2014-04-30 23:29 - 2008-02-05 23:07 - 00462864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_37.dll
2014-04-30 23:29 - 2007-10-22 03:40 - 00411656 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_10.dll
2014-04-30 23:29 - 2007-10-22 03:39 - 00267272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_10.dll
2014-04-30 23:29 - 2007-10-22 03:37 - 00021000 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_2.dll
2014-04-30 23:29 - 2007-10-22 03:37 - 00017928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_2.dll
2014-04-30 23:29 - 2007-10-12 15:14 - 05081608 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_36.dll
2014-04-30 23:29 - 2007-10-12 15:14 - 03734536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_36.dll
2014-04-30 23:29 - 2007-10-12 15:14 - 02006552 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_36.dll
2014-04-30 23:29 - 2007-10-12 15:14 - 01374232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_36.dll
2014-04-30 23:29 - 2007-10-02 09:56 - 00508264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_36.dll
2014-04-30 23:29 - 2007-10-02 09:56 - 00444776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_36.dll
2014-04-30 23:29 - 2007-07-20 00:57 - 00411496 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_9.dll
2014-04-30 23:29 - 2007-07-20 00:57 - 00267112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_9.dll
2014-04-30 23:29 - 2007-07-19 18:14 - 05073256 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_35.dll
2014-04-30 23:29 - 2007-07-19 18:14 - 03727720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_35.dll
2014-04-30 23:29 - 2007-07-19 18:14 - 01985904 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_35.dll
2014-04-30 23:29 - 2007-07-19 18:14 - 01358192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_35.dll
2014-04-30 23:29 - 2007-07-19 18:14 - 00508264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_35.dll
2014-04-30 23:29 - 2007-07-19 18:14 - 00444776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_35.dll
2014-04-30 23:29 - 2007-06-20 20:49 - 00409960 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_8.dll
2014-04-30 23:29 - 2007-06-20 20:46 - 00266088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_8.dll
2014-04-30 23:29 - 2007-05-16 16:45 - 04496232 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_34.dll
2014-04-30 23:29 - 2007-05-16 16:45 - 03497832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_34.dll
2014-04-30 23:29 - 2007-05-16 16:45 - 01401200 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_34.dll
2014-04-30 23:29 - 2007-05-16 16:45 - 01124720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_34.dll
2014-04-30 23:29 - 2007-05-16 16:45 - 00506728 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_34.dll
2014-04-30 23:29 - 2007-05-16 16:45 - 00443752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_34.dll
2014-04-30 23:29 - 2007-04-04 18:55 - 00403304 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_7.dll
2014-04-30 23:29 - 2007-04-04 18:55 - 00261480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_7.dll
2014-04-30 23:29 - 2007-04-04 18:54 - 00107368 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_3.dll
2014-04-30 23:29 - 2007-04-04 18:53 - 00081768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_3.dll
2014-04-30 23:29 - 2007-03-15 16:57 - 00506728 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_33.dll
2014-04-30 23:29 - 2007-03-15 16:57 - 00443752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_33.dll
2014-04-30 23:29 - 2007-03-12 16:42 - 04494184 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_33.dll
2014-04-30 23:29 - 2007-03-12 16:42 - 03495784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_33.dll
2014-04-30 23:29 - 2007-03-12 16:42 - 01400176 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_33.dll
2014-04-30 23:29 - 2007-03-12 16:42 - 01123696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_33.dll
2014-04-30 23:29 - 2007-03-05 12:42 - 00017688 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_1.dll
2014-04-30 23:29 - 2007-03-05 12:42 - 00015128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_1.dll
2014-04-30 23:29 - 2007-01-24 15:27 - 00393576 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_6.dll
2014-04-30 23:29 - 2007-01-24 15:27 - 00255848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_6.dll
2014-04-30 23:29 - 2006-12-08 12:02 - 00251672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_5.dll
2014-04-30 23:29 - 2006-12-08 12:00 - 00390424 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_5.dll
2014-04-30 23:29 - 2006-11-29 13:06 - 00469264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10.dll
2014-04-30 23:29 - 2006-11-29 13:06 - 00440080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10.dll
2014-04-30 23:29 - 2006-09-28 16:05 - 03977496 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_31.dll
2014-04-30 23:29 - 2006-09-28 16:05 - 02414360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_31.dll
2014-04-30 23:29 - 2006-09-28 16:05 - 00237848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_4.dll
2014-04-30 23:29 - 2006-09-28 16:04 - 00364824 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_4.dll
2014-04-30 23:29 - 2006-07-28 09:31 - 00083736 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_2.dll
2014-04-30 23:29 - 2006-07-28 09:30 - 00363288 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_3.dll
2014-04-30 23:29 - 2006-07-28 09:30 - 00236824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_3.dll
2014-04-30 23:29 - 2006-07-28 09:30 - 00062744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_2.dll
2014-04-30 23:29 - 2006-05-31 07:24 - 00230168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_2.dll
2014-04-30 23:29 - 2006-05-31 07:22 - 00354072 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_2.dll
2014-04-30 23:29 - 2006-03-31 12:40 - 00352464 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_1.dll
2014-04-30 23:29 - 2006-03-31 12:39 - 00229584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_1.dll
2014-04-30 23:29 - 2006-03-31 12:39 - 00083664 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_1.dll
2014-04-30 23:29 - 2006-03-31 12:39 - 00062672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_1.dll
2014-04-30 23:29 - 2006-02-03 08:43 - 03830992 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_29.dll
2014-04-30 23:29 - 2006-02-03 08:43 - 02332368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_29.dll
2014-04-30 23:29 - 2006-02-03 08:42 - 00355536 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_0.dll
2014-04-30 23:29 - 2006-02-03 08:42 - 00230096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_0.dll
2014-04-30 23:29 - 2006-02-03 08:41 - 00016592 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_0.dll
2014-04-30 23:29 - 2006-02-03 08:41 - 00014032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_0.dll
2014-04-30 23:29 - 2005-12-05 18:09 - 03815120 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_28.dll
2014-04-30 23:29 - 2005-12-05 18:09 - 02323664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_28.dll
2014-04-30 23:29 - 2005-07-22 19:59 - 03807440 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_27.dll
2014-04-30 23:29 - 2005-07-22 19:59 - 02319568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_27.dll
2014-04-30 23:29 - 2005-05-26 15:34 - 03767504 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_26.dll
2014-04-30 23:29 - 2005-05-26 15:34 - 02297552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_26.dll
2014-04-30 23:29 - 2005-03-18 17:19 - 03823312 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_25.dll
2014-04-30 23:29 - 2005-03-18 17:19 - 02337488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_25.dll
2014-04-30 23:29 - 2005-02-05 19:45 - 03544272 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_24.dll
2014-04-30 23:29 - 2005-02-05 19:45 - 02222800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_24.dll
2014-04-30 23:23 - 2014-04-30 23:23 - 00035770 _____ () C:\Users\Pablo\Desktop\ZHPDiag.txt
2014-04-30 22:52 - 2014-04-30 22:52 - 00000000 ____D () C:\ProgramData\AVG Security Toolbar
2014-04-30 11:58 - 2014-04-30 11:58 - 00014309 _____ () C:\Users\Pablo\Desktop\hijackthis.log
2014-04-30 10:59 - 2014-04-30 23:46 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-04-30 10:59 - 2014-04-30 10:59 - 01141680 _____ () C:\Users\Pablo\Downloads\SteamSetup.exe
2014-04-30 10:59 - 2014-04-30 10:59 - 00000925 _____ () C:\Users\Public\Desktop\Steam.lnk
2014-04-30 10:59 - 2014-04-30 10:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2014-04-30 10:14 - 2014-04-30 10:14 - 00001797 _____ () C:\Users\Pablo\Desktop\JRT.txt
2014-04-30 10:03 - 2014-04-30 10:03 - 00000000 ____D () C:\Windows\ERUNT
2014-04-30 09:59 - 2014-04-30 09:59 - 01016261 _____ (Thisisu) C:\Users\Pablo\Downloads\JRT.exe
2014-04-29 23:10 - 2014-04-29 23:10 - 00012651 _____ () C:\Users\Pablo\Desktop\hijackthisaaa
2014-04-29 22:54 - 2014-04-29 22:54 - 00000097 _____ () C:\files.log
2014-04-29 22:46 - 2014-04-29 22:54 - 00000070 _____ () C:\folders.log
2014-04-29 22:46 - 2014-04-29 22:54 - 00000000 ____D () C:\zoek
2014-04-29 22:31 - 2014-04-29 22:54 - 00019376 _____ () C:\zoek-results.log
2014-04-29 22:28 - 2014-04-29 22:54 - 00003247 _____ () C:\runcheck.txt
2014-04-29 22:28 - 2014-04-29 22:48 - 00000000 ____D () C:\zoek_backup
2014-04-29 22:28 - 2014-04-29 22:28 - 01285120 _____ () C:\Users\Pablo\Downloads\zoek.exe
2014-04-29 17:33 - 2014-04-29 17:33 - 00002248 _____ () C:\Users\Pablo\Downloads\980e9f00-52b0-4c9d-b9a3-300581d6daeb_1216132_P9_Pablo Ricardo Pereira (1).zip
2014-04-29 16:30 - 2014-04-29 16:30 - 00001157 _____ () C:\Users\Pablo\Desktop\aaa.txt
2014-04-29 13:13 - 2014-04-29 13:13 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-04-29 13:13 - 2014-04-29 13:13 - 00001064 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-04-29 13:13 - 2014-04-29 13:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-04-29 13:13 - 2014-04-29 13:13 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-04-29 13:13 - 2014-04-29 13:13 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-04-29 13:13 - 2014-04-03 09:51 - 00088280 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-04-29 13:13 - 2014-04-03 09:51 - 00063192 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-04-29 13:13 - 2014-04-03 09:50 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-04-29 13:11 - 2014-04-29 13:12 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\Pablo\Downloads\mbam-setup-2.0.1.1004.exe
2014-04-29 13:04 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
2014-04-29 13:03 - 2014-04-29 13:05 - 00000000 ____D () C:\AdwCleaner
2014-04-29 13:02 - 2014-04-29 13:02 - 01310621 _____ () C:\Users\Pablo\Downloads\AdwCleaner.exe
2014-04-29 12:53 - 2014-04-30 23:39 - 00000000 ____D () C:\Users\Pablo\AppData\Roaming\ZHP
2014-04-29 12:53 - 2014-04-30 23:21 - 00000000 ____D () C:\Program Files (x86)\ZHPDiag
2014-04-29 12:53 - 2014-04-29 12:53 - 00003170 _____ () C:\Windows\System32\Tasks\{FD1E0C56-4675-4558-AD57-9C5D77DB0A0D}
2014-04-29 12:53 - 2014-04-29 12:53 - 00001949 _____ () C:\Users\Pablo\Desktop\ZHPFix.lnk
2014-04-29 12:53 - 2014-04-29 12:53 - 00001822 _____ () C:\Users\Pablo\Desktop\ZHPDiag.lnk
2014-04-29 12:53 - 2014-04-29 12:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZHP
2014-04-29 12:51 - 2014-04-29 12:52 - 06780391 _____ (Nicolas Coolman ) C:\Users\Pablo\Downloads\ZHPDiag2.exe
2014-04-29 12:46 - 2014-04-29 12:46 - 00000864 _____ () C:\Users\Pablo\Desktop\MCShield-AllScans.txt
2014-04-29 12:44 - 2014-04-30 23:48 - 00000000 ____D () C:\ProgramData\MCShield
2014-04-29 12:44 - 2014-04-29 12:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MCShield
2014-04-29 12:44 - 2014-04-29 12:44 - 00000000 ____D () C:\Program Files (x86)\MCShield
2014-04-29 12:42 - 2014-04-29 12:42 - 02856736 _____ (MyCity) C:\Users\Pablo\Downloads\MCShield-Setup.exe
2014-04-29 12:32 - 2014-04-29 12:32 - 00013385 _____ () C:\Users\Pablo\Desktop\UsbFix_Report.txt
2014-04-29 12:30 - 2014-04-29 12:32 - 00013385 _____ () C:\UsbFix [Clean 2] PES.txt
2014-04-29 12:20 - 2014-04-29 12:32 - 00000000 ____D () C:\UsbFix
2014-04-29 12:20 - 2014-04-29 12:27 - 00001450 _____ () C:\Users\Pablo\Desktop\UsbFix.lnk
2014-04-29 12:10 - 2014-04-29 12:11 - 03006996 _____ (El Desaparecido - SosVirus.net - UsbFix.net) C:\Users\Pablo\Downloads\UsbFix.exe
2014-04-29 10:31 - 2014-04-29 12:48 - 00014095 _____ () C:\Users\Pablo\Downloads\hijackthis.log
2014-04-29 10:30 - 2014-04-29 10:30 - 00388608 _____ (Trend Micro Inc.) C:\Users\Pablo\Downloads\HijackThis.exe
2014-04-29 10:24 - 2014-04-29 10:24 - 00000000 ____D () C:\Users\Pablo\AppData\Roaming\AVG2014
2014-04-29 10:23 - 2014-04-29 10:23 - 00000985 _____ () C:\Users\Public\Desktop\AVG 2014.lnk
2014-04-29 10:23 - 2014-04-29 10:23 - 00000000 ____D () C:\Users\Pablo\AppData\Roaming\TuneUp Software
2014-04-29 10:23 - 2014-04-29 10:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2014-04-29 10:22 - 2014-04-29 22:55 - 00000000 ____D () C:\ProgramData\AVG2014
2014-04-29 10:22 - 2014-04-29 10:22 - 00000000 ____D () C:\Program Files (x86)\AVG
2014-04-29 10:22 - 2014-04-29 10:22 - 00000000 ____D () C:\$AVG
2014-04-29 10:09 - 2014-04-30 17:48 - 00000000 ____D () C:\ProgramData\MFAData
2014-04-29 10:09 - 2014-04-29 11:41 - 00000000 ____D () C:\Users\Pablo\AppData\Local\Avg2014
2014-04-29 10:09 - 2014-04-29 10:09 - 04485528 _____ (AVG Technologies) C:\Users\Pablo\Downloads\avg_free_stb_pb_2014_4577_free.exe
2014-04-29 10:09 - 2014-04-29 10:09 - 00000000 ____D () C:\Users\Pablo\AppData\Local\MFAData
2014-04-27 19:07 - 2014-04-28 17:27 - 00000000 ____D () C:\Users\Pablo\Desktop\FILSOFIA
2014-04-26 21:53 - 2014-04-24 21:00 - 00003009 _____ () C:\Users\Pablo\Desktop\exercicio.txt
2014-04-26 21:53 - 2014-04-24 21:00 - 00001105 _____ () C:\Users\Pablo\Desktop\774590_Aula%20220414%20Enunciado%20noite.txt
2014-04-26 18:38 - 2014-04-26 19:10 - 00000000 ____D () C:\Users\Pablo\AppData\Roaming\klavaro
2014-04-26 18:38 - 2014-04-26 18:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Klavaro
2014-04-24 22:48 - 2014-04-24 23:13 - 00000000 ____D () C:\xti
2014-04-24 22:42 - 2014-04-24 22:42 - 00001073 _____ () C:\Users\Pablo\Desktop\Notepad++.lnk
2014-04-24 22:41 - 2014-04-24 22:42 - 00000000 ____D () C:\Users\Pablo\AppData\Roaming\Notepad++
2014-04-24 22:41 - 2014-04-24 22:41 - 00000000 ____D () C:\Users\Pablo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Notepad++
2014-04-24 22:41 - 2014-04-24 22:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++
2014-04-24 22:41 - 2014-04-24 22:41 - 00000000 ____D () C:\Program Files (x86)\Notepad++
2014-04-24 10:09 - 2014-04-24 10:09 - 00313256 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-04-24 10:09 - 2014-04-24 10:09 - 00191400 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2014-04-24 10:09 - 2014-04-24 10:09 - 00190888 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2014-04-24 10:09 - 2014-04-24 10:09 - 00111016 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2014-04-24 10:08 - 2014-04-24 10:09 - 00000000 ____D () C:\Program Files\Java
2014-04-24 10:05 - 2014-04-24 10:23 - 00000000 ____D () C:\Users\Pablo\Desktop\JAVA
2014-04-20 14:07 - 2014-04-20 14:07 - 00002248 _____ () C:\Users\Pablo\Downloads\980e9f00-52b0-4c9d-b9a3-300581d6daeb_1216132_P9_Pablo Ricardo Pereira.zip
2014-04-18 23:32 - 2014-04-18 23:32 - 00002186 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Digital Editions 3.0.lnk
2014-04-18 23:32 - 2014-04-18 23:32 - 00000000 ____D () C:\Users\Pablo\Documents\My Digital Editions
2014-04-18 23:32 - 2014-04-18 23:32 - 00000000 ____D () C:\Users\Pablo\AppData\Local\Adobe_Systems_Incorporate
2014-04-18 23:32 - 2014-04-18 23:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe
2014-04-18 23:30 - 2014-04-18 23:32 - 06063152 _____ (Adobe Systems Incorporated) C:\Users\Pablo\Downloads\ADE_3.0_Installer.exe
2014-04-18 23:26 - 2014-04-18 23:26 - 00000000 ____D () C:\Users\Pablo\Downloads\LivroFilosofiaSeminário
2014-04-18 23:15 - 2014-04-18 23:17 - 04676323 _____ () C:\Users\Pablo\Downloads\LivroFilosofiaSeminário.zip
2014-04-18 23:03 - 2014-04-18 23:03 - 00000000 ____D () C:\Users\Pablo\Desktop\Normatização PUC
2014-04-18 15:01 - 2014-04-18 15:01 - 00237336 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgidsdrivera.sys
2014-04-18 11:06 - 2014-04-18 11:06 - 00000000 ____D () C:\Users\Pablo\Desktop\Guia 09
2014-04-18 10:57 - 2014-04-18 10:57 - 00000000 ____D () C:\Users\Pablo\AppData\Local\CrashRpt
2014-04-14 14:56 - 2014-04-14 14:56 - 00000017 _____ () C:\Users\Pablo\AppData\Local\resmon.resmoncfg
2014-04-14 12:59 - 2014-04-14 12:59 - 00000000 ____D () C:\Users\Pablo\Desktop\AutoCad
2014-04-13 11:30 - 2014-04-13 11:31 - 00000000 ____D () C:\Users\Pablo\Downloads\Guia 09
2014-04-08 23:07 - 2014-04-24 13:10 - 00000000 ____D () C:\Users\Pablo\Desktop\LABORATÓRIO
2014-04-06 11:46 - 2014-04-13 12:49 - 00000000 ____D () C:\Users\Pablo\Documents\Andreza
2014-04-05 20:22 - 2014-04-05 20:23 - 00089361 _____ () C:\Users\Pablo\Downloads\1664d993-3daf-4865-b4d0-6597b379e5cb_1222764_P15_Pablo Ricardo Pereira.zip
2014-04-02 18:36 - 2014-04-02 18:37 - 00000000 ____D () C:\PenClean
2014-04-02 18:29 - 2014-04-13 11:47 - 00002532 _____ () C:\Windows\WindowsUpdate.log
2014-04-02 15:32 - 2014-04-02 15:32 - 00000000 ____D () C:\Users\Pablo\Desktop\EstudarMatemática
2014-03-31 16:20 - 2014-03-31 16:20 - 00274200 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgtdia.sys
2014-03-31 16:06 - 2014-03-31 16:06 - 00130840 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgmfx64.sys
2014-03-31 15:24 - 2014-04-26 15:27 - 00000000 ____D () C:\Users\Pablo\Desktop\Documentos Para Rever
==================== One Month Modified Files and Folders =======
2014-04-30 23:50 - 2014-04-30 23:50 - 00021080 _____ () C:\Users\Pablo\Downloads\FRST.txt
2014-04-30 23:50 - 2014-04-30 23:50 - 00000000 ____D () C:\FRST
2014-04-30 23:49 - 2014-04-30 23:49 - 02061824 _____ (Farbar) C:\Users\Pablo\Downloads\FRST64.exe
2014-04-30 23:48 - 2014-04-29 12:44 - 00000000 ____D () C:\ProgramData\MCShield
2014-04-30 23:47 - 2014-03-03 15:34 - 00448316 _____ () C:\Windows\PFRO.log
2014-04-30 23:47 - 2014-03-03 15:34 - 00019172 _____ () C:\Windows\setupact.log
2014-04-30 23:47 - 2013-01-05 11:34 - 00000380 _____ () C:\Users\Pablo\AppData\Roaming\sp_data.sys
2014-04-30 23:47 - 2012-07-15 05:32 - 00000828 _____ () C:\Windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job
2014-04-30 23:47 - 2012-03-09 16:29 - 00001078 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-04-30 23:47 - 2009-07-14 02:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-04-30 23:46 - 2014-04-30 10:59 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-04-30 23:41 - 2013-05-27 20:17 - 00000902 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-04-30 23:39 - 2014-04-30 23:39 - 00001221 _____ () C:\Users\Pablo\Desktop\ZHPFixReport.txt
2014-04-30 23:39 - 2014-04-29 12:53 - 00000000 ____D () C:\Users\Pablo\AppData\Roaming\ZHP
2014-04-30 23:29 - 2014-04-30 23:29 - 00010357 _____ () C:\Windows\DirectX.log
2014-04-30 23:26 - 2009-07-14 01:45 - 00016752 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-04-30 23:26 - 2009-07-14 01:45 - 00016752 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-04-30 23:23 - 2014-04-30 23:23 - 00035770 _____ () C:\Users\Pablo\Desktop\ZHPDiag.txt
2014-04-30 23:21 - 2014-04-29 12:53 - 00000000 ____D () C:\Program Files (x86)\ZHPDiag
2014-04-30 23:09 - 2012-03-09 16:29 - 00001082 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-04-30 22:52 - 2014-04-30 22:52 - 00000000 ____D () C:\ProgramData\AVG Security Toolbar
2014-04-30 22:49 - 2012-07-15 05:37 - 00002452 _____ () C:\Windows\system32\AutoRunFilter.ini
2014-04-30 17:48 - 2014-04-29 10:09 - 00000000 ____D () C:\ProgramData\MFAData
2014-04-30 15:22 - 2014-03-09 12:58 - 00000000 ____D () C:\SUPERDelete
2014-04-30 15:22 - 2011-02-18 23:06 - 00781268 _____ () C:\Windows\system32\prfh0416.dat
2014-04-30 15:22 - 2011-02-18 23:06 - 00175484 _____ () C:\Windows\system32\prfc0416.dat
2014-04-30 15:22 - 2009-07-14 02:13 - 01846306 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-04-30 14:14 - 2012-07-15 05:32 - 00000830 _____ () C:\Windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job
2014-04-30 11:58 - 2014-04-30 11:58 - 00014309 _____ () C:\Users\Pablo\Desktop\hijackthis.log
2014-04-30 10:59 - 2014-04-30 10:59 - 01141680 _____ () C:\Users\Pablo\Downloads\SteamSetup.exe
2014-04-30 10:59 - 2014-04-30 10:59 - 00000925 _____ () C:\Users\Public\Desktop\Steam.lnk
2014-04-30 10:59 - 2014-04-30 10:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2014-04-30 10:14 - 2014-04-30 10:14 - 00001797 _____ () C:\Users\Pablo\Desktop\JRT.txt
2014-04-30 10:03 - 2014-04-30 10:03 - 00000000 ____D () C:\Windows\ERUNT
2014-04-30 09:59 - 2014-04-30 09:59 - 01016261 _____ (Thisisu) C:\Users\Pablo\Downloads\JRT.exe
2014-04-29 23:10 - 2014-04-29 23:10 - 00012651 _____ () C:\Users\Pablo\Desktop\hijackthisaaa
2014-04-29 22:55 - 2014-04-29 10:22 - 00000000 ____D () C:\ProgramData\AVG2014
2014-04-29 22:54 - 2014-04-29 22:54 - 00000097 _____ () C:\files.log
2014-04-29 22:54 - 2014-04-29 22:46 - 00000070 _____ () C:\folders.log
2014-04-29 22:54 - 2014-04-29 22:46 - 00000000 ____D () C:\zoek
2014-04-29 22:54 - 2014-04-29 22:31 - 00019376 _____ () C:\zoek-results.log
2014-04-29 22:54 - 2014-04-29 22:28 - 00003247 _____ () C:\runcheck.txt
2014-04-29 22:48 - 2014-04-29 22:28 - 00000000 ____D () C:\zoek_backup
2014-04-29 22:28 - 2014-04-29 22:28 - 01285120 _____ () C:\Users\Pablo\Downloads\zoek.exe
2014-04-29 22:25 - 2012-03-09 16:37 - 00000000 ____D () C:\Windows\ar
2014-04-29 17:36 - 2014-02-06 09:26 - 00000000 ____D () C:\Users\Pablo\Documents\Visual Studio 2010
2014-04-29 17:33 - 2014-04-29 17:33 - 00002248 _____ () C:\Users\Pablo\Downloads\980e9f00-52b0-4c9d-b9a3-300581d6daeb_1216132_P9_Pablo Ricardo Pereira (1).zip
2014-04-29 17:29 - 2014-02-23 22:31 - 00000000 ____D () C:\Users\Pablo\Desktop\Lista Reforço
2014-04-29 16:30 - 2014-04-29 16:30 - 00001157 _____ () C:\Users\Pablo\Desktop\aaa.txt
2014-04-29 13:13 - 2014-04-29 13:13 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-04-29 13:13 - 2014-04-29 13:13 - 00001064 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-04-29 13:13 - 2014-04-29 13:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-04-29 13:13 - 2014-04-29 13:13 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-04-29 13:13 - 2014-04-29 13:13 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-04-29 13:12 - 2014-04-29 13:11 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\Pablo\Downloads\mbam-setup-2.0.1.1004.exe
2014-04-29 13:05 - 2014-04-29 13:03 - 00000000 ____D () C:\AdwCleaner
2014-04-29 13:05 - 2013-01-05 11:34 - 00000000 ____D () C:\Users\Pablo
2014-04-29 13:02 - 2014-04-29 13:02 - 01310621 _____ () C:\Users\Pablo\Downloads\AdwCleaner.exe
2014-04-29 12:53 - 2014-04-29 12:53 - 00003170 _____ () C:\Windows\System32\Tasks\{FD1E0C56-4675-4558-AD57-9C5D77DB0A0D}
2014-04-29 12:53 - 2014-04-29 12:53 - 00001949 _____ () C:\Users\Pablo\Desktop\ZHPFix.lnk
2014-04-29 12:53 - 2014-04-29 12:53 - 00001822 _____ () C:\Users\Pablo\Desktop\ZHPDiag.lnk
2014-04-29 12:53 - 2014-04-29 12:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZHP
2014-04-29 12:52 - 2014-04-29 12:51 - 06780391 _____ (Nicolas Coolman ) C:\Users\Pablo\Downloads\ZHPDiag2.exe
2014-04-29 12:48 - 2014-04-29 10:31 - 00014095 _____ () C:\Users\Pablo\Downloads\hijackthis.log
2014-04-29 12:46 - 2014-04-29 12:46 - 00000864 _____ () C:\Users\Pablo\Desktop\MCShield-AllScans.txt
2014-04-29 12:44 - 2014-04-29 12:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MCShield
2014-04-29 12:44 - 2014-04-29 12:44 - 00000000 ____D () C:\Program Files (x86)\MCShield
2014-04-29 12:42 - 2014-04-29 12:42 - 02856736 _____ (MyCity) C:\Users\Pablo\Downloads\MCShield-Setup.exe
2014-04-29 12:32 - 2014-04-29 12:32 - 00013385 _____ () C:\Users\Pablo\Desktop\UsbFix_Report.txt
2014-04-29 12:32 - 2014-04-29 12:30 - 00013385 _____ () C:\UsbFix [Clean 2] PES.txt
2014-04-29 12:32 - 2014-04-29 12:20 - 00000000 ____D () C:\UsbFix
2014-04-29 12:27 - 2014-04-29 12:20 - 00001450 _____ () C:\Users\Pablo\Desktop\UsbFix.lnk
2014-04-29 12:27 - 2012-07-15 05:37 - 00001827 _____ () C:\Windows\system32\ServiceFilter.ini
2014-04-29 12:11 - 2014-04-29 12:10 - 03006996 _____ (El Desaparecido - SosVirus.net - UsbFix.net) C:\Users\Pablo\Downloads\UsbFix.exe
2014-04-29 11:41 - 2014-04-29 10:09 - 00000000 ____D () C:\Users\Pablo\AppData\Local\Avg2014
2014-04-29 10:31 - 2013-01-05 11:34 - 00000000 ____D () C:\Users\Pablo\AppData\Local\VirtualStore
2014-04-29 10:30 - 2014-04-29 10:30 - 00388608 _____ (Trend Micro Inc.) C:\Users\Pablo\Downloads\HijackThis.exe
2014-04-29 10:24 - 2014-04-29 10:24 - 00000000 ____D () C:\Users\Pablo\AppData\Roaming\AVG2014
2014-04-29 10:23 - 2014-04-29 10:23 - 00000985 _____ () C:\Users\Public\Desktop\AVG 2014.lnk
2014-04-29 10:23 - 2014-04-29 10:23 - 00000000 ____D () C:\Users\Pablo\AppData\Roaming\TuneUp Software
2014-04-29 10:23 - 2014-04-29 10:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2014-04-29 10:22 - 2014-04-29 10:22 - 00000000 ____D () C:\Program Files (x86)\AVG
2014-04-29 10:22 - 2014-04-29 10:22 - 00000000 ____D () C:\$AVG
2014-04-29 10:09 - 2014-04-29 10:09 - 04485528 _____ (AVG Technologies) C:\Users\Pablo\Downloads\avg_free_stb_pb_2014_4577_free.exe
2014-04-29 10:09 - 2014-04-29 10:09 - 00000000 ____D () C:\Users\Pablo\AppData\Local\MFAData
2014-04-28 17:27 - 2014-04-27 19:07 - 00000000 ____D () C:\Users\Pablo\Desktop\FILSOFIA
2014-04-27 16:19 - 2012-03-09 16:52 - 00000286 __RSH () C:\ProgramData\ntuser.pol
2014-04-26 19:10 - 2014-04-26 18:38 - 00000000 ____D () C:\Users\Pablo\AppData\Roaming\klavaro
2014-04-26 18:38 - 2014-04-26 18:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Klavaro
2014-04-26 16:57 - 2013-01-06 14:46 - 00000000 ____D () C:\Users\Pablo\AppData\Roaming\vlc
2014-04-26 15:27 - 2014-03-31 15:24 - 00000000 ____D () C:\Users\Pablo\Desktop\Documentos Para Rever
2014-04-24 23:13 - 2014-04-24 22:48 - 00000000 ____D () C:\xti
2014-04-24 22:42 - 2014-04-24 22:42 - 00001073 _____ () C:\Users\Pablo\Desktop\Notepad++.lnk
2014-04-24 22:42 - 2014-04-24 22:41 - 00000000 ____D () C:\Users\Pablo\AppData\Roaming\Notepad++
2014-04-24 22:41 - 2014-04-24 22:41 - 00000000 ____D () C:\Users\Pablo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Notepad++
2014-04-24 22:41 - 2014-04-24 22:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++
2014-04-24 22:41 - 2014-04-24 22:41 - 00000000 ____D () C:\Program Files (x86)\Notepad++
2014-04-24 21:00 - 2014-04-26 21:53 - 00003009 _____ () C:\Users\Pablo\Desktop\exercicio.txt
2014-04-24 21:00 - 2014-04-26 21:53 - 00001105 _____ () C:\Users\Pablo\Desktop\774590_Aula%20220414%20Enunciado%20noite.txt
2014-04-24 13:10 - 2014-04-08 23:07 - 00000000 ____D () C:\Users\Pablo\Desktop\LABORATÓRIO
2014-04-24 10:23 - 2014-04-24 10:05 - 00000000 ____D () C:\Users\Pablo\Desktop\JAVA
2014-04-24 10:09 - 2014-04-24 10:09 - 00313256 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-04-24 10:09 - 2014-04-24 10:09 - 00191400 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2014-04-24 10:09 - 2014-04-24 10:09 - 00190888 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2014-04-24 10:09 - 2014-04-24 10:09 - 00111016 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2014-04-24 10:09 - 2014-04-24 10:08 - 00000000 ____D () C:\Program Files\Java
2014-04-24 10:08 - 2013-11-12 22:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java Development Kit
2014-04-24 10:08 - 2013-11-12 22:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-04-23 22:39 - 2013-01-05 11:34 - 00140856 _____ () C:\Users\Pablo\AppData\Local\GDIPFONTCACHEV1.DAT
2014-04-23 22:37 - 2009-07-14 01:45 - 00480680 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-04-21 20:11 - 2013-03-15 12:02 - 00000000 ____D () C:\Users\Pablo\Documents\Pablo
2014-04-20 14:07 - 2014-04-20 14:07 - 00002248 _____ () C:\Users\Pablo\Downloads\980e9f00-52b0-4c9d-b9a3-300581d6daeb_1216132_P9_Pablo Ricardo Pereira.zip
2014-04-18 23:35 - 2013-01-06 18:51 - 00000000 ____D () C:\Users\Pablo\Desktop\Programas
2014-04-18 23:32 - 2014-04-18 23:32 - 00002186 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Digital Editions 3.0.lnk
2014-04-18 23:32 - 2014-04-18 23:32 - 00000000 ____D () C:\Users\Pablo\Documents\My Digital Editions
2014-04-18 23:32 - 2014-04-18 23:32 - 00000000 ____D () C:\Users\Pablo\AppData\Local\Adobe_Systems_Incorporate
2014-04-18 23:32 - 2014-04-18 23:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe
2014-04-18 23:32 - 2014-04-18 23:30 - 06063152 _____ (Adobe Systems Incorporated) C:\Users\Pablo\Downloads\ADE_3.0_Installer.exe
2014-04-18 23:32 - 2012-03-09 16:29 - 00000000 ____D () C:\Program Files (x86)\Adobe
2014-04-18 23:26 - 2014-04-18 23:26 - 00000000 ____D () C:\Users\Pablo\Downloads\LivroFilosofiaSeminário
2014-04-18 23:17 - 2014-04-18 23:15 - 04676323 _____ () C:\Users\Pablo\Downloads\LivroFilosofiaSeminário.zip
2014-04-18 23:03 - 2014-04-18 23:03 - 00000000 ____D () C:\Users\Pablo\Desktop\Normatização PUC
2014-04-18 15:01 - 2014-04-18 15:01 - 00237336 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgidsdrivera.sys
2014-04-18 11:26 - 2013-10-30 23:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2014-04-18 11:06 - 2014-04-18 11:06 - 00000000 ____D () C:\Users\Pablo\Desktop\Guia 09
2014-04-18 10:57 - 2014-04-18 10:57 - 00000000 ____D () C:\Users\Pablo\AppData\Local\CrashRpt
2014-04-15 13:07 - 2009-07-14 02:08 - 00032608 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-04-14 15:23 - 2014-02-06 09:14 - 00000000 ____D () C:\Users\Pablo\Desktop\Estudo
2014-04-14 14:56 - 2014-04-14 14:56 - 00000017 _____ () C:\Users\Pablo\AppData\Local\resmon.resmoncfg
2014-04-14 12:59 - 2014-04-14 12:59 - 00000000 ____D () C:\Users\Pablo\Desktop\AutoCad
2014-04-13 12:49 - 2014-04-06 11:46 - 00000000 ____D () C:\Users\Pablo\Documents\Andreza
2014-04-13 11:47 - 2014-04-02 18:29 - 00002532 _____ () C:\Windows\WindowsUpdate.log
2014-04-13 11:31 - 2014-04-13 11:30 - 00000000 ____D () C:\Users\Pablo\Downloads\Guia 09
2014-04-05 20:23 - 2014-04-05 20:22 - 00089361 _____ () C:\Users\Pablo\Downloads\1664d993-3daf-4865-b4d0-6597b379e5cb_1222764_P15_Pablo Ricardo Pereira.zip
2014-04-03 14:30 - 2009-07-14 00:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-04-03 09:51 - 2014-04-29 13:13 - 00088280 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-04-03 09:51 - 2014-04-29 13:13 - 00063192 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-04-03 09:50 - 2014-04-29 13:13 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-04-02 18:37 - 2014-04-02 18:36 - 00000000 ____D () C:\PenClean
2014-04-02 18:29 - 2009-07-14 00:20 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2014-04-02 15:32 - 2014-04-02 15:32 - 00000000 ____D () C:\Users\Pablo\Desktop\EstudarMatemática
2014-03-31 16:20 - 2014-03-31 16:20 - 00274200 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgtdia.sys
2014-03-31 16:06 - 2014-03-31 16:06 - 00130840 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgmfx64.sys
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2014-04-29 11:11
==================== End Of Log ============================
2014-04-30 23:29 - 2009-03-16 14:18 - 00521560 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_4.dll
2014-04-30 23:29 - 2009-03-16 14:18 - 00517448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_4.dll
2014-04-30 23:29 - 2009-03-16 14:18 - 00235352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_4.dll
2014-04-30 23:29 - 2009-03-16 14:18 - 00174936 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_4.dll
2014-04-30 23:29 - 2009-03-16 14:18 - 00024920 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_6.dll
2014-04-30 23:29 - 2009-03-16 14:18 - 00022360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_6.dll
2014-04-30 23:29 - 2009-03-09 15:27 - 05425496 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_41.dll
2014-04-30 23:29 - 2009-03-09 15:27 - 04178264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_41.dll
2014-04-30 23:29 - 2009-03-09 15:27 - 02430312 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_41.dll
2014-04-30 23:29 - 2009-03-09 15:27 - 00520544 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_41.dll
2014-04-30 23:29 - 2008-10-27 10:04 - 00518480 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_3.dll
2014-04-30 23:29 - 2008-10-27 10:04 - 00514384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_3.dll
2014-04-30 23:29 - 2008-10-27 10:04 - 00235856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_3.dll
2014-04-30 23:29 - 2008-10-27 10:04 - 00175440 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_3.dll
2014-04-30 23:29 - 2008-10-27 10:04 - 00074576 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_2.dll
2014-04-30 23:29 - 2008-10-27 10:04 - 00070992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_2.dll
2014-04-30 23:29 - 2008-10-27 10:04 - 00025936 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_5.dll
2014-04-30 23:29 - 2008-10-27 10:04 - 00023376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_5.dll
2014-04-30 23:29 - 2008-10-15 06:22 - 05631312 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_40.dll
2014-04-30 23:29 - 2008-10-15 06:22 - 04379984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_40.dll
2014-04-30 23:29 - 2008-10-15 06:22 - 02605920 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_40.dll
2014-04-30 23:29 - 2008-10-15 06:22 - 02036576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_40.dll
2014-04-30 23:29 - 2008-10-15 06:22 - 00519000 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_40.dll
2014-04-30 23:29 - 2008-10-15 06:22 - 00452440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_40.dll
2014-04-30 23:29 - 2008-07-31 10:41 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_2.dll
2014-04-30 23:29 - 2008-07-31 10:41 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_2.dll
2014-04-30 23:29 - 2008-07-31 10:41 - 00072200 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_1.dll
2014-04-30 23:29 - 2008-07-31 10:41 - 00068616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_1.dll
2014-04-30 23:29 - 2008-07-31 10:40 - 00513544 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_2.dll
2014-04-30 23:29 - 2008-07-31 10:40 - 00509448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_2.dll
2014-04-30 23:29 - 2008-07-10 11:01 - 00467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_39.dll
2014-04-30 23:29 - 2008-07-10 11:00 - 04992520 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_39.dll
2014-04-30 23:29 - 2008-07-10 11:00 - 03851784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_39.dll
2014-04-30 23:29 - 2008-07-10 11:00 - 01942552 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_39.dll
2014-04-30 23:29 - 2008-07-10 11:00 - 01493528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_39.dll
