Malware - basss.no-ip.info:82/is-ready

[luismfv]

Hi,

After plugged in a pendrive of a friend of mine in my computer, my antivirus (Avast) started to pop up a messagem saying that a malicious link was blocked. This happens every 20 seconds.

 

 

 

This happens everytime that I have my 3G pendrive plugged in and connected in the web.

I've already runned Malwarebytes, but the problem wasn't solved.


I've already executed Hijackthis and this is the log:

 

Logfile of Trend Micro HijackThis v2.0.5
Scan saved at 14:51:54, on 21/10/2013
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v10.0 (10.00.9200.16537)




Boot mode: Normal


Running processes:
C:\Program Files (x86)\ASUS\Splendid\ColorUService.exe
C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x86\QuickGesture.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
C:\Program Files (x86)\Optimus Kanguru\UIExec.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Windows\SysWOW64\ctfmon.exe
C:\Program Files (x86)\Optimus Kanguru\UIMain.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\Daniela Vasques\Downloads\HijackThis.exe
C:\Windows\SysWOW64\DllHost.exe


R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://start.qone8.c....1A13A5455A5455
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://start.qone8.c....1A13A5455A5455
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://start.qone8.c....1A13A5455A5455
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [ASUSPRP] "C:\Program Files (x86)\ASUS\APRP\APRP.EXE"
O4 - HKLM\..\Run: [ASUSWebStorage] C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.10.123\AsusWSPanel.exe /S
O4 - HKLM\..\Run: [RemoteControl10] "C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe"
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [uIExec] "C:\Program Files (x86)\Optimus Kanguru\UIExec.exe"
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [sDTray] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"
O4 - HKCU\..\Run: [skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [Facebook Update] "C:\Users\Daniela Vasques\AppData\Local\Facebook\Update\FacebookUpda te.exe" /c /nocrashserver
O4 - HKCU\..\Run: [spotify Web Helper] "C:\Users\Daniela Vasques\AppData\Roaming\Spotify\Data\SpotifyWebHel per.exe"
O4 - HKCU\..\Run: [spotify] "C:\Users\Daniela Vasques\AppData\Roaming\Spotify\spotify.exe" /uri spotify:autostart
O4 - HKCU\..\Run: [mugen] wscript.exe //B "C:\Users\DANIEL~1\AppData\Local\Temp\mugen.vb s"
O4 - Startup: mugen.vbs


O9 - Extra button: Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O17 - HKLM\System\CCS\Services\Tcpip\..\{23CD0ECD-0834-409B-9200-ADE871099DC3}: NameServer = 62.169.67.172 62.169.67.171
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O20 - Winlogon Notify: SDWinLogon - SDWinLogon.dll (file missing)
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: ASLDR Service (ASLDRService) - ASUSTek Computer Inc. - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
O23 - Service: ASUS InstantOn Service (ASUS InstantOn) - ASUS - C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Serviço de Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Intel® Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @oem17.inf,%WIN32_DPTF_PARTICIPANT_PROC_SERVICE_DI SPLAY_NAME%;Intel® Dynamic Platform and Thermal Framework Processor Participant Service Application (DptfParticipantProcessorService) - Unknown owner - C:\Windows\system32\DptfParticipantProcessorServic e.exe (file missing)
O23 - Service: @oem17.inf,%WIN32_DPTF_POLICY_CONFIGTDP_SERVICE_DI SPLAY_NAME%;Intel® Dynamic Platform and Thermal Framework Config TDP Service Application (DptfPolicyConfigTDPService) - Unknown owner - C:\Windows\system32\DptfPolicyConfigTDPService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Serviço Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Serviço Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel® Capability Licensing Service Interface - Intel® Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel® ME Service - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe
O23 - Service: Serviço iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Intel® Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: McAfee OOBE Service2 (McOobeSv2) - McAfee, Inc. - C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe
O23 - Service: McAfee Platform Services (mcpltsvc) - McAfee, Inc. - C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe
O23 - Service: McAfee PC Task Scheduler Service (McSchedulerSvc) - McAfee, Inc. - C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Spybot-S&D 2 Scanner Service (SDScannerService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
O23 - Service: Spybot-S&D 2 Updating Service (SDUpdateService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
O23 - Service: Spybot-S&D 2 Security Center Service (SDWSCService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: UI Assistant Service - Unknown owner - C:\Program Files (x86)\Optimus Kanguru\AssistantServices.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel® Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe(file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)


--
End of file - 13493 bytes
 

 

 

 

This is the attach file:

 

.

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

.

DDS (Ver_2012-11-20.01)

.

Microsoft Windows 8

Boot Device: \Device\HarddiskVolume1

Install Date: 17/07/2013 17:27:30

System Uptime: 21/10/2013 13:34:24 (3 hours ago)

.

Motherboard: ASUSTeK COMPUTER INC. |  | K56CB

Processor: Intel® Core i3-3217U CPU @ 1.80GHz | SOCKET 0 | 1801/100mhz

.

==== Disk Partitions =========================

.

