Shetef Solutions & Consulting 1998 LTD

por paoladaniellepereira Ter 22 Out 2013, 23:29

Estou desesperada e não sei o que fzer para tirar essa droga do meu pc, já estive visualizando alguns tópicos porém não entendo muito de informatica.

por Wings [In Memoriam] Qua 23 Out 2013, 00:05

Olá paoladaniellepereira

Shetef Solutions & Consulting 1998 LTD 772309

Baixe o [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] (...de Xplode) e salve-o no Desktop (Área de Trabalho)

*Salve qualquer trabalho aberto e feche o seu navegador

*Execute-o, clique [Examinar] e aguarde o término

*Clique [Limpar] e aguarde o término

*Caso seja solicitada a reinicialização do PC, clique [OK] para reiniciar.

*Cole o relatório C:\AdwCleaner\AdwCleaner[S0].txt

por paoladaniellepereira Qua 23 Out 2013, 00:54

já instalei o programa AdwCleaner, e já fiz todo o procedimento inclusive, já reiniciei o pc...e agora o q tenho q fazer já que continua aparecendo o popup?

por Wings [In Memoriam] Qua 23 Out 2013, 00:56

Se vc seguir as orientações, eu poderei ajudar. Caso contrário, ficará difícil.

wings escreveu:
*Cole o relatório C:\AdwCleaner\AdwCleaner[S0].txt

por paoladaniellepereira Qua 23 Out 2013, 01:03

# AdwCleaner v3.010 - Reporte Creado 23/10/2013 en 00:43:54
# Actualizado 20/10/2013 por Xplode
# Sistema Operativo : Windows 7 Home Basic Service Pack 1 (64 bits)
# Nombre de usuario : Arantxa - ARANTXA-PC
# Ejecutado desde : C:\Users\Arantxa\Downloads\AdwCleaner.exe
# Opción : Limpiar

***** [ Servicios ] *****

***** [ Archivos / Carpetas ] *****

Carpeta Borrar : C:\ProgramData\Ask
Carpeta Borrar : C:\Program Files (x86)\BonanzaDeals
Archivo Borrar : C:\windows\System32\Tasks\Dealply

***** [ Accesos directos ] *****

***** [ Registro ] *****

Clave Borrar : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
Clave Borrar : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
Clave Borrar : HKLM\SOFTWARE\Microsoft\Tracing\BingBar_RASMANCS
Clave Borrar : HKLM\SOFTWARE\Microsoft\Tracing\QuickShare_RASAPI32
Clave Borrar : HKLM\SOFTWARE\Microsoft\Tracing\QuickShare_RASMANCS
Clave Borrar : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASAPI32
Clave Borrar : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASMANCS
Clave Borrar : HKLM\SOFTWARE\Microsoft\Tracing\UpdateTask_RASAPI32
Clave Borrar : HKLM\SOFTWARE\Microsoft\Tracing\UpdateTask_RASMANCS
Clave Borrar : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Valor Borrar : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
Clave Borrar : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Valor Borrar : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
Clave Borrar : HKCU\Software\APN PIP
Clave Borrar : HKCU\Software\BI
Clave Borrar : HKCU\Software\powerpack
Clave Borrar : HKCU\Software\smartbar
Clave Borrar : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
Clave Borrar : HKLM\Software\{1146AC44-2F03-4431-B4FD-889BC837521F}
Clave Borrar : HKLM\Software\PIP

***** [ Navegadores ] *****

-\\ Internet Explorer v10.0.9200.16720

-\\ Google Chrome v30.0.1599.101

[ Archivo : C:\Users\Arantxa\AppData\Local\Google\Chrome\User Data\Default\preferences ]

*************************

AdwCleaner[R0].txt - [2566 octets] - [23/10/2013 00:40:51]
AdwCleaner[S0].txt - [2199 octets] - [23/10/2013 00:43:54]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [2259 octets] ##########

por Wings [In Memoriam] Qua 23 Out 2013, 01:06

Baixe o [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] (...de Farbar) e salve-o no Desktop

*Clique com o botão direito do mouse no FRST e selecione [Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]

*Aceite o contrato, desmarque a opção Addition.txt, clique [Scan] e ao término clique [OK]

*Cole ou anexe o relatório FRST.txt criado no Desktop

por paoladaniellepereira Qua 23 Out 2013, 01:13

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 22-10-2013
Ran by Arantxa at 2013-10-23 01:11:26
Running from C:\Users\Arantxa\Downloads
Boot Mode: Normal
==========================================================

==================== Security Center ========================

AV: Avira Desktop (Enabled - Up to date) {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
AS: Avira Desktop (Enabled - Up to date) {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

„Windows Live Essentials“ (x32 Version: 15.4.3502.0922)
„Windows Live Mail“ (x32 Version: 15.4.3502.0922)
„Windows Live Messenger“ (x32 Version: 15.4.3538.0513)
„Windows Live“ fotogalerija (x32 Version: 15.4.3502.0922)
Adobe Flash Player 11 ActiveX (x32 Version: 11.5.502.110)
Adobe Reader XI (11.0.05) - Português (x32 Version: 11.0.05)
Adobe Shockwave Player 12.0 (x32 Version: 12.0.3.133)
Agatha Christie - Death on the Nile (x32 Version: 2.2.0.82)
Atheros Client Installation Program (x32 Version: 9.0)
Avira Free Antivirus (x32 Version: 13.0.0.4042)
BatteryLifeExtender (x32 Version: 1.0.11)
Bejeweled 2 Deluxe (x32 Version: 2.2.0.95)
Broadcom 802.11 Network Adapter (Version: 5.60.48.55)
Build-a-lot (x32 Version: 2.2.0.82)
Chronicles of Albian (x32 Version: 3.0.2.32)
Chuzzle Deluxe (x32 Version: 2.2.0.82)
Cooking Academy 3: Recipe for Success (x32 Version: 3.0.2.48)
CyberLink Media Suite (x32 Version: 8.0.2227)
CyberLink Media+ Player10 (x32 Version: 10.0.1110.00)
CyberLink MediaShow (x32 Version: 5.0.1130a)
CyberLink Power2Go (x32 Version: 6.1.3802)
CyberLink PowerDirector (x32 Version: 8.0.3306)
CyberLink PowerDVD 8 (x32 Version: 8.0.3224)
CyberLink YouCam (x32 Version: 3.1.3509)
D3DX10 (x32 Version: 15.4.2368.0902)
Easy Content Share (x32 Version: 1.0)
Easy Display Manager (x32 Version: 3.2)
Easy Migration (x32 Version: 1.0)
Easy Network Manager (x32 Version: 4.4.7)
Easy SpeedUp Manager (x32 Version: 2.1.1.1)
EasyBatteryManager (x32 Version: 4.0.0.4)
EasyFileShare (x32 Version: 1.0.12)
ETDWare PS/2-X64 10.7.14.12_WHQL (Version: 10.7.14.12)
Facebook Video Calling 1.2.0.287 (x32 Version: 1.2.287)
Farm Frenzy (x32 Version: 2.2.0.82)
Farm Mania 2 (x32 Version: 2.2.0.97)
Fast Start (x32 Version: 2.2.0.1)
FATE (x32 Version: 2.2.0.97)
Fotogalerija Windows Live (x32 Version: 15.4.3502.0922)
Galeria de Fotografias do Windows Live (x32 Version: 15.4.3502.0922)
Galería fotográfica de Windows Live (x32 Version: 15.4.3502.0922)
Galeria fotografii usługi Windows Live (x32 Version: 15.4.3502.0922)
Galerie de photos Windows Live (x32 Version: 15.4.3502.0922)
Galerie foto Windows Live (x32 Version: 15.4.3502.0922)
Google Chrome (x32 Version: 30.0.1599.101)
Google Update Helper (x32 Version: 1.3.21.165)
Green City (x32 Version: 3.0.2.48)
Hacer clic y ejecutar de Microsoft Office 2010 (Version: 14.0.4763.1000)
Hacer clic y ejecutar de Microsoft Office 2010 (x32 Version: 14.0.4763.1000)
Hazen (R) (x32 Version: 2.2.0.95)
HP Product Detection (x32 Version: 11.14.0004)
Insaniquarium Deluxe (x32 Version: 2.2.0.82)
Intel PROSet Wireless (x32)
Intel(R) Control Center (x32 Version: 1.2.1.1007)
Intel(R) Management Engine Components (x32 Version: 7.0.0.1144)
Intel(R) Processor Graphics (x32 Version: 8.15.10.2622)
Intel(R) PROSet/Wireless WiFi Software (Version: 14.01.1000)
Intel(R) Rapid Storage Technology (x32 Version: 10.1.5.1001)
Java 7 Update 45 (x32 Version: 7.0.450)
Java Auto Updater (x32 Version: 2.1.9. Cool

John Deere Drive Green (x32 Version: 2.2.0.82)
Juegos WildTangent (x32 Version: 1.0.4.0)
Junk Mail filter update (x32 Version: 15.4.3502.0922)
KIT TV NOTA 10 versão 4.0 (x32 Version: 4.0)
Los Sims

3 (x32 Version: 1.57.62)
Mesh Runtime (x32 Version: 15.4.5722.2)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Client Profile ESN Language Pack (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Office Starter 2010 - Español (x32 Version: 14.0.4763.1000)
Microsoft Silverlight (Version: 5.1.20913.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (x32 Version: 3.1.0000)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219)
Microsoft WSE 3.0 Runtime (x32 Version: 3.0.5305.0)
Módulo de Proteção Santander 3.2.0.2 (x32 Version: Módulo de Proteção Banco Santander (Brasil) S.A.)
Movie Color Enhancer (x32 Version: 1.0)
MP3 Rocket (x32 Version: 6.4)
MSVCRT (x32 Version: 15.4.2862.0708)
MSVCRT_amd64 (x32 Version: 15.4.2862.0708)
Multimedia POP (x32 Version: 1.0)
My Kingdom for the Princess 2 (x32 Version: 2.2.0.95)
Origin (x32 Version: 9.1.11.2678)
Paquete de idioma de Microsoft .NET Framework 4 Client Profile ESN (Version: 4.0.30319)
Peggle (x32 Version: 2.2.0.82)
Penguins! (x32 Version: 2.2.0.82)
Poczta usługi Windows Live (x32 Version: 15.4.3502.0922)
Podstawowe programy Windows Live (x32 Version: 15.4.3502.0922)
PokerStars (x32)
PokerStars.es (x32)
Pošta Windows Live (x32 Version: 15.4.3502.0922)
Raccolta foto di Windows Live (x32 Version: 15.4.3502.0922)
Realtek Ethernet Controller Driver (x32 Version: 7.40.126.2011)
Realtek High Definition Audio Driver (x32 Version: 6.0.1.6499)
Royal Envoy (x32 Version: 2.2.0.97)
Samsung AnyWeb Print (x32 Version: 2.0.67.1)
Samsung Printer Live Update (x32)
Samsung Recovery Solution 5 (x32 Version: 5.0.1.0)
Samsung Support Center 1.0 (x32 Version: 1.1.40)
Samsung Universal Print Driver (x32 Version: 2.02.05.00:27)
Samsung Universal Scan Driver (x32 Version: 1.2.5.0)
Samsung Update Plus (x32 Version: 3.0.0.17)
Skype