2014-04-30 23:29 - 2008-07-10 11:00 - 00540688 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_39.dll
2014-04-30 23:29 - 2008-05-30 14:19 - 00511496 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_1.dll
2014-04-30 23:29 - 2008-05-30 14:19 - 00507400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_1.dll
2014-04-30 23:29 - 2008-05-30 14:18 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_1.dll
2014-04-30 23:29 - 2008-05-30 14:18 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_1.dll
2014-04-30 23:29 - 2008-05-30 14:17 - 00068104 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_0.dll
2014-04-30 23:29 - 2008-05-30 14:17 - 00065032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_0.dll
2014-04-30 23:29 - 2008-05-30 14:17 - 00025608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_4.dll
2014-04-30 23:29 - 2008-05-30 14:16 - 00028168 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_4.dll
2014-04-30 23:29 - 2008-05-30 14:11 - 04991496 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_38.dll
2014-04-30 23:29 - 2008-05-30 14:11 - 03850760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_38.dll
2014-04-30 23:29 - 2008-05-30 14:11 - 01941528 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_38.dll
2014-04-30 23:29 - 2008-05-30 14:11 - 01491992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_38.dll
2014-04-30 23:29 - 2008-05-30 14:11 - 00540688 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_38.dll
2014-04-30 23:29 - 2008-05-30 14:11 - 00467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_38.dll
2014-04-30 23:29 - 2008-03-05 16:04 - 00489480 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_0.dll
2014-04-30 23:29 - 2008-03-05 16:03 - 00479752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_0.dll
2014-04-30 23:29 - 2008-03-05 16:03 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_0.dll
2014-04-30 23:29 - 2008-03-05 16:03 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_0.dll
2014-04-30 23:29 - 2008-03-05 16:00 - 00028168 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_3.dll
2014-04-30 23:29 - 2008-03-05 16:00 - 00025608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_3.dll
2014-04-30 23:29 - 2008-03-05 15:56 - 04910088 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_37.dll
2014-04-30 23:29 - 2008-03-05 15:56 - 03786760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_37.dll
2014-04-30 23:29 - 2008-03-05 15:56 - 01860120 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_37.dll
2014-04-30 23:29 - 2008-03-05 15:56 - 01420824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_37.dll
2014-04-30 23:29 - 2008-02-05 23:07 - 00529424 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_37.dll
2014-04-30 23:29 - 2008-02-05 23:07 - 00462864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_37.dll
2014-04-30 23:29 - 2007-10-22 03:40 - 00411656 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_10.dll
2014-04-30 23:29 - 2007-10-22 03:39 - 00267272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_10.dll
2014-04-30 23:29 - 2007-10-22 03:37 - 00021000 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_2.dll
2014-04-30 23:29 - 2007-10-22 03:37 - 00017928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_2.dll
2014-04-30 23:29 - 2007-10-12 15:14 - 05081608 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_36.dll
2014-04-30 23:29 - 2007-10-12 15:14 - 03734536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_36.dll
2014-04-30 23:29 - 2007-10-12 15:14 - 02006552 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_36.dll
2014-04-30 23:29 - 2007-10-12 15:14 - 01374232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_36.dll
2014-04-30 23:29 - 2007-10-02 09:56 - 00508264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_36.dll
2014-04-30 23:29 - 2007-10-02 09:56 - 00444776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_36.dll
2014-04-30 23:29 - 2007-07-20 00:57 - 00411496 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_9.dll
2014-04-30 23:29 - 2007-07-20 00:57 - 00267112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_9.dll
2014-04-30 23:29 - 2007-07-19 18:14 - 05073256 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_35.dll
2014-04-30 23:29 - 2007-07-19 18:14 - 03727720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_35.dll
2014-04-30 23:29 - 2007-07-19 18:14 - 01985904 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_35.dll
2014-04-30 23:29 - 2007-07-19 18:14 - 01358192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_35.dll
2014-04-30 23:29 - 2007-07-19 18:14 - 00508264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_35.dll
2014-04-30 23:29 - 2007-07-19 18:14 - 00444776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_35.dll
2014-04-30 23:29 - 2007-06-20 20:49 - 00409960 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_8.dll
2014-04-30 23:29 - 2007-06-20 20:46 - 00266088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_8.dll
2014-04-30 23:29 - 2007-05-16 16:45 - 04496232 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_34.dll
2014-04-30 23:29 - 2007-05-16 16:45 - 03497832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_34.dll
2014-04-30 23:29 - 2007-05-16 16:45 - 01401200 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_34.dll
2014-04-30 23:29 - 2007-05-16 16:45 - 01124720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_34.dll
2014-04-30 23:29 - 2007-05-16 16:45 - 00506728 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_34.dll
2014-04-30 23:29 - 2007-05-16 16:45 - 00443752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_34.dll
2014-04-30 23:29 - 2007-04-04 18:55 - 00403304 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_7.dll
2014-04-30 23:29 - 2007-04-04 18:55 - 00261480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_7.dll
2014-04-30 23:29 - 2007-04-04 18:54 - 00107368 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_3.dll
2014-04-30 23:29 - 2007-04-04 18:53 - 00081768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_3.dll
2014-04-30 23:29 - 2007-03-15 16:57 - 00506728 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_33.dll
2014-04-30 23:29 - 2007-03-15 16:57 - 00443752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_33.dll
2014-04-30 23:29 - 2007-03-12 16:42 - 04494184 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_33.dll
2014-04-30 23:29 - 2007-03-12 16:42 - 03495784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_33.dll
2014-04-30 23:29 - 2007-03-12 16:42 - 01400176 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_33.dll
2014-04-30 23:29 - 2007-03-12 16:42 - 01123696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_33.dll
2014-04-30 23:29 - 2007-03-05 12:42 - 00017688 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_1.dll
2014-04-30 23:29 - 2007-03-05 12:42 - 00015128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_1.dll
2014-04-30 23:29 - 2007-01-24 15:27 - 00393576 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_6.dll
2014-04-30 23:29 - 2007-01-24 15:27 - 00255848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_6.dll
2014-04-30 23:29 - 2006-12-08 12:02 - 00251672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_5.dll
2014-04-30 23:29 - 2006-12-08 12:00 - 00390424 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_5.dll
2014-04-30 23:29 - 2006-11-29 13:06 - 00469264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10.dll
2014-04-30 23:29 - 2006-11-29 13:06 - 00440080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10.dll
2014-04-30 23:29 - 2006-09-28 16:05 - 03977496 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_31.dll
2014-04-30 23:29 - 2006-09-28 16:05 - 02414360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_31.dll
2014-04-30 23:29 - 2006-09-28 16:05 - 00237848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_4.dll
2014-04-30 23:29 - 2006-09-28 16:04 - 00364824 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_4.dll
2014-04-30 23:29 - 2006-07-28 09:31 - 00083736 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_2.dll
2014-04-30 23:29 - 2006-07-28 09:30 - 00363288 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_3.dll
2014-04-30 23:29 - 2006-07-28 09:30 - 00236824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_3.dll
2014-04-30 23:29 - 2006-07-28 09:30 - 00062744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_2.dll
2014-04-30 23:29 - 2006-05-31 07:24 - 00230168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_2.dll
2014-04-30 23:29 - 2006-05-31 07:22 - 00354072 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_2.dll
2014-04-30 23:29 - 2006-03-31 12:40 - 00352464 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_1.dll
2014-04-30 23:29 - 2006-03-31 12:39 - 00229584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_1.dll
2014-04-30 23:29 - 2006-03-31 12:39 - 00083664 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_1.dll
2014-04-30 23:29 - 2006-03-31 12:39 - 00062672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_1.dll
2014-04-30 23:29 - 2006-02-03 08:43 - 03830992 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_29.dll
2014-04-30 23:29 - 2006-02-03 08:43 - 02332368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_29.dll
2014-04-30 23:29 - 2006-02-03 08:42 - 00355536 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_0.dll
2014-04-30 23:29 - 2006-02-03 08:42 - 00230096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_0.dll
2014-04-30 23:29 - 2006-02-03 08:41 - 00016592 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_0.dll
2014-04-30 23:29 - 2006-02-03 08:41 - 00014032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_0.dll
2014-04-30 23:29 - 2005-12-05 18:09 - 03815120 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_28.dll
2014-04-30 23:29 - 2005-12-05 18:09 - 02323664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_28.dll
2014-04-30 23:29 - 2005-07-22 19:59 - 03807440 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_27.dll
2014-04-30 23:29 - 2005-07-22 19:59 - 02319568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_27.dll
2014-04-30 23:29 - 2005-05-26 15:34 - 03767504 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_26.dll
2014-04-30 23:29 - 2005-05-26 15:34 - 02297552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_26.dll
2014-04-30 23:29 - 2005-03-18 17:19 - 03823312 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_25.dll
2014-04-30 23:29 - 2005-03-18 17:19 - 02337488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_25.dll
2014-04-30 23:29 - 2005-02-05 19:45 - 03544272 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_24.dll
2014-04-30 23:29 - 2005-02-05 19:45 - 02222800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_24.dll
2014-04-30 23:23 - 2014-04-30 23:23 - 00035770 _____ () C:\Users\Pablo\Desktop\ZHPDiag.txt
2014-04-30 22:52 - 2014-04-30 22:52 - 00000000 ____D () C:\ProgramData\AVG Security Toolbar
2014-04-30 11:58 - 2014-04-30 11:58 - 00014309 _____ () C:\Users\Pablo\Desktop\hijackthis.log
2014-04-30 10:59 - 2014-04-30 23:46 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-04-30 10:59 - 2014-04-30 10:59 - 01141680 _____ () C:\Users\Pablo\Downloads\SteamSetup.exe
2014-04-30 10:59 - 2014-04-30 10:59 - 00000925 _____ () C:\Users\Public\Desktop\Steam.lnk
2014-04-30 10:59 - 2014-04-30 10:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2014-04-30 10:14 - 2014-04-30 10:14 - 00001797 _____ () C:\Users\Pablo\Desktop\JRT.txt
2014-04-30 10:03 - 2014-04-30 10:03 - 00000000 ____D () C:\Windows\ERUNT
2014-04-30 09:59 - 2014-04-30 09:59 - 01016261 _____ (Thisisu) C:\Users\Pablo\Downloads\JRT.exe
2014-04-29 23:10 - 2014-04-29 23:10 - 00012651 _____ () C:\Users\Pablo\Desktop\hijackthisaaa
2014-04-29 22:54 - 2014-04-29 22:54 - 00000097 _____ () C:\files.log
2014-04-29 22:46 - 2014-04-29 22:54 - 00000070 _____ () C:\folders.log
2014-04-29 22:46 - 2014-04-29 22:54 - 00000000 ____D () C:\zoek
2014-04-29 22:31 - 2014-04-29 22:54 - 00019376 _____ () C:\zoek-results.log
2014-04-29 22:28 - 2014-04-29 22:54 - 00003247 _____ () C:\runcheck.txt
2014-04-29 22:28 - 2014-04-29 22:48 - 00000000 ____D () C:\zoek_backup
2014-04-29 22:28 - 2014-04-29 22:28 - 01285120 _____ () C:\Users\Pablo\Downloads\zoek.exe
2014-04-29 17:33 - 2014-04-29 17:33 - 00002248 _____ () C:\Users\Pablo\Downloads\980e9f00-52b0-4c9d-b9a3-300581d6daeb_1216132_P9_Pablo Ricardo Pereira (1).zip
2014-04-29 16:30 - 2014-04-29 16:30 - 00001157 _____ () C:\Users\Pablo\Desktop\aaa.txt
2014-04-29 13:13 - 2014-04-29 13:13 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-04-29 13:13 - 2014-04-29 13:13 - 00001064 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-04-29 13:13 - 2014-04-29 13:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-04-29 13:13 - 2014-04-29 13:13 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-04-29 13:13 - 2014-04-29 13:13 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-04-29 13:13 - 2014-04-03 09:51 - 00088280 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-04-29 13:13 - 2014-04-03 09:51 - 00063192 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-04-29 13:13 - 2014-04-03 09:50 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-04-29 13:11 - 2014-04-29 13:12 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\Pablo\Downloads\mbam-setup-2.0.1.1004.exe
2014-04-29 13:04 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
2014-04-29 13:03 - 2014-04-29 13:05 - 00000000 ____D () C:\AdwCleaner
2014-04-29 13:02 - 2014-04-29 13:02 - 01310621 _____ () C:\Users\Pablo\Downloads\AdwCleaner.exe
2014-04-29 12:53 - 2014-04-30 23:39 - 00000000 ____D () C:\Users\Pablo\AppData\Roaming\ZHP
2014-04-29 12:53 - 2014-04-30 23:21 - 00000000 ____D () C:\Program Files (x86)\ZHPDiag
2014-04-29 12:53 - 2014-04-29 12:53 - 00003170 _____ () C:\Windows\System32\Tasks\{FD1E0C56-4675-4558-AD57-9C5D77DB0A0D}
2014-04-29 12:53 - 2014-04-29 12:53 - 00001949 _____ () C:\Users\Pablo\Desktop\ZHPFix.lnk
2014-04-29 12:53 - 2014-04-29 12:53 - 00001822 _____ () C:\Users\Pablo\Desktop\ZHPDiag.lnk
2014-04-29 12:53 - 2014-04-29 12:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZHP
2014-04-29 12:51 - 2014-04-29 12:52 - 06780391 _____ (Nicolas Coolman ) C:\Users\Pablo\Downloads\ZHPDiag2.exe
2014-04-29 12:46 - 2014-04-29 12:46 - 00000864 _____ () C:\Users\Pablo\Desktop\MCShield-AllScans.txt
2014-04-29 12:44 - 2014-04-30 23:48 - 00000000 ____D () C:\ProgramData\MCShield
2014-04-29 12:44 - 2014-04-29 12:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MCShield
2014-04-29 12:44 - 2014-04-29 12:44 - 00000000 ____D () C:\Program Files (x86)\MCShield
2014-04-29 12:42 - 2014-04-29 12:42 - 02856736 _____ (MyCity) C:\Users\Pablo\Downloads\MCShield-Setup.exe
2014-04-29 12:32 - 2014-04-29 12:32 - 00013385 _____ () C:\Users\Pablo\Desktop\UsbFix_Report.txt
2014-04-29 12:30 - 2014-04-29 12:32 - 00013385 _____ () C:\UsbFix [Clean 2] PES.txt
2014-04-29 12:20 - 2014-04-29 12:32 - 00000000 ____D () C:\UsbFix
2014-04-29 12:20 - 2014-04-29 12:27 - 00001450 _____ () C:\Users\Pablo\Desktop\UsbFix.lnk
2014-04-29 12:10 - 2014-04-29 12:11 - 03006996 _____ (El Desaparecido - SosVirus.net - UsbFix.net) C:\Users\Pablo\Downloads\UsbFix.exe
2014-04-29 10:31 - 2014-04-29 12:48 - 00014095 _____ () C:\Users\Pablo\Downloads\hijackthis.log
2014-04-29 10:30 - 2014-04-29 10:30 - 00388608 _____ (Trend Micro Inc.) C:\Users\Pablo\Downloads\HijackThis.exe
2014-04-29 10:24 - 2014-04-29 10:24 - 00000000 ____D () C:\Users\Pablo\AppData\Roaming\AVG2014
2014-04-29 10:23 - 2014-04-29 10:23 - 00000985 _____ () C:\Users\Public\Desktop\AVG 2014.lnk
2014-04-29 10:23 - 2014-04-29 10:23 - 00000000 ____D () C:\Users\Pablo\AppData\Roaming\TuneUp Software
2014-04-29 10:23 - 2014-04-29 10:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2014-04-29 10:22 - 2014-04-29 22:55 - 00000000 ____D () C:\ProgramData\AVG2014
2014-04-29 10:22 - 2014-04-29 10:22 - 00000000 ____D () C:\Program Files (x86)\AVG
2014-04-29 10:22 - 2014-04-29 10:22 - 00000000 ____D () C:\$AVG
2014-04-29 10:09 - 2014-04-30 17:48 - 00000000 ____D () C:\ProgramData\MFAData
2014-04-29 10:09 - 2014-04-29 11:41 - 00000000 ____D () C:\Users\Pablo\AppData\Local\Avg2014
2014-04-29 10:09 - 2014-04-29 10:09 - 04485528 _____ (AVG Technologies) C:\Users\Pablo\Downloads\avg_free_stb_pb_2014_4577_free.exe
2014-04-29 10:09 - 2014-04-29 10:09 - 00000000 ____D () C:\Users\Pablo\AppData\Local\MFAData
2014-04-27 19:07 - 2014-04-28 17:27 - 00000000 ____D () C:\Users\Pablo\Desktop\FILSOFIA
2014-04-26 21:53 - 2014-04-24 21:00 - 00003009 _____ () C:\Users\Pablo\Desktop\exercicio.txt
2014-04-26 21:53 - 2014-04-24 21:00 - 00001105 _____ () C:\Users\Pablo\Desktop\774590_Aula%20220414%20Enunciado%20noite.txt
2014-04-26 18:38 - 2014-04-26 19:10 - 00000000 ____D () C:\Users\Pablo\AppData\Roaming\klavaro
2014-04-26 18:38 - 2014-04-26 18:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Klavaro
2014-04-24 22:48 - 2014-04-24 23:13 - 00000000 ____D () C:\xti
2014-04-24 22:42 - 2014-04-24 22:42 - 00001073 _____ () C:\Users\Pablo\Desktop\Notepad++.lnk
2014-04-24 22:41 - 2014-04-24 22:42 - 00000000 ____D () C:\Users\Pablo\AppData\Roaming\Notepad++
2014-04-24 22:41 - 2014-04-24 22:41 - 00000000 ____D () C:\Users\Pablo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Notepad++
2014-04-24 22:41 - 2014-04-24 22:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++
2014-04-24 22:41 - 2014-04-24 22:41 - 00000000 ____D () C:\Program Files (x86)\Notepad++
2014-04-24 10:09 - 2014-04-24 10:09 - 00313256 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-04-24 10:09 - 2014-04-24 10:09 - 00191400 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2014-04-24 10:09 - 2014-04-24 10:09 - 00190888 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2014-04-24 10:09 - 2014-04-24 10:09 - 00111016 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2014-04-24 10:08 - 2014-04-24 10:09 - 00000000 ____D () C:\Program Files\Java
2014-04-24 10:05 - 2014-04-24 10:23 - 00000000 ____D () C:\Users\Pablo\Desktop\JAVA
2014-04-20 14:07 - 2014-04-20 14:07 - 00002248 _____ () C:\Users\Pablo\Downloads\980e9f00-52b0-4c9d-b9a3-300581d6daeb_1216132_P9_Pablo Ricardo Pereira.zip
2014-04-18 23:32 - 2014-04-18 23:32 - 00002186 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Digital Editions 3.0.lnk
2014-04-18 23:32 - 2014-04-18 23:32 - 00000000 ____D () C:\Users\Pablo\Documents\My Digital Editions
2014-04-18 23:32 - 2014-04-18 23:32 - 00000000 ____D () C:\Users\Pablo\AppData\Local\Adobe_Systems_Incorporate
2014-04-18 23:32 - 2014-04-18 23:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe
2014-04-18 23:30 - 2014-04-18 23:32 - 06063152 _____ (Adobe Systems Incorporated) C:\Users\Pablo\Downloads\ADE_3.0_Installer.exe
2014-04-18 23:26 - 2014-04-18 23:26 - 00000000 ____D () C:\Users\Pablo\Downloads\LivroFilosofiaSeminário
2014-04-18 23:15 - 2014-04-18 23:17 - 04676323 _____ () C:\Users\Pablo\Downloads\LivroFilosofiaSeminário.zip
2014-04-18 23:03 - 2014-04-18 23:03 - 00000000 ____D () C:\Users\Pablo\Desktop\Normatização PUC
2014-04-18 15:01 - 2014-04-18 15:01 - 00237336 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgidsdrivera.sys
2014-04-18 11:06 - 2014-04-18 11:06 - 00000000 ____D () C:\Users\Pablo\Desktop\Guia 09
2014-04-18 10:57 - 2014-04-18 10:57 - 00000000 ____D () C:\Users\Pablo\AppData\Local\CrashRpt
2014-04-14 14:56 - 2014-04-14 14:56 - 00000017 _____ () C:\Users\Pablo\AppData\Local\resmon.resmoncfg
2014-04-14 12:59 - 2014-04-14 12:59 - 00000000 ____D () C:\Users\Pablo\Desktop\AutoCad
2014-04-13 11:30 - 2014-04-13 11:31 - 00000000 ____D () C:\Users\Pablo\Downloads\Guia 09
2014-04-08 23:07 - 2014-04-24 13:10 - 00000000 ____D () C:\Users\Pablo\Desktop\LABORATÓRIO
2014-04-06 11:46 - 2014-04-13 12:49 - 00000000 ____D () C:\Users\Pablo\Documents\Andreza
2014-04-05 20:22 - 2014-04-05 20:23 - 00089361 _____ () C:\Users\Pablo\Downloads\1664d993-3daf-4865-b4d0-6597b379e5cb_1222764_P15_Pablo Ricardo Pereira.zip
2014-04-02 18:36 - 2014-04-02 18:37 - 00000000 ____D () C:\PenClean
2014-04-02 18:29 - 2014-04-13 11:47 - 00002532 _____ () C:\Windows\WindowsUpdate.log
2014-04-02 15:32 - 2014-04-02 15:32 - 00000000 ____D () C:\Users\Pablo\Desktop\EstudarMatemática
2014-03-31 16:20 - 2014-03-31 16:20 - 00274200 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgtdia.sys
2014-03-31 16:06 - 2014-03-31 16:06 - 00130840 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgmfx64.sys
2014-03-31 15:24 - 2014-04-26 15:27 - 00000000 ____D () C:\Users\Pablo\Desktop\Documentos Para Rever
==================== One Month Modified Files and Folders =======
2014-04-30 23:50 - 2014-04-30 23:50 - 00021080 _____ () C:\Users\Pablo\Downloads\FRST.txt
2014-04-30 23:50 - 2014-04-30 23:50 - 00000000 ____D () C:\FRST
2014-04-30 23:49 - 2014-04-30 23:49 - 02061824 _____ (Farbar) C:\Users\Pablo\Downloads\FRST64.exe
2014-04-30 23:48 - 2014-04-29 12:44 - 00000000 ____D () C:\ProgramData\MCShield
2014-04-30 23:47 - 2014-03-03 15:34 - 00448316 _____ () C:\Windows\PFRO.log
2014-04-30 23:47 - 2014-03-03 15:34 - 00019172 _____ () C:\Windows\setupact.log
2014-04-30 23:47 - 2013-01-05 11:34 - 00000380 _____ () C:\Users\Pablo\AppData\Roaming\sp_data.sys
2014-04-30 23:47 - 2012-07-15 05:32 - 00000828 _____ () C:\Windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job
2014-04-30 23:47 - 2012-03-09 16:29 - 00001078 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-04-30 23:47 - 2009-07-14 02:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-04-30 23:46 - 2014-04-30 10:59 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-04-30 23:41 - 2013-05-27 20:17 - 00000902 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-04-30 23:39 - 2014-04-30 23:39 - 00001221 _____ () C:\Users\Pablo\Desktop\ZHPFixReport.txt
2014-04-30 23:39 - 2014-04-29 12:53 - 00000000 ____D () C:\Users\Pablo\AppData\Roaming\ZHP
2014-04-30 23:29 - 2014-04-30 23:29 - 00010357 _____ () C:\Windows\DirectX.log
2014-04-30 23:26 - 2009-07-14 01:45 - 00016752 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-04-30 23:26 - 2009-07-14 01:45 - 00016752 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-04-30 23:23 - 2014-04-30 23:23 - 00035770 _____ () C:\Users\Pablo\Desktop\ZHPDiag.txt
2014-04-30 23:21 - 2014-04-29 12:53 - 00000000 ____D () C:\Program Files (x86)\ZHPDiag
2014-04-30 23:09 - 2012-03-09 16:29 - 00001082 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-04-30 22:52 - 2014-04-30 22:52 - 00000000 ____D () C:\ProgramData\AVG Security Toolbar
2014-04-30 22:49 - 2012-07-15 05:37 - 00002452 _____ () C:\Windows\system32\AutoRunFilter.ini
2014-04-30 17:48 - 2014-04-29 10:09 - 00000000 ____D () C:\ProgramData\MFAData
2014-04-30 15:22 - 2014-03-09 12:58 - 00000000 ____D () C:\SUPERDelete
2014-04-30 15:22 - 2011-02-18 23:06 - 00781268 _____ () C:\Windows\system32\prfh0416.dat
2014-04-30 15:22 - 2011-02-18 23:06 - 00175484 _____ () C:\Windows\system32\prfc0416.dat
2014-04-30 15:22 - 2009-07-14 02:13 - 01846306 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-04-30 14:14 - 2012-07-15 05:32 - 00000830 _____ () C:\Windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job
2014-04-30 11:58 - 2014-04-30 11:58 - 00014309 _____ () C:\Users\Pablo\Desktop\hijackthis.log
2014-04-30 10:59 - 2014-04-30 10:59 - 01141680 _____ () C:\Users\Pablo\Downloads\SteamSetup.exe
2014-04-30 10:59 - 2014-04-30 10:59 - 00000925 _____ () C:\Users\Public\Desktop\Steam.lnk
2014-04-30 10:59 - 2014-04-30 10:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2014-04-30 10:14 - 2014-04-30 10:14 - 00001797 _____ () C:\Users\Pablo\Desktop\JRT.txt
2014-04-30 10:03 - 2014-04-30 10:03 - 00000000 ____D () C:\Windows\ERUNT
2014-04-30 09:59 - 2014-04-30 09:59 - 01016261 _____ (Thisisu) C:\Users\Pablo\Downloads\JRT.exe
2014-04-29 23:10 - 2014-04-29 23:10 - 00012651 _____ () C:\Users\Pablo\Desktop\hijackthisaaa
2014-04-29 22:55 - 2014-04-29 10:22 - 00000000 ____D () C:\ProgramData\AVG2014
2014-04-29 22:54 - 2014-04-29 22:54 - 00000097 _____ () C:\files.log
2014-04-29 22:54 - 2014-04-29 22:46 - 00000070 _____ () C:\folders.log
2014-04-29 22:54 - 2014-04-29 22:46 - 00000000 ____D () C:\zoek
2014-04-29 22:54 - 2014-04-29 22:31 - 00019376 _____ () C:\zoek-results.log
2014-04-29 22:54 - 2014-04-29 22:28 - 00003247 _____ () C:\runcheck.txt
2014-04-29 22:48 - 2014-04-29 22:28 - 00000000 ____D () C:\zoek_backup
2014-04-29 22:28 - 2014-04-29 22:28 - 01285120 _____ () C:\Users\Pablo\Downloads\zoek.exe
2014-04-29 22:25 - 2012-03-09 16:37 - 00000000 ____D () C:\Windows\ar
2014-04-29 17:36 - 2014-02-06 09:26 - 00000000 ____D () C:\Users\Pablo\Documents\Visual Studio 2010
2014-04-29 17:33 - 2014-04-29 17:33 - 00002248 _____ () C:\Users\Pablo\Downloads\980e9f00-52b0-4c9d-b9a3-300581d6daeb_1216132_P9_Pablo Ricardo Pereira (1).zip
2014-04-29 17:29 - 2014-02-23 22:31 - 00000000 ____D () C:\Users\Pablo\Desktop\Lista Reforço
2014-04-29 16:30 - 2014-04-29 16:30 - 00001157 _____ () C:\Users\Pablo\Desktop\aaa.txt
2014-04-29 13:13 - 2014-04-29 13:13 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-04-29 13:13 - 2014-04-29 13:13 - 00001064 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-04-29 13:13 - 2014-04-29 13:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-04-29 13:13 - 2014-04-29 13:13 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-04-29 13:13 - 2014-04-29 13:13 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-04-29 13:12 - 2014-04-29 13:11 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\Pablo\Downloads\mbam-setup-2.0.1.1004.exe
2014-04-29 13:05 - 2014-04-29 13:03 - 00000000 ____D () C:\AdwCleaner
2014-04-29 13:05 - 2013-01-05 11:34 - 00000000 ____D () C:\Users\Pablo
2014-04-29 13:02 - 2014-04-29 13:02 - 01310621 _____ () C:\Users\Pablo\Downloads\AdwCleaner.exe
2014-04-29 12:53 - 2014-04-29 12:53 - 00003170 _____ () C:\Windows\System32\Tasks\{FD1E0C56-4675-4558-AD57-9C5D77DB0A0D}
2014-04-29 12:53 - 2014-04-29 12:53 - 00001949 _____ () C:\Users\Pablo\Desktop\ZHPFix.lnk
2014-04-29 12:53 - 2014-04-29 12:53 - 00001822 _____ () C:\Users\Pablo\Desktop\ZHPDiag.lnk
2014-04-29 12:53 - 2014-04-29 12:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZHP
2014-04-29 12:52 - 2014-04-29 12:51 - 06780391 _____ (Nicolas Coolman ) C:\Users\Pablo\Downloads\ZHPDiag2.exe
2014-04-29 12:48 - 2014-04-29 10:31 - 00014095 _____ () C:\Users\Pablo\Downloads\hijackthis.log
2014-04-29 12:46 - 2014-04-29 12:46 - 00000864 _____ () C:\Users\Pablo\Desktop\MCShield-AllScans.txt
2014-04-29 12:44 - 2014-04-29 12:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MCShield
2014-04-29 12:44 - 2014-04-29 12:44 - 00000000 ____D () C:\Program Files (x86)\MCShield
2014-04-29 12:42 - 2014-04-29 12:42 - 02856736 _____ (MyCity) C:\Users\Pablo\Downloads\MCShield-Setup.exe
2014-04-29 12:32 - 2014-04-29 12:32 - 00013385 _____ () C:\Users\Pablo\Desktop\UsbFix_Report.txt
2014-04-29 12:32 - 2014-04-29 12:30 - 00013385 _____ () C:\UsbFix [Clean 2] PES.txt
2014-04-29 12:32 - 2014-04-29 12:20 - 00000000 ____D () C:\UsbFix
2014-04-29 12:27 - 2014-04-29 12:20 - 00001450 _____ () C:\Users\Pablo\Desktop\UsbFix.lnk
2014-04-29 12:27 - 2012-07-15 05:37 - 00001827 _____ () C:\Windows\system32\ServiceFilter.ini
2014-04-29 12:11 - 2014-04-29 12:10 - 03006996 _____ (El Desaparecido - SosVirus.net - UsbFix.net) C:\Users\Pablo\Downloads\UsbFix.exe
2014-04-29 11:41 - 2014-04-29 10:09 - 00000000 ____D () C:\Users\Pablo\AppData\Local\Avg2014
2014-04-29 10:31 - 2013-01-05 11:34 - 00000000 ____D () C:\Users\Pablo\AppData\Local\VirtualStore
2014-04-29 10:30 - 2014-04-29 10:30 - 00388608 _____ (Trend Micro Inc.) C:\Users\Pablo\Downloads\HijackThis.exe
2014-04-29 10:24 - 2014-04-29 10:24 - 00000000 ____D () C:\Users\Pablo\AppData\Roaming\AVG2014
2014-04-29 10:23 - 2014-04-29 10:23 - 00000985 _____ () C:\Users\Public\Desktop\AVG 2014.lnk
2014-04-29 10:23 - 2014-04-29 10:23 - 00000000 ____D () C:\Users\Pablo\AppData\Roaming\TuneUp Software
2014-04-29 10:23 - 2014-04-29 10:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2014-04-29 10:22 - 2014-04-29 10:22 - 00000000 ____D () C:\Program Files (x86)\AVG
2014-04-29 10:22 - 2014-04-29 10:22 - 00000000 ____D () C:\$AVG
2014-04-29 10:09 - 2014-04-29 10:09 - 04485528 _____ (AVG Technologies) C:\Users\Pablo\Downloads\avg_free_stb_pb_2014_4577_free.exe
2014-04-29 10:09 - 2014-04-29 10:09 - 00000000 ____D () C:\Users\Pablo\AppData\Local\MFAData
2014-04-28 17:27 - 2014-04-27 19:07 - 00000000 ____D () C:\Users\Pablo\Desktop\FILSOFIA
2014-04-27 16:19 - 2012-03-09 16:52 - 00000286 __RSH () C:\ProgramData\ntuser.pol
2014-04-26 19:10 - 2014-04-26 18:38 - 00000000 ____D () C:\Users\Pablo\AppData\Roaming\klavaro
2014-04-26 18:38 - 2014-04-26 18:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Klavaro
2014-04-26 16:57 - 2013-01-06 14:46 - 00000000 ____D () C:\Users\Pablo\AppData\Roaming\vlc
2014-04-26 15:27 - 2014-03-31 15:24 - 00000000 ____D () C:\Users\Pablo\Desktop\Documentos Para Rever
2014-04-24 23:13 - 2014-04-24 22:48 - 00000000 ____D () C:\xti
2014-04-24 22:42 - 2014-04-24 22:42 - 00001073 _____ () C:\Users\Pablo\Desktop\Notepad++.lnk
2014-04-24 22:42 - 2014-04-24 22:41 - 00000000 ____D () C:\Users\Pablo\AppData\Roaming\Notepad++
2014-04-24 22:41 - 2014-04-24 22:41 - 00000000 ____D () C:\Users\Pablo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Notepad++
2014-04-24 22:41 - 2014-04-24 22:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++
2014-04-24 22:41 - 2014-04-24 22:41 - 00000000 ____D () C:\Program Files (x86)\Notepad++
2014-04-24 21:00 - 2014-04-26 21:53 - 00003009 _____ () C:\Users\Pablo\Desktop\exercicio.txt
2014-04-24 21:00 - 2014-04-26 21:53 - 00001105 _____ () C:\Users\Pablo\Desktop\774590_Aula%20220414%20Enunciado%20noite.txt
2014-04-24 13:10 - 2014-04-08 23:07 - 00000000 ____D () C:\Users\Pablo\Desktop\LABORATÓRIO
2014-04-24 10:23 - 2014-04-24 10:05 - 00000000 ____D () C:\Users\Pablo\Desktop\JAVA
2014-04-24 10:09 - 2014-04-24 10:09 - 00313256 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-04-24 10:09 - 2014-04-24 10:09 - 00191400 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2014-04-24 10:09 - 2014-04-24 10:09 - 00190888 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2014-04-24 10:09 - 2014-04-24 10:09 - 00111016 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2014-04-24 10:09 - 2014-04-24 10:08 - 00000000 ____D () C:\Program Files\Java
2014-04-24 10:08 - 2013-11-12 22:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java Development Kit
2014-04-24 10:08 - 2013-11-12 22:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-04-23 22:39 - 2013-01-05 11:34 - 00140856 _____ () C:\Users\Pablo\AppData\Local\GDIPFONTCACHEV1.DAT
2014-04-23 22:37 - 2009-07-14 01:45 - 00480680 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-04-21 20:11 - 2013-03-15 12:02 - 00000000 ____D () C:\Users\Pablo\Documents\Pablo
2014-04-20 14:07 - 2014-04-20 14:07 - 00002248 _____ () C:\Users\Pablo\Downloads\980e9f00-52b0-4c9d-b9a3-300581d6daeb_1216132_P9_Pablo Ricardo Pereira.zip
2014-04-18 23:35 - 2013-01-06 18:51 - 00000000 ____D () C:\Users\Pablo\Desktop\Programas
2014-04-18 23:32 - 2014-04-18 23:32 - 00002186 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Digital Editions 3.0.lnk
2014-04-18 23:32 - 2014-04-18 23:32 - 00000000 ____D () C:\Users\Pablo\Documents\My Digital Editions
2014-04-18 23:32 - 2014-04-18 23:32 - 00000000 ____D () C:\Users\Pablo\AppData\Local\Adobe_Systems_Incorporate
2014-04-18 23:32 - 2014-04-18 23:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe
2014-04-18 23:32 - 2014-04-18 23:30 - 06063152 _____ (Adobe Systems Incorporated) C:\Users\Pablo\Downloads\ADE_3.0_Installer.exe
2014-04-18 23:32 - 2012-03-09 16:29 - 00000000 ____D () C:\Program Files (x86)\Adobe
2014-04-18 23:26 - 2014-04-18 23:26 - 00000000 ____D () C:\Users\Pablo\Downloads\LivroFilosofiaSeminário
2014-04-18 23:17 - 2014-04-18 23:15 - 04676323 _____ () C:\Users\Pablo\Downloads\LivroFilosofiaSeminário.zip
2014-04-18 23:03 - 2014-04-18 23:03 - 00000000 ____D () C:\Users\Pablo\Desktop\Normatização PUC
2014-04-18 15:01 - 2014-04-18 15:01 - 00237336 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgidsdrivera.sys
2014-04-18 11:26 - 2013-10-30 23:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2014-04-18 11:06 - 2014-04-18 11:06 - 00000000 ____D () C:\Users\Pablo\Desktop\Guia 09
2014-04-18 10:57 - 2014-04-18 10:57 - 00000000 ____D () C:\Users\Pablo\AppData\Local\CrashRpt
2014-04-15 13:07 - 2009-07-14 02:08 - 00032608 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-04-14 15:23 - 2014-02-06 09:14 - 00000000 ____D () C:\Users\Pablo\Desktop\Estudo
2014-04-14 14:56 - 2014-04-14 14:56 - 00000017 _____ () C:\Users\Pablo\AppData\Local\resmon.resmoncfg
2014-04-14 12:59 - 2014-04-14 12:59 - 00000000 ____D () C:\Users\Pablo\Desktop\AutoCad
2014-04-13 12:49 - 2014-04-06 11:46 - 00000000 ____D () C:\Users\Pablo\Documents\Andreza
2014-04-13 11:47 - 2014-04-02 18:29 - 00002532 _____ () C:\Windows\WindowsUpdate.log
2014-04-13 11:31 - 2014-04-13 11:30 - 00000000 ____D () C:\Users\Pablo\Downloads\Guia 09
2014-04-05 20:23 - 2014-04-05 20:22 - 00089361 _____ () C:\Users\Pablo\Downloads\1664d993-3daf-4865-b4d0-6597b379e5cb_1222764_P15_Pablo Ricardo Pereira.zip
2014-04-03 14:30 - 2009-07-14 00:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-04-03 09:51 - 2014-04-29 13:13 - 00088280 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-04-03 09:51 - 2014-04-29 13:13 - 00063192 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-04-03 09:50 - 2014-04-29 13:13 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-04-02 18:37 - 2014-04-02 18:36 - 00000000 ____D () C:\PenClean
2014-04-02 18:29 - 2009-07-14 00:20 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2014-04-02 15:32 - 2014-04-02 15:32 - 00000000 ____D () C:\Users\Pablo\Desktop\EstudarMatemática
2014-03-31 16:20 - 2014-03-31 16:20 - 00274200 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgtdia.sys
2014-03-31 16:06 - 2014-03-31 16:06 - 00130840 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgmfx64.sys
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2014-04-29 11:11
==================== End Of Log ============================
pabloescobar- Membro
- Mensagens : 68
Reputação : 0
Data de inscrição : 17/04/2014
Localização : Minas Gerais
Re: Fotos Slides Movie nos pendrives e PC
por Power Max Qui 01 maio 2014, 00:46
Acesse o site [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] e envie este arquivo arquivo destacado em azul abaixo para ser analisado e assim que for concluída a verificação copie o link que aparecerá na barra de endereços de seu navegador e poste este link em sua próxima resposta juntamente com o log do Farbar pedido abaixo:C:\Program Files\Unlocker\UnlockerDriver5.sys
Maiores detalhes de como usar o Virscan você encontra neste tutorial:
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
__________________________________________________________________________________
Baixe o arquivo fixlist.txt que está anexado nesta postagem e salve-o no mesmo lugar onde você deixou o Farbar (FRST64), que é este local abaixo:C:\Users\Pablo\Downloads
Execute o FRST64. Clique no botão Fix.
