Flux 
Social bookmarking
Conservar e compartilhar o endereço de PC Seguro em seu site de social bookmarking
Conservar e compartilhar o endereço de Fórum PC Brasil em seu site de social bookmarking
Estatísticas
Temos 14810 usuários registradosO último membro registrado é Josevinil
Os nossos membros postaram um total de 36047 mensagens em 3685 assuntos
Quem está conectado?
Há 11 usuários online :: 0 registrados, 0 invisíveis e 11 visitantes Nenhum
O recorde de usuários online foi de 301 em Ter 26 Out 2021, 15:28
Procurar
Top dos mais postadores
| Power Max |
| |||
| joram |
| |||
| Wings [In Memoriam] |
| |||
| caedurodrigues |
| |||
| Amigo Brasileiro |
| |||
| luizvilarinho |
| |||
| Danii |
| |||
| Admin |
| |||
| Danilo Marsaro |
| |||
| Andreata |
|
Notebook infectado
2 participantes
Página 1 de 1
Notebook infectado
por leandro9172 Sex 06 Dez 2013, 22:31
Por favor me ajudem! acho que meu notebook foi infectado.
Ele está respondendo de forma lenta, as vezes trava todas as janelas e quando deleto
recorto ou colo um arquivo o mesmo continua lá, como se demorasse para atualizar,
só atualiza quando volto e retorno na pasta!
Ele está respondendo de forma lenta, as vezes trava todas as janelas e quando deleto
recorto ou colo um arquivo o mesmo continua lá, como se demorasse para atualizar,
só atualiza quando volto e retorno na pasta!
leandro9172- Iniciante
- Mensagens : 21
Reputação : 0
Data de inscrição : 27/11/2013
Re: Notebook infectado
por leandro9172 Sex 06 Dez 2013, 22:43
E quase sempre que acesso o Firefox, quando vou abrir uma nova aba
aparece mensagem de plugin interrompido como na figura anexa:
aparece mensagem de plugin interrompido como na figura anexa:
leandro9172- Iniciante
- Mensagens : 21
Reputação : 0
Data de inscrição : 27/11/2013
Re: Notebook infectado
por Wings [In Memoriam] Sex 06 Dez 2013, 22:52
Olá leandro9172
Preciso ter algumas informações básicas.
Baixe o [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] (...da TrendMicro) e salve-o no desktop (Área de Trabalho)
*Execute-o, clique [Do a system scan and save a logfile] e cole o relatório apresentado
Preciso ter algumas informações básicas.
Baixe o [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] (...da TrendMicro) e salve-o no desktop (Área de Trabalho)*Execute-o, clique [Do a system scan and save a logfile] e cole o relatório apresentado
![Wings [In Memoriam]](https://2img.net/u/1712/29/07/67/avatars/414-76.jpg)
Wings [In Memoriam]- Moderador
- Mensagens : 1080
Reputação : 282
Data de inscrição : 19/08/2013
Localização : Rio de Janeiro - RJ -
Re: Notebook infectado
por leandro9172 Sex 06 Dez 2013, 22:59
Relatório do programa Hijackthis:
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:57:01, on 06/12/2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.16428)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe
C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe
C:\Program Files (x86)\National Instruments\Shared\NI Error Reporting\nierserver.exe
C:\Program Files (x86)\VMware\VMware Player\hqtray.exe
C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe
C:\Program Files (x86)\Nuance\PDF Viewer Plus\pdfPro5Hook.exe
C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe
C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe
C:\Program Files (x86)\ControlCenter4\BrCcUxSys.exe
C:\Users\LEANDRO da Silva\Downloads\remover virus\HijackThis.exe
C:\Users\LEANDRO da Silva\AppData\Local\Facebook\Update\FacebookUpdate.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.130\McAfeeMSS_IE.dll
O2 - BHO: PlusIEEventHelper Class - {551A852F-39A6-44A7-9C13-AFBEC9185A9D} - C:\Program Files (x86)\Nuance\PDF Viewer Plus\Bin\PlusIEContextMenu.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20130324145814.dll
O2 - BHO: IESpeakDoc - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\IEPlugIn.dll
O2 - BHO: Auxiliar de Conexão do Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: G-Buster Browser Defense - {C41A1C0E-EA6C-11D4-B1B8-444553540000} - C:\Program Files (x86)\GbPlugin\gbieh.dll
O2 - BHO: G-Buster Browser Defense CEF - {C41A1C0E-EA6C-11D4-B1B8-444553540003} - C:\Program Files (x86)\GbPlugin\gbiehcef.dll
O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
O4 - HKLM\..\Run: [Dell Registration] C:\Program Files (x86)\System Registration\prodreg.exe /boot
O4 - HKLM\..\Run: [RoxWatchTray] "C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe"
O4 - HKLM\..\Run: [Desktop Disc Tool] "C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe"
O4 - HKLM\..\Run: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
O4 - HKLM\..\Run: [AccuWeatherWidget] "C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe" "C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\start.umj" --startup
O4 - HKLM\..\Run: [Dell Webcam Central] "C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" /mode2
O4 - HKLM\..\Run: [NI Update Service] "C:\Program Files (x86)\National Instruments\Shared\Update Service\NIUpdateService.exe" -startupTask
O4 - HKLM\..\Run: [VMware hqtray] "C:\Program Files (x86)\VMware\VMware Player\hqtray.exe"
O4 - HKLM\..\Run: [IndexSearch] "C:\Program Files (x86)\Nuance\PaperPort\IndexSearch.exe"
O4 - HKLM\..\Run: [PaperPort PTD] "C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe"
O4 - HKLM\..\Run: [PPort12reminder] "C:\Program Files (x86)\Nuance\PaperPort\Ereg\Ereg.exe" -r "C:\ProgramData\ScanSoft\PaperPort\12\Config\Ereg\Ereg.ini"
O4 - HKLM\..\Run: [PDFHook] C:\Program Files (x86)\Nuance\PDF Viewer Plus\pdfpro5hook.exe
O4 - HKLM\..\Run: [PDF5 Registry Controller] C:\Program Files (x86)\Nuance\PDF Viewer Plus\RegistryController.exe
O4 - HKLM\..\Run: [ControlCenter4] C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe /autorun
O4 - HKLM\..\Run: [BrStsMon00] C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe /AUTORUN
O4 - HKLM\..\Run: [mobilegeni daemon] C:\Program Files (x86)\Mobogenie\DaemonProcess.exe
O4 - HKCU\..\Run: [Facebook Update] "C:\Users\LEANDRO da Silva\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [ISUSPM] C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe -scheduler
O4 - HKCU\..\Run: [NextLive] C:\Windows\SysWOW64\rundll32.exe "C:\Users\LEANDRO da Silva\AppData\Roaming\newnext.me\nengine.dll",EntryPoint -m l
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVIÇO LOCAL')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVIÇO LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVIÇO DE REDE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVIÇO DE REDE')
O4 - HKUS\S-1-5-18\..\RunOnce: [{90140000-003D-0000-0000-0000000FF1CE}] C:\Windows\system32\cmd.exe /C del "C:\ProgramData\Microsoft Help\Rgstrtn.lck" /Q /A:H (User 'SISTEMA')
O4 - HKUS\.DEFAULT\..\RunOnce: [{90140000-003D-0000-0000-0000000FF1CE}] C:\Windows\system32\cmd.exe /C del "C:\ProgramData\Microsoft Help\Rgstrtn.lck" /Q /A:H (User 'Default user')
O4 - Startup: OneNote 2010 Screen Clipper and Launcher.lnk = C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
O4 - Global Startup: McAfee Security Scan Plus.lnk = C:\Program Files\McAfee Security Scan\3.8.130\SSScheduler.exe
O4 - Global Startup: NI Error Reporting.lnk = C:\Program Files (x86)\National Instruments\Shared\NI Error Reporting\nierserver.exe
O8 - Extra context menu item: &Enviar para o OneNote - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O8 - Extra context menu item: E&xportar para o Microsoft Excel - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files (x86)\Java\j2re1.4.2_19\bin\npjpi142_19.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files (x86)\Java\j2re1.4.2_19\bin\npjpi142_19.dll
O9 - Extra button: Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: (no name) - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\IEPlugIn.dll
O9 - Extra 'Tools' menuitem: Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\IEPlugIn.dll
O9 - Extra button: &Anotações Vinculadas do OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: &Anotações Vinculadas do OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\national instruments\shared\mdns responder\nimdnsnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O15 - Trusted Zone: www14.bancobrasil.com.br
O15 - Trusted Zone: www2.bancobrasil.com.br
O15 - Trusted Zone: [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O15 - Trusted Zone: imagem.caixa.gov.br
O15 - Trusted Zone: internetbanking.caixa.gov.br
O15 - Trusted Zone: internetbankingpf.caixa.gov.br
O15 - Trusted Zone: [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O16 - DPF: {6C269571-C6D7-4818-BCA4-32A035E8C884} (Creative Software AutoUpdate) - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O16 - DPF: {D4B68B83-8710-488B-A692-D74B50BA558E} (Creative Software AutoUpdate Support Package 2) - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O17 - HKLM\System\CCS\Services\Tcpip\..\{4C724388-AD8C-4EC5-9040-0487D2896AD6}: NameServer = 8.8.8.8,8.8.4.4,4.2.2.1,4.2.2.2,208.67.222.222,208.67.220.220,8.26.56.26,8.20.247.20,156.154.70.1,156.154.71.1
O18 - Protocol: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
O18 - Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\PROGRA~2\mcafee\msc\mcsniepl.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O20 - AppInit_DLLs: c:\progra~3\browse~1\23796~1.11\{16cdf~1\browse~1.dll
O20 - Winlogon Notify: GbPluginBb - C:\Program Files (x86)\GbPlugin\gbieh.dll
O20 - Winlogon Notify: GbPluginCef - C:\Program Files (x86)\GbPlugin\gbiehCef.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Program Files\IDT\WDM\AESTSr64.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Serviço de estado do ASP.NET (aspnet_state) - Unknown owner - C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe (file missing)
O23 - Service: Atheros Bt&Wlan Coex Agent - Atheros - C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\Ath_CoexAgent.exe
O23 - Service: AtherosSvc - Atheros Commnucations - C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\adminservice.exe
O23 - Service: Autodesk Content Service - Autodesk, Inc. - C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe
O23 - Service: BrYNSvc - Brother Industries, Ltd. - C:\Program Files (x86)\Browny02\BrYNSvc.exe
O23 - Service: Cron Service for Prey (CronService) - Fork Ltd. - C:\Prey\platform\windows\cronsvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service 64 - Flexera Software, Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
O23 - Service: Gbp Service (GbpSv) - GAS Tecnologia - C:\PROGRA~2\GbPlugin\GbpSv.exe
O23 - Service: HASP License Manager (hasplms) - Unknown owner - C:\Windows\system32\hasplms.exe (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NI Citadel 4 Service (LkCitadelServer) - National Instruments, Inc. - C:\Windows\SysWOW64\lkcitdl.exe
O23 - Service: NI PSP Service Locator (lkClassAds) - National Instruments Corporation - C:\Windows\SysWOW64\lkads.exe
O23 - Service: NI Time Synchronization (lkTimeSync) - National Instruments Corporation - C:\Windows\SysWOW64\lktsrv.exe
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: McAfee SiteAdvisor Service - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
O23 - Service: McAfee Activation Service (McAWFwk) - McAfee, Inc. - c:\PROGRA~1\mcafee\msc\mcawfwk.exe
O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files\McAfee Security Scan\3.8.130\McCHSvc.exe
O23 - Service: McAfee Personal Firewall Service (McMPFSvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
O23 - Service: McAfee VirusScan Announcer (McNaiAnn) - McAfee, Inc. - C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\Program Files\mcafee\VirusScan\mcods.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
O23 - Service: McAfee McShield (McShield) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe
O23 - Service: McAfee Firewall Core Service (mfefire) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
O23 - Service: McAfee Validation Trust Protection Service (mfevtp) - Unknown owner - C:\Windows\system32\mfevtps.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: McAfee Anti-Spam Service (MSK80Service) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NI Application Web Server (NIApplicationWebServer) - National Instruments Corporation - C:\Program Files (x86)\National Instruments\Shared\NI WebServer\ApplicationWebServer.exe
O23 - Service: NI Domain Service (NIDomainService) - National Instruments Corporation - C:\Program Files (x86)\National Instruments\Shared\Security\nidmsrv.exe
O23 - Service: NI License Server (NILM License Manager) - Macrovision Corporation - C:\Program Files (x86)\National Instruments\Shared\License Manager\Bin\lmgrd.exe
O23 - Service: NI mDNS Responder Service (nimDNSResponder) - National Instruments Corporation - C:\Program Files (x86)\National Instruments\Shared\mDNS Responder\nimdnsResponder.exe
O23 - Service: NI System Web Server (niSvcLoc) - National Instruments Corporation - C:\Program Files (x86)\National Instruments\Shared\NI WebServer\SystemWebServer.exe
O23 - Service: OpcEnum - OPC Foundation - C:\Windows\SysWOW64\OpcEnum.exe
O23 - Service: PDFProFiltSrvPP - Nuance Communications, Inc. - C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: RoxMediaDB12OEM - Sonic Solutions - C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe
O23 - Service: Roxio Hard Drive Watcher 12 (RoxWatch12) - Sonic Solutions - C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: SoftThinks Agent Service (SftService) - SoftThinks SAS - C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: SpyHunter 4 Service - Enigma Software Group USA, LLC. - C:\PROGRA~2\ENIGMA~1\SPYHUN~1\SH4SER~1.EXE
O23 - Service: @%SystemRoot%\system32\stlang64.dll,-10102 (STacSV) - IDT, Inc. - C:\Program Files\IDT\WDM\STacSV64.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: Intel(R) Turbo Boost Technology Monitor 2.0 (TurboBoost) - Intel(R) Corporation - C:\Program Files\Intel\TurboBoost\TurboBoost.exe
O23 - Service: VMware Agent Service (ufad-ws60) - VMware, Inc. - C:\Program Files (x86)\VMware\VMware Player\vmware-ufad.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: VMware Authorization Service (VMAuthdService) - VMware, Inc. - C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe
O23 - Service: VMware DHCP Service (VMnetDHCP) - VMware, Inc. - C:\Windows\system32\vmnetdhcp.exe
O23 - Service: VMware USB Arbitration Service (VMUSBArbService) - VMware, Inc. - C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator.exe
O23 - Service: VMware NAT Service - VMware, Inc. - C:\Windows\system32\vmnat.exe
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 20083 bytes
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:57:01, on 06/12/2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.16428)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe
C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe
C:\Program Files (x86)\National Instruments\Shared\NI Error Reporting\nierserver.exe
C:\Program Files (x86)\VMware\VMware Player\hqtray.exe
C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe
C:\Program Files (x86)\Nuance\PDF Viewer Plus\pdfPro5Hook.exe
C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe
C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe
C:\Program Files (x86)\ControlCenter4\BrCcUxSys.exe
C:\Users\LEANDRO da Silva\Downloads\remover virus\HijackThis.exe
C:\Users\LEANDRO da Silva\AppData\Local\Facebook\Update\FacebookUpdate.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.130\McAfeeMSS_IE.dll
O2 - BHO: PlusIEEventHelper Class - {551A852F-39A6-44A7-9C13-AFBEC9185A9D} - C:\Program Files (x86)\Nuance\PDF Viewer Plus\Bin\PlusIEContextMenu.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20130324145814.dll
O2 - BHO: IESpeakDoc - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\IEPlugIn.dll
O2 - BHO: Auxiliar de Conexão do Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: G-Buster Browser Defense - {C41A1C0E-EA6C-11D4-B1B8-444553540000} - C:\Program Files (x86)\GbPlugin\gbieh.dll
O2 - BHO: G-Buster Browser Defense CEF - {C41A1C0E-EA6C-11D4-B1B8-444553540003} - C:\Program Files (x86)\GbPlugin\gbiehcef.dll
O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
O4 - HKLM\..\Run: [Dell Registration] C:\Program Files (x86)\System Registration\prodreg.exe /boot
O4 - HKLM\..\Run: [RoxWatchTray] "C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe"
O4 - HKLM\..\Run: [Desktop Disc Tool] "C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe"
O4 - HKLM\..\Run: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
O4 - HKLM\..\Run: [AccuWeatherWidget] "C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe" "C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\start.umj" --startup
O4 - HKLM\..\Run: [Dell Webcam Central] "C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" /mode2
O4 - HKLM\..\Run: [NI Update Service] "C:\Program Files (x86)\National Instruments\Shared\Update Service\NIUpdateService.exe" -startupTask
O4 - HKLM\..\Run: [VMware hqtray] "C:\Program Files (x86)\VMware\VMware Player\hqtray.exe"
O4 - HKLM\..\Run: [IndexSearch] "C:\Program Files (x86)\Nuance\PaperPort\IndexSearch.exe"
O4 - HKLM\..\Run: [PaperPort PTD] "C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe"
O4 - HKLM\..\Run: [PPort12reminder] "C:\Program Files (x86)\Nuance\PaperPort\Ereg\Ereg.exe" -r "C:\ProgramData\ScanSoft\PaperPort\12\Config\Ereg\Ereg.ini"
O4 - HKLM\..\Run: [PDFHook] C:\Program Files (x86)\Nuance\PDF Viewer Plus\pdfpro5hook.exe
O4 - HKLM\..\Run: [PDF5 Registry Controller] C:\Program Files (x86)\Nuance\PDF Viewer Plus\RegistryController.exe
O4 - HKLM\..\Run: [ControlCenter4] C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe /autorun
O4 - HKLM\..\Run: [BrStsMon00] C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe /AUTORUN
O4 - HKLM\..\Run: [mobilegeni daemon] C:\Program Files (x86)\Mobogenie\DaemonProcess.exe
O4 - HKCU\..\Run: [Facebook Update] "C:\Users\LEANDRO da Silva\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [ISUSPM] C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe -scheduler
O4 - HKCU\..\Run: [NextLive] C:\Windows\SysWOW64\rundll32.exe "C:\Users\LEANDRO da Silva\AppData\Roaming\newnext.me\nengine.dll",EntryPoint -m l
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVIÇO LOCAL')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVIÇO LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVIÇO DE REDE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVIÇO DE REDE')
O4 - HKUS\S-1-5-18\..\RunOnce: [{90140000-003D-0000-0000-0000000FF1CE}] C:\Windows\system32\cmd.exe /C del "C:\ProgramData\Microsoft Help\Rgstrtn.lck" /Q /A:H (User 'SISTEMA')
O4 - HKUS\.DEFAULT\..\RunOnce: [{90140000-003D-0000-0000-0000000FF1CE}] C:\Windows\system32\cmd.exe /C del "C:\ProgramData\Microsoft Help\Rgstrtn.lck" /Q /A:H (User 'Default user')
O4 - Startup: OneNote 2010 Screen Clipper and Launcher.lnk = C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
O4 - Global Startup: McAfee Security Scan Plus.lnk = C:\Program Files\McAfee Security Scan\3.8.130\SSScheduler.exe
O4 - Global Startup: NI Error Reporting.lnk = C:\Program Files (x86)\National Instruments\Shared\NI Error Reporting\nierserver.exe
O8 - Extra context menu item: &Enviar para o OneNote - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O8 - Extra context menu item: E&xportar para o Microsoft Excel - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files (x86)\Java\j2re1.4.2_19\bin\npjpi142_19.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files (x86)\Java\j2re1.4.2_19\bin\npjpi142_19.dll
O9 - Extra button: Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: (no name) - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\IEPlugIn.dll
O9 - Extra 'Tools' menuitem: Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\IEPlugIn.dll
O9 - Extra button: &Anotações Vinculadas do OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: &Anotações Vinculadas do OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\national instruments\shared\mdns responder\nimdnsnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O15 - Trusted Zone: www14.bancobrasil.com.br
O15 - Trusted Zone: www2.bancobrasil.com.br
O15 - Trusted Zone: [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O15 - Trusted Zone: imagem.caixa.gov.br
O15 - Trusted Zone: internetbanking.caixa.gov.br
O15 - Trusted Zone: internetbankingpf.caixa.gov.br
O15 - Trusted Zone: [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O16 - DPF: {6C269571-C6D7-4818-BCA4-32A035E8C884} (Creative Software AutoUpdate) - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O16 - DPF: {D4B68B83-8710-488B-A692-D74B50BA558E} (Creative Software AutoUpdate Support Package 2) - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O17 - HKLM\System\CCS\Services\Tcpip\..\{4C724388-AD8C-4EC5-9040-0487D2896AD6}: NameServer = 8.8.8.8,8.8.4.4,4.2.2.1,4.2.2.2,208.67.222.222,208.67.220.220,8.26.56.26,8.20.247.20,156.154.70.1,156.154.71.1
O18 - Protocol: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
O18 - Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\PROGRA~2\mcafee\msc\mcsniepl.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O20 - AppInit_DLLs: c:\progra~3\browse~1\23796~1.11\{16cdf~1\browse~1.dll
O20 - Winlogon Notify: GbPluginBb - C:\Program Files (x86)\GbPlugin\gbieh.dll
O20 - Winlogon Notify: GbPluginCef - C:\Program Files (x86)\GbPlugin\gbiehCef.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Program Files\IDT\WDM\AESTSr64.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Serviço de estado do ASP.NET (aspnet_state) - Unknown owner - C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe (file missing)
O23 - Service: Atheros Bt&Wlan Coex Agent - Atheros - C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\Ath_CoexAgent.exe
O23 - Service: AtherosSvc - Atheros Commnucations - C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\adminservice.exe
O23 - Service: Autodesk Content Service - Autodesk, Inc. - C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe
O23 - Service: BrYNSvc - Brother Industries, Ltd. - C:\Program Files (x86)\Browny02\BrYNSvc.exe
O23 - Service: Cron Service for Prey (CronService) - Fork Ltd. - C:\Prey\platform\windows\cronsvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service 64 - Flexera Software, Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
O23 - Service: Gbp Service (GbpSv) - GAS Tecnologia - C:\PROGRA~2\GbPlugin\GbpSv.exe
O23 - Service: HASP License Manager (hasplms) - Unknown owner - C:\Windows\system32\hasplms.exe (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NI Citadel 4 Service (LkCitadelServer) - National Instruments, Inc. - C:\Windows\SysWOW64\lkcitdl.exe
O23 - Service: NI PSP Service Locator (lkClassAds) - National Instruments Corporation - C:\Windows\SysWOW64\lkads.exe
O23 - Service: NI Time Synchronization (lkTimeSync) - National Instruments Corporation - C:\Windows\SysWOW64\lktsrv.exe
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: McAfee SiteAdvisor Service - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
O23 - Service: McAfee Activation Service (McAWFwk) - McAfee, Inc. - c:\PROGRA~1\mcafee\msc\mcawfwk.exe
O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files\McAfee Security Scan\3.8.130\McCHSvc.exe
O23 - Service: McAfee Personal Firewall Service (McMPFSvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
O23 - Service: McAfee VirusScan Announcer (McNaiAnn) - McAfee, Inc. - C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\Program Files\mcafee\VirusScan\mcods.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
O23 - Service: McAfee McShield (McShield) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe
O23 - Service: McAfee Firewall Core Service (mfefire) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
O23 - Service: McAfee Validation Trust Protection Service (mfevtp) - Unknown owner - C:\Windows\system32\mfevtps.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: McAfee Anti-Spam Service (MSK80Service) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NI Application Web Server (NIApplicationWebServer) - National Instruments Corporation - C:\Program Files (x86)\National Instruments\Shared\NI WebServer\ApplicationWebServer.exe
O23 - Service: NI Domain Service (NIDomainService) - National Instruments Corporation - C:\Program Files (x86)\National Instruments\Shared\Security\nidmsrv.exe
O23 - Service: NI License Server (NILM License Manager) - Macrovision Corporation - C:\Program Files (x86)\National Instruments\Shared\License Manager\Bin\lmgrd.exe
O23 - Service: NI mDNS Responder Service (nimDNSResponder) - National Instruments Corporation - C:\Program Files (x86)\National Instruments\Shared\mDNS Responder\nimdnsResponder.exe
O23 - Service: NI System Web Server (niSvcLoc) - National Instruments Corporation - C:\Program Files (x86)\National Instruments\Shared\NI WebServer\SystemWebServer.exe
O23 - Service: OpcEnum - OPC Foundation - C:\Windows\SysWOW64\OpcEnum.exe
O23 - Service: PDFProFiltSrvPP - Nuance Communications, Inc. - C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: RoxMediaDB12OEM - Sonic Solutions - C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe
O23 - Service: Roxio Hard Drive Watcher 12 (RoxWatch12) - Sonic Solutions - C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: SoftThinks Agent Service (SftService) - SoftThinks SAS - C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: SpyHunter 4 Service - Enigma Software Group USA, LLC. - C:\PROGRA~2\ENIGMA~1\SPYHUN~1\SH4SER~1.EXE
O23 - Service: @%SystemRoot%\system32\stlang64.dll,-10102 (STacSV) - IDT, Inc. - C:\Program Files\IDT\WDM\STacSV64.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: Intel(R) Turbo Boost Technology Monitor 2.0 (TurboBoost) - Intel(R) Corporation - C:\Program Files\Intel\TurboBoost\TurboBoost.exe
O23 - Service: VMware Agent Service (ufad-ws60) - VMware, Inc. - C:\Program Files (x86)\VMware\VMware Player\vmware-ufad.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: VMware Authorization Service (VMAuthdService) - VMware, Inc. - C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe
O23 - Service: VMware DHCP Service (VMnetDHCP) - VMware, Inc. - C:\Windows\system32\vmnetdhcp.exe
O23 - Service: VMware USB Arbitration Service (VMUSBArbService) - VMware, Inc. - C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator.exe
O23 - Service: VMware NAT Service - VMware, Inc. - C:\Windows\system32\vmnat.exe
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 20083 bytes
leandro9172- Iniciante
- Mensagens : 21
Reputação : 0
Data de inscrição : 27/11/2013
Re: Notebook infectado
por Wings [In Memoriam] Sex 06 Dez 2013, 23:31
Baixe o [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] (...de Xplode) e salve-o no Desktop (Área de Trabalho)*Salve qualquer trabalho aberto e feche o seu navegador
*Execute-o, clique [Examinar] e aguarde o término
*Clique [Limpar] e aguarde o término
*Caso seja solicitada a reinicialização do PC, clique [OK] para reiniciar.