6.3 (x32 Version: 6.3.105)
swMSM (x32 Version: 12.0.0.1)
The Surprising Adventures of Munchausen (x32 Version: 3.0.2.32)
Torchlight (x32 Version: 2.2.0.110)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3) (x32 Version: 3)
Update Installer for WildTangent Games App (x32)
User Guide (x32 Version: 1.7)
WildTangent Games App (x32 Version: 4.0.10.5)
WildTangent ORB Game Console (x32)
Windows Live Communications Platform (x32 Version: 15.4.3502.0922)
Windows Live Essentials (x32 Version: 15.4.3502.0922)
Windows Live fotoattēlu galerija (x32 Version: 15.4.3502.0922)
Windows Live Fotogaléria (x32 Version: 15.4.3502.0922)
Windows Live Fotogalerie (x32 Version: 15.4.3502.0922)
Windows Live Foto-galerija (x32 Version: 15.4.3502.0922)
Windows Live Fotogalleri (x32 Version: 15.4.3502.0922)
Windows Live Fotoğraf Galerisi (x32 Version: 15.4.3502.0922)
Windows Live Fotótár (x32 Version: 15.4.3502.0922)
Windows Live Galeria de Fotos (x32 Version: 15.4.3502.0922)
Windows Live Galerija fotografija (x32 Version: 15.4.3502.0922)
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0)
Windows Live Installer (x32 Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3538.0513)
Windows Live Mail (x32 Version: 15.4.3502.0922)
Windows Live Mesh (x32 Version: 15.4.3502.0922)
Windows Live Messenger (x32 Version: 15.4.3538.0513)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (x32 Version: 15.4.3502.0922)
Windows Live Photo Common (x32 Version: 15.4.3502.0922)
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922)
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109)
Windows Live Pošta (x32 Version: 15.4.3502.0922)
Windows Live Remote Client (Version: 15.4.5722.2)
Windows Live Remote Client Resources (Version: 15.4.5722.2)
Windows Live Remote Service (Version: 15.4.5722.2)
Windows Live Remote Service Resources (Version: 15.4.5722.2)
Windows Live SOXE (x32 Version: 15.4.3502.0922)
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922)
Windows Live Temel Parçalar (x32 Version: 15.4.3502.0922)
Windows Live UX Platform (x32 Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109)
Windows Live Writer (x32 Version: 15.4.3502.0922)
Windows Live Writer Resources (x32 Version: 15.4.3502.0922)
Windows Live 메일 (x32 Version: 15.4.3502.0922)
Windows Live 사진 갤러리 (x32 Version: 15.4.3502.0922)
Windows Live 필수 패키지 (x32 Version: 15.4.3502.0922)
Windows Live 影像中心 (x32 Version: 15.4.3502.0922)
Windows Live 照片库 (x32 Version: 15.4.3502.0922)
Windows Live 程式集 (x32 Version: 15.4.3502.0922)
Windows Live 程式集 (x32 Version: 15.4.3538.0513)
Windows Live 软件包 (x32 Version: 15.4.3502.0922)
Windows Liven asennustyökalu (x32 Version: 15.4.3502.0922)
Windows Liven sähköposti (x32 Version: 15.4.3502.0922)
Windows Liven valokuvavalikoima (x32 Version: 15.4.3502.0922)
Zuma Deluxe (x32 Version: 2.2.0.95)
Συλλογή φωτογραφιών του Windows Live (x32 Version: 15.4.3502.0922)
Основные компоненты Windows Live (x32 Version: 15.4.3502.0922)
Почта Windows Live (x32 Version: 15.4.3502.0922)
Фотоальбом Windows Live (x32 Version: 15.4.3502.0922)
Фотогалерия на Windows Live (x32 Version: 15.4.3502.0922)
גלריית התמונות של Windows Live (x32 Version: 15.4.3502.0922)
بريد Windows Live (x32 Version: 15.4.3502.0922)
معرض صور Windows Live (x32 Version: 15.4.3502.0922)

==================== Restore Points =========================

20-10-2013 18:45:48 Punto de control programado
22-10-2013 16:49:10 Revo Uninstaller's restore point - Advanced SystemCare 6
22-10-2013 23:31:39 Installed Java 7 Update 45

==================== Hosts content: ==========================

2009-07-14 00:34 - 2009-06-10 19:00 - 00000824 ____A C:\windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {23839E6E-8503-4824-A25E-1CBA67FD2ECD} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-2995853168-2351960583-972482601-1000UA => C:\Users\Arantxa\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-11-24] (Facebook Inc.)
Task: {26E7DCA9-231D-4313-B6BD-949982ABC8A3} - System32\Tasks\SmartRestarter => C:\Program Files\Samsung\SamsungFastStart\SmartRestarter.exe [2010-08-05] (Samsung Electronics Co., Ltd.)
Task: {31450007-2866-4CAE-A5AE-E31AE2A9CDDA} - \DealPly No Task File
Task: {62A28122-7E79-4286-9031-51785255492B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-10-18] (Google Inc.)
Task: {62A4E8FD-ED86-4DB0-92C6-B99937494BA8} - System32\Tasks\MirageAgent => C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe [2010-11-10] (CyberLink)
Task: {6CB3A5C3-1215-4452-95C6-FE52B42EB11C} - System32\Tasks\advSRS5 => C:\Program Files (x86)\Samsung\Samsung Recovery Solution 5\WCScheduler.exe [2011-02-14] (SEC)
Task: {7421D96F-C9A4-4652-9169-495E7960CF77} - System32\Tasks\EasyBatteryManager => C:\Program Files (x86)\Samsung\EasyBatteryManager\EasyBatteryMgr4.exe [2010-07-20] (SAMSUNG Electronics co., LTD.)
Task: {7A465F4C-B1B8-4CD1-AC89-330E883D6C2B} - System32\Tasks\SUPBackground => C:\Program Files (x86)\Samsung\Samsung Update Plus\SUPBackground.exe [2010-08-26] (Samsung Electronics)
Task: {865C02DF-B75E-4D9D-85DD-B0B8F655F723} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {8A8DD52D-D513-4903-933F-3F4B78ED5807} - System32\Tasks\EasySpeedUpManager => C:\Program Files (x86)\SAMSUNG\EasySpeedUpManager\EasySpeedUpManager.exe [2010-02-10] (Samsung Electronics Co., Ltd.)
Task: {921CD36F-B572-4725-A469-D886C8E181F8} - System32\Tasks\MovieColorEnhancer => C:\Program Files (x86)\Samsung\Movie Color Enhancer\MovieColorEnhancer.exe [2010-11-29] (Samsung Electronics Co., Ltd.)
Task: {959BF13A-81FD-47C3-AB1E-B5F78F8ECF91} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-10-18] (Google Inc.)
Task: {9EA3CC60-0107-4136-AD90-F7974E06EAB4} - System32\Tasks\BatteryLifeExtender => C:\Program Files (x86)\Samsung\BatteryLifeExtender\BatteryLifeExtender.exe [2010-12-17] (Samsung Electronics. Co. Ltd.)
Task: {A6D0C5B0-B33A-402D-A800-6F1F738538E4} - System32\Tasks\SamsungSupportCenter => C:\Program Files (x86)\Samsung\Samsung Support Center\SSCKbdHk.exe [2011-10-12] (SAMSUNG Electronics)
Task: {C2708EE1-C25D-44C8-9943-7B04D23480E7} - System32\Tasks\SmartSetting => C:\Program Files (x86)\Samsung\Easy Display Manager\SmartSetting.exe [2011-07-29] (Samsung Electronics Co., Ltd.)
Task: {C5196B7A-62C6-4416-B6A8-358A5B0EE275} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-2995853168-2351960583-972482601-1000Core => C:\Users\Arantxa\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-11-24] (Facebook Inc.)
Task: {DF52EFAB-691C-4405-8CD7-D612D3659D34} - System32\Tasks\Microsoft\Windows\MUI\Lpksetup => C:\windows\System32\lpksetup.exe [2010-11-21] (Microsoft Corporation)
Task: {F2F5589B-F9F7-425D-BC15-8359EFF5BDF6} - System32\Tasks\EasyDisplayMgr => C:\Program Files (x86)\Samsung\Easy Display Manager\dmhkcore.exe [2011-08-18] (Samsung Electronics Co., Ltd.)
Task: {F5AA92EB-5CCD-4F50-9362-6F14B97648B2} - System32\Tasks\WifiManager => C:\Program Files (x86)\Samsung\Easy Display Manager\WifiManager.exe [2011-02-15] (Samsung Electronics Co., Ltd.)
Task: C:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2995853168-2351960583-972482601-1000Core.job => C:\Users\Arantxa\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2995853168-2351960583-972482601-1000UA.job => C:\Users\Arantxa\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2010-12-16 06:37 - 2010-12-16 06:37 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2012-11-23 18:33 - 2012-11-07 09:30 - 00397088 _____ () C:\Program Files (x86)\Avira\AntiVir Desktop\sqlite3.dll
2011-11-08 03:27 - 2010-07-05 08:42 - 00203776 _____ () C:\Program Files (x86)\Samsung\Movie Color Enhancer\WinCRT.dll
2011-11-08 03:25 - 2006-08-12 01:48 - 00049152 _____ () C:\Program Files (x86)\Samsung\Easy Display Manager\HookDllPS2.dll
2013-10-18 10:02 - 2013-10-08 22:01 - 00698832 _____ () C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.101\libglesv2.dll
2013-10-18 10:02 - 2013-10-08 22:01 - 00099792 _____ () C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.101\libegl.dll
2013-10-18 10:02 - 2013-10-08 22:02 - 04055504 _____ () C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.101\pdf.dll
2013-10-18 10:02 - 2013-10-08 22:02 - 00415184 _____ () C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.101\ppGoogleNaClPluginChrome.dll
2013-10-18 10:02 - 2013-10-08 22:01 - 01604560 _____ () C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.101\ffmpegsumo.dll
2011-11-08 03:36 - 2010-05-07 12:22 - 01636864 _____ () C:\Program Files (x86)\Samsung\Samsung Recovery Solution 5\Resdll.dll
2013-10-18 10:03 - 2013-10-08 22:02 - 13584336 _____ () C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.101\PepperFlash\pepflashplayer.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\ProgramData\Temp:9857FAE3
AlternateDataStreams: C:\ProgramData\Temp:D1B5B4F1
AlternateDataStreams: C:\ProgramData\Temp:F67947AF

==================== Safe Mode (whitelisted) ===================

==================== Faulty Device Manager Devices =============

==================== Event log errors: =========================

Application errors:
==================
Error: (10/23/2013 00:50:00 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/23/2013 00:34:43 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/22/2013 10:16:15 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/22/2013 09:21:51 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/22/2013 07:23:28 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/22/2013 07:16:35 PM) (Source: Google Update) (User: Arantxa-PC)
Description: Network Request Error.
Error: 0x80072ee7. Http status code: 0.
Url=https://www.facebook.com/omaha/update.php
Trying config: source=IE, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=IE, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http s

Error: (10/22/2013 03:19:50 PM) (Source: CVHSVC) (User: )
Description: Solo información.
(Patch task for {90140011-0066-0C0A-0000-0000000FF1CE}): DownloadLatest Failed:

Error: (10/22/2013 03:06:28 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/22/2013 03:03:01 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/22/2013 02:55:26 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

System errors:
=============
Error: (10/23/2013 00:51:46 AM) (Source: Service Control Manager) (User: )
Description: El servicio HP Network Devices Support se cerró con el siguiente error:
%%126

Error: (10/23/2013 00:36:45 AM) (Source: Service Control Manager) (User: )
Description: El servicio HP Network Devices Support se cerró con el siguiente error:
%%126

Error: (10/23/2013 00:35:30 AM) (Source: Service Control Manager) (User: )
Description: El servicio Windows Search no pudo iniciarse debido al siguiente error:
%%1053

Error: (10/23/2013 00:35:30 AM) (Source: Service Control Manager) (User: )
Description: Se agotó el tiempo de espera (30000 ms) para la conexión con el servicio Windows Search.

Error: (10/23/2013 00:35:30 AM) (Source: DCOM) (User: )
Description: 1053WSearch{9E175B6D-F52A-11D8-B9A5-505054503030}

Error: (10/22/2013 10:18:05 PM) (Source: Service Control Manager) (User: )
Description: El servicio HP Network Devices Support se cerró con el siguiente error:
%%126

Error: (10/22/2013 10:17:42 PM) (Source: Microsoft-Windows-LanguagePackSetup) (User: NT AUTHORITY)
Description: Error al inicializar el cliente CBS. Último error: 0x80080005

Error: (10/22/2013 10:17:42 PM) (Source: DCOM) (User: )
Description: {752073A1-23F2-4396-85F0-8FDB879ED0ED}

Error: (10/22/2013 09:23:44 PM) (Source: Service Control Manager) (User: )
Description: El servicio HP Network Devices Support se cerró con el siguiente error:
%%126

Error: (10/22/2013 03:08:08 PM) (Source: Service Control Manager) (User: )
Description: El servicio HP Network Devices Support se cerró con el siguiente error:
%%126

Microsoft Office Sessions:
=========================
Error: (10/23/2013 00:50:00 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/23/2013 00:34:43 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/22/2013 10:16:15 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/22/2013 09:21:51 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/22/2013 07:23:28 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/22/2013 07:16:35 PM) (Source: Google Update)(User: Arantxa-PC)
Description: Network Request Error.
Error: 0x80072ee7. Http status code: 0.
Url=https://www.facebook.com/omaha/update.php
Trying config: source=IE, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=IE, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http s

Error: (10/22/2013 03:19:50 PM) (Source: CVHSVC)(User: )
Description: (Patch task for {90140011-0066-0C0A-0000-0000000FF1CE}): DownloadLatest Failed:

Error: (10/22/2013 03:06:28 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/22/2013 03:03:01 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/22/2013 02:55:26 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

==================== Memory info ===========================

Percentage of memory in use: 68%
Total physical RAM: 1961.55 MB
Available physical RAM: 614.54 MB
Total Pagefile: 3923.09 MB
Available Pagefile: 1910.96 MB
Total Virtual: 8192 MB
Available Virtual: 8191.81 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:111 GB) (Free:63.47 GB) NTFS
Drive d: () (Fixed) (Total:165.41 GB) (Free:163.76 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 298 GB) (Disk ID: 6D1A0290)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=111 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=165 GB) - (Type=OF Extended)
Partition 4: (Not Active) - (Size=22 GB) - (Type=27)

==================== End Of Log ============================

por Wings [In Memoriam] Qua 23 Out 2013, 01:15

Onde está o relatório FRST.txt?