Aguarde e ao final, o log Fixlog.txt será salvo no seu desktop.
Selecione, copie e cole o conteúdo deste Fixlog.txt em sua próxima resposta juntamente com o link da análise do arquivo no site VirScan.
Power Max- Colaborador
- Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009
Re: Fotos Slides Movie nos pendrives e PC
por Power Max Qui 01 maio 2014, 01:08
Fez os procedimentos?
Power Max- Colaborador
- Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009
Fotos Slides Movie nos pendrives e PC
por pabloescobar Qui 01 maio 2014, 09:35
Relatório virscan
Informações do Arquivo
Nome do Arquivo : UnlockerDriver5.sys
Tamanho do Arquivo : 12352 byte
Tipo do Arquivo : PE32+ executable for MS Windows (native) Mono/.Net assembly
MD5 : 9dc07e73a4abb9acf692113b36a5009f
SHA1 : 0c45b0fa0718e5aba0f21f14178597a1ed3fc208
Resultado da Verificação : Todos os softwares reportaram que não encontraram códigos maliciosos!
Tempo : 2014/05/01 20:29:08 (CST)
Software ↓ Versão Versão Ass. Data Ass. Resultado da verificação Tempo
a-squared 5.1.0.4 00050000000000 0005-00-00
-
0.961
AhnLab V3 2013.05.28.00 2013.05.28 2013-05-28
-
9.050
AntiVir 1.9.159.0 1.9.2.0 7.11.142.34
-
10.472
Antiy 2.0.18 2.0.18. 0002-18-00
-
0.244
Arcavir 2011 201404280156 2014-04-28
-
7.320
Authentium 5.3.14 5.3.14 0005-14-00
-
0.795
AVAST! 4.7.4 140408-2 2014-04-08
-
0.241
AVG 10.0.1405 2109/6813 2014-04-07
-
0.312
BitDefender 7.90123.11843217 7.54121 2014-04-18
-
8.186
ClamAV 0.97.8 18762 2014-04-09
-
0.219
Comodo 5.1 15023 2013-12-15
-
2.494
CP Secure 1.3.0.5 2013.10.19 2013-10-19
-
0.225
Dr.Web 5.0.2.3300 2014.05.01 2014-05-01
-
27.251
F-Prot 4.6.2.117 20140201 2014-02-01
-
0.788
F-Secure 7.02.73807 2014.04.08.04 2014-04-08
-
0.276
Fortinet 4.3.392 16.549 2014-04-17
-
0.168
GData 22.14422 20131216 2013-12-16
-
17.180
Ikarus T3.1.32.10.0 ..1.32.10.0. --1.32.10.0
-
4.152
JiangMin 16.0.100 2013.02.09 2013-02-09
-
33.490
Kaspersky 5.5.10 2013.07.09 2013-07-09
-
0.000
KingSoft 2009.2.5.15 2014.4.9.9 2014-04-09
-
2.977
McAfee 5400.1158 7420 2014-04-26
-
10.947
Microsoft 1.10100 2013.12.15 2013-12-15
-
5.984
NOD32 3.0.21 9357 2014-01-30
-
0.226
Norman 6.8.3 201305031020 2013-05-03
-
0.248
nProtect 20131227.01 16183671 2013-12-27
-
2.325
Panda 9.05.01 2013.01.22 2013-01-22
-
6.872
Quick Heal 11.00 2014.01.03 2014-01-03
-
1.880
Rising 20.0 24.46.00.03 2013-01-21
-
0.260
Sophos 3.16.1 4.62 2014-04-09
-
2.952
Sunbelt 3.9.2585.2 28176 2014-04-09
-
0.915
Symantec 1.3.0.24 20130909.001 2013-09-09
-
0.474
The Hacker 6.8.0.5 v00379 2013-12-15
-
0.790
Trend Micro 9.500-1005 10.716.03 2014-04-09
-
0.242
VBA32 3.12.26.0 20140428.1033 2014-04-28
-
2.836
ViRobot 20140324 2014.03.24 2014-03-24
-
0.448
VirusBuster 5.5.2.13 15.0.704.0/15404454 2014-02-11
-
10.430
Informações do Arquivo
Nome do Arquivo : UnlockerDriver5.sys
Tamanho do Arquivo : 12352 byte
Tipo do Arquivo : PE32+ executable for MS Windows (native) Mono/.Net assembly
MD5 : 9dc07e73a4abb9acf692113b36a5009f
SHA1 : 0c45b0fa0718e5aba0f21f14178597a1ed3fc208
Resultado da Verificação : Todos os softwares reportaram que não encontraram códigos maliciosos!
Tempo : 2014/05/01 20:29:08 (CST)
Software ↓ Versão Versão Ass. Data Ass. Resultado da verificação Tempo
a-squared 5.1.0.4 00050000000000 0005-00-00
-
0.961
AhnLab V3 2013.05.28.00 2013.05.28 2013-05-28
-
9.050
AntiVir 1.9.159.0 1.9.2.0 7.11.142.34
-
10.472
Antiy 2.0.18 2.0.18. 0002-18-00
-
0.244
Arcavir 2011 201404280156 2014-04-28
-
7.320
Authentium 5.3.14 5.3.14 0005-14-00
-
0.795
AVAST! 4.7.4 140408-2 2014-04-08
-
0.241
AVG 10.0.1405 2109/6813 2014-04-07
-
0.312
BitDefender 7.90123.11843217 7.54121 2014-04-18
-
8.186
ClamAV 0.97.8 18762 2014-04-09
-
0.219
Comodo 5.1 15023 2013-12-15
-
2.494
CP Secure 1.3.0.5 2013.10.19 2013-10-19
-
0.225
Dr.Web 5.0.2.3300 2014.05.01 2014-05-01
-
27.251
F-Prot 4.6.2.117 20140201 2014-02-01
-
0.788
F-Secure 7.02.73807 2014.04.08.04 2014-04-08
-
0.276
Fortinet 4.3.392 16.549 2014-04-17
-
0.168
GData 22.14422 20131216 2013-12-16
-
17.180
Ikarus T3.1.32.10.0 ..1.32.10.0. --1.32.10.0
-
4.152
JiangMin 16.0.100 2013.02.09 2013-02-09
-
33.490
Kaspersky 5.5.10 2013.07.09 2013-07-09
-
0.000
KingSoft 2009.2.5.15 2014.4.9.9 2014-04-09
-
2.977
McAfee 5400.1158 7420 2014-04-26
-
10.947
Microsoft 1.10100 2013.12.15 2013-12-15
-
5.984
NOD32 3.0.21 9357 2014-01-30
-
0.226
Norman 6.8.3 201305031020 2013-05-03
-
0.248
nProtect 20131227.01 16183671 2013-12-27
-
2.325
Panda 9.05.01 2013.01.22 2013-01-22
-
6.872
Quick Heal 11.00 2014.01.03 2014-01-03
-
1.880
Rising 20.0 24.46.00.03 2013-01-21
-
0.260
Sophos 3.16.1 4.62 2014-04-09
-
2.952
Sunbelt 3.9.2585.2 28176 2014-04-09
-
0.915
Symantec 1.3.0.24 20130909.001 2013-09-09
-
0.474
The Hacker 6.8.0.5 v00379 2013-12-15
-
0.790
Trend Micro 9.500-1005 10.716.03 2014-04-09
-
0.242
VBA32 3.12.26.0 20140428.1033 2014-04-28
-
2.836
ViRobot 20140324 2014.03.24 2014-03-24
-
0.448
VirusBuster 5.5.2.13 15.0.704.0/15404454 2014-02-11
-
10.430
pabloescobar- Membro
- Mensagens : 68
Reputação : 0
Data de inscrição : 17/04/2014
Localização : Minas Gerais
Re: Fotos Slides Movie nos pendrives e PC
por Power Max Qui 01 maio 2014, 09:36
Falta só executar o outro procedimento que te passei e postar o log.
Power Max- Colaborador
- Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009
Fotos Slides Movie nos pendrives e PC
por pabloescobar Qui 01 maio 2014, 09:38
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 01-05-2014
Ran by Pablo (administrator) on PES on 01-05-2014 09:36:18
Running from C:\Users\Pablo\Downloads
Windows 7 Home Basic Service Pack 1 (X64) OS Language: Portuguese Brazilian
Internet Explorer Version 9
Boot Mode: Normal
The only official download link for FRST:
Download link for 32-Bit version: [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Download link for 64-Bit Version: [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
==================== Processes (Whitelisted) =================
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgrsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgcsrva.exe
(The Within Network, LLC) C:\Windows\UnsignedThemesSvc.exe
(ASUSTeK Computer Inc.) C:\Windows\System32\FBAgent.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(Microsoft Corporation) C:\Windows\System32\wisptis.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore64.exe
(ASUS) C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnSrv.exe
() C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe
() C:\ProgramData\DatacardService\HWDeviceService64.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
() C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(ASUS) C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnWMI.exe
(Microsoft Corporation) C:\Windows\System32\wisptis.exe
(ASUS) C:\Program Files\ASUS\P4G\BatteryLife.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
(Huawei Technologies Co., Ltd.) C:\ProgramData\DatacardService\DCSHelper.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\FaceLogon\sensorsrv.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Virtual Touch\QuickGesture\x86\QuickGesture.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Virtual Touch\QuickGesture\x64\QuickGesture64.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(ASUSTeK) C:\Windows\SysWOW64\ACEngSvr.exe
(ASUS) C:\Windows\AsScrPro.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgnsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgemca.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(http://winaero.com/) C:\Program Files (x86)\winaero.com\Personalization Panel DWM Controller\persdwmsrv.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(SUPERAntiSpyware) C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(MyCity) C:\Program Files (x86)\MCShield\MCShieldRTM.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgui.exe
(Huawei Technologies Co., Ltd.) C:\Users\Pablo\AppData\Roaming\VIVO INTERNET\ouc.exe
(Trend Micro Inc.) C:\Program Files\Trend Micro\Titanium\TiMiniService.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe
(Trend Micro Inc.) C:\Program Files\Trend Micro\Titanium\TiResumeSrv.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [VizorHtmlDialog.exe] => C:\Program Files\Trend Micro\Titanium\UIFramework\VizorHtmlDialog.exe [1654992 2011-10-26] (Trend Micro Inc.)
HKLM\...\Run: [Trend Micro Client Framework] => C:\Program Files\Trend Micro\UniClient\UiFrmWrk\UIWatchDog.exe [213824 2011-10-04] (Trend Micro Inc.)
HKLM\...\Run: [Trend Micro Titanium] => C:\Program Files\Trend Micro\Titanium\VizorShortCut.exe [416992 2011-08-02] (Trend Micro Inc.)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2661672 2012-02-19] (ELAN Microelectronics Corp.)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291608 2012-02-27] (Intel Corporation)
HKLM-x32\...\Run: [ATKOSD2] => C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [322176 2012-02-16] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [HControlUser] => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe [105016 2009-06-19] (ASUS)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [224128 2014-03-18] (Oracle Corporation)
HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\AVG2014\avgui.exe [5180432 2014-04-06] (AVG Technologies CZ, s.r.o.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-1322692611-2876088620-685211800-1000\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [6563608 2014-03-03] (SUPERAntiSpyware)
HKU\S-1-5-21-1322692611-2876088620-685211800-1000\...\Run: [HW_OPENEYE_OUC_VIVO INTERNET] => C:\Program Files (x86)\VIVO INTERNET\UpdateDog\ouc.exe [110592 2009-07-27] (Huawei Technologies Co., Ltd.)
HKU\S-1-5-21-1322692611-2876088620-685211800-1000\...\Run: [MCShield Monitor] => C:\Program Files (x86)\MCShield\mcshieldrtm.exe [650816 2014-04-11] (MyCity)
HKU\S-1-5-21-1322692611-2876088620-685211800-1000\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKCU - DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
BHO: TmIEPlugInBHO Class - {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - C:\Program Files\Trend Micro\AMSP\Module\20004\2.0.1313\6.8.1072\TmIEPlg.dll (Trend Micro Inc.)
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre8\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: TmBpIeBHO Class - {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\Program Files\Trend Micro\AMSP\Module\20002\7.0.1081\7.0.1081\TmBpIe64.dll (Trend Micro Inc.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre8\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: TmIEPlugInBHO Class - {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - C:\Program Files\Trend Micro\AMSP\Module\20004\2.0.1313\6.8.1072\TmIEPlg32.dll (Trend Micro Inc.)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: TmBpIeBHO Class - {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\Program Files\Trend Micro\AMSP\Module\20002\7.0.1081\7.0.1081\TmBpIe32.dll (Trend Micro Inc.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Microsoft Web Test Recorder 10.0 Helper - {DDA57003-0068-4ed2-9D32-4D1EC707D94D} - d:\PUC\Visual Studio\Common7\IDE\PrivateAssemblies\Microsoft.VisualStudio.QualityTools.RecorderBarBHO100.dll (Microsoft Corporation)
Handler: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\Module\20002\7.0.1081\7.0.1081\TmBpIe64.dll (Trend Micro Inc.)
Handler: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend Micro\AMSP\Module\20004\2.0.1313\6.8.1072\TmIEPlg.dll (Trend Micro Inc.)
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll No File
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Handler-x32: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\Module\20002\7.0.1081\7.0.1081\TmBpIe32.dll (Trend Micro Inc.)
Handler-x32: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend Micro\AMSP\Module\20004\2.0.1313\6.8.1072\TmIEPlg32.dll (Trend Micro Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
FireFox:
========
FF Plugin: @java.com/DTPlugin,version=11.5.2 - C:\Program Files\Java\jre8\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.5.2 - C:\Program Files\Java\jre8\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32.dll No File
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @real.com/nppl3260;version=6.0.12.450 - C:\Program Files (x86)\Real Alternative\browser\plugins\nppl3260.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpjplug;version=6.0.12.448 - C:\Program Files (x86)\Real Alternative\browser\plugins\nprpjplug.dll (RealNetworks, Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.3 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF HKLM-x32\...\Firefox\Extensions: [{38783831-6098-4faa-A9C9-1EE1E343F4D2}] - C:\Program Files\Trend Micro\AMSP\Module\20002\7.0.1081\7.0.1081\firefoxextension
FF Extension: Trend Micro BEP Firefox Extension - C:\Program Files\Trend Micro\AMSP\Module\20002\7.0.1081\7.0.1081\firefoxextension [2012-03-09]
FF HKLM-x32\...\Firefox\Extensions: [{22C7F6C6-8D67-4534-92B5-529A0EC09405}] - C:\Program Files\Trend Micro\AMSP\module\20004\FxExt\firefoxextension\
FF Extension: Trend Micro NSC Firefox Extension - C:\Program Files\Trend Micro\AMSP\module\20004\FxExt\firefoxextension\ []
Chrome:
=======
CHR HomePage:
CHR DefaultSearchKeyword: google.com.br
CHR Extension: (Google Drive) - C:\Users\Pablo\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-01-06]
CHR Extension: (YouTube) - C:\Users\Pablo\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-01-06]
CHR Extension: (Pesquisa do Google) - C:\Users\Pablo\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-01-06]
CHR Extension: (Google Wallet) - C:\Users\Pablo\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-26]
CHR Extension: (Gmail) - C:\Users\Pablo\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-01-06]
==================== Services (Whitelisted) =================
R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [140672 2012-07-11] (SUPERAntiSpyware.com)
R2 ASUS InstantOn; C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnSrv.exe [277120 2012-04-13] (ASUS)
R2 Autodesk Content Service; C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [18656 2011-02-02] ()
R2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe [3645456 2014-04-18] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe [291912 2014-03-27] (AVG Technologies CZ, s.r.o.)
R2 HWDeviceService64.exe; C:\ProgramData\DatacardService\HWDeviceService64.exe [339456 2010-11-16] ()
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [128280 2012-02-21] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [161560 2012-02-21] (Intel Corporation)
R2 MSSQL$SQLEXPRESS; C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [57617752 2009-03-30] (Microsoft Corporation)
R2 persdwmsrv; C:\Program Files (x86)\winaero.com\Personalization Panel DWM Controller\persdwmsrv.exe [8192 2012-04-07] (http://winaero.com/)
S4 SQLAgent$SQLEXPRESS; C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [427880 2009-03-30] (Microsoft Corporation)
R3 TiMiniService; C:\Program Files\Trend Micro\Titanium\TiMiniService.exe [247072 2011-08-02] (Trend Micro Inc.)
R2 UnsignedThemes; C:\Windows\UnsignedThemesSvc.exe [24168 2009-07-13] (The Within Network, LLC)
S3 Amsp; "C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe" coreFrameworkHost.exe -m=rb -dt=60000 -ad [X]
==================== Drivers (Whitelisted) ====================
R3 AiCharger; C:\Windows\SysWOW64\DRIVERS\AiCharger.sys [17152 2012-02-29] (ASUSTek Computer Inc.)
R3 AsusVBus; C:\Windows\System32\DRIVERS\AsusVBus.sys [35968 2012-04-11] (Windows (R) Win 7 DDK provider)
R3 AsusVTouch; C:\Windows\System32\DRIVERS\AsusVTouch.sys [16512 2012-04-11] (Windows (R) Win 7 DDK provider)
R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [153368 2014-03-27] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [237336 2014-04-18] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [192792 2014-03-27] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [236824 2014-03-27] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [324376 2014-03-27] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [130840 2014-03-31] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [32536 2014-03-27] (AVG Technologies CZ, s.r.o.)
R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [274200 2014-03-31] (AVG Technologies CZ, s.r.o.)
R3 kbfiltr; C:\Windows\System32\DRIVERS\kbfiltr.sys [15416 2009-07-20] ( )
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
S3 Serial; C:\Windows\system32\drivers\serial.sys [94208 2009-07-13] (Brother Industries Ltd.)
R1 tmactmon; C:\Windows\System32\DRIVERS\tmactmon.sys [91920 2011-08-11] (Trend Micro Inc.)
R1 tmcomm; C:\Windows\System32\DRIVERS\tmcomm.sys [167696 2011-08-11] (Trend Micro Inc.)
R1 tmevtmgr; C:\Windows\System32\DRIVERS\tmevtmgr.sys [70928 2011-08-11] (Trend Micro Inc.)
R1 tmtdi; C:\Windows\System32\DRIVERS\tmtdi.sys [105744 2011-09-29] (Trend Micro Inc.)
U5 UnlockerDriver5; C:\Program Files\Unlocker\UnlockerDriver5.sys [12352 2010-07-01] () <===== ATTENTION Necurs Rootkit?
R2 uxpatch; C:\Windows\system32\drivers\uxpatch.sys [30568 2009-07-13] ()
S3 VSPerfDrv100; d:\PUC\Visual Studio\Team Tools\Performance Tools\x64\VSPerfDrv100.sys [68440 2010-03-17] (Microsoft Corporation)
S3 BdApiUtil; \??\C:\Program Files (x86)\Baidu Security\Baidu Antivirus\BdApiUtil64.sys [X]
S3 BdCameraProtect; \??\C:\Program Files (x86)\Baidu Security\Baidu Antivirus\BdCameraProtect64.sys [X]
S3 BprotectEx; \??\C:\Windows\System32\drivers\BprotectEx.sys [X]
S3 GGSAFERDriver; \??\D:\WC3\GarenaPlus\Garena Plus\Room\safedrv.sys [X]
S3 hwusbdev; system32\DRIVERS\ewusbdev.sys [X]
S3 PCFApiUtil; \??\C:\Program Files (x86)\Baidu Security\PC Faster\4.0.0.0\PCFApiUtil64.sys [X]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-05-01 09:31 - 2014-05-01 09:31 - 00000872 _____ () C:\Users\Pablo\Downloads\fixlist.txt
2014-04-30 23:51 - 2014-04-30 23:52 - 00040662 _____ () C:\Users\Pablo\Downloads\Addition.txt
2014-04-30 23:50 - 2014-05-01 09:36 - 00021083 _____ () C:\Users\Pablo\Downloads\FRST.txt
2014-04-30 23:50 - 2014-05-01 09:36 - 00000000 ____D () C:\FRST
2014-04-30 23:49 - 2014-04-30 23:49 - 02061824 _____ (Farbar) C:\Users\Pablo\Downloads\FRST64.exe
2014-04-30 23:39 - 2014-04-30 23:39 - 00001221 _____ () C:\Users\Pablo\Desktop\ZHPFixReport.txt
2014-04-30 23:30 - 2010-06-02 04:55 - 00527192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_7.dll
2014-04-30 23:30 - 2010-06-02 04:55 - 00518488 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_7.dll
2014-04-30 23:30 - 2010-06-02 04:55 - 00239960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_7.dll
2014-04-30 23:30 - 2010-06-02 04:55 - 00176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_7.dll
2014-04-30 23:30 - 2010-06-02 04:55 - 00077656 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_5.dll
2014-04-30 23:30 - 2010-06-02 04:55 - 00074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_5.dll
2014-04-30 23:30 - 2010-05-26 11:41 - 02526056 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_43.dll
2014-04-30 23:30 - 2010-05-26 11:41 - 02401112 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_43.dll
2014-04-30 23:30 - 2010-05-26 11:41 - 02106216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_43.dll
2014-04-30 23:30 - 2010-05-26 11:41 - 01998168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_43.dll
2014-04-30 23:30 - 2010-05-26 11:41 - 01907552 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_43.dll
2014-04-30 23:30 - 2010-05-26 11:41 - 01868128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_43.dll
2014-04-30 23:30 - 2010-05-26 11:41 - 00511328 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_43.dll
2014-04-30 23:30 - 2010-05-26 11:41 - 00470880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_43.dll
2014-04-30 23:30 - 2010-05-26 11:41 - 00276832 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_43.dll
2014-04-30 23:30 - 2010-05-26 11:41 - 00248672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_43.dll
2014-04-30 23:30 - 2010-02-04 10:01 - 00530776 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_6.dll
2014-04-30 23:30 - 2010-02-04 10:01 - 00528216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_6.dll
2014-04-30 23:30 - 2010-02-04 10:01 - 00238936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_6.dll
2014-04-30 23:30 - 2010-02-04 10:01 - 00176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_6.dll
2014-04-30 23:30 - 2010-02-04 10:01 - 00078680 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_4.dll
2014-04-30 23:30 - 2010-02-04 10:01 - 00074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_4.dll
2014-04-30 23:30 - 2010-02-04 10:01 - 00024920 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_7.dll
2014-04-30 23:30 - 2010-02-04 10:01 - 00022360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_7.dll
2014-04-30 23:30 - 2009-09-04 17:44 - 00517960 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_5.dll
2014-04-30 23:30 - 2009-09-04 17:44 - 00238936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_5.dll
2014-04-30 23:30 - 2009-09-04 17:44 - 00176968 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_5.dll
2014-04-30 23:30 - 2009-09-04 17:29 - 05554512 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_42.dll
2014-04-30 23:30 - 2009-09-04 17:29 - 05501792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_42.dll
2014-04-30 23:29 - 2014-04-30 23:29 - 00010357 _____ () C:\Windows\DirectX.log
2014-04-30 23:29 - 2009-09-04 17:44 - 00073544 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_3.dll
2014-04-30 23:29 - 2009-03-16 14:18 - 00521560 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_4.dll
2014-04-30 23:29 - 2009-03-16 14:18 - 00517448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_4.dll
2014-04-30 23:29 - 2009-03-16 14:18 - 00235352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_4.dll
2014-04-30 23:29 - 2009-03-16 14:18 - 00174936 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_4.dll
2014-04-30 23:29 - 2009-03-16 14:18 - 00024920 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_6.dll
2014-04-30 23:29 - 2009-03-16 14:18 - 00022360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_6.dll
2014-04-30 23:29 - 2009-03-09 15:27 - 05425496 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_41.dll
2014-04-30 23:29 - 2009-03-09 15:27 - 04178264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_41.dll
2014-04-30 23:29 - 2009-03-09 15:27 - 02430312 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_41.dll
2014-04-30 23:29 - 2009-03-09 15:27 - 00520544 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_41.dll
2014-04-30 23:29 - 2008-10-27 10:04 - 00518480 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_3.dll
2014-04-30 23:29 - 2008-10-27 10:04 - 00514384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_3.dll
2014-04-30 23:29 - 2008-10-27 10:04 - 00235856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_3.dll
2014-04-30 23:29 - 2008-10-27 10:04 - 00175440 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_3.dll
2014-04-30 23:29 - 2008-10-27 10:04 - 00074576 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_2.dll
2014-04-30 23:29 - 2008-10-27 10:04 - 00070992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_2.dll
2014-04-30 23:29 - 2008-10-27 10:04 - 00025936 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_5.dll
2014-04-30 23:29 - 2008-10-27 10:04 - 00023376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_5.dll
2014-04-30 23:29 - 2008-10-15 06:22 - 05631312 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_40.dll
2014-04-30 23:29 - 2008-10-15 06:22 - 04379984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_40.dll
2014-04-30 23:29 - 2008-10-15 06:22 - 02605920 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_40.dll
2014-04-30 23:29 - 2008-10-15 06:22 - 02036576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_40.dll
2014-04-30 23:29 - 2008-10-15 06:22 - 00519000 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_40.dll
2014-04-30 23:29 - 2008-10-15 06:22 - 00452440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_40.dll
2014-04-30 23:29 - 2008-07-31 10:41 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_2.dll
2014-04-30 23:29 - 2008-07-31 10:41 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_2.dll
2014-04-30 23:29 - 2008-07-31 10:41 - 00072200 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_1.dll
2014-04-30 23:29 - 2008-07-31 10:41 - 00068616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_1.dll
2014-04-30 23:29 - 2008-07-31 10:40 - 00513544 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_2.dll
2014-04-30 23:29 - 2008-07-31 10:40 - 00509448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_2.dll
2014-04-30 23:29 - 2008-07-10 11:01 - 00467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_39.dll
2014-04-30 23:29 - 2008-07-10 11:00 - 04992520 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_39.dll
2014-04-30 23:29 - 2008-07-10 11:00 - 03851784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_39.dll
2014-04-30 23:29 - 2008-07-10 11:00 - 01942552 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_39.dll
2014-04-30 23:29 - 2008-07-10 11:00 - 01493528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_39.dll
2014-04-30 23:29 - 2008-07-10 11:00 - 00540688 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_39.dll
2014-04-30 23:29 - 2008-05-30 14:19 - 00511496 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_1.dll
2014-04-30 23:29 - 2008-05-30 14:19 - 00507400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_1.dll
2014-04-30 23:29 - 2008-05-30 14:18 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_1.dll
2014-04-30 23:29 - 2008-05-30 14:18 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_1.dll
2014-04-30 23:29 - 2008-05-30 14:17 - 00068104 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_0.dll
2014-04-30 23:29 - 2008-05-30 14:17 - 00065032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_0.dll
2014-04-30 23:29 - 2008-05-30 14:17 - 00025608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_4.dll
2014-04-30 23:29 - 2008-05-30 14:16 - 00028168 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_4.dll
2014-04-30 23:29 - 2008-05-30 14:11 - 04991496 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_38.dll
2014-04-30 23:29 - 2008-05-30 14:11 - 03850760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_38.dll
2014-04-30 23:29 - 2008-05-30 14:11 - 01941528 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_38.dll
2014-04-30 23:29 - 2008-05-30 14:11 - 01491992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_38.dll
2014-04-30 23:29 - 2008-05-30 14:11 - 00540688 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_38.dll
2014-04-30 23:29 - 2008-05-30 14:11 - 00467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_38.dll
2014-04-30 23:29 - 2008-03-05 16:04 - 00489480 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_0.dll
2014-04-30 23:29 - 2008-03-05 16:03 - 00479752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_0.dll
2014-04-30 23:29 - 2008-03-05 16:03 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_0.dll
2014-04-30 23:29 - 2008-03-05 16:03 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_0.dll
2014-04-30 23:29 - 2008-03-05 16:00 - 00028168 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_3.dll
2014-04-30 23:29 - 2008-03-05 16:00 - 00025608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_3.dll
2014-04-30 23:29 - 2008-03-05 15:56 - 04910088 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_37.dll
2014-04-30 23:29 - 2008-03-05 15:56 - 03786760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_37.dll
2014-04-30 23:29 - 2008-03-05 15:56 - 01860120 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_37.dll
2014-04-30 23:29 - 2008-03-05 15:56 - 01420824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_37.dll
2014-04-30 23:29 - 2008-02-05 23:07 - 00529424 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_37.dll
2014-04-30 23:29 - 2008-02-05 23:07 - 00462864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_37.dll
2014-04-30 23:29 - 2007-10-22 03:40 - 00411656 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_10.dll
2014-04-30 23:29 - 2007-10-22 03:39 - 00267272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_10.dll
2014-04-30 23:29 - 2007-10-22 03:37 - 00021000 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_2.dll
2014-04-30 23:29 - 2007-10-22 03:37 - 00017928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_2.dll
2014-04-30 23:29 - 2007-10-12 15:14 - 05081608 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_36.dll
2014-04-30 23:29 - 2007-10-12 15:14 - 03734536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_36.dll
2014-04-30 23:29 - 2007-10-12 15:14 - 02006552 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_36.dll
2014-04-30 23:29 - 2007-10-12 15:14 - 01374232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_36.dll
2014-04-30 23:29 - 2007-10-02 09:56 - 00508264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_36.dll
2014-04-30 23:29 - 2007-10-02 09:56 - 00444776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_36.dll
2014-04-30 23:29 - 2007-07-20 00:57 - 00411496 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_9.dll
2014-04-30 23:29 - 2007-07-20 00:57 - 00267112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_9.dll
2014-04-30 23:29 - 2007-07-19 18:14 - 05073256 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_35.dll
2014-04-30 23:29 - 2007-07-19 18:14 - 03727720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_35.dll
2014-04-30 23:29 - 2007-07-19 18:14 - 01985904 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_35.dll
2014-04-30 23:29 - 2007-07-19 18:14 - 01358192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_35.dll
2014-04-30 23:29 - 2007-07-19 18:14 - 00508264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_35.dll
2014-04-30 23:29 - 2007-07-19 18:14 - 00444776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_35.dll
2014-04-30 23:29 - 2007-06-20 20:49 - 00409960 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_8.dll
2014-04-30 23:29 - 2007-06-20 20:46 - 00266088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_8.dll
2014-04-30 23:29 - 2007-05-16 16:45 - 04496232 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_34.dll
2014-04-30 23:29 - 2007-05-16 16:45 - 03497832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_34.dll
2014-04-30 23:29 - 2007-05-16 16:45 - 01401200 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_34.dll
2014-04-30 23:29 - 2007-05-16 16:45 - 01124720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_34.dll
2014-04-30 23:29 - 2007-05-16 16:45 - 00506728 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_34.dll
2014-04-30 23:29 - 2007-05-16 16:45 - 00443752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_34.dll
2014-04-30 23:29 - 2007-04-04 18:55 - 00403304 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_7.dll
2014-04-30 23:29 - 2007-04-04 18:55 - 00261480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_7.dll
2014-04-30 23:29 - 2007-04-04 18:54 - 00107368 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_3.dll
2014-04-30 23:29 - 2007-04-04 18:53 - 00081768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_3.dll
2014-04-30 23:29 - 2007-03-15 16:57 - 00506728 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_33.dll
2014-04-30 23:29 - 2007-03-15 16:57 - 00443752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_33.dll
2014-04-30 23:29 - 2007-03-12 16:42 - 04494184 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_33.dll
2014-04-30 23:29 - 2007-03-12 16:42 - 03495784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_33.dll
2014-04-30 23:29 - 2007-03-12 16:42 - 01400176 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_33.dll
2014-04-30 23:29 - 2007-03-12 16:42 - 01123696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_33.dll
Ran by Pablo (administrator) on PES on 01-05-2014 09:36:18
Running from C:\Users\Pablo\Downloads
Windows 7 Home Basic Service Pack 1 (X64) OS Language: Portuguese Brazilian
Internet Explorer Version 9
Boot Mode: Normal
The only official download link for FRST:
Download link for 32-Bit version: [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Download link for 64-Bit Version: [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
==================== Processes (Whitelisted) =================
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgrsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgcsrva.exe
(The Within Network, LLC) C:\Windows\UnsignedThemesSvc.exe
(ASUSTeK Computer Inc.) C:\Windows\System32\FBAgent.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(Microsoft Corporation) C:\Windows\System32\wisptis.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore64.exe
(ASUS) C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnSrv.exe
() C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe
() C:\ProgramData\DatacardService\HWDeviceService64.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
() C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(ASUS) C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnWMI.exe
(Microsoft Corporation) C:\Windows\System32\wisptis.exe
(ASUS) C:\Program Files\ASUS\P4G\BatteryLife.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
(Huawei Technologies Co., Ltd.) C:\ProgramData\DatacardService\DCSHelper.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\FaceLogon\sensorsrv.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Virtual Touch\QuickGesture\x86\QuickGesture.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Virtual Touch\QuickGesture\x64\QuickGesture64.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(ASUSTeK) C:\Windows\SysWOW64\ACEngSvr.exe
(ASUS) C:\Windows\AsScrPro.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgnsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgemca.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(http://winaero.com/) C:\Program Files (x86)\winaero.com\Personalization Panel DWM Controller\persdwmsrv.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(SUPERAntiSpyware) C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(MyCity) C:\Program Files (x86)\MCShield\MCShieldRTM.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgui.exe
(Huawei Technologies Co., Ltd.) C:\Users\Pablo\AppData\Roaming\VIVO INTERNET\ouc.exe
(Trend Micro Inc.) C:\Program Files\Trend Micro\Titanium\TiMiniService.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe
(Trend Micro Inc.) C:\Program Files\Trend Micro\Titanium\TiResumeSrv.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [VizorHtmlDialog.exe] => C:\Program Files\Trend Micro\Titanium\UIFramework\VizorHtmlDialog.exe [1654992 2011-10-26] (Trend Micro Inc.)