C: is FIXED (NTFS) - 186 GiB total, 96,211 GiB free.

D: is FIXED (NTFS) - 258 GiB total, 253,061 GiB free.

E: is CDROM ()

F: is Removable

.

==== Disabled Device Manager Items =============

.

==== System Restore Points ===================

.

RP20: 21/10/2013 14:39:23 - ComboFix created restore point

.

==== Installed Programs ======================

.

?????? ???????

???????? ?????????? Windows Live

??????????

?????????? (????????????? ??????)

Actualização do Microsoft Office Excel 2007 Help (KB963678)

Actualização do Microsoft Office Powerpoint 2007 Help (KB963669)

Actualização do Microsoft Office Word 2007 Help (KB963665)

Adobe Reader XI (11.0.05) - Português

Apple Mobile Device Support

Apple Software Update

ASUS Instant Connect

ASUS InstantOn

ASUS LifeFrame3

ASUS Live Update

ASUS Power4Gear Hybrid

ASUS Screen Saver

ASUS Smart Gesture

ASUS Splendid Video Enhancement Technology

ASUS Tutor

ASUS USB Charger Plus

ASUS WebStorage Sync Agent

ASUSDVD

ATK Package

µTorrent

avast! Free Antivirus

Bonjour

CCleaner

D3DX10

Default

Desinstalar Impressora EPSON SX218 Series

EPSON Printer Software

EPSON Scan

EPSON SX218 Series Manual

Facebook Video Calling 1.2.0.287

Galeria de Fotografias

Galería de fotos

Google Chrome

Google Update Helper

iCloud

Intel® Dynamic Platform and Thermal Framework

Intel® Management Engine Components

Intel® Processor Graphics

Intel® SDK for OpenCL - CPU Only Runtime Package

Intel® Trusted Connect Service Client

iTunes

Java 7 Update 45

Java Auto Updater

K-Lite Codec Pack 10.0.5 Standard

League of Legends

Malwarebytes Anti-Malware versão 1.75.0.1300

Microsoft Application Error Reporting

Microsoft Office 2007 Service Pack 3 (SP3)

Microsoft Office Access MUI (Portuguese (Portugal)) 2007

Microsoft Office Enterprise 2007

Microsoft Office Excel MUI (Portuguese (Portugal)) 2007

Microsoft Office File Validation Add-In

Microsoft Office Groove MUI (Portuguese (Portugal)) 2007

Microsoft Office InfoPath MUI (Portuguese (Portugal)) 2007

Microsoft Office Office 64-bit Components 2007

Microsoft Office OneNote MUI (Portuguese (Portugal)) 2007

Microsoft Office Outlook MUI (Portuguese (Portugal)) 2007

Microsoft Office PowerPoint MUI (Portuguese (Portugal)) 2007

Microsoft Office Proof (English) 2007

Microsoft Office Proof (French) 2007

Microsoft Office Proof (Portuguese (Portugal)) 2007

Microsoft Office Proof (Spanish) 2007

Microsoft Office Proofing (Portuguese (Portugal)) 2007

Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)

Microsoft Office Publisher MUI (Portuguese (Portugal)) 2007

Microsoft Office Shared 64-bit MUI (Portuguese (Portugal)) 2007

Microsoft Office Shared MUI (Portuguese (Portugal)) 2007

Microsoft Office Word MUI (Portuguese (Portugal)) 2007

Microsoft Silverlight

Microsoft SkyDrive

Microsoft SQL Server 2005 Compact Edition [ENU]

Microsoft Visual C++ 2005 Redistributable

Microsoft Visual C++ 2005 Redistributable (x64)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219

Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219

Moveslink2

Movie Maker

MSVCRT

MSVCRT110

MSVCRT110_amd64

MyBitCast 2.0

NVIDIA Controlador gráfico 311.44

NVIDIA HD Audio Driver 1.3.18.0

NVIDIA Install Application

NVIDIA Optimus 1.11.3

NVIDIA PhysX

NVIDIA PhysX System Software 9.12.1031

NVIDIA Update 1.11.3

NVIDIA Update Components

Optimus Kanguru

Painel de controlo da NVIDIA 311.44

Pando Media Booster

Photo Common

Photo Gallery

Picasa 3

Qualcomm Atheros Client Installation Program

QuickTime

RaidCall

Realtek Ethernet Controller Driver

Realtek High Definition Audio Driver

Realtek PCIE Card Reader

S?????? f?t???af???

Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition 

Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition 

Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596825) 32-Bit Edition 

Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2597973) 32-Bit Edition 

Security Update for Microsoft Office 2007 suites (KB2687309) 32-Bit Edition 

Security Update for Microsoft Office 2007 suites (KB2687439) 32-Bit Edition 

Security Update for Microsoft Office 2007 suites (KB2760411) 32-Bit Edition 

Security Update for Microsoft Office 2007 suites (KB2760585) 32-Bit Edition 

Security Update for Microsoft Office 2007 suites (KB2760591) 32-Bit Edition 

Security Update for Microsoft Office 2007 suites (KB2827326) 32-Bit Edition 

Security Update for Microsoft Office 2007 suites (KB2827329) 32-Bit Edition 

Security Update for Microsoft Office Excel 2007 (KB2827324) 32-Bit Edition 

Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition 

Security Update for Microsoft Office Outlook 2007 (KB2825999) 32-Bit Edition 

Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition

Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition

Security Update for Microsoft Office Publisher 2007 (KB2597971) 32-Bit Edition 

Security Update for Microsoft Office Word 2007 (KB2827330) 32-Bit Edition 

Shared C Run-time for x64

Skype™ 6.6

Songr

Spotify

Spybot - Search & Destroy

Suporte para Aplicações Apple

TeamSpeak 3 Client

Update for 2007 Microsoft Office System (KB967642)

Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition

Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition

Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition

Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition

Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition

Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2827325) 32-Bit Edition

Visual Studio C++ 10.0 Runtime

VLC media player 2.1.0

Windows Driver Package - ASUS (ATP) Mouse  (01/10/2013 1.0.0.170)

Windows Live Communications Platform

Windows Live Essentials

Windows Live Installer

Windows Live Photo Common

Windows Live PIMT Platform

Windows Live SOXE

Windows Live SOXE Definitions

Windows Live UX Platform

Windows Live UX Platform Language Pack

WinFlash

WinRAR 5.00 (64-bit)

.

==== End Of File ===========================

 

 

 

And this is de dds file:

 

 

DDS (Ver_2012-11-20.01) - NTFS_AMD64 

Internet Explorer: 10.0.9200.16537  BrowserJavaVersion: 10.45.2

Run by Daniela Vasques at 16:01:53 on 2013-10-21

Microsoft Windows 8  6.2.9200.0.1252.351.2070.18.3982.1637 [GMT 1:00]

.

AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}

AV: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

SP: Spybot - Search and Destroy *Enabled/Updated* {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}

.

============== Running Processes ===============

.

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\system32\nvvsvc.exe

C:\Windows\system32\svchost.exe -k RPCSS

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\dwm.exe

C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe

C:\Windows\system32\nvvsvc.exe

C:\Windows\system32\svchost.exe -k NetworkService

C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe

C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe

C:\Program Files\AVAST Software\Avast\AvastSvc.exe

C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe

C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe

C:\Windows\System32\spoolsv.exe

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Windows\system32\taskhostex.exe

C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

C:\Program Files\ASUS\P4G\BatteryLife.exe

C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe

C:\Program Files\Bonjour\mDNSResponder.exe

C:\Windows\system32\dashost.exe

C:\Windows\system32\DptfParticipantProcessorService.exe

C:\Program Files (x86)\ASUS\Splendid\ColorUService.exe

C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe

C:\Program Files (x86)\ASUS\Splendid\ACMON.exe

C:\Windows\system32\DptfPolicyConfigTDPService.exe

C:\Program Files\Intel\iCLS Client\HeciServer.exe

C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnWMI.exe

C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe

C:\Program Files (x86)\Google\Update\1.3.21.165\GoogleCrashHandler.exe

C:\Program Files (x86)\Google\Update\1.3.21.165\GoogleCrashHandler64.exe

C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe

C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe

C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x64\QuickGesture64.exe

C:\Windows\system32\igfxpers.exe

C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x86\QuickGesture.exe

C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe

C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe

C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe

C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe

C:\Windows\system32\svchost.exe -k imgsvc

C:\Program Files (x86)\Optimus Kanguru\AssistantServices.exe

C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe

C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe

C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe

C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe

C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Windows\system32\SearchIndexer.exe

C:\Windows\System32\hkcmd.exe

C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe

C:\Windows\System32\wscript.exe

C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe

C:\Program Files (x86)\Optimus Kanguru\UIExec.exe

C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

C:\Program Files\Common Files\mcafee\Platform\McUICnt.exe

C:\Program Files\AVAST Software\Avast\AvastUI.exe

C:\Program Files (x86)\iTunes\iTunesHelper.exe

C:\Program Files\iPod\bin\iPodService.exe

C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe

C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe

C:\Program Files\Windows Media Player\wmpnetwk.exe

C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

C:\Program Files\NVIDIA Corporation\Display\nvtray.exe

C:\Windows\SysWOW64\ctfmon.exe

C:\Windows\System32\rundll32.exe

C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe

C:\Windows\explorer.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Windows Media Player\wmplayer.exe

C:\Program Files (x86)\Microsoft Office\Office12\WINWORD.EXE

C:\Program Files (x86)\Microsoft Office\Office12\WINWORD.EXE

C:\Windows\splwow64.exe

C:\Users\Daniela Vasques\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Windows\System32\WUDFHost.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Windows\system32\mmc.exe

C:\Windows\System32\vds.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Windows\system32\SearchProtocolHost.exe

C:\Windows\system32\SearchFilterHost.exe

C:\Windows\System32\cscript.exe

.

============== Pseudo HJT Report ===============

.

BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll

BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll

BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll

BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll

TB: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll

uRun: [skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun

uRun: [Facebook Update] "C:\Users\Daniela Vasques\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver

uRun: [spotify Web Helper] "C:\Users\Daniela Vasques\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"

uRun: [spotify] "C:\Users\Daniela Vasques\AppData\Roaming\Spotify\spotify.exe" /uri spotify:autostart

uRun: [mugen] wscript.exe //B "C:\Users\DANIEL~1\AppData\Local\Temp\mugen.vbs"

uRun: [spybot-S&D Cleaning] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe" /autoclean

mRun: [ASUSPRP] "C:\Program Files (x86)\ASUS\APRP\APRP.EXE"

mRun: [ASUSWebStorage] C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.10.123\AsusWSPanel.exe /S

mRun: [RemoteControl10] "C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe"

mRun: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"

mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

mRun: [uIExec] "C:\Program Files (x86)\Optimus Kanguru\UIExec.exe"

mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"

mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

mRun: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui

mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime

mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"

mRun: [sDTray] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"

StartupFolder: C:\Users\Daniela Vasques\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\mugen.vbs

uPolicies-Explorer: NoDrives = dword:0

mPolicies-Explorer: NoDrives = dword:0

IE: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr/200

IE: E&xportar para o Microsoft Excel - C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000

IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll

IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}

TCP: Interfaces\{2266CB6A-2CA8-4ACD-A23B-86E331EB6D90}\943534053594F50533D20313 : DHCPNameServer = 192.168.31.1

TCP: Interfaces\{863BA814-C8E6-437D-B8A3-FB2D2C74E270} : DHCPNameServer = 192.168.1.1

Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll

Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll

Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

Notify: SDWinLogon - SDWinLogon.dll

SSODL: WebCheck - <orphaned>

SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll

mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.101\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome

mASetup: {A6EADE66-0000-0000-484E-7E8A45000000} - "C:\Windows\SysWOW64\Rundll32.exe" "C:\Program Files (x86)\Adobe\Reader 11.0\Esl\AiodLite.dll",CreateReaderUserSettings

x64-BHO: avast! Online Security: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll

x64-TB: avast! Online Security: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll

x64-Run: [igfxTray] C:\Windows\System32\igfxtray.exe

x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe

x64-Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s

x64-Run: [EPSON Stylus DX4800 Series] C:\Windows\System32\spool\DRIVERS\x64\3\E_FATIADE.EXE /F "C:\Windows\TEMP\E_S3F92.tmp" /EF "HKLM"

x64-Run: [EPSON Stylus DX4800 Series (cópia 1)] C:\Windows\System32\spool\DRIVERS\x64\3\E_FATIADE.EXE /F "C:\Windows\TEMP\E_S3F64.tmp" /EF "HKLM"

x64-mPolicies-Explorer: NoDrives = dword:0

x64-Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - <orphaned>

x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>

x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>

x64-Notify: igfxcui - igfxdev.dll

x64-SSODL: WebCheck - <orphaned>

.

============= SERVICES / DRIVERS ===============

.

R0 aswRvrt;aswRvrt;C:\Windows\System32\Drivers\aswRvrt.sys [2013-9-29 65336]

R0 aswVmm;aswVmm;C:\Windows\System32\Drivers\aswVmm.sys [2013-9-29 204880]

R0 iaStorA;iaStorA;C:\Windows\System32\Drivers\iaStorA.sys [2012-7-5 652344]

R0 nvpciflt;nvpciflt;C:\Windows\System32\Drivers\nvpciflt.sys [2013-4-8 30496]

R1 aswSnx;aswSnx;C:\Windows\System32\Drivers\aswSnx.sys [2013-9-29 1030952]

R1 aswSP;aswSP;C:\Windows\System32\Drivers\aswSP.sys [2013-9-29 378944]

R1 ATKWMIACPIIO;ATKWMIACPI Driver;C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [2011-9-7 17536]

R2 ASMMAP64;ASMMAP64;C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-7-2 15416]

R2 ASUS InstantOn;ASUS InstantOn Service;C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe [2012-4-13 277120]

R2 aswFsBlk;aswFsBlk;C:\Windows\System32\Drivers\aswFsBlk.sys [2013-9-29 33400]

R2 aswMonFlt;aswMonFlt;C:\Windows\System32\Drivers\aswMonFlt.sys [2013-9-29 80816]

R2 avast! Antivirus;avast! Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2013-9-29 46808]

R2 DptfParticipantProcessorService;Intel® Dynamic Platform and Thermal Framework Processor Participant Service Application;C:\Windows\System32\DptfParticipantProcessorService.exe [2013-1-29 31632]

R2 DptfPolicyConfigTDPService;Intel® Dynamic Platform and Thermal Framework Config TDP Service Application;C:\Windows\System32\DptfPolicyConfigTDPService.exe [2013-1-29 33168]

R2 Intel® Capability Licensing Service Interface;Intel® Capability Licensing Service Interface;C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-4-20 635104]