Leia direitinho o que solicito.

por paoladaniellepereira Qua 23 Out 2013, 01:18

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 22-10-2013
Ran by Arantxa (administrator) on ARANTXA-PC on 23-10-2013 01:09:33
Running from C:\Users\Arantxa\Downloads
Windows 7 Home Basic Service Pack 1 (X64) OS Language: Spanish Modern Sort
Internet Explorer Version 10
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
() C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.21.165\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.21.165\GoogleCrashHandler64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(CashPartners Company) C:\Users\Arantxa\AppData\Local\aHaskZ3\CashPartners.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\Media+Player10\Media+Player10Serv.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD8\PDVD8Serv.exe
(keepvid.com Company) C:\Users\Arantxa\AppData\Local\keepvid.com.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(CyberLink) C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Easy Display Manager\dmhkcore.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Easy Display Manager\WifiManager.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\SAMSUNG\EasySpeedUpManager\EasySpeedUpManager.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel Corporation) C:\windows\system32\igfxext.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(SEC) C:\Program Files (x86)\Samsung\Samsung Recovery Solution 5\WCScheduler.exe
(Samsung Electronics Co., Ltd.) C:\Program Files\Samsung\SamsungFastStart\SmartRestarter.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Movie Color Enhancer\MovieColorEnhancer.exe
(SAMSUNG Electronics) C:\Program Files (x86)\Samsung\Samsung Support Center\SSCKbdHk.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Samsung Electronics) C:\Program Files (x86)\Samsung\Samsung Update Plus\SUPBackground.exe
(Microsoft Corporation) C:\windows\system32\prevhost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\windows\system32\consent.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13346920 2011-11-04] (Realtek Semiconductor)
HKLM\...\Run: [ETDCtrl] - C:\Program Files\Elantech\ETDCtrl.exe [2817872 2012-04-24] (ELAN Microelectronics Corp.)
HKLM\...\Run: [HotKeysCmds] - C:\windows\system32\hkcmd.exe [ ] ()
Winlogon\Notify\igfxcui: C:\windows\system32\igfxdev.dll (Intel Corporation)
HKCU\...\Run: [CashPartners] - C:\Users\Arantxa\AppData\Local\aHaskZ3\CashPartners.exe [259072 2013-10-02] (CashPartners Company)
MountPoints2: {163d5fd2-06e3-11e2-bf35-806e6f6e6963} - E:\setup.exe
HKLM-x32\...\Run: [RemoteControl10] - C:\Program Files (x86)\CyberLink\Media+Player10\Media+Player10Serv.exe [87336 2010-09-20] (CyberLink Corp.)
HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [347192 2013-09-10] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [RemoteControl8] - C:\Program Files (x86)\CyberLink\PowerDVD8\PDVD8Serv.exe [91432 2009-07-16] (CyberLink Corp.)
HKLM-x32\...\Run: [PDVD8LanguageShortcut] - C:\Program Files (x86)\CyberLink\PowerDVD8\Language\Language.exe [50472 2009-04-15] (CyberLink Corp.)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [keepvid] - C:\Users\Arantxa\AppData\Local\keepvid.com.exe [1120256 2013-06-10] (keepvid.com Company)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
AppInit_DLLs: [0 ] ()
IMEO\bitguard.exe: [Debugger] tasklist.exe
IMEO\bprotect.exe: [Debugger] tasklist.exe
IMEO\browserdefender.exe: [Debugger] tasklist.exe
IMEO\browserprotect.exe: [Debugger] tasklist.exe
BootExecute:

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
SearchScopes: HKCU - {EFA27348-E879-4907-9783-B1D0956D3E33} URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: keepvid.com - {49ed9900-38cd-453c-bba7-3f2613317f5a} - C:\Users\Arantxa\AppData\Local\keepvid.dll (keepvid.com Company)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Samsung BHO Class - {AA609D72-8482-4076-8991-8CDAE5B93BCB} - C:\Program Files\Samsung AnyWeb Print\W2PBrowser.dll ()
BHO-x32: SoundFrost - {d997c836-ff82-4519-b459-1482ba942a4f} - C:\Program Files (x86)\Baixar Musicas Gratis\SoundFrost.dll (SoundFrost Company)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

por paoladaniellepereira Qua 23 Out 2013, 01:19

Chrome:
=======
CHR HomePage: [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
CHR RestoreOnStartup: "hxxp://www.netshowmusic.blogspot.com.br/p/dance-music.html", "hxxp://www.google.com.br/", "hxxp://www.search.ask.com/?o=APN10640A&gct=hp&d=473-100&v=n9602-137&t=4"
CHR Extension: (GBBD Banco Santander (Brasil) S.A.) - C:\Users\Arantxa\AppData\Local\Google\Chrome\User Data\Default\Extensions\abmojiekfpcmkkfamgfcpgfgipocface\3.2.0_0
CHR Extension: (Google Docs) - C:\Users\Arantxa\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0
CHR Extension: (Google Drive) - C:\Users\Arantxa\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0
CHR Extension: (Retro Games) - C:\Users\Arantxa\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgejkohjndfiooaomnpbacoeekdonkak\2.3.1_0
CHR Extension: (YouTube) - C:\Users\Arantxa\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_1
CHR Extension: (Adblock Plus) - C:\Users\Arantxa\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.6.1_0
CHR Extension: (Google Search) - C:\Users\Arantxa\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (DAM3D Tiny Paradise) - C:\Users\Arantxa\AppData\Local\Google\Chrome\User Data\Default\Extensions\fnpbanjbhacjdjagipldcmmnefafiijj\1.0_0
CHR Extension: (Classic Games) - C:\Users\Arantxa\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbofnbeakdognkanffmpldbjgkblljkh\0.0.0.4_0
CHR Extension: (Climatempo) - C:\Users\Arantxa\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdpadclmjnppejbenfgklgaganbefgad\1.4.1_0
CHR Extension: (1100AD - Online Multiplayer Browser Based Strategy Game) - C:\Users\Arantxa\AppData\Local\Google\Chrome\User Data\Default\Extensions\jegickiknfggboklmifmeikkhnppbnha\1.0.22_0
CHR Extension: (Tradutor Instant\u00E2neo) - C:\Users\Arantxa\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljopfpjlegphoficbdmgkpgdkahmdhnf\0.3.3_0
CHR Extension: (Google Maps) - C:\Users\Arantxa\AppData\Local\Google\Chrome\User Data\Default\Extensions\lneaknkopdijkpnocmklfnjbeapigfbh\5.2.7_0
CHR Extension: (Truco Online) - C:\Users\Arantxa\AppData\Local\Google\Chrome\User Data\Default\Extensions\nklfeakhiiaddplcdpnkhhdefhgkmiae\1.0.1_0
CHR Extension: (Chrome In-App Payments service) - C:\Users\Arantxa\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_1
CHR Extension: (Gmail) - C:\Users\Arantxa\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Services (Whitelisted) =================

R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [84024 2013-09-10] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [108088 2013-09-10] (Avira Operations GmbH & Co. KG)
S3 COMSysApp; C:\Windows\SysWow64\dllhost.exe [7168 2009-07-13] (Microsoft Corporation)
S3 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [240736 2013-09-05] (WildTangent)
S3 msiserver; C:\Windows\SysWow64\msiexec.exe [73216 2010-11-21] (Microsoft Corporation)
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [244904 2009-12-01] ()
R2 WSearch; C:\Windows\SysWow64\SearchIndexer.exe [427520 2011-05-04] (Microsoft Corporation)
S2 HPSLPSVC; C:\Users\Arantxa\AppData\Local\Temp\7zS2802\hpslpsvc64.dll [x]

==================== Drivers (Whitelisted) ====================

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [105344 2013-09-10] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [132088 2013-09-10] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-03-27] (Avira Operations GmbH & Co. KG)
S3 BprotectEx; C:\windows\System32\drivers\BprotectEx.sys [76096 2013-08-08] (Baidu, Inc.)
S3 rtport; C:\windows\SysWOW64\drivers\rtport.sys [15144 2012-09-25] (Windows (R) 2003 DDK 3790 provider)