HKLM\...\Run: [Trend Micro Client Framework] => C:\Program Files\Trend Micro\UniClient\UiFrmWrk\UIWatchDog.exe [213824 2011-10-04] (Trend Micro Inc.)
HKLM\...\Run: [Trend Micro Titanium] => C:\Program Files\Trend Micro\Titanium\VizorShortCut.exe [416992 2011-08-02] (Trend Micro Inc.)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2661672 2012-02-19] (ELAN Microelectronics Corp.)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291608 2012-02-27] (Intel Corporation)
HKLM-x32\...\Run: [ATKOSD2] => C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [322176 2012-02-16] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [HControlUser] => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe [105016 2009-06-19] (ASUS)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [224128 2014-03-18] (Oracle Corporation)
HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\AVG2014\avgui.exe [5180432 2014-04-06] (AVG Technologies CZ, s.r.o.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-1322692611-2876088620-685211800-1000\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [6563608 2014-03-03] (SUPERAntiSpyware)
HKU\S-1-5-21-1322692611-2876088620-685211800-1000\...\Run: [HW_OPENEYE_OUC_VIVO INTERNET] => C:\Program Files (x86)\VIVO INTERNET\UpdateDog\ouc.exe [110592 2009-07-27] (Huawei Technologies Co., Ltd.)
HKU\S-1-5-21-1322692611-2876088620-685211800-1000\...\Run: [MCShield Monitor] => C:\Program Files (x86)\MCShield\mcshieldrtm.exe [650816 2014-04-11] (MyCity)
HKU\S-1-5-21-1322692611-2876088620-685211800-1000\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKCU - DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
BHO: TmIEPlugInBHO Class - {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - C:\Program Files\Trend Micro\AMSP\Module\20004\2.0.1313\6.8.1072\TmIEPlg.dll (Trend Micro Inc.)
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre8\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: TmBpIeBHO Class - {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\Program Files\Trend Micro\AMSP\Module\20002\7.0.1081\7.0.1081\TmBpIe64.dll (Trend Micro Inc.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre8\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: TmIEPlugInBHO Class - {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - C:\Program Files\Trend Micro\AMSP\Module\20004\2.0.1313\6.8.1072\TmIEPlg32.dll (Trend Micro Inc.)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: TmBpIeBHO Class - {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\Program Files\Trend Micro\AMSP\Module\20002\7.0.1081\7.0.1081\TmBpIe32.dll (Trend Micro Inc.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Microsoft Web Test Recorder 10.0 Helper - {DDA57003-0068-4ed2-9D32-4D1EC707D94D} - d:\PUC\Visual Studio\Common7\IDE\PrivateAssemblies\Microsoft.VisualStudio.QualityTools.RecorderBarBHO100.dll (Microsoft Corporation)
Handler: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\Module\20002\7.0.1081\7.0.1081\TmBpIe64.dll (Trend Micro Inc.)
Handler: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend Micro\AMSP\Module\20004\2.0.1313\6.8.1072\TmIEPlg.dll (Trend Micro Inc.)
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll No File
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Handler-x32: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\Module\20002\7.0.1081\7.0.1081\TmBpIe32.dll (Trend Micro Inc.)
Handler-x32: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend Micro\AMSP\Module\20004\2.0.1313\6.8.1072\TmIEPlg32.dll (Trend Micro Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
FireFox:
========
FF Plugin: @java.com/DTPlugin,version=11.5.2 - C:\Program Files\Java\jre8\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.5.2 - C:\Program Files\Java\jre8\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32.dll No File
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @real.com/nppl3260;version=6.0.12.450 - C:\Program Files (x86)\Real Alternative\browser\plugins\nppl3260.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpjplug;version=6.0.12.448 - C:\Program Files (x86)\Real Alternative\browser\plugins\nprpjplug.dll (RealNetworks, Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.3 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF HKLM-x32\...\Firefox\Extensions: [{38783831-6098-4faa-A9C9-1EE1E343F4D2}] - C:\Program Files\Trend Micro\AMSP\Module\20002\7.0.1081\7.0.1081\firefoxextension
FF Extension: Trend Micro BEP Firefox Extension - C:\Program Files\Trend Micro\AMSP\Module\20002\7.0.1081\7.0.1081\firefoxextension [2012-03-09]
FF HKLM-x32\...\Firefox\Extensions: [{22C7F6C6-8D67-4534-92B5-529A0EC09405}] - C:\Program Files\Trend Micro\AMSP\module\20004\FxExt\firefoxextension\
FF Extension: Trend Micro NSC Firefox Extension - C:\Program Files\Trend Micro\AMSP\module\20004\FxExt\firefoxextension\ []
Chrome:
=======
CHR HomePage:
CHR DefaultSearchKeyword: google.com.br
CHR Extension: (Google Drive) - C:\Users\Pablo\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-01-06]
CHR Extension: (YouTube) - C:\Users\Pablo\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-01-06]
CHR Extension: (Pesquisa do Google) - C:\Users\Pablo\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-01-06]
CHR Extension: (Google Wallet) - C:\Users\Pablo\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-26]
CHR Extension: (Gmail) - C:\Users\Pablo\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-01-06]
==================== Services (Whitelisted) =================
R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [140672 2012-07-11] (SUPERAntiSpyware.com)
R2 ASUS InstantOn; C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnSrv.exe [277120 2012-04-13] (ASUS)
R2 Autodesk Content Service; C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [18656 2011-02-02] ()
R2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe [3645456 2014-04-18] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe [291912 2014-03-27] (AVG Technologies CZ, s.r.o.)
R2 HWDeviceService64.exe; C:\ProgramData\DatacardService\HWDeviceService64.exe [339456 2010-11-16] ()
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [128280 2012-02-21] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [161560 2012-02-21] (Intel Corporation)
R2 MSSQL$SQLEXPRESS; C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [57617752 2009-03-30] (Microsoft Corporation)
R2 persdwmsrv; C:\Program Files (x86)\winaero.com\Personalization Panel DWM Controller\persdwmsrv.exe [8192 2012-04-07] (http://winaero.com/)
S4 SQLAgent$SQLEXPRESS; C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [427880 2009-03-30] (Microsoft Corporation)
R3 TiMiniService; C:\Program Files\Trend Micro\Titanium\TiMiniService.exe [247072 2011-08-02] (Trend Micro Inc.)
R2 UnsignedThemes; C:\Windows\UnsignedThemesSvc.exe [24168 2009-07-13] (The Within Network, LLC)
S3 Amsp; "C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe" coreFrameworkHost.exe -m=rb -dt=60000 -ad [X]
==================== Drivers (Whitelisted) ====================
R3 AiCharger; C:\Windows\SysWOW64\DRIVERS\AiCharger.sys [17152 2012-02-29] (ASUSTek Computer Inc.)
R3 AsusVBus; C:\Windows\System32\DRIVERS\AsusVBus.sys [35968 2012-04-11] (Windows (R) Win 7 DDK provider)
R3 AsusVTouch; C:\Windows\System32\DRIVERS\AsusVTouch.sys [16512 2012-04-11] (Windows (R) Win 7 DDK provider)
R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [153368 2014-03-27] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [237336 2014-04-18] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [192792 2014-03-27] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [236824 2014-03-27] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [324376 2014-03-27] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [130840 2014-03-31] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [32536 2014-03-27] (AVG Technologies CZ, s.r.o.)
R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [274200 2014-03-31] (AVG Technologies CZ, s.r.o.)
R3 kbfiltr; C:\Windows\System32\DRIVERS\kbfiltr.sys [15416 2009-07-20] ( )
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
S3 Serial; C:\Windows\system32\drivers\serial.sys [94208 2009-07-13] (Brother Industries Ltd.)
R1 tmactmon; C:\Windows\System32\DRIVERS\tmactmon.sys [91920 2011-08-11] (Trend Micro Inc.)
R1 tmcomm; C:\Windows\System32\DRIVERS\tmcomm.sys [167696 2011-08-11] (Trend Micro Inc.)
R1 tmevtmgr; C:\Windows\System32\DRIVERS\tmevtmgr.sys [70928 2011-08-11] (Trend Micro Inc.)
R1 tmtdi; C:\Windows\System32\DRIVERS\tmtdi.sys [105744 2011-09-29] (Trend Micro Inc.)
U5 UnlockerDriver5; C:\Program Files\Unlocker\UnlockerDriver5.sys [12352 2010-07-01] () <===== ATTENTION Necurs Rootkit?
R2 uxpatch; C:\Windows\system32\drivers\uxpatch.sys [30568 2009-07-13] ()
S3 VSPerfDrv100; d:\PUC\Visual Studio\Team Tools\Performance Tools\x64\VSPerfDrv100.sys [68440 2010-03-17] (Microsoft Corporation)
S3 BdApiUtil; \??\C:\Program Files (x86)\Baidu Security\Baidu Antivirus\BdApiUtil64.sys [X]
S3 BdCameraProtect; \??\C:\Program Files (x86)\Baidu Security\Baidu Antivirus\BdCameraProtect64.sys [X]
S3 BprotectEx; \??\C:\Windows\System32\drivers\BprotectEx.sys [X]
S3 GGSAFERDriver; \??\D:\WC3\GarenaPlus\Garena Plus\Room\safedrv.sys [X]
S3 hwusbdev; system32\DRIVERS\ewusbdev.sys [X]
S3 PCFApiUtil; \??\C:\Program Files (x86)\Baidu Security\PC Faster\4.0.0.0\PCFApiUtil64.sys [X]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-05-01 09:31 - 2014-05-01 09:31 - 00000872 _____ () C:\Users\Pablo\Downloads\fixlist.txt
2014-04-30 23:51 - 2014-04-30 23:52 - 00040662 _____ () C:\Users\Pablo\Downloads\Addition.txt
2014-04-30 23:50 - 2014-05-01 09:36 - 00021083 _____ () C:\Users\Pablo\Downloads\FRST.txt
2014-04-30 23:50 - 2014-05-01 09:36 - 00000000 ____D () C:\FRST
2014-04-30 23:49 - 2014-04-30 23:49 - 02061824 _____ (Farbar) C:\Users\Pablo\Downloads\FRST64.exe
2014-04-30 23:39 - 2014-04-30 23:39 - 00001221 _____ () C:\Users\Pablo\Desktop\ZHPFixReport.txt
2014-04-30 23:30 - 2010-06-02 04:55 - 00527192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_7.dll
2014-04-30 23:30 - 2010-06-02 04:55 - 00518488 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_7.dll
2014-04-30 23:30 - 2010-06-02 04:55 - 00239960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_7.dll
2014-04-30 23:30 - 2010-06-02 04:55 - 00176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_7.dll
2014-04-30 23:30 - 2010-06-02 04:55 - 00077656 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_5.dll
2014-04-30 23:30 - 2010-06-02 04:55 - 00074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_5.dll
2014-04-30 23:30 - 2010-05-26 11:41 - 02526056 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_43.dll
2014-04-30 23:30 - 2010-05-26 11:41 - 02401112 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_43.dll
2014-04-30 23:30 - 2010-05-26 11:41 - 02106216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_43.dll
2014-04-30 23:30 - 2010-05-26 11:41 - 01998168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_43.dll
2014-04-30 23:30 - 2010-05-26 11:41 - 01907552 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_43.dll
2014-04-30 23:30 - 2010-05-26 11:41 - 01868128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_43.dll
2014-04-30 23:30 - 2010-05-26 11:41 - 00511328 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_43.dll
2014-04-30 23:30 - 2010-05-26 11:41 - 00470880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_43.dll
2014-04-30 23:30 - 2010-05-26 11:41 - 00276832 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_43.dll
2014-04-30 23:30 - 2010-05-26 11:41 - 00248672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_43.dll
2014-04-30 23:30 - 2010-02-04 10:01 - 00530776 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_6.dll
2014-04-30 23:30 - 2010-02-04 10:01 - 00528216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_6.dll
2014-04-30 23:30 - 2010-02-04 10:01 - 00238936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_6.dll
2014-04-30 23:30 - 2010-02-04 10:01 - 00176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_6.dll
2014-04-30 23:30 - 2010-02-04 10:01 - 00078680 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_4.dll
2014-04-30 23:30 - 2010-02-04 10:01 - 00074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_4.dll
2014-04-30 23:30 - 2010-02-04 10:01 - 00024920 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_7.dll
2014-04-30 23:30 - 2010-02-04 10:01 - 00022360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_7.dll
2014-04-30 23:30 - 2009-09-04 17:44 - 00517960 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_5.dll
2014-04-30 23:30 - 2009-09-04 17:44 - 00238936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_5.dll
2014-04-30 23:30 - 2009-09-04 17:44 - 00176968 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_5.dll
2014-04-30 23:30 - 2009-09-04 17:29 - 05554512 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_42.dll
2014-04-30 23:30 - 2009-09-04 17:29 - 05501792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_42.dll
2014-04-30 23:29 - 2014-04-30 23:29 - 00010357 _____ () C:\Windows\DirectX.log
2014-04-30 23:29 - 2009-09-04 17:44 - 00073544 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_3.dll
2014-04-30 23:29 - 2009-03-16 14:18 - 00521560 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_4.dll
2014-04-30 23:29 - 2009-03-16 14:18 - 00517448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_4.dll
2014-04-30 23:29 - 2009-03-16 14:18 - 00235352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_4.dll
2014-04-30 23:29 - 2009-03-16 14:18 - 00174936 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_4.dll
2014-04-30 23:29 - 2009-03-16 14:18 - 00024920 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_6.dll
2014-04-30 23:29 - 2009-03-16 14:18 - 00022360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_6.dll
2014-04-30 23:29 - 2009-03-09 15:27 - 05425496 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_41.dll
2014-04-30 23:29 - 2009-03-09 15:27 - 04178264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_41.dll
2014-04-30 23:29 - 2009-03-09 15:27 - 02430312 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_41.dll
2014-04-30 23:29 - 2009-03-09 15:27 - 00520544 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_41.dll
2014-04-30 23:29 - 2008-10-27 10:04 - 00518480 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_3.dll
2014-04-30 23:29 - 2008-10-27 10:04 - 00514384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_3.dll
2014-04-30 23:29 - 2008-10-27 10:04 - 00235856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_3.dll
2014-04-30 23:29 - 2008-10-27 10:04 - 00175440 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_3.dll
2014-04-30 23:29 - 2008-10-27 10:04 - 00074576 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_2.dll
2014-04-30 23:29 - 2008-10-27 10:04 - 00070992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_2.dll
2014-04-30 23:29 - 2008-10-27 10:04 - 00025936 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_5.dll
2014-04-30 23:29 - 2008-10-27 10:04 - 00023376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_5.dll
2014-04-30 23:29 - 2008-10-15 06:22 - 05631312 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_40.dll
2014-04-30 23:29 - 2008-10-15 06:22 - 04379984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_40.dll
2014-04-30 23:29 - 2008-10-15 06:22 - 02605920 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_40.dll
2014-04-30 23:29 - 2008-10-15 06:22 - 02036576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_40.dll
2014-04-30 23:29 - 2008-10-15 06:22 - 00519000 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_40.dll
2014-04-30 23:29 - 2008-10-15 06:22 - 00452440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_40.dll
2014-04-30 23:29 - 2008-07-31 10:41 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_2.dll
2014-04-30 23:29 - 2008-07-31 10:41 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_2.dll
2014-04-30 23:29 - 2008-07-31 10:41 - 00072200 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_1.dll
2014-04-30 23:29 - 2008-07-31 10:41 - 00068616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_1.dll
2014-04-30 23:29 - 2008-07-31 10:40 - 00513544 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_2.dll
2014-04-30 23:29 - 2008-07-31 10:40 - 00509448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_2.dll
2014-04-30 23:29 - 2008-07-10 11:01 - 00467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_39.dll
2014-04-30 23:29 - 2008-07-10 11:00 - 04992520 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_39.dll
2014-04-30 23:29 - 2008-07-10 11:00 - 03851784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_39.dll
2014-04-30 23:29 - 2008-07-10 11:00 - 01942552 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_39.dll
2014-04-30 23:29 - 2008-07-10 11:00 - 01493528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_39.dll
2014-04-30 23:29 - 2008-07-10 11:00 - 00540688 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_39.dll
2014-04-30 23:29 - 2008-05-30 14:19 - 00511496 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_1.dll
2014-04-30 23:29 - 2008-05-30 14:19 - 00507400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_1.dll
2014-04-30 23:29 - 2008-05-30 14:18 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_1.dll
2014-04-30 23:29 - 2008-05-30 14:18 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_1.dll
2014-04-30 23:29 - 2008-05-30 14:17 - 00068104 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_0.dll
2014-04-30 23:29 - 2008-05-30 14:17 - 00065032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_0.dll
2014-04-30 23:29 - 2008-05-30 14:17 - 00025608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_4.dll
2014-04-30 23:29 - 2008-05-30 14:16 - 00028168 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_4.dll
2014-04-30 23:29 - 2008-05-30 14:11 - 04991496 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_38.dll
2014-04-30 23:29 - 2008-05-30 14:11 - 03850760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_38.dll
2014-04-30 23:29 - 2008-05-30 14:11 - 01941528 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_38.dll
2014-04-30 23:29 - 2008-05-30 14:11 - 01491992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_38.dll
2014-04-30 23:29 - 2008-05-30 14:11 - 00540688 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_38.dll
2014-04-30 23:29 - 2008-05-30 14:11 - 00467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_38.dll
2014-04-30 23:29 - 2008-03-05 16:04 - 00489480 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_0.dll
2014-04-30 23:29 - 2008-03-05 16:03 - 00479752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_0.dll
2014-04-30 23:29 - 2008-03-05 16:03 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_0.dll
2014-04-30 23:29 - 2008-03-05 16:03 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_0.dll
2014-04-30 23:29 - 2008-03-05 16:00 - 00028168 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_3.dll
2014-04-30 23:29 - 2008-03-05 16:00 - 00025608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_3.dll
2014-04-30 23:29 - 2008-03-05 15:56 - 04910088 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_37.dll
2014-04-30 23:29 - 2008-03-05 15:56 - 03786760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_37.dll
2014-04-30 23:29 - 2008-03-05 15:56 - 01860120 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_37.dll
2014-04-30 23:29 - 2008-03-05 15:56 - 01420824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_37.dll
2014-04-30 23:29 - 2008-02-05 23:07 - 00529424 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_37.dll
2014-04-30 23:29 - 2008-02-05 23:07 - 00462864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_37.dll
2014-04-30 23:29 - 2007-10-22 03:40 - 00411656 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_10.dll
2014-04-30 23:29 - 2007-10-22 03:39 - 00267272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_10.dll
2014-04-30 23:29 - 2007-10-22 03:37 - 00021000 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_2.dll
2014-04-30 23:29 - 2007-10-22 03:37 - 00017928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_2.dll
2014-04-30 23:29 - 2007-10-12 15:14 - 05081608 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_36.dll
2014-04-30 23:29 - 2007-10-12 15:14 - 03734536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_36.dll
2014-04-30 23:29 - 2007-10-12 15:14 - 02006552 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_36.dll
2014-04-30 23:29 - 2007-10-12 15:14 - 01374232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_36.dll
2014-04-30 23:29 - 2007-10-02 09:56 - 00508264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_36.dll
2014-04-30 23:29 - 2007-10-02 09:56 - 00444776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_36.dll
2014-04-30 23:29 - 2007-07-20 00:57 - 00411496 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_9.dll
2014-04-30 23:29 - 2007-07-20 00:57 - 00267112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_9.dll
2014-04-30 23:29 - 2007-07-19 18:14 - 05073256 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_35.dll
2014-04-30 23:29 - 2007-07-19 18:14 - 03727720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_35.dll
2014-04-30 23:29 - 2007-07-19 18:14 - 01985904 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_35.dll
2014-04-30 23:29 - 2007-07-19 18:14 - 01358192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_35.dll
2014-04-30 23:29 - 2007-07-19 18:14 - 00508264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_35.dll
2014-04-30 23:29 - 2007-07-19 18:14 - 00444776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_35.dll
2014-04-30 23:29 - 2007-06-20 20:49 - 00409960 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_8.dll
2014-04-30 23:29 - 2007-06-20 20:46 - 00266088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_8.dll
2014-04-30 23:29 - 2007-05-16 16:45 - 04496232 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_34.dll
2014-04-30 23:29 - 2007-05-16 16:45 - 03497832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_34.dll
2014-04-30 23:29 - 2007-05-16 16:45 - 01401200 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_34.dll
2014-04-30 23:29 - 2007-05-16 16:45 - 01124720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_34.dll
2014-04-30 23:29 - 2007-05-16 16:45 - 00506728 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_34.dll
2014-04-30 23:29 - 2007-05-16 16:45 - 00443752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_34.dll
2014-04-30 23:29 - 2007-04-04 18:55 - 00403304 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_7.dll
2014-04-30 23:29 - 2007-04-04 18:55 - 00261480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_7.dll
2014-04-30 23:29 - 2007-04-04 18:54 - 00107368 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_3.dll
2014-04-30 23:29 - 2007-04-04 18:53 - 00081768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_3.dll
2014-04-30 23:29 - 2007-03-15 16:57 - 00506728 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_33.dll
2014-04-30 23:29 - 2007-03-15 16:57 - 00443752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_33.dll
2014-04-30 23:29 - 2007-03-12 16:42 - 04494184 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_33.dll
2014-04-30 23:29 - 2007-03-12 16:42 - 03495784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_33.dll
2014-04-30 23:29 - 2007-03-12 16:42 - 01400176 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_33.dll
2014-04-30 23:29 - 2007-03-12 16:42 - 01123696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_33.dll
pabloescobar- Membro
- Mensagens : 68
Reputação : 0
Data de inscrição : 17/04/2014
Localização : Minas Gerais
Fotos Slides Movie nos pendrives e PC
por pabloescobar Qui 01 maio 2014, 09:39
2014-04-30 23:29 - 2007-03-05 12:42 - 00017688 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_1.dll
2014-04-30 23:29 - 2007-03-05 12:42 - 00015128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_1.dll
2014-04-30 23:29 - 2007-01-24 15:27 - 00393576 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_6.dll
2014-04-30 23:29 - 2007-01-24 15:27 - 00255848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_6.dll
2014-04-30 23:29 - 2006-12-08 12:02 - 00251672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_5.dll
2014-04-30 23:29 - 2006-12-08 12:00 - 00390424 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_5.dll
2014-04-30 23:29 - 2006-11-29 13:06 - 00469264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10.dll
2014-04-30 23:29 - 2006-11-29 13:06 - 00440080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10.dll
2014-04-30 23:29 - 2006-09-28 16:05 - 03977496 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_31.dll
2014-04-30 23:29 - 2006-09-28 16:05 - 02414360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_31.dll
2014-04-30 23:29 - 2006-09-28 16:05 - 00237848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_4.dll
2014-04-30 23:29 - 2006-09-28 16:04 - 00364824 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_4.dll
2014-04-30 23:29 - 2006-07-28 09:31 - 00083736 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_2.dll
2014-04-30 23:29 - 2006-07-28 09:30 - 00363288 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_3.dll
2014-04-30 23:29 - 2006-07-28 09:30 - 00236824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_3.dll
2014-04-30 23:29 - 2006-07-28 09:30 - 00062744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_2.dll
2014-04-30 23:29 - 2006-05-31 07:24 - 00230168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_2.dll
2014-04-30 23:29 - 2006-05-31 07:22 - 00354072 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_2.dll
2014-04-30 23:29 - 2006-03-31 12:40 - 00352464 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_1.dll
2014-04-30 23:29 - 2006-03-31 12:39 - 00229584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_1.dll
2014-04-30 23:29 - 2006-03-31 12:39 - 00083664 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_1.dll
2014-04-30 23:29 - 2006-03-31 12:39 - 00062672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_1.dll
2014-04-30 23:29 - 2006-02-03 08:43 - 03830992 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_29.dll
2014-04-30 23:29 - 2006-02-03 08:43 - 02332368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_29.dll
2014-04-30 23:29 - 2006-02-03 08:42 - 00355536 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_0.dll
2014-04-30 23:29 - 2006-02-03 08:42 - 00230096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_0.dll
2014-04-30 23:29 - 2006-02-03 08:41 - 00016592 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_0.dll
2014-04-30 23:29 - 2006-02-03 08:41 - 00014032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_0.dll
2014-04-30 23:29 - 2005-12-05 18:09 - 03815120 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_28.dll
2014-04-30 23:29 - 2005-12-05 18:09 - 02323664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_28.dll
2014-04-30 23:29 - 2005-07-22 19:59 - 03807440 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_27.dll
2014-04-30 23:29 - 2005-07-22 19:59 - 02319568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_27.dll
2014-04-30 23:29 - 2005-05-26 15:34 - 03767504 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_26.dll
2014-04-30 23:29 - 2005-05-26 15:34 - 02297552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_26.dll
2014-04-30 23:29 - 2005-03-18 17:19 - 03823312 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_25.dll
2014-04-30 23:29 - 2005-03-18 17:19 - 02337488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_25.dll
2014-04-30 23:29 - 2005-02-05 19:45 - 03544272 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_24.dll
2014-04-30 23:29 - 2005-02-05 19:45 - 02222800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_24.dll
2014-04-30 23:23 - 2014-04-30 23:23 - 00035770 _____ () C:\Users\Pablo\Desktop\ZHPDiag.txt
2014-04-30 22:52 - 2014-05-01 09:23 - 00000000 ____D () C:\ProgramData\AVG Security Toolbar
2014-04-30 11:58 - 2014-04-30 11:58 - 00014309 _____ () C:\Users\Pablo\Desktop\hijackthis.log
2014-04-30 10:59 - 2014-05-01 00:41 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-04-30 10:59 - 2014-04-30 10:59 - 01141680 _____ () C:\Users\Pablo\Downloads\SteamSetup.exe
2014-04-30 10:59 - 2014-04-30 10:59 - 00000925 _____ () C:\Users\Public\Desktop\Steam.lnk
2014-04-30 10:59 - 2014-04-30 10:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2014-04-30 10:14 - 2014-04-30 10:14 - 00001797 _____ () C:\Users\Pablo\Desktop\JRT.txt
2014-04-30 10:03 - 2014-04-30 10:03 - 00000000 ____D () C:\Windows\ERUNT
2014-04-30 09:59 - 2014-04-30 09:59 - 01016261 _____ (Thisisu) C:\Users\Pablo\Downloads\JRT.exe
2014-04-29 23:10 - 2014-04-29 23:10 - 00012651 _____ () C:\Users\Pablo\Desktop\hijackthisaaa
2014-04-29 22:54 - 2014-04-29 22:54 - 00000097 _____ () C:\files.log
2014-04-29 22:46 - 2014-04-29 22:54 - 00000070 _____ () C:\folders.log
2014-04-29 22:46 - 2014-04-29 22:54 - 00000000 ____D () C:\zoek
2014-04-29 22:31 - 2014-04-29 22:54 - 00019376 _____ () C:\zoek-results.log
2014-04-29 22:28 - 2014-04-29 22:54 - 00003247 _____ () C:\runcheck.txt
2014-04-29 22:28 - 2014-04-29 22:48 - 00000000 ____D () C:\zoek_backup
2014-04-29 22:28 - 2014-04-29 22:28 - 01285120 _____ () C:\Users\Pablo\Downloads\zoek.exe
2014-04-29 17:33 - 2014-04-29 17:33 - 00002248 _____ () C:\Users\Pablo\Downloads\980e9f00-52b0-4c9d-b9a3-300581d6daeb_1216132_P9_Pablo Ricardo Pereira (1).zip
2014-04-29 16:30 - 2014-04-29 16:30 - 00001157 _____ () C:\Users\Pablo\Desktop\aaa.txt
2014-04-29 13:13 - 2014-04-29 13:13 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-04-29 13:13 - 2014-04-29 13:13 - 00001064 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-04-29 13:13 - 2014-04-29 13:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-04-29 13:13 - 2014-04-29 13:13 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-04-29 13:13 - 2014-04-29 13:13 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-04-29 13:13 - 2014-04-03 09:51 - 00088280 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-04-29 13:13 - 2014-04-03 09:51 - 00063192 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-04-29 13:13 - 2014-04-03 09:50 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-04-29 13:11 - 2014-04-29 13:12 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\Pablo\Downloads\mbam-setup-2.0.1.1004.exe
2014-04-29 13:04 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
2014-04-29 13:03 - 2014-04-29 13:05 - 00000000 ____D () C:\AdwCleaner
2014-04-29 13:02 - 2014-04-29 13:02 - 01310621 _____ () C:\Users\Pablo\Downloads\AdwCleaner.exe
2014-04-29 12:53 - 2014-04-30 23:39 - 00000000 ____D () C:\Users\Pablo\AppData\Roaming\ZHP
2014-04-29 12:53 - 2014-04-30 23:21 - 00000000 ____D () C:\Program Files (x86)\ZHPDiag
2014-04-29 12:53 - 2014-04-29 12:53 - 00003170 _____ () C:\Windows\System32\Tasks\{FD1E0C56-4675-4558-AD57-9C5D77DB0A0D}
2014-04-29 12:53 - 2014-04-29 12:53 - 00001949 _____ () C:\Users\Pablo\Desktop\ZHPFix.lnk
2014-04-29 12:53 - 2014-04-29 12:53 - 00001822 _____ () C:\Users\Pablo\Desktop\ZHPDiag.lnk
2014-04-29 12:53 - 2014-04-29 12:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZHP
2014-04-29 12:51 - 2014-04-29 12:52 - 06780391 _____ (Nicolas Coolman ) C:\Users\Pablo\Downloads\ZHPDiag2.exe
2014-04-29 12:46 - 2014-04-29 12:46 - 00000864 _____ () C:\Users\Pablo\Desktop\MCShield-AllScans.txt
2014-04-29 12:44 - 2014-05-01 09:18 - 00000000 ____D () C:\ProgramData\MCShield
2014-04-29 12:44 - 2014-04-29 12:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MCShield
2014-04-29 12:44 - 2014-04-29 12:44 - 00000000 ____D () C:\Program Files (x86)\MCShield
2014-04-29 12:42 - 2014-04-29 12:42 - 02856736 _____ (MyCity) C:\Users\Pablo\Downloads\MCShield-Setup.exe
2014-04-29 12:32 - 2014-04-29 12:32 - 00013385 _____ () C:\Users\Pablo\Desktop\UsbFix_Report.txt
2014-04-29 12:30 - 2014-04-29 12:32 - 00013385 _____ () C:\UsbFix [Clean 2] PES.txt
2014-04-29 12:20 - 2014-04-29 12:32 - 00000000 ____D () C:\UsbFix
2014-04-29 12:20 - 2014-04-29 12:27 - 00001450 _____ () C:\Users\Pablo\Desktop\UsbFix.lnk
2014-04-29 12:10 - 2014-04-29 12:11 - 03006996 _____ (El Desaparecido - SosVirus.net - UsbFix.net) C:\Users\Pablo\Downloads\UsbFix.exe
2014-04-29 10:31 - 2014-04-29 12:48 - 00014095 _____ () C:\Users\Pablo\Downloads\hijackthis.log
2014-04-29 10:30 - 2014-04-29 10:30 - 00388608 _____ (Trend Micro Inc.) C:\Users\Pablo\Downloads\HijackThis.exe
2014-04-29 10:24 - 2014-04-29 10:24 - 00000000 ____D () C:\Users\Pablo\AppData\Roaming\AVG2014
2014-04-29 10:23 - 2014-04-29 10:23 - 00000985 _____ () C:\Users\Public\Desktop\AVG 2014.lnk
2014-04-29 10:23 - 2014-04-29 10:23 - 00000000 ____D () C:\Users\Pablo\AppData\Roaming\TuneUp Software
2014-04-29 10:23 - 2014-04-29 10:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2014-04-29 10:22 - 2014-04-29 22:55 - 00000000 ____D () C:\ProgramData\AVG2014
2014-04-29 10:22 - 2014-04-29 10:22 - 00000000 ____D () C:\Program Files (x86)\AVG
2014-04-29 10:22 - 2014-04-29 10:22 - 00000000 ____D () C:\$AVG
2014-04-29 10:09 - 2014-05-01 09:24 - 00000000 ____D () C:\ProgramData\MFAData
2014-04-29 10:09 - 2014-04-29 11:41 - 00000000 ____D () C:\Users\Pablo\AppData\Local\Avg2014
2014-04-29 10:09 - 2014-04-29 10:09 - 04485528 _____ (AVG Technologies) C:\Users\Pablo\Downloads\avg_free_stb_pb_2014_4577_free.exe
2014-04-29 10:09 - 2014-04-29 10:09 - 00000000 ____D () C:\Users\Pablo\AppData\Local\MFAData
2014-04-27 19:07 - 2014-04-28 17:27 - 00000000 ____D () C:\Users\Pablo\Desktop\FILSOFIA
2014-04-26 21:53 - 2014-04-24 21:00 - 00003009 _____ () C:\Users\Pablo\Desktop\exercicio.txt
2014-04-26 21:53 - 2014-04-24 21:00 - 00001105 _____ () C:\Users\Pablo\Desktop\774590_Aula%20220414%20Enunciado%20noite.txt
2014-04-26 18:38 - 2014-04-26 19:10 - 00000000 ____D () C:\Users\Pablo\AppData\Roaming\klavaro
2014-04-26 18:38 - 2014-04-26 18:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Klavaro
2014-04-24 22:48 - 2014-04-24 23:13 - 00000000 ____D () C:\xti
2014-04-24 22:42 - 2014-04-24 22:42 - 00001073 _____ () C:\Users\Pablo\Desktop\Notepad++.lnk