*Cole o relatório C:\AdwCleaner\AdwCleaner[S0].txt
Wings [In Memoriam]- Moderador
- Mensagens : 1080
Reputação : 282
Data de inscrição : 19/08/2013
Localização : Rio de Janeiro - RJ -
Notebook infectado
por leandro9172 Sáb 07 Dez 2013, 08:12
Relatório do programa AdwCleaner:
# AdwCleaner v3.014 - Relatório criado 07/12/2013 às 08:08:06
# Atualizado 01/12/2013 por Xplode
# Sistema Operacional : Windows 7 Home Premium Service Pack 1 (64 bits)
# Usuário : LEANDRO da Silva - LEANDRO
# Executando de : C:\Users\LEANDRO da Silva\Downloads\remover virus\AdwCleaner.exe
# Opção : Limpar
***** [ Serviços ] *****
***** [ Arquivos / Pastas ] *****
Pasta Deletada : C:\ProgramData\boost_interprocess
***** [ Atalhos ] *****
***** [ Registro ] *****
Chave Deletedo : HKCU\Software\FLEXnet
Chave Deletedo : HKLM\Software\Iminent
***** [ Navegadores ] *****
-\\ Internet Explorer v11.0.9600.16428
-\\ Mozilla Firefox v
[ Arquivo : C:\Users\LEANDRO da Silva\AppData\Roaming\Mozilla\Firefox\Profiles\a7iol6jg.default\prefs.js ]
[ Arquivo : C:\Users\LEANDRO\AppData\Roaming\Mozilla\Firefox\Profiles\972uqp3s.default\prefs.js ]
*************************
AdwCleaner[R0].txt - [1128 octets] - [06/12/2013 05:51:42]
AdwCleaner[R1].txt - [1189 octets] - [06/12/2013 22:08:35]
AdwCleaner[R2].txt - [1249 octets] - [07/12/2013 07:58:42]
AdwCleaner[S0].txt - [1115 octets] - [07/12/2013 08:08:06]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [1175 octets] ##########
# AdwCleaner v3.014 - Relatório criado 07/12/2013 às 08:08:06
# Atualizado 01/12/2013 por Xplode
# Sistema Operacional : Windows 7 Home Premium Service Pack 1 (64 bits)
# Usuário : LEANDRO da Silva - LEANDRO
# Executando de : C:\Users\LEANDRO da Silva\Downloads\remover virus\AdwCleaner.exe
# Opção : Limpar
***** [ Serviços ] *****
***** [ Arquivos / Pastas ] *****
Pasta Deletada : C:\ProgramData\boost_interprocess
***** [ Atalhos ] *****
***** [ Registro ] *****
Chave Deletedo : HKCU\Software\FLEXnet
Chave Deletedo : HKLM\Software\Iminent
***** [ Navegadores ] *****
-\\ Internet Explorer v11.0.9600.16428
-\\ Mozilla Firefox v
[ Arquivo : C:\Users\LEANDRO da Silva\AppData\Roaming\Mozilla\Firefox\Profiles\a7iol6jg.default\prefs.js ]
[ Arquivo : C:\Users\LEANDRO\AppData\Roaming\Mozilla\Firefox\Profiles\972uqp3s.default\prefs.js ]
*************************
AdwCleaner[R0].txt - [1128 octets] - [06/12/2013 05:51:42]
AdwCleaner[R1].txt - [1189 octets] - [06/12/2013 22:08:35]
AdwCleaner[R2].txt - [1249 octets] - [07/12/2013 07:58:42]
AdwCleaner[S0].txt - [1115 octets] - [07/12/2013 08:08:06]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [1175 octets] ##########
leandro9172- Iniciante
- Mensagens : 21
Reputação : 0
Data de inscrição : 27/11/2013
Re: Notebook infectado
por Wings [In Memoriam] Sáb 07 Dez 2013, 08:27
Procure salvar os programas que vamos utilizar no Desktop. Vc criou e salvou em uma pasta que nem solicitei. Veja:
C:\Users\LEANDRO da Silva\Downloads\remover virus
Execute o AdwCleaner, clique [Desinstalar] > [Sim]
Baixe o [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] (...de Thisisu) e salve-o no Desktop (Área de Trabalho)
*Feche o seu navegador (Firefox, IE, Google Chrome)
*Clique com o botão direito do mouse no JRT e selecione [Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
*Tecle [ENTER]
*Durante o scan os ícones do Desktop desaparecerão temporariamente
*Ao surgir a mensagem The scan completed succesfully, feche a janela e cole o relatório JRT.txt localizado no Desktop
Baixe o [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] (...de Farbar) e salve-o no Desktop
*Clique com o botão direito do mouse no FRST e selecione [Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
*Aceite o contrato, clique [Scan] e ao término clique [OK] > [OK]
*Anexe os relatórios FRST.txt e Addition.txt criados no Desktop
C:\Users\LEANDRO da Silva\Downloads\remover virus
Execute o AdwCleaner, clique [Desinstalar] > [Sim] Baixe o [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] (...de Thisisu) e salve-o no Desktop (Área de Trabalho)*Feche o seu navegador (Firefox, IE, Google Chrome)
*Clique com o botão direito do mouse no JRT e selecione [Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
*Tecle [ENTER]
*Durante o scan os ícones do Desktop desaparecerão temporariamente
*Ao surgir a mensagem The scan completed succesfully, feche a janela e cole o relatório JRT.txt localizado no Desktop
Baixe o [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] (...de Farbar) e salve-o no Desktop*Clique com o botão direito do mouse no FRST e selecione [Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
*Aceite o contrato, clique [Scan] e ao término clique [OK] > [OK]
*Anexe os relatórios FRST.txt e Addition.txt criados no Desktop
Wings [In Memoriam]- Moderador
- Mensagens : 1080
Reputação : 282
Data de inscrição : 19/08/2013
Localização : Rio de Janeiro - RJ -
Re: Notebook infectado
por leandro9172 Sáb 07 Dez 2013, 09:13
Relatório do aplicativo JRT:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.0.8 (11.05.2013:1)
OS: Windows 7 Home Premium x64
Ran by LEANDRO da Silva on 07/12/2013 at 8:46:04,48
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_DLLs
Suspicious HKCU\..\Run entries found. Trojan:JS/Medfos.B?
Value Name Type Value Data
========================================================================================
NextLive REG_SZ C:\Windows\SysWOW64\rundll32.exe "C:\Users\LEANDRO da Silva\AppData\Roaming\newnext.me\nengine.dll",EntryPoint -m l
~~~ Registry Keys
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{FB684D26-01F4-4D9D-87CB-F486BEBA56DC}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\baidu
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-2995875875-2491209139-696693241-1000\Software\sweetim
~~~ Files
~~~ Folders
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 07/12/2013 at 8:53:14,04
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.0.8 (11.05.2013:1)
OS: Windows 7 Home Premium x64
Ran by LEANDRO da Silva on 07/12/2013 at 8:46:04,48
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_DLLs
Suspicious HKCU\..\Run entries found. Trojan:JS/Medfos.B?
Value Name Type Value Data
========================================================================================
NextLive REG_SZ C:\Windows\SysWOW64\rundll32.exe "C:\Users\LEANDRO da Silva\AppData\Roaming\newnext.me\nengine.dll",EntryPoint -m l
~~~ Registry Keys
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{FB684D26-01F4-4D9D-87CB-F486BEBA56DC}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\baidu
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-2995875875-2491209139-696693241-1000\Software\sweetim
~~~ Files
~~~ Folders
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 07/12/2013 at 8:53:14,04
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
leandro9172- Iniciante
- Mensagens : 21
Reputação : 0
Data de inscrição : 27/11/2013
Notebook infectado
por leandro9172 Sáb 07 Dez 2013, 09:15
Relatório da ferramenta FRST:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 07-12-2013 01
Ran by LEANDRO da Silva (administrator) on LEANDRO on 07-12-2013 09:07:33
Running from C:\Users\LEANDRO da Silva\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: Portuguese Brazilian
Internet Explorer Version 11
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(Enigma Software Group USA, LLC.) C:\Program Files (x86)\Enigma Software Group\SpyHunter\SH4Service.exe
(GAS Tecnologia) C:\Program Files (x86)\GbPlugin\gbpsv.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(Andrea Electronics Corporation) C:\Program Files\IDT\WDM\AESTSr64.exe
(Atheros) C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\Ath_CoexAgent.exe
(Atheros Commnucations) C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\AdminService.exe
(Autodesk, Inc.) C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe
(Fork Ltd.) C:\Prey\platform\windows\cronsvc.exe
(Aladdin Knowledge Systems Ltd.) C:\Windows\System32\hasplms.exe
(National Instruments Corporation) C:\Windows\SysWOW64\lkads.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(National Instruments Corporation) C:\Program Files (x86)\National Instruments\Shared\Security\nidmsrv.exe
(National Instruments Corporation) C:\Program Files (x86)\National Instruments\Shared\NI WebServer\SystemWebServer.exe
(Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe
(SoftThinks SAS) C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe
(VMware, Inc.) C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator.exe
(VMware, Inc.) C:\Windows\SysWOW64\vmnat.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(National Instruments, Inc.) C:\Windows\SysWOW64\lkcitdl.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(National Instruments Corporation) C:\Windows\SysWOW64\lktsrv.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\systemcore\mcshield.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\Apoint.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Dell Inc.) C:\Program Files\Dell\QuickSet\quickset.exe
(Atheros Communications) C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtvStack.exe
(Atheros Commnucations) C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\AthBtTray.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Acresso Corporation) C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.130\SSScheduler.exe
() C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe
(McAfee, Inc.) C:\Program Files\mcafee.com\agent\mcagent.exe
(Creative Technology Ltd) C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe
(VMware, Inc.) C:\Program Files (x86)\VMware\VMware Player\hqtray.exe
(National Instruments Corporation) C:\Program Files (x86)\National Instruments\Shared\NI Error Reporting\nierserver.exe
(Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe
(Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PDF Viewer Plus\pdfPro5Hook.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
(Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\systemcore\mfefire.exe
(National Instruments Corporation) C:\Program Files (x86)\National Instruments\Shared\NI WebServer\ApplicationWebServer.exe
(National Instruments Corporation) C:\Program Files (x86)\National Instruments\Shared\mDNS Responder\nimdnsResponder.exe
(VMware, Inc.) C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe
(VMware, Inc.) C:\Windows\SysWOW64\vmnetdhcp.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCcUxSys.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\BrYNSvc.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApMsgFwd.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\hidfind.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApntEx.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PaperPort\NuanceWDS.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [Apoint] - C:\Program Files\DellTPad\Apoint.exe [608112 2011-03-29] (Alps Electric Co., Ltd.)
HKLM\...\Run: [SysTrayApp] - C:\Program Files\IDT\WDM\sttray64.exe [1128448 2011-05-27] (IDT, Inc.)
HKLM\...\Run: [HotKeysCmds] - C:\Windows\system32\hkcmd.exe [ ] ()
HKLM\...\Run: [IntelTBRunOnce] - C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs [4526 2010-11-29] ()
HKLM\...\Run: [QuickSet] - C:\Program Files\Dell\QuickSet\quickset.exe [3668336 2011-03-24] (Dell Inc.)
HKLM\...\Run: [AtherosBtStack] - C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtvStack.exe [627360 2011-05-20] (Atheros Communications)
HKLM\...\Run: [AthBtTray] - C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\AthBtTray.exe [379552 2011-05-20] (Atheros Commnucations)
HKLM\...\Run: [DellStage] - C:\Program Files (x86)\Dell Stage\Dell Stage\start.umj [483424 2012-02-01] ()
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKCU\...\Run: [Facebook Update] - C:\Users\LEANDRO da Silva\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2013-01-09] (Facebook Inc.)
HKCU\...\Run: [DAEMON Tools Lite] - C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3673728 2012-11-06] (DT Soft Ltd)
HKCU\...\Run: [ISUSPM] - C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe [222496 2009-05-05] (Acresso Corporation)
HKCU\...\Run: [NextLive] - C:\Windows\SysWOW64\rundll32.exe "C:\Users\LEANDRO da Silva\AppData\Roaming\newnext.me\nengine.dll",EntryPoint -m l
HKCU\...\Policies\Explorer: []
MountPoints2: {0d700715-36f1-11e2-ae0f-e006e6fdb602} - E:\Autorun.exe
MountPoints2: {81b32c88-277b-11e2-b9b7-e006e6fdb602} - E:\Autorun.exe
HKLM-x32\...\Run: [Dell Registration] - C:\Program Files (x86)\System Registration\prodreg.exe [4165440 2011-08-04] (Dell, Inc.)
HKLM-x32\...\Run: [] - [x]
HKLM-x32\...\Run: [RoxWatchTray] - C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe [240112 2010-11-25] (Sonic Solutions)
HKLM-x32\...\Run: [Desktop Disc Tool] - C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe [514544 2010-11-17] ()
HKLM-x32\...\Run: [mcui_exe] - C:\Program Files\mcafee.com\agent\mcagent.exe [1532992 2013-03-13] (McAfee, Inc.)
HKLM-x32\...\Run: [AccuWeatherWidget] - C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\start.umj [2835443 2012-02-01] ()
HKLM-x32\...\Run: [Dell Webcam Central] - C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe [577536 2013-01-08] (Creative Technology Ltd)
HKLM-x32\...\Run: [NI Update Service] - C:\Program Files (x86)\National Instruments\Shared\Update Service\NIUpdateService.exe [851592 2012-08-02] (National Instruments)
HKLM-x32\...\Run: [VMware hqtray] - C:\Program Files (x86)\VMware\VMware Player\hqtray.exe [64048 2010-01-22] (VMware, Inc.)
HKLM-x32\...\Run: [IndexSearch] - C:\Program Files (x86)\Nuance\PaperPort\IndexSearch.exe [46368 2010-03-09] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [PaperPort PTD] - C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe [29984 2010-03-09] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [PPort12reminder] - C:\ProgramData\ScanSoft\PaperPort\12\Config\Ereg\Ereg.ini [433 2013-12-07] ()
HKLM-x32\...\Run: [PDFHook] - C:\Program Files (x86)\Nuance\PDF Viewer Plus\pdfPro5Hook.exe [636192 2010-03-05] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [PDF5 Registry Controller] - C:\Program Files (x86)\Nuance\PDF Viewer Plus\RegistryController.exe [62752 2010-03-05] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [ControlCenter4] - C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [139264 2011-04-20] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [BrStsMon00] - C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [2621440 2010-06-10] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [mobilegeni daemon] - C:\Program Files (x86)\Mobogenie\DaemonProcess.exe
HKU\LEANDRO\...\Run: [Facebook Update] - C:\Users\LEANDRO da Silva\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2013-01-09] (Facebook Inc.)
HKU\LEANDRO\...\Run: [DAEMON Tools Lite] - C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3673728 2012-11-06] (DT Soft Ltd)
HKU\LEANDRO\...\Run: [ISUSPM] - C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe [222496 2009-05-05] (Acresso Corporation)
Startup: C:\Users\LEANDRO\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Monitor da tecnologia Intel® Turbo Boost 2.0.lnk
ShortcutTarget: Monitor da tecnologia Intel® Turbo Boost 2.0.lnk -> C:\Program Files\Intel\TurboBoost\SignalIslandUi.exe (Intel® Corporation)
Startup: C:\Users\LEANDRO da Silva\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Screen Clipper and Launcher.lnk
ShortcutTarget: OneNote 2010 Screen Clipper and Launcher.lnk -> C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
SearchScopes: HKLM - DefaultScope {91A6DBD0-F1BE-4954-B3D2-594DCECE0D50} URL =
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - {6FF37769-0FF3-4F0D-9FDC-F940C33DAB9D} URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
SearchScopes: HKCU - {EFA27348-E879-4907-9783-B1D0956D3E33} URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
BHO: Plus-HD-4.4 - {11111111-1111-1111-1111-110311961176} - C:\Program Files (x86)\Plus-HD-4.4\Plus-HD-4.4-bho64.dll No File
BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\Common Files\mcafee\systemcore\ScriptSn.20130316191051.dll (McAfee, Inc.)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - C:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.130\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO-x32: PlusIEEventHelper Class - {551A852F-39A6-44A7-9C13-AFBEC9185A9D} - C:\Program Files (x86)\Nuance\PDF Viewer Plus\bin\PlusIEContextMenu.dll (Zeon Corporation)
BHO-x32: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\Common Files\mcafee\SystemCore\ScriptSn.20130324145814.dll (McAfee, Inc.)
BHO-x32: CIESpeechBHO Class - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
BHO-x32: Auxiliar de Conexão do Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - C:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: GbIehObj Class - {C41A1C0E-EA6C-11D4-B1B8-444553540000} - C:\Program Files (x86)\GbPlugin\gbieh.dll (Banco do Brasil)
BHO-x32: GbIehObj Class - {C41A1C0E-EA6C-11D4-B1B8-444553540003} - C:\Program Files (x86)\GbPlugin\gbiehcef.dll (Caixa Economica Federal)
Toolbar: HKLM - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - C:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
Toolbar: HKLM-x32 - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - C:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
DPF: HKLM-x32 {6C269571-C6D7-4818-BCA4-32A035E8C884} [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
DPF: HKLM-x32 {D4B68B83-8710-488B-A692-D74B50BA558E} [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
DPF: HKLM-x32 {F6ACF75C-C32C-447B-9BEF-46B766368D29} [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll No File
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll No File
Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - C:\Program Files\mcafee\msc\McSnIePl64.dll (McAfee, Inc.)
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - C:\Program Files (x86)\McAfee\msc\McSnIePl.dll (McAfee, Inc.)
ShellExecuteHooks-x32: GbPluginObj Class - {E37CB5F0-51F5-4395-A808-5FA49E399003} - C:\Program Files (x86)\GbPlugin\gbiehcef.dll [1479528 2013-10-16] (Caixa Economica Federal)
ShellExecuteHooks-x32: GbPluginObj Class - {E37CB5F0-51F5-4395-A808-5FA49E399F83} - C:\Program Files (x86)\GbPlugin\gbieh.dll [1487912 2013-10-07] (Banco do Brasil)
Winsock: Catalog5 10 C:\Program Files (x86)\National Instruments\Shared\mDNS Responder\nimdnsNSP.dll [24320] (National Instruments Corporation)
Winsock: Catalog5-x64 10 C:\Program Files\National Instruments\Shared\mDNS Responder\nimdnsNSP.dll [26368] (National Instruments Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 83.11.2.254
Tcpip\..\Interfaces\{4C724388-AD8C-4EC5-9040-0487D2896AD6}: [NameServer]8.8.8.8,8.8.4.4,4.2.2.1,4.2.2.2,208.67.222.222,208.67.220.220,8.26.56.26,8.20.247.20,156.154.70.1,156.154.71.1
FireFox:
========
FF ProfilePath: C:\Users\LEANDRO da Silva\AppData\Roaming\Mozilla\Firefox\Profiles\a7iol6jg.default
FF NewTab: google
FF DefaultSearchEngine: Pesquisa Segura
FF SearchEngineOrder.1: Pesquisa Segura
FF SelectedSearchEngine: Pesquisa Segura
FF Homepage: [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
FF Keyword.URL: [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_117.dll ()
FF Plugin: @mcafee.com/MSC,version=10 - c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL ()
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.21.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @mcafee.com/McAfeeMssPlugin - C:\Program Files\McAfee Security Scan\3.8.130\npMcAfeeMss.dll (McAfee, Inc.)
FF Plugin-x32: @mcafee.com/MSC,version=10 - c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL ()
FF Plugin-x32: @mcafee.com/SAFFPlugin - C:\Program Files (x86)\McAfee\SiteAdvisor\npmcffplg32.dll (McAfee, Inc.)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll No File
FF Plugin-x32: @videolan.org/vlc,version=2.0.3 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin - C:\Users\LEANDRO da Silva\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF Plugin HKCU: gastecnologia.com.br/sf/bb - C:\Users\LEANDRO da Silva\AppData\Local\GAS Tecnologia\GBBD\npsf_bb.dll (GAS Tecnologia)
FF Plugin HKCU: gastecnologia.com.br/sf/cef - C:\Users\LEANDRO da Silva\AppData\Local\GAS Tecnologia\GBBD\npsf_cef.dll (GAS Tecnologia)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\McSiteAdvisor.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\buscape.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\McSiteAdvisor.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\mercadolivre.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-br.xml
FF Extension: LogMeIn, Inc. Remote Access Plugin - C:\Users\LEANDRO da Silva\AppData\Roaming\Mozilla\Firefox\Profiles\a7iol6jg.default\Extensions\LogMeInClient@logmein.com
FF Extension: DownloadHelper - C:\Users\LEANDRO da Silva\AppData\Roaming\Mozilla\Firefox\Profiles\a7iol6jg.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
FF Extension: BaixouAgora - C:\Users\LEANDRO da Silva\AppData\Roaming\Mozilla\Firefox\Profiles\a7iol6jg.default\Extensions\BaixouAgora@Baixou.xpi
FF Extension: newtaburl - C:\Users\LEANDRO da Silva\AppData\Roaming\Mozilla\Firefox\Profiles\a7iol6jg.default\Extensions\newtaburl@sogame.cat.xpi
FF Extension: VacuumPlacesImproved - C:\Users\LEANDRO da Silva\AppData\Roaming\Mozilla\Firefox\Profiles\a7iol6jg.default\Extensions\VacuumPlacesImproved@lultimouomo-gmail.com.xpi
FF Extension: flashgot - C:\Users\LEANDRO da Silva\AppData\Roaming\Mozilla\Firefox\Profiles\a7iol6jg.default\Extensions\{19503e42-ca3c-4c27-b1e2-9cdb2170ee34}.xpi
FF Extension: noscript - C:\Users\LEANDRO da Silva\AppData\Roaming\Mozilla\Firefox\Profiles\a7iol6jg.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi
FF Extension: Adblock Plus - C:\Users\LEANDRO da Silva\AppData\Roaming\Mozilla\Firefox\Profiles\a7iol6jg.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
FF Extension: bprivacyprefs - C:\Users\LEANDRO da Silva\AppData\Roaming\Mozilla\Firefox\Profiles\a7iol6jg.default\Extensions\{d40f5e7b-d2cf-4856-b441-cc613eeffbe3}.xpi
FF Extension: downbarconfig - C:\Users\LEANDRO da Silva\AppData\Roaming\Mozilla\Firefox\Profiles\a7iol6jg.default\Extensions\{D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}.xpi
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor
FF Extension: McAfee SiteAdvisor - C:\Program Files (x86)\McAfee\SiteAdvisor
FF HKLM-x32\...\Firefox\Extensions: [{D19CA586-DD6C-4a0a-96F8-14644F340D60}] - C:\Program Files (x86)\Common Files\McAfee\SystemCore
FF Extension: McAfee ScriptScan for Firefox - C:\Program Files (x86)\Common Files\McAfee\SystemCore
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
FF Extension: McAfee Anti-Spam Thunderbird Extension - C:\Program Files\McAfee\MSK
FF HKCU\...\Firefox\Extensions: [{87F8774F-B485-47E2-A755-A40A8A5E886D}] - C:\Users\LEANDRO da Silva\AppData\Local\GAS Tecnologia\GBBD\cef\sf.xpi
FF Extension: No Name - C:\Users\LEANDRO da Silva\AppData\Local\GAS Tecnologia\GBBD\cef\sf.xpi
FF HKCU\...\Firefox\Extensions: [{87F8774F-B485-47E2-A755-A40A8A5E886C}] - C:\Users\LEANDRO da Silva\AppData\Local\GAS Tecnologia\GBBD\bb\sf.xpi
FF Extension: No Name - C:\Users\LEANDRO da Silva\AppData\Local\GAS Tecnologia\GBBD\bb\sf.xpi
==================== Services (Whitelisted) =================
R2 Atheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\Ath_CoexAgent.exe [146592 2011-05-20] (Atheros)
R2 Autodesk Content Service; C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [19232 2012-01-31] (Autodesk, Inc.)
R2 CronService; C:\Prey\platform\windows\cronsvc.exe [19968 2011-02-15] (Fork Ltd.)
R2 GbpSv; C:\Program Files (x86)\GbPlugin\gbpsv.exe [452968 2013-10-16] (GAS Tecnologia)
R2 LkCitadelServer; C:\Windows\SysWOW64\lkcitdl.exe [695136 2011-05-06] (National Instruments, Inc.)
R2 lkClassAds; C:\Windows\SysWOW64\lkads.exe [50328 2012-06-05] (National Instruments Corporation)
R2 lkTimeSync; C:\Windows\SysWOW64\lktsrv.exe [60568 2012-06-05] (National Instruments Corporation)
S2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 McAfee SiteAdvisor Service; C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [201304 2012-08-31] (McAfee, Inc.)