========================== Drivers MD5 =======================

C:\Windows\system32\drivers\1394ohci.sys ==> MD5 is legit
C:\Windows\System32\drivers\ACPI.sys ==> MD5 is legit
C:\Windows\system32\drivers\acpipmi.sys ==> MD5 is legit
C:\Windows\system32\drivers\adp94xx.sys ==> MD5 is legit
C:\Windows\system32\drivers\adpahci.sys ==> MD5 is legit
C:\Windows\system32\drivers\adpu320.sys ==> MD5 is legit
C:\Windows\system32\drivers\afd.sys 314C17917AC8523EC77A710215012A65
C:\Windows\system32\drivers\agp440.sys ==> MD5 is legit
C:\Windows\system32\drivers\aliide.sys ==> MD5 is legit
C:\Windows\system32\drivers\amdide.sys ==> MD5 is legit
C:\Windows\system32\drivers\amdk8.sys ==> MD5 is legit
C:\Windows\system32\drivers\amdppm.sys ==> MD5 is legit
C:\Windows\system32\drivers\amdsata.sys D4121AE6D0C0E7E13AA221AA57EF2D49
C:\Windows\system32\drivers\amdsbs.sys ==> MD5 is legit
C:\Windows\System32\drivers\amdxata.sys 540DAF1CEA6094886D72126FD7C33048
C:\Windows\system32\drivers\appid.sys ==> MD5 is legit
C:\Windows\system32\drivers\arc.sys ==> MD5 is legit
C:\Windows\system32\drivers\arcsas.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\asyncmac.sys ==> MD5 is legit
C:\Windows\System32\drivers\atapi.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\athrx.sys 3D68A1EEF77307142636AF5127990BCB
C:\Windows\System32\DRIVERS\avgntflt.sys 0D5C96FD25D6455D97A5C4D7706DFAB1
C:\Windows\System32\DRIVERS\avipbb.sys E26B3C8E9C3DDE047B32C5719955D715
C:\Windows\System32\DRIVERS\avkmgr.sys 490FA25161BF3E51993EB724ECF0ACEB
C:\Windows\system32\drivers\bxvbda.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\b57nd60a.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Beep.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\blbdrive.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\bowser.sys ==> MD5 is legit
C:\windows\System32\drivers\BprotectEx.sys 118960D109F52515A0D9369139203D6D
C:\Windows\system32\drivers\BrFiltLo.sys ==> MD5 is legit
C:\Windows\system32\drivers\BrFiltUp.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Brserid.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrSerWdm.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrUsbMdm.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrUsbSer.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\btfilter.sys 9D95F74875491CECBF9E10A5936A570E
C:\Windows\system32\drivers\BthEnum.sys CF98190A94F62E405C8CB255018B2315
C:\Windows\system32\drivers\bthmodem.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\bthpan.sys 02DD601B708DD0667E1331FA8518E9FF
C:\Windows\System32\Drivers\BTHport.sys 738D0E9272F59EB7A1449C3EC118E6C4
C:\Windows\System32\Drivers\BTHUSB.sys F188B7394D81010767B6DF3178519A37
C:\Windows\System32\DRIVERS\cdfs.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\cdrom.sys ==> MD5 is legit
C:\Windows\system32\drivers\circlass.sys ==> MD5 is legit
C:\Windows\System32\CLFS.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\clwvd.sys 50F92C943F18B070F166D019DFAB3D9A
C:\Windows\System32\DRIVERS\CmBatt.sys ==> MD5 is legit
C:\Windows\system32\drivers\cmdide.sys ==> MD5 is legit
C:\Windows\System32\Drivers\cng.sys AAFCB52FE0037207FB6FBEA070D25EFE
C:\Windows\System32\DRIVERS\compbatt.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\CompositeBus.sys ==> MD5 is legit
C:\Windows\system32\drivers\crcdisk.sys ==> MD5 is legit
C:\Windows\System32\Drivers\dfsc.sys ==> MD5 is legit
C:\Windows\System32\drivers\discache.sys ==> MD5 is legit
C:\Windows\System32\drivers\disk.sys ==> MD5 is legit
C:\Windows\System32\drivers\drmkaud.sys ==> MD5 is legit
C:\Windows\System32\drivers\dxgkrnl.sys 88612F1CE3BF42256913BF6E61C70D52
C:\Windows\system32\drivers\evbda.sys ==> MD5 is legit
C:\Windows\system32\drivers\elxstor.sys ==> MD5 is legit
C:\Windows\system32\drivers\errdev.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ETD.sys 0C8324462B9791A1ECE2A329A7378A55
C:\Windows\System32\Drivers\exfat.sys ==> MD5 is legit
C:\Windows\System32\Drivers\fastfat.sys ==> MD5 is legit
C:\Windows\system32\drivers\fdc.sys ==> MD5 is legit
C:\Windows\System32\drivers\fileinfo.sys ==> MD5 is legit
C:\Windows\System32\drivers\filetrace.sys ==> MD5 is legit
C:\Windows\system32\drivers\flpydisk.sys ==> MD5 is legit
C:\Windows\System32\drivers\fltmgr.sys ==> MD5 is legit
C:\Windows\System32\drivers\FsDepends.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Fs_Rec.sys 6BD9295CC032DD3077C671FCCF579A7B
C:\Windows\System32\DRIVERS\fvevol.sys 8F6322049018354F45F05A2FD2D4E5E0
C:\Windows\system32\drivers\gagp30kx.sys ==> MD5 is legit
C:\Windows\system32\drivers\hcw85cir.sys ==> MD5 is legit
C:\Windows\System32\drivers\HdAudio.sys 975761C778E33CD22498059B91E7373A
C:\Windows\System32\DRIVERS\HDAudBus.sys ==> MD5 is legit
C:\Windows\system32\drivers\HidBatt.sys ==> MD5 is legit
C:\Windows\system32\drivers\hidbth.sys ==> MD5 is legit
C:\Windows\system32\drivers\hidir.sys ==> MD5 is legit
C:\Windows\system32\drivers\hidusb.sys ==> MD5 is legit
C:\Windows\system32\drivers\HpSAMD.sys ==> MD5 is legit
C:\Windows\System32\drivers\HTTP.sys ==> MD5 is legit
C:\Windows\System32\drivers\hwpolicy.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\i8042prt.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\iaStor.sys 53CC5BF8B5A219119953C7ABB19A7705
C:\Windows\system32\drivers\iaStorV.sys AAAF44DB3BD0B9D1FB6969B23ECC8366
C:\Windows\System32\DRIVERS\igdkmd64.sys F4F91789C7C7A159CE8215C1F69F2A85
C:\Windows\system32\drivers\iirsp.sys ==> MD5 is legit
C:\Windows\System32\drivers\RTKVHD64.sys C90545464654215B186B3CBE4AD0701D
C:\Windows\System32\DRIVERS\IntcDAud.sys AE594CC17C33AC146739494615E14851
C:\Windows\system32\drivers\intelide.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\intelppm.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ipfltdrv.sys ==> MD5 is legit
C:\Windows\system32\drivers\IPMIDrv.sys ==> MD5 is legit
C:\Windows\System32\drivers\ipnat.sys ==> MD5 is legit
C:\Windows\System32\drivers\irenum.sys ==> MD5 is legit
C:\Windows\system32\drivers\isapnp.sys ==> MD5 is legit
C:\Windows\system32\drivers\msiscsi.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\kbdclass.sys ==> MD5 is legit
C:\Windows\system32\drivers\kbdhid.sys ==> MD5 is legit
C:\Windows\System32\Drivers\ksecdd.sys 97A7070AEA4C058B6418519E869A63B4
C:\Windows\System32\Drivers\ksecpkg.sys 7EFB9333E4ECCE6AE4AE9D777D9E553E
C:\Windows\system32\drivers\ksthunk.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\lltdio.sys ==> MD5 is legit
C:\Windows\system32\drivers\lsi_fc.sys ==> MD5 is legit
C:\Windows\system32\drivers\lsi_sas.sys ==> MD5 is legit
C:\Windows\system32\drivers\lsi_sas2.sys ==> MD5 is legit
C:\Windows\system32\drivers\lsi_scsi.sys ==> MD5 is legit
C:\Windows\system32\drivers\luafv.sys ==> MD5 is legit
C:\Windows\system32\drivers\megasas.sys ==> MD5 is legit
C:\Windows\system32\drivers\MegaSR.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\HECIx64.sys A6518DCC42F7A6E999BB3BEA8FD87567
C:\Windows\System32\drivers\modem.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\monitor.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\mouclass.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\mouhid.sys ==> MD5 is legit
C:\Windows\System32\drivers\mountmgr.sys ==> MD5 is legit
C:\Windows\system32\drivers\mpio.sys ==> MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys ==> MD5 is legit
C:\Windows\system32\drivers\mrxdav.sys 1A4F75E63C9FB84B85DFFC6B63FD5404
C:\Windows\System32\DRIVERS\mrxsmb.sys A5D9106A73DC88564C825D317CAC68AC
C:\Windows\System32\DRIVERS\mrxsmb10.sys D711B3C1D5F42C0C2415687BE09FC163
C:\Windows\System32\DRIVERS\mrxsmb20.sys 9423E9D355C8D303E76B8CFBD8A5C30C
C:\Windows\System32\drivers\msahci.sys ==> MD5 is legit
C:\Windows\system32\drivers\msdsm.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Msfs.sys ==> MD5 is legit
C:\Windows\System32\drivers\mshidkmdf.sys ==> MD5 is legit
C:\Windows\System32\drivers\msisadrv.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSKSSRV.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSPCLOCK.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSPQM.sys ==> MD5 is legit
C:\Windows\System32\Drivers\MsRPC.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\mssmbios.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSTEE.sys ==> MD5 is legit
C:\Windows\system32\drivers\MTConfig.sys ==> MD5 is legit
C:\Windows\System32\Drivers\mup.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\nwifi.sys ==> MD5 is legit
C:\Windows\System32\drivers\ndis.sys 760E38053BF56E501D562B70AD796B88
C:\Windows\System32\DRIVERS\ndiscap.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndistapi.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndisuio.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndiswan.sys ==> MD5 is legit
C:\Windows\System32\Drivers\NDProxy.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\netbios.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\netbt.sys ==> MD5 is legit
C:\Windows\system32\drivers\nfrd960.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Npfs.sys ==> MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Ntfs.sys B98F8C6E31CD07B2E6F71F7F648E38C0
C:\Windows\System32\Drivers\Null.sys ==> MD5 is legit
C:\Windows\system32\drivers\nvraid.sys 0A92CB65770442ED0DC44834632F66AD
C:\Windows\system32\drivers\nvstor.sys DAB0E87525C10052BF65F06152F37E4A
C:\Windows\system32\drivers\nv_agp.sys ==> MD5 is legit
C:\Windows\system32\drivers\ohci1394.sys ==> MD5 is legit
C:\Windows\system32\drivers\parport.sys ==> MD5 is legit
C:\Windows\System32\drivers\partmgr.sys E9766131EEADE40A27DC27D2D68FBA9C
C:\Windows\System32\drivers\pci.sys ==> MD5 is legit
C:\Windows\system32\drivers\pciide.sys ==> MD5 is legit
C:\Windows\system32\drivers\pcmcia.sys ==> MD5 is legit
C:\Windows\System32\drivers\pcw.sys ==> MD5 is legit
C:\Windows\System32\drivers\peauth.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\raspptp.sys ==> MD5 is legit
C:\Windows\system32\drivers\processr.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\pacer.sys ==> MD5 is legit
C:\Windows\system32\drivers\ql2300.sys ==> MD5 is legit
C:\Windows\system32\drivers\ql40xx.sys ==> MD5 is legit
C:\Windows\system32\drivers\qwavedrv.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rasacd.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\AgileVpn.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rasl2tp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\raspppoe.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rassstp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rdbss.sys ==> MD5 is legit
C:\Windows\system32\drivers\rdpbus.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\RDPCDD.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdpencdd.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdprefmp.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdpvideominiport.sys 313F68E1A3E6345A4F47A36B07062F34
C:\Windows\System32\Drivers\RDPWD.sys E61608AA35E98999AF9AAEEEA6114B0A
C:\Windows\System32\drivers\rdyboost.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rfcomm.sys 3DD798846E2C28102B922C56E71B7932
C:\Windows\System32\DRIVERS\rspndr.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\Rt64win7.sys EA5532868BA76923D75BCB2A1448D810
C:\windows\SysWOW64\drivers\rtport.sys 4CA0DBA9E224473D664C25E411F5A3BD
C:\windows\system32\Drivers\SABI.sys 62DB6CC4B0818F1B5F3441241B098F12
C:\Windows\system32\drivers\sbp2port.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\scfilter.sys ==> MD5 is legit
C:\Windows\System32\Drivers\secdrv.sys ==> MD5 is legit
C:\Windows\system32\drivers\serenum.sys ==> MD5 is legit
C:\Windows\system32\drivers\serial.sys ==> MD5 is legit
C:\Windows\system32\drivers\sermouse.sys ==> MD5 is legit
C:\Windows\system32\drivers\sffdisk.sys ==> MD5 is legit
C:\Windows\system32\drivers\sffp_mmc.sys ==> MD5 is legit
C:\Windows\system32\drivers\sffp_sd.sys ==> MD5 is legit
C:\Windows\system32\drivers\sfloppy.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\Sftfslh.sys 2046AA7491DE7EFA4D70E615D9BC9D09
C:\Windows\System32\DRIVERS\Sftplaylh.sys 0E0446BC4D51BE4263ACB7E33491191C
C:\Windows\System32\DRIVERS\Sftredirlh.sys C5FB982CD266E604ED3142102C26D62C
C:\Windows\System32\DRIVERS\Sftvollh.sys 2575511AF67AA1FA068CCC4918E2C2A3
C:\Windows\system32\drivers\SiSRaid2.sys ==> MD5 is legit
C:\Windows\system32\drivers\sisraid4.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\smb.sys ==> MD5 is legit
C:\Windows\System32\Drivers\spldr.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\srv.sys 441FBA48BFF01FDB9D5969EBC1838F0B
C:\Windows\System32\DRIVERS\srv2.sys B4ADEBBF5E3677CCE9651E0F01F7CC28
C:\Windows\System32\DRIVERS\srvnet.sys 27E461F0BE5BFF5FC737328F749538C3
C:\Windows\system32\drivers\stexstor.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\serscan.sys DECACB6921DED1A38642642685D77DAC
C:\Windows\System32\DRIVERS\swenum.sys ==> MD5 is legit
C:\Windows\System32\drivers\tcpip.sys 40AF23633D197905F03AB5628C558C51
C:\Windows\System32\DRIVERS\tcpip.sys 40AF23633D197905F03AB5628C558C51
C:\Windows\System32\drivers\tcpipreg.sys 1B16D0BD9841794A6E0CDE0CEF744ABC
C:\Windows\System32\drivers\tdpipe.sys ==> MD5 is legit
C:\Windows\System32\drivers\tdtcp.sys 51C5ECEB1CDEE2468A1748BE550CFBC8
C:\Windows\System32\DRIVERS\tdx.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\termdd.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\tssecsrv.sys 4CE278FC9671BA81A138D70823FCAA09
C:\Windows\System32\drivers\tsusbflt.sys 17C6B51CBCCDED95B3CC14E22791F85E
C:\Windows\system32\drivers\TsUsbGD.sys AD64450A4ABE076F5CB34CC08EEACB07
C:\Windows\System32\DRIVERS\tunnel.sys ==> MD5 is legit
C:\Windows\system32\drivers\uagp35.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\udfs.sys ==> MD5 is legit
C:\Windows\system32\drivers\uliagpkx.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\umbus.sys ==> MD5 is legit
C:\Windows\system32\drivers\umpass.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\usbccgp.sys ACCEA6BC68D0C9A78EB97EE159028B4E
C:\Windows\system32\drivers\usbcir.sys 80B0F7D5CCF86CEB5D402EAAF61FEC31
C:\Windows\system32\drivers\usbehci.sys 311C1DD1088E55BEAE15954D17F50646
C:\Windows\System32\DRIVERS\usbhub.sys 280E90CBF4B2DDD169F0728CB44D726F
C:\Windows\system32\drivers\usbohci.sys 9406D801042FAF859CF81B2C886413DC
C:\Windows\System32\DRIVERS\usbprint.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\USBSTOR.SYS FED648B01349A3C8395A5169DB5FB7D6
C:\Windows\system32\drivers\usbuhci.sys A83D0EC9AE4C31704442099D40BA2471
C:\Windows\System32\Drivers\usbvideo.sys 1F775DA4CF1A3A1834207E975A72E9D7
C:\Windows\System32\drivers\vdrvroot.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vgapnp.sys ==> MD5 is legit
C:\Windows\System32\drivers\vga.sys ==> MD5 is legit
C:\Windows\system32\drivers\vhdmp.sys ==> MD5 is legit
C:\Windows\system32\drivers\viaide.sys ==> MD5 is legit
C:\Windows\System32\drivers\volmgr.sys ==> MD5 is legit
C:\Windows\System32\drivers\volmgrx.sys ==> MD5 is legit
C:\Windows\System32\drivers\volsnap.sys DF8126BD41180351A093A3AD2FC8903B
C:\Windows\system32\drivers\vsmraid.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vwifibus.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vwififlt.sys 13A0DECD1794DE60A8427862C8669D27
C:\Windows\system32\drivers\wacompen.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\wanarp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\wanarp.sys ==> MD5 is legit
C:\Windows\system32\drivers\wd.sys ==> MD5 is legit
C:\Windows\System32\drivers\Wdf01000.sys E2C933EDBC389386EBE6D2BA953F43D8
C:\Windows\System32\DRIVERS\wfplwf.sys ==> MD5 is legit
C:\Windows\System32\drivers\wimmount.sys ==> MD5 is legit
C:\Windows\SysWow64\Drivers\wimmount.sys ==> MD5 is legit
C:\Windows\system32\drivers\wmiacpi.sys ==> MD5 is legit
C:\Windows\system32\drivers\ws2ifsl.sys ==> MD5 is legit
C:\Windows\System32\drivers\WudfPf.sys AB886378EEB55C6C75B4F2D14B6C869F
C:\Windows\System32\DRIVERS\WUDFRd.sys DDA4CAF29D8C0A297F886BFE561E6659