R2 Intel® ME Service;Intel® ME Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe [2013-4-19 129856]

R2 jhi_service;Intel® Dynamic Application Loader Host Interface Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe [2013-4-19 166720]

R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-10-21 418376]

R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2013-10-21 701512]

R2 McOobeSv2;McAfee OOBE Service2;C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [2013-4-19 328928]

R2 mcpltsvc;McAfee Platform Services;C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [2013-4-19 328928]

R2 McSchedulerSvc;McAfee PC Task Scheduler Service;C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [2013-4-19 328928]

R2 SDScannerService;Spybot-S&D 2 Scanner Service;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [2013-10-21 3921880]

R2 SDUpdateService;Spybot-S&D 2 Updating Service;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2013-10-21 1042272]

R2 SDWSCService;Spybot-S&D 2 Security Center Service;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [2013-10-21 171416]

R2 UI Assistant Service;UI Assistant Service;C:\Program Files (x86)\Optimus Kanguru\AssistantServices.exe [2013-8-30 274760]

R2 UNS;Intel® Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2013-4-19 365376]

R3 AiCharger;ASUS Charger Driver;C:\Windows\System32\Drivers\AiCharger.sys [2012-9-18 17152]

R3 ATP;ASUS Input Device;C:\Windows\System32\Drivers\AsusTP.sys [2013-1-16 65784]

R3 DptfDevDram;DptfDevDram;C:\Windows\System32\Drivers\DptfDevDram.sys [2013-1-29 107920]

R3 DptfDevFan;DptfDevFan;C:\Windows\System32\Drivers\DptfDevFan.sys [2013-1-29 43408]

R3 DptfDevGen;DptfDevGen;C:\Windows\System32\Drivers\DptfDevGen.sys [2013-1-29 65424]

R3 DptfDevProc;DptfDevProc;C:\Windows\System32\Drivers\DptfDevProc.sys [2013-1-29 229776]

R3 DptfManager;DptfManager;C:\Windows\System32\Drivers\DptfManager.sys [2013-1-29 363920]

R3 HIDSwitch;ASUS Wireless Radio Control;C:\Windows\System32\Drivers\AsHIDSwitch64.sys [2013-10-9 20280]

R3 IntcDAud;Áudio do Monitor Intel®;C:\Windows\System32\Drivers\IntcDAud.sys [2013-1-29 342528]

R3 MBAMProtector;MBAMProtector;C:\Windows\System32\Drivers\mbam.sys [2013-10-21 25928]

R3 RSBASTOR;Realtek PCIE CardReader Driver - BA;C:\Windows\System32\Drivers\RtsBaStor.sys [2013-4-19 294544]

R3 RTL8168;Realtek 8168 NT Driver;C:\Windows\System32\Drivers\Rt630x64.sys [2013-4-19 690832]

R3 WUDFWpdMtp;WUDFWpdMtp;C:\Windows\System32\Drivers\WUDFRd.sys [2012-7-26 198656]

R3 zte_cdc_acm;ZTE All CDC-ACM driver;C:\Windows\System32\Drivers\zte_cdc_acm.sys [2012-3-23 79872]

S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-6-21 162408]

S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\Drivers\usbaapl64.sys [2012-12-13 54784]

S3 zte_wcpo;ZTE All Install (WCPO);C:\Windows\System32\Drivers\zte_wcpo.sys [2012-3-23 10752]

.

=============== Created Last 30 ================

.

2013-10-21 13:40:23 -------- d-sh--w- C:\$RECYCLE.BIN

2013-10-21 09:13:23 -------- d-----w- C:\Users\Daniela Vasques\AppData\Local\cache

2013-10-21 09:13:21 -------- d-----w- C:\Users\Daniela Vasques\AppData\Local\Mobogenie

2013-10-21 09:12:22 -------- d-----w- C:\Program Files (x86)\Mobogenie

2013-10-21 00:21:38 21040 ----a-w- C:\Windows\System32\sdnclean64.exe

2013-10-21 00:21:35 -------- d-----w- C:\ProgramData\Spybot - Search & Destroy

2013-10-21 00:21:21 -------- d-----w- C:\Program Files (x86)\Spybot - Search & Destroy 2

2013-10-21 00:19:15 -------- d-----w- C:\Users\Daniela Vasques\AppData\Roaming\Malwarebytes

2013-10-21 00:19:05 -------- d-----w- C:\ProgramData\Malwarebytes

2013-10-21 00:19:03 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys

2013-10-21 00:19:02 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware

2013-10-20 17:22:55 20992 --sha-w- C:\Users\Daniela Vasques\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\mugen.vbs

2013-10-20 12:06:21 -------- d-----w- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69

2013-10-20 12:06:21 -------- d-----w- C:\Program Files\iTunes

2013-10-20 12:06:21 -------- d-----w- C:\Program Files\iPod

2013-10-20 12:06:21 -------- d-----w- C:\Program Files (x86)\iTunes

2013-10-20 11:59:44 159744 ----a-w- C:\Program Files\Internet Explorer\Plugins\npqtplugin5.dll