S3 McAWFwk; C:\Program Files\mcafee\msc\McAWFwk.exe [224704 2011-03-08] (McAfee, Inc.)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.130\McCHSvc.exe [288776 2013-09-06] (McAfee, Inc.)
R2 McMPFSvc; C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [201304 2012-08-31] (McAfee, Inc.)
R2 mcmscsvc; C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe [201304 2012-08-31] (McAfee, Inc.)
R2 McNaiAnn; C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe [201304 2012-08-31] (McAfee, Inc.)
R2 McNASvc; C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe [201304 2012-08-31] (McAfee, Inc.)
S3 McODS; C:\Program Files\mcafee\VirusScan\mcods.exe [383608 2012-11-16] (McAfee, Inc.)
S4 McOobeSv; C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe [201304 2012-08-31] (McAfee, Inc.)
R2 McProxy; C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe [201304 2012-08-31] (McAfee, Inc.)
R2 McShield; C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe [241456 2013-02-19] (McAfee, Inc.)
R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [218760 2013-02-19] (McAfee, Inc.)
R2 mfevtp; C:\Windows\system32\mfevtps.exe [182752 2013-02-19] (McAfee, Inc.)
R2 MSK80Service; C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [201304 2012-08-31] (McAfee, Inc.)
R2 NIApplicationWebServer; C:\Program Files (x86)\National Instruments\Shared\NI WebServer\ApplicationWebServer.exe [53960 2012-05-22] (National Instruments Corporation)
S4 NIApplicationWebServer64; C:\Program Files\National Instruments\Shared\NI WebServer\ApplicationWebServer.exe [76488 2012-05-22] (National Instruments Corporation)
R2 NIDomainService; C:\Program Files (x86)\National Instruments\Shared\Security\nidmsrv.exe [370328 2012-06-05] (National Instruments Corporation)
S3 NILM License Manager; C:\Program Files (x86)\National Instruments\Shared\License Manager\Bin\lmgrd.exe [1427688 2010-08-02] (Macrovision Corporation)
R2 nimDNSResponder; C:\Program Files (x86)\National Instruments\Shared\mDNS Responder\nimdnsResponder.exe [258776 2012-05-31] (National Instruments Corporation)
R2 niSvcLoc; C:\Program Files (x86)\National Instruments\Shared\NI WebServer\SystemWebServer.exe [53952 2012-05-22] (National Instruments Corporation)
R2 PDFProFiltSrvPP; C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe [144672 2010-03-09] (Nuance Communications, Inc.)
R2 SpyHunter 4 Service; C:\Program Files (x86)\Enigma Software Group\SpyHunter\SH4Service.exe [327064 2010-05-18] (Enigma Software Group USA, LLC.)
S3 ufad-ws60; C:\Program Files (x86)\VMware\VMware Player\vmware-ufad.exe [191024 2009-10-12] (VMware, Inc.)
S3 aspnet_state; %SystemRoot%\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [x]
==================== Drivers (Whitelisted) ====================
S3 androidusb; C:\Windows\System32\Drivers\wsadb.sys [40232 2013-06-02] (Google Inc)
R3 cfwids; C:\Windows\System32\drivers\cfwids.sys [70112 2013-02-19] (McAfee, Inc.)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2012-11-25] (DT Soft Ltd)
S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [196440 2012-04-20] (McAfee, Inc.)
S3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R3 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [179280 2013-02-19] (McAfee, Inc.)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [309840 2013-02-19] (McAfee, Inc.)
U3 mfeavfk01; No ImagePath
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [515968 2013-02-19] (McAfee, Inc.)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [771536 2013-02-19] (McAfee, Inc.)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [340216 2013-02-19] (McAfee, Inc.)
S3 ssudobex; C:\Windows\System32\DRIVERS\ssudobex.sys [203544 2013-02-06] (DEVGURU Co., LTD.([Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R2 vstor2-ws60; C:\Program Files (x86)\VMware\VMware Player\vstor2-ws60.sys [32816 2009-10-12] (VMware, Inc.)
S3 <NtDriverName>; \SystemRoot\System32\Drivers\<NtDriverName>.sys [x]
S3 BprotectEx; \??\C:\Windows\System32\drivers\BprotectEx.sys [x]
S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [x]
S3 lmimirr; system32\DRIVERS\lmimirr.sys [x]
U5 SNTIE; C:\Windows\SysWOW64\Drivers\SNTIE.sys [172032 2004-05-28] (Siemens AG)
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2013-12-07 09:07 - 2013-12-07 09:08 - 00026875 _____ C:\Users\LEANDRO da Silva\Desktop\FRST.txt
2013-12-07 09:07 - 2013-12-07 09:07 - 00000000 ____D C:\FRST
2013-12-07 08:53 - 2013-12-07 08:53 - 00001518 _____ C:\Users\LEANDRO da Silva\Desktop\JRT.txt
2013-12-07 08:46 - 2013-12-07 08:46 - 00000000 ____D C:\Windows\ERUNT
2013-12-07 08:44 - 2013-12-07 08:44 - 00000000 ___RD C:\Users\LEANDRO da Silva\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
2013-12-07 08:35 - 2013-12-07 08:39 - 01927360 _____ (Farbar) C:\Users\LEANDRO da Silva\Desktop\FRST64.exe
2013-12-07 08:34 - 2013-12-07 08:42 - 01034531 _____ (Thisisu) C:\Users\LEANDRO da Silva\Desktop\JRT.exe
2013-12-07 07:54 - 2013-12-07 08:43 - 00000168 _____ C:\Windows\setupact.log
2013-12-07 07:54 - 2013-12-07 07:54 - 00000000 _____ C:\Windows\setuperr.log
2013-12-06 05:36 - 2013-12-07 08:34 - 00000000 ____D C:\Users\LEANDRO da Silva\Downloads\remover virus
2013-12-05 23:51 - 2013-12-07 08:44 - 00000000 ____D C:\Users\LEANDRO da Silva\AppData\Roaming\newnext.me
2013-12-05 23:51 - 2013-12-06 05:46 - 00000000 ____D C:\Users\LEANDRO da Silva\AppData\Local\Mobogenie
2013-12-05 23:51 - 2013-12-06 05:08 - 00000558 _____ C:\Users\LEANDRO da Silva\daemonprocess.txt
2013-12-05 23:51 - 2013-12-05 23:51 - 00000000 ____D C:\Users\LEANDRO da Silva\Documents\Mobogenie
2013-12-05 23:51 - 2013-12-05 23:51 - 00000000 ____D C:\Users\LEANDRO da Silva\AppData\Local\genienext
2013-12-05 23:51 - 2013-12-05 23:51 - 00000000 ____D C:\Users\LEANDRO da Silva\.android
2013-12-05 23:47 - 2013-12-05 23:47 - 00003224 _____ C:\Windows\System32\Tasks\{CEA5BAD8-FA0B-46D6-BFC6-24F78FD022E0}
2013-12-05 23:38 - 2013-12-05 23:40 - 242743296 _____ (Microsoft Corporation) C:\Users\LEANDRO da Silva\Downloads\dotnetfx35.exe
2013-12-05 22:29 - 2013-12-05 22:29 - 00000427 _____ C:\Users\LEANDRO da Silva\Desktop\os melhores do mundo.txt
2013-12-05 17:14 - 2013-12-05 23:31 - 00000000 ____D C:\Users\LEANDRO da Silva\Downloads\AutoCAD 2010 [64-Bit] - English
2013-12-05 06:19 - 2013-12-05 06:19 - 00000670 _____ C:\Windows\ST6UNST.003
2013-12-05 06:11 - 2013-12-05 06:11 - 00000671 _____ C:\Windows\ST6UNST.001
2013-12-05 06:11 - 2013-12-05 06:11 - 00000670 _____ C:\Windows\ST6UNST.002
2013-12-05 06:10 - 2013-12-05 06:19 - 00000000 _____ C:\Windows\SETUP.LST
2013-12-05 06:10 - 2013-12-05 06:10 - 00000670 _____ C:\Windows\ST6UNST.000
2013-12-02 23:16 - 2013-12-02 23:17 - 01821733 _____ C:\Users\LEANDRO da Silva\Desktop\photo.php.html
2013-12-02 23:16 - 2013-12-02 23:16 - 00000000 ____D C:\Users\LEANDRO da Silva\Desktop\photo.php_arquivos
2013-12-02 18:53 - 2013-12-02 18:53 - 00000000 ____D C:\Users\LEANDRO da Silva\AppData\Roaming\Benning Gmbh & Co. KG
2013-12-02 18:52 - 2013-12-02 18:52 - 00001644 _____ C:\Windows\ODBCINST.INI
2013-12-02 18:52 - 2013-12-02 18:52 - 00000288 _____ C:\Windows\ODBC.INI
2013-12-02 18:52 - 2013-12-02 18:52 - 00000000 ____D C:\~MSSETUP.T
2013-12-02 18:51 - 2013-12-02 18:51 - 00001134 _____ C:\Users\LEANDRO da Silva\Desktop\TEBE MCU Service.lnk
2013-12-02 18:51 - 2013-12-02 18:51 - 00000000 ____D C:\Program Files (x86)\Benning Gmbh & Co. KG
2013-12-02 16:41 - 2013-12-02 16:42 - 00000000 ____D C:\Users\LEANDRO da Silva\Downloads\The Walking Dead S04E08 HDTV x264-2HD[ettv]
2013-12-02 16:39 - 2013-12-02 16:47 - 288589019 ____R C:\Users\LEANDRO da Silva\Downloads\Homeland.S03E10.HDTV.x264-ASAP.mp4
2013-12-01 22:51 - 2013-12-06 22:32 - 00000000 ____D C:\Users\LEANDRO da Silva\Downloads\Band of Brothers [ Irmãos de Guerra ] - The Pirate Filmes
2013-12-01 22:51 - 2013-12-06 22:31 - 00000000 ____D C:\Users\LEANDRO da Silva\Downloads\ender
2013-12-01 22:45 - 2013-12-01 22:49 - 198711216 ____R C:\Users\LEANDRO da Silva\Downloads\Marvels.Agents.of.S.H.I.E.L.D.S01E09.HDTV.x264-LOL.mp4
2013-12-01 22:12 - 2013-12-01 22:21 - 353297129 ____R C:\Users\LEANDRO da Silva\Downloads\piecePROJECT_-_Epi_623_HD.mkv
2013-12-01 22:12 - 2013-12-01 22:17 - 347971470 ____R C:\Users\LEANDRO da Silva\Downloads\HXP-E_106_HD.mkv
2013-11-30 20:31 - 2013-11-30 20:54 - 00282992 _____ (Mozilla) C:\Users\LEANDRO da Silva\Downloads\Firefox Setup Stub 25.0.1.exe
2013-11-30 20:09 - 2013-11-30 20:09 - 00000000 ___RD C:\Users\LEANDRO da Silva\AppData\Roaming\Brother
2013-11-30 20:04 - 2013-11-30 20:04 - 00000000 ____D C:\Users\LEANDRO da Silva\Downloads\favoritos
2013-11-30 19:39 - 2013-11-30 19:39 - 00000000 _____ C:\Users\LEANDRO da Silva\Sti_Trace.log
2013-11-30 15:31 - 2013-11-30 15:32 - 00000000 ____D C:\Users\LEANDRO da Silva\AppData\Roaming\ControlCenter4
2013-11-30 15:31 - 2013-11-30 15:31 - 00000000 ____D C:\Users\LEANDRO da Silva\AppData\Roaming\FLEXnet
2013-11-30 15:10 - 2013-11-30 15:10 - 00000000 ____D C:\Users\LEANDRO da Silva\Documents\Fax
2013-11-30 15:04 - 2013-11-30 15:04 - 00000000 ____D C:\Users\Todos os Usuários\ControlCenter4
2013-11-30 15:04 - 2013-11-30 15:04 - 00000000 ____D C:\ProgramData\ControlCenter4
2013-11-30 15:04 - 2013-11-30 15:04 - 00000000 ____D C:\Program Files (x86)\ControlCenter4
2013-11-30 15:04 - 2013-11-30 15:04 - 00000000 ____D C:\Program Files (x86)\Browny02
2013-11-30 15:04 - 2013-11-30 15:04 - 00000000 ____D C:\Brother
2013-11-30 15:04 - 2010-06-10 04:09 - 01439744 _____ (Brother Industries, Ltd.) C:\Windows\system32\BrWi209d.dll
2013-11-30 15:04 - 2010-06-07 09:18 - 00050688 _____ (Brother Industries, Ltd.) C:\Windows\system32\BrUsi09d.dll
2013-11-30 15:04 - 2010-05-10 06:45 - 00103736 _____ (Brother Industries Ltd) C:\Windows\SysWOW64\BRRBTOOL.EXE
2013-11-30 15:04 - 2010-04-02 03:33 - 00025299 _____ (Brother Industries, Ltd) C:\Windows\SysWOW64\BRLM03A.DLL
2013-11-30 15:04 - 2010-04-01 08:27 - 00278528 _____ (Brother Industries, Ltd.) C:\Windows\system32\BrJDec.dll
2013-11-30 15:04 - 2005-01-17 05:10 - 00045056 _____ C:\Windows\SysWOW64\BRTCPCON.DLL
2013-11-30 15:04 - 2004-08-09 05:00 - 00000114 _____ C:\Windows\SysWOW64\BRLMW03A.INI
2013-11-30 15:04 - 2004-08-09 04:42 - 00077824 _____ (Brother Industries, Ltd.) C:\Windows\SysWOW64\BRLMW03A.DLL
2013-11-30 15:04 - 1999-10-26 14:00 - 00000050 _____ C:\Windows\system32\BRADM10A.DAT
2013-11-30 15:03 - 2013-11-30 15:04 - 00000000 ____D C:\Program Files (x86)\Brother
2013-11-30 15:03 - 2010-08-02 20:57 - 00217088 ____N (brother) C:\Windows\SysWOW64\NSSearch.dll
2013-11-30 15:03 - 2010-03-15 19:56 - 00002560 ____N (Brother Industries Ltd.) C:\Windows\SysWOW64\BrDctF2S.dll
2013-11-30 15:03 - 2010-03-15 19:45 - 00073728 ____N (Brother Industries Ltd.) C:\Windows\SysWOW64\BrDctF2.dll
2013-11-30 15:03 - 2010-02-05 11:42 - 00180224 ____N (Brother Industries, Ltd.) C:\Windows\SysWOW64\BroSNMP.dll
2013-11-30 15:03 - 2007-12-13 22:16 - 00005632 ____N (Brother Industries Ltd.) C:\Windows\SysWOW64\BrDctF2L.dll
2013-11-30 15:02 - 2013-11-30 15:02 - 00000000 ____D C:\Users\LEANDRO da Silva\AppData\Roaming\InstallShield
2013-11-30 15:01 - 2013-11-30 15:01 - 00000000 ____D C:\Users\Todos os Usuários\zeon
2013-11-30 15:01 - 2013-11-30 15:01 - 00000000 ____D C:\ProgramData\zeon
2013-11-30 15:01 - 2013-11-30 15:01 - 00000000 ____D C:\Program Files\Nuance
2013-11-30 15:00 - 2013-11-30 15:00 - 00000000 ____D C:\Users\LEANDRO da Silva\AppData\Roaming\Nuance
2013-11-30 14:59 - 2013-11-30 15:35 - 00000000 ____D C:\Users\Todos os Usuários\Nuance
2013-11-30 14:59 - 2013-11-30 15:35 - 00000000 ____D C:\ProgramData\Nuance
2013-11-30 14:59 - 2013-11-30 15:01 - 00000000 ____D C:\Program Files (x86)\Nuance
2013-11-30 14:59 - 2013-11-30 15:00 - 00000000 ____D C:\Users\Todos os Usuários\ScanSoft
2013-11-30 14:59 - 2013-11-30 15:00 - 00000000 ____D C:\ProgramData\ScanSoft
2013-11-30 14:59 - 2013-11-30 14:59 - 00000000 ____D C:\Users\LEANDRO da Silva\Documents\MyWebPages
2013-11-30 14:55 - 2013-11-30 15:17 - 00000000 ____D C:\Users\Todos os Usuários\Brother
2013-11-30 14:55 - 2013-11-30 15:17 - 00000000 ____D C:\ProgramData\Brother
2013-11-30 14:53 - 2013-11-30 14:53 - 00000000 ____D C:\Users\LEANDRO\AppData\Local\National Instruments
2013-11-29 18:27 - 2013-12-01 23:11 - 1139658789 ____R C:\Users\LEANDRO da Silva\Downloads\Evangelion 3.0 2012.mp4
2013-11-27 20:12 - 2013-11-27 20:13 - 00001124 _____ C:\DelFix.txt
2013-11-27 18:33 - 2013-11-27 19:18 - 00000000 ____D C:\zoek_backup
2013-11-25 21:05 - 2013-11-25 21:05 - 00002314 _____ C:\Users\LEANDRO da Silva\Desktop\SpyHunter.lnk
2013-11-25 21:05 - 2013-11-25 21:05 - 00000000 ____D C:\Windows\4FC9DA9DF608454E8191D7EFFDCC5726.TMP
2013-11-25 21:05 - 2013-11-25 21:05 - 00000000 ____D C:\sh4ldr
2013-11-25 21:05 - 2013-11-25 21:05 - 00000000 ____D C:\Program Files (x86)\Enigma Software Group
2013-11-25 21:02 - 2013-11-25 21:03 - 00000000 ____D C:\Windows\72AAF4551E54475BB0AB5413C78D0E63.TMP
2013-11-25 18:31 - 2013-12-02 20:02 - 00000000 ____D C:\Users\LEANDRO da Silva\Downloads\The Sopranos - The Complete Series (Season 1, 2, 3, 4, 5 & 6) + Extras
2013-11-25 18:31 - 2013-12-02 06:03 - 00000000 ____D C:\Users\LEANDRO da Silva\Downloads\Monty Pythons Flying Circus
2013-11-25 18:31 - 2013-11-25 21:13 - 00000000 ____D C:\Users\LEANDRO da Silva\Downloads\Twin Peaks
2013-11-25 18:30 - 2013-12-02 06:03 - 00000000 ____D C:\Users\LEANDRO da Silva\Downloads\Mr.Bean Complete DVDs Collection
2013-11-25 18:29 - 2013-12-01 22:30 - 00000000 ____D C:\Users\LEANDRO da Silva\Downloads\Doctor Who 2005 - Season 1
2013-11-25 18:23 - 2013-11-25 18:23 - 00000000 _____ C:\autoexec.bat
2013-11-25 18:22 - 2013-11-25 21:05 - 00000000 ____D C:\Users\LEANDRO da Silva\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpyHunter
2013-11-25 18:22 - 2013-11-25 18:22 - 00000000 ____D C:\Program Files\Enigma Software Group
2013-11-25 18:21 - 2013-11-29 18:47 - 00000000 ____D C:\Users\LEANDRO da Silva\Downloads\filmes
2013-11-25 17:13 - 2013-11-25 17:13 - 00001933 _____ C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
2013-11-25 06:19 - 2013-11-25 06:25 - 00000000 ____D C:\Users\LEANDRO da Silva\Downloads\Sherlock - Season 2 (2011) 720p MKV x264 AC3 BRrip [Pioneer]
2013-11-25 06:05 - 2013-11-25 06:08 - 00000000 ____D C:\Users\LEANDRO da Silva\Downloads\Sherlock - Season 1 (2010) 720p MKV x264 AC3 BRrip [Pioneer]
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 07-12-2013 01
Ran by LEANDRO da Silva (administrator) on LEANDRO on 07-12-2013 09:07:33
Running from C:\Users\LEANDRO da Silva\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: Portuguese Brazilian
Internet Explorer Version 11
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(Enigma Software Group USA, LLC.) C:\Program Files (x86)\Enigma Software Group\SpyHunter\SH4Service.exe
(GAS Tecnologia) C:\Program Files (x86)\GbPlugin\gbpsv.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(Andrea Electronics Corporation) C:\Program Files\IDT\WDM\AESTSr64.exe
(Atheros) C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\Ath_CoexAgent.exe
(Atheros Commnucations) C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\AdminService.exe
(Autodesk, Inc.) C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe
(Fork Ltd.) C:\Prey\platform\windows\cronsvc.exe
(Aladdin Knowledge Systems Ltd.) C:\Windows\System32\hasplms.exe
(National Instruments Corporation) C:\Windows\SysWOW64\lkads.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(National Instruments Corporation) C:\Program Files (x86)\National Instruments\Shared\Security\nidmsrv.exe
(National Instruments Corporation) C:\Program Files (x86)\National Instruments\Shared\NI WebServer\SystemWebServer.exe
(Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe
(SoftThinks SAS) C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe
(VMware, Inc.) C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator.exe
(VMware, Inc.) C:\Windows\SysWOW64\vmnat.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(National Instruments, Inc.) C:\Windows\SysWOW64\lkcitdl.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(National Instruments Corporation) C:\Windows\SysWOW64\lktsrv.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\systemcore\mcshield.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\Apoint.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Dell Inc.) C:\Program Files\Dell\QuickSet\quickset.exe
(Atheros Communications) C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtvStack.exe
(Atheros Commnucations) C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\AthBtTray.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Acresso Corporation) C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.130\SSScheduler.exe
() C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe
(McAfee, Inc.) C:\Program Files\mcafee.com\agent\mcagent.exe
(Creative Technology Ltd) C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe
(VMware, Inc.) C:\Program Files (x86)\VMware\VMware Player\hqtray.exe
(National Instruments Corporation) C:\Program Files (x86)\National Instruments\Shared\NI Error Reporting\nierserver.exe
(Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe
(Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PDF Viewer Plus\pdfPro5Hook.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
(Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\systemcore\mfefire.exe
(National Instruments Corporation) C:\Program Files (x86)\National Instruments\Shared\NI WebServer\ApplicationWebServer.exe
(National Instruments Corporation) C:\Program Files (x86)\National Instruments\Shared\mDNS Responder\nimdnsResponder.exe
(VMware, Inc.) C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe
(VMware, Inc.) C:\Windows\SysWOW64\vmnetdhcp.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCcUxSys.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\BrYNSvc.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApMsgFwd.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\hidfind.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApntEx.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PaperPort\NuanceWDS.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [Apoint] - C:\Program Files\DellTPad\Apoint.exe [608112 2011-03-29] (Alps Electric Co., Ltd.)
HKLM\...\Run: [SysTrayApp] - C:\Program Files\IDT\WDM\sttray64.exe [1128448 2011-05-27] (IDT, Inc.)
HKLM\...\Run: [HotKeysCmds] - C:\Windows\system32\hkcmd.exe [ ] ()
HKLM\...\Run: [IntelTBRunOnce] - C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs [4526 2010-11-29] ()
HKLM\...\Run: [QuickSet] - C:\Program Files\Dell\QuickSet\quickset.exe [3668336 2011-03-24] (Dell Inc.)
HKLM\...\Run: [AtherosBtStack] - C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtvStack.exe [627360 2011-05-20] (Atheros Communications)
HKLM\...\Run: [AthBtTray] - C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\AthBtTray.exe [379552 2011-05-20] (Atheros Commnucations)
HKLM\...\Run: [DellStage] - C:\Program Files (x86)\Dell Stage\Dell Stage\start.umj [483424 2012-02-01] ()
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKCU\...\Run: [Facebook Update] - C:\Users\LEANDRO da Silva\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2013-01-09] (Facebook Inc.)
HKCU\...\Run: [DAEMON Tools Lite] - C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3673728 2012-11-06] (DT Soft Ltd)
HKCU\...\Run: [ISUSPM] - C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe [222496 2009-05-05] (Acresso Corporation)
HKCU\...\Run: [NextLive] - C:\Windows\SysWOW64\rundll32.exe "C:\Users\LEANDRO da Silva\AppData\Roaming\newnext.me\nengine.dll",EntryPoint -m l
HKCU\...\Policies\Explorer: []
MountPoints2: {0d700715-36f1-11e2-ae0f-e006e6fdb602} - E:\Autorun.exe
MountPoints2: {81b32c88-277b-11e2-b9b7-e006e6fdb602} - E:\Autorun.exe
HKLM-x32\...\Run: [Dell Registration] - C:\Program Files (x86)\System Registration\prodreg.exe [4165440 2011-08-04] (Dell, Inc.)
HKLM-x32\...\Run: [] - [x]
HKLM-x32\...\Run: [RoxWatchTray] - C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe [240112 2010-11-25] (Sonic Solutions)
HKLM-x32\...\Run: [Desktop Disc Tool] - C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe [514544 2010-11-17] ()
HKLM-x32\...\Run: [mcui_exe] - C:\Program Files\mcafee.com\agent\mcagent.exe [1532992 2013-03-13] (McAfee, Inc.)
HKLM-x32\...\Run: [AccuWeatherWidget] - C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\start.umj [2835443 2012-02-01] ()
HKLM-x32\...\Run: [Dell Webcam Central] - C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe [577536 2013-01-08] (Creative Technology Ltd)
HKLM-x32\...\Run: [NI Update Service] - C:\Program Files (x86)\National Instruments\Shared\Update Service\NIUpdateService.exe [851592 2012-08-02] (National Instruments)
HKLM-x32\...\Run: [VMware hqtray] - C:\Program Files (x86)\VMware\VMware Player\hqtray.exe [64048 2010-01-22] (VMware, Inc.)