2014-04-24 22:41 - 2014-04-24 22:42 - 00000000 ____D () C:\Users\Pablo\AppData\Roaming\Notepad++
2014-04-24 22:41 - 2014-04-24 22:41 - 00000000 ____D () C:\Users\Pablo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Notepad++
2014-04-24 22:41 - 2014-04-24 22:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++
2014-04-24 22:41 - 2014-04-24 22:41 - 00000000 ____D () C:\Program Files (x86)\Notepad++
2014-04-24 10:09 - 2014-04-24 10:09 - 00313256 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-04-24 10:09 - 2014-04-24 10:09 - 00191400 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2014-04-24 10:09 - 2014-04-24 10:09 - 00190888 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2014-04-24 10:09 - 2014-04-24 10:09 - 00111016 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2014-04-24 10:08 - 2014-04-24 10:09 - 00000000 ____D () C:\Program Files\Java
2014-04-24 10:05 - 2014-04-24 10:23 - 00000000 ____D () C:\Users\Pablo\Desktop\JAVA
2014-04-20 14:07 - 2014-04-20 14:07 - 00002248 _____ () C:\Users\Pablo\Downloads\980e9f00-52b0-4c9d-b9a3-300581d6daeb_1216132_P9_Pablo Ricardo Pereira.zip
2014-04-18 23:32 - 2014-04-18 23:32 - 00002186 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Digital Editions 3.0.lnk
2014-04-18 23:32 - 2014-04-18 23:32 - 00000000 ____D () C:\Users\Pablo\Documents\My Digital Editions
2014-04-18 23:32 - 2014-04-18 23:32 - 00000000 ____D () C:\Users\Pablo\AppData\Local\Adobe_Systems_Incorporate
2014-04-18 23:32 - 2014-04-18 23:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe
2014-04-18 23:30 - 2014-04-18 23:32 - 06063152 _____ (Adobe Systems Incorporated) C:\Users\Pablo\Downloads\ADE_3.0_Installer.exe
2014-04-18 23:26 - 2014-04-18 23:26 - 00000000 ____D () C:\Users\Pablo\Downloads\LivroFilosofiaSeminário
2014-04-18 23:15 - 2014-04-18 23:17 - 04676323 _____ () C:\Users\Pablo\Downloads\LivroFilosofiaSeminário.zip
2014-04-18 23:03 - 2014-04-18 23:03 - 00000000 ____D () C:\Users\Pablo\Desktop\Normatização PUC
2014-04-18 15:01 - 2014-04-18 15:01 - 00237336 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgidsdrivera.sys
2014-04-18 11:06 - 2014-04-18 11:06 - 00000000 ____D () C:\Users\Pablo\Desktop\Guia 09
2014-04-18 10:57 - 2014-04-18 10:57 - 00000000 ____D () C:\Users\Pablo\AppData\Local\CrashRpt
2014-04-14 14:56 - 2014-04-14 14:56 - 00000017 _____ () C:\Users\Pablo\AppData\Local\resmon.resmoncfg
2014-04-14 12:59 - 2014-04-14 12:59 - 00000000 ____D () C:\Users\Pablo\Desktop\AutoCad
2014-04-13 11:30 - 2014-04-13 11:31 - 00000000 ____D () C:\Users\Pablo\Downloads\Guia 09
2014-04-08 23:07 - 2014-04-24 13:10 - 00000000 ____D () C:\Users\Pablo\Desktop\LABORATÓRIO
2014-04-06 11:46 - 2014-04-13 12:49 - 00000000 ____D () C:\Users\Pablo\Documents\Andreza
2014-04-05 20:22 - 2014-04-05 20:23 - 00089361 _____ () C:\Users\Pablo\Downloads\1664d993-3daf-4865-b4d0-6597b379e5cb_1222764_P15_Pablo Ricardo Pereira.zip
2014-04-02 18:36 - 2014-04-02 18:37 - 00000000 ____D () C:\PenClean
2014-04-02 18:29 - 2014-04-13 11:47 - 00002532 _____ () C:\Windows\WindowsUpdate.log
2014-04-02 15:32 - 2014-04-02 15:32 - 00000000 ____D () C:\Users\Pablo\Desktop\EstudarMatemática
==================== One Month Modified Files and Folders =======
2014-05-01 09:36 - 2014-04-30 23:50 - 00021083 _____ () C:\Users\Pablo\Downloads\FRST.txt
2014-05-01 09:36 - 2014-04-30 23:50 - 00000000 ____D () C:\FRST
2014-05-01 09:31 - 2014-05-01 09:31 - 00000872 _____ () C:\Users\Pablo\Downloads\fixlist.txt
2014-05-01 09:25 - 2009-07-14 01:45 - 00016752 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-05-01 09:25 - 2009-07-14 01:45 - 00016752 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-05-01 09:24 - 2014-04-29 10:09 - 00000000 ____D () C:\ProgramData\MFAData
2014-05-01 09:23 - 2014-04-30 22:52 - 00000000 ____D () C:\ProgramData\AVG Security Toolbar
2014-05-01 09:18 - 2014-04-29 12:44 - 00000000 ____D () C:\ProgramData\MCShield
2014-05-01 09:18 - 2014-03-03 15:34 - 00019228 _____ () C:\Windows\setupact.log
2014-05-01 09:18 - 2013-01-05 11:34 - 00000380 _____ () C:\Users\Pablo\AppData\Roaming\sp_data.sys
2014-05-01 09:18 - 2012-07-15 05:32 - 00000828 _____ () C:\Windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job
2014-05-01 09:18 - 2012-03-09 16:29 - 00001078 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-05-01 09:18 - 2009-07-14 02:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-05-01 00:41 - 2014-04-30 10:59 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-05-01 00:41 - 2013-05-27 20:17 - 00000902 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-05-01 00:08 - 2012-03-09 16:29 - 00001082 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-04-30 23:52 - 2014-04-30 23:51 - 00040662 _____ () C:\Users\Pablo\Downloads\Addition.txt
2014-04-30 23:49 - 2014-04-30 23:49 - 02061824 _____ (Farbar) C:\Users\Pablo\Downloads\FRST64.exe
2014-04-30 23:47 - 2014-03-03 15:34 - 00448316 _____ () C:\Windows\PFRO.log
2014-04-30 23:39 - 2014-04-30 23:39 - 00001221 _____ () C:\Users\Pablo\Desktop\ZHPFixReport.txt
2014-04-30 23:39 - 2014-04-29 12:53 - 00000000 ____D () C:\Users\Pablo\AppData\Roaming\ZHP
2014-04-30 23:29 - 2014-04-30 23:29 - 00010357 _____ () C:\Windows\DirectX.log
2014-04-30 23:23 - 2014-04-30 23:23 - 00035770 _____ () C:\Users\Pablo\Desktop\ZHPDiag.txt
2014-04-30 23:21 - 2014-04-29 12:53 - 00000000 ____D () C:\Program Files (x86)\ZHPDiag
2014-04-30 22:49 - 2012-07-15 05:37 - 00002452 _____ () C:\Windows\system32\AutoRunFilter.ini
2014-04-30 15:22 - 2014-03-09 12:58 - 00000000 ____D () C:\SUPERDelete
2014-04-30 15:22 - 2011-02-18 23:06 - 00781268 _____ () C:\Windows\system32\prfh0416.dat
2014-04-30 15:22 - 2011-02-18 23:06 - 00175484 _____ () C:\Windows\system32\prfc0416.dat
2014-04-30 15:22 - 2009-07-14 02:13 - 01846306 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-04-30 14:14 - 2012-07-15 05:32 - 00000830 _____ () C:\Windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job
2014-04-30 11:58 - 2014-04-30 11:58 - 00014309 _____ () C:\Users\Pablo\Desktop\hijackthis.log
2014-04-30 10:59 - 2014-04-30 10:59 - 01141680 _____ () C:\Users\Pablo\Downloads\SteamSetup.exe
2014-04-30 10:59 - 2014-04-30 10:59 - 00000925 _____ () C:\Users\Public\Desktop\Steam.lnk
2014-04-30 10:59 - 2014-04-30 10:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2014-04-30 10:14 - 2014-04-30 10:14 - 00001797 _____ () C:\Users\Pablo\Desktop\JRT.txt
2014-04-30 10:03 - 2014-04-30 10:03 - 00000000 ____D () C:\Windows\ERUNT
2014-04-30 09:59 - 2014-04-30 09:59 - 01016261 _____ (Thisisu) C:\Users\Pablo\Downloads\JRT.exe
2014-04-29 23:10 - 2014-04-29 23:10 - 00012651 _____ () C:\Users\Pablo\Desktop\hijackthisaaa
2014-04-29 22:55 - 2014-04-29 10:22 - 00000000 ____D () C:\ProgramData\AVG2014
2014-04-29 22:54 - 2014-04-29 22:54 - 00000097 _____ () C:\files.log
2014-04-29 22:54 - 2014-04-29 22:46 - 00000070 _____ () C:\folders.log
2014-04-29 22:54 - 2014-04-29 22:46 - 00000000 ____D () C:\zoek
2014-04-29 22:54 - 2014-04-29 22:31 - 00019376 _____ () C:\zoek-results.log
2014-04-29 22:54 - 2014-04-29 22:28 - 00003247 _____ () C:\runcheck.txt
2014-04-29 22:48 - 2014-04-29 22:28 - 00000000 ____D () C:\zoek_backup
2014-04-29 22:28 - 2014-04-29 22:28 - 01285120 _____ () C:\Users\Pablo\Downloads\zoek.exe
2014-04-29 22:25 - 2012-03-09 16:37 - 00000000 ____D () C:\Windows\ar
2014-04-29 17:36 - 2014-02-06 09:26 - 00000000 ____D () C:\Users\Pablo\Documents\Visual Studio 2010
2014-04-29 17:33 - 2014-04-29 17:33 - 00002248 _____ () C:\Users\Pablo\Downloads\980e9f00-52b0-4c9d-b9a3-300581d6daeb_1216132_P9_Pablo Ricardo Pereira (1).zip
2014-04-29 17:29 - 2014-02-23 22:31 - 00000000 ____D () C:\Users\Pablo\Desktop\Lista Reforço
2014-04-29 16:30 - 2014-04-29 16:30 - 00001157 _____ () C:\Users\Pablo\Desktop\aaa.txt
2014-04-29 13:13 - 2014-04-29 13:13 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-04-29 13:13 - 2014-04-29 13:13 - 00001064 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-04-29 13:13 - 2014-04-29 13:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-04-29 13:13 - 2014-04-29 13:13 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-04-29 13:13 - 2014-04-29 13:13 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-04-29 13:12 - 2014-04-29 13:11 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\Pablo\Downloads\mbam-setup-2.0.1.1004.exe
2014-04-29 13:05 - 2014-04-29 13:03 - 00000000 ____D () C:\AdwCleaner
2014-04-29 13:05 - 2013-01-05 11:34 - 00000000 ____D () C:\Users\Pablo
2014-04-29 13:02 - 2014-04-29 13:02 - 01310621 _____ () C:\Users\Pablo\Downloads\AdwCleaner.exe
2014-04-29 12:53 - 2014-04-29 12:53 - 00003170 _____ () C:\Windows\System32\Tasks\{FD1E0C56-4675-4558-AD57-9C5D77DB0A0D}
2014-04-29 12:53 - 2014-04-29 12:53 - 00001949 _____ () C:\Users\Pablo\Desktop\ZHPFix.lnk
2014-04-29 12:53 - 2014-04-29 12:53 - 00001822 _____ () C:\Users\Pablo\Desktop\ZHPDiag.lnk
2014-04-29 12:53 - 2014-04-29 12:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZHP
2014-04-29 12:52 - 2014-04-29 12:51 - 06780391 _____ (Nicolas Coolman ) C:\Users\Pablo\Downloads\ZHPDiag2.exe
2014-04-29 12:48 - 2014-04-29 10:31 - 00014095 _____ () C:\Users\Pablo\Downloads\hijackthis.log
2014-04-29 12:46 - 2014-04-29 12:46 - 00000864 _____ () C:\Users\Pablo\Desktop\MCShield-AllScans.txt
2014-04-29 12:44 - 2014-04-29 12:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MCShield
2014-04-29 12:44 - 2014-04-29 12:44 - 00000000 ____D () C:\Program Files (x86)\MCShield
2014-04-29 12:42 - 2014-04-29 12:42 - 02856736 _____ (MyCity) C:\Users\Pablo\Downloads\MCShield-Setup.exe
2014-04-29 12:32 - 2014-04-29 12:32 - 00013385 _____ () C:\Users\Pablo\Desktop\UsbFix_Report.txt
2014-04-29 12:32 - 2014-04-29 12:30 - 00013385 _____ () C:\UsbFix [Clean 2] PES.txt
2014-04-29 12:32 - 2014-04-29 12:20 - 00000000 ____D () C:\UsbFix
2014-04-29 12:27 - 2014-04-29 12:20 - 00001450 _____ () C:\Users\Pablo\Desktop\UsbFix.lnk
2014-04-29 12:27 - 2012-07-15 05:37 - 00001827 _____ () C:\Windows\system32\ServiceFilter.ini
2014-04-29 12:11 - 2014-04-29 12:10 - 03006996 _____ (El Desaparecido - SosVirus.net - UsbFix.net) C:\Users\Pablo\Downloads\UsbFix.exe
2014-04-29 11:41 - 2014-04-29 10:09 - 00000000 ____D () C:\Users\Pablo\AppData\Local\Avg2014
2014-04-29 10:31 - 2013-01-05 11:34 - 00000000 ____D () C:\Users\Pablo\AppData\Local\VirtualStore
2014-04-29 10:30 - 2014-04-29 10:30 - 00388608 _____ (Trend Micro Inc.) C:\Users\Pablo\Downloads\HijackThis.exe
2014-04-29 10:24 - 2014-04-29 10:24 - 00000000 ____D () C:\Users\Pablo\AppData\Roaming\AVG2014
2014-04-29 10:23 - 2014-04-29 10:23 - 00000985 _____ () C:\Users\Public\Desktop\AVG 2014.lnk
2014-04-29 10:23 - 2014-04-29 10:23 - 00000000 ____D () C:\Users\Pablo\AppData\Roaming\TuneUp Software
2014-04-29 10:23 - 2014-04-29 10:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2014-04-29 10:22 - 2014-04-29 10:22 - 00000000 ____D () C:\Program Files (x86)\AVG
2014-04-29 10:22 - 2014-04-29 10:22 - 00000000 ____D () C:\$AVG
2014-04-29 10:09 - 2014-04-29 10:09 - 04485528 _____ (AVG Technologies) C:\Users\Pablo\Downloads\avg_free_stb_pb_2014_4577_free.exe
2014-04-29 10:09 - 2014-04-29 10:09 - 00000000 ____D () C:\Users\Pablo\AppData\Local\MFAData
2014-04-28 17:27 - 2014-04-27 19:07 - 00000000 ____D () C:\Users\Pablo\Desktop\FILSOFIA
2014-04-27 16:19 - 2012-03-09 16:52 - 00000286 __RSH () C:\ProgramData\ntuser.pol
2014-04-26 19:10 - 2014-04-26 18:38 - 00000000 ____D () C:\Users\Pablo\AppData\Roaming\klavaro
2014-04-26 18:38 - 2014-04-26 18:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Klavaro
2014-04-26 16:57 - 2013-01-06 14:46 - 00000000 ____D () C:\Users\Pablo\AppData\Roaming\vlc
2014-04-26 15:27 - 2014-03-31 15:24 - 00000000 ____D () C:\Users\Pablo\Desktop\Documentos Para Rever
2014-04-24 23:13 - 2014-04-24 22:48 - 00000000 ____D () C:\xti
2014-04-24 22:42 - 2014-04-24 22:42 - 00001073 _____ () C:\Users\Pablo\Desktop\Notepad++.lnk
2014-04-24 22:42 - 2014-04-24 22:41 - 00000000 ____D () C:\Users\Pablo\AppData\Roaming\Notepad++
2014-04-24 22:41 - 2014-04-24 22:41 - 00000000 ____D () C:\Users\Pablo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Notepad++
2014-04-24 22:41 - 2014-04-24 22:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++
2014-04-24 22:41 - 2014-04-24 22:41 - 00000000 ____D () C:\Program Files (x86)\Notepad++
2014-04-24 21:00 - 2014-04-26 21:53 - 00003009 _____ () C:\Users\Pablo\Desktop\exercicio.txt
2014-04-24 21:00 - 2014-04-26 21:53 - 00001105 _____ () C:\Users\Pablo\Desktop\774590_Aula%20220414%20Enunciado%20noite.txt
2014-04-24 13:10 - 2014-04-08 23:07 - 00000000 ____D () C:\Users\Pablo\Desktop\LABORATÓRIO
2014-04-24 10:23 - 2014-04-24 10:05 - 00000000 ____D () C:\Users\Pablo\Desktop\JAVA
2014-04-24 10:09 - 2014-04-24 10:09 - 00313256 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-04-24 10:09 - 2014-04-24 10:09 - 00191400 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2014-04-24 10:09 - 2014-04-24 10:09 - 00190888 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2014-04-24 10:09 - 2014-04-24 10:09 - 00111016 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2014-04-24 10:09 - 2014-04-24 10:08 - 00000000 ____D () C:\Program Files\Java
2014-04-24 10:08 - 2013-11-12 22:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java Development Kit
2014-04-24 10:08 - 2013-11-12 22:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-04-23 22:39 - 2013-01-05 11:34 - 00140856 _____ () C:\Users\Pablo\AppData\Local\GDIPFONTCACHEV1.DAT
2014-04-23 22:37 - 2009-07-14 01:45 - 00480680 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-04-21 20:11 - 2013-03-15 12:02 - 00000000 ____D () C:\Users\Pablo\Documents\Pablo
2014-04-20 14:07 - 2014-04-20 14:07 - 00002248 _____ () C:\Users\Pablo\Downloads\980e9f00-52b0-4c9d-b9a3-300581d6daeb_1216132_P9_Pablo Ricardo Pereira.zip
2014-04-18 23:35 - 2013-01-06 18:51 - 00000000 ____D () C:\Users\Pablo\Desktop\Programas
2014-04-18 23:32 - 2014-04-18 23:32 - 00002186 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Digital Editions 3.0.lnk
2014-04-18 23:32 - 2014-04-18 23:32 - 00000000 ____D () C:\Users\Pablo\Documents\My Digital Editions
2014-04-18 23:32 - 2014-04-18 23:32 - 00000000 ____D () C:\Users\Pablo\AppData\Local\Adobe_Systems_Incorporate
2014-04-18 23:32 - 2014-04-18 23:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe
2014-04-18 23:32 - 2014-04-18 23:30 - 06063152 _____ (Adobe Systems Incorporated) C:\Users\Pablo\Downloads\ADE_3.0_Installer.exe
2014-04-18 23:32 - 2012-03-09 16:29 - 00000000 ____D () C:\Program Files (x86)\Adobe
2014-04-18 23:26 - 2014-04-18 23:26 - 00000000 ____D () C:\Users\Pablo\Downloads\LivroFilosofiaSeminário
2014-04-18 23:17 - 2014-04-18 23:15 - 04676323 _____ () C:\Users\Pablo\Downloads\LivroFilosofiaSeminário.zip
2014-04-18 23:03 - 2014-04-18 23:03 - 00000000 ____D () C:\Users\Pablo\Desktop\Normatização PUC
2014-04-18 15:01 - 2014-04-18 15:01 - 00237336 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgidsdrivera.sys
2014-04-18 11:26 - 2013-10-30 23:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2014-04-18 11:06 - 2014-04-18 11:06 - 00000000 ____D () C:\Users\Pablo\Desktop\Guia 09
2014-04-18 10:57 - 2014-04-18 10:57 - 00000000 ____D () C:\Users\Pablo\AppData\Local\CrashRpt
2014-04-15 13:07 - 2009-07-14 02:08 - 00032608 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-04-14 15:23 - 2014-02-06 09:14 - 00000000 ____D () C:\Users\Pablo\Desktop\Estudo
2014-04-14 14:56 - 2014-04-14 14:56 - 00000017 _____ () C:\Users\Pablo\AppData\Local\resmon.resmoncfg
2014-04-14 12:59 - 2014-04-14 12:59 - 00000000 ____D () C:\Users\Pablo\Desktop\AutoCad
2014-04-13 12:49 - 2014-04-06 11:46 - 00000000 ____D () C:\Users\Pablo\Documents\Andreza
2014-04-13 11:47 - 2014-04-02 18:29 - 00002532 _____ () C:\Windows\WindowsUpdate.log
2014-04-13 11:31 - 2014-04-13 11:30 - 00000000 ____D () C:\Users\Pablo\Downloads\Guia 09
2014-04-05 20:23 - 2014-04-05 20:22 - 00089361 _____ () C:\Users\Pablo\Downloads\1664d993-3daf-4865-b4d0-6597b379e5cb_1222764_P15_Pablo Ricardo Pereira.zip
2014-04-03 14:30 - 2009-07-14 00:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-04-03 09:51 - 2014-04-29 13:13 - 00088280 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-04-03 09:51 - 2014-04-29 13:13 - 00063192 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-04-03 09:50 - 2014-04-29 13:13 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-04-02 18:37 - 2014-04-02 18:36 - 00000000 ____D () C:\PenClean
2014-04-02 18:29 - 2009-07-14 00:20 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2014-04-02 15:32 - 2014-04-02 15:32 - 00000000 ____D () C:\Users\Pablo\Desktop\EstudarMatemática
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2014-04-29 11:11
==================== End Of Log ============================
2014-04-30 23:29 - 2007-03-05 12:42 - 00015128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_1.dll
2014-04-30 23:29 - 2007-01-24 15:27 - 00393576 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_6.dll
2014-04-30 23:29 - 2007-01-24 15:27 - 00255848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_6.dll
2014-04-30 23:29 - 2006-12-08 12:02 - 00251672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_5.dll
2014-04-30 23:29 - 2006-12-08 12:00 - 00390424 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_5.dll
2014-04-30 23:29 - 2006-11-29 13:06 - 00469264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10.dll
2014-04-30 23:29 - 2006-11-29 13:06 - 00440080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10.dll
2014-04-30 23:29 - 2006-09-28 16:05 - 03977496 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_31.dll
2014-04-30 23:29 - 2006-09-28 16:05 - 02414360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_31.dll
2014-04-30 23:29 - 2006-09-28 16:05 - 00237848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_4.dll
2014-04-30 23:29 - 2006-09-28 16:04 - 00364824 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_4.dll
2014-04-30 23:29 - 2006-07-28 09:31 - 00083736 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_2.dll
2014-04-30 23:29 - 2006-07-28 09:30 - 00363288 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_3.dll
2014-04-30 23:29 - 2006-07-28 09:30 - 00236824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_3.dll
2014-04-30 23:29 - 2006-07-28 09:30 - 00062744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_2.dll
2014-04-30 23:29 - 2006-05-31 07:24 - 00230168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_2.dll
2014-04-30 23:29 - 2006-05-31 07:22 - 00354072 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_2.dll
2014-04-30 23:29 - 2006-03-31 12:40 - 00352464 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_1.dll
2014-04-30 23:29 - 2006-03-31 12:39 - 00229584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_1.dll
2014-04-30 23:29 - 2006-03-31 12:39 - 00083664 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_1.dll
2014-04-30 23:29 - 2006-03-31 12:39 - 00062672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_1.dll
2014-04-30 23:29 - 2006-02-03 08:43 - 03830992 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_29.dll
2014-04-30 23:29 - 2006-02-03 08:43 - 02332368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_29.dll
2014-04-30 23:29 - 2006-02-03 08:42 - 00355536 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_0.dll
2014-04-30 23:29 - 2006-02-03 08:42 - 00230096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_0.dll
2014-04-30 23:29 - 2006-02-03 08:41 - 00016592 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_0.dll
2014-04-30 23:29 - 2006-02-03 08:41 - 00014032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_0.dll
2014-04-30 23:29 - 2005-12-05 18:09 - 03815120 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_28.dll
2014-04-30 23:29 - 2005-12-05 18:09 - 02323664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_28.dll
2014-04-30 23:29 - 2005-07-22 19:59 - 03807440 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_27.dll
2014-04-30 23:29 - 2005-07-22 19:59 - 02319568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_27.dll
2014-04-30 23:29 - 2005-05-26 15:34 - 03767504 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_26.dll
2014-04-30 23:29 - 2005-05-26 15:34 - 02297552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_26.dll
2014-04-30 23:29 - 2005-03-18 17:19 - 03823312 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_25.dll
2014-04-30 23:29 - 2005-03-18 17:19 - 02337488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_25.dll
2014-04-30 23:29 - 2005-02-05 19:45 - 03544272 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_24.dll
2014-04-30 23:29 - 2005-02-05 19:45 - 02222800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_24.dll
2014-04-30 23:23 - 2014-04-30 23:23 - 00035770 _____ () C:\Users\Pablo\Desktop\ZHPDiag.txt
2014-04-30 22:52 - 2014-05-01 09:23 - 00000000 ____D () C:\ProgramData\AVG Security Toolbar
2014-04-30 11:58 - 2014-04-30 11:58 - 00014309 _____ () C:\Users\Pablo\Desktop\hijackthis.log
2014-04-30 10:59 - 2014-05-01 00:41 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-04-30 10:59 - 2014-04-30 10:59 - 01141680 _____ () C:\Users\Pablo\Downloads\SteamSetup.exe
2014-04-30 10:59 - 2014-04-30 10:59 - 00000925 _____ () C:\Users\Public\Desktop\Steam.lnk
2014-04-30 10:59 - 2014-04-30 10:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2014-04-30 10:14 - 2014-04-30 10:14 - 00001797 _____ () C:\Users\Pablo\Desktop\JRT.txt
2014-04-30 10:03 - 2014-04-30 10:03 - 00000000 ____D () C:\Windows\ERUNT
2014-04-30 09:59 - 2014-04-30 09:59 - 01016261 _____ (Thisisu) C:\Users\Pablo\Downloads\JRT.exe
2014-04-29 23:10 - 2014-04-29 23:10 - 00012651 _____ () C:\Users\Pablo\Desktop\hijackthisaaa
2014-04-29 22:54 - 2014-04-29 22:54 - 00000097 _____ () C:\files.log
2014-04-29 22:46 - 2014-04-29 22:54 - 00000070 _____ () C:\folders.log
2014-04-29 22:46 - 2014-04-29 22:54 - 00000000 ____D () C:\zoek
2014-04-29 22:31 - 2014-04-29 22:54 - 00019376 _____ () C:\zoek-results.log
2014-04-29 22:28 - 2014-04-29 22:54 - 00003247 _____ () C:\runcheck.txt
2014-04-29 22:28 - 2014-04-29 22:48 - 00000000 ____D () C:\zoek_backup
2014-04-29 22:28 - 2014-04-29 22:28 - 01285120 _____ () C:\Users\Pablo\Downloads\zoek.exe
2014-04-29 17:33 - 2014-04-29 17:33 - 00002248 _____ () C:\Users\Pablo\Downloads\980e9f00-52b0-4c9d-b9a3-300581d6daeb_1216132_P9_Pablo Ricardo Pereira (1).zip
2014-04-29 16:30 - 2014-04-29 16:30 - 00001157 _____ () C:\Users\Pablo\Desktop\aaa.txt
2014-04-29 13:13 - 2014-04-29 13:13 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-04-29 13:13 - 2014-04-29 13:13 - 00001064 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-04-29 13:13 - 2014-04-29 13:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-04-29 13:13 - 2014-04-29 13:13 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-04-29 13:13 - 2014-04-29 13:13 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-04-29 13:13 - 2014-04-03 09:51 - 00088280 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-04-29 13:13 - 2014-04-03 09:51 - 00063192 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-04-29 13:13 - 2014-04-03 09:50 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-04-29 13:11 - 2014-04-29 13:12 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\Pablo\Downloads\mbam-setup-2.0.1.1004.exe
2014-04-29 13:04 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
2014-04-29 13:03 - 2014-04-29 13:05 - 00000000 ____D () C:\AdwCleaner
2014-04-29 13:02 - 2014-04-29 13:02 - 01310621 _____ () C:\Users\Pablo\Downloads\AdwCleaner.exe
2014-04-29 12:53 - 2014-04-30 23:39 - 00000000 ____D () C:\Users\Pablo\AppData\Roaming\ZHP
2014-04-29 12:53 - 2014-04-30 23:21 - 00000000 ____D () C:\Program Files (x86)\ZHPDiag
2014-04-29 12:53 - 2014-04-29 12:53 - 00003170 _____ () C:\Windows\System32\Tasks\{FD1E0C56-4675-4558-AD57-9C5D77DB0A0D}
2014-04-29 12:53 - 2014-04-29 12:53 - 00001949 _____ () C:\Users\Pablo\Desktop\ZHPFix.lnk
2014-04-29 12:53 - 2014-04-29 12:53 - 00001822 _____ () C:\Users\Pablo\Desktop\ZHPDiag.lnk
2014-04-29 12:53 - 2014-04-29 12:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZHP
2014-04-29 12:51 - 2014-04-29 12:52 - 06780391 _____ (Nicolas Coolman ) C:\Users\Pablo\Downloads\ZHPDiag2.exe
2014-04-29 12:46 - 2014-04-29 12:46 - 00000864 _____ () C:\Users\Pablo\Desktop\MCShield-AllScans.txt
2014-04-29 12:44 - 2014-05-01 09:18 - 00000000 ____D () C:\ProgramData\MCShield
2014-04-29 12:44 - 2014-04-29 12:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MCShield
2014-04-29 12:44 - 2014-04-29 12:44 - 00000000 ____D () C:\Program Files (x86)\MCShield
2014-04-29 12:42 - 2014-04-29 12:42 - 02856736 _____ (MyCity) C:\Users\Pablo\Downloads\MCShield-Setup.exe
2014-04-29 12:32 - 2014-04-29 12:32 - 00013385 _____ () C:\Users\Pablo\Desktop\UsbFix_Report.txt
2014-04-29 12:30 - 2014-04-29 12:32 - 00013385 _____ () C:\UsbFix [Clean 2] PES.txt
2014-04-29 12:20 - 2014-04-29 12:32 - 00000000 ____D () C:\UsbFix
2014-04-29 12:20 - 2014-04-29 12:27 - 00001450 _____ () C:\Users\Pablo\Desktop\UsbFix.lnk
2014-04-29 12:10 - 2014-04-29 12:11 - 03006996 _____ (El Desaparecido - SosVirus.net - UsbFix.net) C:\Users\Pablo\Downloads\UsbFix.exe
2014-04-29 10:31 - 2014-04-29 12:48 - 00014095 _____ () C:\Users\Pablo\Downloads\hijackthis.log
2014-04-29 10:30 - 2014-04-29 10:30 - 00388608 _____ (Trend Micro Inc.) C:\Users\Pablo\Downloads\HijackThis.exe
2014-04-29 10:24 - 2014-04-29 10:24 - 00000000 ____D () C:\Users\Pablo\AppData\Roaming\AVG2014
2014-04-29 10:23 - 2014-04-29 10:23 - 00000985 _____ () C:\Users\Public\Desktop\AVG 2014.lnk
2014-04-29 10:23 - 2014-04-29 10:23 - 00000000 ____D () C:\Users\Pablo\AppData\Roaming\TuneUp Software
2014-04-29 10:23 - 2014-04-29 10:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2014-04-29 10:22 - 2014-04-29 22:55 - 00000000 ____D () C:\ProgramData\AVG2014
2014-04-29 10:22 - 2014-04-29 10:22 - 00000000 ____D () C:\Program Files (x86)\AVG
2014-04-29 10:22 - 2014-04-29 10:22 - 00000000 ____D () C:\$AVG
2014-04-29 10:09 - 2014-05-01 09:24 - 00000000 ____D () C:\ProgramData\MFAData
2014-04-29 10:09 - 2014-04-29 11:41 - 00000000 ____D () C:\Users\Pablo\AppData\Local\Avg2014
2014-04-29 10:09 - 2014-04-29 10:09 - 04485528 _____ (AVG Technologies) C:\Users\Pablo\Downloads\avg_free_stb_pb_2014_4577_free.exe
2014-04-29 10:09 - 2014-04-29 10:09 - 00000000 ____D () C:\Users\Pablo\AppData\Local\MFAData
2014-04-27 19:07 - 2014-04-28 17:27 - 00000000 ____D () C:\Users\Pablo\Desktop\FILSOFIA
2014-04-26 21:53 - 2014-04-24 21:00 - 00003009 _____ () C:\Users\Pablo\Desktop\exercicio.txt
2014-04-26 21:53 - 2014-04-24 21:00 - 00001105 _____ () C:\Users\Pablo\Desktop\774590_Aula%20220414%20Enunciado%20noite.txt
2014-04-26 18:38 - 2014-04-26 19:10 - 00000000 ____D () C:\Users\Pablo\AppData\Roaming\klavaro
2014-04-26 18:38 - 2014-04-26 18:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Klavaro
2014-04-24 22:48 - 2014-04-24 23:13 - 00000000 ____D () C:\xti
2014-04-24 22:42 - 2014-04-24 22:42 - 00001073 _____ () C:\Users\Pablo\Desktop\Notepad++.lnk
2014-04-24 22:41 - 2014-04-24 22:42 - 00000000 ____D () C:\Users\Pablo\AppData\Roaming\Notepad++
2014-04-24 22:41 - 2014-04-24 22:41 - 00000000 ____D () C:\Users\Pablo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Notepad++
2014-04-24 22:41 - 2014-04-24 22:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++
2014-04-24 22:41 - 2014-04-24 22:41 - 00000000 ____D () C:\Program Files (x86)\Notepad++
2014-04-24 10:09 - 2014-04-24 10:09 - 00313256 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-04-24 10:09 - 2014-04-24 10:09 - 00191400 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2014-04-24 10:09 - 2014-04-24 10:09 - 00190888 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2014-04-24 10:09 - 2014-04-24 10:09 - 00111016 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2014-04-24 10:08 - 2014-04-24 10:09 - 00000000 ____D () C:\Program Files\Java
2014-04-24 10:05 - 2014-04-24 10:23 - 00000000 ____D () C:\Users\Pablo\Desktop\JAVA
2014-04-20 14:07 - 2014-04-20 14:07 - 00002248 _____ () C:\Users\Pablo\Downloads\980e9f00-52b0-4c9d-b9a3-300581d6daeb_1216132_P9_Pablo Ricardo Pereira.zip
2014-04-18 23:32 - 2014-04-18 23:32 - 00002186 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Digital Editions 3.0.lnk
2014-04-18 23:32 - 2014-04-18 23:32 - 00000000 ____D () C:\Users\Pablo\Documents\My Digital Editions
2014-04-18 23:32 - 2014-04-18 23:32 - 00000000 ____D () C:\Users\Pablo\AppData\Local\Adobe_Systems_Incorporate
2014-04-18 23:32 - 2014-04-18 23:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe
2014-04-18 23:30 - 2014-04-18 23:32 - 06063152 _____ (Adobe Systems Incorporated) C:\Users\Pablo\Downloads\ADE_3.0_Installer.exe
2014-04-18 23:26 - 2014-04-18 23:26 - 00000000 ____D () C:\Users\Pablo\Downloads\LivroFilosofiaSeminário
2014-04-18 23:15 - 2014-04-18 23:17 - 04676323 _____ () C:\Users\Pablo\Downloads\LivroFilosofiaSeminário.zip
2014-04-18 23:03 - 2014-04-18 23:03 - 00000000 ____D () C:\Users\Pablo\Desktop\Normatização PUC
2014-04-18 15:01 - 2014-04-18 15:01 - 00237336 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgidsdrivera.sys
2014-04-18 11:06 - 2014-04-18 11:06 - 00000000 ____D () C:\Users\Pablo\Desktop\Guia 09
2014-04-18 10:57 - 2014-04-18 10:57 - 00000000 ____D () C:\Users\Pablo\AppData\Local\CrashRpt
2014-04-14 14:56 - 2014-04-14 14:56 - 00000017 _____ () C:\Users\Pablo\AppData\Local\resmon.resmoncfg
2014-04-14 12:59 - 2014-04-14 12:59 - 00000000 ____D () C:\Users\Pablo\Desktop\AutoCad
2014-04-13 11:30 - 2014-04-13 11:31 - 00000000 ____D () C:\Users\Pablo\Downloads\Guia 09
2014-04-08 23:07 - 2014-04-24 13:10 - 00000000 ____D () C:\Users\Pablo\Desktop\LABORATÓRIO
2014-04-06 11:46 - 2014-04-13 12:49 - 00000000 ____D () C:\Users\Pablo\Documents\Andreza
2014-04-05 20:22 - 2014-04-05 20:23 - 00089361 _____ () C:\Users\Pablo\Downloads\1664d993-3daf-4865-b4d0-6597b379e5cb_1222764_P15_Pablo Ricardo Pereira.zip
2014-04-02 18:36 - 2014-04-02 18:37 - 00000000 ____D () C:\PenClean
2014-04-02 18:29 - 2014-04-13 11:47 - 00002532 _____ () C:\Windows\WindowsUpdate.log
2014-04-02 15:32 - 2014-04-02 15:32 - 00000000 ____D () C:\Users\Pablo\Desktop\EstudarMatemática
==================== One Month Modified Files and Folders =======
2014-05-01 09:36 - 2014-04-30 23:50 - 00021083 _____ () C:\Users\Pablo\Downloads\FRST.txt
2014-05-01 09:36 - 2014-04-30 23:50 - 00000000 ____D () C:\FRST
2014-05-01 09:31 - 2014-05-01 09:31 - 00000872 _____ () C:\Users\Pablo\Downloads\fixlist.txt
2014-05-01 09:25 - 2009-07-14 01:45 - 00016752 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-05-01 09:25 - 2009-07-14 01:45 - 00016752 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-05-01 09:24 - 2014-04-29 10:09 - 00000000 ____D () C:\ProgramData\MFAData
2014-05-01 09:23 - 2014-04-30 22:52 - 00000000 ____D () C:\ProgramData\AVG Security Toolbar
2014-05-01 09:18 - 2014-04-29 12:44 - 00000000 ____D () C:\ProgramData\MCShield
2014-05-01 09:18 - 2014-03-03 15:34 - 00019228 _____ () C:\Windows\setupact.log
2014-05-01 09:18 - 2013-01-05 11:34 - 00000380 _____ () C:\Users\Pablo\AppData\Roaming\sp_data.sys
2014-05-01 09:18 - 2012-07-15 05:32 - 00000828 _____ () C:\Windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job
2014-05-01 09:18 - 2012-03-09 16:29 - 00001078 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-05-01 09:18 - 2009-07-14 02:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-05-01 00:41 - 2014-04-30 10:59 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-05-01 00:41 - 2013-05-27 20:17 - 00000902 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-05-01 00:08 - 2012-03-09 16:29 - 00001082 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-04-30 23:52 - 2014-04-30 23:51 - 00040662 _____ () C:\Users\Pablo\Downloads\Addition.txt
2014-04-30 23:49 - 2014-04-30 23:49 - 02061824 _____ (Farbar) C:\Users\Pablo\Downloads\FRST64.exe
2014-04-30 23:47 - 2014-03-03 15:34 - 00448316 _____ () C:\Windows\PFRO.log
2014-04-30 23:39 - 2014-04-30 23:39 - 00001221 _____ () C:\Users\Pablo\Desktop\ZHPFixReport.txt
2014-04-30 23:39 - 2014-04-29 12:53 - 00000000 ____D () C:\Users\Pablo\AppData\Roaming\ZHP
2014-04-30 23:29 - 2014-04-30 23:29 - 00010357 _____ () C:\Windows\DirectX.log
2014-04-30 23:23 - 2014-04-30 23:23 - 00035770 _____ () C:\Users\Pablo\Desktop\ZHPDiag.txt
2014-04-30 23:21 - 2014-04-29 12:53 - 00000000 ____D () C:\Program Files (x86)\ZHPDiag
2014-04-30 22:49 - 2012-07-15 05:37 - 00002452 _____ () C:\Windows\system32\AutoRunFilter.ini
2014-04-30 15:22 - 2014-03-09 12:58 - 00000000 ____D () C:\SUPERDelete
2014-04-30 15:22 - 2011-02-18 23:06 - 00781268 _____ () C:\Windows\system32\prfh0416.dat
2014-04-30 15:22 - 2011-02-18 23:06 - 00175484 _____ () C:\Windows\system32\prfc0416.dat
2014-04-30 15:22 - 2009-07-14 02:13 - 01846306 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-04-30 14:14 - 2012-07-15 05:32 - 00000830 _____ () C:\Windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job
2014-04-30 11:58 - 2014-04-30 11:58 - 00014309 _____ () C:\Users\Pablo\Desktop\hijackthis.log
2014-04-30 10:59 - 2014-04-30 10:59 - 01141680 _____ () C:\Users\Pablo\Downloads\SteamSetup.exe
2014-04-30 10:59 - 2014-04-30 10:59 - 00000925 _____ () C:\Users\Public\Desktop\Steam.lnk
2014-04-30 10:59 - 2014-04-30 10:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2014-04-30 10:14 - 2014-04-30 10:14 - 00001797 _____ () C:\Users\Pablo\Desktop\JRT.txt
2014-04-30 10:03 - 2014-04-30 10:03 - 00000000 ____D () C:\Windows\ERUNT
2014-04-30 09:59 - 2014-04-30 09:59 - 01016261 _____ (Thisisu) C:\Users\Pablo\Downloads\JRT.exe
2014-04-29 23:10 - 2014-04-29 23:10 - 00012651 _____ () C:\Users\Pablo\Desktop\hijackthisaaa
2014-04-29 22:55 - 2014-04-29 10:22 - 00000000 ____D () C:\ProgramData\AVG2014
2014-04-29 22:54 - 2014-04-29 22:54 - 00000097 _____ () C:\files.log
2014-04-29 22:54 - 2014-04-29 22:46 - 00000070 _____ () C:\folders.log
2014-04-29 22:54 - 2014-04-29 22:46 - 00000000 ____D () C:\zoek
2014-04-29 22:54 - 2014-04-29 22:31 - 00019376 _____ () C:\zoek-results.log
2014-04-29 22:54 - 2014-04-29 22:28 - 00003247 _____ () C:\runcheck.txt
2014-04-29 22:48 - 2014-04-29 22:28 - 00000000 ____D () C:\zoek_backup
2014-04-29 22:28 - 2014-04-29 22:28 - 01285120 _____ () C:\Users\Pablo\Downloads\zoek.exe