2013-10-20 11:59:44 159744 ----a-w- C:\Program Files\Internet Explorer\Plugins\npqtplugin4.dll

2013-10-20 11:59:44 159744 ----a-w- C:\Program Files\Internet Explorer\Plugins\npqtplugin3.dll

2013-10-20 11:59:44 159744 ----a-w- C:\Program Files\Internet Explorer\Plugins\npqtplugin2.dll

2013-10-20 11:59:44 159744 ----a-w- C:\Program Files\Internet Explorer\Plugins\npqtplugin.dll

2013-10-18 20:37:03 -------- d-----w- C:\Users\Daniela Vasques\AppData\Roaming\TS3Client

2013-10-18 20:35:09 -------- d-----w- C:\Program Files (x86)\TeamSpeak 3 Client

2013-10-17 22:13:46 96168 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll

2013-10-15 13:57:43 290992 ----a-w- C:\ProgramData\Microsoft\Windows\Sqm\Manifest\Sqm10221.bin

2013-10-12 14:35:31 -------- d-----w- C:\Program Files (x86)\RaidCall

2013-10-09 08:52:16 20280 ----a-w- C:\Windows\System32\drivers\AsHIDSwitch64.sys

2013-10-08 21:38:26 -------- d-----w- C:\Users\Daniela Vasques\AppData\Local\Spotify

2013-10-08 21:37:24 -------- d-----w- C:\Users\Daniela Vasques\AppData\Roaming\Spotify

2013-10-08 21:01:31 79192 ----a-w- C:\Windows\System32\drivers\usbehci.sys

2013-10-07 16:04:51 464384 ----a-w- C:\Windows\System32\esxw2ud.dll

2013-10-07 16:04:51 17408 ----a-w- C:\Windows\System32\esxcdev.dll

2013-10-07 16:04:51 128392 ----a-w- C:\Windows\System32\esdevapp.exe

2013-10-07 09:02:32 -------- d-----w- C:\Program Files\Common Files\EPSON

2013-10-07 09:01:28 10752 ----a-w- C:\Windows\System32\E_GCINST.DLL

2013-10-07 09:01:25 118784 ----a-w- C:\Windows\System32\E_ILMGDE.DLL

2013-10-07 09:01:24 88064 ----a-w- C:\Windows\System32\E_IBCBGDE.DLL

2013-10-04 23:37:28 256088 ----a-w- C:\Windows\System32\unrar64.dll

2013-10-04 23:37:26 217176 ----a-w- C:\Windows\SysWow64\unrar.dll

2013-10-04 23:37:10 -------- d-----w- C:\Program Files (x86)\K-Lite Codec Pack

2013-09-29 15:04:36 72016 ----a-w- C:\Windows\System32\drivers\aswRdr2.sys

2013-09-29 15:04:26 65336 ----a-w- C:\Windows\System32\drivers\aswRvrt.sys

2013-09-29 15:04:26 204880 ----a-w- C:\Windows\System32\drivers\aswVmm.sys

2013-09-29 15:04:26 1030952 ----a-w- C:\Windows\System32\drivers\aswSnx.sys

2013-09-29 15:04:25 80816 ----a-w- C:\Windows\System32\drivers\aswMonFlt.sys

2013-09-29 15:03:03 41664 ----a-w- C:\Windows\avastSS.scr

2013-09-29 15:01:58 -------- d-----w- C:\Program Files\AVAST Software

2013-09-29 15:00:57 -------- d-----w- C:\ProgramData\AVAST Software

2013-09-29 14:39:59 9694160 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{96098893-C2A1-40C3-A18F-6B79D2EFE33F}\mpengine.dll

2013-09-29 14:39:48 278800 ------w- C:\Windows\System32\MpSigStub.exe

.

==================== Find3M  ====================

.

2013-10-21 12:38:00 62 ----a-w- C:\Users\Daniela Vasques\AppData\Roaming\sp_data.sys

2013-10-02 01:38:13 78296 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl

2013-10-02 01:38:13 694232 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe

2013-09-22 23:28:06 1767936 ----a-w- C:\Windows\SysWow64\wininet.dll

2013-09-22 23:27:49 2876928 ----a-w- C:\Windows\SysWow64\jscript9.dll

2013-09-22 22:55:10 2241024 ----a-w- C:\Windows\System32\wininet.dll

2013-09-22 22:54:51 3959296 ----a-w- C:\Windows\System32\jscript9.dll

2013-09-13 22:36:37 35328 ----a-w- C:\Windows\SysWow64\wuapp.exe

2013-09-13 22:36:23 84992 ----a-w- C:\Windows\SysWow64\wudriver.dll

2013-09-13 22:36:23 126976 ----a-w- C:\Windows\SysWow64\wuwebv.dll

2013-09-13 22:36:14 247296 ----a-w- C:\Windows\SysWow64\ubpm.dll

2013-09-13 22:34:14 40448 ----a-w- C:\Windows\System32\wuapp.exe

2013-09-13 22:33:55 252928 ----a-w- C:\Windows\System32\WUSettingsProvider.dll

2013-09-13 22:33:55 142848 ----a-w- C:\Windows\System32\wuwebv.dll

2013-09-13 22:33:54 99328 ----a-w- C:\Windows\System32\wudriver.dll

2013-09-13 22:33:54 1622016 ----a-w- C:\Windows\System32\wucltux.dll

2013-09-13 22:33:42 328192 ----a-w- C:\Windows\System32\ubpm.dll

2013-09-13 22:33:39 175104 ----a-w- C:\Windows\System32\storewuauth.dll

2013-08-30 05:43:40 61784 ----a-w- C:\Windows\System32\drivers\crashdmp.sys

2013-08-30 05:20:13 1173504 ----a-w- C:\Windows\System32\UIAutomationCore.dll

2013-08-29 23:48:12 914432 ----a-w- C:\Windows\SysWow64\UIAutomationCore.dll

2013-08-23 05:11:57 4040192 ----a-w- C:\Windows\System32\win32k.sys

2013-08-22 01:42:10 3915264 ----a-w- C:\Windows\System32\drivers\athw8x.sys

2013-08-21 06:39:29 465240 ----a-w- C:\Windows\System32\drivers\fvevol.sys

2013-08-16 05:41:13 58200 ----a-w- C:\Windows\System32\drivers\dam.sys

2013-08-16 05:39:26 2371728 ----a-w- C:\Windows\System32\WSService.dll

2013-08-16 05:32:48 209200 ----a-w- C:\Windows\System32\NotificationUI.exe

2013-08-16 05:22:11 4917760 ----a-w- C:\Windows\System32\sppsvc.exe

2013-08-16 05:21:43 688640 ----a-w- C:\Windows\System32\WSShared.dll

2013-08-16 05:21:43 183808 ----a-w- C:\Windows\System32\WSSync.dll

2013-08-16 05:21:42 204800 ----a-w- C:\Windows\System32\WSClient.dll

2013-08-16 05:21:42 198656 ----a-w- C:\Windows\System32\Windows.ApplicationModel.Store.dll

2013-08-16 05:21:42 163840 ----a-w- C:\Windows\System32\Windows.ApplicationModel.Store.TestingFramework.dll

2013-08-16 05:21:18 368640 ----a-w- C:\Windows\System32\sppwinob.dll

2013-08-16 05:21:18 1164288 ----a-w- C:\Windows\System32\sppobjs.dll

2013-08-16 05:21:12 81408 ----a-w- C:\Windows\System32\setupcln.dll

2013-08-16 05:21:00 120320 ----a-w- C:\Windows\System32\sppc.dll

2013-08-16 05:20:30 105984 ----a-w- C:\Windows\System32\WinSetupUI.dll

2013-08-15 22:43:03 562688 ----a-w- C:\Windows\SysWow64\WSShared.dll

2013-08-15 22:43:03 159232 ----a-w- C:\Windows\SysWow64\WSSync.dll

2013-08-15 22:43:02 83968 ----a-w- C:\Windows\SysWow64\OEMLicense.dll

2013-08-15 22:43:02 167424 ----a-w- C:\Windows\SysWow64\WSClient.dll

2013-08-15 22:43:02 143872 ----a-w- C:\Windows\SysWow64\Windows.ApplicationModel.Store.dll

2013-08-15 22:43:02 124928 ----a-w- C:\Windows\SysWow64\Windows.ApplicationModel.Store.TestingFramework.dll