==================== NetSvcs (Whitelisted) ===================

==================== One Month Created Files and Folders ========

2013-10-23 01:09 - 2013-10-23 01:09 - 00000000 ____D C:\FRST
2013-10-23 01:08 - 2013-10-23 01:08 - 01954682 _____ (Farbar) C:\Users\Arantxa\Downloads\FRST64.exe
2013-10-23 00:40 - 2013-10-23 00:44 - 00000000 ____D C:\AdwCleaner
2013-10-23 00:37 - 2013-10-23 00:37 - 01060070 _____ C:\Users\Arantxa\Downloads\AdwCleaner.exe
2013-10-22 22:55 - 2013-10-22 22:55 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Arantxa\Downloads\mbam-setup-1.75.0.1300 (1).exe
2013-10-22 22:55 - 2013-10-22 22:55 - 00000000 ____D C:\Users\Arantxa\AppData\Roaming\Malwarebytes
2013-10-22 22:55 - 2013-10-22 22:55 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-10-22 22:54 - 2013-10-22 22:55 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Arantxa\Downloads\mbam-setup-1.75.0.1300.exe
2013-10-22 21:37 - 2013-10-22 21:37 - 00000000 ____D C:\ProgramData\Oracle
2013-10-22 21:36 - 2013-10-08 07:50 - 00096168 _____ (Oracle Corporation) C:\windows\SysWOW64\WindowsAccessBridge-32.dll
2013-10-22 21:36 - 2013-10-08 07:46 - 00264616 _____ (Oracle Corporation) C:\windows\SysWOW64\javaws.exe
2013-10-22 21:36 - 2013-10-08 07:46 - 00175016 _____ (Oracle Corporation) C:\windows\

por paoladaniellepereira Qua 23 Out 2013, 01:19

2013-10-22 21:36 - 2013-10-08 07:46 - 00174504 _____ (Oracle Corporation) C:\windows\SysWOW64\java.exe
2013-10-22 21:35 - 2013-10-22 21:36 - 00004744 _____ C:\windows\SysWOW64\jupdate-1.7.0_45-b18.log
2013-10-22 14:50 - 2013-10-22 14:50 - 00000000 ____D C:\Users\Arantxa\AppData\Roaming\Apple Computer
2013-10-20 14:50 - 2013-10-23 00:48 - 00000504 _____ C:\windows\setupact.log
2013-10-20 14:50 - 2013-10-23 00:32 - 00005160 _____ C:\windows\PFRO.log
2013-10-20 14:50 - 2013-10-20 14:50 - 00000000 _____ C:\windows\setuperr.log
2013-10-19 02:30 - 2013-10-19 02:30 - 101890677 _____ C:\windows\SysWOW64\袋ᛴᵌ‹
2013-10-18 19:03 - 2013-10-22 21:59 - 00000000 ____D C:\Program Files (x86)\VS Revo Group
2013-10-18 19:02 - 2013-10-18 19:02 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Arantxa\Downloads\revosetup.exe
2013-10-18 14:49 - 2013-10-18 14:49 - 00034106 _____ C:\Users\Arantxa\Downloads\74.52.176.75 shetef.htm
2013-10-18 14:49 - 2013-10-18 14:49 - 00000000 ____D C:\Users\Arantxa\Downloads\74.52.176.75 shetef_files
2013-10-18 10:03 - 2013-10-18 10:03 - 00002255 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2013-10-18 10:02 - 2013-10-18 10:02 - 00000000 ____D C:\Users\Arantxa\AppData\Local\{D3164B96-0DE0-4E13-9131-4C72E6EBB3AB}
2013-10-18 09:59 - 2013-10-23 01:11 - 00001070 _____ C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-10-18 09:59 - 2013-10-23 00:48 - 00001066 _____ C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-10-18 09:59 - 2013-10-18 10:06 - 00004066 _____ C:\windows\System32\Tasks\GoogleUpdateTaskMachineUA
2013-10-18 09:59 - 2013-10-18 10:06 - 00003814 _____ C:\windows\System32\Tasks\GoogleUpdateTaskMachineCore
2013-10-18 07:18 - 2013-10-18 07:18 - 00262144 _____ C:\windows\system32\config\userdiff
2013-10-18 01:26 - 2013-10-18 01:26 - 00000002 _____ C:\$UpgDrv$
2013-10-18 01:23 - 2013-10-18 02:53 - 00000000 ____D C:\$UPGRADE.~OS
2013-10-18 01:12 - 2013-10-18 02:13 - 00001890 _____ C:\windows\diagwrn.xml
2013-10-18 01:12 - 2013-10-18 02:13 - 00001890 _____ C:\windows\diagerr.xml
2013-10-16 16:09 - 2013-10-16 16:09 - 00000000 ____D C:\windows\CD95F661A5C444F5A6AAECDD91C240DB.TMP
2013-10-16 16:08 - 2013-10-17 22:41 - 00000820 _____ C:\Users\Arantxa\Documents\musicas cd.txt
2013-10-16 16:07 - 2013-10-18 09:10 - 00000000 ____D C:\Users\Arantxa\AppData\Local\aHaskZ3
2013-10-16 16:07 - 2013-10-16 16:10 - 00089088 _____ (keepvid.com Company) C:\Users\Arantxa\AppData\Local\keepvid.dll
2013-10-16 16:07 - 2013-10-16 16:10 - 00025347 _____ C:\Users\Arantxa\AppData\Local\helper.dat
2013-10-16 16:07 - 2013-08-19 13:42 - 00108032 _____ C:\Users\Arantxa\AppData\Local\ContentAgent.exe
2013-10-16 16:07 - 2013-08-07 17:32 - 02598912 _____ (Digia Plc and/or its subsidiary(-ies)) C:\Users\Arantxa\AppData\Local\QtCore4.dll
2013-10-16 16:07 - 2013-06-27 12:16 - 08581632 _____ (Digia Plc and/or its subsidiary(-ies)) C:\Users\Arantxa\AppData\Local\QtGui4.dll
2013-10-16 16:07 - 2013-06-27 12:10 - 01053696 _____ (Digia Plc and/or its subsidiary(-ies)) C:\Users\Arantxa\AppData\Local\QtNetwork4.dll
2013-10-16 16:07 - 2013-06-10 18:59 - 01120256 _____ (keepvid.com Company) C:\Users\Arantxa\AppData\Local\keepvid.com.exe
2013-10-16 16:07 - 2013-03-18 19:45 - 01122304 _____ (The OpenSSL Project, [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] C:\Users\Arantxa\AppData\Local\libeay32.dll
2013-10-16 16:07 - 2013-03-18 19:45 - 00274432 _____ (The OpenSSL Project, [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] C:\Users\Arantxa\AppData\Local\ssleay32.dll
2013-10-16 16:07 - 2011-06-11 02:58 - 00773968 _____ (Microsoft Corporation) C:\Users\Arantxa\AppData\Local\msvcr100.dll
2013-10-16 16:07 - 2011-06-11 02:58 - 00421200 _____ (Microsoft Corporation) C:\Users\Arantxa\AppData\Local\msvcp100.dll
2013-10-16 15:54 - 2013-10-16 15:54 - 00000000 ____D C:\Users\Arantxa\.swt
2013-10-16 15:53 - 2013-10-16 15:53 - 00001990 _____ C:\Users\Public\Desktop\MP3 Rocket 6.4.lnk
2013-10-16 15:52 - 2013-10-18 09:08 - 00000000 ____D C:\Program Files (x86)\MP3 Rocket
2013-10-16 15:30 - 2013-10-18 09:06 - 00000000 ____D C:\Program Files (x86)\Baixar Musicas Gratis
2013-10-16 15:30 - 2013-10-16 16:10 - 00000282 __RSH C:\Users\Arantxa\ntuser.pol
2013-10-16 15:29 - 2013-10-16 15:29 - 00003150 _____ C:\windows\System32\Tasks\{20606397-0BB4-41CD-8FC4-EC68268455C2}
2013-10-16 15:29 - 2013-08-08 01:25 - 00076096 _____ (Baidu, Inc.) C:\windows\system32\Drivers\BprotectEx.sys
2013-10-16 15:27 - 2013-10-16 15:27 - 00000000 ____D C:\ProgramData\Baidu Security
2013-10-16 15:27 - 2013-10-16 15:27 - 00000000 ____D C:\Program Files (x86)\Baidu Security
2013-10-16 14:39 - 2013-10-16 15:26 - 00000000 ____D C:\Program Files (x86)\DsNET Corp
2013-10-15 16:10 - 2013-10-16 14:34 - 101406750 _____ C:\windows\SysWOW64\ჳ褑ᵌª
2013-10-14 23:52 - 2013-10-14 23:52 - 44060672 _____ C:\windows\system32\config\COMPONENTS.iobit
2013-10-14 23:52 - 2013-10-14 23:52 - 18059264 _____ C:\windows\system32\config\SYSTEM.iobit
2013-10-14 23:52 - 2013-10-14 23:52 - 00847872 _____ C:\windows\system32\config\DEFAULT.iobit
2013-10-14 23:52 - 2013-10-14 23:52 - 00061440 _____ C:\windows\system32\config\SAM.iobit
2013-10-14 23:52 - 2013-10-14 23:52 - 00024576 _____ C:\windows\system32\config\SECURITY.iobit
2013-10-14 23:51 - 2013-10-14 23:52 - 62136320 _____ C:\windows\system32\config\SOFTWARE.iobit
2013-10-13 03:14 - 2013-10-13 03:14 - 00343040 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbhub.sys
2013-10-13 03:14 - 2013-10-13 03:14 - 00325120 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbport.sys
2013-10-13 03:14 - 2013-10-13 03:14 - 00099840 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbccgp.sys
2013-10-13 03:14 - 2013-10-13 03:14 - 00052736 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbehci.sys
2013-10-13 03:14 - 2013-10-13 03:14 - 00030720 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbuhci.sys
2013-10-13 03:14 - 2013-10-13 03:14 - 00025600 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbohci.sys
2013-10-13 03:14 - 2013-10-13 03:14 - 00007808 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbd.sys
2013-10-13 02:54 - 2013-10-13 15:05 - 100742045 _____ C:\windows\SysWOW64\桑ዏᵌi
2013-10-12 04:23 - 2013-09-22 21:28 - 01767936 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2013-10-12 04:23 - 2013-09-22 21:28 - 01141248 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2013-10-12 04:23 - 2013-09-22 21:27 - 13761024 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2013-10-12 04:23 - 2013-09-22 21:27 - 02876928 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2013-10-12 04:23 - 2013-09-22 21:27 - 02048512 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2013-10-12 04:23 - 2013-09-22 21:27 - 00690688 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll
2013-10-12 04:23 - 2013-09-22 21:27 - 00493056 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2013-10-12 04:23 - 2013-09-22 21:27 - 00391168 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll
2013-10-12 04:23 - 2013-09-22 21:27 - 00109056 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesysprep.dll
2013-10-12 04:23 - 2013-09-22 21:27 - 00061440 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2013-10-12 04:23 - 2013-09-22 21:27 - 00039424 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2013-10-12 04:23 - 2013-09-22 21:27 - 00033280 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2013-10-12 04:23 - 2013-09-22 20:55 - 02241024 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2013-10-12 04:23 - 2013-09-22 20:55 - 01365504 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2013-10-12 04:23 - 2013-09-22 20:55 - 00051712 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2013-10-12 04:23 - 2013-09-22 20:54 - 19252224 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2013-10-12 04:23 - 2013-09-22 20:54 - 15404544 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2013-10-12 04:23 - 2013-09-22 20:54 - 03959296 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2013-10-12 04:23 - 2013-09-22 20:54 - 02647552 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2013-10-12 04:23 - 2013-09-22 20:54 - 00855552 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2013-10-12 04:23 - 2013-09-22 20:54 - 00603136 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2013-10-12 04:23 - 2013-09-22 20:54 - 00526336 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2013-10-12 04:23 - 2013-09-22 20:54 - 00136704 _____ (Microsoft Corporation) C:\windows\system32\iesysprep.dll
2013-10-12 04:23 - 2013-09-22 20:54 - 00067072 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2013-10-12 04:23 - 2013-09-22 20:54 - 00053248 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2013-10-12 04:23 - 2013-09-22 20:54 - 00039936 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2013-10-12 04:23 - 2013-09-21 01:38 - 02706432 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2013-10-12 04:23 - 2013-09-21 01:30 - 02706432 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2013-10-12 04:23 - 2013-09-21 00:48 - 00089600 _____ (Microsoft Corporation) C:\windows\system32\RegisterIEPKEYs.exe
2013-10-12 04:23 - 2013-09-21 00:39 - 00071680 _____ (Microsoft Corporation) C:\windows\SysWOW64\RegisterIEPKEYs.exe
2013-10-12 04:22 - 2013-09-22 21:27 - 14335488 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2013-10-11 23:37 - 2013-10-11 23:37 - 100595853 _____ C:\windows\SysWOW64\ὴ코ᵌ)
2013-10-11 20:07 - 2013-08-29 00:17 - 05549504 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe
2013-10-11 20:07 - 2013-08-29 00:16 - 01732032 _____ (Microsoft Corporation) C:\windows\system32\ntdll.dll
2013-10-11 20:07 - 2013-08-29 00:16 - 00859648 _____ (Microsoft Corporation) C:\windows\system32\tdh.dll
2013-10-11 20:07 - 2013-08-29 00:16 - 00243712 _____ (Microsoft Corporation) C:\windows\system32\wow64.dll
2013-10-11 20:07 - 2013-08-29 00:13 - 00878080 _____ (Microsoft Corporation) C:\windows\system32\advapi32.dll
2013-10-11 20:07 - 2013-08-28 23:51 - 03969472 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntkrnlpa.exe
2013-10-11 20:07 - 2013-08-28 23:51 - 03914176 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntoskrnl.exe
2013-10-11 20:07 - 2013-08-28 23:50 - 01292192 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntdll.dll
2013-10-11 20:07 - 2013-08-28 23:50 - 00619520 _____ (Microsoft Corporation) C:\windows\SysWOW64\tdh.dll
2013-10-11 20:07 - 2013-08-28 23:50 - 00005120 _____ (Microsoft Corporation) C:\windows\SysWOW64\wow32.dll
2013-10-11 20:07 - 2013-08-28 23:48 - 00640512 _____ (Microsoft Corporation) C:\windows\SysWOW64\advapi32.dll
2013-10-11 20:07 - 2013-08-28 22:49 - 00025600 _____ (Microsoft Corporation) C:\windows\SysWOW64\setup16.exe
2013-10-11 20:07 - 2013-08-28 22:49 - 00014336 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntvdm64.dll
2013-10-11 20:07 - 2013-08-28 22:49 - 00007680 _____ (Microsoft Corporation) C:\windows\SysWOW64\instnm.exe
2013-10-11 20:07 - 2013-08-28 22:49 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\user.exe
2013-10-11 19:52 - 2013-09-13 23:10 - 00497152 _____ (Microsoft Corporation) C:\windows\system32\Drivers\afd.sys
2013-10-11 19:52 - 2013-09-08 00:30 - 01903552 _____ (Microsoft Corporation) C:\windows\system32\Drivers\tcpip.sys
2013-10-11 19:52 - 2013-09-08 00:27 - 00327168 _____ (Microsoft Corporation) C:\windows\system32\mswsock.dll
2013-10-11 19:52 - 2013-09-08 00:03 - 00231424 _____ (Microsoft Corporation) C:\windows\SysWOW64\mswsock.dll
2013-10-11 19:04 - 2013-07-04 10:50 - 00633856 _____ (Microsoft Corporation) C:\windows\system32\comctl32.dll
2013-10-11 19:04 - 2013-07-04 09:50 - 00530432 _____ (Microsoft Corporation) C:\windows\SysWOW64\comctl32.dll
2013-10-11 18:59 - 2013-06-25 20:55 - 00785624 _____ (Microsoft Corporation) C:\windows\system32\Drivers\Wdf01000.sys
2013-10-11 18:49 - 2013-07-04 10:57 - 00259584 _____ (Microsoft Corporation) C:\windows\system32\WebClnt.dll
2013-10-11 18:49 - 2013-07-04 10:50 - 00102400 _____ (Microsoft Corporation) C:\windows\system32\davclnt.dll
2013-10-11 18:49 - 2013-07-04 09:57 - 00205824 _____ (Microsoft Corporation) C:\windows\SysWOW64\WebClnt.dll
2013-10-11 18:49 - 2013-07-04 09:51 - 00081920 _____ (Microsoft Corporation) C:\windows\SysWOW64\davclnt.dll
2013-10-11 18:49 - 2013-07-04 08:11 - 00140800 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxdav.sys
2013-10-11 18:37 - 2013-06-06 03:50 - 00041472 _____ (Microsoft Corporation) C:\windows\system32\lpk.dll
2013-10-11 18:37 - 2013-06-06 03:49 - 00100864 _____ (Microsoft Corporation) C:\windows\system32\fontsub.dll
2013-10-11 18:37 - 2013-06-06 03:49 - 00014336 _____ (Microsoft Corporation) C:\windows\system32\dciman32.dll
2013-10-11 18:37 - 2013-06-06 03:47 - 00046080 _____ (Adobe Systems) C:\windows\system32\atmlib.dll
2013-10-11 18:37 - 2013-06-06 02:57 - 00025600 _____ (Microsoft Corporation) C:\windows\SysWOW64\lpk.dll
2013-10-11 18:37 - 2013-06-06 02:51 - 00070656 _____ (Microsoft Corporation) C:\windows\SysWOW64\fontsub.dll
2013-10-11 18:37 - 2013-06-06 02:50 - 00010240 _____ (Microsoft Corporation) C:\windows\SysWOW64\dciman32.dll
2013-10-11 18:37 - 2013-06-06 01:30 - 00368128 _____ (Adobe Systems Incorporated) C:\windows\system32\atmfd.dll
2013-10-11 18:37 - 2013-06-06 01:01 - 00295424 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\atmfd.dll
2013-10-11 18:37 - 2013-06-06 01:01 - 00034304 _____ (Adobe Systems) C:\windows\SysWOW64\atmlib.dll
2013-10-11 18:24 - 2013-07-12 08:41 - 00185344 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbvideo.sys
2013-10-11 18:24 - 2013-07-12 08:41 - 00100864 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbcir.sys
2013-10-11 18:22 - 2013-07-03 02:05 - 00076800 _____ (Microsoft Corporation) C:\windows\system32\Drivers\hidclass.sys
2013-10-11 18:22 - 2013-07-03 02:05 - 00032896 _____ (Microsoft Corporation) C:\windows\system32\Drivers\hidparse.sys
2013-10-11 18:16 - 2013-08-27 23:21 - 03155968 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2013-10-11 18:14 - 2013-08-01 10:09 - 00983488 _____ (Microsoft Corporation) C:\windows\system32\Drivers\dxgkrnl.sys
2013-10-11 18:14 - 2013-07-20 08:33 - 00124112 _____ (Microsoft Corporation) C:\windows\system32\PresentationCFFRasterizerNative_v0300.dll
2013-10-11 18:14 - 2013-07-20 08:33 - 00102608 _____ (Microsoft Corporation) C:\windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2013-10-11 18:13 - 2013-08-27 23:12 - 00461312 _____ (Microsoft Corporation) C:\windows\system32\scavengeui.dll
2013-10-11 17:42 - 2013-10-11 17:42 - 00000000 ____D C:\ProgramData\EA Core
2013-10-11 17:37 - 2013-10-11 17:37 - 100567204 _____ C:\windows\SysWOW64\辠ძᵌ©
2013-09-28 14:56 - 2013-09-28 14:56 - 98442955 _____ C:\windows\SysWOW64\縷ॅᵌ`