2014-04-29 22:25 - 2012-03-09 16:37 - 00000000 ____D () C:\Windows\ar
2014-04-29 17:36 - 2014-02-06 09:26 - 00000000 ____D () C:\Users\Pablo\Documents\Visual Studio 2010
2014-04-29 17:33 - 2014-04-29 17:33 - 00002248 _____ () C:\Users\Pablo\Downloads\980e9f00-52b0-4c9d-b9a3-300581d6daeb_1216132_P9_Pablo Ricardo Pereira (1).zip
2014-04-29 17:29 - 2014-02-23 22:31 - 00000000 ____D () C:\Users\Pablo\Desktop\Lista Reforço
2014-04-29 16:30 - 2014-04-29 16:30 - 00001157 _____ () C:\Users\Pablo\Desktop\aaa.txt
2014-04-29 13:13 - 2014-04-29 13:13 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-04-29 13:13 - 2014-04-29 13:13 - 00001064 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-04-29 13:13 - 2014-04-29 13:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-04-29 13:13 - 2014-04-29 13:13 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-04-29 13:13 - 2014-04-29 13:13 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-04-29 13:12 - 2014-04-29 13:11 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\Pablo\Downloads\mbam-setup-2.0.1.1004.exe
2014-04-29 13:05 - 2014-04-29 13:03 - 00000000 ____D () C:\AdwCleaner
2014-04-29 13:05 - 2013-01-05 11:34 - 00000000 ____D () C:\Users\Pablo
2014-04-29 13:02 - 2014-04-29 13:02 - 01310621 _____ () C:\Users\Pablo\Downloads\AdwCleaner.exe
2014-04-29 12:53 - 2014-04-29 12:53 - 00003170 _____ () C:\Windows\System32\Tasks\{FD1E0C56-4675-4558-AD57-9C5D77DB0A0D}
2014-04-29 12:53 - 2014-04-29 12:53 - 00001949 _____ () C:\Users\Pablo\Desktop\ZHPFix.lnk
2014-04-29 12:53 - 2014-04-29 12:53 - 00001822 _____ () C:\Users\Pablo\Desktop\ZHPDiag.lnk
2014-04-29 12:53 - 2014-04-29 12:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZHP
2014-04-29 12:52 - 2014-04-29 12:51 - 06780391 _____ (Nicolas Coolman ) C:\Users\Pablo\Downloads\ZHPDiag2.exe
2014-04-29 12:48 - 2014-04-29 10:31 - 00014095 _____ () C:\Users\Pablo\Downloads\hijackthis.log
2014-04-29 12:46 - 2014-04-29 12:46 - 00000864 _____ () C:\Users\Pablo\Desktop\MCShield-AllScans.txt
2014-04-29 12:44 - 2014-04-29 12:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MCShield
2014-04-29 12:44 - 2014-04-29 12:44 - 00000000 ____D () C:\Program Files (x86)\MCShield
2014-04-29 12:42 - 2014-04-29 12:42 - 02856736 _____ (MyCity) C:\Users\Pablo\Downloads\MCShield-Setup.exe
2014-04-29 12:32 - 2014-04-29 12:32 - 00013385 _____ () C:\Users\Pablo\Desktop\UsbFix_Report.txt
2014-04-29 12:32 - 2014-04-29 12:30 - 00013385 _____ () C:\UsbFix [Clean 2] PES.txt
2014-04-29 12:32 - 2014-04-29 12:20 - 00000000 ____D () C:\UsbFix
2014-04-29 12:27 - 2014-04-29 12:20 - 00001450 _____ () C:\Users\Pablo\Desktop\UsbFix.lnk
2014-04-29 12:27 - 2012-07-15 05:37 - 00001827 _____ () C:\Windows\system32\ServiceFilter.ini
2014-04-29 12:11 - 2014-04-29 12:10 - 03006996 _____ (El Desaparecido - SosVirus.net - UsbFix.net) C:\Users\Pablo\Downloads\UsbFix.exe
2014-04-29 11:41 - 2014-04-29 10:09 - 00000000 ____D () C:\Users\Pablo\AppData\Local\Avg2014
2014-04-29 10:31 - 2013-01-05 11:34 - 00000000 ____D () C:\Users\Pablo\AppData\Local\VirtualStore
2014-04-29 10:30 - 2014-04-29 10:30 - 00388608 _____ (Trend Micro Inc.) C:\Users\Pablo\Downloads\HijackThis.exe
2014-04-29 10:24 - 2014-04-29 10:24 - 00000000 ____D () C:\Users\Pablo\AppData\Roaming\AVG2014
2014-04-29 10:23 - 2014-04-29 10:23 - 00000985 _____ () C:\Users\Public\Desktop\AVG 2014.lnk
2014-04-29 10:23 - 2014-04-29 10:23 - 00000000 ____D () C:\Users\Pablo\AppData\Roaming\TuneUp Software
2014-04-29 10:23 - 2014-04-29 10:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2014-04-29 10:22 - 2014-04-29 10:22 - 00000000 ____D () C:\Program Files (x86)\AVG
2014-04-29 10:22 - 2014-04-29 10:22 - 00000000 ____D () C:\$AVG
2014-04-29 10:09 - 2014-04-29 10:09 - 04485528 _____ (AVG Technologies) C:\Users\Pablo\Downloads\avg_free_stb_pb_2014_4577_free.exe
2014-04-29 10:09 - 2014-04-29 10:09 - 00000000 ____D () C:\Users\Pablo\AppData\Local\MFAData
2014-04-28 17:27 - 2014-04-27 19:07 - 00000000 ____D () C:\Users\Pablo\Desktop\FILSOFIA
2014-04-27 16:19 - 2012-03-09 16:52 - 00000286 __RSH () C:\ProgramData\ntuser.pol
2014-04-26 19:10 - 2014-04-26 18:38 - 00000000 ____D () C:\Users\Pablo\AppData\Roaming\klavaro
2014-04-26 18:38 - 2014-04-26 18:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Klavaro
2014-04-26 16:57 - 2013-01-06 14:46 - 00000000 ____D () C:\Users\Pablo\AppData\Roaming\vlc
2014-04-26 15:27 - 2014-03-31 15:24 - 00000000 ____D () C:\Users\Pablo\Desktop\Documentos Para Rever
2014-04-24 23:13 - 2014-04-24 22:48 - 00000000 ____D () C:\xti
2014-04-24 22:42 - 2014-04-24 22:42 - 00001073 _____ () C:\Users\Pablo\Desktop\Notepad++.lnk
2014-04-24 22:42 - 2014-04-24 22:41 - 00000000 ____D () C:\Users\Pablo\AppData\Roaming\Notepad++
2014-04-24 22:41 - 2014-04-24 22:41 - 00000000 ____D () C:\Users\Pablo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Notepad++
2014-04-24 22:41 - 2014-04-24 22:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++
2014-04-24 22:41 - 2014-04-24 22:41 - 00000000 ____D () C:\Program Files (x86)\Notepad++
2014-04-24 21:00 - 2014-04-26 21:53 - 00003009 _____ () C:\Users\Pablo\Desktop\exercicio.txt
2014-04-24 21:00 - 2014-04-26 21:53 - 00001105 _____ () C:\Users\Pablo\Desktop\774590_Aula%20220414%20Enunciado%20noite.txt
2014-04-24 13:10 - 2014-04-08 23:07 - 00000000 ____D () C:\Users\Pablo\Desktop\LABORATÓRIO
2014-04-24 10:23 - 2014-04-24 10:05 - 00000000 ____D () C:\Users\Pablo\Desktop\JAVA
2014-04-24 10:09 - 2014-04-24 10:09 - 00313256 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-04-24 10:09 - 2014-04-24 10:09 - 00191400 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2014-04-24 10:09 - 2014-04-24 10:09 - 00190888 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2014-04-24 10:09 - 2014-04-24 10:09 - 00111016 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2014-04-24 10:09 - 2014-04-24 10:08 - 00000000 ____D () C:\Program Files\Java
2014-04-24 10:08 - 2013-11-12 22:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java Development Kit
2014-04-24 10:08 - 2013-11-12 22:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-04-23 22:39 - 2013-01-05 11:34 - 00140856 _____ () C:\Users\Pablo\AppData\Local\GDIPFONTCACHEV1.DAT
2014-04-23 22:37 - 2009-07-14 01:45 - 00480680 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-04-21 20:11 - 2013-03-15 12:02 - 00000000 ____D () C:\Users\Pablo\Documents\Pablo
2014-04-20 14:07 - 2014-04-20 14:07 - 00002248 _____ () C:\Users\Pablo\Downloads\980e9f00-52b0-4c9d-b9a3-300581d6daeb_1216132_P9_Pablo Ricardo Pereira.zip
2014-04-18 23:35 - 2013-01-06 18:51 - 00000000 ____D () C:\Users\Pablo\Desktop\Programas
2014-04-18 23:32 - 2014-04-18 23:32 - 00002186 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Digital Editions 3.0.lnk
2014-04-18 23:32 - 2014-04-18 23:32 - 00000000 ____D () C:\Users\Pablo\Documents\My Digital Editions
2014-04-18 23:32 - 2014-04-18 23:32 - 00000000 ____D () C:\Users\Pablo\AppData\Local\Adobe_Systems_Incorporate
2014-04-18 23:32 - 2014-04-18 23:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe
2014-04-18 23:32 - 2014-04-18 23:30 - 06063152 _____ (Adobe Systems Incorporated) C:\Users\Pablo\Downloads\ADE_3.0_Installer.exe
2014-04-18 23:32 - 2012-03-09 16:29 - 00000000 ____D () C:\Program Files (x86)\Adobe
2014-04-18 23:26 - 2014-04-18 23:26 - 00000000 ____D () C:\Users\Pablo\Downloads\LivroFilosofiaSeminário
2014-04-18 23:17 - 2014-04-18 23:15 - 04676323 _____ () C:\Users\Pablo\Downloads\LivroFilosofiaSeminário.zip
2014-04-18 23:03 - 2014-04-18 23:03 - 00000000 ____D () C:\Users\Pablo\Desktop\Normatização PUC
2014-04-18 15:01 - 2014-04-18 15:01 - 00237336 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgidsdrivera.sys
2014-04-18 11:26 - 2013-10-30 23:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2014-04-18 11:06 - 2014-04-18 11:06 - 00000000 ____D () C:\Users\Pablo\Desktop\Guia 09
2014-04-18 10:57 - 2014-04-18 10:57 - 00000000 ____D () C:\Users\Pablo\AppData\Local\CrashRpt
2014-04-15 13:07 - 2009-07-14 02:08 - 00032608 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-04-14 15:23 - 2014-02-06 09:14 - 00000000 ____D () C:\Users\Pablo\Desktop\Estudo
2014-04-14 14:56 - 2014-04-14 14:56 - 00000017 _____ () C:\Users\Pablo\AppData\Local\resmon.resmoncfg
2014-04-14 12:59 - 2014-04-14 12:59 - 00000000 ____D () C:\Users\Pablo\Desktop\AutoCad
2014-04-13 12:49 - 2014-04-06 11:46 - 00000000 ____D () C:\Users\Pablo\Documents\Andreza
2014-04-13 11:47 - 2014-04-02 18:29 - 00002532 _____ () C:\Windows\WindowsUpdate.log
2014-04-13 11:31 - 2014-04-13 11:30 - 00000000 ____D () C:\Users\Pablo\Downloads\Guia 09
2014-04-05 20:23 - 2014-04-05 20:22 - 00089361 _____ () C:\Users\Pablo\Downloads\1664d993-3daf-4865-b4d0-6597b379e5cb_1222764_P15_Pablo Ricardo Pereira.zip
2014-04-03 14:30 - 2009-07-14 00:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-04-03 09:51 - 2014-04-29 13:13 - 00088280 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-04-03 09:51 - 2014-04-29 13:13 - 00063192 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-04-03 09:50 - 2014-04-29 13:13 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-04-02 18:37 - 2014-04-02 18:36 - 00000000 ____D () C:\PenClean
2014-04-02 18:29 - 2009-07-14 00:20 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2014-04-02 15:32 - 2014-04-02 15:32 - 00000000 ____D () C:\Users\Pablo\Desktop\EstudarMatemática
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2014-04-29 11:11
==================== End Of Log ============================
pabloescobar- Membro
- Mensagens : 68
Reputação : 0
Data de inscrição : 17/04/2014
Localização : Minas Gerais
Re: Fotos Slides Movie nos pendrives e PC
por Power Max Qui 01 maio 2014, 09:40
Não é este o procedimento, é o que está aqui nesta minha postagem:
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Power Max- Colaborador
- Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009
Fotos Slides Movie nos pendrives e PC
por pabloescobar Qui 01 maio 2014, 09:43
Seria isso, acho que acabei confundindo.
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 01-05-2014
Ran by Pablo at 2014-05-01 09:41:41 Run:1
Running from C:\Users\Pablo\Downloads
Boot Mode: Normal
==============================================
Content of fixlist:
*****************
start
Task: {591C57AA-B47D-4C67-AF29-063CCB38C4E5} - \Dealply No Task File <==== ATTENTION
Task: {773D25A7-7978-46A1-9129-77DE74C7D9F6} - \BonanzaDealsLiveUpdateTaskMachineCore No Task File <==== ATTENTION
Task: {D46E4E4E-7F39-4962-A980-1A11E2364A4E} - \BonanzaDealsLiveUpdateTaskMachineUA No Task File <==== ATTENTION
Task: {E8575106-6719-4984-8BDD-2F542C3DED9E} - \PriceMeterUpdater No Task File <==== ATTENTION
Task: {F15C8F2C-024F-42F8-B052-FA31FB382A91} - \UpdaterEX No Task File <==== ATTENTION
S3 BdApiUtil; \??\C:\Program Files (x86)\Baidu Security\Baidu Antivirus\BdApiUtil64.sys [X]
S3 BdCameraProtect; \??\C:\Program Files (x86)\Baidu Security\Baidu Antivirus\BdCameraProtect64.sys [X]
S3 BprotectEx; \??\C:\Windows\System32\drivers\BprotectEx.sys [X]
S3 PCFApiUtil; \??\C:\Program Files (x86)\Baidu Security\PC Faster\4.0.0.0\PCFApiUtil64.sys [X]
end
*****************
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{591C57AA-B47D-4C67-AF29-063CCB38C4E5} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{591C57AA-B47D-4C67-AF29-063CCB38C4E5} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Dealply => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{773D25A7-7978-46A1-9129-77DE74C7D9F6} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{773D25A7-7978-46A1-9129-77DE74C7D9F6} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\BonanzaDealsLiveUpdateTaskMachineCore => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D46E4E4E-7F39-4962-A980-1A11E2364A4E} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D46E4E4E-7F39-4962-A980-1A11E2364A4E} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\BonanzaDealsLiveUpdateTaskMachineUA => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E8575106-6719-4984-8BDD-2F542C3DED9E} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E8575106-6719-4984-8BDD-2F542C3DED9E} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\PriceMeterUpdater => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{F15C8F2C-024F-42F8-B052-FA31FB382A91} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F15C8F2C-024F-42F8-B052-FA31FB382A91} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\UpdaterEX => Key deleted successfully.
BdApiUtil => Service deleted successfully.
BdCameraProtect => Service deleted successfully.
BprotectEx => Service deleted successfully.
PCFApiUtil => Service deleted successfully.
==== End of Fixlog ====
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 01-05-2014
Ran by Pablo at 2014-05-01 09:41:41 Run:1
Running from C:\Users\Pablo\Downloads
Boot Mode: Normal
==============================================
Content of fixlist:
*****************
start
Task: {591C57AA-B47D-4C67-AF29-063CCB38C4E5} - \Dealply No Task File <==== ATTENTION
Task: {773D25A7-7978-46A1-9129-77DE74C7D9F6} - \BonanzaDealsLiveUpdateTaskMachineCore No Task File <==== ATTENTION
Task: {D46E4E4E-7F39-4962-A980-1A11E2364A4E} - \BonanzaDealsLiveUpdateTaskMachineUA No Task File <==== ATTENTION
Task: {E8575106-6719-4984-8BDD-2F542C3DED9E} - \PriceMeterUpdater No Task File <==== ATTENTION
Task: {F15C8F2C-024F-42F8-B052-FA31FB382A91} - \UpdaterEX No Task File <==== ATTENTION
S3 BdApiUtil; \??\C:\Program Files (x86)\Baidu Security\Baidu Antivirus\BdApiUtil64.sys [X]
S3 BdCameraProtect; \??\C:\Program Files (x86)\Baidu Security\Baidu Antivirus\BdCameraProtect64.sys [X]
S3 BprotectEx; \??\C:\Windows\System32\drivers\BprotectEx.sys [X]
S3 PCFApiUtil; \??\C:\Program Files (x86)\Baidu Security\PC Faster\4.0.0.0\PCFApiUtil64.sys [X]
end
*****************
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{591C57AA-B47D-4C67-AF29-063CCB38C4E5} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{591C57AA-B47D-4C67-AF29-063CCB38C4E5} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Dealply => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{773D25A7-7978-46A1-9129-77DE74C7D9F6} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{773D25A7-7978-46A1-9129-77DE74C7D9F6} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\BonanzaDealsLiveUpdateTaskMachineCore => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D46E4E4E-7F39-4962-A980-1A11E2364A4E} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D46E4E4E-7F39-4962-A980-1A11E2364A4E} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\BonanzaDealsLiveUpdateTaskMachineUA => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E8575106-6719-4984-8BDD-2F542C3DED9E} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E8575106-6719-4984-8BDD-2F542C3DED9E} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\PriceMeterUpdater => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{F15C8F2C-024F-42F8-B052-FA31FB382A91} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F15C8F2C-024F-42F8-B052-FA31FB382A91} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\UpdaterEX => Key deleted successfully.
BdApiUtil => Service deleted successfully.
BdCameraProtect => Service deleted successfully.
BprotectEx => Service deleted successfully.
PCFApiUtil => Service deleted successfully.
==== End of Fixlog ====
pabloescobar- Membro
- Mensagens : 68
Reputação : 0
Data de inscrição : 17/04/2014
Localização : Minas Gerais
Re: Fotos Slides Movie nos pendrives e PC
por Power Max Qui 01 maio 2014, 09:45
Sim, agora está certo.
Como está seu PC depois destas limpezas?
Como está seu PC depois destas limpezas?
Power Max- Colaborador
- Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009
Fotos Slides Movie nos pendrives e PC
por pabloescobar Qui 01 maio 2014, 09:53
Power Max agradeço muito por ajudar a tirar do pc esse maldito vírus ou Malware.
Gostaria de saber como faço agora, tenho 3 pendrives com esse vírus e eles cria copia nos arquivos que estão fora da pasta dentro do pen drive,
ja formatei, fiz de tudo que sabia para tentar tirar esse mesmo vírus do pendrive, tenho algumas dúvidas.
1 tenho que cria outro post para começar a resolver o problema, pois o problema desse post já foi resolvido que era o pc.
2 posso colocar o pendrive no pc normalmente pq foi um custo tirar esse vírus do pc e nao quero ele de volta no pc de novo.
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 09:48:28, on 01/05/2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal
Running processes:
C:\ProgramData\DatacardService\DCSHelper.exe
C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
C:\Windows\SysWOW64\ACEngSvr.exe
C:\Windows\AsScrPro.exe
C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
C:\Program Files (x86)\MCShield\MCShieldRTM.exe
C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\AVG\AVG2014\avgui.exe
C:\Users\Pablo\AppData\Roaming\VIVO INTERNET\ouc.exe
C:\Windows\SysWOW64\ctfmon.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\Pablo\Downloads\HijackThis.exe
C:\Windows\SysWOW64\DllHost.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O1 - Hosts: ::1 localhost
O2 - BHO: Trend Micro NSC BHO - {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - C:\Program Files\Trend Micro\AMSP\Module\20004\2.0.1313\6.8.1072\TmIEPlg32.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: TmBpIeBHO - {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\Program Files\Trend Micro\AMSP\Module\20002\7.0.1081\7.0.1081\TmBpIe32.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O2 - BHO: Microsoft Web Test Recorder 10.0 Helper - {DDA57003-0068-4ed2-9D32-4D1EC707D94D} - d:\PUC\Visual Studio\Common7\IDE\PrivateAssemblies\Microsoft.VisualStudio.QualityTools.RecorderBarBHO100.dll
O4 - HKLM\..\Run: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
O4 - HKLM\..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
O4 - HKLM\..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2014\avgui.exe" /TRAYONLY
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKCU\..\Run: [HW_OPENEYE_OUC_VIVO INTERNET] "C:\Program Files (x86)\VIVO INTERNET\UpdateDog\ouc.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [MCShield Monitor] C:\Program Files (x86)\MCShield\mcshieldrtm.exe
O8 - Extra context menu item: &Enviar para o OneNote - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O8 - Extra context menu item: E&xportar para o Microsoft Excel - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files (x86)\PokerStars\PokerStarsUpdate.exe
O9 - Extra button: &Anotações Vinculadas do OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: &Anotações Vinculadas do OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\Module\20002\7.0.1081\7.0.1081\TmBpIe32.dll
O18 - Protocol: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend Micro\AMSP\Module\20004\2.0.1313\6.8.1072\TmIEPlg32.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: AFBAgent - Unknown owner - C:\Windows\system32\FBAgent.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Trend Micro Solution Platform (Amsp) - Trend Micro Inc. - C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe
O23 - Service: ASLDR Service (ASLDRService) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
O23 - Service: ASUS InstantOn Service (ASUS InstantOn) - ASUS - C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnSrv.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
O23 - Service: Autodesk Content Service - Unknown owner - C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe
O23 - Service: Watchdog do AVG (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service 64 - Flexera Software, Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: HWDeviceService64.exe - Unknown owner - C:\ProgramData\DatacardService\HWDeviceService64.exe
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) ME Service - Unknown owner - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @C:\Program Files (x86)\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files (x86)\Nero\Update\NASvc.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Personalization Panel DWM controller (persdwmsrv) - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] - C:\Program Files (x86)\winaero.com\Personalization Panel DWM Controller\persdwmsrv.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: TiMiniService - Trend Micro Inc. - C:\Program Files\Trend Micro\Titanium\TiMiniService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: Unsigned Themes (UnsignedThemes) - The Within Network, LLC - C:\Windows\UnsignedThemesSvc.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 12752 bytes
Gostaria de saber como faço agora, tenho 3 pendrives com esse vírus e eles cria copia nos arquivos que estão fora da pasta dentro do pen drive,
ja formatei, fiz de tudo que sabia para tentar tirar esse mesmo vírus do pendrive, tenho algumas dúvidas.
1 tenho que cria outro post para começar a resolver o problema, pois o problema desse post já foi resolvido que era o pc.
2 posso colocar o pendrive no pc normalmente pq foi um custo tirar esse vírus do pc e nao quero ele de volta no pc de novo.
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 09:48:28, on 01/05/2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal
Running processes:
C:\ProgramData\DatacardService\DCSHelper.exe
C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
C:\Windows\SysWOW64\ACEngSvr.exe
C:\Windows\AsScrPro.exe
C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
C:\Program Files (x86)\MCShield\MCShieldRTM.exe
C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\AVG\AVG2014\avgui.exe
C:\Users\Pablo\AppData\Roaming\VIVO INTERNET\ouc.exe
C:\Windows\SysWOW64\ctfmon.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\Pablo\Downloads\HijackThis.exe
C:\Windows\SysWOW64\DllHost.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O1 - Hosts: ::1 localhost
O2 - BHO: Trend Micro NSC BHO - {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - C:\Program Files\Trend Micro\AMSP\Module\20004\2.0.1313\6.8.1072\TmIEPlg32.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: TmBpIeBHO - {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\Program Files\Trend Micro\AMSP\Module\20002\7.0.1081\7.0.1081\TmBpIe32.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O2 - BHO: Microsoft Web Test Recorder 10.0 Helper - {DDA57003-0068-4ed2-9D32-4D1EC707D94D} - d:\PUC\Visual Studio\Common7\IDE\PrivateAssemblies\Microsoft.VisualStudio.QualityTools.RecorderBarBHO100.dll
O4 - HKLM\..\Run: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
O4 - HKLM\..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
O4 - HKLM\..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2014\avgui.exe" /TRAYONLY
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKCU\..\Run: [HW_OPENEYE_OUC_VIVO INTERNET] "C:\Program Files (x86)\VIVO INTERNET\UpdateDog\ouc.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [MCShield Monitor] C:\Program Files (x86)\MCShield\mcshieldrtm.exe
O8 - Extra context menu item: &Enviar para o OneNote - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O8 - Extra context menu item: E&xportar para o Microsoft Excel - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files (x86)\PokerStars\PokerStarsUpdate.exe
O9 - Extra button: &Anotações Vinculadas do OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: &Anotações Vinculadas do OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\Module\20002\7.0.1081\7.0.1081\TmBpIe32.dll
O18 - Protocol: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend Micro\AMSP\Module\20004\2.0.1313\6.8.1072\TmIEPlg32.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: AFBAgent - Unknown owner - C:\Windows\system32\FBAgent.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Trend Micro Solution Platform (Amsp) - Trend Micro Inc. - C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe
O23 - Service: ASLDR Service (ASLDRService) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
O23 - Service: ASUS InstantOn Service (ASUS InstantOn) - ASUS - C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnSrv.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
O23 - Service: Autodesk Content Service - Unknown owner - C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe
O23 - Service: Watchdog do AVG (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service 64 - Flexera Software, Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: HWDeviceService64.exe - Unknown owner - C:\ProgramData\DatacardService\HWDeviceService64.exe
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) ME Service - Unknown owner - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @C:\Program Files (x86)\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files (x86)\Nero\Update\NASvc.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Personalization Panel DWM controller (persdwmsrv) - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] - C:\Program Files (x86)\winaero.com\Personalization Panel DWM Controller\persdwmsrv.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: TiMiniService - Trend Micro Inc. - C:\Program Files\Trend Micro\Titanium\TiMiniService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: Unsigned Themes (UnsignedThemes) - The Within Network, LLC - C:\Windows\UnsignedThemesSvc.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 12752 bytes
pabloescobar- Membro
- Mensagens : 68
Reputação : 0
Data de inscrição : 17/04/2014
Localização : Minas Gerais
Re: Fotos Slides Movie nos pendrives e PC
por Power Max Qui 01 maio 2014, 10:09
● Vá no menu: Iniciar > Painel de Controle > Hardware e Sons > Reprodução Automática > Desmarque a opção Usar Reprodução Automática em todas as mídias e dispositivos > *Clique no botão [Salvar].
Depois disto mantenha pressionada a tecla Shift e com ela pressionada insira os pendrives contaminados no PC.
Depois disto mantenha a tecla shift pressionada por alguns segundos até que os pendrives não sejam mais lidos pelo PC (isto é para evitar que eles iniciem automaticamente o conteúdo prejudicial deles).
Após os procedimentos acima, utilize o USBFix conforme é mostrado nesta postagem:
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Poste o log (relatório) do Usbfix que estará em C:\UsbFix.txt em sua próxima resposta.
Depois disto mantenha pressionada a tecla Shift e com ela pressionada insira os pendrives contaminados no PC.
Depois disto mantenha a tecla shift pressionada por alguns segundos até que os pendrives não sejam mais lidos pelo PC (isto é para evitar que eles iniciem automaticamente o conteúdo prejudicial deles).
Após os procedimentos acima, utilize o USBFix conforme é mostrado nesta postagem:
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Poste o log (relatório) do Usbfix que estará em C:\UsbFix.txt em sua próxima resposta.
Power Max- Colaborador
- Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009
Fotos Slides Movie nos pendrives e PC
por pabloescobar Qui 01 maio 2014, 10:24
############################## | UsbFix V 7.169 | [Supressão]
Usuário: Pablo (Administrador) # PES
Atualizado em 31/03/2014 por El Desaparecido - Team SosVirus
Começou em 10:22:20 | 01/05/2014
Site : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Changelog : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Support : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Upload Malware : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Contato : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
PC: ASUSTeK COMPUTER INC. (K45A)
CPU: Intel(R) Core(TM) i5-3210M CPU @ 2.50GHz
RAM -> [Total : 8078 Mo| Free : 6375 Mo]
Bios: American Megatrends Inc.
Boot: Normal boot
OS: Microsoft Windows 7 Home Basic (6.1.7601 64-Bit) Service Pack 1
WB: Windows Internet Explorer : 9.0.8112.16421
WB: Google Chrome : 34.0.1847.131
SC: Security Center [Enabled]
WU: Windows Update [(!) Disabled]
AV: AVG AntiVirus Free Edition 2014 [Enabled | Updated]
AV: Trend Micro Titanium Internet Security 2012 [(!) Disabled | Updated]
AS: Trend Micro Titanium Internet Security 2012 [(!) Disabled | Updated]
AS: Windows Defender [(!) Disabled | Updated]
AS: AVG AntiVirus Free Edition 2014 [Enabled | Updated]
FW: Windows FireWall [Enabled]
C:\ (%systemdrive%) -> Disco fixo # 300 Gb (206 Mb livre - 69%) [OS] # NTFS
D:\ -> Disco fixo # 373 Gb (365 Mb livre - 98%) [DATA] # NTFS
F:\ -> CD-ROM
G:\ -> Disco removível # 4 Gb (3 Mb livre - 93%) [PABLO] # FAT32
################## | Processos Ativos |
c:\PROGRA~2\AVG\AVG2014\avgrsa.exe (ID: 600 |ParentID: 588)
C:\Windows\system32\csrss.exe (ID: 656 |ParentID: 648)
C:\Windows\system32\wininit.exe (ID: 728 |ParentID: 648)
C:\Windows\system32\csrss.exe (ID: 752 |ParentID: 736)
C:\Windows\system32\services.exe (ID: 796 |ParentID: 728)
C:\Windows\system32\lsass.exe (ID: 816 |ParentID: 728)
C:\Windows\system32\lsm.exe (ID: 824 |ParentID: 728)
C:\Windows\system32\svchost.exe (ID: 944 |ParentID: 796)
C:\Windows\system32\winlogon.exe (ID: 1012 |ParentID: 736)
C:\Windows\system32\svchost.exe (ID: 628 |ParentID: 796)
C:\Windows\System32\svchost.exe (ID: 640 |ParentID: 796)
C:\Program Files (x86)\AVG\AVG2014\avgcsrva.exe (ID: 1032 |ParentID: 600)
C:\Windows\System32\svchost.exe (ID: 1044 |ParentID: 796)
C:\Windows\system32\svchost.exe (ID: 1080 |ParentID: 796)
C:\Windows\UnsignedThemesSvc.exe (ID: 1120 |ParentID: 796)
C:\Windows\system32\svchost.exe (ID: 1224 |ParentID: 796)
C:\Windows\SYSTEM32\WISPTIS.EXE (ID: 1340 |ParentID: 1044)
C:\Windows\system32\svchost.exe (ID: 1352 |ParentID: 796)
C:\Windows\system32\FBAgent.exe (ID: 1460 |ParentID: 796)
C:\Windows\system32\WLANExt.exe (ID: 1476 |ParentID: 1044)
C:\Windows\system32\conhost.exe (ID: 1488 |ParentID: 656)
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe (ID: 1516 |ParentID: 796)
C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe (ID: 1608 |ParentID: 796)
C:\Windows\System32\spoolsv.exe (ID: 1676 |ParentID: 796)
C:\Windows\system32\taskeng.exe (ID: 1724 |ParentID: 1080)
C:\Windows\system32\svchost.exe (ID: 1776 |ParentID: 796)
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe (ID: 1816 |ParentID: 1516)
C:\Windows\system32\taskhost.exe (ID: 1832 |ParentID: 796)
C:\Windows\system32\svchost.exe (ID: 1840 |ParentID: 796)
C:\Windows\system32\Dwm.exe (ID: 1972 |ParentID: 1044)
C:\Windows\SYSTEM32\WISPTIS.EXE (ID: 2008 |ParentID: 1044)
C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE (ID: 2136 |ParentID: 796)
C:\Windows\system32\taskeng.exe (ID: 2144 |ParentID: 1080)
C:\Windows\Explorer.EXE (ID: 2152 |ParentID: 1940)
C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnSrv.exe (ID: 2192 |ParentID: 796)
C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe (ID: 2236 |ParentID: 796)
C:\Program Files\ASUS\P4G\BatteryLife.exe (ID: 2300 |ParentID: 2144)
C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnWMI.exe (ID: 2308 |ParentID: 2192)
C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe (ID: 2324 |ParentID: 2144)
C:\Program Files (x86)\ASUS\FaceLogon\sensorsrv.exe (ID: 2348 |ParentID: 2144)
C:\Program Files (x86)\ASUS\ASUS Virtual Touch\QuickGesture\x86\QuickGesture.exe (ID: 2364 |ParentID: 2144)
C:\Program Files (x86)\ASUS\ASUS Virtual Touch\QuickGesture\x64\QuickGesture64.exe (ID: 2388 |ParentID: 2144)
C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe (ID: 2408 |ParentID: 2144)
C:\Program Files (x86)\ASUS\Splendid\ACMON.exe (ID: 2852 |ParentID: 1460)
C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe (ID: 2880 |ParentID: 796)
C:\Windows\SysWOW64\ACEngSvr.exe (ID: 2908 |ParentID: 944)
C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe (ID: 2948 |ParentID: 796)
C:\ProgramData\DatacardService\HWDeviceService64.exe (ID: 2984 |ParentID: 796)
C:\Program Files\Intel\iCLS Client\HeciServer.exe (ID: 3020 |ParentID: 796)
C:\ProgramData\DatacardService\DCSHelper.exe (ID: 3040 |ParentID: 2984)
C:\Windows\AsScrPro.exe (ID: 2080 |ParentID: 1460)
C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe (ID: 1456 |ParentID: 1460)
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (ID: 1760 |ParentID: 1460)
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe (ID: 3152 |ParentID: 796)
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (ID: 3204 |ParentID: 796)
C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe (ID: 3228 |ParentID: 796)
C:\Program Files (x86)\AVG\AVG2014\avgnsa.exe (ID: 3304 |ParentID: 2948)
C:\Program Files (x86)\AVG\AVG2014\avgemca.exe (ID: 3312 |ParentID: 2948)
C:\Program Files (x86)\winaero.com\Personalization Panel DWM Controller\persdwmsrv.exe (ID: 3596 |ParentID: 796)
C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe (ID: 3840 |ParentID: 796)
C:\Windows\system32\runonce.exe (ID: 4068 |ParentID: 2152)
C:\Windows\SysWOW64\runonce.exe (ID: 4080 |ParentID: 4068)
C:\Windows\system32\svchost.exe (ID: 3396 |ParentID: 796)
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (ID: 3420 |ParentID: 796)
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe (ID: 4124 |ParentID: 3420)
C:\Windows\system32\wbem\wmiprvse.exe (ID: 4412 |ParentID: 944)
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe (ID: 4820 |ParentID: 1816)
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe (ID: 4836 |ParentID: 1816)
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe (ID: 4844 |ParentID: 1816)
C:\Windows\servicing\TrustedInstaller.exe (ID: 5096 |ParentID: 796)
C:\Program Files\Trend Micro\Titanium\TiMiniService.exe (ID: 4248 |ParentID: 796)
C:\Program Files\Trend Micro\Titanium\TiResumeSrv.exe (ID: 4344 |ParentID: 4248)
C:\Windows\system32\conhost.exe (ID: 4348 |ParentID: 656)
C:\Windows\system32\WUDFHost.exe (ID: 4576 |ParentID: 1044)
C:\Windows\System32\dinotify.exe (ID: 3988 |ParentID: 4536)
C:\Windows\system32\svchost.exe (ID: 4240 |ParentID: 796)
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe (ID: 5764 |ParentID: 796)
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (ID: 4568 |ParentID: 796)
C:\Program Files (x86)\Nero\Update\NASvc.exe (ID: 4636 |ParentID: 796)
C:\Windows\system32\sppsvc.exe (ID: 5424 |ParentID: 796)
C:\Windows\system32\SearchIndexer.exe (ID: 4784 |ParentID: 796)
C:\Windows\system32\wbem\wmiprvse.exe (ID: 2860 |ParentID: 944)
################## | Procura genérica |
(!) Ficheiros temporários suprimido.