HKLM-x32\...\Run: [IndexSearch] - C:\Program Files (x86)\Nuance\PaperPort\IndexSearch.exe [46368 2010-03-09] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [PaperPort PTD] - C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe [29984 2010-03-09] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [PPort12reminder] - C:\ProgramData\ScanSoft\PaperPort\12\Config\Ereg\Ereg.ini [433 2013-12-07] ()
HKLM-x32\...\Run: [PDFHook] - C:\Program Files (x86)\Nuance\PDF Viewer Plus\pdfPro5Hook.exe [636192 2010-03-05] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [PDF5 Registry Controller] - C:\Program Files (x86)\Nuance\PDF Viewer Plus\RegistryController.exe [62752 2010-03-05] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [ControlCenter4] - C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [139264 2011-04-20] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [BrStsMon00] - C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [2621440 2010-06-10] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [mobilegeni daemon] - C:\Program Files (x86)\Mobogenie\DaemonProcess.exe
HKU\LEANDRO\...\Run: [Facebook Update] - C:\Users\LEANDRO da Silva\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2013-01-09] (Facebook Inc.)
HKU\LEANDRO\...\Run: [DAEMON Tools Lite] - C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3673728 2012-11-06] (DT Soft Ltd)
HKU\LEANDRO\...\Run: [ISUSPM] - C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe [222496 2009-05-05] (Acresso Corporation)
Startup: C:\Users\LEANDRO\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Monitor da tecnologia Intel® Turbo Boost 2.0.lnk
ShortcutTarget: Monitor da tecnologia Intel® Turbo Boost 2.0.lnk -> C:\Program Files\Intel\TurboBoost\SignalIslandUi.exe (Intel® Corporation)
Startup: C:\Users\LEANDRO da Silva\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Screen Clipper and Launcher.lnk
ShortcutTarget: OneNote 2010 Screen Clipper and Launcher.lnk -> C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
SearchScopes: HKLM - DefaultScope {91A6DBD0-F1BE-4954-B3D2-594DCECE0D50} URL =
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - {6FF37769-0FF3-4F0D-9FDC-F940C33DAB9D} URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
SearchScopes: HKCU - {EFA27348-E879-4907-9783-B1D0956D3E33} URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
BHO: Plus-HD-4.4 - {11111111-1111-1111-1111-110311961176} - C:\Program Files (x86)\Plus-HD-4.4\Plus-HD-4.4-bho64.dll No File
BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\Common Files\mcafee\systemcore\ScriptSn.20130316191051.dll (McAfee, Inc.)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - C:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.130\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO-x32: PlusIEEventHelper Class - {551A852F-39A6-44A7-9C13-AFBEC9185A9D} - C:\Program Files (x86)\Nuance\PDF Viewer Plus\bin\PlusIEContextMenu.dll (Zeon Corporation)
BHO-x32: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\Common Files\mcafee\SystemCore\ScriptSn.20130324145814.dll (McAfee, Inc.)
BHO-x32: CIESpeechBHO Class - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
BHO-x32: Auxiliar de Conexão do Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - C:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: GbIehObj Class - {C41A1C0E-EA6C-11D4-B1B8-444553540000} - C:\Program Files (x86)\GbPlugin\gbieh.dll (Banco do Brasil)
BHO-x32: GbIehObj Class - {C41A1C0E-EA6C-11D4-B1B8-444553540003} - C:\Program Files (x86)\GbPlugin\gbiehcef.dll (Caixa Economica Federal)
Toolbar: HKLM - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - C:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
Toolbar: HKLM-x32 - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - C:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
DPF: HKLM-x32 {6C269571-C6D7-4818-BCA4-32A035E8C884} [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
DPF: HKLM-x32 {D4B68B83-8710-488B-A692-D74B50BA558E} [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
DPF: HKLM-x32 {F6ACF75C-C32C-447B-9BEF-46B766368D29} [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll No File
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll No File
Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - C:\Program Files\mcafee\msc\McSnIePl64.dll (McAfee, Inc.)
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - C:\Program Files (x86)\McAfee\msc\McSnIePl.dll (McAfee, Inc.)
ShellExecuteHooks-x32: GbPluginObj Class - {E37CB5F0-51F5-4395-A808-5FA49E399003} - C:\Program Files (x86)\GbPlugin\gbiehcef.dll [1479528 2013-10-16] (Caixa Economica Federal)
ShellExecuteHooks-x32: GbPluginObj Class - {E37CB5F0-51F5-4395-A808-5FA49E399F83} - C:\Program Files (x86)\GbPlugin\gbieh.dll [1487912 2013-10-07] (Banco do Brasil)
Winsock: Catalog5 10 C:\Program Files (x86)\National Instruments\Shared\mDNS Responder\nimdnsNSP.dll [24320] (National Instruments Corporation)
Winsock: Catalog5-x64 10 C:\Program Files\National Instruments\Shared\mDNS Responder\nimdnsNSP.dll [26368] (National Instruments Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 83.11.2.254
Tcpip\..\Interfaces\{4C724388-AD8C-4EC5-9040-0487D2896AD6}: [NameServer]8.8.8.8,8.8.4.4,4.2.2.1,4.2.2.2,208.67.222.222,208.67.220.220,8.26.56.26,8.20.247.20,156.154.70.1,156.154.71.1
FireFox:
========
FF ProfilePath: C:\Users\LEANDRO da Silva\AppData\Roaming\Mozilla\Firefox\Profiles\a7iol6jg.default
FF NewTab: google
FF DefaultSearchEngine: Pesquisa Segura
FF SearchEngineOrder.1: Pesquisa Segura
FF SelectedSearchEngine: Pesquisa Segura
FF Homepage: [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
FF Keyword.URL: [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_117.dll ()
FF Plugin: @mcafee.com/MSC,version=10 - c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL ()
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.21.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @mcafee.com/McAfeeMssPlugin - C:\Program Files\McAfee Security Scan\3.8.130\npMcAfeeMss.dll (McAfee, Inc.)
FF Plugin-x32: @mcafee.com/MSC,version=10 - c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL ()
FF Plugin-x32: @mcafee.com/SAFFPlugin - C:\Program Files (x86)\McAfee\SiteAdvisor\npmcffplg32.dll (McAfee, Inc.)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll No File
FF Plugin-x32: @videolan.org/vlc,version=2.0.3 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin - C:\Users\LEANDRO da Silva\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF Plugin HKCU: gastecnologia.com.br/sf/bb - C:\Users\LEANDRO da Silva\AppData\Local\GAS Tecnologia\GBBD\npsf_bb.dll (GAS Tecnologia)
FF Plugin HKCU: gastecnologia.com.br/sf/cef - C:\Users\LEANDRO da Silva\AppData\Local\GAS Tecnologia\GBBD\npsf_cef.dll (GAS Tecnologia)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\McSiteAdvisor.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\buscape.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\McSiteAdvisor.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\mercadolivre.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-br.xml
FF Extension: LogMeIn, Inc. Remote Access Plugin - C:\Users\LEANDRO da Silva\AppData\Roaming\Mozilla\Firefox\Profiles\a7iol6jg.default\Extensions\LogMeInClient@logmein.com
FF Extension: DownloadHelper - C:\Users\LEANDRO da Silva\AppData\Roaming\Mozilla\Firefox\Profiles\a7iol6jg.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
FF Extension: BaixouAgora - C:\Users\LEANDRO da Silva\AppData\Roaming\Mozilla\Firefox\Profiles\a7iol6jg.default\Extensions\BaixouAgora@Baixou.xpi
FF Extension: newtaburl - C:\Users\LEANDRO da Silva\AppData\Roaming\Mozilla\Firefox\Profiles\a7iol6jg.default\Extensions\newtaburl@sogame.cat.xpi
FF Extension: VacuumPlacesImproved - C:\Users\LEANDRO da Silva\AppData\Roaming\Mozilla\Firefox\Profiles\a7iol6jg.default\Extensions\VacuumPlacesImproved@lultimouomo-gmail.com.xpi
FF Extension: flashgot - C:\Users\LEANDRO da Silva\AppData\Roaming\Mozilla\Firefox\Profiles\a7iol6jg.default\Extensions\{19503e42-ca3c-4c27-b1e2-9cdb2170ee34}.xpi
FF Extension: noscript - C:\Users\LEANDRO da Silva\AppData\Roaming\Mozilla\Firefox\Profiles\a7iol6jg.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi
FF Extension: Adblock Plus - C:\Users\LEANDRO da Silva\AppData\Roaming\Mozilla\Firefox\Profiles\a7iol6jg.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
FF Extension: bprivacyprefs - C:\Users\LEANDRO da Silva\AppData\Roaming\Mozilla\Firefox\Profiles\a7iol6jg.default\Extensions\{d40f5e7b-d2cf-4856-b441-cc613eeffbe3}.xpi
FF Extension: downbarconfig - C:\Users\LEANDRO da Silva\AppData\Roaming\Mozilla\Firefox\Profiles\a7iol6jg.default\Extensions\{D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}.xpi
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor
FF Extension: McAfee SiteAdvisor - C:\Program Files (x86)\McAfee\SiteAdvisor
FF HKLM-x32\...\Firefox\Extensions: [{D19CA586-DD6C-4a0a-96F8-14644F340D60}] - C:\Program Files (x86)\Common Files\McAfee\SystemCore
FF Extension: McAfee ScriptScan for Firefox - C:\Program Files (x86)\Common Files\McAfee\SystemCore
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
FF Extension: McAfee Anti-Spam Thunderbird Extension - C:\Program Files\McAfee\MSK
FF HKCU\...\Firefox\Extensions: [{87F8774F-B485-47E2-A755-A40A8A5E886D}] - C:\Users\LEANDRO da Silva\AppData\Local\GAS Tecnologia\GBBD\cef\sf.xpi
FF Extension: No Name - C:\Users\LEANDRO da Silva\AppData\Local\GAS Tecnologia\GBBD\cef\sf.xpi
FF HKCU\...\Firefox\Extensions: [{87F8774F-B485-47E2-A755-A40A8A5E886C}] - C:\Users\LEANDRO da Silva\AppData\Local\GAS Tecnologia\GBBD\bb\sf.xpi
FF Extension: No Name - C:\Users\LEANDRO da Silva\AppData\Local\GAS Tecnologia\GBBD\bb\sf.xpi
==================== Services (Whitelisted) =================
R2 Atheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\Ath_CoexAgent.exe [146592 2011-05-20] (Atheros)
R2 Autodesk Content Service; C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [19232 2012-01-31] (Autodesk, Inc.)
R2 CronService; C:\Prey\platform\windows\cronsvc.exe [19968 2011-02-15] (Fork Ltd.)
R2 GbpSv; C:\Program Files (x86)\GbPlugin\gbpsv.exe [452968 2013-10-16] (GAS Tecnologia)
R2 LkCitadelServer; C:\Windows\SysWOW64\lkcitdl.exe [695136 2011-05-06] (National Instruments, Inc.)
R2 lkClassAds; C:\Windows\SysWOW64\lkads.exe [50328 2012-06-05] (National Instruments Corporation)
R2 lkTimeSync; C:\Windows\SysWOW64\lktsrv.exe [60568 2012-06-05] (National Instruments Corporation)
S2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 McAfee SiteAdvisor Service; C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [201304 2012-08-31] (McAfee, Inc.)
S3 McAWFwk; C:\Program Files\mcafee\msc\McAWFwk.exe [224704 2011-03-08] (McAfee, Inc.)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.130\McCHSvc.exe [288776 2013-09-06] (McAfee, Inc.)
R2 McMPFSvc; C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [201304 2012-08-31] (McAfee, Inc.)
R2 mcmscsvc; C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe [201304 2012-08-31] (McAfee, Inc.)
R2 McNaiAnn; C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe [201304 2012-08-31] (McAfee, Inc.)
R2 McNASvc; C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe [201304 2012-08-31] (McAfee, Inc.)
S3 McODS; C:\Program Files\mcafee\VirusScan\mcods.exe [383608 2012-11-16] (McAfee, Inc.)
S4 McOobeSv; C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe [201304 2012-08-31] (McAfee, Inc.)
R2 McProxy; C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe [201304 2012-08-31] (McAfee, Inc.)
R2 McShield; C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe [241456 2013-02-19] (McAfee, Inc.)
R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [218760 2013-02-19] (McAfee, Inc.)
R2 mfevtp; C:\Windows\system32\mfevtps.exe [182752 2013-02-19] (McAfee, Inc.)
R2 MSK80Service; C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [201304 2012-08-31] (McAfee, Inc.)
R2 NIApplicationWebServer; C:\Program Files (x86)\National Instruments\Shared\NI WebServer\ApplicationWebServer.exe [53960 2012-05-22] (National Instruments Corporation)
S4 NIApplicationWebServer64; C:\Program Files\National Instruments\Shared\NI WebServer\ApplicationWebServer.exe [76488 2012-05-22] (National Instruments Corporation)
R2 NIDomainService; C:\Program Files (x86)\National Instruments\Shared\Security\nidmsrv.exe [370328 2012-06-05] (National Instruments Corporation)
S3 NILM License Manager; C:\Program Files (x86)\National Instruments\Shared\License Manager\Bin\lmgrd.exe [1427688 2010-08-02] (Macrovision Corporation)
R2 nimDNSResponder; C:\Program Files (x86)\National Instruments\Shared\mDNS Responder\nimdnsResponder.exe [258776 2012-05-31] (National Instruments Corporation)
R2 niSvcLoc; C:\Program Files (x86)\National Instruments\Shared\NI WebServer\SystemWebServer.exe [53952 2012-05-22] (National Instruments Corporation)
R2 PDFProFiltSrvPP; C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe [144672 2010-03-09] (Nuance Communications, Inc.)
R2 SpyHunter 4 Service; C:\Program Files (x86)\Enigma Software Group\SpyHunter\SH4Service.exe [327064 2010-05-18] (Enigma Software Group USA, LLC.)
S3 ufad-ws60; C:\Program Files (x86)\VMware\VMware Player\vmware-ufad.exe [191024 2009-10-12] (VMware, Inc.)
S3 aspnet_state; %SystemRoot%\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [x]
==================== Drivers (Whitelisted) ====================
S3 androidusb; C:\Windows\System32\Drivers\wsadb.sys [40232 2013-06-02] (Google Inc)
R3 cfwids; C:\Windows\System32\drivers\cfwids.sys [70112 2013-02-19] (McAfee, Inc.)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2012-11-25] (DT Soft Ltd)
S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [196440 2012-04-20] (McAfee, Inc.)
S3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R3 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [179280 2013-02-19] (McAfee, Inc.)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [309840 2013-02-19] (McAfee, Inc.)
U3 mfeavfk01; No ImagePath
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [515968 2013-02-19] (McAfee, Inc.)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [771536 2013-02-19] (McAfee, Inc.)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [340216 2013-02-19] (McAfee, Inc.)
S3 ssudobex; C:\Windows\System32\DRIVERS\ssudobex.sys [203544 2013-02-06] (DEVGURU Co., LTD.([Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R2 vstor2-ws60; C:\Program Files (x86)\VMware\VMware Player\vstor2-ws60.sys [32816 2009-10-12] (VMware, Inc.)
S3 <NtDriverName>; \SystemRoot\System32\Drivers\<NtDriverName>.sys [x]
S3 BprotectEx; \??\C:\Windows\System32\drivers\BprotectEx.sys [x]
S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [x]
S3 lmimirr; system32\DRIVERS\lmimirr.sys [x]
U5 SNTIE; C:\Windows\SysWOW64\Drivers\SNTIE.sys [172032 2004-05-28] (Siemens AG)
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2013-12-07 09:07 - 2013-12-07 09:08 - 00026875 _____ C:\Users\LEANDRO da Silva\Desktop\FRST.txt
2013-12-07 09:07 - 2013-12-07 09:07 - 00000000 ____D C:\FRST
2013-12-07 08:53 - 2013-12-07 08:53 - 00001518 _____ C:\Users\LEANDRO da Silva\Desktop\JRT.txt
2013-12-07 08:46 - 2013-12-07 08:46 - 00000000 ____D C:\Windows\ERUNT
2013-12-07 08:44 - 2013-12-07 08:44 - 00000000 ___RD C:\Users\LEANDRO da Silva\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
2013-12-07 08:35 - 2013-12-07 08:39 - 01927360 _____ (Farbar) C:\Users\LEANDRO da Silva\Desktop\FRST64.exe
2013-12-07 08:34 - 2013-12-07 08:42 - 01034531 _____ (Thisisu) C:\Users\LEANDRO da Silva\Desktop\JRT.exe
2013-12-07 07:54 - 2013-12-07 08:43 - 00000168 _____ C:\Windows\setupact.log
2013-12-07 07:54 - 2013-12-07 07:54 - 00000000 _____ C:\Windows\setuperr.log
2013-12-06 05:36 - 2013-12-07 08:34 - 00000000 ____D C:\Users\LEANDRO da Silva\Downloads\remover virus
2013-12-05 23:51 - 2013-12-07 08:44 - 00000000 ____D C:\Users\LEANDRO da Silva\AppData\Roaming\newnext.me
2013-12-05 23:51 - 2013-12-06 05:46 - 00000000 ____D C:\Users\LEANDRO da Silva\AppData\Local\Mobogenie
2013-12-05 23:51 - 2013-12-06 05:08 - 00000558 _____ C:\Users\LEANDRO da Silva\daemonprocess.txt
2013-12-05 23:51 - 2013-12-05 23:51 - 00000000 ____D C:\Users\LEANDRO da Silva\Documents\Mobogenie
2013-12-05 23:51 - 2013-12-05 23:51 - 00000000 ____D C:\Users\LEANDRO da Silva\AppData\Local\genienext
2013-12-05 23:51 - 2013-12-05 23:51 - 00000000 ____D C:\Users\LEANDRO da Silva\.android
2013-12-05 23:47 - 2013-12-05 23:47 - 00003224 _____ C:\Windows\System32\Tasks\{CEA5BAD8-FA0B-46D6-BFC6-24F78FD022E0}
2013-12-05 23:38 - 2013-12-05 23:40 - 242743296 _____ (Microsoft Corporation) C:\Users\LEANDRO da Silva\Downloads\dotnetfx35.exe
2013-12-05 22:29 - 2013-12-05 22:29 - 00000427 _____ C:\Users\LEANDRO da Silva\Desktop\os melhores do mundo.txt
2013-12-05 17:14 - 2013-12-05 23:31 - 00000000 ____D C:\Users\LEANDRO da Silva\Downloads\AutoCAD 2010 [64-Bit] - English
2013-12-05 06:19 - 2013-12-05 06:19 - 00000670 _____ C:\Windows\ST6UNST.003
2013-12-05 06:11 - 2013-12-05 06:11 - 00000671 _____ C:\Windows\ST6UNST.001
2013-12-05 06:11 - 2013-12-05 06:11 - 00000670 _____ C:\Windows\ST6UNST.002
2013-12-05 06:10 - 2013-12-05 06:19 - 00000000 _____ C:\Windows\SETUP.LST
2013-12-05 06:10 - 2013-12-05 06:10 - 00000670 _____ C:\Windows\ST6UNST.000
2013-12-02 23:16 - 2013-12-02 23:17 - 01821733 _____ C:\Users\LEANDRO da Silva\Desktop\photo.php.html
2013-12-02 23:16 - 2013-12-02 23:16 - 00000000 ____D C:\Users\LEANDRO da Silva\Desktop\photo.php_arquivos
2013-12-02 18:53 - 2013-12-02 18:53 - 00000000 ____D C:\Users\LEANDRO da Silva\AppData\Roaming\Benning Gmbh & Co. KG
2013-12-02 18:52 - 2013-12-02 18:52 - 00001644 _____ C:\Windows\ODBCINST.INI
2013-12-02 18:52 - 2013-12-02 18:52 - 00000288 _____ C:\Windows\ODBC.INI
2013-12-02 18:52 - 2013-12-02 18:52 - 00000000 ____D C:\~MSSETUP.T
2013-12-02 18:51 - 2013-12-02 18:51 - 00001134 _____ C:\Users\LEANDRO da Silva\Desktop\TEBE MCU Service.lnk
2013-12-02 18:51 - 2013-12-02 18:51 - 00000000 ____D C:\Program Files (x86)\Benning Gmbh & Co. KG
2013-12-02 16:41 - 2013-12-02 16:42 - 00000000 ____D C:\Users\LEANDRO da Silva\Downloads\The Walking Dead S04E08 HDTV x264-2HD[ettv]
2013-12-02 16:39 - 2013-12-02 16:47 - 288589019 ____R C:\Users\LEANDRO da Silva\Downloads\Homeland.S03E10.HDTV.x264-ASAP.mp4
2013-12-01 22:51 - 2013-12-06 22:32 - 00000000 ____D C:\Users\LEANDRO da Silva\Downloads\Band of Brothers [ Irmãos de Guerra ] - The Pirate Filmes
2013-12-01 22:51 - 2013-12-06 22:31 - 00000000 ____D C:\Users\LEANDRO da Silva\Downloads\ender
2013-12-01 22:45 - 2013-12-01 22:49 - 198711216 ____R C:\Users\LEANDRO da Silva\Downloads\Marvels.Agents.of.S.H.I.E.L.D.S01E09.HDTV.x264-LOL.mp4
2013-12-01 22:12 - 2013-12-01 22:21 - 353297129 ____R C:\Users\LEANDRO da Silva\Downloads\piecePROJECT_-_Epi_623_HD.mkv
2013-12-01 22:12 - 2013-12-01 22:17 - 347971470 ____R C:\Users\LEANDRO da Silva\Downloads\HXP-E_106_HD.mkv
2013-11-30 20:31 - 2013-11-30 20:54 - 00282992 _____ (Mozilla) C:\Users\LEANDRO da Silva\Downloads\Firefox Setup Stub 25.0.1.exe
2013-11-30 20:09 - 2013-11-30 20:09 - 00000000 ___RD C:\Users\LEANDRO da Silva\AppData\Roaming\Brother
2013-11-30 20:04 - 2013-11-30 20:04 - 00000000 ____D C:\Users\LEANDRO da Silva\Downloads\favoritos
2013-11-30 19:39 - 2013-11-30 19:39 - 00000000 _____ C:\Users\LEANDRO da Silva\Sti_Trace.log
2013-11-30 15:31 - 2013-11-30 15:32 - 00000000 ____D C:\Users\LEANDRO da Silva\AppData\Roaming\ControlCenter4
2013-11-30 15:31 - 2013-11-30 15:31 - 00000000 ____D C:\Users\LEANDRO da Silva\AppData\Roaming\FLEXnet
2013-11-30 15:10 - 2013-11-30 15:10 - 00000000 ____D C:\Users\LEANDRO da Silva\Documents\Fax
2013-11-30 15:04 - 2013-11-30 15:04 - 00000000 ____D C:\Users\Todos os Usuários\ControlCenter4
2013-11-30 15:04 - 2013-11-30 15:04 - 00000000 ____D C:\ProgramData\ControlCenter4
2013-11-30 15:04 - 2013-11-30 15:04 - 00000000 ____D C:\Program Files (x86)\ControlCenter4
2013-11-30 15:04 - 2013-11-30 15:04 - 00000000 ____D C:\Program Files (x86)\Browny02
2013-11-30 15:04 - 2013-11-30 15:04 - 00000000 ____D C:\Brother
2013-11-30 15:04 - 2010-06-10 04:09 - 01439744 _____ (Brother Industries, Ltd.) C:\Windows\system32\BrWi209d.dll
2013-11-30 15:04 - 2010-06-07 09:18 - 00050688 _____ (Brother Industries, Ltd.) C:\Windows\system32\BrUsi09d.dll
2013-11-30 15:04 - 2010-05-10 06:45 - 00103736 _____ (Brother Industries Ltd) C:\Windows\SysWOW64\BRRBTOOL.EXE
2013-11-30 15:04 - 2010-04-02 03:33 - 00025299 _____ (Brother Industries, Ltd) C:\Windows\SysWOW64\BRLM03A.DLL
2013-11-30 15:04 - 2010-04-01 08:27 - 00278528 _____ (Brother Industries, Ltd.) C:\Windows\system32\BrJDec.dll
2013-11-30 15:04 - 2005-01-17 05:10 - 00045056 _____ C:\Windows\SysWOW64\BRTCPCON.DLL
2013-11-30 15:04 - 2004-08-09 05:00 - 00000114 _____ C:\Windows\SysWOW64\BRLMW03A.INI
2013-11-30 15:04 - 2004-08-09 04:42 - 00077824 _____ (Brother Industries, Ltd.) C:\Windows\SysWOW64\BRLMW03A.DLL
2013-11-30 15:04 - 1999-10-26 14:00 - 00000050 _____ C:\Windows\system32\BRADM10A.DAT
2013-11-30 15:03 - 2013-11-30 15:04 - 00000000 ____D C:\Program Files (x86)\Brother
2013-11-30 15:03 - 2010-08-02 20:57 - 00217088 ____N (brother) C:\Windows\SysWOW64\NSSearch.dll
2013-11-30 15:03 - 2010-03-15 19:56 - 00002560 ____N (Brother Industries Ltd.) C:\Windows\SysWOW64\BrDctF2S.dll
2013-11-30 15:03 - 2010-03-15 19:45 - 00073728 ____N (Brother Industries Ltd.) C:\Windows\SysWOW64\BrDctF2.dll
2013-11-30 15:03 - 2010-02-05 11:42 - 00180224 ____N (Brother Industries, Ltd.) C:\Windows\SysWOW64\BroSNMP.dll
2013-11-30 15:03 - 2007-12-13 22:16 - 00005632 ____N (Brother Industries Ltd.) C:\Windows\SysWOW64\BrDctF2L.dll
2013-11-30 15:02 - 2013-11-30 15:02 - 00000000 ____D C:\Users\LEANDRO da Silva\AppData\Roaming\InstallShield
2013-11-30 15:01 - 2013-11-30 15:01 - 00000000 ____D C:\Users\Todos os Usuários\zeon
2013-11-30 15:01 - 2013-11-30 15:01 - 00000000 ____D C:\ProgramData\zeon
2013-11-30 15:01 - 2013-11-30 15:01 - 00000000 ____D C:\Program Files\Nuance
2013-11-30 15:00 - 2013-11-30 15:00 - 00000000 ____D C:\Users\LEANDRO da Silva\AppData\Roaming\Nuance
2013-11-30 14:59 - 2013-11-30 15:35 - 00000000 ____D C:\Users\Todos os Usuários\Nuance
2013-11-30 14:59 - 2013-11-30 15:35 - 00000000 ____D C:\ProgramData\Nuance
2013-11-30 14:59 - 2013-11-30 15:01 - 00000000 ____D C:\Program Files (x86)\Nuance
2013-11-30 14:59 - 2013-11-30 15:00 - 00000000 ____D C:\Users\Todos os Usuários\ScanSoft
2013-11-30 14:59 - 2013-11-30 15:00 - 00000000 ____D C:\ProgramData\ScanSoft
2013-11-30 14:59 - 2013-11-30 14:59 - 00000000 ____D C:\Users\LEANDRO da Silva\Documents\MyWebPages
2013-11-30 14:55 - 2013-11-30 15:17 - 00000000 ____D C:\Users\Todos os Usuários\Brother
2013-11-30 14:55 - 2013-11-30 15:17 - 00000000 ____D C:\ProgramData\Brother
2013-11-30 14:53 - 2013-11-30 14:53 - 00000000 ____D C:\Users\LEANDRO\AppData\Local\National Instruments
2013-11-29 18:27 - 2013-12-01 23:11 - 1139658789 ____R C:\Users\LEANDRO da Silva\Downloads\Evangelion 3.0 2012.mp4
2013-11-27 20:12 - 2013-11-27 20:13 - 00001124 _____ C:\DelFix.txt
2013-11-27 18:33 - 2013-11-27 19:18 - 00000000 ____D C:\zoek_backup
2013-11-25 21:05 - 2013-11-25 21:05 - 00002314 _____ C:\Users\LEANDRO da Silva\Desktop\SpyHunter.lnk
2013-11-25 21:05 - 2013-11-25 21:05 - 00000000 ____D C:\Windows\4FC9DA9DF608454E8191D7EFFDCC5726.TMP
2013-11-25 21:05 - 2013-11-25 21:05 - 00000000 ____D C:\sh4ldr
2013-11-25 21:05 - 2013-11-25 21:05 - 00000000 ____D C:\Program Files (x86)\Enigma Software Group
2013-11-25 21:02 - 2013-11-25 21:03 - 00000000 ____D C:\Windows\72AAF4551E54475BB0AB5413C78D0E63.TMP