==================== One Month Modified Files and Folders =======

2013-10-23 01:11 - 2013-10-18 09:59 - 00001070 _____ C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-10-23 01:09 - 2013-10-23 01:09 - 00000000 ____D C:\FRST
2013-10-23 01:08 - 2013-10-23 01:08 - 01954682 _____ (Farbar) C:\Users\Arantxa\Downloads\FRST64.exe
2013-10-23 01:04 - 2012-11-24 15:59 - 00000936 _____ C:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2995853168-2351960583-972482601-1000UA.job
2013-10-23 01:00 - 2011-11-08 20:06 - 01302175 _____ C:\windows\WindowsUpdate.log
2013-10-23 00:56 - 2009-07-14 02:45 - 00016752 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-10-23 00:56 - 2009-07-14 02:45 - 00016752 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-10-23 00:48 - 2013-10-20 14:50 - 00000504 _____ C:\windows\setupact.log
2013-10-23 00:48 - 2013-10-18 09:59 - 00001066 _____ C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-10-23 00:48 - 2012-12-03 21:24 - 00000000 ____D C:\Users\Arantxa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink DVD Suite
2013-10-23 00:48 - 2009-07-14 03:08 - 00000006 ____H C:\windows\Tasks\SA.DAT
2013-10-23 00:44 - 2013-10-23 00:40 - 00000000 ____D C:\AdwCleaner
2013-10-23 00:37 - 2013-10-23 00:37 - 01060070 _____ C:\Users\Arantxa\Downloads\AdwCleaner.exe
2013-10-23 00:32 - 2013-10-20 14:50 - 00005160 _____ C:\windows\PFRO.log
2013-10-22 22:55 - 2013-10-22 22:55 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Arantxa\Downloads\mbam-setup-1.75.0.1300 (1).exe
2013-10-22 22:55 - 2013-10-22 22:55 - 00000000 ____D C:\Users\Arantxa\AppData\Roaming\Malwarebytes
2013-10-22 22:55 - 2013-10-22 22:55 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-10-22 22:55 - 2013-10-22 22:54 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Arantxa\Downloads\mbam-setup-1.75.0.1300.exe
2013-10-22 22:21 - 2012-04-27 22:14 - 00694140 _____ C:\windows\system32\perfh00A.dat
2013-10-22 22:21 - 2012-04-27 22:14 - 00137490 _____ C:\windows\system32\perfc00A.dat
2013-10-22 22:21 - 2009-07-14 03:13 - 01557434 _____ C:\windows\system32\PerfStringBackup.INI
2013-10-22 21:59 - 2013-10-18 19:03 - 00000000 ____D C:\Program Files (x86)\VS Revo Group
2013-10-22 21:37 - 2013-10-22 21:37 - 00000000 ____D C:\ProgramData\Oracle
2013-10-22 21:36 - 2013-10-22 21:35 - 00004744 _____ C:\windows\SysWOW64\jupdate-1.7.0_45-b18.log
2013-10-22 21:36 - 2013-08-06 22:50 - 00000000 ____D C:\Program Files (x86)\Java
2013-10-22 19:20 - 2012-11-24 15:59 - 00000914 _____ C:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2995853168-2351960583-972482601-1000Core.job
2013-10-22 14:53 - 2012-12-22 16:58 - 00000000 ____D C:\Program Files (x86)\IObit
2013-10-22 14:50 - 2013-10-22 14:50 - 00000000 ____D C:\Users\Arantxa\AppData\Roaming\Apple Computer
2013-10-20 14:50 - 2013-10-20 14:50 - 00000000 _____ C:\windows\setuperr.log
2013-10-19 02:30 - 2013-10-19 02:30 - 101890677 _____ C:\windows\SysWOW64\袋ᛴᵌ‹
2013-10-18 19:28 - 2012-11-23 18:02 - 00000000 ____D C:\Users\Arantxa
2013-10-18 19:02 - 2013-10-18 19:02 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Arantxa\Downloads\revosetup.exe
2013-10-18 14:49 - 2013-10-18 14:49 - 00034106 _____ C:\Users\Arantxa\Downloads\74.52.176.75 shetef.htm
2013-10-18 14:49 - 2013-10-18 14:49 - 00000000 ____D C:\Users\Arantxa\Downloads\74.52.176.75 shetef_files
2013-10-18 10:06 - 2013-10-18 09:59 - 00004066 _____ C:\windows\System32\Tasks\GoogleUpdateTaskMachineUA
2013-10-18 10:06 - 2013-10-18 09:59 - 00003814 _____ C:\windows\System32\Tasks\GoogleUpdateTaskMachineCore
2013-10-18 10:03 - 2013-10-18 10:03 - 00002255 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2013-10-18 10:02 - 2013-10-18 10:02 - 00000000 ____D C:\Users\Arantxa\AppData\Local\{D3164B96-0DE0-4E13-9131-4C72E6EBB3AB}
2013-10-18 10:02 - 2012-11-23 18:22 - 00000000 ____D C:\Program Files (x86)\Google
2013-10-18 09:59 - 2012-11-23 18:21 - 00000000 ____D C:\Users\Arantxa\AppData\Local\Deployment
2013-10-18 09:11 - 2013-04-07 00:32 - 00000000 ____D C:\Users\Arantxa\AppData\Roaming\PeaceCraft2
2013-10-18 09:11 - 2013-03-02 22:39 - 00000000 ____D C:\Users\Arantxa\AppData\Roaming\Peace Craft
2013-10-18 09:11 - 2013-02-09 21:33 - 00000000 ____D C:\Users\Arantxa\AppData\Roaming\MP3Rocket
2013-10-18 09:11 - 2013-02-03 21:25 - 00000000 ____D C:\Users\Arantxa\AppData\Roaming\Origin
2013-10-18 09:11 - 2012-12-03 21:35 - 00000000 ____D C:\Users\Arantxa\AppData\Roaming\dvdcss
2013-10-18 09:11 - 2012-11-24 15:15 - 00000000 ____D C:\Users\Arantxa\AppData\Roaming\Skype
2013-10-18 09:11 - 2012-11-24 09:33 - 00000000 ____D C:\Users\Arantxa\AppData\Roaming\SoftGrid Client
2013-10-18 09:11 - 2012-11-24 09:32 - 00000000 ____D C:\windows\System32\Tasks\OfficeSoftwareProtectionPlatform
2013-10-18 09:11 - 2012-11-23 18:02 - 00000000 ___RD C:\Users\Arantxa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2013-10-18 09:11 - 2009-07-14 03:09 - 00000000 ____D C:\windows\System32\Tasks\WPD
2013-10-18 09:11 - 2009-07-14 01:20 - 00000000 __RSD C:\windows\Media
2013-10-18 09:11 - 2009-07-14 01:20 - 00000000 ____D C:\windows\Registration
2013-10-18 09:10 - 2013-10-16 16:07 - 00000000 ____D C:\Users\Arantxa\AppData\Local\aHaskZ3
2013-10-18 09:10 - 2013-06-16 13:11 - 00000000 ____D C:\windows\pss
2013-10-18 09:10 - 2012-12-26 16:12 - 00000000 ____D C:\Users\Arantxa\AppData\Local\Chronicles of Albian
2013-10-18 09:10 - 2012-12-10 20:37 - 00000000 ____D C:\Users\Arantxa\AppData\Local\CrashDumps
2013-10-18 09:10 - 2012-11-26 18:37 - 00000000 ____D C:\Users\Arantxa\AppData\Local\PokerStars.ES
2013-10-18 09:10 - 2012-04-27 22:00 - 00000000 ____D C:\windows\MSetup
2013-10-18 09:10 - 2011-11-08 04:31 - 00000000 ____D C:\windows\tr
2013-10-18 09:10 - 2011-11-08 04:31 - 00000000 ____D C:\windows\th
2013-10-18 09:10 - 2011-11-08 04:31 - 00000000 ____D C:\windows\sv
2013-10-18 09:10 - 2011-11-08 04:31 - 00000000 ____D C:\windows\sr-latn-cs
2013-10-18 09:10 - 2011-11-08 04:31 - 00000000 ____D C:\windows\sl
2013-10-18 09:10 - 2011-11-08 04:30 - 00000000 ____D C:\windows\sk
2013-10-18 09:10 - 2011-11-08 04:30 - 00000000 ____D C:\windows\ru
2013-10-18 09:10 - 2011-11-08 04:30 - 00000000 ____D C:\windows\ro
2013-10-18 09:10 - 2011-11-08 04:30 - 00000000 ____D C:\windows\pl
2013-10-18 09:10 - 2011-11-08 04:23 - 00000000 ____D C:\windows\en
2013-10-18 09:10 - 2011-11-08 04:21 - 00000000 ____D C:\windows\no
2013-10-18 09:10 - 2011-11-08 04:21 - 00000000 ____D C:\windows\nl
2013-10-18 09:10 - 2011-11-08 04:21 - 00000000 ____D C:\windows\lv
2013-10-18 09:10 - 2011-11-08 04:21 - 00000000 ____D C:\windows\lt
2013-10-18 09:10 - 2011-11-08 04:21 - 00000000 ____D C:\windows\ko
2013-10-18 09:10 - 2011-11-08 04:21 - 00000000 ____D C:\windows\it
2013-10-18 09:10 - 2011-11-08 04:21 - 00000000 ____D C:\windows\hu
2013-10-18 09:10 - 2011-11-08 04:21 - 00000000 ____D C:\windows\hr
2013-10-18 09:10 - 2011-11-08 04:21 - 00000000 ____D C:\windows\he
2013-10-18 09:10 - 2011-11-08 04:21 - 00000000 ____D C:\windows\fr
2013-10-18 09:10 - 2011-11-08 04:21 - 00000000 ____D C:\windows\fi
2013-10-18 09:10 - 2011-11-08 04:21 - 00000000 ____D C:\windows\es
2013-10-18 09:10 - 2011-11-08 04:21 - 00000000 ____D C:\windows\el
2013-10-18 09:10 - 2011-11-08 04:21 - 00000000 ____D C:\windows\de
2013-10-18 09:10 - 2011-11-08 04:21 - 00000000 ____D C:\windows\da
2013-10-18 09:10 - 2011-11-08 04:21 - 00000000 ____D C:\windows\cs
2013-10-18 09:10 - 2011-11-08 04:20 - 00000000 ____D C:\windows\bg
2013-10-18 09:10 - 2011-11-08 04:20 - 00000000 ____D C:\windows\ar
2013-10-18 09:10 - 2011-11-08 03:36 - 00000000 ____D C:\ProgramData\WinClon
2013-10-18 09:10 - 2011-02-11 17:56 - 00000000 ____D C:\windows\Sec
2013-10-18 09:10 - 2009-07-14 01:20 - 00000000 __RHD C:\Users\Public\Libraries
2013-10-18 09:10 - 2009-07-14 01:20 - 00000000 ____D C:\windows\SysWOW64\zh-HK
2013-10-18 09:10 - 2009-07-14 01:20 - 00000000 ____D C:\windows\SysWOW64\tr-TR
2013-10-18 09:10 - 2009-07-14 01:20 - 00000000 ____D C:\windows\SysWOW64\sr-Latn-CS
2013-10-18 09:10 - 2009-07-14 01:20 - 00000000 ____D C:\windows\SysWOW64\Recovery
2013-10-18 09:10 - 2009-07-14 01:20 - 00000000 ____D C:\windows\SysWOW64\migwiz