################## | Registro |
################## | Regedit Run |
F2 - HKLM\..\Winlogon : [Shell] explorer.exe
F2 - [x64] HKLM\..\Winlogon : [Shell] explorer.exe
F2 - HKLM\..\Winlogon : [Userinit] userinit.exe,
F2 - [x64] HKLM\..\Winlogon : [Userinit] C:\Windows\system32\userinit.exe,
04 - HKCU\..\Run : [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
04 - HKCU\..\Run : [HW_OPENEYE_OUC_VIVO INTERNET] "C:\Program Files (x86)\VIVO INTERNET\UpdateDog\ouc.exe"
04 - HKCU\..\Run : [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
04 - HKCU\..\Run : [MCShield Monitor] C:\Program Files (x86)\MCShield\mcshieldrtm.exe
04 - HKLM\..\Run : [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
04 - HKLM\..\Run : [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
04 - HKLM\..\Run : [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
04 - HKLM\..\Run : [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
04 - HKLM\..\Run : [AVG_UI] "C:\Program Files (x86)\AVG\AVG2014\avgui.exe" /TRAYONLY
04 - [x64] HKLM\..\Run : [VizorHtmlDialog.exe] "C:\Program Files\Trend Micro\Titanium\UIFramework\VizorHtmlDialog.exe" "DEF" "EULA" "C:\Program Files\Trend Micro\Titanium\www\Installer.cmpt\resources\preinstall_01_welcome_trial.html" "DEF" "DEF" "DEF"
04 - [x64] HKLM\..\Run : [Trend Micro Client Framework] "C:\Program Files\Trend Micro\UniClient\UiFrmWrk\UIWatchDog.exe"
04 - [x64] HKLM\..\Run : [Trend Micro Titanium] "C:\Program Files\Trend Micro\Titanium\VizorShortCut.exe" -ReFlush "none" "none"
04 - [x64] HKLM\..\Run : [IgfxTray] C:\Windows\system32\igfxtray.exe
04 - [x64] HKLM\..\Run : [HotKeysCmds] C:\Windows\system32\hkcmd.exe
04 - [x64] HKLM\..\Run : [ETDCtrl] %ProgramFiles%\Elantech\ETDCtrl.exe
04 - HKU\S-1-5-19\..\Run : [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
04 - HKU\S-1-5-20\..\Run : [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
04 - HKU\S-1-5-21-1322692611-2876088620-685211800-1000\..\Run : [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
04 - HKU\S-1-5-21-1322692611-2876088620-685211800-1000\..\Run : [HW_OPENEYE_OUC_VIVO INTERNET] "C:\Program Files (x86)\VIVO INTERNET\UpdateDog\ouc.exe"
04 - HKU\S-1-5-21-1322692611-2876088620-685211800-1000\..\Run : [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
04 - HKU\S-1-5-21-1322692611-2876088620-685211800-1000\..\Run : [MCShield Monitor] C:\Program Files (x86)\MCShield\mcshieldrtm.exe
04 - HKU\S-1-5-19\..\RunOnce : [mctadmin] C:\Windows\System32\mctadmin.exe
04 - HKU\S-1-5-20\..\RunOnce : [mctadmin] C:\Windows\System32\mctadmin.exe
################## | Listing |
[29/04/2014 - 10:22:53 | D] - C:\$AVG
[30/04/2014 - 09:45:04 | SHD] - C:\$RECYCLE.BIN
[29/04/2014 - 13:05:25 | D] - C:\AdwCleaner
[09/03/2012 - 16:51:05 | D] - C:\AsusVibeData
[29/07/2009 - 02:09:16 | SHD] - C:\Boot
[13/07/2009 - 22:38:58 | RASH | 375 Ko] - C:\bootmgr
[29/07/2009 - 02:09:18 | RASH | 8 Ko] - C:\BOOTSECT.BAK
[14/07/2009 - 02:08:56 | SHD] - C:\Documents and Settings
[15/07/2012 - 05:37:37 | D] - C:\eSupport
[29/04/2014 - 22:54:09 | N | 0 Ko] - C:\files.log
[29/04/2014 - 22:54:21 | N | 0 Ko] - C:\folders.log
[01/05/2014 - 09:41:42 | D] - C:\FRST
[01/05/2014 - 10:19:16 | ASH | 6204148 Ko] - C:\hiberfil.sys
[15/07/2012 - 05:28:58 | D] - C:\Intel
[05/01/2013 - 23:13:57 | RHD] - C:\MSOCache
[24/03/2013 - 20:39:23 | D] - C:\opt
[01/05/2014 - 10:19:14 | ASH | 8272200 Ko] - C:\pagefile.sys
[02/04/2014 - 18:37:00 | D] - C:\PenClean
[14/07/2009 - 00:20:08 | D] - C:\PerfLogs
[24/04/2014 - 10:08:06 | D] - C:\Program Files
[30/04/2014 - 23:08:26 | D] - C:\Program Files (x86)
[30/04/2014 - 23:08:27 | HD] - C:\ProgramData
[29/07/2009 - 01:20:32 | SHD] - C:\Recovery
[29/04/2014 - 22:54:22 | N | 3 Ko | FF219CB8EC166C8738192F934FB0728D] - C:\runcheck.txt
[30/04/2014 - 15:22:15 | D] - C:\SUPERDelete
[30/04/2014 - 23:38:38 | SHD] - C:\System Volume Information
[01/05/2014 - 10:17:46 | D] - C:\UsbFix
[29/04/2014 - 12:32:09 | N | 13 Ko | 17C7AD2CEBE81AA8DFCB8B2435DD392F] - C:\UsbFix [Clean 2] PES.txt
[01/05/2014 - 10:23:12 | A | 12 Ko | 96827333B6C673D670602191AE3A6EC0] - C:\UsbFix [Clean 4] PES.txt
[05/01/2013 - 11:34:05 | D] - C:\Users
[30/04/2014 - 23:51:49 | D] - C:\Windows
[10/07/2013 - 23:42:18 | D] - C:\WinloadPrivateDir
[24/04/2014 - 23:13:50 | D] - C:\xti
[29/04/2014 - 22:54:21 | D] - C:\zoek
[29/04/2014 - 22:54:22 | N | 19 Ko] - C:\zoek-results.log
[29/04/2014 - 22:48:56 | D] - C:\zoek_backup
[03/03/2014 - 15:35:22 | SHD] - D:\$RECYCLE.BIN
[16/01/2013 - 18:43:03 | D] - D:\cadsimu
[26/04/2014 - 18:38:01 | D] - D:\Digitação
[27/04/2014 - 21:52:45 | D] - D:\PUC
[16/03/2014 - 17:00:01 | SHD] - D:\System Volume Information
[09/04/2014 - 14:33:00 | D] - G:\LABORATÓRIO
[24/04/2014 - 10:01:38 | D] - G:\IC
[15/03/2014 - 23:44:52 | D] - G:\Configuração
[28/04/2014 - 17:27:18 | D] - G:\FILSOFIA
[15/03/2014 - 23:44:42 | D] - G:\curriculum
[02/04/2014 - 19:57:52 | D] - G:\Exercício de ATP Pega Monitoria
[15/03/2014 - 23:44:50 | D] - G:\PUC
################## | Vaccin |
D:\Autorun.inf -> Vacina criada por UsbFix (El Desaparecido)
G:\Autorun.inf -> Vacina criada por UsbFix (El Desaparecido)
################## | E.O.F | [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] |
Usuário: Pablo (Administrador) # PES
Atualizado em 31/03/2014 por El Desaparecido - Team SosVirus
Começou em 10:22:20 | 01/05/2014
Site : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Changelog : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Support : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Upload Malware : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Contato : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
PC: ASUSTeK COMPUTER INC. (K45A)
CPU: Intel(R) Core(TM) i5-3210M CPU @ 2.50GHz
RAM -> [Total : 8078 Mo| Free : 6375 Mo]
Bios: American Megatrends Inc.
Boot: Normal boot
OS: Microsoft Windows 7 Home Basic (6.1.7601 64-Bit) Service Pack 1
WB: Windows Internet Explorer : 9.0.8112.16421
WB: Google Chrome : 34.0.1847.131
SC: Security Center [Enabled]
WU: Windows Update [(!) Disabled]
AV: AVG AntiVirus Free Edition 2014 [Enabled | Updated]
AV: Trend Micro Titanium Internet Security 2012 [(!) Disabled | Updated]
AS: Trend Micro Titanium Internet Security 2012 [(!) Disabled | Updated]
AS: Windows Defender [(!) Disabled | Updated]
AS: AVG AntiVirus Free Edition 2014 [Enabled | Updated]
FW: Windows FireWall [Enabled]
C:\ (%systemdrive%) -> Disco fixo # 300 Gb (206 Mb livre - 69%) [OS] # NTFS
D:\ -> Disco fixo # 373 Gb (365 Mb livre - 98%) [DATA] # NTFS
F:\ -> CD-ROM
G:\ -> Disco removível # 4 Gb (3 Mb livre - 93%) [PABLO] # FAT32
################## | Processos Ativos |
c:\PROGRA~2\AVG\AVG2014\avgrsa.exe (ID: 600 |ParentID: 588)
C:\Windows\system32\csrss.exe (ID: 656 |ParentID: 648)
C:\Windows\system32\wininit.exe (ID: 728 |ParentID: 648)
C:\Windows\system32\csrss.exe (ID: 752 |ParentID: 736)
C:\Windows\system32\services.exe (ID: 796 |ParentID: 728)
C:\Windows\system32\lsass.exe (ID: 816 |ParentID: 728)
C:\Windows\system32\lsm.exe (ID: 824 |ParentID: 728)
C:\Windows\system32\svchost.exe (ID: 944 |ParentID: 796)
C:\Windows\system32\winlogon.exe (ID: 1012 |ParentID: 736)
C:\Windows\system32\svchost.exe (ID: 628 |ParentID: 796)
C:\Windows\System32\svchost.exe (ID: 640 |ParentID: 796)
C:\Program Files (x86)\AVG\AVG2014\avgcsrva.exe (ID: 1032 |ParentID: 600)
C:\Windows\System32\svchost.exe (ID: 1044 |ParentID: 796)
C:\Windows\system32\svchost.exe (ID: 1080 |ParentID: 796)
C:\Windows\UnsignedThemesSvc.exe (ID: 1120 |ParentID: 796)
C:\Windows\system32\svchost.exe (ID: 1224 |ParentID: 796)
C:\Windows\SYSTEM32\WISPTIS.EXE (ID: 1340 |ParentID: 1044)
C:\Windows\system32\svchost.exe (ID: 1352 |ParentID: 796)
C:\Windows\system32\FBAgent.exe (ID: 1460 |ParentID: 796)
C:\Windows\system32\WLANExt.exe (ID: 1476 |ParentID: 1044)
C:\Windows\system32\conhost.exe (ID: 1488 |ParentID: 656)
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe (ID: 1516 |ParentID: 796)
C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe (ID: 1608 |ParentID: 796)
C:\Windows\System32\spoolsv.exe (ID: 1676 |ParentID: 796)
C:\Windows\system32\taskeng.exe (ID: 1724 |ParentID: 1080)
C:\Windows\system32\svchost.exe (ID: 1776 |ParentID: 796)
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe (ID: 1816 |ParentID: 1516)
C:\Windows\system32\taskhost.exe (ID: 1832 |ParentID: 796)
C:\Windows\system32\svchost.exe (ID: 1840 |ParentID: 796)
C:\Windows\system32\Dwm.exe (ID: 1972 |ParentID: 1044)
C:\Windows\SYSTEM32\WISPTIS.EXE (ID: 2008 |ParentID: 1044)
C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE (ID: 2136 |ParentID: 796)
C:\Windows\system32\taskeng.exe (ID: 2144 |ParentID: 1080)
C:\Windows\Explorer.EXE (ID: 2152 |ParentID: 1940)
C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnSrv.exe (ID: 2192 |ParentID: 796)
C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe (ID: 2236 |ParentID: 796)
C:\Program Files\ASUS\P4G\BatteryLife.exe (ID: 2300 |ParentID: 2144)
C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnWMI.exe (ID: 2308 |ParentID: 2192)
C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe (ID: 2324 |ParentID: 2144)
C:\Program Files (x86)\ASUS\FaceLogon\sensorsrv.exe (ID: 2348 |ParentID: 2144)
C:\Program Files (x86)\ASUS\ASUS Virtual Touch\QuickGesture\x86\QuickGesture.exe (ID: 2364 |ParentID: 2144)
C:\Program Files (x86)\ASUS\ASUS Virtual Touch\QuickGesture\x64\QuickGesture64.exe (ID: 2388 |ParentID: 2144)
C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe (ID: 2408 |ParentID: 2144)
C:\Program Files (x86)\ASUS\Splendid\ACMON.exe (ID: 2852 |ParentID: 1460)
C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe (ID: 2880 |ParentID: 796)
C:\Windows\SysWOW64\ACEngSvr.exe (ID: 2908 |ParentID: 944)
C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe (ID: 2948 |ParentID: 796)
C:\ProgramData\DatacardService\HWDeviceService64.exe (ID: 2984 |ParentID: 796)
C:\Program Files\Intel\iCLS Client\HeciServer.exe (ID: 3020 |ParentID: 796)
C:\ProgramData\DatacardService\DCSHelper.exe (ID: 3040 |ParentID: 2984)
C:\Windows\AsScrPro.exe (ID: 2080 |ParentID: 1460)
C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe (ID: 1456 |ParentID: 1460)
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (ID: 1760 |ParentID: 1460)
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe (ID: 3152 |ParentID: 796)
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (ID: 3204 |ParentID: 796)
C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe (ID: 3228 |ParentID: 796)
C:\Program Files (x86)\AVG\AVG2014\avgnsa.exe (ID: 3304 |ParentID: 2948)
C:\Program Files (x86)\AVG\AVG2014\avgemca.exe (ID: 3312 |ParentID: 2948)
C:\Program Files (x86)\winaero.com\Personalization Panel DWM Controller\persdwmsrv.exe (ID: 3596 |ParentID: 796)
C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe (ID: 3840 |ParentID: 796)
C:\Windows\system32\runonce.exe (ID: 4068 |ParentID: 2152)
C:\Windows\SysWOW64\runonce.exe (ID: 4080 |ParentID: 4068)
C:\Windows\system32\svchost.exe (ID: 3396 |ParentID: 796)
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (ID: 3420 |ParentID: 796)
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe (ID: 4124 |ParentID: 3420)
C:\Windows\system32\wbem\wmiprvse.exe (ID: 4412 |ParentID: 944)
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe (ID: 4820 |ParentID: 1816)
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe (ID: 4836 |ParentID: 1816)
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe (ID: 4844 |ParentID: 1816)
C:\Windows\servicing\TrustedInstaller.exe (ID: 5096 |ParentID: 796)
C:\Program Files\Trend Micro\Titanium\TiMiniService.exe (ID: 4248 |ParentID: 796)
C:\Program Files\Trend Micro\Titanium\TiResumeSrv.exe (ID: 4344 |ParentID: 4248)
C:\Windows\system32\conhost.exe (ID: 4348 |ParentID: 656)
C:\Windows\system32\WUDFHost.exe (ID: 4576 |ParentID: 1044)
C:\Windows\System32\dinotify.exe (ID: 3988 |ParentID: 4536)
C:\Windows\system32\svchost.exe (ID: 4240 |ParentID: 796)
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe (ID: 5764 |ParentID: 796)
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (ID: 4568 |ParentID: 796)
C:\Program Files (x86)\Nero\Update\NASvc.exe (ID: 4636 |ParentID: 796)
C:\Windows\system32\sppsvc.exe (ID: 5424 |ParentID: 796)
C:\Windows\system32\SearchIndexer.exe (ID: 4784 |ParentID: 796)
C:\Windows\system32\wbem\wmiprvse.exe (ID: 2860 |ParentID: 944)
################## | Procura genérica |
(!) Ficheiros temporários suprimido.
################## | Registro |
################## | Regedit Run |
F2 - HKLM\..\Winlogon : [Shell] explorer.exe
F2 - [x64] HKLM\..\Winlogon : [Shell] explorer.exe
F2 - HKLM\..\Winlogon : [Userinit] userinit.exe,
F2 - [x64] HKLM\..\Winlogon : [Userinit] C:\Windows\system32\userinit.exe,
04 - HKCU\..\Run : [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
04 - HKCU\..\Run : [HW_OPENEYE_OUC_VIVO INTERNET] "C:\Program Files (x86)\VIVO INTERNET\UpdateDog\ouc.exe"
04 - HKCU\..\Run : [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
04 - HKCU\..\Run : [MCShield Monitor] C:\Program Files (x86)\MCShield\mcshieldrtm.exe
04 - HKLM\..\Run : [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
04 - HKLM\..\Run : [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
04 - HKLM\..\Run : [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
04 - HKLM\..\Run : [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
04 - HKLM\..\Run : [AVG_UI] "C:\Program Files (x86)\AVG\AVG2014\avgui.exe" /TRAYONLY
04 - [x64] HKLM\..\Run : [VizorHtmlDialog.exe] "C:\Program Files\Trend Micro\Titanium\UIFramework\VizorHtmlDialog.exe" "DEF" "EULA" "C:\Program Files\Trend Micro\Titanium\www\Installer.cmpt\resources\preinstall_01_welcome_trial.html" "DEF" "DEF" "DEF"
04 - [x64] HKLM\..\Run : [Trend Micro Client Framework] "C:\Program Files\Trend Micro\UniClient\UiFrmWrk\UIWatchDog.exe"
04 - [x64] HKLM\..\Run : [Trend Micro Titanium] "C:\Program Files\Trend Micro\Titanium\VizorShortCut.exe" -ReFlush "none" "none"
04 - [x64] HKLM\..\Run : [IgfxTray] C:\Windows\system32\igfxtray.exe
04 - [x64] HKLM\..\Run : [HotKeysCmds] C:\Windows\system32\hkcmd.exe
04 - [x64] HKLM\..\Run : [ETDCtrl] %ProgramFiles%\Elantech\ETDCtrl.exe
04 - HKU\S-1-5-19\..\Run : [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
04 - HKU\S-1-5-20\..\Run : [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
04 - HKU\S-1-5-21-1322692611-2876088620-685211800-1000\..\Run : [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
04 - HKU\S-1-5-21-1322692611-2876088620-685211800-1000\..\Run : [HW_OPENEYE_OUC_VIVO INTERNET] "C:\Program Files (x86)\VIVO INTERNET\UpdateDog\ouc.exe"
04 - HKU\S-1-5-21-1322692611-2876088620-685211800-1000\..\Run : [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
04 - HKU\S-1-5-21-1322692611-2876088620-685211800-1000\..\Run : [MCShield Monitor] C:\Program Files (x86)\MCShield\mcshieldrtm.exe
04 - HKU\S-1-5-19\..\RunOnce : [mctadmin] C:\Windows\System32\mctadmin.exe
04 - HKU\S-1-5-20\..\RunOnce : [mctadmin] C:\Windows\System32\mctadmin.exe
################## | Listing |
[29/04/2014 - 10:22:53 | D] - C:\$AVG
[30/04/2014 - 09:45:04 | SHD] - C:\$RECYCLE.BIN
[29/04/2014 - 13:05:25 | D] - C:\AdwCleaner
[09/03/2012 - 16:51:05 | D] - C:\AsusVibeData
[29/07/2009 - 02:09:16 | SHD] - C:\Boot
[13/07/2009 - 22:38:58 | RASH | 375 Ko] - C:\bootmgr
[29/07/2009 - 02:09:18 | RASH | 8 Ko] - C:\BOOTSECT.BAK
[14/07/2009 - 02:08:56 | SHD] - C:\Documents and Settings
[15/07/2012 - 05:37:37 | D] - C:\eSupport
[29/04/2014 - 22:54:09 | N | 0 Ko] - C:\files.log
[29/04/2014 - 22:54:21 | N | 0 Ko] - C:\folders.log
[01/05/2014 - 09:41:42 | D] - C:\FRST
[01/05/2014 - 10:19:16 | ASH | 6204148 Ko] - C:\hiberfil.sys
[15/07/2012 - 05:28:58 | D] - C:\Intel
[05/01/2013 - 23:13:57 | RHD] - C:\MSOCache
[24/03/2013 - 20:39:23 | D] - C:\opt
[01/05/2014 - 10:19:14 | ASH | 8272200 Ko] - C:\pagefile.sys
[02/04/2014 - 18:37:00 | D] - C:\PenClean
[14/07/2009 - 00:20:08 | D] - C:\PerfLogs
[24/04/2014 - 10:08:06 | D] - C:\Program Files
[30/04/2014 - 23:08:26 | D] - C:\Program Files (x86)
[30/04/2014 - 23:08:27 | HD] - C:\ProgramData
[29/07/2009 - 01:20:32 | SHD] - C:\Recovery
[29/04/2014 - 22:54:22 | N | 3 Ko | FF219CB8EC166C8738192F934FB0728D] - C:\runcheck.txt
[30/04/2014 - 15:22:15 | D] - C:\SUPERDelete
[30/04/2014 - 23:38:38 | SHD] - C:\System Volume Information
[01/05/2014 - 10:17:46 | D] - C:\UsbFix
[29/04/2014 - 12:32:09 | N | 13 Ko | 17C7AD2CEBE81AA8DFCB8B2435DD392F] - C:\UsbFix [Clean 2] PES.txt
[01/05/2014 - 10:23:12 | A | 12 Ko | 96827333B6C673D670602191AE3A6EC0] - C:\UsbFix [Clean 4] PES.txt
[05/01/2013 - 11:34:05 | D] - C:\Users
[30/04/2014 - 23:51:49 | D] - C:\Windows
[10/07/2013 - 23:42:18 | D] - C:\WinloadPrivateDir
[24/04/2014 - 23:13:50 | D] - C:\xti
[29/04/2014 - 22:54:21 | D] - C:\zoek
[29/04/2014 - 22:54:22 | N | 19 Ko] - C:\zoek-results.log
[29/04/2014 - 22:48:56 | D] - C:\zoek_backup
[03/03/2014 - 15:35:22 | SHD] - D:\$RECYCLE.BIN
[16/01/2013 - 18:43:03 | D] - D:\cadsimu
[26/04/2014 - 18:38:01 | D] - D:\Digitação
[27/04/2014 - 21:52:45 | D] - D:\PUC
[16/03/2014 - 17:00:01 | SHD] - D:\System Volume Information
[09/04/2014 - 14:33:00 | D] - G:\LABORATÓRIO
[24/04/2014 - 10:01:38 | D] - G:\IC
[15/03/2014 - 23:44:52 | D] - G:\Configuração
[28/04/2014 - 17:27:18 | D] - G:\FILSOFIA
[15/03/2014 - 23:44:42 | D] - G:\curriculum
[02/04/2014 - 19:57:52 | D] - G:\Exercício de ATP Pega Monitoria
[15/03/2014 - 23:44:50 | D] - G:\PUC
################## | Vaccin |
D:\Autorun.inf -> Vacina criada por UsbFix (El Desaparecido)
G:\Autorun.inf -> Vacina criada por UsbFix (El Desaparecido)
################## | E.O.F | [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] |
pabloescobar- Membro
- Mensagens : 68
Reputação : 0
Data de inscrição : 17/04/2014
Localização : Minas Gerais
Re: Fotos Slides Movie nos pendrives e PC
por Power Max Qui 01 maio 2014, 10:26
você fez o escaneamento do Usbfix com todos os três pendrives conectados?
Power Max- Colaborador
- Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009
Fotos Slides Movie nos pendrives e PC
por pabloescobar Qui 01 maio 2014, 10:33
Olá Power Max
so com 2 pendrive, o 3 não está comigo tenho que pegar ele.
so com 2 pendrive, o 3 não está comigo tenho que pegar ele.
pabloescobar- Membro
- Mensagens : 68
Reputação : 0
Data de inscrição : 17/04/2014
Localização : Minas Gerais
Re: Fotos Slides Movie nos pendrives e PC
por Power Max Qui 01 maio 2014, 10:34
é porque no seu log só constou um pendrive, veja:
C:\ (%systemdrive%) -> Disco fixo # 300 Gb (206 Mb livre - 69%) [OS] # NTFS
D:\ -> Disco fixo # 373 Gb (365 Mb livre - 98%) [DATA] # NTFS
F:\ -> CD-ROM
G:\ -> Disco removível # 4 Gb (3 Mb livre - 93%) [PABLO] # FAT32
C:\ (%systemdrive%) -> Disco fixo # 300 Gb (206 Mb livre - 69%) [OS] # NTFS
D:\ -> Disco fixo # 373 Gb (365 Mb livre - 98%) [DATA] # NTFS
F:\ -> CD-ROM
G:\ -> Disco removível # 4 Gb (3 Mb livre - 93%) [PABLO] # FAT32
Power Max- Colaborador
- Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009
Fotos Slides Movie nos pendrives e PC
por pabloescobar Qui 01 maio 2014, 10:36
O outro apagou a luz que indica que ele ta conectado ao reinicia pelo usbfix, como faço executo dnvo o procedimento de conectar ele segurando shift e depois refaço o scaneamento do usbfix?
pabloescobar- Membro
- Mensagens : 68
Reputação : 0
Data de inscrição : 17/04/2014
Localização : Minas Gerais
Re: Fotos Slides Movie nos pendrives e PC
por Power Max Qui 01 maio 2014, 10:37
Sim, refaça como te mostrei.
Power Max- Colaborador
- Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009
Fotos Slides Movie nos pendrives e PC
por pabloescobar Qui 01 maio 2014, 10:47
############################## | UsbFix V 7.169 | [Supressão]
Usuário: Pablo (Administrador) # PES
Atualizado em 31/03/2014 por El Desaparecido - Team SosVirus
Começou em 10:44:19 | 01/05/2014
Site : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Changelog : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Support : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Upload Malware : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Contato : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
PC: ASUSTeK COMPUTER INC. (K45A)
CPU: Intel(R) Core(TM) i5-3210M CPU @ 2.50GHz
RAM -> [Total : 8078 Mo| Free : 6115 Mo]
Bios: American Megatrends Inc.
Boot: Normal boot
OS: Microsoft Windows 7 Home Basic (6.1.7601 64-Bit) Service Pack 1
WB: Windows Internet Explorer : 9.0.8112.16421
WB: Google Chrome : 34.0.1847.131
SC: Security Center [Enabled]
WU: Windows Update [(!) Disabled]
AV: AVG AntiVirus Free Edition 2014 [Enabled | Updated]
AV: Trend Micro Titanium Internet Security 2012 [(!) Disabled | Updated]
AS: Trend Micro Titanium Internet Security 2012 [(!) Disabled | Updated]
AS: Windows Defender [(!) Disabled | Updated]
AS: AVG AntiVirus Free Edition 2014 [Enabled | Updated]
FW: Windows FireWall [Enabled]
C:\ (%systemdrive%) -> Disco fixo # 300 Gb (206 Mb livre - 69%) [OS] # NTFS
D:\ -> Disco fixo # 373 Gb (365 Mb livre - 98%) [DATA] # NTFS
E:\ -> Disco removível # 4 Gb (4 Mb livre - 100%) [] # FAT32
F:\ -> CD-ROM
G:\ -> Disco removível # 4 Gb (3 Mb livre - 93%) [PABLO] # FAT32
################## | Processos Ativos |
c:\PROGRA~2\AVG\AVG2014\avgrsa.exe (ID: 600 |ParentID: 588)
C:\Program Files (x86)\AVG\AVG2014\avgcsrva.exe (ID: 640 |ParentID: 600)
C:\Windows\system32\csrss.exe (ID: 952 |ParentID: 940)
C:\Windows\system32\wininit.exe (ID: 1008 |ParentID: 940)
C:\Windows\system32\csrss.exe (ID: 352 |ParentID: 1016)
C:\Windows\system32\services.exe (ID: 596 |ParentID: 1008)
C:\Windows\system32\lsass.exe (ID: 920 |ParentID: 1008)
C:\Windows\system32\lsm.exe (ID: 568 |ParentID: 1008)
C:\Windows\system32\svchost.exe (ID: 1076 |ParentID: 596)
C:\Windows\system32\winlogon.exe (ID: 1144 |ParentID: 1016)
C:\Windows\system32\svchost.exe (ID: 1196 |ParentID: 596)
C:\Windows\System32\svchost.exe (ID: 1284 |ParentID: 596)
C:\Windows\System32\svchost.exe (ID: 1328 |ParentID: 596)
C:\Windows\system32\svchost.exe (ID: 1368 |ParentID: 596)
C:\Windows\UnsignedThemesSvc.exe (ID: 1400 |ParentID: 596)
C:\Windows\system32\svchost.exe (ID: 1512 |ParentID: 596)
C:\Windows\system32\svchost.exe (ID: 1616 |ParentID: 596)
C:\Windows\SYSTEM32\WISPTIS.EXE (ID: 1716 |ParentID: 1328)
C:\Windows\system32\FBAgent.exe (ID: 1732 |ParentID: 596)
C:\Windows\system32\WLANExt.exe (ID: 1740 |ParentID: 1328)
C:\Windows\system32\conhost.exe (ID: 1764 |ParentID: 952)
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe (ID: 1772 |ParentID: 596)
C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe (ID: 1852 |ParentID: 596)
C:\Windows\System32\spoolsv.exe (ID: 1968 |ParentID: 596)
C:\Windows\system32\taskeng.exe (ID: 2000 |ParentID: 1368)
C:\Windows\system32\svchost.exe (ID: 2044 |ParentID: 596)
C:\Windows\system32\svchost.exe (ID: 1180 |ParentID: 596)
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe (ID: 1552 |ParentID: 1772)
C:\Windows\SYSTEM32\WISPTIS.EXE (ID: 2128 |ParentID: 1328)
C:\Windows\system32\Dwm.exe (ID: 2148 |ParentID: 1328)
C:\Windows\system32\taskhost.exe (ID: 2168 |ParentID: 596)
C:\Windows\Explorer.EXE (ID: 2252 |ParentID: 2120)
C:\Windows\system32\taskeng.exe (ID: 2404 |ParentID: 1368)
C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE (ID: 2468 |ParentID: 596)
C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnSrv.exe (ID: 2524 |ParentID: 596)
C:\Program Files\ASUS\P4G\BatteryLife.exe (ID: 2568 |ParentID: 2404)
C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe (ID: 2584 |ParentID: 596)
C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe (ID: 2612 |ParentID: 2404)
C:\Program Files (x86)\ASUS\FaceLogon\sensorsrv.exe (ID: 2636 |ParentID: 2404)
C:\Program Files (x86)\ASUS\ASUS Virtual Touch\QuickGesture\x86\QuickGesture.exe (ID: 2660 |ParentID: 2404)
C:\Program Files (x86)\ASUS\ASUS Virtual Touch\QuickGesture\x64\QuickGesture64.exe (ID: 2668 |ParentID: 2404)
C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe (ID: 2688 |ParentID: 2404)
C:\Windows\system32\runonce.exe (ID: 2748 |ParentID: 2252)
C:\Windows\SysWOW64\runonce.exe (ID: 2808 |ParentID: 2748)
C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe (ID: 2816 |ParentID: 596)
C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe (ID: 2872 |ParentID: 596)
C:\ProgramData\DatacardService\HWDeviceService64.exe (ID: 2920 |ParentID: 596)
C:\Program Files\Intel\iCLS Client\HeciServer.exe (ID: 2976 |ParentID: 596)
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe (ID: 3020 |ParentID: 596)
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (ID: 3052 |ParentID: 596)
C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\ismagent.exe (ID: 2644 |ParentID: 2248)
C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe (ID: 2604 |ParentID: 596)
C:\ProgramData\DatacardService\DCSHelper.exe (ID: 3092 |ParentID: 2920)
C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnWMI.exe (ID: 3100 |ParentID: 2524)
C:\Program Files (x86)\ASUS\Splendid\ACMON.exe (ID: 3120 |ParentID: 1732)
C:\Windows\SysWOW64\ACEngSvr.exe (ID: 3156 |ParentID: 1076)
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe (ID: 3196 |ParentID: 1732)
C:\Windows\AsScrPro.exe (ID: 3308 |ParentID: 1732)
C:\Program Files (x86)\AVG\AVG2014\avgnsa.exe (ID: 3324 |ParentID: 2872)
C:\Program Files (x86)\AVG\AVG2014\avgemca.exe (ID: 3332 |ParentID: 2872)
C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe (ID: 3424 |ParentID: 1732)
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (ID: 3532 |ParentID: 1732)
C:\Program Files (x86)\winaero.com\Personalization Panel DWM Controller\persdwmsrv.exe (ID: 3420 |ParentID: 596)
C:\Program Files (x86)\Skype\Updater\Updater.exe (ID: 3988 |ParentID: 596)
C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe (ID: 4016 |ParentID: 596)
C:\Windows\system32\svchost.exe (ID: 1548 |ParentID: 596)
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (ID: 3468 |ParentID: 596)
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe (ID: 4296 |ParentID: 3468)
C:\Windows\system32\wbem\wmiprvse.exe (ID: 4424 |ParentID: 1076)
C:\Windows\system32\wbem\wmiprvse.exe (ID: 4432 |ParentID: 1076)
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe (ID: 4656 |ParentID: 1552)
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe (ID: 4676 |ParentID: 1552)
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe (ID: 4684 |ParentID: 1552)
C:\Windows\system32\igfxsrvc.exe (ID: 4932 |ParentID: 1076)
C:\Program Files\Trend Micro\Titanium\TiMiniService.exe (ID: 5056 |ParentID: 596)
C:\Windows\servicing\TrustedInstaller.exe (ID: 5116 |ParentID: 596)
C:\Program Files\Trend Micro\Titanium\TiResumeSrv.exe (ID: 4208 |ParentID: 5056)
C:\Windows\system32\conhost.exe (ID: 4512 |ParentID: 952)
C:\Windows\system32\svchost.exe (ID: 5044 |ParentID: 596)
C:\Windows\System32\svchost.exe (ID: 5112 |ParentID: 596)
C:\Windows\system32\WUDFHost.exe (ID: 5212 |ParentID: 1328)
################## | Procura genérica |
(!) Ficheiros temporários suprimido.