2013-08-15 22:42:52 76800 ----a-w- C:\Windows\SysWow64\setupcln.dll

2013-08-15 22:42:47 91648 ----a-w- C:\Windows\SysWow64\sppc.dll

2013-08-10 06:30:22 151896 ----a-w- C:\Windows\System32\drivers\tpm.sys

2013-08-10 05:21:51 448512 ----a-w- C:\Windows\System32\SettingSync.dll

2013-08-10 05:21:51 128512 ----a-w- C:\Windows\System32\SettingSyncInfo.dll

2013-08-10 05:21:01 817152 ----a-w- C:\Windows\System32\kerberos.dll

2013-08-10 03:58:51 356352 ----a-w- C:\Windows\SysWow64\SettingSync.dll

2013-08-10 03:58:09 656896 ----a-w- C:\Windows\SysWow64\kerberos.dll

2013-08-07 05:15:02 144896 ----a-w- C:\Windows\System32\tssdisai.dll

2013-08-03 06:40:49 462336 ----a-w- C:\Windows\System32\sysmon.ocx

2013-08-03 06:40:17 566784 ----a-w- C:\Windows\System32\wvc.dll

2013-08-03 06:40:01 1374208 ----a-w- C:\Windows\System32\wdc.dll

2013-08-03 05:14:15 399360 ----a-w- C:\Windows\SysWow64\sysmon.ocx

2013-08-03 05:13:57 437248 ----a-w- C:\Windows\SysWow64\wvc.dll

2013-08-03 05:13:43 1245696 ----a-w- C:\Windows\SysWow64\wdc.dll

2013-08-02 06:28:29 10116608 ----a-w- C:\Windows\System32\twinui.dll

2013-08-02 06:26:53 2304512 ----a-w- C:\Windows\System32\authui.dll

2013-08-02 05:08:18 8858112 ----a-w- C:\Windows\SysWow64\twinui.dll

2013-08-02 05:06:50 2035712 ----a-w- C:\Windows\SysWow64\authui.dll

2013-08-01 10:41:31 2233688 ----a-w- C:\Windows\System32\drivers\tcpip.sys

2013-07-27 03:58:39 2207232 ----a-w- C:\Windows\SysWow64\PrintConfig.dll

2013-07-24 23:10:31 10799104 ----a-w- C:\Windows\SysWow64\Windows.UI.Xaml.dll

2013-07-24 23:10:08 158208 ----a-w- C:\Windows\SysWow64\mbsmsapi.dll

2013-07-24 23:07:09 13661696 ----a-w- C:\Windows\System32\Windows.UI.Xaml.dll

2013-07-24 23:06:39 225280 ----a-w- C:\Windows\System32\mbsmsapi.dll

.

============= FINISH: 16:02:54,50 ===============

 

 

 

Can you help me solving this problem?

 

 

Thank you

 

[deltalima]

checking your post - back soon.

[deltalima]

Hi luismfv,

Welcome to the forum.

Please be aware that removing Malware is a potentially hazardous undertaking. I will take care not to knowingly suggest courses of action that might damage your computer. However it is impossible for me to foresee all interactions that may happen between the software on your computer and those we'll use to clear you of infection, and I cannot guarantee the safety of your system. It is possible that we might encounter situations where the only recourse is to re-format and re-install your operating system, or to necessitate you taking your computer to a repair shop.

Because of this, I advise you to backup any personal files and folders before you start.

Please note the following:

• I will be working on your Malware issues, this may or may not, solve other issues you have with your machine.
• The fixes are specific to your problem and should only be used for this issue on this machine.
• Please do not run any scans or make any changes to the system unless I ask you too.
• Please continue to review my answers until I tell you your machine appears to be clear. Absence of symptoms does not mean that everything is clear.
• If after 3 days you have not responded to this topic, it will be closed, and you will need to start a new one.
• It's often worth reading through these instructions and printing them for ease of reference.
• If you don't know or understand something, please don't hesitate to say or ask!! It's better to be sure and safe than sorry.
• Please reply to this thread. Do not start a new topic.

Windows 7 and Vista users
The programs I ask you to run need to be run in Administrator Mode by... Right clicking the program file and selecting: Run as Administrator.
Additionally, the built-in User Account Control (UAC) utility, if enabled, may prompt you for permission to run the program.
When prompted, please select: Allow.  Reference: User Account Control (UAC) and Running as Administrator

Remove P2P Programs

• I notice there are signs of one or more P2P (Peer to Peer) File Sharing Programs on your computer.
  
  

  µTorrent

  
  
  
• Please read the Guidelines for P2P Programs where we explain why it's not a good idea to have them.
  
• Note: Even if you are using a "safe" P2P program, it is only the program that is safe. You will be sharing files from uncertified sources, and these are often infected. The bad guys use P2P filesharing as a major conduit to spread their wares.
  
  
• Click on start
• Then Run
• In the open text entry box please copy/paste appwiz.cpl Then click enter.
• Press the "Remove" or "Change/Remove"...button to uninstall the programs listed above (in red) and any other P2P you have installed NOW.
• Take care when answering any questions posed by an uninstaller. Some questions may be worded to deceive you into keeping the program.

Download and run OTL
Download  OTL by Old Timer and save it to your Desktop.

• Double click on OTL.exe to run it  (Right click and choose "Run as administrator" in Vista/Win7).
• Under Output, ensure that Minimal Output is selected.
• Under Extra Registry section, select Use SafeList.
• Click the Scan All Users checkbox.
• Click on Run Scan at the top left hand corner.
• When done, two Notepad files will open.
  
  • OTL.txt <-- Will be opened
  • Extras.txt <-- Will be minimized

  [*]Please post the contents of these 2 Notepad files in your next reply.

Upload a File to Virustotal

Please go to Virustotal

Copy/paste this file and path into the white box at the top:

C:\Users\DANIEL~1\AppData\Local\Temp\mugen.vbs

Press Scan it - this will submit the file for testing.
Please wait for all the scanners to finish then copy and paste the results in your next response.
 

[luismfv]

I solved my problem following this instructions:

 

 

http://forums.avg.com/us-en/avg-foru...show&id=233917
 

 

 

Thank you for the help anyway!

[deltalima]

Glad you are sorted, thanks for letting us know.

[AdvancedSetup]

Since this issue is resolved I will close the thread to prevent others from posting here. If you need assistance please start your own topic and someone will be happy to assist you.