2013-10-18 09:10 - 2009-07-14 01:20 - 00000000 ____D C:\windows\SysWOW64\InstallShield
2013-10-18 09:10 - 2009-07-14 01:20 - 00000000 ____D C:\windows\system32\zh-HK
2013-10-18 09:10 - 2009-07-14 01:20 - 00000000 ____D C:\windows\system32\tr-TR
2013-10-18 09:10 - 2009-07-14 01:20 - 00000000 ____D C:\windows\system32\th-TH
2013-10-18 09:10 - 2009-07-14 01:20 - 00000000 ____D C:\windows\system32\sysprep
2013-10-18 09:10 - 2009-07-14 01:20 - 00000000 ____D C:\windows\system32\sr-Latn-CS
2013-10-18 09:10 - 2009-07-14 01:20 - 00000000 ____D C:\windows\system32\sl-SI
2013-10-18 09:10 - 2009-07-14 01:20 - 00000000 ____D C:\windows\system32\sk-SK
2013-10-18 09:10 - 2009-07-14 01:20 - 00000000 ____D C:\windows\system32\ro-RO
2013-10-18 09:10 - 2009-07-14 01:20 - 00000000 ____D C:\windows\system32\Recovery
2013-10-18 09:10 - 2009-07-14 01:20 - 00000000 ____D C:\windows\system32\oobe
2013-10-18 09:10 - 2009-07-14 01:20 - 00000000 ____D C:\windows\system32\NDF
2013-10-18 09:10 - 2009-07-14 01:20 - 00000000 ____D C:\windows\system32\lv-LV
2013-10-18 09:10 - 2009-07-14 01:20 - 00000000 ____D C:\windows\system32\lt-LT
2013-10-18 09:10 - 2009-07-14 01:20 - 00000000 ____D C:\windows\system32\hr-HR
2013-10-18 09:10 - 2009-07-14 01:20 - 00000000 ____D C:\windows\system32\he-IL
2013-10-18 09:10 - 2009-07-14 01:20 - 00000000 ____D C:\windows\system32\et-EE
2013-10-18 09:10 - 2009-07-14 01:20 - 00000000 ____D C:\windows\system32\bg-BG
2013-10-18 09:10 - 2009-07-14 01:20 - 00000000 ____D C:\windows\system32\ar-SA
2013-10-18 09:10 - 2009-07-14 01:20 - 00000000 ____D C:\windows\PolicyDefinitions
2013-10-18 09:10 - 2009-07-14 01:20 - 00000000 ____D C:\windows\IME
2013-10-18 09:09 - 2013-02-03 21:21 - 00000000 ____D C:\ProgramData\Origin
2013-10-18 09:09 - 2011-11-08 03:40 - 00000000 ____D C:\ProgramData\WildTangent
2013-10-18 09:09 - 2011-11-08 03:25 - 00000000 ____D C:\ProgramData\SAMSUNG
2013-10-18 09:09 - 2011-11-08 03:12 - 00000000 ____D C:\ProgramData\Atheros
2013-10-18 09:09 - 2009-07-14 03:32 - 00000000 ____D C:\Program Files (x86)\Windows Portable Devices
2013-10-18 09:08 - 2013-10-16 15:52 - 00000000 ____D C:\Program Files (x86)\MP3 Rocket
2013-10-18 09:08 - 2013-03-14 10:05 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2013-10-18 09:08 - 2013-02-03 21:21 - 00000000 ____D C:\Program Files (x86)\Origin
2013-10-18 09:08 - 2012-11-26 18:36 - 00000000 ____D C:\Program Files (x86)\PokerStars.ES
2013-10-18 09:08 - 2012-11-24 15:19 - 00000000 ___RD C:\Program Files (x86)\Skype
2013-10-18 09:08 - 2012-11-24 09:32 - 00000000 ____D C:\Program Files (x86)\Microsoft Application Virtualization Client
2013-10-18 09:08 - 2011-11-08 03:40 - 00000000 ____D C:\Program Files (x86)\WildGames
2013-10-18 09:08 - 2011-11-08 03:29 - 00000000 ____D C:\Program Files (x86)\SamsungPrinterLiveUpdate
2013-10-18 09:06 - 2013-10-16 15:30 - 00000000 ____D C:\Program Files (x86)\Baixar Musicas Gratis
2013-10-18 09:06 - 2013-03-14 10:05 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2013-10-18 09:06 - 2012-12-10 21:29 - 00000000 ___HD C:\Program Files (x86)\Avago-HP
2013-10-18 09:06 - 2011-11-08 03:29 - 00000000 ____D C:\Program Files\Samsung AnyWeb Print
2013-10-18 09:06 - 2011-11-08 03:12 - 00000000 ____D C:\Program Files (x86)\Atheros
2013-10-18 09:06 - 2009-07-14 03:32 - 00000000 ____D C:\Program Files\Windows Portable Devices
2013-10-18 07:18 - 2013-10-18 07:18 - 00262144 _____ C:\windows\system32\config\userdiff
2013-10-18 02:53 - 2013-10-18 01:23 - 00000000 ____D C:\$UPGRADE.~OS
2013-10-18 02:13 - 2013-10-18 01:12 - 00001890 _____ C:\windows\diagwrn.xml
2013-10-18 02:13 - 2013-10-18 01:12 - 00001890 _____ C:\windows\diagerr.xml
2013-10-18 01:26 - 2013-10-18 01:26 - 00000002 _____ C:\$UpgDrv$
2013-10-17 22:56 - 2013-02-09 21:35 - 00000000 ____D C:\Users\Arantxa\Incomplete
2013-10-17 22:41 - 2013-10-16 16:08 - 00000820 _____ C:\Users\Arantxa\Documents\musicas cd.txt
2013-10-16 16:10 - 2013-10-16 16:07 - 00089088 _____ (keepvid.com Company) C:\Users\Arantxa\AppData\Local\keepvid.dll
2013-10-16 16:10 - 2013-10-16 16:07 - 00025347 _____ C:\Users\Arantxa\AppData\Local\helper.dat
2013-10-16 16:10 - 2013-10-16 15:30 - 00000282 __RSH C:\Users\Arantxa\ntuser.pol
2013-10-16 16:09 - 2013-10-16 16:09 - 00000000 ____D C:\windows\CD95F661A5C444F5A6AAECDD91C240DB.TMP
2013-10-16 15:54 - 2013-10-16 15:54 - 00000000 ____D C:\Users\Arantxa\.swt
2013-10-16 15:53 - 2013-10-16 15:53 - 00001990 _____ C:\Users\Public\Desktop\MP3 Rocket 6.4.lnk
2013-10-16 15:30 - 2009-07-14 01:20 - 00000000 ___HD C:\windows\system32\GroupPolicy
2013-10-16 15:30 - 2009-07-14 01:20 - 00000000 ____D C:\windows\SysWOW64\GroupPolicy
2013-10-16 15:29 - 2013-10-16 15:29 - 00003150 _____ C:\windows\System32\Tasks\{20606397-0BB4-41CD-8FC4-EC68268455C2}
2013-10-16 15:27 - 2013-10-16 15:27 - 00000000 ____D C:\ProgramData\Baidu Security
2013-10-16 15:27 - 2013-10-16 15:27 - 00000000 ____D C:\Program Files (x86)\Baidu Security
2013-10-16 15:26 - 2013-10-16 14:39 - 00000000 ____D C:\Program Files (x86)\DsNET Corp
2013-10-16 14:34 - 2013-10-15 16:10 - 101406750 _____ C:\windows\SysWOW64\ჳ褑ᵌª
2013-10-14 23:52 - 2013-10-14 23:52 - 44060672 _____ C:\windows\system32\config\COMPONENTS.iobit
2013-10-14 23:52 - 2013-10-14 23:52 - 18059264 _____ C:\windows\system32\config\SYSTEM.iobit
2013-10-14 23:52 - 2013-10-14 23:52 - 00847872 _____ C:\windows\system32\config\DEFAULT.iobit
2013-10-14 23:52 - 2013-10-14 23:52 - 00061440 _____ C:\windows\system32\config\SAM.iobit
2013-10-14 23:52 - 2013-10-14 23:52 - 00024576 _____ C:\windows\system32\config\SECURITY.iobit
2013-10-14 23:52 - 2013-10-14 23:51 - 62136320 _____ C:\windows\system32\config\SOFTWARE.iobit
2013-10-14 23:44 - 2012-12-03 21:33 - 00000000 ____D C:\Program Files (x86)\VideoLAN
2013-10-14 23:42 - 2012-11-26 19:05 - 00000000 ____D C:\Users\Arantxa\AppData\Local\PokerStars
2013-10-14 10:07 - 2009-07-14 01:20 - 00000000 ____D C:\windows\rescache
2013-10-13 20:38 - 2013-06-18 23:08 - 00000132 _____ C:\Users\Arantxa\Documents\credicard.txt
2013-10-13 15:05 - 2013-10-13 02:54 - 100742045 _____ C:\windows\SysWOW64\桑ዏᵌi
2013-10-13 03:14 - 2013-10-13 03:14 - 00343040 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbhub.sys
2013-10-13 03:14 - 2013-10-13 03:14 - 00325120 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbport.sys
2013-10-13 03:14 - 2013-10-13 03:14 - 00099840 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbccgp.sys
2013-10-13 03:14 - 2013-10-13 03:14 - 00052736 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbehci.sys
2013-10-13 03:14 - 2013-10-13 03:14 - 00030720 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbuhci.sys
2013-10-13 03:14 - 2013-10-13 03:14 - 00025600 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbohci.sys
2013-10-13 03:14 - 2013-10-13 03:14 - 00007808 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbd.sys
2013-10-12 11:27 - 2009-07-14 02:45 - 00277128 _____ C:\windows\system32\FNTCACHE.DAT
2013-10-12 04:12 - 2013-08-09 21:39 - 00000000 ____D C:\windows\system32\MRT
2013-10-12 04:07 - 2013-08-06 22:50 - 80541720 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2013-10-11 23:37 - 2013-10-11 23:37 - 100595853 _____ C:\windows\SysWOW64\ὴ코ᵌ)
2013-10-11 20:28 - 2013-02-03 21:25 - 00000000 ____D C:\Users\Arantxa\AppData\Local\Origin
2013-10-11 17:42 - 2013-10-11 17:42 - 00000000 ____D C:\ProgramData\EA Core
2013-10-11 17:37 - 2013-10-11 17:37 - 100567204 _____ C:\windows\SysWOW64\辠ძᵌ©
2013-10-08 07:50 - 2013-10-22 21:36 - 00096168 _____ (Oracle Corporation) C:\windows\SysWOW64\WindowsAccessBridge-32.dll
2013-10-08 07:46 - 2013-10-22 21:36 - 00264616 _____ (Oracle Corporation) C:\windows\SysWOW64\javaws.exe
2013-10-08 07:46 - 2013-10-22 21:36 - 00175016 _____ (Oracle Corporation) C:\windows\SysWOW64\javaw.exe
2013-10-08 07:46 - 2013-10-22 21:36 - 00174504 _____ (Oracle Corporation) C:\windows\SysWOW64\java.exe
2013-10-02 23:49 - 2013-06-29 21:29 - 00000184 _____ C:\Users\Arantxa\Documents\SENHA DE ABERTURA DA FATURA CREDIC.txt
2013-09-28 14:56 - 2013-09-28 14:56 - 98442955 _____ C:\windows\SysWOW64\縷ॅᵌ`
2013-09-27 19:54 - 2012-12-26 14:57 - 00000000 ____D C:\Program Files (x86)\WildTangent Games