2013-11-25 18:31 - 2013-12-02 20:02 - 00000000 ____D C:\Users\LEANDRO da Silva\Downloads\The Sopranos - The Complete Series (Season 1, 2, 3, 4, 5 & 6) + Extras
2013-11-25 18:31 - 2013-12-02 06:03 - 00000000 ____D C:\Users\LEANDRO da Silva\Downloads\Monty Pythons Flying Circus
2013-11-25 18:31 - 2013-11-25 21:13 - 00000000 ____D C:\Users\LEANDRO da Silva\Downloads\Twin Peaks
2013-11-25 18:30 - 2013-12-02 06:03 - 00000000 ____D C:\Users\LEANDRO da Silva\Downloads\Mr.Bean Complete DVDs Collection
2013-11-25 18:29 - 2013-12-01 22:30 - 00000000 ____D C:\Users\LEANDRO da Silva\Downloads\Doctor Who 2005 - Season 1
2013-11-25 18:23 - 2013-11-25 18:23 - 00000000 _____ C:\autoexec.bat
2013-11-25 18:22 - 2013-11-25 21:05 - 00000000 ____D C:\Users\LEANDRO da Silva\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpyHunter
2013-11-25 18:22 - 2013-11-25 18:22 - 00000000 ____D C:\Program Files\Enigma Software Group
2013-11-25 18:21 - 2013-11-29 18:47 - 00000000 ____D C:\Users\LEANDRO da Silva\Downloads\filmes
2013-11-25 17:13 - 2013-11-25 17:13 - 00001933 _____ C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
2013-11-25 06:19 - 2013-11-25 06:25 - 00000000 ____D C:\Users\LEANDRO da Silva\Downloads\Sherlock - Season 2 (2011) 720p MKV x264 AC3 BRrip [Pioneer]
2013-11-25 06:05 - 2013-11-25 06:08 - 00000000 ____D C:\Users\LEANDRO da Silva\Downloads\Sherlock - Season 1 (2010) 720p MKV x264 AC3 BRrip [Pioneer]
leandro9172- Iniciante
- Mensagens : 21
Reputação : 0
Data de inscrição : 27/11/2013
Relatório FRST CONTINUAÇAO
por leandro9172 Sáb 07 Dez 2013, 09:19
2013-11-24 22:28 - 2013-11-25 02:51 - 00000000 ____D C:\Users\LEANDRO da Silva\Downloads\Seinfeld
2013-11-24 21:56 - 2013-11-24 22:40 - 00000000 ____D C:\Users\LEANDRO da Silva\Downloads\Six Feet Under
2013-11-24 20:07 - 2013-11-24 20:07 - 00001111 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2013-11-24 20:07 - 2013-11-24 20:07 - 00000000 ____D C:\Users\Todos os Usuários\Malwarebytes
2013-11-24 20:07 - 2013-11-24 20:07 - 00000000 ____D C:\Users\LEANDRO da Silva\AppData\Roaming\Malwarebytes
2013-11-24 20:07 - 2013-11-24 20:07 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-11-24 20:07 - 2013-11-24 20:07 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-11-24 20:07 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2013-11-22 03:06 - 2013-10-14 18:00 - 00028368 _____ (Microsoft Corporation) C:\Windows\system32\IEUDINIT.EXE
2013-11-22 03:02 - 2013-11-22 03:02 - 23212032 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-11-22 03:02 - 2013-11-22 03:02 - 17142784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-11-22 03:02 - 2013-11-22 03:02 - 12995584 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-11-22 03:02 - 2013-11-22 03:02 - 11220992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-11-22 03:02 - 2013-11-22 03:02 - 05765120 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-11-22 03:02 - 2013-11-22 03:02 - 04240384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-11-22 03:02 - 2013-11-22 03:02 - 02764288 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-11-22 03:02 - 2013-11-22 03:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-11-22 03:02 - 2013-11-22 03:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-11-22 03:02 - 2013-11-22 03:02 - 02332160 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-11-22 03:02 - 2013-11-22 03:02 - 02166272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-11-22 03:02 - 2013-11-22 03:02 - 01993728 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-11-22 03:02 - 2013-11-22 03:02 - 01926656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2013-11-22 03:02 - 2013-11-22 03:02 - 01818112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-11-22 03:02 - 2013-11-22 03:02 - 01394176 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-11-22 03:02 - 2013-11-22 03:02 - 01228800 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2013-11-22 03:02 - 2013-11-22 03:02 - 01156608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-11-22 03:02 - 2013-11-22 03:02 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2013-11-22 03:02 - 2013-11-22 03:02 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2013-11-22 03:02 - 2013-11-22 03:02 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2013-11-22 03:02 - 2013-11-22 03:02 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2013-11-22 03:02 - 2013-11-22 03:02 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-11-22 03:02 - 2013-11-22 03:02 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2013-11-22 03:02 - 2013-11-22 03:02 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2013-11-22 03:02 - 2013-11-22 03:02 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll
2013-11-22 03:02 - 2013-11-22 03:02 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-11-22 03:02 - 2013-11-22 03:02 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2013-11-22 03:02 - 2013-11-22 03:02 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2013-11-22 03:02 - 2013-11-22 03:02 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-11-22 03:02 - 2013-11-22 03:02 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-11-22 03:02 - 2013-11-22 03:02 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2013-11-22 03:02 - 2013-11-22 03:02 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2013-11-22 03:02 - 2013-11-22 03:02 - 00523776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-11-22 03:02 - 2013-11-22 03:02 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2013-11-22 03:02 - 2013-11-22 03:02 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2013-11-22 03:02 - 2013-11-22 03:02 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-11-22 03:02 - 2013-11-22 03:02 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2013-11-22 03:02 - 2013-11-22 03:02 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2013-11-22 03:02 - 2013-11-22 03:02 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2013-11-22 03:02 - 2013-11-22 03:02 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2013-11-22 03:02 - 2013-11-22 03:02 - 00263376 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2013-11-22 03:02 - 2013-11-22 03:02 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2013-11-22 03:02 - 2013-11-22 03:02 - 00244736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2013-11-22 03:02 - 2013-11-22 03:02 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2013-11-22 03:02 - 2013-11-22 03:02 - 00238288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2013-11-22 03:02 - 2013-11-22 03:02 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2013-11-22 03:02 - 2013-11-22 03:02 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2013-11-22 03:02 - 2013-11-22 03:02 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2013-11-22 03:02 - 2013-11-22 03:02 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-11-22 03:02 - 2013-11-22 03:02 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2013-11-22 03:02 - 2013-11-22 03:02 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2013-11-22 03:02 - 2013-11-22 03:02 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2013-11-22 03:02 - 2013-11-22 03:02 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2013-11-22 03:02 - 2013-11-22 03:02 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2013-11-22 03:02 - 2013-11-22 03:02 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2013-11-22 03:02 - 2013-11-22 03:02 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2013-11-22 03:02 - 2013-11-22 03:02 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2013-11-22 03:02 - 2013-11-22 03:02 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2013-11-22 03:02 - 2013-11-22 03:02 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2013-11-22 03:02 - 2013-11-22 03:02 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-11-22 03:02 - 2013-11-22 03:02 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2013-11-22 03:02 - 2013-11-22 03:02 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2013-11-22 03:02 - 2013-11-22 03:02 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2013-11-22 03:02 - 2013-11-22 03:02 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2013-11-22 03:02 - 2013-11-22 03:02 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2013-11-22 03:02 - 2013-11-22 03:02 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2013-11-22 03:02 - 2013-11-22 03:02 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2013-11-22 03:02 - 2013-11-22 03:02 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-11-22 03:02 - 2013-11-22 03:02 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2013-11-22 03:02 - 2013-11-22 03:02 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2013-11-22 03:02 - 2013-11-22 03:02 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-11-22 03:02 - 2013-11-22 03:02 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-11-22 03:02 - 2013-11-22 03:02 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-11-22 03:02 - 2013-11-22 03:02 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2013-11-22 03:02 - 2013-11-22 03:02 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2013-11-22 03:02 - 2013-11-22 03:02 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2013-11-22 03:02 - 2013-11-22 03:02 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2013-11-22 03:02 - 2013-11-22 03:02 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2013-11-22 03:02 - 2013-11-22 03:02 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-11-22 03:02 - 2013-11-22 03:02 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2013-11-22 03:02 - 2013-11-22 03:02 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2013-11-22 03:02 - 2013-11-22 03:02 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-11-22 03:02 - 2013-11-22 03:02 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2013-11-22 03:02 - 2013-11-22 03:02 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2013-11-22 03:02 - 2013-11-22 03:02 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2013-11-22 03:02 - 2013-11-22 03:02 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-11-22 03:02 - 2013-11-22 03:02 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2013-11-22 03:02 - 2013-11-22 03:02 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-11-22 03:02 - 2013-11-22 03:02 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2013-11-22 03:02 - 2013-11-22 03:02 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2013-11-22 03:02 - 2013-11-22 03:02 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2013-11-22 03:02 - 2013-11-22 03:02 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2013-11-22 03:02 - 2013-11-22 03:02 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2013-11-22 03:02 - 2013-11-22 03:02 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2013-11-22 03:02 - 2013-11-22 03:02 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2013-11-22 03:02 - 2013-11-22 03:02 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-11-22 03:02 - 2013-11-22 03:02 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2013-11-22 03:02 - 2013-11-22 03:02 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2013-11-22 03:02 - 2013-11-22 03:02 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2013-11-22 03:02 - 2013-11-22 03:02 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-11-22 03:02 - 2013-11-22 03:02 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-11-22 03:02 - 2013-11-22 03:02 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2013-11-22 03:02 - 2013-11-22 03:02 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2013-11-22 03:02 - 2013-11-22 03:02 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2013-11-22 03:02 - 2013-11-22 03:02 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2013-11-22 03:02 - 2013-11-22 03:02 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2013-11-22 03:02 - 2013-11-22 03:02 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2013-11-22 03:02 - 2013-11-22 03:02 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2013-11-17 17:38 - 2013-11-17 17:45 - 00000099 _____ C:\Windows\Reimage.ini
2013-11-15 20:04 - 2013-11-30 20:54 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-11-14 21:11 - 2013-11-14 21:11 - 00000000 ____D C:\Users\LEANDRO da Silva\Downloads\fatura hospedagem lagos copa hotel
2013-11-14 20:28 - 2013-12-06 21:08 - 00000000 ____D C:\Users\LEANDRO da Silva\Downloads\voos
2013-11-13 19:55 - 2013-10-05 18:25 - 01474048 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2013-11-13 19:55 - 2013-10-05 17:57 - 01168384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2013-11-13 19:54 - 2013-09-25 00:26 - 00154560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2013-11-13 19:54 - 2013-09-25 00:26 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2013-11-13 19:54 - 2013-09-25 00:23 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2013-11-13 19:54 - 2013-09-25 00:23 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2013-11-13 19:54 - 2013-09-25 00:23 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2013-11-13 19:54 - 2013-09-25 00:22 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2013-11-13 19:54 - 2013-09-25 00:21 - 01447936 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2013-11-13 19:54 - 2013-09-25 00:21 - 00307200 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2013-11-13 19:54 - 2013-09-24 23:58 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2013-11-13 19:54 - 2013-09-24 23:57 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2013-11-13 19:54 - 2013-09-24 23:57 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2013-11-13 19:54 - 2013-09-24 23:56 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2013-11-13 19:54 - 2013-09-24 23:03 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2013-11-13 19:54 - 2013-07-04 10:18 - 00458712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2013-11-13 19:53 - 2013-10-04 00:28 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\SmartcardCredentialProvider.dll
2013-11-13 19:53 - 2013-10-04 00:25 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\credui.dll
2013-11-13 19:53 - 2013-10-04 00:24 - 01930752 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2013-11-13 19:53 - 2013-10-03 23:58 - 00152576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SmartcardCredentialProvider.dll
2013-11-13 19:53 - 2013-10-03 23:56 - 01796096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2013-11-13 19:53 - 2013-10-03 23:56 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credui.dll
2013-11-13 19:53 - 2013-09-27 23:09 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2013-11-13 19:52 - 2013-10-12 00:30 - 00830464 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll
2013-11-13 19:52 - 2013-10-12 00:29 - 00859648 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2013-11-13 19:52 - 2013-10-12 00:29 - 00324096 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL
2013-11-13 19:52 - 2013-10-12 00:03 - 00656896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll
2013-11-13 19:52 - 2013-10-12 00:01 - 00216576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL
2013-11-13 19:52 - 2013-10-03 00:23 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2013-11-13 19:52 - 2013-10-03 00:00 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2013-11-10 19:02 - 2013-11-10 19:22 - 00000055 _____ C:\Users\LEANDRO da Silva\Documents\outllok.txt
2013-11-08 16:41 - 2013-11-08 16:49 - 00000940 _____ C:\Windows\SysWOW64\InstallUtil.InstallLog
2013-11-08 16:21 - 2013-11-08 16:21 - 00003390 _____ C:\Windows\System32\Tasks\Baidu PC Faster Update
2013-11-08 16:21 - 2013-11-08 16:21 - 00000000 ____D C:\Users\LEANDRO da Silva\AppData\Roaming\Baidu Security
2013-11-08 16:20 - 2013-11-08 16:21 - 00000000 ____D C:\Users\Todos os Usuários\Baidu Security
2013-11-08 16:20 - 2013-11-08 16:21 - 00000000 ____D C:\ProgramData\Baidu Security
2013-11-08 16:20 - 2013-11-08 16:20 - 00000000 ____D C:\Users\Public\Documents\Baidu Security
2013-11-08 16:20 - 2013-11-08 16:20 - 00000000 ____D C:\Program Files (x86)\Baidu Security
==================== One Month Modified Files and Folders =======
2013-12-07 09:08 - 2013-12-07 09:07 - 00026875 _____ C:\Users\LEANDRO da Silva\Desktop\FRST.txt
2013-12-07 09:07 - 2013-12-07 09:07 - 00000000 ____D C:\FRST
2013-12-07 09:07 - 2012-11-05 19:13 - 00000000 ____D C:\Users\LEANDRO da Silva\AppData\Roaming\Mozilla
2013-12-07 08:53 - 2013-12-07 08:53 - 00001518 _____ C:\Users\LEANDRO da Silva\Desktop\JRT.txt
2013-12-07 08:51 - 2012-09-26 01:13 - 00000902 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-12-07 08:51 - 2009-07-14 02:45 - 00021296 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-12-07 08:51 - 2009-07-14 02:45 - 00021296 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-12-07 08:49 - 2012-09-26 01:07 - 01283677 _____ C:\Windows\WindowsUpdate.log
2013-12-07 08:46 - 2013-12-07 08:46 - 00000000 ____D C:\Windows\ERUNT
2013-12-07 08:44 - 2013-12-07 08:44 - 00000000 ___RD C:\Users\LEANDRO da Silva\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
2013-12-07 08:44 - 2013-12-05 23:51 - 00000000 ____D C:\Users\LEANDRO da Silva\AppData\Roaming\newnext.me
2013-12-07 08:44 - 2013-10-22 10:08 - 00000000 ____D C:\Users\Todos os Usuários\VMware
2013-12-07 08:44 - 2013-10-22 10:08 - 00000000 ____D C:\ProgramData\VMware
2013-12-07 08:44 - 2012-09-26 01:32 - 00000000 ____D C:\Program Files (x86)\Dell DataSafe Local Backup
2013-12-07 08:43 - 2013-12-07 07:54 - 00000168 _____ C:\Windows\setupact.log
2013-12-07 08:43 - 2013-07-24 18:27 - 00031088 _____ (GbPlugin NDIS Device Driver) C:\Windows\SysWOW64\Drivers\gbpndisrd.sys
2013-12-07 08:43 - 2013-07-24 18:27 - 00010266 _____ C:\Windows\SysWOW64\Drivers\ndisrd.cat
2013-12-07 08:43 - 2013-07-24 18:27 - 00001402 _____ C:\Windows\SysWOW64\Drivers\gas.cer
2013-12-07 08:43 - 2013-05-31 23:00 - 00000029 _____ C:\Windows\SysWOW64\TempWmicBatchFile.bat
2013-12-07 08:43 - 2012-12-16 17:41 - 00000228 _____ C:\Windows\Tasks\AutoKMS.job
2013-12-07 08:43 - 2009-07-14 03:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-12-07 08:42 - 2013-12-07 08:34 - 01034531 _____ (Thisisu) C:\Users\LEANDRO da Silva\Desktop\JRT.exe
2013-12-07 08:39 - 2013-12-07 08:35 - 01927360 _____ (Farbar) C:\Users\LEANDRO da Silva\Desktop\FRST64.exe
2013-12-07 08:34 - 2013-12-06 05:36 - 00000000 ____D C:\Users\LEANDRO da Silva\Downloads\remover virus
2013-12-07 07:57 - 2013-01-09 22:52 - 00000984 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2995875875-2491209139-696693241-1000UA.job
2013-12-07 07:54 - 2013-12-07 07:54 - 00000000 _____ C:\Windows\setuperr.log
2013-12-06 23:01 - 2013-04-24 11:14 - 00000000 ____D C:\Users\LEANDRO da Silva\AppData\Roaming\uTorrent
2013-12-06 23:01 - 2012-11-08 23:42 - 00000000 ____D C:\Users\LEANDRO da Silva\AppData\Roaming\Media Player Classic
2013-12-06 23:01 - 2012-11-05 23:05 - 00000000 ____D C:\Users\LEANDRO da Silva\AppData\Local\CrashDumps
2013-12-06 22:57 - 2013-01-09 22:52 - 00000962 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2995875875-2491209139-696693241-1000Core.job
2013-12-06 22:32 - 2013-12-01 22:51 - 00000000 ____D C:\Users\LEANDRO da Silva\Downloads\Band of Brothers [ Irmãos de Guerra ] - The Pirate Filmes
2013-12-06 22:31 - 2013-12-01 22:51 - 00000000 ____D C:\Users\LEANDRO da Silva\Downloads\ender
2013-12-06 21:40 - 2013-11-04 17:44 - 00000000 ____D C:\Users\LEANDRO da Silva\Downloads\podcast
2013-12-06 21:37 - 2012-11-05 11:43 - 00000000 ____D C:\Users\LEANDRO da Silva\AppData\Roaming\vlc
2013-12-06 21:35 - 2009-07-14 01:20 - 00000000 ____D C:\Windows\system32\NDF
2013-12-06 21:08 - 2013-11-14 20:28 - 00000000 ____D C:\Users\LEANDRO da Silva\Downloads\voos
2013-12-06 20:26 - 2012-09-26 01:53 - 00000000 ____D C:\Users\Todos os Usuários\Sonic
2013-12-06 20:26 - 2012-09-26 01:53 - 00000000 ____D C:\ProgramData\Sonic
2013-12-06 05:46 - 2013-12-05 23:51 - 00000000 ____D C:\Users\LEANDRO da Silva\AppData\Local\Mobogenie
2013-12-06 05:10 - 2013-06-09 22:41 - 00000000 ____D C:\Users\Todos os Usuários\GbPlugin
2013-12-06 05:10 - 2013-06-09 22:41 - 00000000 ____D C:\ProgramData\GbPlugin
2013-12-06 05:08 - 2013-12-05 23:51 - 00000558 _____ C:\Users\LEANDRO da Silva\daemonprocess.txt
2013-12-05 23:51 - 2013-12-05 23:51 - 00000000 ____D C:\Users\LEANDRO da Silva\Documents\Mobogenie
2013-12-05 23:51 - 2013-12-05 23:51 - 00000000 ____D C:\Users\LEANDRO da Silva\AppData\Local\genienext
2013-12-05 23:51 - 2013-12-05 23:51 - 00000000 ____D C:\Users\LEANDRO da Silva\.android
2013-12-05 23:51 - 2012-11-05 18:43 - 00000000 ____D C:\Users\LEANDRO da Silva\AppData\Local\cache
2013-12-05 23:51 - 2012-11-05 09:45 - 00000000 ____D C:\Users\LEANDRO da Silva
2013-12-05 23:47 - 2013-12-05 23:47 - 00003224 _____ C:\Windows\System32\Tasks\{CEA5BAD8-FA0B-46D6-BFC6-24F78FD022E0}
2013-12-05 23:45 - 2012-11-05 18:27 - 00000000 ____D C:\Users\LEANDRO da Silva\AppData\Local\Autodesk
2013-12-05 23:45 - 2012-11-05 18:24 - 00000000 ____D C:\Program Files\Common Files\Autodesk Shared
2013-12-05 23:45 - 2012-11-05 18:17 - 00000000 ____D C:\Users\Todos os Usuários\Autodesk
2013-12-05 23:45 - 2012-11-05 18:17 - 00000000 ____D C:\Users\LEANDRO da Silva\AppData\Roaming\Autodesk
2013-12-05 23:45 - 2012-11-05 18:17 - 00000000 ____D C:\ProgramData\Autodesk
2013-12-05 23:40 - 2013-12-05 23:38 - 242743296 _____ (Microsoft Corporation) C:\Users\LEANDRO da Silva\Downloads\dotnetfx35.exe
2013-12-05 23:31 - 2013-12-05 17:14 - 00000000 ____D C:\Users\LEANDRO da Silva\Downloads\AutoCAD 2010 [64-Bit] - English
2013-12-05 22:29 - 2013-12-05 22:29 - 00000427 _____ C:\Users\LEANDRO da Silva\Desktop\os melhores do mundo.txt
2013-12-05 06:19 - 2013-12-05 06:19 - 00000670 _____ C:\Windows\ST6UNST.003
2013-12-05 06:19 - 2013-12-05 06:10 - 00000000 _____ C:\Windows\SETUP.LST
2013-12-05 06:11 - 2013-12-05 06:11 - 00000671 _____ C:\Windows\ST6UNST.001
2013-12-05 06:11 - 2013-12-05 06:11 - 00000670 _____ C:\Windows\ST6UNST.002
2013-12-05 06:11 - 2013-10-22 12:56 - 00000000 ____D C:\Users\LEANDRO da Silva\AppData\Roaming\VMware
2013-12-05 06:10 - 2013-12-05 06:10 - 00000670 _____ C:\Windows\ST6UNST.000
2013-12-05 05:58 - 2012-12-12 18:29 - 00000000 ___HD C:\Users\LEANDRO da Silva\dwhelper
2013-12-03 20:42 - 2012-11-15 18:53 - 00000000 ____D C:\Users\LEANDRO da Silva\Documents\Bluetooth Folder
2013-12-02 23:17 - 2013-12-02 23:16 - 01821733 _____ C:\Users\LEANDRO da Silva\Desktop\photo.php.html
2013-12-02 23:16 - 2013-12-02 23:16 - 00000000 ____D C:\Users\LEANDRO da Silva\Desktop\photo.php_arquivos
2013-12-02 20:02 - 2013-11-25 18:31 - 00000000 ____D C:\Users\LEANDRO da Silva\Downloads\The Sopranos - The Complete Series (Season 1, 2, 3, 4, 5 & 6) + Extras
2013-12-02 18:53 - 2013-12-02 18:53 - 00000000 ____D C:\Users\LEANDRO da Silva\AppData\Roaming\Benning Gmbh & Co. KG
2013-12-02 18:52 - 2013-12-02 18:52 - 00001644 _____ C:\Windows\ODBCINST.INI
2013-12-02 18:52 - 2013-12-02 18:52 - 00000288 _____ C:\Windows\ODBC.INI
2013-12-02 18:52 - 2013-12-02 18:52 - 00000000 ____D C:\~MSSETUP.T
2013-12-02 18:51 - 2013-12-02 18:51 - 00001134 _____ C:\Users\LEANDRO da Silva\Desktop\TEBE MCU Service.lnk
2013-12-02 18:51 - 2013-12-02 18:51 - 00000000 ____D C:\Program Files (x86)\Benning Gmbh & Co. KG
2013-12-02 16:47 - 2013-12-02 16:39 - 288589019 ____R C:\Users\LEANDRO da Silva\Downloads\Homeland.S03E10.HDTV.x264-ASAP.mp4
2013-12-02 16:42 - 2013-12-02 16:41 - 00000000 ____D C:\Users\LEANDRO da Silva\Downloads\The Walking Dead S04E08 HDTV x264-2HD[ettv]
2013-12-02 06:03 - 2013-11-25 18:31 - 00000000 ____D C:\Users\LEANDRO da Silva\Downloads\Monty Pythons Flying Circus