################## | Registro |
################## | Regedit Run |
F2 - HKLM\..\Winlogon : [Shell] explorer.exe
F2 - [x64] HKLM\..\Winlogon : [Shell] explorer.exe
F2 - HKLM\..\Winlogon : [Userinit] userinit.exe,
F2 - [x64] HKLM\..\Winlogon : [Userinit] C:\Windows\system32\userinit.exe,
04 - HKCU\..\Run : [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
04 - HKCU\..\Run : [HW_OPENEYE_OUC_VIVO INTERNET] "C:\Program Files (x86)\VIVO INTERNET\UpdateDog\ouc.exe"
04 - HKCU\..\Run : [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
04 - HKCU\..\Run : [MCShield Monitor] C:\Program Files (x86)\MCShield\mcshieldrtm.exe
04 - HKLM\..\Run : [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
04 - HKLM\..\Run : [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
04 - HKLM\..\Run : [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
04 - HKLM\..\Run : [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
04 - HKLM\..\Run : [AVG_UI] "C:\Program Files (x86)\AVG\AVG2014\avgui.exe" /TRAYONLY
04 - [x64] HKLM\..\Run : [VizorHtmlDialog.exe] "C:\Program Files\Trend Micro\Titanium\UIFramework\VizorHtmlDialog.exe" "DEF" "EULA" "C:\Program Files\Trend Micro\Titanium\www\Installer.cmpt\resources\preinstall_01_welcome_trial.html" "DEF" "DEF" "DEF"
04 - [x64] HKLM\..\Run : [Trend Micro Client Framework] "C:\Program Files\Trend Micro\UniClient\UiFrmWrk\UIWatchDog.exe"
04 - [x64] HKLM\..\Run : [Trend Micro Titanium] "C:\Program Files\Trend Micro\Titanium\VizorShortCut.exe" -ReFlush "none" "none"
04 - [x64] HKLM\..\Run : [IgfxTray] C:\Windows\system32\igfxtray.exe
04 - [x64] HKLM\..\Run : [HotKeysCmds] C:\Windows\system32\hkcmd.exe
04 - [x64] HKLM\..\Run : [ETDCtrl] %ProgramFiles%\Elantech\ETDCtrl.exe
04 - HKU\S-1-5-19\..\Run : [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
04 - HKU\S-1-5-20\..\Run : [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
04 - HKU\S-1-5-21-1322692611-2876088620-685211800-1000\..\Run : [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
04 - HKU\S-1-5-21-1322692611-2876088620-685211800-1000\..\Run : [HW_OPENEYE_OUC_VIVO INTERNET] "C:\Program Files (x86)\VIVO INTERNET\UpdateDog\ouc.exe"
04 - HKU\S-1-5-21-1322692611-2876088620-685211800-1000\..\Run : [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
04 - HKU\S-1-5-21-1322692611-2876088620-685211800-1000\..\Run : [MCShield Monitor] C:\Program Files (x86)\MCShield\mcshieldrtm.exe
04 - HKU\S-1-5-19\..\RunOnce : [mctadmin] C:\Windows\System32\mctadmin.exe
04 - HKU\S-1-5-20\..\RunOnce : [mctadmin] C:\Windows\System32\mctadmin.exe
################## | Listing |
[29/04/2014 - 10:22:53 | D] - C:\$AVG
[30/04/2014 - 09:45:04 | SHD] - C:\$RECYCLE.BIN
[29/04/2014 - 13:05:25 | D] - C:\AdwCleaner
[09/03/2012 - 16:51:05 | D] - C:\AsusVibeData
[29/07/2009 - 02:09:16 | SHD] - C:\Boot
[13/07/2009 - 22:38:58 | RASH | 375 Ko] - C:\bootmgr
[29/07/2009 - 02:09:18 | RASH | 8 Ko] - C:\BOOTSECT.BAK
[14/07/2009 - 02:08:56 | SHD] - C:\Documents and Settings
[15/07/2012 - 05:37:37 | D] - C:\eSupport
[29/04/2014 - 22:54:09 | N | 0 Ko] - C:\files.log
[29/04/2014 - 22:54:21 | N | 0 Ko] - C:\folders.log
[01/05/2014 - 09:41:42 | D] - C:\FRST
[01/05/2014 - 10:43:28 | ASH | 6204148 Ko] - C:\hiberfil.sys
[15/07/2012 - 05:28:58 | D] - C:\Intel
[05/01/2013 - 23:13:57 | RHD] - C:\MSOCache
[24/03/2013 - 20:39:23 | D] - C:\opt
[01/05/2014 - 10:43:27 | ASH | 8272200 Ko] - C:\pagefile.sys
[02/04/2014 - 18:37:00 | D] - C:\PenClean
[14/07/2009 - 00:20:08 | D] - C:\PerfLogs
[24/04/2014 - 10:08:06 | D] - C:\Program Files
[30/04/2014 - 23:08:26 | D] - C:\Program Files (x86)
[30/04/2014 - 23:08:27 | HD] - C:\ProgramData
[29/07/2009 - 01:20:32 | SHD] - C:\Recovery
[29/04/2014 - 22:54:22 | N | 3 Ko | FF219CB8EC166C8738192F934FB0728D] - C:\runcheck.txt
[30/04/2014 - 15:22:15 | D] - C:\SUPERDelete
[30/04/2014 - 23:38:38 | SHD] - C:\System Volume Information
[01/05/2014 - 10:38:53 | D] - C:\UsbFix
[29/04/2014 - 12:32:09 | N | 13 Ko | 17C7AD2CEBE81AA8DFCB8B2435DD392F] - C:\UsbFix [Clean 2] PES.txt
[01/05/2014 - 10:23:12 | N | 13 Ko | D23C2B2305EFC5091EB1AA392481C19D] - C:\UsbFix [Clean 4] PES.txt
[01/05/2014 - 10:41:56 | N | 13 Ko | 42E027D4B9FD997BCC6F19F70D4FCC0E] - C:\UsbFix [Clean 6] PES.txt
[01/05/2014 - 10:45:17 | A | 12 Ko | F950057CB5443BFEF22C520174999B08] - C:\UsbFix [Clean 8] PES.txt
[05/01/2013 - 11:34:05 | D] - C:\Users
[30/04/2014 - 23:51:49 | D] - C:\Windows
[10/07/2013 - 23:42:18 | D] - C:\WinloadPrivateDir
[24/04/2014 - 23:13:50 | D] - C:\xti
[29/04/2014 - 22:54:21 | D] - C:\zoek
[29/04/2014 - 22:54:22 | N | 19 Ko] - C:\zoek-results.log
[29/04/2014 - 22:48:56 | D] - C:\zoek_backup
[03/03/2014 - 15:35:22 | SHD] - D:\$RECYCLE.BIN
[16/01/2013 - 18:43:03 | D] - D:\cadsimu
[26/04/2014 - 18:38:01 | D] - D:\Digitação
[27/04/2014 - 21:52:45 | D] - D:\PUC
[16/03/2014 - 17:00:01 | SHD] - D:\System Volume Information
[09/04/2014 - 14:33:00 | D] - G:\LABORATÓRIO
[24/04/2014 - 10:01:38 | D] - G:\IC
[15/03/2014 - 23:44:52 | D] - G:\Configuração
[28/04/2014 - 17:27:18 | D] - G:\FILSOFIA
[15/03/2014 - 23:44:42 | D] - G:\curriculum
[02/04/2014 - 19:57:52 | D] - G:\Exercício de ATP Pega Monitoria
[15/03/2014 - 23:44:50 | D] - G:\PUC
################## | Vaccin |
D:\Autorun.inf -> Vacina criada por UsbFix (El Desaparecido)
E:\Autorun.inf -> Vacina criada por UsbFix (El Desaparecido)
G:\Autorun.inf -> Vacina criada por UsbFix (El Desaparecido)
################## | E.O.F | [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] |
Usuário: Pablo (Administrador) # PES
Atualizado em 31/03/2014 por El Desaparecido - Team SosVirus
Começou em 10:44:19 | 01/05/2014
Site : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Changelog : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Support : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Upload Malware : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Contato : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
PC: ASUSTeK COMPUTER INC. (K45A)
CPU: Intel(R) Core(TM) i5-3210M CPU @ 2.50GHz
RAM -> [Total : 8078 Mo| Free : 6115 Mo]
Bios: American Megatrends Inc.
Boot: Normal boot
OS: Microsoft Windows 7 Home Basic (6.1.7601 64-Bit) Service Pack 1
WB: Windows Internet Explorer : 9.0.8112.16421
WB: Google Chrome : 34.0.1847.131
SC: Security Center [Enabled]
WU: Windows Update [(!) Disabled]
AV: AVG AntiVirus Free Edition 2014 [Enabled | Updated]
AV: Trend Micro Titanium Internet Security 2012 [(!) Disabled | Updated]
AS: Trend Micro Titanium Internet Security 2012 [(!) Disabled | Updated]
AS: Windows Defender [(!) Disabled | Updated]
AS: AVG AntiVirus Free Edition 2014 [Enabled | Updated]
FW: Windows FireWall [Enabled]
C:\ (%systemdrive%) -> Disco fixo # 300 Gb (206 Mb livre - 69%) [OS] # NTFS
D:\ -> Disco fixo # 373 Gb (365 Mb livre - 98%) [DATA] # NTFS
E:\ -> Disco removível # 4 Gb (4 Mb livre - 100%) [] # FAT32
F:\ -> CD-ROM
G:\ -> Disco removível # 4 Gb (3 Mb livre - 93%) [PABLO] # FAT32
################## | Processos Ativos |
c:\PROGRA~2\AVG\AVG2014\avgrsa.exe (ID: 600 |ParentID: 588)
C:\Program Files (x86)\AVG\AVG2014\avgcsrva.exe (ID: 640 |ParentID: 600)
C:\Windows\system32\csrss.exe (ID: 952 |ParentID: 940)
C:\Windows\system32\wininit.exe (ID: 1008 |ParentID: 940)
C:\Windows\system32\csrss.exe (ID: 352 |ParentID: 1016)
C:\Windows\system32\services.exe (ID: 596 |ParentID: 1008)
C:\Windows\system32\lsass.exe (ID: 920 |ParentID: 1008)
C:\Windows\system32\lsm.exe (ID: 568 |ParentID: 1008)
C:\Windows\system32\svchost.exe (ID: 1076 |ParentID: 596)
C:\Windows\system32\winlogon.exe (ID: 1144 |ParentID: 1016)
C:\Windows\system32\svchost.exe (ID: 1196 |ParentID: 596)
C:\Windows\System32\svchost.exe (ID: 1284 |ParentID: 596)
C:\Windows\System32\svchost.exe (ID: 1328 |ParentID: 596)
C:\Windows\system32\svchost.exe (ID: 1368 |ParentID: 596)
C:\Windows\UnsignedThemesSvc.exe (ID: 1400 |ParentID: 596)
C:\Windows\system32\svchost.exe (ID: 1512 |ParentID: 596)
C:\Windows\system32\svchost.exe (ID: 1616 |ParentID: 596)
C:\Windows\SYSTEM32\WISPTIS.EXE (ID: 1716 |ParentID: 1328)
C:\Windows\system32\FBAgent.exe (ID: 1732 |ParentID: 596)
C:\Windows\system32\WLANExt.exe (ID: 1740 |ParentID: 1328)
C:\Windows\system32\conhost.exe (ID: 1764 |ParentID: 952)
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe (ID: 1772 |ParentID: 596)
C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe (ID: 1852 |ParentID: 596)
C:\Windows\System32\spoolsv.exe (ID: 1968 |ParentID: 596)
C:\Windows\system32\taskeng.exe (ID: 2000 |ParentID: 1368)
C:\Windows\system32\svchost.exe (ID: 2044 |ParentID: 596)
C:\Windows\system32\svchost.exe (ID: 1180 |ParentID: 596)
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe (ID: 1552 |ParentID: 1772)
C:\Windows\SYSTEM32\WISPTIS.EXE (ID: 2128 |ParentID: 1328)
C:\Windows\system32\Dwm.exe (ID: 2148 |ParentID: 1328)
C:\Windows\system32\taskhost.exe (ID: 2168 |ParentID: 596)
C:\Windows\Explorer.EXE (ID: 2252 |ParentID: 2120)
C:\Windows\system32\taskeng.exe (ID: 2404 |ParentID: 1368)
C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE (ID: 2468 |ParentID: 596)
C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnSrv.exe (ID: 2524 |ParentID: 596)
C:\Program Files\ASUS\P4G\BatteryLife.exe (ID: 2568 |ParentID: 2404)
C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe (ID: 2584 |ParentID: 596)
C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe (ID: 2612 |ParentID: 2404)
C:\Program Files (x86)\ASUS\FaceLogon\sensorsrv.exe (ID: 2636 |ParentID: 2404)
C:\Program Files (x86)\ASUS\ASUS Virtual Touch\QuickGesture\x86\QuickGesture.exe (ID: 2660 |ParentID: 2404)
C:\Program Files (x86)\ASUS\ASUS Virtual Touch\QuickGesture\x64\QuickGesture64.exe (ID: 2668 |ParentID: 2404)
C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe (ID: 2688 |ParentID: 2404)
C:\Windows\system32\runonce.exe (ID: 2748 |ParentID: 2252)
C:\Windows\SysWOW64\runonce.exe (ID: 2808 |ParentID: 2748)
C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe (ID: 2816 |ParentID: 596)
C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe (ID: 2872 |ParentID: 596)
C:\ProgramData\DatacardService\HWDeviceService64.exe (ID: 2920 |ParentID: 596)
C:\Program Files\Intel\iCLS Client\HeciServer.exe (ID: 2976 |ParentID: 596)
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe (ID: 3020 |ParentID: 596)
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (ID: 3052 |ParentID: 596)
C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\ismagent.exe (ID: 2644 |ParentID: 2248)
C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe (ID: 2604 |ParentID: 596)
C:\ProgramData\DatacardService\DCSHelper.exe (ID: 3092 |ParentID: 2920)
C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnWMI.exe (ID: 3100 |ParentID: 2524)
C:\Program Files (x86)\ASUS\Splendid\ACMON.exe (ID: 3120 |ParentID: 1732)
C:\Windows\SysWOW64\ACEngSvr.exe (ID: 3156 |ParentID: 1076)
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe (ID: 3196 |ParentID: 1732)
C:\Windows\AsScrPro.exe (ID: 3308 |ParentID: 1732)
C:\Program Files (x86)\AVG\AVG2014\avgnsa.exe (ID: 3324 |ParentID: 2872)
C:\Program Files (x86)\AVG\AVG2014\avgemca.exe (ID: 3332 |ParentID: 2872)
C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe (ID: 3424 |ParentID: 1732)
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (ID: 3532 |ParentID: 1732)
C:\Program Files (x86)\winaero.com\Personalization Panel DWM Controller\persdwmsrv.exe (ID: 3420 |ParentID: 596)
C:\Program Files (x86)\Skype\Updater\Updater.exe (ID: 3988 |ParentID: 596)
C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe (ID: 4016 |ParentID: 596)
C:\Windows\system32\svchost.exe (ID: 1548 |ParentID: 596)
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (ID: 3468 |ParentID: 596)
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe (ID: 4296 |ParentID: 3468)
C:\Windows\system32\wbem\wmiprvse.exe (ID: 4424 |ParentID: 1076)
C:\Windows\system32\wbem\wmiprvse.exe (ID: 4432 |ParentID: 1076)
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe (ID: 4656 |ParentID: 1552)
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe (ID: 4676 |ParentID: 1552)
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe (ID: 4684 |ParentID: 1552)
C:\Windows\system32\igfxsrvc.exe (ID: 4932 |ParentID: 1076)
C:\Program Files\Trend Micro\Titanium\TiMiniService.exe (ID: 5056 |ParentID: 596)
C:\Windows\servicing\TrustedInstaller.exe (ID: 5116 |ParentID: 596)
C:\Program Files\Trend Micro\Titanium\TiResumeSrv.exe (ID: 4208 |ParentID: 5056)
C:\Windows\system32\conhost.exe (ID: 4512 |ParentID: 952)
C:\Windows\system32\svchost.exe (ID: 5044 |ParentID: 596)
C:\Windows\System32\svchost.exe (ID: 5112 |ParentID: 596)
C:\Windows\system32\WUDFHost.exe (ID: 5212 |ParentID: 1328)
################## | Procura genérica |
(!) Ficheiros temporários suprimido.
################## | Registro |
################## | Regedit Run |
F2 - HKLM\..\Winlogon : [Shell] explorer.exe
F2 - [x64] HKLM\..\Winlogon : [Shell] explorer.exe
F2 - HKLM\..\Winlogon : [Userinit] userinit.exe,
F2 - [x64] HKLM\..\Winlogon : [Userinit] C:\Windows\system32\userinit.exe,
04 - HKCU\..\Run : [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
04 - HKCU\..\Run : [HW_OPENEYE_OUC_VIVO INTERNET] "C:\Program Files (x86)\VIVO INTERNET\UpdateDog\ouc.exe"
04 - HKCU\..\Run : [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
04 - HKCU\..\Run : [MCShield Monitor] C:\Program Files (x86)\MCShield\mcshieldrtm.exe
04 - HKLM\..\Run : [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
04 - HKLM\..\Run : [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
04 - HKLM\..\Run : [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
04 - HKLM\..\Run : [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
04 - HKLM\..\Run : [AVG_UI] "C:\Program Files (x86)\AVG\AVG2014\avgui.exe" /TRAYONLY
04 - [x64] HKLM\..\Run : [VizorHtmlDialog.exe] "C:\Program Files\Trend Micro\Titanium\UIFramework\VizorHtmlDialog.exe" "DEF" "EULA" "C:\Program Files\Trend Micro\Titanium\www\Installer.cmpt\resources\preinstall_01_welcome_trial.html" "DEF" "DEF" "DEF"
04 - [x64] HKLM\..\Run : [Trend Micro Client Framework] "C:\Program Files\Trend Micro\UniClient\UiFrmWrk\UIWatchDog.exe"
04 - [x64] HKLM\..\Run : [Trend Micro Titanium] "C:\Program Files\Trend Micro\Titanium\VizorShortCut.exe" -ReFlush "none" "none"
04 - [x64] HKLM\..\Run : [IgfxTray] C:\Windows\system32\igfxtray.exe
04 - [x64] HKLM\..\Run : [HotKeysCmds] C:\Windows\system32\hkcmd.exe
04 - [x64] HKLM\..\Run : [ETDCtrl] %ProgramFiles%\Elantech\ETDCtrl.exe
04 - HKU\S-1-5-19\..\Run : [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
04 - HKU\S-1-5-20\..\Run : [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
04 - HKU\S-1-5-21-1322692611-2876088620-685211800-1000\..\Run : [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
04 - HKU\S-1-5-21-1322692611-2876088620-685211800-1000\..\Run : [HW_OPENEYE_OUC_VIVO INTERNET] "C:\Program Files (x86)\VIVO INTERNET\UpdateDog\ouc.exe"
04 - HKU\S-1-5-21-1322692611-2876088620-685211800-1000\..\Run : [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
04 - HKU\S-1-5-21-1322692611-2876088620-685211800-1000\..\Run : [MCShield Monitor] C:\Program Files (x86)\MCShield\mcshieldrtm.exe
04 - HKU\S-1-5-19\..\RunOnce : [mctadmin] C:\Windows\System32\mctadmin.exe
04 - HKU\S-1-5-20\..\RunOnce : [mctadmin] C:\Windows\System32\mctadmin.exe
################## | Listing |
[29/04/2014 - 10:22:53 | D] - C:\$AVG
[30/04/2014 - 09:45:04 | SHD] - C:\$RECYCLE.BIN
[29/04/2014 - 13:05:25 | D] - C:\AdwCleaner
[09/03/2012 - 16:51:05 | D] - C:\AsusVibeData
[29/07/2009 - 02:09:16 | SHD] - C:\Boot
[13/07/2009 - 22:38:58 | RASH | 375 Ko] - C:\bootmgr
[29/07/2009 - 02:09:18 | RASH | 8 Ko] - C:\BOOTSECT.BAK
[14/07/2009 - 02:08:56 | SHD] - C:\Documents and Settings
[15/07/2012 - 05:37:37 | D] - C:\eSupport
[29/04/2014 - 22:54:09 | N | 0 Ko] - C:\files.log
[29/04/2014 - 22:54:21 | N | 0 Ko] - C:\folders.log
[01/05/2014 - 09:41:42 | D] - C:\FRST
[01/05/2014 - 10:43:28 | ASH | 6204148 Ko] - C:\hiberfil.sys
[15/07/2012 - 05:28:58 | D] - C:\Intel
[05/01/2013 - 23:13:57 | RHD] - C:\MSOCache
[24/03/2013 - 20:39:23 | D] - C:\opt
[01/05/2014 - 10:43:27 | ASH | 8272200 Ko] - C:\pagefile.sys
[02/04/2014 - 18:37:00 | D] - C:\PenClean
[14/07/2009 - 00:20:08 | D] - C:\PerfLogs
[24/04/2014 - 10:08:06 | D] - C:\Program Files
[30/04/2014 - 23:08:26 | D] - C:\Program Files (x86)
[30/04/2014 - 23:08:27 | HD] - C:\ProgramData
[29/07/2009 - 01:20:32 | SHD] - C:\Recovery
[29/04/2014 - 22:54:22 | N | 3 Ko | FF219CB8EC166C8738192F934FB0728D] - C:\runcheck.txt
[30/04/2014 - 15:22:15 | D] - C:\SUPERDelete
[30/04/2014 - 23:38:38 | SHD] - C:\System Volume Information
[01/05/2014 - 10:38:53 | D] - C:\UsbFix
[29/04/2014 - 12:32:09 | N | 13 Ko | 17C7AD2CEBE81AA8DFCB8B2435DD392F] - C:\UsbFix [Clean 2] PES.txt
[01/05/2014 - 10:23:12 | N | 13 Ko | D23C2B2305EFC5091EB1AA392481C19D] - C:\UsbFix [Clean 4] PES.txt
[01/05/2014 - 10:41:56 | N | 13 Ko | 42E027D4B9FD997BCC6F19F70D4FCC0E] - C:\UsbFix [Clean 6] PES.txt
[01/05/2014 - 10:45:17 | A | 12 Ko | F950057CB5443BFEF22C520174999B08] - C:\UsbFix [Clean 8] PES.txt
[05/01/2013 - 11:34:05 | D] - C:\Users
[30/04/2014 - 23:51:49 | D] - C:\Windows
[10/07/2013 - 23:42:18 | D] - C:\WinloadPrivateDir
[24/04/2014 - 23:13:50 | D] - C:\xti
[29/04/2014 - 22:54:21 | D] - C:\zoek
[29/04/2014 - 22:54:22 | N | 19 Ko] - C:\zoek-results.log
[29/04/2014 - 22:48:56 | D] - C:\zoek_backup
[03/03/2014 - 15:35:22 | SHD] - D:\$RECYCLE.BIN
[16/01/2013 - 18:43:03 | D] - D:\cadsimu
[26/04/2014 - 18:38:01 | D] - D:\Digitação
[27/04/2014 - 21:52:45 | D] - D:\PUC
[16/03/2014 - 17:00:01 | SHD] - D:\System Volume Information
[09/04/2014 - 14:33:00 | D] - G:\LABORATÓRIO
[24/04/2014 - 10:01:38 | D] - G:\IC
[15/03/2014 - 23:44:52 | D] - G:\Configuração
[28/04/2014 - 17:27:18 | D] - G:\FILSOFIA
[15/03/2014 - 23:44:42 | D] - G:\curriculum
[02/04/2014 - 19:57:52 | D] - G:\Exercício de ATP Pega Monitoria
[15/03/2014 - 23:44:50 | D] - G:\PUC
################## | Vaccin |
D:\Autorun.inf -> Vacina criada por UsbFix (El Desaparecido)
E:\Autorun.inf -> Vacina criada por UsbFix (El Desaparecido)
G:\Autorun.inf -> Vacina criada por UsbFix (El Desaparecido)
################## | E.O.F | [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] |
pabloescobar- Membro
- Mensagens : 68
Reputação : 0
Data de inscrição : 17/04/2014
Localização : Minas Gerais
Re: Fotos Slides Movie nos pendrives e PC
por Power Max Qui 01 maio 2014, 10:49
Mantenha todos os pendrives conectados no PC e não tire até que o seu caso esteja totalmente resolvido, ok?
O Mcshield ainda está instalado no seu PC?
O Mcshield ainda está instalado no seu PC?
Power Max- Colaborador
- Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009
Fotos Slides Movie nos pendrives e PC
por pabloescobar Qui 01 maio 2014, 10:50
sim ao colocar os pen drive ele ja executou a ação de renomear os virus algo assim
Desculpa vou olhar o que ta instalado e o malwarebyte
Sim Mcshield tb está não retirei nada dos procedimentos anteriores todos o programas que pediu para baixar ainda estão no meu pc
Desculpa vou olhar o que ta instalado e o malwarebyte
Sim Mcshield tb está não retirei nada dos procedimentos anteriores todos o programas que pediu para baixar ainda estão no meu pc
pabloescobar- Membro
- Mensagens : 68
Reputação : 0
Data de inscrição : 17/04/2014
Localização : Minas Gerais
Re: Fotos Slides Movie nos pendrives e PC
por Power Max Qui 01 maio 2014, 10:58
Abra o McShield > Vá na aba Logs clique em Salvar.
Será gerado um log na sua área de trabalho. Selecione, copie e cole todo o conteúdo deste log na sua próxima resposta.
Será gerado um log na sua área de trabalho. Selecione, copie e cole todo o conteúdo deste log na sua próxima resposta.
Power Max- Colaborador
- Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009
Fotos Slides Movie nos pendrives e PC
por pabloescobar Qui 01 maio 2014, 11:00
>>> MCShield AllScans.txt <<<
-----------------------------
MCShield ::Anti-Malware Tool:: [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
>>> v 3.0.5.28 / DB: 2014.4.28.1 / Windows 7 <<<
29/04/2014 12:45:10 > Unidade C: - escaneamento iniciado (OS ~300 GB, NTFS HDD )...
=> A unidade está limpa.
29/04/2014 12:45:11 > Unidade D: - escaneamento iniciado (DATA ~373 GB, NTFS HDD )...
=> A unidade está limpa.
MCShield ::Anti-Malware Tool:: [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
>>> v 3.0.5.28 / DB: 2014.4.28.1 / Windows 7 <<<
29/04/2014 13:07:16 > Unidade C: - escaneamento iniciado (OS ~300 GB, NTFS HDD )...
=> A unidade está limpa.
29/04/2014 13:07:16 > Unidade D: - escaneamento iniciado (DATA ~373 GB, NTFS HDD )...
=> A unidade está limpa.
MCShield ::Anti-Malware Tool:: [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
>>> v 3.0.5.28 / DB: 2014.4.28.1 / Windows 7 <<<
29/04/2014 22:26:23 > Unidade C: - escaneamento iniciado (OS ~300 GB, NTFS HDD )...
=> A unidade está limpa.
29/04/2014 22:26:23 > Unidade D: - escaneamento iniciado (DATA ~373 GB, NTFS HDD )...
=> A unidade está limpa.
MCShield ::Anti-Malware Tool:: [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
>>> v 3.0.5.28 / DB: 2014.4.28.1 / Windows 7 <<<
30/04/2014 09:45:09 > Unidade C: - escaneamento iniciado (OS ~300 GB, NTFS HDD )...
=> A unidade está limpa.
30/04/2014 09:45:10 > Unidade D: - escaneamento iniciado (DATA ~373 GB, NTFS HDD )...
=> A unidade está limpa.
MCShield ::Anti-Malware Tool:: [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
>>> v 3.0.5.28 / DB: 2014.4.28.1 / Windows 7 <<<
30/04/2014 12:32:39 > Unidade C: - escaneamento iniciado (OS ~300 GB, NTFS HDD )...
=> A unidade está limpa.
30/04/2014 12:32:40 > Unidade D: - escaneamento iniciado (DATA ~373 GB, NTFS HDD )...
=> A unidade está limpa.
MCShield ::Anti-Malware Tool:: [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
>>> v 3.0.5.28 / DB: 2014.4.28.1 / Windows 7 <<<
30/04/2014 15:19:52 > Unidade E: - escaneamento iniciado (Pablo ~466 GB, NTFS HDD )...
=> A unidade está limpa.
MCShield ::Anti-Malware Tool:: [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
>>> v 3.0.5.28 / DB: 2014.4.28.1 / Windows 7 <<<
30/04/2014 17:44:37 > Unidade C: - escaneamento iniciado (OS ~300 GB, NTFS HDD )...
=> A unidade está limpa.
30/04/2014 17:44:37 > Unidade D: - escaneamento iniciado (DATA ~373 GB, NTFS HDD )...
=> A unidade está limpa.
MCShield ::Anti-Malware Tool:: [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
>>> v 3.0.5.28 / DB: 2014.4.28.1 / Windows 7 <<<
30/04/2014 22:50:03 > Unidade C: - escaneamento iniciado (OS ~300 GB, NTFS HDD )...
=> A unidade está limpa.
30/04/2014 22:50:04 > Unidade D: - escaneamento iniciado (DATA ~373 GB, NTFS HDD )...
=> A unidade está limpa.
MCShield ::Anti-Malware Tool:: [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
>>> v 3.0.5.28 / DB: 2014.4.28.1 / Windows 7 <<<
30/04/2014 23:48:15 > Unidade C: - escaneamento iniciado (OS ~300 GB, NTFS HDD )...
=> A unidade está limpa.
30/04/2014 23:48:16 > Unidade D: - escaneamento iniciado (DATA ~373 GB, NTFS HDD )...
=> A unidade está limpa.
MCShield ::Anti-Malware Tool:: [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
>>> v 3.0.5.28 / DB: 2014.4.28.1 / Windows 7 <<<
01/05/2014 09:18:38 > Unidade C: - escaneamento iniciado (OS ~300 GB, NTFS HDD )...
=> A unidade está limpa.
01/05/2014 09:18:39 > Unidade D: - escaneamento iniciado (DATA ~373 GB, NTFS HDD )...
=> A unidade está limpa.
MCShield ::Anti-Malware Tool:: [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
>>> v 3.0.5.28 / DB: 2014.4.28.1 / Windows 7 <<<
01/05/2014 10:15:26 > Unidade E: - escaneamento iniciado (sem rotulo ~3891 MB, FAT32 unidade flash )...
>>> E:\Fotos Slides Movie.vbe - Suspeito > Renomeado. (MD5: desconhecido)
=> Arquivos Suspeitos : 1/1 renomeado.
____________________________________________
::::: Duração do escaneamento: (Modo interativo)
MCShield ::Anti-Malware Tool:: [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
>>> v 3.0.5.28 / DB: 2014.4.28.1 / Windows 7 <<<
01/05/2014 10:15:31 > Unidade G: - escaneamento iniciado (PABLO ~3815 MB, FAT32 unidade flash )...
>>> G:\Fotos Slides Movie.vbe - Suspeito > Renomeado. (MD5: desconhecido)
=> Arquivos Suspeitos : 1/1 renomeado.
____________________________________________
::::: Duração do escaneamento: (Modo interativo)
-----------------------------
MCShield ::Anti-Malware Tool:: [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
>>> v 3.0.5.28 / DB: 2014.4.28.1 / Windows 7 <<<
29/04/2014 12:45:10 > Unidade C: - escaneamento iniciado (OS ~300 GB, NTFS HDD )...
=> A unidade está limpa.
29/04/2014 12:45:11 > Unidade D: - escaneamento iniciado (DATA ~373 GB, NTFS HDD )...
=> A unidade está limpa.
MCShield ::Anti-Malware Tool:: [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
>>> v 3.0.5.28 / DB: 2014.4.28.1 / Windows 7 <<<
29/04/2014 13:07:16 > Unidade C: - escaneamento iniciado (OS ~300 GB, NTFS HDD )...
=> A unidade está limpa.
29/04/2014 13:07:16 > Unidade D: - escaneamento iniciado (DATA ~373 GB, NTFS HDD )...
=> A unidade está limpa.
MCShield ::Anti-Malware Tool:: [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
>>> v 3.0.5.28 / DB: 2014.4.28.1 / Windows 7 <<<
29/04/2014 22:26:23 > Unidade C: - escaneamento iniciado (OS ~300 GB, NTFS HDD )...
=> A unidade está limpa.
29/04/2014 22:26:23 > Unidade D: - escaneamento iniciado (DATA ~373 GB, NTFS HDD )...
=> A unidade está limpa.
MCShield ::Anti-Malware Tool:: [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
>>> v 3.0.5.28 / DB: 2014.4.28.1 / Windows 7 <<<
30/04/2014 09:45:09 > Unidade C: - escaneamento iniciado (OS ~300 GB, NTFS HDD )...
=> A unidade está limpa.
30/04/2014 09:45:10 > Unidade D: - escaneamento iniciado (DATA ~373 GB, NTFS HDD )...
=> A unidade está limpa.
MCShield ::Anti-Malware Tool:: [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
>>> v 3.0.5.28 / DB: 2014.4.28.1 / Windows 7 <<<
30/04/2014 12:32:39 > Unidade C: - escaneamento iniciado (OS ~300 GB, NTFS HDD )...
=> A unidade está limpa.
30/04/2014 12:32:40 > Unidade D: - escaneamento iniciado (DATA ~373 GB, NTFS HDD )...
=> A unidade está limpa.
MCShield ::Anti-Malware Tool:: [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
>>> v 3.0.5.28 / DB: 2014.4.28.1 / Windows 7 <<<
30/04/2014 15:19:52 > Unidade E: - escaneamento iniciado (Pablo ~466 GB, NTFS HDD )...
=> A unidade está limpa.
MCShield ::Anti-Malware Tool:: [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
>>> v 3.0.5.28 / DB: 2014.4.28.1 / Windows 7 <<<
30/04/2014 17:44:37 > Unidade C: - escaneamento iniciado (OS ~300 GB, NTFS HDD )...
=> A unidade está limpa.
30/04/2014 17:44:37 > Unidade D: - escaneamento iniciado (DATA ~373 GB, NTFS HDD )...
=> A unidade está limpa.
MCShield ::Anti-Malware Tool:: [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
>>> v 3.0.5.28 / DB: 2014.4.28.1 / Windows 7 <<<
30/04/2014 22:50:03 > Unidade C: - escaneamento iniciado (OS ~300 GB, NTFS HDD )...
=> A unidade está limpa.
30/04/2014 22:50:04 > Unidade D: - escaneamento iniciado (DATA ~373 GB, NTFS HDD )...
=> A unidade está limpa.
MCShield ::Anti-Malware Tool:: [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
>>> v 3.0.5.28 / DB: 2014.4.28.1 / Windows 7 <<<
30/04/2014 23:48:15 > Unidade C: - escaneamento iniciado (OS ~300 GB, NTFS HDD )...
=> A unidade está limpa.
30/04/2014 23:48:16 > Unidade D: - escaneamento iniciado (DATA ~373 GB, NTFS HDD )...
=> A unidade está limpa.
MCShield ::Anti-Malware Tool:: [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
>>> v 3.0.5.28 / DB: 2014.4.28.1 / Windows 7 <<<
01/05/2014 09:18:38 > Unidade C: - escaneamento iniciado (OS ~300 GB, NTFS HDD )...
=> A unidade está limpa.
01/05/2014 09:18:39 > Unidade D: - escaneamento iniciado (DATA ~373 GB, NTFS HDD )...
=> A unidade está limpa.
MCShield ::Anti-Malware Tool:: [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
>>> v 3.0.5.28 / DB: 2014.4.28.1 / Windows 7 <<<
01/05/2014 10:15:26 > Unidade E: - escaneamento iniciado (sem rotulo ~3891 MB, FAT32 unidade flash )...
>>> E:\Fotos Slides Movie.vbe - Suspeito > Renomeado. (MD5: desconhecido)
=> Arquivos Suspeitos : 1/1 renomeado.
____________________________________________
::::: Duração do escaneamento: (Modo interativo)
MCShield ::Anti-Malware Tool:: [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
>>> v 3.0.5.28 / DB: 2014.4.28.1 / Windows 7 <<<
01/05/2014 10:15:31 > Unidade G: - escaneamento iniciado (PABLO ~3815 MB, FAT32 unidade flash )...
>>> G:\Fotos Slides Movie.vbe - Suspeito > Renomeado. (MD5: desconhecido)
=> Arquivos Suspeitos : 1/1 renomeado.
____________________________________________
::::: Duração do escaneamento: (Modo interativo)
pabloescobar- Membro
- Mensagens : 68
Reputação : 0
Data de inscrição : 17/04/2014
Localização : Minas Gerais
Página 2 de 3 • 1, 2, 3
Tópicos semelhantes» Virus do Fotos Slides Movie, como usar o ZHPDiag
» Como Excluir o Fotos Slides Movie.vbe
» Como remover Malware Fotos Slides Movie.vbe?
» como remover o vírus fotos slides movie.vbe
» Como excluir o malware Fotos Slide Movie
» Como Excluir o Fotos Slides Movie.vbe
» Como remover Malware Fotos Slides Movie.vbe?
» como remover o vírus fotos slides movie.vbe
» Como excluir o malware Fotos Slide Movie
Página 2 de 3
Permissões neste sub-fórum
Não podes responder a tópicos