Some content of TEMP:
====================
C:\Users\Arantxa\AppData\Local\Temp\MusicCodecPack__3465_il4.exe
C:\Users\Arantxa\AppData\Local\Temp\Quarantine.exe

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

==================== BCD ================================

Administrador de arranque de Windows
----------------------------------
Identificador {bootmgr}
device partition=\Device\HarddiskVolume1
description Windows Boot Manager
locale es-ES
inherit {globalsettings}
default {current}
resumeobject {5bc522fa-90c5-11e1-889b-e8113260f8f7}
displayorder {current}
toolsdisplayorder {memdiag}
timeout 30

Cargador de arranque de Windows
-----------------------------
Identificador {current}
device partition=C:
path \windows\system32\winload.exe
description Windows 7
locale es-ES
inherit {bootloadersettings}
recoverysequence {747c290b-35a8-11e2-9067-50b7c33b0390}
recoveryenabled Yes
osdevice partition=C:
systemroot \windows
resumeobject {5bc522fa-90c5-11e1-889b-e8113260f8f7}
nx OptIn

Cargador de arranque de Windows
-----------------------------
Identificador {747c290b-35a8-11e2-9067-50b7c33b0390}
device ramdisk=[C:]\Recovery\747c290b-35a8-11e2-9067-50b7c33b0390\Winre.wim,{747c290c-35a8-11e2-9067-50b7c33b0390}
path \windows\system32\winload.exe
description Windows Recovery Environment
inherit {bootloadersettings}
osdevice ramdisk=[C:]\Recovery\747c290b-35a8-11e2-9067-50b7c33b0390\Winre.wim,{747c290c-35a8-11e2-9067-50b7c33b0390}
systemroot \windows
nx OptIn
winpe Yes

Reanudar tras hibernaci¢n
-------------------------
Identificador {5bc522fa-90c5-11e1-889b-e8113260f8f7}
device partition=C:
path \windows\system32\winresume.exe
description Windows Resume Application
locale es-ES
inherit {resumeloadersettings}
filedevice partition=C:
filepath \hiberfil.sys
debugoptionenabled No

Herramienta de comprobaci¢n de memoria de Windows
-------------------------------------------------
Identificador {memdiag}
device partition=\Device\HarddiskVolume1
path \boot\memtest.exe
description Windows Memory Diagnostic
locale es-ES
inherit {globalsettings}
badmemoryaccess Yes

Configuraci¢n de EMS
--------------------
Identificador {emssettings}
bootems Yes

Configuraci¢n del depurador
---------------------------
Identificador {dbgsettings}
debugtype Serial
debugport 1
baudrate 115200

Defectos de RAM
---------------
Identificador {badmemory}

Configuraci¢n global
--------------------
Identificador {globalsettings}
inherit {dbgsettings}
{emssettings}
{badmemory}

Configuraci¢n del cargador de arranque
------------------------------------
Identificador {bootloadersettings}
inherit {globalsettings}
{hypervisorsettings}

Configuraci¢n de hipervisor
-------------------
Identificador {hypervisorsettings}
hypervisordebugtype Serial
hypervisordebugport 1
hypervisorbaudrate 115200

Reanudar la configuraci¢n del cargador
--------------------------------------
Identificador {resumeloadersettings}
inherit {globalsettings}

Opciones de dispositivo
-----------------------
Identificador {747c290c-35a8-11e2-9067-50b7c33b0390}
description Ramdisk Options
ramdisksdidevice partition=C:
ramdisksdipath \Recovery\747c290b-35a8-11e2-9067-50b7c33b0390\boot.sdi

LastRegBack: 2013-10-21 23:40

==================== End Of Log ============================

por paoladaniellepereira Qua 23 Out 2013, 01:35

por Wings [In Memoriam] Qua 23 Out 2013, 01:38

Baixe o arquivo fixlist.txt e salve-o no mesmo local onde encontra-se o FRST

*Clique com o botão direito do mouse no FRST e selecione [Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]

*Clique [Fix] e cole o relatório Fixlog.txt apresentado

Shetef Solutions & Consulting 1998 LTD 772309

Reinicie o PC

O arquivo fixlist.txt criado é para uso exclusivo deste usuário e não deve ser utilizado em outro PC!

por paoladaniellepereira Qua 23 Out 2013, 01:50

por Wings [In Memoriam] Qua 23 Out 2013, 01:52

Onde está o relatório que solicitei?

Vc fez o procedimento conforme escrevi?

Tá difícil!!

Cada solicitação tenho que advertir.

por paoladaniellepereira Qua 23 Out 2013, 02:03

Segue o relatório..

por Wings [In Memoriam] Qua 23 Out 2013, 02:05

Reinicie o PC e informe.

por paoladaniellepereira Qua 23 Out 2013, 02:27

Valeu mesmo, vc é um Einstein...rsrsrs....até agora não apareceu mais nada!!!

Obrigada pelas informações e tbm pela paciência...hehehe.....estou muito agradecida mesmo...ganhei a noite!!!rsrsrsrs

:rindo_atoa:
Shetef Solutions & Consulting 1998 LTD 204478

Shetef Solutions & Consulting 1998 LTD 204478

por Wings [In Memoriam] Sex 01 Nov 2013, 18:35

CASO RESOLVIDO

Caso o(a) autor(a) do tópico necessite, o mesmo será reaberto, para isso deverá entrar em contato com um dos membros da [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] solicitando o desbloqueio.

por Conteúdo patrocinado

Shetef Solutions & Consulting 1998 LTD

Shetef Solutions & Consulting 1998 LTD

Re: Shetef Solutions & Consulting 1998 LTD

Re: Shetef Solutions & Consulting 1998 LTD

Re: Shetef Solutions & Consulting 1998 LTD

Re: Shetef Solutions & Consulting 1998 LTD

Re: Shetef Solutions & Consulting 1998 LTD

ok

Re: Shetef Solutions & Consulting 1998 LTD

O relatorio que me aparece é esse...não sei se esta correto, ele aparece assim que terminar a analise...

Re: Shetef Solutions & Consulting 1998 LTD

Re: Shetef Solutions & Consulting 1998 LTD

Esta correto esse relatorio q eu t enviei?

Re: Shetef Solutions & Consulting 1998 LTD

Ja cliquei no link q vc enviou e reiniciei o pc, mas continua aparecendo o pop up!

Re: Shetef Solutions & Consulting 1998 LTD

Nem me fale em dificil, eu não entendo nada de pc a não ser navegar na net e um pouco mais...desculpa qualquer coisa!!

Re: Shetef Solutions & Consulting 1998 LTD

Muitooooooooo Obrigadaaa!!

Re: Shetef Solutions & Consulting 1998 LTD

Re: Shetef Solutions & Consulting 1998 LTD

Seg	Ter	Qua	Qui	Sex	Sáb	Dom
		1	2	3	4	5
6	7	8	9	10	11	12
13	14	15	16	17	18	19
20	21	22	23	24	25	26
27	28	29	30	31