2013-12-02 06:03 - 2013-11-25 18:30 - 00000000 ____D C:\Users\LEANDRO da Silva\Downloads\Mr.Bean Complete DVDs Collection
2013-12-01 23:11 - 2013-11-29 18:27 - 1139658789 ____R C:\Users\LEANDRO da Silva\Downloads\Evangelion 3.0 2012.mp4
2013-12-01 22:49 - 2013-12-01 22:45 - 198711216 ____R C:\Users\LEANDRO da Silva\Downloads\Marvels.Agents.of.S.H.I.E.L.D.S01E09.HDTV.x264-LOL.mp4
2013-12-01 22:30 - 2013-11-25 18:29 - 00000000 ____D C:\Users\LEANDRO da Silva\Downloads\Doctor Who 2005 - Season 1
2013-12-01 22:21 - 2013-12-01 22:12 - 353297129 ____R C:\Users\LEANDRO da Silva\Downloads\piecePROJECT_-_Epi_623_HD.mkv
2013-12-01 22:17 - 2013-12-01 22:12 - 347971470 ____R C:\Users\LEANDRO da Silva\Downloads\HXP-E_106_HD.mkv
2013-12-01 12:21 - 2012-11-05 13:34 - 00000000 ____D C:\Users\LEANDRO da Silva\Documents\curriculo
2013-11-30 21:09 - 2012-11-05 21:54 - 00000000 ____D C:\Users\LEANDRO da Silva\AppData\Roaming\WinRAR
2013-11-30 20:54 - 2013-11-30 20:31 - 00282992 _____ (Mozilla) C:\Users\LEANDRO da Silva\Downloads\Firefox Setup Stub 25.0.1.exe
2013-11-30 20:54 - 2013-11-15 20:04 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-11-30 20:30 - 2013-06-18 21:44 - 00000000 ____D C:\Program Files (x86)\Google
2013-11-30 20:27 - 2013-05-31 22:55 - 00000000 ____D C:\Users\LEANDRO da Silva\AppData\Local\Google
2013-11-30 20:09 - 2013-11-30 20:09 - 00000000 ___RD C:\Users\LEANDRO da Silva\AppData\Roaming\Brother
2013-11-30 20:04 - 2013-11-30 20:04 - 00000000 ____D C:\Users\LEANDRO da Silva\Downloads\favoritos
2013-11-30 19:39 - 2013-11-30 19:39 - 00000000 _____ C:\Users\LEANDRO da Silva\Sti_Trace.log
2013-11-30 15:35 - 2013-11-30 14:59 - 00000000 ____D C:\Users\Todos os Usuários\Nuance
2013-11-30 15:35 - 2013-11-30 14:59 - 00000000 ____D C:\ProgramData\Nuance
2013-11-30 15:32 - 2013-11-30 15:31 - 00000000 ____D C:\Users\LEANDRO da Silva\AppData\Roaming\ControlCenter4
2013-11-30 15:31 - 2013-11-30 15:31 - 00000000 ____D C:\Users\LEANDRO da Silva\AppData\Roaming\FLEXnet
2013-11-30 15:29 - 2009-07-14 02:45 - 00538144 _____ C:\Windows\system32\FNTCACHE.DAT
2013-11-30 15:23 - 2012-11-05 09:46 - 00159424 _____ C:\Users\LEANDRO da Silva\AppData\Local\GDIPFONTCACHEV1.DAT
2013-11-30 15:17 - 2013-11-30 14:55 - 00000000 ____D C:\Users\Todos os Usuários\Brother
2013-11-30 15:17 - 2013-11-30 14:55 - 00000000 ____D C:\ProgramData\Brother
2013-11-30 15:10 - 2013-11-30 15:10 - 00000000 ____D C:\Users\LEANDRO da Silva\Documents\Fax
2013-11-30 15:04 - 2013-11-30 15:04 - 00000000 ____D C:\Users\Todos os Usuários\ControlCenter4
2013-11-30 15:04 - 2013-11-30 15:04 - 00000000 ____D C:\ProgramData\ControlCenter4
2013-11-30 15:04 - 2013-11-30 15:04 - 00000000 ____D C:\Program Files (x86)\ControlCenter4
2013-11-30 15:04 - 2013-11-30 15:04 - 00000000 ____D C:\Program Files (x86)\Browny02
2013-11-30 15:04 - 2013-11-30 15:04 - 00000000 ____D C:\Brother
2013-11-30 15:04 - 2013-11-30 15:03 - 00000000 ____D C:\Program Files (x86)\Brother
2013-11-30 15:03 - 2012-09-26 01:28 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2013-11-30 15:02 - 2013-11-30 15:02 - 00000000 ____D C:\Users\LEANDRO da Silva\AppData\Roaming\InstallShield
2013-11-30 15:01 - 2013-11-30 15:01 - 00000000 ____D C:\Users\Todos os Usuários\zeon
2013-11-30 15:01 - 2013-11-30 15:01 - 00000000 ____D C:\ProgramData\zeon
2013-11-30 15:01 - 2013-11-30 15:01 - 00000000 ____D C:\Program Files\Nuance
2013-11-30 15:01 - 2013-11-30 14:59 - 00000000 ____D C:\Program Files (x86)\Nuance
2013-11-30 15:00 - 2013-11-30 15:00 - 00000000 ____D C:\Users\LEANDRO da Silva\AppData\Roaming\Nuance
2013-11-30 15:00 - 2013-11-30 14:59 - 00000000 ____D C:\Users\Todos os Usuários\ScanSoft
2013-11-30 15:00 - 2013-11-30 14:59 - 00000000 ____D C:\ProgramData\ScanSoft
2013-11-30 14:59 - 2013-11-30 14:59 - 00000000 ____D C:\Users\LEANDRO da Silva\Documents\MyWebPages
2013-11-30 14:59 - 2012-11-05 18:42 - 00000000 ____D C:\Users\Todos os Usuários\FLEXnet
2013-11-30 14:59 - 2012-11-05 18:42 - 00000000 ____D C:\ProgramData\FLEXnet
2013-11-30 14:56 - 2012-11-05 22:05 - 00000000 ____D C:\Program Files (x86)\MSXML 4.0
2013-11-30 14:53 - 2013-11-30 14:53 - 00000000 ____D C:\Users\LEANDRO\AppData\Local\National Instruments
2013-11-30 14:53 - 2013-06-25 19:18 - 00158936 _____ C:\Users\LEANDRO\AppData\Local\GDIPFONTCACHEV1.DAT
2013-11-30 14:53 - 2013-04-24 14:01 - 00000000 ____D C:\Users\LEANDRO\Documents\Bluetooth Folder
2013-11-30 14:53 - 2013-04-24 14:00 - 00001391 _____ C:\Users\LEANDRO\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-11-30 14:53 - 2013-04-24 14:00 - 00000000 ___RD C:\Users\LEANDRO\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-11-30 14:53 - 2013-04-24 14:00 - 00000000 ___RD C:\Users\LEANDRO\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2013-11-30 14:20 - 2012-11-05 12:56 - 00000000 ____D C:\Users\LEANDRO da Silva\AppData\Local\Microsoft Help
2013-11-30 14:14 - 2012-12-26 23:00 - 00000000 ____D C:\Program Files (x86)\WinAVI
2013-11-30 14:12 - 2013-05-29 10:57 - 00000000 ____D C:\Users\Todos os Usuários\Skype
2013-11-30 14:12 - 2013-05-29 10:57 - 00000000 ____D C:\Users\LEANDRO da Silva\AppData\Roaming\Skype
2013-11-30 14:12 - 2013-05-29 10:57 - 00000000 ____D C:\ProgramData\Skype
2013-11-30 14:09 - 2013-10-31 22:20 - 00000000 ____D C:\Users\LEANDRO da Silva\Documents\Livro Digital Saraiva
2013-11-29 18:47 - 2013-11-25 18:21 - 00000000 ____D C:\Users\LEANDRO da Silva\Downloads\filmes
2013-11-29 18:29 - 2013-11-03 13:32 - 00000000 ____D C:\Users\LEANDRO da Silva\Downloads\Adventure Time 5
2013-11-29 18:29 - 2013-08-30 23:57 - 00000000 ____D C:\Users\LEANDRO da Silva\Downloads\series
2013-11-29 18:27 - 2013-10-21 19:47 - 00000000 ____D C:\Users\LEANDRO da Silva\Downloads\Nova pasta (3)
2013-11-28 06:12 - 2012-11-05 18:03 - 00000000 ____D C:\Users\LEANDRO da Silva\AppData\Roaming\DAEMON Tools Lite
2013-11-28 06:11 - 2011-02-12 14:12 - 00000000 ____D C:\Windows\panther
2013-11-27 20:13 - 2013-11-27 20:12 - 00001124 _____ C:\DelFix.txt
2013-11-27 19:18 - 2013-11-27 18:33 - 00000000 ____D C:\zoek_backup
2013-11-25 22:16 - 2013-06-09 22:40 - 00000000 ____D C:\Users\Todos os Usuários\GAS Tecnologia
2013-11-25 22:16 - 2013-06-09 22:40 - 00000000 ____D C:\ProgramData\GAS Tecnologia
2013-11-25 21:13 - 2013-11-25 18:31 - 00000000 ____D C:\Users\LEANDRO da Silva\Downloads\Twin Peaks
2013-11-25 21:05 - 2013-11-25 21:05 - 00002314 _____ C:\Users\LEANDRO da Silva\Desktop\SpyHunter.lnk
2013-11-25 21:05 - 2013-11-25 21:05 - 00000000 ____D C:\Windows\4FC9DA9DF608454E8191D7EFFDCC5726.TMP
2013-11-25 21:05 - 2013-11-25 21:05 - 00000000 ____D C:\sh4ldr
2013-11-25 21:05 - 2013-11-25 21:05 - 00000000 ____D C:\Program Files (x86)\Enigma Software Group
2013-11-25 21:05 - 2013-11-25 18:22 - 00000000 ____D C:\Users\LEANDRO da Silva\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpyHunter
2013-11-25 21:03 - 2013-11-25 21:02 - 00000000 ____D C:\Windows\72AAF4551E54475BB0AB5413C78D0E63.TMP
2013-11-25 19:28 - 2012-11-05 13:36 - 00001447 _____ C:\Users\LEANDRO da Silva\Desktop\Firefox.lnk
2013-11-25 18:23 - 2013-11-25 18:23 - 00000000 _____ C:\autoexec.bat
2013-11-25 18:22 - 2013-11-25 18:22 - 00000000 ____D C:\Program Files\Enigma Software Group
2013-11-25 17:13 - 2013-11-25 17:13 - 00001933 _____ C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
2013-11-25 17:13 - 2013-10-11 19:02 - 00000000 ____D C:\Program Files\McAfee Security Scan
2013-11-25 06:25 - 2013-11-25 06:19 - 00000000 ____D C:\Users\LEANDRO da Silva\Downloads\Sherlock - Season 2 (2011) 720p MKV x264 AC3 BRrip [Pioneer]
2013-11-25 06:08 - 2013-11-25 06:05 - 00000000 ____D C:\Users\LEANDRO da Silva\Downloads\Sherlock - Season 1 (2010) 720p MKV x264 AC3 BRrip [Pioneer]
2013-11-25 05:14 - 2012-12-16 17:45 - 00000000 ____D C:\Program Files (x86)\Arquivo161212
2013-11-25 02:51 - 2013-11-24 22:28 - 00000000 ____D C:\Users\LEANDRO da Silva\Downloads\Seinfeld
2013-11-24 22:40 - 2013-11-24 21:56 - 00000000 ____D C:\Users\LEANDRO da Silva\Downloads\Six Feet Under
2013-11-24 20:07 - 2013-11-24 20:07 - 00001111 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2013-11-24 20:07 - 2013-11-24 20:07 - 00000000 ____D C:\Users\Todos os Usuários\Malwarebytes
2013-11-24 20:07 - 2013-11-24 20:07 - 00000000 ____D C:\Users\LEANDRO da Silva\AppData\Roaming\Malwarebytes
2013-11-24 20:07 - 2013-11-24 20:07 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-11-24 20:07 - 2013-11-24 20:07 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-11-24 05:15 - 2009-07-14 03:08 - 00032608 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2013-11-22 23:59 - 2009-07-14 01:20 - 00000000 ____D C:\Windows\rescache
2013-11-22 05:46 - 2012-11-05 09:48 - 00001391 _____ C:\Users\LEANDRO da Silva\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-11-22 03:21 - 2009-07-14 01:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2013-11-22 03:02 - 2013-11-22 03:02 - 23212032 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-11-22 03:02 - 2013-11-22 03:02 - 17142784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-11-22 03:02 - 2013-11-22 03:02 - 12995584 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-11-22 03:02 - 2013-11-22 03:02 - 11220992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-11-22 03:02 - 2013-11-22 03:02 - 05765120 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-11-22 03:02 - 2013-11-22 03:02 - 04240384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-11-22 03:02 - 2013-11-22 03:02 - 02764288 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-11-22 03:02 - 2013-11-22 03:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-11-22 03:02 - 2013-11-22 03:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-11-22 03:02 - 2013-11-22 03:02 - 02332160 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-11-22 03:02 - 2013-11-22 03:02 - 02166272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-11-22 03:02 - 2013-11-22 03:02 - 01993728 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-11-22 03:02 - 2013-11-22 03:02 - 01926656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2013-11-22 03:02 - 2013-11-22 03:02 - 01818112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-11-22 03:02 - 2013-11-22 03:02 - 01394176 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-11-22 03:02 - 2013-11-22 03:02 - 01228800 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2013-11-22 03:02 - 2013-11-22 03:02 - 01156608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-11-22 03:02 - 2013-11-22 03:02 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2013-11-22 03:02 - 2013-11-22 03:02 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2013-11-22 03:02 - 2013-11-22 03:02 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2013-11-22 03:02 - 2013-11-22 03:02 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2013-11-22 03:02 - 2013-11-22 03:02 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-11-22 03:02 - 2013-11-22 03:02 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2013-11-22 03:02 - 2013-11-22 03:02 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2013-11-22 03:02 - 2013-11-22 03:02 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll
2013-11-22 03:02 - 2013-11-22 03:02 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-11-22 03:02 - 2013-11-22 03:02 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2013-11-22 03:02 - 2013-11-22 03:02 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2013-11-22 03:02 - 2013-11-22 03:02 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-11-22 03:02 - 2013-11-22 03:02 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-11-22 03:02 - 2013-11-22 03:02 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2013-11-22 03:02 - 2013-11-22 03:02 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2013-11-22 03:02 - 2013-11-22 03:02 - 00523776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-11-22 03:02 - 2013-11-22 03:02 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2013-11-22 03:02 - 2013-11-22 03:02 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2013-11-22 03:02 - 2013-11-22 03:02 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-11-22 03:02 - 2013-11-22 03:02 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2013-11-22 03:02 - 2013-11-22 03:02 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2013-11-22 03:02 - 2013-11-22 03:02 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2013-11-22 03:02 - 2013-11-22 03:02 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2013-11-22 03:02 - 2013-11-22 03:02 - 00263376 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2013-11-22 03:02 - 2013-11-22 03:02 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2013-11-22 03:02 - 2013-11-22 03:02 - 00244736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2013-11-22 03:02 - 2013-11-22 03:02 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2013-11-22 03:02 - 2013-11-22 03:02 - 00238288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2013-11-22 03:02 - 2013-11-22 03:02 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2013-11-22 03:02 - 2013-11-22 03:02 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2013-11-22 03:02 - 2013-11-22 03:02 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2013-11-22 03:02 - 2013-11-22 03:02 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-11-22 03:02 - 2013-11-22 03:02 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2013-11-22 03:02 - 2013-11-22 03:02 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2013-11-22 03:02 - 2013-11-22 03:02 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2013-11-22 03:02 - 2013-11-22 03:02 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2013-11-22 03:02 - 2013-11-22 03:02 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2013-11-22 03:02 - 2013-11-22 03:02 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2013-11-22 03:02 - 2013-11-22 03:02 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2013-11-22 03:02 - 2013-11-22 03:02 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2013-11-22 03:02 - 2013-11-22 03:02 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2013-11-22 03:02 - 2013-11-22 03:02 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2013-11-22 03:02 - 2013-11-22 03:02 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-11-22 03:02 - 2013-11-22 03:02 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2013-11-22 03:02 - 2013-11-22 03:02 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2013-11-22 03:02 - 2013-11-22 03:02 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2013-11-22 03:02 - 2013-11-22 03:02 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2013-11-22 03:02 - 2013-11-22 03:02 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2013-11-22 03:02 - 2013-11-22 03:02 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2013-11-22 03:02 - 2013-11-22 03:02 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2013-11-22 03:02 - 2013-11-22 03:02 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-11-22 03:02 - 2013-11-22 03:02 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2013-11-22 03:02 - 2013-11-22 03:02 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2013-11-22 03:02 - 2013-11-22 03:02 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-11-22 03:02 - 2013-11-22 03:02 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-11-22 03:02 - 2013-11-22 03:02 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-11-22 03:02 - 2013-11-22 03:02 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2013-11-22 03:02 - 2013-11-22 03:02 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2013-11-22 03:02 - 2013-11-22 03:02 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2013-11-22 03:02 - 2013-11-22 03:02 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2013-11-22 03:02 - 2013-11-22 03:02 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2013-11-22 03:02 - 2013-11-22 03:02 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-11-22 03:02 - 2013-11-22 03:02 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2013-11-22 03:02 - 2013-11-22 03:02 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2013-11-22 03:02 - 2013-11-22 03:02 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-11-22 03:02 - 2013-11-22 03:02 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2013-11-22 03:02 - 2013-11-22 03:02 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2013-11-22 03:02 - 2013-11-22 03:02 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2013-11-22 03:02 - 2013-11-22 03:02 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-11-22 03:02 - 2013-11-22 03:02 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2013-11-22 03:02 - 2013-11-22 03:02 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-11-22 03:02 - 2013-11-22 03:02 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2013-11-22 03:02 - 2013-11-22 03:02 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2013-11-22 03:02 - 2013-11-22 03:02 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2013-11-22 03:02 - 2013-11-22 03:02 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2013-11-22 03:02 - 2013-11-22 03:02 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2013-11-22 03:02 - 2013-11-22 03:02 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2013-11-22 03:02 - 2013-11-22 03:02 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2013-11-22 03:02 - 2013-11-22 03:02 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-11-22 03:02 - 2013-11-22 03:02 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2013-11-22 03:02 - 2013-11-22 03:02 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2013-11-22 03:02 - 2013-11-22 03:02 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2013-11-22 03:02 - 2013-11-22 03:02 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-11-22 03:02 - 2013-11-22 03:02 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-11-22 03:02 - 2013-11-22 03:02 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2013-11-22 03:02 - 2013-11-22 03:02 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2013-11-22 03:02 - 2013-11-22 03:02 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2013-11-22 03:02 - 2013-11-22 03:02 - 00013312 _____ (Microsoft Corporation)
C:\Windows\SysWOW64\mshta.exe
2013-11-22 03:02 - 2013-11-22 03:02 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2013-11-22 03:02 - 2013-11-22 03:02 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2013-11-22 03:02 - 2013-11-22 03:02 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2013-11-17 17:45 - 2013-11-17 17:38 - 00000099 _____ C:\Windows\Reimage.ini
2013-11-16 17:31 - 2012-09-26 01:55 - 00000000 ____D C:\Program Files (x86)\McAfee
2013-11-14 21:11 - 2013-11-14 21:11 - 00000000 ____D C:\Users\LEANDRO da Silva\Downloads\fatura hospedagem lagos copa hotel
2013-11-14 04:34 - 2012-11-05 12:56 - 00000000 ____D C:\Users\Todos os Usuários\Microsoft Help
2013-11-14 04:34 - 2012-11-05 12:56 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-11-14 04:31 - 2013-07-26 18:35 - 00000000 ____D C:\Windows\system32\MRT
2013-11-14 04:27 - 2012-11-06 20:33 - 82896128 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-11-12 06:29 - 2009-07-14 00:34 - 00000510 _____ C:\Windows\win.ini
2013-11-11 05:50 - 2010-11-21 01:27 - 00267936 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2013-11-10 19:22 - 2013-11-10 19:02 - 00000055 _____ C:\Users\LEANDRO da Silva\Documents\outllok.txt
2013-11-08 16:49 - 2013-11-08 16:41 - 00000940 _____ C:\Windows\SysWOW64\InstallUtil.InstallLog
2013-11-08 16:49 - 2012-09-26 01:46 - 00000000 ____D C:\Program Files (x86)\Windows Live
2013-11-08 16:21 - 2013-11-08 16:21 - 00003390 _____ C:\Windows\System32\Tasks\Baidu PC Faster Update
2013-11-08 16:21 - 2013-11-08 16:21 - 00000000 ____D C:\Users\LEANDRO da Silva\AppData\Roaming\Baidu Security
2013-11-08 16:21 - 2013-11-08 16:20 - 00000000 ____D C:\Users\Todos os Usuários\Baidu Security
2013-11-08 16:21 - 2013-11-08 16:20 - 00000000 ____D C:\ProgramData\Baidu Security
2013-11-08 16:20 - 2013-11-08 16:20 - 00000000 ____D C:\Users\Public\Documents\Baidu Security
2013-11-08 16:20 - 2013-11-08 16:20 - 00000000 ____D C:\Program Files (x86)\Baidu Security
Some content of TEMP:
====================
C:\Users\LEANDRO da Silva\AppData\Local\Temp\1_Offer_5.exe
C:\Users\LEANDRO da Silva\AppData\Local\Temp\1_Offer_7.exe
C:\Users\LEANDRO da Silva\AppData\Local\Temp\AcDeltree.exe
C:\Users\LEANDRO da Silva\AppData\Local\Temp\rarext.dll
C:\Users\LEANDRO da Silva\AppData\Local\Temp\_is1342.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2013-11-30 12:04
==================== End Of Log ========================
2013-11-24 21:56 - 2013-11-24 22:40 - 00000000 ____D C:\Users\LEANDRO da Silva\Downloads\Six Feet Under
2013-11-24 20:07 - 2013-11-24 20:07 - 00001111 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2013-11-24 20:07 - 2013-11-24 20:07 - 00000000 ____D C:\Users\Todos os Usuários\Malwarebytes
2013-11-24 20:07 - 2013-11-24 20:07 - 00000000 ____D C:\Users\LEANDRO da Silva\AppData\Roaming\Malwarebytes
2013-11-24 20:07 - 2013-11-24 20:07 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-11-24 20:07 - 2013-11-24 20:07 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-11-24 20:07 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2013-11-22 03:06 - 2013-10-14 18:00 - 00028368 _____ (Microsoft Corporation) C:\Windows\system32\IEUDINIT.EXE
2013-11-22 03:02 - 2013-11-22 03:02 - 23212032 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-11-22 03:02 - 2013-11-22 03:02 - 17142784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-11-22 03:02 - 2013-11-22 03:02 - 12995584 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-11-22 03:02 - 2013-11-22 03:02 - 11220992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-11-22 03:02 - 2013-11-22 03:02 - 05765120 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-11-22 03:02 - 2013-11-22 03:02 - 04240384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-11-22 03:02 - 2013-11-22 03:02 - 02764288 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-11-22 03:02 - 2013-11-22 03:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-11-22 03:02 - 2013-11-22 03:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-11-22 03:02 - 2013-11-22 03:02 - 02332160 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-11-22 03:02 - 2013-11-22 03:02 - 02166272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-11-22 03:02 - 2013-11-22 03:02 - 01993728 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-11-22 03:02 - 2013-11-22 03:02 - 01926656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2013-11-22 03:02 - 2013-11-22 03:02 - 01818112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-11-22 03:02 - 2013-11-22 03:02 - 01394176 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-11-22 03:02 - 2013-11-22 03:02 - 01228800 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2013-11-22 03:02 - 2013-11-22 03:02 - 01156608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-11-22 03:02 - 2013-11-22 03:02 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2013-11-22 03:02 - 2013-11-22 03:02 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2013-11-22 03:02 - 2013-11-22 03:02 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2013-11-22 03:02 - 2013-11-22 03:02 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2013-11-22 03:02 - 2013-11-22 03:02 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-11-22 03:02 - 2013-11-22 03:02 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2013-11-22 03:02 - 2013-11-22 03:02 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2013-11-22 03:02 - 2013-11-22 03:02 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll
2013-11-22 03:02 - 2013-11-22 03:02 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-11-22 03:02 - 2013-11-22 03:02 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2013-11-22 03:02 - 2013-11-22 03:02 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2013-11-22 03:02 - 2013-11-22 03:02 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-11-22 03:02 - 2013-11-22 03:02 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-11-22 03:02 - 2013-11-22 03:02 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2013-11-22 03:02 - 2013-11-22 03:02 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2013-11-22 03:02 - 2013-11-22 03:02 - 00523776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-11-22 03:02 - 2013-11-22 03:02 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2013-11-22 03:02 - 2013-11-22 03:02 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2013-11-22 03:02 - 2013-11-22 03:02 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-11-22 03:02 - 2013-11-22 03:02 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2013-11-22 03:02 - 2013-11-22 03:02 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2013-11-22 03:02 - 2013-11-22 03:02 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2013-11-22 03:02 - 2013-11-22 03:02 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2013-11-22 03:02 - 2013-11-22 03:02 - 00263376 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2013-11-22 03:02 - 2013-11-22 03:02 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2013-11-22 03:02 - 2013-11-22 03:02 - 00244736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2013-11-22 03:02 - 2013-11-22 03:02 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2013-11-22 03:02 - 2013-11-22 03:02 - 00238288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2013-11-22 03:02 - 2013-11-22 03:02 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2013-11-22 03:02 - 2013-11-22 03:02 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2013-11-22 03:02 - 2013-11-22 03:02 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2013-11-22 03:02 - 2013-11-22 03:02 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-11-22 03:02 - 2013-11-22 03:02 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2013-11-22 03:02 - 2013-11-22 03:02 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2013-11-22 03:02 - 2013-11-22 03:02 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2013-11-22 03:02 - 2013-11-22 03:02 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2013-11-22 03:02 - 2013-11-22 03:02 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2013-11-22 03:02 - 2013-11-22 03:02 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2013-11-22 03:02 - 2013-11-22 03:02 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2013-11-22 03:02 - 2013-11-22 03:02 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2013-11-22 03:02 - 2013-11-22 03:02 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2013-11-22 03:02 - 2013-11-22 03:02 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2013-11-22 03:02 - 2013-11-22 03:02 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-11-22 03:02 - 2013-11-22 03:02 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2013-11-22 03:02 - 2013-11-22 03:02 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2013-11-22 03:02 - 2013-11-22 03:02 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2013-11-22 03:02 - 2013-11-22 03:02 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2013-11-22 03:02 - 2013-11-22 03:02 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2013-11-22 03:02 - 2013-11-22 03:02 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2013-11-22 03:02 - 2013-11-22 03:02 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2013-11-22 03:02 - 2013-11-22 03:02 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-11-22 03:02 - 2013-11-22 03:02 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2013-11-22 03:02 - 2013-11-22 03:02 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2013-11-22 03:02 - 2013-11-22 03:02 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-11-22 03:02 - 2013-11-22 03:02 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-11-22 03:02 - 2013-11-22 03:02 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-11-22 03:02 - 2013-11-22 03:02 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2013-11-22 03:02 - 2013-11-22 03:02 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2013-11-22 03:02 - 2013-11-22 03:02 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2013-11-22 03:02 - 2013-11-22 03:02 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2013-11-22 03:02 - 2013-11-22 03:02 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2013-11-22 03:02 - 2013-11-22 03:02 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-11-22 03:02 - 2013-11-22 03:02 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2013-11-22 03:02 - 2013-11-22 03:02 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2013-11-22 03:02 - 2013-11-22 03:02 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-11-22 03:02 - 2013-11-22 03:02 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2013-11-22 03:02 - 2013-11-22 03:02 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2013-11-22 03:02 - 2013-11-22 03:02 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2013-11-22 03:02 - 2013-11-22 03:02 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-11-22 03:02 - 2013-11-22 03:02 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2013-11-22 03:02 - 2013-11-22 03:02 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-11-22 03:02 - 2013-11-22 03:02 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2013-11-22 03:02 - 2013-11-22 03:02 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2013-11-22 03:02 - 2013-11-22 03:02 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2013-11-22 03:02 - 2013-11-22 03:02 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2013-11-22 03:02 - 2013-11-22 03:02 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2013-11-22 03:02 - 2013-11-22 03:02 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2013-11-22 03:02 - 2013-11-22 03:02 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2013-11-22 03:02 - 2013-11-22 03:02 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-11-22 03:02 - 2013-11-22 03:02 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2013-11-22 03:02 - 2013-11-22 03:02 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2013-11-22 03:02 - 2013-11-22 03:02 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2013-11-22 03:02 - 2013-11-22 03:02 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-11-22 03:02 - 2013-11-22 03:02 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-11-22 03:02 - 2013-11-22 03:02 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2013-11-22 03:02 - 2013-11-22 03:02 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2013-11-22 03:02 - 2013-11-22 03:02 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2013-11-22 03:02 - 2013-11-22 03:02 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2013-11-22 03:02 - 2013-11-22 03:02 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2013-11-22 03:02 - 2013-11-22 03:02 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2013-11-22 03:02 - 2013-11-22 03:02 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2013-11-17 17:38 - 2013-11-17 17:45 - 00000099 _____ C:\Windows\Reimage.ini
2013-11-15 20:04 - 2013-11-30 20:54 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-11-14 21:11 - 2013-11-14 21:11 - 00000000 ____D C:\Users\LEANDRO da Silva\Downloads\fatura hospedagem lagos copa hotel
2013-11-14 20:28 - 2013-12-06 21:08 - 00000000 ____D C:\Users\LEANDRO da Silva\Downloads\voos
2013-11-13 19:55 - 2013-10-05 18:25 - 01474048 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2013-11-13 19:55 - 2013-10-05 17:57 - 01168384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2013-11-13 19:54 - 2013-09-25 00:26 - 00154560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2013-11-13 19:54 - 2013-09-25 00:26 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2013-11-13 19:54 - 2013-09-25 00:23 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2013-11-13 19:54 - 2013-09-25 00:23 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2013-11-13 19:54 - 2013-09-25 00:23 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2013-11-13 19:54 - 2013-09-25 00:22 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2013-11-13 19:54 - 2013-09-25 00:21 - 01447936 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2013-11-13 19:54 - 2013-09-25 00:21 - 00307200 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2013-11-13 19:54 - 2013-09-24 23:58 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2013-11-13 19:54 - 2013-09-24 23:57 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2013-11-13 19:54 - 2013-09-24 23:57 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2013-11-13 19:54 - 2013-09-24 23:56 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2013-11-13 19:54 - 2013-09-24 23:03 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2013-11-13 19:54 - 2013-07-04 10:18 - 00458712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2013-11-13 19:53 - 2013-10-04 00:28 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\SmartcardCredentialProvider.dll
2013-11-13 19:53 - 2013-10-04 00:25 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\credui.dll
2013-11-13 19:53 - 2013-10-04 00:24 - 01930752 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2013-11-13 19:53 - 2013-10-03 23:58 - 00152576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SmartcardCredentialProvider.dll
2013-11-13 19:53 - 2013-10-03 23:56 - 01796096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2013-11-13 19:53 - 2013-10-03 23:56 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credui.dll
2013-11-13 19:53 - 2013-09-27 23:09 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2013-11-13 19:52 - 2013-10-12 00:30 - 00830464 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll
2013-11-13 19:52 - 2013-10-12 00:29 - 00859648 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2013-11-13 19:52 - 2013-10-12 00:29 - 00324096 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL
2013-11-13 19:52 - 2013-10-12 00:03 - 00656896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll
2013-11-13 19:52 - 2013-10-12 00:01 - 00216576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL
2013-11-13 19:52 - 2013-10-03 00:23 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2013-11-13 19:52 - 2013-10-03 00:00 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2013-11-10 19:02 - 2013-11-10 19:22 - 00000055 _____ C:\Users\LEANDRO da Silva\Documents\outllok.txt
2013-11-08 16:41 - 2013-11-08 16:49 - 00000940 _____ C:\Windows\SysWOW64\InstallUtil.InstallLog
2013-11-08 16:21 - 2013-11-08 16:21 - 00003390 _____ C:\Windows\System32\Tasks\Baidu PC Faster Update
2013-11-08 16:21 - 2013-11-08 16:21 - 00000000 ____D C:\Users\LEANDRO da Silva\AppData\Roaming\Baidu Security
2013-11-08 16:20 - 2013-11-08 16:21 - 00000000 ____D C:\Users\Todos os Usuários\Baidu Security
2013-11-08 16:20 - 2013-11-08 16:21 - 00000000 ____D C:\ProgramData\Baidu Security
2013-11-08 16:20 - 2013-11-08 16:20 - 00000000 ____D C:\Users\Public\Documents\Baidu Security
2013-11-08 16:20 - 2013-11-08 16:20 - 00000000 ____D C:\Program Files (x86)\Baidu Security
==================== One Month Modified Files and Folders =======
2013-12-07 09:08 - 2013-12-07 09:07 - 00026875 _____ C:\Users\LEANDRO da Silva\Desktop\FRST.txt
2013-12-07 09:07 - 2013-12-07 09:07 - 00000000 ____D C:\FRST
2013-12-07 09:07 - 2012-11-05 19:13 - 00000000 ____D C:\Users\LEANDRO da Silva\AppData\Roaming\Mozilla
2013-12-07 08:53 - 2013-12-07 08:53 - 00001518 _____ C:\Users\LEANDRO da Silva\Desktop\JRT.txt
2013-12-07 08:51 - 2012-09-26 01:13 - 00000902 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-12-07 08:51 - 2009-07-14 02:45 - 00021296 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-12-07 08:51 - 2009-07-14 02:45 - 00021296 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-12-07 08:49 - 2012-09-26 01:07 - 01283677 _____ C:\Windows\WindowsUpdate.log
2013-12-07 08:46 - 2013-12-07 08:46 - 00000000 ____D C:\Windows\ERUNT
2013-12-07 08:44 - 2013-12-07 08:44 - 00000000 ___RD C:\Users\LEANDRO da Silva\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
2013-12-07 08:44 - 2013-12-05 23:51 - 00000000 ____D C:\Users\LEANDRO da Silva\AppData\Roaming\newnext.me
2013-12-07 08:44 - 2013-10-22 10:08 - 00000000 ____D C:\Users\Todos os Usuários\VMware
2013-12-07 08:44 - 2013-10-22 10:08 - 00000000 ____D C:\ProgramData\VMware
2013-12-07 08:44 - 2012-09-26 01:32 - 00000000 ____D C:\Program Files (x86)\Dell DataSafe Local Backup
2013-12-07 08:43 - 2013-12-07 07:54 - 00000168 _____ C:\Windows\setupact.log
2013-12-07 08:43 - 2013-07-24 18:27 - 00031088 _____ (GbPlugin NDIS Device Driver) C:\Windows\SysWOW64\Drivers\gbpndisrd.sys
2013-12-07 08:43 - 2013-07-24 18:27 - 00010266 _____ C:\Windows\SysWOW64\Drivers\ndisrd.cat
2013-12-07 08:43 - 2013-07-24 18:27 - 00001402 _____ C:\Windows\SysWOW64\Drivers\gas.cer
2013-12-07 08:43 - 2013-05-31 23:00 - 00000029 _____ C:\Windows\SysWOW64\TempWmicBatchFile.bat
2013-12-07 08:43 - 2012-12-16 17:41 - 00000228 _____ C:\Windows\Tasks\AutoKMS.job
2013-12-07 08:43 - 2009-07-14 03:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-12-07 08:42 - 2013-12-07 08:34 - 01034531 _____ (Thisisu) C:\Users\LEANDRO da Silva\Desktop\JRT.exe
2013-12-07 08:39 - 2013-12-07 08:35 - 01927360 _____ (Farbar) C:\Users\LEANDRO da Silva\Desktop\FRST64.exe
2013-12-07 08:34 - 2013-12-06 05:36 - 00000000 ____D C:\Users\LEANDRO da Silva\Downloads\remover virus
2013-12-07 07:57 - 2013-01-09 22:52 - 00000984 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2995875875-2491209139-696693241-1000UA.job
2013-12-07 07:54 - 2013-12-07 07:54 - 00000000 _____ C:\Windows\setuperr.log
2013-12-06 23:01 - 2013-04-24 11:14 - 00000000 ____D C:\Users\LEANDRO da Silva\AppData\Roaming\uTorrent
2013-12-06 23:01 - 2012-11-08 23:42 - 00000000 ____D C:\Users\LEANDRO da Silva\AppData\Roaming\Media Player Classic
2013-12-06 23:01 - 2012-11-05 23:05 - 00000000 ____D C:\Users\LEANDRO da Silva\AppData\Local\CrashDumps
2013-12-06 22:57 - 2013-01-09 22:52 - 00000962 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2995875875-2491209139-696693241-1000Core.job
2013-12-06 22:32 - 2013-12-01 22:51 - 00000000 ____D C:\Users\LEANDRO da Silva\Downloads\Band of Brothers [ Irmãos de Guerra ] - The Pirate Filmes
2013-12-06 22:31 - 2013-12-01 22:51 - 00000000 ____D C:\Users\LEANDRO da Silva\Downloads\ender
2013-12-06 21:40 - 2013-11-04 17:44 - 00000000 ____D C:\Users\LEANDRO da Silva\Downloads\podcast
2013-12-06 21:37 - 2012-11-05 11:43 - 00000000 ____D C:\Users\LEANDRO da Silva\AppData\Roaming\vlc
2013-12-06 21:35 - 2009-07-14 01:20 - 00000000 ____D C:\Windows\system32\NDF
2013-12-06 21:08 - 2013-11-14 20:28 - 00000000 ____D C:\Users\LEANDRO da Silva\Downloads\voos
2013-12-06 20:26 - 2012-09-26 01:53 - 00000000 ____D C:\Users\Todos os Usuários\Sonic
2013-12-06 20:26 - 2012-09-26 01:53 - 00000000 ____D C:\ProgramData\Sonic
2013-12-06 05:46 - 2013-12-05 23:51 - 00000000 ____D C:\Users\LEANDRO da Silva\AppData\Local\Mobogenie
2013-12-06 05:10 - 2013-06-09 22:41 - 00000000 ____D C:\Users\Todos os Usuários\GbPlugin
2013-12-06 05:10 - 2013-06-09 22:41 - 00000000 ____D C:\ProgramData\GbPlugin
2013-12-06 05:08 - 2013-12-05 23:51 - 00000558 _____ C:\Users\LEANDRO da Silva\daemonprocess.txt
2013-12-05 23:51 - 2013-12-05 23:51 - 00000000 ____D C:\Users\LEANDRO da Silva\Documents\Mobogenie
2013-12-05 23:51 - 2013-12-05 23:51 - 00000000 ____D C:\Users\LEANDRO da Silva\AppData\Local\genienext
2013-12-05 23:51 - 2013-12-05 23:51 - 00000000 ____D C:\Users\LEANDRO da Silva\.android
2013-12-05 23:51 - 2012-11-05 18:43 - 00000000 ____D C:\Users\LEANDRO da Silva\AppData\Local\cache
2013-12-05 23:51 - 2012-11-05 09:45 - 00000000 ____D C:\Users\LEANDRO da Silva
2013-12-05 23:47 - 2013-12-05 23:47 - 00003224 _____ C:\Windows\System32\Tasks\{CEA5BAD8-FA0B-46D6-BFC6-24F78FD022E0}
2013-12-05 23:45 - 2012-11-05 18:27 - 00000000 ____D C:\Users\LEANDRO da Silva\AppData\Local\Autodesk
2013-12-05 23:45 - 2012-11-05 18:24 - 00000000 ____D C:\Program Files\Common Files\Autodesk Shared
2013-12-05 23:45 - 2012-11-05 18:17 - 00000000 ____D C:\Users\Todos os Usuários\Autodesk
2013-12-05 23:45 - 2012-11-05 18:17 - 00000000 ____D C:\Users\LEANDRO da Silva\AppData\Roaming\Autodesk
2013-12-05 23:45 - 2012-11-05 18:17 - 00000000 ____D C:\ProgramData\Autodesk
2013-12-05 23:40 - 2013-12-05 23:38 - 242743296 _____ (Microsoft Corporation) C:\Users\LEANDRO da Silva\Downloads\dotnetfx35.exe
2013-12-05 23:31 - 2013-12-05 17:14 - 00000000 ____D C:\Users\LEANDRO da Silva\Downloads\AutoCAD 2010 [64-Bit] - English
2013-12-05 22:29 - 2013-12-05 22:29 - 00000427 _____ C:\Users\LEANDRO da Silva\Desktop\os melhores do mundo.txt
2013-12-05 06:19 - 2013-12-05 06:19 - 00000670 _____ C:\Windows\ST6UNST.003
2013-12-05 06:19 - 2013-12-05 06:10 - 00000000 _____ C:\Windows\SETUP.LST
2013-12-05 06:11 - 2013-12-05 06:11 - 00000671 _____ C:\Windows\ST6UNST.001
2013-12-05 06:11 - 2013-12-05 06:11 - 00000670 _____ C:\Windows\ST6UNST.002
2013-12-05 06:11 - 2013-10-22 12:56 - 00000000 ____D C:\Users\LEANDRO da Silva\AppData\Roaming\VMware
2013-12-05 06:10 - 2013-12-05 06:10 - 00000670 _____ C:\Windows\ST6UNST.000
2013-12-05 05:58 - 2012-12-12 18:29 - 00000000 ___HD C:\Users\LEANDRO da Silva\dwhelper
2013-12-03 20:42 - 2012-11-15 18:53 - 00000000 ____D C:\Users\LEANDRO da Silva\Documents\Bluetooth Folder
2013-12-02 23:17 - 2013-12-02 23:16 - 01821733 _____ C:\Users\LEANDRO da Silva\Desktop\photo.php.html
2013-12-02 23:16 - 2013-12-02 23:16 - 00000000 ____D C:\Users\LEANDRO da Silva\Desktop\photo.php_arquivos
2013-12-02 20:02 - 2013-11-25 18:31 - 00000000 ____D C:\Users\LEANDRO da Silva\Downloads\The Sopranos - The Complete Series (Season 1, 2, 3, 4, 5 & 6) + Extras
2013-12-02 18:53 - 2013-12-02 18:53 - 00000000 ____D C:\Users\LEANDRO da Silva\AppData\Roaming\Benning Gmbh & Co. KG
2013-12-02 18:52 - 2013-12-02 18:52 - 00001644 _____ C:\Windows\ODBCINST.INI
2013-12-02 18:52 - 2013-12-02 18:52 - 00000288 _____ C:\Windows\ODBC.INI
2013-12-02 18:52 - 2013-12-02 18:52 - 00000000 ____D C:\~MSSETUP.T
2013-12-02 18:51 - 2013-12-02 18:51 - 00001134 _____ C:\Users\LEANDRO da Silva\Desktop\TEBE MCU Service.lnk
2013-12-02 18:51 - 2013-12-02 18:51 - 00000000 ____D C:\Program Files (x86)\Benning Gmbh & Co. KG
2013-12-02 16:47 - 2013-12-02 16:39 - 288589019 ____R C:\Users\LEANDRO da Silva\Downloads\Homeland.S03E10.HDTV.x264-ASAP.mp4
2013-12-02 16:42 - 2013-12-02 16:41 - 00000000 ____D C:\Users\LEANDRO da Silva\Downloads\The Walking Dead S04E08 HDTV x264-2HD[ettv]
2013-12-02 06:03 - 2013-11-25 18:31 - 00000000 ____D C:\Users\LEANDRO da Silva\Downloads\Monty Pythons Flying Circus
2013-12-02 06:03 - 2013-11-25 18:30 - 00000000 ____D C:\Users\LEANDRO da Silva\Downloads\Mr.Bean Complete DVDs Collection
2013-12-01 23:11 - 2013-11-29 18:27 - 1139658789 ____R C:\Users\LEANDRO da Silva\Downloads\Evangelion 3.0 2012.mp4
2013-12-01 22:49 - 2013-12-01 22:45 - 198711216 ____R C:\Users\LEANDRO da Silva\Downloads\Marvels.Agents.of.S.H.I.E.L.D.S01E09.HDTV.x264-LOL.mp4
2013-12-01 22:30 - 2013-11-25 18:29 - 00000000 ____D C:\Users\LEANDRO da Silva\Downloads\Doctor Who 2005 - Season 1
2013-12-01 22:21 - 2013-12-01 22:12 - 353297129 ____R C:\Users\LEANDRO da Silva\Downloads\piecePROJECT_-_Epi_623_HD.mkv
2013-12-01 22:17 - 2013-12-01 22:12 - 347971470 ____R C:\Users\LEANDRO da Silva\Downloads\HXP-E_106_HD.mkv
2013-12-01 12:21 - 2012-11-05 13:34 - 00000000 ____D C:\Users\LEANDRO da Silva\Documents\curriculo
2013-11-30 21:09 - 2012-11-05 21:54 - 00000000 ____D C:\Users\LEANDRO da Silva\AppData\Roaming\WinRAR
2013-11-30 20:54 - 2013-11-30 20:31 - 00282992 _____ (Mozilla) C:\Users\LEANDRO da Silva\Downloads\Firefox Setup Stub 25.0.1.exe
2013-11-30 20:54 - 2013-11-15 20:04 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-11-30 20:30 - 2013-06-18 21:44 - 00000000 ____D C:\Program Files (x86)\Google
2013-11-30 20:27 - 2013-05-31 22:55 - 00000000 ____D C:\Users\LEANDRO da Silva\AppData\Local\Google
2013-11-30 20:09 - 2013-11-30 20:09 - 00000000 ___RD C:\Users\LEANDRO da Silva\AppData\Roaming\Brother
2013-11-30 20:04 - 2013-11-30 20:04 - 00000000 ____D C:\Users\LEANDRO da Silva\Downloads\favoritos
2013-11-30 19:39 - 2013-11-30 19:39 - 00000000 _____ C:\Users\LEANDRO da Silva\Sti_Trace.log
2013-11-30 15:35 - 2013-11-30 14:59 - 00000000 ____D C:\Users\Todos os Usuários\Nuance
2013-11-30 15:35 - 2013-11-30 14:59 - 00000000 ____D C:\ProgramData\Nuance
2013-11-30 15:32 - 2013-11-30 15:31 - 00000000 ____D C:\Users\LEANDRO da Silva\AppData\Roaming\ControlCenter4
2013-11-30 15:31 - 2013-11-30 15:31 - 00000000 ____D C:\Users\LEANDRO da Silva\AppData\Roaming\FLEXnet
2013-11-30 15:29 - 2009-07-14 02:45 - 00538144 _____ C:\Windows\system32\FNTCACHE.DAT
2013-11-30 15:23 - 2012-11-05 09:46 - 00159424 _____ C:\Users\LEANDRO da Silva\AppData\Local\GDIPFONTCACHEV1.DAT
2013-11-30 15:17 - 2013-11-30 14:55 - 00000000 ____D C:\Users\Todos os Usuários\Brother
2013-11-30 15:17 - 2013-11-30 14:55 - 00000000 ____D C:\ProgramData\Brother
2013-11-30 15:10 - 2013-11-30 15:10 - 00000000 ____D C:\Users\LEANDRO da Silva\Documents\Fax
2013-11-30 15:04 - 2013-11-30 15:04 - 00000000 ____D C:\Users\Todos os Usuários\ControlCenter4
2013-11-30 15:04 - 2013-11-30 15:04 - 00000000 ____D C:\ProgramData\ControlCenter4
2013-11-30 15:04 - 2013-11-30 15:04 - 00000000 ____D C:\Program Files (x86)\ControlCenter4
2013-11-30 15:04 - 2013-11-30 15:04 - 00000000 ____D C:\Program Files (x86)\Browny02
2013-11-30 15:04 - 2013-11-30 15:04 - 00000000 ____D C:\Brother
2013-11-30 15:04 - 2013-11-30 15:03 - 00000000 ____D C:\Program Files (x86)\Brother
2013-11-30 15:03 - 2012-09-26 01:28 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2013-11-30 15:02 - 2013-11-30 15:02 - 00000000 ____D C:\Users\LEANDRO da Silva\AppData\Roaming\InstallShield
2013-11-30 15:01 - 2013-11-30 15:01 - 00000000 ____D C:\Users\Todos os Usuários\zeon
2013-11-30 15:01 - 2013-11-30 15:01 - 00000000 ____D C:\ProgramData\zeon
2013-11-30 15:01 - 2013-11-30 15:01 - 00000000 ____D C:\Program Files\Nuance
2013-11-30 15:01 - 2013-11-30 14:59 - 00000000 ____D C:\Program Files (x86)\Nuance
2013-11-30 15:00 - 2013-11-30 15:00 - 00000000 ____D C:\Users\LEANDRO da Silva\AppData\Roaming\Nuance
2013-11-30 15:00 - 2013-11-30 14:59 - 00000000 ____D C:\Users\Todos os Usuários\ScanSoft
2013-11-30 15:00 - 2013-11-30 14:59 - 00000000 ____D C:\ProgramData\ScanSoft
2013-11-30 14:59 - 2013-11-30 14:59 - 00000000 ____D C:\Users\LEANDRO da Silva\Documents\MyWebPages
2013-11-30 14:59 - 2012-11-05 18:42 - 00000000 ____D C:\Users\Todos os Usuários\FLEXnet
2013-11-30 14:59 - 2012-11-05 18:42 - 00000000 ____D C:\ProgramData\FLEXnet
2013-11-30 14:56 - 2012-11-05 22:05 - 00000000 ____D C:\Program Files (x86)\MSXML 4.0
2013-11-30 14:53 - 2013-11-30 14:53 - 00000000 ____D C:\Users\LEANDRO\AppData\Local\National Instruments
2013-11-30 14:53 - 2013-06-25 19:18 - 00158936 _____ C:\Users\LEANDRO\AppData\Local\GDIPFONTCACHEV1.DAT
2013-11-30 14:53 - 2013-04-24 14:01 - 00000000 ____D C:\Users\LEANDRO\Documents\Bluetooth Folder
2013-11-30 14:53 - 2013-04-24 14:00 - 00001391 _____ C:\Users\LEANDRO\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-11-30 14:53 - 2013-04-24 14:00 - 00000000 ___RD C:\Users\LEANDRO\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-11-30 14:53 - 2013-04-24 14:00 - 00000000 ___RD C:\Users\LEANDRO\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2013-11-30 14:20 - 2012-11-05 12:56 - 00000000 ____D C:\Users\LEANDRO da Silva\AppData\Local\Microsoft Help
2013-11-30 14:14 - 2012-12-26 23:00 - 00000000 ____D C:\Program Files (x86)\WinAVI
2013-11-30 14:12 - 2013-05-29 10:57 - 00000000 ____D C:\Users\Todos os Usuários\Skype
2013-11-30 14:12 - 2013-05-29 10:57 - 00000000 ____D C:\Users\LEANDRO da Silva\AppData\Roaming\Skype
2013-11-30 14:12 - 2013-05-29 10:57 - 00000000 ____D C:\ProgramData\Skype
2013-11-30 14:09 - 2013-10-31 22:20 - 00000000 ____D C:\Users\LEANDRO da Silva\Documents\Livro Digital Saraiva
2013-11-29 18:47 - 2013-11-25 18:21 - 00000000 ____D C:\Users\LEANDRO da Silva\Downloads\filmes
2013-11-29 18:29 - 2013-11-03 13:32 - 00000000 ____D C:\Users\LEANDRO da Silva\Downloads\Adventure Time 5
2013-11-29 18:29 - 2013-08-30 23:57 - 00000000 ____D C:\Users\LEANDRO da Silva\Downloads\series
2013-11-29 18:27 - 2013-10-21 19:47 - 00000000 ____D C:\Users\LEANDRO da Silva\Downloads\Nova pasta (3)
2013-11-28 06:12 - 2012-11-05 18:03 - 00000000 ____D C:\Users\LEANDRO da Silva\AppData\Roaming\DAEMON Tools Lite
2013-11-28 06:11 - 2011-02-12 14:12 - 00000000 ____D C:\Windows\panther
2013-11-27 20:13 - 2013-11-27 20:12 - 00001124 _____ C:\DelFix.txt
2013-11-27 19:18 - 2013-11-27 18:33 - 00000000 ____D C:\zoek_backup
2013-11-25 22:16 - 2013-06-09 22:40 - 00000000 ____D C:\Users\Todos os Usuários\GAS Tecnologia
2013-11-25 22:16 - 2013-06-09 22:40 - 00000000 ____D C:\ProgramData\GAS Tecnologia
2013-11-25 21:13 - 2013-11-25 18:31 - 00000000 ____D C:\Users\LEANDRO da Silva\Downloads\Twin Peaks
2013-11-25 21:05 - 2013-11-25 21:05 - 00002314 _____ C:\Users\LEANDRO da Silva\Desktop\SpyHunter.lnk
2013-11-25 21:05 - 2013-11-25 21:05 - 00000000 ____D C:\Windows\4FC9DA9DF608454E8191D7EFFDCC5726.TMP
2013-11-25 21:05 - 2013-11-25 21:05 - 00000000 ____D C:\sh4ldr
2013-11-25 21:05 - 2013-11-25 21:05 - 00000000 ____D C:\Program Files (x86)\Enigma Software Group
2013-11-25 21:05 - 2013-11-25 18:22 - 00000000 ____D C:\Users\LEANDRO da Silva\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpyHunter
2013-11-25 21:03 - 2013-11-25 21:02 - 00000000 ____D C:\Windows\72AAF4551E54475BB0AB5413C78D0E63.TMP
2013-11-25 19:28 - 2012-11-05 13:36 - 00001447 _____ C:\Users\LEANDRO da Silva\Desktop\Firefox.lnk
2013-11-25 18:23 - 2013-11-25 18:23 - 00000000 _____ C:\autoexec.bat
2013-11-25 18:22 - 2013-11-25 18:22 - 00000000 ____D C:\Program Files\Enigma Software Group
2013-11-25 17:13 - 2013-11-25 17:13 - 00001933 _____ C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
2013-11-25 17:13 - 2013-10-11 19:02 - 00000000 ____D C:\Program Files\McAfee Security Scan
2013-11-25 06:25 - 2013-11-25 06:19 - 00000000 ____D C:\Users\LEANDRO da Silva\Downloads\Sherlock - Season 2 (2011) 720p MKV x264 AC3 BRrip [Pioneer]
2013-11-25 06:08 - 2013-11-25 06:05 - 00000000 ____D C:\Users\LEANDRO da Silva\Downloads\Sherlock - Season 1 (2010) 720p MKV x264 AC3 BRrip [Pioneer]
2013-11-25 05:14 - 2012-12-16 17:45 - 00000000 ____D C:\Program Files (x86)\Arquivo161212
2013-11-25 02:51 - 2013-11-24 22:28 - 00000000 ____D C:\Users\LEANDRO da Silva\Downloads\Seinfeld
2013-11-24 22:40 - 2013-11-24 21:56 - 00000000 ____D C:\Users\LEANDRO da Silva\Downloads\Six Feet Under
2013-11-24 20:07 - 2013-11-24 20:07 - 00001111 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2013-11-24 20:07 - 2013-11-24 20:07 - 00000000 ____D C:\Users\Todos os Usuários\Malwarebytes
2013-11-24 20:07 - 2013-11-24 20:07 - 00000000 ____D C:\Users\LEANDRO da Silva\AppData\Roaming\Malwarebytes
2013-11-24 20:07 - 2013-11-24 20:07 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-11-24 20:07 - 2013-11-24 20:07 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-11-24 05:15 - 2009-07-14 03:08 - 00032608 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2013-11-22 23:59 - 2009-07-14 01:20 - 00000000 ____D C:\Windows\rescache
2013-11-22 05:46 - 2012-11-05 09:48 - 00001391 _____ C:\Users\LEANDRO da Silva\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-11-22 03:21 - 2009-07-14 01:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2013-11-22 03:02 - 2013-11-22 03:02 - 23212032 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-11-22 03:02 - 2013-11-22 03:02 - 17142784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-11-22 03:02 - 2013-11-22 03:02 - 12995584 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-11-22 03:02 - 2013-11-22 03:02 - 11220992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-11-22 03:02 - 2013-11-22 03:02 - 05765120 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-11-22 03:02 - 2013-11-22 03:02 - 04240384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-11-22 03:02 - 2013-11-22 03:02 - 02764288 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-11-22 03:02 - 2013-11-22 03:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-11-22 03:02 - 2013-11-22 03:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-11-22 03:02 - 2013-11-22 03:02 - 02332160 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-11-22 03:02 - 2013-11-22 03:02 - 02166272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-11-22 03:02 - 2013-11-22 03:02 - 01993728 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-11-22 03:02 - 2013-11-22 03:02 - 01926656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2013-11-22 03:02 - 2013-11-22 03:02 - 01818112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-11-22 03:02 - 2013-11-22 03:02 - 01394176 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-11-22 03:02 - 2013-11-22 03:02 - 01228800 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2013-11-22 03:02 - 2013-11-22 03:02 - 01156608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-11-22 03:02 - 2013-11-22 03:02 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2013-11-22 03:02 - 2013-11-22 03:02 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2013-11-22 03:02 - 2013-11-22 03:02 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2013-11-22 03:02 - 2013-11-22 03:02 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2013-11-22 03:02 - 2013-11-22 03:02 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-11-22 03:02 - 2013-11-22 03:02 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2013-11-22 03:02 - 2013-11-22 03:02 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2013-11-22 03:02 - 2013-11-22 03:02 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll
2013-11-22 03:02 - 2013-11-22 03:02 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-11-22 03:02 - 2013-11-22 03:02 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2013-11-22 03:02 - 2013-11-22 03:02 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2013-11-22 03:02 - 2013-11-22 03:02 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-11-22 03:02 - 2013-11-22 03:02 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-11-22 03:02 - 2013-11-22 03:02 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2013-11-22 03:02 - 2013-11-22 03:02 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2013-11-22 03:02 - 2013-11-22 03:02 - 00523776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-11-22 03:02 - 2013-11-22 03:02 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2013-11-22 03:02 - 2013-11-22 03:02 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2013-11-22 03:02 - 2013-11-22 03:02 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-11-22 03:02 - 2013-11-22 03:02 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2013-11-22 03:02 - 2013-11-22 03:02 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2013-11-22 03:02 - 2013-11-22 03:02 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2013-11-22 03:02 - 2013-11-22 03:02 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2013-11-22 03:02 - 2013-11-22 03:02 - 00263376 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2013-11-22 03:02 - 2013-11-22 03:02 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2013-11-22 03:02 - 2013-11-22 03:02 - 00244736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2013-11-22 03:02 - 2013-11-22 03:02 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2013-11-22 03:02 - 2013-11-22 03:02 - 00238288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2013-11-22 03:02 - 2013-11-22 03:02 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2013-11-22 03:02 - 2013-11-22 03:02 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2013-11-22 03:02 - 2013-11-22 03:02 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2013-11-22 03:02 - 2013-11-22 03:02 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-11-22 03:02 - 2013-11-22 03:02 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2013-11-22 03:02 - 2013-11-22 03:02 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2013-11-22 03:02 - 2013-11-22 03:02 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2013-11-22 03:02 - 2013-11-22 03:02 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2013-11-22 03:02 - 2013-11-22 03:02 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2013-11-22 03:02 - 2013-11-22 03:02 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2013-11-22 03:02 - 2013-11-22 03:02 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2013-11-22 03:02 - 2013-11-22 03:02 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2013-11-22 03:02 - 2013-11-22 03:02 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2013-11-22 03:02 - 2013-11-22 03:02 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2013-11-22 03:02 - 2013-11-22 03:02 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-11-22 03:02 - 2013-11-22 03:02 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2013-11-22 03:02 - 2013-11-22 03:02 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2013-11-22 03:02 - 2013-11-22 03:02 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2013-11-22 03:02 - 2013-11-22 03:02 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2013-11-22 03:02 - 2013-11-22 03:02 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2013-11-22 03:02 - 2013-11-22 03:02 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2013-11-22 03:02 - 2013-11-22 03:02 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2013-11-22 03:02 - 2013-11-22 03:02 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-11-22 03:02 - 2013-11-22 03:02 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2013-11-22 03:02 - 2013-11-22 03:02 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2013-11-22 03:02 - 2013-11-22 03:02 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-11-22 03:02 - 2013-11-22 03:02 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-11-22 03:02 - 2013-11-22 03:02 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-11-22 03:02 - 2013-11-22 03:02 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2013-11-22 03:02 - 2013-11-22 03:02 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2013-11-22 03:02 - 2013-11-22 03:02 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2013-11-22 03:02 - 2013-11-22 03:02 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2013-11-22 03:02 - 2013-11-22 03:02 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2013-11-22 03:02 - 2013-11-22 03:02 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-11-22 03:02 - 2013-11-22 03:02 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2013-11-22 03:02 - 2013-11-22 03:02 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2013-11-22 03:02 - 2013-11-22 03:02 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-11-22 03:02 - 2013-11-22 03:02 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2013-11-22 03:02 - 2013-11-22 03:02 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2013-11-22 03:02 - 2013-11-22 03:02 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2013-11-22 03:02 - 2013-11-22 03:02 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-11-22 03:02 - 2013-11-22 03:02 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2013-11-22 03:02 - 2013-11-22 03:02 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-11-22 03:02 - 2013-11-22 03:02 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2013-11-22 03:02 - 2013-11-22 03:02 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2013-11-22 03:02 - 2013-11-22 03:02 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2013-11-22 03:02 - 2013-11-22 03:02 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2013-11-22 03:02 - 2013-11-22 03:02 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2013-11-22 03:02 - 2013-11-22 03:02 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2013-11-22 03:02 - 2013-11-22 03:02 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2013-11-22 03:02 - 2013-11-22 03:02 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-11-22 03:02 - 2013-11-22 03:02 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2013-11-22 03:02 - 2013-11-22 03:02 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2013-11-22 03:02 - 2013-11-22 03:02 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2013-11-22 03:02 - 2013-11-22 03:02 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-11-22 03:02 - 2013-11-22 03:02 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-11-22 03:02 - 2013-11-22 03:02 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2013-11-22 03:02 - 2013-11-22 03:02 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2013-11-22 03:02 - 2013-11-22 03:02 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2013-11-22 03:02 - 2013-11-22 03:02 - 00013312 _____ (Microsoft Corporation)
C:\Windows\SysWOW64\mshta.exe
2013-11-22 03:02 - 2013-11-22 03:02 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2013-11-22 03:02 - 2013-11-22 03:02 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2013-11-22 03:02 - 2013-11-22 03:02 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2013-11-17 17:45 - 2013-11-17 17:38 - 00000099 _____ C:\Windows\Reimage.ini
2013-11-16 17:31 - 2012-09-26 01:55 - 00000000 ____D C:\Program Files (x86)\McAfee
2013-11-14 21:11 - 2013-11-14 21:11 - 00000000 ____D C:\Users\LEANDRO da Silva\Downloads\fatura hospedagem lagos copa hotel
2013-11-14 04:34 - 2012-11-05 12:56 - 00000000 ____D C:\Users\Todos os Usuários\Microsoft Help
2013-11-14 04:34 - 2012-11-05 12:56 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-11-14 04:31 - 2013-07-26 18:35 - 00000000 ____D C:\Windows\system32\MRT
2013-11-14 04:27 - 2012-11-06 20:33 - 82896128 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-11-12 06:29 - 2009-07-14 00:34 - 00000510 _____ C:\Windows\win.ini
2013-11-11 05:50 - 2010-11-21 01:27 - 00267936 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2013-11-10 19:22 - 2013-11-10 19:02 - 00000055 _____ C:\Users\LEANDRO da Silva\Documents\outllok.txt
2013-11-08 16:49 - 2013-11-08 16:41 - 00000940 _____ C:\Windows\SysWOW64\InstallUtil.InstallLog
2013-11-08 16:49 - 2012-09-26 01:46 - 00000000 ____D C:\Program Files (x86)\Windows Live
2013-11-08 16:21 - 2013-11-08 16:21 - 00003390 _____ C:\Windows\System32\Tasks\Baidu PC Faster Update
2013-11-08 16:21 - 2013-11-08 16:21 - 00000000 ____D C:\Users\LEANDRO da Silva\AppData\Roaming\Baidu Security
2013-11-08 16:21 - 2013-11-08 16:20 - 00000000 ____D C:\Users\Todos os Usuários\Baidu Security
2013-11-08 16:21 - 2013-11-08 16:20 - 00000000 ____D C:\ProgramData\Baidu Security
2013-11-08 16:20 - 2013-11-08 16:20 - 00000000 ____D C:\Users\Public\Documents\Baidu Security
2013-11-08 16:20 - 2013-11-08 16:20 - 00000000 ____D C:\Program Files (x86)\Baidu Security
Some content of TEMP:
====================
C:\Users\LEANDRO da Silva\AppData\Local\Temp\1_Offer_5.exe
C:\Users\LEANDRO da Silva\AppData\Local\Temp\1_Offer_7.exe
C:\Users\LEANDRO da Silva\AppData\Local\Temp\AcDeltree.exe
C:\Users\LEANDRO da Silva\AppData\Local\Temp\rarext.dll
C:\Users\LEANDRO da Silva\AppData\Local\Temp\_is1342.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2013-11-30 12:04
==================== End Of Log ========================
leandro9172- Iniciante
- Mensagens : 21
Reputação : 0
Data de inscrição : 27/11/2013
Re: Notebook infectado
por Wings [In Memoriam] Sáb 07 Dez 2013, 09:42
Baixe o arquivo fixlist.txt e salve-o no mesmo local onde encontra-se o FRST*Clique com o botão direito do mouse no FRST e selecione [Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
*Clique [Fix] e cole ou anexe o relatório Fixlog.txt criado no Desktop
Informe se foi resolvido
Wings [In Memoriam]- Moderador
- Mensagens : 1080
Reputação : 282
Data de inscrição : 19/08/2013
Localização : Rio de Janeiro - RJ -
Re: Notebook infectado
por leandro9172 Sáb 07 Dez 2013, 09:52
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 07-12-2013 01
Ran by LEANDRO da Silva at 2013-12-07 09:50:17 Run:1
Running from C:\Users\LEANDRO da Silva\Desktop
Boot Mode: Normal
==============================================
Content of fixlist:
*****************
C:\Users\LEANDRO da Silva\AppData\Local\Temp\1_Offer_5.exe
C:\Users\LEANDRO da Silva\AppData\Local\Temp\1_Offer_7.exe
C:\Users\LEANDRO da Silva\AppData\Local\Temp\AcDeltree.exe
C:\Users\LEANDRO da Silva\AppData\Local\Temp\rarext.dll
C:\Users\LEANDRO da Silva\AppData\Local\Temp\_is1342.exe
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
SearchScopes: HKLM - DefaultScope {91A6DBD0-F1BE-4954-B3D2-594DCECE0D50} URL =
SearchScopes: HKCU - {EFA27348-E879-4907-9783-B1D0956D3E33} URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
BHO: Plus-HD-4.4 - {11111111-1111-1111-1111-110311961176} - C:\Program Files (x86)\Plus-HD-4.4\Plus-HD-4.4-bho64.dll
Reg: reg add "HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes" /v DefaultScope /t REG_SZ /d {0633EE93-D776-472f-A0FF-E1416B8B2E3A} /f
S3 BprotectEx;
S3 esgiguard;
S3 lmimirr;
S3 ; \SystemRoot\System32\Drivers\.sys [x]
*****************
"C:\Users\LEANDRO da Silva\AppData\Local\Temp\1_Offer_5.exe" => File/Directory not found.
"C:\Users\LEANDRO da Silva\AppData\Local\Temp\1_Offer_7.exe" => File/Directory not found.
"C:\Users\LEANDRO da Silva\AppData\Local\Temp\AcDeltree.exe" => File/Directory not found.
"C:\Users\LEANDRO da Silva\AppData\Local\Temp\rarext.dll" => File/Directory not found.
"C:\Users\LEANDRO da Silva\AppData\Local\Temp\_is1342.exe" => File/Directory not found.
HKCU\Software\Microsoft\Internet Explorer\Main\\Start Page Redirect Cache => Value deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{EFA27348-E879-4907-9783-B1D0956D3E33} => Key deleted successfully.
HKCR\CLSID\{EFA27348-E879-4907-9783-B1D0956D3E33} => Key not found.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110311961176} => Key deleted successfully.
HKCR\CLSID\{11111111-1111-1111-1111-110311961176} => Key deleted successfully.
========= reg add "HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes" /v DefaultScope /t REG_SZ /d {0633EE93-D776-472f-A0FF-E1416B8B2E3A} /f =========
A opera‡Æo foi conclu¡da com ˆxito.
========= End of Reg: =========
BprotectEx => Service deleted successfully.
esgiguard => Service deleted successfully.
lmimirr => Service deleted successfully.
==== End of Fixlog ====
Ran by LEANDRO da Silva at 2013-12-07 09:50:17 Run:1
Running from C:\Users\LEANDRO da Silva\Desktop
Boot Mode: Normal
==============================================
Content of fixlist:
*****************
C:\Users\LEANDRO da Silva\AppData\Local\Temp\1_Offer_5.exe
C:\Users\LEANDRO da Silva\AppData\Local\Temp\1_Offer_7.exe
C:\Users\LEANDRO da Silva\AppData\Local\Temp\AcDeltree.exe
C:\Users\LEANDRO da Silva\AppData\Local\Temp\rarext.dll
C:\Users\LEANDRO da Silva\AppData\Local\Temp\_is1342.exe
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
SearchScopes: HKLM - DefaultScope {91A6DBD0-F1BE-4954-B3D2-594DCECE0D50} URL =
SearchScopes: HKCU - {EFA27348-E879-4907-9783-B1D0956D3E33} URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
BHO: Plus-HD-4.4 - {11111111-1111-1111-1111-110311961176} - C:\Program Files (x86)\Plus-HD-4.4\Plus-HD-4.4-bho64.dll
Reg: reg add "HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes" /v DefaultScope /t REG_SZ /d {0633EE93-D776-472f-A0FF-E1416B8B2E3A} /f
S3 BprotectEx;
S3 esgiguard;
S3 lmimirr;
S3 ; \SystemRoot\System32\Drivers\.sys [x]
*****************
"C:\Users\LEANDRO da Silva\AppData\Local\Temp\1_Offer_5.exe" => File/Directory not found.
"C:\Users\LEANDRO da Silva\AppData\Local\Temp\1_Offer_7.exe" => File/Directory not found.
"C:\Users\LEANDRO da Silva\AppData\Local\Temp\AcDeltree.exe" => File/Directory not found.
"C:\Users\LEANDRO da Silva\AppData\Local\Temp\rarext.dll" => File/Directory not found.
"C:\Users\LEANDRO da Silva\AppData\Local\Temp\_is1342.exe" => File/Directory not found.
HKCU\Software\Microsoft\Internet Explorer\Main\\Start Page Redirect Cache => Value deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{EFA27348-E879-4907-9783-B1D0956D3E33} => Key deleted successfully.
HKCR\CLSID\{EFA27348-E879-4907-9783-B1D0956D3E33} => Key not found.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110311961176} => Key deleted successfully.
HKCR\CLSID\{11111111-1111-1111-1111-110311961176} => Key deleted successfully.
========= reg add "HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes" /v DefaultScope /t REG_SZ /d {0633EE93-D776-472f-A0FF-E1416B8B2E3A} /f =========
A opera‡Æo foi conclu¡da com ˆxito.
========= End of Reg: =========
BprotectEx => Service deleted successfully.
esgiguard => Service deleted successfully.
lmimirr => Service deleted successfully.
==== End of Fixlog ====
leandro9172- Iniciante
- Mensagens : 21
Reputação : 0
Data de inscrição : 27/11/2013
Re: Notebook infectado
por Wings [In Memoriam] Sáb 07 Dez 2013, 09:54
wings escreveu:Informe se foi resolvido
Wings [In Memoriam]- Moderador
- Mensagens : 1080
Reputação : 282
Data de inscrição : 19/08/2013
Localização : Rio de Janeiro - RJ -
leandro9172- Iniciante
- Mensagens : 21
Reputação : 0
Data de inscrição : 27/11/2013
Re: Notebook infectado
por Wings [In Memoriam] Sáb 07 Dez 2013, 14:16
Baixe o [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] (...de Xplode) e salve-o no Desktop (Área de Trabalho)*Execute-o, deixe selecionadas as opções Remove disinfection tools e Purge system restore
[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
*Clique [Run] e feche o relatório apresentado
Delete o DelFix e o arquivo C:\DelFix.txtUm abraço...
Wings [In Memoriam]- Moderador
- Mensagens : 1080
Reputação : 282
Data de inscrição : 19/08/2013
Localização : Rio de Janeiro - RJ -
leandro9172- Iniciante
- Mensagens : 21
Reputação : 0
Data de inscrição : 27/11/2013
Re: Notebook infectado
por Wings [In Memoriam] Sáb 07 Dez 2013, 17:53
CASO RESOLVIDO
Caso o(a) autor(a) do tópico necessite, o mesmo será reaberto, para isso deverá entrar em contato com um dos membros da [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] solicitando o desbloqueio.
Caso o(a) autor(a) do tópico necessite, o mesmo será reaberto, para isso deverá entrar em contato com um dos membros da [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] solicitando o desbloqueio.
Wings [In Memoriam]- Moderador
- Mensagens : 1080
Reputação : 282
Data de inscrição : 19/08/2013
Localização : Rio de Janeiro - RJ -
Tópicos semelhantes» Notebook infectado pelo Buy2cheap
» pc infectado
» win 10 infectado
» PC infectado por Mal_Dunihi
» PC infectado
» pc infectado
» win 10 infectado
» PC infectado por Mal_Dunihi
» PC infectado
Página 1 de 1
Permissões neste sub-fórum
Não podes responder a tópicos|
|
|